Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/825865E576BF41DD443CD73043850CA6EA6A1F203C3F284090953ABD88625CEB/0/3138312e3233332e3136382e302f32322d3234203d3e203237393531.roa
File:                     3138312e3233332e3136382e302f32322d3234203d3e203237393531.roa (raw, json)
Hash identifier:          gwZuKjSzC29azokrcthoT38+l0VDOLD1/Q8wN3lPoMU=
Subject key identifier:   E4:E8:B5:87:F4:C5:9F:1C:87:5A:18:F6:EA:CA:DD:21:47:2E:2E:05
Certificate issuer:       /CN=CD0359B546DAA38DE0E98E47B85C7B2AE2C82D71
Certificate serial:       47097F4878DE84AA77A1D4BE89ED9632D7B382D7
Authority key identifier: CD:03:59:B5:46:DA:A3:8D:E0:E9:8E:47:B8:5C:7B:2A:E2:C8:2D:71
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CD0359B546DAA38DE0E98E47B85C7B2AE2C82D71.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/825865E576BF41DD443CD73043850CA6EA6A1F203C3F284090953ABD88625CEB/0/3138312e3233332e3136382e302f32322d3234203d3e203237393531.roa
Signing time:             Wed 12 Jun 2024 21:25:00 +0000
ROA not before:           Wed 12 Jun 2024 21:20:00 +0000
ROA not after:            Wed 11 Jun 2025 21:25:00 +0000
asID:                     27951
IP address blocks:        181.233.168.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Fri 13 Sep 2024 17:10:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:09:7f:48:78:de:84:aa:77:a1:d4:be:89:ed:96:32:d7:b3:82:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CD0359B546DAA38DE0E98E47B85C7B2AE2C82D71
        Validity
            Not Before: Jun 12 21:20:00 2024 GMT
            Not After : Jun 11 21:25:00 2025 GMT
        Subject: CN=E4E8B587F4C59F1C875A18F6EACADD21472E2E05
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:80:1e:ca:f9:a8:31:7d:a3:15:c6:cd:80:89:
                    29:3b:7f:b4:78:e6:67:4c:c8:4e:50:c1:11:b9:8f:
                    00:c2:b1:e1:4c:37:e8:1c:c3:b8:fa:71:7b:16:6a:
                    e9:6b:45:8c:a4:b4:e6:1c:c6:a5:12:66:e5:ae:12:
                    07:3d:3f:b8:df:15:c2:e5:6f:3b:ed:82:cf:db:4a:
                    fe:dc:37:a0:a3:a7:e8:6d:94:e4:2c:08:80:27:7e:
                    f2:d0:aa:bb:d7:60:c1:94:78:08:a2:c5:17:fd:1b:
                    78:82:42:76:88:61:e2:a7:51:97:7e:be:e2:2e:86:
                    dd:e4:1d:fe:ea:13:b4:3b:c5:01:bb:fc:76:a1:12:
                    eb:34:07:7f:f9:d9:2c:8d:2b:1a:1a:c4:33:5c:a7:
                    cd:f6:8f:be:67:27:7a:d4:ef:34:8d:29:f3:7b:30:
                    73:9c:c7:bf:a8:ad:3f:2b:32:d4:2b:40:de:e5:0f:
                    95:f0:48:52:cd:f3:9b:d0:09:64:95:d9:eb:a2:c5:
                    48:0e:8b:72:6d:08:ee:68:f8:17:38:87:ff:a6:66:
                    9e:af:f0:ac:99:02:97:4a:4c:1f:fa:bc:60:ad:3d:
                    ee:e7:11:8b:b8:db:01:80:01:62:34:de:3c:85:87:
                    67:b3:0a:54:68:a6:a5:7c:25:4d:7c:43:b7:fe:ee:
                    9d:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:E8:B5:87:F4:C5:9F:1C:87:5A:18:F6:EA:CA:DD:21:47:2E:2E:05
            X509v3 Authority Key Identifier:
                keyid:CD:03:59:B5:46:DA:A3:8D:E0:E9:8E:47:B8:5C:7B:2A:E2:C8:2D:71

