Route Origin Authorization
Location:                 rpki.ripe.net/repository/DEFAULT/20/1bda15-e882-4467-bcd9-2d8ebcabeba8/1/J-BHhIe6E-Kfk5Y9TAGRhqmxW2Y.roa (download)

Subject key identifier:   27:E0:47:84:87:BA:13:E2:9F:93:96:3D:4C:01:91:86:A9:B1:5B:66 
Authority key identifier: 94:AE:7C:38:27:77:BC:85:E7:26:BB:5A:93:C7:69:38:BF:28:C9:61
asID:                     AS1239
Prefixes:
    1: 2a11:de40::/29 maxlen: 29

--
$ test-roa -p rpki.ripe.net/repository/DEFAULT/20/1bda15-e882-4467-bcd9-2d8ebcabeba8/1/J-BHhIe6E-Kfk5Y9TAGRhqmxW2Y.roa | openssl x509 -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12237722 (0xbabb9a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94ae7c382777bc85e726bb5a93c76938bf28c961
        Validity
            Not Before: Jan 14 18:05:27 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=27e0478487ba13e29f93963d4c019186a9b15b66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:20:f0:4f:3c:00:a1:3e:94:ec:c8:9d:8c:ac:
                    d4:16:9b:61:ad:d2:65:f5:bf:37:d0:1b:39:27:3e:
                    70:b2:37:d6:47:c0:2a:bc:97:08:fa:b6:36:80:9d:
                    72:d4:d7:1b:22:cc:cc:62:ed:5e:e8:94:11:70:02:
                    36:a0:cd:df:65:02:5b:46:ad:8a:03:c3:5e:a7:fb:
                    f9:7b:d0:3f:7e:d4:fb:6b:81:0c:bb:f0:b1:3d:c6:
                    b1:bb:d3:b8:41:da:0f:44:41:d3:77:3d:b3:87:5b:
                    ff:e1:14:71:ff:9c:d8:b5:ed:f9:c2:1a:28:3e:63:
                    7d:f6:06:a5:67:a0:95:cb:29:e6:ac:6a:99:5a:bb:
                    f4:49:59:e4:8b:fa:55:f1:7d:fe:51:82:d6:18:d1:
                    cb:94:84:48:43:ab:25:cf:00:eb:3a:f7:a7:5b:89:
                    78:3e:63:34:a6:0c:7e:26:bd:92:69:cb:f2:3b:6f:
                    59:42:6d:96:9b:30:5c:87:5b:f8:17:cc:9b:72:17:
                    04:0f:23:a2:d7:17:f4:cb:f1:58:3f:0d:03:24:99:
                    24:3b:ed:5c:47:d2:34:87:3a:eb:96:71:2e:79:7d:
                    47:5c:92:06:b8:4f:0b:f7:fe:52:eb:6c:d9:e8:fc:
                    47:2e:78:98:f5:f3:d3:8f:81:ee:4e:38:ae:70:13:
                    88:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                27:E0:47:84:87:BA:13:E2:9F:93:96:3D:4C:01:91:86:A9:B1:5B:66
            X509v3 Authority Key Identifier: 
                keyid:94:AE:7C:38:27:77:BC:85:E7:26:BB:5A:93:C7:69:38:BF:28:C9:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lK58OCd3vIXnJrtak8dpOL8oyWE.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/1bda15-e882-4467-bcd9-2d8ebcabeba8/1/J-BHhIe6E-Kfk5Y9TAGRhqmxW2Y.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/1bda15-e882-4467-bcd9-2d8ebcabeba8/1/lK58OCd3vIXnJrtak8dpOL8oyWE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:de40::/29

