Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/f80cb3d1-8335-49f8-b600-49f350103b02/a992bcfba4daf650ca04ebdedb1b130409259460.roa
File:                     a992bcfba4daf650ca04ebdedb1b130409259460.roa (raw, json)
Hash identifier:          xLKh+W62UK6rGYntFpvJKMlvYeJ0JCHuA2jYdy1X9sk=
Subject key identifier:   4E:30:45:55:26:FC:A8:FC:24:0F:0D:E1:66:91:ED:1F:C2:D8:BF:CF
Certificate issuer:       /CN=bc60fae2b8b5d118366d0ffb0d7ecacf0167aed0
Certificate serial:       222BE9
Authority key identifier: 0A:26:3B:CE:B9:F7:4D:A9:83:42:09:5A:07:6F:E6:16:8D:F5:83:E3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bc60fae2b8b5d118366d0ffb0d7ecacf0167aed0.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/f80cb3d1-8335-49f8-b600-49f350103b02/a992bcfba4daf650ca04ebdedb1b130409259460.roa
Signing time:             Thu 08 Jun 2023 08:30:03 +0000
ROA not before:           Wed 07 Jun 2023 08:30:03 +0000
ROA not after:            Fri 06 Jun 2025 08:30:03 +0000
asID:                     27843
IP address blocks:        168.121.44.0/22 maxlen: 24
                          168.121.236.0/22 maxlen: 24
                          168.205.132.0/22 maxlen: 24
                          170.0.232.0/22 maxlen: 24
                          170.254.232.0/22 maxlen: 24
                          170.0.232.0/22 maxlen: 23
                          170.254.232.0/22 maxlen: 23

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2239465 (0x222be9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bc60fae2b8b5d118366d0ffb0d7ecacf0167aed0
        Validity
            Not Before: Jun  7 08:30:03 2023 GMT
            Not After : Jun  6 08:30:03 2025 GMT
        Subject: CN=a992bcfba4daf650ca04ebdedb1b130409259460
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:45:80:d3:d2:35:20:ac:64:d1:ac:17:e8:2f:
                    7d:8a:05:e3:9f:1d:15:a5:48:ad:a2:89:ec:e1:88:
                    58:4f:65:3d:6f:26:62:c0:41:16:38:22:94:aa:29:
                    2c:a9:d6:27:a8:cd:72:fb:69:09:62:b1:3f:fa:6c:
                    5f:34:87:74:cf:fd:c9:b1:f5:fc:57:82:b3:e3:8d:
                    43:bc:02:2a:f5:8d:e9:56:ec:b3:6a:f8:d6:c1:74:
                    b0:a6:97:90:20:3f:50:f0:db:40:0e:94:20:bc:72:
                    88:b1:c1:fc:7b:b1:7f:37:21:b9:61:bf:c8:6b:eb:
                    11:1d:cb:b2:bd:62:22:0f:49:2d:40:64:ff:a2:2f:
                    2b:2e:34:b2:5e:c1:b3:2d:a0:f4:85:ef:e4:c3:7f:
                    b5:89:26:82:84:4a:7c:76:35:5e:38:3b:83:d5:b7:
                    2a:9c:da:32:60:91:2d:d8:a9:a5:67:3e:e7:c4:81:
                    b9:c8:1b:06:9e:53:19:20:ca:14:37:47:87:0e:6d:
                    25:16:5e:c9:f0:2e:94:cb:fd:11:a6:a1:90:94:62:
                    8c:db:22:44:f8:2c:c6:a3:18:8f:41:21:02:d9:62:
                    5c:00:e4:50:98:8d:03:31:bc:c7:33:44:43:a2:77:
                    59:c6:38:7e:cb:aa:74:1f:4b:e5:07:37:49:a9:1d:
                    b8:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:30:45:55:26:FC:A8:FC:24:0F:0D:E1:66:91:ED:1F:C2:D8:BF:CF
            X509v3 Authority Key Identifier:
                keyid:0A:26:3B:CE:B9:F7:4D:A9:83:42:09:5A:07:6F:E6:16:8D:F5:83:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bc60fae2b8b5d118366d0ffb0d7ecacf0167aed0.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/f80cb3d1-8335-49f8-b600-49f350103b02/a992bcfba4daf650ca04ebdedb1b130409259460.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/f80cb3d1-8335-49f8-b600-49f350103b02/bc60fae2b8b5d118366d0ffb0d7ecacf0167aed0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.121.44.0/22
                  168.121.236.0/22
                  168.205.132.0/22
                  170.0.232.0/22
                  170.254.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0d:cd:6d:94:01:7d:74:af:39:21:e5:a2:a8:3f:2a:8a:09:8a:
         02:71:dd:db:26:39:95:78:fd:a1:1b:01:b2:30:b6:5d:42:55:
         d8:d9:95:52:3f:df:15:1a:f5:c0:83:e9:d9:52:b0:0e:e7:01:
         c8:e0:b1:e2:ef:86:fa:2d:1e:06:aa:a6:ef:2e:b7:f4:62:14:
         08:76:9b:d3:b5:32:ec:18:46:09:bf:04:62:7d:70:f1:f9:f1:
         77:c7:59:3a:60:98:37:82:01:b7:db:2b:69:05:b9:7d:66:3c:
         9c:d0:6f:1e:07:f9:bc:43:60:67:77:1c:42:43:2a:ea:73:a1:
         34:cb:bc:93:97:ab:21:fa:f0:86:eb:23:c0:73:a5:66:dd:c2:
         61:e9:0a:ba:cd:b9:2b:3e:f7:44:1d:ba:9f:d6:06:8f:4b:96:
         5e:5a:86:82:01:c3:90:f3:9a:f5:e1:79:52:12:0a:97:4c:40:
         f5:20:03:7b:82:34:b2:e1:c6:61:c1:ad:3f:39:5d:d9:f8:a7:
         2d:15:85:06:d1:8e:56:96:f0:92:95:05:c0:88:31:a7:98:d6:
         82:e2:f8:36:74:c1:0b:75:ac:ac:0c:81:b3:da:ab:0d:d0:b5:
         bb:fa:9d:e3:d6:e5:53:ed:67:3f:65:17:4f:fd:c1:b8:2e:f9:
         c6:68:a9:de
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgIDIivpMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJj
NjBmYWUyYjhiNWQxMTgzNjZkMGZmYjBkN2VjYWNmMDE2N2FlZDAwHhcNMjMwNjA3
MDgzMDAzWhcNMjUwNjA2MDgzMDAzWjAzMTEwLwYDVQQDEyhhOTkyYmNmYmE0ZGFm
NjUwY2EwNGViZGVkYjFiMTMwNDA5MjU5NDYwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAl0WA09I1IKxk0awX6C99igXjnx0VpUitoons4YhYT2U9byZi
wEEWOCKUqiksqdYnqM1y+2kJYrE/+mxfNId0z/3JsfX8V4Kz441DvAIq9Y3pVuyz
avjWwXSwppeQID9Q8NtADpQgvHKIscH8e7F/NyG5Yb/Ia+sRHcuyvWIiD0ktQGT/
oi8rLjSyXsGzLaD0he/kw3+1iSaChEp8djVeODuD1bcqnNoyYJEt2KmlZz7nxIG5
yBsGnlMZIMoUN0eHDm0lFl7J8C6Uy/0RpqGQlGKM2yJE+CzGoxiPQSEC2WJcAORQ
mI0DMbzHM0RDondZxjh+y6p0H0vlBzdJqR24swIDAQABo4ICczCCAm8wHQYDVR0O
BBYEFE4wRVUm/Kj8JA8N4WaR7R/C2L/PMB8GA1UdIwQYMBaAFAomO865902pg0IJ
Wgdv5haN9YPjMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmM2MGZh
ZTJiOGI1ZDExODM2NmQwZmZiMGQ3ZWNhY2YwMTY3YWVkMC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZjgwY2IzZDEtODMzNS00OWY4LWI2MDAtNDlmMzUw
MTAzYjAyL2E5OTJiY2ZiYTRkYWY2NTBjYTA0ZWJkZWRiMWIxMzA0MDkyNTk0NjAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9mODBjYjNkMS04MzM1LTQ5ZjgtYjYwMC00OWYz
NTAxMDNiMDIvYmM2MGZhZTJiOGI1ZDExODM2NmQwZmZiMGQ3ZWNhY2YwMTY3YWVk
MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQo
MCYwJAQCAAEwHgMEAqh5LAMEAqh57AMEAqjNhAMEAqoA6AMEAqr+6DANBgkqhkiG
9w0BAQsFAAOCAQEADc1tlAF9dK85IeWiqD8qigmKAnHd2yY5lXj9oRsBsjC2XUJV
2NmVUj/fFRr1wIPp2VKwDucByOCx4u+G+i0eBqqm7y639GIUCHab07Uy7BhGCb8E
Yn1w8fnxd8dZOmCYN4IBt9sraQW5fWY8nNBvHgf5vENgZ3ccQkMq6nOhNMu8k5er
IfrwhusjwHOlZt3CYekKus25Kz73RB26n9YGj0uWXlqGggHDkPOa9eF5UhIKl0xA
9SADe4I0suHGYcGtPzld2finLRWFBtGOVpbwkpUFwIgxp5jWguL4NnTBC3WsrAyB
s9qrDdC1u/qd49blU+1nP2UXT/3BuC75xmip3g==
-----END CERTIFICATE-----