Route Origin Authorization
Location:                 rpki.ripe.net/repository/DEFAULT/ba/4e20a3-eb59-4392-bdfb-9a5f8ec64c70/1/QGv5a5q1cLVehG77jWmuOUdAyqQ.roa (download)

Subject key identifier:   40:6B:F9:6B:9A:B5:70:B5:5E:84:6E:FB:8D:69:AE:39:47:40:CA:A4 
Authority key identifier: 52:F5:5E:7A:7E:70:B1:01:8F:03:C4:27:8D:34:8B:4B:DC:C1:42:B1
asID:                     AS1239
Prefixes:
    1: 217.119.131.0/24 maxlen: 24

--
$ test-roa -p rpki.ripe.net/repository/DEFAULT/ba/4e20a3-eb59-4392-bdfb-9a5f8ec64c70/1/QGv5a5q1cLVehG77jWmuOUdAyqQ.roa | openssl x509 -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11589472 (0xb0d760)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52f55e7a7e70b1018f03c4278d348b4bdcc142b1
        Validity
            Not Before: Jan  1 06:57:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=406bf96b9ab570b55e846efb8d69ae394740caa4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:b0:13:c1:e4:cb:b7:16:87:35:c2:50:e7:72:
                    b5:01:72:8e:2c:64:09:ff:22:27:16:5e:fd:7e:f6:
                    0f:13:c9:cc:1a:32:c0:e2:54:10:c9:da:55:a2:d3:
                    1e:79:3c:2a:62:97:cd:07:e5:32:14:a5:60:5f:db:
                    3a:e4:b3:aa:97:da:da:57:92:5c:f6:c3:11:0f:c6:
                    5f:1a:91:20:e7:95:bf:56:a4:db:70:43:e0:f2:78:
                    03:31:08:3e:41:8d:ea:1c:75:3a:08:5f:56:b0:9a:
                    74:ab:6b:aa:5a:70:ac:2c:9d:00:62:49:2d:90:ec:
                    f1:a3:f6:74:f1:53:d0:c5:65:f5:44:78:b2:c2:35:
                    cb:93:70:6d:68:b8:72:aa:8e:58:75:09:7d:d8:50:
                    0a:1b:b8:92:b7:79:20:32:23:f8:89:af:0e:7d:e7:
                    77:df:93:23:33:8b:97:e2:d1:52:6a:e6:95:df:83:
                    fa:4b:62:7a:da:4e:5b:0c:b8:4d:82:7e:36:dc:d8:
                    9e:84:0d:9b:ab:cd:44:7d:2c:26:45:98:f7:24:fe:
                    8a:67:8b:14:04:fb:ea:9b:c7:53:01:1e:68:1f:bd:
                    f2:78:29:6e:5d:10:84:56:50:95:43:d7:ad:2f:0c:
                    53:ff:1b:2a:86:9f:56:4f:6d:ba:cd:49:39:d3:aa:
                    0a:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                40:6B:F9:6B:9A:B5:70:B5:5E:84:6E:FB:8D:69:AE:39:47:40:CA:A4
            X509v3 Authority Key Identifier: 
                keyid:52:F5:5E:7A:7E:70:B1:01:8F:03:C4:27:8D:34:8B:4B:DC:C1:42:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UvVeen5wsQGPA8QnjTSLS9zBQrE.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/4e20a3-eb59-4392-bdfb-9a5f8ec64c70/1/QGv5a5q1cLVehG77jWmuOUdAyqQ.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/4e20a3-eb59-4392-bdfb-9a5f8ec64c70/1/UvVeen5wsQGPA8QnjTSLS9zBQrE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.119.131.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c4:1f:2e:29:ec:d6:ce:f6:28:82:0c:f5:3d:e4:55:3f:24:63:
         b7:5f:25:77:75:bb:89:fa:0c:71:19:8d:1e:e8:21:7e:ac:50:
         64:08:73:fb:dc:f5:eb:b4:0b:28:0c:40:b2:9f:83:0e:40:74:
         e9:48:05:44:ad:6a:6e:9c:29:73:a4:df:07:3f:33:9f:93:b9:
         b0:2f:cb:01:bb:d6:c9:f9:85:b9:60:3f:8a:60:59:34:e7:07:
         37:2e:1f:8f:20:7a:0a:32:d2:65:ba:a1:3b:c5:ad:7c:83:99:
         86:ee:b7:cf:33:52:8d:90:74:1d:11:38:ab:f0:fb:4e:be:11:
         ee:e5:95:5b:b7:ce:7c:86:5f:62:c0:26:bd:21:07:b5:47:c0:
         a7:f6:4a:9e:a2:d0:d3:f3:98:57:e7:f5:a8:74:07:51:70:a1:
         6d:4e:1e:08:e0:c1:6c:09:ba:6d:30:fb:99:a6:61:ea:d4:f8:
         2e:06:27:16:58:34:61:23:f8:6e:a7:62:21:b8:6a:5c:98:96:
         16:9a:ab:99:b0:f0:13:f0:f0:1d:b9:37:6d:c9:73:62:ae:7c:
         16:db:85:b7:79:1c:00:29:48:79:ec:d1:40:a0:58:d9:aa:93:
         e0:dc:4e:71:17:8c:7a:a5:2c:17:cc:2a:6e:8d:3c:54:5f:03:
         bb:4b:bb:76
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEALDXYDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MmY1NWU3YTdlNzBiMTAxOGYwM2M0Mjc4ZDM0OGI0YmRjYzE0MmIxMB4XDTIyMDEw
MTA2NTcwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDA2YmY5NmI5YWI1
NzBiNTVlODQ2ZWZiOGQ2OWFlMzk0NzQwY2FhNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK6wE8Hky7cWhzXCUOdytQFyjixkCf8iJxZe/X72DxPJzBoy
wOJUEMnaVaLTHnk8KmKXzQflMhSlYF/bOuSzqpfa2leSXPbDEQ/GXxqRIOeVv1ak
23BD4PJ4AzEIPkGN6hx1OghfVrCadKtrqlpwrCydAGJJLZDs8aP2dPFT0MVl9UR4
ssI1y5NwbWi4cqqOWHUJfdhQChu4krd5IDIj+ImvDn3nd9+TIzOLl+LRUmrmld+D
+ktietpOWwy4TYJ+NtzYnoQNm6vNRH0sJkWY9yT+imeLFAT76pvHUwEeaB+98ngp
bl0QhFZQlUPXrS8MU/8bKoafVk9tus1JOdOqCmsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRAa/lrmrVwtV6EbvuNaa45R0DKpDAfBgNVHSMEGDAWgBRS9V56fnCxAY8D
xCeNNItL3MFCsTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1V2VmVlbjV3c1FHUEE4UW5qVFNMUzl6QlFyRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmEvNGUyMGEzLWViNTktNDM5Mi1iZGZiLTlhNWY4ZWM2NGM3MC8x
L1FHdjVhNXExY0xWZWhHNzdqV211T1VkQXlxUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEv
NGUyMGEzLWViNTktNDM5Mi1iZGZiLTlhNWY4ZWM2NGM3MC8xL1V2VmVlbjV3c1FH
UEE4UW5qVFNMUzl6QlFyRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANl3gzANBgkqhkiG9w0BAQsFAAOC
AQEAxB8uKezWzvYoggz1PeRVPyRjt18ld3W7ifoMcRmNHughfqxQZAhz+9z167QL
KAxAsp+DDkB06UgFRK1qbpwpc6TfBz8zn5O5sC/LAbvWyfmFuWA/imBZNOcHNy4f
jyB6CjLSZbqhO8WtfIOZhu63zzNSjZB0HRE4q/D7Tr4R7uWVW7fOfIZfYsAmvSEH
tUfAp/ZKnqLQ0/OYV+f1qHQHUXChbU4eCODBbAm6bTD7maZh6tT4LgYnFlg0YSP4
bqdiIbhqXJiWFpqrmbDwE/DwHbk3bclzYq58FtuFt3kcAClIeezRQKBY2aqT4NxO
cReMeqUsF8wqbo08VF8Du0u7dg==
-----END CERTIFICATE-----

Generated at Sun Jan 30 13:14:54 2022 by LibreSSL & rpki-client.