Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/a73917d3-7581-4880-a4fe-1222139e4167/caefa3b0de2dea5f93219598a24d336fe97982de.roa
File:                     caefa3b0de2dea5f93219598a24d336fe97982de.roa (raw, json)
Hash identifier:          xfTWuCOl9jfH+foMdpmCjOZ4aP3LXPYFzbV57zhoMx4=
Subject key identifier:   8C:01:4B:2B:1A:CA:7E:91:C6:C2:FE:C0:C3:17:8B:E9:E9:D3:FA:10
Certificate issuer:       /CN=c1d902de4502f1d62715799d87d20d2fe6b20d52
Certificate serial:       1F60B8
Authority key identifier: 5D:8A:17:7E:7B:71:01:03:1C:D2:0D:A5:C1:65:44:88:A4:D2:C1:78
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c1d902de4502f1d62715799d87d20d2fe6b20d52.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/a73917d3-7581-4880-a4fe-1222139e4167/caefa3b0de2dea5f93219598a24d336fe97982de.roa
Signing time:             Mon 10 Apr 2023 08:30:01 +0000
ROA not before:           Sun 09 Apr 2023 08:30:01 +0000
ROA not after:            Tue 08 Apr 2025 08:30:01 +0000
asID:                     28458
IP address blocks:        138.122.96.0/22 maxlen: 22
                          138.122.96.0/24 maxlen: 24
                          138.122.97.0/24 maxlen: 24
                          138.122.98.0/24 maxlen: 24
                          138.122.99.0/24 maxlen: 24
                          170.239.148.0/22 maxlen: 22
                          170.239.148.0/24 maxlen: 24
                          170.239.149.0/24 maxlen: 24
                          170.239.150.0/24 maxlen: 24
                          170.239.151.0/24 maxlen: 24
                          2806:202::/32 maxlen: 32
                          2806:202:800::/37 maxlen: 37
                          2806:202:1::/48 maxlen: 48
                          2806:202:2::/48 maxlen: 48
                          2806:202:3::/48 maxlen: 48
                          2806:202:4::/48 maxlen: 48
                          2806:202:5::/48 maxlen: 48
                          2806:202:6::/48 maxlen: 48
                          2806:202:7::/48 maxlen: 48
                          2806:202:8::/48 maxlen: 48

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2056376 (0x1f60b8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c1d902de4502f1d62715799d87d20d2fe6b20d52
        Validity
            Not Before: Apr  9 08:30:01 2023 GMT
            Not After : Apr  8 08:30:01 2025 GMT
        Subject: CN=caefa3b0de2dea5f93219598a24d336fe97982de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:0e:8e:ec:65:49:ad:70:2e:7d:9e:9c:54:6b:
                    19:a0:69:4d:53:1e:65:56:7d:9e:80:63:a1:88:14:
                    55:9f:1f:61:f2:b2:0c:75:3b:50:0b:ac:6e:07:83:
                    5e:b4:74:d1:ee:f9:26:87:13:d9:bd:37:c1:89:c5:
                    65:26:25:fc:eb:cd:e1:ea:f1:68:51:9f:16:55:dc:
                    8b:d0:15:59:66:c3:cd:06:60:01:c3:05:e5:4a:cf:
                    f5:a0:4a:fc:1a:bd:28:72:4d:77:a7:57:4a:37:18:
                    22:ce:b3:70:cc:68:a0:8b:fa:f8:23:f3:5a:0a:18:
                    38:35:51:b1:05:09:c9:73:32:c2:f8:56:0a:82:b3:
                    db:66:8a:0c:f2:35:d2:9f:0e:88:e3:14:8c:32:88:
                    c4:a3:55:4f:cd:17:57:55:21:2e:2f:00:be:9c:c3:
                    b7:dd:c2:d3:52:d8:f2:ce:c2:be:41:72:9f:ad:56:
                    d3:f2:de:8b:26:63:65:88:20:bb:4a:db:5f:e0:63:
                    27:00:93:d7:2f:25:cf:20:dc:f1:86:3f:3e:2c:63:
                    6c:92:f8:b9:f4:54:7a:78:13:6c:fb:3b:23:f3:62:
                    85:7e:2a:25:e8:d4:32:14:59:f5:0c:dd:cd:1e:5c:
                    7b:9b:1d:da:61:dd:70:7c:4b:3d:c1:ab:4a:a8:08:
                    f9:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:01:4B:2B:1A:CA:7E:91:C6:C2:FE:C0:C3:17:8B:E9:E9:D3:FA:10
            X509v3 Authority Key Identifier:
                keyid:5D:8A:17:7E:7B:71:01:03:1C:D2:0D:A5:C1:65:44:88:A4:D2:C1:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c1d902de4502f1d62715799d87d20d2fe6b20d52.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/a73917d3-7581-4880-a4fe-1222139e4167/caefa3b0de2dea5f93219598a24d336fe97982de.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/a73917d3-7581-4880-a4fe-1222139e4167/c1d902de4502f1d62715799d87d20d2fe6b20d52.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.122.96.0/22
                  170.239.148.0/22
                IPv6:
                  2806:202::/32

    Signature Algorithm: sha256WithRSAEncryption
         49:a6:14:9c:1a:3c:4a:24:4a:50:2d:ad:34:f4:46:24:62:ae:
         38:48:a9:6e:e7:89:4e:f5:8e:d3:d7:76:3f:ca:d9:e8:17:92:
         04:91:56:19:ce:8b:dc:d7:cd:89:a9:89:aa:27:5d:0a:77:ef:
         de:c0:ff:75:c5:2b:6e:b8:92:8c:6d:a7:e5:f9:4c:bd:36:3b:
         3d:84:4a:ac:e0:15:46:09:a2:9d:3c:bc:f6:b4:1e:18:ec:80:
         8e:f5:eb:a1:92:19:d9:79:a9:01:52:9b:31:ec:14:9a:08:1f:
         d3:48:be:a0:79:91:93:2a:5b:e2:6c:18:d5:34:3d:9f:1a:00:
         f1:97:77:2d:87:07:48:9a:78:5d:23:ea:20:c7:eb:22:77:09:
         87:d7:cc:fd:73:90:78:21:06:f8:d2:7d:0a:aa:54:14:4c:89:
         f9:2b:27:be:2c:86:7a:4d:ee:28:f9:7d:41:c3:30:27:74:59:
         c7:ee:bf:b5:a1:04:7f:76:5b:44:c4:df:df:9a:e1:ad:39:7c:
         83:3e:0c:58:00:57:d6:6d:9f:c7:4f:c5:fb:ec:e8:54:09:e4:
         cd:c7:43:e3:1e:cc:73:9c:a8:2f:68:e4:32:94:b2:c6:bd:4a:
         84:d8:e8:c2:e1:37:16:3f:22:4f:81:c3:93:8f:30:24:a1:79:
         3c:09:a4:4a
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgIDH2C4MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGMx
ZDkwMmRlNDUwMmYxZDYyNzE1Nzk5ZDg3ZDIwZDJmZTZiMjBkNTIwHhcNMjMwNDA5
MDgzMDAxWhcNMjUwNDA4MDgzMDAxWjAzMTEwLwYDVQQDEyhjYWVmYTNiMGRlMmRl
YTVmOTMyMTk1OThhMjRkMzM2ZmU5Nzk4MmRlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAlA6O7GVJrXAufZ6cVGsZoGlNUx5lVn2egGOhiBRVnx9h8rIM
dTtQC6xuB4NetHTR7vkmhxPZvTfBicVlJiX8683h6vFoUZ8WVdyL0BVZZsPNBmAB
wwXlSs/1oEr8Gr0ock13p1dKNxgizrNwzGigi/r4I/NaChg4NVGxBQnJczLC+FYK
grPbZooM8jXSnw6I4xSMMojEo1VPzRdXVSEuLwC+nMO33cLTUtjyzsK+QXKfrVbT
8t6LJmNliCC7Sttf4GMnAJPXLyXPINzxhj8+LGNskvi59FR6eBNs+zsj82KFfiol
6NQyFFn1DN3NHlx7mx3aYd1wfEs9watKqAj5CQIDAQABo4ICcDCCAmwwHQYDVR0O
BBYEFIwBSysayn6RxsL+wMMXi+np0/oQMB8GA1UdIwQYMBaAFF2KF357cQEDHNIN
pcFlRIik0sF4MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYzFkOTAy
ZGU0NTAyZjFkNjI3MTU3OTlkODdkMjBkMmZlNmIyMGQ1Mi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYTczOTE3ZDMtNzU4MS00ODgwLWE0ZmUtMTIyMjEz
OWU0MTY3L2NhZWZhM2IwZGUyZGVhNWY5MzIxOTU5OGEyNGQzMzZmZTk3OTgyZGUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hNzM5MTdkMy03NTgxLTQ4ODAtYTRmZS0xMjIy
MTM5ZTQxNjcvYzFkOTAyZGU0NTAyZjFkNjI3MTU3OTlkODdkMjBkMmZlNmIyMGQ1
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQl
MCMwEgQCAAEwDAMEAop6YAMEAqrvlDANBAIAAjAHAwUAKAYCAjANBgkqhkiG9w0B
AQsFAAOCAQEASaYUnBo8SiRKUC2tNPRGJGKuOEipbueJTvWO09d2P8rZ6BeSBJFW
Gc6L3NfNiamJqiddCnfv3sD/dcUrbriSjG2n5flMvTY7PYRKrOAVRgminTy89rQe
GOyAjvXroZIZ2XmpAVKbMewUmggf00i+oHmRkypb4mwY1TQ9nxoA8Zd3LYcHSJp4
XSPqIMfrIncJh9fM/XOQeCEG+NJ9CqpUFEyJ+SsnviyGek3uKPl9QcMwJ3RZx+6/
taEEf3ZbRMTf35rhrTl8gz4MWABX1m2fx0/F++zoVAnkzcdD4x7Mc5yoL2jkMpSy
xr1KhNjowuE3Fj8iT4HDk48wJKF5PAmkSg==
-----END CERTIFICATE-----