Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/4457fb97cd8b25e430dbff054fd65ae48c1937fd.roa
File:                     4457fb97cd8b25e430dbff054fd65ae48c1937fd.roa (raw, json)
Hash identifier:          0ZHvEpVqrTycXjwwyui3aOZ/UeAYZECpmKO/X9CqIPo=
Subject key identifier:   EF:67:ED:03:29:8B:40:ED:91:32:BF:D7:05:F9:55:19:6A:57:9C:67
Certificate issuer:       /CN=3300a6efb5b34c79125fce5dc4afa6977a46744f
Certificate serial:       218D40
Authority key identifier: 62:AA:07:2A:74:5B:AE:77:82:D2:D9:44:76:20:4C:0C:A5:4E:ED:C2
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3300a6efb5b34c79125fce5dc4afa6977a46744f.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/4457fb97cd8b25e430dbff054fd65ae48c1937fd.roa
Signing time:             Tue 14 Feb 2023 13:09:52 +0000
ROA not before:           Wed 10 Mar 2021 03:00:00 +0000
ROA not after:            Fri 24 Mar 2023 03:00:00 +0000
asID:                     18678
IP address blocks:        190.90.63.0/24 maxlen: 24
                          190.90.82.0/24 maxlen: 24
                          190.90.93.0/24 maxlen: 24
                          190.90.94.0/24 maxlen: 24
                          190.90.115.0/24 maxlen: 24
                          190.90.116.0/24 maxlen: 24
                          190.90.121.0/24 maxlen: 24
                          190.90.130.0/24 maxlen: 24
                          190.90.151.0/24 maxlen: 24
                          190.90.152.0/24 maxlen: 24
                          190.90.190.0/24 maxlen: 24
                          190.90.193.0/24 maxlen: 24
                          190.90.216.0/21 maxlen: 24
                          190.90.234.0/24 maxlen: 24
                          190.90.243.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2198848 (0x218d40)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3300a6efb5b34c79125fce5dc4afa6977a46744f
        Validity
            Not Before: Mar 10 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2023 GMT
        Subject: CN=4457fb97cd8b25e430dbff054fd65ae48c1937fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:d1:4b:d3:fa:5c:a6:8c:c4:0d:0d:64:3b:85:
                    c7:2d:b7:96:5d:cd:c4:85:35:09:79:ca:0a:4d:9a:
                    91:b7:9c:0b:53:61:94:bd:42:3e:3e:83:4c:0f:c1:
                    7f:74:dd:9e:89:a4:67:e8:a1:d6:e0:cf:f7:1a:a4:
                    fe:27:51:8c:85:9e:ce:c6:2f:c4:69:79:7b:6d:be:
                    ba:1c:b8:85:7f:d2:bf:ca:d5:71:b9:f8:85:19:40:
                    64:ff:1e:58:d6:59:fd:df:89:71:d6:0c:77:9e:45:
                    bb:64:b3:9c:87:b2:b4:b8:a3:fd:dc:83:c7:3c:b6:
                    78:d5:be:74:21:65:d8:2a:0f:44:4f:c7:11:d4:63:
                    7c:04:ab:77:da:3f:88:cb:45:28:4c:a3:ea:8c:e7:
                    f6:9c:1e:76:b2:f7:c6:f9:38:d8:c4:df:d3:2b:2d:
                    8b:57:4b:11:11:a1:57:d7:7a:e3:d4:a7:ec:d0:42:
                    9e:32:34:8f:78:d9:ad:b5:d2:8a:90:84:71:2c:98:
                    70:ed:f5:b8:24:dc:c5:b5:ab:55:ef:75:a8:33:e0:
                    c9:3e:a1:5d:17:30:ec:ea:7c:e4:ba:e6:a9:60:38:
                    c1:04:51:c2:4a:93:11:11:27:47:d3:a6:e6:c3:4d:
                    d6:fa:f4:a9:d6:61:67:f0:36:82:98:20:77:ed:28:
                    49:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:67:ED:03:29:8B:40:ED:91:32:BF:D7:05:F9:55:19:6A:57:9C:67
            X509v3 Authority Key Identifier:
                keyid:62:AA:07:2A:74:5B:AE:77:82:D2:D9:44:76:20:4C:0C:A5:4E:ED:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3300a6efb5b34c79125fce5dc4afa6977a46744f.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/4457fb97cd8b25e430dbff054fd65ae48c1937fd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/3300a6efb5b34c79125fce5dc4afa6977a46744f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.90.63.0/24
                  190.90.82.0/24
                  190.90.93.0-190.90.94.255
                  190.90.115.0-190.90.116.255
                  190.90.121.0/24
                  190.90.130.0/24
                  190.90.151.0-190.90.152.255
                  190.90.190.0/24
                  190.90.193.0/24
                  190.90.216.0/21
                  190.90.234.0/24
                  190.90.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:54:0f:82:98:87:d7:ce:37:cd:4f:90:ea:03:63:e8:7f:92:
         32:71:f9:60:be:c3:86:25:dd:3d:7c:ce:65:e4:9f:b0:9c:5a:
         b9:f4:14:a4:fe:c6:a1:33:0e:2c:26:a1:d9:16:34:fe:07:90:
         99:27:88:88:d4:89:27:50:68:6c:81:03:ed:17:fb:19:b8:ff:
         56:76:a8:4f:9e:de:54:70:f2:87:b0:06:06:b3:aa:52:22:57:
         00:94:c5:7e:ab:2c:a3:2a:44:69:bc:b1:50:54:65:ce:4a:43:
         af:67:48:66:bf:a6:3e:d1:53:a9:39:99:f8:69:30:0d:f9:16:
         09:7a:ca:4b:cb:50:86:ff:43:18:11:ef:29:c7:66:3e:99:45:
         b8:61:c0:9f:85:18:85:fd:b7:39:bf:66:8e:f7:4b:d3:96:21:
         3f:24:08:9e:50:bc:d5:a8:72:2e:b6:ff:2c:30:ad:bf:6f:79:
         06:a2:08:5e:8e:18:ae:c9:d5:03:d5:4c:c8:be:f4:65:57:d4:
         e8:39:9b:97:5c:12:47:3b:56:2c:21:85:95:bd:31:0c:50:b9:
         d2:a6:f3:7f:6e:3a:76:78:aa:3a:9f:eb:c9:d6:35:f9:33:38:
         40:eb:4f:b8:66:1e:08:c8:d8:04:bd:ea:23:65:69:9c:e1:9b:
         62:86:0f:c9
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgIDIY1AMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDMz
MDBhNmVmYjViMzRjNzkxMjVmY2U1ZGM0YWZhNjk3N2E0Njc0NGYwHhcNMjEwMzEw
MDMwMDAwWhcNMjMwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyg0NDU3ZmI5N2NkOGIy
NWU0MzBkYmZmMDU0ZmQ2NWFlNDhjMTkzN2ZkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAw9FL0/pcpozEDQ1kO4XHLbeWXc3EhTUJecoKTZqRt5wLU2GU
vUI+PoNMD8F/dN2eiaRn6KHW4M/3GqT+J1GMhZ7Oxi/EaXl7bb66HLiFf9K/ytVx
ufiFGUBk/x5Y1ln934lx1gx3nkW7ZLOch7K0uKP93IPHPLZ41b50IWXYKg9ET8cR
1GN8BKt32j+Iy0UoTKPqjOf2nB52svfG+TjYxN/TKy2LV0sREaFX13rj1Kfs0EKe
MjSPeNmttdKKkIRxLJhw7fW4JNzFtatV73WoM+DJPqFdFzDs6nzkuuapYDjBBFHC
SpMRESdH06bmw03W+vSp1mFn8DaCmCB37ShJWwIDAQABo4ICtTCCArEwHQYDVR0O
BBYEFO9n7QMpi0DtkTK/1wX5VRlqV5xnMB8GA1UdIwQYMBaAFGKqByp0W653gtLZ
RHYgTAylTu3CMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzMwMGE2
ZWZiNWIzNGM3OTEyNWZjZTVkYzRhZmE2OTc3YTQ2NzQ0Zi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYWE2OWE5NzUtODNhMy00NTMyLWE3NzktNWZmYjg3
NTgwMzA5LzQ0NTdmYjk3Y2Q4YjI1ZTQzMGRiZmYwNTRmZDY1YWU0OGMxOTM3ZmQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hYTY5YTk3NS04M2EzLTQ1MzItYTc3OS01ZmZi
ODc1ODAzMDkvMzMwMGE2ZWZiNWIzNGM3OTEyNWZjZTVkYzRhZmE2OTc3YTQ2NzQ0
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB5BggrBgEFBQcBBwEB/wRq
MGgwZgQCAAEwYAMEAL5aPwMEAL5aUjAMAwQAvlpdAwQAvlpeMAwDBAC+WnMDBAC+
WnQDBAC+WnkDBAC+WoIwDAMEAL5alwMEAL5amAMEAL5avgMEAL5awQMEA75a2AME
AL5a6gMEAL5a8zANBgkqhkiG9w0BAQsFAAOCAQEAHlQPgpiH1843zU+Q6gNj6H+S
MnH5YL7DhiXdPXzOZeSfsJxaufQUpP7GoTMOLCah2RY0/geQmSeIiNSJJ1BobIED
7Rf7Gbj/VnaoT57eVHDyh7AGBrOqUiJXAJTFfqssoypEabyxUFRlzkpDr2dIZr+m
PtFTqTmZ+GkwDfkWCXrKS8tQhv9DGBHvKcdmPplFuGHAn4UYhf23Ob9mjvdL05Yh
PyQInlC81ahyLrb/LDCtv295BqIIXo4YrsnVA9VMyL70ZVfU6Dmbl1wSRztWLCGF
lb0xDFC50qbzf246dniqOp/rydY1+TM4QOtPuGYeCMjYBL3qI2VpnOGbYoYPyQ==
-----END CERTIFICATE-----