Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2Vm0ktlTs43LnCp4-0K3-F34bhM.cer
File:                     2Vm0ktlTs43LnCp4-0K3-F34bhM.cer (raw, json)
Hash identifier:          3TkIFJXA2RP8oNuSEfpVXhgWfyjsqZFQw4oJCdCwj8Y=
Subject key identifier:   D9:59:B4:92:D9:53:B3:8D:CB:9C:2A:78:FB:42:B7:F8:5D:F8:6E:13
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       02039D
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A914A947/2EFC7994826711EABBD3080AC4F9AE02/2Vm0ktlTs43LnCp4-0K3-F34bhM.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A914A947/2EFC7994826711EABBD3080AC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 31 Jul 2024 14:58:10 +0000
Certificate not after:    Sun 01 Dec 2024 00:00:00 +0000
Subordinate resources:    AS: 138024
                          IP: 2403:5240::/32

Validation:               Failed, certificate revoked on Fri 09 Aug 2024 14:30:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 131997 (0x2039d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jul 31 14:58:10 2024 GMT
            Not After : Dec  1 00:00:00 2024 GMT
        Subject: CN=A914A947/serialNumber=D959B492D953B38DCB9C2A78FB42B7F85DF86E13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:05:c9:5f:f5:74:93:3a:d8:f5:27:32:77:06:
                    50:2f:23:76:cb:4d:d3:54:5d:00:ce:9a:2f:83:07:
                    b3:6f:5e:32:ff:5b:75:b5:fe:45:75:d2:b4:47:0e:
                    bb:f3:bc:5f:80:4c:dd:0d:f2:df:9c:72:ca:16:c6:
                    f4:e2:14:18:8b:83:2b:57:04:0a:41:6c:11:af:b2:
                    8a:d2:0c:ba:12:68:1a:0e:50:ff:7d:4f:2b:18:2a:
                    ed:a9:44:66:cf:cd:52:5f:ff:46:ad:cb:8a:38:ad:
                    80:68:00:3f:22:e7:bc:21:f8:84:f3:f0:50:2e:b1:
                    ad:96:09:84:bb:40:ca:3e:f5:ff:ef:75:c8:04:8b:
                    79:6d:ce:fc:16:c3:d5:fb:51:8f:41:71:5b:a4:94:
                    81:0e:82:92:0a:26:12:10:b8:a9:87:be:d8:c5:cb:
                    a9:57:68:46:a0:47:d4:bb:95:f4:78:9f:47:cb:b2:
                    c3:f0:5b:30:53:e8:85:aa:fb:ac:48:f0:8b:6f:00:
                    f9:e1:91:5c:35:44:0d:9d:7f:ab:3f:bc:79:84:80:
                    5e:43:91:24:e0:1e:fb:e9:b6:c9:af:13:83:e4:45:
                    79:71:c5:bd:d7:cf:dd:ab:30:06:ee:09:a6:f9:b7:
                    0c:15:0c:0a:fc:f5:22:af:d1:86:67:f0:3c:e3:fc:
                    39:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:59:B4:92:D9:53:B3:8D:CB:9C:2A:78:FB:42:B7:F8:5D:F8:6E:13
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A914A947/2EFC7994826711EABBD3080AC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A914A947/2EFC7994826711EABBD3080AC4F9AE02/2Vm0ktlTs43LnCp4-0K3-F34bhM.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  138024

            sbgp-ipAddrBlock: critical
                IPv6:
                  2403:5240::/32

