Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/F68E217F69DE99D52AB3B6385D134B93C3D4D8260F1E24C0231493E89C2FF10F/0/3137302e3233332e37322e302f32342d3234203d3e203333333932.roa
File:                     3137302e3233332e37322e302f32342d3234203d3e203333333932.roa (raw, json)
Hash identifier:          mQtgEqdG+MDeFuuj8+PWY2KCP82yh8bkEtqTxwqkLac=
Subject key identifier:   A8:F1:1F:EB:90:1B:5B:62:E3:E3:F6:79:C7:C5:C8:9D:9B:8B:40:2B
Certificate issuer:       /CN=9651F1E4B6480D19626E784CA1A8F0ABC94C1487
Certificate serial:       524430601188BEF7E95491660E56B915EFC878B3
Authority key identifier: 96:51:F1:E4:B6:48:0D:19:62:6E:78:4C:A1:A8:F0:AB:C9:4C:14:87
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9651F1E4B6480D19626E784CA1A8F0ABC94C1487.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/F68E217F69DE99D52AB3B6385D134B93C3D4D8260F1E24C0231493E89C2FF10F/0/3137302e3233332e37322e302f32342d3234203d3e203333333932.roa
Signing time:             Fri 03 May 2024 14:05:00 +0000
ROA not before:           Fri 03 May 2024 14:00:00 +0000
ROA not after:            Fri 02 May 2025 14:05:00 +0000
asID:                     33392
IP address blocks:        170.233.72.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 03 May 2024 17:35:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:44:30:60:11:88:be:f7:e9:54:91:66:0e:56:b9:15:ef:c8:78:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9651F1E4B6480D19626E784CA1A8F0ABC94C1487
        Validity
            Not Before: May  3 14:00:00 2024 GMT
            Not After : May  2 14:05:00 2025 GMT
        Subject: CN=A8F11FEB901B5B62E3E3F679C7C5C89D9B8B402B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:92:ce:64:cb:dc:83:af:3f:2f:26:df:da:e1:
                    3a:54:4c:a4:11:f9:52:17:42:be:97:e3:a8:10:b5:
                    e4:1e:84:62:a0:15:63:58:20:41:62:3e:b8:ac:60:
                    08:f9:02:ca:47:78:19:30:d3:c0:d7:6b:3f:52:b7:
                    09:dc:c8:dd:37:34:81:54:bb:72:7d:56:7b:21:9b:
                    99:27:94:52:41:04:8c:5d:fc:bc:b6:9d:79:55:67:
                    0c:ab:b9:d3:71:2d:93:2a:39:26:f3:14:de:f1:fc:
                    ca:38:5c:14:af:3a:54:15:cd:59:ab:61:2f:6a:06:
                    12:ab:23:34:00:59:fc:8e:9b:a1:38:53:97:41:c0:
                    23:4c:e4:01:c2:70:d0:a6:93:22:ad:c5:d8:f2:44:
                    b6:b1:30:e6:f4:fb:04:fa:68:43:ba:bc:9b:5d:76:
                    3d:49:78:1e:79:f5:95:25:fc:01:74:ee:27:be:8a:
                    39:98:3b:76:b0:af:ae:c2:fd:b7:8a:65:a5:ae:de:
                    2b:10:4e:57:4e:b1:ab:3e:4c:83:45:15:17:5c:91:
                    dd:b6:9c:a3:ef:33:fd:08:af:19:09:6f:bf:c8:7c:
                    62:0b:f3:f4:c0:13:8b:71:6d:a4:93:f8:c3:ae:60:
                    a3:da:c5:ff:20:bd:47:0a:8d:5b:2d:c5:d2:ac:ed:
                    e6:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:F1:1F:EB:90:1B:5B:62:E3:E3:F6:79:C7:C5:C8:9D:9B:8B:40:2B
            X509v3 Authority Key Identifier:
                keyid:96:51:F1:E4:B6:48:0D:19:62:6E:78:4C:A1:A8:F0:AB:C9:4C:14:87

