Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/B2FFDCA30C15CD59970A7E7AFAEC3A91AF4301AC9008B0FFC3B8F9775F56F2FD/0/3230302e332e3136382e302f32312d3231203d3e203131383135.roa
File:                     3230302e332e3136382e302f32312d3231203d3e203131383135.roa (raw, json)
Hash identifier:          CnEnIxdVWySvLcC39Wu2fzEax0cOVvdSsT0utGro13E=
Subject key identifier:   FD:3D:85:A2:26:33:14:01:97:82:69:05:7D:4C:D5:58:6C:66:BA:00
Certificate issuer:       /CN=D2F5141990A0252C37D63112FB6ECA5DBC5686B6
Certificate serial:       3BAD0FF824389C90E9A91EAF3A5D5ED4DFD4543C
Authority key identifier: D2:F5:14:19:90:A0:25:2C:37:D6:31:12:FB:6E:CA:5D:BC:56:86:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D2F5141990A0252C37D63112FB6ECA5DBC5686B6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/B2FFDCA30C15CD59970A7E7AFAEC3A91AF4301AC9008B0FFC3B8F9775F56F2FD/0/3230302e332e3136382e302f32312d3231203d3e203131383135.roa
Signing time:             Tue 05 Mar 2024 18:22:36 +0000
ROA not before:           Tue 05 Mar 2024 18:17:36 +0000
ROA not after:            Tue 04 Mar 2025 18:22:36 +0000
asID:                     11815
IP address blocks:        200.3.168.0/21 maxlen: 21

Validation:               Failed, certificate revoked on Tue 16 Jul 2024 17:40:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3b:ad:0f:f8:24:38:9c:90:e9:a9:1e:af:3a:5d:5e:d4:df:d4:54:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D2F5141990A0252C37D63112FB6ECA5DBC5686B6
        Validity
            Not Before: Mar  5 18:17:36 2024 GMT
            Not After : Mar  4 18:22:36 2025 GMT
        Subject: CN=FD3D85A226331401978269057D4CD5586C66BA00
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:a1:e9:70:50:6a:34:28:5b:8e:20:ee:0f:8a:
                    bb:c4:1d:06:21:c7:48:7b:cc:98:82:68:0d:f5:ed:
                    50:11:d9:c1:1f:72:f7:f1:cf:ce:c8:cd:c4:fb:82:
                    53:1a:2e:51:b0:4c:8e:cd:0e:33:bf:3a:68:71:2e:
                    f9:9c:7d:f5:db:76:37:02:8b:5e:48:b2:e1:1a:8a:
                    1d:98:29:65:f6:8d:ed:73:d9:97:f3:71:c0:c4:dc:
                    f7:6a:f3:9e:5d:cd:62:e6:5a:ae:d7:2c:d0:f7:5a:
                    d5:a7:dc:d9:fd:fb:a6:8a:e7:78:5d:2f:47:5a:44:
                    44:9e:eb:07:b4:33:47:b5:b2:6c:cc:ae:b6:9d:cc:
                    d5:f4:38:7c:8b:f0:30:96:b3:03:7f:7d:cf:86:a4:
                    49:03:b5:1e:4b:06:2d:6a:11:69:d6:2f:ed:31:83:
                    24:a1:46:bc:0c:b7:e0:59:ca:f5:3b:55:f7:81:a4:
                    65:c8:06:90:81:ff:b5:25:89:29:00:1d:2a:e3:33:
                    13:3e:fd:44:c0:5d:8d:fe:96:ff:61:ed:38:82:f5:
                    b6:e4:ae:72:42:9f:53:99:b2:a0:1f:8b:25:ae:4b:
                    23:d2:84:36:ba:bd:e5:2a:99:40:7d:21:b2:06:13:
                    2c:d0:91:16:47:e6:5e:0f:a2:08:da:cc:3a:17:3c:
                    7b:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:3D:85:A2:26:33:14:01:97:82:69:05:7D:4C:D5:58:6C:66:BA:00
            X509v3 Authority Key Identifier:
                keyid:D2:F5:14:19:90:A0:25:2C:37:D6:31:12:FB:6E:CA:5D:BC:56:86:B6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/B2FFDCA30C15CD59970A7E7AFAEC3A91AF4301AC9008B0FFC3B8F9775F56F2FD/0/D2F5141990A0252C37D63112FB6ECA5DBC5686B6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D2F5141990A0252C37D63112FB6ECA5DBC5686B6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/B2FFDCA30C15CD59970A7E7AFAEC3A91AF4301AC9008B0FFC3B8F9775F56F2FD/0/3230302e332e3136382e302f32312d3231203d3e203131383135.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.3.168.0/21

    Signature Algorithm: sha256WithRSAEncryption
         a0:53:de:b0:03:dc:65:b8:a5:26:5d:a2:cc:51:a5:a0:a6:2d:
         19:48:95:db:98:54:3e:1e:64:ff:a9:70:dc:42:a6:a7:1e:ec:
         2f:78:ea:a7:2e:c0:d0:9f:d4:97:7a:e2:fd:14:8e:39:b2:6a:
         0a:1b:54:7b:9f:1f:4f:81:44:17:0b:73:f9:cc:c7:fd:b3:22:
         b5:05:1e:80:d6:e3:22:7a:14:d9:91:a6:5b:4e:0c:dd:b2:6a:
         9c:51:2d:87:87:6c:6b:f2:8a:36:35:ee:36:56:7f:f5:d6:23:
         11:a9:4c:67:64:b5:81:ca:34:28:d9:87:50:50:2a:17:46:3e:
         bb:27:db:00:55:fb:45:a3:c1:3d:eb:dc:18:2b:0d:9b:e7:89:
         20:b8:bd:5e:1f:be:bd:87:b1:25:17:3b:5a:11:d0:f6:eb:34:
         a7:c0:df:b0:d8:fc:3f:a1:ee:28:0f:92:aa:db:16:85:fc:cb:
         c5:4e:29:ee:3d:2c:79:f3:07:b7:d3:58:d9:14:b0:ca:f8:0d:
         e4:11:19:df:d1:4a:74:ef:61:78:a3:d1:b8:72:da:cc:b2:7c:
         02:3c:53:cf:e9:d2:d5:2a:f7:f1:83:c6:a5:b2:1a:14:dd:b3:
         bc:81:b5:7e:ed:2e:0a:91:85:3e:73:fd:cd:5c:43:38:af:72:
         5b:62:fa:76
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUO60P+CQ4nJDpqR6vOl1e1N/UVDwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDJGNTE0MTk5MEEwMjUyQzM3RDYzMTEyRkI2RUNBNURC
QzU2ODZCNjAeFw0yNDAzMDUxODE3MzZaFw0yNTAzMDQxODIyMzZaMDMxMTAvBgNV
BAMTKEZEM0Q4NUEyMjYzMzE0MDE5NzgyNjkwNTdENENENTU4NkM2NkJBMDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkoelwUGo0KFuOIO4PirvEHQYh
x0h7zJiCaA317VAR2cEfcvfxz87IzcT7glMaLlGwTI7NDjO/OmhxLvmcffXbdjcC
i15IsuEaih2YKWX2je1z2ZfzccDE3Pdq855dzWLmWq7XLND3WtWn3Nn9+6aK53hd
L0daRESe6we0M0e1smzMrradzNX0OHyL8DCWswN/fc+GpEkDtR5LBi1qEWnWL+0x
gyShRrwMt+BZyvU7VfeBpGXIBpCB/7UliSkAHSrjMxM+/UTAXY3+lv9h7TiC9bbk
rnJCn1OZsqAfiyWuSyPShDa6veUqmUB9IbIGEyzQkRZH5l4PogjazDoXPHvlAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQU/T2FoiYzFAGXgmkFfUzVWGxmugAwHwYDVR0j
BBgwFoAU0vUUGZCgJSw31jES+27KXbxWhrYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9CMkZGRENBMzBDMTVDRDU5OTcwQTdFN0FGQUVDM0E5MUFG
NDMwMUFDOTAwOEIwRkZDM0I4Rjk3NzVGNTZGMkZELzAvRDJGNTE0MTk5MEEwMjUy
QzM3RDYzMTEyRkI2RUNBNURCQzU2ODZCNi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EMkY1MTQxOTkwQTAyNTJDMzdE
NjMxMTJGQjZFQ0E1REJDNTY4NkI2LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQjJGRkRDQTMwQzE1Q0Q1OTk3MEE3RTdBRkFFQzNBOTFBRjQzMDFBQzkw
MDhCMEZGQzNCOEY5Nzc1RjU2RjJGRC8wLzMyMzAzMDJlMzMyZTMxMzYzODJlMzAy
ZjMyMzEyZDMyMzEyMDNkM2UyMDMxMzEzODMxMzUucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAPIA6gwDQYJ
KoZIhvcNAQELBQADggEBAKBT3rAD3GW4pSZdosxRpaCmLRlIlduYVD4eZP+pcNxC
pqce7C946qcuwNCf1Jd64v0UjjmyagobVHufH0+BRBcLc/nMx/2zIrUFHoDW4yJ6
FNmRpltODN2yapxRLYeHbGvyijY17jZWf/XWIxGpTGdktYHKNCjZh1BQKhdGPrsn
2wBV+0WjwT3r3BgrDZvniSC4vV4fvr2HsSUXO1oR0PbrNKfA37DY/D+h7igPkqrb
FoX8y8VOKe49LHnzB7fTWNkUsMr4DeQRGd/RSnTvYXij0bhy2syyfAI8U8/p0tUq
9/GDxqWyGhTds7yBtX7tLgqRhT5z/c1cQzivclti+nY=
-----END CERTIFICATE-----
Generated at Tue Jul 16 20:13:35 2024 by rpki-client on console-fra.rpki-client.org