Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/B2FFDCA30C15CD59970A7E7AFAEC3A91AF4301AC9008B0FFC3B8F9775F56F2FD/0/323030313a313365383a3a2f33322d3332203d3e203131383135.roa
File:                     323030313a313365383a3a2f33322d3332203d3e203131383135.roa (raw, json)
Hash identifier:          Gysn75DWPgQvLW58FQNboUZ5Rsq966H3bDLYmbcudeY=
Subject key identifier:   44:35:FE:A4:86:80:C8:E7:4F:13:64:27:41:63:3B:66:83:1E:C4:49
Certificate issuer:       /CN=D2F5141990A0252C37D63112FB6ECA5DBC5686B6
Certificate serial:       1FB06A437030E11EA6B64B9A21ADBE3E7920F64B
Authority key identifier: D2:F5:14:19:90:A0:25:2C:37:D6:31:12:FB:6E:CA:5D:BC:56:86:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D2F5141990A0252C37D63112FB6ECA5DBC5686B6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/B2FFDCA30C15CD59970A7E7AFAEC3A91AF4301AC9008B0FFC3B8F9775F56F2FD/0/323030313a313365383a3a2f33322d3332203d3e203131383135.roa
Signing time:             Tue 05 Mar 2024 18:22:32 +0000
ROA not before:           Tue 05 Mar 2024 18:17:32 +0000
ROA not after:            Tue 04 Mar 2025 18:22:32 +0000
asID:                     11815
IP address blocks:        2001:13e8::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 16 Jul 2024 17:40:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:b0:6a:43:70:30:e1:1e:a6:b6:4b:9a:21:ad:be:3e:79:20:f6:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D2F5141990A0252C37D63112FB6ECA5DBC5686B6
        Validity
            Not Before: Mar  5 18:17:32 2024 GMT
            Not After : Mar  4 18:22:32 2025 GMT
        Subject: CN=4435FEA48680C8E74F13642741633B66831EC449
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:13:c5:ca:65:7e:99:6a:64:f5:00:28:07:56:
                    32:d0:76:1a:a4:9e:bd:23:53:66:11:46:c5:a9:b6:
                    a5:27:37:9d:e7:7e:c1:e7:a4:16:10:81:e4:b1:6a:
                    fe:04:79:d7:10:8c:88:15:67:b3:4c:22:eb:ae:e0:
                    60:b7:4c:fe:ee:ba:0e:28:5f:d1:4e:7c:8c:e0:e0:
                    7b:9b:f6:11:5b:4c:6c:59:fb:a3:ec:30:b2:05:0b:
                    b9:48:6c:ff:88:0e:7a:f1:5f:e0:65:91:57:bc:66:
                    fb:30:20:f3:ca:c2:d3:88:cf:1e:91:c7:3e:68:26:
                    49:07:78:0d:a7:e0:cd:04:66:a3:65:bc:71:f8:4d:
                    ec:20:c2:b3:49:74:92:83:ab:1e:c5:ff:20:ea:19:
                    9a:de:5e:e1:a7:1a:bc:7d:7a:33:85:1c:26:6e:58:
                    1c:81:2f:a7:18:a1:1a:dd:2a:e4:82:86:ab:c8:20:
                    a7:ea:a8:52:96:e2:3c:8a:79:3c:d0:b5:0a:57:07:
                    44:a4:80:ca:0f:76:b3:ea:a9:55:48:3b:39:8a:52:
                    80:a1:53:e2:0d:d3:68:7b:d4:b2:99:5f:55:02:cb:
                    bb:bc:b2:dc:da:89:58:50:14:0c:9f:83:60:e9:86:
                    be:d2:00:fd:16:00:d6:0f:9f:e3:ad:55:2b:6f:84:
                    d1:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:35:FE:A4:86:80:C8:E7:4F:13:64:27:41:63:3B:66:83:1E:C4:49
            X509v3 Authority Key Identifier:
                keyid:D2:F5:14:19:90:A0:25:2C:37:D6:31:12:FB:6E:CA:5D:BC:56:86:B6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/B2FFDCA30C15CD59970A7E7AFAEC3A91AF4301AC9008B0FFC3B8F9775F56F2FD/0/D2F5141990A0252C37D63112FB6ECA5DBC5686B6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D2F5141990A0252C37D63112FB6ECA5DBC5686B6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/B2FFDCA30C15CD59970A7E7AFAEC3A91AF4301AC9008B0FFC3B8F9775F56F2FD/0/323030313a313365383a3a2f33322d3332203d3e203131383135.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:13e8::/32

    Signature Algorithm: sha256WithRSAEncryption
         38:9d:9c:64:37:a0:04:19:c4:ba:7c:ce:74:f0:01:69:65:a0:
         26:ed:20:29:16:a8:f1:7c:59:34:7a:f8:6b:7d:60:6c:8f:6d:
         90:31:2a:f5:92:e1:0a:39:b0:c0:90:ff:3a:49:46:b6:1a:18:
         48:25:94:47:b7:ea:dc:2e:5c:1b:10:c8:56:75:f2:ea:7a:48:
         0b:51:cc:97:df:77:93:2c:ae:7c:d5:7c:9d:1a:6e:ed:1e:55:
         bd:1f:4d:45:5e:17:5a:88:90:17:5b:1f:c8:a1:5f:1d:51:91:
         a3:8f:70:f4:b5:33:46:1c:df:af:16:53:07:bf:46:80:d9:ec:
         60:ed:d1:27:f5:40:19:92:92:e5:a6:19:2c:04:9d:30:0b:00:
         88:79:c7:5e:bf:c8:ac:fc:25:c3:d6:ac:17:c8:0b:85:f2:1c:
         d4:ae:4f:50:02:d4:6b:35:95:fb:1e:b1:8a:6c:b5:28:5b:eb:
         51:92:bc:86:75:fc:40:d9:0d:52:6a:c7:bd:80:6e:a1:55:21:
         ed:1d:0e:e8:77:de:85:2f:b7:a6:ad:4a:b2:b2:06:20:13:3d:
         d7:bd:d6:b1:cd:d8:c9:c0:75:7f:ef:96:72:4e:7d:05:cb:69:
         07:f0:fe:e7:1f:7a:12:13:9e:14:09:9e:7a:22:c6:ee:75:fd:
         bc:ea:ac:56
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUH7BqQ3Aw4R6mtkuaIa2+Pnkg9kswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDJGNTE0MTk5MEEwMjUyQzM3RDYzMTEyRkI2RUNBNURC
QzU2ODZCNjAeFw0yNDAzMDUxODE3MzJaFw0yNTAzMDQxODIyMzJaMDMxMTAvBgNV
BAMTKDQ0MzVGRUE0ODY4MEM4RTc0RjEzNjQyNzQxNjMzQjY2ODMxRUM0NDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqE8XKZX6ZamT1ACgHVjLQdhqk
nr0jU2YRRsWptqUnN53nfsHnpBYQgeSxav4EedcQjIgVZ7NMIuuu4GC3TP7uug4o
X9FOfIzg4Hub9hFbTGxZ+6PsMLIFC7lIbP+IDnrxX+BlkVe8ZvswIPPKwtOIzx6R
xz5oJkkHeA2n4M0EZqNlvHH4TewgwrNJdJKDqx7F/yDqGZreXuGnGrx9ejOFHCZu
WByBL6cYoRrdKuSChqvIIKfqqFKW4jyKeTzQtQpXB0SkgMoPdrPqqVVIOzmKUoCh
U+IN02h71LKZX1UCy7u8stzaiVhQFAyfg2Dphr7SAP0WANYPn+OtVStvhNG1AgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQURDX+pIaAyOdPE2QnQWM7ZoMexEkwHwYDVR0j
BBgwFoAU0vUUGZCgJSw31jES+27KXbxWhrYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9CMkZGRENBMzBDMTVDRDU5OTcwQTdFN0FGQUVDM0E5MUFG
NDMwMUFDOTAwOEIwRkZDM0I4Rjk3NzVGNTZGMkZELzAvRDJGNTE0MTk5MEEwMjUy
QzM3RDYzMTEyRkI2RUNBNURCQzU2ODZCNi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EMkY1MTQxOTkwQTAyNTJDMzdE
NjMxMTJGQjZFQ0E1REJDNTY4NkI2LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQjJGRkRDQTMwQzE1Q0Q1OTk3MEE3RTdBRkFFQzNBOTFBRjQzMDFBQzkw
MDhCMEZGQzNCOEY5Nzc1RjU2RjJGRC8wLzMyMzAzMDMxM2EzMTMzNjUzODNhM2Ey
ZjMzMzIyZDMzMzIyMDNkM2UyMDMxMzEzODMxMzUucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAgARPoMA0G
CSqGSIb3DQEBCwUAA4IBAQA4nZxkN6AEGcS6fM508AFpZaAm7SApFqjxfFk0evhr
fWBsj22QMSr1kuEKObDAkP86SUa2GhhIJZRHt+rcLlwbEMhWdfLqekgLUcyX33eT
LK581XydGm7tHlW9H01FXhdaiJAXWx/IoV8dUZGjj3D0tTNGHN+vFlMHv0aA2exg
7dEn9UAZkpLlphksBJ0wCwCIecdev8is/CXD1qwXyAuF8hzUrk9QAtRrNZX7HrGK
bLUoW+tRkryGdfxA2Q1Sase9gG6hVSHtHQ7od96FL7emrUqysgYgEz3XvdaxzdjJ
wHV/75ZyTn0Fy2kH8P7nH3oSE54UCZ56Isbudf286qxW
-----END CERTIFICATE-----
Generated at Tue Jul 16 21:31:15 2024 by rpki-client on console-ams.rpki-client.org