Route Origin Authorization
Location:                 rpki.ripe.net/repository/DEFAULT/4c/92857b-f106-466e-9c4b-c1114a9dad19/1/CWsxWNpw3WkwyeyqyufY2BKo8Tg.roa (download)

Subject key identifier:   09:6B:31:58:DA:70:DD:69:30:C9:EC:AA:CA:E7:D8:D8:12:A8:F1:38 
Authority key identifier: 96:42:98:51:D8:66:33:CB:E2:98:3A:AF:94:BA:84:15:CA:23:2A:A1
asID:                     AS1239
Prefixes:
    1: 2a11:57c0::/29 maxlen: 29

--
$ test-roa -p rpki.ripe.net/repository/DEFAULT/4c/92857b-f106-466e-9c4b-c1114a9dad19/1/CWsxWNpw3WkwyeyqyufY2BKo8Tg.roa | openssl x509 -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5402595 (0x526fe3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=96429851d86633cbe2983aaf94ba8415ca232aa1
        Validity
            Not Before: Jan  1 02:58:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=096b3158da70dd6930c9ecaacae7d8d812a8f138
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:96:2c:49:50:cb:aa:6d:92:7b:b7:18:30:19:
                    dc:f5:d1:4b:20:0c:69:6c:71:5b:07:69:24:2f:49:
                    6c:ba:a4:5f:30:93:90:f5:65:bb:05:c3:9b:ec:de:
                    d9:30:e2:f7:e4:00:f2:bf:c6:d8:6a:87:ec:0d:97:
                    74:51:4a:f4:e8:6c:66:28:97:44:d6:13:cb:ab:55:
                    9c:90:34:b5:f1:cd:95:58:93:56:33:70:46:96:c4:
                    f5:24:2c:bb:b8:ed:a6:99:f1:1d:f4:d5:36:e0:a2:
                    f1:43:74:2d:71:99:a9:e9:39:45:3c:10:73:10:44:
                    8d:2c:62:80:64:73:d8:4e:39:1a:23:07:9b:d9:dd:
                    dd:4d:07:89:3d:f5:ea:65:bd:3f:13:be:c6:5b:ce:
                    28:62:4f:85:a1:fc:fa:66:3a:25:92:2f:f8:01:26:
                    f6:96:9b:50:dd:1b:0b:71:de:9c:87:cc:88:34:70:
                    f8:e5:e1:d3:18:5b:08:6f:2c:8f:75:97:27:d2:ca:
                    b3:83:b2:0c:81:3b:fe:cc:1e:5f:d3:f7:d6:70:cf:
                    89:cd:d8:4b:08:e3:e1:fd:5b:eb:42:75:14:80:6f:
                    d8:bc:4e:2b:e8:e9:72:5c:67:40:ed:f2:4e:50:44:
                    30:83:46:04:9e:25:9a:21:ab:63:d3:99:59:33:55:
                    e4:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                09:6B:31:58:DA:70:DD:69:30:C9:EC:AA:CA:E7:D8:D8:12:A8:F1:38
            X509v3 Authority Key Identifier: 
                keyid:96:42:98:51:D8:66:33:CB:E2:98:3A:AF:94:BA:84:15:CA:23:2A:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lkKYUdhmM8vimDqvlLqEFcojKqE.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/92857b-f106-466e-9c4b-c1114a9dad19/1/CWsxWNpw3WkwyeyqyufY2BKo8Tg.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/92857b-f106-466e-9c4b-c1114a9dad19/1/lkKYUdhmM8vimDqvlLqEFcojKqE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:57c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         70:6c:76:bd:7f:1f:38:69:63:87:87:84:f3:0d:7b:19:8a:b3:
         45:cd:9b:a2:ca:3d:79:ec:13:7d:21:33:cf:a9:53:1d:6b:86:
         a5:d9:38:c7:64:61:bf:95:07:2e:cf:ca:d7:23:7b:98:bf:62:
         9d:43:32:eb:18:76:ad:fc:0f:b5:af:3c:35:95:1b:30:72:fc:
         1e:dd:ec:4d:70:c0:11:fe:51:d8:21:07:79:bb:7d:52:62:da:
         72:0f:75:1a:af:4e:a3:bd:8f:ec:2d:58:35:ec:44:dd:5e:b4:
         ce:ef:44:3b:22:03:24:50:a7:06:b8:d0:a0:a8:22:1d:40:62:
         e0:df:5e:f9:d3:93:41:38:4a:26:ba:57:27:db:2b:4a:8f:2d:
         53:f0:4a:c6:29:c0:12:bf:95:24:a1:fd:fa:bb:ba:dd:be:bb:
         13:ec:36:40:cb:ad:8e:29:bb:e9:09:92:ff:55:e4:3c:fb:16:
         23:73:b8:9f:95:38:a6:34:2d:e7:d6:3c:fb:bb:4c:96:30:0a:
         91:6b:79:72:21:4e:34:8f:6a:80:c3:27:47:a5:2c:84:15:26:
         a4:21:b8:be:4f:48:f8:6d:4f:04:57:c5:33:c4:d8:2d:43:41:
         2d:a1:33:f9:6c:b8:39:90:73:0e:3a:1f:33:e9:b4:80:66:f9:
         e5:3a:72:57
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDUm/jMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDk2
NDI5ODUxZDg2NjMzY2JlMjk4M2FhZjk0YmE4NDE1Y2EyMzJhYTEwHhcNMjIwMTAx
MDI1ODU4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwOTZiMzE1OGRhNzBk
ZDY5MzBjOWVjYWFjYWU3ZDhkODEyYThmMTM4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAq5YsSVDLqm2Se7cYMBnc9dFLIAxpbHFbB2kkL0lsuqRfMJOQ
9WW7BcOb7N7ZMOL35ADyv8bYaofsDZd0UUr06GxmKJdE1hPLq1WckDS18c2VWJNW
M3BGlsT1JCy7uO2mmfEd9NU24KLxQ3QtcZmp6TlFPBBzEESNLGKAZHPYTjkaIweb
2d3dTQeJPfXqZb0/E77GW84oYk+Fofz6Zjolki/4ASb2lptQ3RsLcd6ch8yINHD4
5eHTGFsIbyyPdZcn0sqzg7IMgTv+zB5f0/fWcM+JzdhLCOPh/VvrQnUUgG/YvE4r
6OlyXGdA7fJOUEQwg0YEniWaIatj05lZM1XkjwIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFAlrMVjacN1pMMnsqsrn2NgSqPE4MB8GA1UdIwQYMBaAFJZCmFHYZjPL4pg6
r5S6hBXKIyqhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
bGtLWVVkaG1NOHZpbURxdmxMcUVGY29qS3FFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC80Yy85Mjg1N2ItZjEwNi00NjZlLTljNGItYzExMTRhOWRhZDE5LzEv
Q1dzeFdOcHczV2t3eWV5cXl1ZlkyQktvOFRnLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy85
Mjg1N2ItZjEwNi00NjZlLTljNGItYzExMTRhOWRhZDE5LzEvbGtLWVVkaG1NOHZp
bURxdmxMcUVGY29qS3FFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhFXwDANBgkqhkiG9w0BAQsFAAOC
AQEAcGx2vX8fOGljh4eE8w17GYqzRc2boso9eewTfSEzz6lTHWuGpdk4x2Rhv5UH
Ls/K1yN7mL9inUMy6xh2rfwPta88NZUbMHL8Ht3sTXDAEf5R2CEHebt9UmLacg91
Gq9Oo72P7C1YNexE3V60zu9EOyIDJFCnBrjQoKgiHUBi4N9e+dOTQThKJrpXJ9sr
So8tU/BKxinAEr+VJKH9+ru63b67E+w2QMutjim76QmS/1XkPPsWI3O4n5U4pjQt
59Y8+7tMljAKkWt5ciFONI9qgMMnR6UshBUmpCG4vk9I+G1PBFfFM8TYLUNBLaEz
+Wy4OZBzDjofM+m0gGb55TpyVw==
-----END CERTIFICATE-----

Generated at Sun Jan 30 12:37:17 2022 by LibreSSL & rpki-client.