Route Origin Authorization
Location:                 rpki.ripe.net/repository/DEFAULT/a8/dbdaca-1e15-47c9-8c80-ddaac7f9a72f/1/u8CFsWNTVLQ_eyh7FwlPZucRgE4.roa (download)

Subject key identifier:   BB:C0:85:B1:63:53:54:B4:3F:7B:28:7B:17:09:4F:66:E7:11:80:4E 
Authority key identifier: 7F:CF:7C:64:8B:4A:65:72:0A:DF:00:66:64:1A:C3:0F:5F:07:A5:12
asID:                     AS1239
Prefixes:
    1: 2a11:7480::/29 maxlen: 29

--
$ test-roa -p rpki.ripe.net/repository/DEFAULT/a8/dbdaca-1e15-47c9-8c80-ddaac7f9a72f/1/u8CFsWNTVLQ_eyh7FwlPZucRgE4.roa | openssl x509 -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5297810 (0x50d692)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7fcf7c648b4a65720adf0066641ac30f5f07a512
        Validity
            Not Before: Jan  1 03:00:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bbc085b1635354b43f7b287b17094f66e711804e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:ac:19:fe:6f:bd:e0:bb:24:3d:6e:ba:0f:20:
                    67:d2:a2:76:98:f7:06:37:67:e2:80:54:57:d4:09:
                    df:1a:d7:07:7c:b4:9c:b3:de:7d:3e:73:5e:93:8b:
                    e1:76:34:7c:18:c2:aa:8b:e9:76:7d:c5:b0:af:83:
                    ec:e5:a9:1f:fb:10:e9:c6:f1:be:32:a4:0b:d4:d1:
                    bf:c6:15:05:0e:1a:91:9b:86:78:81:58:74:bf:bd:
                    ff:2a:be:3c:0a:1e:b7:0e:75:8e:23:a9:7e:dd:c0:
                    9a:97:ca:ff:9a:2c:fa:ef:b0:10:9f:7e:c0:3f:d2:
                    d3:da:b4:b1:87:98:7a:de:29:94:ca:d3:3b:8e:19:
                    b1:52:7c:b8:ce:cc:bf:3a:3b:cb:bf:02:f8:63:e7:
                    94:e3:0a:85:a7:26:67:65:b0:27:fa:26:9d:6a:d3:
                    de:27:82:44:b3:5c:8a:ac:0a:ec:c4:21:2d:c4:58:
                    f7:5f:7e:ac:ae:1b:08:38:f3:50:93:2b:a6:0a:83:
                    f8:b3:32:3e:c4:3e:e8:66:82:6f:90:ae:14:64:18:
                    b2:a4:fc:b6:e6:ec:9d:36:87:10:18:d0:11:6d:38:
                    78:10:c4:21:ed:fc:4b:9b:da:52:4a:39:27:9a:a5:
                    0c:67:4b:a3:da:80:6a:29:b3:96:55:b0:59:96:0e:
                    6f:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                BB:C0:85:B1:63:53:54:B4:3F:7B:28:7B:17:09:4F:66:E7:11:80:4E
            X509v3 Authority Key Identifier: 
                keyid:7F:CF:7C:64:8B:4A:65:72:0A:DF:00:66:64:1A:C3:0F:5F:07:A5:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f898ZItKZXIK3wBmZBrDD18HpRI.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/dbdaca-1e15-47c9-8c80-ddaac7f9a72f/1/u8CFsWNTVLQ_eyh7FwlPZucRgE4.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/dbdaca-1e15-47c9-8c80-ddaac7f9a72f/1/f898ZItKZXIK3wBmZBrDD18HpRI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:7480::/29

