Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/14CB370010DE6D85153F1C51BFF7A0D15EEE00AE2DE4C16398C1B30E930DFF07/0/3136382e3139342e37322e302f32322d3234203d3e20323634373634.roa
File:                     3136382e3139342e37322e302f32322d3234203d3e20323634373634.roa (raw, json)
Hash identifier:          jQqPeiuNhw7ADRnpy9XCBHfZd5YmvmQ8SIhHBpSp3aE=
Subject key identifier:   7B:2A:13:99:64:6D:3D:71:5D:D8:6B:58:0C:F9:F6:59:E4:B2:FC:AC
Certificate issuer:       /CN=95116A890D205119BAB4C1812515C4DD5B11AEFF
Certificate serial:       3B95A5DA63D3D63F09D179F11FC78011A17AE118
Authority key identifier: 95:11:6A:89:0D:20:51:19:BA:B4:C1:81:25:15:C4:DD:5B:11:AE:FF
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/95116A890D205119BAB4C1812515C4DD5B11AEFF.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/14CB370010DE6D85153F1C51BFF7A0D15EEE00AE2DE4C16398C1B30E930DFF07/0/3136382e3139342e37322e302f32322d3234203d3e20323634373634.roa
Signing time:             Wed 19 Feb 2025 13:25:14 +0000
ROA not before:           Wed 19 Feb 2025 13:20:14 +0000
ROA not after:            Wed 18 Feb 2026 13:25:14 +0000
asID:                     264764
IP address blocks:        168.194.72.0/22 maxlen: 24
Validation:               Failed, certificate revoked on Wed 19 Feb 2025 14:10:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3b:95:a5:da:63:d3:d6:3f:09:d1:79:f1:1f:c7:80:11:a1:7a:e1:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95116A890D205119BAB4C1812515C4DD5B11AEFF
        Validity
            Not Before: Feb 19 13:20:14 2025 GMT
            Not After : Feb 18 13:25:14 2026 GMT
        Subject: CN=7B2A1399646D3D715DD86B580CF9F659E4B2FCAC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:98:fa:aa:7c:78:b3:61:25:1f:40:87:e4:c1:
                    26:92:a5:84:a9:fb:fd:68:b4:8c:1b:31:56:da:67:
                    3e:17:1d:db:fc:92:b1:c9:56:f8:93:6e:3b:40:20:
                    13:9e:0d:1e:45:0b:3c:9f:a7:54:f4:69:19:b8:bb:
                    74:18:0e:ca:13:bb:5d:b8:4f:5a:37:2d:7d:cd:29:
                    49:26:f4:a7:2b:ea:0a:a8:81:e8:51:25:8e:4c:fa:
                    b6:ce:04:b5:5c:0e:a3:8e:73:6d:83:df:f2:0d:30:
                    50:62:77:06:b2:d5:b7:5e:f9:be:6d:7c:48:c0:d9:
                    4c:06:e3:f6:5e:6a:e9:44:0c:3b:2b:44:1c:41:19:
                    ff:55:37:4b:0a:17:12:59:87:f4:68:97:ee:de:17:
                    ee:36:88:93:14:52:0f:d0:d3:8b:e5:5d:1d:d0:44:
                    7a:48:64:de:b2:2b:16:2f:94:64:03:1a:8e:1d:ef:
                    f3:41:de:e0:61:fb:5c:04:e6:19:12:5c:38:00:2f:
                    8b:22:3b:0c:83:ba:de:7e:a6:9c:2a:2f:2c:88:64:
                    94:a3:af:49:23:36:48:82:1c:f3:c1:75:df:f0:ee:
                    6a:f0:23:b5:17:67:9c:6a:fa:a1:83:54:1c:1c:20:
                    8a:46:e1:72:f7:eb:3e:91:8c:8f:45:a6:30:00:52:
                    cc:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:2A:13:99:64:6D:3D:71:5D:D8:6B:58:0C:F9:F6:59:E4:B2:FC:AC
            X509v3 Authority Key Identifier:
