Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/828DED2581B8EA4737C44ABDE8284F735073DE3038C2D8F8C618511FCCACE522/0/3133312e37322e32382e302f32322d3232203d3e203532333339.roa
File:                     3133312e37322e32382e302f32322d3232203d3e203532333339.roa (raw, json)
Hash identifier:          3l7qnY36GJr1u2KyZtSH0weBjVuhpLidtUy6F5qDuS0=
Subject key identifier:   A8:BA:3E:4B:40:DD:D1:C5:7E:D8:B2:11:F8:5A:86:3E:52:46:63:B3
Certificate issuer:       /CN=59B4B5EBC1950B7FD52B09794CC53692ABB7F230
Certificate serial:       1E63D71002C960705879E55C00CEC9FDD353480C
Authority key identifier: 59:B4:B5:EB:C1:95:0B:7F:D5:2B:09:79:4C:C5:36:92:AB:B7:F2:30
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/59B4B5EBC1950B7FD52B09794CC53692ABB7F230.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/828DED2581B8EA4737C44ABDE8284F735073DE3038C2D8F8C618511FCCACE522/0/3133312e37322e32382e302f32322d3232203d3e203532333339.roa
Signing time:             Tue 05 Mar 2024 17:49:18 +0000
ROA not before:           Tue 05 Mar 2024 17:44:18 +0000
ROA not after:            Tue 04 Mar 2025 17:49:18 +0000
asID:                     52339
IP address blocks:        131.72.28.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Sun 07 Jul 2024 01:15:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1e:63:d7:10:02:c9:60:70:58:79:e5:5c:00:ce:c9:fd:d3:53:48:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=59B4B5EBC1950B7FD52B09794CC53692ABB7F230
        Validity
            Not Before: Mar  5 17:44:18 2024 GMT
            Not After : Mar  4 17:49:18 2025 GMT
        Subject: CN=A8BA3E4B40DDD1C57ED8B211F85A863E524663B3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:76:b8:94:6a:f2:0b:a5:a1:df:9a:5b:74:fa:
                    3c:ee:35:53:4d:5c:b4:b8:9b:a6:89:6c:f3:48:3a:
                    98:cb:64:89:75:ce:36:14:e6:90:9b:46:4a:75:47:
                    11:c1:7a:8b:38:08:e7:3a:93:f3:78:f4:52:a8:bd:
                    cb:c1:2c:c0:30:9f:f9:9f:8e:5e:45:4e:6f:c5:de:
                    e8:a3:08:b5:c5:cb:33:7b:4b:63:c9:31:2f:f3:76:
                    4d:05:41:c0:66:84:db:f3:34:d4:31:19:f5:fb:8c:
                    26:cb:b7:26:86:fc:42:9f:90:bb:c0:b5:69:08:a1:
                    b1:55:bb:f7:1d:16:b7:3c:15:5c:cd:2c:9f:46:e8:
                    66:28:50:80:f4:44:ee:36:2d:6d:72:60:f2:34:45:
                    0b:17:2a:39:ce:cc:7f:62:48:12:d3:73:d3:12:07:
                    21:4b:02:bb:38:55:0f:4e:4a:f9:48:77:a5:86:1c:
                    ea:1a:76:32:d3:c1:8f:6c:06:f2:41:c5:a3:71:9d:
                    46:46:0b:56:58:b5:86:b1:f1:40:11:68:50:fc:56:
                    66:68:44:05:b9:6a:44:13:3e:e7:9f:4e:9a:09:c1:
                    47:e6:8e:5b:87:47:2d:2b:17:f7:cc:fc:6d:7c:94:
                    d5:a0:c9:e5:4d:8e:03:d3:8d:b4:a4:94:d6:05:5a:
                    a3:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:BA:3E:4B:40:DD:D1:C5:7E:D8:B2:11:F8:5A:86:3E:52:46:63:B3
            X509v3 Authority Key Identifier:
                keyid:59:B4:B5:EB:C1:95:0B:7F:D5:2B:09:79:4C:C5:36:92:AB:B7:F2:30

