Route Origin Authorization
Location:                 rpki.ripe.net/repository/DEFAULT/10/5a32bc-0836-47ec-b5b3-2f5b6a83faf3/1/qXPFQ67VDsnuLeB7SA0JjprsGco.roa (download)

Subject key identifier:   A9:73:C5:43:AE:D5:0E:C9:EE:2D:E0:7B:48:0D:09:8E:9A:EC:19:CA 
Authority key identifier: 36:90:01:83:CF:08:A6:E5:BC:80:78:46:29:4A:46:06:2E:19:0E:3B
asID:                     AS400039
Prefixes:
    1: 45.11.187.0/24 maxlen: 24

--
$ test-roa -p rpki.ripe.net/repository/DEFAULT/10/5a32bc-0836-47ec-b5b3-2f5b6a83faf3/1/qXPFQ67VDsnuLeB7SA0JjprsGco.roa | openssl x509 -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4699172 (0x47b424)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36900183cf08a6e5bc807846294a46062e190e3b
        Validity
            Not Before: Jan  5 07:01:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a973c543aed50ec9ee2de07b480d098e9aec19ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:cf:0a:fa:40:e3:6e:40:67:79:af:25:02:3e:
                    bd:b9:0e:63:ca:7b:c7:80:a9:0c:76:10:1b:6e:c6:
                    75:7e:ab:0d:fb:fa:81:7d:5f:d5:5e:55:77:92:52:
                    93:91:d4:62:d7:c0:58:69:63:c2:e9:6f:d1:c2:65:
                    af:f2:c7:4a:0c:11:b9:ee:6d:66:80:47:90:65:b8:
                    d7:d9:2d:78:7d:3d:cf:f1:28:bc:5a:fd:de:76:7a:
                    40:25:9c:23:41:0a:de:fc:f3:ed:74:71:8d:89:28:
                    2b:15:93:dd:6b:0a:ff:34:96:2e:6b:bf:ed:19:9f:
                    8a:4f:fd:ac:17:aa:bb:04:5d:93:78:f9:61:30:5f:
                    43:1b:c4:c2:2b:5c:16:7b:2d:bd:30:d2:5e:20:9e:
                    4c:64:77:17:d4:ed:47:40:fd:e6:7f:6a:95:d8:c5:
                    6d:d0:eb:80:f4:38:5c:8d:68:6a:25:79:29:b4:3b:
                    26:3d:67:34:52:24:c2:5b:71:0d:49:03:1f:e1:a7:
                    83:1e:70:44:e9:0f:25:06:33:30:29:e0:e4:a8:e2:
                    f5:8e:e1:03:e2:c6:0b:1b:81:2b:35:48:d0:fd:32:
                    84:89:1c:b6:c8:5e:43:f0:94:6f:d6:67:6b:ca:8d:
                    f4:5d:c6:39:3b:f7:86:75:c9:2a:12:58:65:0f:01:
                    22:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                A9:73:C5:43:AE:D5:0E:C9:EE:2D:E0:7B:48:0D:09:8E:9A:EC:19:CA
            X509v3 Authority Key Identifier: 
                keyid:36:90:01:83:CF:08:A6:E5:BC:80:78:46:29:4A:46:06:2E:19:0E:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpABg88IpuW8gHhGKUpGBi4ZDjs.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/5a32bc-0836-47ec-b5b3-2f5b6a83faf3/1/qXPFQ67VDsnuLeB7SA0JjprsGco.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/5a32bc-0836-47ec-b5b3-2f5b6a83faf3/1/NpABg88IpuW8gHhGKUpGBi4ZDjs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.11.187.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:45:c4:89:7e:b9:4f:38:28:68:32:aa:f2:a5:55:82:d4:59:
         27:34:84:18:38:20:70:e2:8d:b5:d8:70:c0:08:c3:82:69:7b:
         5f:88:e0:79:ac:24:81:df:99:84:e3:b7:7a:04:35:46:0f:79:
         2d:a0:70:ba:21:c6:57:cc:6e:ff:f8:6b:be:b4:7c:a0:fc:a6:
         a3:62:15:b1:f2:6a:93:32:1d:5d:c1:99:4e:28:a6:9f:22:a1:
         f6:13:99:e8:2e:f7:87:d6:15:4f:dc:12:37:13:50:02:43:df:
         78:b8:09:1b:34:80:6a:df:71:fe:e6:e0:e2:52:b1:8a:df:d3:
         ab:bf:1e:0b:41:1f:af:56:8d:43:c4:5f:95:fe:e7:f2:4c:b4:
         57:7e:7c:b0:69:45:58:be:78:24:40:fb:84:b7:fc:4e:0f:1f:
         eb:46:31:44:7c:ce:45:fe:b5:2e:a0:04:fd:ed:fc:a1:06:81:
         0b:5d:de:3d:21:68:4b:31:fa:69:07:69:30:dd:44:6e:ed:21:
         cf:e3:a5:63:f8:e0:17:b5:fa:14:b9:5c:94:66:9c:79:c2:f9:
         3f:a8:0a:6e:b1:62:18:95:7c:b3:5d:84:b7:97:f7:94:d2:21:
         d9:b6:a6:7d:2c:51:74:2a:58:95:40:5f:d9:9e:cf:cc:cd:b5:
         09:74:43:ce
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDR7QkMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDM2
OTAwMTgzY2YwOGE2ZTViYzgwNzg0NjI5NGE0NjA2MmUxOTBlM2IwHhcNMjIwMTA1
MDcwMTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhhOTczYzU0M2FlZDUw
ZWM5ZWUyZGUwN2I0ODBkMDk4ZTlhZWMxOWNhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAms8K+kDjbkBnea8lAj69uQ5jynvHgKkMdhAbbsZ1fqsN+/qB
fV/VXlV3klKTkdRi18BYaWPC6W/RwmWv8sdKDBG57m1mgEeQZbjX2S14fT3P8Si8
Wv3ednpAJZwjQQre/PPtdHGNiSgrFZPdawr/NJYua7/tGZ+KT/2sF6q7BF2TePlh
MF9DG8TCK1wWey29MNJeIJ5MZHcX1O1HQP3mf2qV2MVt0OuA9DhcjWhqJXkptDsm
PWc0UiTCW3ENSQMf4aeDHnBE6Q8lBjMwKeDkqOL1juED4sYLG4ErNUjQ/TKEiRy2
yF5D8JRv1mdryo30XcY5O/eGdckqElhlDwEiuQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFKlzxUOu1Q7J7i3ge0gNCY6a7BnKMB8GA1UdIwQYMBaAFDaQAYPPCKblvIB4
RilKRgYuGQ47MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
TnBBQmc4OElwdVc4Z0hoR0tVcEdCaTRaRGpzLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8xMC81YTMyYmMtMDgzNi00N2VjLWI1YjMtMmY1YjZhODNmYWYzLzEv
cVhQRlE2N1ZEc251TGVCN1NBMEpqcHJzR2NvLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC81
YTMyYmMtMDgzNi00N2VjLWI1YjMtMmY1YjZhODNmYWYzLzEvTnBBQmc4OElwdVc4
Z0hoR0tVcEdCaTRaRGpzLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQu7MA0GCSqGSIb3DQEBCwUAA4IB
AQBPRcSJfrlPOChoMqrypVWC1FknNIQYOCBw4o212HDACMOCaXtfiOB5rCSB35mE
47d6BDVGD3ktoHC6IcZXzG7/+Gu+tHyg/KajYhWx8mqTMh1dwZlOKKafIqH2E5no
LveH1hVP3BI3E1ACQ994uAkbNIBq33H+5uDiUrGK39Orvx4LQR+vVo1DxF+V/ufy
TLRXfnywaUVYvngkQPuEt/xODx/rRjFEfM5F/rUuoAT97fyhBoELXd49IWhLMfpp
B2kw3URu7SHP46Vj+OAXtfoUuVyUZpx5wvk/qApusWIYlXyzXYS3l/eU0iHZtqZ9
LFF0KliVQF/Zns/MzbUJdEPO
-----END CERTIFICATE-----

Generated at Sun Jan 30 12:39:27 2022 by LibreSSL & rpki-client.