    Signature Algorithm: sha256WithRSAEncryption
         5e:6b:f3:af:06:97:ef:ff:bc:a6:93:ff:8e:1d:fa:f8:45:88:
         23:e4:24:f0:29:3d:e7:75:37:09:29:bd:d7:ae:0b:43:5b:1b:
         a0:8f:21:b5:9f:03:da:0d:e8:90:e0:b1:ef:d7:88:36:7e:50:
         47:34:56:b4:f8:f6:bf:fb:db:20:d7:2f:16:23:11:a2:3e:99:
         a0:18:90:44:e5:9f:65:3f:0a:ee:15:f0:15:97:ad:86:f7:d2:
         26:b3:88:78:37:9c:fb:bc:91:44:4c:89:8d:70:53:69:25:95:
         bf:a0:14:78:24:af:23:95:4e:32:51:b0:a8:d1:b3:da:b5:03:
         01:ba:dc:95:d5:d4:4a:f7:bf:da:cf:ea:5a:a5:f1:3b:be:44:
         3c:d3:34:94:01:f0:6a:b7:fe:9c:b4:df:1a:95:4f:fe:a1:de:
         51:54:58:20:50:cd:1c:61:ec:54:bd:3e:2a:9f:7e:a3:47:ef:
         94:a8:64:51:fa:fc:4c:53:69:b3:82:8d:f4:5a:11:ec:63:1f:
         b3:fd:fa:0d:03:6f:d8:cd:42:33:65:09:ed:82:8c:bb:01:7f:
         57:c6:77:d8:56:c6:cc:61:0c:88:99:62:e7:c6:6a:0b:d6:97:
         9e:53:45:02:c0:1a:9a:16:e1:f7:05:b2:d1:d4:94:47:8f:2e:
         fb:5d:1d:d5
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgIDAgOdMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDczMTE0NTgxMFoXDTI0MTIwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNEE5NDcxMTAvBgNVBAUTKEQ5NTlCNDkyRDk1M0IzOERDQjlDMkE3
OEZCNDJCN0Y4NURGODZFMTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDvBclf9XSTOtj1JzJ3BlAvI3bLTdNUXQDOmi+DB7NvXjL/W3W1/kV10rRHDrvz
vF+ATN0N8t+ccsoWxvTiFBiLgytXBApBbBGvsorSDLoSaBoOUP99TysYKu2pRGbP
zVJf/0aty4o4rYBoAD8i57wh+ITz8FAusa2WCYS7QMo+9f/vdcgEi3ltzvwWw9X7
UY9BcVuklIEOgpIKJhIQuKmHvtjFy6lXaEagR9S7lfR4n0fLssPwWzBT6IWq+6xI
8ItvAPnhkVw1RA2df6s/vHmEgF5DkSTgHvvptsmvE4PkRXlxxb3Xz92rMAbuCab5
twwVDAr89SKv0YZn8Dzj/DnNAgMBAAGjggMQMIIDDDAdBgNVHQ4EFgQU2Vm0ktlT
s43LnCp4+0K3+F34bhMwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTRBOTQ3LzJFRkM3OTk0ODI2NzExRUFCQkQzMDgwQUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE0QTk0Ny8yRUZDNzk5NDgyNjcxMUVBQkJEMzA4MEFDNEY5QUUwMi8yVm0wa3Rs
VHM0M0xuQ3A0LTBLMy1GMzRiaE0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAhsoMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJANSQDANBgkq
hkiG9w0BAQsFAAOCAQEAXmvzrwaX7/+8ppP/jh36+EWII+Qk8Ck953U3CSm9164L
Q1sboI8htZ8D2g3okOCx79eINn5QRzRWtPj2v/vbINcvFiMRoj6ZoBiQROWfZT8K
7hXwFZethvfSJrOIeDec+7yRREyJjXBTaSWVv6AUeCSvI5VOMlGwqNGz2rUDAbrc
ldXUSve/2s/qWqXxO75EPNM0lAHwarf+nLTfGpVP/qHeUVRYIFDNHGHsVL0+Kp9+
o0fvlKhkUfr8TFNps4KN9FoR7GMfs/36DQNv2M1CM2UJ7YKMuwF/V8Z32FbGzGEM
iJli58ZqC9aXnlNFAsAamhbh9wWy0dSUR48u+10d1Q==
-----END CERTIFICATE-----