Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/DADE095A1E285AABE8C191625B83C0DA08B514A3BB7B6E9DB65D4EFB3BBEFE96/0/3138312e3138392e37362e302f32322d3234203d3e20323731393137.roa
File:                     3138312e3138392e37362e302f32322d3234203d3e20323731393137.roa (raw, json)
Hash identifier:          B8fY5AZ3V3VGjHMC9FzyupH6xZePExCaKOSY5vSKnbg=
Subject key identifier:   3C:F1:BE:06:03:40:C9:2C:96:CE:68:62:A1:82:B2:E4:BE:0E:A8:50
Certificate issuer:       /CN=1A90820403E94C622A991DBEB877EB7197198430
Certificate serial:       04059579AF618334E41691C89E4EB76AF9C8066A
Authority key identifier: 1A:90:82:04:03:E9:4C:62:2A:99:1D:BE:B8:77:EB:71:97:19:84:30
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1A90820403E94C622A991DBEB877EB7197198430.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/DADE095A1E285AABE8C191625B83C0DA08B514A3BB7B6E9DB65D4EFB3BBEFE96/0/3138312e3138392e37362e302f32322d3234203d3e20323731393137.roa
Signing time:             Wed 22 May 2024 16:05:00 +0000
ROA not before:           Wed 22 May 2024 16:00:00 +0000
ROA not after:            Wed 21 May 2025 16:05:00 +0000
asID:                     271917
IP address blocks:        181.189.76.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Fri 24 May 2024 15:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:05:95:79:af:61:83:34:e4:16:91:c8:9e:4e:b7:6a:f9:c8:06:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1A90820403E94C622A991DBEB877EB7197198430
        Validity
            Not Before: May 22 16:00:00 2024 GMT
            Not After : May 21 16:05:00 2025 GMT
        Subject: CN=3CF1BE060340C92C96CE6862A182B2E4BE0EA850
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:70:32:eb:7d:0c:d8:f4:56:13:85:f7:31:a3:
                    3d:0c:c8:1d:0b:6e:b3:a9:b8:f7:ab:93:fc:f3:0f:
                    8d:29:50:bf:61:b2:e2:d6:ef:fa:8f:f2:12:14:7d:
                    63:28:90:d6:cd:c8:a3:6c:47:b3:10:1e:87:0f:25:
                    bc:03:2a:9c:41:9e:7f:c1:45:e2:c1:1e:be:e1:5d:
                    83:8b:b3:ac:0c:3c:e9:24:ba:b5:e6:b6:d6:a6:df:
                    06:0f:a3:24:c4:25:c8:ac:0e:36:65:68:f7:4a:53:
                    eb:43:e1:a0:a2:c1:ab:09:7a:f0:52:3c:0f:95:d9:
                    be:28:86:b4:c9:6e:79:b9:69:98:bc:f1:1e:4e:d1:
                    ea:f1:32:8d:2a:db:30:6d:63:6a:3e:b7:cd:0c:9d:
                    43:b2:2c:e8:a5:bb:73:58:98:22:e6:6f:ad:12:02:
                    56:fd:28:54:9a:19:90:2f:33:1f:1b:48:93:0e:0c:
                    80:bd:14:65:66:ea:be:b9:11:b1:a6:39:d9:ac:f3:
                    a2:9a:e6:74:f6:e1:bd:e8:54:ab:c4:3d:ab:5d:72:
                    76:08:fc:51:78:3a:dd:75:1e:3a:0b:f3:4a:bc:c1:
                    b8:e3:11:8f:44:84:13:60:7c:bc:3f:90:38:bd:58:
                    b7:5e:f5:95:c7:59:55:94:1f:e4:34:df:5a:f5:ab:
                    12:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:F1:BE:06:03:40:C9:2C:96:CE:68:62:A1:82:B2:E4:BE:0E:A8:50
            X509v3 Authority Key Identifier:
                keyid:1A:90:82:04:03:E9:4C:62:2A:99:1D:BE:B8:77:EB:71:97:19:84:30

