Route Origin Authorization
Location:                 rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/3Db7htHT2Or-oez7fLsQTZZvDxs.roa (download)

Subject key identifier:   DC:36:FB:86:D1:D3:D8:EA:FE:A1:EC:FB:7C:BB:10:4D:96:6F:0F:1B 
Authority key identifier: FF:44:DB:AC:A5:6D:AC:31:94:01:F6:8A:50:D9:17:F5:42:46:11:AD
asID:                     AS2914
Prefixes:
    1: 94.143.225.0/24 maxlen: 24

--
$ test-roa -p rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/3Db7htHT2Or-oez7fLsQTZZvDxs.roa | openssl x509 -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:36:83:5f:40:fc:3a:cf:e1:c8:ed:dc:b9:90:a9:81:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff44dbaca56dac319401f68a50d917f5424611ad
        Validity
            Not Before: Sep 13 11:02:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=dc36fb86d1d3d8eafea1ecfb7cbb104d966f0f1b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:8f:b2:9a:8f:bb:e3:8e:a8:fb:d3:f4:46:51:
                    af:ff:b3:34:50:8c:68:43:a1:68:22:a1:8b:ba:7d:
                    d5:77:7b:b4:97:02:0b:ac:dd:e1:31:c4:37:10:15:
                    63:9f:ae:a2:81:7e:27:d0:e8:77:80:1a:ce:fe:b0:
                    f8:b4:49:ca:9f:28:dc:82:d0:d5:09:e8:e9:47:ed:
                    93:96:2e:df:f5:e6:78:ad:7d:90:57:64:68:d0:40:
                    46:df:d6:a5:65:94:c6:22:40:17:72:01:3e:8a:b5:
                    28:f3:1d:02:68:45:67:36:6c:fb:14:be:ad:fe:60:
                    57:a7:c4:9a:32:18:0b:7e:9f:60:c9:f2:e8:31:ab:
                    71:69:f2:10:76:58:34:2b:86:b4:fb:ab:59:9b:62:
                    f6:d2:7a:24:51:82:df:83:f1:eb:08:70:0c:d0:87:
                    d5:c5:48:f6:ef:48:68:82:5e:82:e5:77:c8:08:16:
                    75:4c:95:e5:ca:b5:30:cf:05:17:37:14:6c:1e:b6:
                    b7:f5:38:b4:d9:55:eb:0c:4c:c9:35:b7:3a:e6:6a:
                    46:d8:6c:3e:85:2f:f0:b4:7a:72:97:45:4e:c3:74:
                    70:af:eb:fd:dc:a7:bf:73:51:ad:3e:54:fc:50:ee:
                    fc:c7:ce:7d:6a:ac:36:91:9a:a4:d6:a1:fe:97:a7:
                    c4:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                DC:36:FB:86:D1:D3:D8:EA:FE:A1:EC:FB:7C:BB:10:4D:96:6F:0F:1B
            X509v3 Authority Key Identifier: 
                keyid:FF:44:DB:AC:A5:6D:AC:31:94:01:F6:8A:50:D9:17:F5:42:46:11:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0TbrKVtrDGUAfaKUNkX9UJGEa0.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/3Db7htHT2Or-oez7fLsQTZZvDxs.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/_0TbrKVtrDGUAfaKUNkX9UJGEa0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.143.225.0/24

