Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18xWofINWmAylmGWNXhv3iZFjRI.cer
File:                     18xWofINWmAylmGWNXhv3iZFjRI.cer (raw, json)
Hash identifier:          OvSX8aIFdP3c3O79BYEjply4WvkL2TVZJSoy4mvh9Ho=
Subject key identifier:   D7:CC:56:A1:F2:0D:5A:60:32:96:61:96:35:78:6F:DE:26:45:8D:12
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01856ED2A637882FBA69A010198A8A6FCCD6
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/e9/991ad9-d953-43a8-8584-723b33cb0ef9/1/18xWofINWmAylmGWNXhv3iZFjRI.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/e9/991ad9-d953-43a8-8584-723b33cb0ef9/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sun 01 Jan 2023 19:32:57 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    AS: 29037
                          IP: 77.236.104.0 -- 77.236.119.255
                          IP: 79.171.176.0/21
                          IP: 178.248.216.0/21
                          IP: 185.5.168.0/22
                          IP: 192.54.67.0 -- 192.54.71.255
                          IP: 217.17.16.0/20
                          IP: 2a01:5580::/32

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:d2:a6:37:88:2f:ba:69:a0:10:19:8a:8a:6f:cc:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 19:32:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d7cc56a1f20d5a603296619635786fde26458d12
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:d1:a5:41:21:cd:02:d0:75:55:9e:17:29:6d:
                    7a:05:53:51:8f:fb:87:e5:89:c1:c4:64:ed:75:b6:
                    8f:a2:59:72:25:ee:23:e5:c1:53:f6:89:52:61:92:
                    9d:0b:bb:ca:f8:f4:4e:99:1d:ee:8a:f5:fe:28:13:
                    e5:37:fb:2e:7f:76:06:e3:d9:89:cd:d4:43:1f:f1:
                    da:46:aa:6a:5c:16:33:25:97:85:c0:85:48:4a:8f:
                    0f:c3:7b:c4:3d:00:7b:2a:c2:6a:a4:c9:83:84:f6:
                    09:9e:9a:75:6e:1f:6b:cf:38:76:23:9a:fd:59:35:
                    db:8f:44:cd:70:7f:9f:50:ed:c2:3d:30:b5:52:80:
                    e6:6c:e2:c6:b2:3c:4e:99:cf:b7:18:d9:99:4d:42:
                    af:92:bf:34:8c:69:0b:ee:df:cd:7e:12:50:19:e2:
                    1e:f3:d9:fb:f7:87:34:38:a5:81:9f:4d:d5:da:66:
                    03:e2:7f:b3:0b:a5:e5:f1:36:e3:ca:4d:48:2d:e7:
                    f7:80:b1:95:35:c5:9a:25:68:3f:51:bd:2d:26:3e:
                    d9:75:82:fa:33:bd:c4:e3:6e:7d:6c:0c:f4:19:db:
                    5e:09:1b:0a:3e:ae:c5:67:e9:85:95:47:f0:a7:04:
                    72:0b:9e:25:5a:a2:b5:78:24:c5:cd:2f:55:c2:cd:
                    fa:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:CC:56:A1:F2:0D:5A:60:32:96:61:96:35:78:6F:DE:26:45:8D:12
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/991ad9-d953-43a8-8584-723b33cb0ef9/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/991ad9-d953-43a8-8584-723b33cb0ef9/1/18xWofINWmAylmGWNXhv3iZFjRI.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.236.104.0-77.236.119.255
