Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/91f0feda-4e2a-41b7-bf51-e657a5264035/d591a2f51ae2115a53882649d62d6d8b822e77ca.roa
File:                     d591a2f51ae2115a53882649d62d6d8b822e77ca.roa (raw, json)
Hash identifier:          vVXPB1eaUkw6bD78AUTNCJnCTKKTfwrwo7lw+27BNIs=
Subject key identifier:   2F:B7:80:66:9C:DF:E1:84:63:AD:B4:4B:5E:14:91:FA:00:39:B9:20
Certificate issuer:       /CN=d22cc49db918d10383d16f3a1f83aa1e2a5567b7
Certificate serial:       1DB321
Authority key identifier: CA:B2:DD:CB:EA:02:99:21:D9:53:0C:A6:A2:68:5C:12:F4:57:57:1A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d22cc49db918d10383d16f3a1f83aa1e2a5567b7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/91f0feda-4e2a-41b7-bf51-e657a5264035/d591a2f51ae2115a53882649d62d6d8b822e77ca.roa
Signing time:             Mon 30 Jan 2023 13:35:25 +0000
ROA not before:           Sun 29 Jan 2023 13:35:12 +0000
ROA not after:            Thu 30 Jan 2025 13:35:12 +0000
asID:                     27882
IP address blocks:        177.222.50.0/24 maxlen: 24
                          2800:320:40a::/47 maxlen: 48
                          2800:320:40c::/48 maxlen: 48
                          2800:320:140b::/48 maxlen: 48
                          2800:320:840a::/47 maxlen: 48
                          2800:320:840e::/47 maxlen: 48
                          2800:320:8412::/48 maxlen: 48
                          2800:320:8414::/47 maxlen: 48

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1946401 (0x1db321)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d22cc49db918d10383d16f3a1f83aa1e2a5567b7
        Validity
            Not Before: Jan 29 13:35:12 2023 GMT
            Not After : Jan 30 13:35:12 2025 GMT
        Subject: CN=d591a2f51ae2115a53882649d62d6d8b822e77ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:d5:07:46:4e:c9:bc:f4:c5:af:73:ed:c9:42:
                    16:12:05:85:2a:1a:b4:0e:fe:e7:7b:04:b5:d7:da:
                    95:64:a6:f4:e5:67:e8:b7:ee:8e:65:45:ec:a6:b9:
                    23:c9:5f:22:2e:87:ce:96:b5:4e:77:fd:fd:9d:fc:
                    45:86:72:ba:f8:72:6b:28:f1:3c:e2:8e:93:7a:6e:
                    5d:7f:b7:bb:5f:04:dd:1d:38:7e:5a:ff:bc:c2:9e:
                    0a:bf:40:30:b1:8a:ec:a8:40:12:f4:98:60:31:85:
                    da:bc:c9:96:4f:69:21:a6:47:63:6f:f3:3f:de:5d:
                    34:8f:05:1e:75:d6:36:2d:4b:51:bd:76:9c:65:2f:
                    e4:86:87:1b:97:c0:ac:ef:fb:91:51:86:8b:a8:79:
                    ca:9b:58:4d:39:24:b3:b7:79:10:35:78:64:76:fc:
                    ff:ec:1b:a3:4b:5b:fc:55:20:cc:e5:4f:31:21:e2:
                    bf:1a:cb:94:86:ce:84:18:4e:a8:c4:29:ce:9f:ea:
                    6f:97:0b:12:46:8f:48:d0:e6:66:d9:5c:38:38:ce:
                    3a:0f:42:d3:62:d0:a6:92:af:04:38:87:aa:10:86:
                    d4:a3:42:9a:e3:f5:64:3f:1a:0b:e2:ce:b8:f0:5c:
                    33:8b:69:30:3b:bd:e4:85:18:a5:b6:33:7a:54:9a:
                    ce:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:B7:80:66:9C:DF:E1:84:63:AD:B4:4B:5E:14:91:FA:00:39:B9:20
            X509v3 Authority Key Identifier:
                keyid:CA:B2:DD:CB:EA:02:99:21:D9:53:0C:A6:A2:68:5C:12:F4:57:57:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d22cc49db918d10383d16f3a1f83aa1e2a5567b7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/91f0feda-4e2a-41b7-bf51-e657a5264035/d591a2f51ae2115a53882649d62d6d8b822e77ca.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/91f0feda-4e2a-41b7-bf51-e657a5264035/d22cc49db918d10383d16f3a1f83aa1e2a5567b7.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  177.222.50.0/24
                IPv6:
                  2800:320:40a::-2800:320:40c:ffff:ffff:ffff:ffff:ffff
                  2800:320:140b::/48
                  2800:320:840a::/47
                  2800:320:840e::/47
                  2800:320:8412::/48
                  2800:320:8414::/47

    Signature Algorithm: sha256WithRSAEncryption
         24:7e:99:2d:96:06:bd:f0:d6:a5:24:b3:aa:f6:ae:9d:a5:5b:
         ae:a5:4b:a2:f4:63:a7:2a:b7:84:cc:bd:4f:12:a4:94:67:e2:
         b8:8e:01:fa:34:92:db:4d:b7:cd:d2:e2:d8:83:93:4b:77:d1:
         8e:41:3f:b1:90:16:21:c5:3f:2c:94:c1:78:2f:b9:a3:00:31:
         c5:a5:5a:51:f1:3a:15:c6:fd:c8:fd:e2:ac:4b:90:cc:8d:3c:
         8e:67:05:6c:b4:41:5a:f8:f9:b0:6f:bd:cb:d0:ca:b4:34:e2:
         98:4e:48:17:dc:62:a6:1f:ba:49:fb:fb:61:f2:14:06:85:4d:
         b5:11:4e:64:c8:e3:0b:d5:ca:f2:c5:77:f8:ef:42:ce:a7:e4:
         6c:83:78:b1:c3:59:d4:83:8b:64:92:27:4e:7d:aa:ec:de:ed:
         35:22:7d:60:c9:de:4b:e4:d2:90:63:55:56:b6:63:90:3c:90:
         a0:d6:be:8b:da:83:59:80:e4:48:ee:5d:c3:02:83:f0:88:78:
         1d:c5:53:cf:c5:ac:46:d3:45:7e:ca:47:0b:57:c9:7e:6e:7f:
         78:6e:9e:de:13:f6:b6:64:0b:a6:c6:5e:1f:d9:b9:cf:8b:73:
         ee:1d:03:36:45:f7:30:59:df:91:74:b0:24:63:74:38:7a:93:
         61:a5:49:5f
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDHbMhMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQy
MmNjNDlkYjkxOGQxMDM4M2QxNmYzYTFmODNhYTFlMmE1NTY3YjcwHhcNMjMwMTI5
MTMzNTEyWhcNMjUwMTMwMTMzNTEyWjAzMTEwLwYDVQQDEyhkNTkxYTJmNTFhZTIx
MTVhNTM4ODI2NDlkNjJkNmQ4YjgyMmU3N2NhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuNUHRk7JvPTFr3PtyUIWEgWFKhq0Dv7newS119qVZKb05Wfo
t+6OZUXsprkjyV8iLofOlrVOd/39nfxFhnK6+HJrKPE84o6Tem5df7e7XwTdHTh+
Wv+8wp4Kv0AwsYrsqEAS9JhgMYXavMmWT2khpkdjb/M/3l00jwUeddY2LUtRvXac
ZS/khocbl8Cs7/uRUYaLqHnKm1hNOSSzt3kQNXhkdvz/7BujS1v8VSDM5U8xIeK/
GsuUhs6EGE6oxCnOn+pvlwsSRo9I0OZm2Vw4OM46D0LTYtCmkq8EOIeqEIbUo0Ka
4/VkPxoL4s648Fwzi2kwO73khRiltjN6VJrOMwIDAQABo4ICpDCCAqAwHQYDVR0O
BBYEFC+3gGac3+GEY620S14UkfoAObkgMB8GA1UdIwQYMBaAFMqy3cvqApkh2VMM
pqJoXBL0V1caMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZDIyY2M0
OWRiOTE4ZDEwMzgzZDE2ZjNhMWY4M2FhMWUyYTU1NjdiNy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOTFmMGZlZGEtNGUyYS00MWI3LWJmNTEtZTY1N2E1
MjY0MDM1L2Q1OTFhMmY1MWFlMjExNWE1Mzg4MjY0OWQ2MmQ2ZDhiODIyZTc3Y2Eu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85MWYwZmVkYS00ZTJhLTQxYjctYmY1MS1lNjU3
YTUyNjQwMzUvZDIyY2M0OWRiOTE4ZDEwMzgzZDE2ZjNhMWY4M2FhMWUyYTU1Njdi
Ny5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBoBggrBgEFBQcBBwEB/wRZ
MFcwDAQCAAEwBgMEALHeMjBHBAIAAjBBMBIDBwEoAAMgBAoDBwAoAAMgBAwDBwAo
AAMgFAsDBwEoAAMghAoDBwEoAAMghA4DBwAoAAMghBIDBwEoAAMghBQwDQYJKoZI
hvcNAQELBQADggEBACR+mS2WBr3w1qUks6r2rp2lW66lS6L0Y6cqt4TMvU8SpJRn
4riOAfo0kttNt83S4tiDk0t30Y5BP7GQFiHFPyyUwXgvuaMAMcWlWlHxOhXG/cj9
4qxLkMyNPI5nBWy0QVr4+bBvvcvQyrQ04phOSBfcYqYfukn7+2HyFAaFTbURTmTI
4wvVyvLFd/jvQs6n5GyDeLHDWdSDi2SSJ059quze7TUifWDJ3kvk0pBjVVa2Y5A8
kKDWvovag1mA5EjuXcMCg/CIeB3FU8/FrEbTRX7KRwtXyX5uf3hunt4T9rZkC6bG
Xh/Zuc+Lc+4dAzZF9zBZ35F0sCRjdDh6k2GlSV8=
-----END CERTIFICATE-----