Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/8C3A490791936DF2A05C8D25B1E739EA9415294B2F093AFA2C74607661B533FA/0/34352e3233342e33322e302f32322d3234203d3e20323636373639.roa
File:                     34352e3233342e33322e302f32322d3234203d3e20323636373639.roa (raw, json)
Hash identifier:          ol3mB/0JV9EoS4fzePl1LbYFtYPhJ8LDudVD0BmggSc=
Subject key identifier:   07:6A:F9:F2:96:30:3F:B8:17:FD:9B:14:A7:CE:71:70:73:F0:05:EC
Certificate issuer:       /CN=1F892BE2BF480CEC044B44BE95FB21F16BB4734C
Certificate serial:       14AF6128B17E12AB1C63F79BF81DF158CBB53933
Authority key identifier: 1F:89:2B:E2:BF:48:0C:EC:04:4B:44:BE:95:FB:21:F1:6B:B4:73:4C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1F892BE2BF480CEC044B44BE95FB21F16BB4734C.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/8C3A490791936DF2A05C8D25B1E739EA9415294B2F093AFA2C74607661B533FA/0/34352e3233342e33322e302f32322d3234203d3e20323636373639.roa
Signing time:             Tue 05 Mar 2024 18:18:33 +0000
ROA not before:           Tue 05 Mar 2024 18:13:33 +0000
ROA not after:            Tue 04 Mar 2025 18:18:33 +0000
asID:                     266769
IP address blocks:        45.234.32.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Thu 14 Nov 2024 15:55:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:af:61:28:b1:7e:12:ab:1c:63:f7:9b:f8:1d:f1:58:cb:b5:39:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1F892BE2BF480CEC044B44BE95FB21F16BB4734C
        Validity
            Not Before: Mar  5 18:13:33 2024 GMT
            Not After : Mar  4 18:18:33 2025 GMT
        Subject: CN=076AF9F296303FB817FD9B14A7CE717073F005EC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:71:e2:e9:40:00:53:21:e9:76:21:2f:b3:f0:
                    42:ee:91:95:86:93:eb:87:2d:3c:80:0d:f9:6a:f3:
                    ca:2d:50:d1:c4:24:91:79:55:c3:6b:ea:bc:72:fb:
                    20:da:0b:59:71:00:a2:0c:e8:66:fa:0e:8b:76:3d:
                    81:68:35:d7:14:ae:85:85:0f:c2:96:97:25:81:75:
                    dd:a1:f4:a5:e0:77:22:84:db:19:c6:84:4d:80:22:
                    e3:86:fb:f9:8d:9f:d4:bd:33:e6:fe:40:f0:29:7a:
                    e3:4a:c3:9b:a7:da:e3:be:d8:7b:a3:4d:a2:17:ba:
                    21:7b:93:64:77:74:7f:de:d5:b7:36:78:cc:e0:1b:
                    71:18:84:ac:71:60:17:18:72:ab:d3:49:a7:5e:b2:
                    a9:b4:76:41:52:3d:be:1a:58:8a:f1:b0:eb:c7:57:
                    8a:fc:4f:d4:f1:cf:23:88:26:a9:0c:c4:88:5f:80:
                    32:f2:a4:8a:a3:ef:1f:05:37:ea:f5:16:97:e2:65:
                    2f:10:e3:1e:b8:83:d2:8f:2a:cc:68:44:f4:46:53:
                    3c:a5:88:41:2b:b5:00:7c:f8:df:bf:c5:de:d3:f7:
                    a6:61:08:9b:aa:ff:82:d6:84:57:9d:d5:5a:9b:c0:
                    6b:d7:24:b3:c5:b4:7a:fd:ad:4c:13:89:0c:a4:1e:
                    35:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:6A:F9:F2:96:30:3F:B8:17:FD:9B:14:A7:CE:71:70:73:F0:05:EC
            X509v3 Authority Key Identifier:
                keyid:1F:89:2B:E2:BF:48:0C:EC:04:4B:44:BE:95:FB:21:F1:6B:B4:73:4C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/8C3A490791936DF2A05C8D25B1E739EA9415294B2F093AFA2C74607661B533FA/0/1F892BE2BF480CEC044B44BE95FB21F16BB4734C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1F892BE2BF480CEC044B44BE95FB21F16BB4734C.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/8C3A490791936DF2A05C8D25B1E739EA9415294B2F093AFA2C74607661B533FA/0/34352e3233342e33322e302f32322d3234203d3e20323636373639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.234.32.0/22

    Signature Algorithm: sha256WithRSAEncryption
         79:91:19:57:dd:cd:47:a4:81:04:9d:8e:83:38:3c:0b:dc:65:
         4a:e8:42:bb:db:83:ed:29:2c:cb:04:19:52:d4:68:e9:74:46:
         5d:ad:de:71:2a:bc:04:9f:be:e7:fe:b3:79:58:1e:e4:0c:d0:
         d3:1a:b8:76:0b:b4:ab:05:5c:3e:2e:d2:3a:47:4a:ef:2e:49:
         a7:a9:90:17:80:27:df:45:12:e2:92:78:7d:a0:2f:39:a3:26:
         c1:c4:c9:90:28:b6:cd:d0:3f:af:fa:48:54:51:da:e7:ef:4b:
         5e:d6:bd:85:02:d4:f3:46:9c:5e:2f:76:cd:06:9c:90:29:e8:
         88:e4:36:42:c1:90:c1:2e:42:9e:fe:f3:62:d2:fc:f9:39:39:
         97:14:12:ae:36:5b:36:9e:95:18:59:9c:e8:a5:8d:72:01:a0:
         93:da:ad:f7:f2:e8:d4:6a:ce:8d:55:84:6c:59:ed:b5:cf:74:
         12:fd:76:54:ee:4e:59:cf:2c:e5:0c:ee:82:01:d7:85:da:3b:
         db:04:17:8e:d0:d8:68:45:3f:d7:f0:d4:87:04:05:19:9e:31:
         7e:23:33:ff:b4:e7:40:e7:ee:20:79:b9:ee:37:32:f3:fb:55:
         9a:89:4f:83:91:eb:85:a8:85:70:b5:19:e8:cd:ef:51:97:d4:
         2d:03:2e:a8
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUFK9hKLF+EqscY/eb+B3xWMu1OTMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUY4OTJCRTJCRjQ4MENFQzA0NEI0NEJFOTVGQjIxRjE2
QkI0NzM0QzAeFw0yNDAzMDUxODEzMzNaFw0yNTAzMDQxODE4MzNaMDMxMTAvBgNV
BAMTKDA3NkFGOUYyOTYzMDNGQjgxN0ZEOUIxNEE3Q0U3MTcwNzNGMDA1RUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+ceLpQABTIel2IS+z8ELukZWG
k+uHLTyADflq88otUNHEJJF5VcNr6rxy+yDaC1lxAKIM6Gb6Dot2PYFoNdcUroWF
D8KWlyWBdd2h9KXgdyKE2xnGhE2AIuOG+/mNn9S9M+b+QPApeuNKw5un2uO+2Huj
TaIXuiF7k2R3dH/e1bc2eMzgG3EYhKxxYBcYcqvTSadesqm0dkFSPb4aWIrxsOvH
V4r8T9TxzyOIJqkMxIhfgDLypIqj7x8FN+r1FpfiZS8Q4x64g9KPKsxoRPRGUzyl
iEErtQB8+N+/xd7T96ZhCJuq/4LWhFed1VqbwGvXJLPFtHr9rUwTiQykHjWnAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUB2r58pYwP7gX/ZsUp85xcHPwBewwHwYDVR0j
BBgwFoAUH4kr4r9IDOwES0S+lfsh8Wu0c0wwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84QzNBNDkwNzkxOTM2REYyQTA1QzhEMjVCMUU3MzlFQTk0
MTUyOTRCMkYwOTNBRkEyQzc0NjA3NjYxQjUzM0ZBLzAvMUY4OTJCRTJCRjQ4MENF
QzA0NEI0NEJFOTVGQjIxRjE2QkI0NzM0Qy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xRjg5MkJFMkJGNDgwQ0VDMDQ0
QjQ0QkU5NUZCMjFGMTZCQjQ3MzRDLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOEMzQTQ5MDc5MTkzNkRGMkEwNUM4RDI1QjFFNzM5RUE5NDE1Mjk0QjJG
MDkzQUZBMkM3NDYwNzY2MUI1MzNGQS8wLzM0MzUyZTMyMzMzNDJlMzMzMjJlMzAy
ZjMyMzIyZDMyMzQyMDNkM2UyMDMyMzYzNjM3MzYzOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi3qIDAN
BgkqhkiG9w0BAQsFAAOCAQEAeZEZV93NR6SBBJ2Ogzg8C9xlSuhCu9uD7SksywQZ
UtRo6XRGXa3ecSq8BJ++5/6zeVge5AzQ0xq4dgu0qwVcPi7SOkdK7y5Jp6mQF4An
30US4pJ4faAvOaMmwcTJkCi2zdA/r/pIVFHa5+9LXta9hQLU80acXi92zQackCno
iOQ2QsGQwS5Cnv7zYtL8+Tk5lxQSrjZbNp6VGFmc6KWNcgGgk9qt9/Lo1GrOjVWE
bFnttc90Ev12VO5OWc8s5QzuggHXhdo72wQXjtDYaEU/1/DUhwQFGZ4xfiMz/7Tn
QOfuIHm57jcy8/tVmolPg5HrhaiFcLUZ6M3vUZfULQMuqA==
-----END CERTIFICATE-----
Generated at Thu Nov 14 20:03:53 2024 by rpki-client on console-ams.rpki-client.org