Route Origin Authorization
Location:                 rpki.ripe.net/repository/DEFAULT/25/bfc002-c1c0-4b65-aa7c-2213691facfb/1/EKjeSSYcbgQ_xwREm_7zOWuLbLs.roa (download)

Subject key identifier:   10:A8:DE:49:26:1C:6E:04:3F:C7:04:44:9B:FE:F3:39:6B:8B:6C:BB 
Authority key identifier: 3F:E4:72:3D:EE:FA:21:09:19:8A:95:7F:DF:A7:11:2C:34:2F:CF:C9
asID:                     AS1239
Prefixes:
    1: 2a12:7900::/29 maxlen: 29

--
$ test-roa -p rpki.ripe.net/repository/DEFAULT/25/bfc002-c1c0-4b65-aa7c-2213691facfb/1/EKjeSSYcbgQ_xwREm_7zOWuLbLs.roa | openssl x509 -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7485461 (0x723815)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fe4723deefa2109198a957fdfa7112c342fcfc9
        Validity
            Not Before: Jan  1 01:02:06 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=10a8de49261c6e043fc704449bfef3396b8b6cbb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:29:6f:b8:cc:dd:97:c8:d4:c5:ed:3a:03:8c:
                    d8:83:79:c9:9a:1a:4e:46:1e:f5:d0:79:30:87:45:
                    05:06:9e:cd:22:9e:91:f1:e4:d9:5c:c7:f3:36:31:
                    a8:fa:2f:e7:af:43:f1:fa:ea:22:36:5d:49:a6:4c:
                    7c:5c:35:ea:77:d6:77:ab:29:bb:47:6b:2a:95:5b:
                    2c:ab:d8:b7:11:94:2d:e7:81:8e:2f:fd:ee:ab:1b:
                    eb:f3:d7:b6:3e:a7:40:1b:77:00:06:70:b5:6c:5b:
                    36:b1:b2:47:3d:74:79:02:5d:8d:6d:96:e8:df:9f:
                    dc:99:f7:3c:87:ce:d5:7c:1e:99:40:6f:c5:60:86:
                    d3:29:2b:46:50:fa:d3:35:18:91:4b:c5:2b:c9:0b:
                    ae:d3:f1:5b:34:10:fa:a3:ef:56:0c:a0:fc:79:24:
                    0c:17:bb:d2:ff:d9:a4:1a:9a:01:fa:ec:ae:75:67:
                    35:34:fc:fa:36:7c:53:53:37:93:b4:75:f1:be:89:
                    a4:cf:b3:61:45:1a:96:bb:1a:ee:14:b9:59:3e:9a:
                    93:e0:1f:a8:5b:38:ba:f6:29:f7:2b:51:c8:70:f2:
                    7b:1e:15:a1:74:78:f7:2c:5d:a4:14:a0:c3:6a:03:
                    62:f9:0a:6d:24:2e:9b:1c:27:ca:37:b9:fd:93:df:
                    56:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                10:A8:DE:49:26:1C:6E:04:3F:C7:04:44:9B:FE:F3:39:6B:8B:6C:BB
            X509v3 Authority Key Identifier: 
                keyid:3F:E4:72:3D:EE:FA:21:09:19:8A:95:7F:DF:A7:11:2C:34:2F:CF:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-RyPe76IQkZipV_36cRLDQvz8k.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/bfc002-c1c0-4b65-aa7c-2213691facfb/1/EKjeSSYcbgQ_xwREm_7zOWuLbLs.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/bfc002-c1c0-4b65-aa7c-2213691facfb/1/P-RyPe76IQkZipV_36cRLDQvz8k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:7900::/29

