Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hHAUsVr6eB0igZK-BUFT22Zn1XY.cer
File:                     hHAUsVr6eB0igZK-BUFT22Zn1XY.cer (raw, json)
Hash identifier:          hfqXxcpZJ1GKUd0yWGcBOCaIdaQz+QmIYywEz50o6pQ=
Subject key identifier:   84:70:14:B1:5A:FA:78:1D:22:81:92:BE:05:41:53:DB:66:67:D5:76
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01AFD4
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A918C287/861FD87AF5AA11ECBF15E774C4F9AE02/hHAUsVr6eB0igZK-BUFT22Zn1XY.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A918C287/861FD87AF5AA11ECBF15E774C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 12 Jul 2023 22:39:19 +0000
Certificate not after:    Sat 01 May 2038 00:00:00 +0000
Subordinate resources:    AS: 45163
                          AS: 55471
                          AS: 131211
                          IP: 203.176.189.0/24
                          IP: 2001:df0:90::/48
                          IP: 2401:4600::/32
                          IP: 2401:e640::/32

Validation:               Failed, certificate revoked on Fri 11 Aug 2023 01:29:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 110548 (0x1afd4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jul 12 22:39:19 2023 GMT
            Not After : May  1 00:00:00 2038 GMT
        Subject: CN=A918C287/serialNumber=847014B15AFA781D228192BE054153DB6667D576
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:5b:9e:06:9f:a7:1f:de:f1:d4:c2:bc:0d:e3:
                    60:1d:4c:68:43:32:b2:15:b6:9c:ae:06:bc:b2:8e:
                    d0:2b:47:66:24:81:58:e9:73:68:bb:e4:cd:e6:08:
                    6c:e0:27:a1:83:29:c9:5d:51:84:1c:89:99:fd:62:
                    03:05:6b:e0:63:df:94:2b:86:e4:8d:cf:49:75:58:
                    78:8e:bd:ff:4d:5d:59:40:6a:50:fa:68:8d:ff:86:
                    54:c1:6d:ca:60:e9:cb:98:80:14:9b:fe:90:37:a3:
                    3f:5f:c0:93:c8:cf:40:d3:23:07:cf:a8:16:5f:1b:
                    29:2e:8c:12:6b:5b:02:e8:5b:34:92:9f:7b:a5:90:
                    a3:92:2c:b5:81:6d:e5:35:47:00:5c:28:0e:c6:1c:
                    62:7a:cd:b3:48:67:92:20:c7:82:47:48:7f:4f:8c:
                    51:55:61:67:ec:6f:2c:b3:a5:11:a2:8b:0e:c9:4e:
                    73:8e:32:af:13:55:d6:ec:fb:c4:a0:46:18:36:29:
                    75:9a:f9:d6:d8:d9:a3:b1:3b:76:29:03:b4:dc:9d:
                    7b:81:88:c9:ff:ea:b1:8a:da:fb:71:1e:34:fa:e6:
                    86:26:24:71:18:62:8f:83:0e:2f:53:8a:b0:a1:98:
                    be:ec:be:a6:41:34:7d:fd:5a:c8:59:a4:0d:e4:c1:
                    6d:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:70:14:B1:5A:FA:78:1D:22:81:92:BE:05:41:53:DB:66:67:D5:76
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A918C287/861FD87AF5AA11ECBF15E774C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A918C287/861FD87AF5AA11ECBF15E774C4F9AE02/hHAUsVr6eB0igZK-BUFT22Zn1XY.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  45163
                  55471
                  131211

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.176.189.0/24
                IPv6:
                  2001:df0:90::/48
                  2401:4600::/32
                  2401:e640::/32

