Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/F060645F94748832A65DAB54A01A729A0208E4446C8232A17BA6FE073CD465C5/0/3139302e31332e31362e302f32312d3231203d3e2033383136.roa
File:                     3139302e31332e31362e302f32312d3231203d3e2033383136.roa (raw, json)
Hash identifier:          79bTAct+1tTt+YAri9fmIz2l4I0cHT3qmlZD/H5J0t4=
Subject key identifier:   35:44:BE:8C:B1:C2:F4:70:A8:CD:77:38:E6:B4:A7:22:38:20:69:46
Certificate issuer:       /CN=DA5A371FC01989AA596FE268CE70A3C4DCAA7A9B
Certificate serial:       4D1B0CE8730503266FE2AFE75AC514EAA0973CE8
Authority key identifier: DA:5A:37:1F:C0:19:89:AA:59:6F:E2:68:CE:70:A3:C4:DC:AA:7A:9B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DA5A371FC01989AA596FE268CE70A3C4DCAA7A9B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/F060645F94748832A65DAB54A01A729A0208E4446C8232A17BA6FE073CD465C5/0/3139302e31332e31362e302f32312d3231203d3e2033383136.roa
Signing time:             Tue 05 Mar 2024 18:06:01 +0000
ROA not before:           Tue 05 Mar 2024 18:01:01 +0000
ROA not after:            Tue 04 Mar 2025 18:06:01 +0000
asID:                     3816
IP address blocks:        190.13.16.0/21 maxlen: 21

Validation:               Failed, certificate revoked on Thu 11 Jul 2024 15:45:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:1b:0c:e8:73:05:03:26:6f:e2:af:e7:5a:c5:14:ea:a0:97:3c:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DA5A371FC01989AA596FE268CE70A3C4DCAA7A9B
        Validity
            Not Before: Mar  5 18:01:01 2024 GMT
            Not After : Mar  4 18:06:01 2025 GMT
        Subject: CN=3544BE8CB1C2F470A8CD7738E6B4A72238206946
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:73:a5:36:5b:30:16:d7:2c:f8:86:b9:21:73:
                    0c:fc:64:24:f9:20:46:33:25:43:fa:a6:c3:33:dd:
                    89:60:8f:f5:66:28:fd:e3:d6:a5:6b:4a:bd:8c:64:
                    f4:74:32:e0:59:55:35:6d:22:18:34:9a:ce:35:a9:
                    55:12:c1:0e:b7:c8:2f:ec:f1:58:df:1c:dd:94:c1:
                    ad:ed:bf:e6:e8:76:ae:ba:0e:9d:2b:66:f3:03:d0:
                    96:ca:53:fa:ba:01:0e:a0:c1:eb:c1:0c:0e:bb:f3:
                    86:53:7a:ed:3c:e7:8b:ea:6d:cd:09:e6:40:cd:b6:
                    56:3d:ea:1d:83:8a:b1:c4:df:a9:c4:ed:a2:e3:4d:
                    de:e0:56:85:82:d4:26:b9:85:12:16:1e:60:ff:dc:
                    3c:c3:6b:69:d8:68:a8:89:5e:8c:0c:b9:16:a3:9e:
                    69:e1:18:f1:9e:35:14:0e:1e:a5:81:55:77:c2:ec:
                    78:80:71:a0:54:97:1a:c6:d2:af:1f:1b:ed:47:3c:
                    44:71:d8:c5:68:6d:ce:71:33:a0:42:0b:5c:8f:e2:
                    e9:6b:3b:18:f3:1a:2a:f1:a3:97:30:db:7a:1d:ca:
                    c3:fb:88:3f:b6:47:08:fa:71:10:e7:ef:bb:bb:b1:
                    2a:3d:2d:13:48:9e:6d:d8:09:eb:ec:90:a3:05:d6:
                    65:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:44:BE:8C:B1:C2:F4:70:A8:CD:77:38:E6:B4:A7:22:38:20:69:46
            X509v3 Authority Key Identifier:
                keyid:DA:5A:37:1F:C0:19:89:AA:59:6F:E2:68:CE:70:A3:C4:DC:AA:7A:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/F060645F94748832A65DAB54A01A729A0208E4446C8232A17BA6FE073CD465C5/0/DA5A371FC01989AA596FE268CE70A3C4DCAA7A9B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DA5A371FC01989AA596FE268CE70A3C4DCAA7A9B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/F060645F94748832A65DAB54A01A729A0208E4446C8232A17BA6FE073CD465C5/0/3139302e31332e31362e302f32312d3231203d3e2033383136.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.13.16.0/21

    Signature Algorithm: sha256WithRSAEncryption
         82:87:d5:02:3a:8d:e6:5f:a4:90:ba:6a:d9:7b:da:c9:77:e2:
         9e:67:80:00:70:10:f8:8e:87:c9:e7:8d:d5:39:f7:20:2c:4b:
         b4:6c:ef:f7:fe:2f:99:76:51:f5:2b:76:aa:65:8c:ab:e5:3e:
         88:e7:0c:11:93:2b:1c:a6:58:22:f6:6b:04:c3:46:61:88:ce:
         11:fc:43:38:14:88:ee:84:b6:60:92:0f:dd:0b:2e:bd:8d:c5:
         77:b5:6e:a2:d5:56:84:32:18:13:8d:32:e8:76:1d:b6:82:27:
         02:32:db:f5:42:23:72:44:33:84:4b:34:cf:8c:70:59:71:da:
         26:03:ce:69:44:69:49:38:a5:3c:f7:c0:54:00:99:f0:ef:68:
         57:62:19:ce:82:51:4e:dc:ff:5d:b9:0f:4b:d5:a8:2b:51:3a:
         60:6e:ce:05:df:08:15:28:ac:a7:93:92:56:b8:9a:39:91:14:
         37:7f:4e:3e:8d:7c:07:be:30:bc:02:34:5c:54:d0:ae:58:fa:
         f3:9a:6c:4b:bd:b5:e0:e2:7e:e1:0b:cb:f3:ff:8b:63:62:3b:
         91:02:c8:f9:dc:05:6d:89:3f:d5:2a:e3:8e:83:f3:cb:c3:cf:
         51:d2:cb:58:5b:ea:0a:6c:2c:4c:06:3b:b6:f2:eb:fe:c2:12:
         88:cf:7c:da
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIUTRsM6HMFAyZv4q/nWsUU6qCXPOgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoREE1QTM3MUZDMDE5ODlBQTU5NkZFMjY4Q0U3MEEzQzRE
Q0FBN0E5QjAeFw0yNDAzMDUxODAxMDFaFw0yNTAzMDQxODA2MDFaMDMxMTAvBgNV
BAMTKDM1NDRCRThDQjFDMkY0NzBBOENENzczOEU2QjRBNzIyMzgyMDY5NDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJc6U2WzAW1yz4hrkhcwz8ZCT5
IEYzJUP6psMz3Ylgj/VmKP3j1qVrSr2MZPR0MuBZVTVtIhg0ms41qVUSwQ63yC/s
8VjfHN2Uwa3tv+bodq66Dp0rZvMD0JbKU/q6AQ6gwevBDA6784ZTeu0854vqbc0J
5kDNtlY96h2DirHE36nE7aLjTd7gVoWC1Ca5hRIWHmD/3DzDa2nYaKiJXowMuRaj
nmnhGPGeNRQOHqWBVXfC7HiAcaBUlxrG0q8fG+1HPERx2MVobc5xM6BCC1yP4ulr
OxjzGirxo5cw23odysP7iD+2Rwj6cRDn77u7sSo9LRNInm3YCevskKMF1mVJAgMB
AAGjggLEMIICwDAdBgNVHQ4EFgQUNUS+jLHC9HCozXc45rSnIjggaUYwHwYDVR0j
BBgwFoAU2lo3H8AZiapZb+JoznCjxNyqepswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9GMDYwNjQ1Rjk0NzQ4ODMyQTY1REFCNTRBMDFBNzI5QTAy
MDhFNDQ0NkM4MjMyQTE3QkE2RkUwNzNDRDQ2NUM1LzAvREE1QTM3MUZDMDE5ODlB
QTU5NkZFMjY4Q0U3MEEzQzREQ0FBN0E5Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EQTVBMzcxRkMwMTk4OUFBNTk2
RkUyNjhDRTcwQTNDNERDQUE3QTlCLmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRjA2MDY0NUY5NDc0ODgzMkE2NURBQjU0QTAxQTcyOUEwMjA4RTQ0NDZD
ODIzMkExN0JBNkZFMDczQ0Q0NjVDNS8wLzMxMzkzMDJlMzEzMzJlMzEzNjJlMzAy
ZjMyMzEyZDMyMzEyMDNkM2UyMDMzMzgzMTM2LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDvg0QMA0GCSqG
SIb3DQEBCwUAA4IBAQCCh9UCOo3mX6SQumrZe9rJd+KeZ4AAcBD4jofJ543VOfcg
LEu0bO/3/i+ZdlH1K3aqZYyr5T6I5wwRkyscplgi9msEw0ZhiM4R/EM4FIjuhLZg
kg/dCy69jcV3tW6i1VaEMhgTjTLodh22gicCMtv1QiNyRDOESzTPjHBZcdomA85p
RGlJOKU898BUAJnw72hXYhnOglFO3P9duQ9L1agrUTpgbs4F3wgVKKynk5JWuJo5
kRQ3f04+jXwHvjC8AjRcVNCuWPrzmmxLvbXg4n7hC8vz/4tjYjuRAsj53AVtiT/V
KuOOg/PLw89R0stYW+oKbCxMBju28uv+whKIz3za
-----END CERTIFICATE-----