Route Origin Authorization
Location:                 rpki.ripe.net/repository/DEFAULT/fc/e44a7a-f569-4d5a-bc8b-c8884fc9c26e/1/38u_eGi_eMgYf01lpV0E_f8EgKI.roa (download)

Subject key identifier:   DF:CB:BF:78:68:BF:78:C8:18:7F:4D:65:A5:5D:04:FD:FF:04:80:A2 
Authority key identifier: 2D:92:7C:E7:BA:52:03:07:EA:14:7C:34:F1:32:87:DB:76:B9:30:FE
asID:                     AS1239
Prefixes:
    1: 2a11:71c0::/29 maxlen: 29

--
$ test-roa -p rpki.ripe.net/repository/DEFAULT/fc/e44a7a-f569-4d5a-bc8b-c8884fc9c26e/1/38u_eGi_eMgYf01lpV0E_f8EgKI.roa | openssl x509 -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13106600 (0xc7fda8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2d927ce7ba520307ea147c34f13287db76b930fe
        Validity
            Not Before: Jan  1 02:56:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=dfcbbf7868bf78c8187f4d65a55d04fdff0480a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:d9:53:48:fe:10:bc:51:ee:88:25:c3:ac:27:
                    f1:fa:b8:dc:c9:34:7c:bb:74:a6:57:b4:b4:43:60:
                    f1:69:b6:24:38:44:55:9b:4e:d1:b3:cd:b8:1b:6e:
                    2f:8f:f9:f9:c0:84:ac:07:43:f7:91:0b:c9:1b:06:
                    69:37:db:47:7b:47:17:03:e4:3e:ff:3c:71:32:39:
                    8a:65:56:96:a9:71:31:03:35:a8:c1:bd:bc:c7:96:
                    e1:cc:97:a7:17:e2:03:05:aa:01:a2:0f:6a:88:23:
                    da:47:54:63:e7:a2:61:9b:2d:5e:77:ac:25:e4:8d:
                    50:03:88:07:50:75:81:f3:01:7f:67:32:45:47:c6:
                    b0:84:9b:d2:75:65:80:60:c2:28:f1:a7:06:a8:5d:
                    2d:d7:79:26:f7:c2:f0:50:be:12:b5:4a:b5:1f:68:
                    51:01:08:83:b8:11:2e:36:d0:38:b1:6c:ad:fa:61:
                    6a:4c:33:27:bd:63:ad:51:2c:19:c7:c9:74:13:bf:
                    3c:a2:c8:e3:de:f8:9f:f3:d3:86:30:b8:51:1b:72:
                    ca:26:e8:57:c9:28:f3:33:31:0d:e8:be:47:3d:2e:
                    17:d4:a1:43:1f:fb:96:dd:00:bc:e0:e2:87:5c:36:
                    75:14:c3:55:f7:6f:41:1c:5d:4b:5d:54:b7:1c:a4:
                    13:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                DF:CB:BF:78:68:BF:78:C8:18:7F:4D:65:A5:5D:04:FD:FF:04:80:A2
            X509v3 Authority Key Identifier: 
                keyid:2D:92:7C:E7:BA:52:03:07:EA:14:7C:34:F1:32:87:DB:76:B9:30:FE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LZJ857pSAwfqFHw08TKH23a5MP4.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/e44a7a-f569-4d5a-bc8b-c8884fc9c26e/1/38u_eGi_eMgYf01lpV0E_f8EgKI.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/e44a7a-f569-4d5a-bc8b-c8884fc9c26e/1/LZJ857pSAwfqFHw08TKH23a5MP4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:71c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         96:43:be:4d:a3:c6:0c:45:b8:76:32:f6:9f:bc:d1:6c:8e:37:
         10:73:20:20:58:9c:ab:4d:fc:99:20:2f:49:cd:0e:2e:27:99:
         a9:d5:e8:33:01:11:d4:5c:39:d7:3f:df:e5:33:8e:6f:62:e6:
         5c:f1:b5:ba:eb:b6:6d:23:c0:bf:81:5c:75:45:fd:fa:ae:de:
         df:a5:77:d4:dc:22:fa:11:90:87:9a:58:90:b7:1e:29:43:33:
         f8:7d:42:90:a3:7a:ff:3f:91:fc:b4:db:e0:35:6b:29:10:eb:
         a2:50:22:02:2f:85:d5:56:f9:ad:11:71:c5:0b:91:93:b0:0c:
         9a:e9:5b:dc:21:39:5d:70:bd:6a:4d:39:85:c7:f4:9c:28:a9:
         79:04:c9:96:d7:5c:5b:75:51:f1:c5:8d:fc:9e:fa:94:43:e0:
         f7:c2:a2:b7:28:74:c8:81:49:ec:4a:c5:ff:7d:c7:4c:66:b3:
         81:64:fd:6c:3b:61:f0:b7:81:a2:d1:17:3f:c0:69:1c:01:1e:
         38:d9:cd:f7:11:88:01:21:d1:c9:18:d8:93:aa:5d:0f:b4:48:
         a1:08:2d:44:8f:48:5f:61:c7:73:f9:b0:8b:3e:04:63:af:d4:
         b0:67:09:8c:18:cd:87:48:7f:4d:51:1f:f9:87:44:37:61:f7:
         c0:51:27:bd
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEAMf9qDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZDkyN2NlN2JhNTIwMzA3ZWExNDdjMzRmMTMyODdkYjc2YjkzMGZlMB4XDTIyMDEw
MTAyNTYzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGZjYmJmNzg2OGJm
NzhjODE4N2Y0ZDY1YTU1ZDA0ZmRmZjA0ODBhMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMbZU0j+ELxR7oglw6wn8fq43Mk0fLt0ple0tENg8Wm2JDhE
VZtO0bPNuBtuL4/5+cCErAdD95ELyRsGaTfbR3tHFwPkPv88cTI5imVWlqlxMQM1
qMG9vMeW4cyXpxfiAwWqAaIPaogj2kdUY+eiYZstXnesJeSNUAOIB1B1gfMBf2cy
RUfGsISb0nVlgGDCKPGnBqhdLdd5JvfC8FC+ErVKtR9oUQEIg7gRLjbQOLFsrfph
akwzJ71jrVEsGcfJdBO/PKLI4974n/PThjC4URtyyiboV8ko8zMxDei+Rz0uF9Sh
Qx/7lt0AvODih1w2dRTDVfdvQRxdS11UtxykE4ECAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBTfy794aL94yBh/TWWlXQT9/wSAojAfBgNVHSMEGDAWgBQtknznulIDB+oU
fDTxMofbdrkw/jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xaSjg1N3BTQXdmcUZIdzA4VEtIMjNhNU1QNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmMvZTQ0YTdhLWY1NjktNGQ1YS1iYzhiLWM4ODg0ZmM5YzI2ZS8x
LzM4dV9lR2lfZU1nWWYwMWxwVjBFX2Y4RWdLSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmMv
ZTQ0YTdhLWY1NjktNGQ1YS1iYzhiLWM4ODg0ZmM5YzI2ZS8xL0xaSjg1N3BTQXdm
cUZIdzA4VEtIMjNhNU1QNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoRccAwDQYJKoZIhvcNAQELBQAD
ggEBAJZDvk2jxgxFuHYy9p+80WyONxBzICBYnKtN/JkgL0nNDi4nmanV6DMBEdRc
Odc/3+Uzjm9i5lzxtbrrtm0jwL+BXHVF/fqu3t+ld9TcIvoRkIeaWJC3HilDM/h9
QpCjev8/kfy02+A1aykQ66JQIgIvhdVW+a0RccULkZOwDJrpW9whOV1wvWpNOYXH
9JwoqXkEyZbXXFt1UfHFjfye+pRD4PfCorcodMiBSexKxf99x0xms4Fk/Ww7YfC3
gaLRFz/AaRwBHjjZzfcRiAEh0ckY2JOqXQ+0SKEILUSPSF9hx3P5sIs+BGOv1LBn
CYwYzYdIf01RH/mHRDdh98BRJ70=
-----END CERTIFICATE-----

Generated at Sun Jan 30 13:31:43 2022 by LibreSSL & rpki-client.