Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/E64F98E9FF3571310A202169D8D46F0FFE4486FC4B6364B625044D86CBE3CD91/0/3133382e35392e3232342e302f32322d3234203d3e20323730303532.roa
File:                     3133382e35392e3232342e302f32322d3234203d3e20323730303532.roa (raw, json)
Hash identifier:          XF14E1FvhVWCNRkTdiGmkLLKn1FU6kYlozv1frfPbac=
Subject key identifier:   6A:6E:B4:E1:1A:32:8C:DD:B5:54:32:75:6D:97:66:AA:AB:C8:9D:39
Certificate issuer:       /CN=69FD3EB23E910C40C36B84893BA0E5D72631240F
Certificate serial:       16BD2620D74D16D47757C4553FCBD99F56DE7F45
Authority key identifier: 69:FD:3E:B2:3E:91:0C:40:C3:6B:84:89:3B:A0:E5:D7:26:31:24:0F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/69FD3EB23E910C40C36B84893BA0E5D72631240F.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/E64F98E9FF3571310A202169D8D46F0FFE4486FC4B6364B625044D86CBE3CD91/0/3133382e35392e3232342e302f32322d3234203d3e20323730303532.roa
Signing time:             Tue 05 Mar 2024 17:48:22 +0000
ROA not before:           Tue 05 Mar 2024 17:43:22 +0000
ROA not after:            Tue 04 Mar 2025 17:48:22 +0000
asID:                     270052
IP address blocks:        138.59.224.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Sun 26 May 2024 15:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:bd:26:20:d7:4d:16:d4:77:57:c4:55:3f:cb:d9:9f:56:de:7f:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69FD3EB23E910C40C36B84893BA0E5D72631240F
        Validity
            Not Before: Mar  5 17:43:22 2024 GMT
            Not After : Mar  4 17:48:22 2025 GMT
        Subject: CN=6A6EB4E11A328CDDB55432756D9766AAABC89D39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:73:09:a2:54:f4:18:ca:c6:d3:33:45:4e:35:
                    df:96:e3:e6:b1:52:fd:12:da:1c:d4:87:dd:95:a2:
                    aa:5f:f2:2a:51:ef:77:37:9e:62:eb:91:af:8c:d9:
                    09:f7:1e:09:28:34:2d:e1:ed:1b:41:30:24:6e:2d:
                    f2:bd:e5:65:64:f1:f4:26:78:2e:6a:8b:7d:41:17:
                    1c:84:58:b6:f7:00:44:0f:2c:95:81:1e:3a:dd:b8:
                    9a:5a:01:56:9c:fb:2e:cd:3f:65:b2:54:ca:61:10:
                    ea:03:06:75:69:d3:12:d5:97:e6:7a:c9:f7:45:1a:
                    6d:3d:28:6e:36:5d:8a:1a:49:c9:ca:fc:94:3f:7c:
                    d4:88:26:85:f6:f0:c2:f7:c9:5e:1f:3c:6b:40:80:
                    2c:40:62:82:6f:90:4e:cb:94:cd:82:10:58:02:25:
                    2f:20:5e:81:fb:d1:d6:2a:b5:7a:ca:c8:f8:08:f5:
                    4b:47:80:88:b0:10:7d:33:ff:13:6f:19:2f:63:e7:
                    65:30:83:cf:1b:84:56:a7:e9:ee:c1:28:55:75:fd:
                    56:0b:c7:ac:72:f3:df:20:9e:9f:49:5a:9c:9f:e6:
                    70:e0:65:de:f0:d3:7d:9b:62:88:94:16:02:64:ad:
                    95:2a:72:23:25:20:b9:60:78:6b:43:cf:e5:37:96:
                    4c:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:6E:B4:E1:1A:32:8C:DD:B5:54:32:75:6D:97:66:AA:AB:C8:9D:39
            X509v3 Authority Key Identifier:
