Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/3138312e37382e3139322e302f32302d3234203d3e20323634363638.roa
File:                     3138312e37382e3139322e302f32302d3234203d3e20323634363638.roa (raw, json)
Hash identifier:          RcUppHz5LEEg//v3B6twHRH8A549H8Pzxyjkcfal4yY=
Subject key identifier:   AE:EF:0E:99:A8:4A:24:6D:F1:13:E4:63:D5:E6:91:17:A4:1B:C6:8D
Certificate issuer:       /CN=99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50
Certificate serial:       688FE9F58EDC49CB0B4F06F4D3B052A1364BBD17
Authority key identifier: 99:D9:23:A2:52:7D:78:CB:CA:1B:C2:B6:B1:5D:AC:0F:1F:6C:7E:50
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/3138312e37382e3139322e302f32302d3234203d3e20323634363638.roa
Signing time:             Tue 05 Mar 2024 18:04:35 +0000
ROA not before:           Tue 05 Mar 2024 17:59:35 +0000
ROA not after:            Tue 04 Mar 2025 18:04:35 +0000
asID:                     264668
IP address blocks:        181.78.192.0/20 maxlen: 24

Validation:               Failed, certificate revoked on Tue 24 Sep 2024 22:10:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:8f:e9:f5:8e:dc:49:cb:0b:4f:06:f4:d3:b0:52:a1:36:4b:bd:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50
        Validity
            Not Before: Mar  5 17:59:35 2024 GMT
            Not After : Mar  4 18:04:35 2025 GMT
        Subject: CN=AEEF0E99A84A246DF113E463D5E69117A41BC68D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:66:15:57:d7:8c:68:8b:cd:58:b7:30:62:ff:
                    5a:23:1b:76:24:11:57:9c:cc:c5:a1:0a:54:eb:e9:
                    65:5e:c1:71:7c:52:ce:39:9c:81:e8:c7:91:81:8f:
                    90:98:99:c6:40:6b:42:17:0a:f3:25:32:52:3a:02:
                    27:ce:4e:d9:2f:53:bb:bd:21:88:8b:8c:44:28:1a:
                    1d:e0:32:80:2b:20:9c:be:96:f2:50:1f:ef:ac:f7:
                    b4:79:28:ac:28:44:a5:6c:f6:22:de:12:cb:6c:1e:
                    7f:08:7a:41:22:0f:2b:a9:ed:1a:bc:17:ad:0a:09:
                    4d:7d:1e:f5:ad:86:89:22:19:68:87:dc:71:ba:5e:
                    f0:5c:c5:11:47:9e:92:88:29:9b:a5:bd:53:9b:44:
                    72:f8:f7:90:7e:bb:2a:fa:4b:b3:eb:ac:04:17:ee:
                    5e:ed:b2:6d:8f:7b:27:d2:90:c1:c4:87:dc:1e:58:
                    df:e6:81:37:92:f7:27:74:2f:63:68:0b:7b:68:a0:
                    65:93:48:44:b5:65:07:1c:29:9b:ef:3d:4c:67:44:
                    e0:91:8a:93:b5:be:9e:7b:70:97:f5:83:99:2d:b9:
                    f1:45:05:2e:d9:af:53:7c:f6:ef:4f:79:f7:5d:31:
                    f0:68:d4:f1:c1:73:3d:df:aa:13:0a:86:ac:a1:3e:
                    56:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:EF:0E:99:A8:4A:24:6D:F1:13:E4:63:D5:E6:91:17:A4:1B:C6:8D
            X509v3 Authority Key Identifier:
                keyid:99:D9:23:A2:52:7D:78:CB:CA:1B:C2:B6:B1:5D:AC:0F:1F:6C:7E:50

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/3138312e37382e3139322e302f32302d3234203d3e20323634363638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.78.192.0/20

