Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kIhKP1esRvpjpxvZk-TorXiBh68.cer
File:                     kIhKP1esRvpjpxvZk-TorXiBh68.cer (raw, json)
Hash identifier:          ZXaHTI5LhO2U94AOPZU9Q8MJ8kGArKOpn4ELn4scfpI=
Subject key identifier:   90:88:4A:3F:57:AC:46:FA:63:A7:1B:D9:93:E4:E8:AD:78:81:87:AF
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01EBE2
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.akrn.net/repo/AKRN/0/90884A3F57AC46FA63A71BD993E4E8AD788187AF.mft
caRepository:             rsync://rpki.akrn.net/repo/AKRN/0/
Notify URL:               https://rpki.akrn.net/rrdp/notification.xml
Certificate not before:   Wed 17 Apr 2024 01:30:11 +0000
Certificate not after:    Sun 01 Dec 2024 00:00:00 +0000
Subordinate resources:    AS: 38136
                          AS: 139299
                          AS: 139734
                          AS: 152704
                          IP: 103.172.40.0/23
                          IP: 2407:cdc0::/32

Validation:               Failed, certificate revoked on Wed 19 Jun 2024 12:56:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 125922 (0x1ebe2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Apr 17 01:30:11 2024 GMT
            Not After : Dec  1 00:00:00 2024 GMT
        Subject: CN=A916C75D0000/serialNumber=90884A3F57AC46FA63A71BD993E4E8AD788187AF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:70:47:1b:7d:97:7d:a0:1e:f1:3b:ab:bd:46:
                    65:d8:2d:39:f3:d1:79:9e:64:73:49:4c:1e:94:3b:
                    e6:64:bf:52:8f:75:1e:33:71:3f:2e:4f:c8:7f:d9:
                    f2:bc:b6:fa:d9:5c:3a:b2:da:5d:17:9e:23:cb:16:
                    b3:bc:0a:d6:cc:72:ed:2a:f7:1c:cc:6e:63:84:ec:
                    a5:30:70:a7:ef:24:3d:0b:00:6d:01:87:ec:27:c7:
                    dd:19:99:1d:2c:9d:80:1b:e6:c4:65:71:ea:ad:a8:
                    32:b2:4e:57:45:6a:2b:b6:a2:d1:58:cb:eb:e7:dd:
                    c7:63:37:be:bb:db:82:ad:90:76:14:66:2d:43:e9:
                    6d:5a:76:ca:74:94:1f:ca:ce:a3:c2:6d:d4:10:f1:
                    72:24:b7:23:c9:b4:1d:47:d9:52:ca:a9:f2:5d:28:
                    ef:d6:ae:f9:fe:ef:e8:33:ab:4d:75:fc:8f:c6:f6:
                    af:71:ff:e6:0d:be:bc:bf:69:f6:dd:08:81:7e:5e:
                    e0:b6:2f:26:76:82:bc:2c:d1:93:bd:b5:94:e1:2e:
                    0f:d0:ca:8a:ed:18:cf:4b:68:7c:f0:5c:0d:29:e2:
                    44:16:0e:35:6b:19:5c:09:3e:d3:e1:c1:47:d8:11:
                    0a:55:68:43:1b:d7:e5:33:1f:7d:a0:ee:f3:78:c9:
                    e4:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:88:4A:3F:57:AC:46:FA:63:A7:1B:D9:93:E4:E8:AD:78:81:87:AF
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.akrn.net/repo/AKRN/0/
                RPKI Manifest - URI:rsync://rpki.akrn.net/repo/AKRN/0/90884A3F57AC46FA63A71BD993E4E8AD788187AF.mft
                RPKI Notify - URI:https://rpki.akrn.net/rrdp/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  38136
                  139299
                  139734
                  152704

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.172.40.0/23
                IPv6:
                  2407:cdc0::/32

