Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KuYzMfcZmlWiutnLFPg_q1Bm6Vg.cer
File:                     KuYzMfcZmlWiutnLFPg_q1Bm6Vg.cer (raw, json)
Hash identifier:          02tMpTE7Xbfq39vWahDbB72Z+Ce1VcrzqF3h4ooljOo=
Subject key identifier:   2A:E6:33:31:F7:19:9A:55:A2:BA:D9:CB:14:F8:3F:AB:50:66:E9:58
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01C3C1
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91EE1FB/4584C148FA5D11E6B8814F19C4F9AE02/KuYzMfcZmlWiutnLFPg_q1Bm6Vg.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91EE1FB/4584C148FA5D11E6B8814F19C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 12 Oct 2023 16:35:16 +0000
Certificate not after:    Sun 01 Dec 2024 00:00:00 +0000
Subordinate resources:    AS: 55743
                          IP: 202.59.232.0/23
                          IP: 2001:df0:2e9::/48

Validation:               Failed, certificate revoked on Fri 23 Aug 2024 21:42:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 115649 (0x1c3c1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Oct 12 16:35:16 2023 GMT
            Not After : Dec  1 00:00:00 2024 GMT
        Subject: CN=A91EE1FB/serialNumber=2AE63331F7199A55A2BAD9CB14F83FAB5066E958
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:9f:cb:b2:39:22:cf:db:42:24:e8:4f:62:ca:
                    fd:3c:39:8a:24:d8:5a:ae:aa:fb:fa:db:bc:c7:7f:
                    9e:56:66:ad:c9:2d:b9:ca:36:6b:02:65:bf:b0:cb:
                    b2:a2:43:6c:09:fb:49:87:51:6f:1d:b0:a5:2d:da:
                    4c:a3:1e:f9:eb:52:26:b1:32:de:df:cf:ed:75:c8:
                    00:d9:b4:91:4b:1f:9c:c7:08:e8:10:2a:03:40:a2:
                    7f:4b:3a:8d:81:f7:8f:17:73:74:40:94:5a:f7:c6:
                    bd:4f:6d:b2:29:71:67:68:d1:7d:53:50:26:93:f3:
                    84:1b:6b:5a:4b:6e:26:8c:35:62:42:80:0f:96:e0:
                    ce:82:2f:7d:3d:e3:a5:c1:b2:8a:34:aa:da:aa:45:
                    8e:5d:7d:dd:78:cf:d4:c5:c4:9e:d3:93:bb:2f:d6:
                    4c:6f:69:0f:70:3b:95:7d:a8:51:b5:4e:fb:6b:72:
                    61:b1:e4:a4:9c:34:56:b0:2a:11:b5:a8:34:f7:a9:
                    19:f9:47:8c:db:b4:f9:22:a6:3d:7a:cc:ec:28:ff:
                    5b:e0:7c:65:ce:e6:be:2e:4e:55:40:e6:e0:75:43:
                    a6:7d:4e:29:dd:d2:33:04:bb:30:5e:8b:71:0c:41:
                    40:aa:b2:b9:32:c2:75:8a:60:5e:28:8b:fd:3f:a8:
                    31:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:E6:33:31:F7:19:9A:55:A2:BA:D9:CB:14:F8:3F:AB:50:66:E9:58
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91EE1FB/4584C148FA5D11E6B8814F19C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91EE1FB/4584C148FA5D11E6B8814F19C4F9AE02/KuYzMfcZmlWiutnLFPg_q1Bm6Vg.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  55743

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.59.232.0/23
                IPv6:
                  2001:df0:2e9::/48

