Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TGamZng2gcoW2OtUCYIDmTPh1lM.cer
File:                     TGamZng2gcoW2OtUCYIDmTPh1lM.cer (raw, json)
Hash identifier:          8lGrdPd6eu8AOl/zdlEPZgkBkYKe+4SXRyQ2omyNsf4=
Subject key identifier:   4C:66:A6:66:78:36:81:CA:16:D8:EB:54:09:82:03:99:33:E1:D6:53
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01FCD7
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9147CEA/75B59FA49CC311EDBE6D1F70C4F9AE02/TGamZng2gcoW2OtUCYIDmTPh1lM.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9147CEA/75B59FA49CC311EDBE6D1F70C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 01 Jul 2024 16:11:02 +0000
Certificate not after:    Fri 01 Nov 2024 00:00:00 +0000
Subordinate resources:    AS: 150725
                          IP: 103.71.102.0/23

Validation:               Failed, certificate revoked on Tue 23 Jul 2024 15:28:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 130263 (0x1fcd7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jul  1 16:11:02 2024 GMT
            Not After : Nov  1 00:00:00 2024 GMT
        Subject: CN=A9147CEA/serialNumber=4C66A666783681CA16D8EB540982039933E1D653
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:07:4f:e1:49:78:ec:99:1c:a1:21:1f:04:55:
                    8d:54:7e:eb:99:c6:80:26:fb:6b:cf:fe:70:cb:b4:
                    c1:8e:d8:a0:c5:68:5d:ea:9e:d1:79:97:8a:4b:09:
                    c0:c7:42:a6:2a:1c:4f:a5:f8:d8:bc:db:32:0d:4b:
                    0d:ef:ec:80:19:a0:e4:d0:7b:42:ed:0e:00:ae:37:
                    93:ad:53:16:dc:47:68:3b:d7:fd:1b:9c:7a:9f:f3:
                    db:94:6c:63:29:66:cf:61:ca:bf:6e:7f:3d:6b:1c:
                    59:95:9a:c3:0f:af:47:6f:cb:3e:f3:2b:b5:ba:8e:
                    10:4e:d6:a4:04:2c:0d:4c:44:7a:9f:4f:14:c7:d7:
                    7e:36:70:e1:f3:19:c5:d7:56:b2:72:3b:26:3f:82:
                    89:a6:d5:2c:04:e4:b8:59:50:ea:fb:d3:1a:49:cc:
                    80:53:de:88:67:ec:53:16:b5:05:e5:b5:2c:d9:97:
                    50:81:e8:4d:c5:a4:ad:40:4b:ba:99:04:5b:7f:ac:
                    80:7a:d1:cc:5d:8d:d7:3a:37:36:e0:2b:97:50:b3:
                    cf:ff:79:8a:f6:1a:d6:ba:53:4f:f9:8c:71:f9:53:
                    4e:93:b1:3b:da:2e:c6:43:bb:8a:c5:e1:d8:ee:25:
                    a9:cd:9f:9c:2c:b7:6d:e8:f0:b5:a9:fe:b8:f3:3c:
                    20:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:66:A6:66:78:36:81:CA:16:D8:EB:54:09:82:03:99:33:E1:D6:53
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9147CEA/75B59FA49CC311EDBE6D1F70C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9147CEA/75B59FA49CC311EDBE6D1F70C4F9AE02/TGamZng2gcoW2OtUCYIDmTPh1lM.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  150725

