Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/b006c5f3-a0c4-4b89-91f7-ea646bad577f/dc8f3b60b4f08a8d09ac53faadb0733e1cf29557.roa
File:                     dc8f3b60b4f08a8d09ac53faadb0733e1cf29557.roa (raw, json)
Hash identifier:          0lbvXCT+KEpBOnXoHuJWC4ycHvf+ckh1N/Iu/LipXn4=
Subject key identifier:   75:C8:2E:8E:D8:56:91:95:05:28:B2:19:5F:B8:88:7A:02:CD:23:4E
Certificate issuer:       /CN=3a61a7a9840080a44173f942095ac78ead239107
Certificate serial:       0D2368
Authority key identifier: 33:72:18:D6:D3:FD:14:5E:F1:AF:03:0A:D8:7B:62:9B:2B:B2:02:7C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3a61a7a9840080a44173f942095ac78ead239107.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/b006c5f3-a0c4-4b89-91f7-ea646bad577f/dc8f3b60b4f08a8d09ac53faadb0733e1cf29557.roa
Signing time:             Thu 27 Oct 2022 21:08:03 +0000
ROA not before:           Mon 02 Aug 2021 03:00:00 +0000
ROA not after:            Thu 08 Aug 2030 03:00:00 +0000
asID:                     64120
IP address blocks:        200.49.240.0/22 maxlen: 24
                          200.49.240.0/23 maxlen: 24
                          200.49.240.0/24 maxlen: 29
                          200.49.241.0/24 maxlen: 29
                          200.49.242.0/24 maxlen: 29
                          200.49.243.0/24 maxlen: 29

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 861032 (0xd2368)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a61a7a9840080a44173f942095ac78ead239107
        Validity
            Not Before: Aug  2 03:00:00 2021 GMT
            Not After : Aug  8 03:00:00 2030 GMT
        Subject: CN=dc8f3b60b4f08a8d09ac53faadb0733e1cf29557
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:a9:c6:61:d8:05:a4:bf:ab:5b:d4:d2:7f:ea:
                    66:d2:9c:92:47:4f:f8:70:3f:95:e7:63:d6:4c:29:
                    7c:64:e4:f9:21:36:8c:e6:a0:56:9c:70:22:b1:68:
                    00:7e:e5:24:05:56:ce:fe:ec:cc:24:44:a1:59:b9:
                    ed:2e:0f:93:77:64:c0:8e:7d:64:5b:39:ff:b6:da:
                    fd:61:f3:1d:b4:d4:e7:f1:17:cb:8e:f8:83:6f:f1:
                    3b:a2:0a:f2:13:f8:1c:3c:c8:3d:31:7f:9c:7a:e3:
                    24:e3:96:44:4b:90:55:cd:0e:27:4b:59:ec:ce:75:
                    7e:33:ec:d2:d2:55:da:32:cb:38:e7:1e:c0:e3:fb:
                    69:4e:a9:77:28:68:0e:f8:24:7d:fb:5d:5e:ef:0b:
                    9f:d8:13:33:65:4e:d4:08:bc:45:47:1d:7c:13:6d:
                    36:de:ec:b4:12:77:60:76:b0:80:a9:fc:6d:ce:89:
                    a1:25:a1:53:5a:f2:7b:78:a3:be:da:40:66:3b:ff:
                    f4:db:8d:a6:e2:a7:69:eb:ce:be:3f:45:8e:77:64:
                    1c:f7:3e:47:d1:2e:54:92:02:84:75:37:70:ea:3d:
                    bc:87:3a:f4:51:0e:05:27:a0:c0:9c:e6:fb:59:94:
                    a7:f2:1a:d0:0d:7e:2d:ce:9d:a2:d8:bc:51:f6:2f:
                    ad:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:C8:2E:8E:D8:56:91:95:05:28:B2:19:5F:B8:88:7A:02:CD:23:4E
            X509v3 Authority Key Identifier:
                keyid:33:72:18:D6:D3:FD:14:5E:F1:AF:03:0A:D8:7B:62:9B:2B:B2:02:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3a61a7a9840080a44173f942095ac78ead239107.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/b006c5f3-a0c4-4b89-91f7-ea646bad577f/dc8f3b60b4f08a8d09ac53faadb0733e1cf29557.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/b006c5f3-a0c4-4b89-91f7-ea646bad577f/3a61a7a9840080a44173f942095ac78ead239107.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.49.240.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1d:be:59:4b:1b:dc:ac:70:e9:a3:05:65:e1:12:e9:22:d5:46:
         c5:6f:a1:89:d0:8e:f1:ec:d3:da:03:5d:2a:15:9b:f2:b9:ce:
         47:ec:91:36:01:48:85:62:f0:b7:c8:2f:72:d3:cf:e2:ff:0b:
         5c:22:f5:9a:dc:9b:bc:b1:a8:cf:c4:3f:1f:ba:5f:36:7c:0a:
         98:d9:ae:f6:ab:3c:7d:c9:d2:98:f4:35:dd:01:c4:d6:ae:31:
         23:4c:26:a9:6b:27:c7:1c:8c:c3:e8:7c:f6:37:18:34:59:03:
         e2:51:65:5f:4e:dd:cd:9b:c1:63:18:6e:b9:21:82:ce:bd:04:
         bd:43:58:b1:49:48:b6:a6:99:1f:5b:9c:8e:2e:d2:15:a8:2c:
         c2:89:cc:3e:6e:b7:53:94:1b:17:f5:1c:cb:f0:de:12:c8:a9:
         77:4f:f6:8d:ae:25:88:c4:18:b9:14:17:05:97:89:3f:99:de:
         34:31:a8:cb:14:fd:d1:1c:32:90:3f:88:8c:77:31:66:25:59:
         84:8e:b1:d4:19:84:86:65:b1:ed:ae:cf:94:dc:dc:a4:32:8a:
         52:30:e3:55:83:7f:c4:ef:52:60:38:c9:a3:cd:03:37:b2:3d:
         1c:4a:e4:90:d1:7e:bd:bc:ff:a3:95:64:5e:eb:a9:b2:ae:35:
         08:92:22:8a
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDSNoMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDNh
NjFhN2E5ODQwMDgwYTQ0MTczZjk0MjA5NWFjNzhlYWQyMzkxMDcwHhcNMjEwODAy
MDMwMDAwWhcNMzAwODA4MDMwMDAwWjAzMTEwLwYDVQQDEyhkYzhmM2I2MGI0ZjA4
YThkMDlhYzUzZmFhZGIwNzMzZTFjZjI5NTU3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsanGYdgFpL+rW9TSf+pm0pySR0/4cD+V52PWTCl8ZOT5ITaM
5qBWnHAisWgAfuUkBVbO/uzMJEShWbntLg+Td2TAjn1kWzn/ttr9YfMdtNTn8RfL
jviDb/E7ogryE/gcPMg9MX+ceuMk45ZES5BVzQ4nS1nsznV+M+zS0lXaMss45x7A
4/tpTql3KGgO+CR9+11e7wuf2BMzZU7UCLxFRx18E2023uy0EndgdrCAqfxtzomh
JaFTWvJ7eKO+2kBmO//0242m4qdp686+P0WOd2Qc9z5H0S5UkgKEdTdw6j28hzr0
UQ4FJ6DAnOb7WZSn8hrQDX4tzp2i2LxR9i+tWQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFHXILo7YVpGVBSiyGV+4iHoCzSNOMB8GA1UdIwQYMBaAFDNyGNbT/RRe8a8D
Cth7YpsrsgJ8MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvM2E2MWE3
YTk4NDAwODBhNDQxNzNmOTQyMDk1YWM3OGVhZDIzOTEwNy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYjAwNmM1ZjMtYTBjNC00Yjg5LTkxZjctZWE2NDZi
YWQ1NzdmL2RjOGYzYjYwYjRmMDhhOGQwOWFjNTNmYWFkYjA3MzNlMWNmMjk1NTcu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iMDA2YzVmMy1hMGM0LTRiODktOTFmNy1lYTY0
NmJhZDU3N2YvM2E2MWE3YTk4NDAwODBhNDQxNzNmOTQyMDk1YWM3OGVhZDIzOTEw
Ny5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAsgx8DANBgkqhkiG9w0BAQsFAAOCAQEAHb5ZSxvcrHDpowVl
4RLpItVGxW+hidCO8ezT2gNdKhWb8rnOR+yRNgFIhWLwt8gvctPP4v8LXCL1mtyb
vLGoz8Q/H7pfNnwKmNmu9qs8fcnSmPQ13QHE1q4xI0wmqWsnxxyMw+h89jcYNFkD
4lFlX07dzZvBYxhuuSGCzr0EvUNYsUlItqaZH1ucji7SFagswonMPm63U5QbF/Uc
y/DeEsipd0/2ja4liMQYuRQXBZeJP5neNDGoyxT90RwykD+IjHcxZiVZhI6x1BmE
hmWx7a7PlNzcpDKKUjDjVYN/xO9SYDjJo80DN7I9HErkkNF+vbz/o5VkXuupsq41
CJIiig==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:36 2023 by rpki-client on console-fra.rpki-client.org