Route Origin Authorization
Location:                 rpki.ripe.net/repository/DEFAULT/28/62df36-fd36-4baf-9d2e-118afed7a5ae/1/Xrs3i0Q9tLtKJqZ1_NeKW5DsG1M.roa (download)

Subject key identifier:   5E:BB:37:8B:44:3D:B4:BB:4A:26:A6:75:FC:D7:8A:5B:90:EC:1B:53 
Authority key identifier: 34:FE:6B:9D:0C:C1:E7:F6:E1:6B:2A:46:B4:2C:A5:E0:1C:70:03:46
asID:                     AS14618
Prefixes:
    1: 185.156.16.0/24 maxlen: 24

--
$ test-roa -p rpki.ripe.net/repository/DEFAULT/28/62df36-fd36-4baf-9d2e-118afed7a5ae/1/Xrs3i0Q9tLtKJqZ1_NeKW5DsG1M.roa | openssl x509 -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 66489880 (0x3f68e18)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34fe6b9d0cc1e7f6e16b2a46b42ca5e01c700346
        Validity
            Not Before: Jan  1 00:57:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5ebb378b443db4bb4a26a675fcd78a5b90ec1b53
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:15:75:2d:db:69:12:d4:a2:33:a0:61:b5:08:
                    cd:e3:c2:53:43:3f:50:4a:20:83:d9:8c:b7:5f:92:
                    69:a5:d3:2f:05:0e:a2:bc:e8:e1:79:5c:e4:36:5d:
                    26:39:74:58:59:2b:5b:05:bd:c6:93:8f:d0:6d:17:
                    59:95:8d:ac:34:8c:38:99:a8:93:74:f4:c9:7a:06:
                    31:0b:6a:af:01:c9:53:c8:e6:77:6b:a1:0c:a4:08:
                    f3:5a:d6:a2:e2:ae:b8:a9:e2:d9:85:cd:e0:cd:c8:
                    da:37:2a:74:18:ea:f7:fa:55:e6:f6:19:45:aa:e9:
                    95:9d:84:7e:3e:16:25:38:42:f9:d2:bf:c2:0e:70:
                    d0:1d:c7:e8:aa:f8:7b:00:c4:2f:63:c0:f4:88:97:
                    5a:29:f5:19:0b:2a:cc:81:5a:70:0e:28:0c:af:e9:
                    38:b6:56:21:9d:f5:5d:54:81:b4:ec:d4:bf:36:e5:
                    f4:47:62:13:b4:07:7e:63:aa:82:1f:de:bd:5b:cb:
                    34:39:a8:f6:15:bb:59:72:36:10:a5:19:13:98:22:
                    dd:8c:c3:bf:0e:04:3e:35:3e:83:dd:4b:a1:c7:25:
                    88:a4:41:df:e0:7d:5b:22:72:8b:a9:fd:21:52:7d:
                    29:1b:45:5e:be:6b:90:24:f6:bd:c6:06:98:a7:6c:
                    66:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                5E:BB:37:8B:44:3D:B4:BB:4A:26:A6:75:FC:D7:8A:5B:90:EC:1B:53
            X509v3 Authority Key Identifier: 
                keyid:34:FE:6B:9D:0C:C1:E7:F6:E1:6B:2A:46:B4:2C:A5:E0:1C:70:03:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NP5rnQzB5_bhaypGtCyl4BxwA0Y.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/62df36-fd36-4baf-9d2e-118afed7a5ae/1/Xrs3i0Q9tLtKJqZ1_NeKW5DsG1M.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/62df36-fd36-4baf-9d2e-118afed7a5ae/1/NP5rnQzB5_bhaypGtCyl4BxwA0Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.156.16.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7f:a1:9d:b9:55:06:ce:7d:4b:0a:68:b1:fe:d7:c8:2e:1e:b5:
         b6:17:5b:e2:87:0e:d9:ee:09:1c:07:aa:23:04:16:3f:cd:28:
         07:65:50:06:82:a7:32:63:31:18:4c:67:51:d5:2c:cc:69:e3:
         fd:fb:90:e6:26:68:f4:4e:16:5b:a2:09:c8:b0:af:15:ac:ca:
         fc:dc:e1:40:6e:dc:78:b6:ed:bb:79:84:5c:42:96:d5:d1:77:
         20:58:ee:7b:fa:b6:21:6f:54:b0:74:a8:53:f2:27:da:ae:27:
         d1:d4:95:b2:21:aa:cd:b2:a4:b9:09:d6:38:4a:e1:e4:f4:6e:
         1b:ad:ac:cd:7f:13:27:8a:93:c8:f1:b5:c8:0f:e5:0f:c6:ec:
         dc:86:d4:af:32:d4:b3:fa:d7:8b:97:a0:fe:77:04:04:dd:0c:
         af:39:3d:54:f9:a4:a4:a8:31:7e:4d:65:b0:29:af:ac:1a:2c:
         b4:b3:b2:c4:ad:87:6d:14:31:a6:31:fd:3b:8d:a2:b4:54:91:
         10:22:da:53:0b:56:21:9f:28:e5:fb:7f:02:64:a5:57:3b:66:
         e4:73:07:e2:cc:c2:1f:f1:4d:54:6a:44:1d:86:cb:a9:38:91:
         33:1a:ec:cc:1a:00:1e:14:d1:25:5f:0f:f7:05:46:99:8a:36:
         df:47:35:5b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA/aOGDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NGZlNmI5ZDBjYzFlN2Y2ZTE2YjJhNDZiNDJjYTVlMDFjNzAwMzQ2MB4XDTIyMDEw
MTAwNTc0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWViYjM3OGI0NDNk
YjRiYjRhMjZhNjc1ZmNkNzhhNWI5MGVjMWI1MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJMVdS3baRLUojOgYbUIzePCU0M/UEogg9mMt1+SaaXTLwUO
orzo4Xlc5DZdJjl0WFkrWwW9xpOP0G0XWZWNrDSMOJmok3T0yXoGMQtqrwHJU8jm
d2uhDKQI81rWouKuuKni2YXN4M3I2jcqdBjq9/pV5vYZRarplZ2Efj4WJThC+dK/
wg5w0B3H6Kr4ewDEL2PA9IiXWin1GQsqzIFacA4oDK/pOLZWIZ31XVSBtOzUvzbl
9EdiE7QHfmOqgh/evVvLNDmo9hW7WXI2EKUZE5gi3YzDvw4EPjU+g91LoccliKRB
3+B9WyJyi6n9IVJ9KRtFXr5rkCT2vcYGmKdsZvcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBReuzeLRD20u0ompnX814pbkOwbUzAfBgNVHSMEGDAWgBQ0/mudDMHn9uFr
Kka0LKXgHHADRjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05QNXJuUXpCNV9iaGF5cEd0Q3lsNEJ4d0EwWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjgvNjJkZjM2LWZkMzYtNGJhZi05ZDJlLTExOGFmZWQ3YTVhZS8x
L1hyczNpMFE5dEx0S0pxWjFfTmVLVzVEc0cxTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjgv
NjJkZjM2LWZkMzYtNGJhZi05ZDJlLTExOGFmZWQ3YTVhZS8xL05QNXJuUXpCNV9i
aGF5cEd0Q3lsNEJ4d0EwWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmcEDANBgkqhkiG9w0BAQsFAAOC
AQEAf6GduVUGzn1LCmix/tfILh61thdb4ocO2e4JHAeqIwQWP80oB2VQBoKnMmMx
GExnUdUszGnj/fuQ5iZo9E4WW6IJyLCvFazK/NzhQG7ceLbtu3mEXEKW1dF3IFju
e/q2IW9UsHSoU/In2q4n0dSVsiGqzbKkuQnWOErh5PRuG62szX8TJ4qTyPG1yA/l
D8bs3IbUrzLUs/rXi5eg/ncEBN0Mrzk9VPmkpKgxfk1lsCmvrBostLOyxK2HbRQx
pjH9O42itFSRECLaUwtWIZ8o5ft/AmSlVztm5HMH4szCH/FNVGpEHYbLqTiRMxrs
zBoAHhTRJV8P9wVGmYo230c1Ww==
-----END CERTIFICATE-----

Generated at Sun Jan 30 12:46:00 2022 by LibreSSL & rpki-client.