Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/3138312e37392e3139352e302f32342d3234203d3e203532343638.roa
File:                     3138312e37392e3139352e302f32342d3234203d3e203532343638.roa (raw, json)
Hash identifier:          2ep/0rm5qX6IA13s2WzHXPoM+fRnNapv/zWnOkWpqlg=
Subject key identifier:   4B:11:80:0A:40:F5:C0:9D:58:3D:A5:96:27:B2:8E:1C:EB:AC:AA:D8
Certificate issuer:       /CN=99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50
Certificate serial:       5DF2BCCE433711113A00F3D4668AEA76A66C15B2
Authority key identifier: 99:D9:23:A2:52:7D:78:CB:CA:1B:C2:B6:B1:5D:AC:0F:1F:6C:7E:50
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/3138312e37392e3139352e302f32342d3234203d3e203532343638.roa
Signing time:             Mon 15 Jul 2024 15:40:00 +0000
ROA not before:           Mon 15 Jul 2024 15:35:00 +0000
ROA not after:            Mon 14 Jul 2025 15:40:00 +0000
asID:                     52468
IP address blocks:        181.79.195.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 24 Sep 2024 22:10:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5d:f2:bc:ce:43:37:11:11:3a:00:f3:d4:66:8a:ea:76:a6:6c:15:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50
        Validity
            Not Before: Jul 15 15:35:00 2024 GMT
            Not After : Jul 14 15:40:00 2025 GMT
        Subject: CN=4B11800A40F5C09D583DA59627B28E1CEBACAAD8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:0e:21:42:c4:6e:e9:43:4c:04:ec:45:89:51:
                    2e:ba:af:0d:5b:57:e0:ca:cb:17:ce:2f:bd:26:f4:
                    81:49:9b:6b:2d:9f:9d:3f:bb:7c:4c:d2:7f:5d:8a:
                    6d:ef:f3:6c:52:10:2e:0b:7d:e7:61:14:07:b5:41:
                    13:08:c9:ca:c9:a3:5f:f4:85:1c:e8:ca:de:61:76:
                    58:59:20:f7:85:ac:c1:49:c4:65:84:90:3a:29:0b:
                    9d:1d:89:7b:e5:65:ba:03:93:72:59:f5:71:7d:87:
                    e4:8d:b9:fa:51:3e:2a:54:1f:4d:b1:5b:a2:ce:a9:
                    d5:75:4d:bd:cf:e3:33:e5:e3:db:d1:47:7a:b4:a1:
                    71:a3:fa:73:aa:b0:51:b5:8f:85:8b:fa:33:65:00:
                    34:c0:cc:90:ff:b4:c5:36:09:00:72:b2:5c:2a:44:
                    95:7e:bc:6f:e8:77:3f:4b:0d:57:be:68:8c:42:64:
                    3b:b7:06:de:2e:19:f8:f1:06:cd:bf:f3:18:94:ef:
                    13:0f:1e:ea:25:be:2c:9e:d6:ee:f3:21:51:43:fb:
                    f3:2e:92:d9:22:88:71:06:ab:dc:da:9d:b5:07:f4:
                    54:e6:0b:d2:5a:8c:9a:40:e3:42:27:b8:c8:7a:96:
                    1a:c6:54:84:28:ea:78:04:52:ac:e2:f7:82:cd:5a:
                    9d:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:11:80:0A:40:F5:C0:9D:58:3D:A5:96:27:B2:8E:1C:EB:AC:AA:D8
            X509v3 Authority Key Identifier:
                keyid:99:D9:23:A2:52:7D:78:CB:CA:1B:C2:B6:B1:5D:AC:0F:1F:6C:7E:50

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/3138312e37392e3139352e302f32342d3234203d3e203532343638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.79.195.0/24