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/828DED2581B8EA4737C44ABDE8284F735073DE3038C2D8F8C618511FCCACE522/0/59B4B5EBC1950B7FD52B09794CC53692ABB7F230.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/59B4B5EBC1950B7FD52B09794CC53692ABB7F230.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/828DED2581B8EA4737C44ABDE8284F735073DE3038C2D8F8C618511FCCACE522/0/3133312e37322e32382e302f32322d3232203d3e203532333339.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.72.28.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a9:6b:1c:69:c5:25:b0:3f:42:c4:4d:3f:c7:86:23:18:17:61:
         eb:f8:43:8f:e8:46:21:1a:68:f6:1b:db:d1:aa:d1:bf:f7:7a:
         b7:52:d8:c3:22:ba:58:23:c2:ff:2c:15:6f:04:0c:64:49:f1:
         bd:42:d2:5f:71:c2:03:67:61:60:4c:a2:89:a7:4d:7b:cf:b1:
         79:28:ee:83:32:a5:49:bf:43:ad:32:c6:55:23:f6:24:27:45:
         b9:75:8d:b7:ad:34:00:60:a4:71:26:15:94:11:23:73:05:ac:
         63:1c:d0:bd:a0:c1:a9:59:c3:7f:bd:d3:70:1b:07:e4:39:ed:
         b0:bf:ad:07:b9:fa:48:9d:1a:6d:c7:1f:fa:09:38:00:55:f0:
         ba:81:28:0e:d9:57:23:87:5f:6f:48:d0:54:83:6a:57:4d:30:
         f3:98:7d:47:ca:a0:cb:d1:a8:b0:7a:0a:b9:40:31:64:aa:bc:
         6b:c7:ab:88:d8:6b:aa:12:1d:df:30:37:ad:d3:a8:d2:a7:a0:
         60:b4:00:cf:79:3d:88:8d:5c:43:a1:88:20:63:b0:88:84:d7:
         e7:e9:f8:57:36:70:39:6a:96:b9:3c:6f:7b:d9:ec:6e:5f:ec:
         ef:f3:5c:32:57:87:d9:49:f1:e3:6f:46:00:86:03:54:05:39:
         ca:04:43:f7
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUHmPXEALJYHBYeeVcAM7J/dNTSAwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTlCNEI1RUJDMTk1MEI3RkQ1MkIwOTc5NENDNTM2OTJB
QkI3RjIzMDAeFw0yNDAzMDUxNzQ0MThaFw0yNTAzMDQxNzQ5MThaMDMxMTAvBgNV
BAMTKEE4QkEzRTRCNDBEREQxQzU3RUQ4QjIxMUY4NUE4NjNFNTI0NjYzQjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8driUavILpaHfmlt0+jzuNVNN
XLS4m6aJbPNIOpjLZIl1zjYU5pCbRkp1RxHBeos4COc6k/N49FKovcvBLMAwn/mf
jl5FTm/F3uijCLXFyzN7S2PJMS/zdk0FQcBmhNvzNNQxGfX7jCbLtyaG/EKfkLvA
tWkIobFVu/cdFrc8FVzNLJ9G6GYoUID0RO42LW1yYPI0RQsXKjnOzH9iSBLTc9MS
ByFLArs4VQ9OSvlId6WGHOoadjLTwY9sBvJBxaNxnUZGC1ZYtYax8UARaFD8VmZo
RAW5akQTPuefTpoJwUfmjluHRy0rF/fM/G18lNWgyeVNjgPTjbSklNYFWqOhAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUqLo+S0Dd0cV+2LIR+FqGPlJGY7MwHwYDVR0j
BBgwFoAUWbS168GVC3/VKwl5TMU2kqu38jAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84MjhERUQyNTgxQjhFQTQ3MzdDNDRBQkRFODI4NEY3MzUw
NzNERTMwMzhDMkQ4RjhDNjE4NTExRkNDQUNFNTIyLzAvNTlCNEI1RUJDMTk1MEI3
RkQ1MkIwOTc5NENDNTM2OTJBQkI3RjIzMC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC81OUI0QjVFQkMxOTUwQjdGRDUy
QjA5Nzk0Q0M1MzY5MkFCQjdGMjMwLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvODI4REVEMjU4MUI4RUE0NzM3QzQ0QUJERTgyODRGNzM1MDczREUzMDM4
QzJEOEY4QzYxODUxMUZDQ0FDRTUyMi8wLzMxMzMzMTJlMzczMjJlMzIzODJlMzAy
ZjMyMzIyZDMyMzIyMDNkM2UyMDM1MzIzMzMzMzkucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKDSBwwDQYJ
KoZIhvcNAQELBQADggEBAKlrHGnFJbA/QsRNP8eGIxgXYev4Q4/oRiEaaPYb29Gq
0b/3erdS2MMiulgjwv8sFW8EDGRJ8b1C0l9xwgNnYWBMoomnTXvPsXko7oMypUm/
Q60yxlUj9iQnRbl1jbetNABgpHEmFZQRI3MFrGMc0L2gwalZw3+903AbB+Q57bC/
rQe5+kidGm3HH/oJOABV8LqBKA7ZVyOHX29I0FSDaldNMPOYfUfKoMvRqLB6CrlA
MWSqvGvHq4jYa6oSHd8wN63TqNKnoGC0AM95PYiNXEOhiCBjsIiE1+fp+Fc2cDlq
lrk8b3vZ7G5f7O/zXDJXh9lJ8eNvRgCGA1QFOcoEQ/c=
-----END CERTIFICATE-----
Generated at Sun Jul 7 03:23:47 2024 by rpki-client on console-fra.rpki-client.org