Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5BC27E67CC4BD72DBD695E8B8FD48EE83524B67C058379454E87EA4739D3405E/0/3137302e38302e3134332e302f32342d3234203d3e20323634383139.roa
File:                     3137302e38302e3134332e302f32342d3234203d3e20323634383139.roa (raw, json)
Hash identifier:          L8Kwh78sWujAmaQqcLg+8PnQm3bXE4Aqyv+vjb9vu2g=
Subject key identifier:   DD:16:AE:95:07:A7:E0:9D:02:C5:B5:9F:8D:31:D9:F4:9C:FE:5E:19
Certificate issuer:       /CN=17FD7B4CD3B97225C91244D204C973ABA848EF0A
Certificate serial:       727AB4D8AB71321ACCAEBCA9B7A05769947AE779
Authority key identifier: 17:FD:7B:4C:D3:B9:72:25:C9:12:44:D2:04:C9:73:AB:A8:48:EF:0A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/17FD7B4CD3B97225C91244D204C973ABA848EF0A.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5BC27E67CC4BD72DBD695E8B8FD48EE83524B67C058379454E87EA4739D3405E/0/3137302e38302e3134332e302f32342d3234203d3e20323634383139.roa
Signing time:             Tue 05 Mar 2024 18:02:39 +0000
ROA not before:           Tue 05 Mar 2024 17:57:39 +0000
ROA not after:            Tue 04 Mar 2025 18:02:39 +0000
asID:                     264819
IP address blocks:        170.80.143.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 22 Aug 2024 04:10:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            72:7a:b4:d8:ab:71:32:1a:cc:ae:bc:a9:b7:a0:57:69:94:7a:e7:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=17FD7B4CD3B97225C91244D204C973ABA848EF0A
        Validity
            Not Before: Mar  5 17:57:39 2024 GMT
            Not After : Mar  4 18:02:39 2025 GMT
        Subject: CN=DD16AE9507A7E09D02C5B59F8D31D9F49CFE5E19
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:0b:57:d7:54:fe:a6:6d:e0:e4:23:34:b4:f7:
                    82:40:41:f2:3d:50:d0:ab:cf:ff:ac:57:f6:17:4a:
                    6a:f9:51:13:e0:4b:b6:35:cb:e2:bb:61:b5:85:1c:
                    c1:99:94:5f:b4:14:08:89:f4:5f:07:37:07:8c:1e:
                    35:2b:a3:eb:18:40:ec:c0:11:7f:e3:7b:85:f9:1e:
                    3b:53:2d:9c:fc:13:38:4e:55:b2:ee:eb:84:d5:13:
                    9e:cc:e3:33:6a:9f:7b:28:43:7e:28:b3:38:ce:8e:
                    69:bf:d1:a4:51:34:1f:f7:8d:56:07:da:2d:08:60:
                    fe:cd:5e:1c:d9:ee:e4:83:06:0f:01:1c:1a:65:b9:
                    6b:14:32:a1:26:bf:73:66:53:ab:db:84:96:86:55:
                    a8:21:d6:12:7e:e7:06:f2:71:e7:e5:e8:84:96:aa:
                    d2:26:e0:d4:12:86:b9:8a:11:c5:43:95:40:f3:b9:
                    e7:b9:ee:40:7a:52:4c:ca:38:50:b4:60:da:c1:5f:
                    de:80:af:d5:c4:df:a1:42:bc:d0:01:e5:b9:3f:5c:
                    80:31:53:34:15:32:5c:4b:3e:40:97:7e:27:da:12:
                    99:eb:2c:c0:61:d9:e7:d7:07:8e:e8:06:b5:05:2d:
                    e5:9a:36:12:e0:fb:38:cf:13:cc:04:c4:9f:96:37:
                    ca:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:16:AE:95:07:A7:E0:9D:02:C5:B5:9F:8D:31:D9:F4:9C:FE:5E:19
            X509v3 Authority Key Identifier:
                keyid:17:FD:7B:4C:D3:B9:72:25:C9:12:44:D2:04:C9:73:AB:A8:48:EF:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5BC27E67CC4BD72DBD695E8B8FD48EE83524B67C058379454E87EA4739D3405E/0/17FD7B4CD3B97225C91244D204C973ABA848EF0A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/17FD7B4CD3B97225C91244D204C973ABA848EF0A.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5BC27E67CC4BD72DBD695E8B8FD48EE83524B67C058379454E87EA4739D3405E/0/3137302e38302e3134332e302f32342d3234203d3e20323634383139.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.80.143.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4a:70:20:b7:70:53:4d:90:ff:c5:44:e3:ed:0e:b9:9b:e4:73:
         57:cd:f4:e4:83:57:ca:18:33:fc:8d:e9:97:e6:09:a4:2d:62:
         e4:7f:de:45:63:47:54:74:d9:78:b9:bf:52:e5:43:b0:1a:ac:
         a7:99:f3:1a:b4:50:3c:f8:b2:ec:c5:41:a7:7b:9b:82:4e:80:
         25:f2:6e:a7:0d:40:07:56:09:3a:3e:8b:80:7a:47:99:2f:0c:
         43:85:0e:25:a3:0e:95:24:fd:04:e2:f6:53:e7:7e:52:1c:5e:
         11:87:b6:1c:42:e3:d5:28:4b:4d:d2:63:58:e8:13:85:56:03:
         41:61:5e:e0:a4:85:11:89:26:ed:c5:84:41:ed:77:65:c9:d1:
         7e:3b:4c:2d:6f:ef:44:a7:3c:be:77:43:c8:79:f9:c5:0d:15:
         74:66:4f:be:6e:b2:8f:f1:51:13:24:e8:26:e0:d2:9a:d8:ad:
         88:7a:fe:bf:d6:a7:7c:7d:89:71:60:ee:c6:28:74:84:6d:f7:
         3c:db:33:3c:26:5b:f2:72:3f:36:86:e8:27:c6:a5:62:e8:bb:
         9e:d4:59:e4:da:a7:24:0b:59:a8:44:4d:ba:e5:e8:d5:1f:3f:
         26:3e:8d:85:3f:9d:7b:2f:59:d3:ca:36:6e:1a:84:18:03:d6:
         8b:15:64:60
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUcnq02KtxMhrMrrypt6BXaZR653kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTdGRDdCNENEM0I5NzIyNUM5MTI0NEQyMDRDOTczQUJB
ODQ4RUYwQTAeFw0yNDAzMDUxNzU3MzlaFw0yNTAzMDQxODAyMzlaMDMxMTAvBgNV
BAMTKEREMTZBRTk1MDdBN0UwOUQwMkM1QjU5RjhEMzFEOUY0OUNGRTVFMTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2C1fXVP6mbeDkIzS094JAQfI9
UNCrz/+sV/YXSmr5URPgS7Y1y+K7YbWFHMGZlF+0FAiJ9F8HNweMHjUro+sYQOzA
EX/je4X5HjtTLZz8EzhOVbLu64TVE57M4zNqn3soQ34oszjOjmm/0aRRNB/3jVYH
2i0IYP7NXhzZ7uSDBg8BHBpluWsUMqEmv3NmU6vbhJaGVagh1hJ+5wbycefl6ISW
qtIm4NQShrmKEcVDlUDzuee57kB6UkzKOFC0YNrBX96Ar9XE36FCvNAB5bk/XIAx
UzQVMlxLPkCXfifaEpnrLMBh2efXB47oBrUFLeWaNhLg+zjPE8wExJ+WN8pdAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU3RaulQen4J0CxbWfjTHZ9Jz+XhkwHwYDVR0j
BBgwFoAUF/17TNO5ciXJEkTSBMlzq6hI7wowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81QkMyN0U2N0NDNEJENzJEQkQ2OTVFOEI4RkQ0OEVFODM1
MjRCNjdDMDU4Mzc5NDU0RTg3RUE0NzM5RDM0MDVFLzAvMTdGRDdCNENEM0I5NzIy
NUM5MTI0NEQyMDRDOTczQUJBODQ4RUYwQS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xN0ZEN0I0Q0QzQjk3MjI1Qzkx
MjQ0RDIwNEM5NzNBQkE4NDhFRjBBLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNUJDMjdFNjdDQzRCRDcyREJENjk1RThCOEZENDhFRTgzNTI0QjY3QzA1
ODM3OTQ1NEU4N0VBNDczOUQzNDA1RS8wLzMxMzczMDJlMzgzMDJlMzEzNDMzMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjM0MzgzMTM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqlCP
MA0GCSqGSIb3DQEBCwUAA4IBAQBKcCC3cFNNkP/FROPtDrmb5HNXzfTkg1fKGDP8
jemX5gmkLWLkf95FY0dUdNl4ub9S5UOwGqynmfMatFA8+LLsxUGne5uCToAl8m6n
DUAHVgk6PouAekeZLwxDhQ4low6VJP0E4vZT535SHF4Rh7YcQuPVKEtN0mNY6BOF
VgNBYV7gpIURiSbtxYRB7XdlydF+O0wtb+9Epzy+d0PIefnFDRV0Zk++brKP8VET
JOgm4NKa2K2Iev6/1qd8fYlxYO7GKHSEbfc82zM8Jlvycj82hugnxqVi6Lue1Fnk
2qckC1moRE265ejVHz8mPo2FP517L1nTyjZuGoQYA9aLFWRg
-----END CERTIFICATE-----