Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D12029F6374506785F391111F104E6560701A9A4D27BD36FCFFF816C0FE626D8/0/3230302e33352e3134322e302f32342d3234203d3e2038303438.roa
File:                     3230302e33352e3134322e302f32342d3234203d3e2038303438.roa (raw, json)
Hash identifier:          cZX5tz1vmUcVoFZ7szzbbTLzv8YvJxDxlE7IHlZB6JY=
Subject key identifier:   79:EF:65:EA:43:84:53:6E:11:64:A8:D8:86:9F:34:BC:B7:A4:57:CA
Certificate issuer:       /CN=829CA7BB4382A648332FD377689E040166C505B5
Certificate serial:       11DC3123B7E56A129D97170529B6BB40FCEB2E8D
Authority key identifier: 82:9C:A7:BB:43:82:A6:48:33:2F:D3:77:68:9E:04:01:66:C5:05:B5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/829CA7BB4382A648332FD377689E040166C505B5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D12029F6374506785F391111F104E6560701A9A4D27BD36FCFFF816C0FE626D8/0/3230302e33352e3134322e302f32342d3234203d3e2038303438.roa
Signing time:             Tue 04 Feb 2025 18:44:30 +0000
ROA not before:           Tue 04 Feb 2025 18:39:30 +0000
ROA not after:            Tue 03 Feb 2026 18:44:30 +0000
asID:                     8048
IP address blocks:        200.35.142.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 27 Mar 2025 16:15:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:dc:31:23:b7:e5:6a:12:9d:97:17:05:29:b6:bb:40:fc:eb:2e:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=829CA7BB4382A648332FD377689E040166C505B5
        Validity
            Not Before: Feb  4 18:39:30 2025 GMT
            Not After : Feb  3 18:44:30 2026 GMT
        Subject: CN=79EF65EA4384536E1164A8D8869F34BCB7A457CA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:84:11:dd:3a:0b:eb:c5:8f:a8:29:b4:a1:13:
                    c6:b7:9e:48:80:8a:61:e5:4f:a1:6b:98:8e:c3:db:
                    3f:a6:95:b0:97:9f:59:2f:17:83:c8:0e:6c:0a:2e:
                    f0:64:a9:ad:6d:94:04:09:f0:61:68:da:d7:1f:14:
                    dd:7c:05:af:db:35:39:af:bf:ce:0c:ff:24:ca:5f:
                    4b:ad:ff:68:ac:78:26:fe:54:42:1a:8f:c9:68:3c:
                    c6:74:b4:12:d1:00:7b:0c:05:78:55:44:63:4b:2c:
                    e7:98:ad:c0:fe:a9:16:f1:2d:75:60:e7:6f:97:68:
                    84:da:b9:40:8b:f5:7f:75:fd:66:60:de:60:0b:ec:
                    fc:e2:cf:fc:da:5b:cf:f6:d4:d3:5d:0e:50:95:30:
                    4e:c4:c6:11:6d:06:78:f9:55:68:e0:fe:bb:76:a4:
                    d3:15:d8:de:00:0f:f4:ce:9d:e7:9f:95:a8:35:aa:
                    d6:42:c1:eb:fc:c5:af:67:95:8c:69:5e:c5:36:7d:
                    a3:5c:af:4c:ab:c7:29:8d:73:52:66:7b:85:73:72:
                    78:9b:1b:b5:cf:9c:fe:4d:03:97:65:2a:af:a9:fb:
                    fe:2f:8b:62:c9:ae:44:f7:2b:8c:59:bf:41:72:f2:
                    59:4b:a0:d5:85:1c:26:4e:1d:45:fd:f6:04:5b:51:
                    21:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:EF:65:EA:43:84:53:6E:11:64:A8:D8:86:9F:34:BC:B7:A4:57:CA
            X509v3 Authority Key Identifier:
                keyid:82:9C:A7:BB:43:82:A6:48:33:2F:D3:77:68:9E:04:01:66:C5:05:B5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D12029F6374506785F391111F104E6560701A9A4D27BD36FCFFF816C0FE626D8/0/829CA7BB4382A648332FD377689E040166C505B5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/829CA7BB4382A648332FD377689E040166C505B5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D12029F6374506785F391111F104E6560701A9A4D27BD36FCFFF816C0FE626D8/0/3230302e33352e3134322e302f32342d3234203d3e2038303438.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.35.142.0/24

    Signature Algorithm: sha256WithRSAEncryption
         79:b5:5c:eb:02:b3:9a:d6:85:4d:ee:7a:bf:26:81:5b:9b:f1:
         8d:32:af:f2:a8:0e:b4:bf:82:86:61:83:f3:85:b0:ff:77:6c:
         2f:6c:66:0f:4f:3d:c4:ac:24:6f:c8:fe:a6:6f:91:43:a7:bd:
         90:18:ec:57:2a:9e:69:c4:1b:e9:2f:4b:98:e1:4e:5a:3f:48:
         dc:bf:83:a8:91:2f:ef:05:99:3a:ef:f0:a0:78:11:cd:a2:00:
         55:9a:48:50:7f:07:63:21:47:dc:f1:4c:67:f8:48:99:c6:ae:
         1e:24:20:cd:c4:7d:ab:d6:87:eb:77:72:0a:46:ad:93:50:ed:
         56:aa:b0:7e:1f:6a:52:2b:49:b0:fa:af:ee:ee:f7:1c:ec:c9:
         a9:df:f5:71:80:5f:83:e0:b5:b1:9f:d1:a2:79:be:f0:ed:dc:
         de:11:d4:73:d2:a7:42:52:b8:c0:a5:08:da:83:7c:c0:42:2f:
         0a:5c:d4:04:86:5a:64:49:b4:3c:3e:73:8d:a6:c0:71:cb:70:
         91:e2:fe:b1:b4:7e:56:95:21:79:a3:45:35:5b:d1:1d:a4:7a:
         0b:ca:53:22:ed:74:f4:d3:c8:0c:8b:6c:a9:61:79:f9:49:58:
         0e:bc:79:7f:34:7b:a8:ad:86:81:11:9e:1e:4a:06:89:7c:b1:
         dc:b8:91:f8
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUEdwxI7flahKdlxcFKba7QPzrLo0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODI5Q0E3QkI0MzgyQTY0ODMzMkZEMzc3Njg5RTA0MDE2
NkM1MDVCNTAeFw0yNTAyMDQxODM5MzBaFw0yNjAyMDMxODQ0MzBaMDMxMTAvBgNV
BAMTKDc5RUY2NUVBNDM4NDUzNkUxMTY0QThEODg2OUYzNEJDQjdBNDU3Q0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVhBHdOgvrxY+oKbShE8a3nkiA
imHlT6FrmI7D2z+mlbCXn1kvF4PIDmwKLvBkqa1tlAQJ8GFo2tcfFN18Ba/bNTmv
v84M/yTKX0ut/2iseCb+VEIaj8loPMZ0tBLRAHsMBXhVRGNLLOeYrcD+qRbxLXVg
52+XaITauUCL9X91/WZg3mAL7Pziz/zaW8/21NNdDlCVME7ExhFtBnj5VWjg/rt2
pNMV2N4AD/TOneeflag1qtZCwev8xa9nlYxpXsU2faNcr0yrxymNc1Jme4Vzcnib
G7XPnP5NA5dlKq+p+/4vi2LJrkT3K4xZv0Fy8llLoNWFHCZOHUX99gRbUSGhAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUee9l6kOEU24RZKjYhp80vLekV8owHwYDVR0j
BBgwFoAUgpynu0OCpkgzL9N3aJ4EAWbFBbUwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EMTIwMjlGNjM3NDUwNjc4NUYzOTExMTFGMTA0RTY1NjA3
MDFBOUE0RDI3QkQzNkZDRkZGODE2QzBGRTYyNkQ4LzAvODI5Q0E3QkI0MzgyQTY0
ODMzMkZEMzc3Njg5RTA0MDE2NkM1MDVCNS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84MjlDQTdCQjQzODJBNjQ4MzMy
RkQzNzc2ODlFMDQwMTY2QzUwNUI1LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDEyMDI5RjYzNzQ1MDY3ODVGMzkxMTExRjEwNEU2NTYwNzAxQTlBNEQy
N0JEMzZGQ0ZGRjgxNkMwRkU2MjZEOC8wLzMyMzAzMDJlMzMzNTJlMzEzNDMyMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMDM0Mzgucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADII44wDQYJ
KoZIhvcNAQELBQADggEBAHm1XOsCs5rWhU3uer8mgVub8Y0yr/KoDrS/goZhg/OF
sP93bC9sZg9PPcSsJG/I/qZvkUOnvZAY7FcqnmnEG+kvS5jhTlo/SNy/g6iRL+8F
mTrv8KB4Ec2iAFWaSFB/B2MhR9zxTGf4SJnGrh4kIM3EfavWh+t3cgpGrZNQ7Vaq
sH4falIrSbD6r+7u9xzsyanf9XGAX4PgtbGf0aJ5vvDt3N4R1HPSp0JSuMClCNqD
fMBCLwpc1ASGWmRJtDw+c42mwHHLcJHi/rG0flaVIXmjRTVb0R2kegvKUyLtdPTT
yAyLbKlheflJWA68eX80e6ithoERnh5KBol8sdy4kfg=
-----END CERTIFICATE-----