    Signature Algorithm: sha256WithRSAEncryption
         1d:4e:07:8c:bd:6c:c0:8a:ae:a1:9f:9a:3f:c7:0f:13:46:91:
         f2:1f:0b:94:02:e7:b9:d6:a5:e0:0e:29:f8:95:f8:2c:36:09:
         d2:09:88:8f:46:bc:1e:cf:ba:04:d4:c1:82:3c:77:31:fa:15:
         6d:65:60:1c:04:96:51:38:24:e8:55:2c:c9:ca:10:85:ca:94:
         93:21:c3:de:1f:29:fa:07:83:bc:56:e0:7d:5b:f3:56:1d:64:
         a8:43:a2:e0:d5:58:0a:1f:80:f0:15:26:8b:68:65:c2:ab:1d:
         28:24:19:ff:0e:b5:a5:85:d2:9e:56:4f:ee:f3:ad:75:65:7a:
         a2:1b:28:dd:7c:a4:54:94:b6:ea:89:a0:80:8b:77:26:58:82:
         4f:5a:c3:89:5a:c0:90:d7:4d:4a:1a:4b:a9:0b:46:7a:ab:41:
         dd:ee:5f:11:1d:02:ec:e7:71:e0:e1:06:e0:fa:79:1a:de:ac:
         0a:5b:c1:b5:46:ee:46:7d:9a:11:6c:a1:5f:2d:51:6f:96:05:
         85:40:83:11:9e:2d:d0:6f:cf:22:c6:68:70:29:ae:7a:82:2e:
         45:9a:51:a8:56:eb:44:53:a1:9f:5d:0b:e9:3e:62:93:b3:05:
         01:1a:4c:af:36:98:73:93:eb:8c:3b:df:c5:bc:3a:f6:b5:fe:
         ff:15:f6:db
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUaI/p9Y7cScsLTwb007BSoTZLvRcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTlEOTIzQTI1MjdENzhDQkNBMUJDMkI2QjE1REFDMEYx
RjZDN0U1MDAeFw0yNDAzMDUxNzU5MzVaFw0yNTAzMDQxODA0MzVaMDMxMTAvBgNV
BAMTKEFFRUYwRTk5QTg0QTI0NkRGMTEzRTQ2M0Q1RTY5MTE3QTQxQkM2OEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClZhVX14xoi81YtzBi/1ojG3Yk
EVeczMWhClTr6WVewXF8Us45nIHox5GBj5CYmcZAa0IXCvMlMlI6AifOTtkvU7u9
IYiLjEQoGh3gMoArIJy+lvJQH++s97R5KKwoRKVs9iLeEstsHn8IekEiDyup7Rq8
F60KCU19HvWthokiGWiH3HG6XvBcxRFHnpKIKZulvVObRHL495B+uyr6S7PrrAQX
7l7tsm2PeyfSkMHEh9weWN/mgTeS9yd0L2NoC3tooGWTSES1ZQccKZvvPUxnROCR
ipO1vp57cJf1g5ktufFFBS7Zr1N89u9PefddMfBo1PHBcz3fqhMKhqyhPlZXAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUru8OmahKJG3xE+Rj1eaRF6Qbxo0wHwYDVR0j
BBgwFoAUmdkjolJ9eMvKG8K2sV2sDx9sflAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BQUJERjQwOTVGRThCMjI4ODJEMjBCMTZEQjdEMkJGRDM4
MUMwRjlFNjJDNkVCNjU5NDQ3RDQ0QkU3RTFDQkMyLzAvOTlEOTIzQTI1MjdENzhD
QkNBMUJDMkI2QjE1REFDMEYxRjZDN0U1MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85OUQ5MjNBMjUyN0Q3OENCQ0Ex
QkMyQjZCMTVEQUMwRjFGNkM3RTUwLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQUFCREY0MDk1RkU4QjIyODgyRDIwQjE2REI3RDJCRkQzODFDMEY5RTYy
QzZFQjY1OTQ0N0Q0NEJFN0UxQ0JDMi8wLzMxMzgzMTJlMzczODJlMzEzOTMyMmUz
MDJmMzIzMDJkMzIzNDIwM2QzZTIwMzIzNjM0MzYzNjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEtU7A
MA0GCSqGSIb3DQEBCwUAA4IBAQAdTgeMvWzAiq6hn5o/xw8TRpHyHwuUAue51qXg
Din4lfgsNgnSCYiPRrwez7oE1MGCPHcx+hVtZWAcBJZROCToVSzJyhCFypSTIcPe
Hyn6B4O8VuB9W/NWHWSoQ6Lg1VgKH4DwFSaLaGXCqx0oJBn/DrWlhdKeVk/u8611
ZXqiGyjdfKRUlLbqiaCAi3cmWIJPWsOJWsCQ101KGkupC0Z6q0Hd7l8RHQLs53Hg
4Qbg+nka3qwKW8G1Ru5GfZoRbKFfLVFvlgWFQIMRni3Qb88ixmhwKa56gi5FmlGo
VutEU6GfXQvpPmKTswUBGkyvNphzk+uMO9/FvDr2tf7/Ffbb
-----END CERTIFICATE-----
Generated at Tue Sep 24 23:11:54 2024 by rpki-client on console-fra.rpki-client.org