Route Origin Authorization
Location:                 rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/evKMxNJ3DlCu44nNgE7291nAM3o.roa (download)

Subject key identifier:   7A:F2:8C:C4:D2:77:0E:50:AE:E3:89:CD:80:4E:F6:F7:59:C0:33:7A 
Authority key identifier: F0:CC:7A:44:74:82:E5:7B:06:04:BA:BB:82:A5:24:09:CD:E3:B3:6D
asID:                     AS1239
Prefixes:
    1: 91.123.0.0/21 maxlen: 24

--
$ test-roa -p rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/evKMxNJ3DlCu44nNgE7291nAM3o.roa | openssl x509 -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 32653742 (0x1f241ae)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f0cc7a447482e57b0604babb82a52409cde3b36d
        Validity
            Not Before: Jan  1 15:59:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7af28cc4d2770e50aee389cd804ef6f759c0337a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:d1:1f:b7:92:ed:70:80:d1:bb:5f:b3:96:e7:
                    b8:37:a4:04:33:b0:1c:a9:d6:a9:dc:64:2d:53:65:
                    9c:8a:2f:d6:5e:7d:b9:bb:21:ae:e3:e7:4a:6f:82:
                    e4:f4:7b:e5:e5:15:ae:37:fa:8e:29:af:40:14:de:
                    88:67:d6:57:ad:d2:6f:b2:6a:30:d2:11:78:bf:bb:
                    37:98:4e:df:3d:74:64:b7:f5:41:14:3a:e5:53:7f:
                    f6:ba:fb:3c:fa:c8:b0:95:30:a2:84:96:d3:f6:83:
                    15:f2:0a:64:e3:df:6b:d8:bc:86:c9:ef:8e:bb:17:
                    26:61:65:67:1a:19:81:95:96:2b:d7:55:a8:f8:68:
                    75:66:89:5f:ec:7b:98:6c:0a:4b:37:07:01:ba:31:
                    ea:87:95:1c:30:95:3a:eb:d6:1b:a5:7b:f3:4d:79:
                    7f:b9:d1:cd:8a:e4:ac:2d:41:e6:f9:89:b8:9b:7d:
                    5c:9c:c5:6d:2a:be:d9:84:f3:87:a6:cb:15:dd:a7:
                    f5:a4:95:00:39:5c:c8:25:bf:76:7e:3c:24:7c:90:
                    f5:18:5b:be:b1:c7:07:2f:ef:e8:0f:92:1a:83:3c:
                    a4:f4:c3:2c:48:73:f0:57:c6:eb:30:8e:48:35:6e:
                    82:4c:eb:db:c7:38:ce:1f:dd:f2:99:01:9d:e8:0b:
                    cd:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                7A:F2:8C:C4:D2:77:0E:50:AE:E3:89:CD:80:4E:F6:F7:59:C0:33:7A
            X509v3 Authority Key Identifier: 
                keyid:F0:CC:7A:44:74:82:E5:7B:06:04:BA:BB:82:A5:24:09:CD:E3:B3:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Mx6RHSC5XsGBLq7gqUkCc3js20.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/evKMxNJ3DlCu44nNgE7291nAM3o.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/8Mx6RHSC5XsGBLq7gqUkCc3js20.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.123.0.0/21

