Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/3138312e37382e3232342e302f32312d3231203d3e203138373437.roa
File:                     3138312e37382e3232342e302f32312d3231203d3e203138373437.roa (raw, json)
Hash identifier:          sa8vmKX2lxrn3oiZrQVNlbCRINfdexZhleOjo3bAAac=
Subject key identifier:   51:C3:25:9E:B0:B4:8F:62:A0:69:9A:F5:41:3E:89:94:70:6C:70:D0
Certificate issuer:       /CN=99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50
Certificate serial:       3A7F13D26773013159859857D1B2CB0777940E27
Authority key identifier: 99:D9:23:A2:52:7D:78:CB:CA:1B:C2:B6:B1:5D:AC:0F:1F:6C:7E:50
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/3138312e37382e3232342e302f32312d3231203d3e203138373437.roa
Signing time:             Tue 05 Mar 2024 18:04:56 +0000
ROA not before:           Tue 05 Mar 2024 17:59:56 +0000
ROA not after:            Tue 04 Mar 2025 18:04:56 +0000
asID:                     18747
IP address blocks:        181.78.224.0/21 maxlen: 21

Validation:               Failed, certificate revoked on Tue 24 Sep 2024 22:10:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:7f:13:d2:67:73:01:31:59:85:98:57:d1:b2:cb:07:77:94:0e:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50
        Validity
            Not Before: Mar  5 17:59:56 2024 GMT
            Not After : Mar  4 18:04:56 2025 GMT
        Subject: CN=51C3259EB0B48F62A0699AF5413E8994706C70D0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:96:04:4b:a4:73:8c:56:a1:ab:f0:cc:82:b4:
                    1b:22:27:9b:d4:89:77:58:26:93:93:7d:fe:ea:6f:
                    76:cc:b3:fb:c6:12:e5:51:e5:d6:02:55:7f:25:15:
                    27:6b:27:1c:7c:99:fc:15:42:be:89:f4:ba:42:4e:
                    bd:f6:7f:30:9b:e0:a4:57:62:17:3a:d1:97:43:37:
                    c2:88:63:8f:45:0b:4a:eb:4e:18:0a:dd:c3:53:4b:
                    33:ba:87:84:ef:cf:7d:3c:ac:57:d3:23:e0:ab:16:
                    ea:d8:06:af:02:0a:87:61:0b:04:ed:c2:3f:f5:4a:
                    27:6b:ad:f1:40:85:6d:df:28:b4:c3:d7:44:ae:f5:
                    ed:d2:63:d0:bd:40:36:43:3f:e3:cd:4a:01:89:76:
                    53:e1:61:41:a3:68:5a:d5:28:93:90:0d:44:fd:a3:
                    66:f7:ad:a8:8d:4d:3e:26:b6:64:96:35:88:6e:c1:
                    64:d3:86:9c:b6:14:35:c3:b8:55:91:20:53:85:7b:
                    4d:29:c2:7e:3f:e2:e3:06:22:88:78:03:c3:58:25:
                    3f:4b:5b:59:db:f3:ad:5b:c8:42:fe:70:a6:c6:66:
                    74:59:40:e6:60:24:35:2b:43:af:db:fd:a0:7c:67:
                    ec:33:98:fc:79:28:15:0f:ab:21:0c:31:70:e6:e8:
                    66:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:C3:25:9E:B0:B4:8F:62:A0:69:9A:F5:41:3E:89:94:70:6C:70:D0
            X509v3 Authority Key Identifier:
                keyid:99:D9:23:A2:52:7D:78:CB:CA:1B:C2:B6:B1:5D:AC:0F:1F:6C:7E:50

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/3138312e37382e3232342e302f32312d3231203d3e203138373437.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.78.224.0/21

