Route Origin Authorization
Location:                 rpki.ripe.net/repository/DEFAULT/3c/ed8efc-d871-4093-b078-ce8c7761c0a7/1/lTBvP4lnJ2iM2L1AvtfQb3nMzbQ.roa (download)

Subject key identifier:   95:30:6F:3F:89:67:27:68:8C:D8:BD:40:BE:D7:D0:6F:79:CC:CD:B4 
Authority key identifier: E0:60:25:F6:1F:02:82:73:2A:15:B4:B9:28:50:EB:CD:A4:74:95:85
asID:                     AS1239
Prefixes:
    1: 2a11:c9c0::/29 maxlen: 29

--
$ test-roa -p rpki.ripe.net/repository/DEFAULT/3c/ed8efc-d871-4093-b078-ce8c7761c0a7/1/lTBvP4lnJ2iM2L1AvtfQb3nMzbQ.roa | openssl x509 -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12441443 (0xbdd763)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e06025f61f0282732a15b4b92850ebcda4749585
        Validity
            Not Before: Jan 14 18:05:26 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=95306f3f896727688cd8bd40bed7d06f79cccdb4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:5f:5d:40:65:11:fc:6e:82:be:e0:0e:25:5c:
                    fb:93:53:78:ae:5f:f9:87:3d:2e:f3:c3:1f:a3:cc:
                    7b:ec:c8:2c:b6:62:d0:d0:bc:66:69:f5:72:16:3d:
                    b4:21:2a:2d:98:39:90:ed:d0:66:94:32:07:0a:31:
                    7e:67:35:77:91:7f:a0:f0:6f:90:b3:e5:53:58:97:
                    24:f8:f2:5f:28:db:50:0b:9e:44:f1:53:94:e9:a6:
                    37:f1:e4:b7:03:fd:8d:69:ce:31:dd:1a:e5:f2:20:
                    4c:88:c3:38:c3:0f:54:b9:8f:d4:37:a6:3f:91:38:
                    77:b7:c5:8d:56:8d:21:fd:1e:f5:10:d0:c6:74:53:
                    fb:a0:cb:48:5a:8a:d8:5d:1e:9e:43:c5:1a:7a:a6:
                    47:30:de:22:d3:bb:22:48:04:30:cf:5e:7e:dc:02:
                    0f:15:f1:86:3e:9c:8d:da:99:6e:b2:96:20:ed:98:
                    73:ce:7e:d6:ee:5c:50:dd:4d:61:c9:00:eb:75:b0:
                    6a:c9:22:bc:96:f5:58:94:af:da:0c:43:da:e0:1d:
                    2e:d2:8a:06:8d:0d:c2:93:b4:ae:d7:b0:ff:0d:bc:
                    c5:96:52:6f:17:1e:ef:ba:1d:8c:e9:83:83:6a:ec:
                    46:ee:8b:dc:e7:40:58:cf:fc:d3:99:af:69:2b:cc:
                    fd:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                95:30:6F:3F:89:67:27:68:8C:D8:BD:40:BE:D7:D0:6F:79:CC:CD:B4
            X509v3 Authority Key Identifier: 
                keyid:E0:60:25:F6:1F:02:82:73:2A:15:B4:B9:28:50:EB:CD:A4:74:95:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4GAl9h8CgnMqFbS5KFDrzaR0lYU.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/ed8efc-d871-4093-b078-ce8c7761c0a7/1/lTBvP4lnJ2iM2L1AvtfQb3nMzbQ.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/ed8efc-d871-4093-b078-ce8c7761c0a7/1/4GAl9h8CgnMqFbS5KFDrzaR0lYU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:c9c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         b6:02:4f:e5:c5:ca:78:66:67:80:0f:a5:ae:1d:15:26:f5:b0:
