Route Origin Authorization
Location:                 rpki.ripe.net/repository/DEFAULT/b3/2ac8a2-f1cc-4f85-90c9-4ebec011a288/1/HLf_sEpGVGxh-e6c2Ol-5jo5fLs.roa (download)

Subject key identifier:   1C:B7:FF:B0:4A:46:54:6C:61:F9:EE:9C:D8:E9:7E:E6:3A:39:7C:BB 
Authority key identifier: FB:11:BD:5C:44:4C:23:9C:19:87:76:F3:60:E0:F1:00:C9:B5:D8:02
asID:                     AS1239
Prefixes:
    1: 176.97.211.0/24 maxlen: 24

--
$ test-roa -p rpki.ripe.net/repository/DEFAULT/b3/2ac8a2-f1cc-4f85-90c9-4ebec011a288/1/HLf_sEpGVGxh-e6c2Ol-5jo5fLs.roa | openssl x509 -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10406329 (0x9ec9b9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fb11bd5c444c239c198776f360e0f100c9b5d802
        Validity
            Not Before: Jan  1 01:53:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1cb7ffb04a46546c61f9ee9cd8e97ee63a397cbb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:26:78:89:e6:c0:9b:97:a9:18:ef:f1:ce:59:
                    da:f6:d5:4a:ff:aa:8f:e2:f7:b3:8d:5f:53:f6:0d:
                    7b:e4:cd:f5:d3:69:32:5a:1c:75:a2:eb:cd:43:95:
                    42:ac:68:e3:e4:ec:76:74:fe:88:c3:0d:bd:a3:58:
                    d6:eb:48:99:4a:f8:82:0c:51:7d:34:c0:6e:c0:63:
                    49:ac:60:e3:6d:2a:02:d7:07:ab:4b:e4:6a:5d:64:
                    9e:62:a9:7d:74:9e:79:41:57:92:6b:14:78:8d:02:
                    b2:4a:4a:8f:55:97:a8:31:bd:26:6c:73:00:14:d8:
                    8c:31:24:c0:62:d9:ed:ac:2a:80:df:83:96:01:93:
                    91:be:87:81:4c:3e:47:08:7f:a5:46:8b:e2:3b:94:
                    82:23:76:1c:be:86:15:54:60:1a:5e:f5:59:ef:64:
                    8f:cc:ef:71:1f:fb:96:04:44:99:df:80:a2:cd:54:
                    3a:bd:d9:7c:25:2c:bd:30:28:0a:c6:05:68:c5:b1:
                    b8:80:fc:0f:af:a8:74:fb:f8:f5:f4:34:e9:b6:85:
                    4c:13:7a:8f:d9:2d:ee:fe:eb:6e:19:8a:6d:9e:25:
                    44:a8:d3:61:df:2c:7f:e3:e7:06:c0:8d:d7:66:b3:
                    a8:2a:17:a7:47:70:4b:f4:96:27:2c:5d:50:1e:98:
                    19:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                1C:B7:FF:B0:4A:46:54:6C:61:F9:EE:9C:D8:E9:7E:E6:3A:39:7C:BB
            X509v3 Authority Key Identifier: 
                keyid:FB:11:BD:5C:44:4C:23:9C:19:87:76:F3:60:E0:F1:00:C9:B5:D8:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-xG9XERMI5wZh3bzYODxAMm12AI.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/2ac8a2-f1cc-4f85-90c9-4ebec011a288/1/HLf_sEpGVGxh-e6c2Ol-5jo5fLs.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/2ac8a2-f1cc-4f85-90c9-4ebec011a288/1/1-xG9XERMI5wZh3bzYODxAMm12AI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.97.211.0/24

