Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/DE47DDEBD18C83493D1A11AEDB541A5E30E183DF24EACF7F254B2E61A36387A0/0/34352e3233342e36302e302f32322d3234203d3e20323636373636.roa
File:                     34352e3233342e36302e302f32322d3234203d3e20323636373636.roa (raw, json)
Hash identifier:          C4kv/Nl2J3IjpeuwqRuEWr7npXk2betiPWg1pMtur0E=
Subject key identifier:   BC:72:9F:81:76:BB:A0:61:4D:F1:38:26:35:62:AC:1E:E4:4F:71:7E
Certificate issuer:       /CN=DD286A83BE77C42BA2D2BBC8E5A4CCAF1960264D
Certificate serial:       0B21A106DA30487DB95E33B1A1347BB679B9CCDD
Authority key identifier: DD:28:6A:83:BE:77:C4:2B:A2:D2:BB:C8:E5:A4:CC:AF:19:60:26:4D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DD286A83BE77C42BA2D2BBC8E5A4CCAF1960264D.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/DE47DDEBD18C83493D1A11AEDB541A5E30E183DF24EACF7F254B2E61A36387A0/0/34352e3233342e36302e302f32322d3234203d3e20323636373636.roa
Signing time:             Tue 05 Mar 2024 18:16:33 +0000
ROA not before:           Tue 05 Mar 2024 18:11:33 +0000
ROA not after:            Tue 04 Mar 2025 18:16:33 +0000
asID:                     266766
IP address blocks:        45.234.60.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 20 Aug 2024 21:10:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0b:21:a1:06:da:30:48:7d:b9:5e:33:b1:a1:34:7b:b6:79:b9:cc:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DD286A83BE77C42BA2D2BBC8E5A4CCAF1960264D
        Validity
            Not Before: Mar  5 18:11:33 2024 GMT
            Not After : Mar  4 18:16:33 2025 GMT
        Subject: CN=BC729F8176BBA0614DF138263562AC1EE44F717E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:36:17:c0:14:24:a1:7d:44:fb:e5:65:6a:36:
                    26:62:d5:08:8d:bd:09:86:f7:16:f8:b2:05:b2:66:
                    df:a9:c4:fa:ce:e7:0a:07:6b:6b:b4:33:e0:f1:b1:
                    9c:b4:6b:f4:7f:9e:45:56:c8:b5:c0:49:5a:1e:b7:
                    58:cc:e8:40:aa:60:68:a2:32:88:4d:fb:83:f3:b4:
                    5a:75:b1:49:62:d1:70:a1:d2:e6:ae:74:69:8a:83:
                    fc:2b:c9:e3:e0:33:e0:54:03:7b:45:a5:20:86:36:
                    ab:53:a3:18:7e:8d:06:ad:8b:3b:ea:33:04:e9:2e:
                    c0:32:e0:5e:3c:6d:b8:b6:61:3d:6d:2f:96:3a:0c:
                    a8:9b:1b:4f:40:db:68:49:e1:37:aa:4b:88:5b:ba:
                    7b:fc:50:c9:f6:6d:35:2a:61:0c:7b:c9:85:16:56:
                    8b:00:72:76:16:3f:63:a9:48:02:5e:d3:54:db:40:
                    c0:9b:5f:0c:9b:fb:b1:a7:1f:47:e3:b7:b0:f5:53:
                    0b:7f:a8:ee:aa:8d:e4:ba:2e:b1:56:fa:89:69:99:
                    a2:7b:8c:92:2c:d7:b5:93:63:0f:f8:56:d3:13:cd:
                    56:7b:7a:4e:43:3b:cb:12:25:8c:8e:3f:8a:c9:56:
                    ea:a4:e9:44:c5:eb:0e:0f:8d:f2:40:05:e3:0e:fe:
                    f5:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:72:9F:81:76:BB:A0:61:4D:F1:38:26:35:62:AC:1E:E4:4F:71:7E
            X509v3 Authority Key Identifier:
                keyid:DD:28:6A:83:BE:77:C4:2B:A2:D2:BB:C8:E5:A4:CC:AF:19:60:26:4D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/DE47DDEBD18C83493D1A11AEDB541A5E30E183DF24EACF7F254B2E61A36387A0/0/DD286A83BE77C42BA2D2BBC8E5A4CCAF1960264D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DD286A83BE77C42BA2D2BBC8E5A4CCAF1960264D.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/DE47DDEBD18C83493D1A11AEDB541A5E30E183DF24EACF7F254B2E61A36387A0/0/34352e3233342e36302e302f32322d3234203d3e20323636373636.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.234.60.0/22

    Signature Algorithm: sha256WithRSAEncryption
         65:fe:af:72:b8:ed:93:7b:41:e5:0c:bf:e1:a0:05:4e:32:64:
         37:0b:50:11:2e:8c:5a:6e:7a:53:52:d6:15:af:96:43:d7:02:
         96:1c:4c:80:0f:94:54:0b:dc:da:a0:cd:b8:98:e4:8c:20:1a:
         91:6c:73:c5:10:1a:4e:4e:f6:fe:4f:68:96:6c:69:9d:76:fd:
         fe:ce:94:b2:d7:88:b1:6f:26:86:5e:df:60:47:40:97:bd:de:
         28:78:06:84:19:96:59:a6:24:85:84:67:e2:97:ba:0a:0d:ac:
         3a:98:c0:b8:49:ce:b5:f7:57:3f:77:44:f8:3a:a4:c1:c9:89:
         21:3f:ad:bb:58:6e:14:69:30:0e:54:3f:d8:59:2f:9e:40:a9:
         3f:2e:96:35:d8:f4:68:00:33:6b:60:08:28:50:4b:8c:56:7c:
         c2:ca:ee:ff:2a:03:54:c8:88:6e:43:31:30:2e:fd:42:6b:3e:
         ea:80:18:ea:22:94:ad:e6:a5:15:56:50:ee:0d:23:93:64:da:
         6f:ee:af:ec:7e:9d:2f:98:b6:01:6a:bf:0a:5a:83:53:8b:a1:
         a2:77:18:0d:a7:98:cf:4b:42:52:29:5e:74:c6:12:18:8a:cf:
         a9:32:cd:63:b2:24:10:ab:9f:c5:63:c6:59:dc:b3:c0:14:14:
         a2:4a:3b:f0
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUCyGhBtowSH25XjOxoTR7tnm5zN0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoREQyODZBODNCRTc3QzQyQkEyRDJCQkM4RTVBNENDQUYx
OTYwMjY0RDAeFw0yNDAzMDUxODExMzNaFw0yNTAzMDQxODE2MzNaMDMxMTAvBgNV
BAMTKEJDNzI5RjgxNzZCQkEwNjE0REYxMzgyNjM1NjJBQzFFRTQ0RjcxN0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqNhfAFCShfUT75WVqNiZi1QiN
vQmG9xb4sgWyZt+pxPrO5woHa2u0M+DxsZy0a/R/nkVWyLXASVoet1jM6ECqYGii
MohN+4PztFp1sUli0XCh0uaudGmKg/wryePgM+BUA3tFpSCGNqtToxh+jQatizvq
MwTpLsAy4F48bbi2YT1tL5Y6DKibG09A22hJ4TeqS4hbunv8UMn2bTUqYQx7yYUW
VosAcnYWP2OpSAJe01TbQMCbXwyb+7GnH0fjt7D1Uwt/qO6qjeS6LrFW+olpmaJ7
jJIs17WTYw/4VtMTzVZ7ek5DO8sSJYyOP4rJVuqk6UTF6w4PjfJABeMO/vUJAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUvHKfgXa7oGFN8TgmNWKsHuRPcX4wHwYDVR0j
BBgwFoAU3Shqg753xCui0rvI5aTMrxlgJk0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9ERTQ3RERFQkQxOEM4MzQ5M0QxQTExQUVEQjU0MUE1RTMw
RTE4M0RGMjRFQUNGN0YyNTRCMkU2MUEzNjM4N0EwLzAvREQyODZBODNCRTc3QzQy
QkEyRDJCQkM4RTVBNENDQUYxOTYwMjY0RC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ERDI4NkE4M0JFNzdDNDJCQTJE
MkJCQzhFNUE0Q0NBRjE5NjAyNjRELmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvREU0N0RERUJEMThDODM0OTNEMUExMUFFREI1NDFBNUUzMEUxODNERjI0
RUFDRjdGMjU0QjJFNjFBMzYzODdBMC8wLzM0MzUyZTMyMzMzNDJlMzYzMDJlMzAy
ZjMyMzIyZDMyMzQyMDNkM2UyMDMyMzYzNjM3MzYzNi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi3qPDAN
BgkqhkiG9w0BAQsFAAOCAQEAZf6vcrjtk3tB5Qy/4aAFTjJkNwtQES6MWm56U1LW
Fa+WQ9cClhxMgA+UVAvc2qDNuJjkjCAakWxzxRAaTk72/k9olmxpnXb9/s6UsteI
sW8mhl7fYEdAl73eKHgGhBmWWaYkhYRn4pe6Cg2sOpjAuEnOtfdXP3dE+DqkwcmJ
IT+tu1huFGkwDlQ/2FkvnkCpPy6WNdj0aAAza2AIKFBLjFZ8wsru/yoDVMiIbkMx
MC79Qms+6oAY6iKUrealFVZQ7g0jk2Tab+6v7H6dL5i2AWq/ClqDU4uhoncYDaeY
z0tCUiledMYSGIrPqTLNY7IkEKufxWPGWdyzwBQUoko78A==
-----END CERTIFICATE-----