Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A685CFE43360D3C05D1A1107E7DFA532C9B2F6825BF12BAA12235DD15842ACDF/0/3136352e39382e3133302e302f32342d3234203d3e203138383430.roa
File:                     3136352e39382e3133302e302f32342d3234203d3e203138383430.roa (raw, json)
Hash identifier:          7GgwrSz3apHcPCK2b/RiTQsrzor3o7ldcvs7o6CdIG4=
Subject key identifier:   39:D2:C0:1D:80:35:1A:E2:9F:F2:13:3B:DD:1B:7B:E7:DC:FC:51:58
Certificate issuer:       /CN=1B3FB06809362D90ED82F4A360BDEE3FB303C03D
Certificate serial:       5E24B77208AFF94BD5D2B18AC8546767779FB45D
Authority key identifier: 1B:3F:B0:68:09:36:2D:90:ED:82:F4:A3:60:BD:EE:3F:B3:03:C0:3D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1B3FB06809362D90ED82F4A360BDEE3FB303C03D.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A685CFE43360D3C05D1A1107E7DFA532C9B2F6825BF12BAA12235DD15842ACDF/0/3136352e39382e3133302e302f32342d3234203d3e203138383430.roa
Signing time:             Tue 05 Mar 2024 17:59:46 +0000
ROA not before:           Tue 05 Mar 2024 17:54:46 +0000
ROA not after:            Tue 04 Mar 2025 17:59:46 +0000
asID:                     18840
IP address blocks:        165.98.130.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 30 Jul 2024 15:50:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:24:b7:72:08:af:f9:4b:d5:d2:b1:8a:c8:54:67:67:77:9f:b4:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1B3FB06809362D90ED82F4A360BDEE3FB303C03D
        Validity
            Not Before: Mar  5 17:54:46 2024 GMT
            Not After : Mar  4 17:59:46 2025 GMT
        Subject: CN=39D2C01D80351AE29FF2133BDD1B7BE7DCFC5158
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:a4:78:18:75:86:54:99:93:78:32:b5:aa:46:
                    28:20:46:31:d9:81:62:89:fc:ad:9b:fd:76:c3:0a:
                    09:60:fb:6c:30:ca:a9:71:ce:c8:40:17:79:3f:73:
                    86:32:74:d9:d2:15:b7:01:6e:bd:45:20:60:f9:6a:
                    a2:6a:39:84:0c:1f:d2:41:5d:dc:d6:83:fe:be:30:
                    da:09:03:89:a6:de:c9:9c:4b:4b:e5:c8:3a:86:05:
                    28:67:43:3b:9f:d8:a4:82:f6:f6:ed:23:1f:d6:e4:
                    65:53:b4:d6:7c:3f:d0:2e:ad:7f:ae:b8:e9:d3:9c:
                    d3:8f:75:db:f8:70:33:55:bf:e1:90:a9:ae:9d:8d:
                    4f:51:e1:8e:08:f1:f4:25:b8:f0:99:7c:bb:b1:18:
                    27:1e:93:75:61:94:90:e1:4f:cd:e8:6a:fd:74:18:
                    30:79:9f:7a:3f:22:cf:6a:ff:13:29:52:e0:84:e9:
                    b7:37:9d:68:7b:68:b3:d6:74:6b:60:56:2e:0c:94:
                    df:6c:12:c5:f4:bc:a7:fc:cf:9f:1e:96:77:e1:e2:
                    44:d0:d7:00:6e:98:29:aa:1d:ae:41:1d:f4:0d:20:
                    06:e1:4b:03:94:e1:27:fa:83:d6:f7:61:4c:de:d0:
                    f5:63:a1:01:aa:ea:08:5a:ce:cc:f8:d3:c2:d3:2a:
                    0c:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:D2:C0:1D:80:35:1A:E2:9F:F2:13:3B:DD:1B:7B:E7:DC:FC:51:58
            X509v3 Authority Key Identifier:
                keyid:1B:3F:B0:68:09:36:2D:90:ED:82:F4:A3:60:BD:EE:3F:B3:03:C0:3D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A685CFE43360D3C05D1A1107E7DFA532C9B2F6825BF12BAA12235DD15842ACDF/0/1B3FB06809362D90ED82F4A360BDEE3FB303C03D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1B3FB06809362D90ED82F4A360BDEE3FB303C03D.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A685CFE43360D3C05D1A1107E7DFA532C9B2F6825BF12BAA12235DD15842ACDF/0/3136352e39382e3133302e302f32342d3234203d3e203138383430.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  165.98.130.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b4:8e:d4:f4:86:94:8e:a2:aa:46:0a:6e:bd:8d:8f:5f:61:bd:
         83:11:6e:9a:d4:73:dc:12:1d:88:00:3e:35:26:9c:74:96:12:
         c0:5b:70:fd:03:60:e6:19:e5:f3:11:b2:1c:9c:46:b6:c6:b7:
         4b:45:3e:3d:16:5e:aa:43:9a:00:3c:15:c7:b2:70:2a:14:45:
         ee:28:8a:fa:c0:91:ab:7a:cc:b6:a0:a2:09:27:47:3d:25:a6:
         77:91:dc:42:fb:37:d3:8b:9e:ab:8b:19:ae:42:1c:96:4a:df:
         6e:4b:03:11:89:3d:c0:02:38:22:bb:36:4f:1e:6e:25:26:3e:
         7b:49:e5:30:46:4b:82:5a:54:2e:a5:c9:73:0b:89:0c:c8:46:
         5d:37:60:57:97:cc:ad:82:27:d6:fb:4b:9a:89:a9:17:71:4a:
         8a:d4:47:6f:3f:35:0a:a0:c7:46:a8:56:f1:ca:10:61:ee:e4:
         a1:69:81:25:d5:2c:9c:9d:70:c6:81:9e:97:24:b5:b2:3a:ad:
         d8:9d:60:ab:ef:46:fe:07:95:61:8f:54:f5:24:28:f2:a6:0d:
         0e:ac:16:20:35:d1:76:da:98:57:72:45:d6:66:10:56:51:de:
         7d:5c:45:49:e6:2b:1b:a0:2f:ce:b0:54:6f:62:c3:6d:c9:45:
         a4:5a:39:e9
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUXiS3cgiv+UvV0rGKyFRnZ3eftF0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUIzRkIwNjgwOTM2MkQ5MEVEODJGNEEzNjBCREVFM0ZC
MzAzQzAzRDAeFw0yNDAzMDUxNzU0NDZaFw0yNTAzMDQxNzU5NDZaMDMxMTAvBgNV
BAMTKDM5RDJDMDFEODAzNTFBRTI5RkYyMTMzQkREMUI3QkU3RENGQzUxNTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfpHgYdYZUmZN4MrWqRiggRjHZ
gWKJ/K2b/XbDCglg+2wwyqlxzshAF3k/c4YydNnSFbcBbr1FIGD5aqJqOYQMH9JB
XdzWg/6+MNoJA4mm3smcS0vlyDqGBShnQzuf2KSC9vbtIx/W5GVTtNZ8P9AurX+u
uOnTnNOPddv4cDNVv+GQqa6djU9R4Y4I8fQluPCZfLuxGCcek3VhlJDhT83oav10
GDB5n3o/Is9q/xMpUuCE6bc3nWh7aLPWdGtgVi4MlN9sEsX0vKf8z58elnfh4kTQ
1wBumCmqHa5BHfQNIAbhSwOU4Sf6g9b3YUze0PVjoQGq6ghazsz408LTKgzHAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUOdLAHYA1GuKf8hM73Rt759z8UVgwHwYDVR0j
BBgwFoAUGz+waAk2LZDtgvSjYL3uP7MDwD0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BNjg1Q0ZFNDMzNjBEM0MwNUQxQTExMDdFN0RGQTUzMkM5
QjJGNjgyNUJGMTJCQUExMjIzNUREMTU4NDJBQ0RGLzAvMUIzRkIwNjgwOTM2MkQ5
MEVEODJGNEEzNjBCREVFM0ZCMzAzQzAzRC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xQjNGQjA2ODA5MzYyRDkwRUQ4
MkY0QTM2MEJERUUzRkIzMDNDMDNELmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTY4NUNGRTQzMzYwRDNDMDVEMUExMTA3RTdERkE1MzJDOUIyRjY4MjVC
RjEyQkFBMTIyMzVERDE1ODQyQUNERi8wLzMxMzYzNTJlMzkzODJlMzEzMzMwMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzODM4MzQzMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKVigjAN
BgkqhkiG9w0BAQsFAAOCAQEAtI7U9IaUjqKqRgpuvY2PX2G9gxFumtRz3BIdiAA+
NSacdJYSwFtw/QNg5hnl8xGyHJxGtsa3S0U+PRZeqkOaADwVx7JwKhRF7iiK+sCR
q3rMtqCiCSdHPSWmd5HcQvs304ueq4sZrkIclkrfbksDEYk9wAI4Irs2Tx5uJSY+
e0nlMEZLglpULqXJcwuJDMhGXTdgV5fMrYIn1vtLmompF3FKitRHbz81CqDHRqhW
8coQYe7koWmBJdUsnJ1wxoGelyS1sjqt2J1gq+9G/geVYY9U9SQo8qYNDqwWIDXR
dtqYV3JF1mYQVlHefVxFSeYrG6AvzrBUb2LDbclFpFo56Q==
-----END CERTIFICATE-----
Generated at Tue Jul 30 19:59:37 2024 by rpki-client on console-ams.rpki-client.org