Route Origin Authorization
Location:                 rpki.ripe.net/repository/DEFAULT/c0/8b011e-41cf-4d06-ab24-7270af08aff1/1/NlqfED-L_VffU8skke4aVFPJ6PQ.roa (download)

Subject key identifier:   36:5A:9F:10:3F:8B:FD:57:DF:53:CB:24:91:EE:1A:54:53:C9:E8:F4 
Authority key identifier: E5:ED:02:2A:21:3D:21:A0:CD:F9:87:F0:FF:1B:88:A9:FA:FF:F5:88
asID:                     AS1239
Prefixes:
    1: 2a11:7280::/29 maxlen: 29

--
$ test-roa -p rpki.ripe.net/repository/DEFAULT/c0/8b011e-41cf-4d06-ab24-7270af08aff1/1/NlqfED-L_VffU8skke4aVFPJ6PQ.roa | openssl x509 -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 60778 (0xed6a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e5ed022a213d21a0cdf987f0ff1b88a9fafff588
        Validity
            Not Before: Jan 14 18:05:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=365a9f103f8bfd57df53cb2491ee1a5453c9e8f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:35:44:3f:c4:66:c6:38:f8:42:d6:98:c3:af:
                    cc:03:0f:c4:b7:5d:2c:24:b4:e0:e4:1b:52:2a:b1:
                    dd:83:9a:c7:f2:09:40:eb:83:c5:39:61:a5:e2:8e:
                    cd:e3:7d:d2:b3:1e:e1:02:91:da:05:7f:70:cc:b8:
                    aa:b9:5d:92:c2:73:cd:a2:62:b8:ac:72:0f:6b:a5:
                    54:83:54:e4:02:e5:17:9c:9f:ca:66:31:e5:72:b7:
                    0d:c8:57:3f:f4:ef:f5:dc:11:39:d5:db:6e:f6:2e:
                    70:22:b9:ab:2f:40:aa:22:7d:a5:c6:a7:b2:9a:06:
                    84:c0:1b:f6:fd:6b:e5:ef:70:4a:7a:9a:a7:a1:0c:
                    90:77:41:9e:1c:65:f9:5e:04:81:67:f7:57:73:44:
                    95:b5:e5:e4:57:bf:a3:f8:59:a2:a3:f2:9d:7f:5a:
                    f2:fc:a6:09:77:aa:49:5d:4c:75:1d:1e:90:e9:eb:
                    25:ca:c3:b3:62:ba:db:16:5f:00:21:38:50:69:da:
                    5e:50:79:fd:7f:8b:01:95:d7:1b:67:5e:33:d3:b3:
                    64:c8:4d:74:69:49:49:eb:4f:9f:e5:c3:29:8c:05:
                    fb:fa:9c:22:ce:b7:a9:79:e2:30:02:df:3a:d0:9e:
                    b3:53:f5:3c:a8:29:8d:94:4c:ca:b6:aa:16:bf:ba:
                    db:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                36:5A:9F:10:3F:8B:FD:57:DF:53:CB:24:91:EE:1A:54:53:C9:E8:F4
            X509v3 Authority Key Identifier: 
                keyid:E5:ED:02:2A:21:3D:21:A0:CD:F9:87:F0:FF:1B:88:A9:FA:FF:F5:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e0CKiE9IaDN-Yfw_xuIqfr_9Yg.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8b011e-41cf-4d06-ab24-7270af08aff1/1/NlqfED-L_VffU8skke4aVFPJ6PQ.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8b011e-41cf-4d06-ab24-7270af08aff1/1/5e0CKiE9IaDN-Yfw_xuIqfr_9Yg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:7280::/29

