Route Origin Authorization
Location:                 rpki.ripe.net/repository/DEFAULT/5f/a9e8a6-1cf2-4c87-b49a-5228823fb97b/1/3eAMaQSjrBbvQgRQ-L1WO7aayow.roa (download)

Subject key identifier:   DD:E0:0C:69:04:A3:AC:16:EF:42:04:50:F8:BD:56:3B:B6:9A:CA:8C 
Authority key identifier: 83:9D:36:3B:28:F1:C9:08:4E:1C:19:86:87:6B:B4:09:B7:9A:13:8C
asID:                     AS399641
Prefixes:
    1: 94.45.166.0/24 maxlen: 24

--
$ test-roa -p rpki.ripe.net/repository/DEFAULT/5f/a9e8a6-1cf2-4c87-b49a-5228823fb97b/1/3eAMaQSjrBbvQgRQ-L1WO7aayow.roa | openssl x509 -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 341861 (0x53765)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=839d363b28f1c9084e1c1986876bb409b79a138c
        Validity
            Not Before: Jan 29 19:34:55 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=dde00c6904a3ac16ef420450f8bd563bb69aca8c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:81:40:84:b4:94:72:09:d5:66:06:ef:9d:ae:
                    db:06:f4:4c:d0:16:19:25:c3:e9:1b:6c:f8:97:0f:
                    da:6a:ad:c6:67:a6:ca:84:f7:90:a5:77:17:fb:76:
                    e0:99:bb:12:80:ba:c7:ba:05:65:8c:86:13:92:d6:
                    fb:d3:21:62:2b:94:e8:c3:f4:01:4e:2e:de:8f:60:
                    fc:05:50:a2:40:4f:68:64:61:c1:17:c1:bd:cd:a4:
                    bb:0a:92:ed:b3:dd:39:d5:c3:39:e9:86:16:bb:4e:
                    6d:6a:5c:82:89:50:77:67:73:5e:14:fb:bb:54:1c:
                    1d:3c:c1:c1:e1:bf:92:e5:15:d3:d3:56:7f:3c:92:
                    5f:e5:9f:7d:27:95:af:ca:38:41:47:31:2f:4b:0c:
                    a2:f1:5e:f2:b4:43:d8:ff:aa:b4:ae:97:7b:af:4d:
                    d8:22:19:ab:a3:18:4e:b8:e2:65:26:9e:f3:c9:a5:
                    dd:e9:a3:7a:25:e8:f1:26:a4:54:a8:b7:8e:52:f5:
                    1f:0e:e4:c1:33:81:79:1f:32:31:1e:c1:14:62:54:
                    26:ef:d4:bc:aa:02:84:e9:55:d1:5a:0f:ad:e9:c5:
                    2b:77:9f:05:d4:58:a7:bb:e3:9e:7e:f4:1c:31:c2:
                    6e:c5:2e:30:85:93:5b:cd:21:81:4c:5f:0d:5c:19:
                    21:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                DD:E0:0C:69:04:A3:AC:16:EF:42:04:50:F8:BD:56:3B:B6:9A:CA:8C
            X509v3 Authority Key Identifier: 
                keyid:83:9D:36:3B:28:F1:C9:08:4E:1C:19:86:87:6B:B4:09:B7:9A:13:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g502OyjxyQhOHBmGh2u0CbeaE4w.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/a9e8a6-1cf2-4c87-b49a-5228823fb97b/1/3eAMaQSjrBbvQgRQ-L1WO7aayow.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/a9e8a6-1cf2-4c87-b49a-5228823fb97b/1/g502OyjxyQhOHBmGh2u0CbeaE4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.45.166.0/24