    Signature Algorithm: sha256WithRSAEncryption
         17:ca:7f:f5:72:fc:f7:0e:d0:46:60:6e:6b:a7:bd:63:52:42:
         9c:a7:5e:47:2b:2e:f4:42:4d:a0:d7:54:89:c0:b9:04:77:80:
         07:bf:48:7b:e4:12:60:21:fd:0d:c2:38:97:5b:bf:72:9e:a2:
         90:23:d1:fc:5d:f5:67:e9:40:c0:27:0b:7a:e7:bf:0c:e0:56:
         72:4d:92:1c:be:83:f4:1f:9d:a2:61:0a:ba:3b:ee:ec:ef:38:
         3c:3f:a1:c6:c4:84:6b:e1:68:c5:77:2b:b0:c0:2f:7b:cd:b0:
         80:f1:d8:85:65:31:3c:5d:fe:26:43:a8:54:e1:a7:a8:6e:c3:
         b4:52:fe:bb:66:13:43:b5:26:34:4e:76:e2:83:d1:ef:dd:91:
         8a:39:02:09:ed:4b:3c:ff:50:f7:59:e4:94:c9:e8:48:85:71:
         26:3b:a7:94:b0:36:a6:28:c9:ab:ee:e5:16:14:cc:4f:17:cf:
         33:e5:b7:b6:a7:4a:19:81:5e:af:bb:06:cb:18:82:5b:eb:4d:
         67:cc:4c:48:ba:ff:9f:cf:da:48:7f:82:d2:c6:23:c3:fa:4b:
         c2:77:f7:9a:c4:ee:b9:c4:6d:7c:89:71:d3:2c:dc:15:da:b3:
         67:1b:f9:9b:a3:8b:13:bc:d2:1c:7c:0a:b4:79:40:56:63:f5:
         37:9d:c6:93
-----BEGIN CERTIFICATE-----
MIIF6DCCBNCgAwIBAgIDAeviMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDQxNzAxMzAxMVoXDTI0MTIwMTAwMDAwMFowSjEVMBMG
A1UEAxMMQTkxNkM3NUQwMDAwMTEwLwYDVQQFEyg5MDg4NEEzRjU3QUM0NkZBNjNB
NzFCRDk5M0U0RThBRDc4ODE4N0FGMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqHBHG32XfaAe8TurvUZl2C0589F5nmRzSUwelDvmZL9Sj3UeM3E/Lk/I
f9nyvLb62Vw6stpdF54jyxazvArWzHLtKvcczG5jhOylMHCn7yQ9CwBtAYfsJ8fd
GZkdLJ2AG+bEZXHqragysk5XRWortqLRWMvr593HYze+u9uCrZB2FGYtQ+ltWnbK
dJQfys6jwm3UEPFyJLcjybQdR9lSyqnyXSjv1q75/u/oM6tNdfyPxvavcf/mDb68
v2n23QiBfl7gti8mdoK8LNGTvbWU4S4P0MqK7RjPS2h88FwNKeJEFg41axlcCT7T
4cFH2BEKVWhDG9flMx99oO7zeMnkVwIDAQABo4IC2TCCAtUwHQYDVR0OBBYEFJCI
Sj9XrEb6Y6cb2ZPk6K14gYevMB8GA1UdIwQYMBaAFA5lpPX9NrW9aOs8kjQIl4yQ
eqefMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1
ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9EbVdrOWYwMnRiMW82enlTTkFpWGpK
QjZwNTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3RTExRTdBOTZBMzk1
MjFBNEY0RkI0L0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1OC5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMIHVBggrBgEFBQcBCwSByDCBxTAuBggrBgEF
BQcwBYYicnN5bmM6Ly9ycGtpLmFrcm4ubmV0L3JlcG8vQUtSTi8wLzBaBggrBgEF
BQcwCoZOcnN5bmM6Ly9ycGtpLmFrcm4ubmV0L3JlcG8vQUtSTi8wLzkwODg0QTNG
NTdBQzQ2RkE2M0E3MUJEOTkzRTRFOEFENzg4MTg3QUYubWZ0MDcGCCsGAQUFBzAN
hitodHRwczovL3Jwa2kuYWtybi5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMCkG
CCsGAQUFBwEIAQH/BBowGKAWMBQCAwCU+AIDAiAjAgMCIdYCAwJUgDAuBggrBgEF
BQcBBwEB/wQfMB0wDAQCAAEwBgMEAWesKDANBAIAAjAHAwUAJAfNwDANBgkqhkiG
9w0BAQsFAAOCAQEAF8p/9XL89w7QRmBua6e9Y1JCnKdeRysu9EJNoNdUicC5BHeA
B79Ie+QSYCH9DcI4l1u/cp6ikCPR/F31Z+lAwCcLeue/DOBWck2SHL6D9B+domEK
ujvu7O84PD+hxsSEa+FoxXcrsMAve82wgPHYhWUxPF3+JkOoVOGnqG7DtFL+u2YT
Q7UmNE524oPR792RijkCCe1LPP9Q91nklMnoSIVxJjunlLA2pijJq+7lFhTMTxfP
M+W3tqdKGYFer7sGyxiCW+tNZ8xMSLr/n8/aSH+C0sYjw/pLwnf3msTuucRtfIlx
0yzcFdqzZxv5m6OLE7zSHHwKtHlAVmP1N53Gkw==
-----END CERTIFICATE-----