Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/6930AA9EB7C51F08035387AF1E428CFD25C829C605812F765C409B365EAF7828/0/34352e37312e3135362e302f32322d3234203d3e20323635383235.roa
File:                     34352e37312e3135362e302f32322d3234203d3e20323635383235.roa (raw, json)
Hash identifier:          EQZRM0bmdtf1CH2o8Z7RMRiHVdOQrTkJYmpZJxiRM3M=
Subject key identifier:   A3:AC:CF:2A:FC:13:50:64:F4:1A:F9:A3:78:6A:3B:74:0F:08:4A:31
Certificate issuer:       /CN=68736797179852482212F2380438B90C707A82C2
Certificate serial:       10C989F96F5A84D2102C9AE43B56B615CABCCF07
Authority key identifier: 68:73:67:97:17:98:52:48:22:12:F2:38:04:38:B9:0C:70:7A:82:C2
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/68736797179852482212F2380438B90C707A82C2.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/6930AA9EB7C51F08035387AF1E428CFD25C829C605812F765C409B365EAF7828/0/34352e37312e3135362e302f32322d3234203d3e20323635383235.roa
Signing time:             Tue 05 Mar 2024 17:45:53 +0000
ROA not before:           Tue 05 Mar 2024 17:40:53 +0000
ROA not after:            Tue 04 Mar 2025 17:45:53 +0000
asID:                     265825
IP address blocks:        45.71.156.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Wed 25 Sep 2024 14:40:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:c9:89:f9:6f:5a:84:d2:10:2c:9a:e4:3b:56:b6:15:ca:bc:cf:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68736797179852482212F2380438B90C707A82C2
        Validity
            Not Before: Mar  5 17:40:53 2024 GMT
            Not After : Mar  4 17:45:53 2025 GMT
        Subject: CN=A3ACCF2AFC135064F41AF9A3786A3B740F084A31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:7d:18:30:38:9b:b9:64:6b:df:eb:c3:d4:ce:
                    01:5c:92:da:0a:b8:e5:51:62:7c:41:65:9d:8a:35:
                    e0:d5:a6:77:23:45:ad:ce:20:6f:61:cf:92:a4:ab:
                    48:0a:37:20:49:02:3d:be:39:c8:aa:38:07:7d:2a:
                    e3:73:c6:cb:c6:6a:1d:e9:2a:ac:b3:a5:9c:54:2c:
                    80:cb:3e:d6:9e:1f:23:75:c9:25:d3:61:76:32:11:
                    7f:95:2a:20:1c:e5:a7:6a:95:73:d8:2c:81:38:21:
                    cd:b7:35:11:24:ca:94:cb:12:13:cf:11:68:ba:63:
                    b0:c4:c3:52:51:ae:43:44:cf:26:a9:29:02:6c:ec:
                    c7:03:09:60:de:06:29:00:b9:db:50:87:27:5c:3b:
                    4c:01:0d:7b:99:cb:56:4e:ae:dd:2d:ab:bd:93:2f:
                    46:ef:c4:4f:7b:ce:74:d8:16:fb:b9:7c:3f:6a:49:
                    75:aa:5a:05:64:06:d6:39:f2:10:22:b9:25:73:58:
                    e0:6c:c7:32:df:c9:9c:4f:68:1e:82:4a:89:4f:4b:
                    cb:73:e7:1b:de:b0:43:28:2c:dd:03:c6:a0:32:1f:
                    fa:33:a5:8b:20:c7:be:ee:1f:66:87:41:ca:9c:a4:
                    1b:99:d8:21:aa:de:35:93:bd:62:2d:5f:ce:fa:cb:
                    db:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:AC:CF:2A:FC:13:50:64:F4:1A:F9:A3:78:6A:3B:74:0F:08:4A:31
            X509v3 Authority Key Identifier:
                keyid:68:73:67:97:17:98:52:48:22:12:F2:38:04:38:B9:0C:70:7A:82:C2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/6930AA9EB7C51F08035387AF1E428CFD25C829C605812F765C409B365EAF7828/0/68736797179852482212F2380438B90C707A82C2.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/68736797179852482212F2380438B90C707A82C2.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/6930AA9EB7C51F08035387AF1E428CFD25C829C605812F765C409B365EAF7828/0/34352e37312e3135362e302f32322d3234203d3e20323635383235.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.71.156.0/22

    Signature Algorithm: sha256WithRSAEncryption
         65:7a:6b:23:63:3c:1f:4e:74:2b:ea:a3:79:e2:0e:2f:6b:dc:
         09:db:17:00:b7:9e:24:3b:8c:3c:cf:d3:2f:15:af:11:95:3c:
         6c:fe:0c:e4:ea:18:1c:3e:a2:34:c6:3e:60:0a:12:ec:40:e4:
         09:2f:1e:1c:94:81:52:91:ae:57:d8:07:4a:f8:cf:04:4b:dd:
         44:2c:eb:43:68:85:a5:57:13:41:f9:ad:b3:e2:24:e3:1b:0b:
         dc:de:23:05:5d:93:db:88:49:65:73:1f:ec:13:93:ad:42:e3:
         ae:c9:01:d2:76:fb:a5:b3:d1:6a:e9:20:0c:ea:41:20:9e:c1:
         d2:99:e1:f8:07:28:37:96:e8:47:77:7d:f8:79:e7:bb:06:58:
         b8:ac:0d:0f:90:00:1f:ec:a3:60:ce:b4:3c:ba:cd:d6:8e:9d:
         a3:13:4d:3b:ec:a3:12:12:32:06:93:91:3c:b8:77:aa:20:1e:
         be:04:74:00:6c:aa:d3:29:d9:fe:a7:b9:9a:a2:39:8a:10:85:
         5b:66:80:80:22:14:de:d6:8a:8b:c7:a6:b9:6b:bb:3c:90:6c:
         3c:ea:fe:98:38:c3:9c:c8:95:d8:d2:e2:05:89:7f:9f:98:da:
         69:46:09:1e:c8:db:b3:d3:7c:a5:df:44:17:53:50:6c:1d:8c:
         be:ae:5f:c8
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUEMmJ+W9ahNIQLJrkO1a2Fcq8zwcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjg3MzY3OTcxNzk4NTI0ODIyMTJGMjM4MDQzOEI5MEM3
MDdBODJDMjAeFw0yNDAzMDUxNzQwNTNaFw0yNTAzMDQxNzQ1NTNaMDMxMTAvBgNV
BAMTKEEzQUNDRjJBRkMxMzUwNjRGNDFBRjlBMzc4NkEzQjc0MEYwODRBMzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnfRgwOJu5ZGvf68PUzgFcktoK
uOVRYnxBZZ2KNeDVpncjRa3OIG9hz5Kkq0gKNyBJAj2+OciqOAd9KuNzxsvGah3p
KqyzpZxULIDLPtaeHyN1ySXTYXYyEX+VKiAc5adqlXPYLIE4Ic23NREkypTLEhPP
EWi6Y7DEw1JRrkNEzyapKQJs7McDCWDeBikAudtQhydcO0wBDXuZy1ZOrt0tq72T
L0bvxE97znTYFvu5fD9qSXWqWgVkBtY58hAiuSVzWOBsxzLfyZxPaB6CSolPS8tz
5xvesEMoLN0DxqAyH/ozpYsgx77uH2aHQcqcpBuZ2CGq3jWTvWItX876y9sxAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUo6zPKvwTUGT0GvmjeGo7dA8ISjEwHwYDVR0j
BBgwFoAUaHNnlxeYUkgiEvI4BDi5DHB6gsIwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy82OTMwQUE5RUI3QzUxRjA4MDM1Mzg3QUYxRTQyOENGRDI1
QzgyOUM2MDU4MTJGNzY1QzQwOUIzNjVFQUY3ODI4LzAvNjg3MzY3OTcxNzk4NTI0
ODIyMTJGMjM4MDQzOEI5MEM3MDdBODJDMi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC82ODczNjc5NzE3OTg1MjQ4MjIx
MkYyMzgwNDM4QjkwQzcwN0E4MkMyLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNjkzMEFBOUVCN0M1MUYwODAzNTM4N0FGMUU0MjhDRkQyNUM4MjlDNjA1
ODEyRjc2NUM0MDlCMzY1RUFGNzgyOC8wLzM0MzUyZTM3MzEyZTMxMzUzNjJlMzAy
ZjMyMzIyZDMyMzQyMDNkM2UyMDMyMzYzNTM4MzIzNS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi1HnDAN
BgkqhkiG9w0BAQsFAAOCAQEAZXprI2M8H050K+qjeeIOL2vcCdsXALeeJDuMPM/T
LxWvEZU8bP4M5OoYHD6iNMY+YAoS7EDkCS8eHJSBUpGuV9gHSvjPBEvdRCzrQ2iF
pVcTQfmts+Ik4xsL3N4jBV2T24hJZXMf7BOTrULjrskB0nb7pbPRaukgDOpBIJ7B
0pnh+AcoN5boR3d9+HnnuwZYuKwND5AAH+yjYM60PLrN1o6doxNNO+yjEhIyBpOR
PLh3qiAevgR0AGyq0ynZ/qe5mqI5ihCFW2aAgCIU3taKi8emuWu7PJBsPOr+mDjD
nMiV2NLiBYl/n5jaaUYJHsjbs9N8pd9EF1NQbB2Mvq5fyA==
-----END CERTIFICATE-----
Generated at Wed Sep 25 17:33:58 2024 by rpki-client on console-fra.rpki-client.org