Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/828DED2581B8EA4737C44ABDE8284F735073DE3038C2D8F8C618511FCCACE522/0/3133312e37322e32382e302f32322d3232203d3e203531323032.roa
File:                     3133312e37322e32382e302f32322d3232203d3e203531323032.roa (raw, json)
Hash identifier:          GV+JIAH8V6bfwV8gnCvgLIT36IS7Fw56jfHq1g1nxoY=
Subject key identifier:   9A:3B:56:FA:CA:AC:C0:D6:F9:16:69:DC:5D:99:0F:11:47:A7:D1:17
Certificate issuer:       /CN=59B4B5EBC1950B7FD52B09794CC53692ABB7F230
Certificate serial:       6A1A6817E894BB2CC63443A2529BC6E603FB211E
Authority key identifier: 59:B4:B5:EB:C1:95:0B:7F:D5:2B:09:79:4C:C5:36:92:AB:B7:F2:30
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/59B4B5EBC1950B7FD52B09794CC53692ABB7F230.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/828DED2581B8EA4737C44ABDE8284F735073DE3038C2D8F8C618511FCCACE522/0/3133312e37322e32382e302f32322d3232203d3e203531323032.roa
Signing time:             Sun 07 Jul 2024 22:25:00 +0000
ROA not before:           Sun 07 Jul 2024 22:20:00 +0000
ROA not after:            Sun 06 Jul 2025 22:25:00 +0000
asID:                     51202
IP address blocks:        131.72.28.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 08 Jul 2024 00:20:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:1a:68:17:e8:94:bb:2c:c6:34:43:a2:52:9b:c6:e6:03:fb:21:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=59B4B5EBC1950B7FD52B09794CC53692ABB7F230
        Validity
            Not Before: Jul  7 22:20:00 2024 GMT
            Not After : Jul  6 22:25:00 2025 GMT
        Subject: CN=9A3B56FACAACC0D6F91669DC5D990F1147A7D117
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:0c:ce:8c:53:15:17:7c:25:55:48:c4:ef:9e:
                    0f:3f:d3:92:a8:a7:76:e2:5c:ed:3e:6a:4f:8f:ac:
                    ae:3e:c3:82:29:f4:3d:a8:53:8d:80:38:9d:61:d8:
                    78:bd:3d:3e:d8:81:4d:f7:71:86:d6:d2:d5:d2:c2:
                    cc:03:10:35:df:38:56:a2:06:24:8a:87:88:8b:c9:
                    18:6c:8d:24:19:a7:cc:32:50:bf:1b:81:7a:c8:99:
                    2f:69:6d:c0:ff:12:9d:f3:a3:d4:7c:3e:78:7c:ea:
                    18:7e:e7:3d:0b:6d:c3:40:f7:dc:7f:57:d9:92:36:
                    5b:3d:77:e5:b1:9d:30:c2:4c:91:de:b1:20:67:cc:
                    e3:10:a1:e5:91:04:53:60:64:60:02:7c:ce:02:03:
                    80:3f:4f:43:bf:eb:08:11:bb:4e:ee:ee:59:a2:90:
                    c5:a8:cc:d3:62:dd:30:c4:78:cd:f5:24:45:4c:cf:
                    a7:6b:24:a9:82:59:87:79:89:26:1b:60:27:a8:a6:
                    c4:66:5e:b4:87:f5:48:d7:38:ce:32:a3:74:c2:1b:
                    17:8b:71:cb:0d:ad:07:f0:b7:65:11:e2:ad:d5:2e:
                    79:d9:25:0b:c6:5c:5c:15:c3:b2:39:22:ce:2e:a1:
                    ec:14:5c:81:e0:3a:c5:da:33:79:e7:c9:7c:b5:24:
                    ab:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:3B:56:FA:CA:AC:C0:D6:F9:16:69:DC:5D:99:0F:11:47:A7:D1:17
            X509v3 Authority Key Identifier:
                keyid:59:B4:B5:EB:C1:95:0B:7F:D5:2B:09:79:4C:C5:36:92:AB:B7:F2:30

