Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/86FC589D7E403528717A3E02F14EB7F36D3F41553527658FEBACA0AF860CA720/0/323830363a3333633a3a2f33322d3332203d3e20323635353837.roa
File:                     323830363a3333633a3a2f33322d3332203d3e20323635353837.roa (raw, json)
Hash identifier:          RwcHsb9lJaNLEYChtVXMHgEl6nR6C77RFLU3gGWKy+Y=
Subject key identifier:   89:1D:75:D4:FD:85:17:FF:CF:02:02:4B:61:40:67:F7:29:6E:42:41
Certificate issuer:       /CN=84B85E7C8440D8BCDD3888C76D6D297CB010C64E
Certificate serial:       3FEB30EFF84D13E31DE1EEDDB85EF66486408E2B
Authority key identifier: 84:B8:5E:7C:84:40:D8:BC:DD:38:88:C7:6D:6D:29:7C:B0:10:C6:4E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/84B85E7C8440D8BCDD3888C76D6D297CB010C64E.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/86FC589D7E403528717A3E02F14EB7F36D3F41553527658FEBACA0AF860CA720/0/323830363a3333633a3a2f33322d3332203d3e20323635353837.roa
Signing time:             Tue 04 Feb 2025 18:04:49 +0000
ROA not before:           Tue 04 Feb 2025 17:59:49 +0000
ROA not after:            Tue 03 Feb 2026 18:04:49 +0000
asID:                     265587
IP address blocks:        2806:33c::/32 maxlen: 32
Validation:               Failed, certificate revoked on Wed 28 May 2025 04:20:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:eb:30:ef:f8:4d:13:e3:1d:e1:ee:dd:b8:5e:f6:64:86:40:8e:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84B85E7C8440D8BCDD3888C76D6D297CB010C64E
        Validity
            Not Before: Feb  4 17:59:49 2025 GMT
            Not After : Feb  3 18:04:49 2026 GMT
        Subject: CN=891D75D4FD8517FFCF02024B614067F7296E4241
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:0b:88:55:fb:d0:85:8b:ef:e0:e7:a9:ce:f6:
                    a9:3a:dc:d9:1e:0a:ce:a4:a0:5a:d5:03:14:e7:dc:
                    3f:99:38:61:79:62:86:b4:19:f1:b6:cf:73:85:65:
                    4c:2d:22:a9:4b:46:6a:aa:cc:9e:11:6f:28:44:3e:
                    df:74:02:f2:2c:3b:1f:2f:3e:3a:72:88:52:1b:2a:
                    3b:7c:b8:05:5e:27:8b:c8:df:4f:d2:85:1d:60:9c:
                    a2:29:d6:cd:9d:b0:31:3b:0a:9c:ad:09:d7:08:3d:
                    52:30:28:5c:3f:a6:bb:5a:8b:d4:d8:5e:d7:ca:45:
                    6a:1d:dd:46:d6:bc:0a:6a:2c:5a:0e:0a:12:13:c3:
                    37:02:2b:94:e3:ad:ab:ed:13:2b:b4:6e:93:5e:5d:
                    38:c4:b6:9d:c3:68:49:1b:c6:ee:89:29:a5:6f:ae:
                    4f:fb:e6:b6:a0:11:ac:a7:e6:08:ac:83:58:d1:c6:
                    80:1c:51:ec:c1:6d:b6:ae:10:5f:74:da:cb:19:a2:
                    eb:0d:19:5f:67:7e:71:ba:28:16:4d:dd:24:9a:ae:
                    46:31:6c:2b:98:63:19:86:dc:8d:21:ce:c6:d9:e2:
                    ae:01:8a:8c:af:13:91:71:24:46:85:ee:63:d6:5c:
                    b3:12:59:0b:c1:5e:53:ed:87:81:c7:f2:3e:1e:66:
                    22:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:1D:75:D4:FD:85:17:FF:CF:02:02:4B:61:40:67:F7:29:6E:42:41
            X509v3 Authority Key Identifier:
                keyid:84:B8:5E:7C:84:40:D8:BC:DD:38:88:C7:6D:6D:29:7C:B0:10:C6:4E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/86FC589D7E403528717A3E02F14EB7F36D3F41553527658FEBACA0AF860CA720/0/84B85E7C8440D8BCDD3888C76D6D297CB010C64E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/84B85E7C8440D8BCDD3888C76D6D297CB010C64E.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/86FC589D7E403528717A3E02F14EB7F36D3F41553527658FEBACA0AF860CA720/0/323830363a3333633a3a2f33322d3332203d3e20323635353837.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2806:33c::/32

    Signature Algorithm: sha256WithRSAEncryption
         93:8a:6f:9e:c3:8d:cc:3b:8d:5f:8a:de:72:ef:f4:62:1b:0d:
         8e:cb:38:bb:71:b2:f9:70:22:c8:4a:a5:53:e7:6c:25:a1:39:
         e1:f2:70:11:69:15:e6:77:a5:1f:7b:fa:2d:d3:8e:d3:79:18:
         cc:ff:0c:0b:46:a4:3b:bf:d1:4c:0f:d6:0e:48:04:63:a0:c1:
         1e:8c:f5:54:79:21:ce:c7:92:5f:d3:7a:aa:22:4d:a2:d0:36:
         13:ba:e2:67:84:a3:97:5d:d3:59:16:6e:77:1c:0a:d5:9b:a0:
         c4:0f:de:55:41:f1:d7:6d:77:92:59:0d:ee:82:97:c1:5f:40:
         0d:a0:47:3a:13:01:9b:0c:b5:9f:0b:46:40:d5:81:5e:b3:2d:
         97:5e:f2:af:2d:23:24:c4:db:10:6c:3b:a6:ab:64:8c:5c:22:
         80:fa:43:ea:5e:7a:aa:39:25:9e:91:49:4d:48:d9:04:7d:3b:
         bc:8a:77:b1:f1:c8:4c:d5:4a:69:64:93:df:38:a3:0b:e8:aa:
         02:6d:28:97:d0:16:9e:36:71:3c:67:9a:7b:fd:d8:bd:97:d7:
         6f:d8:25:fc:cb:c6:08:81:81:94:5a:3a:92:ea:4e:87:48:c3:
         0a:a2:4d:c2:de:68:58:5b:bb:f0:ef:ff:18:7f:05:68:c3:44:
         c9:f4:0f:9f
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUP+sw7/hNE+Md4e7duF72ZIZAjiswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODRCODVFN0M4NDQwRDhCQ0REMzg4OEM3NkQ2RDI5N0NC
MDEwQzY0RTAeFw0yNTAyMDQxNzU5NDlaFw0yNjAyMDMxODA0NDlaMDMxMTAvBgNV
BAMTKDg5MUQ3NUQ0RkQ4NTE3RkZDRjAyMDI0QjYxNDA2N0Y3Mjk2RTQyNDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpC4hV+9CFi+/g56nO9qk63Nke
Cs6koFrVAxTn3D+ZOGF5Yoa0GfG2z3OFZUwtIqlLRmqqzJ4RbyhEPt90AvIsOx8v
PjpyiFIbKjt8uAVeJ4vI30/ShR1gnKIp1s2dsDE7CpytCdcIPVIwKFw/prtai9TY
XtfKRWod3UbWvApqLFoOChITwzcCK5TjravtEyu0bpNeXTjEtp3DaEkbxu6JKaVv
rk/75ragEayn5gisg1jRxoAcUezBbbauEF902ssZousNGV9nfnG6KBZN3SSarkYx
bCuYYxmG3I0hzsbZ4q4BioyvE5FxJEaF7mPWXLMSWQvBXlPth4HH8j4eZiK/AgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUiR111P2FF//PAgJLYUBn9yluQkEwHwYDVR0j
BBgwFoAUhLhefIRA2LzdOIjHbW0pfLAQxk4wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84NkZDNTg5RDdFNDAzNTI4NzE3QTNFMDJGMTRFQjdGMzZE
M0Y0MTU1MzUyNzY1OEZFQkFDQTBBRjg2MENBNzIwLzAvODRCODVFN0M4NDQwRDhC
Q0REMzg4OEM3NkQ2RDI5N0NCMDEwQzY0RS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84NEI4NUU3Qzg0NDBEOEJDREQz
ODg4Qzc2RDZEMjk3Q0IwMTBDNjRFLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvODZGQzU4OUQ3RTQwMzUyODcxN0EzRTAyRjE0RUI3RjM2RDNGNDE1NTM1
Mjc2NThGRUJBQ0EwQUY4NjBDQTcyMC8wLzMyMzgzMDM2M2EzMzMzNjMzYTNhMmYz
MzMyMmQzMzMyMjAzZDNlMjAzMjM2MzUzNTM4Mzcucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoBgM8MA0G
CSqGSIb3DQEBCwUAA4IBAQCTim+ew43MO41fit5y7/RiGw2Oyzi7cbL5cCLISqVT
52wloTnh8nARaRXmd6Ufe/ot047TeRjM/wwLRqQ7v9FMD9YOSARjoMEejPVUeSHO
x5Jf03qqIk2i0DYTuuJnhKOXXdNZFm53HArVm6DED95VQfHXbXeSWQ3ugpfBX0AN
oEc6EwGbDLWfC0ZA1YFesy2XXvKvLSMkxNsQbDumq2SMXCKA+kPqXnqqOSWekUlN
SNkEfTu8inex8chM1UppZJPfOKML6KoCbSiX0BaeNnE8Z5p7/di9l9dv2CX8y8YI
gYGUWjqS6k6HSMMKok3C3mhYW7vw7/8YfwVow0TJ9A+f
-----END CERTIFICATE-----