Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/B2FFDCA30C15CD59970A7E7AFAEC3A91AF4301AC9008B0FFC3B8F9775F56F2FD/0/3139302e31312e33322e302f32302d3230203d3e203131383135.roa
File:                     3139302e31312e33322e302f32302d3230203d3e203131383135.roa (raw, json)
Hash identifier:          RwQvvFZ6AnGRdVk0vZDeftYcoN1y+jaFxca38G59cBI=
Subject key identifier:   CD:16:4F:DB:3A:E3:4B:4F:9B:93:07:08:CF:4C:3B:C9:0A:D8:DC:35
Certificate issuer:       /CN=D2F5141990A0252C37D63112FB6ECA5DBC5686B6
Certificate serial:       750D2E1AAB8EA18009F9FF306194949A2AE3A310
Authority key identifier: D2:F5:14:19:90:A0:25:2C:37:D6:31:12:FB:6E:CA:5D:BC:56:86:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D2F5141990A0252C37D63112FB6ECA5DBC5686B6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/B2FFDCA30C15CD59970A7E7AFAEC3A91AF4301AC9008B0FFC3B8F9775F56F2FD/0/3139302e31312e33322e302f32302d3230203d3e203131383135.roa
Signing time:             Tue 05 Mar 2024 18:22:33 +0000
ROA not before:           Tue 05 Mar 2024 18:17:33 +0000
ROA not after:            Tue 04 Mar 2025 18:22:33 +0000
asID:                     11815
IP address blocks:        190.11.32.0/20 maxlen: 20

Validation:               Failed, certificate revoked on Tue 16 Jul 2024 17:40:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:0d:2e:1a:ab:8e:a1:80:09:f9:ff:30:61:94:94:9a:2a:e3:a3:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D2F5141990A0252C37D63112FB6ECA5DBC5686B6
        Validity
            Not Before: Mar  5 18:17:33 2024 GMT
            Not After : Mar  4 18:22:33 2025 GMT
        Subject: CN=CD164FDB3AE34B4F9B930708CF4C3BC90AD8DC35
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:bd:41:a4:99:e3:d6:bc:2c:d1:17:0f:f1:69:
                    52:28:4e:c2:86:6d:56:8b:46:d1:43:81:51:2c:8d:
                    5e:54:73:41:c8:87:bd:0f:74:53:67:63:ec:1d:01:
                    e2:66:d8:f7:e4:ad:42:ab:15:61:08:f1:d7:db:1b:
                    2c:77:04:06:c0:78:d4:6f:d9:53:15:92:f0:6c:12:
                    c3:77:fc:08:33:54:ff:3f:11:18:6f:a8:66:42:29:
                    39:1b:00:c7:02:47:7b:48:2b:df:71:a7:51:0c:01:
                    8e:20:e1:a0:25:13:8a:b3:05:11:de:41:c8:44:3a:
                    8f:6c:7e:19:c7:29:5c:5b:04:7a:7a:16:fe:d6:24:
                    04:2c:28:d1:c4:62:d6:d5:68:de:f0:59:b4:41:b1:
                    61:69:be:f3:7a:89:0d:b1:de:6a:d6:92:f5:76:b5:
                    47:5b:86:b9:c8:8e:55:e3:a7:50:80:05:9e:07:21:
                    04:7e:cb:72:48:68:24:24:b3:15:24:30:f1:65:d0:
                    32:6b:d5:e6:7d:01:67:77:e0:8f:83:99:26:d3:39:
                    85:f8:d1:5d:3c:b7:26:43:d3:8b:51:aa:be:58:c6:
                    67:39:e0:31:9b:7e:31:38:a0:99:47:21:b9:68:46:
                    11:8d:1d:5d:4f:18:0b:2a:9b:53:73:72:af:76:b8:
                    4a:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:16:4F:DB:3A:E3:4B:4F:9B:93:07:08:CF:4C:3B:C9:0A:D8:DC:35
            X509v3 Authority Key Identifier:
                keyid:D2:F5:14:19:90:A0:25:2C:37:D6:31:12:FB:6E:CA:5D:BC:56:86:B6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/B2FFDCA30C15CD59970A7E7AFAEC3A91AF4301AC9008B0FFC3B8F9775F56F2FD/0/D2F5141990A0252C37D63112FB6ECA5DBC5686B6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D2F5141990A0252C37D63112FB6ECA5DBC5686B6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/B2FFDCA30C15CD59970A7E7AFAEC3A91AF4301AC9008B0FFC3B8F9775F56F2FD/0/3139302e31312e33322e302f32302d3230203d3e203131383135.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.11.32.0/20

    Signature Algorithm: sha256WithRSAEncryption
         2e:4e:97:b6:cf:df:61:3c:22:ac:fd:f6:f4:3f:51:b6:98:ae:
         af:5e:19:f7:00:39:24:f6:48:0c:36:01:95:7f:30:bf:3c:33:
         ca:31:5f:91:cb:a1:c7:56:43:9a:ec:9e:67:8b:df:87:1e:2e:
         1d:05:cf:af:05:6b:fa:39:4c:6b:ff:37:56:88:61:a0:0e:0e:
         6f:61:df:37:25:8d:24:bb:1a:06:b9:36:4a:9b:02:13:4e:13:
         d7:00:00:13:4f:cf:d5:1e:de:74:b0:32:6c:a6:12:ba:fe:9d:
         01:e2:da:05:33:12:2b:59:00:4a:06:4a:16:25:02:ac:e8:2b:
         3f:44:41:61:5e:bc:40:25:21:a6:a9:75:6a:24:20:47:64:45:
         0c:42:92:ff:59:c5:76:6f:16:ea:c2:15:26:34:cc:4a:38:7b:
         02:d4:85:c2:d8:0e:08:4a:06:63:ea:f9:ef:e7:ed:0d:73:fd:
         e9:96:d9:bf:dd:e3:4e:ad:c9:07:9e:4f:f7:5f:ce:47:cf:d4:
         a4:c0:15:e6:ea:35:dd:a7:58:3a:88:73:2f:e0:c9:4c:4e:a0:
         a9:de:ea:e1:f9:dd:23:66:ad:3e:0e:b7:e3:24:e9:fe:1c:12:
         30:85:3c:ab:cb:05:37:fb:52:c6:4f:52:7b:75:85:9b:4f:be:
         d9:e9:30:ca
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUdQ0uGquOoYAJ+f8wYZSUmirjoxAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDJGNTE0MTk5MEEwMjUyQzM3RDYzMTEyRkI2RUNBNURC
QzU2ODZCNjAeFw0yNDAzMDUxODE3MzNaFw0yNTAzMDQxODIyMzNaMDMxMTAvBgNV
BAMTKENEMTY0RkRCM0FFMzRCNEY5QjkzMDcwOENGNEMzQkM5MEFEOERDMzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3vUGkmePWvCzRFw/xaVIoTsKG
bVaLRtFDgVEsjV5Uc0HIh70PdFNnY+wdAeJm2PfkrUKrFWEI8dfbGyx3BAbAeNRv
2VMVkvBsEsN3/AgzVP8/ERhvqGZCKTkbAMcCR3tIK99xp1EMAY4g4aAlE4qzBRHe
QchEOo9sfhnHKVxbBHp6Fv7WJAQsKNHEYtbVaN7wWbRBsWFpvvN6iQ2x3mrWkvV2
tUdbhrnIjlXjp1CABZ4HIQR+y3JIaCQksxUkMPFl0DJr1eZ9AWd34I+DmSbTOYX4
0V08tyZD04tRqr5Yxmc54DGbfjE4oJlHIbloRhGNHV1PGAsqm1Nzcq92uEq3AgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUzRZP2zrjS0+bkwcIz0w7yQrY3DUwHwYDVR0j
BBgwFoAU0vUUGZCgJSw31jES+27KXbxWhrYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9CMkZGRENBMzBDMTVDRDU5OTcwQTdFN0FGQUVDM0E5MUFG
NDMwMUFDOTAwOEIwRkZDM0I4Rjk3NzVGNTZGMkZELzAvRDJGNTE0MTk5MEEwMjUy
QzM3RDYzMTEyRkI2RUNBNURCQzU2ODZCNi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EMkY1MTQxOTkwQTAyNTJDMzdE
NjMxMTJGQjZFQ0E1REJDNTY4NkI2LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQjJGRkRDQTMwQzE1Q0Q1OTk3MEE3RTdBRkFFQzNBOTFBRjQzMDFBQzkw
MDhCMEZGQzNCOEY5Nzc1RjU2RjJGRC8wLzMxMzkzMDJlMzEzMTJlMzMzMjJlMzAy
ZjMyMzAyZDMyMzAyMDNkM2UyMDMxMzEzODMxMzUucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAS+CyAwDQYJ
KoZIhvcNAQELBQADggEBAC5Ol7bP32E8Iqz99vQ/UbaYrq9eGfcAOST2SAw2AZV/
ML88M8oxX5HLocdWQ5rsnmeL34ceLh0Fz68Fa/o5TGv/N1aIYaAODm9h3zcljSS7
Gga5NkqbAhNOE9cAABNPz9Ue3nSwMmymErr+nQHi2gUzEitZAEoGShYlAqzoKz9E
QWFevEAlIaapdWokIEdkRQxCkv9ZxXZvFurCFSY0zEo4ewLUhcLYDghKBmPq+e/n
7Q1z/emW2b/d406tyQeeT/dfzkfP1KTAFebqNd2nWDqIcy/gyUxOoKne6uH53SNm
rT4Ot+Mk6f4cEjCFPKvLBTf7UsZPUnt1hZtPvtnpMMo=
-----END CERTIFICATE-----
Generated at Tue Jul 16 20:13:35 2024 by rpki-client on console-fra.rpki-client.org