         56:ca:4a:b3:27:2d:08:f1:49:f8:3e:17:3c:61:1c:14:c8:57:
         cf:c4:21:ab:e8:79:eb:ca:0c:a2:42:35:66:75:9d:6f:5a:b4:
         90:73:36:b2:64:52:22:8c:f4:28:9c:d5:f0:ce:69:8a:60:e2:
         65:d0:19:b7:c2:7b:1a:11:26:4d:aa:66:2b:4d:8d:28:31:59:
         2e:c8:88:69:b6:bb:29:48:e3:9d:92:c2:4a:2f:f4:23:ac:b0:
         53:d8:69:4b:f2:ae:4b:8a:ee:2e:9f:9a:88:0a:6e:71:2b:4d:
         42:85:93:e0:91:4d:d8:1b:ac:f6:8c:f9:d2:16:3f:a7:b4:d8:
         95:96:35:1a:5d:f3:a7:4b:3b:86:3b:a9:b6:53:10:8d:75:9d:
         a5:15:78:3c:63:70:7b:10:9d:7d:09:29:32:b0:91:41:c6:af:
         e5:0e:42:06:fe:15:bf:00:66:10:90:a6:58:3e:05:d8:ea:fd:
         1a:ce:3e:db:3a:6c:de:76:76:18:b7:e7:66:27:9d:f7:c8:ee:
         97:de:e5:c8:32:28:55:68:06:25:f0:df:b7:cd:03:6f:dc:1e:
         19:f1:97:d8:65:2b:41:7f:73:71:2a:90:7f:6c:58:2e:43:8c:
         b6:8b:88:4e
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEAL3XYzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MDYwMjVmNjFmMDI4MjczMmExNWI0YjkyODUwZWJjZGE0NzQ5NTg1MB4XDTIyMDEx
NDE4MDUyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTUzMDZmM2Y4OTY3
Mjc2ODhjZDhiZDQwYmVkN2QwNmY3OWNjY2RiNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMVfXUBlEfxugr7gDiVc+5NTeK5f+Yc9LvPDH6PMe+zILLZi
0NC8Zmn1chY9tCEqLZg5kO3QZpQyBwoxfmc1d5F/oPBvkLPlU1iXJPjyXyjbUAue
RPFTlOmmN/HktwP9jWnOMd0a5fIgTIjDOMMPVLmP1DemP5E4d7fFjVaNIf0e9RDQ
xnRT+6DLSFqK2F0enkPFGnqmRzDeItO7IkgEMM9eftwCDxXxhj6cjdqZbrKWIO2Y
c85+1u5cUN1NYckA63WwaskivJb1WJSv2gxD2uAdLtKKBo0NwpO0rtew/w28xZZS
bxce77odjOmDg2rsRu6L3OdAWM/805mvaSvM/Y8CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBSVMG8/iWcnaIzYvUC+19BveczNtDAfBgNVHSMEGDAWgBTgYCX2HwKCcyoV
tLkoUOvNpHSVhTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRHQWw5aDhDZ25NcUZiUzVLRkRyemFSMGxZVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2MvZWQ4ZWZjLWQ4NzEtNDA5My1iMDc4LWNlOGM3NzYxYzBhNy8x
L2xUQnZQNGxuSjJpTTJMMUF2dGZRYjNuTXpiUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Mv
ZWQ4ZWZjLWQ4NzEtNDA5My1iMDc4LWNlOGM3NzYxYzBhNy8xLzRHQWw5aDhDZ25N
cUZiUzVLRkRyemFSMGxZVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoRycAwDQYJKoZIhvcNAQELBQAD
ggEBALYCT+XFynhmZ4APpa4dFSb1sFbKSrMnLQjxSfg+FzxhHBTIV8/EIavoeevK
DKJCNWZ1nW9atJBzNrJkUiKM9Cic1fDOaYpg4mXQGbfCexoRJk2qZitNjSgxWS7I
iGm2uylI452Swkov9COssFPYaUvyrkuK7i6fmogKbnErTUKFk+CRTdgbrPaM+dIW
P6e02JWWNRpd86dLO4Y7qbZTEI11naUVeDxjcHsQnX0JKTKwkUHGr+UOQgb+Fb8A
ZhCQplg+Bdjq/RrOPts6bN52dhi352YnnffI7pfe5cgyKFVoBiXw37fNA2/cHhnx
l9hlK0F/c3EqkH9sWC5DjLaLiE4=
-----END CERTIFICATE-----

Generated at Sun Jan 30 12:49:10 2022 by LibreSSL & rpki-client.