Route Origin Authorization
Location:                 rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/2qCEVBc7yye-XHVcew8HcY_3OGM.roa (download)

Subject key identifier:   DA:A0:84:54:17:3B:CB:27:BE:5C:75:5C:7B:0F:07:71:8F:F7:38:63 
Authority key identifier: 9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
asID:                     AS1239
Prefixes:
    1: 2.56.32.0/22 maxlen: 22

--
$ test-roa -p rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/2qCEVBc7yye-XHVcew8HcY_3OGM.roa | openssl x509 -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 45163810 (0x2b12522)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
        Validity
            Not Before: Jun 23 05:18:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=daa08454173bcb27be5c755c7b0f07718ff73863
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:e7:b8:73:92:7b:eb:24:75:bd:b5:ba:ce:70:
                    f6:2f:85:57:a7:6e:8f:1d:cb:94:eb:32:5c:0c:28:
                    97:13:3a:98:e7:bd:2a:3c:a7:1e:63:53:5e:c8:99:
                    cb:ac:cd:e6:de:73:3c:e3:5b:f8:7b:08:09:85:a2:
                    c2:31:39:bd:4f:3d:91:95:8f:30:8a:48:65:d7:fe:
                    63:be:ac:51:2e:9e:fb:de:e9:91:24:f1:f5:f4:c5:
                    57:52:a4:ed:cf:91:f7:1e:26:69:f9:71:04:62:a7:
                    6f:84:29:f7:70:e5:b6:82:cb:8a:54:b0:b3:87:3c:
                    1e:44:d0:ce:c9:39:cf:d1:30:d9:6b:14:81:97:5d:
                    66:b5:da:13:71:5f:0c:03:67:97:c6:a9:2e:07:a3:
                    d6:44:d5:76:64:ae:67:10:98:8f:f4:b7:30:d5:0b:
                    7a:f1:e3:b9:40:e7:e2:b6:cb:75:0a:2a:37:e2:45:
                    18:88:5b:ab:64:eb:8a:dc:d8:e4:90:2a:e5:3a:fd:
                    1d:71:c3:2f:02:5a:7b:42:c5:99:c2:ff:9f:f4:19:
                    8b:09:03:ec:3c:93:f9:98:91:41:48:f5:f4:d9:6f:
                    c5:d3:67:00:0d:00:bc:3a:57:07:7e:47:c2:cb:96:
                    21:f9:18:6f:55:98:24:a8:25:7a:93:1d:da:7d:19:
                    09:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                DA:A0:84:54:17:3B:CB:27:BE:5C:75:5C:7B:0F:07:71:8F:F7:38:63
            X509v3 Authority Key Identifier: 
                keyid:9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/2qCEVBc7yye-XHVcew8HcY_3OGM.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.56.32.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0b:05:af:5f:cf:05:64:96:b7:46:9a:3b:bf:e4:5b:d3:f4:80:
         84:b0:fe:48:58:9b:28:be:4f:a0:1b:68:29:01:64:fb:4a:28:
         82:a1:57:e8:a3:0e:15:98:2f:72:8f:d0:51:fd:89:35:12:e7:
         4b:1d:fe:71:15:2f:9f:47:d1:1a:a1:08:dd:97:5b:91:a6:bd:
         87:48:f6:fa:94:89:03:29:41:e0:93:dc:d4:24:3f:87:80:83:
         4a:f5:ea:66:6d:4a:1f:c5:81:ec:1f:47:b0:bc:ec:21:cb:d5:
         22:d5:09:32:52:9f:58:68:a6:f4:7c:46:fb:25:70:6d:94:c2:
         cb:f0:62:e6:5a:8c:55:5a:45:8d:3d:53:8c:43:a9:f6:1f:17:
         99:6c:33:96:53:a0:78:a4:ae:32:f7:e4:81:69:a9:76:b7:8f:
         3e:4b:73:69:37:8a:6e:3e:57:2e:d0:9a:1d:ad:34:aa:51:0e:
         46:57:16:7c:fa:1e:72:bb:3c:1f:1a:05:ac:c9:f2:3b:d9:5c:
         25:87:ba:6d:63:55:cd:7b:19:d8:fa:3b:ba:e0:55:a4:43:56:
         fc:2d:46:96:79:d9:22:82:4b:fb:c3:49:7e:99:9b:55:ed:5d:
         b5:14:9d:e3:f8:8b:75:c5:2c:fc:42:aa:53:51:b0:57:ed:f7:
         4b:9b:31:06
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEArElIjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
Y2IyNWNlNTUwZTRkOWJkYTA1YmQ1ZDQ1YzhiNmJhMzc0MzBiYmJhMB4XDTIyMDYy
MzA1MTgxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGFhMDg0NTQxNzNi
Y2IyN2JlNWM3NTVjN2IwZjA3NzE4ZmY3Mzg2MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANXnuHOSe+skdb21us5w9i+FV6dujx3LlOsyXAwolxM6mOe9
KjynHmNTXsiZy6zN5t5zPONb+HsICYWiwjE5vU89kZWPMIpIZdf+Y76sUS6e+97p
kSTx9fTFV1Kk7c+R9x4maflxBGKnb4Qp93DltoLLilSws4c8HkTQzsk5z9Ew2WsU
gZddZrXaE3FfDANnl8apLgej1kTVdmSuZxCYj/S3MNULevHjuUDn4rbLdQoqN+JF
GIhbq2TritzY5JAq5Tr9HXHDLwJae0LFmcL/n/QZiwkD7DyT+ZiRQUj19NlvxdNn
AA0AvDpXB35HwsuWIfkYb1WYJKglepMd2n0ZCesCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTaoIRUFzvLJ75cdVx7Dwdxj/c4YzAfBgNVHSMEGDAWgBScslzlUOTZvaBb
1dRci2ujdDC7ujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25MSmM1VkRrMmIyZ1c5WFVYSXRybzNRd3U3by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWEvNGYzMzZiLTRhNzktNDQyNS05NTU2LWJlNDVmMGQyYWJiYi8x
LzJxQ0VWQmM3eXllLVhIVmNldzhIY1lfM09HTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWEv
NGYzMzZiLTRhNzktNDQyNS05NTU2LWJlNDVmMGQyYWJiYi8xL25MSmM1VkRrMmIy
Z1c5WFVYSXRybzNRd3U3by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAgI4IDANBgkqhkiG9w0BAQsFAAOC
AQEACwWvX88FZJa3Rpo7v+Rb0/SAhLD+SFibKL5PoBtoKQFk+0oogqFX6KMOFZgv
co/QUf2JNRLnSx3+cRUvn0fRGqEI3Zdbkaa9h0j2+pSJAylB4JPc1CQ/h4CDSvXq
Zm1KH8WB7B9HsLzsIcvVItUJMlKfWGim9HxG+yVwbZTCy/Bi5lqMVVpFjT1TjEOp
9h8XmWwzllOgeKSuMvfkgWmpdrePPktzaTeKbj5XLtCaHa00qlEORlcWfPoecrs8
HxoFrMnyO9lcJYe6bWNVzXsZ2Po7uuBVpENW/C1GlnnZIoJL+8NJfpmbVe1dtRSd
4/iLdcUs/EKqU1GwV+33S5sxBg==
-----END CERTIFICATE-----

Generated at Thu Jun 23 09:31:29 2022 by LibreSSL & rpki-client.