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/DADE095A1E285AABE8C191625B83C0DA08B514A3BB7B6E9DB65D4EFB3BBEFE96/0/1A90820403E94C622A991DBEB877EB7197198430.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1A90820403E94C622A991DBEB877EB7197198430.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/DADE095A1E285AABE8C191625B83C0DA08B514A3BB7B6E9DB65D4EFB3BBEFE96/0/3138312e3138392e37362e302f32322d3234203d3e20323731393137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.189.76.0/22

    Signature Algorithm: sha256WithRSAEncryption
         80:b7:c1:63:84:b6:30:15:c9:ed:60:ff:f0:e4:90:77:49:bc:
         ae:19:4e:95:99:a2:fa:0e:db:6b:5a:12:a2:5f:da:4b:62:13:
         49:e9:bb:64:30:01:bd:b4:c9:e8:f3:7b:2d:3b:60:68:40:73:
         96:b4:f6:21:7b:fe:8a:e3:26:b5:b7:46:91:fa:a0:b4:6e:a4:
         1e:41:c1:39:24:e8:2c:78:c4:2e:6c:3e:69:e5:92:39:27:98:
         e3:52:b6:ac:85:99:66:a4:5a:3c:22:05:e2:33:06:14:15:70:
         7e:01:f4:e4:ba:45:a8:73:c2:cc:72:97:56:69:8a:47:3e:27:
         7a:bf:35:b0:88:0c:61:ee:a1:e6:ce:4a:93:cc:2b:3b:ce:4f:
         53:e7:d6:df:38:49:a2:f5:e2:78:29:2a:3c:19:8c:9b:25:fb:
         8a:fd:6b:d4:7e:b0:3e:d4:ea:d6:7a:5a:ae:8e:80:8e:cc:33:
         64:b8:00:7f:c9:55:7d:0e:6c:14:b0:05:8f:a2:2b:d3:05:0b:
         05:d4:03:ac:23:0e:54:09:31:13:20:2b:64:5a:98:47:32:a3:
         1e:b7:e6:7d:50:1b:0f:eb:7d:cd:f8:74:aa:88:16:14:2a:dc:
         6b:b3:4f:75:1f:c7:b4:d3:8b:e3:be:0c:11:ee:c1:6d:f6:e7:
         50:d4:db:42
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUBAWVea9hgzTkFpHInk63avnIBmowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUE5MDgyMDQwM0U5NEM2MjJBOTkxREJFQjg3N0VCNzE5
NzE5ODQzMDAeFw0yNDA1MjIxNjAwMDBaFw0yNTA1MjExNjA1MDBaMDMxMTAvBgNV
BAMTKDNDRjFCRTA2MDM0MEM5MkM5NkNFNjg2MkExODJCMkU0QkUwRUE4NTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVcDLrfQzY9FYThfcxoz0MyB0L
brOpuPerk/zzD40pUL9hsuLW7/qP8hIUfWMokNbNyKNsR7MQHocPJbwDKpxBnn/B
ReLBHr7hXYOLs6wMPOkkurXmttam3wYPoyTEJcisDjZlaPdKU+tD4aCiwasJevBS
PA+V2b4ohrTJbnm5aZi88R5O0erxMo0q2zBtY2o+t80MnUOyLOilu3NYmCLmb60S
Alb9KFSaGZAvMx8bSJMODIC9FGVm6r65EbGmOdms86Ka5nT24b3oVKvEPatdcnYI
/FF4Ot11HjoL80q8wbjjEY9EhBNgfLw/kDi9WLde9ZXHWVWUH+Q031r1qxINAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUPPG+BgNAySyWzmhioYKy5L4OqFAwHwYDVR0j
BBgwFoAUGpCCBAPpTGIqmR2+uHfrcZcZhDAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EQURFMDk1QTFFMjg1QUFCRThDMTkxNjI1QjgzQzBEQTA4
QjUxNEEzQkI3QjZFOURCNjVENEVGQjNCQkVGRTk2LzAvMUE5MDgyMDQwM0U5NEM2
MjJBOTkxREJFQjg3N0VCNzE5NzE5ODQzMC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xQTkwODIwNDAzRTk0QzYyMkE5
OTFEQkVCODc3RUI3MTk3MTk4NDMwLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvREFERTA5NUExRTI4NUFBQkU4QzE5MTYyNUI4M0MwREEwOEI1MTRBM0JC
N0I2RTlEQjY1RDRFRkIzQkJFRkU5Ni8wLzMxMzgzMTJlMzEzODM5MmUzNzM2MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNzMxMzkzMTM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCtb1M
MA0GCSqGSIb3DQEBCwUAA4IBAQCAt8FjhLYwFcntYP/w5JB3SbyuGU6VmaL6Dttr
WhKiX9pLYhNJ6btkMAG9tMno83stO2BoQHOWtPYhe/6K4ya1t0aR+qC0bqQeQcE5
JOgseMQubD5p5ZI5J5jjUrashZlmpFo8IgXiMwYUFXB+AfTkukWoc8LMcpdWaYpH
Pid6vzWwiAxh7qHmzkqTzCs7zk9T59bfOEmi9eJ4KSo8GYybJfuK/WvUfrA+1OrW
elqujoCOzDNkuAB/yVV9DmwUsAWPoivTBQsF1AOsIw5UCTETICtkWphHMqMet+Z9
UBsP633N+HSqiBYUKtxrs091H8e004vjvgwR7sFt9udQ1NtC
-----END CERTIFICATE-----