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.71.102.0/23

    Signature Algorithm: sha256WithRSAEncryption
         ba:7a:98:c0:7b:aa:a5:26:ab:f5:47:ff:a7:3e:de:13:1b:e4:
         e6:f3:57:bd:8f:98:a3:8a:b7:3d:59:ea:7f:1f:a1:96:b9:60:
         74:28:4a:e1:8a:15:7d:20:81:fa:3b:db:a4:f5:6b:35:4d:27:
         39:b0:0e:49:ff:0f:5a:29:66:c6:3e:e8:47:ba:f4:4c:9c:70:
         79:dd:f1:33:11:cd:fb:d6:2d:9f:61:5f:ad:2b:ef:18:7f:e4:
         6a:7b:d9:ce:54:5b:62:7a:74:0a:74:7f:eb:9b:8c:91:a2:15:
         8f:aa:51:11:e9:f4:64:c8:af:f3:70:2c:66:65:19:6d:1e:5c:
         8b:7a:39:8a:75:d6:b1:e9:bb:fa:41:34:0d:38:c7:59:e0:a2:
         bb:b7:22:a7:95:8c:39:11:69:b0:46:04:89:ca:de:f4:ab:f9:
         5a:eb:bb:86:41:f0:6f:31:d4:37:ba:33:bd:dc:8c:de:bc:16:
         ad:de:33:2a:b5:a3:c4:d3:d5:1e:bd:70:9d:a7:df:99:0f:40:
         20:d5:35:11:08:77:ee:50:71:e3:ec:32:01:4c:a1:6a:4c:9c:
         ae:c8:d0:1f:15:c7:8c:d4:b6:d3:a2:6c:87:69:e4:d2:8f:cf:
         6d:6d:af:c2:62:cf:4d:d3:6e:eb:89:65:69:df:e9:3f:07:e4:
         83:f7:c4:9f
-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgIDAfzXMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDcwMTE2MTEwMloXDTI0MTEwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNDdDRUExMTAvBgNVBAUTKDRDNjZBNjY2NzgzNjgxQ0ExNkQ4RUI1
NDA5ODIwMzk5MzNFMUQ2NTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDJB0/hSXjsmRyhIR8EVY1UfuuZxoAm+2vP/nDLtMGO2KDFaF3qntF5l4pLCcDH
QqYqHE+l+Ni82zINSw3v7IAZoOTQe0LtDgCuN5OtUxbcR2g71/0bnHqf89uUbGMp
Zs9hyr9ufz1rHFmVmsMPr0dvyz7zK7W6jhBO1qQELA1MRHqfTxTH1342cOHzGcXX
VrJyOyY/gomm1SwE5LhZUOr70xpJzIBT3ohn7FMWtQXltSzZl1CB6E3FpK1AS7qZ
BFt/rIB60cxdjdc6NzbgK5dQs8//eYr2Gta6U0/5jHH5U06TsTvaLsZDu4rF4dju
JanNn5wst23o8LWp/rjzPCAxAgMBAAGjggMPMIIDCzAdBgNVHQ4EFgQUTGamZng2
gcoW2OtUCYIDmTPh1lMwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTQ3Q0VBLzc1QjU5RkE0OUNDMzExRURCRTZEMUY3MEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE0N0NFQS83NUI1OUZBNDlDQzMxMUVEQkU2RDFGNzBDNEY5QUUwMi9UR2FtWm5n
Mmdjb1cyT3RVQ1lJRG1UUGgxbE0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAkzFMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ0dmMA0GCSqG
SIb3DQEBCwUAA4IBAQC6epjAe6qlJqv1R/+nPt4TG+Tm81e9j5ijirc9Wep/H6GW
uWB0KErhihV9IIH6O9uk9Ws1TSc5sA5J/w9aKWbGPuhHuvRMnHB53fEzEc371i2f
YV+tK+8Yf+Rqe9nOVFtienQKdH/rm4yRohWPqlER6fRkyK/zcCxmZRltHlyLejmK
ddax6bv6QTQNOMdZ4KK7tyKnlYw5EWmwRgSJyt70q/la67uGQfBvMdQ3ujO93Ize
vBat3jMqtaPE09UevXCdp9+ZD0Ag1TURCHfuUHHj7DIBTKFqTJyuyNAfFceM1LbT
omyHaeTSj89tba/CYs9N027riWVp3+k/B+SD98Sf
-----END CERTIFICATE-----