Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A4C89D43169664B9B0F42779749B8E27184BE1079D57C7A76A76D5D88108F80C/0/3230312e3138322e3134392e302f32342d3234203d3e20323635383135.roa
File:                     3230312e3138322e3134392e302f32342d3234203d3e20323635383135.roa (raw, json)
Hash identifier:          otiy+n1cJeoLZrdzw415+8ST3V1FSo91H8jkIeqZQbg=
Subject key identifier:   C8:BA:AD:12:36:FA:B9:E9:63:6C:DA:39:B9:9E:F9:81:32:2D:3D:25
Certificate issuer:       /CN=03862A9BFCB97EE6B62CE1DB077E3B6EAD5FE253
Certificate serial:       4A5C1BEDAEE94493976DC6D7A7C12B21FADC847A
Authority key identifier: 03:86:2A:9B:FC:B9:7E:E6:B6:2C:E1:DB:07:7E:3B:6E:AD:5F:E2:53
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/03862A9BFCB97EE6B62CE1DB077E3B6EAD5FE253.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A4C89D43169664B9B0F42779749B8E27184BE1079D57C7A76A76D5D88108F80C/0/3230312e3138322e3134392e302f32342d3234203d3e20323635383135.roa
Signing time:             Tue 05 Mar 2024 18:23:24 +0000
ROA not before:           Tue 05 Mar 2024 18:18:24 +0000
ROA not after:            Tue 04 Mar 2025 18:23:24 +0000
asID:                     265815
IP address blocks:        201.182.149.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 19 Nov 2024 21:35:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4a:5c:1b:ed:ae:e9:44:93:97:6d:c6:d7:a7:c1:2b:21:fa:dc:84:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=03862A9BFCB97EE6B62CE1DB077E3B6EAD5FE253
        Validity
            Not Before: Mar  5 18:18:24 2024 GMT
            Not After : Mar  4 18:23:24 2025 GMT
        Subject: CN=C8BAAD1236FAB9E9636CDA39B99EF981322D3D25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:a8:21:35:c8:a8:35:b4:25:b4:59:7a:50:8f:
                    1b:a3:ea:ce:d4:ba:ec:1d:0f:e8:0c:39:20:6f:03:
                    f5:9d:5b:ff:72:cf:5a:92:df:75:f2:df:2b:5f:1b:
                    5a:eb:e0:26:c4:3e:c9:63:3f:2d:c0:19:52:ed:37:
                    2c:9e:ff:fd:cf:04:c8:d4:fa:93:87:43:00:87:07:
                    57:ff:9e:c4:61:97:19:1b:f9:e4:f1:81:79:ca:78:
                    b3:8f:2e:10:66:70:d5:62:03:67:34:51:70:b8:74:
                    d5:a6:8c:1c:58:4b:48:87:c9:75:db:7b:9d:fc:55:
                    16:e1:6f:c2:b4:b4:b2:cf:51:33:cb:26:2f:fb:37:
                    51:20:f4:0f:39:b6:81:9e:67:02:84:91:66:00:00:
                    20:e4:f7:3e:b9:d2:0a:8f:66:f5:65:22:7a:13:30:
                    da:a4:52:7b:4a:af:f9:05:66:ea:ce:c6:ab:be:13:
                    f7:21:50:3e:84:a6:79:28:38:1a:e2:d8:34:70:40:
                    33:0c:a9:cb:fb:be:56:d9:68:df:1c:17:0e:68:7b:
                    c1:e3:91:1d:18:46:73:03:3a:a7:56:d6:ff:5c:12:
                    90:da:63:bd:91:68:e8:79:bf:02:74:20:d7:c1:56:
                    6a:97:c7:b2:83:96:f2:d3:66:74:74:0b:73:bf:eb:
                    03:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:BA:AD:12:36:FA:B9:E9:63:6C:DA:39:B9:9E:F9:81:32:2D:3D:25
            X509v3 Authority Key Identifier:
                keyid:03:86:2A:9B:FC:B9:7E:E6:B6:2C:E1:DB:07:7E:3B:6E:AD:5F:E2:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A4C89D43169664B9B0F42779749B8E27184BE1079D57C7A76A76D5D88108F80C/0/03862A9BFCB97EE6B62CE1DB077E3B6EAD5FE253.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/03862A9BFCB97EE6B62CE1DB077E3B6EAD5FE253.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A4C89D43169664B9B0F42779749B8E27184BE1079D57C7A76A76D5D88108F80C/0/3230312e3138322e3134392e302f32342d3234203d3e20323635383135.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.182.149.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:6a:6f:fd:80:61:b3:3f:80:6b:2d:36:ef:4a:91:0c:4e:ab:
         ca:f2:cb:5e:fe:6a:cd:40:ee:5f:f3:c1:3e:dc:3e:ea:ae:5c:
         a8:7d:38:09:70:21:a1:11:5b:b3:f2:56:58:30:cd:bf:73:f8:
         14:85:57:1c:a5:c5:f8:2f:92:21:29:64:60:18:06:4d:b0:d9:
         40:f2:43:94:21:68:81:be:43:72:40:8e:6e:c9:66:48:3d:77:
         00:55:be:01:57:7d:d6:9a:a1:4d:0d:1d:b6:97:46:98:76:5b:
         93:3b:e9:71:1f:ad:53:ea:c0:92:1d:b5:57:f5:74:1f:a4:b1:
         2a:f4:e4:79:12:01:7a:79:58:7f:65:23:6d:ff:c5:68:3b:a3:
         e8:4c:86:31:0a:55:cb:04:c9:32:c3:67:43:50:47:c0:4d:b9:
         0c:02:c4:fc:18:52:25:f5:84:02:bb:e6:00:fe:06:9e:dd:a2:
         bf:8b:9c:4d:07:22:da:9f:65:00:a2:1f:f9:64:3a:22:7e:71:
         ff:ee:f3:5c:99:32:54:65:f9:a4:f4:9f:99:fb:0b:d6:fe:29:
         c9:f4:2a:04:90:29:e0:da:03:da:1e:8a:2f:00:6c:b0:2a:b4:
         34:1d:bd:09:2b:34:32:00:4d:71:e7:87:27:fe:31:5c:38:39:
         aa:a7:8f:2b
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUSlwb7a7pRJOXbcbXp8ErIfrchHowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDM4NjJBOUJGQ0I5N0VFNkI2MkNFMURCMDc3RTNCNkVB
RDVGRTI1MzAeFw0yNDAzMDUxODE4MjRaFw0yNTAzMDQxODIzMjRaMDMxMTAvBgNV
BAMTKEM4QkFBRDEyMzZGQUI5RTk2MzZDREEzOUI5OUVGOTgxMzIyRDNEMjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnqCE1yKg1tCW0WXpQjxuj6s7U
uuwdD+gMOSBvA/WdW/9yz1qS33Xy3ytfG1rr4CbEPsljPy3AGVLtNyye//3PBMjU
+pOHQwCHB1f/nsRhlxkb+eTxgXnKeLOPLhBmcNViA2c0UXC4dNWmjBxYS0iHyXXb
e538VRbhb8K0tLLPUTPLJi/7N1Eg9A85toGeZwKEkWYAACDk9z650gqPZvVlInoT
MNqkUntKr/kFZurOxqu+E/chUD6EpnkoOBri2DRwQDMMqcv7vlbZaN8cFw5oe8Hj
kR0YRnMDOqdW1v9cEpDaY72RaOh5vwJ0INfBVmqXx7KDlvLTZnR0C3O/6wMBAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUyLqtEjb6ueljbNo5uZ75gTItPSUwHwYDVR0j
BBgwFoAUA4Yqm/y5fua2LOHbB347bq1f4lMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BNEM4OUQ0MzE2OTY2NEI5QjBGNDI3Nzk3NDlCOEUyNzE4
NEJFMTA3OUQ1N0M3QTc2QTc2RDVEODgxMDhGODBDLzAvMDM4NjJBOUJGQ0I5N0VF
NkI2MkNFMURCMDc3RTNCNkVBRDVGRTI1My5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wMzg2MkE5QkZDQjk3RUU2QjYy
Q0UxREIwNzdFM0I2RUFENUZFMjUzLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTRDODlENDMxNjk2NjRCOUIwRjQyNzc5NzQ5QjhFMjcxODRCRTEwNzlE
NTdDN0E3NkE3NkQ1RDg4MTA4RjgwQy8wLzMyMzAzMTJlMzEzODMyMmUzMTM0Mzky
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2MzUzODMxMzUucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADJ
tpUwDQYJKoZIhvcNAQELBQADggEBAAJqb/2AYbM/gGstNu9KkQxOq8ryy17+as1A
7l/zwT7cPuquXKh9OAlwIaERW7PyVlgwzb9z+BSFVxylxfgvkiEpZGAYBk2w2UDy
Q5QhaIG+Q3JAjm7JZkg9dwBVvgFXfdaaoU0NHbaXRph2W5M76XEfrVPqwJIdtVf1
dB+ksSr05HkSAXp5WH9lI23/xWg7o+hMhjEKVcsEyTLDZ0NQR8BNuQwCxPwYUiX1
hAK75gD+Bp7dor+LnE0HItqfZQCiH/lkOiJ+cf/u81yZMlRl+aT0n5n7C9b+Kcn0
KgSQKeDaA9oeii8AbLAqtDQdvQkrNDIATXHnhyf+MVw4Oaqnjys=
-----END CERTIFICATE-----