Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/3138312e37382e3132312e302f32342d3234203d3e203532343638.roa
File:                     3138312e37382e3132312e302f32342d3234203d3e203532343638.roa (raw, json)
Hash identifier:          SgbQveW0t+g9bU8j3AI7SZgL8RHfIVfWq4lvXCwda9A=
Subject key identifier:   DD:47:57:CF:CD:58:F6:03:A9:BB:D6:C7:B5:61:96:B9:B2:8C:A1:CA
Certificate issuer:       /CN=99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50
Certificate serial:       52D5248AF66A9641FEEABDE5DD6326DF607EA995
Authority key identifier: 99:D9:23:A2:52:7D:78:CB:CA:1B:C2:B6:B1:5D:AC:0F:1F:6C:7E:50
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/3138312e37382e3132312e302f32342d3234203d3e203532343638.roa
Signing time:             Tue 05 Mar 2024 18:04:27 +0000
ROA not before:           Tue 05 Mar 2024 17:59:27 +0000
ROA not after:            Tue 04 Mar 2025 18:04:27 +0000
asID:                     52468
IP address blocks:        181.78.121.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 24 Sep 2024 22:10:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:d5:24:8a:f6:6a:96:41:fe:ea:bd:e5:dd:63:26:df:60:7e:a9:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50
        Validity
            Not Before: Mar  5 17:59:27 2024 GMT
            Not After : Mar  4 18:04:27 2025 GMT
        Subject: CN=DD4757CFCD58F603A9BBD6C7B56196B9B28CA1CA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:3a:1c:45:e3:6d:62:30:b4:61:ff:17:65:cb:
                    1d:ec:b3:a6:40:b5:33:b5:b7:b7:89:bd:03:8f:43:
                    3c:3f:8b:0e:0e:e7:f2:10:ec:4e:85:ba:df:21:6c:
                    28:ce:c4:b0:54:e9:90:ce:e6:2d:49:9b:40:0e:a5:
                    95:17:02:32:40:cd:03:c1:fa:17:78:e4:28:87:15:
                    95:92:12:96:61:c1:f9:5a:a5:c0:16:24:44:d2:e0:
                    be:57:b6:14:f6:0a:fc:32:41:13:e7:99:ed:7a:3f:
                    6f:11:b1:70:c9:7a:00:5a:81:88:4d:1a:3a:15:8e:
                    c4:6e:74:e2:ba:5c:cd:38:40:5f:03:dd:12:58:65:
                    10:c5:59:e1:1a:5f:c8:b0:a0:cb:ff:ca:59:40:6a:
                    4c:52:2e:39:68:94:e3:0f:3f:e1:fb:05:9f:77:64:
                    d5:e0:91:5d:e3:0b:66:12:46:62:09:fe:d8:aa:82:
                    7a:32:c7:bd:5b:34:33:ff:55:b5:a5:9b:a8:7d:4a:
                    9b:b1:af:4d:fb:c6:e0:99:11:62:12:65:00:bf:55:
                    52:a6:67:92:f3:1c:02:d0:a8:94:fd:17:1d:22:9f:
                    16:cb:d0:f9:56:cf:a9:a3:88:68:ce:49:0f:96:d5:
                    f4:98:dd:e2:d6:87:f6:26:3d:86:81:35:8e:73:6c:
                    54:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:47:57:CF:CD:58:F6:03:A9:BB:D6:C7:B5:61:96:B9:B2:8C:A1:CA
            X509v3 Authority Key Identifier:
                keyid:99:D9:23:A2:52:7D:78:CB:CA:1B:C2:B6:B1:5D:AC:0F:1F:6C:7E:50

