Route Origin Authorization
Location:                 rpki.ripe.net/repository/DEFAULT/a8/c65eae-e4ee-462a-aa56-0ce30699ad78/1/h2OPzE-FnARnJJsuUxsFCchMfck.roa (download)

Subject key identifier:   87:63:8F:CC:4F:85:9C:04:67:24:9B:2E:53:1B:05:09:C8:4C:7D:C9 
Authority key identifier: D3:AC:8E:30:A1:83:15:5F:85:98:9E:24:9B:5E:EE:06:91:87:FD:3F
asID:                     AS1239
Prefixes:
    1: 2a11:d140::/29 maxlen: 29

--
$ test-roa -p rpki.ripe.net/repository/DEFAULT/a8/c65eae-e4ee-462a-aa56-0ce30699ad78/1/h2OPzE-FnARnJJsuUxsFCchMfck.roa | openssl x509 -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11290878 (0xac48fe)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3ac8e30a183155f85989e249b5eee069187fd3f
        Validity
            Not Before: Jan  1 00:50:27 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=87638fcc4f859c0467249b2e531b0509c84c7dc9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:c1:d6:ec:f2:18:0e:77:36:5d:67:fd:f7:28:
                    5f:4b:cd:15:cc:62:07:ce:a7:17:43:f4:1d:ca:98:
                    28:f3:8e:ed:11:32:90:62:95:38:66:0f:ce:bf:3e:
                    27:9b:ac:aa:38:2c:39:ea:70:1b:e9:d7:d4:62:06:
                    22:32:44:2c:b2:29:f0:7d:20:38:31:a4:bf:c6:44:
                    77:3a:f6:8c:11:30:a7:32:e9:a2:0f:50:d5:e4:ca:
                    8e:5f:28:c2:f3:20:d8:d2:ef:b0:ff:9d:95:ef:73:
                    e3:28:25:ae:7c:f9:ff:9f:30:6b:06:a8:f9:fd:27:
                    1f:83:9c:b6:40:d7:2e:bc:2f:65:61:eb:79:1b:87:
                    bd:b0:1a:09:2a:c0:86:a9:ab:f6:67:8c:ed:b4:6a:
                    28:8b:b6:83:f6:18:c7:79:36:19:00:c4:6e:79:c8:
                    6f:b6:30:fd:70:05:f3:53:c4:43:13:73:97:d0:3f:
                    11:0b:b7:73:5b:6c:99:74:3f:ec:0e:d0:db:ca:de:
                    13:a8:5f:60:3e:8c:15:f3:db:e0:40:3d:12:d1:99:
                    c1:f7:51:61:87:1c:6e:9a:1c:db:56:1b:0a:a0:ba:
                    a6:6b:e9:09:ed:b6:ac:18:75:06:f9:0c:8b:8f:9f:
                    8b:2a:8f:05:1c:9c:d9:55:3f:f4:4f:0e:08:17:34:
                    0c:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                87:63:8F:CC:4F:85:9C:04:67:24:9B:2E:53:1B:05:09:C8:4C:7D:C9
            X509v3 Authority Key Identifier: 
                keyid:D3:AC:8E:30:A1:83:15:5F:85:98:9E:24:9B:5E:EE:06:91:87:FD:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/06yOMKGDFV-FmJ4km17uBpGH_T8.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c65eae-e4ee-462a-aa56-0ce30699ad78/1/h2OPzE-FnARnJJsuUxsFCchMfck.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c65eae-e4ee-462a-aa56-0ce30699ad78/1/06yOMKGDFV-FmJ4km17uBpGH_T8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:d140::/29

