Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/B5DC9768EA0AACF46DC911E81D0D9D049927D24AACAF0685CB367D54CEE2BD95/0/3139312e39372e31392e302f32342d3234203d3e20323634383434.roa
File:                     3139312e39372e31392e302f32342d3234203d3e20323634383434.roa (raw, json)
Hash identifier:          +qruez+C8wELT0SvP2JjQxNWvxALuGTj43DGQrbo4h8=
Subject key identifier:   64:6E:EA:64:76:BA:C9:E9:CC:23:A0:93:E5:D6:8B:F7:49:64:78:CA
Certificate issuer:       /CN=CEFF58507AF1A06AEFDA67DD8D65125C364A4DEC
Certificate serial:       2A8E0045E0C4B6C378F404FF987EBFE3E92FB0E8
Authority key identifier: CE:FF:58:50:7A:F1:A0:6A:EF:DA:67:DD:8D:65:12:5C:36:4A:4D:EC
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CEFF58507AF1A06AEFDA67DD8D65125C364A4DEC.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/B5DC9768EA0AACF46DC911E81D0D9D049927D24AACAF0685CB367D54CEE2BD95/0/3139312e39372e31392e302f32342d3234203d3e20323634383434.roa
Signing time:             Tue 05 Mar 2024 18:23:34 +0000
ROA not before:           Tue 05 Mar 2024 18:18:34 +0000
ROA not after:            Tue 04 Mar 2025 18:23:34 +0000
asID:                     264844
IP address blocks:        191.97.19.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 05 Jun 2024 18:25:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2a:8e:00:45:e0:c4:b6:c3:78:f4:04:ff:98:7e:bf:e3:e9:2f:b0:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CEFF58507AF1A06AEFDA67DD8D65125C364A4DEC
        Validity
            Not Before: Mar  5 18:18:34 2024 GMT
            Not After : Mar  4 18:23:34 2025 GMT
        Subject: CN=646EEA6476BAC9E9CC23A093E5D68BF7496478CA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:1c:b3:94:5b:61:c6:30:56:3c:4a:80:4d:24:
                    27:49:11:16:7c:88:02:73:e9:84:19:d6:1f:ad:63:
                    1b:2c:4c:b6:c3:b2:b4:7f:fa:f8:7d:a3:24:2e:37:
                    04:34:54:b9:ed:c0:8f:c5:23:ac:ed:30:ef:86:63:
                    17:f4:f4:4d:c1:76:50:71:1f:57:74:ee:bc:17:6e:
                    8e:5f:37:99:68:a3:c7:c1:c2:69:9d:7d:7c:5d:0a:
                    b4:ea:7a:dd:3c:27:e0:53:1b:c8:fe:b1:fc:57:d7:
                    21:0d:19:a3:97:6c:05:b7:6a:df:76:ff:43:ec:8b:
                    76:64:b0:67:87:73:1c:94:21:c6:a8:83:70:ec:1a:
                    1f:1a:02:01:32:6c:15:3c:a7:c5:2b:35:2c:0b:c3:
                    ab:95:93:2b:54:6a:0e:be:64:2a:7d:26:dc:db:c9:
                    c2:03:41:5f:cf:88:3f:1f:4d:b2:66:8c:05:18:ad:
                    e7:97:b3:a2:59:2b:fb:bc:b1:df:cc:10:aa:a9:ca:
                    13:56:54:97:7f:c9:a2:0c:71:d7:54:59:5b:ff:08:
                    a6:4d:16:f5:cb:64:f3:90:ba:2a:9d:eb:ba:e9:2c:
                    8a:8e:e3:ba:1f:0b:57:8f:48:71:86:10:96:5f:b9:
                    6c:66:85:5a:ef:a8:a0:5a:f3:92:ab:e3:02:22:1f:
                    3c:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:6E:EA:64:76:BA:C9:E9:CC:23:A0:93:E5:D6:8B:F7:49:64:78:CA
            X509v3 Authority Key Identifier:
                keyid:CE:FF:58:50:7A:F1:A0:6A:EF:DA:67:DD:8D:65:12:5C:36:4A:4D:EC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/B5DC9768EA0AACF46DC911E81D0D9D049927D24AACAF0685CB367D54CEE2BD95/0/CEFF58507AF1A06AEFDA67DD8D65125C364A4DEC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CEFF58507AF1A06AEFDA67DD8D65125C364A4DEC.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/B5DC9768EA0AACF46DC911E81D0D9D049927D24AACAF0685CB367D54CEE2BD95/0/3139312e39372e31392e302f32342d3234203d3e20323634383434.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  191.97.19.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6c:2d:4c:f5:9f:2c:0f:00:06:0c:b7:f7:90:5e:95:21:2e:9c:
         41:12:51:ad:1c:01:3c:2b:7a:30:c3:bf:7d:30:e7:a1:f0:09:
         8b:d5:ab:a5:68:4d:a3:a7:2f:4d:14:ad:cc:06:90:a7:47:20:
         f6:cd:de:62:37:54:b1:33:05:9a:b7:f3:3e:63:6f:7a:1a:a3:
         48:89:68:54:c0:cc:1b:da:0d:13:c7:f5:a7:4a:fb:bb:e8:23:
         a0:2b:99:0c:4d:64:3b:9f:f4:5c:ea:25:40:f1:3d:03:25:0c:
         b4:39:67:a5:c6:97:ab:3e:d2:c3:74:98:f1:12:72:f5:b7:85:
         c5:47:d3:e3:34:a4:c2:04:e9:23:e0:9e:3a:aa:c1:f6:e8:04:
         ed:76:71:39:9f:22:f3:4f:df:62:76:ec:8b:5e:76:f1:8b:28:
         25:17:4d:f9:0e:53:b9:e9:52:fc:a2:de:32:65:6a:a1:95:e2:
         55:8e:73:00:07:fc:d6:29:b6:9d:0e:a0:c9:eb:c5:d0:51:22:
         da:d8:95:98:8f:84:7d:82:44:fc:59:60:ab:5e:04:eb:57:ca:
         7b:13:02:b2:45:21:4f:68:8f:97:b5:da:c2:a3:ef:87:87:02:
         f8:81:78:f3:8b:8e:00:55:d0:18:e3:f8:cb:d3:8d:a1:df:77:
         28:b7:b9:bf
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUKo4AReDEtsN49AT/mH6/4+kvsOgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0VGRjU4NTA3QUYxQTA2QUVGREE2N0REOEQ2NTEyNUMz
NjRBNERFQzAeFw0yNDAzMDUxODE4MzRaFw0yNTAzMDQxODIzMzRaMDMxMTAvBgNV
BAMTKDY0NkVFQTY0NzZCQUM5RTlDQzIzQTA5M0U1RDY4QkY3NDk2NDc4Q0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8HLOUW2HGMFY8SoBNJCdJERZ8
iAJz6YQZ1h+tYxssTLbDsrR/+vh9oyQuNwQ0VLntwI/FI6ztMO+GYxf09E3BdlBx
H1d07rwXbo5fN5loo8fBwmmdfXxdCrTqet08J+BTG8j+sfxX1yENGaOXbAW3at92
/0Psi3ZksGeHcxyUIcaog3DsGh8aAgEybBU8p8UrNSwLw6uVkytUag6+ZCp9Jtzb
ycIDQV/PiD8fTbJmjAUYreeXs6JZK/u8sd/MEKqpyhNWVJd/yaIMcddUWVv/CKZN
FvXLZPOQuiqd67rpLIqO47ofC1ePSHGGEJZfuWxmhVrvqKBa85Kr4wIiHzznAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUZG7qZHa6yenMI6CT5daL90lkeMowHwYDVR0j
BBgwFoAUzv9YUHrxoGrv2mfdjWUSXDZKTewwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9CNURDOTc2OEVBMEFBQ0Y0NkRDOTExRTgxRDBEOUQwNDk5
MjdEMjRBQUNBRjA2ODVDQjM2N0Q1NENFRTJCRDk1LzAvQ0VGRjU4NTA3QUYxQTA2
QUVGREE2N0REOEQ2NTEyNUMzNjRBNERFQy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DRUZGNTg1MDdBRjFBMDZBRUZE
QTY3REQ4RDY1MTI1QzM2NEE0REVDLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQjVEQzk3NjhFQTBBQUNGNDZEQzkxMUU4MUQwRDlEMDQ5OTI3RDI0QUFD
QUYwNjg1Q0IzNjdENTRDRUUyQkQ5NS8wLzMxMzkzMTJlMzkzNzJlMzEzOTJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzYzNDM4MzQzNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAL9hEzAN
BgkqhkiG9w0BAQsFAAOCAQEAbC1M9Z8sDwAGDLf3kF6VIS6cQRJRrRwBPCt6MMO/
fTDnofAJi9WrpWhNo6cvTRStzAaQp0cg9s3eYjdUsTMFmrfzPmNvehqjSIloVMDM
G9oNE8f1p0r7u+gjoCuZDE1kO5/0XOolQPE9AyUMtDlnpcaXqz7Sw3SY8RJy9beF
xUfT4zSkwgTpI+CeOqrB9ugE7XZxOZ8i80/fYnbsi1528YsoJRdN+Q5TuelS/KLe
MmVqoZXiVY5zAAf81im2nQ6gyevF0FEi2tiVmI+EfYJE/Flgq14E61fKexMCskUh
T2iPl7XawqPvh4cC+IF484uOAFXQGOP4y9ONod93KLe5vw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-ams.rpki-client.org