Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/3138312e37392e3232312e302f32342d3234203d3e203532343638.roa
File:                     3138312e37392e3232312e302f32342d3234203d3e203532343638.roa (raw, json)
Hash identifier:          UzkDq2CWqTnuevjYa5k7wThvIJc4w3RItyCHftTcO6c=
Subject key identifier:   0B:CC:1D:82:EF:54:A0:E5:D3:30:67:EE:30:80:2C:0B:C1:41:35:92
Certificate issuer:       /CN=99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50
Certificate serial:       15BF6A38E21757A2644A40C915C26D4CA77D6801
Authority key identifier: 99:D9:23:A2:52:7D:78:CB:CA:1B:C2:B6:B1:5D:AC:0F:1F:6C:7E:50
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/3138312e37392e3232312e302f32342d3234203d3e203532343638.roa
Signing time:             Tue 05 Mar 2024 18:04:39 +0000
ROA not before:           Tue 05 Mar 2024 17:59:39 +0000
ROA not after:            Tue 04 Mar 2025 18:04:39 +0000
asID:                     52468
IP address blocks:        181.79.221.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 24 Sep 2024 22:10:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:bf:6a:38:e2:17:57:a2:64:4a:40:c9:15:c2:6d:4c:a7:7d:68:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50
        Validity
            Not Before: Mar  5 17:59:39 2024 GMT
            Not After : Mar  4 18:04:39 2025 GMT
        Subject: CN=0BCC1D82EF54A0E5D33067EE30802C0BC1413592
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:95:11:0e:e5:93:8c:81:d6:55:0c:6b:47:0d:
                    59:37:23:02:60:7d:c7:2b:66:96:86:d7:1e:54:6c:
                    b9:62:8c:f2:97:eb:d4:23:f6:3c:e7:cf:71:ae:ba:
                    cb:51:9f:1c:01:1f:6b:a6:f7:5d:54:2d:5c:7b:7a:
                    da:6a:66:ca:3b:30:89:f2:64:dc:55:10:5c:80:fc:
                    95:0c:23:28:a8:e1:a3:90:e3:6a:d1:8c:7d:b5:88:
                    aa:52:59:f8:26:22:60:8c:8b:9e:ae:d2:ae:c3:91:
                    33:a0:b0:01:8b:d7:2a:e3:ca:47:25:fb:67:0e:c9:
                    34:4c:d3:b5:37:51:b9:3e:ce:92:0f:ba:97:e6:2d:
                    1e:86:57:aa:48:98:e9:8f:3a:e7:b6:b4:34:9b:2e:
                    9b:1d:06:0a:42:c9:30:2c:9f:ac:8f:f9:df:0a:8d:
                    73:52:a4:98:80:4b:3d:48:82:91:0b:5e:36:70:33:
                    f0:3d:32:50:c9:c1:67:6c:7d:5e:2a:85:31:f9:e9:
                    35:97:b5:19:95:f2:5c:44:c1:97:ba:df:d2:32:23:
                    fd:83:ab:d1:c9:00:c5:fd:69:0c:1b:e0:86:7f:f7:
                    40:f5:02:ba:15:23:e0:fe:88:65:00:64:cb:7f:74:
                    c3:f5:b3:09:2a:de:6c:59:02:d0:b8:40:c8:f1:cb:
                    16:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:CC:1D:82:EF:54:A0:E5:D3:30:67:EE:30:80:2C:0B:C1:41:35:92
            X509v3 Authority Key Identifier:
                keyid:99:D9:23:A2:52:7D:78:CB:CA:1B:C2:B6:B1:5D:AC:0F:1F:6C:7E:50

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/3138312e37392e3232312e302f32342d3234203d3e203532343638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.79.221.0/24

