Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/825865E576BF41DD443CD73043850CA6EA6A1F203C3F284090953ABD88625CEB/0/323830333a6231303a3a2f33322d3438203d3e203237393531.roa
File:                     323830333a6231303a3a2f33322d3438203d3e203237393531.roa (raw, json)
Hash identifier:          dhF4IdPAFmGtaWcv9ix5tR/4LkGPy1Dq2MbGsd9ZOsM=
Subject key identifier:   36:98:6F:13:89:57:B3:0A:0E:4A:CE:BF:98:7D:72:C7:F5:D7:3F:E3
Certificate issuer:       /CN=CD0359B546DAA38DE0E98E47B85C7B2AE2C82D71
Certificate serial:       615598F8F1FABCC7B630813B718CDBC6BF3A484B
Authority key identifier: CD:03:59:B5:46:DA:A3:8D:E0:E9:8E:47:B8:5C:7B:2A:E2:C8:2D:71
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CD0359B546DAA38DE0E98E47B85C7B2AE2C82D71.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/825865E576BF41DD443CD73043850CA6EA6A1F203C3F284090953ABD88625CEB/0/323830333a6231303a3a2f33322d3438203d3e203237393531.roa
Signing time:             Wed 12 Jun 2024 21:25:00 +0000
ROA not before:           Wed 12 Jun 2024 21:20:00 +0000
ROA not after:            Wed 11 Jun 2025 21:25:00 +0000
asID:                     27951
IP address blocks:        2803:b10::/32 maxlen: 48

Validation:               Failed, certificate revoked on Thu 15 Aug 2024 19:55:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:55:98:f8:f1:fa:bc:c7:b6:30:81:3b:71:8c:db:c6:bf:3a:48:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CD0359B546DAA38DE0E98E47B85C7B2AE2C82D71
        Validity
            Not Before: Jun 12 21:20:00 2024 GMT
            Not After : Jun 11 21:25:00 2025 GMT
        Subject: CN=36986F138957B30A0E4ACEBF987D72C7F5D73FE3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:5d:27:ff:b9:60:70:b7:73:17:e3:e5:51:0e:
                    b4:2c:19:50:f0:bc:7a:79:7a:a2:e3:63:7e:66:44:
                    66:dd:ca:48:80:70:9c:e2:e5:7b:04:6b:30:e2:dc:
                    90:88:7b:9c:4b:23:1c:1c:d5:96:27:41:a9:b6:0b:
                    1c:2d:fb:30:54:ee:f0:97:a8:21:00:5a:6e:7a:f9:
                    88:22:1d:c5:ec:11:a4:04:be:91:39:0d:5c:26:44:
                    ac:46:e2:2e:07:8a:ff:46:c0:1f:15:5f:12:eb:11:
                    d2:c6:47:1e:8d:0c:76:84:24:06:ed:be:61:1f:65:
                    4a:78:51:3b:c7:3f:90:23:fc:cc:e9:97:00:b3:eb:
                    db:ed:67:70:4f:10:80:8b:96:4c:e5:2b:75:9c:db:
                    2e:d8:ca:3a:3e:76:a2:66:dd:50:82:cf:3c:55:97:
                    a2:f8:17:84:1b:b4:45:01:32:2f:6e:34:2c:39:c8:
                    95:ec:0a:85:4c:ee:30:08:e6:4e:0d:b3:86:95:d9:
                    8d:23:0f:5b:cd:c3:e6:81:f9:62:fc:a9:02:10:aa:
                    43:eb:bf:e0:aa:c7:66:ea:62:87:1d:2f:fb:dc:17:
                    a3:66:94:4c:b8:63:9f:b4:65:05:b1:68:1e:f3:fd:
                    21:bf:f8:ad:21:15:10:27:e0:2a:f4:37:1e:f9:08:
                    5e:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:98:6F:13:89:57:B3:0A:0E:4A:CE:BF:98:7D:72:C7:F5:D7:3F:E3
            X509v3 Authority Key Identifier:
                keyid:CD:03:59:B5:46:DA:A3:8D:E0:E9:8E:47:B8:5C:7B:2A:E2:C8:2D:71

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/825865E576BF41DD443CD73043850CA6EA6A1F203C3F284090953ABD88625CEB/0/CD0359B546DAA38DE0E98E47B85C7B2AE2C82D71.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CD0359B546DAA38DE0E98E47B85C7B2AE2C82D71.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/825865E576BF41DD443CD73043850CA6EA6A1F203C3F284090953ABD88625CEB/0/323830333a6231303a3a2f33322d3438203d3e203237393531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:b10::/32