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/F68E217F69DE99D52AB3B6385D134B93C3D4D8260F1E24C0231493E89C2FF10F/0/9651F1E4B6480D19626E784CA1A8F0ABC94C1487.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9651F1E4B6480D19626E784CA1A8F0ABC94C1487.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/F68E217F69DE99D52AB3B6385D134B93C3D4D8260F1E24C0231493E89C2FF10F/0/3137302e3233332e37322e302f32342d3234203d3e203333333932.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.233.72.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4d:8b:95:13:c9:70:4f:e2:61:5b:54:8e:ae:74:c8:a2:7c:9c:
         05:24:d0:ff:e7:dd:53:3b:19:44:0f:e6:e2:38:e7:61:a4:ce:
         f1:5e:c8:c4:71:b4:4c:c4:53:71:4e:56:61:16:1a:07:a9:14:
         d8:b0:5a:65:5f:11:d9:06:aa:e7:97:21:52:19:5e:3d:e0:73:
         3b:aa:fd:24:50:e5:2a:4b:13:11:fd:06:b8:23:fa:81:af:35:
         b0:2b:84:d3:f2:8c:00:46:b1:89:f3:5f:d5:c7:69:3f:a9:eb:
         1a:b6:1c:8c:8c:dd:32:4b:6b:4d:3b:8c:1a:4a:ab:15:fc:11:
         e4:a5:01:b7:2c:40:37:0d:49:0d:cd:67:c7:41:21:21:4c:ae:
         35:0c:24:d3:db:13:0d:c7:b7:f2:e8:16:5a:b5:91:e3:7a:66:
         0a:03:48:7e:1f:18:00:d5:b1:50:55:40:11:b3:b9:8d:20:5c:
         fe:68:95:fd:e4:c8:01:a8:36:0f:08:20:4a:c7:8e:77:66:96:
         57:d0:48:63:a3:57:2d:3c:ef:b2:4b:42:3e:4d:f1:3e:63:c2:
         82:b1:40:ab:f0:45:4c:f0:d7:38:76:6f:e1:e2:50:2f:b6:2a:
         97:c4:96:7e:90:0d:a3:5d:3c:b1:d8:96:5b:cd:1a:72:09:0b:
         8e:dd:b7:83
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUUkQwYBGIvvfpVJFmDla5Fe/IeLMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTY1MUYxRTRCNjQ4MEQxOTYyNkU3ODRDQTFBOEYwQUJD
OTRDMTQ4NzAeFw0yNDA1MDMxNDAwMDBaFw0yNTA1MDIxNDA1MDBaMDMxMTAvBgNV
BAMTKEE4RjExRkVCOTAxQjVCNjJFM0UzRjY3OUM3QzVDODlEOUI4QjQwMkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8ks5ky9yDrz8vJt/a4TpUTKQR
+VIXQr6X46gQteQehGKgFWNYIEFiPrisYAj5AspHeBkw08DXaz9StwncyN03NIFU
u3J9Vnshm5knlFJBBIxd/Ly2nXlVZwyrudNxLZMqOSbzFN7x/Mo4XBSvOlQVzVmr
YS9qBhKrIzQAWfyOm6E4U5dBwCNM5AHCcNCmkyKtxdjyRLaxMOb0+wT6aEO6vJtd
dj1JeB559ZUl/AF07ie+ijmYO3awr67C/beKZaWu3isQTldOsas+TINFFRdckd22
nKPvM/0IrxkJb7/IfGIL8/TAE4txbaST+MOuYKPaxf8gvUcKjVstxdKs7eZnAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUqPEf65AbW2Lj4/Z5x8XInZuLQCswHwYDVR0j
BBgwFoAUllHx5LZIDRlibnhMoajwq8lMFIcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9GNjhFMjE3RjY5REU5OUQ1MkFCM0I2Mzg1RDEzNEI5M0Mz
RDREODI2MEYxRTI0QzAyMzE0OTNFODlDMkZGMTBGLzAvOTY1MUYxRTRCNjQ4MEQx
OTYyNkU3ODRDQTFBOEYwQUJDOTRDMTQ4Ny5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85NjUxRjFFNEI2NDgwRDE5NjI2
RTc4NENBMUE4RjBBQkM5NEMxNDg3LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRjY4RTIxN0Y2OURFOTlENTJBQjNCNjM4NUQxMzRCOTNDM0Q0RDgyNjBG
MUUyNEMwMjMxNDkzRTg5QzJGRjEwRi8wLzMxMzczMDJlMzIzMzMzMmUzNzMyMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzMzMzMzMzkzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKrpSDAN
BgkqhkiG9w0BAQsFAAOCAQEATYuVE8lwT+JhW1SOrnTIonycBSTQ/+fdUzsZRA/m
4jjnYaTO8V7IxHG0TMRTcU5WYRYaB6kU2LBaZV8R2Qaq55chUhlePeBzO6r9JFDl
KksTEf0GuCP6ga81sCuE0/KMAEaxifNf1cdpP6nrGrYcjIzdMktrTTuMGkqrFfwR
5KUBtyxANw1JDc1nx0EhIUyuNQwk09sTDce38ugWWrWR43pmCgNIfh8YANWxUFVA
EbO5jSBc/miV/eTIAag2DwggSseOd2aWV9BIY6NXLTzvsktCPk3xPmPCgrFAq/BF
TPDXOHZv4eJQL7Yql8SWfpANo108sdiWW80acgkLjt23gw==
-----END CERTIFICATE-----