Route Origin Authorization
Location:                 rpki.ripe.net/repository/DEFAULT/be/ea373e-1cf1-496b-a2cf-062f8160a5e3/1/hU4MP6MD6erfH31ewbl7zICqt18.roa (download)

Subject key identifier:   85:4E:0C:3F:A3:03:E9:EA:DF:1F:7D:5E:C1:B9:7B:CC:80:AA:B7:5F 
Authority key identifier: 66:4C:0D:DE:9D:1C:61:73:B1:AB:7E:21:C6:9A:B8:BD:D9:5F:03:61
asID:                     AS1239
Prefixes:
    1: 195.69.149.0/24 maxlen: 24

--
$ test-roa -p rpki.ripe.net/repository/DEFAULT/be/ea373e-1cf1-496b-a2cf-062f8160a5e3/1/hU4MP6MD6erfH31ewbl7zICqt18.roa | openssl x509 -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 20050970 (0x131f41a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=664c0dde9d1c6173b1ab7e21c69ab8bdd95f0361
        Validity
            Not Before: Jan  1 02:56:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=854e0c3fa303e9eadf1f7d5ec1b97bcc80aab75f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:99:d9:00:53:16:d8:25:3f:13:a4:84:9f:2b:
                    a5:e3:12:9a:96:e8:c1:1a:d9:2a:bc:d3:65:6e:25:
                    b3:51:24:a0:cd:2f:d6:a0:7c:40:e2:47:5b:9f:24:
                    2a:05:43:d2:44:d1:5d:a3:fb:08:7a:ed:88:24:2b:
                    2d:3a:f7:d8:34:1a:6f:9c:2d:a4:4e:03:fd:43:e6:
                    bc:0c:34:8b:01:b6:36:f8:f2:36:13:3f:a6:a4:a0:
                    ea:e5:27:02:b6:9d:e2:b5:c6:eb:e1:48:b0:61:37:
                    96:94:14:0d:7b:a5:7d:d9:af:b4:a8:bc:1e:b2:e1:
                    37:ae:d2:e3:fe:58:ea:90:45:40:30:12:11:f4:8d:
                    4e:63:29:41:61:94:b1:05:bb:20:45:1f:3f:ce:23:
                    55:a1:1c:7a:bb:97:73:cf:dc:05:b4:2d:69:9c:e2:
                    b8:2a:62:18:0d:c3:82:25:a3:17:cd:0b:12:5e:f6:
                    84:65:f0:aa:4e:f1:4a:49:46:4a:86:5a:46:fd:08:
                    a0:e0:ae:0b:4f:e2:5a:c6:10:f1:d1:89:68:22:38:
                    95:a6:23:65:ac:05:f1:c2:4b:b1:e9:3d:ce:c6:d4:
                    d3:ae:9d:2d:9b:54:54:7c:47:30:31:b7:9f:46:20:
                    92:11:76:9f:3b:f9:c9:dd:77:bb:70:be:f3:8e:38:
                    45:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                85:4E:0C:3F:A3:03:E9:EA:DF:1F:7D:5E:C1:B9:7B:CC:80:AA:B7:5F
            X509v3 Authority Key Identifier: 
                keyid:66:4C:0D:DE:9D:1C:61:73:B1:AB:7E:21:C6:9A:B8:BD:D9:5F:03:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZkwN3p0cYXOxq34hxpq4vdlfA2E.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/ea373e-1cf1-496b-a2cf-062f8160a5e3/1/hU4MP6MD6erfH31ewbl7zICqt18.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/ea373e-1cf1-496b-a2cf-062f8160a5e3/1/ZkwN3p0cYXOxq34hxpq4vdlfA2E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.69.149.0/24

