Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/6CDC5DE2D7CD6AC9AF27F2C749BE2DB823BF4D531F23C0C35E1743B2D7F11C09/0/34352e3137332e3139362e302f32342d3234203d3e20323637383039.roa
File:                     34352e3137332e3139362e302f32342d3234203d3e20323637383039.roa (raw, json)
Hash identifier:          QbEvn5cYJasWUbFUE0m2QGwlAqCXwIzLljbER+41cRs=
Subject key identifier:   D4:E7:F0:33:93:FE:63:9D:4C:FD:AA:7A:13:CA:E0:B8:28:9B:1A:4B
Certificate issuer:       /CN=95A8CEA1F7115C0D9908328A0B91BA4CEDD4B6DA
Certificate serial:       28A44A0A4A730CF39702BE5CDF581EB5571CA16C
Authority key identifier: 95:A8:CE:A1:F7:11:5C:0D:99:08:32:8A:0B:91:BA:4C:ED:D4:B6:DA
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/95A8CEA1F7115C0D9908328A0B91BA4CEDD4B6DA.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/6CDC5DE2D7CD6AC9AF27F2C749BE2DB823BF4D531F23C0C35E1743B2D7F11C09/0/34352e3137332e3139362e302f32342d3234203d3e20323637383039.roa
Signing time:             Tue 05 Mar 2024 18:15:12 +0000
ROA not before:           Tue 05 Mar 2024 18:10:12 +0000
ROA not after:            Tue 04 Mar 2025 18:15:12 +0000
asID:                     267809
IP address blocks:        45.173.196.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 05 Aug 2024 18:35:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:a4:4a:0a:4a:73:0c:f3:97:02:be:5c:df:58:1e:b5:57:1c:a1:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95A8CEA1F7115C0D9908328A0B91BA4CEDD4B6DA
        Validity
            Not Before: Mar  5 18:10:12 2024 GMT
            Not After : Mar  4 18:15:12 2025 GMT
        Subject: CN=D4E7F03393FE639D4CFDAA7A13CAE0B8289B1A4B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:ef:0d:77:62:6f:9b:60:d5:4f:7a:e9:f6:e5:
                    e7:4a:7d:fc:1a:7d:04:e5:e4:be:4c:94:8c:1b:51:
                    75:34:87:13:d7:6b:42:fe:d6:1b:47:d4:ea:1f:22:
                    14:1b:af:e6:50:c8:b2:2f:73:ce:8f:7d:88:28:28:
                    05:68:9c:58:8f:dc:84:0b:fb:c1:67:bb:64:a1:43:
                    8c:f0:75:79:4d:9a:25:d3:a1:7e:e8:44:f3:9b:e5:
                    30:9c:36:41:b5:4b:a9:d4:4c:4e:33:81:5b:c3:a0:
                    18:a8:7c:d9:55:ca:d2:7d:cc:38:b8:a4:09:09:43:
                    09:f8:7d:37:0f:34:f9:49:07:a4:09:89:3b:1c:d5:
                    5f:0b:63:bc:0b:94:99:de:bb:39:d4:6e:67:03:e8:
                    cd:39:ae:0b:11:24:e5:3c:12:22:a6:9f:29:69:e8:
                    a2:c9:74:a9:70:4c:19:61:06:87:2e:1c:42:8e:eb:
                    84:0b:59:57:53:89:bd:6b:ba:d9:eb:a3:0a:4f:bf:
                    d0:b8:47:31:ee:d6:0f:f2:2d:9f:d4:ca:33:7c:93:
                    52:0d:cc:d6:c4:e9:71:ff:5d:0a:e3:a6:a0:ee:6b:
                    77:60:0d:74:e7:05:51:42:c4:2a:71:9f:1e:d2:dd:
                    de:06:5c:30:47:8d:af:d8:fa:e9:71:82:7c:11:94:
                    a9:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:E7:F0:33:93:FE:63:9D:4C:FD:AA:7A:13:CA:E0:B8:28:9B:1A:4B
            X509v3 Authority Key Identifier:
                keyid:95:A8:CE:A1:F7:11:5C:0D:99:08:32:8A:0B:91:BA:4C:ED:D4:B6:DA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/6CDC5DE2D7CD6AC9AF27F2C749BE2DB823BF4D531F23C0C35E1743B2D7F11C09/0/95A8CEA1F7115C0D9908328A0B91BA4CEDD4B6DA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/95A8CEA1F7115C0D9908328A0B91BA4CEDD4B6DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/6CDC5DE2D7CD6AC9AF27F2C749BE2DB823BF4D531F23C0C35E1743B2D7F11C09/0/34352e3137332e3139362e302f32342d3234203d3e20323637383039.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.173.196.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:87:5f:26:a6:6e:38:32:2a:0b:fc:78:66:f8:ad:87:3c:47:
         72:87:ab:61:42:1a:45:31:d0:5f:dd:7a:af:8c:b2:93:81:14:
         ef:7a:e3:86:c0:70:01:0e:07:56:ce:45:eb:fc:2a:1f:fb:2d:
         5e:c2:14:bf:26:5b:be:81:28:be:97:38:b7:71:86:69:f5:de:
         ef:b3:8b:10:0c:75:b7:ab:43:e1:02:7a:59:a7:a0:b4:3e:0a:
         e7:67:ed:09:13:a9:a4:4c:6c:5e:50:52:bd:79:0b:79:ae:40:
         7c:f4:3e:72:8c:15:9e:1a:0c:90:3b:77:83:ea:64:d9:63:af:
         2b:16:f5:63:33:eb:17:dd:85:29:8c:2d:06:60:10:49:8a:f8:
         d3:d7:53:30:36:82:46:b0:4b:0e:3c:a7:00:08:02:e7:bd:34:
         a8:ff:50:32:77:ab:cc:ba:dd:d2:99:59:52:8a:9f:f1:fb:56:
         44:93:10:c4:05:41:21:7a:13:8e:cc:e8:39:79:71:f6:fc:f3:
         f1:ee:f9:e3:6d:a5:31:ac:e0:13:c8:5a:b3:a8:94:4b:dc:e3:
         f3:60:f1:47:07:6a:26:33:19:32:cc:13:11:95:b6:bd:51:d9:
         18:5c:44:1e:b1:0b:13:73:f1:c5:4e:c0:b4:f3:b9:a0:49:49:
         b6:f1:62:d4
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUKKRKCkpzDPOXAr5c31getVccoWwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTVBOENFQTFGNzExNUMwRDk5MDgzMjhBMEI5MUJBNENF
REQ0QjZEQTAeFw0yNDAzMDUxODEwMTJaFw0yNTAzMDQxODE1MTJaMDMxMTAvBgNV
BAMTKEQ0RTdGMDMzOTNGRTYzOUQ0Q0ZEQUE3QTEzQ0FFMEI4Mjg5QjFBNEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDq7w13Ym+bYNVPeun25edKffwa
fQTl5L5MlIwbUXU0hxPXa0L+1htH1OofIhQbr+ZQyLIvc86PfYgoKAVonFiP3IQL
+8Fnu2ShQ4zwdXlNmiXToX7oRPOb5TCcNkG1S6nUTE4zgVvDoBiofNlVytJ9zDi4
pAkJQwn4fTcPNPlJB6QJiTsc1V8LY7wLlJneuznUbmcD6M05rgsRJOU8EiKmnylp
6KLJdKlwTBlhBocuHEKO64QLWVdTib1rutnrowpPv9C4RzHu1g/yLZ/UyjN8k1IN
zNbE6XH/XQrjpqDua3dgDXTnBVFCxCpxnx7S3d4GXDBHja/Y+ulxgnwRlKmZAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU1OfwM5P+Y51M/ap6E8rguCibGkswHwYDVR0j
BBgwFoAUlajOofcRXA2ZCDKKC5G6TO3UttowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy82Q0RDNURFMkQ3Q0Q2QUM5QUYyN0YyQzc0OUJFMkRCODIz
QkY0RDUzMUYyM0MwQzM1RTE3NDNCMkQ3RjExQzA5LzAvOTVBOENFQTFGNzExNUMw
RDk5MDgzMjhBMEI5MUJBNENFREQ0QjZEQS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85NUE4Q0VBMUY3MTE1QzBEOTkw
ODMyOEEwQjkxQkE0Q0VERDRCNkRBLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNkNEQzVERTJEN0NENkFDOUFGMjdGMkM3NDlCRTJEQjgyM0JGNEQ1MzFG
MjNDMEMzNUUxNzQzQjJEN0YxMUMwOS8wLzM0MzUyZTMxMzczMzJlMzEzOTM2MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjM3MzgzMDM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALa3E
MA0GCSqGSIb3DQEBCwUAA4IBAQCLh18mpm44MioL/Hhm+K2HPEdyh6thQhpFMdBf
3XqvjLKTgRTveuOGwHABDgdWzkXr/Cof+y1ewhS/Jlu+gSi+lzi3cYZp9d7vs4sQ
DHW3q0PhAnpZp6C0PgrnZ+0JE6mkTGxeUFK9eQt5rkB89D5yjBWeGgyQO3eD6mTZ
Y68rFvVjM+sX3YUpjC0GYBBJivjT11MwNoJGsEsOPKcACALnvTSo/1Ayd6vMut3S
mVlSip/x+1ZEkxDEBUEhehOOzOg5eXH2/PPx7vnjbaUxrOATyFqzqJRL3OPzYPFH
B2omMxkyzBMRlba9UdkYXEQesQsTc/HFTsC087mgSUm28WLU
-----END CERTIFICATE-----
Generated at Mon Aug 5 20:09:35 2024 by rpki-client on console-fra.rpki-client.org