Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5B339165FC292AC9D1326DCA79B05F17D39F878505CF316BB706506F0AABDFF5/0/3139302e3130392e31362e302f32342d3234203d3e20323632313931.roa
File:                     3139302e3130392e31362e302f32342d3234203d3e20323632313931.roa (raw, json)
Hash identifier:          BYrSXRnDnEMi+GBFnBsdNVuZ+jJQHNfwASVPRQm/g00=
Subject key identifier:   AC:50:75:B4:BB:52:A0:02:2A:BE:00:9B:4B:27:A9:16:45:34:0D:B7
Certificate issuer:       /CN=A20FE8A6E352C9C9EC9B4C7CFFFF77B323936C14
Certificate serial:       39F3918D03D3E5DDAC7B743CBE3EA7BCBB2E3C94
Authority key identifier: A2:0F:E8:A6:E3:52:C9:C9:EC:9B:4C:7C:FF:FF:77:B3:23:93:6C:14
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A20FE8A6E352C9C9EC9B4C7CFFFF77B323936C14.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5B339165FC292AC9D1326DCA79B05F17D39F878505CF316BB706506F0AABDFF5/0/3139302e3130392e31362e302f32342d3234203d3e20323632313931.roa
Signing time:             Tue 05 Mar 2024 18:08:48 +0000
ROA not before:           Tue 05 Mar 2024 18:03:48 +0000
ROA not after:            Tue 04 Mar 2025 18:08:48 +0000
asID:                     262191
IP address blocks:        190.109.16.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 11 Sep 2024 14:35:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:f3:91:8d:03:d3:e5:dd:ac:7b:74:3c:be:3e:a7:bc:bb:2e:3c:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A20FE8A6E352C9C9EC9B4C7CFFFF77B323936C14
        Validity
            Not Before: Mar  5 18:03:48 2024 GMT
            Not After : Mar  4 18:08:48 2025 GMT
        Subject: CN=AC5075B4BB52A0022ABE009B4B27A91645340DB7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:37:b4:0d:65:61:0d:17:36:58:1d:c7:ae:0a:
                    8f:6e:ab:25:08:6e:c3:04:ce:bf:52:e0:66:9a:77:
                    21:47:5e:14:c7:a3:ee:61:52:9b:5e:ea:60:a7:b8:
                    63:a9:45:d1:6d:2d:79:98:7b:d2:12:2a:c4:cb:d6:
                    89:33:a2:ee:fc:88:16:a8:59:ca:aa:5c:f9:48:4c:
                    fb:59:70:c6:e6:9c:31:97:eb:0b:26:85:fe:28:f9:
                    94:84:61:dc:1e:4d:f1:ee:27:5f:00:89:41:24:0d:
                    dc:eb:5a:d9:33:1e:80:98:d4:46:6e:ad:6a:3b:ea:
                    29:9c:ab:49:ab:6d:6a:d9:57:14:46:d0:c5:ef:ca:
                    0e:76:d5:41:e1:c9:9b:8c:92:12:b5:3e:0d:88:44:
                    90:82:b1:5c:99:f1:12:ba:aa:e7:04:f0:bc:6f:4a:
                    0c:3b:65:05:a8:19:f3:94:60:46:af:32:89:35:e8:
                    a5:90:1e:65:e8:f4:90:f8:6b:ac:f8:1c:8c:3b:d4:
                    b7:57:0c:f7:92:f4:32:43:d3:e8:c7:cb:00:48:28:
                    46:f2:39:be:bb:6b:89:39:a7:23:e5:e0:69:67:40:
                    9f:a6:f4:4b:3c:aa:5c:90:45:c3:e2:ee:c1:ed:f6:
                    ca:41:b5:4c:1d:17:c6:b6:d7:65:ff:b6:64:5a:19:
                    65:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:50:75:B4:BB:52:A0:02:2A:BE:00:9B:4B:27:A9:16:45:34:0D:B7
            X509v3 Authority Key Identifier:
                keyid:A2:0F:E8:A6:E3:52:C9:C9:EC:9B:4C:7C:FF:FF:77:B3:23:93:6C:14

