Route Origin Authorization
Location:                 rpki.ripe.net/repository/DEFAULT/22/99488d-3bd6-462a-9cc8-9bc3816a0e15/1/KKTNgSsX-MIdjp8k2LogMRB9Iqw.roa (download)

Subject key identifier:   28:A4:CD:81:2B:17:F8:C2:1D:8E:9F:24:D8:BA:20:31:10:7D:22:AC 
Authority key identifier: 3F:50:1B:4B:8A:FC:23:9C:E2:56:CD:1D:39:1D:71:74:F9:3B:25:15
asID:                     AS1239
Prefixes:
    1: 2a11:5740::/29 maxlen: 29

--
$ test-roa -p rpki.ripe.net/repository/DEFAULT/22/99488d-3bd6-462a-9cc8-9bc3816a0e15/1/KKTNgSsX-MIdjp8k2LogMRB9Iqw.roa | openssl x509 -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 75976 (0x128c8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3f501b4b8afc239ce256cd1d391d7174f93b2515
        Validity
            Not Before: Jan 14 18:05:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=28a4cd812b17f8c21d8e9f24d8ba2031107d22ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:c8:dc:79:f7:f2:8f:66:ab:59:5f:45:74:0f:
                    29:6a:95:91:ed:19:6c:d6:55:a3:62:74:40:bd:be:
                    a1:69:27:c9:30:62:da:91:16:b1:0b:74:75:c9:9e:
                    25:91:ca:2d:2f:41:96:7b:7c:67:f5:37:6b:f6:72:
                    03:95:c6:70:1a:4c:a5:e0:9a:4a:66:6e:72:e7:08:
                    88:db:95:19:71:d6:d9:a6:f2:2e:e1:2c:43:d1:23:
                    e5:ea:88:e8:d1:e1:56:cb:9a:9a:26:b1:58:24:d6:
                    f2:83:37:35:2a:7b:c3:ab:ab:fc:8d:d8:da:f0:19:
                    6f:77:78:d4:07:a0:42:41:66:b7:f2:39:dc:16:5b:
                    58:e6:4a:e2:50:1a:17:f6:0d:26:4b:7c:80:5e:dd:
                    49:d0:71:e1:f4:21:a1:b1:32:a9:2f:fe:2f:a6:b9:
                    86:57:26:89:84:2e:43:09:85:2a:48:9b:89:51:29:
                    42:5e:83:b8:97:6d:ee:b3:1a:3b:c6:a4:98:4a:74:
                    b2:d1:a9:05:bf:13:6f:2c:41:38:1a:8d:6a:fb:08:
                    8e:b2:18:65:b0:fa:00:c7:8b:d6:f8:a9:99:b9:a8:
                    aa:a7:ff:40:1a:7a:76:68:41:a5:6e:fe:45:43:e7:
                    0d:54:bc:03:f1:5f:d4:1e:29:64:66:a4:12:3f:30:
                    fb:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                28:A4:CD:81:2B:17:F8:C2:1D:8E:9F:24:D8:BA:20:31:10:7D:22:AC
            X509v3 Authority Key Identifier: 
                keyid:3F:50:1B:4B:8A:FC:23:9C:E2:56:CD:1D:39:1D:71:74:F9:3B:25:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P1AbS4r8I5ziVs0dOR1xdPk7JRU.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/99488d-3bd6-462a-9cc8-9bc3816a0e15/1/KKTNgSsX-MIdjp8k2LogMRB9Iqw.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/99488d-3bd6-462a-9cc8-9bc3816a0e15/1/P1AbS4r8I5ziVs0dOR1xdPk7JRU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:5740::/29