    Signature Algorithm: sha256WithRSAEncryption
         ba:48:ee:24:17:15:46:d9:09:1f:81:fe:45:28:eb:12:e2:bb:
         42:c7:c5:2c:f5:cf:ae:49:df:10:75:e4:62:24:fb:17:b9:31:
         7b:22:29:32:fb:2c:ae:9b:d5:b7:9d:71:5f:e7:04:02:d9:45:
         78:73:5a:f2:85:59:58:42:a4:5b:ff:52:11:67:46:aa:80:7b:
         80:90:57:fa:1d:80:59:b0:83:87:e2:38:73:96:bb:73:96:c9:
         29:25:1d:f3:a0:e4:75:35:7a:b1:15:bc:47:bb:d1:e3:c0:25:
         b8:f7:73:d1:c2:f2:37:75:15:67:6f:c3:e8:ef:fd:9e:2b:31:
         e8:0d:02:57:13:4b:ca:4c:43:35:64:8d:9c:f9:05:45:cf:25:
         e6:49:ab:c5:86:20:b0:0e:f1:6c:e2:53:e7:ae:17:f6:78:4e:
         83:b0:68:38:3b:72:69:60:63:7b:b1:08:4f:22:49:ba:eb:5c:
         9e:c2:1d:4a:ca:66:39:c4:47:77:ac:a1:fd:97:bb:ce:88:35:
         71:2f:cc:9f:6e:12:f4:80:b4:de:a1:11:de:22:86:6e:39:fc:
         07:6c:bb:24:fc:08:f9:83:4b:b6:fb:76:ff:0f:b0:7b:76:eb:
         06:a6:3e:c4:09:a5:2c:1e:e2:1a:d6:c3:98:8f:3d:bf:d0:26:
         1d:5a:41:34
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIDAa/UMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDcxMjIyMzkxOVoXDTM4MDUwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOEMyODcxMTAvBgNVBAUTKDg0NzAxNEIxNUFGQTc4MUQyMjgxOTJC
RTA1NDE1M0RCNjY2N0Q1NzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC3W54Gn6cf3vHUwrwN42AdTGhDMrIVtpyuBryyjtArR2YkgVjpc2i75M3mCGzg
J6GDKcldUYQciZn9YgMFa+Bj35QrhuSNz0l1WHiOvf9NXVlAalD6aI3/hlTBbcpg
6cuYgBSb/pA3oz9fwJPIz0DTIwfPqBZfGykujBJrWwLoWzSSn3ulkKOSLLWBbeU1
RwBcKA7GHGJ6zbNIZ5Igx4JHSH9PjFFVYWfsbyyzpRGiiw7JTnOOMq8TVdbs+8Sg
Rhg2KXWa+dbY2aOxO3YpA7TcnXuBiMn/6rGK2vtxHjT65oYmJHEYYo+DDi9TirCh
mL7svqZBNH39WshZpA3kwW2nAgMBAAGjggM4MIIDNDAdBgNVHQ4EFgQUhHAUsVr6
eB0igZK+BUFT22Zn1XYwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThDMjg3Lzg2MUZEODdBRjVBQTExRUNCRjE1RTc3NEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE4QzI4Ny84NjFGRDg3QUY1QUExMUVDQkYxNUU3NzRDNEY5QUUwMi9oSEFVc1Zy
NmVCMGlnWkstQlVGVDIyWm4xWFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJAYIKwYBBQUHAQgBAf8EFTAT
oBEwDwIDALBrAgMA2K8CAwIAizA+BggrBgEFBQcBBwEB/wQvMC0wDAQCAAEwBgME
AMuwvTAdBAIAAjAXAwcAIAEN8ACQAwUAJAFGAAMFACQB5kAwDQYJKoZIhvcNAQEL
BQADggEBALpI7iQXFUbZCR+B/kUo6xLiu0LHxSz1z65J3xB15GIk+xe5MXsiKTL7
LK6b1bedcV/nBALZRXhzWvKFWVhCpFv/UhFnRqqAe4CQV/odgFmwg4fiOHOWu3OW
ySklHfOg5HU1erEVvEe70ePAJbj3c9HC8jd1FWdvw+jv/Z4rMegNAlcTS8pMQzVk
jZz5BUXPJeZJq8WGILAO8WziU+euF/Z4ToOwaDg7cmlgY3uxCE8iSbrrXJ7CHUrK
ZjnER3esof2Xu86INXEvzJ9uEvSAtN6hEd4ihm45/AdsuyT8CPmDS7b7dv8PsHt2
6wamPsQJpSwe4hrWw5iPPb/QJh1aQTQ=
-----END CERTIFICATE-----