    Signature Algorithm: sha256WithRSAEncryption
         30:23:09:0f:ff:52:23:e0:75:b5:d3:8f:64:52:86:2a:8e:9b:
         bc:ce:1f:1e:34:5e:ac:90:55:22:da:d8:e2:52:88:57:ec:87:
         cd:bf:44:74:1a:26:2e:20:da:e3:7c:b9:e7:7f:1b:74:f2:2a:
         95:a1:73:3c:2a:d7:79:c6:13:23:6d:ab:94:7e:77:e2:ad:35:
         43:af:02:5b:30:59:13:56:1a:d8:3d:de:bf:62:5a:f9:82:eb:
         ef:32:ee:a7:c5:45:48:ad:38:5d:5f:9a:b2:da:7d:bc:eb:e9:
         f9:df:90:52:19:3d:e6:e5:07:fd:ac:8e:1d:96:c9:47:ae:5c:
         c6:de:f2:2e:1a:f5:62:64:7f:25:b0:db:1f:c9:9a:87:c0:b3:
         42:01:ce:ea:a7:d0:d3:ce:99:55:88:aa:cd:6a:da:b4:7e:bf:
         2f:06:b8:39:40:2c:a9:98:98:4f:44:75:8d:87:03:0e:44:0c:
         49:b7:7b:3b:cd:47:b3:ba:10:85:0d:f4:a4:79:96:5e:ca:35:
         a3:72:08:b4:c2:e8:b2:32:77:a7:53:a6:71:f1:9d:6b:ce:6c:
         ea:f3:e9:df:a8:98:60:27:1d:5c:a5:84:ad:84:b0:9c:07:7a:
         a6:df:6b:9f:b5:86:97:7a:36:56:b1:77:1e:62:6f:4a:0e:aa:
         e9:40:49:b1
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDBTdlMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDgz
OWQzNjNiMjhmMWM5MDg0ZTFjMTk4Njg3NmJiNDA5Yjc5YTEzOGMwHhcNMjIwMTI5
MTkzNDU1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkZGUwMGM2OTA0YTNh
YzE2ZWY0MjA0NTBmOGJkNTYzYmI2OWFjYThjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAi4FAhLSUcgnVZgbvna7bBvRM0BYZJcPpG2z4lw/aaq3GZ6bK
hPeQpXcX+3bgmbsSgLrHugVljIYTktb70yFiK5Tow/QBTi7ej2D8BVCiQE9oZGHB
F8G9zaS7CpLts9051cM56YYWu05talyCiVB3Z3NeFPu7VBwdPMHB4b+S5RXT01Z/
PJJf5Z99J5WvyjhBRzEvSwyi8V7ytEPY/6q0rpd7r03YIhmroxhOuOJlJp7zyaXd
6aN6JejxJqRUqLeOUvUfDuTBM4F5HzIxHsEUYlQm79S8qgKE6VXRWg+t6cUrd58F
1Finu+OefvQcMcJuxS4whZNbzSGBTF8NXBkhDQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFN3gDGkEo6wW70IEUPi9Vju2msqMMB8GA1UdIwQYMBaAFIOdNjso8ckIThwZ
hodrtAm3mhOMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
ZzUwMk95anh5UWhPSEJtR2gydTBDYmVhRTR3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81Zi9hOWU4YTYtMWNmMi00Yzg3LWI0OWEtNTIyODgyM2ZiOTdiLzEv
M2VBTWFRU2pyQmJ2UWdSUS1MMVdPN2FheW93LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9h
OWU4YTYtMWNmMi00Yzg3LWI0OWEtNTIyODgyM2ZiOTdiLzEvZzUwMk95anh5UWhP
SEJtR2gydTBDYmVhRTR3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXi2mMA0GCSqGSIb3DQEBCwUAA4IB
AQAwIwkP/1Ij4HW1049kUoYqjpu8zh8eNF6skFUi2tjiUohX7IfNv0R0GiYuINrj
fLnnfxt08iqVoXM8Ktd5xhMjbauUfnfirTVDrwJbMFkTVhrYPd6/Ylr5guvvMu6n
xUVIrThdX5qy2n286+n535BSGT3m5Qf9rI4dlslHrlzG3vIuGvViZH8lsNsfyZqH
wLNCAc7qp9DTzplViKrNatq0fr8vBrg5QCypmJhPRHWNhwMORAxJt3s7zUezuhCF
DfSkeZZeyjWjcgi0wuiyMnenU6Zx8Z1rzmzq8+nfqJhgJx1cpYSthLCcB3qm32uf
tYaXejZWsXceYm9KDqrpQEmx
-----END CERTIFICATE-----

Generated at Sun Jan 30 12:52:03 2022 by LibreSSL & rpki-client.