Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A4C89D43169664B9B0F42779749B8E27184BE1079D57C7A76A76D5D88108F80C/0/3230312e3138322e3134382e302f32342d3234203d3e20323635383135.roa
File:                     3230312e3138322e3134382e302f32342d3234203d3e20323635383135.roa (raw, json)
Hash identifier:          d+ssBR7Ehhnff+w/bISeqZN/k2TfoToz3Z/H5Pkun1c=
Subject key identifier:   2A:5B:5E:97:CF:89:D3:62:1A:8E:D1:E2:75:87:41:F2:03:4B:69:D1
Certificate issuer:       /CN=03862A9BFCB97EE6B62CE1DB077E3B6EAD5FE253
Certificate serial:       68DAAE766FB0A3B5096D19B2CAEDCABE90F4B808
Authority key identifier: 03:86:2A:9B:FC:B9:7E:E6:B6:2C:E1:DB:07:7E:3B:6E:AD:5F:E2:53
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/03862A9BFCB97EE6B62CE1DB077E3B6EAD5FE253.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A4C89D43169664B9B0F42779749B8E27184BE1079D57C7A76A76D5D88108F80C/0/3230312e3138322e3134382e302f32342d3234203d3e20323635383135.roa
Signing time:             Tue 05 Mar 2024 18:23:25 +0000
ROA not before:           Tue 05 Mar 2024 18:18:25 +0000
ROA not after:            Tue 04 Mar 2025 18:23:25 +0000
asID:                     265815
IP address blocks:        201.182.148.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 19 Nov 2024 21:35:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:da:ae:76:6f:b0:a3:b5:09:6d:19:b2:ca:ed:ca:be:90:f4:b8:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=03862A9BFCB97EE6B62CE1DB077E3B6EAD5FE253
        Validity
            Not Before: Mar  5 18:18:25 2024 GMT
            Not After : Mar  4 18:23:25 2025 GMT
        Subject: CN=2A5B5E97CF89D3621A8ED1E2758741F2034B69D1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:8b:f8:66:23:88:ce:0d:fe:11:b8:7b:2f:65:
                    67:bd:88:dc:cb:4f:a7:f2:92:fd:08:c7:5f:a4:3c:
                    b3:06:c1:bf:9a:66:b2:cb:57:91:ae:55:c7:aa:4e:
                    ef:62:05:2b:89:6d:d3:bd:5e:3b:6e:5d:fc:f6:24:
                    09:1a:61:a8:2a:eb:7e:e8:56:6b:b8:a6:9a:0e:91:
                    57:92:dd:99:29:fb:9f:97:e2:07:31:a8:cb:ef:27:
                    1c:5a:b6:1e:ef:6c:48:d4:ed:80:b3:e5:6c:ec:8e:
                    57:32:d1:7a:a8:57:e9:52:9d:7c:40:8a:70:3c:5b:
                    4d:7d:17:8c:a3:3b:d6:22:2b:02:ef:fc:c7:e1:73:
                    c9:8d:c3:81:ac:86:a1:e9:a6:86:c0:2d:bf:cb:eb:
                    bd:56:66:d5:46:ab:b7:70:4d:53:e2:e1:d1:c7:65:
                    1b:f8:95:87:52:a9:d5:8e:cb:0e:d3:43:ec:27:0f:
                    3b:18:99:74:51:0e:91:59:81:2d:a0:ae:be:f3:4c:
                    91:ea:a9:18:1d:70:ca:07:9d:e2:3f:51:5d:d6:0e:
                    b5:5d:6f:c2:13:61:3b:cf:bf:5b:8f:4d:70:91:bd:
                    9e:2d:5b:4f:2a:8a:d7:3c:a0:15:91:bb:c3:0e:a6:
                    d3:e0:59:70:90:22:0a:8f:54:be:2e:98:64:a1:1e:
                    09:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:5B:5E:97:CF:89:D3:62:1A:8E:D1:E2:75:87:41:F2:03:4B:69:D1
            X509v3 Authority Key Identifier:
                keyid:03:86:2A:9B:FC:B9:7E:E6:B6:2C:E1:DB:07:7E:3B:6E:AD:5F:E2:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A4C89D43169664B9B0F42779749B8E27184BE1079D57C7A76A76D5D88108F80C/0/03862A9BFCB97EE6B62CE1DB077E3B6EAD5FE253.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/03862A9BFCB97EE6B62CE1DB077E3B6EAD5FE253.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A4C89D43169664B9B0F42779749B8E27184BE1079D57C7A76A76D5D88108F80C/0/3230312e3138322e3134382e302f32342d3234203d3e20323635383135.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.182.148.0/24

    Signature Algorithm: sha256WithRSAEncryption
         41:7a:40:ac:56:03:91:72:2a:d8:b5:b4:23:e9:67:11:d1:79:
         bb:48:b7:99:aa:4b:80:4a:11:e6:6e:ea:60:79:c1:fa:20:08:
         90:d1:ac:23:ca:66:5a:e1:14:1e:67:c2:74:c6:42:90:32:23:
         98:9b:21:7f:a5:24:87:23:42:a4:0b:61:51:74:15:98:d9:2c:
         8a:f3:69:10:1c:64:8c:8c:18:0f:12:92:d9:43:5a:d4:08:dd:
         35:ea:85:43:51:12:84:f7:5c:e6:74:b8:da:c3:6d:3c:9c:e4:
         47:86:70:87:57:9d:b3:98:5b:5e:eb:87:3f:e0:15:58:d3:a5:
         6a:7e:63:52:f6:c6:0d:eb:04:a6:d8:16:ce:84:e2:9a:75:a4:
         55:47:06:04:da:19:72:8a:a9:9e:c4:d7:f9:aa:1e:6b:eb:5d:
         30:0e:9b:0d:7f:67:d1:16:68:56:82:7e:4a:b2:82:eb:53:c3:
         dc:f1:b0:e8:a7:cf:74:72:ac:83:88:1c:2b:e5:67:21:89:de:
         78:6c:e8:3e:ad:7a:57:1b:45:27:3e:7a:7f:fd:a3:00:a3:46:
         2b:03:25:a6:73:ad:50:95:46:25:e4:89:cd:70:0f:ed:59:f9:
         6e:6a:09:f3:04:85:1c:27:2a:d6:12:5c:12:78:2b:f1:03:49:
         67:7a:20:5c
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUaNqudm+wo7UJbRmyyu3KvpD0uAgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDM4NjJBOUJGQ0I5N0VFNkI2MkNFMURCMDc3RTNCNkVB
RDVGRTI1MzAeFw0yNDAzMDUxODE4MjVaFw0yNTAzMDQxODIzMjVaMDMxMTAvBgNV
BAMTKDJBNUI1RTk3Q0Y4OUQzNjIxQThFRDFFMjc1ODc0MUYyMDM0QjY5RDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLi/hmI4jODf4RuHsvZWe9iNzL
T6fykv0Ix1+kPLMGwb+aZrLLV5GuVceqTu9iBSuJbdO9XjtuXfz2JAkaYagq637o
Vmu4ppoOkVeS3Zkp+5+X4gcxqMvvJxxath7vbEjU7YCz5Wzsjlcy0XqoV+lSnXxA
inA8W019F4yjO9YiKwLv/Mfhc8mNw4GshqHppobALb/L671WZtVGq7dwTVPi4dHH
ZRv4lYdSqdWOyw7TQ+wnDzsYmXRRDpFZgS2grr7zTJHqqRgdcMoHneI/UV3WDrVd
b8ITYTvPv1uPTXCRvZ4tW08qitc8oBWRu8MOptPgWXCQIgqPVL4umGShHgmzAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUKltel8+J02IajtHidYdB8gNLadEwHwYDVR0j
BBgwFoAUA4Yqm/y5fua2LOHbB347bq1f4lMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BNEM4OUQ0MzE2OTY2NEI5QjBGNDI3Nzk3NDlCOEUyNzE4
NEJFMTA3OUQ1N0M3QTc2QTc2RDVEODgxMDhGODBDLzAvMDM4NjJBOUJGQ0I5N0VF
NkI2MkNFMURCMDc3RTNCNkVBRDVGRTI1My5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wMzg2MkE5QkZDQjk3RUU2QjYy
Q0UxREIwNzdFM0I2RUFENUZFMjUzLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTRDODlENDMxNjk2NjRCOUIwRjQyNzc5NzQ5QjhFMjcxODRCRTEwNzlE
NTdDN0E3NkE3NkQ1RDg4MTA4RjgwQy8wLzMyMzAzMTJlMzEzODMyMmUzMTM0Mzgy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2MzUzODMxMzUucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADJ
tpQwDQYJKoZIhvcNAQELBQADggEBAEF6QKxWA5FyKti1tCPpZxHRebtIt5mqS4BK
EeZu6mB5wfogCJDRrCPKZlrhFB5nwnTGQpAyI5ibIX+lJIcjQqQLYVF0FZjZLIrz
aRAcZIyMGA8SktlDWtQI3TXqhUNREoT3XOZ0uNrDbTyc5EeGcIdXnbOYW17rhz/g
FVjTpWp+Y1L2xg3rBKbYFs6E4pp1pFVHBgTaGXKKqZ7E1/mqHmvrXTAOmw1/Z9EW
aFaCfkqygutTw9zxsOinz3RyrIOIHCvlZyGJ3nhs6D6telcbRSc+en/9owCjRisD
JaZzrVCVRiXkic1wD+1Z+W5qCfMEhRwnKtYSXBJ4K/EDSWd6IFw=
-----END CERTIFICATE-----