                keyid:95:11:6A:89:0D:20:51:19:BA:B4:C1:81:25:15:C4:DD:5B:11:AE:FF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/14CB370010DE6D85153F1C51BFF7A0D15EEE00AE2DE4C16398C1B30E930DFF07/0/95116A890D205119BAB4C1812515C4DD5B11AEFF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/95116A890D205119BAB4C1812515C4DD5B11AEFF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/14CB370010DE6D85153F1C51BFF7A0D15EEE00AE2DE4C16398C1B30E930DFF07/0/3136382e3139342e37322e302f32322d3234203d3e20323634373634.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.194.72.0/22

    Signature Algorithm: sha256WithRSAEncryption
         41:0b:d5:cf:a3:5a:a5:bb:83:75:ee:dd:0f:5d:a7:5e:7d:73:
         22:1f:a5:ec:69:48:db:8b:b1:9a:cf:fe:e7:84:bc:33:d9:64:
         bd:7a:30:ca:82:4e:94:2a:52:84:d5:12:8f:8c:d6:13:0b:f1:
         3e:76:8a:4a:9c:7a:68:ad:1c:53:f0:27:98:dc:7e:83:74:5e:
         4c:94:2f:e5:6d:e5:7b:f6:36:63:0c:42:86:2b:79:ee:48:bf:
         41:25:64:4f:a3:8a:75:49:4e:a9:e8:d4:eb:1b:26:04:f5:10:
         77:23:35:73:f6:da:be:b7:32:5d:bd:fb:a7:07:dd:e4:8c:97:
         4a:e4:7b:5d:95:cf:47:b1:9b:d0:10:87:b7:d4:09:4c:11:05:
         26:b1:04:0c:af:5d:03:82:d6:dc:b5:4b:b2:13:ec:19:2f:50:
         13:ce:f2:f2:bc:ab:6c:a8:3b:31:7b:01:44:de:b6:23:f7:31:
         83:18:3c:fc:f7:ab:39:63:55:26:71:25:8d:96:87:3b:19:2f:
         ac:42:dc:d4:52:2a:c7:eb:f7:8e:32:fb:e0:f0:dc:90:53:a1:
         af:57:86:f8:5e:35:88:a5:bd:92:ae:38:e2:e7:a6:8e:2c:d6:
         b6:4a:d0:df:e5:6b:39:b1:1b:97:9a:5a:73:3f:95:89:54:09:
         f2:11:4e:67
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUO5Wl2mPT1j8J0XnxH8eAEaF64RgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTUxMTZBODkwRDIwNTExOUJBQjRDMTgxMjUxNUM0REQ1
QjExQUVGRjAeFw0yNTAyMTkxMzIwMTRaFw0yNjAyMTgxMzI1MTRaMDMxMTAvBgNV
BAMTKDdCMkExMzk5NjQ2RDNENzE1REQ4NkI1ODBDRjlGNjU5RTRCMkZDQUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1mPqqfHizYSUfQIfkwSaSpYSp
+/1otIwbMVbaZz4XHdv8krHJVviTbjtAIBOeDR5FCzyfp1T0aRm4u3QYDsoTu124
T1o3LX3NKUkm9Kcr6gqogehRJY5M+rbOBLVcDqOOc22D3/INMFBidway1bde+b5t
fEjA2UwG4/ZeaulEDDsrRBxBGf9VN0sKFxJZh/Rol+7eF+42iJMUUg/Q04vlXR3Q
RHpIZN6yKxYvlGQDGo4d7/NB3uBh+1wE5hkSXDgAL4siOwyDut5+ppwqLyyIZJSj
r0kjNkiCHPPBdd/w7mrwI7UXZ5xq+qGDVBwcIIpG4XL36z6RjI9FpjAAUswjAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUeyoTmWRtPXFd2GtYDPn2WeSy/KwwHwYDVR0j
BBgwFoAUlRFqiQ0gURm6tMGBJRXE3VsRrv8wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNENCMzcwMDEwREU2RDg1MTUzRjFDNTFCRkY3QTBEMTVF
RUUwMEFFMkRFNEMxNjM5OEMxQjMwRTkzMERGRjA3LzAvOTUxMTZBODkwRDIwNTEx
OUJBQjRDMTgxMjUxNUM0REQ1QjExQUVGRi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85NTExNkE4OTBEMjA1MTE5QkFC
NEMxODEyNTE1QzRERDVCMTFBRUZGLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTRDQjM3MDAxMERFNkQ4NTE1M0YxQzUxQkZGN0EwRDE1RUVFMDBBRTJE
RTRDMTYzOThDMUIzMEU5MzBERkYwNy8wLzMxMzYzODJlMzEzOTM0MmUzNzMyMmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNjM0MzczNjM0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCqMJI
MA0GCSqGSIb3DQEBCwUAA4IBAQBBC9XPo1qlu4N17t0PXadefXMiH6XsaUjbi7Ga
z/7nhLwz2WS9ejDKgk6UKlKE1RKPjNYTC/E+dopKnHporRxT8CeY3H6DdF5MlC/l
beV79jZjDEKGK3nuSL9BJWRPo4p1SU6p6NTrGyYE9RB3IzVz9tq+tzJdvfunB93k
jJdK5Htdlc9HsZvQEIe31AlMEQUmsQQMr10DgtbctUuyE+wZL1ATzvLyvKtsqDsx
ewFE3rYj9zGDGDz896s5Y1UmcSWNloc7GS+sQtzUUirH6/eOMvvg8NyQU6GvV4b4
XjWIpb2Srjji56aOLNa2StDf5Ws5sRuXmlpzP5WJVAnyEU5n
-----END CERTIFICATE-----