    Signature Algorithm: sha256WithRSAEncryption
         76:99:26:5d:a0:85:01:35:1f:86:8d:58:c1:95:be:a1:7f:95:
         3f:84:fc:f5:fb:42:77:78:65:50:74:4a:48:ec:82:ed:93:85:
         64:06:4c:f5:ea:d2:7d:00:de:75:fa:5c:c6:df:d0:ab:db:aa:
         34:6c:94:2e:66:67:2d:29:d6:9d:22:b2:cb:d4:3a:ea:e8:ef:
         04:0c:36:f1:7e:97:4b:9b:ed:17:5a:a6:c3:36:56:fc:76:47:
         10:77:53:26:e4:32:76:7f:d1:4f:7f:cf:ab:b7:7d:ef:d8:41:
         fe:ed:71:0a:cd:6b:d4:0b:5f:77:6a:02:09:dc:bc:54:65:81:
         01:14:68:13:22:f0:00:33:1e:6e:98:a4:d2:04:c1:a7:39:64:
         8c:57:bb:7c:13:af:9f:13:01:6d:0d:eb:21:cf:92:cc:5a:23:
         49:5b:66:c6:28:33:d9:8a:a6:60:25:4f:19:bc:d3:eb:a2:cd:
         de:f0:3e:a3:23:4a:40:86:bb:05:dc:b0:63:ef:50:31:4f:b6:
         b3:ee:a5:88:f3:d8:ed:4c:24:b7:be:bc:68:b0:08:ba:56:e6:
         bf:25:0a:74:5e:c2:3e:38:8a:4a:e6:d4:3f:2c:ba:60:65:99:
         5f:db:a6:6b:8e:ed:45:7e:b0:95:71:cb:e5:ff:64:c4:d7:59:
         ac:dd:8b:19
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEAKxI/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
M2FjOGUzMGExODMxNTVmODU5ODllMjQ5YjVlZWUwNjkxODdmZDNmMB4XDTIyMDEw
MTAwNTAyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODc2MzhmY2M0Zjg1
OWMwNDY3MjQ5YjJlNTMxYjA1MDljODRjN2RjOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMrB1uzyGA53Nl1n/fcoX0vNFcxiB86nF0P0HcqYKPOO7REy
kGKVOGYPzr8+J5usqjgsOepwG+nX1GIGIjJELLIp8H0gODGkv8ZEdzr2jBEwpzLp
og9Q1eTKjl8owvMg2NLvsP+dle9z4yglrnz5/58wawao+f0nH4OctkDXLrwvZWHr
eRuHvbAaCSrAhqmr9meM7bRqKIu2g/YYx3k2GQDEbnnIb7Yw/XAF81PEQxNzl9A/
EQu3c1tsmXQ/7A7Q28reE6hfYD6MFfPb4EA9EtGZwfdRYYccbpoc21YbCqC6pmvp
Ce22rBh1BvkMi4+fiyqPBRyc2VU/9E8OCBc0DMsCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBSHY4/MT4WcBGckmy5TGwUJyEx9yTAfBgNVHSMEGDAWgBTTrI4woYMVX4WY
niSbXu4GkYf9PzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzA2eU9NS0dERlYtRm1KNGttMTd1QnBHSF9UOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTgvYzY1ZWFlLWU0ZWUtNDYyYS1hYTU2LTBjZTMwNjk5YWQ3OC8x
L2gyT1B6RS1GbkFSbkpKc3VVeHNGQ2NoTWZjay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTgv
YzY1ZWFlLWU0ZWUtNDYyYS1hYTU2LTBjZTMwNjk5YWQ3OC8xLzA2eU9NS0dERlYt
Rm1KNGttMTd1QnBHSF9UOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoR0UAwDQYJKoZIhvcNAQELBQAD
ggEBAHaZJl2ghQE1H4aNWMGVvqF/lT+E/PX7Qnd4ZVB0Skjsgu2ThWQGTPXq0n0A
3nX6XMbf0KvbqjRslC5mZy0p1p0issvUOuro7wQMNvF+l0ub7RdapsM2Vvx2RxB3
UybkMnZ/0U9/z6u3fe/YQf7tcQrNa9QLX3dqAgncvFRlgQEUaBMi8AAzHm6YpNIE
wac5ZIxXu3wTr58TAW0N6yHPksxaI0lbZsYoM9mKpmAlTxm80+uizd7wPqMjSkCG
uwXcsGPvUDFPtrPupYjz2O1MJLe+vGiwCLpW5r8lCnRewj44ikrm1D8sumBlmV/b
pmuO7UV+sJVxy+X/ZMTXWazdixk=
-----END CERTIFICATE-----

Generated at Sun Jan 30 13:10:32 2022 by LibreSSL & rpki-client.