Route Origin Authorization
Location:                 rpki.ripe.net/repository/DEFAULT/c9/63efc9-5e1c-4773-94a2-e60de555a8be/1/T5stxfvDkAr3W1JVXtWwwwbrX9g.roa (download)

Subject key identifier:   4F:9B:2D:C5:FB:C3:90:0A:F7:5B:52:55:5E:D5:B0:C3:06:EB:5F:D8 
Authority key identifier: 3F:DF:2C:F8:65:92:06:D8:E6:F8:2C:24:EC:6F:9D:9E:6D:67:3E:07
asID:                     AS1239
Prefixes:
    1: 91.198.200.0/24 maxlen: 24

--
$ test-roa -p rpki.ripe.net/repository/DEFAULT/c9/63efc9-5e1c-4773-94a2-e60de555a8be/1/T5stxfvDkAr3W1JVXtWwwwbrX9g.roa | openssl x509 -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 20723324 (0x13c367c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fdf2cf8659206d8e6f82c24ec6f9d9e6d673e07
        Validity
            Not Before: Jan  1 05:53:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4f9b2dc5fbc3900af75b52555ed5b0c306eb5fd8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:67:25:0f:55:90:6b:53:16:a8:0b:e7:4a:0e:
                    8a:2c:ab:1e:02:aa:39:9e:0c:74:97:2f:fb:9f:39:
                    00:34:f4:d2:ec:ef:4f:0d:10:e3:5b:cb:fa:b3:ec:
                    d0:33:4c:a2:39:f4:c9:6a:9e:e9:30:f9:60:6e:ce:
                    61:d3:20:ae:e6:f6:ed:92:82:bb:4f:e6:ea:c0:75:
                    58:63:1c:6d:c4:e4:6e:43:7a:60:0d:bf:d4:ee:41:
                    45:2e:80:86:3d:f8:10:4b:89:ca:98:55:13:d8:87:
                    2e:f8:32:75:fc:f5:8e:cd:c9:c7:ac:2c:e9:d7:88:
                    d3:77:a4:58:59:17:5e:d7:5e:3e:60:f6:fb:18:0c:
                    69:c6:48:3f:3a:95:5c:85:bc:67:44:cf:22:a0:f4:
                    d3:e6:ef:be:ba:e8:9e:4e:fe:48:f7:bd:71:3a:58:
                    50:20:64:6c:c5:65:a6:e3:51:03:e4:77:2d:ab:71:
                    ff:5b:19:51:78:7d:a9:cc:ae:02:cc:a5:52:49:59:
                    59:8d:e7:5c:18:df:a3:0a:5d:bf:4e:ed:62:c9:5c:
                    43:3d:c6:55:07:2c:6e:6b:7d:54:f0:2a:5d:f6:c0:
                    4b:2d:92:3a:19:99:a2:fa:6c:6b:aa:e9:9e:13:2c:
                    a4:22:96:22:cc:33:30:3c:c5:fa:b3:65:73:89:81:
                    0c:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                4F:9B:2D:C5:FB:C3:90:0A:F7:5B:52:55:5E:D5:B0:C3:06:EB:5F:D8
            X509v3 Authority Key Identifier: 
                keyid:3F:DF:2C:F8:65:92:06:D8:E6:F8:2C:24:EC:6F:9D:9E:6D:67:3E:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P98s-GWSBtjm-Cwk7G-dnm1nPgc.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/63efc9-5e1c-4773-94a2-e60de555a8be/1/T5stxfvDkAr3W1JVXtWwwwbrX9g.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/63efc9-5e1c-4773-94a2-e60de555a8be/1/P98s-GWSBtjm-Cwk7G-dnm1nPgc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.198.200.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9c:71:2d:3b:82:47:6b:a1:ac:f8:ac:0e:e4:e1:c2:24:c7:8f:
         8e:e9:44:0f:04:f3:a6:4c:80:7c:80:9c:5f:26:db:b5:a2:31:
         c0:55:50:65:7d:a2:9a:79:fc:90:26:53:c2:38:d6:9d:04:0c:
         98:3a:5e:fa:e5:76:68:20:50:ef:16:52:69:b6:78:f4:6f:72:
         67:d0:33:3f:a5:a7:bb:d5:fc:9e:d1:6e:06:a4:e1:85:c4:fa:
         38:6c:bd:57:7e:39:49:29:58:ce:3b:a4:c8:fa:c8:a9:c6:36:
         25:cc:30:67:9b:9c:90:2f:21:3c:60:27:1c:0b:b5:cd:c6:5c:
         42:10:4f:03:e0:a7:ac:84:57:15:1b:b6:bb:4a:34:e9:f4:db:
         8e:fe:34:3c:f3:a1:77:05:39:9b:d7:10:b4:36:08:2d:b9:bf:
         bd:1e:7b:a3:24:0d:05:70:fb:69:1d:2d:8a:06:85:d2:77:e9:
         e5:86:fd:9d:b7:27:2b:80:8a:4d:c2:d4:ba:88:a5:ae:ef:54:
         9e:f6:8e:ec:95:61:0f:5a:c2:4d:21:6d:3c:f6:48:a5:28:3d:
         a1:1b:49:98:59:d2:b1:46:b4:d4:71:51:bc:bd:f7:92:fc:24:
         d7:96:d3:ae:3d:d7:0a:bd:f6:8d:48:bd:73:d6:79:5e:25:a8:
         d8:1f:5d:e3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEATw2fDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZmRmMmNmODY1OTIwNmQ4ZTZmODJjMjRlYzZmOWQ5ZTZkNjczZTA3MB4XDTIyMDEw
MTA1NTMyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGY5YjJkYzVmYmMz
OTAwYWY3NWI1MjU1NWVkNWIwYzMwNmViNWZkODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMNnJQ9VkGtTFqgL50oOiiyrHgKqOZ4MdJcv+585ADT00uzv
Tw0Q41vL+rPs0DNMojn0yWqe6TD5YG7OYdMgrub27ZKCu0/m6sB1WGMcbcTkbkN6
YA2/1O5BRS6Ahj34EEuJyphVE9iHLvgydfz1js3Jx6ws6deI03ekWFkXXtdePmD2
+xgMacZIPzqVXIW8Z0TPIqD00+bvvrronk7+SPe9cTpYUCBkbMVlpuNRA+R3Latx
/1sZUXh9qcyuAsylUklZWY3nXBjfowpdv07tYslcQz3GVQcsbmt9VPAqXfbASy2S
OhmZovpsa6rpnhMspCKWIswzMDzF+rNlc4mBDC0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRPmy3F+8OQCvdbUlVe1bDDButf2DAfBgNVHSMEGDAWgBQ/3yz4ZZIG2Ob4
LCTsb52ebWc+BzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1A5OHMtR1dTQnRqbS1Dd2s3Ry1kbm0xblBnYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzkvNjNlZmM5LTVlMWMtNDc3My05NGEyLWU2MGRlNTU1YThiZS8x
L1Q1c3R4ZnZEa0FyM1cxSlZYdFd3d3diclg5Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzkv
NjNlZmM5LTVlMWMtNDc3My05NGEyLWU2MGRlNTU1YThiZS8xL1A5OHMtR1dTQnRq
bS1Dd2s3Ry1kbm0xblBnYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvGyDANBgkqhkiG9w0BAQsFAAOC
AQEAnHEtO4JHa6Gs+KwO5OHCJMePjulEDwTzpkyAfICcXybbtaIxwFVQZX2imnn8
kCZTwjjWnQQMmDpe+uV2aCBQ7xZSabZ49G9yZ9AzP6Wnu9X8ntFuBqThhcT6OGy9
V345SSlYzjukyPrIqcY2JcwwZ5uckC8hPGAnHAu1zcZcQhBPA+CnrIRXFRu2u0o0
6fTbjv40PPOhdwU5m9cQtDYILbm/vR57oyQNBXD7aR0tigaF0nfp5Yb9nbcnK4CK
TcLUuoilru9UnvaO7JVhD1rCTSFtPPZIpSg9oRtJmFnSsUa01HFRvL33kvwk15bT
rj3XCr32jUi9c9Z5XiWo2B9d4w==
-----END CERTIFICATE-----

Generated at Sun Jan 30 13:18:58 2022 by LibreSSL & rpki-client.