    Signature Algorithm: sha256WithRSAEncryption
         87:f7:f9:33:b9:09:df:2c:8a:7a:c3:50:43:f2:6a:e8:5d:91:
         44:46:b0:a9:f0:6e:4d:46:d0:5b:9b:af:11:f6:fb:db:c4:11:
         0d:20:bb:f4:f2:4d:37:f6:f6:1f:22:ea:26:59:fb:eb:e8:91:
         ec:08:7d:6b:ec:c0:96:4e:24:42:cc:0e:01:63:3f:d0:c7:3d:
         f4:9f:63:69:a5:91:f5:01:0f:ef:43:6e:87:b5:d1:76:3d:94:
         11:0a:20:1b:c0:44:ef:c4:0d:db:90:d8:87:df:70:cc:43:13:
         4c:c5:d1:1c:60:b7:b1:27:29:08:38:40:b6:65:73:46:d0:99:
         8e:ab:f6:05:53:05:3c:a4:07:b9:63:e3:bd:c7:a9:4b:fc:ad:
         c4:c7:3d:15:a0:73:71:0d:42:86:a0:b0:88:90:e5:88:9a:4d:
         31:3d:af:a2:ca:7b:93:7c:08:6f:27:91:a8:fd:51:85:4b:4c:
         6e:fa:ad:19:90:32:52:10:89:8c:28:32:71:6b:e7:91:d3:c3:
         ca:a8:41:7b:bc:d0:7c:59:82:2e:77:1f:68:6a:6c:f9:86:79:
         fd:4a:99:22:a5:53:fb:da:4b:66:ad:a2:40:01:66:09:c2:f5:
         76:31:c2:f4:d1:6f:98:07:4f:71:82:ee:24:98:96:0d:ed:e3:
         70:c1:72:68
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEAJ7JuTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YjExYmQ1YzQ0NGMyMzljMTk4Nzc2ZjM2MGUwZjEwMGM5YjVkODAyMB4XDTIyMDEw
MTAxNTM0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWNiN2ZmYjA0YTQ2
NTQ2YzYxZjllZTljZDhlOTdlZTYzYTM5N2NiYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL0meInmwJuXqRjv8c5Z2vbVSv+qj+L3s41fU/YNe+TN9dNp
MlocdaLrzUOVQqxo4+TsdnT+iMMNvaNY1utImUr4ggxRfTTAbsBjSaxg420qAtcH
q0vkal1knmKpfXSeeUFXkmsUeI0CskpKj1WXqDG9JmxzABTYjDEkwGLZ7awqgN+D
lgGTkb6HgUw+Rwh/pUaL4juUgiN2HL6GFVRgGl71We9kj8zvcR/7lgREmd+Aos1U
Or3ZfCUsvTAoCsYFaMWxuID8D6+odPv49fQ06baFTBN6j9kt7v7rbhmKbZ4lRKjT
Yd8sf+PnBsCN12azqCoXp0dwS/SWJyxdUB6YGVECAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBQct/+wSkZUbGH57pzY6X7mOjl8uzAfBgNVHSMEGDAWgBT7Eb1cREwjnBmH
dvNg4PEAybXYAjAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEteEc5WEVSTUk1d1poM2J6WU9EeEFNbTEyQUkuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2IzLzJhYzhhMi1mMWNjLTRmODUtOTBjOS00ZWJlYzAxMWEyODgv
MS9ITGZfc0VwR1ZHeGgtZTZjMk9sLTVqbzVmTHMucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Iz
LzJhYzhhMi1mMWNjLTRmODUtOTBjOS00ZWJlYzAxMWEyODgvMS8xLXhHOVhFUk1J
NXdaaDNiellPRHhBTW0xMkFJLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsGHTMA0GCSqGSIb3DQEBCwUA
A4IBAQCH9/kzuQnfLIp6w1BD8mroXZFERrCp8G5NRtBbm68R9vvbxBENILv08k03
9vYfIuomWfvr6JHsCH1r7MCWTiRCzA4BYz/Qxz30n2NppZH1AQ/vQ26HtdF2PZQR
CiAbwETvxA3bkNiH33DMQxNMxdEcYLexJykIOEC2ZXNG0JmOq/YFUwU8pAe5Y+O9
x6lL/K3Exz0VoHNxDUKGoLCIkOWImk0xPa+iynuTfAhvJ5Go/VGFS0xu+q0ZkDJS
EImMKDJxa+eR08PKqEF7vNB8WYIudx9oamz5hnn9SpkipVP72ktmraJAAWYJwvV2
McL00W+YB09xgu4kmJYN7eNwwXJo
-----END CERTIFICATE-----

Generated at Sun Jan 30 13:13:10 2022 by LibreSSL & rpki-client.