    Signature Algorithm: sha256WithRSAEncryption
         48:3c:b6:02:b3:d6:f2:69:2f:f9:70:ef:6d:d7:c7:65:a2:24:
         7d:53:37:20:9b:0e:c0:1b:81:1b:da:e1:06:0c:27:c5:59:0a:
         4c:f9:39:9b:81:0f:9e:2d:7f:01:83:a0:bb:d4:80:75:d2:5e:
         4d:da:1e:94:7c:3e:e9:59:ae:67:6f:1e:1e:46:ef:07:6e:76:
         a6:60:2f:f5:d8:30:aa:e9:f6:b9:5f:cb:2a:d0:d7:de:0e:aa:
         f8:4a:9d:95:ef:fa:e3:6a:b2:bb:ab:89:81:07:6a:1c:64:95:
         92:d0:a6:51:5f:e6:99:fb:2a:e5:c5:fb:4c:fd:69:c3:7c:29:
         5e:07:a9:e5:45:31:7b:6d:de:64:3a:85:aa:aa:5a:23:6a:81:
         94:be:2c:3b:16:4e:59:24:50:63:3b:b7:b5:27:cb:13:69:30:
         05:ee:4d:bb:56:b7:17:99:81:5e:5f:bd:07:c4:32:52:65:4d:
         58:8a:db:4f:94:c4:bb:dd:66:11:6d:39:9f:e7:7a:66:7c:bb:
         d1:a5:7a:9b:f2:fa:65:eb:68:9d:fb:41:ad:9b:0f:c3:5c:fb:
         d9:85:72:54:49:34:76:a8:5f:2b:d7:d0:77:ef:29:dd:78:3f:
         15:53:59:29:fc:a2:f1:43:8f:d2:10:a4:59:66:7b:2b:c4:82:
         48:ef:8b:35
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDASjIMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDNm
NTAxYjRiOGFmYzIzOWNlMjU2Y2QxZDM5MWQ3MTc0ZjkzYjI1MTUwHhcNMjIwMTE0
MTgwNTM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyOGE0Y2Q4MTJiMTdm
OGMyMWQ4ZTlmMjRkOGJhMjAzMTEwN2QyMmFjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAl8jceffyj2arWV9FdA8papWR7Rls1lWjYnRAvb6haSfJMGLa
kRaxC3R1yZ4lkcotL0GWe3xn9Tdr9nIDlcZwGkyl4JpKZm5y5wiI25UZcdbZpvIu
4SxD0SPl6ojo0eFWy5qaJrFYJNbygzc1KnvDq6v8jdja8Blvd3jUB6BCQWa38jnc
FltY5kriUBoX9g0mS3yAXt1J0HHh9CGhsTKpL/4vprmGVyaJhC5DCYUqSJuJUSlC
XoO4l23usxo7xqSYSnSy0akFvxNvLEE4Go1q+wiOshhlsPoAx4vW+KmZuaiqp/9A
Gnp2aEGlbv5FQ+cNVLwD8V/UHilkZqQSPzD76wIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFCikzYErF/jCHY6fJNi6IDEQfSKsMB8GA1UdIwQYMBaAFD9QG0uK/COc4lbN
HTkdcXT5OyUVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
UDFBYlM0cjhJNXppVnMwZE9SMXhkUGs3SlJVLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8yMi85OTQ4OGQtM2JkNi00NjJhLTljYzgtOWJjMzgxNmEwZTE1LzEv
S0tUTmdTc1gtTUlkanA4azJMb2dNUkI5SXF3LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi85
OTQ4OGQtM2JkNi00NjJhLTljYzgtOWJjMzgxNmEwZTE1LzEvUDFBYlM0cjhJNXpp
VnMwZE9SMXhkUGs3SlJVLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhFXQDANBgkqhkiG9w0BAQsFAAOC
AQEASDy2ArPW8mkv+XDvbdfHZaIkfVM3IJsOwBuBG9rhBgwnxVkKTPk5m4EPni1/
AYOgu9SAddJeTdoelHw+6VmuZ28eHkbvB252pmAv9dgwqun2uV/LKtDX3g6q+Eqd
le/642qyu6uJgQdqHGSVktCmUV/mmfsq5cX7TP1pw3wpXgep5UUxe23eZDqFqqpa
I2qBlL4sOxZOWSRQYzu3tSfLE2kwBe5Nu1a3F5mBXl+9B8QyUmVNWIrbT5TEu91m
EW05n+d6Zny70aV6m/L6ZetonftBrZsPw1z72YVyVEk0dqhfK9fQd+8p3Xg/FVNZ
Kfyi8UOP0hCkWWZ7K8SCSO+LNQ==
-----END CERTIFICATE-----

Generated at Sun Jan 30 12:44:24 2022 by LibreSSL & rpki-client.