Route Origin Authorization
Location:                 rpki.ripe.net/repository/DEFAULT/87/48b571-67e7-4497-96a3-ecec780e7ffd/1/M1xodV8dHLgFXa2Pc1xMXGPex6g.roa (download)

Subject key identifier:   33:5C:68:75:5F:1D:1C:B8:05:5D:AD:8F:73:5C:4C:5C:63:DE:C7:A8 
Authority key identifier: 3C:C8:25:83:62:2D:74:CE:5B:B5:B9:4E:4C:ED:76:3F:FE:D1:01:AB
asID:                     AS1239
Prefixes:
    1: 2a11:4180::/29 maxlen: 29

--
$ test-roa -p rpki.ripe.net/repository/DEFAULT/87/48b571-67e7-4497-96a3-ecec780e7ffd/1/M1xodV8dHLgFXa2Pc1xMXGPex6g.roa | openssl x509 -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 92268 (0x1686c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3cc82583622d74ce5bb5b94e4ced763ffed101ab
        Validity
            Not Before: Jan 14 18:05:34 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=335c68755f1d1cb8055dad8f735c4c5c63dec7a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:fd:e3:b0:ff:4f:28:51:25:48:0d:e5:7e:a2:
                    8e:b5:f0:1f:a8:92:85:e6:96:14:ba:84:99:e3:5c:
                    d8:d2:c4:d1:cf:8a:39:bc:b1:a5:42:4d:b2:1a:49:
                    b0:86:8a:d8:5d:27:60:13:cb:ba:5e:47:77:a5:1d:
                    e9:98:ad:ae:2d:b5:61:1e:49:6d:8d:fc:47:ae:6c:
                    0a:27:11:87:46:4c:92:7e:84:bc:73:9c:22:10:24:
                    8e:5c:a2:7e:bd:68:5c:3f:32:04:d6:bf:d3:ae:ec:
                    58:06:1b:33:ce:24:dc:de:1e:d7:27:16:c2:75:50:
                    9f:65:3d:15:ec:b0:64:4c:f5:9b:d1:83:6d:57:e7:
                    47:d7:f2:bf:fc:9b:fd:27:22:99:32:94:a6:64:68:
                    2d:c7:c7:96:8f:a8:24:cc:92:f8:b4:d3:9e:5b:c9:
                    49:09:d1:34:3e:08:d3:b4:f1:52:ee:91:3b:d1:ca:
                    04:04:b0:3a:9d:6f:e3:00:b1:c0:ba:f3:2b:5d:38:
                    51:6a:3c:ed:8e:03:5e:78:b1:a5:4b:47:ec:33:3e:
                    05:a0:02:c3:49:6b:bd:b8:41:71:2f:db:7a:04:cd:
                    d4:6d:b1:8a:44:22:aa:11:95:22:b3:ba:3b:8f:2e:
                    af:d3:bd:67:d6:a5:98:bf:16:16:02:3e:21:69:08:
                    32:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                33:5C:68:75:5F:1D:1C:B8:05:5D:AD:8F:73:5C:4C:5C:63:DE:C7:A8
            X509v3 Authority Key Identifier: 
                keyid:3C:C8:25:83:62:2D:74:CE:5B:B5:B9:4E:4C:ED:76:3F:FE:D1:01:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PMglg2ItdM5btblOTO12P_7RAas.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/48b571-67e7-4497-96a3-ecec780e7ffd/1/M1xodV8dHLgFXa2Pc1xMXGPex6g.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/48b571-67e7-4497-96a3-ecec780e7ffd/1/PMglg2ItdM5btblOTO12P_7RAas.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:4180::/29

