Certificate 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3sS6BcRKv75mAbLeZUnnkVHsniY.cer
File:                     3sS6BcRKv75mAbLeZUnnkVHsniY.cer (raw, json)
Hash identifier:          ewBTYwpi3Y7lXI7weIvOmD1sjTPREJgsQaTIQ4goAB0=
Subject key identifier:   DE:C4:BA:05:C4:4A:BF:BE:66:01:B2:DE:65:49:E7:91:51:EC:9E:26
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01856D1B30BF6446764582771D7C93B0A205
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/95/198f6c-d0d8-42be-ace9-3cbe039301a3/1/3sS6BcRKv75mAbLeZUnnkVHsniY.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/95/198f6c-d0d8-42be-ace9-3cbe039301a3/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sun 01 Jan 2023 11:32:56 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    AS: 49032
                          IP: 194.32.104.0/24
                          IP: 2a11:fc00::/29

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:1b:30:bf:64:46:76:45:82:77:1d:7c:93:b0:a2:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 11:32:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dec4ba05c44abfbe6601b2de6549e79151ec9e26
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:09:b7:52:95:53:b7:e7:49:25:24:05:eb:be:
                    62:1a:0d:0b:ef:31:05:11:df:af:cd:04:5b:c6:32:
                    b2:ce:fe:f5:c2:a5:5a:ea:0b:67:25:41:a6:82:4e:
                    14:b4:77:27:76:c4:15:48:44:1d:89:1b:76:46:85:
                    a9:23:42:78:83:58:d3:3f:45:f2:be:7f:14:af:16:
                    1f:7e:cc:df:b0:ed:1b:72:de:38:47:46:21:e9:b9:
                    9f:80:7f:9e:eb:58:8b:a7:d7:9c:cf:28:f0:f4:18:
                    43:1f:17:ce:9b:d9:df:df:c3:3d:b0:c7:cb:7b:f1:
                    a9:64:a2:75:09:0e:35:b2:b0:fd:f1:1d:91:04:8a:
                    c9:d8:ea:46:67:85:7d:dd:af:6e:d7:ed:20:c5:fc:
                    ec:7a:72:86:21:b5:aa:f7:8c:29:34:7f:52:aa:d3:
                    95:2f:ef:25:63:b0:c3:34:d8:97:2a:d7:5c:a4:ed:
                    76:a1:3d:b7:c7:2b:ee:b1:d1:e9:77:03:2f:a3:97:
                    66:1f:ab:19:b6:bf:3e:f3:f1:b7:7b:c4:61:83:eb:
                    a4:9f:e3:03:60:81:b9:8b:2c:29:90:d3:78:31:a8:
                    c9:17:10:fa:49:73:86:02:fa:31:bd:33:35:ed:f2:
                    f6:cc:1c:9a:b1:d2:9b:77:ba:0a:2b:bc:e9:ea:04:
                    14:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:C4:BA:05:C4:4A:BF:BE:66:01:B2:DE:65:49:E7:91:51:EC:9E:26
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/198f6c-d0d8-42be-ace9-3cbe039301a3/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/198f6c-d0d8-42be-ace9-3cbe039301a3/1/3sS6BcRKv75mAbLeZUnnkVHsniY.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.32.104.0/24
                IPv6:
                  2a11:fc00::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  49032

    Signature Algorithm: sha256WithRSAEncryption
         5d:41:0b:fb:74:2b:dc:fc:4c:6a:ce:76:32:03:a2:78:ae:f5:
         3a:02:a8:73:0f:80:95:10:3d:3e:38:77:6e:38:ee:8d:d7:82:
         d3:53:bb:5b:ce:88:50:fe:3b:8a:94:f4:27:55:2e:77:36:42:
         8a:e1:e5:31:cc:ed:26:8c:dc:40:90:eb:0d:18:a5:ab:df:87:
         fb:fc:8d:db:ab:fc:91:5b:3e:56:20:ae:73:b6:08:c5:f8:00:
         bb:3c:57:29:5e:b4:ee:10:f5:bd:3d:2a:d4:f0:06:bc:d0:c0:
         57:ff:45:c6:2b:e2:7c:9d:a7:bd:dd:82:b1:ec:89:6b:07:9b:
         99:c5:53:69:c5:f4:60:67:d7:fb:46:2f:0b:f6:00:cf:08:bc:
         3f:ad:7b:e1:a8:b2:6f:1d:ef:f6:c7:2e:76:cc:78:2f:59:e2:
         16:f3:b5:64:be:fe:4b:32:4e:9b:64:24:16:d2:a9:bb:bd:0e:
         30:4d:14:ea:ed:9e:69:db:b3:0c:d3:0e:f4:42:a5:b2:4c:87:
         b7:1b:70:72:bc:97:79:13:c3:40:65:03:89:48:ff:cc:b0:e4:
         7a:7c:ce:f2:a9:27:9a:31:e0:f6:a8:11:4c:cf:6d:76:d4:86:
         71:c7:79:e0:ff:3d:34:ab:a0:75:c2:ec:1f:cf:f6:b1:dd:ff:
         9b:70:e4:8a
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYVtGzC/ZEZ2RYJ3HXyTsKIFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMTEzMjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWM0YmEwNWM0NGFiZmJlNjYwMWIyZGU2NTQ5ZTc5MTUxZWM5ZTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAm3UpVTt+dJJSQF675iGg0L7zEF
Ed+vzQRbxjKyzv71wqVa6gtnJUGmgk4UtHcndsQVSEQdiRt2RoWpI0J4g1jTP0Xy
vn8UrxYffszfsO0bct44R0Yh6bmfgH+e61iLp9eczyjw9BhDHxfOm9nf38M9sMfL
e/GpZKJ1CQ41srD98R2RBIrJ2OpGZ4V93a9u1+0gxfzsenKGIbWq94wpNH9SqtOV
L+8lY7DDNNiXKtdcpO12oT23xyvusdHpdwMvo5dmH6sZtr8+8/G3e8Rhg+ukn+MD
YIG5iywpkNN4MajJFxD6SXOGAvoxvTM17fL2zByasdKbd7oKK7zp6gQUXQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFN7EugXESr++ZgGy3mVJ55FR7J4mMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzk1LzE5OGY2
Yy1kMGQ4LTQyYmUtYWNlOS0zY2JlMDM5MzAxYTMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTUvMTk4ZjZj
LWQwZDgtNDJiZS1hY2U5LTNjYmUwMzkzMDFhMy8xLzNzUzZCY1JLdjc1bUFiTGVa
VW5ua1ZIc25pWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAwiBoMA0EAgACMAcDBQMqEfwAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwC/iDANBgkqhkiG9w0BAQsFAAOCAQEAXUEL+3Qr3PxM
as52MgOieK71OgKocw+AlRA9Pjh3bjjujdeC01O7W86IUP47ipT0J1UudzZCiuHl
McztJozcQJDrDRilq9+H+/yN26v8kVs+ViCuc7YIxfgAuzxXKV607hD1vT0q1PAG
vNDAV/9FxivifJ2nvd2CseyJawebmcVTacX0YGfX+0YvC/YAzwi8P6174aiybx3v
9scudsx4L1niFvO1ZL7+SzJOm2QkFtKpu70OME0U6u2eaduzDNMO9EKlskyHtxtw
cryXeRPDQGUDiUj/zLDkenzO8qknmjHg9qgRTM9tdtSGccd54P89NKugdcLsH8/2
sd3/m3Dkig==
-----END CERTIFICATE-----
Generated at Mon Jul 31 12:05:40 2023 by rpki-client on console-fra.rpki-client.org