    Signature Algorithm: sha256WithRSAEncryption
         36:85:45:99:16:2e:3e:aa:58:f3:4a:c5:30:28:a5:12:64:1a:
         52:6a:46:80:31:01:52:5e:3d:6a:bf:73:92:92:9a:ec:19:17:
         03:a2:92:33:8a:0a:6f:5a:1b:dd:34:09:26:28:86:c6:7d:49:
         80:0d:45:b6:a9:6f:16:ec:c9:02:39:6c:29:33:75:9d:ef:3e:
         2b:67:2f:ee:30:7d:3b:66:22:11:c2:b3:d7:4a:20:5f:d1:97:
         68:de:ef:7b:96:77:9f:39:25:a6:8d:a6:db:50:79:2d:45:18:
         17:24:b9:02:6e:b9:7d:8e:67:01:b7:07:38:93:a7:07:2d:3a:
         5e:97:b1:5c:a2:fb:41:de:7f:c2:e9:81:ba:a1:5f:a5:51:1c:
         9c:b7:86:94:ce:17:1f:31:71:89:2a:85:4e:6f:f2:be:05:ce:
         3b:63:34:49:09:f4:55:f0:ae:cc:83:30:ef:a5:29:9f:f3:ba:
         3e:e7:8f:9a:46:2a:e4:47:10:47:04:9d:9f:63:be:41:57:ab:
         46:f9:b8:d7:c7:6d:3f:4c:ad:e0:be:9b:33:b0:e5:6b:55:c4:
         51:46:62:75:f1:e3:ef:74:a3:a7:27:41:3c:ff:28:fe:6b:a7:
         39:ba:68:8b:d6:8d:1b:04:12:73:5e:b5:09:f4:51:b2:93:8d:
         c8:9b:c5:14
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUXfK8zkM3ERE6APPUZorqdqZsFbIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTlEOTIzQTI1MjdENzhDQkNBMUJDMkI2QjE1REFDMEYx
RjZDN0U1MDAeFw0yNDA3MTUxNTM1MDBaFw0yNTA3MTQxNTQwMDBaMDMxMTAvBgNV
BAMTKDRCMTE4MDBBNDBGNUMwOUQ1ODNEQTU5NjI3QjI4RTFDRUJBQ0FBRDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlDiFCxG7pQ0wE7EWJUS66rw1b
V+DKyxfOL70m9IFJm2stn50/u3xM0n9dim3v82xSEC4LfedhFAe1QRMIycrJo1/0
hRzoyt5hdlhZIPeFrMFJxGWEkDopC50diXvlZboDk3JZ9XF9h+SNufpRPipUH02x
W6LOqdV1Tb3P4zPl49vRR3q0oXGj+nOqsFG1j4WL+jNlADTAzJD/tMU2CQByslwq
RJV+vG/odz9LDVe+aIxCZDu3Bt4uGfjxBs2/8xiU7xMPHuolviye1u7zIVFD+/Mu
ktkiiHEGq9zanbUH9FTmC9JajJpA40InuMh6lhrGVIQo6ngEUqzi94LNWp0TAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUSxGACkD1wJ1YPaWWJ7KOHOusqtgwHwYDVR0j
BBgwFoAUmdkjolJ9eMvKG8K2sV2sDx9sflAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BQUJERjQwOTVGRThCMjI4ODJEMjBCMTZEQjdEMkJGRDM4
MUMwRjlFNjJDNkVCNjU5NDQ3RDQ0QkU3RTFDQkMyLzAvOTlEOTIzQTI1MjdENzhD
QkNBMUJDMkI2QjE1REFDMEYxRjZDN0U1MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85OUQ5MjNBMjUyN0Q3OENCQ0Ex
QkMyQjZCMTVEQUMwRjFGNkM3RTUwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQUFCREY0MDk1RkU4QjIyODgyRDIwQjE2REI3RDJCRkQzODFDMEY5RTYy
QzZFQjY1OTQ0N0Q0NEJFN0UxQ0JDMi8wLzMxMzgzMTJlMzczOTJlMzEzOTM1MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzMjM0MzYzOC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALVPwzAN
BgkqhkiG9w0BAQsFAAOCAQEANoVFmRYuPqpY80rFMCilEmQaUmpGgDEBUl49ar9z
kpKa7BkXA6KSM4oKb1ob3TQJJiiGxn1JgA1FtqlvFuzJAjlsKTN1ne8+K2cv7jB9
O2YiEcKz10ogX9GXaN7ve5Z3nzklpo2m21B5LUUYFyS5Am65fY5nAbcHOJOnBy06
XpexXKL7Qd5/wumBuqFfpVEcnLeGlM4XHzFxiSqFTm/yvgXOO2M0SQn0VfCuzIMw
76Upn/O6PuePmkYq5EcQRwSdn2O+QVerRvm418dtP0yt4L6bM7Dla1XEUUZidfHj
73SjpydBPP8o/munObpoi9aNGwQSc161CfRRspONyJvFFA==
-----END CERTIFICATE-----
Generated at Tue Sep 24 23:11:54 2024 by rpki-client on console-fra.rpki-client.org