Route Origin Authorization
Location:                 rpki.ripe.net/repository/DEFAULT/89/d9540d-2ecf-4e0d-ab24-6a737deabb0f/1/hsOHZaBVNPOwGR_G5MUIq_KUB0k.roa (download)

Subject key identifier:   86:C3:87:65:A0:55:34:F3:B0:19:1F:C6:E4:C5:08:AB:F2:94:07:49 
Authority key identifier: DE:05:AB:28:3D:2B:54:46:73:B7:D7:22:9F:32:B9:62:CF:C6:8A:1E
asID:                     AS1239
Prefixes:
    1: 193.3.187.0/24 maxlen: 24

--
$ test-roa -p rpki.ripe.net/repository/DEFAULT/89/d9540d-2ecf-4e0d-ab24-6a737deabb0f/1/hsOHZaBVNPOwGR_G5MUIq_KUB0k.roa | openssl x509 -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9572092 (0x920efc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de05ab283d2b544673b7d7229f32b962cfc68a1e
        Validity
            Not Before: Jan  1 01:50:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=86c38765a05534f3b0191fc6e4c508abf2940749
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:2f:73:65:99:4a:03:97:0e:99:97:fb:11:1b:
                    9b:a3:56:da:e6:6b:ea:a4:88:95:7f:07:87:95:64:
                    d3:63:18:d2:5f:51:71:19:b6:c6:2e:45:e2:81:63:
                    f4:1b:f7:e4:c2:28:ed:b0:fc:2a:5c:c5:b8:9a:69:
                    bd:7b:a5:cc:f3:e7:d9:d0:fe:43:a9:d6:db:b0:fc:
                    37:de:e8:0e:d5:b6:ce:68:22:88:80:24:7d:4a:03:
                    62:c3:23:c0:18:57:d0:5a:4b:92:e0:20:0f:76:3b:
                    e5:5c:79:24:40:f8:90:db:76:7d:64:a1:78:60:a1:
                    94:78:7d:91:4c:22:f2:9d:c0:79:fd:66:12:13:af:
                    8f:fc:6e:8c:5b:1b:79:bd:8d:54:88:96:d3:98:86:
                    18:db:02:b4:6c:2a:aa:75:9b:b1:3e:e9:2a:f2:ee:
                    b5:3e:aa:4c:4f:2e:bb:32:0f:c4:a5:77:40:0c:88:
                    32:31:c4:2e:9b:99:6d:eb:91:17:7e:19:3c:58:df:
                    9c:98:8f:c7:5b:7a:6e:9b:fb:03:03:17:68:32:b9:
                    81:a1:76:e9:c1:82:52:65:1b:7d:05:ac:f0:3b:eb:
                    12:67:9d:87:d0:d5:57:93:eb:06:5d:40:ff:c2:25:
                    ad:d2:49:c6:ee:2b:2c:50:71:05:6e:9c:0f:a1:45:
                    e3:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                86:C3:87:65:A0:55:34:F3:B0:19:1F:C6:E4:C5:08:AB:F2:94:07:49
            X509v3 Authority Key Identifier: 
                keyid:DE:05:AB:28:3D:2B:54:46:73:B7:D7:22:9F:32:B9:62:CF:C6:8A:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3gWrKD0rVEZzt9cinzK5Ys_Gih4.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/d9540d-2ecf-4e0d-ab24-6a737deabb0f/1/hsOHZaBVNPOwGR_G5MUIq_KUB0k.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/d9540d-2ecf-4e0d-ab24-6a737deabb0f/1/3gWrKD0rVEZzt9cinzK5Ys_Gih4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.3.187.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4e:58:75:47:2e:c2:20:e7:94:f5:ec:71:60:1a:18:6e:79:58:
         95:21:08:02:25:46:b1:be:53:38:4a:7c:7f:2b:44:b7:bc:bf:
         a0:44:8c:ec:81:bb:ef:a6:73:5b:7a:ba:16:5d:f3:04:b4:a4:
         50:16:07:c2:12:91:e6:a8:d5:e3:56:30:02:d7:3b:29:7d:76:
         58:02:2f:f3:45:9b:f6:05:59:21:64:c8:8b:d8:20:3f:11:ba:
         d0:75:c0:4a:8e:77:3c:04:88:8e:0d:16:de:df:cd:67:31:06:
         55:23:63:3a:c9:17:ed:e9:b8:48:a3:f5:fc:0a:5a:b1:18:66:
         c1:e0:ac:f0:1c:30:3c:6b:b9:39:4b:61:83:d1:3c:e1:c4:ce:
         37:c5:5d:a8:e8:66:c0:16:6f:48:9a:73:f4:40:43:b2:26:e9:
         8d:e3:bc:10:5f:31:fe:bd:28:49:65:ec:54:3c:44:84:47:02:
         ab:6f:3d:cc:a6:cb:e0:cb:17:67:19:b5:d0:f3:53:f0:00:da:
         74:b7:19:3d:7c:3d:15:56:4f:d6:01:bf:27:e8:be:5d:b2:46:
         a3:62:4e:ce:76:33:ad:1f:55:e3:09:93:6c:90:71:de:4d:fd:
         8a:28:1c:29:dd:de:4e:e4:1d:31:17:2e:5e:fb:a4:da:66:13:
         11:83:da:d7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAJIO/DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZTA1YWIyODNkMmI1NDQ2NzNiN2Q3MjI5ZjMyYjk2MmNmYzY4YTFlMB4XDTIyMDEw
MTAxNTAyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODZjMzg3NjVhMDU1
MzRmM2IwMTkxZmM2ZTRjNTA4YWJmMjk0MDc0OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK0vc2WZSgOXDpmX+xEbm6NW2uZr6qSIlX8Hh5Vk02MY0l9R
cRm2xi5F4oFj9Bv35MIo7bD8KlzFuJppvXulzPPn2dD+Q6nW27D8N97oDtW2zmgi
iIAkfUoDYsMjwBhX0FpLkuAgD3Y75Vx5JED4kNt2fWSheGChlHh9kUwi8p3Aef1m
EhOvj/xujFsbeb2NVIiW05iGGNsCtGwqqnWbsT7pKvLutT6qTE8uuzIPxKV3QAyI
MjHELpuZbeuRF34ZPFjfnJiPx1t6bpv7AwMXaDK5gaF26cGCUmUbfQWs8DvrEmed
h9DVV5PrBl1A/8IlrdJJxu4rLFBxBW6cD6FF47UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSGw4dloFU087AZH8bkxQir8pQHSTAfBgNVHSMEGDAWgBTeBasoPStURnO3
1yKfMrliz8aKHjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNnV3JLRDByVkVaenQ5Y2lueks1WXNfR2loNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODkvZDk1NDBkLTJlY2YtNGUwZC1hYjI0LTZhNzM3ZGVhYmIwZi8x
L2hzT0haYUJWTlBPd0dSX0c1TVVJcV9LVUIway5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODkv
ZDk1NDBkLTJlY2YtNGUwZC1hYjI0LTZhNzM3ZGVhYmIwZi8xLzNnV3JLRDByVkVa
enQ5Y2lueks1WXNfR2loNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEDuzANBgkqhkiG9w0BAQsFAAOC
AQEATlh1Ry7CIOeU9exxYBoYbnlYlSEIAiVGsb5TOEp8fytEt7y/oESM7IG776Zz
W3q6Fl3zBLSkUBYHwhKR5qjV41YwAtc7KX12WAIv80Wb9gVZIWTIi9ggPxG60HXA
So53PASIjg0W3t/NZzEGVSNjOskX7em4SKP1/ApasRhmweCs8BwwPGu5OUthg9E8
4cTON8VdqOhmwBZvSJpz9EBDsibpjeO8EF8x/r0oSWXsVDxEhEcCq289zKbL4MsX
Zxm10PNT8ADadLcZPXw9FVZP1gG/J+i+XbJGo2JOznYzrR9V4wmTbJBx3k39iigc
Kd3eTuQdMRcuXvuk2mYTEYPa1w==
-----END CERTIFICATE-----

Generated at Sun Jan 30 13:02:52 2022 by LibreSSL & rpki-client.