Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A3AC98FA47F74BD00F265D7632F821E02769F5D7999E920CC01F5B29CFF7A0FB/0/3139322e3134312e3137312e302f32342d3234203d3e2036343731.roa
File:                     3139322e3134312e3137312e302f32342d3234203d3e2036343731.roa (raw, json)
Hash identifier:          YgEppIS/N73ik5a9yAryh9I0fzqFbVxYjoyRfFPsRjE=
Subject key identifier:   94:12:D3:C3:05:CC:43:8A:7A:AB:67:13:D8:FD:4D:3B:7F:52:7B:1D
Certificate issuer:       /CN=42BD8D878C8243543F08F06EB92269CCF4FF46C9
Certificate serial:       0B7E058869F6EE388C4504B8D530DE3B1C077F10
Authority key identifier: 42:BD:8D:87:8C:82:43:54:3F:08:F0:6E:B9:22:69:CC:F4:FF:46:C9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/42BD8D878C8243543F08F06EB92269CCF4FF46C9.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A3AC98FA47F74BD00F265D7632F821E02769F5D7999E920CC01F5B29CFF7A0FB/0/3139322e3134312e3137312e302f32342d3234203d3e2036343731.roa
Signing time:             Tue 16 Apr 2024 15:00:01 +0000
ROA not before:           Tue 16 Apr 2024 14:55:01 +0000
ROA not after:            Tue 15 Apr 2025 15:00:01 +0000
asID:                     6471
IP address blocks:        192.141.171.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0b:7e:05:88:69:f6:ee:38:8c:45:04:b8:d5:30:de:3b:1c:07:7f:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=42BD8D878C8243543F08F06EB92269CCF4FF46C9
        Validity
            Not Before: Apr 16 14:55:01 2024 GMT
            Not After : Apr 15 15:00:01 2025 GMT
        Subject: CN=9412D3C305CC438A7AAB6713D8FD4D3B7F527B1D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:6a:93:e7:cb:00:18:a3:bd:51:b8:5c:8c:ca:
                    58:ad:6f:ef:dd:94:7e:52:ed:fb:82:05:63:0a:74:
                    47:05:c6:36:03:dd:c8:e6:56:0f:df:e1:a7:f5:5c:
                    8e:79:33:98:13:12:35:22:f1:ab:2d:c7:8a:e2:b2:
                    44:2d:1e:47:2d:7d:76:3b:8c:38:e0:d9:06:dc:83:
                    e8:1a:57:bc:53:d8:28:3b:88:d6:ba:ef:ae:77:6a:
                    b6:63:b7:f6:79:79:49:f0:c1:62:34:c1:63:32:a5:
                    e1:f7:0a:5e:ff:36:22:25:83:76:63:ca:98:18:35:
                    e5:61:d3:88:ff:9d:cf:19:b5:89:37:76:1b:0a:56:
                    e3:0f:11:b6:a0:2b:b1:0a:4f:88:d0:10:de:8d:13:
                    7d:85:79:35:b7:71:e8:60:7c:21:65:d0:c3:54:4b:
                    3b:b7:64:b9:af:65:34:63:33:ba:9d:56:aa:6b:a2:
                    61:4f:2c:a0:4d:dd:08:d8:cf:0e:ff:d4:65:8b:c7:
                    0b:9a:af:91:75:4b:e6:2c:49:32:1f:cd:93:38:5c:
                    aa:9a:5d:c2:cf:6c:49:2a:2b:6a:ae:91:35:61:af:
                    f5:c0:1e:a6:04:10:c9:02:c5:7e:d4:ce:b3:09:88:
                    eb:72:02:ba:92:bd:85:c7:00:fd:ae:c7:96:68:23:
                    54:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:12:D3:C3:05:CC:43:8A:7A:AB:67:13:D8:FD:4D:3B:7F:52:7B:1D
            X509v3 Authority Key Identifier:
                keyid:42:BD:8D:87:8C:82:43:54:3F:08:F0:6E:B9:22:69:CC:F4:FF:46:C9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A3AC98FA47F74BD00F265D7632F821E02769F5D7999E920CC01F5B29CFF7A0FB/0/42BD8D878C8243543F08F06EB92269CCF4FF46C9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/42BD8D878C8243543F08F06EB92269CCF4FF46C9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A3AC98FA47F74BD00F265D7632F821E02769F5D7999E920CC01F5B29CFF7A0FB/0/3139322e3134312e3137312e302f32342d3234203d3e2036343731.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.141.171.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:cc:b9:1b:9b:2d:93:1a:6a:cb:33:3b:f6:67:38:3d:4f:67:
         0d:b3:24:4e:8f:d2:99:07:5a:29:9a:f1:00:d3:ef:b5:63:a3:
         6e:aa:93:7d:04:db:d2:0e:f0:9f:c0:ce:b0:a5:66:a5:44:14:
         70:21:30:77:7d:69:cf:e0:fa:9d:3f:16:09:0d:c1:1a:95:45:
         19:e4:3d:39:0c:ea:cf:29:ca:4a:20:43:f8:04:4c:f0:92:dd:
         b1:5f:a7:e5:2e:b4:bf:72:4c:cd:ba:ab:27:f1:b7:b7:60:1d:
         f2:2d:ca:f8:9a:47:fb:cd:83:fc:df:93:5d:df:b6:06:e2:0d:
         b2:da:a2:68:c2:02:77:d2:1c:03:85:10:8c:1c:f3:64:15:7c:
         90:ee:c4:45:87:68:6d:8b:da:4e:04:b5:50:62:3b:f4:a1:f9:
         2f:ea:57:94:18:f6:1a:e4:a0:ab:ed:84:79:69:15:98:2d:72:
         5e:94:7b:69:56:5c:f5:d2:bd:7b:6d:80:6e:c3:76:7c:8a:03:
         1f:93:21:57:33:6d:dd:7b:49:88:67:13:8a:36:d8:58:55:bd:
         0e:80:25:42:06:88:db:20:89:59:ed:91:b9:7a:8b:a4:14:61:
         0c:ba:36:3e:76:08:52:c2:2d:bc:64:ea:9d:81:ff:3b:35:af:
         a4:e2:a9:6f
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUC34FiGn27jiMRQS41TDeOxwHfxAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDJCRDhEODc4QzgyNDM1NDNGMDhGMDZFQjkyMjY5Q0NG
NEZGNDZDOTAeFw0yNDA0MTYxNDU1MDFaFw0yNTA0MTUxNTAwMDFaMDMxMTAvBgNV
BAMTKDk0MTJEM0MzMDVDQzQzOEE3QUFCNjcxM0Q4RkQ0RDNCN0Y1MjdCMUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHapPnywAYo71RuFyMylitb+/d
lH5S7fuCBWMKdEcFxjYD3cjmVg/f4af1XI55M5gTEjUi8astx4riskQtHkctfXY7
jDjg2Qbcg+gaV7xT2Cg7iNa67653arZjt/Z5eUnwwWI0wWMypeH3Cl7/NiIlg3Zj
ypgYNeVh04j/nc8ZtYk3dhsKVuMPEbagK7EKT4jQEN6NE32FeTW3cehgfCFl0MNU
Szu3ZLmvZTRjM7qdVqpromFPLKBN3QjYzw7/1GWLxwuar5F1S+YsSTIfzZM4XKqa
XcLPbEkqK2qukTVhr/XAHqYEEMkCxX7UzrMJiOtyArqSvYXHAP2ux5ZoI1TDAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUlBLTwwXMQ4p6q2cT2P1NO39Sex0wHwYDVR0j
BBgwFoAUQr2Nh4yCQ1Q/CPBuuSJpzPT/RskwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BM0FDOThGQTQ3Rjc0QkQwMEYyNjVENzYzMkY4MjFFMDI3
NjlGNUQ3OTk5RTkyMENDMDFGNUIyOUNGRjdBMEZCLzAvNDJCRDhEODc4QzgyNDM1
NDNGMDhGMDZFQjkyMjY5Q0NGNEZGNDZDOS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC80MkJEOEQ4NzhDODI0MzU0M0Yw
OEYwNkVCOTIyNjlDQ0Y0RkY0NkM5LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTNBQzk4RkE0N0Y3NEJEMDBGMjY1RDc2MzJGODIxRTAyNzY5RjVENzk5
OUU5MjBDQzAxRjVCMjlDRkY3QTBGQi8wLzMxMzkzMjJlMzEzNDMxMmUzMTM3MzEy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjM0MzczMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMCNqzAN
BgkqhkiG9w0BAQsFAAOCAQEACMy5G5stkxpqyzM79mc4PU9nDbMkTo/SmQdaKZrx
ANPvtWOjbqqTfQTb0g7wn8DOsKVmpUQUcCEwd31pz+D6nT8WCQ3BGpVFGeQ9OQzq
zynKSiBD+ARM8JLdsV+n5S60v3JMzbqrJ/G3t2Ad8i3K+JpH+82D/N+TXd+2BuIN
stqiaMICd9IcA4UQjBzzZBV8kO7ERYdobYvaTgS1UGI79KH5L+pXlBj2GuSgq+2E
eWkVmC1yXpR7aVZc9dK9e22AbsN2fIoDH5MhVzNt3XtJiGcTijbYWFW9DoAlQgaI
2yCJWe2RuXqLpBRhDLo2PnYIUsItvGTqnYH/OzWvpOKpbw==
-----END CERTIFICATE-----