Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/b006c5f3-a0c4-4b89-91f7-ea646bad577f/f12b41ee33e4309637d0c17ac76e33243749871a.roa
File:                     f12b41ee33e4309637d0c17ac76e33243749871a.roa (raw, json)
Hash identifier:          w0hMFfUCvFMTyAm8jmVviXlk0TdMbomkzEM0Typ/uRE=
Subject key identifier:   DF:E5:D5:32:62:DC:EA:ED:67:90:09:80:1D:66:B9:88:37:0F:02:EC
Certificate issuer:       /CN=3a61a7a9840080a44173f942095ac78ead239107
Certificate serial:       0D5918
Authority key identifier: 33:72:18:D6:D3:FD:14:5E:F1:AF:03:0A:D8:7B:62:9B:2B:B2:02:7C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3a61a7a9840080a44173f942095ac78ead239107.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/b006c5f3-a0c4-4b89-91f7-ea646bad577f/f12b41ee33e4309637d0c17ac76e33243749871a.roa
Signing time:             Fri 04 Nov 2022 20:55:57 +0000
ROA not before:           Sun 01 Aug 2021 03:00:00 +0000
ROA not after:            Thu 08 Aug 2030 03:00:00 +0000
asID:                     64120
IP address blocks:        200.49.240.0/22 maxlen: 29
                          200.49.240.0/23 maxlen: 29
                          200.49.240.0/24 maxlen: 29
                          200.49.241.0/24 maxlen: 29
                          200.49.242.0/24 maxlen: 29
                          200.49.243.0/24 maxlen: 29

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 874776 (0xd5918)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a61a7a9840080a44173f942095ac78ead239107
        Validity
            Not Before: Aug  1 03:00:00 2021 GMT
            Not After : Aug  8 03:00:00 2030 GMT
        Subject: CN=f12b41ee33e4309637d0c17ac76e33243749871a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:c5:1f:59:de:76:ea:c7:9c:47:6a:26:60:c5:
                    7b:95:80:0d:3b:af:8a:a6:c8:56:94:c7:1d:aa:7e:
                    53:50:8d:62:1c:08:31:f3:32:2e:ce:7d:54:cc:67:
                    ba:74:1f:36:1d:cd:be:33:94:68:11:03:67:fc:13:
                    50:11:0e:01:85:80:ea:30:21:f5:75:0b:f1:5d:36:
                    56:1d:3b:5d:eb:8f:8b:77:bc:55:32:83:bb:b6:85:
                    cc:a6:12:2c:96:45:73:3c:98:51:11:14:99:88:84:
                    81:4c:91:51:ed:ce:45:04:05:0b:36:d2:d8:a6:f0:
                    36:6d:64:a6:ff:ca:c6:d4:3a:72:03:d6:b9:d5:ee:
                    e8:58:90:ec:d6:62:31:ee:ed:c6:9e:1d:2c:ab:07:
                    df:2d:b9:92:76:29:c8:dd:88:ab:66:45:f3:74:df:
                    29:cc:f6:d5:e3:f7:8c:a1:f7:e6:58:c4:89:e1:34:
                    b9:8e:66:19:a7:78:d4:a8:c5:ef:1f:24:e3:80:22:
                    e1:0e:e0:33:81:bc:54:6d:80:7d:bb:a5:e1:36:f3:
                    9e:88:fd:35:47:41:03:2b:50:ee:a9:d5:2c:13:2d:
                    eb:b4:57:73:12:09:49:4c:8e:75:f1:59:19:89:cb:
                    e3:dd:b6:c7:6f:51:e5:1d:73:e2:b0:76:57:21:56:
                    1a:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:E5:D5:32:62:DC:EA:ED:67:90:09:80:1D:66:B9:88:37:0F:02:EC
            X509v3 Authority Key Identifier:
                keyid:33:72:18:D6:D3:FD:14:5E:F1:AF:03:0A:D8:7B:62:9B:2B:B2:02:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3a61a7a9840080a44173f942095ac78ead239107.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/b006c5f3-a0c4-4b89-91f7-ea646bad577f/f12b41ee33e4309637d0c17ac76e33243749871a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/b006c5f3-a0c4-4b89-91f7-ea646bad577f/3a61a7a9840080a44173f942095ac78ead239107.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.49.240.0/22

    Signature Algorithm: sha256WithRSAEncryption
         70:24:43:2d:b6:26:91:cf:17:78:6a:34:31:58:ef:61:e1:0c:
         42:ba:4b:b0:0d:8e:4b:0b:ab:bf:fc:4b:2f:43:4d:d8:4c:ba:
         16:6b:70:63:83:0f:55:04:b8:bc:62:5c:f1:60:cf:f6:a9:f4:
         b0:a1:0d:ce:bc:14:60:86:d7:82:62:fb:e8:0f:2c:1d:44:d0:
         3a:3e:22:6a:fe:0a:d3:11:e8:61:8c:5c:12:ba:44:69:a1:f3:
         f2:98:27:4d:15:dd:5a:2a:08:e5:40:45:89:f3:13:1c:51:5b:
         73:f8:ec:db:25:dd:79:1d:4c:6c:87:19:4a:74:0f:2c:94:03:
         44:45:9b:77:ed:ab:3d:91:fa:a8:80:54:fe:7d:cd:9b:b2:38:
         5f:9a:2f:be:f9:09:e7:1c:63:25:f2:ff:d1:a4:c7:bb:52:4a:
         0f:e1:3b:e7:95:51:14:55:8e:11:e0:23:df:8e:37:c4:75:eb:
         c0:2f:ab:67:01:c9:97:6c:18:6d:0a:95:5c:57:d9:1c:53:07:
         eb:a9:6d:81:18:03:1f:94:bc:70:e1:d5:4a:a3:a9:7d:06:13:
         b1:b4:70:29:a3:4a:d8:6b:87:fd:9f:bd:5b:66:18:de:3b:24:
         5a:f6:fc:85:21:f6:2e:4b:2f:4d:d8:91:dd:17:b1:28:9b:be:
         ac:99:14:3e
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDVkYMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDNh
NjFhN2E5ODQwMDgwYTQ0MTczZjk0MjA5NWFjNzhlYWQyMzkxMDcwHhcNMjEwODAx
MDMwMDAwWhcNMzAwODA4MDMwMDAwWjAzMTEwLwYDVQQDEyhmMTJiNDFlZTMzZTQz
MDk2MzdkMGMxN2FjNzZlMzMyNDM3NDk4NzFhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAm8UfWd526secR2omYMV7lYANO6+KpshWlMcdqn5TUI1iHAgx
8zIuzn1UzGe6dB82Hc2+M5RoEQNn/BNQEQ4BhYDqMCH1dQvxXTZWHTtd64+Ld7xV
MoO7toXMphIslkVzPJhRERSZiISBTJFR7c5FBAULNtLYpvA2bWSm/8rG1DpyA9a5
1e7oWJDs1mIx7u3Gnh0sqwffLbmSdinI3YirZkXzdN8pzPbV4/eMoffmWMSJ4TS5
jmYZp3jUqMXvHyTjgCLhDuAzgbxUbYB9u6XhNvOeiP01R0EDK1DuqdUsEy3rtFdz
EglJTI518VkZicvj3bbHb1HlHXPisHZXIVYaUQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFN/l1TJi3OrtZ5AJgB1muYg3DwLsMB8GA1UdIwQYMBaAFDNyGNbT/RRe8a8D
Cth7YpsrsgJ8MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvM2E2MWE3
YTk4NDAwODBhNDQxNzNmOTQyMDk1YWM3OGVhZDIzOTEwNy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYjAwNmM1ZjMtYTBjNC00Yjg5LTkxZjctZWE2NDZi
YWQ1NzdmL2YxMmI0MWVlMzNlNDMwOTYzN2QwYzE3YWM3NmUzMzI0Mzc0OTg3MWEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iMDA2YzVmMy1hMGM0LTRiODktOTFmNy1lYTY0
NmJhZDU3N2YvM2E2MWE3YTk4NDAwODBhNDQxNzNmOTQyMDk1YWM3OGVhZDIzOTEw
Ny5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAsgx8DANBgkqhkiG9w0BAQsFAAOCAQEAcCRDLbYmkc8XeGo0
MVjvYeEMQrpLsA2OSwurv/xLL0NN2Ey6FmtwY4MPVQS4vGJc8WDP9qn0sKENzrwU
YIbXgmL76A8sHUTQOj4iav4K0xHoYYxcErpEaaHz8pgnTRXdWioI5UBFifMTHFFb
c/js2yXdeR1MbIcZSnQPLJQDREWbd+2rPZH6qIBU/n3Nm7I4X5ovvvkJ5xxjJfL/
0aTHu1JKD+E755VRFFWOEeAj3443xHXrwC+rZwHJl2wYbQqVXFfZHFMH66ltgRgD
H5S8cOHVSqOpfQYTsbRwKaNK2GuH/Z+9W2YY3jskWvb8hSH2LksvTdiR3RexKJu+
rJkUPg==
-----END CERTIFICATE-----
Generated at Fri Aug 11 04:02:38 2023 by rpki-client on console-ams.rpki-client.org