Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2R93viIBHX4dV12fmttfjhYOX9k.cer
File:                     2R93viIBHX4dV12fmttfjhYOX9k.cer (raw, json)
Hash identifier:          Y7F8i8LxcPOXqfAgvLQAxZBshCtrh4KmA+Vml68H65Y=
Subject key identifier:   D9:1F:77:BE:22:01:1D:7E:1D:57:5D:9F:9A:DB:5F:8E:16:0E:5F:D9
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01CE2F
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A914C07F/9F9E1ECA0B6311EB8105B374C4F9AE02/2R93viIBHX4dV12fmttfjhYOX9k.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A914C07F/9F9E1ECA0B6311EB8105B374C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 30 Nov 2023 17:34:30 +0000
Certificate not after:    Sat 30 Mar 2024 00:00:00 +0000
Subordinate resources:    IP: 2401:d240::/32

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 118319 (0x1ce2f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Nov 30 17:34:30 2023 GMT
            Not After : Mar 30 00:00:00 2024 GMT
        Subject: CN=A914C07F/serialNumber=D91F77BE22011D7E1D575D9F9ADB5F8E160E5FD9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:23:b8:e8:0c:cb:f0:8d:b1:f5:63:41:d5:cd:
                    e1:84:f4:71:75:aa:31:d8:d4:c4:2e:17:7b:0a:1d:
                    5d:85:de:e8:91:1f:80:88:73:fa:56:1c:9e:7d:db:
                    34:1f:79:e9:b5:ec:c4:a5:47:73:a3:f5:e0:1e:cb:
                    c7:52:24:c2:35:ef:57:a1:39:e6:2c:f0:78:df:7a:
                    b1:b9:64:a1:b8:10:99:58:c4:da:1b:33:a8:87:cd:
                    27:89:6a:6e:18:a8:10:9a:e1:96:a7:e5:fe:76:d1:
                    4f:3e:a2:e7:f9:be:ff:37:f1:5e:d0:44:bf:5d:00:
                    7c:0c:af:50:ef:90:3a:81:c2:42:43:35:fd:08:3e:
                    96:6d:08:b2:46:af:71:b0:3b:79:36:ea:1f:d4:3f:
                    c2:b4:42:de:e4:05:95:3c:40:2b:25:3c:70:8f:ca:
                    8e:a3:7b:cb:46:40:97:6e:5c:23:74:7b:30:58:6e:
                    26:08:98:dd:0e:7c:95:a2:d3:da:ae:32:c2:35:11:
                    4c:00:4e:27:06:7d:84:71:45:af:6c:60:e9:66:9f:
                    15:66:ec:56:5b:fc:ee:3b:a7:e6:c8:38:fc:ff:76:
                    88:cd:9a:85:ef:d1:00:7d:21:52:2b:a9:5a:fe:72:
                    21:23:e2:85:bf:b5:0f:b6:cb:b2:76:69:7d:ee:12:
                    67:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:1F:77:BE:22:01:1D:7E:1D:57:5D:9F:9A:DB:5F:8E:16:0E:5F:D9
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A914C07F/9F9E1ECA0B6311EB8105B374C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A914C07F/9F9E1ECA0B6311EB8105B374C4F9AE02/2R93viIBHX4dV12fmttfjhYOX9k.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2401:d240::/32

