Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/693002ba-e833-41e5-bcb5-4d381c0d79b6/d5a07892f23daace8e5853169f9d0498cdcf8eec.roa
File:                     d5a07892f23daace8e5853169f9d0498cdcf8eec.roa (raw, json)
Hash identifier:          0J2ywdpOXOPwZMDPHSxR71eyLOvMccGj7HGZ7K5ZfLY=
Subject key identifier:   9B:E5:AA:56:0C:BD:51:43:49:5B:61:F3:A8:6F:4E:5F:71:96:2F:F8
Certificate issuer:       /CN=450e05696920146d80a6cffd7e47b4df43d2b64a
Certificate serial:       1E954E
Authority key identifier: 14:FB:AE:BF:E3:D9:4F:3F:B2:71:61:18:07:0A:12:05:F7:BD:53:4F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/450e05696920146d80a6cffd7e47b4df43d2b64a.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/693002ba-e833-41e5-bcb5-4d381c0d79b6/d5a07892f23daace8e5853169f9d0498cdcf8eec.roa
Signing time:             Tue 07 Mar 2023 21:10:49 +0000
ROA not before:           Sun 12 Jun 2022 03:00:00 +0000
ROA not after:            Thu 13 Jun 2024 03:00:00 +0000
asID:                     12127
IP address blocks:        190.57.0.0/22 maxlen: 24
                          190.57.4.0/23 maxlen: 24
                          190.57.6.0/24 maxlen: 24
                          190.57.8.0/21 maxlen: 24
                          190.57.21.0/24 maxlen: 24
                          190.57.23.0/24 maxlen: 24
                          190.57.24.0/24 maxlen: 24
                          190.57.80.0/20 maxlen: 24
                          190.57.96.0/21 maxlen: 24
                          190.57.104.0/22 maxlen: 24
                          190.57.113.0/24 maxlen: 24
                          190.57.114.0/24 maxlen: 24
                          190.57.120.0/22 maxlen: 24
                          2803:1000::/32 maxlen: 32

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2004302 (0x1e954e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=450e05696920146d80a6cffd7e47b4df43d2b64a
        Validity
            Not Before: Jun 12 03:00:00 2022 GMT
            Not After : Jun 13 03:00:00 2024 GMT
        Subject: CN=d5a07892f23daace8e5853169f9d0498cdcf8eec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:70:ed:3e:b3:26:3b:4d:22:ba:fb:0a:9e:92:
                    42:f4:b8:a1:cb:6d:bc:32:28:63:f7:bc:40:05:ff:
                    f9:b9:d8:e3:f4:6e:df:0d:e4:33:30:52:ef:29:a6:
                    24:05:4b:df:d6:5d:df:3e:8a:16:1e:1c:14:2c:c5:
                    09:a6:82:d9:21:84:c9:bf:6e:4b:16:e4:5f:08:ea:
                    b8:94:00:d5:2e:e9:61:6b:f5:c1:12:5d:61:f3:fa:
                    4c:46:50:c2:c0:f2:bb:e1:9d:5f:f2:a5:26:9f:cf:
                    e1:a5:ac:1a:04:ae:1a:78:15:cb:75:ff:19:da:7c:
                    17:2a:12:04:62:ee:47:e4:b0:ed:f3:76:61:5f:ba:
                    b3:47:bf:dd:59:ee:4f:1f:fe:b4:20:ad:85:b3:06:
                    e6:15:c0:66:40:c2:d5:2b:29:1c:25:a6:cf:5c:3e:
                    ba:9b:7b:a5:89:ab:36:56:fb:d5:99:a9:02:ba:f6:
                    25:f9:fb:c8:43:3d:6a:b4:93:a0:64:fb:3b:1a:7b:
                    49:9c:87:7e:65:10:64:1a:d4:e4:26:94:99:6a:85:
                    0b:e9:96:79:3e:59:74:2c:b8:91:85:cc:94:1f:d6:
                    ca:0a:68:8c:9b:c3:d5:40:71:06:73:9a:b7:69:3f:
                    2f:e1:4f:82:da:65:6f:52:6b:8c:0f:8c:3e:a7:57:
                    ca:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:E5:AA:56:0C:BD:51:43:49:5B:61:F3:A8:6F:4E:5F:71:96:2F:F8
            X509v3 Authority Key Identifier:
                keyid:14:FB:AE:BF:E3:D9:4F:3F:B2:71:61:18:07:0A:12:05:F7:BD:53:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/450e05696920146d80a6cffd7e47b4df43d2b64a.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/693002ba-e833-41e5-bcb5-4d381c0d79b6/d5a07892f23daace8e5853169f9d0498cdcf8eec.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/693002ba-e833-41e5-bcb5-4d381c0d79b6/450e05696920146d80a6cffd7e47b4df43d2b64a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.57.0.0-190.57.6.255
                  190.57.8.0/21
                  190.57.21.0/24
                  190.57.23.0-190.57.24.255
                  190.57.80.0-190.57.107.255
                  190.57.113.0-190.57.114.255
                  190.57.120.0/22
                IPv6:
                  2803:1000::/32

    Signature Algorithm: sha256WithRSAEncryption
         8b:19:ba:0b:55:f6:1c:59:67:59:cb:99:ef:36:bc:d5:4a:0a:
         88:e7:ce:c2:33:ac:d1:f3:74:c1:fa:01:74:e2:d9:f4:83:b0:
         c9:d8:4c:e4:b8:f0:80:d8:af:2c:c9:06:cb:21:ac:08:6a:82:
         e0:5b:fa:9a:79:a3:94:da:5f:bd:23:38:35:c0:f3:55:59:10:
         8a:52:c2:cf:3d:c3:d8:7c:78:7b:c1:5d:24:b3:f9:a9:b2:35:
         89:4d:fa:53:16:1e:57:0b:a0:8c:96:6c:3c:ff:8d:ad:25:82:
         26:b2:9a:f8:54:ff:40:4f:d4:22:d0:c8:05:1f:2c:c3:55:a0:
         39:7b:89:88:97:db:05:89:c7:32:b6:19:68:c0:de:b1:bc:45:
         6c:93:90:b7:a5:91:02:3c:4b:22:43:4a:b4:93:ee:ac:f2:94:
         3f:1d:12:d7:29:f8:5f:27:2a:60:0d:8b:02:f5:9f:c7:c9:55:
         09:30:b5:b9:2c:6e:f4:59:12:6b:1a:bf:53:b2:ec:9b:19:94:
         0c:27:bf:7c:0d:dd:df:7c:0f:5d:fa:b3:31:f4:db:c3:29:88:
         69:f6:5f:c4:c6:30:56:10:23:b8:d7:31:68:46:87:f8:00:04:
         a5:0d:74:f2:f1:8f:fe:1c:56:72:3f:e5:ee:7d:c2:71:3a:18:
         64:5f:1c:8a
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDHpVOMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDQ1
MGUwNTY5NjkyMDE0NmQ4MGE2Y2ZmZDdlNDdiNGRmNDNkMmI2NGEwHhcNMjIwNjEy
MDMwMDAwWhcNMjQwNjEzMDMwMDAwWjAzMTEwLwYDVQQDEyhkNWEwNzg5MmYyM2Rh
YWNlOGU1ODUzMTY5ZjlkMDQ5OGNkY2Y4ZWVjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAg3DtPrMmO00iuvsKnpJC9Lihy228Mihj97xABf/5udjj9G7f
DeQzMFLvKaYkBUvf1l3fPooWHhwULMUJpoLZIYTJv25LFuRfCOq4lADVLulha/XB
El1h8/pMRlDCwPK74Z1f8qUmn8/hpawaBK4aeBXLdf8Z2nwXKhIEYu5H5LDt83Zh
X7qzR7/dWe5PH/60IK2FswbmFcBmQMLVKykcJabPXD66m3ulias2VvvVmakCuvYl
+fvIQz1qtJOgZPs7GntJnId+ZRBkGtTkJpSZaoUL6ZZ5Pll0LLiRhcyUH9bKCmiM
m8PVQHEGc5q3aT8v4U+C2mVvUmuMD4w+p1fKxQIDAQABo4ICrTCCAqkwHQYDVR0O
BBYEFJvlqlYMvVFDSVth86hvTl9xli/4MB8GA1UdIwQYMBaAFBT7rr/j2U8/snFh
GAcKEgX3vVNPMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNDUwZTA1
Njk2OTIwMTQ2ZDgwYTZjZmZkN2U0N2I0ZGY0M2QyYjY0YS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNjkzMDAyYmEtZTgzMy00MWU1LWJjYjUtNGQzODFj
MGQ3OWI2L2Q1YTA3ODkyZjIzZGFhY2U4ZTU4NTMxNjlmOWQwNDk4Y2RjZjhlZWMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82OTMwMDJiYS1lODMzLTQxZTUtYmNiNS00ZDM4
MWMwZDc5YjYvNDUwZTA1Njk2OTIwMTQ2ZDgwYTZjZmZkN2U0N2I0ZGY0M2QyYjY0
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBxBggrBgEFBQcBBwEB/wRi
MGAwTwQCAAEwSTALAwMAvjkDBAC+OQYDBAO+OQgDBAC+ORUwDAMEAL45FwMEAL45
GDAMAwQEvjlQAwQCvjloMAwDBAC+OXEDBAC+OXIDBAK+OXgwDQQCAAIwBwMFACgD
EAAwDQYJKoZIhvcNAQELBQADggEBAIsZugtV9hxZZ1nLme82vNVKCojnzsIzrNHz
dMH6AXTi2fSDsMnYTOS48IDYryzJBsshrAhqguBb+pp5o5TaX70jODXA81VZEIpS
ws89w9h8eHvBXSSz+amyNYlN+lMWHlcLoIyWbDz/ja0lgiaymvhU/0BP1CLQyAUf
LMNVoDl7iYiX2wWJxzK2GWjA3rG8RWyTkLelkQI8SyJDSrST7qzylD8dEtcp+F8n
KmANiwL1n8fJVQkwtbksbvRZEmsav1Oy7JsZlAwnv3wN3d98D136szH028MpiGn2
X8TGMFYQI7jXMWhGh/gABKUNdPLxj/4cVnI/5e59wnE6GGRfHIo=
-----END CERTIFICATE-----