    Signature Algorithm: sha256WithRSAEncryption
         01:63:4f:3b:72:29:59:50:c1:d9:4d:05:2f:5a:bc:48:b6:0e:
         64:2f:20:1c:b2:dc:60:e5:b2:08:6e:af:9d:6c:68:57:bf:6e:
         7a:25:f3:18:9a:a6:5f:28:fe:b6:66:95:29:2b:1f:5a:12:b6:
         05:17:1b:43:a4:94:d4:13:0b:d8:bc:d8:30:eb:c6:dc:a5:f9:
         e7:c5:18:42:a1:b3:b8:57:f6:53:55:1a:db:87:b2:eb:d1:99:
         fe:34:c0:87:72:77:11:89:e6:cb:d0:0b:38:d4:cd:63:53:5e:
         08:a0:ed:53:ef:5c:d8:8b:3e:f8:bb:a0:c2:c1:32:58:66:29:
         2f:f5:27:d2:f9:b6:12:1b:4d:a5:4e:2f:70:aa:28:b2:1a:a5:
         cc:4c:fe:cd:cb:28:d2:5a:1b:02:d9:04:30:e9:04:27:77:97:
         e9:4a:fa:58:04:57:bc:33:a5:97:20:48:4c:c3:f2:fe:37:ed:
         eb:5c:83:23:a6:3b:30:29:fe:37:7d:01:de:04:da:d7:a2:43:
         11:d5:ab:ba:11:87:34:e7:65:7e:6b:31:6a:0a:ca:e0:ac:64:
         d2:a6:9c:a4:28:2f:32:13:3c:d8:6c:6e:b2:54:3b:13:ac:ca:
         0f:e2:c6:fc:d5:60:47:c4:57:32:f1:09:c9:f1:5f:97:d9:2e:
         05:5b:f0:13
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEATH0GjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NjRjMGRkZTlkMWM2MTczYjFhYjdlMjFjNjlhYjhiZGQ5NWYwMzYxMB4XDTIyMDEw
MTAyNTY1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODU0ZTBjM2ZhMzAz
ZTllYWRmMWY3ZDVlYzFiOTdiY2M4MGFhYjc1ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOOZ2QBTFtglPxOkhJ8rpeMSmpbowRrZKrzTZW4ls1EkoM0v
1qB8QOJHW58kKgVD0kTRXaP7CHrtiCQrLTr32DQab5wtpE4D/UPmvAw0iwG2Nvjy
NhM/pqSg6uUnArad4rXG6+FIsGE3lpQUDXulfdmvtKi8HrLhN67S4/5Y6pBFQDAS
EfSNTmMpQWGUsQW7IEUfP84jVaEceruXc8/cBbQtaZziuCpiGA3DgiWjF80LEl72
hGXwqk7xSklGSoZaRv0IoOCuC0/iWsYQ8dGJaCI4laYjZawF8cJLsek9zsbU066d
LZtUVHxHMDG3n0YgkhF2nzv5yd13u3C+8444RRkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSFTgw/owPp6t8ffV7BuXvMgKq3XzAfBgNVHSMEGDAWgBRmTA3enRxhc7Gr
fiHGmri92V8DYTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1prd04zcDBjWVhPeHEzNGh4cHE0dmRsZkEyRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvZWEzNzNlLTFjZjEtNDk2Yi1hMmNmLTA2MmY4MTYwYTVlMy8x
L2hVNE1QNk1ENmVyZkgzMWV3Ymw3eklDcXQxOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
ZWEzNzNlLTFjZjEtNDk2Yi1hMmNmLTA2MmY4MTYwYTVlMy8xL1prd04zcDBjWVhP
eHEzNGh4cHE0dmRsZkEyRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMNFlTANBgkqhkiG9w0BAQsFAAOC
AQEAAWNPO3IpWVDB2U0FL1q8SLYOZC8gHLLcYOWyCG6vnWxoV79ueiXzGJqmXyj+
tmaVKSsfWhK2BRcbQ6SU1BML2LzYMOvG3KX558UYQqGzuFf2U1Ua24ey69GZ/jTA
h3J3EYnmy9ALONTNY1NeCKDtU+9c2Is++LugwsEyWGYpL/Un0vm2EhtNpU4vcKoo
shqlzEz+zcso0lobAtkEMOkEJ3eX6Ur6WARXvDOllyBITMPy/jft61yDI6Y7MCn+
N30B3gTa16JDEdWruhGHNOdlfmsxagrK4Kxk0qacpCgvMhM82GxuslQ7E6zKD+LG
/NVgR8RXMvEJyfFfl9kuBVvwEw==
-----END CERTIFICATE-----

Generated at Sun Jan 30 13:16:12 2022 by LibreSSL & rpki-client.