Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/3138312e37382e38382e302f32322d3234203d3e203532343638.roa
File:                     3138312e37382e38382e302f32322d3234203d3e203532343638.roa (raw, json)
Hash identifier:          T/K6DR23b+chwMfiW9N398srSKhguBQ9L8NTZ1lanVk=
Subject key identifier:   0D:3B:5B:6A:81:1A:67:EC:73:4C:A1:7F:94:43:B4:0A:7E:22:96:6C
Certificate issuer:       /CN=99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50
Certificate serial:       4B6ECE1E35B04B5C87071212FE4EA8ABB489C2E9
Authority key identifier: 99:D9:23:A2:52:7D:78:CB:CA:1B:C2:B6:B1:5D:AC:0F:1F:6C:7E:50
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/3138312e37382e38382e302f32322d3234203d3e203532343638.roa
Signing time:             Tue 05 Mar 2024 18:04:44 +0000
ROA not before:           Tue 05 Mar 2024 17:59:44 +0000
ROA not after:            Tue 04 Mar 2025 18:04:44 +0000
asID:                     52468
IP address blocks:        181.78.88.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 24 Sep 2024 22:10:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:6e:ce:1e:35:b0:4b:5c:87:07:12:12:fe:4e:a8:ab:b4:89:c2:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50
        Validity
            Not Before: Mar  5 17:59:44 2024 GMT
            Not After : Mar  4 18:04:44 2025 GMT
        Subject: CN=0D3B5B6A811A67EC734CA17F9443B40A7E22966C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:b4:ef:7e:69:cd:77:b1:e8:24:ec:83:21:24:
                    5b:74:ef:5f:b1:bc:af:1d:42:59:40:77:ee:32:89:
                    a3:35:67:e3:d3:41:8c:11:5a:a8:7c:db:3b:df:ce:
                    b9:30:2a:33:cd:f9:40:42:a0:39:be:a2:58:04:c5:
                    0b:5c:60:a7:31:17:bc:4c:3d:c7:a3:31:c0:59:20:
                    3b:4c:bb:38:30:89:51:04:40:59:fe:d6:e9:19:42:
                    bb:03:2a:b3:0e:48:82:8d:4a:83:ab:79:8a:98:bb:
                    39:e9:69:f1:05:02:4b:36:c3:f1:d1:4b:c7:cb:0f:
                    21:2e:cf:20:c1:f9:1b:f3:0a:91:91:39:d6:91:f8:
                    c8:c7:64:f8:64:3b:34:b7:68:1c:f0:62:2a:3a:92:
                    0c:52:0d:43:09:78:f9:f6:34:5d:10:ca:14:29:26:
                    98:5a:bb:7a:cc:ce:9a:41:36:cc:6f:de:cc:9f:5e:
                    98:e1:7d:05:6b:fd:9a:ed:07:47:3e:52:78:48:af:
                    fa:0b:d5:ad:54:8d:e1:d0:75:b3:7a:73:42:cf:41:
                    c7:4d:af:a1:cc:1d:fa:68:10:bf:98:bd:dd:e1:66:
                    3d:0a:1f:be:fe:a6:40:29:73:ac:04:88:80:70:6e:
                    e3:cb:17:5b:ac:92:3f:05:54:a6:12:6d:f0:cd:5d:
                    ae:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:3B:5B:6A:81:1A:67:EC:73:4C:A1:7F:94:43:B4:0A:7E:22:96:6C
            X509v3 Authority Key Identifier:
                keyid:99:D9:23:A2:52:7D:78:CB:CA:1B:C2:B6:B1:5D:AC:0F:1F:6C:7E:50

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/3138312e37382e38382e302f32322d3234203d3e203532343638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.78.88.0/22

