Route Origin Authorization
Location:                 rpki.ripe.net/repository/DEFAULT/34/379f49-e51c-47a3-87be-8778cebcae6e/1/dDG-24IEdDfahHa997uLl00Br3Y.roa (download)

Subject key identifier:   74:31:BE:DB:82:04:74:37:DA:84:76:BD:F7:BB:8B:97:4D:01:AF:76 
Authority key identifier: EB:38:B7:DE:56:19:D5:42:1B:15:D2:DE:BD:56:D4:CD:ED:94:24:7C
asID:                     AS1239
Prefixes:
    1: 2a11:6f40::/29 maxlen: 29

--
$ test-roa -p rpki.ripe.net/repository/DEFAULT/34/379f49-e51c-47a3-87be-8778cebcae6e/1/dDG-24IEdDfahHa997uLl00Br3Y.roa | openssl x509 -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 15129358 (0xe6db0e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eb38b7de5619d5421b15d2debd56d4cded94247c
        Validity
            Not Before: Jan 14 18:05:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7431bedb82047437da8476bdf7bb8b974d01af76
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:47:aa:06:d0:0b:9a:9a:00:f0:e4:db:4f:e2:
                    d6:80:8e:cf:32:a2:d5:41:1c:5d:4c:64:16:d4:94:
                    0f:0d:a3:97:49:9a:d6:f7:33:08:52:1d:cd:ac:34:
                    90:b5:6f:f6:69:91:2a:46:14:ed:53:db:b9:e0:90:
                    75:29:fd:70:75:eb:f3:c8:a1:26:2f:ab:6f:33:ae:
                    24:05:a9:dc:f6:97:c1:da:0d:01:35:61:73:78:d8:
                    bd:62:51:0f:37:0d:66:a1:f6:4e:b8:97:d9:15:e5:
                    42:f9:1b:5f:ce:3c:f4:ef:6e:9d:f7:6d:9b:8b:96:
                    74:62:f3:34:bc:66:c0:13:f0:9b:33:bb:45:0d:8e:
                    02:47:90:62:e9:1e:77:ef:74:67:d1:f0:6a:8a:e9:
                    3a:14:80:1f:1a:e5:14:78:ca:1d:cb:f2:6f:34:dd:
                    9f:3e:3d:89:b9:41:f4:f9:8f:4f:0a:08:ee:91:3b:
                    78:e7:24:be:d9:bd:59:cb:ad:76:fe:d0:27:3c:bc:
                    c4:23:e0:b7:25:d8:43:56:df:0c:5d:df:3f:8b:24:
                    60:39:86:55:67:a8:94:7d:d1:e8:72:0d:5a:ce:2b:
                    98:e9:97:b1:06:0f:a4:8f:61:a5:c6:85:74:52:25:
                    3e:ae:82:18:b3:43:4e:c8:6f:b1:be:68:b5:fb:80:
                    1c:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                74:31:BE:DB:82:04:74:37:DA:84:76:BD:F7:BB:8B:97:4D:01:AF:76
            X509v3 Authority Key Identifier: 
                keyid:EB:38:B7:DE:56:19:D5:42:1B:15:D2:DE:BD:56:D4:CD:ED:94:24:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6zi33lYZ1UIbFdLevVbUze2UJHw.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/379f49-e51c-47a3-87be-8778cebcae6e/1/dDG-24IEdDfahHa997uLl00Br3Y.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/379f49-e51c-47a3-87be-8778cebcae6e/1/6zi33lYZ1UIbFdLevVbUze2UJHw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:6f40::/29

