Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D1B8838FECB9462CAB890A0CBF5ECF1E295AF1326B83179E433DA04827BFDC30/0/323830333a383539303a3930303a3a2f34302d3430203d3e20323732393636.roa
File:                     323830333a383539303a3930303a3a2f34302d3430203d3e20323732393636.roa (raw, json)
Hash identifier:          DZJC6Tg7qLUd1jmwk5BJJlH0Iy++y3tcnBbvmQsKj8I=
Subject key identifier:   4D:33:FE:0E:EF:9F:8E:5F:22:06:71:E4:48:F6:EB:59:C4:94:9A:B4
Certificate issuer:       /CN=2122091F9E8EF8DB7097C3E806CDF34469265C93
Certificate serial:       3ACD470696FB3BBDF201D0AAC5C5AA17D9219DC0
Authority key identifier: 21:22:09:1F:9E:8E:F8:DB:70:97:C3:E8:06:CD:F3:44:69:26:5C:93
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2122091F9E8EF8DB7097C3E806CDF34469265C93.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D1B8838FECB9462CAB890A0CBF5ECF1E295AF1326B83179E433DA04827BFDC30/0/323830333a383539303a3930303a3a2f34302d3430203d3e20323732393636.roa
Signing time:             Tue 05 Mar 2024 17:44:04 +0000
ROA not before:           Tue 05 Mar 2024 17:39:04 +0000
ROA not after:            Tue 04 Mar 2025 17:44:04 +0000
asID:                     272966
IP address blocks:        2803:8590:900::/40 maxlen: 40

Validation:               Failed, certificate revoked on Fri 06 Sep 2024 17:00:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:cd:47:06:96:fb:3b:bd:f2:01:d0:aa:c5:c5:aa:17:d9:21:9d:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2122091F9E8EF8DB7097C3E806CDF34469265C93
        Validity
            Not Before: Mar  5 17:39:04 2024 GMT
            Not After : Mar  4 17:44:04 2025 GMT
        Subject: CN=4D33FE0EEF9F8E5F220671E448F6EB59C4949AB4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:07:ad:5c:60:7e:05:69:6f:39:21:08:f9:f5:
                    43:42:4e:2a:c6:9b:a8:04:08:b9:63:6a:e4:c6:18:
                    96:79:93:ab:c1:b7:92:ff:f6:78:ca:88:90:cc:f3:
                    c6:a2:2f:a6:89:ea:83:d5:6b:ea:9c:21:16:dc:a9:
                    66:ce:37:98:b1:c4:fe:61:e7:93:cd:01:db:e2:a6:
                    72:5f:e1:21:e4:23:79:fd:34:92:fa:62:d8:1b:0d:
                    28:9b:d9:1a:70:94:b1:bf:b6:9f:d2:52:8e:4d:71:
                    17:e4:d5:a3:ad:4e:f4:0e:f8:4b:32:14:a8:bf:50:
                    4a:c0:b5:44:42:2d:ea:9d:c9:3a:0c:b8:8f:44:b4:
                    16:76:af:e6:b9:2a:3c:ca:02:c8:7f:a1:1d:35:d8:
                    3c:0f:9a:ac:3d:b7:7c:32:3d:d6:22:99:e3:eb:a1:
                    83:a6:20:fd:2c:63:65:1f:b0:3d:90:0d:e3:4e:81:
                    51:3a:1b:c6:08:27:16:e6:69:ad:74:f0:c0:e0:69:
                    27:97:ac:64:a5:26:5a:7d:52:8d:99:d9:88:79:a6:
                    77:2d:47:74:2f:c1:3f:bf:c8:56:6e:ec:cb:68:05:
                    21:b2:30:1c:49:8f:f9:3f:2d:d2:33:b7:64:5e:e2:
                    91:80:9a:be:00:fe:26:d8:83:ef:d9:90:e6:43:5d:
                    24:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:33:FE:0E:EF:9F:8E:5F:22:06:71:E4:48:F6:EB:59:C4:94:9A:B4
            X509v3 Authority Key Identifier:
                keyid:21:22:09:1F:9E:8E:F8:DB:70:97:C3:E8:06:CD:F3:44:69:26:5C:93

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D1B8838FECB9462CAB890A0CBF5ECF1E295AF1326B83179E433DA04827BFDC30/0/2122091F9E8EF8DB7097C3E806CDF34469265C93.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2122091F9E8EF8DB7097C3E806CDF34469265C93.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D1B8838FECB9462CAB890A0CBF5ECF1E295AF1326B83179E433DA04827BFDC30/0/323830333a383539303a3930303a3a2f34302d3430203d3e20323732393636.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:8590:900::/40