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/828DED2581B8EA4737C44ABDE8284F735073DE3038C2D8F8C618511FCCACE522/0/59B4B5EBC1950B7FD52B09794CC53692ABB7F230.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/59B4B5EBC1950B7FD52B09794CC53692ABB7F230.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/828DED2581B8EA4737C44ABDE8284F735073DE3038C2D8F8C618511FCCACE522/0/3133312e37322e32382e302f32322d3232203d3e203531323032.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.72.28.0/22

    Signature Algorithm: sha256WithRSAEncryption
         72:07:a4:67:69:bb:68:20:c7:06:2f:96:7d:22:94:67:37:66:
         78:1b:2a:12:bc:30:38:57:e6:a4:4b:66:ca:61:40:d2:7b:41:
         c1:94:0d:99:5b:28:28:de:ee:8f:48:7c:0e:69:af:86:b1:ab:
         93:aa:e9:c2:d3:78:eb:8d:5c:bb:c0:ad:22:49:99:67:c6:78:
         ab:72:92:59:0a:22:34:28:fe:80:8a:06:3c:01:27:81:58:ce:
         4c:96:6d:be:3b:95:80:b9:95:0a:29:23:62:84:19:06:80:06:
         85:4c:14:79:c8:09:2c:8b:49:5c:56:34:86:93:d6:9b:c5:67:
         1a:81:4b:92:0f:ae:4d:c0:56:1e:10:ad:8b:a2:37:e6:10:fa:
         b1:74:8c:e9:d9:74:16:79:a7:9e:1c:34:40:79:97:3e:19:39:
         22:37:9c:45:0f:0c:6d:d3:72:ea:a5:02:eb:c7:55:b3:64:ff:
         4d:61:b6:fb:04:bd:8a:06:3c:90:61:60:b8:16:b7:a0:91:ef:
         b3:9d:45:58:b1:66:59:d2:dc:d0:79:3c:e4:36:32:c9:a6:6b:
         5a:fc:d4:c6:40:57:a3:7d:56:da:9d:ac:95:78:8a:b6:67:7c:
         be:bf:aa:2c:ff:e6:01:f2:95:90:bd:9a:35:11:b2:82:6c:c2:
         c6:f4:97:f6
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUahpoF+iUuyzGNEOiUpvG5gP7IR4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTlCNEI1RUJDMTk1MEI3RkQ1MkIwOTc5NENDNTM2OTJB
QkI3RjIzMDAeFw0yNDA3MDcyMjIwMDBaFw0yNTA3MDYyMjI1MDBaMDMxMTAvBgNV
BAMTKDlBM0I1NkZBQ0FBQ0MwRDZGOTE2NjlEQzVEOTkwRjExNDdBN0QxMTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2DM6MUxUXfCVVSMTvng8/05Ko
p3biXO0+ak+PrK4+w4Ip9D2oU42AOJ1h2Hi9PT7YgU33cYbW0tXSwswDEDXfOFai
BiSKh4iLyRhsjSQZp8wyUL8bgXrImS9pbcD/Ep3zo9R8Pnh86hh+5z0LbcNA99x/
V9mSNls9d+WxnTDCTJHesSBnzOMQoeWRBFNgZGACfM4CA4A/T0O/6wgRu07u7lmi
kMWozNNi3TDEeM31JEVMz6drJKmCWYd5iSYbYCeopsRmXrSH9UjXOM4yo3TCGxeL
ccsNrQfwt2UR4q3VLnnZJQvGXFwVw7I5Is4uoewUXIHgOsXaM3nnyXy1JKsRAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUmjtW+sqswNb5FmncXZkPEUen0RcwHwYDVR0j
BBgwFoAUWbS168GVC3/VKwl5TMU2kqu38jAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84MjhERUQyNTgxQjhFQTQ3MzdDNDRBQkRFODI4NEY3MzUw
NzNERTMwMzhDMkQ4RjhDNjE4NTExRkNDQUNFNTIyLzAvNTlCNEI1RUJDMTk1MEI3
RkQ1MkIwOTc5NENDNTM2OTJBQkI3RjIzMC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC81OUI0QjVFQkMxOTUwQjdGRDUy
QjA5Nzk0Q0M1MzY5MkFCQjdGMjMwLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvODI4REVEMjU4MUI4RUE0NzM3QzQ0QUJERTgyODRGNzM1MDczREUzMDM4
QzJEOEY4QzYxODUxMUZDQ0FDRTUyMi8wLzMxMzMzMTJlMzczMjJlMzIzODJlMzAy
ZjMyMzIyZDMyMzIyMDNkM2UyMDM1MzEzMjMwMzIucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKDSBwwDQYJ
KoZIhvcNAQELBQADggEBAHIHpGdpu2ggxwYvln0ilGc3ZngbKhK8MDhX5qRLZsph
QNJ7QcGUDZlbKCje7o9IfA5pr4axq5Oq6cLTeOuNXLvArSJJmWfGeKtyklkKIjQo
/oCKBjwBJ4FYzkyWbb47lYC5lQopI2KEGQaABoVMFHnICSyLSVxWNIaT1pvFZxqB
S5IPrk3AVh4QrYuiN+YQ+rF0jOnZdBZ5p54cNEB5lz4ZOSI3nEUPDG3TcuqlAuvH
VbNk/01htvsEvYoGPJBhYLgWt6CR77OdRVixZlnS3NB5POQ2Msmma1r81MZAV6N9
VtqdrJV4irZnfL6/qiz/5gHylZC9mjURsoJswsb0l/Y=
-----END CERTIFICATE-----
Generated at Mon Jul 8 02:44:19 2024 by rpki-client on console-fra.rpki-client.org