Route Origin Authorization
Location:                 rpki.ripe.net/repository/DEFAULT/04/c425fd-980a-4646-a162-9c2914ef8753/1/JHa3A3TQhXMlMD6ZTSPpz3VXRyY.roa (download)

Subject key identifier:   24:76:B7:03:74:D0:85:73:25:30:3E:99:4D:23:E9:CF:75:57:47:26 
Authority key identifier: 45:4B:EF:73:C5:A4:76:87:B2:B5:C5:27:6B:0D:BC:07:0B:B9:CB:50
asID:                     AS1239
Prefixes:
    1: 185.253.3.0/24 maxlen: 24

--
$ test-roa -p rpki.ripe.net/repository/DEFAULT/04/c425fd-980a-4646-a162-9c2914ef8753/1/JHa3A3TQhXMlMD6ZTSPpz3VXRyY.roa | openssl x509 -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13122534 (0xc83be6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=454bef73c5a47687b2b5c5276b0dbc070bb9cb50
        Validity
            Not Before: Jan  1 07:57:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2476b70374d0857325303e994d23e9cf75574726
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:70:34:e2:46:0a:a1:cb:39:13:ab:8c:fe:a0:
                    67:8b:e8:9d:9f:2b:71:20:13:71:1e:1e:cc:a8:dd:
                    69:e1:63:ed:ce:8a:71:a6:59:59:0c:55:f0:57:cc:
                    62:90:0d:00:24:ef:93:57:5c:17:42:f0:de:8c:de:
                    3f:6f:ea:1b:cc:f5:0f:b0:81:82:e0:3b:4d:4a:f0:
                    40:99:a7:86:41:62:ec:80:f1:65:55:da:b5:41:de:
                    a7:9a:9e:ca:5b:cb:ae:85:25:f0:bb:0b:b9:b7:c7:
                    a1:c5:e8:14:00:4a:27:93:b6:bb:c8:8b:ef:6f:fe:
                    aa:37:c8:6d:66:52:37:10:d0:8c:9e:d4:25:56:6b:
                    72:d6:dd:88:71:64:62:aa:64:62:c0:15:5d:e1:dc:
                    1e:aa:f8:ca:79:7b:b0:e6:cb:ab:e4:57:41:11:83:
                    69:70:23:ce:41:34:4e:69:a7:b3:0c:ad:d2:0b:9d:
                    6a:1c:29:e3:41:6e:ec:1a:42:f4:02:ef:61:8b:aa:
                    4c:94:84:45:a5:40:c6:94:3d:37:fb:9e:74:ed:27:
                    e3:57:ad:da:fd:d0:6b:04:ee:6d:90:45:9b:cb:80:
                    e8:b4:d5:56:d0:34:44:3e:04:a8:9e:c1:cc:ba:f8:
                    38:db:55:e2:fe:e4:45:b3:f0:18:7c:df:53:ff:0e:
                    20:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                24:76:B7:03:74:D0:85:73:25:30:3E:99:4D:23:E9:CF:75:57:47:26
            X509v3 Authority Key Identifier: 
                keyid:45:4B:EF:73:C5:A4:76:87:B2:B5:C5:27:6B:0D:BC:07:0B:B9:CB:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RUvvc8WkdoeytcUnaw28Bwu5y1A.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/c425fd-980a-4646-a162-9c2914ef8753/1/JHa3A3TQhXMlMD6ZTSPpz3VXRyY.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/c425fd-980a-4646-a162-9c2914ef8753/1/RUvvc8WkdoeytcUnaw28Bwu5y1A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.253.3.0/24

