Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/KdAv2re5BhqI_417O_CYoql0G4k.cer
File:                     KdAv2re5BhqI_417O_CYoql0G4k.cer (raw, json)
Hash identifier:          bFOT1kzKMzFuFNJSTRZ3tNqikKJZSTPj+dNhMwPiAIA=
Subject key identifier:   29:D0:2F:DA:B7:B9:06:1A:88:FF:8D:7B:3B:F0:98:A2:A9:74:1B:89
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01901489F8CC1E1870E0F205B23A2AF60D8E
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/da9f215d-a978-402c-9064-4de4fd4943af/0/29D02FDAB7B9061A88FF8D7B3BF098A2A9741B89.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/da9f215d-a978-402c-9064-4de4fd4943af/0/
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Fri 14 Jun 2024 02:18:24 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 215885

Validation:               Failed, certificate revoked on Wed 26 Jun 2024 01:38:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:14:89:f8:cc:1e:18:70:e0:f2:05:b2:3a:2a:f6:0d:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jun 14 02:18:24 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=29d02fdab7b9061a88ff8d7b3bf098a2a9741b89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:70:2d:e2:7e:d5:8c:00:67:e8:af:0b:cc:17:
                    14:d4:7c:47:09:6c:85:93:dc:7a:25:a1:77:33:e9:
                    d1:19:9e:d5:49:9b:8c:d7:82:30:06:bb:82:27:70:
                    5d:86:35:eb:34:15:e2:27:f9:28:03:3a:85:58:58:
                    3d:95:6c:10:ee:82:37:f0:65:cc:a7:11:5c:b7:9c:
                    b4:e9:a6:ff:65:f3:2d:7c:cc:d4:fe:39:eb:ea:88:
                    82:4d:5c:3b:a1:dc:52:1c:22:14:c8:50:db:f8:2e:
                    07:2d:a8:b4:5f:0c:51:df:1d:89:89:ae:35:30:01:
                    36:52:96:5e:51:89:23:87:e8:20:71:c7:39:c4:86:
                    d1:bf:f5:52:46:0d:a8:f1:ab:55:fe:18:3e:e1:e2:
                    d0:0c:3a:5d:7d:c8:a0:df:03:41:c2:10:84:96:23:
                    1f:ac:fb:96:dd:be:21:fb:2b:f8:d8:ee:1f:93:67:
                    c1:5b:36:bb:20:06:18:2c:3d:29:58:45:da:86:95:
                    7e:9b:24:ca:4e:41:d5:df:c8:ea:71:33:4d:50:b9:
                    4c:03:a3:95:4c:e5:d3:b9:a0:37:d7:b8:36:c8:58:
                    e2:56:d5:cf:c7:80:f0:d6:c5:de:cf:52:ce:06:f1:
                    0e:b6:1e:6d:45:67:ce:bd:e9:19:e5:b0:87:38:45:
                    ee:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:D0:2F:DA:B7:B9:06:1A:88:FF:8D:7B:3B:F0:98:A2:A9:74:1B:89
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/da9f215d-a978-402c-9064-4de4fd4943af/0/
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/da9f215d-a978-402c-9064-4de4fd4943af/0/29D02FDAB7B9061A88FF8D7B3BF098A2A9741B89.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  215885

    Signature Algorithm: sha256WithRSAEncryption
         70:b7:39:c4:38:f3:da:2c:ed:d3:8e:52:e5:94:98:db:ae:c1:
         a4:5d:5b:d6:18:1d:86:72:71:6c:c1:e8:2f:b9:c1:8f:6b:1a:
         08:6b:e7:b8:cb:19:b9:dc:a3:5f:f3:99:28:52:90:0f:35:9e:
         d9:ca:de:bd:14:ee:37:95:63:d1:07:69:27:03:35:4d:57:15:
         5b:41:08:cb:9d:6d:e3:e4:b6:45:a8:a8:c1:1c:cf:32:76:98:
         8f:fe:06:ae:2c:c8:9a:6f:ae:74:dc:29:9a:07:fe:fa:c0:f7:
         32:93:33:72:94:c4:89:73:96:0d:47:50:2d:b4:8e:80:a9:0f:
         1e:e7:21:70:ed:f1:b5:32:79:06:ed:7c:11:f8:45:c0:0a:f8:
         19:a3:56:42:0f:80:8c:1c:68:90:14:b7:be:6e:91:c9:59:54:
         87:c2:17:24:aa:e9:eb:5d:c5:cf:5a:22:5c:20:ee:3e:0b:72:
         7e:14:b5:6e:d2:41:83:e4:c6:4b:54:67:31:6e:98:60:a0:a5:
         73:06:69:06:5f:f9:a2:ff:7e:38:23:ae:74:d5:35:f1:5a:88:
         e5:21:39:2b:1f:a4:76:15:9a:97:ba:80:e2:c2:a2:6e:69:d8:
         c9:21:e5:c6:e4:f2:61:da:58:dc:3d:f2:69:9c:1f:9e:19:bf:
         03:11:c0:d2
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAZAUifjMHhhw4PIFsjoq9g2OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwNjE0MDIxODI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWQwMmZkYWI3YjkwNjFhODhmZjhkN2IzYmYwOThhMmE5NzQxYjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2XAt4n7VjABn6K8LzBcU1HxHCWyF
k9x6JaF3M+nRGZ7VSZuM14IwBruCJ3BdhjXrNBXiJ/koAzqFWFg9lWwQ7oI38GXM
pxFct5y06ab/ZfMtfMzU/jnr6oiCTVw7odxSHCIUyFDb+C4HLai0XwxR3x2Jia41
MAE2UpZeUYkjh+ggccc5xIbRv/VSRg2o8atV/hg+4eLQDDpdfcig3wNBwhCEliMf
rPuW3b4h+yv42O4fk2fBWza7IAYYLD0pWEXahpV+myTKTkHV38jqcTNNULlMA6OV
TOXTuaA317g2yFjiVtXPx4Dw1sXez1LOBvEOth5tRWfOvekZ5bCHOEXuRwIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFCnQL9q3uQYaiP+NezvwmKKpdBuJMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2RhOWYy
MTVkLWE5NzgtNDAyYy05MDY0LTRkZTRmZDQ5NDNhZi8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGE5
ZjIxNWQtYTk3OC00MDJjLTkwNjQtNGRlNGZkNDk0M2FmLzAvMjlEMDJGREFCN0I5
MDYxQTg4RkY4RDdCM0JGMDk4QTJBOTc0MUI4OS5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMDS00w
DQYJKoZIhvcNAQELBQADggEBAHC3OcQ489os7dOOUuWUmNuuwaRdW9YYHYZycWzB
6C+5wY9rGghr57jLGbnco1/zmShSkA81ntnK3r0U7jeVY9EHaScDNU1XFVtBCMud
bePktkWoqMEczzJ2mI/+Bq4syJpvrnTcKZoH/vrA9zKTM3KUxIlzlg1HUC20joCp
Dx7nIXDt8bUyeQbtfBH4RcAK+BmjVkIPgIwcaJAUt75ukclZVIfCFySq6etdxc9a
Ilwg7j4Lcn4UtW7SQYPkxktUZzFumGCgpXMGaQZf+aL/fjgjrnTVNfFaiOUhOSsf
pHYVmpe6gOLCom5p2Mkh5cbk8mHaWNw98mmcH54ZvwMRwNI=
-----END CERTIFICATE-----