Route Origin Authorization
Location:                 rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/OrRnWH2mOzy6Qjrznr01NYt392k.roa (download)

Subject key identifier:   3A:B4:67:58:7D:A6:3B:3C:BA:42:3A:F3:9E:BD:35:35:8B:77:F7:69 
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
asID:                     AS397373
Prefixes:
    1: 104.249.24.0/24 maxlen: 24
    2: 216.173.83.0/24 maxlen: 24
    3: 104.249.28.0/24 maxlen: 24
    4: 104.249.27.0/24 maxlen: 24
    5: 104.249.26.0/24 maxlen: 24
    6: 104.143.228.0/24 maxlen: 24
    7: 216.173.101.0/24 maxlen: 24
    8: 104.249.56.0/22 maxlen: 22
    9: 104.143.253.0/24 maxlen: 24
   10: 45.43.128.0/21 maxlen: 21
   11: 45.43.128.0/22 maxlen: 24

--
$ test-roa -p rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/OrRnWH2mOzy6Qjrznr01NYt392k.roa | openssl x509 -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 20867799 (0x13e6ad7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
        Validity
            Not Before: Jan  1 21:54:21 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3ab467587da63b3cba423af39ebd35358b77f769
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:42:b0:b1:1e:b0:b6:47:ce:8b:a4:0a:0e:f0:
                    8a:ee:23:27:f5:1e:52:c5:e3:f6:1b:cf:d6:a9:1a:
                    85:3e:c4:d8:9b:38:f6:95:d4:06:cb:4e:c7:5b:bd:
                    fc:75:ae:b9:0d:cb:e8:11:fe:42:1f:6b:87:69:df:
                    ec:01:1a:a3:6d:12:d4:86:8d:9a:9c:df:ac:6c:f2:
                    4c:e6:fb:9e:bc:ec:1a:ab:fe:d1:81:e9:34:76:a4:
                    6b:3a:b8:70:01:06:ae:79:f9:ed:73:9a:f0:57:df:
                    81:cb:25:8d:41:99:13:50:c9:6c:55:38:ff:30:7d:
                    83:0b:fc:38:11:46:d3:32:36:79:09:c7:ca:58:a1:
                    b3:fa:f7:d5:7b:ee:4f:bf:b4:5c:fa:5c:bc:82:4b:
                    04:37:67:ae:01:f3:9d:c3:e3:48:3f:87:52:3a:26:
                    f4:df:db:1d:30:8e:1c:78:b5:52:f4:18:b2:5c:35:
                    d1:32:10:c4:fe:5e:8d:f2:9b:f7:1e:62:77:22:26:
                    c9:75:ac:51:a2:09:46:a0:ee:b2:62:a3:85:db:34:
                    5f:74:98:19:5c:90:dd:e8:e3:bf:b7:e2:18:75:13:
                    00:0d:d2:a9:5e:3b:84:ec:4b:56:3d:e4:c2:c3:03:
                    6d:5c:9b:79:b9:ef:95:44:2c:81:50:21:28:72:79:
                    87:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                3A:B4:67:58:7D:A6:3B:3C:BA:42:3A:F3:9E:BD:35:35:8B:77:F7:69
            X509v3 Authority Key Identifier: 
                keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/OrRnWH2mOzy6Qjrznr01NYt392k.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.43.128.0/21
                  104.143.228.0/24
                  104.143.253.0/24
                  104.249.24.0/24
                  104.249.26.0-104.249.28.255
                  104.249.56.0/22
                  216.173.83.0/24
                  216.173.101.0/24