    Signature Algorithm: sha256WithRSAEncryption
         44:23:50:0a:14:fe:17:9a:f0:81:6d:30:18:fd:58:bf:8f:d5:
         2c:99:d6:85:0b:e4:df:68:7a:de:33:d8:c2:c6:27:86:cc:40:
         42:ba:6a:5a:63:8d:3c:a1:2a:bd:9a:f7:71:ff:45:fc:8e:cd:
         a3:ab:bb:3a:ba:09:a8:dc:54:1d:a5:b9:35:75:e9:6f:9a:dc:
         84:4e:ff:a4:4b:04:fc:39:80:c6:83:a3:5e:d6:4d:95:6f:d8:
         c3:c6:fe:8c:34:a8:bf:db:45:1a:d4:cc:04:08:ed:e7:4c:40:
         51:aa:67:f8:c1:d2:dc:ca:fd:95:ad:c3:68:d4:e7:e1:64:54:
         20:25:ac:65:a8:d2:9f:f3:1a:95:f0:54:13:3a:4d:56:2f:4b:
         7e:9a:56:c7:ca:ff:2b:e2:47:d3:7f:ae:e6:f6:7f:4b:5b:e9:
         5a:f3:f5:6f:27:8d:a0:4e:f4:a7:f0:7c:52:c0:e5:2b:fb:a9:
         ce:6b:e2:a9:53:7f:80:f0:66:54:56:df:28:f4:22:1e:2d:89:
         99:97:f8:ed:40:ae:a5:c8:57:79:97:36:06:f0:3f:b0:0a:df:
         2b:f6:ae:73:ba:1d:06:06:f7:a5:e3:d8:2b:e5:7d:2b:bf:1a:
         29:f1:0b:e8:e0:16:e5:64:e6:9d:05:3c:8b:6a:13:7c:eb:40:
         cc:01:fa:cf
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAMg75jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NTRiZWY3M2M1YTQ3Njg3YjJiNWM1Mjc2YjBkYmMwNzBiYjljYjUwMB4XDTIyMDEw
MTA3NTc0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjQ3NmI3MDM3NGQw
ODU3MzI1MzAzZTk5NGQyM2U5Y2Y3NTU3NDcyNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKxwNOJGCqHLOROrjP6gZ4vonZ8rcSATcR4ezKjdaeFj7c6K
caZZWQxV8FfMYpANACTvk1dcF0Lw3ozeP2/qG8z1D7CBguA7TUrwQJmnhkFi7IDx
ZVXatUHep5qeylvLroUl8LsLubfHocXoFABKJ5O2u8iL72/+qjfIbWZSNxDQjJ7U
JVZrctbdiHFkYqpkYsAVXeHcHqr4ynl7sObLq+RXQRGDaXAjzkE0Tmmnswyt0gud
ahwp40Fu7BpC9ALvYYuqTJSERaVAxpQ9N/uedO0n41et2v3QawTubZBFm8uA6LTV
VtA0RD4EqJ7BzLr4ONtV4v7kRbPwGHzfU/8OIKECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQkdrcDdNCFcyUwPplNI+nPdVdHJjAfBgNVHSMEGDAWgBRFS+9zxaR2h7K1
xSdrDbwHC7nLUDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JVdnZjOFdrZG9leXRjVW5hdzI4Qnd1NXkxQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDQvYzQyNWZkLTk4MGEtNDY0Ni1hMTYyLTljMjkxNGVmODc1My8x
L0pIYTNBM1RRaFhNbE1ENlpUU1BwejNWWFJ5WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDQv
YzQyNWZkLTk4MGEtNDY0Ni1hMTYyLTljMjkxNGVmODc1My8xL1JVdnZjOFdrZG9l
eXRjVW5hdzI4Qnd1NXkxQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALn9AzANBgkqhkiG9w0BAQsFAAOC
AQEARCNQChT+F5rwgW0wGP1Yv4/VLJnWhQvk32h63jPYwsYnhsxAQrpqWmONPKEq
vZr3cf9F/I7No6u7OroJqNxUHaW5NXXpb5rchE7/pEsE/DmAxoOjXtZNlW/Yw8b+
jDSov9tFGtTMBAjt50xAUapn+MHS3Mr9la3DaNTn4WRUICWsZajSn/MalfBUEzpN
Vi9LfppWx8r/K+JH03+u5vZ/S1vpWvP1byeNoE70p/B8UsDlK/upzmviqVN/gPBm
VFbfKPQiHi2JmZf47UCupchXeZc2BvA/sArfK/auc7odBgb3pePYK+V9K78aKfEL
6OAW5WTmnQU8i2oTfOtAzAH6zw==
-----END CERTIFICATE-----

Generated at Sun Jan 30 12:28:49 2022 by LibreSSL & rpki-client.