Route Origin Authorization
Location:                 rpki.ripe.net/repository/DEFAULT/cd/21582f-511a-4af3-8028-e2d88376d44d/1/xyYimNRNUBiEyYX226akb5MR678.roa (download)

Subject key identifier:   C7:26:22:98:D4:4D:50:18:84:C9:85:F6:DB:A6:A4:6F:93:11:EB:BF 
Authority key identifier: 03:D1:7B:C7:EB:EB:DC:C9:F1:B3:FD:B5:5A:D1:22:E7:06:22:43:E2
asID:                     AS1239
Prefixes:
    1: 185.151.146.0/24 maxlen: 24

--
$ test-roa -p rpki.ripe.net/repository/DEFAULT/cd/21582f-511a-4af3-8028-e2d88376d44d/1/xyYimNRNUBiEyYX226akb5MR678.roa | openssl x509 -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 27062593 (0x19cf141)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=03d17bc7ebebdcc9f1b3fdb55ad122e7062243e2
        Validity
            Not Before: Jan  1 13:04:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c7262298d44d501884c985f6dba6a46f9311ebbf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:bf:c8:f6:52:a9:64:eb:ab:f6:4e:b0:5a:21:
                    fe:49:c9:37:13:6a:f1:a3:71:6e:f2:64:b1:99:a8:
                    49:3c:86:63:58:fd:4c:8c:96:d9:29:c4:fe:34:95:
                    ce:3b:1c:1c:25:aa:aa:cc:d6:7f:a6:04:8b:f7:ba:
                    8f:09:65:3e:8c:e1:ab:a7:db:f2:29:ad:11:a1:76:
                    77:95:df:37:58:31:76:d3:3e:dc:9d:27:57:ba:83:
                    fe:b0:00:48:4b:1c:d0:15:f1:61:db:91:f3:4a:12:
                    6b:a7:0c:f8:77:78:3e:72:20:78:b8:e8:3d:35:32:
                    74:9c:f0:ef:20:78:7d:b4:e4:4f:57:36:59:74:b7:
                    dd:71:59:4c:7d:8e:d2:83:21:9e:ac:c8:66:38:1d:
                    a1:3c:9a:63:3e:54:9f:24:6c:1d:de:66:e2:bd:d9:
                    f5:66:d0:20:6e:d4:b7:5b:4f:f1:6f:3c:2d:cb:12:
                    32:1e:2c:8c:42:e5:c7:67:33:7f:e4:9f:1d:fe:6c:
                    57:22:eb:74:55:1f:ed:3e:15:2d:9f:3c:99:13:7f:
                    c1:e3:65:12:a6:41:af:ed:db:da:88:eb:74:b8:31:
                    31:47:57:5d:c4:98:e2:59:1c:04:16:e8:4a:72:fc:
                    16:03:fb:b1:cd:99:b4:43:8b:5f:58:94:93:3b:5c:
                    36:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                C7:26:22:98:D4:4D:50:18:84:C9:85:F6:DB:A6:A4:6F:93:11:EB:BF
            X509v3 Authority Key Identifier: 
                keyid:03:D1:7B:C7:EB:EB:DC:C9:F1:B3:FD:B5:5A:D1:22:E7:06:22:43:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A9F7x-vr3Mnxs_21WtEi5wYiQ-I.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/21582f-511a-4af3-8028-e2d88376d44d/1/xyYimNRNUBiEyYX226akb5MR678.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/21582f-511a-4af3-8028-e2d88376d44d/1/A9F7x-vr3Mnxs_21WtEi5wYiQ-I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.151.146.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:5c:7b:99:05:46:48:1f:1d:9b:43:b9:8c:d5:b5:74:23:5d:
         89:c6:76:55:7b:c0:de:a9:80:c1:77:0b:29:d9:4c:3d:b8:a8:
         e5:4f:60:89:e4:ac:b0:f6:ec:89:a0:20:33:67:b4:6f:e4:16:
         93:94:f3:c3:9d:a4:83:11:7a:f7:dd:87:f4:90:66:06:aa:f6:
         26:cf:f4:98:22:0f:81:71:10:8f:a0:40:cf:49:c0:9c:bd:f2:
         41:17:5e:0a:b2:d0:4f:a7:7a:3c:99:e5:c4:94:33:2e:e9:c4:
         c4:81:34:63:15:f9:81:3a:92:0b:63:94:5f:81:7e:43:50:9d:
         e3:5c:da:c9:50:ea:19:52:a1:cd:31:72:7f:24:e7:23:2f:8d:
         aa:22:58:cf:cd:49:f5:03:b6:86:54:94:77:ee:3d:06:b9:87:
         c8:74:ae:6a:06:a5:c8:8d:70:90:d6:b5:cd:d2:d0:05:b9:13:
         d5:a4:4d:e6:ab:4a:44:53:bc:98:8a:54:51:36:d8:4a:40:c2:
         d4:3c:5e:66:65:a8:d6:7b:1b:3b:cf:a0:8b:24:85:6e:06:af:
         49:f7:fd:5a:bc:e2:8b:ab:a1:fc:10:8f:b9:54:60:1b:7e:ab:
         82:9c:5f:d9:c6:39:a4:1a:e1:41:fb:1c:12:21:d8:ce:dd:f9:
         23:7b:ec:e1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAZzxQTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
M2QxN2JjN2ViZWJkY2M5ZjFiM2ZkYjU1YWQxMjJlNzA2MjI0M2UyMB4XDTIyMDEw
MTEzMDQzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzcyNjIyOThkNDRk
NTAxODg0Yzk4NWY2ZGJhNmE0NmY5MzExZWJiZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK2/yPZSqWTrq/ZOsFoh/knJNxNq8aNxbvJksZmoSTyGY1j9
TIyW2SnE/jSVzjscHCWqqszWf6YEi/e6jwllPozhq6fb8imtEaF2d5XfN1gxdtM+
3J0nV7qD/rAASEsc0BXxYduR80oSa6cM+Hd4PnIgeLjoPTUydJzw7yB4fbTkT1c2
WXS33XFZTH2O0oMhnqzIZjgdoTyaYz5UnyRsHd5m4r3Z9WbQIG7Ut1tP8W88LcsS
Mh4sjELlx2czf+SfHf5sVyLrdFUf7T4VLZ88mRN/weNlEqZBr+3b2ojrdLgxMUdX
XcSY4lkcBBboSnL8FgP7sc2ZtEOLX1iUkztcNk0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTHJiKY1E1QGITJhfbbpqRvkxHrvzAfBgNVHSMEGDAWgBQD0XvH6+vcyfGz
/bVa0SLnBiJD4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0E5Rjd4LXZyM01ueHNfMjFXdEVpNXdZaVEtSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvMjE1ODJmLTUxMWEtNGFmMy04MDI4LWUyZDg4Mzc2ZDQ0ZC8x
L3h5WWltTlJOVUJpRXlZWDIyNmFrYjVNUjY3OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
MjE1ODJmLTUxMWEtNGFmMy04MDI4LWUyZDg4Mzc2ZDQ0ZC8xL0E5Rjd4LXZyM01u
eHNfMjFXdEVpNXdZaVEtSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmXkjANBgkqhkiG9w0BAQsFAAOC
AQEAiFx7mQVGSB8dm0O5jNW1dCNdicZ2VXvA3qmAwXcLKdlMPbio5U9gieSssPbs
iaAgM2e0b+QWk5Tzw52kgxF6992H9JBmBqr2Js/0mCIPgXEQj6BAz0nAnL3yQRde
CrLQT6d6PJnlxJQzLunExIE0YxX5gTqSC2OUX4F+Q1Cd41zayVDqGVKhzTFyfyTn
Iy+NqiJYz81J9QO2hlSUd+49BrmHyHSuagalyI1wkNa1zdLQBbkT1aRN5qtKRFO8
mIpUUTbYSkDC1DxeZmWo1nsbO8+giySFbgavSff9Wrzii6uh/BCPuVRgG36rgpxf
2cY5pBrhQfscEiHYzt35I3vs4Q==
-----END CERTIFICATE-----

Generated at Sun Jan 30 13:19:49 2022 by LibreSSL & rpki-client.