Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0kxlbNkq7wWWnVr2CWvg35isw3A.cer
File:                     0kxlbNkq7wWWnVr2CWvg35isw3A.cer (raw, json)
Hash identifier:          cj6pGGt8SO3wlpJh+x9Wij8NtXokt0EHMAENQFc4tfo=
Subject key identifier:   D2:4C:65:6C:D9:2A:EF:05:96:9D:5A:F6:09:6B:E0:DF:98:AC:C3:70
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01856AF4F976F216C3725A2190E6986671BE
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/18/7a109c-b418-41f1-b119-7dec6ba79218/1/0kxlbNkq7wWWnVr2CWvg35isw3A.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/18/7a109c-b418-41f1-b119-7dec6ba79218/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sun 01 Jan 2023 01:31:57 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    IP: 193.3.22.0/24
                          IP: 2a11:1740::/29

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6a:f4:f9:76:f2:16:c3:72:5a:21:90:e6:98:66:71:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 01:31:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d24c656cd92aef05969d5af6096be0df98acc370
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:2a:a3:00:27:55:30:13:b1:05:f5:e3:d5:fe:
                    14:75:4d:5b:f6:08:30:9f:c2:7c:a3:e8:da:47:f8:
                    e0:ea:0b:3d:53:60:e4:b5:13:e8:66:8a:0d:ad:09:
                    8d:a5:9f:f4:97:38:29:3d:f8:e9:58:fb:a2:de:42:
                    72:7e:bf:fb:fe:7b:4a:dc:76:b6:cd:db:10:1a:2a:
                    a7:ce:1a:0b:be:0c:91:b2:8d:0d:6e:0e:73:87:f2:
                    d9:6e:15:0c:4a:4f:41:ed:f9:c9:41:00:e9:e2:5a:
                    88:9c:d4:5a:3c:a9:24:24:f3:e6:86:fc:8e:1f:64:
                    e6:63:ab:66:7a:ef:44:47:ff:26:7f:5b:83:88:cf:
                    5a:76:a8:94:41:41:e9:5c:22:1a:7e:6e:7c:9c:d6:
                    3d:fc:77:2a:c4:7f:f7:c3:bc:24:db:76:28:50:93:
                    53:33:f5:65:88:8e:40:d2:a5:a4:b4:c9:73:58:bc:
                    83:41:f6:6d:85:ac:6e:4d:83:32:e4:ca:ab:6e:00:
                    30:75:71:37:d2:9a:2f:32:45:83:2d:55:95:ed:e8:
                    fd:74:9e:5f:35:f0:35:8a:cb:4d:89:de:8c:a1:7a:
                    9f:7d:11:6c:47:60:19:eb:14:d5:8f:2b:bb:e5:c0:
                    5d:cf:aa:bd:6e:84:30:41:73:0c:1e:e7:68:68:9a:
                    bd:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:4C:65:6C:D9:2A:EF:05:96:9D:5A:F6:09:6B:E0:DF:98:AC:C3:70
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/7a109c-b418-41f1-b119-7dec6ba79218/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/7a109c-b418-41f1-b119-7dec6ba79218/1/0kxlbNkq7wWWnVr2CWvg35isw3A.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.3.22.0/24
                IPv6:
                  2a11:1740::/29

    Signature Algorithm: sha256WithRSAEncryption
         0c:71:07:89:a5:fc:78:ab:cd:97:2e:d1:5d:a0:1b:b8:ca:54:
         26:4e:58:db:36:69:b1:6f:54:5d:20:dc:b0:78:fa:63:1c:19:
         b1:02:04:c9:64:89:38:ef:93:bb:11:b4:3d:bd:89:93:9b:85:
         8c:d3:53:5f:ba:d0:0a:1b:33:c8:17:b6:bf:8e:ea:a2:eb:e5:
         52:67:2f:77:66:7d:77:49:a5:30:26:c0:54:d2:59:b9:88:0c:
         48:6c:e1:d0:8b:ec:0e:12:8d:6a:ae:ae:47:38:bc:59:79:a6:
         02:fc:14:77:2d:22:5b:96:a7:9f:8e:11:9f:40:ff:ae:f0:54:
         e3:b3:c1:0e:70:2f:5a:a6:4d:95:ed:44:e1:1b:0d:22:3c:d1:
         80:89:b6:f9:d5:6b:37:ab:d5:89:65:0e:1c:95:30:e3:05:b4:
         e4:a5:a8:73:f8:a3:13:13:fb:30:4f:2b:9f:4e:c8:29:76:ad:
         19:eb:c3:69:b5:24:76:5b:39:ed:aa:b8:f2:f6:ce:2d:4c:e8:
         f7:db:3f:3e:91:e1:42:a2:bd:48:73:d5:a0:53:25:50:87:6f:
         7b:df:05:69:00:01:17:4d:83:dd:ac:1f:7f:a6:5c:ac:05:d9:
         fb:ff:17:9f:a4:07:84:8c:40:a9:8e:10:13:e5:a0:7a:19:0e:
         5a:4c:a7:2c
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVq9Pl28hbDclohkOaYZnG+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMDEzMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjRjNjU2Y2Q5MmFlZjA1OTY5ZDVhZjYwOTZiZTBkZjk4YWNjMzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCqjACdVMBOxBfXj1f4UdU1b9ggw
n8J8o+jaR/jg6gs9U2DktRPoZooNrQmNpZ/0lzgpPfjpWPui3kJyfr/7/ntK3Ha2
zdsQGiqnzhoLvgyRso0Nbg5zh/LZbhUMSk9B7fnJQQDp4lqInNRaPKkkJPPmhvyO
H2TmY6tmeu9ER/8mf1uDiM9adqiUQUHpXCIafm58nNY9/HcqxH/3w7wk23YoUJNT
M/VliI5A0qWktMlzWLyDQfZthaxuTYMy5MqrbgAwdXE30povMkWDLVWV7ej9dJ5f
NfA1istNid6MoXqffRFsR2AZ6xTVjyu75cBdz6q9boQwQXMMHudoaJq9qQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFNJMZWzZKu8Flp1a9glr4N+YrMNwMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE4LzdhMTA5
Yy1iNDE4LTQxZjEtYjExOS03ZGVjNmJhNzkyMTgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgvN2ExMDlj
LWI0MTgtNDFmMS1iMTE5LTdkZWM2YmE3OTIxOC8xLzBreGxiTmtxN3dXV25WcjJD
V3ZnMzVpc3czQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAwQMWMA0EAgACMAcDBQMqERdAMA0GCSqGSIb3
DQEBCwUAA4IBAQAMcQeJpfx4q82XLtFdoBu4ylQmTljbNmmxb1RdINywePpjHBmx
AgTJZIk475O7EbQ9vYmTm4WM01NfutAKGzPIF7a/juqi6+VSZy93Zn13SaUwJsBU
0lm5iAxIbOHQi+wOEo1qrq5HOLxZeaYC/BR3LSJblqefjhGfQP+u8FTjs8EOcC9a
pk2V7UThGw0iPNGAibb51Ws3q9WJZQ4clTDjBbTkpahz+KMTE/swTyufTsgpdq0Z
68NptSR2Wzntqrjy9s4tTOj32z8+keFCor1Ic9WgUyVQh2973wVpAAEXTYPdrB9/
plysBdn7/xefpAeEjECpjhAT5aB6GQ5aTKcs
-----END CERTIFICATE-----
Generated at Thu Sep 14 13:38:12 2023 by rpki-client on console-ams.rpki-client.org