Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/DAA6AC625BA95DDD02AAE75BB21A588A2D05CBF3D851C77F67998CC5BC25D626/0/3136382e3139372e3231362e302f32322d3233203d3e20323634373834.roa
File:                     3136382e3139372e3231362e302f32322d3233203d3e20323634373834.roa (raw, json)
Hash identifier:          Sp+ZFvNMmjmofB49HbNgVrNjcYYicGpGiY7kXaByF0U=
Subject key identifier:   22:65:E8:BC:3E:A4:5E:7E:40:BC:53:AF:B1:B4:7E:04:7C:5B:BE:4C
Certificate issuer:       /CN=7328461355B304B789F60508DF555EAC428848F4
Certificate serial:       132463063E557C07B6BB47F888C57C46E6F0B618
Authority key identifier: 73:28:46:13:55:B3:04:B7:89:F6:05:08:DF:55:5E:AC:42:88:48:F4
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/7328461355B304B789F60508DF555EAC428848F4.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/DAA6AC625BA95DDD02AAE75BB21A588A2D05CBF3D851C77F67998CC5BC25D626/0/3136382e3139372e3231362e302f32322d3233203d3e20323634373834.roa
Signing time:             Wed 18 Sep 2024 19:10:00 +0000
ROA not before:           Wed 18 Sep 2024 19:05:00 +0000
ROA not after:            Wed 17 Sep 2025 19:10:00 +0000
asID:                     264784
IP address blocks:        168.197.216.0/22 maxlen: 23

Validation:               Failed, certificate revoked on Tue 01 Oct 2024 11:20:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:24:63:06:3e:55:7c:07:b6:bb:47:f8:88:c5:7c:46:e6:f0:b6:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7328461355B304B789F60508DF555EAC428848F4
        Validity
            Not Before: Sep 18 19:05:00 2024 GMT
            Not After : Sep 17 19:10:00 2025 GMT
        Subject: CN=2265E8BC3EA45E7E40BC53AFB1B47E047C5BBE4C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:47:3e:08:b5:fa:00:35:10:d0:2d:c5:8c:16:
                    b5:75:eb:f0:74:46:a1:70:df:3a:c8:89:f9:fb:8d:
                    4a:3a:e3:34:c1:fe:da:c0:de:cb:a0:cc:b5:6b:4b:
                    1a:2c:d1:39:fe:31:5e:de:b4:fe:1a:a3:d7:5b:d5:
                    fe:15:ea:26:b1:f3:75:74:79:9c:06:dc:27:dd:7a:
                    4f:77:58:87:e7:eb:d3:a1:48:b3:3f:a3:14:4c:d6:
                    d3:53:b0:d4:aa:76:61:8e:b7:a3:fd:61:69:c2:4c:
                    92:32:3a:65:7b:aa:c5:a4:c3:d1:bc:35:db:6f:5c:
                    c8:13:8d:eb:0e:dd:2f:71:a0:83:9a:2d:61:f9:45:
                    42:03:fe:85:90:c5:70:a6:36:f1:8e:be:a8:42:85:
                    b2:26:2e:18:59:2a:52:f9:f0:df:2d:65:14:a2:44:
                    8b:d5:17:8a:fe:0a:c2:e4:9d:c3:8f:8a:22:78:83:
                    48:f0:16:e5:f7:91:e7:05:4b:d6:09:69:2e:00:e6:
                    0d:c9:dd:d3:c8:2b:a6:cf:f2:56:08:c3:2f:c3:1a:
                    db:0d:aa:c8:58:45:d0:d5:c3:69:39:b7:82:93:8c:
                    a6:2b:b0:45:97:e1:e6:94:df:40:05:98:8d:67:88:
                    0b:72:74:72:87:8a:78:10:c9:15:dd:54:4f:f6:50:
                    9f:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:65:E8:BC:3E:A4:5E:7E:40:BC:53:AF:B1:B4:7E:04:7C:5B:BE:4C
            X509v3 Authority Key Identifier:
                keyid:73:28:46:13:55:B3:04:B7:89:F6:05:08:DF:55:5E:AC:42:88:48:F4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/DAA6AC625BA95DDD02AAE75BB21A588A2D05CBF3D851C77F67998CC5BC25D626/0/7328461355B304B789F60508DF555EAC428848F4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/7328461355B304B789F60508DF555EAC428848F4.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/DAA6AC625BA95DDD02AAE75BB21A588A2D05CBF3D851C77F67998CC5BC25D626/0/3136382e3139372e3231362e302f32322d3233203d3e20323634373834.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.197.216.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8e:cc:04:c5:93:5c:83:7c:0a:a4:40:a3:b9:87:87:76:e5:f7:
         ca:11:f6:5a:33:94:c5:88:51:bc:fc:11:1b:5b:6f:6e:a1:70:
         ec:68:5a:c0:dc:83:2c:74:ad:24:89:af:d9:2e:7f:7c:e8:eb:
         f6:c7:12:25:2c:95:4b:b9:c4:b9:d1:4f:5f:2a:66:75:4f:5a:
         28:21:7e:d3:b4:5e:55:5c:35:31:b8:57:f2:d5:03:1b:ab:cd:
         9d:e1:d5:de:77:f2:d3:43:a4:72:6f:a8:e8:6a:8c:d5:0e:48:
         0c:9d:6e:08:7e:5b:bf:e7:bb:99:89:de:b2:b8:a7:ba:f4:38:
         8f:a5:e1:21:c9:70:f1:6a:1b:ec:c0:8c:71:2a:bc:f3:71:3b:
         29:d2:03:d7:a2:41:31:07:d5:2c:35:c5:5d:c5:fc:0e:db:81:
         ad:18:bd:22:e4:25:24:4d:dc:bd:1a:7c:8c:d3:38:a1:bd:25:
         f6:09:0f:5d:2d:75:78:55:5a:53:1a:d4:f0:27:a8:96:24:57:
         7a:2a:38:12:3e:f1:d3:b0:24:c1:32:71:03:ce:ac:c1:f1:76:
         08:2b:53:52:d6:b6:a6:c6:a2:22:79:f1:a2:47:d4:33:05:2d:
         54:5b:ba:05:e9:7e:e0:da:43:65:8d:46:0a:6e:9a:5c:37:88:
         63:3e:4d:30
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUEyRjBj5VfAe2u0f4iMV8RubwthgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzMyODQ2MTM1NUIzMDRCNzg5RjYwNTA4REY1NTVFQUM0
Mjg4NDhGNDAeFw0yNDA5MTgxOTA1MDBaFw0yNTA5MTcxOTEwMDBaMDMxMTAvBgNV
BAMTKDIyNjVFOEJDM0VBNDVFN0U0MEJDNTNBRkIxQjQ3RTA0N0M1QkJFNEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtRz4ItfoANRDQLcWMFrV16/B0
RqFw3zrIifn7jUo64zTB/trA3sugzLVrSxos0Tn+MV7etP4ao9db1f4V6iax83V0
eZwG3Cfdek93WIfn69OhSLM/oxRM1tNTsNSqdmGOt6P9YWnCTJIyOmV7qsWkw9G8
NdtvXMgTjesO3S9xoIOaLWH5RUID/oWQxXCmNvGOvqhChbImLhhZKlL58N8tZRSi
RIvVF4r+CsLkncOPiiJ4g0jwFuX3kecFS9YJaS4A5g3J3dPIK6bP8lYIwy/DGtsN
qshYRdDVw2k5t4KTjKYrsEWX4eaU30AFmI1niAtydHKHingQyRXdVE/2UJ9HAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUImXovD6kXn5AvFOvsbR+BHxbvkwwHwYDVR0j
BBgwFoAUcyhGE1WzBLeJ9gUI31VerEKISPQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EQUE2QUM2MjVCQTk1REREMDJBQUU3NUJCMjFBNTg4QTJE
MDVDQkYzRDg1MUM3N0Y2Nzk5OENDNUJDMjVENjI2LzAvNzMyODQ2MTM1NUIzMDRC
Nzg5RjYwNTA4REY1NTVFQUM0Mjg4NDhGNC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC83MzI4NDYxMzU1QjMwNEI3ODlG
NjA1MDhERjU1NUVBQzQyODg0OEY0LmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvREFBNkFDNjI1QkE5NURERDAyQUFFNzVCQjIxQTU4OEEyRDA1Q0JGM0Q4
NTFDNzdGNjc5OThDQzVCQzI1RDYyNi8wLzMxMzYzODJlMzEzOTM3MmUzMjMxMzYy
ZTMwMmYzMjMyMmQzMjMzMjAzZDNlMjAzMjM2MzQzNzM4MzQucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKo
xdgwDQYJKoZIhvcNAQELBQADggEBAI7MBMWTXIN8CqRAo7mHh3bl98oR9lozlMWI
Ubz8ERtbb26hcOxoWsDcgyx0rSSJr9kuf3zo6/bHEiUslUu5xLnRT18qZnVPWigh
ftO0XlVcNTG4V/LVAxurzZ3h1d538tNDpHJvqOhqjNUOSAydbgh+W7/nu5mJ3rK4
p7r0OI+l4SHJcPFqG+zAjHEqvPNxOynSA9eiQTEH1Sw1xV3F/A7bga0YvSLkJSRN
3L0afIzTOKG9JfYJD10tdXhVWlMa1PAnqJYkV3oqOBI+8dOwJMEycQPOrMHxdggr
U1LWtqbGoiJ58aJH1DMFLVRbugXpfuDaQ2WNRgpumlw3iGM+TTA=
-----END CERTIFICATE-----