    Signature Algorithm: sha256WithRSAEncryption
         5b:0b:f4:91:bf:2f:28:69:05:f9:30:85:19:33:14:4d:ab:0e:
         64:e6:fb:0d:91:8e:89:bd:47:21:69:26:d1:83:60:d1:c3:dc:
         e5:aa:14:fc:0f:8a:27:38:37:68:94:72:9d:b9:1d:3a:57:06:
         75:60:43:39:0d:38:da:71:1b:52:53:eb:94:97:83:b0:bc:90:
         86:6c:56:58:e2:51:51:3f:9e:98:01:a3:51:43:58:62:f4:ad:
         41:b9:35:0c:a5:48:4a:10:04:10:3c:0f:22:19:83:2a:f3:f7:
         d9:fe:67:d2:57:14:66:fa:96:f3:3e:ff:f1:5c:09:2b:d7:25:
         da:00:1b:5b:44:ee:dd:bf:bc:84:5d:24:69:83:86:d0:90:fe:
         e6:d3:e9:d6:2c:33:7b:d7:9c:93:dd:8c:54:ab:3f:a8:ad:bc:
         e8:e0:21:da:dc:9a:fc:c3:0f:50:ed:25:f6:9a:f2:6c:42:e7:
         f9:4f:0e:05:15:ac:36:16:05:42:b8:aa:f1:da:f4:a6:8b:72:
         5b:68:3d:2e:de:f7:77:46:f9:e1:2e:7f:71:63:16:70:bd:d8:
         a2:f2:bf:39:06:81:91:3a:f7:0d:18:44:f5:db:08:7b:eb:a5:
         61:70:7a:f5:b3:0d:8e:ce:d1:e4:ac:e8:9f:25:73:5a:cf:58:
         91:ba:ad:17
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDAWhsMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDNj
YzgyNTgzNjIyZDc0Y2U1YmI1Yjk0ZTRjZWQ3NjNmZmVkMTAxYWIwHhcNMjIwMTE0
MTgwNTM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzMzVjNjg3NTVmMWQx
Y2I4MDU1ZGFkOGY3MzVjNGM1YzYzZGVjN2E4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAtP3jsP9PKFElSA3lfqKOtfAfqJKF5pYUuoSZ41zY0sTRz4o5
vLGlQk2yGkmwhorYXSdgE8u6Xkd3pR3pmK2uLbVhHkltjfxHrmwKJxGHRkySfoS8
c5wiECSOXKJ+vWhcPzIE1r/TruxYBhszziTc3h7XJxbCdVCfZT0V7LBkTPWb0YNt
V+dH1/K//Jv9JyKZMpSmZGgtx8eWj6gkzJL4tNOeW8lJCdE0PgjTtPFS7pE70coE
BLA6nW/jALHAuvMrXThRajztjgNeeLGlS0fsMz4FoALDSWu9uEFxL9t6BM3UbbGK
RCKqEZUis7o7jy6v071n1qWYvxYWAj4haQgyOQIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFDNcaHVfHRy4BV2tj3NcTFxj3seoMB8GA1UdIwQYMBaAFDzIJYNiLXTOW7W5
Tkztdj/+0QGrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
UE1nbGcySXRkTTVidGJsT1RPMTJQXzdSQWFzLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC84Ny80OGI1NzEtNjdlNy00NDk3LTk2YTMtZWNlYzc4MGU3ZmZkLzEv
TTF4b2RWOGRITGdGWGEyUGMxeE1YR1BleDZnLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny80
OGI1NzEtNjdlNy00NDk3LTk2YTMtZWNlYzc4MGU3ZmZkLzEvUE1nbGcySXRkTTVi
dGJsT1RPMTJQXzdSQWFzLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhFBgDANBgkqhkiG9w0BAQsFAAOC
AQEAWwv0kb8vKGkF+TCFGTMUTasOZOb7DZGOib1HIWkm0YNg0cPc5aoU/A+KJzg3
aJRynbkdOlcGdWBDOQ042nEbUlPrlJeDsLyQhmxWWOJRUT+emAGjUUNYYvStQbk1
DKVIShAEEDwPIhmDKvP32f5n0lcUZvqW8z7/8VwJK9cl2gAbW0Tu3b+8hF0kaYOG
0JD+5tPp1iwze9eck92MVKs/qK286OAh2tya/MMPUO0l9prybELn+U8OBRWsNhYF
Qriq8dr0potyW2g9Lt73d0b54S5/cWMWcL3YovK/OQaBkTr3DRhE9dsIe+ulYXB6
9bMNjs7R5KzonyVzWs9YkbqtFw==
-----END CERTIFICATE-----

Generated at Sun Jan 30 13:02:16 2022 by LibreSSL & rpki-client.