Route Origin Authorization
Location:                 rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/QnrtTu9BmTLIpM1K8aaY8AyBFCU.roa (download)

Subject key identifier:   42:7A:ED:4E:EF:41:99:32:C8:A4:CD:4A:F1:A6:98:F0:0C:81:14:25 
Authority key identifier: 14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6
asID:                     AS399471
Prefixes:
    1: 37.0.15.0/24 maxlen: 24

--
$ test-roa -p rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/QnrtTu9BmTLIpM1K8aaY8AyBFCU.roa | openssl x509 -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 160523578 (0x991653a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14bee0ebd06b4b812f9e13716e25f1c3c3d14cc6
        Validity
            Not Before: Jan  1 05:59:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=427aed4eef419932c8a4cd4af1a698f00c811425
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:21:7d:0c:f8:8c:22:22:74:5d:dd:91:3b:22:
                    a2:7d:57:a3:64:87:7d:ea:42:b6:69:57:54:a7:a3:
                    51:ee:61:fe:39:ff:3c:c4:29:05:75:46:1e:1c:99:
                    aa:e6:75:cb:b5:f8:ce:b4:84:29:6a:b4:d0:d9:78:
                    93:2e:50:b1:f3:1a:54:35:4f:8d:7d:df:7d:fe:46:
                    93:7f:97:f3:11:ea:48:83:e5:7f:4c:41:c0:94:99:
                    a8:56:98:16:14:d1:45:71:34:d6:78:38:5c:bb:df:
                    a6:c7:0c:f9:87:8a:b4:03:e3:bc:b1:04:c6:9b:5a:
                    b1:24:34:d6:83:02:ff:f3:0c:a3:9e:a2:89:dc:66:
                    18:03:d1:9d:98:21:9f:99:2d:32:a4:e9:24:d0:2f:
                    92:59:95:77:95:1a:0a:d5:75:eb:0e:92:fd:fb:8a:
                    4f:f8:9e:c8:c2:f6:14:ff:15:7e:69:83:c5:36:be:
                    6d:37:12:37:5e:c9:69:d0:f8:1a:92:f2:d8:e5:34:
                    b8:8c:0e:9b:07:ee:db:e3:88:48:4a:43:3f:11:83:
                    b5:7d:99:9e:6f:a9:50:9c:e0:f8:ed:11:c7:46:fb:
                    03:ea:d2:47:4f:6b:0f:56:62:81:40:94:59:85:91:
                    59:be:f3:47:6a:c9:f9:4e:20:83:74:b4:a8:5e:48:
                    30:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                42:7A:ED:4E:EF:41:99:32:C8:A4:CD:4A:F1:A6:98:F0:0C:81:14:25
            X509v3 Authority Key Identifier: 
                keyid:14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/QnrtTu9BmTLIpM1K8aaY8AyBFCU.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/FL7g69BrS4EvnhNxbiXxw8PRTMY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.0.15.0/24

    Signature Algorithm: sha256WithRSAEncryption
         85:cb:7d:13:85:d2:7c:8f:dc:05:5e:19:2c:16:40:43:f5:34:
         21:bc:c4:e2:22:54:1e:30:a1:70:eb:7b:62:ec:10:4f:4f:bf:
         9a:c0:4a:62:6a:19:4e:af:90:2b:37:57:c2:0c:cf:2d:c7:66:
         85:20:7e:01:cf:f6:c2:f8:a4:5b:23:5b:34:b0:14:66:89:94:
         7b:70:9e:f7:50:06:2c:8b:57:e9:0e:92:6d:fe:a5:96:5e:60:
         34:61:0f:e7:3a:d4:b8:e8:de:bc:f0:e3:f6:52:7d:28:2e:bf:
         f8:47:08:43:34:cc:ac:2e:82:7f:e4:7f:ff:41:19:e5:89:ff:
         8e:3a:f2:c6:49:79:8b:b9:da:3a:aa:0a:3b:4f:6c:d0:a1:cf:
         84:ab:0c:2c:30:42:76:5c:92:52:0a:a1:5f:1c:a3:5e:8b:5e:
         ab:28:2a:60:c5:bd:6b:b2:18:dd:02:91:c8:e9:e2:31:1e:a1:
         25:bb:20:66:e0:10:76:60:8a:32:04:69:5b:e5:bf:60:84:36:
         3e:79:89:56:0f:4a:51:f9:82:d3:2b:c7:37:54:b5:5a:1d:9f:
         d0:b6:cd:16:e6:46:c4:52:9a:1c:53:7d:d2:6a:a1:14:82:32:
         1c:0a:c2:ec:48:cf:a8:82:db:ea:f8:ba:46:50:fd:27:6f:9f:
         b1:43:6c:bf
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECZFlOjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NGJlZTBlYmQwNmI0YjgxMmY5ZTEzNzE2ZTI1ZjFjM2MzZDE0Y2M2MB4XDTIyMDEw
MTA1NTk0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDI3YWVkNGVlZjQx
OTkzMmM4YTRjZDRhZjFhNjk4ZjAwYzgxMTQyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ8hfQz4jCIidF3dkTsion1Xo2SHfepCtmlXVKejUe5h/jn/
PMQpBXVGHhyZquZ1y7X4zrSEKWq00Nl4ky5QsfMaVDVPjX3fff5Gk3+X8xHqSIPl
f0xBwJSZqFaYFhTRRXE01ng4XLvfpscM+YeKtAPjvLEExptasSQ01oMC//MMo56i
idxmGAPRnZghn5ktMqTpJNAvklmVd5UaCtV16w6S/fuKT/ieyML2FP8VfmmDxTa+
bTcSN17JadD4GpLy2OU0uIwOmwfu2+OISEpDPxGDtX2Znm+pUJzg+O0Rx0b7A+rS
R09rD1ZigUCUWYWRWb7zR2rJ+U4gg3S0qF5IMPcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRCeu1O70GZMsikzUrxppjwDIEUJTAfBgNVHSMEGDAWgBQUvuDr0GtLgS+e
E3FuJfHDw9FMxjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZMN2c2OUJyUzRFdm5oTnhiaVh4dzhQUlRNWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjUvMTYxYzNmLWI4M2QtNDViMS1hYThlLWQxYmI2YjRkZDcwMS8x
L1FucnRUdTlCbVRMSXBNMUs4YWFZOEF5QkZDVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUv
MTYxYzNmLWI4M2QtNDViMS1hYThlLWQxYmI2YjRkZDcwMS8xL0ZMN2c2OUJyUzRF
dm5oTnhiaVh4dzhQUlRNWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACUADzANBgkqhkiG9w0BAQsFAAOC
AQEAhct9E4XSfI/cBV4ZLBZAQ/U0IbzE4iJUHjChcOt7YuwQT0+/msBKYmoZTq+Q
KzdXwgzPLcdmhSB+Ac/2wvikWyNbNLAUZomUe3Ce91AGLItX6Q6Sbf6lll5gNGEP
5zrUuOjevPDj9lJ9KC6/+EcIQzTMrC6Cf+R//0EZ5Yn/jjryxkl5i7naOqoKO09s
0KHPhKsMLDBCdlySUgqhXxyjXoteqygqYMW9a7IY3QKRyOniMR6hJbsgZuAQdmCK
MgRpW+W/YIQ2PnmJVg9KUfmC0yvHN1S1Wh2f0LbNFuZGxFKaHFN90mqhFIIyHArC
7EjPqILb6vi6RlD9J2+fsUNsvw==
-----END CERTIFICATE-----

Generated at Sun Jan 30 12:53:26 2022 by LibreSSL & rpki-client.