Route Origin Authorization
Location:                 rpki.ripe.net/repository/DEFAULT/d6/a2cf05-939a-401f-8407-c39853672dd7/1/EmpEeqvzwlh9EM7Cwk7KErl8dlE.roa (download)

Subject key identifier:   12:6A:44:7A:AB:F3:C2:58:7D:10:CE:C2:C2:4E:CA:12:B9:7C:76:51 
Authority key identifier: D5:DE:6C:65:EC:F2:01:D9:A3:56:DF:C4:50:13:37:EE:8D:96:53:82
asID:                     AS1239
Prefixes:
    1: 195.225.97.0/24 maxlen: 24

--
$ test-roa -p rpki.ripe.net/repository/DEFAULT/d6/a2cf05-939a-401f-8407-c39853672dd7/1/EmpEeqvzwlh9EM7Cwk7KErl8dlE.roa | openssl x509 -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 21366541 (0x146070d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5de6c65ecf201d9a356dfc4501337ee8d965382
        Validity
            Not Before: Jan  1 05:02:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=126a447aabf3c2587d10cec2c24eca12b97c7651
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:44:b5:fa:00:3f:0f:41:e4:6a:2f:57:5f:95:
                    c1:d3:22:94:22:dc:7e:87:e9:d9:aa:3b:71:dd:e5:
                    df:0b:ac:92:35:62:33:8f:49:c3:28:7d:ea:5b:49:
                    58:bc:97:21:f9:40:46:ba:07:38:d7:95:d8:e6:4e:
                    4d:05:80:a1:23:d0:79:47:64:74:37:77:80:9b:38:
                    88:32:09:74:1a:b4:7b:6b:25:ab:d9:14:9f:62:39:
                    6a:9e:ae:25:44:4e:10:81:81:04:e5:75:1c:27:8e:
                    52:91:60:52:a4:6d:a0:36:ec:22:03:85:a7:77:67:
                    4d:d6:7f:e8:3a:a7:8f:db:b6:09:26:35:c4:73:38:
                    7f:38:30:0a:5b:5a:be:cd:08:ec:fc:92:dc:b0:e9:
                    cf:f4:8c:f8:a7:82:59:54:fc:ec:b3:3d:65:3f:31:
                    d2:8f:d5:ba:4d:81:99:1b:67:97:2a:60:2a:85:e1:
                    4d:9e:ae:b2:8d:33:65:42:78:26:30:9e:f9:61:a1:
                    84:d2:12:5c:d9:5d:a7:78:b2:90:1f:5e:2a:03:18:
                    1a:27:ef:15:3c:cd:ca:22:38:4e:0e:91:c9:f9:17:
                    f3:7e:91:28:c2:7e:72:d6:49:78:a5:ba:ad:27:f0:
                    2d:ed:90:26:8b:05:b2:e5:e9:90:a7:ff:9f:f1:af:
                    62:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                12:6A:44:7A:AB:F3:C2:58:7D:10:CE:C2:C2:4E:CA:12:B9:7C:76:51
            X509v3 Authority Key Identifier: 
                keyid:D5:DE:6C:65:EC:F2:01:D9:A3:56:DF:C4:50:13:37:EE:8D:96:53:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d5sZezyAdmjVt_EUBM37o2WU4I.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/a2cf05-939a-401f-8407-c39853672dd7/1/EmpEeqvzwlh9EM7Cwk7KErl8dlE.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/a2cf05-939a-401f-8407-c39853672dd7/1/1d5sZezyAdmjVt_EUBM37o2WU4I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.225.97.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bc:51:ea:55:44:2f:0d:bb:59:05:d4:bb:7f:c0:b1:04:6b:29:
         27:06:60:82:d5:d5:7b:19:2f:dc:3c:5c:61:4d:16:38:10:a0:
         09:df:ff:60:d1:93:70:22:e5:6b:fb:c2:2f:73:bd:1f:8e:8a:
         02:35:40:7a:45:a2:de:4a:68:14:f4:21:e4:d9:d1:d7:b7:d4:
         a0:15:67:c4:25:9d:61:2e:4c:f0:9d:96:0a:5d:d6:bf:18:4d:
         6b:00:c4:05:94:2b:ec:4f:ca:cf:df:bb:e3:41:01:62:26:ef:
         0f:63:41:94:62:14:c1:58:c7:43:6e:98:c1:e8:b6:1b:30:44:
         0f:78:51:a8:2b:81:f5:be:0a:6d:c3:a1:b8:dc:a2:46:b1:cb:
         d8:8b:85:81:fa:93:af:a8:ae:57:e8:c1:c3:16:a8:02:67:ae:
         10:0c:7d:12:a5:05:e8:d5:46:7a:05:9c:b2:41:e1:4c:2a:61:
         26:b1:41:20:72:17:4c:88:ec:7c:a0:ec:01:47:bc:fb:9e:82:
         54:f8:6a:23:cb:32:5d:23:8d:e2:34:92:4e:be:15:23:6d:fd:
         16:39:b7:a3:39:00:de:7f:66:05:08:f4:a8:5b:9f:26:68:11:
         ad:92:e4:a2:e8:1a:fb:c9:24:c2:ed:ea:82:1d:8e:ba:8c:11:
         8b:77:35:0b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAUYHDTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NWRlNmM2NWVjZjIwMWQ5YTM1NmRmYzQ1MDEzMzdlZThkOTY1MzgyMB4XDTIyMDEw
MTA1MDIyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTI2YTQ0N2FhYmYz
YzI1ODdkMTBjZWMyYzI0ZWNhMTJiOTdjNzY1MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI1EtfoAPw9B5GovV1+VwdMilCLcfofp2ao7cd3l3wuskjVi
M49Jwyh96ltJWLyXIflARroHONeV2OZOTQWAoSPQeUdkdDd3gJs4iDIJdBq0e2sl
q9kUn2I5ap6uJUROEIGBBOV1HCeOUpFgUqRtoDbsIgOFp3dnTdZ/6Dqnj9u2CSY1
xHM4fzgwCltavs0I7PyS3LDpz/SM+KeCWVT87LM9ZT8x0o/Vuk2BmRtnlypgKoXh
TZ6uso0zZUJ4JjCe+WGhhNISXNldp3iykB9eKgMYGifvFTzNyiI4Tg6RyfkX836R
KMJ+ctZJeKW6rSfwLe2QJosFsuXpkKf/n/GvYsMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQSakR6q/PCWH0QzsLCTsoSuXx2UTAfBgNVHSMEGDAWgBTV3mxl7PIB2aNW
38RQEzfujZZTgjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFkNXNaZXp5QWRtalZ0X0VVQk0zN28yV1U0SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDYvYTJjZjA1LTkzOWEtNDAxZi04NDA3LWMzOTg1MzY3MmRkNy8x
L0VtcEVlcXZ6d2xoOUVNN0N3azdLRXJsOGRsRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDYv
YTJjZjA1LTkzOWEtNDAxZi04NDA3LWMzOTg1MzY3MmRkNy8xLzFkNXNaZXp5QWRt
alZ0X0VVQk0zN28yV1U0SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMPhYTANBgkqhkiG9w0BAQsFAAOC
AQEAvFHqVUQvDbtZBdS7f8CxBGspJwZggtXVexkv3DxcYU0WOBCgCd//YNGTcCLl
a/vCL3O9H46KAjVAekWi3kpoFPQh5NnR17fUoBVnxCWdYS5M8J2WCl3WvxhNawDE
BZQr7E/Kz9+740EBYibvD2NBlGIUwVjHQ26Ywei2GzBED3hRqCuB9b4KbcOhuNyi
RrHL2IuFgfqTr6iuV+jBwxaoAmeuEAx9EqUF6NVGegWcskHhTCphJrFBIHIXTIjs
fKDsAUe8+56CVPhqI8syXSON4jSSTr4VI239Fjm3ozkA3n9mBQj0qFufJmgRrZLk
ouga+8kkwu3qgh2OuowRi3c1Cw==
-----END CERTIFICATE-----

Generated at Sun Jan 30 13:22:22 2022 by LibreSSL & rpki-client.