Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5BC27E67CC4BD72DBD695E8B8FD48EE83524B67C058379454E87EA4739D3405E/0/3137302e38302e3134302e302f32322d3232203d3e20323634383139.roa
File:                     3137302e38302e3134302e302f32322d3232203d3e20323634383139.roa (raw, json)
Hash identifier:          /FGsc5c2nSTbTqMFSM8+JgaIZtDOEH4J7TdLs9dktkA=
Subject key identifier:   69:10:24:1B:41:8E:44:8B:A6:08:5B:A6:3C:59:9D:94:CB:79:AD:7F
Certificate issuer:       /CN=17FD7B4CD3B97225C91244D204C973ABA848EF0A
Certificate serial:       08A771B2431D1ECF69D77D66AF99834A5E24994B
Authority key identifier: 17:FD:7B:4C:D3:B9:72:25:C9:12:44:D2:04:C9:73:AB:A8:48:EF:0A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/17FD7B4CD3B97225C91244D204C973ABA848EF0A.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5BC27E67CC4BD72DBD695E8B8FD48EE83524B67C058379454E87EA4739D3405E/0/3137302e38302e3134302e302f32322d3232203d3e20323634383139.roa
Signing time:             Tue 05 Mar 2024 18:02:39 +0000
ROA not before:           Tue 05 Mar 2024 17:57:39 +0000
ROA not after:            Tue 04 Mar 2025 18:02:39 +0000
asID:                     264819
IP address blocks:        170.80.140.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Thu 22 Aug 2024 04:10:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:a7:71:b2:43:1d:1e:cf:69:d7:7d:66:af:99:83:4a:5e:24:99:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=17FD7B4CD3B97225C91244D204C973ABA848EF0A
        Validity
            Not Before: Mar  5 17:57:39 2024 GMT
            Not After : Mar  4 18:02:39 2025 GMT
        Subject: CN=6910241B418E448BA6085BA63C599D94CB79AD7F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:85:b3:f8:47:f5:7f:df:15:5b:5a:b7:10:70:
                    8f:14:03:5b:ce:f0:30:ee:ce:cc:2e:a6:a5:74:1b:
                    7d:20:62:40:2d:a5:e3:9f:3f:0c:ee:65:bc:ed:e0:
                    69:03:71:3b:78:ee:df:b7:d8:40:4d:dc:e3:05:68:
                    99:10:6b:9c:82:6c:9a:fe:21:53:c4:8f:9c:75:16:
                    8f:49:6d:75:04:d4:3e:ea:e7:76:a8:b4:d1:7b:88:
                    fc:e0:3b:d3:d3:5f:d5:a8:0d:c4:e2:6f:bb:5c:c3:
                    84:28:9b:e4:6d:e0:67:ca:c3:a9:80:c0:98:38:3f:
                    70:dd:bf:8e:1f:85:f6:bd:ac:c9:2c:5b:5b:2e:99:
                    b9:ed:ed:8a:a7:54:1d:e6:1e:5b:3c:88:38:b7:68:
                    ca:28:ed:80:bc:2f:cd:14:81:0c:eb:ce:c0:25:d0:
                    e6:81:6d:41:20:8d:9b:7e:5c:c7:1d:3f:b5:14:3b:
                    a1:e0:c4:8e:92:c6:7a:2c:c9:aa:39:b6:12:bf:63:
                    b1:08:fe:0d:1a:bc:74:5d:c0:72:2b:fe:e0:43:d7:
                    c6:a0:d0:df:69:da:c4:37:92:76:03:73:2e:1e:c0:
                    3a:4b:08:91:d9:98:5e:d3:e9:6d:70:9f:cb:5a:fe:
                    e7:d6:d0:69:ad:be:85:12:9f:d0:e0:a7:47:6e:f1:
                    34:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:10:24:1B:41:8E:44:8B:A6:08:5B:A6:3C:59:9D:94:CB:79:AD:7F
            X509v3 Authority Key Identifier:
                keyid:17:FD:7B:4C:D3:B9:72:25:C9:12:44:D2:04:C9:73:AB:A8:48:EF:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5BC27E67CC4BD72DBD695E8B8FD48EE83524B67C058379454E87EA4739D3405E/0/17FD7B4CD3B97225C91244D204C973ABA848EF0A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/17FD7B4CD3B97225C91244D204C973ABA848EF0A.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5BC27E67CC4BD72DBD695E8B8FD48EE83524B67C058379454E87EA4739D3405E/0/3137302e38302e3134302e302f32322d3232203d3e20323634383139.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.80.140.0/22

    Signature Algorithm: sha256WithRSAEncryption
         43:02:6e:a5:69:5a:fc:3b:a3:68:f0:ef:94:73:14:3f:92:37:
         51:75:4d:2b:53:d2:91:88:da:ef:d1:b1:8f:90:2c:ca:58:80:
         6d:0e:7c:b5:df:87:31:61:a1:f1:55:e3:18:4c:fb:e7:5d:d8:
         72:e2:8b:34:cd:d9:c3:8c:5d:1e:d8:ae:3b:b4:40:6c:fe:08:
         37:b6:5d:83:34:6e:16:cb:8f:42:f0:5e:a4:9a:ff:0b:4c:5e:
         e2:c5:cf:be:6d:52:22:db:e7:5a:fb:79:61:75:5e:8f:0a:3c:
         32:02:2f:f5:9e:e0:7a:39:17:eb:c6:b2:b1:57:a3:5b:0d:02:
         54:fb:f4:a2:03:cd:38:3b:8f:81:80:c0:7b:4a:a9:15:d6:cf:
         13:6b:0d:a4:c0:cb:89:bc:3d:72:68:ed:43:ab:5f:bc:13:dc:
         84:a2:11:51:33:78:fc:fe:87:f8:88:05:b9:1c:7f:35:45:b9:
         16:ff:a9:59:5d:ba:7e:88:95:3a:69:0e:88:02:82:28:78:4b:
         fb:62:8f:93:e5:a4:32:b8:2a:6a:64:01:cf:23:22:a2:f3:26:
         af:55:4f:f4:da:27:83:10:38:49:01:7e:8b:34:d0:e3:dd:c8:
         b1:4d:26:36:79:c2:43:4e:e6:bd:b6:2f:85:ae:10:92:be:eb:
         f0:17:13:67
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUCKdxskMdHs9p131mr5mDSl4kmUswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTdGRDdCNENEM0I5NzIyNUM5MTI0NEQyMDRDOTczQUJB
ODQ4RUYwQTAeFw0yNDAzMDUxNzU3MzlaFw0yNTAzMDQxODAyMzlaMDMxMTAvBgNV
BAMTKDY5MTAyNDFCNDE4RTQ0OEJBNjA4NUJBNjNDNTk5RDk0Q0I3OUFEN0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOhbP4R/V/3xVbWrcQcI8UA1vO
8DDuzswupqV0G30gYkAtpeOfPwzuZbzt4GkDcTt47t+32EBN3OMFaJkQa5yCbJr+
IVPEj5x1Fo9JbXUE1D7q53aotNF7iPzgO9PTX9WoDcTib7tcw4Qom+Rt4GfKw6mA
wJg4P3Ddv44fhfa9rMksW1sumbnt7YqnVB3mHls8iDi3aMoo7YC8L80UgQzrzsAl
0OaBbUEgjZt+XMcdP7UUO6HgxI6Sxnosyao5thK/Y7EI/g0avHRdwHIr/uBD18ag
0N9p2sQ3knYDcy4ewDpLCJHZmF7T6W1wn8ta/ufW0GmtvoUSn9Dgp0du8TQnAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUaRAkG0GORIumCFumPFmdlMt5rX8wHwYDVR0j
BBgwFoAUF/17TNO5ciXJEkTSBMlzq6hI7wowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81QkMyN0U2N0NDNEJENzJEQkQ2OTVFOEI4RkQ0OEVFODM1
MjRCNjdDMDU4Mzc5NDU0RTg3RUE0NzM5RDM0MDVFLzAvMTdGRDdCNENEM0I5NzIy
NUM5MTI0NEQyMDRDOTczQUJBODQ4RUYwQS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xN0ZEN0I0Q0QzQjk3MjI1Qzkx
MjQ0RDIwNEM5NzNBQkE4NDhFRjBBLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNUJDMjdFNjdDQzRCRDcyREJENjk1RThCOEZENDhFRTgzNTI0QjY3QzA1
ODM3OTQ1NEU4N0VBNDczOUQzNDA1RS8wLzMxMzczMDJlMzgzMDJlMzEzNDMwMmUz
MDJmMzIzMjJkMzIzMjIwM2QzZTIwMzIzNjM0MzgzMTM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCqlCM
MA0GCSqGSIb3DQEBCwUAA4IBAQBDAm6laVr8O6No8O+UcxQ/kjdRdU0rU9KRiNrv
0bGPkCzKWIBtDny134cxYaHxVeMYTPvnXdhy4os0zdnDjF0e2K47tEBs/gg3tl2D
NG4Wy49C8F6kmv8LTF7ixc++bVIi2+da+3lhdV6PCjwyAi/1nuB6ORfrxrKxV6Nb
DQJU+/SiA804O4+BgMB7SqkV1s8Taw2kwMuJvD1yaO1Dq1+8E9yEohFRM3j8/of4
iAW5HH81RbkW/6lZXbp+iJU6aQ6IAoIoeEv7Yo+T5aQyuCpqZAHPIyKi8yavVU/0
2ieDEDhJAX6LNNDj3cixTSY2ecJDTua9ti+FrhCSvuvwFxNn
-----END CERTIFICATE-----
Generated at Thu Aug 22 06:45:58 2024 by rpki-client on console-fra.rpki-client.org