    Signature Algorithm: sha256WithRSAEncryption
         a5:e6:95:3a:d0:7d:40:44:64:76:66:24:57:20:06:b2:c9:70:
         4c:b8:d9:f3:c0:d2:ab:ef:6f:c0:75:53:5d:2f:f2:8b:b1:28:
         b9:8a:0a:7e:28:a4:7d:8f:b6:ba:01:a2:3e:4a:e6:fd:91:63:
         7f:d3:b9:14:79:52:49:42:45:53:a8:99:ab:ca:ec:ad:c0:5a:
         a1:84:a3:94:b0:83:8b:7e:2c:98:d1:3f:6d:b4:36:65:4e:8e:
         28:8a:81:af:0b:4b:4c:48:52:82:79:31:c2:b3:55:c3:5d:fa:
         06:5e:3f:ee:65:c9:5a:01:b3:72:42:e7:d2:86:0b:9e:be:65:
         71:2d:23:1e:40:c3:49:4e:3f:a5:a3:b5:2f:cf:6c:c8:a0:bd:
         d1:a0:78:05:a6:9c:35:23:6a:67:36:62:c1:b2:85:08:9e:6f:
         aa:67:bf:51:c4:7f:37:1e:2b:0a:53:05:9f:20:4b:c5:1a:55:
         c3:42:cb:4a:a0:ef:7f:07:a7:b3:a1:ff:a8:04:50:e2:d5:03:
         98:6c:0f:e7:4a:ce:d1:74:ef:60:43:69:8b:06:fe:b7:74:72:
         86:d7:57:05:f8:75:1a:f8:1e:cd:ff:e2:9f:84:db:d5:c0:14:
         4e:ff:86:3d:d4:c6:17:ac:0d:c3:70:df:69:82:a9:f9:53:6c:
         24:0c:c4:45
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUOn8T0mdzATFZhZhX0bLLB3eUDicwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTlEOTIzQTI1MjdENzhDQkNBMUJDMkI2QjE1REFDMEYx
RjZDN0U1MDAeFw0yNDAzMDUxNzU5NTZaFw0yNTAzMDQxODA0NTZaMDMxMTAvBgNV
BAMTKDUxQzMyNTlFQjBCNDhGNjJBMDY5OUFGNTQxM0U4OTk0NzA2QzcwRDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0lgRLpHOMVqGr8MyCtBsiJ5vU
iXdYJpOTff7qb3bMs/vGEuVR5dYCVX8lFSdrJxx8mfwVQr6J9LpCTr32fzCb4KRX
Yhc60ZdDN8KIY49FC0rrThgK3cNTSzO6h4Tvz308rFfTI+CrFurYBq8CCodhCwTt
wj/1SidrrfFAhW3fKLTD10Su9e3SY9C9QDZDP+PNSgGJdlPhYUGjaFrVKJOQDUT9
o2b3raiNTT4mtmSWNYhuwWTThpy2FDXDuFWRIFOFe00pwn4/4uMGIoh4A8NYJT9L
W1nb861byEL+cKbGZnRZQOZgJDUrQ6/b/aB8Z+wzmPx5KBUPqyEMMXDm6GYVAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUUcMlnrC0j2KgaZr1QT6JlHBscNAwHwYDVR0j
BBgwFoAUmdkjolJ9eMvKG8K2sV2sDx9sflAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BQUJERjQwOTVGRThCMjI4ODJEMjBCMTZEQjdEMkJGRDM4
MUMwRjlFNjJDNkVCNjU5NDQ3RDQ0QkU3RTFDQkMyLzAvOTlEOTIzQTI1MjdENzhD
QkNBMUJDMkI2QjE1REFDMEYxRjZDN0U1MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85OUQ5MjNBMjUyN0Q3OENCQ0Ex
QkMyQjZCMTVEQUMwRjFGNkM3RTUwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQUFCREY0MDk1RkU4QjIyODgyRDIwQjE2REI3RDJCRkQzODFDMEY5RTYy
QzZFQjY1OTQ0N0Q0NEJFN0UxQ0JDMi8wLzMxMzgzMTJlMzczODJlMzIzMjM0MmUz
MDJmMzIzMTJkMzIzMTIwM2QzZTIwMzEzODM3MzQzNy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7VO4DAN
BgkqhkiG9w0BAQsFAAOCAQEApeaVOtB9QERkdmYkVyAGsslwTLjZ88DSq+9vwHVT
XS/yi7EouYoKfiikfY+2ugGiPkrm/ZFjf9O5FHlSSUJFU6iZq8rsrcBaoYSjlLCD
i34smNE/bbQ2ZU6OKIqBrwtLTEhSgnkxwrNVw136Bl4/7mXJWgGzckLn0oYLnr5l
cS0jHkDDSU4/paO1L89syKC90aB4BaacNSNqZzZiwbKFCJ5vqme/UcR/Nx4rClMF
nyBLxRpVw0LLSqDvfwens6H/qARQ4tUDmGwP50rO0XTvYENpiwb+t3RyhtdXBfh1
Gvgezf/in4Tb1cAUTv+GPdTGF6wNw3DfaYKp+VNsJAzERQ==
-----END CERTIFICATE-----