Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/3138312e3131392e36362e302f32332d3234203d3e203532343638.roa
File:                     3138312e3131392e36362e302f32332d3234203d3e203532343638.roa (raw, json)
Hash identifier:          DgrMCe4GZdMCdb0Em62RQRjp+C97YZ7ie+OJr6dK9GY=
Subject key identifier:   90:72:D8:1B:B5:58:7D:18:F2:D7:06:B4:DC:D5:15:B6:19:86:EE:77
Certificate issuer:       /CN=99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50
Certificate serial:       2D90CFFE85212C8D96A924BC0C0B9E90B43A96CE
Authority key identifier: 99:D9:23:A2:52:7D:78:CB:CA:1B:C2:B6:B1:5D:AC:0F:1F:6C:7E:50
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/3138312e3131392e36362e302f32332d3234203d3e203532343638.roa
Signing time:             Tue 05 Mar 2024 18:04:47 +0000
ROA not before:           Tue 05 Mar 2024 17:59:47 +0000
ROA not after:            Tue 04 Mar 2025 18:04:47 +0000
asID:                     52468
IP address blocks:        181.119.66.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Tue 24 Sep 2024 22:10:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2d:90:cf:fe:85:21:2c:8d:96:a9:24:bc:0c:0b:9e:90:b4:3a:96:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50
        Validity
            Not Before: Mar  5 17:59:47 2024 GMT
            Not After : Mar  4 18:04:47 2025 GMT
        Subject: CN=9072D81BB5587D18F2D706B4DCD515B61986EE77
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:e3:b5:dd:3c:ee:42:80:f4:5e:46:00:85:52:
                    0b:ff:76:81:2f:7f:ae:ec:2a:e3:bf:de:dc:cc:70:
                    f8:e3:16:81:ba:a2:85:4f:7f:54:a1:f8:2e:b8:c0:
                    85:72:d3:c0:4c:11:77:52:c0:1a:e4:da:4d:a2:0c:
                    d8:56:a7:39:5c:dd:bf:25:8a:f1:04:0b:e1:c7:62:
                    35:c7:59:c3:07:f5:47:77:90:af:bc:49:cc:8f:4e:
                    a5:46:07:81:fc:47:a2:b8:1c:1c:57:b3:be:8f:3f:
                    d0:b7:f3:c5:e8:ad:87:cc:3b:ac:a2:5d:a0:bd:87:
                    3e:5c:60:e2:9f:bc:7c:8d:85:ec:1d:5e:16:8e:90:
                    0a:d5:b6:a5:d4:7c:84:6e:d0:4f:ae:85:86:21:10:
                    53:21:36:88:57:fd:c6:b9:7c:30:c8:70:8b:0a:f6:
                    2a:90:5a:1b:cd:4b:d3:33:6b:45:b3:94:07:55:57:
                    4a:25:47:55:42:8b:9b:e9:b6:de:e7:6d:5c:84:a9:
                    df:a5:3f:c3:40:7b:70:39:f4:f4:9e:e7:e4:02:79:
                    f4:0d:b8:1a:31:95:c2:39:3a:b0:4f:9d:7e:b8:71:
                    36:3c:5a:e1:d2:a2:5c:a3:f2:b2:82:b0:cd:6f:c5:
                    9d:98:6b:54:a1:5b:b6:55:9f:4f:ee:bd:83:b0:09:
                    ad:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:72:D8:1B:B5:58:7D:18:F2:D7:06:B4:DC:D5:15:B6:19:86:EE:77
            X509v3 Authority Key Identifier:
                keyid:99:D9:23:A2:52:7D:78:CB:CA:1B:C2:B6:B1:5D:AC:0F:1F:6C:7E:50

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/3138312e3131392e36362e302f32332d3234203d3e203532343638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.119.66.0/23