    Signature Algorithm: sha256WithRSAEncryption
         90:6d:91:08:66:63:dc:5c:6a:7e:0d:ec:02:3b:3f:4f:1c:8f:
         2c:96:af:86:bc:22:38:71:e0:5a:35:3e:de:d4:ed:64:8b:87:
         bd:01:d7:54:16:0e:f1:fa:50:d0:84:80:11:a5:55:c4:19:b3:
         25:e1:61:ab:af:7c:e6:90:e2:f9:3e:60:84:7a:cc:52:db:ea:
         a2:de:1d:b1:46:f7:cd:94:db:3d:fb:c0:83:97:f4:8e:8d:6a:
         a2:1d:df:59:2e:51:11:9f:f6:81:58:05:6f:56:ec:2e:53:fd:
         5b:91:f4:3d:d8:ca:49:bd:6f:80:ca:9f:48:a9:8c:69:46:26:
         c4:db:f6:78:33:53:77:8f:a7:2c:69:f4:0e:a7:bb:b8:58:76:
         d5:70:d0:f9:ce:69:9c:74:56:18:12:3e:df:e9:24:eb:71:87:
         66:34:d6:3b:19:51:c7:0b:02:bb:e5:38:56:33:8d:38:98:db:
         e9:59:e0:d9:c4:e7:e1:a3:8b:f9:4b:c1:5d:66:98:47:02:d9:
         63:84:fb:5e:02:f1:3e:4f:05:80:bf:2f:d5:d4:11:ac:f6:f1:
         0a:be:e2:c4:8b:68:a8:3a:5b:5c:d7:da:2c:b1:0a:71:96:68:
         8b:25:d3:a2:de:bf:53:84:94:ac:4b:8c:3a:ba:97:56:9e:79:
         83:84:b5:60
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDUNaSMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDdm
Y2Y3YzY0OGI0YTY1NzIwYWRmMDA2NjY0MWFjMzBmNWYwN2E1MTIwHhcNMjIwMTAx
MDMwMDEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhiYmMwODViMTYzNTM1
NGI0M2Y3YjI4N2IxNzA5NGY2NmU3MTE4MDRlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAiqwZ/m+94LskPW66DyBn0qJ2mPcGN2figFRX1AnfGtcHfLSc
s959PnNek4vhdjR8GMKqi+l2fcWwr4Ps5akf+xDpxvG+MqQL1NG/xhUFDhqRm4Z4
gVh0v73/Kr48Ch63DnWOI6l+3cCal8r/miz677AQn37AP9LT2rSxh5h63imUytM7
jhmxUny4zsy/OjvLvwL4Y+eU4wqFpyZnZbAn+iadatPeJ4JEs1yKrArsxCEtxFj3
X36srhsIOPNQkyumCoP4szI+xD7oZoJvkK4UZBiypPy25uydNocQGNARbTh4EMQh
7fxLm9pSSjknmqUMZ0uj2oBqKbOWVbBZlg5vyQIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFLvAhbFjU1S0P3soexcJT2bnEYBOMB8GA1UdIwQYMBaAFH/PfGSLSmVyCt8A
ZmQaww9fB6USMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
Zjg5OFpJdEtaWElLM3dCbVpCckREMThIcFJJLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9hOC9kYmRhY2EtMWUxNS00N2M5LThjODAtZGRhYWM3ZjlhNzJmLzEv
dThDRnNXTlRWTFFfZXloN0Z3bFBadWNSZ0U0LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9k
YmRhY2EtMWUxNS00N2M5LThjODAtZGRhYWM3ZjlhNzJmLzEvZjg5OFpJdEtaWElL
M3dCbVpCckREMThIcFJJLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhF0gDANBgkqhkiG9w0BAQsFAAOC
AQEAkG2RCGZj3Fxqfg3sAjs/TxyPLJavhrwiOHHgWjU+3tTtZIuHvQHXVBYO8fpQ
0ISAEaVVxBmzJeFhq6985pDi+T5ghHrMUtvqot4dsUb3zZTbPfvAg5f0jo1qoh3f
WS5REZ/2gVgFb1bsLlP9W5H0PdjKSb1vgMqfSKmMaUYmxNv2eDNTd4+nLGn0Dqe7
uFh21XDQ+c5pnHRWGBI+3+kk63GHZjTWOxlRxwsCu+U4VjONOJjb6Vng2cTn4aOL
+UvBXWaYRwLZY4T7XgLxPk8FgL8v1dQRrPbxCr7ixItoqDpbXNfaLLEKcZZoiyXT
ot6/U4SUrEuMOrqXVp55g4S1YA==
-----END CERTIFICATE-----

Generated at Sun Jan 30 13:10:32 2022 by LibreSSL & rpki-client.