Route Origin Authorization
Location:                 rpki.ripe.net/repository/DEFAULT/b6/a7830b-a569-40c9-8df9-71cffb13c4fd/1/QHz4ZweJ71WppN-ZEBJ4elhX95I.roa (download)

Subject key identifier:   40:7C:F8:67:07:89:EF:55:A9:A4:DF:99:10:12:78:7A:58:57:F7:92 
Authority key identifier: 49:15:88:78:DF:2B:B4:B0:89:12:BE:86:04:72:1E:2D:25:67:C9:BF
asID:                     AS1239
Prefixes:
    1: 91.246.35.0/24 maxlen: 24

--
$ test-roa -p rpki.ripe.net/repository/DEFAULT/b6/a7830b-a569-40c9-8df9-71cffb13c4fd/1/QHz4ZweJ71WppN-ZEBJ4elhX95I.roa | openssl x509 -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11599315 (0xb0fdd3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49158878df2bb4b08912be8604721e2d2567c9bf
        Validity
            Not Before: Jan  1 07:57:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=407cf8670789ef55a9a4df991012787a5857f792
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:c0:6a:fd:0a:64:e1:21:a2:c8:24:d6:69:e9:
                    1c:31:93:48:10:ea:14:c8:bf:80:93:9c:70:80:6d:
                    5c:a0:4d:e7:c2:d7:0a:76:1b:0f:7b:e7:6b:39:bb:
                    ca:1a:84:04:d0:eb:17:0d:43:ac:a0:c4:81:3e:6c:
                    22:06:53:dc:27:16:c7:f7:86:a3:b3:c4:a6:65:67:
                    49:74:b8:c2:28:21:57:be:6c:db:15:51:48:c6:46:
                    80:1d:6f:4a:ee:d7:c5:50:cb:31:ca:71:86:e7:7f:
                    00:2d:0b:18:62:a1:84:0f:ea:f0:23:d6:45:2b:ed:
                    00:83:bc:bb:a3:7a:ae:62:e1:bf:2e:08:b6:f7:29:
                    77:d6:0f:02:10:46:98:b6:67:e3:5d:a1:f9:b8:10:
                    56:2b:1c:60:23:eb:51:2d:98:ad:32:e7:9c:f5:0d:
                    0a:4e:26:f8:be:b9:de:84:3c:50:c1:b4:36:c4:cd:
                    08:4d:0d:cd:59:a5:79:e7:ca:87:bf:1d:6c:02:73:
                    24:05:fd:74:1d:d8:cd:50:95:fc:6d:bb:13:55:89:
                    be:d1:c0:b6:2e:77:43:2e:66:f1:2e:cb:7d:85:d3:
                    68:35:50:d0:e7:de:af:43:84:13:12:10:b7:23:23:
                    00:0e:01:6d:ce:33:00:4f:ac:96:e4:6d:0c:00:10:
                    33:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                40:7C:F8:67:07:89:EF:55:A9:A4:DF:99:10:12:78:7A:58:57:F7:92
            X509v3 Authority Key Identifier: 
                keyid:49:15:88:78:DF:2B:B4:B0:89:12:BE:86:04:72:1E:2D:25:67:C9:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SRWIeN8rtLCJEr6GBHIeLSVnyb8.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a7830b-a569-40c9-8df9-71cffb13c4fd/1/QHz4ZweJ71WppN-ZEBJ4elhX95I.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a7830b-a569-40c9-8df9-71cffb13c4fd/1/SRWIeN8rtLCJEr6GBHIeLSVnyb8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.246.35.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:b1:22:7d:de:0e:f0:e0:9b:f8:96:2d:72:43:2d:ab:ca:8b:
         8d:4b:a0:8b:af:a7:c2:90:88:36:08:61:65:15:f3:f9:9d:1d:
         47:1c:b8:df:87:de:3b:52:e1:f7:9e:98:0f:f5:62:29:21:20:
         ca:e0:29:19:11:d7:a5:ad:3a:2e:2b:60:62:e3:0d:e6:fc:a0:
         eb:df:75:44:c9:c7:9d:f0:c7:6d:16:3f:66:f1:f8:c8:fc:d7:
         1b:3c:c5:27:e3:b2:1c:4a:52:a2:e4:6d:76:03:28:b2:4d:8d:
         c3:e7:15:36:2a:77:09:dc:da:5d:03:78:7e:e7:20:c3:6f:bd:
         1c:c2:9d:80:81:94:3c:af:cd:d8:bc:3f:5c:3d:e2:5d:ce:1b:
         a2:ec:c9:46:52:5f:90:6b:19:3e:d8:84:8e:b1:9c:c7:ee:ed:
         37:c0:da:d7:f1:ea:27:22:c6:b4:4d:1d:20:f9:64:78:8a:d9:
         bc:ac:ad:43:68:ed:34:af:43:3c:81:23:2f:88:e4:7b:bb:40:
         0a:db:30:a1:54:3d:6c:32:a6:a5:f6:6d:1f:fb:e8:fe:93:30:
         45:de:af:d8:c0:bf:64:96:cc:7f:53:3a:39:2f:28:e3:ca:54:
         69:21:7f:5d:72:97:00:a0:2f:45:f9:11:13:33:49:7a:45:b6:
         99:87:6a:6f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEALD90zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
OTE1ODg3OGRmMmJiNGIwODkxMmJlODYwNDcyMWUyZDI1NjdjOWJmMB4XDTIyMDEw
MTA3NTc1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDA3Y2Y4NjcwNzg5
ZWY1NWE5YTRkZjk5MTAxMjc4N2E1ODU3Zjc5MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALfAav0KZOEhosgk1mnpHDGTSBDqFMi/gJOccIBtXKBN58LX
CnYbD3vnazm7yhqEBNDrFw1DrKDEgT5sIgZT3CcWx/eGo7PEpmVnSXS4wighV75s
2xVRSMZGgB1vSu7XxVDLMcpxhud/AC0LGGKhhA/q8CPWRSvtAIO8u6N6rmLhvy4I
tvcpd9YPAhBGmLZn412h+bgQViscYCPrUS2YrTLnnPUNCk4m+L653oQ8UMG0NsTN
CE0NzVmleefKh78dbAJzJAX9dB3YzVCV/G27E1WJvtHAti53Qy5m8S7LfYXTaDVQ
0Ofer0OEExIQtyMjAA4Bbc4zAE+sluRtDAAQM0MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRAfPhnB4nvVamk35kQEnh6WFf3kjAfBgNVHSMEGDAWgBRJFYh43yu0sIkS
voYEch4tJWfJvzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NSV0llTjhydExDSkVyNkdCSEllTFNWbnliOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjYvYTc4MzBiLWE1NjktNDBjOS04ZGY5LTcxY2ZmYjEzYzRmZC8x
L1FIejRad2VKNzFXcHBOLVpFQko0ZWxoWDk1SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYv
YTc4MzBiLWE1NjktNDBjOS04ZGY5LTcxY2ZmYjEzYzRmZC8xL1NSV0llTjhydExD
SkVyNkdCSEllTFNWbnliOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFv2IzANBgkqhkiG9w0BAQsFAAOC
AQEACLEifd4O8OCb+JYtckMtq8qLjUugi6+nwpCINghhZRXz+Z0dRxy434feO1Lh
956YD/ViKSEgyuApGRHXpa06LitgYuMN5vyg6991RMnHnfDHbRY/ZvH4yPzXGzzF
J+OyHEpSouRtdgMosk2Nw+cVNip3CdzaXQN4fucgw2+9HMKdgIGUPK/N2Lw/XD3i
Xc4bouzJRlJfkGsZPtiEjrGcx+7tN8Da1/HqJyLGtE0dIPlkeIrZvKytQ2jtNK9D
PIEjL4jke7tACtswoVQ9bDKmpfZtH/vo/pMwRd6v2MC/ZJbMf1M6OS8o48pUaSF/
XXKXAKAvRfkREzNJekW2mYdqbw==
-----END CERTIFICATE-----

Generated at Sun Jan 30 13:14:04 2022 by LibreSSL & rpki-client.