    Signature Algorithm: sha256WithRSAEncryption
         94:d5:34:c2:0e:a2:1f:25:7e:ad:39:76:cc:95:09:ce:c3:8e:
         db:52:aa:73:49:62:b3:49:ed:e7:f8:03:11:af:66:d8:54:16:
         17:0a:01:91:67:2c:39:5d:7d:25:2f:52:a8:54:3b:17:75:03:
         73:1f:fd:e5:07:21:52:1f:b7:e5:a0:ec:9c:b2:02:96:d6:dd:
         a7:fd:d6:a2:29:9a:c3:c2:bf:eb:8b:90:3f:6d:40:0d:43:cb:
         ca:c8:44:8d:8c:e9:81:46:6d:70:ce:e5:8a:3f:fd:3f:3e:a0:
         a5:ad:fb:17:f1:02:a7:fb:14:80:ff:7a:66:43:91:bc:8d:fa:
         74:d2:c9:91:c8:f5:34:80:a2:33:0d:ea:0e:f2:fa:7d:e8:f8:
         e5:19:1d:4f:1a:41:36:cb:f7:f8:6b:d8:51:08:ea:73:6c:f5:
         de:d8:14:b6:2d:de:b2:17:6d:05:6d:15:04:9a:e1:af:43:e1:
         95:62:d3:fc:73:67:88:22:2b:63:b9:99:f4:7c:f6:e1:83:8c:
         90:06:bb:dc:80:c2:6b:87:68:8f:27:49:cc:c3:1e:c1:f8:29:
         05:d4:96:32:01:f4:96:11:8d:84:77:0f:0c:f0:40:6c:12:4d:
         5f:19:9a:26:88:a3:a3:52:8a:c2:eb:47:d5:ae:3d:35:44:6c:
         40:99:1b:e9
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIULZDP/oUhLI2WqSS8DAuekLQ6ls4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTlEOTIzQTI1MjdENzhDQkNBMUJDMkI2QjE1REFDMEYx
RjZDN0U1MDAeFw0yNDAzMDUxNzU5NDdaFw0yNTAzMDQxODA0NDdaMDMxMTAvBgNV
BAMTKDkwNzJEODFCQjU1ODdEMThGMkQ3MDZCNERDRDUxNUI2MTk4NkVFNzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDo47XdPO5CgPReRgCFUgv/doEv
f67sKuO/3tzMcPjjFoG6ooVPf1Sh+C64wIVy08BMEXdSwBrk2k2iDNhWpzlc3b8l
ivEEC+HHYjXHWcMH9Ud3kK+8ScyPTqVGB4H8R6K4HBxXs76PP9C388XorYfMO6yi
XaC9hz5cYOKfvHyNhewdXhaOkArVtqXUfIRu0E+uhYYhEFMhNohX/ca5fDDIcIsK
9iqQWhvNS9Mza0WzlAdVV0olR1VCi5vptt7nbVyEqd+lP8NAe3A59PSe5+QCefQN
uBoxlcI5OrBPnX64cTY8WuHSolyj8rKCsM1vxZ2Ya1ShW7ZVn0/uvYOwCa1jAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUkHLYG7VYfRjy1wa03NUVthmG7ncwHwYDVR0j
BBgwFoAUmdkjolJ9eMvKG8K2sV2sDx9sflAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BQUJERjQwOTVGRThCMjI4ODJEMjBCMTZEQjdEMkJGRDM4
MUMwRjlFNjJDNkVCNjU5NDQ3RDQ0QkU3RTFDQkMyLzAvOTlEOTIzQTI1MjdENzhD
QkNBMUJDMkI2QjE1REFDMEYxRjZDN0U1MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85OUQ5MjNBMjUyN0Q3OENCQ0Ex
QkMyQjZCMTVEQUMwRjFGNkM3RTUwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQUFCREY0MDk1RkU4QjIyODgyRDIwQjE2REI3RDJCRkQzODFDMEY5RTYy
QzZFQjY1OTQ0N0Q0NEJFN0UxQ0JDMi8wLzMxMzgzMTJlMzEzMTM5MmUzNjM2MmUz
MDJmMzIzMzJkMzIzNDIwM2QzZTIwMzUzMjM0MzYzOC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbV3QjAN
BgkqhkiG9w0BAQsFAAOCAQEAlNU0wg6iHyV+rTl2zJUJzsOO21Kqc0lis0nt5/gD
Ea9m2FQWFwoBkWcsOV19JS9SqFQ7F3UDcx/95QchUh+35aDsnLICltbdp/3Woima
w8K/64uQP21ADUPLyshEjYzpgUZtcM7lij/9Pz6gpa37F/ECp/sUgP96ZkORvI36
dNLJkcj1NICiMw3qDvL6fej45RkdTxpBNsv3+GvYUQjqc2z13tgUti3eshdtBW0V
BJrhr0PhlWLT/HNniCIrY7mZ9Hz24YOMkAa73IDCa4dojydJzMMewfgpBdSWMgH0
lhGNhHcPDPBAbBJNXxmaJoijo1KKwutH1a49NURsQJkb6Q==
-----END CERTIFICATE-----
Generated at Tue Sep 24 23:11:54 2024 by rpki-client on console-fra.rpki-client.org