    Signature Algorithm: sha256WithRSAEncryption
         37:23:84:e9:e3:f1:ac:62:b7:20:8b:63:45:f7:00:ad:ed:58:
         23:89:79:d8:2b:48:b8:60:e9:4c:8d:b3:7e:0b:85:57:8e:00:
         f3:1e:ad:22:62:4c:1f:89:76:af:9d:08:36:2b:cf:29:33:3c:
         56:c4:04:1c:4d:98:11:a8:cd:c6:f8:a3:7a:0b:b9:48:e4:71:
         66:fd:1c:69:2f:81:57:c8:66:75:4d:00:05:9b:e6:01:71:3b:
         e0:04:7e:e1:db:44:50:30:1d:2a:4b:52:9b:fd:7c:a6:28:dc:
         00:1b:8a:cd:27:9d:88:33:69:f8:05:fc:1e:e0:c1:08:18:b4:
         9c:fe:02:73:e2:fc:b4:19:6f:79:ad:06:aa:8b:2d:83:ef:77:
         60:f4:b9:94:2c:52:de:bd:0b:1b:56:78:5b:1e:71:dc:ec:0f:
         3d:c0:e3:b6:ba:96:41:bc:a3:b2:55:09:de:33:64:13:2c:77:
         9f:41:bf:bc:2d:ef:af:a1:91:30:a5:ba:48:0c:cf:ce:c0:9e:
         fa:a1:07:a0:a2:47:8c:f8:13:77:94:3d:a5:29:b4:51:1d:9c:
         69:bd:34:2c:8f:73:72:47:ad:5b:f9:59:20:54:55:38:da:33:
         ce:57:d1:a7:91:f6:c2:99:9f:e0:55:81:db:a6:67:f6:e9:f9:
         da:bd:a5:55
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDcjgVMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDNm
ZTQ3MjNkZWVmYTIxMDkxOThhOTU3ZmRmYTcxMTJjMzQyZmNmYzkwHhcNMjIwMTAx
MDEwMjA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygxMGE4ZGU0OTI2MWM2
ZTA0M2ZjNzA0NDQ5YmZlZjMzOTZiOGI2Y2JiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApylvuMzdl8jUxe06A4zYg3nJmhpORh710Hkwh0UFBp7NIp6R
8eTZXMfzNjGo+i/nr0Px+uoiNl1Jpkx8XDXqd9Z3qym7R2sqlVssq9i3EZQt54GO
L/3uqxvr89e2PqdAG3cABnC1bFs2sbJHPXR5Al2NbZbo35/cmfc8h87VfB6ZQG/F
YIbTKStGUPrTNRiRS8UryQuu0/FbNBD6o+9WDKD8eSQMF7vS/9mkGpoB+uyudWc1
NPz6NnxTUzeTtHXxvomkz7NhRRqWuxruFLlZPpqT4B+oWzi69in3K1HIcPJ7HhWh
dHj3LF2kFKDDagNi+QptJC6bHCfKN7n9k99WswIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFBCo3kkmHG4EP8cERJv+8zlri2y7MB8GA1UdIwQYMBaAFD/kcj3u+iEJGYqV
f9+nESw0L8/JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
UC1SeVBlNzZJUWtaaXBWXzM2Y1JMRFF2ejhrLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8yNS9iZmMwMDItYzFjMC00YjY1LWFhN2MtMjIxMzY5MWZhY2ZiLzEv
RUtqZVNTWWNiZ1FfeHdSRW1fN3pPV3VMYkxzLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9i
ZmMwMDItYzFjMC00YjY1LWFhN2MtMjIxMzY5MWZhY2ZiLzEvUC1SeVBlNzZJUWta
aXBWXzM2Y1JMRFF2ejhrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhJ5ADANBgkqhkiG9w0BAQsFAAOC
AQEANyOE6ePxrGK3IItjRfcAre1YI4l52CtIuGDpTI2zfguFV44A8x6tImJMH4l2
r50INivPKTM8VsQEHE2YEajNxvijegu5SORxZv0caS+BV8hmdU0ABZvmAXE74AR+
4dtEUDAdKktSm/18pijcABuKzSediDNp+AX8HuDBCBi0nP4Cc+L8tBlvea0Gqost
g+93YPS5lCxS3r0LG1Z4Wx5x3OwPPcDjtrqWQbyjslUJ3jNkEyx3n0G/vC3vr6GR
MKW6SAzPzsCe+qEHoKJHjPgTd5Q9pSm0UR2cab00LI9zcketW/lZIFRVONozzlfR
p5H2wpmf4FWB26Zn9un52r2lVQ==
-----END CERTIFICATE-----

Generated at Sun Jan 30 12:45:20 2022 by LibreSSL & rpki-client.