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/825865E576BF41DD443CD73043850CA6EA6A1F203C3F284090953ABD88625CEB/0/CD0359B546DAA38DE0E98E47B85C7B2AE2C82D71.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CD0359B546DAA38DE0E98E47B85C7B2AE2C82D71.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/825865E576BF41DD443CD73043850CA6EA6A1F203C3F284090953ABD88625CEB/0/3138312e3233332e3136382e302f32322d3234203d3e203237393531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.233.168.0/22

    Signature Algorithm: sha256WithRSAEncryption
         20:59:92:95:c1:5d:c9:a4:2e:50:02:b4:9a:4a:22:fd:4a:2a:
         b3:03:28:49:ad:d6:12:5d:2b:96:d3:7a:67:82:98:98:e1:69:
         b0:36:eb:d5:6d:9a:d1:d2:4f:82:d9:73:df:e9:ae:eb:0d:fa:
         5c:88:14:72:7b:56:60:33:6f:0c:d3:20:5c:12:1f:f1:48:dd:
         47:ee:49:54:fa:ed:7c:05:83:19:15:f8:72:ed:68:1e:51:93:
         75:fc:b0:9d:e3:83:09:38:8c:d7:f8:c2:51:37:9f:18:1b:0f:
         48:52:ba:e9:f9:fc:4b:26:54:6c:12:d8:ff:50:9b:66:13:8a:
         be:c4:ef:00:9a:26:c2:1c:fe:32:0b:b8:4c:b9:35:6a:c2:23:
         57:8c:b0:8f:2d:ea:0c:59:56:5e:ee:be:12:23:ba:75:a7:be:
         ef:28:a6:37:75:18:55:d2:e6:6e:75:c7:cd:cb:17:a8:e1:e4:
         f6:17:be:06:21:5a:d9:4b:70:e7:f0:66:62:06:c8:2d:1d:b5:
         bc:ad:80:bc:c7:91:28:4f:a0:b1:aa:63:12:bf:ed:ae:15:ce:
         86:9a:c6:19:7d:9d:0e:92:7a:15:27:ea:42:9b:9c:db:61:96:
         69:c8:09:0b:57:73:3b:07:9a:e3:02:37:a7:ac:1b:06:ae:c0:
         65:34:c5:9a
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIURwl/SHjehKp3odS+ie2WMtezgtcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0QwMzU5QjU0NkRBQTM4REUwRTk4RTQ3Qjg1QzdCMkFF
MkM4MkQ3MTAeFw0yNDA2MTIyMTIwMDBaFw0yNTA2MTEyMTI1MDBaMDMxMTAvBgNV
BAMTKEU0RThCNTg3RjRDNTlGMUM4NzVBMThGNkVBQ0FERDIxNDcyRTJFMDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUgB7K+agxfaMVxs2AiSk7f7R4
5mdMyE5QwRG5jwDCseFMN+gcw7j6cXsWaulrRYyktOYcxqUSZuWuEgc9P7jfFcLl
bzvtgs/bSv7cN6Cjp+htlOQsCIAnfvLQqrvXYMGUeAiixRf9G3iCQnaIYeKnUZd+
vuIuht3kHf7qE7Q7xQG7/HahEus0B3/52SyNKxoaxDNcp832j75nJ3rU7zSNKfN7
MHOcx7+orT8rMtQrQN7lD5XwSFLN85vQCWSV2euixUgOi3JtCO5o+Bc4h/+mZp6v
8KyZApdKTB/6vGCtPe7nEYu42wGAAWI03jyFh2ezClRopqV8JU18Q7f+7p1tAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU5Oi1h/TFnxyHWhj26srdIUcuLgUwHwYDVR0j
BBgwFoAUzQNZtUbao43g6Y5HuFx7KuLILXEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84MjU4NjVFNTc2QkY0MURENDQzQ0Q3MzA0Mzg1MENBNkVB
NkExRjIwM0MzRjI4NDA5MDk1M0FCRDg4NjI1Q0VCLzAvQ0QwMzU5QjU0NkRBQTM4
REUwRTk4RTQ3Qjg1QzdCMkFFMkM4MkQ3MS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DRDAzNTlCNTQ2REFBMzhERTBF
OThFNDdCODVDN0IyQUUyQzgyRDcxLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvODI1ODY1RTU3NkJGNDFERDQ0M0NENzMwNDM4NTBDQTZFQTZBMUYyMDND
M0YyODQwOTA5NTNBQkQ4ODYyNUNFQi8wLzMxMzgzMTJlMzIzMzMzMmUzMTM2Mzgy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM3MzkzNTMxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCtemo
MA0GCSqGSIb3DQEBCwUAA4IBAQAgWZKVwV3JpC5QArSaSiL9SiqzAyhJrdYSXSuW
03pngpiY4WmwNuvVbZrR0k+C2XPf6a7rDfpciBRye1ZgM28M0yBcEh/xSN1H7klU
+u18BYMZFfhy7WgeUZN1/LCd44MJOIzX+MJRN58YGw9IUrrp+fxLJlRsEtj/UJtm
E4q+xO8AmibCHP4yC7hMuTVqwiNXjLCPLeoMWVZe7r4SI7p1p77vKKY3dRhV0uZu
dcfNyxeo4eT2F74GIVrZS3Dn8GZiBsgtHbW8rYC8x5EoT6CxqmMSv+2uFc6GmsYZ
fZ0OknoVJ+pCm5zbYZZpyAkLV3M7B5rjAjenrBsGrsBlNMWa
-----END CERTIFICATE-----
Generated at Fri Sep 13 18:17:52 2024 by rpki-client on console-ams.rpki-client.org