Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cJ8cUcCi6G0N8daT1JiO4ekgAMo.cer
File:                     cJ8cUcCi6G0N8daT1JiO4ekgAMo.cer (raw, json)
Hash identifier:          DcLRC5Q8gBAMgjg16/OvCt68luSXVIPOPThBP9Jg5P8=
Subject key identifier:   70:9F:1C:51:C0:A2:E8:6D:0D:F1:D6:93:D4:98:8E:E1:E9:20:00:CA
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       0187222CF8399551E7649660767F471DDC18
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/215/709F1C51C0A2E86D0DF1D693D4988EE1E92000CA.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/215
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Mon 27 Mar 2023 08:26:25 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    IP: 91.199.122.0/24

Validation:               Failed, certificate revoked on Wed 27 Dec 2023 13:47:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:22:2c:f8:39:95:51:e7:64:96:60:76:7f:47:1d:dc:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Mar 27 08:26:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=709f1c51c0a2e86d0df1d693d4988ee1e92000ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:21:56:f8:65:b1:cd:d1:96:ae:6d:4b:63:89:
                    a7:da:48:3a:76:aa:0b:cc:39:df:ac:13:65:06:bb:
                    d2:5b:0e:26:49:37:75:c0:e4:86:c0:25:e0:ec:a7:
                    7e:db:c5:90:dc:d1:7d:9d:c7:48:72:b8:19:c9:1b:
                    c6:6b:77:d5:bb:70:d9:de:5c:d9:06:d2:78:1c:90:
                    95:7a:ff:6b:fe:29:cd:e6:9f:91:cb:40:fb:6a:e4:
                    dd:52:2d:e9:60:b3:38:34:f0:dd:7d:21:7b:5e:88:
                    d2:35:18:77:78:a9:df:17:f5:8f:c3:30:d6:ea:34:
                    01:fa:f4:e4:64:dd:f0:1d:42:e6:5f:46:85:5b:38:
                    29:49:71:25:73:d1:54:ee:ef:54:5d:fe:fd:3a:ed:
                    00:d7:04:d2:65:61:70:98:ad:eb:09:b9:6d:43:4a:
                    12:2c:f9:32:d9:22:6e:71:c1:ac:97:53:2b:25:a8:
                    d0:bd:cd:0c:12:08:87:a4:93:6e:9d:b4:53:af:f2:
                    13:20:f0:a0:c7:04:7e:7d:34:73:7c:1b:61:0d:15:
                    8d:9f:c9:1b:e0:2e:d4:c6:99:16:4c:cc:42:47:6a:
                    c3:08:1e:30:ea:31:b7:8f:e5:9c:13:a6:f3:82:ba:
                    59:62:86:77:a3:37:81:07:89:5b:db:9a:0c:b2:78:
                    d5:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:9F:1C:51:C0:A2:E8:6D:0D:F1:D6:93:D4:98:8E:E1:E9:20:00:CA
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/215
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/215/709F1C51C0A2E86D0DF1D693D4988EE1E92000CA.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.199.122.0/24

    Signature Algorithm: sha256WithRSAEncryption
         91:e8:f8:85:80:73:7f:06:b3:1f:00:39:7e:5a:dd:aa:67:ff:
         4c:8c:86:06:d7:23:4a:67:96:f6:3d:8f:e8:0a:c6:72:fd:fe:
         7f:32:b8:14:ea:be:dc:07:e4:23:03:e5:ce:d4:59:9a:8e:ec:
         cc:6d:d1:b4:ed:10:c6:23:b7:4e:2b:51:bb:46:da:51:e2:e4:
         eb:e1:52:46:1a:fd:30:50:54:7f:22:50:bd:28:c5:83:36:d3:
         24:0a:f1:d4:72:53:c2:eb:0c:17:94:c0:2e:73:54:da:90:de:
         d2:cd:b2:4c:8c:98:95:23:7f:3c:57:9f:61:5a:03:03:70:d9:
         0b:61:77:58:8a:f8:29:ff:7f:d2:68:65:23:df:15:cd:0f:f3:
         35:3c:8a:58:68:ce:13:4a:a6:bf:56:e9:f1:10:ef:7b:d2:6e:
         8e:ca:e1:40:e4:55:27:57:c9:de:64:af:f4:cb:3a:36:4e:a2:
         97:ad:80:f4:4e:87:12:87:86:8b:80:17:07:fe:cc:60:b7:39:
         f9:a0:e3:36:2d:c6:43:8c:ae:aa:ab:07:93:51:26:60:3f:32:
         c8:7a:af:bc:3c:4c:1d:5d:93:ee:6f:bc:c1:54:db:e1:05:ad:
         58:3e:7b:c0:57:69:e3:b5:35:ce:e7:8a:46:e7:77:24:8b:d5:
         15:0f:8c:a0
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAYciLPg5lVHnZJZgdn9HHdwYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMzI3MDgyNjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDlmMWM1MWMwYTJlODZkMGRmMWQ2OTNkNDk4OGVlMWU5MjAwMGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzSFW+GWxzdGWrm1LY4mn2kg6dqoL
zDnfrBNlBrvSWw4mSTd1wOSGwCXg7Kd+28WQ3NF9ncdIcrgZyRvGa3fVu3DZ3lzZ
BtJ4HJCVev9r/inN5p+Ry0D7auTdUi3pYLM4NPDdfSF7XojSNRh3eKnfF/WPwzDW
6jQB+vTkZN3wHULmX0aFWzgpSXElc9FU7u9UXf79Ou0A1wTSZWFwmK3rCbltQ0oS
LPky2SJuccGsl1MrJajQvc0MEgiHpJNunbRTr/ITIPCgxwR+fTRzfBthDRWNn8kb
4C7UxpkWTMxCR2rDCB4w6jG3j+WcE6bzgrpZYoZ3ozeBB4lb25oMsnjVkwIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFHCfHFHAouhtDfHWk9SYjuHpIADKMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggFDBggrBgEFBQcBCwSCATUwggExMGAGCCsGAQUFBzAFhlRy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2ZlMzcw
OGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBiOTlhZi8yMTUwgY4GCCsGAQUFBzAK
hoGBcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9m
ZTM3MDhhMC02N2Q1LTRhYzItYWJjNC1hMzMyNTkwYjk5YWYvMjE1LzcwOUYxQzUx
QzBBMkU4NkQwREYxRDY5M0Q0OTg4RUUxRTkyMDAwQ0EubWZ0MDwGCCsGAQUFBzAN
hjBodHRwczovL3JyZHAucGFhcy5ycGtpLnJpcGUubmV0L25vdGlmaWNhdGlvbi54
bWwwWQYDVR0fBFIwUDBOoEygSoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9z
aXRvcnkvREVGQVVMVC9LcFNvM1ZWSzV3RUhJSm5IQzJRSFZWM2Q1bWsuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABbx3owDQYJKoZIhvcNAQELBQADggEBAJHo+IWAc38Gsx8AOX5a3apn/0yM
hgbXI0pnlvY9j+gKxnL9/n8yuBTqvtwH5CMD5c7UWZqO7Mxt0bTtEMYjt04rUbtG
2lHi5OvhUkYa/TBQVH8iUL0oxYM20yQK8dRyU8LrDBeUwC5zVNqQ3tLNskyMmJUj
fzxXn2FaAwNw2Qthd1iK+Cn/f9JoZSPfFc0P8zU8ilhozhNKpr9W6fEQ73vSbo7K
4UDkVSdXyd5kr/TLOjZOopetgPROhxKHhouAFwf+zGC3Ofmg4zYtxkOMrqqrB5NR
JmA/Msh6r7w8TB1dk+5vvMFU2+EFrVg+e8BXaeO1Nc7nikbndySL1RUPjKA=
-----END CERTIFICATE-----