    Signature Algorithm: sha256WithRSAEncryption
         9f:73:31:4a:c3:d3:de:02:89:38:fb:9a:49:46:7e:56:18:b3:
         fc:4f:56:5a:69:0d:7b:8f:17:25:03:5a:a6:03:d9:23:e2:1d:
         63:6b:b9:e8:b3:30:35:cb:e3:49:a3:ab:ca:3f:79:89:9d:9c:
         d4:90:ca:aa:cb:8e:60:17:ac:bf:f2:81:9b:21:6c:6b:0f:3f:
         75:c7:cd:38:42:06:e5:2f:3f:0b:32:14:95:a7:d5:e7:4e:10:
         f2:ef:0a:2c:40:f7:77:4a:c1:41:8e:7f:11:de:de:7f:4b:e1:
         4d:36:02:1c:98:a7:18:8c:97:77:bb:0b:1c:91:95:8c:47:44:
         84:8c:a6:e8:af:a9:a5:9b:3b:f1:78:79:83:02:ff:8c:57:d5:
         8c:03:17:8f:53:bf:ff:ec:7a:5e:16:7d:70:08:ad:9b:92:5e:
         61:06:60:08:3e:dd:06:03:9a:32:49:f0:39:85:92:42:b6:ed:
         ed:74:8b:cb:f9:76:ca:94:5f:a7:b4:27:17:dd:72:e2:e6:54:
         77:4b:4b:fc:4d:c7:1a:ca:b6:03:2b:83:11:34:1c:43:9e:69:
         cd:88:42:27:17:2f:c9:cf:92:1f:61:c4:75:16:cb:49:dc:74:
         05:03:da:bf:1a:3b:c2:de:9a:0f:af:27:df:80:cf:1a:c3:17:
         54:a9:73:f6
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAcPBMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTAxMjE2MzUxNloXDTI0MTIwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRUUxRkIxMTAvBgNVBAUTKDJBRTYzMzMxRjcxOTlBNTVBMkJBRDlD
QjE0RjgzRkFCNTA2NkU5NTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDsn8uyOSLP20Ik6E9iyv08OYok2Fquqvv627zHf55WZq3JLbnKNmsCZb+wy7Ki
Q2wJ+0mHUW8dsKUt2kyjHvnrUiaxMt7fz+11yADZtJFLH5zHCOgQKgNAon9LOo2B
948Xc3RAlFr3xr1PbbIpcWdo0X1TUCaT84Qba1pLbiaMNWJCgA+W4M6CL30946XB
soo0qtqqRY5dfd14z9TFxJ7Tk7sv1kxvaQ9wO5V9qFG1TvtrcmGx5KScNFawKhG1
qDT3qRn5R4zbtPkipj16zOwo/1vgfGXO5r4uTlVA5uB1Q6Z9Tind0jMEuzBei3EM
QUCqsrkywnWKYF4oi/0/qDGZAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUKuYzMfcZ
mlWiutnLFPg/q1Bm6VgwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUVFMUZCLzQ1ODRDMTQ4RkE1RDExRTZCODgxNEYxOUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFRTFGQi80NTg0QzE0OEZBNUQxMUU2Qjg4MTRGMTlDNEY5QUUwMi9LdVl6TWZj
Wm1sV2l1dG5MRlBnX3ExQm02VmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDANm/MDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQByjvoMA8EAgAC
MAkDBwAgAQ3wAukwDQYJKoZIhvcNAQELBQADggEBAJ9zMUrD094CiTj7mklGflYY
s/xPVlppDXuPFyUDWqYD2SPiHWNrueizMDXL40mjq8o/eYmdnNSQyqrLjmAXrL/y
gZshbGsPP3XHzThCBuUvPwsyFJWn1edOEPLvCixA93dKwUGOfxHe3n9L4U02AhyY
pxiMl3e7CxyRlYxHRISMpuivqaWbO/F4eYMC/4xX1YwDF49Tv//sel4WfXAIrZuS
XmEGYAg+3QYDmjJJ8DmFkkK27e10i8v5dsqUX6e0JxfdcuLmVHdLS/xNxxrKtgMr
gxE0HEOeac2IQicXL8nPkh9hxHUWy0ncdAUD2r8aO8Lemg+vJ9+AzxrDF1Spc/Y=
-----END CERTIFICATE-----