Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/3138312e37382e39362e302f32312d3231203d3e203138373437.roa
File:                     3138312e37382e39362e302f32312d3231203d3e203138373437.roa (raw, json)
Hash identifier:          FBxTMaCDTilFqir2qP9BoJ13TPZ8VrFikQtVDpzUEMw=
Subject key identifier:   9E:21:39:D0:13:8A:EF:14:33:7F:94:03:77:DB:E1:06:3F:D6:CD:0D
Certificate issuer:       /CN=99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50
Certificate serial:       65DEDBA1B4224D1EFBD742D1BC7D191C9B324C2A
Authority key identifier: 99:D9:23:A2:52:7D:78:CB:CA:1B:C2:B6:B1:5D:AC:0F:1F:6C:7E:50
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/3138312e37382e39362e302f32312d3231203d3e203138373437.roa
Signing time:             Tue 05 Mar 2024 18:04:28 +0000
ROA not before:           Tue 05 Mar 2024 17:59:28 +0000
ROA not after:            Tue 04 Mar 2025 18:04:28 +0000
asID:                     18747
IP address blocks:        181.78.96.0/21 maxlen: 21

Validation:               Failed, certificate revoked on Tue 24 Sep 2024 22:10:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:de:db:a1:b4:22:4d:1e:fb:d7:42:d1:bc:7d:19:1c:9b:32:4c:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50
        Validity
            Not Before: Mar  5 17:59:28 2024 GMT
            Not After : Mar  4 18:04:28 2025 GMT
        Subject: CN=9E2139D0138AEF14337F940377DBE1063FD6CD0D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:79:d1:d0:11:32:e5:5d:2b:97:8e:a4:cf:84:
                    56:82:fd:1f:b6:5d:b2:78:d4:9c:e6:ee:06:5f:00:
                    8e:7e:19:4b:8b:d0:30:8d:2e:e4:70:e1:0e:fc:93:
                    01:70:5b:63:d1:39:1c:0b:bb:e9:40:7d:ba:7a:b1:
                    69:82:9f:7b:4b:bc:09:40:4e:df:47:f4:a3:fc:49:
                    78:c2:5c:6b:a0:2d:d7:de:63:ba:2d:84:1e:8e:4d:
                    24:64:e6:60:45:a0:8f:b3:2c:05:cb:2b:78:ea:99:
                    e6:90:76:90:2a:dd:58:d3:54:88:3b:c7:35:9e:a4:
                    79:4d:c6:17:3a:7f:c6:ba:27:b7:82:7d:63:75:98:
                    09:d9:7c:9d:f0:31:23:e6:41:66:6a:f7:70:95:fa:
                    9a:b1:c1:22:f7:3c:8e:79:26:5c:1d:a3:d0:bf:89:
                    20:28:1d:89:e6:14:7c:81:6b:08:a9:8a:84:44:fa:
                    22:0e:73:7f:8e:6c:ee:54:06:67:bc:25:05:59:c9:
                    28:f2:fe:d3:0d:91:7d:e3:74:93:d0:d3:67:c0:63:
                    4b:74:4c:41:4b:91:bb:11:77:00:0f:9a:cc:a3:91:
                    ce:1e:9b:bf:bb:05:38:d4:ce:af:6e:46:52:35:d4:
                    fd:d4:bc:9c:0d:9b:cf:e5:8b:6e:5d:08:32:14:6e:
                    94:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:21:39:D0:13:8A:EF:14:33:7F:94:03:77:DB:E1:06:3F:D6:CD:0D
            X509v3 Authority Key Identifier:
                keyid:99:D9:23:A2:52:7D:78:CB:CA:1B:C2:B6:B1:5D:AC:0F:1F:6C:7E:50

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/3138312e37382e39362e302f32312d3231203d3e203138373437.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.78.96.0/21

