Route Origin Authorization
Location:                 rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/M-ozd7LiaBB6mISXVTtox58ndgE.roa (download)

Subject key identifier:   33:EA:33:77:B2:E2:68:10:7A:98:84:97:55:3B:68:C7:9F:27:76:01 
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
asID:                     AS1239
Prefixes:
    1: 194.15.96.0/22 maxlen: 24
    2: 188.209.128.0/22 maxlen: 24
    3: 188.209.132.0/22 maxlen: 24

--
$ test-roa -p rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/M-ozd7LiaBB6mISXVTtox58ndgE.roa | openssl x509 -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:1e:bd:91:45:13:2b:55:78:20:ed:b8:c8:9b:c6:f7:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
        Validity
            Not Before: Sep  8 20:14:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=33ea3377b2e268107a988497553b68c79f277601
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:a7:28:33:82:06:02:1f:a8:6e:75:a5:4b:8b:
                    09:ea:60:02:08:d7:69:dc:90:0a:5f:31:b7:1a:61:
                    cd:33:e1:0b:eb:f9:9e:0f:1d:bf:3c:5b:7b:7e:66:
                    31:c2:b4:19:0d:5c:73:4b:62:f8:76:83:66:4c:16:
                    01:da:ff:13:ff:aa:aa:f2:86:b0:41:74:d5:15:83:
                    d0:70:5d:16:e1:3f:88:d0:60:67:4e:07:21:7c:7a:
                    2c:23:6e:b3:58:a9:dd:21:8e:bc:90:a4:f9:b4:f8:
                    cf:63:76:85:cd:18:f5:b3:8d:21:19:91:a1:51:ca:
                    c9:a8:b8:e8:8b:68:6f:4f:04:d8:e6:b9:29:bd:07:
                    1d:01:71:dd:e0:99:33:a4:3c:e0:fc:fe:76:b7:38:
                    34:3e:e2:fc:e3:da:81:da:9f:78:9c:6a:bd:59:77:
                    e1:08:eb:cf:75:f5:92:82:9e:9e:06:81:6b:a5:d4:
                    b3:94:09:71:f1:74:c6:31:b9:b9:58:f9:ee:15:3e:
                    1a:57:a7:56:42:25:7d:3d:f1:c8:23:21:56:fe:73:
                    f2:e1:0f:d9:17:d6:2e:c0:35:9e:fd:b0:6e:8b:98:
                    b3:30:a8:c5:9f:21:01:82:22:ca:c2:27:e3:ca:10:
                    fc:dd:38:26:f3:7b:9c:f3:56:8d:97:b4:b0:11:55:
                    bb:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                33:EA:33:77:B2:E2:68:10:7A:98:84:97:55:3B:68:C7:9F:27:76:01
            X509v3 Authority Key Identifier: 
                keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/M-ozd7LiaBB6mISXVTtox58ndgE.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.209.128.0/21
                  194.15.96.0/22

    Signature Algorithm: sha256WithRSAEncryption
         18:8c:8d:20:73:e0:23:b1:c6:3e:88:f9:fb:bd:59:50:cf:e9:
         6f:2f:41:f7:ef:12:c9:2a:d1:2d:fc:b1:cf:bb:02:d3:c7:67:
         7c:5d:06:75:a8:84:f4:1a:55:05:68:4c:ab:35:2a:bd:9a:f6:
         29:17:9a:bf:2d:fd:7e:23:2b:65:48:ee:53:c0:88:68:4c:7e:
         73:3d:e9:20:bf:e9:09:5f:63:09:7a:61:ef:4f:01:7c:ad:1b:
         55:76:7f:d5:15:73:b0:9d:78:bc:70:c1:6f:a4:9c:aa:02:ca:
         66:1a:f8:da:00:99:68:df:5f:21:a3:dd:3f:a6:7f:ba:dc:da:
         87:95:83:16:c7:95:00:05:8f:63:77:3a:a5:74:19:bf:db:fe:
         63:e0:fc:9c:b2:74:3c:24:62:af:62:d0:e0:dc:6e:74:d3:0f:
         41:61:24:8a:d1:40:51:cb:4a:58:a0:72:1f:29:13:17:91:73:
         54:f6:90:85:44:1e:d2:7f:79:d8:10:e1:a8:ec:9f:66:2f:ff:
         83:af:d2:43:16:b8:32:d3:e1:46:c7:40:7d:1a:5d:55:99:a1:
         62:30:78:4e:16:e5:5b:e0:eb:84:05:3f:e7:b2:e0:0d:41:f4:
         10:07:cf:b4:9c:31:01:81:f4:fb:94:8b:c5:e9:75:90:40:0d:
         5c:57:0c:27
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYMevZFFEytVeCDtuMibxveIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjIwOTA4MjAxNDQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2VhMzM3N2IyZTI2ODEwN2E5ODg0OTc1NTNiNjhjNzlmMjc3NjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKcoM4IGAh+obnWlS4sJ6mACCNdp
3JAKXzG3GmHNM+EL6/meDx2/PFt7fmYxwrQZDVxzS2L4doNmTBYB2v8T/6qq8oaw
QXTVFYPQcF0W4T+I0GBnTgchfHosI26zWKndIY68kKT5tPjPY3aFzRj1s40hGZGh
UcrJqLjoi2hvTwTY5rkpvQcdAXHd4JkzpDzg/P52tzg0PuL849qB2p94nGq9WXfh
COvPdfWSgp6eBoFrpdSzlAlx8XTGMbm5WPnuFT4aV6dWQiV9PfHIIyFW/nPy4Q/Z
F9YuwDWe/bBui5izMKjFnyEBgiLKwifjyhD83Tgm83uc81aNl7SwEVW7iQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDPqM3ey4mgQepiEl1U7aMefJ3YBMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvTS1vemQ3TGlhQkI2bUlTWFZUdG94NThuZGdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDvNGAAwQC
wg9gMA0GCSqGSIb3DQEBCwUAA4IBAQAYjI0gc+AjscY+iPn7vVlQz+lvL0H37xLJ
KtEt/LHPuwLTx2d8XQZ1qIT0GlUFaEyrNSq9mvYpF5q/Lf1+IytlSO5TwIhoTH5z
Pekgv+kJX2MJemHvTwF8rRtVdn/VFXOwnXi8cMFvpJyqAspmGvjaAJlo318ho90/
pn+63NqHlYMWx5UABY9jdzqldBm/2/5j4PycsnQ8JGKvYtDg3G500w9BYSSK0UBR
y0pYoHIfKRMXkXNU9pCFRB7Sf3nYEOGo7J9mL/+Dr9JDFrgy0+FGx0B9Gl1VmaFi
MHhOFuVb4OuEBT/nsuANQfQQB8+0nDEBgfT7lIvF6XWQQA1cVwwn
-----END CERTIFICATE-----

Generated at Thu Sep 8 22:32:44 2022 by LibreSSL & rpki-client.