Route Origin Authorization
Location:                 rpki.ripe.net/repository/DEFAULT/88/b0b452-cfb8-47f4-9549-03e001a7f604/1/BH8pYEWymG-H1BtFWS8-sOFTM5I.roa (download)

Subject key identifier:   04:7F:29:60:45:B2:98:6F:87:D4:1B:45:59:2F:3E:B0:E1:53:33:92 
Authority key identifier: 14:C0:BE:08:4B:FA:0C:8E:70:1E:9C:3D:42:C1:87:C7:BA:6A:40:ED
asID:                     AS1239
Prefixes:
    1: 146.19.155.0/24 maxlen: 24

--
$ test-roa -p rpki.ripe.net/repository/DEFAULT/88/b0b452-cfb8-47f4-9549-03e001a7f604/1/BH8pYEWymG-H1BtFWS8-sOFTM5I.roa | openssl x509 -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 16958967 (0x102c5f7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14c0be084bfa0c8e701e9c3d42c187c7ba6a40ed
        Validity
            Not Before: Mar  7 17:31:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=047f296045b2986f87d41b45592f3eb0e1533392
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:fd:99:63:61:8b:97:e6:6b:49:f6:90:48:e0:
                    b7:54:91:bf:23:b9:1e:37:a0:8b:9f:ab:13:6e:c8:
                    84:a1:d7:bb:5a:d7:ee:fc:75:49:3c:3f:95:63:31:
                    5e:19:ca:0d:f4:4e:bb:94:e2:a5:9e:11:5b:31:94:
                    5f:52:33:21:01:44:02:85:70:78:d1:82:04:b5:20:
                    17:42:a5:f0:bf:3f:96:02:de:fb:57:37:e9:8f:bf:
                    3c:e8:cf:09:80:2c:b7:fc:ea:53:df:e3:03:a3:e9:
                    65:a1:66:ff:2a:94:ba:e3:b1:4d:f0:4f:ab:f4:6c:
                    a2:db:22:f2:ef:c6:80:77:6d:b0:23:25:27:07:42:
                    97:65:17:20:31:04:29:cc:5c:88:e5:04:b9:93:2b:
                    f6:80:39:4c:10:e7:eb:37:35:c4:f7:0e:18:cb:fd:
                    d7:6a:5d:6e:ea:43:ef:ac:cf:13:fc:48:b7:fb:05:
                    b2:b5:3c:31:26:ce:a8:12:79:39:2f:c6:67:d2:59:
                    e8:ce:f1:39:b2:16:6b:6a:e8:0f:d7:28:8c:98:d0:
                    23:85:a2:96:63:34:65:22:2f:f8:09:d6:35:1b:ea:
                    ea:5b:d9:4e:23:97:b2:a1:6a:47:ff:bf:9f:91:e0:
                    8f:6f:43:84:ae:b3:af:51:d8:cd:cc:2f:d7:eb:43:
                    ce:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                04:7F:29:60:45:B2:98:6F:87:D4:1B:45:59:2F:3E:B0:E1:53:33:92
            X509v3 Authority Key Identifier: 
                keyid:14:C0:BE:08:4B:FA:0C:8E:70:1E:9C:3D:42:C1:87:C7:BA:6A:40:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FMC-CEv6DI5wHpw9QsGHx7pqQO0.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/b0b452-cfb8-47f4-9549-03e001a7f604/1/BH8pYEWymG-H1BtFWS8-sOFTM5I.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/b0b452-cfb8-47f4-9549-03e001a7f604/1/FMC-CEv6DI5wHpw9QsGHx7pqQO0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.19.155.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0e:fb:9c:0f:06:02:80:da:f9:88:80:38:fa:d8:f0:d3:a5:d5:
         18:50:48:e8:71:9e:86:99:24:8d:83:52:b3:39:f3:11:ba:16:
         f6:5c:51:75:85:b5:11:f5:65:bb:e2:65:8c:ea:5a:ce:8d:5c:
         1a:fa:53:03:76:f0:7a:1c:98:8b:8b:bf:fc:0f:58:ff:ba:4d:
         5a:fe:26:9e:48:50:f0:41:b5:56:ba:d5:8c:f7:fd:fe:96:03:
         b1:1a:f0:08:ec:72:2c:44:61:8a:6a:c0:78:51:cf:b0:91:f0:
         af:e8:c0:a2:b0:5a:0a:44:34:6f:ca:41:3d:c8:6c:f4:bb:5c:
         60:43:03:a2:14:2f:65:1e:84:06:fb:bf:4f:c0:3f:55:a0:86:
         f2:55:a2:d4:c6:7a:ea:30:1f:49:74:43:3f:a9:4f:e0:8f:81:
         9e:e1:fd:57:9e:2d:da:3f:ec:1a:3b:68:b6:1a:c2:88:91:d7:
         df:8d:56:93:38:89:86:cc:d6:02:e9:11:b7:53:53:4b:2f:f5:
         d3:64:cd:bb:d8:87:9c:d7:86:a7:b7:79:2c:d2:e4:e7:9e:e1:
         9d:8e:32:fb:ed:e8:59:05:74:30:fd:dc:2a:92:c8:3f:aa:4a:
         34:28:92:33:a9:fb:ee:27:d3:17:ea:6a:04:1d:91:0b:ff:8c:
         b5:e4:24:23
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAQLF9zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NGMwYmUwODRiZmEwYzhlNzAxZTljM2Q0MmMxODdjN2JhNmE0MGVkMB4XDTIyMDMw
NzE3MzExNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDQ3ZjI5NjA0NWIy
OTg2Zjg3ZDQxYjQ1NTkyZjNlYjBlMTUzMzM5MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOP9mWNhi5fma0n2kEjgt1SRvyO5Hjegi5+rE27IhKHXu1rX
7vx1STw/lWMxXhnKDfROu5TipZ4RWzGUX1IzIQFEAoVweNGCBLUgF0Kl8L8/lgLe
+1c36Y+/POjPCYAst/zqU9/jA6PpZaFm/yqUuuOxTfBPq/Rsotsi8u/GgHdtsCMl
JwdCl2UXIDEEKcxciOUEuZMr9oA5TBDn6zc1xPcOGMv912pdbupD76zPE/xIt/sF
srU8MSbOqBJ5OS/GZ9JZ6M7xObIWa2roD9cojJjQI4WilmM0ZSIv+AnWNRvq6lvZ
TiOXsqFqR/+/n5Hgj29DhK6zr1HYzcwv1+tDzncCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQEfylgRbKYb4fUG0VZLz6w4VMzkjAfBgNVHSMEGDAWgBQUwL4IS/oMjnAe
nD1CwYfHumpA7TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZNQy1DRXY2REk1d0hwdzlRc0dIeDdwcVFPMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODgvYjBiNDUyLWNmYjgtNDdmNC05NTQ5LTAzZTAwMWE3ZjYwNC8x
L0JIOHBZRVd5bUctSDFCdEZXUzgtc09GVE01SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgv
YjBiNDUyLWNmYjgtNDdmNC05NTQ5LTAzZTAwMWE3ZjYwNC8xL0ZNQy1DRXY2REk1
d0hwdzlRc0dIeDdwcVFPMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJITmzANBgkqhkiG9w0BAQsFAAOC
AQEADvucDwYCgNr5iIA4+tjw06XVGFBI6HGehpkkjYNSsznzEboW9lxRdYW1EfVl
u+JljOpazo1cGvpTA3bwehyYi4u//A9Y/7pNWv4mnkhQ8EG1VrrVjPf9/pYDsRrw
COxyLERhimrAeFHPsJHwr+jAorBaCkQ0b8pBPchs9LtcYEMDohQvZR6EBvu/T8A/
VaCG8lWi1MZ66jAfSXRDP6lP4I+BnuH9V54t2j/sGjtothrCiJHX341WkziJhszW
AukRt1NTSy/102TNu9iHnNeGp7d5LNLk557hnY4y++3oWQV0MP3cKpLIP6pKNCiS
M6n77ifTF+pqBB2RC/+MteQkIw==
-----END CERTIFICATE-----

Generated at Mon Mar 7 20:48:17 2022 by LibreSSL & rpki-client.