Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/891TROtYn0yr6Qem3413dk2fPrI.cer
File:                     891TROtYn0yr6Qem3413dk2fPrI.cer (raw, json)
Hash identifier:          3ls4HtXzgp+et6RpZjKyVdRx7ZFlgAFsxaM00sz1dQs=
Subject key identifier:   F3:DD:53:44:EB:58:9F:4C:AB:E9:07:A6:DF:8D:77:76:4D:9F:3E:B2
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       0187E8394E609F0DDD86619DFE8F8AC24BA7
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/a21176fc-ff17-4600-9420-85e8bb01bc6c/0/F3DD5344EB589F4CABE907A6DF8D77764D9F3EB2.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/a21176fc-ff17-4600-9420-85e8bb01bc6c/0
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Thu 04 May 2023 19:24:42 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    AS: 211151

Validation:               Failed, certificate revoked on Sat 13 May 2023 10:51:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:e8:39:4e:60:9f:0d:dd:86:61:9d:fe:8f:8a:c2:4b:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: May  4 19:24:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f3dd5344eb589f4cabe907a6df8d77764d9f3eb2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:1b:00:7b:25:10:de:ee:6f:b1:80:17:cb:47:
                    fb:43:5e:67:f2:e1:75:e4:26:f4:b1:7a:26:8e:7d:
                    46:70:b6:a9:bc:d0:04:72:3c:3d:d0:53:78:60:c9:
                    c9:06:3e:fa:cc:82:6e:92:e3:d0:73:57:ae:85:ef:
                    68:3a:5e:3a:0a:d1:05:82:a0:ba:d0:1e:41:d1:04:
                    9c:d2:34:f1:1b:21:7d:af:82:c8:cf:d1:69:0a:d8:
                    9d:86:ab:b2:bd:1b:95:56:48:01:58:f7:dc:01:e0:
                    2b:71:15:64:5a:d6:05:2d:21:6c:3d:60:90:eb:35:
                    96:b8:d0:a5:7c:50:50:2f:b7:57:73:45:33:c9:d8:
                    9c:9e:69:d1:09:30:de:39:97:ad:ab:c5:e3:55:5b:
                    7f:80:3e:6f:a4:2a:ae:ff:04:0a:3b:45:7a:c6:1c:
                    2f:57:dc:44:ad:7b:19:0d:c4:d4:c2:77:d1:db:94:
                    8f:e7:bc:46:d2:3a:68:e1:3f:95:97:91:0b:57:44:
                    df:cf:0d:85:62:77:5a:e2:8c:3e:df:b7:a7:cb:d7:
                    8f:2b:7a:5f:8c:1e:09:0c:28:35:28:ec:ec:3a:09:
                    72:81:f8:39:79:39:e4:62:e9:2d:87:4f:1f:b6:60:
                    13:b9:0a:f5:f9:21:b6:eb:81:31:da:7e:96:7a:12:
                    7c:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:DD:53:44:EB:58:9F:4C:AB:E9:07:A6:DF:8D:77:76:4D:9F:3E:B2
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/a21176fc-ff17-4600-9420-85e8bb01bc6c/0
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/a21176fc-ff17-4600-9420-85e8bb01bc6c/0/F3DD5344EB589F4CABE907A6DF8D77764D9F3EB2.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  211151

