Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4qSQ41rZxh_VM04qHoVtgX0XMMI.cer
File:                     4qSQ41rZxh_VM04qHoVtgX0XMMI.cer (raw, json)
Hash identifier:          9ZjqR/NM6+o9RxqhT0kD0Azwuss3IzZ0Kv9lB6m027U=
Subject key identifier:   E2:A4:90:E3:5A:D9:C6:1F:D5:33:4E:2A:1E:85:6D:81:7D:17:30:C2
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019422FC36B0CC38FE105A573F222A54BD56
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/9f/7142fe-8513-4de6-851e-6a4255674642/1/4qSQ41rZxh_VM04qHoVtgX0XMMI.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/9f/7142fe-8513-4de6-851e-6a4255674642/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 17:49:01 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 12345
                          IP: 212.47.32.0/19
Validation:               Failed, certificate revoked on Thu 02 Jan 2025 14:35:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:22:fc:36:b0:cc:38:fe:10:5a:57:3f:22:2a:54:bd:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 17:49:01 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=e2a490e35ad9c61fd5334e2a1e856d817d1730c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:d4:b3:d6:ac:08:d4:f2:84:4f:f7:f5:b2:0e:
                    c0:c1:21:d3:bf:02:b9:0e:76:2e:12:8a:3c:fa:9e:
                    8c:ea:f2:3c:a1:37:c1:81:cd:91:3a:00:13:63:30:
                    03:a7:61:01:67:a1:8b:f6:55:42:c5:c1:19:f5:42:
                    02:0d:44:d7:92:e4:9a:98:40:7b:49:35:9e:cf:aa:
                    73:b1:6a:e4:02:b4:e8:63:a9:9e:57:ff:00:f2:ab:
                    8e:a2:dc:1f:16:8d:13:21:7b:b9:63:1b:d1:ed:7e:
                    55:b3:65:a8:0d:5f:a1:be:b0:17:42:23:fc:5d:75:
                    97:4e:a8:00:fb:39:ad:c9:b8:8d:9f:be:43:14:5a:
                    88:2c:2c:7e:c9:bc:ae:84:80:7e:69:51:95:fc:f1:
                    a3:8a:d5:5c:8a:24:9e:3d:ca:d3:30:64:fa:0d:5f:
                    ac:f7:42:99:9a:98:00:da:7b:2f:97:ae:07:5c:42:
                    cf:a2:99:80:23:65:b0:3c:03:35:28:8d:79:61:8a:
                    1d:9b:18:66:6d:b0:35:b7:49:e9:53:76:ba:19:32:
                    ef:5e:22:91:2f:6c:6f:b6:ab:4c:6b:ee:bc:19:57:
                    69:51:23:73:cb:92:86:5a:ce:0d:4e:60:3c:03:36:
                    18:35:4f:ea:a7:59:67:c6:e0:3a:9e:95:f5:72:b9:
                    eb:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:A4:90:E3:5A:D9:C6:1F:D5:33:4E:2A:1E:85:6D:81:7D:17:30:C2
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/7142fe-8513-4de6-851e-6a4255674642/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/7142fe-8513-4de6-851e-6a4255674642/1/4qSQ41rZxh_VM04qHoVtgX0XMMI.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.47.32.0/19

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  12345

    Signature Algorithm: sha256WithRSAEncryption
         aa:95:b3:05:6f:e4:f5:58:8a:b1:14:1a:f7:99:7d:03:66:6a:
         34:ee:b1:72:a4:37:1d:7d:ab:96:3a:90:bf:db:e2:5d:7c:2a:
         6b:df:8e:99:58:00:9e:78:11:ad:95:81:e2:31:3a:ac:29:40:
         b5:d8:3f:6f:d9:e3:64:b3:a7:41:1c:e3:85:a3:9d:57:85:52:
         25:b4:d3:dd:8c:82:a9:ee:2c:59:a2:55:c3:58:ae:68:7b:01:
         b6:b4:79:6c:7e:c9:ae:1c:a0:9d:e2:b3:1f:39:13:68:73:ec:
         a7:3d:2e:84:e9:98:c6:b6:71:ae:e5:b5:0c:e9:97:4b:75:5c:
         a7:f6:8b:98:72:3c:20:33:14:fb:e7:b3:4c:9b:2a:5a:09:50:
         37:12:ad:d1:24:35:c8:24:b6:a0:39:90:69:5b:2e:92:30:59:
         f6:3b:21:6f:d7:60:d5:dc:ac:7e:b0:5d:28:de:75:89:ff:14:
         f7:30:94:d6:1a:18:cc:76:99:c4:e0:47:5c:80:82:04:e3:45:
         e0:61:36:66:8c:a0:00:c1:8e:0d:06:6e:4d:ba:a4:e3:58:4a:
         57:37:95:12:1e:1b:46:65:bc:76:ce:48:b7:ae:83:ba:26:d7:
         b1:cc:bf:7e:35:c2:07:20:a7:5b:cf:af:b2:7b:b1:cf:7e:53:
         02:fb:26:f3
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAZQi/DawzDj+EFpXPyIqVL1WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTc0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmE0OTBlMzVhZDljNjFmZDUzMzRlMmExZTg1NmQ4MTdkMTczMGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNSz1qwI1PKET/f1sg7AwSHTvwK5
DnYuEoo8+p6M6vI8oTfBgc2ROgATYzADp2EBZ6GL9lVCxcEZ9UICDUTXkuSamEB7
STWez6pzsWrkArToY6meV/8A8quOotwfFo0TIXu5YxvR7X5Vs2WoDV+hvrAXQiP8
XXWXTqgA+zmtybiNn75DFFqILCx+ybyuhIB+aVGV/PGjitVciiSePcrTMGT6DV+s
90KZmpgA2nsvl64HXELPopmAI2WwPAM1KI15YYodmxhmbbA1t0npU3a6GTLvXiKR
L2xvtqtMa+68GVdpUSNzy5KGWs4NTmA8AzYYNU/qp1lnxuA6npX1crnrBQIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFOKkkONa2cYf1TNOKh6FbYF9FzDCMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzlmLzcxNDJm
ZS04NTEzLTRkZTYtODUxZS02YTQyNTU2NzQ2NDIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWYvNzE0MmZl
LTg1MTMtNGRlNi04NTFlLTZhNDI1NTY3NDY0Mi8xLzRxU1E0MXJaeGhfVk0wNHFI
b1Z0Z1gwWE1NSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQF1C8gMBkGCCsGAQUFBwEIAQH/BAowCKAGMAQC
AjA5MA0GCSqGSIb3DQEBCwUAA4IBAQCqlbMFb+T1WIqxFBr3mX0DZmo07rFypDcd
fauWOpC/2+JdfCpr346ZWACeeBGtlYHiMTqsKUC12D9v2eNks6dBHOOFo51XhVIl
tNPdjIKp7ixZolXDWK5oewG2tHlsfsmuHKCd4rMfORNoc+ynPS6E6ZjGtnGu5bUM
6ZdLdVyn9ouYcjwgMxT757NMmypaCVA3Eq3RJDXIJLagOZBpWy6SMFn2OyFv12DV
3Kx+sF0o3nWJ/xT3MJTWGhjMdpnE4EdcgIIE40XgYTZmjKAAwY4NBm5NuqTjWEpX
N5USHhtGZbx2zki3roO6JtexzL9+NcIHIKdbz6+ye7HPflMC+ybz
-----END CERTIFICATE-----