    Signature Algorithm: sha256WithRSAEncryption
         2b:5b:0b:37:76:f9:cf:0d:75:a5:f7:18:08:5f:e4:ba:ce:c2:
         5c:55:8b:03:16:3b:e6:7b:4f:75:4e:d5:f5:de:06:d9:20:a1:
         6d:8d:a3:91:36:71:3c:89:4c:47:73:7f:c0:fa:dd:28:b2:5a:
         97:2c:dc:8e:3d:22:86:f1:7e:b1:6d:15:7f:14:92:7a:9d:88:
         47:b6:fa:2e:3d:4e:40:61:ce:f7:74:16:26:45:72:89:a3:02:
         f9:e5:ba:01:21:61:f2:83:19:e5:0e:45:a6:d3:85:64:d4:79:
         3e:aa:86:0c:4b:cd:b7:44:6e:f6:34:de:e4:22:b8:72:5e:05:
         23:4a:7b:d1:34:d7:be:30:68:36:50:08:19:0f:f8:21:4e:bb:
         82:d5:71:50:de:48:ab:ad:0c:d3:58:d4:c5:08:9c:d8:62:0b:
         b2:40:5f:27:b5:fd:a6:28:eb:5c:1f:c5:8c:b9:21:fa:68:01:
         d3:b8:2f:39:d3:9c:0d:d0:76:95:04:70:84:0b:46:16:e7:7a:
         eb:ce:dd:eb:c6:99:77:cc:70:d0:be:1b:f2:d2:ce:66:25:8d:
         2c:23:a4:98:a1:ba:6f:b4:45:2c:8e:05:30:43:dd:b4:96:33:
         29:02:69:49:6c:5b:a7:94:91:9c:9e:1e:b9:7d:db:69:71:91:
         7e:ab:86:a2
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgIUOs1HBpb7O73yAdCqxcWqF9khncAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjEyMjA5MUY5RThFRjhEQjcwOTdDM0U4MDZDREYzNDQ2
OTI2NUM5MzAeFw0yNDAzMDUxNzM5MDRaFw0yNTAzMDQxNzQ0MDRaMDMxMTAvBgNV
BAMTKDREMzNGRTBFRUY5RjhFNUYyMjA2NzFFNDQ4RjZFQjU5QzQ5NDlBQjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgB61cYH4FaW85IQj59UNCTirG
m6gECLljauTGGJZ5k6vBt5L/9njKiJDM88aiL6aJ6oPVa+qcIRbcqWbON5ixxP5h
55PNAdvipnJf4SHkI3n9NJL6YtgbDSib2RpwlLG/tp/SUo5NcRfk1aOtTvQO+Esy
FKi/UErAtURCLeqdyToMuI9EtBZ2r+a5KjzKAsh/oR012DwPmqw9t3wyPdYimePr
oYOmIP0sY2UfsD2QDeNOgVE6G8YIJxbmaa108MDgaSeXrGSlJlp9Uo2Z2Yh5pnct
R3QvwT+/yFZu7MtoBSGyMBxJj/k/LdIzt2Re4pGAmr4A/ibYg+/ZkOZDXSQ9AgMB
AAGjggLSMIICzjAdBgNVHQ4EFgQUTTP+Du+fjl8iBnHkSPbrWcSUmrQwHwYDVR0j
BBgwFoAUISIJH56O+Ntwl8PoBs3zRGkmXJMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EMUI4ODM4RkVDQjk0NjJDQUI4OTBBMENCRjVFQ0YxRTI5
NUFGMTMyNkI4MzE3OUU0MzNEQTA0ODI3QkZEQzMwLzAvMjEyMjA5MUY5RThFRjhE
QjcwOTdDM0U4MDZDREYzNDQ2OTI2NUM5My5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMTIyMDkxRjlFOEVGOERCNzA5
N0MzRTgwNkNERjM0NDY5MjY1QzkzLmNlcjCBzwYIKwYBBQUHAQsEgcIwgb8wgbwG
CCsGAQUFBzALhoGvcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDFCODgzOEZFQ0I5NDYyQ0FCODkwQTBDQkY1RUNGMUUyOTVBRjEzMjZC
ODMxNzlFNDMzREEwNDgyN0JGREMzMC8wLzMyMzgzMDMzM2EzODM1MzkzMDNhMzkz
MDMwM2EzYTJmMzQzMDJkMzQzMDIwM2QzZTIwMzIzNzMyMzkzNjM2LnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAI
AwYAKAOFkAkwDQYJKoZIhvcNAQELBQADggEBACtbCzd2+c8NdaX3GAhf5LrOwlxV
iwMWO+Z7T3VO1fXeBtkgoW2No5E2cTyJTEdzf8D63SiyWpcs3I49IobxfrFtFX8U
knqdiEe2+i49TkBhzvd0FiZFcomjAvnlugEhYfKDGeUORabThWTUeT6qhgxLzbdE
bvY03uQiuHJeBSNKe9E0174waDZQCBkP+CFOu4LVcVDeSKutDNNY1MUInNhiC7JA
Xye1/aYo61wfxYy5IfpoAdO4LznTnA3QdpUEcIQLRhbneuvO3evGmXfMcNC+G/LS
zmYljSwjpJihum+0RSyOBTBD3bSWMykCaUlsW6eUkZyeHrl922lxkX6rhqI=
-----END CERTIFICATE-----
Generated at Fri Sep 6 19:15:47 2024 by rpki-client on console-ams.rpki-client.org