    Signature Algorithm: sha256WithRSAEncryption
         a1:59:97:cf:c0:57:13:58:50:36:3a:90:e1:79:ed:b9:c8:74:
         4f:69:81:29:28:0a:b7:a9:a5:b3:08:34:e2:69:e6:20:67:4b:
         0f:b5:7a:68:7b:e4:3e:d8:2d:e4:10:61:6e:71:a5:d3:5f:ee:
         dd:e6:72:ea:a0:9e:d8:41:ad:67:aa:13:38:ac:96:44:60:42:
         1d:e6:fd:ea:b2:f0:26:01:72:44:c1:d0:e5:66:e6:f3:42:e7:
         af:94:82:a4:c6:19:b9:05:65:bf:92:c1:07:55:fb:5f:f4:86:
         3f:92:0e:cf:5c:78:8f:59:f9:7f:4b:df:d3:e5:eb:86:e3:a3:
         4d:63:97:00:d6:5a:da:f0:f5:f7:34:4e:0c:37:ea:a1:ad:96:
         26:53:fd:93:65:65:05:d7:57:b6:9c:33:a4:6b:9e:46:48:b6:
         1e:db:2f:9d:8f:9d:38:d3:a7:6f:99:1e:29:a5:c1:a2:1c:86:
         e7:85:98:c6:79:56:b9:18:10:b9:12:dc:2c:29:a3:02:c5:03:
         c0:7b:4c:9a:41:a1:6c:4f:27:06:4e:cc:c7:b2:60:c2:4a:44:
         65:f9:20:b2:6e:1e:15:cd:c3:73:e3:0a:39:96:c9:2b:23:a0:
         f7:e6:b1:9e:5b:7b:63:1c:f5:fd:b8:fe:b6:2a:0b:8a:78:0d:
         42:15:11:89
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAYfoOU5gnw3dhmGd/o+KwkunMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwNTA0MTkyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2RkNTM0NGViNTg5ZjRjYWJlOTA3YTZkZjhkNzc3NjRkOWYzZWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxsAeyUQ3u5vsYAXy0f7Q15n8uF1
5Cb0sXomjn1GcLapvNAEcjw90FN4YMnJBj76zIJukuPQc1euhe9oOl46CtEFgqC6
0B5B0QSc0jTxGyF9r4LIz9FpCtidhquyvRuVVkgBWPfcAeArcRVkWtYFLSFsPWCQ
6zWWuNClfFBQL7dXc0UzydicnmnRCTDeOZetq8XjVVt/gD5vpCqu/wQKO0V6xhwv
V9xErXsZDcTUwnfR25SP57xG0jpo4T+Vl5ELV0Tfzw2FYnda4ow+37eny9ePK3pf
jB4JDCg1KOzsOglygfg5eTnkYukth08ftmATuQr1+SG264Ex2n6WehJ8zwIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFPPdU0TrWJ9Mq+kHpt+Nd3ZNnz6yMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE+BggrBgEFBQcBCwSCATAwggEsMF4GCCsGAQUFBzAFhlJy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2EyMTE3
NmZjLWZmMTctNDYwMC05NDIwLTg1ZThiYjAxYmM2Yy8wMIGLBggrBgEFBQcwCoZ/
cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9hMjEx
NzZmYy1mZjE3LTQ2MDAtOTQyMC04NWU4YmIwMWJjNmMvMC9GM0RENTM0NEVCNTg5
RjRDQUJFOTA3QTZERjhENzc3NjREOUYzRUIyLm1mdDA8BggrBgEFBQcwDYYwaHR0
cHM6Ly9ycmRwLnBhYXMucnBraS5yaXBlLm5ldC9ub3RpZmljYXRpb24ueG1sMFkG
A1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNybDAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwM4zzAN
BgkqhkiG9w0BAQsFAAOCAQEAoVmXz8BXE1hQNjqQ4Xntuch0T2mBKSgKt6mlswg0
4mnmIGdLD7V6aHvkPtgt5BBhbnGl01/u3eZy6qCe2EGtZ6oTOKyWRGBCHeb96rLw
JgFyRMHQ5Wbm80Lnr5SCpMYZuQVlv5LBB1X7X/SGP5IOz1x4j1n5f0vf0+XrhuOj
TWOXANZa2vD19zRODDfqoa2WJlP9k2VlBddXtpwzpGueRki2HtsvnY+dONOnb5ke
KaXBohyG54WYxnlWuRgQuRLcLCmjAsUDwHtMmkGhbE8nBk7Mx7JgwkpEZfkgsm4e
Fc3Dc+MKOZbJKyOg9+axnlt7Yxz1/bj+tioLingNQhURiQ==
-----END CERTIFICATE-----