Route Origin Authorization
Location:                 rpki.ripe.net/repository/DEFAULT/a0/5176f6-bbd4-46e6-9c74-1543943aab73/1/u8jru14uQEMvzS0XS6RJ3nNGDBs.roa (download)

Subject key identifier:   BB:C8:EB:BB:5E:2E:40:43:2F:CD:2D:17:4B:A4:49:DE:73:46:0C:1B 
Authority key identifier: 1D:8B:CA:2A:BC:E4:BE:AE:AB:A9:86:56:16:88:46:DF:0C:46:A3:F3
asID:                     AS1239
Prefixes:
    1: 89.248.64.0/24 maxlen: 24

--
$ test-roa -p rpki.ripe.net/repository/DEFAULT/a0/5176f6-bbd4-46e6-9c74-1543943aab73/1/u8jru14uQEMvzS0XS6RJ3nNGDBs.roa | openssl x509 -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 16998317 (0x1035fad)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d8bca2abce4beaeaba98656168846df0c46a3f3
        Validity
            Not Before: Jan  1 03:59:34 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bbc8ebbb5e2e40432fcd2d174ba449de73460c1b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:74:57:9a:71:35:e4:4b:90:1c:9e:97:4c:67:
                    99:2c:2d:30:8b:20:48:c6:23:a2:bc:b4:4d:07:45:
                    e2:b1:e4:92:86:17:0e:7d:f0:3c:3a:d5:ac:4d:1c:
                    f0:89:b0:e4:bf:45:79:1f:44:c3:02:af:28:88:d7:
                    bb:55:26:b1:93:8d:15:48:f1:13:67:6b:26:f6:e9:
                    48:56:31:b3:34:4d:be:ce:64:94:a3:c2:38:6c:a8:
                    a4:16:f0:95:c3:4e:3b:66:ac:59:64:ec:5e:8c:9b:
                    cc:65:c9:20:0b:86:d1:02:61:1e:18:81:ec:46:33:
                    69:8e:c0:f2:84:bf:ce:99:06:00:ea:d5:5c:dd:28:
                    e8:82:40:43:c5:d6:fd:99:34:a6:1c:86:1a:df:93:
                    19:66:8a:1d:5a:76:c8:99:67:38:d2:b4:fb:4f:68:
                    b0:4b:e7:89:4a:5f:fb:0d:13:6f:78:97:3f:5b:33:
                    85:fa:c4:d2:ff:e4:4e:de:f8:8d:29:f5:5c:8e:df:
                    e8:71:94:5d:da:8b:d6:27:62:83:c2:cf:91:ee:bc:
                    6b:f8:1a:85:73:7f:2a:1d:f1:43:5f:71:fa:b4:e9:
                    3f:8a:22:0d:5f:2d:cc:c2:da:55:56:a6:1b:60:1e:
                    b3:e7:1c:63:dc:a5:d0:9a:1f:31:6c:f8:8c:6b:d0:
                    d7:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                BB:C8:EB:BB:5E:2E:40:43:2F:CD:2D:17:4B:A4:49:DE:73:46:0C:1B
            X509v3 Authority Key Identifier: 
                keyid:1D:8B:CA:2A:BC:E4:BE:AE:AB:A9:86:56:16:88:46:DF:0C:46:A3:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HYvKKrzkvq6rqYZWFohG3wxGo_M.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/5176f6-bbd4-46e6-9c74-1543943aab73/1/u8jru14uQEMvzS0XS6RJ3nNGDBs.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/5176f6-bbd4-46e6-9c74-1543943aab73/1/HYvKKrzkvq6rqYZWFohG3wxGo_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.248.64.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4e:b4:ed:cd:0c:b3:94:33:65:f0:42:ba:60:32:52:b5:bf:a8:
         26:64:30:49:bc:f7:4e:45:35:8f:f5:58:38:c7:c0:44:e8:13:
         16:13:2d:74:67:fd:62:d7:6b:b7:49:71:1b:d6:56:31:29:71:
         e1:6c:68:7a:ab:17:a3:f5:94:72:48:bc:36:99:be:bf:e8:89:
         b6:f8:d5:44:c9:9f:66:84:1a:3b:96:19:4f:89:2d:40:fa:34:
         fd:0d:98:8d:fa:14:bd:d9:57:77:05:72:f3:c1:cf:5e:d2:2c:
         1f:4e:b6:0e:7d:75:69:c6:89:53:9d:96:0f:e6:8c:21:1c:37:
         33:36:14:36:e4:d8:a7:6d:fe:d1:28:be:b1:8a:73:f6:5c:0a:
         59:7f:a0:8a:f9:c1:6e:02:ea:ff:a8:b5:06:d4:ca:47:93:50:
         05:55:d0:0b:a9:e2:8d:62:db:1c:fd:da:98:ea:e7:e3:87:24:
         5e:f8:ea:11:a5:37:23:40:67:b5:c5:3d:d1:c3:54:bc:38:7f:
         ea:9f:6a:1c:b1:89:90:f2:50:f4:b2:61:9f:62:b4:b6:39:89:
         fc:6a:4e:30:ae:7f:e2:ac:2d:66:b9:69:01:0f:85:a5:81:82:
         7d:c2:06:99:08:d0:d0:96:eb:9a:97:ee:fe:2d:15:15:b4:fb:
         59:18:e4:86
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAQNfrTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZDhiY2EyYWJjZTRiZWFlYWJhOTg2NTYxNjg4NDZkZjBjNDZhM2YzMB4XDTIyMDEw
MTAzNTkzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmJjOGViYmI1ZTJl
NDA0MzJmY2QyZDE3NGJhNDQ5ZGU3MzQ2MGMxYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALV0V5pxNeRLkByel0xnmSwtMIsgSMYjory0TQdF4rHkkoYX
Dn3wPDrVrE0c8Imw5L9FeR9EwwKvKIjXu1UmsZONFUjxE2drJvbpSFYxszRNvs5k
lKPCOGyopBbwlcNOO2asWWTsXoybzGXJIAuG0QJhHhiB7EYzaY7A8oS/zpkGAOrV
XN0o6IJAQ8XW/Zk0phyGGt+TGWaKHVp2yJlnONK0+09osEvniUpf+w0Tb3iXP1sz
hfrE0v/kTt74jSn1XI7f6HGUXdqL1idig8LPke68a/gahXN/Kh3xQ19x+rTpP4oi
DV8tzMLaVVamG2Aes+ccY9yl0JofMWz4jGvQ10sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS7yOu7Xi5AQy/NLRdLpEnec0YMGzAfBgNVHSMEGDAWgBQdi8oqvOS+rqup
hlYWiEbfDEaj8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hZdktLcnprdnE2cnFZWldGb2hHM3d4R29fTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvNTE3NmY2LWJiZDQtNDZlNi05Yzc0LTE1NDM5NDNhYWI3My8x
L3U4anJ1MTR1UUVNdnpTMFhTNlJKM25OR0RCcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
NTE3NmY2LWJiZDQtNDZlNi05Yzc0LTE1NDM5NDNhYWI3My8xL0hZdktLcnprdnE2
cnFZWldGb2hHM3d4R29fTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFn4QDANBgkqhkiG9w0BAQsFAAOC
AQEATrTtzQyzlDNl8EK6YDJStb+oJmQwSbz3TkU1j/VYOMfAROgTFhMtdGf9Ytdr
t0lxG9ZWMSlx4WxoeqsXo/WUcki8Npm+v+iJtvjVRMmfZoQaO5YZT4ktQPo0/Q2Y
jfoUvdlXdwVy88HPXtIsH062Dn11acaJU52WD+aMIRw3MzYUNuTYp23+0Si+sYpz
9lwKWX+givnBbgLq/6i1BtTKR5NQBVXQC6nijWLbHP3amOrn44ckXvjqEaU3I0Bn
tcU90cNUvDh/6p9qHLGJkPJQ9LJhn2K0tjmJ/GpOMK5/4qwtZrlpAQ+FpYGCfcIG
mQjQ0Jbrmpfu/i0VFbT7WRjkhg==
-----END CERTIFICATE-----

Generated at Sun Jan 30 13:08:19 2022 by LibreSSL & rpki-client.