Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/c3f7d255-8da2-4a22-b327-761c4c752239/f3592da987ab5e7629411b8f8a32d9445e3a7cf3.roa
File:                     f3592da987ab5e7629411b8f8a32d9445e3a7cf3.roa (raw, json)
Hash identifier:          xWo83xJKKN2LzU7H3tcyqbVtrA6B+cCiH6QJ6t+/bEM=
Subject key identifier:   A4:A5:CD:71:F4:41:D0:E0:F1:A8:D5:82:C4:7B:59:F2:F4:87:5C:D7
Certificate issuer:       /CN=9e7d975858e57eba8aa9f3546843c2ca4ff98a40
Certificate serial:       0D3E63
Authority key identifier: DE:BC:71:7F:74:DB:DD:C0:04:1E:52:07:60:20:BD:59:47:54:E2:D9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9e7d975858e57eba8aa9f3546843c2ca4ff98a40.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/c3f7d255-8da2-4a22-b327-761c4c752239/f3592da987ab5e7629411b8f8a32d9445e3a7cf3.roa
Signing time:             Wed 24 Mar 2021 14:42:30 +0000
ROA not before:           Wed 24 Mar 2021 14:42:30 +0000
ROA not after:            Tue 24 Mar 2026 14:42:30 +0000
asID:                     23383
IP address blocks:        190.109.192.0/24 maxlen: 24
                          190.109.194.0/23 maxlen: 24
                          190.109.196.0/22 maxlen: 24
                          190.109.200.0/21 maxlen: 24
                          190.109.208.0/20 maxlen: 24
                          191.103.64.0/21 maxlen: 24
                          191.103.73.0/24 maxlen: 24
                          191.103.74.0/23 maxlen: 24
                          191.103.76.0/22 maxlen: 24
                          191.103.80.0/22 maxlen: 24
                          191.103.84.0/23 maxlen: 24
                          191.103.87.0/24 maxlen: 24
                          191.103.88.0/23 maxlen: 24
                          191.103.94.0/23 maxlen: 24
                          2803:3a80::/32 maxlen: 32

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 867939 (0xd3e63)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e7d975858e57eba8aa9f3546843c2ca4ff98a40
        Validity
            Not Before: Mar 24 14:42:30 2021 GMT
            Not After : Mar 24 14:42:30 2026 GMT
        Subject: CN=f3592da987ab5e7629411b8f8a32d9445e3a7cf3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:f8:6f:0b:45:08:e8:48:8d:ef:d8:b2:a7:69:
                    dd:18:10:b7:30:c8:9c:ea:64:cf:43:1d:88:04:ed:
                    3e:ec:f5:87:fb:2a:46:3a:b7:9e:db:44:d4:18:8b:
                    d6:8c:26:47:c2:ae:c3:57:6e:d2:bb:30:c5:03:47:
                    2d:dd:02:d3:6d:c1:34:f7:71:b6:17:1f:6f:3b:df:
                    5f:36:50:cb:8e:cd:6e:96:02:93:d0:c9:18:40:bc:
                    a2:89:53:eb:01:a8:53:d5:53:8d:27:86:76:30:19:
                    6b:90:b4:d5:3e:eb:b7:14:0f:8a:8c:82:c4:42:31:
                    6b:eb:67:a6:a4:6f:e7:64:50:20:4a:95:54:c4:73:
                    0a:ca:55:57:d5:6d:49:4d:85:b3:fb:02:f5:54:66:
                    90:30:97:a9:f3:2d:b6:b7:49:f9:18:17:35:79:9e:
                    12:33:6b:97:2e:2e:17:65:f8:4b:84:48:9e:e8:1d:
                    80:39:c5:e5:5d:4f:81:eb:0f:e6:3f:b0:7d:72:65:
                    3b:91:90:98:e0:58:46:b9:a9:df:da:16:84:b0:04:
                    3d:b3:78:2e:ca:4b:66:96:34:d4:fd:c8:90:1f:56:
                    88:fe:91:a6:b8:a1:36:2c:e0:fc:85:97:15:cd:07:
                    55:82:7d:7b:e1:37:df:fa:9c:2b:3b:7d:2f:4a:db:
                    16:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:A5:CD:71:F4:41:D0:E0:F1:A8:D5:82:C4:7B:59:F2:F4:87:5C:D7
            X509v3 Authority Key Identifier:
                keyid:DE:BC:71:7F:74:DB:DD:C0:04:1E:52:07:60:20:BD:59:47:54:E2:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9e7d975858e57eba8aa9f3546843c2ca4ff98a40.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/c3f7d255-8da2-4a22-b327-761c4c752239/f3592da987ab5e7629411b8f8a32d9445e3a7cf3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/c3f7d255-8da2-4a22-b327-761c4c752239/9e7d975858e57eba8aa9f3546843c2ca4ff98a40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.109.192.0/24
                  190.109.194.0-190.109.223.255
                  191.103.64.0/21
                  191.103.73.0-191.103.85.255
                  191.103.87.0-191.103.89.255
                  191.103.94.0/23
                IPv6:
                  2803:3a80::/32

    Signature Algorithm: sha256WithRSAEncryption
         3a:36:1d:14:16:1e:5f:29:b9:c9:53:77:d1:d0:f9:ee:2c:c3:
         b9:cf:05:72:02:2f:d2:6a:7b:a8:c6:f0:bc:ff:f9:af:eb:cd:
         e2:c3:a0:2c:d9:52:e4:c1:2c:da:cd:02:a8:ca:90:1f:0f:77:
         bc:53:6c:57:15:67:f3:39:2d:38:7d:e4:b6:40:cc:e8:7c:43:
         89:07:79:53:ae:38:a0:4b:f8:79:7e:ff:78:6d:c1:c2:55:bf:
         39:bc:23:3b:ea:dd:5b:0b:e6:b8:14:92:8b:31:f0:5f:ed:c3:
         8b:3d:c1:08:78:ec:d8:97:34:26:43:6e:94:d5:01:55:f1:4e:
         9f:1d:95:4c:af:8a:35:18:ea:01:cb:fd:ab:8b:25:0c:45:a9:
         c1:da:e9:3b:f6:f8:19:63:9c:32:bc:01:59:b7:ee:62:4b:e4:
         38:8f:c7:98:b3:b3:ea:98:9e:f2:c1:4c:82:2c:83:6c:c0:46:
         c6:f2:14:bd:f9:e6:5b:e7:22:32:2d:a6:9f:e4:4f:be:14:34:
         c0:c3:27:b3:43:04:11:ef:ec:1b:4f:3b:02:09:2e:68:51:7c:
         3c:93:a8:c6:b8:db:40:43:d7:3c:d0:fb:14:65:85:70:7c:a4:
         52:cb:02:58:ad:16:d4:e6:82:e8:f8:74:72:d2:25:17:fb:bc:
         74:cd:9d:5e
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgIDDT5jMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDll
N2Q5NzU4NThlNTdlYmE4YWE5ZjM1NDY4NDNjMmNhNGZmOThhNDAwHhcNMjEwMzI0
MTQ0MjMwWhcNMjYwMzI0MTQ0MjMwWjAzMTEwLwYDVQQDEyhmMzU5MmRhOTg3YWI1
ZTc2Mjk0MTFiOGY4YTMyZDk0NDVlM2E3Y2YzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAifhvC0UI6EiN79iyp2ndGBC3MMic6mTPQx2IBO0+7PWH+ypG
Oree20TUGIvWjCZHwq7DV27SuzDFA0ct3QLTbcE093G2Fx9vO99fNlDLjs1ulgKT
0MkYQLyiiVPrAahT1VONJ4Z2MBlrkLTVPuu3FA+KjILEQjFr62empG/nZFAgSpVU
xHMKylVX1W1JTYWz+wL1VGaQMJep8y22t0n5GBc1eZ4SM2uXLi4XZfhLhEie6B2A
OcXlXU+B6w/mP7B9cmU7kZCY4FhGuanf2haEsAQ9s3guyktmljTU/ciQH1aI/pGm
uKE2LOD8hZcVzQdVgn174Tff+pwrO30vStsWpQIDAQABo4ICoDCCApwwHQYDVR0O
BBYEFKSlzXH0QdDg8ajVgsR7WfL0h1zXMB8GA1UdIwQYMBaAFN68cX90293ABB5S
B2AgvVlHVOLZMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOWU3ZDk3
NTg1OGU1N2ViYThhYTlmMzU0Njg0M2MyY2E0ZmY5OGE0MC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYzNmN2QyNTUtOGRhMi00YTIyLWIzMjctNzYxYzRj
NzUyMjM5L2YzNTkyZGE5ODdhYjVlNzYyOTQxMWI4ZjhhMzJkOTQ0NWUzYTdjZjMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9jM2Y3ZDI1NS04ZGEyLTRhMjItYjMyNy03NjFj
NGM3NTIyMzkvOWU3ZDk3NTg1OGU1N2ViYThhYTlmMzU0Njg0M2MyY2E0ZmY5OGE0
MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBkBggrBgEFBQcBBwEB/wRV
MFMwQgQCAAEwPAMEAL5twDAMAwQBvm3CAwQFvm3AAwQDv2dAMAwDBAC/Z0kDBAG/
Z1QwDAMEAL9nVwMEAb9nWAMEAb9nXjANBAIAAjAHAwUAKAM6gDANBgkqhkiG9w0B
AQsFAAOCAQEAOjYdFBYeXym5yVN30dD57izDuc8FcgIv0mp7qMbwvP/5r+vN4sOg
LNlS5MEs2s0CqMqQHw93vFNsVxVn8zktOH3ktkDM6HxDiQd5U644oEv4eX7/eG3B
wlW/ObwjO+rdWwvmuBSSizHwX+3Diz3BCHjs2Jc0JkNulNUBVfFOnx2VTK+KNRjq
Acv9q4slDEWpwdrpO/b4GWOcMrwBWbfuYkvkOI/HmLOz6pie8sFMgiyDbMBGxvIU
vfnmW+ciMi2mn+RPvhQ0wMMns0MEEe/sG087AgkuaFF8PJOoxrjbQEPXPND7FGWF
cHykUssCWK0W1OaC6Ph0ctIlF/u8dM2dXg==
-----END CERTIFICATE-----