    Signature Algorithm: sha256WithRSAEncryption
         69:4d:77:6b:a9:05:bc:ec:2b:d9:50:af:40:c3:65:14:9f:6e:
         a8:16:ed:37:00:2e:ca:f4:84:ab:d6:82:17:8f:ca:30:88:46:
         6e:0b:7f:35:85:cc:71:49:74:a4:21:43:a6:55:69:71:f9:ae:
         2f:35:7e:1c:3c:44:85:ae:47:c4:30:34:7b:21:43:7d:8d:16:
         d4:a9:d0:f0:1f:92:6a:eb:ab:44:95:eb:0d:dc:16:5a:37:ce:
         07:cb:1c:cc:91:4e:21:99:5c:d4:8d:cf:7d:41:2a:0d:0c:2e:
         a8:6a:e5:f7:0b:7d:72:21:08:88:02:6a:74:de:f2:77:61:6d:
         b7:3d:58:50:19:72:b4:05:68:d8:88:ce:2d:67:c4:7f:f2:80:
         7d:a3:61:43:25:e8:f6:12:51:2a:5d:ba:a4:ee:9b:2c:d7:68:
         5e:d5:5a:75:b3:06:1e:b5:ef:b6:40:c0:82:91:9d:3f:6b:f5:
         7c:04:29:55:08:b1:3a:b8:7f:e4:4b:b1:6b:ea:27:cd:4e:6d:
         af:08:3e:08:65:71:07:c0:33:1d:72:cd:34:88:76:83:b6:19:
         da:03:48:c8:46:74:e3:cd:08:33:3d:54:7b:47:42:9e:b1:e2:
         4a:a8:55:c2:ab:35:a7:33:92:23:57:23:ea:1c:4e:34:60:01:
         60:60:ef:4a
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUS27OHjWwS1yHBxIS/k6oq7SJwukwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTlEOTIzQTI1MjdENzhDQkNBMUJDMkI2QjE1REFDMEYx
RjZDN0U1MDAeFw0yNDAzMDUxNzU5NDRaFw0yNTAzMDQxODA0NDRaMDMxMTAvBgNV
BAMTKDBEM0I1QjZBODExQTY3RUM3MzRDQTE3Rjk0NDNCNDBBN0UyMjk2NkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVtO9+ac13segk7IMhJFt071+x
vK8dQllAd+4yiaM1Z+PTQYwRWqh82zvfzrkwKjPN+UBCoDm+olgExQtcYKcxF7xM
PcejMcBZIDtMuzgwiVEEQFn+1ukZQrsDKrMOSIKNSoOreYqYuznpafEFAks2w/HR
S8fLDyEuzyDB+RvzCpGROdaR+MjHZPhkOzS3aBzwYio6kgxSDUMJePn2NF0QyhQp
Jphau3rMzppBNsxv3syfXpjhfQVr/ZrtB0c+UnhIr/oL1a1UjeHQdbN6c0LPQcdN
r6HMHfpoEL+Yvd3hZj0KH77+pkApc6wEiIBwbuPLF1uskj8FVKYSbfDNXa6BAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUDTtbaoEaZ+xzTKF/lEO0Cn4ilmwwHwYDVR0j
BBgwFoAUmdkjolJ9eMvKG8K2sV2sDx9sflAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BQUJERjQwOTVGRThCMjI4ODJEMjBCMTZEQjdEMkJGRDM4
MUMwRjlFNjJDNkVCNjU5NDQ3RDQ0QkU3RTFDQkMyLzAvOTlEOTIzQTI1MjdENzhD
QkNBMUJDMkI2QjE1REFDMEYxRjZDN0U1MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85OUQ5MjNBMjUyN0Q3OENCQ0Ex
QkMyQjZCMTVEQUMwRjFGNkM3RTUwLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQUFCREY0MDk1RkU4QjIyODgyRDIwQjE2REI3RDJCRkQzODFDMEY5RTYy
QzZFQjY1OTQ0N0Q0NEJFN0UxQ0JDMi8wLzMxMzgzMTJlMzczODJlMzgzODJlMzAy
ZjMyMzIyZDMyMzQyMDNkM2UyMDM1MzIzNDM2Mzgucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK1TlgwDQYJ
KoZIhvcNAQELBQADggEBAGlNd2upBbzsK9lQr0DDZRSfbqgW7TcALsr0hKvWgheP
yjCIRm4LfzWFzHFJdKQhQ6ZVaXH5ri81fhw8RIWuR8QwNHshQ32NFtSp0PAfkmrr
q0SV6w3cFlo3zgfLHMyRTiGZXNSNz31BKg0MLqhq5fcLfXIhCIgCanTe8ndhbbc9
WFAZcrQFaNiIzi1nxH/ygH2jYUMl6PYSUSpduqTumyzXaF7VWnWzBh6177ZAwIKR
nT9r9XwEKVUIsTq4f+RLsWvqJ81Oba8IPghlcQfAMx1yzTSIdoO2GdoDSMhGdOPN
CDM9VHtHQp6x4kqoVcKrNaczkiNXI+ocTjRgAWBg70o=
-----END CERTIFICATE-----
Generated at Tue Sep 24 23:11:54 2024 by rpki-client on console-fra.rpki-client.org