Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/561568D8C9ADDDCA3CE770397277D5396B63174DB0C7B08B578633BC3267E147/0/3230302e35322e3230332e302f32342d3234203d3e20323632393136.roa
File:                     3230302e35322e3230332e302f32342d3234203d3e20323632393136.roa (raw, json)
Hash identifier:          QkWzpSqLO08P/CIfVE5CMnN4Rdimgw2dMIFbeG56Z8w=
Subject key identifier:   BA:1C:E4:C4:6F:9C:8B:12:38:69:73:12:8B:56:E1:4C:38:18:51:D8
Certificate issuer:       /CN=C01F5C753EFDB7F8476C63BBB41417B8E194A2A3
Certificate serial:       3684B00DB2117EC2DD7CC7305F200D79B3A9C221
Authority key identifier: C0:1F:5C:75:3E:FD:B7:F8:47:6C:63:BB:B4:14:17:B8:E1:94:A2:A3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C01F5C753EFDB7F8476C63BBB41417B8E194A2A3.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/561568D8C9ADDDCA3CE770397277D5396B63174DB0C7B08B578633BC3267E147/0/3230302e35322e3230332e302f32342d3234203d3e20323632393136.roa
Signing time:             Tue 21 May 2024 03:55:03 +0000
ROA not before:           Tue 21 May 2024 03:50:03 +0000
ROA not after:            Tue 20 May 2025 03:55:03 +0000
asID:                     262916
IP address blocks:        200.52.203.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 29 May 2024 04:20:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            36:84:b0:0d:b2:11:7e:c2:dd:7c:c7:30:5f:20:0d:79:b3:a9:c2:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C01F5C753EFDB7F8476C63BBB41417B8E194A2A3
        Validity
            Not Before: May 21 03:50:03 2024 GMT
            Not After : May 20 03:55:03 2025 GMT
        Subject: CN=BA1CE4C46F9C8B12386973128B56E14C381851D8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:9f:f6:c3:08:88:48:36:cb:38:6d:8c:4b:1d:
                    b7:a2:8f:61:53:86:0d:1d:94:ce:7e:bf:46:39:8f:
                    7f:68:ec:05:5d:af:76:1d:a4:c5:9e:2a:a2:63:9b:
                    5a:ca:bb:2f:07:d8:cf:1a:ef:6d:89:8b:4d:a4:ec:
                    de:df:ce:c0:dd:f2:d9:37:bf:4e:e3:7d:ba:fc:2e:
                    a9:f4:62:2a:8e:b9:01:e1:17:6c:ba:11:9f:75:48:
                    5d:12:17:9d:a3:b7:fb:4e:60:f4:fb:6c:24:41:98:
                    b4:dc:ef:84:28:0e:c3:61:0b:d4:df:e1:0d:27:a3:
                    c4:20:58:60:7b:5f:6a:3d:f6:17:3d:7e:be:7c:ba:
                    09:e7:a9:98:fc:f4:b5:14:76:70:de:1d:8e:2a:93:
                    b6:fe:b1:7a:16:fb:3e:28:b0:79:2a:e4:77:b7:f7:
                    ca:e3:a3:18:2c:e2:cf:81:9b:ed:bb:d6:e6:23:28:
                    40:69:21:83:fc:c5:44:2d:65:2c:50:5d:6d:97:59:
                    b4:bb:2c:61:57:3b:8c:2a:bd:35:e6:3d:b5:92:6f:
                    7f:f3:ff:d3:59:d0:a5:f9:cd:1b:10:29:c6:b2:92:
                    51:b2:95:32:59:e5:be:6d:5d:a8:b2:3a:59:89:e6:
                    75:50:7f:f0:6d:33:c8:0a:30:40:18:25:1f:a5:7a:
                    c6:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:1C:E4:C4:6F:9C:8B:12:38:69:73:12:8B:56:E1:4C:38:18:51:D8
            X509v3 Authority Key Identifier:
                keyid:C0:1F:5C:75:3E:FD:B7:F8:47:6C:63:BB:B4:14:17:B8:E1:94:A2:A3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/561568D8C9ADDDCA3CE770397277D5396B63174DB0C7B08B578633BC3267E147/0/C01F5C753EFDB7F8476C63BBB41417B8E194A2A3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C01F5C753EFDB7F8476C63BBB41417B8E194A2A3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/561568D8C9ADDDCA3CE770397277D5396B63174DB0C7B08B578633BC3267E147/0/3230302e35322e3230332e302f32342d3234203d3e20323632393136.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.52.203.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:e4:3d:d4:29:97:fe:bc:87:cf:5d:6f:a6:3a:b7:3d:e4:45:
         52:95:c6:29:86:b4:5b:aa:f7:39:64:d6:d4:a2:1a:cb:af:ea:
         c0:fe:83:5f:f0:0a:b8:bf:07:e7:cb:81:2e:bf:12:e6:f4:c3:
         de:80:73:46:28:44:3e:b8:5a:1d:3d:01:c0:f5:19:ab:60:57:
         a5:60:a5:cf:66:db:88:07:ea:26:89:3e:90:0d:a8:58:a6:5f:
         44:4e:ef:29:37:83:88:28:04:a3:49:4e:92:7c:5a:1a:41:83:
         c5:25:6f:c0:67:d2:21:c3:78:fa:ab:ce:ce:2d:33:8d:17:ab:
         99:08:f7:be:46:6c:c1:84:c2:e7:21:70:aa:06:39:33:7f:ad:
         5d:4f:ef:3f:96:7b:19:55:2a:5f:99:c0:da:d2:02:1e:78:10:
         19:53:3e:de:9b:fb:43:21:b3:b2:17:d1:ae:f0:5a:44:81:ec:
         54:91:4d:3c:50:ae:bd:07:2f:c8:ae:45:17:f7:eb:c7:38:0b:
         f5:b0:03:af:35:32:8c:f7:5a:fc:d9:c2:40:72:08:5c:d0:7f:
         65:49:15:0e:87:48:9f:4b:28:9e:f6:c6:ac:ca:35:11:98:0f:
         a7:e1:ef:f3:1e:56:35:a5:fd:c4:7e:13:72:70:dc:ec:51:f2:
         82:3e:01:2b
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUNoSwDbIRfsLdfMcwXyANebOpwiEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzAxRjVDNzUzRUZEQjdGODQ3NkM2M0JCQjQxNDE3QjhF
MTk0QTJBMzAeFw0yNDA1MjEwMzUwMDNaFw0yNTA1MjAwMzU1MDNaMDMxMTAvBgNV
BAMTKEJBMUNFNEM0NkY5QzhCMTIzODY5NzMxMjhCNTZFMTRDMzgxODUxRDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCon/bDCIhINss4bYxLHbeij2FT
hg0dlM5+v0Y5j39o7AVdr3YdpMWeKqJjm1rKuy8H2M8a722Ji02k7N7fzsDd8tk3
v07jfbr8Lqn0YiqOuQHhF2y6EZ91SF0SF52jt/tOYPT7bCRBmLTc74QoDsNhC9Tf
4Q0no8QgWGB7X2o99hc9fr58ugnnqZj89LUUdnDeHY4qk7b+sXoW+z4osHkq5He3
98rjoxgs4s+Bm+271uYjKEBpIYP8xUQtZSxQXW2XWbS7LGFXO4wqvTXmPbWSb3/z
/9NZ0KX5zRsQKcayklGylTJZ5b5tXaiyOlmJ5nVQf/BtM8gKMEAYJR+lesZ1AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUuhzkxG+cixI4aXMSi1bhTDgYUdgwHwYDVR0j
BBgwFoAUwB9cdT79t/hHbGO7tBQXuOGUoqMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81NjE1NjhEOEM5QURERENBM0NFNzcwMzk3Mjc3RDUzOTZC
NjMxNzREQjBDN0IwOEI1Nzg2MzNCQzMyNjdFMTQ3LzAvQzAxRjVDNzUzRUZEQjdG
ODQ3NkM2M0JCQjQxNDE3QjhFMTk0QTJBMy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DMDFGNUM3NTNFRkRCN0Y4NDc2
QzYzQkJCNDE0MTdCOEUxOTRBMkEzLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTYxNTY4RDhDOUFERERDQTNDRTc3MDM5NzI3N0Q1Mzk2QjYzMTc0REIw
QzdCMDhCNTc4NjMzQkMzMjY3RTE0Ny8wLzMyMzAzMDJlMzUzMjJlMzIzMDMzMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjMyMzkzMTM2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyDTL
MA0GCSqGSIb3DQEBCwUAA4IBAQAb5D3UKZf+vIfPXW+mOrc95EVSlcYphrRbqvc5
ZNbUohrLr+rA/oNf8Aq4vwfny4EuvxLm9MPegHNGKEQ+uFodPQHA9RmrYFelYKXP
ZtuIB+omiT6QDahYpl9ETu8pN4OIKASjSU6SfFoaQYPFJW/AZ9Ihw3j6q87OLTON
F6uZCPe+RmzBhMLnIXCqBjkzf61dT+8/lnsZVSpfmcDa0gIeeBAZUz7em/tDIbOy
F9Gu8FpEgexUkU08UK69By/IrkUX9+vHOAv1sAOvNTKM91r82cJAcghc0H9lSRUO
h0ifSyie9sasyjURmA+n4e/zHlY1pf3EfhNycNzsUfKCPgEr
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:43 2024 by rpki-client on console-fra.rpki-client.org