Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/3138312e37392e3235322e302f32332d3234203d3e203237393332.roa
File:                     3138312e37392e3235322e302f32332d3234203d3e203237393332.roa (raw, json)
Hash identifier:          WKObS+mRRn1afU0lvviXAsI+cPI1GmDcLpe6m1S2YLQ=
Subject key identifier:   8F:9F:A2:E5:9A:99:1E:84:8B:F7:BF:DF:C0:CD:94:1F:98:EC:AF:1A
Certificate issuer:       /CN=99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50
Certificate serial:       5D9BC2A2BC19A426130B414BD95353ADF0A18CF3
Authority key identifier: 99:D9:23:A2:52:7D:78:CB:CA:1B:C2:B6:B1:5D:AC:0F:1F:6C:7E:50
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/3138312e37392e3235322e302f32332d3234203d3e203237393332.roa
Signing time:             Tue 05 Mar 2024 18:04:39 +0000
ROA not before:           Tue 05 Mar 2024 17:59:39 +0000
ROA not after:            Tue 04 Mar 2025 18:04:39 +0000
asID:                     27932
IP address blocks:        181.79.252.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Tue 24 Sep 2024 22:10:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5d:9b:c2:a2:bc:19:a4:26:13:0b:41:4b:d9:53:53:ad:f0:a1:8c:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50
        Validity
            Not Before: Mar  5 17:59:39 2024 GMT
            Not After : Mar  4 18:04:39 2025 GMT
        Subject: CN=8F9FA2E59A991E848BF7BFDFC0CD941F98ECAF1A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:cb:8a:ed:c1:3e:9f:99:a7:70:da:eb:8b:b1:
                    a0:9a:7e:e2:aa:63:36:a9:98:e9:1a:40:38:7c:8a:
                    06:8e:94:0a:f6:a3:a7:34:6f:61:79:78:da:64:9e:
                    1b:ee:b1:33:a2:3a:ee:0e:b1:df:2a:0a:8f:86:bf:
                    63:23:b2:6c:40:b4:3e:ba:58:73:9d:9e:26:35:ec:
                    6e:1c:7e:26:e8:92:28:30:34:98:fd:48:eb:ab:d8:
                    d9:5c:45:bb:eb:87:1b:1c:e3:3a:8e:f8:12:dd:86:
                    ca:31:9f:0c:de:8b:65:2d:aa:73:52:b8:64:6e:45:
                    18:c6:45:4e:30:90:06:68:d9:f2:44:96:d2:43:dd:
                    c9:0a:21:22:ca:00:78:85:11:f4:8b:45:bd:10:ba:
                    53:00:b6:ff:3e:dd:de:0f:59:32:57:b4:4f:a4:42:
                    41:1b:ea:57:53:29:8b:60:2c:ed:6a:04:aa:de:9d:
                    84:c8:ed:f7:0a:2f:86:7b:d0:35:fe:2e:96:96:cd:
                    e8:5a:35:16:4b:9b:32:8e:fd:3a:e1:c0:0b:55:58:
                    5f:83:55:4e:8d:4c:c8:22:92:8f:e8:ab:97:1b:20:
                    8a:3e:91:a7:90:45:f1:39:06:f5:9d:35:75:cc:7c:
                    36:51:4c:0e:2e:55:04:01:95:45:08:2c:8d:8b:17:
                    6a:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:9F:A2:E5:9A:99:1E:84:8B:F7:BF:DF:C0:CD:94:1F:98:EC:AF:1A
            X509v3 Authority Key Identifier:
                keyid:99:D9:23:A2:52:7D:78:CB:CA:1B:C2:B6:B1:5D:AC:0F:1F:6C:7E:50