    Signature Algorithm: sha256WithRSAEncryption
         93:02:d3:b9:35:c2:1a:51:85:1d:0c:03:37:06:a0:3b:31:ad:
         12:33:f6:3e:4d:fb:6d:92:13:da:be:45:af:5c:13:80:96:8d:
         50:67:11:8f:f4:fb:85:ce:51:2c:80:56:7d:e3:62:3b:ff:6a:
         0d:58:5f:f5:92:7f:1e:16:b9:3b:a7:08:75:8e:a0:1b:8e:f0:
         f4:3e:e2:56:d0:42:ce:2c:6a:56:44:90:93:b7:9a:b7:6f:7e:
         2d:25:de:fd:4e:2e:be:46:67:50:3d:43:5e:ff:de:70:d4:7a:
         b3:06:5a:28:dc:3d:f2:76:f7:88:08:15:4c:1a:6d:39:cb:44:
         f1:ae:16:34:74:35:49:8a:56:45:77:ef:cd:e9:5d:63:6e:b7:
         bf:a3:65:99:58:a2:e8:b4:7a:fe:6f:f2:68:83:10:15:46:cf:
         bc:1f:e4:7c:e8:83:69:c2:72:cc:44:9a:eb:86:58:3c:b3:4b:
         55:5c:9b:3a:38:6a:81:2a:6f:64:cd:bd:c4:58:c9:f6:f6:8a:
         e1:68:c8:05:10:32:ce:af:2c:e3:f3:90:0d:43:8d:e4:29:f1:
         5b:e5:5c:11:ae:eb:4d:77:b6:f5:4a:34:f8:af:b1:cf:36:cb:
         28:da:de:0d:44:76:ca:4b:97:bf:0f:7e:d8:23:c0:76:92:b2:
         df:0a:d1:d7
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUZd7bobQiTR7710LRvH0ZHJsyTCowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTlEOTIzQTI1MjdENzhDQkNBMUJDMkI2QjE1REFDMEYx
RjZDN0U1MDAeFw0yNDAzMDUxNzU5MjhaFw0yNTAzMDQxODA0MjhaMDMxMTAvBgNV
BAMTKDlFMjEzOUQwMTM4QUVGMTQzMzdGOTQwMzc3REJFMTA2M0ZENkNEMEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCedHQETLlXSuXjqTPhFaC/R+2
XbJ41Jzm7gZfAI5+GUuL0DCNLuRw4Q78kwFwW2PRORwLu+lAfbp6sWmCn3tLvAlA
Tt9H9KP8SXjCXGugLdfeY7othB6OTSRk5mBFoI+zLAXLK3jqmeaQdpAq3VjTVIg7
xzWepHlNxhc6f8a6J7eCfWN1mAnZfJ3wMSPmQWZq93CV+pqxwSL3PI55Jlwdo9C/
iSAoHYnmFHyBawipioRE+iIOc3+ObO5UBme8JQVZySjy/tMNkX3jdJPQ02fAY0t0
TEFLkbsRdwAPmsyjkc4em7+7BTjUzq9uRlI11P3UvJwNm8/li25dCDIUbpSBAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUniE50BOK7xQzf5QDd9vhBj/WzQ0wHwYDVR0j
BBgwFoAUmdkjolJ9eMvKG8K2sV2sDx9sflAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BQUJERjQwOTVGRThCMjI4ODJEMjBCMTZEQjdEMkJGRDM4
MUMwRjlFNjJDNkVCNjU5NDQ3RDQ0QkU3RTFDQkMyLzAvOTlEOTIzQTI1MjdENzhD
QkNBMUJDMkI2QjE1REFDMEYxRjZDN0U1MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85OUQ5MjNBMjUyN0Q3OENCQ0Ex
QkMyQjZCMTVEQUMwRjFGNkM3RTUwLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQUFCREY0MDk1RkU4QjIyODgyRDIwQjE2REI3RDJCRkQzODFDMEY5RTYy
QzZFQjY1OTQ0N0Q0NEJFN0UxQ0JDMi8wLzMxMzgzMTJlMzczODJlMzkzNjJlMzAy
ZjMyMzEyZDMyMzEyMDNkM2UyMDMxMzgzNzM0Mzcucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAO1TmAwDQYJ
KoZIhvcNAQELBQADggEBAJMC07k1whpRhR0MAzcGoDsxrRIz9j5N+22SE9q+Ra9c
E4CWjVBnEY/0+4XOUSyAVn3jYjv/ag1YX/WSfx4WuTunCHWOoBuO8PQ+4lbQQs4s
alZEkJO3mrdvfi0l3v1OLr5GZ1A9Q17/3nDUerMGWijcPfJ294gIFUwabTnLRPGu
FjR0NUmKVkV3783pXWNut7+jZZlYoui0ev5v8miDEBVGz7wf5Hzog2nCcsxEmuuG
WDyzS1Vcmzo4aoEqb2TNvcRYyfb2iuFoyAUQMs6vLOPzkA1DjeQp8VvlXBGu6013
tvVKNPivsc82yyja3g1EdspLl78PftgjwHaSst8K0dc=
-----END CERTIFICATE-----