    Signature Algorithm: sha256WithRSAEncryption
         68:c1:14:76:51:53:8b:3d:ba:eb:8e:d3:8e:48:17:e9:3c:e3:
         ea:41:07:63:ce:6a:3b:c1:50:84:31:9f:a9:48:66:2b:d2:9e:
         e8:2c:f5:1e:a0:a0:14:a8:9f:91:a9:5d:00:91:11:44:9e:36:
         d1:b3:c2:7a:b9:c9:d7:e6:10:ea:c4:ce:a6:5f:11:31:ea:7e:
         c4:f5:fc:9c:c8:8f:56:d7:50:a1:f4:a0:de:49:f8:21:21:2b:
         1f:81:95:f6:93:26:bc:16:78:bd:23:ff:5e:48:1c:a8:c1:ef:
         86:89:c2:3f:7c:03:ca:f0:da:25:aa:4d:0f:e6:82:40:b3:79:
         ec:bd:e3:ba:ec:c9:3a:aa:3d:08:85:f4:00:43:fd:0b:18:3c:
         fb:01:84:32:79:aa:66:5a:72:b8:5f:2e:97:e3:60:0c:51:dd:
         82:25:3a:81:2a:7c:85:db:de:da:15:1b:c3:f5:88:ca:31:77:
         3f:cc:72:00:ed:f3:24:3e:b4:ee:26:fb:ce:c9:e2:6b:b4:10:
         c3:04:da:f4:92:6c:bf:0b:20:a8:c0:79:c9:cb:40:0e:7c:34:
         7e:bd:78:21:73:aa:6d:37:34:35:55:5c:5b:16:37:2d:8b:7e:
         75:bc:a9:04:09:94:fa:9e:95:2f:c1:8e:6c:9d:5a:42:a7:1c:
         09:a2:26:25
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDAO1qMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGU1
ZWQwMjJhMjEzZDIxYTBjZGY5ODdmMGZmMWI4OGE5ZmFmZmY1ODgwHhcNMjIwMTE0
MTgwNTM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzNjVhOWYxMDNmOGJm
ZDU3ZGY1M2NiMjQ5MWVlMWE1NDUzYzllOGY0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAxTVEP8Rmxjj4QtaYw6/MAw/Et10sJLTg5BtSKrHdg5rH8glA
64PFOWGl4o7N433Ssx7hApHaBX9wzLiquV2SwnPNomK4rHIPa6VUg1TkAuUXnJ/K
ZjHlcrcNyFc/9O/13BE51dtu9i5wIrmrL0CqIn2lxqeymgaEwBv2/Wvl73BKepqn
oQyQd0GeHGX5XgSBZ/dXc0SVteXkV7+j+Fmio/Kdf1ry/KYJd6pJXUx1HR6Q6esl
ysOzYrrbFl8AIThQadpeUHn9f4sBldcbZ14z07NkyE10aUlJ60+f5cMpjAX7+pwi
zrepeeIwAt860J6zU/U8qCmNlEzKtqoWv7rb8wIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFDZanxA/i/1X31PLJJHuGlRTyej0MB8GA1UdIwQYMBaAFOXtAiohPSGgzfmH
8P8biKn6//WIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
NWUwQ0tpRTlJYUROLVlmd194dUlxZnJfOVlnLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jMC84YjAxMWUtNDFjZi00ZDA2LWFiMjQtNzI3MGFmMDhhZmYxLzEv
TmxxZkVELUxfVmZmVThza2tlNGFWRlBKNlBRLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC84
YjAxMWUtNDFjZi00ZDA2LWFiMjQtNzI3MGFmMDhhZmYxLzEvNWUwQ0tpRTlJYURO
LVlmd194dUlxZnJfOVlnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhFygDANBgkqhkiG9w0BAQsFAAOC
AQEAaMEUdlFTiz26647TjkgX6Tzj6kEHY85qO8FQhDGfqUhmK9Ke6Cz1HqCgFKif
kaldAJERRJ420bPCernJ1+YQ6sTOpl8RMep+xPX8nMiPVtdQofSg3kn4ISErH4GV
9pMmvBZ4vSP/XkgcqMHvhonCP3wDyvDaJapND+aCQLN57L3juuzJOqo9CIX0AEP9
Cxg8+wGEMnmqZlpyuF8ul+NgDFHdgiU6gSp8hdve2hUbw/WIyjF3P8xyAO3zJD60
7ib7zsnia7QQwwTa9JJsvwsgqMB5yctADnw0fr14IXOqbTc0NVVcWxY3LYt+dbyp
BAmU+p6VL8GObJ1aQqccCaImJQ==
-----END CERTIFICATE-----

Generated at Sun Jan 30 13:16:33 2022 by LibreSSL & rpki-client.