Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/B6CF068CF4BA434782FDDD7B24AAA11651528BBE5A39AF9222DAD287AA32678B/0/3133382e3131372e3232382e302f32322d3234203d3e20323639393839.roa
File:                     3133382e3131372e3232382e302f32322d3234203d3e20323639393839.roa (raw, json)
Hash identifier:          wN9wwM5zt6i4UHbpnuFGacTZ0XfTsNTU3a5vxg5XtZg=
Subject key identifier:   F7:87:86:BE:9C:89:CA:A9:83:36:08:EB:37:52:1F:F9:FF:00:B6:F9
Certificate issuer:       /CN=3632900A5F3F72A06CF6ECB7B9D3B1E3356DA9F6
Certificate serial:       608A16857BDBDF741AE506A7945F5EAA47F5394A
Authority key identifier: 36:32:90:0A:5F:3F:72:A0:6C:F6:EC:B7:B9:D3:B1:E3:35:6D:A9:F6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3632900A5F3F72A06CF6ECB7B9D3B1E3356DA9F6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/B6CF068CF4BA434782FDDD7B24AAA11651528BBE5A39AF9222DAD287AA32678B/0/3133382e3131372e3232382e302f32322d3234203d3e20323639393839.roa
Signing time:             Mon 25 Mar 2024 16:50:00 +0000
ROA not before:           Mon 25 Mar 2024 16:45:00 +0000
ROA not after:            Mon 24 Mar 2025 16:50:00 +0000
asID:                     269989
IP address blocks:        138.117.228.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 20 May 2024 18:35:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:8a:16:85:7b:db:df:74:1a:e5:06:a7:94:5f:5e:aa:47:f5:39:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3632900A5F3F72A06CF6ECB7B9D3B1E3356DA9F6
        Validity
            Not Before: Mar 25 16:45:00 2024 GMT
            Not After : Mar 24 16:50:00 2025 GMT
        Subject: CN=F78786BE9C89CAA9833608EB37521FF9FF00B6F9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:04:a4:aa:29:69:3b:17:01:0f:2f:01:d8:84:
                    c4:26:57:fd:bc:b7:7a:47:88:8b:c8:2c:f6:60:65:
                    b0:7c:25:78:6e:02:04:dc:64:85:71:af:64:2b:9c:
                    ad:a0:13:90:2e:d8:3b:22:2d:01:67:18:31:39:94:
                    c2:ba:d5:21:ed:ce:3e:e7:1f:c3:91:bf:d8:11:48:
                    33:77:f9:fe:58:a4:f0:cc:fe:e7:ac:03:8c:7c:1f:
                    8e:63:3d:05:d9:94:f8:fc:c3:00:02:20:02:b5:84:
                    1b:2a:a1:fe:2e:5c:95:29:55:97:c0:bf:fd:d1:0b:
                    2c:99:65:d8:f1:1c:cc:ce:a4:58:66:b0:0a:5f:26:
                    9d:61:be:f2:73:34:f7:a6:79:67:9a:c2:2b:b6:33:
                    93:12:4d:4f:9d:07:e3:a0:bb:f3:26:81:05:99:99:
                    d9:d4:2b:31:4d:8c:ca:fc:8e:a4:5a:5a:12:a5:6c:
                    5f:2a:77:e5:8f:00:09:8d:a2:5e:51:7b:3a:54:5c:
                    e7:73:d3:a5:bd:60:39:1f:5d:b6:7e:91:e3:6b:ea:
                    ef:24:ca:2b:f3:f1:e0:19:15:30:d5:76:5f:0e:17:
                    6a:8b:53:c4:47:fa:fc:c4:4d:00:78:ce:05:44:b5:
                    30:45:03:ab:6f:ab:6c:53:0e:40:37:6a:12:47:ae:
                    74:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:87:86:BE:9C:89:CA:A9:83:36:08:EB:37:52:1F:F9:FF:00:B6:F9
            X509v3 Authority Key Identifier:
                keyid:36:32:90:0A:5F:3F:72:A0:6C:F6:EC:B7:B9:D3:B1:E3:35:6D:A9:F6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/B6CF068CF4BA434782FDDD7B24AAA11651528BBE5A39AF9222DAD287AA32678B/0/3632900A5F3F72A06CF6ECB7B9D3B1E3356DA9F6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3632900A5F3F72A06CF6ECB7B9D3B1E3356DA9F6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/B6CF068CF4BA434782FDDD7B24AAA11651528BBE5A39AF9222DAD287AA32678B/0/3133382e3131372e3232382e302f32322d3234203d3e20323639393839.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.117.228.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9a:aa:92:73:d3:64:ea:ba:79:09:a3:d9:ee:7d:39:01:07:31:
         c1:75:5a:fb:9c:1d:4e:2c:e2:eb:a4:7e:eb:45:9c:91:cc:00:
         aa:61:a5:d1:c2:4f:f3:2a:19:dc:36:e1:44:86:44:3f:9a:20:
         73:a1:19:87:39:57:5c:30:f7:63:ff:b1:d6:12:32:95:0c:fd:
         73:a6:fe:96:49:cd:68:69:3d:f6:bb:b4:62:80:f4:57:6b:3c:
         e1:9b:a9:d7:f4:51:51:8b:a0:38:67:9f:75:fb:8a:7d:97:04:
         13:91:19:86:ad:d9:f6:6d:e2:20:86:b1:c3:d0:3f:6a:24:cc:
         83:0c:f6:17:de:5b:d8:36:d1:cf:a0:52:4f:d9:81:06:ed:ca:
         60:1e:9b:d5:60:f8:82:4b:8b:bd:11:3c:8e:16:fc:7d:5d:c4:
         a2:3f:14:08:8e:d2:a0:e9:6d:a3:81:4f:ff:2a:9d:54:49:ea:
         f7:b5:e1:9d:62:d6:7a:3c:61:b5:ed:35:89:0f:1a:9f:c9:f6:
         ab:93:fe:cb:fd:00:e8:81:74:aa:21:bd:f8:2e:d6:48:46:20:
         fe:8b:d7:ec:75:9f:3a:64:75:a8:d1:0c:30:66:dc:3d:ef:46:
         23:74:30:6a:71:82:eb:b2:e9:2c:9c:61:6c:23:1e:42:d8:53:
         10:53:6f:e6
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUYIoWhXvb33Qa5QanlF9eqkf1OUowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzYzMjkwMEE1RjNGNzJBMDZDRjZFQ0I3QjlEM0IxRTMz
NTZEQTlGNjAeFw0yNDAzMjUxNjQ1MDBaFw0yNTAzMjQxNjUwMDBaMDMxMTAvBgNV
BAMTKEY3ODc4NkJFOUM4OUNBQTk4MzM2MDhFQjM3NTIxRkY5RkYwMEI2RjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0BKSqKWk7FwEPLwHYhMQmV/28
t3pHiIvILPZgZbB8JXhuAgTcZIVxr2QrnK2gE5Au2DsiLQFnGDE5lMK61SHtzj7n
H8ORv9gRSDN3+f5YpPDM/uesA4x8H45jPQXZlPj8wwACIAK1hBsqof4uXJUpVZfA
v/3RCyyZZdjxHMzOpFhmsApfJp1hvvJzNPemeWeawiu2M5MSTU+dB+Ogu/MmgQWZ
mdnUKzFNjMr8jqRaWhKlbF8qd+WPAAmNol5RezpUXOdz06W9YDkfXbZ+keNr6u8k
yivz8eAZFTDVdl8OF2qLU8RH+vzETQB4zgVEtTBFA6tvq2xTDkA3ahJHrnR/AgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQU94eGvpyJyqmDNgjrN1If+f8AtvkwHwYDVR0j
BBgwFoAUNjKQCl8/cqBs9uy3udOx4zVtqfYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9CNkNGMDY4Q0Y0QkE0MzQ3ODJGREREN0IyNEFBQTExNjUx
NTI4QkJFNUEzOUFGOTIyMkRBRDI4N0FBMzI2NzhCLzAvMzYzMjkwMEE1RjNGNzJB
MDZDRjZFQ0I3QjlEM0IxRTMzNTZEQTlGNi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zNjMyOTAwQTVGM0Y3MkEwNkNG
NkVDQjdCOUQzQjFFMzM1NkRBOUY2LmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQjZDRjA2OENGNEJBNDM0NzgyRkRERDdCMjRBQUExMTY1MTUyOEJCRTVB
MzlBRjkyMjJEQUQyODdBQTMyNjc4Qi8wLzMxMzMzODJlMzEzMTM3MmUzMjMyMzgy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM2MzkzOTM4Mzkucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKK
deQwDQYJKoZIhvcNAQELBQADggEBAJqqknPTZOq6eQmj2e59OQEHMcF1WvucHU4s
4uukfutFnJHMAKphpdHCT/MqGdw24USGRD+aIHOhGYc5V1ww92P/sdYSMpUM/XOm
/pZJzWhpPfa7tGKA9FdrPOGbqdf0UVGLoDhnn3X7in2XBBORGYat2fZt4iCGscPQ
P2okzIMM9hfeW9g20c+gUk/ZgQbtymAem9Vg+IJLi70RPI4W/H1dxKI/FAiO0qDp
baOBT/8qnVRJ6ve14Z1i1no8YbXtNYkPGp/J9quT/sv9AOiBdKohvfgu1khGIP6L
1+x1nzpkdajRDDBm3D3vRiN0MGpxguuy6SycYWwjHkLYUxBTb+Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:59 2024 by rpki-client on console-fra.rpki-client.org