    Signature Algorithm: sha256WithRSAEncryption
         20:37:ea:bf:07:c7:5d:e6:0b:30:18:32:a5:03:64:8c:f5:2b:
         06:72:52:08:31:30:4b:96:73:39:5d:31:7a:b1:4f:49:a1:ee:
         d0:ac:71:aa:92:ab:44:64:fc:92:f7:c7:2e:eb:af:5b:8d:53:
         7c:63:43:f2:51:e7:04:c9:f0:77:9c:18:5c:d3:6e:a8:71:e7:
         3b:42:19:af:54:ec:ee:8f:da:ae:f1:27:37:4d:40:65:86:5d:
         ee:08:22:5a:cb:cf:92:a9:52:aa:56:c9:3a:71:e9:7c:3d:1f:
         28:ab:30:b8:f0:39:b8:de:d3:e8:74:7a:de:e7:7f:47:a2:71:
         85:61:be:d1:f0:89:60:a6:ac:6d:05:05:80:4e:06:46:42:c8:
         a2:24:3c:fa:2e:e0:50:5e:c1:e0:55:6d:44:a3:fe:5d:26:2a:
         4a:3d:99:89:15:de:0f:f0:5e:fc:26:aa:a0:71:a4:f5:96:d7:
         5f:7a:6e:bd:f5:bc:44:62:16:a6:8d:13:eb:ca:da:9e:d7:cb:
         26:d1:74:67:79:9c:91:5f:b7:44:5c:37:d8:21:50:11:e4:9c:
         88:44:a0:b9:8a:91:7e:ef:f2:42:d3:c6:c3:77:c0:92:7a:8a:
         c6:ba:59:9f:c9:1c:60:b5:f5:ba:0f:04:dd:70:52:8b:e6:3d:
         a6:8c:92:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYM2g19A/DrP4cjt3LmQqYEzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNDRkYmFjYTU2ZGFjMzE5NDAxZjY4YTUwZDkxN2Y1NDI0
NjExYWQwHhcNMjIwOTEzMTEwMjAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzM2ZmI4NmQxZDNkOGVhZmVhMWVjZmI3Y2JiMTA0ZDk2NmYwZjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmI+ymo+7446o+9P0RlGv/7M0UIxo
Q6FoIqGLun3Vd3u0lwILrN3hMcQ3EBVjn66igX4n0Oh3gBrO/rD4tEnKnyjcgtDV
CejpR+2Tli7f9eZ4rX2QV2Ro0EBG39alZZTGIkAXcgE+irUo8x0CaEVnNmz7FL6t
/mBXp8SaMhgLfp9gyfLoMatxafIQdlg0K4a0+6tZm2L20nokUYLfg/HrCHAM0IfV
xUj270hogl6C5XfICBZ1TJXlyrUwzwUXNxRsHra39Ti02VXrDEzJNbc65mpG2Gw+
hS/wtHpyl0VOw3Rwr+v93Ke/c1GtPlT8UO78x859aqw2kZqk1qH+l6fE5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNw2+4bR09jq/qHs+3y7EE2Wbw8bMB8GA1UdIwQY
MBaAFP9E26ylbawxlAH2ilDZF/VCRhGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzBUYnJLVnRyREdVQWZhS1VOa1g5VUpHRWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi81M2E5NDctZmQwMy00MDE0LTk4Mjct
YzVkODk1MDgxOGVjLzEvM0RiN2h0SFQyT3Itb2V6N2ZMc1FUWlp2RHhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi81M2E5NDctZmQwMy00MDE0LTk4MjctYzVkODk1MDgxOGVj
LzEvXzBUYnJLVnRyREdVQWZhS1VOa1g5VUpHRWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXo/hMA0G
CSqGSIb3DQEBCwUAA4IBAQAgN+q/B8dd5gswGDKlA2SM9SsGclIIMTBLlnM5XTF6
sU9Joe7QrHGqkqtEZPyS98cu669bjVN8Y0PyUecEyfB3nBhc026ocec7QhmvVOzu
j9qu8Sc3TUBlhl3uCCJay8+SqVKqVsk6cel8PR8oqzC48Dm43tPodHre539HonGF
Yb7R8IlgpqxtBQWATgZGQsiiJDz6LuBQXsHgVW1Eo/5dJipKPZmJFd4P8F78Jqqg
caT1ltdfem699bxEYhamjRPrytqe18sm0XRneZyRX7dEXDfYIVAR5JyIRKC5ipF+
7/JC08bDd8CSeorGulmfyRxgtfW6DwTdcFKL5j2mjJIo
-----END CERTIFICATE-----

Generated at Tue Sep 13 12:55:13 2022 by LibreSSL & rpki-client.