    Signature Algorithm: sha256WithRSAEncryption
         81:00:bb:64:c0:8a:8a:b6:53:17:5a:77:34:fa:e3:c4:2c:bb:
         13:f8:28:31:64:64:ed:d2:cc:a1:66:fa:0b:47:3a:6e:85:bb:
         6e:c2:d1:52:cb:1f:91:c6:47:77:ef:ba:bc:2c:16:39:e7:09:
         71:9a:42:bf:97:f6:88:21:89:48:50:6e:d2:d3:c6:16:cd:9f:
         19:58:72:d8:0d:dc:69:2e:dc:cd:f9:2c:f5:98:ff:b0:1b:76:
         27:51:41:64:3a:12:0e:a1:79:bb:41:5c:55:da:1c:cb:31:92:
         ca:89:b5:f4:2e:89:17:3b:e3:c4:f2:12:b3:49:56:7d:ca:7c:
         85:be:cb:65:d7:d2:e6:2d:bd:27:56:ae:b8:69:84:a6:45:b8:
         7a:69:5b:39:65:93:88:1f:3c:ff:1d:e1:f7:23:b6:78:93:f0:
         9b:23:77:18:f8:ce:8f:83:64:1c:08:82:fa:1f:17:58:74:f5:
         c8:cc:d7:cd:8e:0a:1b:7e:09:cb:41:65:f9:ed:33:20:ae:a2:
         40:f4:1a:9c:b6:c9:87:cb:e8:1a:af:45:16:e4:ea:6e:ff:18:
         b3:de:1a:3d:35:9b:e6:5b:b3:91:54:e0:f1:f5:15:2f:65:f3:
         e0:ba:78:44:0d:e5:54:bc:35:56:3b:4a:e1:57:a4:20:d2:ad:
         14:ee:e2:52
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgIUYVWY+PH6vMe2MIE7cYzbxr86SEswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0QwMzU5QjU0NkRBQTM4REUwRTk4RTQ3Qjg1QzdCMkFF
MkM4MkQ3MTAeFw0yNDA2MTIyMTIwMDBaFw0yNTA2MTEyMTI1MDBaMDMxMTAvBgNV
BAMTKDM2OTg2RjEzODk1N0IzMEEwRTRBQ0VCRjk4N0Q3MkM3RjVENzNGRTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpXSf/uWBwt3MX4+VRDrQsGVDw
vHp5eqLjY35mRGbdykiAcJzi5XsEazDi3JCIe5xLIxwc1ZYnQam2Cxwt+zBU7vCX
qCEAWm56+YgiHcXsEaQEvpE5DVwmRKxG4i4Hiv9GwB8VXxLrEdLGRx6NDHaEJAbt
vmEfZUp4UTvHP5Aj/MzplwCz69vtZ3BPEICLlkzlK3Wc2y7Yyjo+dqJm3VCCzzxV
l6L4F4QbtEUBMi9uNCw5yJXsCoVM7jAI5k4Ns4aV2Y0jD1vNw+aB+WL8qQIQqkPr
v+Cqx2bqYocdL/vcF6NmlEy4Y5+0ZQWxaB7z/SG/+K0hFRAn4Cr0Nx75CF51AgMB
AAGjggLFMIICwTAdBgNVHQ4EFgQUNphvE4lXswoOSs6/mH1yx/XXP+MwHwYDVR0j
BBgwFoAUzQNZtUbao43g6Y5HuFx7KuLILXEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84MjU4NjVFNTc2QkY0MURENDQzQ0Q3MzA0Mzg1MENBNkVB
NkExRjIwM0MzRjI4NDA5MDk1M0FCRDg4NjI1Q0VCLzAvQ0QwMzU5QjU0NkRBQTM4
REUwRTk4RTQ3Qjg1QzdCMkFFMkM4MkQ3MS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DRDAzNTlCNTQ2REFBMzhERTBF
OThFNDdCODVDN0IyQUUyQzgyRDcxLmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvODI1ODY1RTU3NkJGNDFERDQ0M0NENzMwNDM4NTBDQTZFQTZBMUYyMDND
M0YyODQwOTA5NTNBQkQ4ODYyNUNFQi8wLzMyMzgzMDMzM2E2MjMxMzAzYTNhMmYz
MzMyMmQzNDM4MjAzZDNlMjAzMjM3MzkzNTMxLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKAMLEDANBgkq
hkiG9w0BAQsFAAOCAQEAgQC7ZMCKirZTF1p3NPrjxCy7E/goMWRk7dLMoWb6C0c6
boW7bsLRUssfkcZHd++6vCwWOecJcZpCv5f2iCGJSFBu0tPGFs2fGVhy2A3caS7c
zfks9Zj/sBt2J1FBZDoSDqF5u0FcVdocyzGSyom19C6JFzvjxPISs0lWfcp8hb7L
ZdfS5i29J1auuGmEpkW4emlbOWWTiB88/x3h9yO2eJPwmyN3GPjOj4NkHAiC+h8X
WHT1yMzXzY4KG34Jy0Fl+e0zIK6iQPQanLbJh8voGq9FFuTqbv8Ys94aPTWb5luz
kVTg8fUVL2Xz4Lp4RA3lVLw1VjtK4VekINKtFO7iUg==
-----END CERTIFICATE-----
Generated at Thu Aug 15 21:42:47 2024 by rpki-client on console-ams.rpki-client.org