Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D4B56D8CB7B0666463ACAE31C3496971109B4D5151D62FBE8CF7EB3069FD6FC8/0/3139302e31332e3139342e302f32342d3234203d3e20323731373733.roa
File:                     3139302e31332e3139342e302f32342d3234203d3e20323731373733.roa (raw, json)
Hash identifier:          U1NbuYGEA55TynF97svbl6o8AQ6hF19FpXstImeMm/0=
Subject key identifier:   95:BC:7C:FA:D2:4B:AB:88:0B:24:69:B2:07:D5:B4:89:E6:16:96:5A
Certificate issuer:       /CN=928052F0CB3F37ACD3ABCCCBC8A740B04DA13237
Certificate serial:       21F632AD76895047BE37AB862A9A1A19461C261F
Authority key identifier: 92:80:52:F0:CB:3F:37:AC:D3:AB:CC:CB:C8:A7:40:B0:4D:A1:32:37
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/928052F0CB3F37ACD3ABCCCBC8A740B04DA13237.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D4B56D8CB7B0666463ACAE31C3496971109B4D5151D62FBE8CF7EB3069FD6FC8/0/3139302e31332e3139342e302f32342d3234203d3e20323731373733.roa
Signing time:             Tue 05 Mar 2024 17:41:18 +0000
ROA not before:           Tue 05 Mar 2024 17:36:18 +0000
ROA not after:            Tue 04 Mar 2025 17:41:18 +0000
asID:                     271773
IP address blocks:        190.13.194.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 12 Jul 2024 16:10:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            21:f6:32:ad:76:89:50:47:be:37:ab:86:2a:9a:1a:19:46:1c:26:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=928052F0CB3F37ACD3ABCCCBC8A740B04DA13237
        Validity
            Not Before: Mar  5 17:36:18 2024 GMT
            Not After : Mar  4 17:41:18 2025 GMT
        Subject: CN=95BC7CFAD24BAB880B2469B207D5B489E616965A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:3f:d1:4d:75:8a:73:e1:51:a2:98:56:cc:aa:
                    9a:04:8a:b0:9e:be:0a:4c:b4:73:64:f0:9a:4d:0c:
                    9e:d2:96:21:b6:f3:e8:7b:ae:bc:1f:af:a2:50:b7:
                    b0:88:4a:ce:69:7b:24:a9:08:ea:81:c4:eb:0d:c8:
                    34:f9:b2:bc:05:51:06:03:c5:39:ec:a4:a6:4c:25:
                    9e:a7:80:78:e8:19:37:b7:55:35:93:f3:17:b7:41:
                    43:0c:05:e1:4c:95:d9:26:9e:47:51:91:9b:26:2e:
                    7c:2b:b6:a1:82:17:b9:ba:98:79:f0:84:3a:e2:aa:
                    96:3f:86:dc:81:5c:30:12:5f:a6:74:af:ac:02:41:
                    fd:07:4f:a4:f0:29:2c:c7:4e:47:b7:5f:13:ff:d5:
                    b0:38:18:c9:b1:25:d7:75:6c:19:f5:80:8a:00:09:
                    40:ab:1c:7c:e5:5f:8a:4f:93:1f:73:93:de:b2:17:
                    5a:7b:9b:b0:f8:3e:f5:64:30:52:7f:db:d3:16:65:
                    33:08:61:ac:e1:33:4d:57:0e:4c:00:f7:d2:c0:a4:
                    7b:9f:5a:cc:d6:80:fa:46:bc:03:0a:3b:91:80:9f:
                    3c:a0:9c:3f:7f:85:50:9e:04:56:b8:7e:7f:7c:54:
                    24:a3:b3:cb:d1:cd:88:95:03:6e:91:76:41:d9:ec:
                    62:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:BC:7C:FA:D2:4B:AB:88:0B:24:69:B2:07:D5:B4:89:E6:16:96:5A
            X509v3 Authority Key Identifier:
                keyid:92:80:52:F0:CB:3F:37:AC:D3:AB:CC:CB:C8:A7:40:B0:4D:A1:32:37