    Signature Algorithm: sha256WithRSAEncryption
         47:a6:2f:09:d7:da:c7:3e:0a:ba:f6:e3:e6:a5:f1:75:88:1e:
         99:fc:5c:4f:34:59:ff:5c:7f:d5:bc:07:e6:96:1a:7f:0b:64:
         47:c6:69:8e:bb:03:6d:b9:82:db:fa:19:9f:35:84:05:fd:3b:
         4f:8c:6b:1a:55:0f:8a:bc:fa:de:ac:14:25:50:9a:0b:a2:af:
         c1:e5:b2:f8:8c:b1:e6:2b:ce:2e:fc:60:75:d4:5b:a4:d6:93:
         2f:1e:91:3c:25:05:94:f3:f2:59:17:ab:67:81:e2:ac:21:b4:
         97:23:f3:92:d4:07:38:ad:8b:4f:36:dc:80:df:e2:d7:6e:6c:
         23:9e:a5:6e:30:65:69:f1:9e:29:04:35:3e:76:26:71:ff:0f:
         f0:ae:38:27:cc:a7:91:b4:e2:b3:8f:61:1f:c6:fa:c9:bc:41:
         b5:39:02:0f:69:bb:5b:09:e7:5a:af:d2:56:20:9e:ec:fa:c0:
         e7:1d:12:4b:54:16:92:00:78:85:e3:e2:53:90:57:73:2f:19:
         b1:55:e9:f7:4a:c5:0a:ac:8c:26:f8:77:28:d1:40:ad:32:b8:
         d5:6b:4e:1e:13:99:0a:16:6d:38:e9:76:92:cf:28:cd:a5:5a:
         f6:3e:fb:24:20:6e:ee:02:a9:d2:70:c9:60:bd:0f:23:91:62:
         eb:66:49:b6
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEAObbDjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YjM4YjdkZTU2MTlkNTQyMWIxNWQyZGViZDU2ZDRjZGVkOTQyNDdjMB4XDTIyMDEx
NDE4MDUzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzQzMWJlZGI4MjA0
NzQzN2RhODQ3NmJkZjdiYjhiOTc0ZDAxYWY3NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJJHqgbQC5qaAPDk20/i1oCOzzKi1UEcXUxkFtSUDw2jl0ma
1vczCFIdzaw0kLVv9mmRKkYU7VPbueCQdSn9cHXr88ihJi+rbzOuJAWp3PaXwdoN
ATVhc3jYvWJRDzcNZqH2TriX2RXlQvkbX8489O9unfdtm4uWdGLzNLxmwBPwmzO7
RQ2OAkeQYuked+90Z9HwaorpOhSAHxrlFHjKHcvybzTdnz49iblB9PmPTwoI7pE7
eOckvtm9Wcutdv7QJzy8xCPgtyXYQ1bfDF3fP4skYDmGVWeolH3R6HINWs4rmOmX
sQYPpI9hpcaFdFIlPq6CGLNDTshvsb5otfuAHAcCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBR0Mb7bggR0N9qEdr33u4uXTQGvdjAfBgNVHSMEGDAWgBTrOLfeVhnVQhsV
0t69VtTN7ZQkfDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZ6aTMzbFlaMVVJYkZkTGV2VmJVemUyVUpIdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvMzc5ZjQ5LWU1MWMtNDdhMy04N2JlLTg3NzhjZWJjYWU2ZS8x
L2RERy0yNElFZERmYWhIYTk5N3VMbDAwQnIzWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
Mzc5ZjQ5LWU1MWMtNDdhMy04N2JlLTg3NzhjZWJjYWU2ZS8xLzZ6aTMzbFlaMVVJ
YkZkTGV2VmJVemUyVUpIdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoRb0AwDQYJKoZIhvcNAQELBQAD
ggEBAEemLwnX2sc+Crr24+al8XWIHpn8XE80Wf9cf9W8B+aWGn8LZEfGaY67A225
gtv6GZ81hAX9O0+MaxpVD4q8+t6sFCVQmguir8HlsviMseYrzi78YHXUW6TWky8e
kTwlBZTz8lkXq2eB4qwhtJcj85LUBziti0823IDf4tdubCOepW4wZWnxnikENT52
JnH/D/CuOCfMp5G04rOPYR/G+sm8QbU5Ag9pu1sJ51qv0lYgnuz6wOcdEktUFpIA
eIXj4lOQV3MvGbFV6fdKxQqsjCb4dyjRQK0yuNVrTh4TmQoWbTjpdpLPKM2lWvY+
+yQgbu4CqdJwyWC9DyORYutmSbY=
-----END CERTIFICATE-----

Generated at Sun Jan 30 12:32:43 2022 by LibreSSL & rpki-client.