    Signature Algorithm: sha256WithRSAEncryption
         87:d8:30:17:0c:28:db:3b:69:33:9d:80:c6:b0:9d:fd:cb:7a:
         db:3d:58:f8:eb:18:32:ae:b8:c6:04:71:1e:e6:44:88:13:71:
         d3:60:e0:0b:33:59:ee:53:de:46:13:f3:34:05:6f:21:17:ae:
         30:f5:04:6b:34:ac:71:32:98:75:55:62:61:04:46:de:c2:1d:
         f2:91:2c:e5:2b:2d:b9:3f:39:ff:90:bd:54:f7:b8:84:45:e1:
         40:6b:ad:4b:cf:3a:ba:d3:4a:0c:fb:38:d0:d5:f5:96:90:ec:
         5c:97:11:e6:5f:00:88:15:2a:4e:da:7b:de:b8:90:db:2f:37:
         27:7c:01:d8:16:d7:8d:1f:70:04:34:e5:f0:49:94:da:b1:5d:
         f0:e2:ba:47:1d:ad:61:aa:7f:68:99:3a:c0:2b:03:21:b7:f1:
         93:d3:c9:09:bc:bf:e2:f3:e9:b3:2b:27:2d:6e:5a:32:31:e3:
         b0:0a:35:9f:ef:83:6a:2f:27:be:37:43:bc:5b:37:f3:ef:f4:
         3d:2a:58:84:5b:15:ac:16:8f:97:d1:31:01:d9:ad:04:33:9b:
         56:f0:71:da:19:15:00:c9:32:7d:24:3b:60:5b:88:de:e4:bf:
         96:72:01:6e:fa:32:c3:2e:3c:90:8b:5c:27:4e:4d:07:10:e9:
         0f:15:fd:df
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUFb9qOOIXV6JkSkDJFcJtTKd9aAEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTlEOTIzQTI1MjdENzhDQkNBMUJDMkI2QjE1REFDMEYx
RjZDN0U1MDAeFw0yNDAzMDUxNzU5MzlaFw0yNTAzMDQxODA0MzlaMDMxMTAvBgNV
BAMTKDBCQ0MxRDgyRUY1NEEwRTVEMzMwNjdFRTMwODAyQzBCQzE0MTM1OTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4lREO5ZOMgdZVDGtHDVk3IwJg
fccrZpaG1x5UbLlijPKX69Qj9jznz3GuustRnxwBH2um911ULVx7etpqZso7MIny
ZNxVEFyA/JUMIyio4aOQ42rRjH21iKpSWfgmImCMi56u0q7DkTOgsAGL1yrjykcl
+2cOyTRM07U3Ubk+zpIPupfmLR6GV6pImOmPOue2tDSbLpsdBgpCyTAsn6yP+d8K
jXNSpJiASz1IgpELXjZwM/A9MlDJwWdsfV4qhTH56TWXtRmV8lxEwZe639IyI/2D
q9HJAMX9aQwb4IZ/90D1AroVI+D+iGUAZMt/dMP1swkq3mxZAtC4QMjxyxZdAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUC8wdgu9UoOXTMGfuMIAsC8FBNZIwHwYDVR0j
BBgwFoAUmdkjolJ9eMvKG8K2sV2sDx9sflAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BQUJERjQwOTVGRThCMjI4ODJEMjBCMTZEQjdEMkJGRDM4
MUMwRjlFNjJDNkVCNjU5NDQ3RDQ0QkU3RTFDQkMyLzAvOTlEOTIzQTI1MjdENzhD
QkNBMUJDMkI2QjE1REFDMEYxRjZDN0U1MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85OUQ5MjNBMjUyN0Q3OENCQ0Ex
QkMyQjZCMTVEQUMwRjFGNkM3RTUwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQUFCREY0MDk1RkU4QjIyODgyRDIwQjE2REI3RDJCRkQzODFDMEY5RTYy
QzZFQjY1OTQ0N0Q0NEJFN0UxQ0JDMi8wLzMxMzgzMTJlMzczOTJlMzIzMjMxMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzMjM0MzYzOC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALVP3TAN
BgkqhkiG9w0BAQsFAAOCAQEAh9gwFwwo2ztpM52AxrCd/ct62z1Y+OsYMq64xgRx
HuZEiBNx02DgCzNZ7lPeRhPzNAVvIReuMPUEazSscTKYdVViYQRG3sId8pEs5Sst
uT85/5C9VPe4hEXhQGutS886utNKDPs40NX1lpDsXJcR5l8AiBUqTtp73riQ2y83
J3wB2BbXjR9wBDTl8EmU2rFd8OK6Rx2tYap/aJk6wCsDIbfxk9PJCby/4vPpsysn
LW5aMjHjsAo1n++Dai8nvjdDvFs38+/0PSpYhFsVrBaPl9ExAdmtBDObVvBx2hkV
AMkyfSQ7YFuI3uS/lnIBbvoywy48kItcJ05NBxDpDxX93w==
-----END CERTIFICATE-----
Generated at Tue Sep 24 23:11:54 2024 by rpki-client on console-fra.rpki-client.org