Route Origin Authorization
Location:                 rpki.ripe.net/repository/DEFAULT/30/0f39cb-6b89-4f76-9082-06483f574d12/1/5dTTNPWLakanZeN_HoeOG9hTn3g.roa (download)

Subject key identifier:   E5:D4:D3:34:F5:8B:6A:46:A7:65:E3:7F:1E:87:8E:1B:D8:53:9F:78 
Authority key identifier: 53:7E:89:60:10:6E:94:65:EC:C2:B4:5B:F5:9A:31:E1:23:D3:9D:C2
asID:                     AS1239
Prefixes:
    1: 213.109.159.0/24 maxlen: 24

--
$ test-roa -p rpki.ripe.net/repository/DEFAULT/30/0f39cb-6b89-4f76-9082-06483f574d12/1/5dTTNPWLakanZeN_HoeOG9hTn3g.roa | openssl x509 -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12205784 (0xba3ed8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=537e8960106e9465ecc2b45bf59a31e123d39dc2
        Validity
            Not Before: Jan  1 07:00:55 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e5d4d334f58b6a46a765e37f1e878e1bd8539f78
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:3f:91:16:08:5d:4d:0e:39:a0:7b:2d:e1:8b:
                    b4:a3:31:fa:7d:7d:42:a6:7b:29:ce:75:68:9a:34:
                    5d:26:38:b7:14:ec:60:88:96:c7:01:d1:66:01:8c:
                    0e:b2:8b:13:7b:5b:36:dc:20:79:e2:75:a8:9c:bf:
                    05:5c:72:f9:8e:a6:1f:71:0a:b1:86:26:7a:2b:7f:
                    e1:9d:95:6b:2e:a0:9f:ac:85:88:f3:b6:3c:1d:94:
                    1a:b3:5b:2f:ee:8f:a5:1b:25:5c:97:41:b5:e3:32:
                    ad:8f:4a:46:66:9f:07:c3:be:a5:92:a3:33:05:f8:
                    6e:8b:11:24:78:de:21:39:c8:f5:35:06:45:da:92:
                    04:72:ee:45:35:ed:0d:84:44:ed:9d:07:6d:87:ba:
                    9c:37:f7:fa:79:ee:ff:23:36:71:96:4a:a4:8b:1f:
                    0b:1e:2a:88:23:46:fc:02:19:c8:77:51:de:e2:08:
                    8f:70:b4:06:37:28:e2:3c:96:d7:6f:92:64:e9:87:
                    bc:6d:0f:fb:5f:d2:35:c2:0b:a0:d5:74:5f:b6:40:
                    e5:1f:59:5e:89:bc:74:7b:ce:bd:1f:4b:15:eb:60:
                    5b:52:5b:de:42:60:53:f3:84:8a:4d:23:9a:1b:17:
                    ee:8b:3f:a1:c4:1d:07:5c:6d:22:34:7b:e8:83:12:
                    18:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                E5:D4:D3:34:F5:8B:6A:46:A7:65:E3:7F:1E:87:8E:1B:D8:53:9F:78
            X509v3 Authority Key Identifier: 
                keyid:53:7E:89:60:10:6E:94:65:EC:C2:B4:5B:F5:9A:31:E1:23:D3:9D:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U36JYBBulGXswrRb9Zox4SPTncI.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0f39cb-6b89-4f76-9082-06483f574d12/1/5dTTNPWLakanZeN_HoeOG9hTn3g.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0f39cb-6b89-4f76-9082-06483f574d12/1/U36JYBBulGXswrRb9Zox4SPTncI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.109.159.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:15:0a:23:1e:1c:19:d2:d0:3d:89:ce:d8:a8:31:e3:c0:0b:
         12:d0:f6:75:2c:9b:9b:19:3a:ca:f7:4f:c3:99:9a:2c:c5:06:
         dc:41:b0:df:e2:80:a7:d5:81:fd:b0:59:43:7d:e3:30:ae:9d:
         db:44:04:0c:01:c8:ea:a1:0c:86:84:8a:0a:cc:a3:bc:87:6f:
         b6:59:c6:6b:34:2d:cd:8c:db:5b:4a:3c:6d:6b:c5:c6:4e:90:
         71:79:c7:de:5a:50:0b:f9:fa:01:37:79:cd:a1:e8:72:66:e0:
         88:9e:59:f0:17:cb:44:5f:42:45:43:42:a1:1c:b6:b3:ca:e1:
         85:5d:13:02:5f:b7:30:9b:d1:5b:97:86:07:af:56:a5:70:32:
         21:fd:7e:31:b4:ef:24:06:82:3c:54:e3:87:c7:89:25:fa:20:
         23:2f:95:78:14:04:0c:31:bf:09:7f:5c:49:d9:d5:aa:ab:4a:
         32:fd:a4:2c:54:71:95:ae:fa:5b:61:fc:2b:3f:1c:22:0c:5e:
         ef:2d:66:dc:d7:3a:5e:47:5d:a8:a6:af:09:3d:a6:77:b3:67:
         ca:f9:2e:00:b1:db:6f:9c:a3:d5:70:fd:84:3a:08:83:e7:a7:
         7d:c2:89:69:8c:24:1f:8c:1b:bf:9a:b7:f6:65:b8:94:c1:b6:
         b3:06:1a:78
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEALo+2DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MzdlODk2MDEwNmU5NDY1ZWNjMmI0NWJmNTlhMzFlMTIzZDM5ZGMyMB4XDTIyMDEw
MTA3MDA1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTVkNGQzMzRmNThi
NmE0NmE3NjVlMzdmMWU4NzhlMWJkODUzOWY3ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKw/kRYIXU0OOaB7LeGLtKMx+n19QqZ7Kc51aJo0XSY4txTs
YIiWxwHRZgGMDrKLE3tbNtwgeeJ1qJy/BVxy+Y6mH3EKsYYmeit/4Z2Vay6gn6yF
iPO2PB2UGrNbL+6PpRslXJdBteMyrY9KRmafB8O+pZKjMwX4bosRJHjeITnI9TUG
RdqSBHLuRTXtDYRE7Z0HbYe6nDf3+nnu/yM2cZZKpIsfCx4qiCNG/AIZyHdR3uII
j3C0Bjco4jyW12+SZOmHvG0P+1/SNcILoNV0X7ZA5R9ZXom8dHvOvR9LFetgW1Jb
3kJgU/OEik0jmhsX7os/ocQdB1xtIjR76IMSGIcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTl1NM09YtqRqdl438eh44b2FOfeDAfBgNVHSMEGDAWgBRTfolgEG6UZezC
tFv1mjHhI9OdwjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1UzNkpZQkJ1bEdYc3dyUmI5Wm94NFNQVG5jSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvMGYzOWNiLTZiODktNGY3Ni05MDgyLTA2NDgzZjU3NGQxMi8x
LzVkVFROUFdMYWthblplTl9Ib2VPRzloVG4zZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
MGYzOWNiLTZiODktNGY3Ni05MDgyLTA2NDgzZjU3NGQxMi8xL1UzNkpZQkJ1bEdY
c3dyUmI5Wm94NFNQVG5jSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANVtnzANBgkqhkiG9w0BAQsFAAOC
AQEAZxUKIx4cGdLQPYnO2Kgx48ALEtD2dSybmxk6yvdPw5maLMUG3EGw3+KAp9WB
/bBZQ33jMK6d20QEDAHI6qEMhoSKCsyjvIdvtlnGazQtzYzbW0o8bWvFxk6QcXnH
3lpQC/n6ATd5zaHocmbgiJ5Z8BfLRF9CRUNCoRy2s8rhhV0TAl+3MJvRW5eGB69W
pXAyIf1+MbTvJAaCPFTjh8eJJfogIy+VeBQEDDG/CX9cSdnVqqtKMv2kLFRxla76
W2H8Kz8cIgxe7y1m3Nc6XkddqKavCT2md7NnyvkuALHbb5yj1XD9hDoIg+enfcKJ
aYwkH4wbv5q39mW4lMG2swYaeA==
-----END CERTIFICATE-----

Generated at Sun Jan 30 12:31:36 2022 by LibreSSL & rpki-client.