                keyid:69:FD:3E:B2:3E:91:0C:40:C3:6B:84:89:3B:A0:E5:D7:26:31:24:0F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/E64F98E9FF3571310A202169D8D46F0FFE4486FC4B6364B625044D86CBE3CD91/0/69FD3EB23E910C40C36B84893BA0E5D72631240F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/69FD3EB23E910C40C36B84893BA0E5D72631240F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/E64F98E9FF3571310A202169D8D46F0FFE4486FC4B6364B625044D86CBE3CD91/0/3133382e35392e3232342e302f32322d3234203d3e20323730303532.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.59.224.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4b:34:3c:c7:46:83:b3:66:df:83:aa:48:e7:31:89:77:1e:dc:
         2e:cd:3e:05:c3:0b:d1:26:c4:38:3b:63:ec:6e:22:b3:47:93:
         fb:b9:27:30:ca:22:61:71:2d:94:44:f7:3d:80:ea:99:5b:be:
         04:ab:17:e2:d5:92:53:74:c8:ef:6b:1d:59:28:6a:d0:de:37:
         a5:78:a7:99:7b:7c:45:6c:8d:f8:33:30:32:cc:df:07:0f:f3:
         7f:59:64:fe:09:13:bf:93:bc:60:81:cd:ce:15:b7:2e:2d:40:
         2a:45:26:19:99:db:af:7f:fa:db:bb:ca:20:50:3a:e5:93:77:
         7c:24:62:65:53:f8:c0:bf:e4:fc:a4:db:38:17:8f:b6:cc:1c:
         e4:c1:01:1c:22:78:b0:2f:38:e4:85:a0:8d:28:d9:7b:8d:2c:
         6f:62:bb:39:6c:ce:d1:65:49:8a:ca:92:b8:11:1d:65:ad:37:
         2c:11:19:d3:eb:a4:c5:17:3c:76:8e:7d:96:26:3e:97:a6:be:
         1e:9b:05:67:07:3d:79:41:a8:52:6e:2d:97:c7:5d:72:0b:66:
         50:32:eb:26:03:66:8d:0c:38:b3:3b:6b:18:17:3c:44:b7:b8:
         d7:90:4b:56:c6:2b:96:6f:63:e0:64:67:e1:a0:5d:5f:65:62:
         0f:df:93:57
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUFr0mINdNFtR3V8RVP8vZn1bef0UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjlGRDNFQjIzRTkxMEM0MEMzNkI4NDg5M0JBMEU1RDcy
NjMxMjQwRjAeFw0yNDAzMDUxNzQzMjJaFw0yNTAzMDQxNzQ4MjJaMDMxMTAvBgNV
BAMTKDZBNkVCNEUxMUEzMjhDRERCNTU0MzI3NTZEOTc2NkFBQUJDODlEMzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDscwmiVPQYysbTM0VONd+W4+ax
Uv0S2hzUh92Voqpf8ipR73c3nmLrka+M2Qn3HgkoNC3h7RtBMCRuLfK95WVk8fQm
eC5qi31BFxyEWLb3AEQPLJWBHjrduJpaAVac+y7NP2WyVMphEOoDBnVp0xLVl+Z6
yfdFGm09KG42XYoaScnK/JQ/fNSIJoX28ML3yV4fPGtAgCxAYoJvkE7LlM2CEFgC
JS8gXoH70dYqtXrKyPgI9UtHgIiwEH0z/xNvGS9j52Uwg88bhFan6e7BKFV1/VYL
x6xy898gnp9JWpyf5nDgZd7w032bYoiUFgJkrZUqciMlILlgeGtDz+U3lkxlAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUam604RoyjN21VDJ1bZdmqqvInTkwHwYDVR0j
BBgwFoAUaf0+sj6RDEDDa4SJO6Dl1yYxJA8wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9FNjRGOThFOUZGMzU3MTMxMEEyMDIxNjlEOEQ0NkYwRkZF
NDQ4NkZDNEI2MzY0QjYyNTA0NEQ4NkNCRTNDRDkxLzAvNjlGRDNFQjIzRTkxMEM0
MEMzNkI4NDg5M0JBMEU1RDcyNjMxMjQwRi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC82OUZEM0VCMjNFOTEwQzQwQzM2
Qjg0ODkzQkEwRTVENzI2MzEyNDBGLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRTY0Rjk4RTlGRjM1NzEzMTBBMjAyMTY5RDhENDZGMEZGRTQ0ODZGQzRC
NjM2NEI2MjUwNDREODZDQkUzQ0Q5MS8wLzMxMzMzODJlMzUzOTJlMzIzMjM0MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNzMwMzAzNTMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCijvg
MA0GCSqGSIb3DQEBCwUAA4IBAQBLNDzHRoOzZt+DqkjnMYl3HtwuzT4FwwvRJsQ4
O2PsbiKzR5P7uScwyiJhcS2URPc9gOqZW74Eqxfi1ZJTdMjvax1ZKGrQ3jeleKeZ
e3xFbI34MzAyzN8HD/N/WWT+CRO/k7xggc3OFbcuLUAqRSYZmduvf/rbu8ogUDrl
k3d8JGJlU/jAv+T8pNs4F4+2zBzkwQEcIniwLzjkhaCNKNl7jSxvYrs5bM7RZUmK
ypK4ER1lrTcsERnT66TFFzx2jn2WJj6Xpr4emwVnBz15QahSbi2Xx11yC2ZQMusm
A2aNDDizO2sYFzxEt7jXkEtWxiuWb2PgZGfhoF1fZWIP35NX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-ams.rpki-client.org