    Signature Algorithm: sha256WithRSAEncryption
         60:38:b2:62:2c:5f:5f:c0:52:4a:93:b3:25:9e:d5:a3:5c:b6:
         3d:7e:d4:26:af:e0:7f:93:1e:c8:03:54:b4:7a:17:7c:d5:57:
         64:0a:72:44:03:56:5a:9f:3c:94:31:17:04:d2:68:42:c4:0f:
         8a:d3:83:81:97:59:54:28:5e:c7:44:3a:c2:22:36:b3:7a:f0:
         d8:5b:97:ef:9e:2e:2f:18:51:ab:5c:00:35:dd:32:de:cf:54:
         04:c6:20:1c:18:5a:f4:a2:27:00:c6:2f:62:a1:40:77:32:ff:
         93:72:f2:d4:30:39:2f:66:12:29:05:10:e2:9f:98:69:0a:e4:
         7a:d7:06:b9:49:7e:83:f3:a9:5f:20:c6:23:2e:4e:08:bf:e0:
         f0:c8:3f:75:52:c0:c0:e0:c4:86:2a:81:70:31:fd:64:44:10:
         39:9d:e6:4a:40:86:5f:9f:ab:ae:bc:7f:cd:33:49:40:4a:64:
         5f:c1:87:c0:18:22:c0:5c:45:91:13:1a:8a:98:b9:14:38:43:
         24:75:ef:c4:7a:8d:91:17:5e:29:66:50:1e:ab:b8:4a:e3:2e:
         73:67:5b:99:40:57:26:bd:02:c4:85:d6:9c:bc:40:ec:8d:7c:
         f2:d3:dd:50:5b:76:e5:13:f8:92:88:a0:bf:97:54:89:b4:dd:
         ec:40:6e:dd
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIEAT5q1zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MDU4MWU2NzNkODBmNzQ3NDkzNmIyMTMzN2VhZmNjMWJkYzM4NWU5MB4XDTIyMDEw
MTIxNTQyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2FiNDY3NTg3ZGE2
M2IzY2JhNDIzYWYzOWViZDM1MzU4Yjc3Zjc2OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ9CsLEesLZHzoukCg7wiu4jJ/UeUsXj9hvP1qkahT7E2Js4
9pXUBstOx1u9/HWuuQ3L6BH+Qh9rh2nf7AEao20S1IaNmpzfrGzyTOb7nrzsGqv+
0YHpNHakazq4cAEGrnn57XOa8FffgcsljUGZE1DJbFU4/zB9gwv8OBFG0zI2eQnH
ylihs/r31XvuT7+0XPpcvIJLBDdnrgHzncPjSD+HUjom9N/bHTCOHHi1UvQYslw1
0TIQxP5ejfKb9x5idyImyXWsUaIJRqDusmKjhds0X3SYGVyQ3ejjv7fiGHUTAA3S
qV47hOxLVj3kwsMDbVybebnvlUQsgVAhKHJ5h6kCAwEAAaOCAjswggI3MB0GA1Ud
DgQWBBQ6tGdYfaY7PLpCOvOevTU1i3f3aTAfBgNVHSMEGDAWgBRgWB5nPYD3R0k2
shM36vzBvcOF6TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lGZ2VaejJBOTBkSk5ySVROLXI4d2IzRGhlay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWEvZmRkNjMzLWM2NTgtNDljNS05ZThmLWZiMDc5NTVmM2FhYS8x
L09yUm5XSDJtT3p5NlFqcnpucjAxTll0Mzkyay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWEv
ZmRkNjMzLWM2NTgtNDljNS05ZThmLWZiMDc5NTVmM2FhYS8xL1lGZ2VaejJBOTBk
Sk5ySVROLXI4d2IzRGhlay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBR
BggrBgEFBQcBBwEB/wRCMEAwPgQCAAEwOAMEAy0rgAMEAGiP5AMEAGiP/QMEAGj5
GDAMAwQBaPkaAwQAaPkcAwQCaPk4AwQA2K1TAwQA2K1lMA0GCSqGSIb3DQEBCwUA
A4IBAQBgOLJiLF9fwFJKk7MlntWjXLY9ftQmr+B/kx7IA1S0ehd81VdkCnJEA1Za
nzyUMRcE0mhCxA+K04OBl1lUKF7HRDrCIjazevDYW5fvni4vGFGrXAA13TLez1QE
xiAcGFr0oicAxi9ioUB3Mv+TcvLUMDkvZhIpBRDin5hpCuR61wa5SX6D86lfIMYj
Lk4Iv+DwyD91UsDA4MSGKoFwMf1kRBA5neZKQIZfn6uuvH/NM0lASmRfwYfAGCLA
XEWRExqKmLkUOEMkde/Eeo2RF14pZlAeq7hK4y5zZ1uZQFcmvQLEhdacvEDsjXzy
091QW3blE/iSiKC/l1SJtN3sQG7d
-----END CERTIFICATE-----

Generated at Sun Jan 30 12:50:54 2022 by LibreSSL & rpki-client.