    Signature Algorithm: sha256WithRSAEncryption
         87:9e:be:2e:67:c3:e5:e4:1a:0f:55:f5:80:eb:4f:d2:c7:f5:
         df:ee:67:9d:df:1c:f8:65:b8:d9:44:78:d1:82:fa:7a:cb:ac:
         66:10:a2:40:70:b3:61:46:a1:4a:a3:c3:a9:c9:1b:b9:ed:da:
         ad:fa:68:e1:17:1f:fd:fc:3b:a8:62:41:64:a3:54:eb:8b:59:
         16:10:ac:cc:c4:5d:fc:b1:05:81:0e:f0:bf:45:af:c2:9f:48:
         f6:7f:52:63:d0:9e:57:e0:81:d0:af:33:0f:d1:d5:4e:e0:10:
         58:38:4f:f9:5b:99:71:f5:f5:8d:1b:9c:95:41:97:54:40:bb:
         b7:11:6f:09:0c:45:4a:8b:ab:3c:80:0f:84:0f:a7:3e:cc:9a:
         fe:0f:ad:53:20:ec:d6:16:ff:46:03:cb:66:83:af:e0:83:81:
         5a:6c:9e:94:7c:64:66:6d:27:76:d9:d9:d5:72:04:c3:34:ae:
         48:23:d0:95:48:cf:d1:8e:2d:54:4e:3e:58:16:88:7c:e8:c9:
         60:f4:c3:0e:0c:f5:26:8b:d3:7c:29:3d:11:1c:ce:f8:0c:d8:
         05:64:0c:d3:4f:be:39:62:e9:b6:80:84:43:9e:39:f5:58:83:
         71:7b:17:24:ee:a1:1d:76:4d:1a:cc:f9:83:86:d6:30:df:3c:
         91:85:ee:2b
-----BEGIN CERTIFICATE-----
MIIF/zCCBOegAwIBAgIDAc4vMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTEzMDE3MzQzMFoXDTI0MDMzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNEMwN0YxMTAvBgNVBAUTKEQ5MUY3N0JFMjIwMTFEN0UxRDU3NUQ5
RjlBREI1RjhFMTYwRTVGRDkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDTI7joDMvwjbH1Y0HVzeGE9HF1qjHY1MQuF3sKHV2F3uiRH4CIc/pWHJ592zQf
eem17MSlR3Oj9eAey8dSJMI171ehOeYs8HjferG5ZKG4EJlYxNobM6iHzSeJam4Y
qBCa4Zan5f520U8+ouf5vv838V7QRL9dAHwMr1DvkDqBwkJDNf0IPpZtCLJGr3Gw
O3k26h/UP8K0Qt7kBZU8QCslPHCPyo6je8tGQJduXCN0ezBYbiYImN0OfJWi09qu
MsI1EUwATicGfYRxRa9sYOlmnxVm7FZb/O47p+bIOPz/dojNmoXv0QB9IVIrqVr+
ciEj4oW/tQ+2y7J2aX3uEme/AgMBAAGjggL0MIIC8DAdBgNVHQ4EFgQU2R93viIB
HX4dV12fmttfjhYOX9kwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTRDMDdGLzlGOUUxRUNBMEI2MzExRUI4MTA1QjM3NEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE0QzA3Ri85RjlFMUVDQTBCNjMxMUVCODEwNUIzNzRDNEY5QUUwMi8yUjkzdmlJ
QkhYNGRWMTJmbXR0ZmpoWU9YOWsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8EETAP
MA0EAgACMAcDBQAkAdJAMA0GCSqGSIb3DQEBCwUAA4IBAQCHnr4uZ8Pl5BoPVfWA
60/Sx/Xf7med3xz4ZbjZRHjRgvp6y6xmEKJAcLNhRqFKo8OpyRu57dqt+mjhFx/9
/DuoYkFko1Tri1kWEKzMxF38sQWBDvC/Ra/Cn0j2f1Jj0J5X4IHQrzMP0dVO4BBY
OE/5W5lx9fWNG5yVQZdUQLu3EW8JDEVKi6s8gA+ED6c+zJr+D61TIOzWFv9GA8tm
g6/gg4FabJ6UfGRmbSd22dnVcgTDNK5II9CVSM/Rji1UTj5YFoh86Mlg9MMODPUm
i9N8KT0RHM74DNgFZAzTT745Yum2gIRDnjn1WINxexck7qEddk0azPmDhtYw3zyR
he4r
-----END CERTIFICATE-----
Generated at Mon Dec 11 15:53:34 2023 by rpki-client on console-ams.rpki-client.org