    Signature Algorithm: sha256WithRSAEncryption
         91:9a:4e:4e:2c:cb:0a:92:c4:9a:84:36:25:96:69:04:62:35:
         99:ac:3e:6b:55:4a:2f:9d:ec:4a:3b:06:16:2a:d5:33:d0:be:
         d4:9a:32:8f:a2:5d:f0:b4:20:80:29:17:91:8d:8c:8c:e2:82:
         6b:7e:94:02:42:1a:4d:af:92:03:03:86:e0:be:f7:49:e0:3f:
         f1:d9:0d:cb:69:22:e9:f2:c5:92:8b:f5:e1:8a:29:4d:48:c9:
         da:63:79:73:ef:92:a7:bc:f5:a9:86:9e:4f:fe:da:99:89:6a:
         97:f6:02:66:e4:57:ed:e5:9a:69:ad:df:a7:15:02:f6:8f:ae:
         4f:bb:b9:02:3c:77:86:cc:6a:b8:ef:fd:f2:26:1c:2e:e5:f4:
         f8:0d:94:2a:9b:bc:4a:fb:9c:5c:06:d1:ef:82:7e:7a:8d:fe:
         42:2e:a3:6b:d7:60:1d:33:c8:11:54:09:47:fa:8f:94:5c:a1:
         5b:70:e0:f3:3c:df:de:43:c4:bf:94:e7:0a:bf:3e:50:51:b7:
         32:5f:77:4a:af:80:cc:f3:c1:2f:8f:e6:e9:5d:70:6a:03:6f:
         b3:b2:8f:3d:08:58:eb:e7:f5:c5:0f:46:80:df:54:34:ba:d9:
         92:32:68:f2:f1:8e:fa:ed:9c:16:3d:e2:d1:09:c9:37:a9:2f:
         b4:d9:a3:b8
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEALq7mjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NGFlN2MzODI3NzdiYzg1ZTcyNmJiNWE5M2M3NjkzOGJmMjhjOTYxMB4XDTIyMDEx
NDE4MDUyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjdlMDQ3ODQ4N2Jh
MTNlMjlmOTM5NjNkNGMwMTkxODZhOWIxNWI2NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALog8E88AKE+lOzInYys1BabYa3SZfW/N9AbOSc+cLI31kfA
KryXCPq2NoCdctTXGyLMzGLtXuiUEXACNqDN32UCW0atigPDXqf7+XvQP37U+2uB
DLvwsT3GsbvTuEHaD0RB03c9s4db/+EUcf+c2LXt+cIaKD5jffYGpWeglcsp5qxq
mVq79ElZ5Iv6VfF9/lGC1hjRy5SESEOrJc8A6zr3p1uJeD5jNKYMfia9kmnL8jtv
WUJtlpswXIdb+BfMm3IXBA8jotcX9MvxWD8NAySZJDvtXEfSNIc665ZxLnl9R1yS
BrhPC/f+Uuts2ej8Ry54mPXz04+B7k44rnATiOECAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBQn4EeEh7oT4p+Tlj1MAZGGqbFbZjAfBgNVHSMEGDAWgBSUrnw4J3e8hecm
u1qTx2k4vyjJYTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xLNThPQ2QzdklYbkpydGFrOGRwT0w4b3lXRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjAvMWJkYTE1LWU4ODItNDQ2Ny1iY2Q5LTJkOGViY2FiZWJhOC8x
L0otQkhoSWU2RS1LZms1WTlUQUdSaHFteFcyWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAv
MWJkYTE1LWU4ODItNDQ2Ny1iY2Q5LTJkOGViY2FiZWJhOC8xL2xLNThPQ2QzdklY
bkpydGFrOGRwT0w4b3lXRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoR3kAwDQYJKoZIhvcNAQELBQAD
ggEBAJGaTk4sywqSxJqENiWWaQRiNZmsPmtVSi+d7Eo7BhYq1TPQvtSaMo+iXfC0
IIApF5GNjIzigmt+lAJCGk2vkgMDhuC+90ngP/HZDctpIunyxZKL9eGKKU1Iydpj
eXPvkqe89amGnk/+2pmJapf2AmbkV+3lmmmt36cVAvaPrk+7uQI8d4bMarjv/fIm
HC7l9PgNlCqbvEr7nFwG0e+CfnqN/kIuo2vXYB0zyBFUCUf6j5RcoVtw4PM8395D
xL+U5wq/PlBRtzJfd0qvgMzzwS+P5uldcGoDb7Oyjz0IWOvn9cUPRoDfVDS62ZIy
aPLxjvrtnBY94tEJyTepL7TZo7g=
-----END CERTIFICATE-----

Generated at Sun Jan 30 12:43:51 2022 by LibreSSL & rpki-client.