Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/54002EB3EC2BBE4384251AB2E4F211EF7DD07E7F3A927E356B79C45938598F64/0/34352e3136392e3134372e302f32342d3234203d3e20323731373935.roa
File:                     34352e3136392e3134372e302f32342d3234203d3e20323731373935.roa (raw, json)
Hash identifier:          N4WsVcW+GzyfijXu4Z3gg49esn63zHgQRKW0NCEt8Vs=
Subject key identifier:   3E:7F:3F:C7:6D:61:49:E7:6B:D5:86:59:FC:1A:13:79:80:E7:CF:A3
Certificate issuer:       /CN=DD2D25C642478D5D4DCAB0135DBBD87109D394CC
Certificate serial:       0543B201D4E1ACE74493BC70FED7234469654145
Authority key identifier: DD:2D:25:C6:42:47:8D:5D:4D:CA:B0:13:5D:BB:D8:71:09:D3:94:CC
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DD2D25C642478D5D4DCAB0135DBBD87109D394CC.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/54002EB3EC2BBE4384251AB2E4F211EF7DD07E7F3A927E356B79C45938598F64/0/34352e3136392e3134372e302f32342d3234203d3e20323731373935.roa
Signing time:             Tue 05 Mar 2024 18:20:35 +0000
ROA not before:           Tue 05 Mar 2024 18:15:35 +0000
ROA not after:            Tue 04 Mar 2025 18:20:35 +0000
asID:                     271795
IP address blocks:        45.169.147.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 01 May 2024 22:15:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:43:b2:01:d4:e1:ac:e7:44:93:bc:70:fe:d7:23:44:69:65:41:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DD2D25C642478D5D4DCAB0135DBBD87109D394CC
        Validity
            Not Before: Mar  5 18:15:35 2024 GMT
            Not After : Mar  4 18:20:35 2025 GMT
        Subject: CN=3E7F3FC76D6149E76BD58659FC1A137980E7CFA3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:c0:07:5f:0c:2e:91:41:ff:93:30:2f:9c:17:
                    20:8f:cf:9b:2f:10:55:f1:19:aa:26:98:b5:5b:57:
                    ef:2b:c2:f4:ae:1f:0b:b9:6e:9f:73:04:59:3c:4a:
                    39:3c:a9:22:63:60:fe:ef:b6:2f:d7:9d:11:cd:3d:
                    cc:d2:41:57:9c:cf:c7:ec:fc:be:47:3a:f6:42:82:
                    ad:3b:53:92:79:bf:24:86:14:c5:50:c2:cd:72:01:
                    05:2e:80:8d:e2:7c:f1:0f:ea:aa:a9:be:26:cf:04:
                    68:cc:c8:0b:17:8d:f6:60:2c:e4:46:e1:21:90:e1:
                    24:d2:48:8f:e1:5b:5f:cf:62:59:e3:0e:00:3e:25:
                    d6:85:45:ee:3b:a0:2b:df:3a:18:30:bd:ae:ca:35:
                    b1:76:cf:00:a7:49:27:f1:79:32:3d:08:8a:1f:70:
                    e0:4c:42:78:fe:53:1d:3a:45:0b:fe:56:98:2e:f1:
                    dd:08:cf:21:8d:d4:3a:5e:db:cd:d4:9d:6e:86:2d:
                    08:71:a2:d4:60:0c:a9:47:82:55:5a:01:1a:c3:97:
                    d7:ec:f7:24:ce:0c:f9:6f:a8:01:9b:6b:2f:50:33:
                    f8:8e:59:76:15:d3:4d:f8:84:19:1f:73:c4:53:f3:
                    aa:14:57:23:81:21:b9:d1:77:c3:76:15:d8:94:c4:
                    29:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:7F:3F:C7:6D:61:49:E7:6B:D5:86:59:FC:1A:13:79:80:E7:CF:A3
            X509v3 Authority Key Identifier:
                keyid:DD:2D:25:C6:42:47:8D:5D:4D:CA:B0:13:5D:BB:D8:71:09:D3:94:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/54002EB3EC2BBE4384251AB2E4F211EF7DD07E7F3A927E356B79C45938598F64/0/DD2D25C642478D5D4DCAB0135DBBD87109D394CC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DD2D25C642478D5D4DCAB0135DBBD87109D394CC.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/54002EB3EC2BBE4384251AB2E4F211EF7DD07E7F3A927E356B79C45938598F64/0/34352e3136392e3134372e302f32342d3234203d3e20323731373935.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.169.147.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:a6:e8:cc:cc:ff:b0:f2:7c:d1:3b:07:e4:48:0f:a2:77:ed:
         3c:22:39:a2:e9:64:d6:9d:fd:e2:0a:b9:1c:e4:f3:a4:69:85:
         ee:f5:17:cc:7a:06:84:9b:a1:8b:fd:4d:cf:a0:15:de:25:b6:
         1a:2a:bc:4e:b5:cd:6c:c2:64:47:ce:eb:3e:f3:8b:f5:13:49:
         8f:6a:d9:8a:3a:bc:db:fa:95:aa:0e:45:1b:46:1c:c6:e5:88:
         13:94:62:cf:37:f6:98:b9:43:27:0e:87:fe:21:3c:14:7f:e6:
         f9:27:48:d6:ee:81:52:cd:74:fe:38:88:a1:4d:f0:de:70:99:
         a9:5a:a5:a5:4a:b8:20:1f:c5:d5:31:38:1a:d7:ef:22:02:1c:
         1a:4b:07:9f:27:39:4e:df:bd:49:68:85:c3:28:95:33:7f:10:
         1d:03:56:4c:10:80:6b:66:01:df:d8:9f:e6:45:8c:45:b1:eb:
         dc:40:ab:3a:79:6b:7a:4d:9e:ff:55:08:e2:48:a2:db:de:72:
         c5:08:e7:62:a5:34:d9:c8:c2:8e:93:db:96:8f:dd:dc:74:60:
         85:ec:5f:49:b8:f1:c2:be:0c:ba:65:37:d3:c0:d0:ad:74:e6:
         8f:89:2a:d2:ec:1f:92:64:bb:79:2f:f3:51:c6:6a:3d:83:1a:
         79:82:e3:26
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUBUOyAdThrOdEk7xw/tcjRGllQUUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoREQyRDI1QzY0MjQ3OEQ1RDREQ0FCMDEzNURCQkQ4NzEw
OUQzOTRDQzAeFw0yNDAzMDUxODE1MzVaFw0yNTAzMDQxODIwMzVaMDMxMTAvBgNV
BAMTKDNFN0YzRkM3NkQ2MTQ5RTc2QkQ1ODY1OUZDMUExMzc5ODBFN0NGQTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxwAdfDC6RQf+TMC+cFyCPz5sv
EFXxGaommLVbV+8rwvSuHwu5bp9zBFk8Sjk8qSJjYP7vti/XnRHNPczSQVecz8fs
/L5HOvZCgq07U5J5vySGFMVQws1yAQUugI3ifPEP6qqpvibPBGjMyAsXjfZgLORG
4SGQ4STSSI/hW1/PYlnjDgA+JdaFRe47oCvfOhgwva7KNbF2zwCnSSfxeTI9CIof
cOBMQnj+Ux06RQv+Vpgu8d0IzyGN1Dpe283UnW6GLQhxotRgDKlHglVaARrDl9fs
9yTODPlvqAGbay9QM/iOWXYV0034hBkfc8RT86oUVyOBIbnRd8N2FdiUxCmHAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUPn8/x21hSedr1YZZ/BoTeYDnz6MwHwYDVR0j
BBgwFoAU3S0lxkJHjV1NyrATXbvYcQnTlMwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81NDAwMkVCM0VDMkJCRTQzODQyNTFBQjJFNEYyMTFFRjdE
RDA3RTdGM0E5MjdFMzU2Qjc5QzQ1OTM4NTk4RjY0LzAvREQyRDI1QzY0MjQ3OEQ1
RDREQ0FCMDEzNURCQkQ4NzEwOUQzOTRDQy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ERDJEMjVDNjQyNDc4RDVENERD
QUIwMTM1REJCRDg3MTA5RDM5NENDLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTQwMDJFQjNFQzJCQkU0Mzg0MjUxQUIyRTRGMjExRUY3REQwN0U3RjNB
OTI3RTM1NkI3OUM0NTkzODU5OEY2NC8wLzM0MzUyZTMxMzYzOTJlMzEzNDM3MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzMxMzczOTM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALamT
MA0GCSqGSIb3DQEBCwUAA4IBAQBipujMzP+w8nzROwfkSA+id+08Ijmi6WTWnf3i
Crkc5POkaYXu9RfMegaEm6GL/U3PoBXeJbYaKrxOtc1swmRHzus+84v1E0mPatmK
Orzb+pWqDkUbRhzG5YgTlGLPN/aYuUMnDof+ITwUf+b5J0jW7oFSzXT+OIihTfDe
cJmpWqWlSrggH8XVMTga1+8iAhwaSwefJzlO371JaIXDKJUzfxAdA1ZMEIBrZgHf
2J/mRYxFsevcQKs6eWt6TZ7/VQjiSKLb3nLFCOdipTTZyMKOk9uWj93cdGCF7F9J
uPHCvgy6ZTfTwNCtdOaPiSrS7B+SZLt5L/NRxmo9gxp5guMm
-----END CERTIFICATE-----