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D4B56D8CB7B0666463ACAE31C3496971109B4D5151D62FBE8CF7EB3069FD6FC8/0/928052F0CB3F37ACD3ABCCCBC8A740B04DA13237.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/928052F0CB3F37ACD3ABCCCBC8A740B04DA13237.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D4B56D8CB7B0666463ACAE31C3496971109B4D5151D62FBE8CF7EB3069FD6FC8/0/3139302e31332e3139342e302f32342d3234203d3e20323731373733.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.13.194.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:6b:33:e6:96:c2:45:6e:4c:95:3e:c1:ac:62:78:fd:3e:9c:
         26:4c:d3:e9:f0:8d:84:fe:94:77:52:a2:c1:24:e3:3c:db:d1:
         68:b3:0d:d9:5b:c8:36:d6:26:e8:12:68:a9:68:b3:df:8b:12:
         17:db:a4:4c:a2:21:cf:24:b4:54:1c:93:97:6d:84:03:b5:79:
         87:3f:c4:b6:8f:77:4a:99:4f:ad:8a:ee:cf:1f:8b:eb:a8:2d:
         80:27:9d:38:95:cf:4d:a9:48:c5:64:59:a7:a6:26:aa:39:2b:
         e5:f1:41:00:7f:be:f8:87:a0:74:a8:5a:ba:a4:4c:cf:c2:e9:
         57:87:d2:81:dc:52:81:95:ff:c4:91:dc:45:64:63:b3:91:0b:
         db:96:3d:62:d0:02:d3:ae:58:fc:45:c8:c0:04:00:a4:21:b7:
         c5:d5:1b:3f:4a:92:00:26:9e:73:3c:c1:a8:f7:d8:96:79:5e:
         51:ac:91:49:0c:8e:09:21:cb:1c:18:4e:a0:62:2d:3d:b6:ee:
         a5:24:09:36:92:99:5d:a2:8c:81:5e:99:52:c4:3c:27:06:bf:
         9f:4c:c7:4c:3b:86:00:2b:28:d0:a2:60:e3:e8:dd:24:b1:12:
         a2:2a:48:d0:8b:e7:c3:26:8c:f8:38:a1:80:38:35:52:23:57:
         99:a5:49:1b
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUIfYyrXaJUEe+N6uGKpoaGUYcJh8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTI4MDUyRjBDQjNGMzdBQ0QzQUJDQ0NCQzhBNzQwQjA0
REExMzIzNzAeFw0yNDAzMDUxNzM2MThaFw0yNTAzMDQxNzQxMThaMDMxMTAvBgNV
BAMTKDk1QkM3Q0ZBRDI0QkFCODgwQjI0NjlCMjA3RDVCNDg5RTYxNjk2NUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCFP9FNdYpz4VGimFbMqpoEirCe
vgpMtHNk8JpNDJ7SliG28+h7rrwfr6JQt7CISs5peySpCOqBxOsNyDT5srwFUQYD
xTnspKZMJZ6ngHjoGTe3VTWT8xe3QUMMBeFMldkmnkdRkZsmLnwrtqGCF7m6mHnw
hDriqpY/htyBXDASX6Z0r6wCQf0HT6TwKSzHTke3XxP/1bA4GMmxJdd1bBn1gIoA
CUCrHHzlX4pPkx9zk96yF1p7m7D4PvVkMFJ/29MWZTMIYazhM01XDkwA99LApHuf
WszWgPpGvAMKO5GAnzygnD9/hVCeBFa4fn98VCSjs8vRzYiVA26RdkHZ7GJNAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUlbx8+tJLq4gLJGmyB9W0ieYWllowHwYDVR0j
BBgwFoAUkoBS8Ms/N6zTq8zLyKdAsE2hMjcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9ENEI1NkQ4Q0I3QjA2NjY0NjNBQ0FFMzFDMzQ5Njk3MTEw
OUI0RDUxNTFENjJGQkU4Q0Y3RUIzMDY5RkQ2RkM4LzAvOTI4MDUyRjBDQjNGMzdB
Q0QzQUJDQ0NCQzhBNzQwQjA0REExMzIzNy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85MjgwNTJGMENCM0YzN0FDRDNB
QkNDQ0JDOEE3NDBCMDREQTEzMjM3LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDRCNTZEOENCN0IwNjY2NDYzQUNBRTMxQzM0OTY5NzExMDlCNEQ1MTUx
RDYyRkJFOENGN0VCMzA2OUZENkZDOC8wLzMxMzkzMDJlMzEzMzJlMzEzOTM0MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzMxMzczNzMzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvg3C
MA0GCSqGSIb3DQEBCwUAA4IBAQAUazPmlsJFbkyVPsGsYnj9PpwmTNPp8I2E/pR3
UqLBJOM829Fosw3ZW8g21iboEmipaLPfixIX26RMoiHPJLRUHJOXbYQDtXmHP8S2
j3dKmU+tiu7PH4vrqC2AJ504lc9NqUjFZFmnpiaqOSvl8UEAf774h6B0qFq6pEzP
wulXh9KB3FKBlf/EkdxFZGOzkQvblj1i0ALTrlj8RcjABACkIbfF1Rs/SpIAJp5z
PMGo99iWeV5RrJFJDI4JIcscGE6gYi09tu6lJAk2kpldooyBXplSxDwnBr+fTMdM
O4YAKyjQomDj6N0ksRKiKkjQi+fDJoz4OKGAODVSI1eZpUkb
-----END CERTIFICATE-----
Generated at Fri Jul 12 20:12:23 2024 by rpki-client on console-ams.rpki-client.org