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/3138312e37382e3132312e302f32342d3234203d3e203532343638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.78.121.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:95:ce:69:d9:24:1a:d1:16:30:a9:3e:9b:1f:c7:86:32:07:
         67:5f:02:81:d5:9b:5e:d1:37:4e:39:78:e7:49:eb:1c:2c:f9:
         de:0d:96:14:fd:0f:f6:47:04:1c:53:e4:52:f8:9f:d1:06:67:
         95:c2:cc:79:3f:3e:83:ec:24:20:c0:cf:eb:e1:26:e4:ae:fe:
         8e:72:bb:e4:54:59:80:65:8e:99:73:e6:21:d6:f3:00:8e:dc:
         aa:94:db:26:01:c3:4b:94:2f:a4:a1:e3:95:89:28:47:39:16:
         35:45:26:bc:d9:a1:ba:54:4e:7d:71:36:6d:66:66:9c:55:85:
         b9:d0:f3:8c:e2:ca:bb:16:9f:7e:b6:95:43:d1:8b:42:da:5e:
         52:14:f6:b3:2f:62:12:93:f7:bf:82:61:42:ed:c1:2c:d3:15:
         97:48:bc:ae:51:29:f0:5b:4f:12:81:12:d6:f4:4e:7e:91:af:
         b0:b3:48:a6:c4:05:fc:10:a6:06:14:8a:11:8a:a9:b5:7f:15:
         ab:b4:1f:1e:2d:98:a5:0e:ba:3e:52:5c:c1:59:59:6e:ff:6c:
         2d:7c:ff:47:83:d3:41:97:8e:bf:11:c8:1c:2d:4b:19:11:06:
         f6:76:21:03:67:ad:ff:e8:7f:a8:28:e0:23:65:69:a7:b6:69:
         8c:1a:88:56
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUUtUkivZqlkH+6r3l3WMm32B+qZUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTlEOTIzQTI1MjdENzhDQkNBMUJDMkI2QjE1REFDMEYx
RjZDN0U1MDAeFw0yNDAzMDUxNzU5MjdaFw0yNTAzMDQxODA0MjdaMDMxMTAvBgNV
BAMTKERENDc1N0NGQ0Q1OEY2MDNBOUJCRDZDN0I1NjE5NkI5QjI4Q0ExQ0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKOhxF421iMLRh/xdlyx3ss6ZA
tTO1t7eJvQOPQzw/iw4O5/IQ7E6Fut8hbCjOxLBU6ZDO5i1Jm0AOpZUXAjJAzQPB
+hd45CiHFZWSEpZhwflapcAWJETS4L5XthT2CvwyQRPnme16P28RsXDJegBagYhN
GjoVjsRudOK6XM04QF8D3RJYZRDFWeEaX8iwoMv/yllAakxSLjlolOMPP+H7BZ93
ZNXgkV3jC2YSRmIJ/tiqgnoyx71bNDP/VbWlm6h9Spuxr037xuCZEWISZQC/VVKm
Z5LzHALQqJT9Fx0inxbL0PlWz6mjiGjOSQ+W1fSY3eLWh/YmPYaBNY5zbFRvAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQU3UdXz81Y9gOpu9bHtWGWubKMocowHwYDVR0j
BBgwFoAUmdkjolJ9eMvKG8K2sV2sDx9sflAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BQUJERjQwOTVGRThCMjI4ODJEMjBCMTZEQjdEMkJGRDM4
MUMwRjlFNjJDNkVCNjU5NDQ3RDQ0QkU3RTFDQkMyLzAvOTlEOTIzQTI1MjdENzhD
QkNBMUJDMkI2QjE1REFDMEYxRjZDN0U1MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85OUQ5MjNBMjUyN0Q3OENCQ0Ex
QkMyQjZCMTVEQUMwRjFGNkM3RTUwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQUFCREY0MDk1RkU4QjIyODgyRDIwQjE2REI3RDJCRkQzODFDMEY5RTYy
QzZFQjY1OTQ0N0Q0NEJFN0UxQ0JDMi8wLzMxMzgzMTJlMzczODJlMzEzMjMxMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzMjM0MzYzOC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALVOeTAN
BgkqhkiG9w0BAQsFAAOCAQEAi5XOadkkGtEWMKk+mx/HhjIHZ18CgdWbXtE3Tjl4
50nrHCz53g2WFP0P9kcEHFPkUvif0QZnlcLMeT8+g+wkIMDP6+Em5K7+jnK75FRZ
gGWOmXPmIdbzAI7cqpTbJgHDS5QvpKHjlYkoRzkWNUUmvNmhulROfXE2bWZmnFWF
udDzjOLKuxaffraVQ9GLQtpeUhT2sy9iEpP3v4JhQu3BLNMVl0i8rlEp8FtPEoES
1vROfpGvsLNIpsQF/BCmBhSKEYqptX8Vq7QfHi2YpQ66PlJcwVlZbv9sLXz/R4PT
QZeOvxHIHC1LGREG9nYhA2et/+h/qCjgI2Vpp7ZpjBqIVg==
-----END CERTIFICATE-----
Generated at Tue Sep 24 23:11:54 2024 by rpki-client on console-fra.rpki-client.org