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/3138312e37392e3235322e302f32332d3234203d3e203237393332.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.79.252.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a3:d7:4a:47:bd:ea:ff:0e:2a:83:f8:6c:d4:24:23:7d:2a:89:
         65:6c:6d:bd:9e:f5:5e:23:f4:af:60:63:ec:5e:73:f2:1c:ae:
         93:f6:45:2a:10:ce:6a:01:b0:47:87:2a:70:8c:78:8e:13:ab:
         3a:68:33:72:be:b4:8a:55:4a:46:16:5e:d7:a7:ac:2a:32:a1:
         74:a7:39:19:3b:dc:07:41:1c:76:46:63:d6:11:8c:b6:8a:d5:
         9d:a1:31:57:81:e8:58:e2:7b:b5:70:e4:55:ed:94:62:0c:61:
         05:5c:30:de:6f:ba:73:93:fd:eb:66:5c:1e:92:4d:71:1b:7c:
         a9:dc:b6:04:65:10:9f:18:6c:ca:02:07:a3:0a:c4:8a:59:e4:
         ea:af:4d:1d:80:f3:88:89:95:06:a9:6e:8d:d7:72:9a:03:0a:
         20:b1:27:9f:bb:26:e3:4e:8a:d3:db:67:54:44:99:70:1f:c2:
         48:4a:52:a9:21:b3:8b:cf:90:c9:cd:77:44:dd:63:3c:88:ae:
         d5:d3:1d:f2:5a:7f:35:42:74:46:b9:87:e6:63:a8:15:e7:a6:
         49:7b:1a:40:b9:6b:0e:e0:2f:2c:f7:a9:0e:3c:1a:89:12:70:
         a2:db:e7:d7:ad:91:5b:65:0f:72:23:c1:16:97:83:5b:0e:ea:
         71:a8:bc:c7
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUXZvCorwZpCYTC0FL2VNTrfChjPMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTlEOTIzQTI1MjdENzhDQkNBMUJDMkI2QjE1REFDMEYx
RjZDN0U1MDAeFw0yNDAzMDUxNzU5MzlaFw0yNTAzMDQxODA0MzlaMDMxMTAvBgNV
BAMTKDhGOUZBMkU1OUE5OTFFODQ4QkY3QkZERkMwQ0Q5NDFGOThFQ0FGMUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvy4rtwT6fmadw2uuLsaCafuKq
YzapmOkaQDh8igaOlAr2o6c0b2F5eNpknhvusTOiOu4Osd8qCo+Gv2MjsmxAtD66
WHOdniY17G4cfibokigwNJj9SOur2NlcRbvrhxsc4zqO+BLdhsoxnwzei2UtqnNS
uGRuRRjGRU4wkAZo2fJEltJD3ckKISLKAHiFEfSLRb0QulMAtv8+3d4PWTJXtE+k
QkEb6ldTKYtgLO1qBKrenYTI7fcKL4Z70DX+LpaWzehaNRZLmzKO/TrhwAtVWF+D
VU6NTMgiko/oq5cbIIo+kaeQRfE5BvWdNXXMfDZRTA4uVQQBlUUILI2LF2oRAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUj5+i5ZqZHoSL97/fwM2UH5jsrxowHwYDVR0j
BBgwFoAUmdkjolJ9eMvKG8K2sV2sDx9sflAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BQUJERjQwOTVGRThCMjI4ODJEMjBCMTZEQjdEMkJGRDM4
MUMwRjlFNjJDNkVCNjU5NDQ3RDQ0QkU3RTFDQkMyLzAvOTlEOTIzQTI1MjdENzhD
QkNBMUJDMkI2QjE1REFDMEYxRjZDN0U1MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85OUQ5MjNBMjUyN0Q3OENCQ0Ex
QkMyQjZCMTVEQUMwRjFGNkM3RTUwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQUFCREY0MDk1RkU4QjIyODgyRDIwQjE2REI3RDJCRkQzODFDMEY5RTYy
QzZFQjY1OTQ0N0Q0NEJFN0UxQ0JDMi8wLzMxMzgzMTJlMzczOTJlMzIzNTMyMmUz
MDJmMzIzMzJkMzIzNDIwM2QzZTIwMzIzNzM5MzMzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbVP/DAN
BgkqhkiG9w0BAQsFAAOCAQEAo9dKR73q/w4qg/hs1CQjfSqJZWxtvZ71XiP0r2Bj
7F5z8hyuk/ZFKhDOagGwR4cqcIx4jhOrOmgzcr60ilVKRhZe16esKjKhdKc5GTvc
B0EcdkZj1hGMtorVnaExV4HoWOJ7tXDkVe2UYgxhBVww3m+6c5P962ZcHpJNcRt8
qdy2BGUQnxhsygIHowrEilnk6q9NHYDziImVBqlujddymgMKILEnn7sm406K09tn
VESZcB/CSEpSqSGzi8+Qyc13RN1jPIiu1dMd8lp/NUJ0RrmH5mOoFeemSXsaQLlr
DuAvLPepDjwaiRJwotvn162RW2UPciPBFpeDWw7qcai8xw==
-----END CERTIFICATE-----