                  79.171.176.0/21
                  178.248.216.0/21
                  185.5.168.0/22
                  192.54.67.0-192.54.71.255
                  217.17.16.0/20
                IPv6:
                  2a01:5580::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  29037

    Signature Algorithm: sha256WithRSAEncryption
         60:b1:22:12:d9:61:07:98:e9:e0:a9:c3:57:d0:f6:36:14:73:
         0a:ad:a7:26:a5:cc:06:fc:3f:bd:6f:33:0a:fb:cb:58:63:73:
         f8:b8:11:64:da:93:54:aa:d0:c0:f9:41:0c:9d:e2:3c:50:aa:
         e9:cb:94:76:c2:a3:07:bf:f7:1c:b4:94:7e:df:2a:14:96:12:
         fd:9c:4c:18:8a:5d:9d:b0:16:a0:4e:af:69:66:f6:4d:26:15:
         fb:49:5e:a5:ab:fd:8b:39:55:50:5f:19:f1:e7:15:1e:1b:a4:
         28:19:41:66:4f:e0:73:af:a7:2e:05:7c:32:97:84:da:e6:d7:
         3a:f8:11:57:3a:4c:20:90:db:fd:71:27:e4:ff:78:b1:49:b0:
         fa:f0:c1:6f:5e:e0:80:4f:fe:4c:e3:af:1a:9c:34:3c:4e:64:
         40:2f:70:96:a9:0f:2e:3f:1e:42:59:d7:88:82:6c:44:d5:de:
         e2:02:72:c8:d6:71:2c:76:34:71:b9:73:10:02:fd:8a:0f:ff:
         79:5c:61:ee:e7:ef:ac:27:5c:80:84:30:1e:b4:b4:2c:84:7e:
         2a:9c:5b:08:ae:5c:c2:52:53:c1:3c:3b:8a:46:c8:1f:82:60:
         53:fa:2a:49:68:bb:bf:c3:62:68:b1:9c:be:46:35:6a:a9:e6:
         d1:a8:6c:42
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgISAYVu0qY3iC+6aaAQGYqKb8zWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMTkzMjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2NjNTZhMWYyMGQ1YTYwMzI5NjYxOTYzNTc4NmZkZTI2NDU4ZDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4NGlQSHNAtB1VZ4XKW16BVNRj/uH
5YnBxGTtdbaPollyJe4j5cFT9olSYZKdC7vK+PROmR3uivX+KBPlN/suf3YG49mJ
zdRDH/HaRqpqXBYzJZeFwIVISo8Pw3vEPQB7KsJqpMmDhPYJnpp1bh9rzzh2I5r9
WTXbj0TNcH+fUO3CPTC1UoDmbOLGsjxOmc+3GNmZTUKvkr80jGkL7t/NfhJQGeIe
89n794c0OKWBn03V2mYD4n+zC6Xl8Tbjyk1ILef3gLGVNcWaJWg/Ub0tJj7ZdYL6
M73E4259bAz0GdteCRsKPq7FZ+mFlUfwpwRyC54lWqK1eCTFzS9Vws363QIDAQAB
o4IC3DCCAtgwHQYDVR0OBBYEFNfMVqHyDVpgMpZhljV4b94mRY0SMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2U5Lzk5MWFk
OS1kOTUzLTQzYTgtODU4NC03MjNiMzNjYjBlZjkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTkvOTkxYWQ5
LWQ5NTMtNDNhOC04NTg0LTcyM2IzM2NiMGVmOS8xLzE4eFdvZklOV21BeWxtR1dO
WGh2M2laRmpSSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFwGCCsGAQUF
BwEHAQH/BE0wSzA6BAIAATA0MAwDBANN7GgDBANN7HADBANPq7ADBAOy+NgDBAK5
BagwDAMEAMA2QwMEA8A2QAMEBNkREDANBAIAAjAHAwUAKgFVgDAZBggrBgEFBQcB
CAEB/wQKMAigBjAEAgJxbTANBgkqhkiG9w0BAQsFAAOCAQEAYLEiEtlhB5jp4KnD
V9D2NhRzCq2nJqXMBvw/vW8zCvvLWGNz+LgRZNqTVKrQwPlBDJ3iPFCq6cuUdsKj
B7/3HLSUft8qFJYS/ZxMGIpdnbAWoE6vaWb2TSYV+0lepav9izlVUF8Z8ecVHhuk
KBlBZk/gc6+nLgV8MpeE2ubXOvgRVzpMIJDb/XEn5P94sUmw+vDBb17ggE/+TOOv
Gpw0PE5kQC9wlqkPLj8eQlnXiIJsRNXe4gJyyNZxLHY0cblzEAL9ig//eVxh7ufv
rCdcgIQwHrS0LIR+KpxbCK5cwlJTwTw7ikbIH4JgU/oqSWi7v8NiaLGcvkY1aqnm
0ahsQg==
-----END CERTIFICATE-----