    Signature Algorithm: sha256WithRSAEncryption
         ac:59:71:c0:12:c3:00:fd:93:d5:b8:67:0c:8f:94:38:ed:8e:
         d2:8e:95:62:8d:d3:41:3e:e4:b9:d8:a2:4a:91:db:2f:6a:6c:
         82:bd:b2:1b:30:a6:48:1e:7c:d6:93:66:cb:4e:be:4f:d5:2a:
         f9:f5:b0:e3:64:9c:11:20:ee:33:a6:b2:ee:6b:09:65:1a:46:
         d2:52:a9:2f:14:e8:e8:90:60:ff:1c:4d:de:3c:38:a2:98:a4:
         f7:cb:12:ff:6f:d9:d2:0a:5f:99:05:85:d9:f9:87:1f:43:af:
         62:8d:ba:9b:92:20:83:b5:0e:39:fc:c1:c9:26:67:78:b6:1d:
         d0:f8:b5:60:08:c1:a8:3d:a9:f4:0f:89:91:b7:d3:34:28:bc:
         63:d0:be:56:dc:9e:ef:a1:19:e3:47:e1:43:5a:5f:57:93:71:
         b6:29:1c:2d:d1:f4:31:4b:bd:a0:6f:dc:de:f6:58:23:1c:66:
         bd:d2:33:18:f4:bb:a4:13:c8:4e:6a:23:1f:5c:fe:ce:ca:51:
         a2:10:bc:5d:75:1a:d3:d8:d6:72:ad:ec:21:28:ee:60:03:3d:
         9b:f5:5c:6c:25:9f:35:26:ec:26:b1:9c:c7:d4:6a:3e:2c:c2:
         a5:ae:7c:c9:dd:6e:e4:1f:41:d3:73:24:0b:fc:df:a8:5b:c2:
         e2:20:34:fa
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAfJBrjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MGNjN2E0NDc0ODJlNTdiMDYwNGJhYmI4MmE1MjQwOWNkZTNiMzZkMB4XDTIyMDEw
MTE1NTkzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2FmMjhjYzRkMjc3
MGU1MGFlZTM4OWNkODA0ZWY2Zjc1OWMwMzM3YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKXRH7eS7XCA0btfs5bnuDekBDOwHKnWqdxkLVNlnIov1l59
ubshruPnSm+C5PR75eUVrjf6jimvQBTeiGfWV63Sb7JqMNIReL+7N5hO3z10ZLf1
QRQ65VN/9rr7PPrIsJUwooSW0/aDFfIKZOPfa9i8hsnvjrsXJmFlZxoZgZWWK9dV
qPhodWaJX+x7mGwKSzcHAbox6oeVHDCVOuvWG6V78015f7nRzYrkrC1B5vmJuJt9
XJzFbSq+2YTzh6bLFd2n9aSVADlcyCW/dn48JHyQ9RhbvrHHBy/v6A+SGoM8pPTD
LEhz8FfG6zCOSDVugkzr28c4zh/d8pkBnegLzQECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR68ozE0ncOUK7jic2ATvb3WcAzejAfBgNVHSMEGDAWgBTwzHpEdILlewYE
uruCpSQJzeOzbTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhNeDZSSFNDNVhzR0JMcTdncVVrQ2MzanMyMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjIvMGU1OGRjLTdjOTAtNDlkNy04ODU1LWZhMzJkMmQ1Mjk2OC8x
L2V2S014TkozRGxDdTQ0bk5nRTcyOTFuQU0zby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIv
MGU1OGRjLTdjOTAtNDlkNy04ODU1LWZhMzJkMmQ1Mjk2OC8xLzhNeDZSSFNDNVhz
R0JMcTdncVVrQ2MzanMyMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA1t7ADANBgkqhkiG9w0BAQsFAAOC
AQEArFlxwBLDAP2T1bhnDI+UOO2O0o6VYo3TQT7kudiiSpHbL2psgr2yGzCmSB58
1pNmy06+T9Uq+fWw42ScESDuM6ay7msJZRpG0lKpLxTo6JBg/xxN3jw4opik98sS
/2/Z0gpfmQWF2fmHH0OvYo26m5Igg7UOOfzBySZneLYd0Pi1YAjBqD2p9A+JkbfT
NCi8Y9C+Vtye76EZ40fhQ1pfV5NxtikcLdH0MUu9oG/c3vZYIxxmvdIzGPS7pBPI
TmojH1z+zspRohC8XXUa09jWcq3sISjuYAM9m/VcbCWfNSbsJrGcx9RqPizCpa58
yd1u5B9B03MkC/zfqFvC4iA0+g==
-----END CERTIFICATE-----

Generated at Sun Jan 30 13:29:06 2022 by LibreSSL & rpki-client.