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5B339165FC292AC9D1326DCA79B05F17D39F878505CF316BB706506F0AABDFF5/0/A20FE8A6E352C9C9EC9B4C7CFFFF77B323936C14.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A20FE8A6E352C9C9EC9B4C7CFFFF77B323936C14.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5B339165FC292AC9D1326DCA79B05F17D39F878505CF316BB706506F0AABDFF5/0/3139302e3130392e31362e302f32342d3234203d3e20323632313931.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.109.16.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:92:e0:ab:13:bb:cc:01:33:c6:5a:51:a9:f0:83:58:e8:07:
         04:1a:ad:da:02:d2:9c:8e:29:4f:41:8e:74:1f:d1:30:66:3a:
         48:a6:5d:43:a5:7a:9e:6d:46:0b:97:5e:f7:f9:2b:02:ad:ec:
         a3:f0:d8:10:41:86:a7:8d:79:53:fa:fc:a0:e3:21:6d:58:94:
         72:b4:35:c6:d2:9d:58:39:75:2e:e9:55:e3:ed:e7:ea:12:0c:
         3a:75:c8:48:98:3c:42:52:d1:33:47:37:6e:6f:8d:c8:18:af:
         2e:9e:15:bd:02:82:2b:32:99:87:ff:b1:f2:f7:48:87:6f:9d:
         3c:c2:e1:c4:bc:f4:bd:5c:55:c5:6c:16:4b:56:9d:79:bf:cc:
         67:c0:f0:13:65:71:06:b4:47:d3:b7:ab:06:13:45:c6:de:5a:
         55:ce:bf:1e:5e:b7:27:4d:68:3b:db:81:03:0a:3b:a9:84:f3:
         c0:83:e2:13:55:61:a8:a5:4a:30:3d:b5:a4:fa:3c:fd:d9:90:
         79:93:95:97:6f:a7:c8:cf:f7:1d:39:ff:1f:f9:1f:a8:61:5b:
         e9:f4:6d:8d:02:5c:cc:16:2d:c9:dc:5f:5e:8e:3a:2c:5c:47:
         9f:cb:01:2c:89:73:d8:5f:e9:04:4e:9f:e7:52:14:cc:aa:7d:
         ed:35:50:90
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUOfORjQPT5d2se3Q8vj6nvLsuPJQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTIwRkU4QTZFMzUyQzlDOUVDOUI0QzdDRkZGRjc3QjMy
MzkzNkMxNDAeFw0yNDAzMDUxODAzNDhaFw0yNTAzMDQxODA4NDhaMDMxMTAvBgNV
BAMTKEFDNTA3NUI0QkI1MkEwMDIyQUJFMDA5QjRCMjdBOTE2NDUzNDBEQjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCHN7QNZWENFzZYHceuCo9uqyUI
bsMEzr9S4GaadyFHXhTHo+5hUpte6mCnuGOpRdFtLXmYe9ISKsTL1okzou78iBao
WcqqXPlITPtZcMbmnDGX6wsmhf4o+ZSEYdweTfHuJ18AiUEkDdzrWtkzHoCY1EZu
rWo76imcq0mrbWrZVxRG0MXvyg521UHhyZuMkhK1Pg2IRJCCsVyZ8RK6qucE8Lxv
Sgw7ZQWoGfOUYEavMok16KWQHmXo9JD4a6z4HIw71LdXDPeS9DJD0+jHywBIKEby
Ob67a4k5pyPl4GlnQJ+m9Es8qlyQRcPi7sHt9spBtUwdF8a212X/tmRaGWXBAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUrFB1tLtSoAIqvgCbSyepFkU0DbcwHwYDVR0j
BBgwFoAUog/opuNSycnsm0x8//93syOTbBQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81QjMzOTE2NUZDMjkyQUM5RDEzMjZEQ0E3OUIwNUYxN0Qz
OUY4Nzg1MDVDRjMxNkJCNzA2NTA2RjBBQUJERkY1LzAvQTIwRkU4QTZFMzUyQzlD
OUVDOUI0QzdDRkZGRjc3QjMyMzkzNkMxNC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMjBGRThBNkUzNTJDOUM5RUM5
QjRDN0NGRkZGNzdCMzIzOTM2QzE0LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNUIzMzkxNjVGQzI5MkFDOUQxMzI2RENBNzlCMDVGMTdEMzlGODc4NTA1
Q0YzMTZCQjcwNjUwNkYwQUFCREZGNS8wLzMxMzkzMDJlMzEzMDM5MmUzMTM2MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjMyMzEzOTMxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvm0Q
MA0GCSqGSIb3DQEBCwUAA4IBAQBxkuCrE7vMATPGWlGp8INY6AcEGq3aAtKcjilP
QY50H9EwZjpIpl1DpXqebUYLl173+SsCreyj8NgQQYanjXlT+vyg4yFtWJRytDXG
0p1YOXUu6VXj7efqEgw6dchImDxCUtEzRzdub43IGK8unhW9AoIrMpmH/7Hy90iH
b508wuHEvPS9XFXFbBZLVp15v8xnwPATZXEGtEfTt6sGE0XG3lpVzr8eXrcnTWg7
24EDCjuphPPAg+ITVWGopUowPbWk+jz92ZB5k5WXb6fIz/cdOf8f+R+oYVvp9G2N
AlzMFi3J3F9ejjosXEefywEsiXPYX+kETp/nUhTMqn3tNVCQ
-----END CERTIFICATE-----
Generated at Wed Sep 11 18:35:53 2024 by rpki-client on console-ams.rpki-client.org