Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a2qEQVOnzXZSDK7WIqd0crLRhM.cer
File:                     9a2qEQVOnzXZSDK7WIqd0crLRhM.cer (raw, json)
Hash identifier:          HRg0N+Sommyfa3WaQ6slixvWorIHFiz557VGoilBXeM=
Subject key identifier:   F5:AD:AA:11:05:4E:9F:35:D9:48:32:BB:58:8A:9D:D1:CA:CB:46:13
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01856FAFC848DFA751C3CE85F4B328AF1ACB
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/07/81d621-7bcf-4dc0-90f9-1568a66422c2/1/9a2qEQVOnzXZSDK7WIqd0crLRhM.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/07/81d621-7bcf-4dc0-90f9-1568a66422c2/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sun 01 Jan 2023 23:34:29 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    AS: 207671
                          IP: 2001:678:bbc::/48

Validation:               Failed, certificate revoked on Mon 17 Jul 2023 08:44:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:af:c8:48:df:a7:51:c3:ce:85:f4:b3:28:af:1a:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 23:34:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f5adaa11054e9f35d94832bb588a9dd1cacb4613
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:04:3b:e0:b5:d4:47:78:0b:9b:6a:94:37:a8:
                    6e:be:c9:d0:90:4e:84:46:1e:a1:ed:54:bb:cd:41:
                    66:58:2d:c4:ed:60:7d:32:38:b3:19:ef:94:2b:ce:
                    41:5c:95:a2:da:65:66:82:25:15:a3:f1:33:b4:7c:
                    ef:fb:01:fb:50:29:8c:93:0a:e0:7b:74:86:2c:ba:
                    1e:95:c2:04:db:79:33:d0:c0:64:bf:1d:fd:ca:21:
                    fa:4a:e7:d4:58:49:1c:18:7c:5a:cb:4c:47:b7:c0:
                    00:99:bb:bf:6e:6c:df:ca:cc:46:ac:24:d2:43:0c:
                    01:9f:c9:84:90:11:25:f8:8c:1d:1a:fd:fe:4d:d9:
                    d8:b5:73:30:6a:fa:3b:a2:2e:e5:fe:3f:66:57:7e:
                    ce:a1:ad:d1:23:69:01:af:19:ee:fb:e1:35:03:02:
                    ba:85:3e:21:f3:4a:19:65:2f:e7:bc:de:3a:6f:93:
                    c6:0e:52:42:54:d4:50:36:20:ad:ca:9c:c8:e9:ce:
                    0f:c9:e2:54:05:50:7d:d8:91:06:11:d7:f1:38:51:
                    d4:15:ae:b2:0c:19:b3:0b:88:f9:8d:00:36:29:b3:
                    76:01:25:9e:af:84:1b:ce:7d:bd:b9:0a:b1:19:97:
                    56:2e:fa:c3:bc:ac:66:d0:59:44:8f:42:c9:75:4b:
                    ee:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:AD:AA:11:05:4E:9F:35:D9:48:32:BB:58:8A:9D:D1:CA:CB:46:13
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/81d621-7bcf-4dc0-90f9-1568a66422c2/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/81d621-7bcf-4dc0-90f9-1568a66422c2/1/9a2qEQVOnzXZSDK7WIqd0crLRhM.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:bbc::/48

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  207671

    Signature Algorithm: sha256WithRSAEncryption
         33:5d:3b:92:a1:a1:79:f6:5b:e4:dd:fa:47:f2:19:dd:32:88:
         80:9e:7e:46:42:56:a9:94:53:2b:94:c9:97:09:70:44:ef:f3:
         e9:1f:53:f8:a1:6a:02:d0:d7:fd:2e:50:13:b8:d2:2c:14:f7:
         ad:ba:57:53:0a:4b:81:a0:e9:af:4c:c5:1b:54:b9:38:a8:b7:
         c7:ec:35:b6:13:36:14:bc:cc:c9:54:d9:0b:11:af:cb:11:58:
         9e:8f:20:04:af:fa:32:91:c5:66:44:a5:36:c3:db:a9:34:62:
         44:47:54:da:f4:c8:b0:aa:3b:22:f2:df:8e:37:99:d8:ee:63:
         b5:e1:58:ff:c9:b1:e5:fc:a0:51:f1:52:0d:34:d7:e3:65:9a:
         c0:d0:23:a8:0a:fe:ff:07:a3:7f:a5:be:3d:45:40:38:30:e4:
         86:ed:dd:11:c1:54:b1:29:4a:a4:7b:70:1c:c0:cc:94:2a:d4:
         4b:18:00:6d:2e:e4:09:b6:a8:94:a3:5f:5b:cd:00:10:c2:6a:
         8a:8e:4d:cd:68:d3:36:e4:1f:b2:7a:37:fe:e9:06:6f:f0:f5:
         9d:24:a6:7a:b2:df:ef:24:b2:e0:4b:73:ea:db:f5:d9:d7:4e:
         cb:84:45:94:b5:fa:5e:a4:a4:4a:0b:a0:fe:8b:79:fd:55:25:
         35:d7:57:2b
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAYVvr8hI36dRw86F9LMorxrLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMjMzNDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWFkYWExMTA1NGU5ZjM1ZDk0ODMyYmI1ODhhOWRkMWNhY2I0NjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQQ74LXUR3gLm2qUN6huvsnQkE6E
Rh6h7VS7zUFmWC3E7WB9MjizGe+UK85BXJWi2mVmgiUVo/EztHzv+wH7UCmMkwrg
e3SGLLoelcIE23kz0MBkvx39yiH6SufUWEkcGHxay0xHt8AAmbu/bmzfysxGrCTS
QwwBn8mEkBEl+IwdGv3+TdnYtXMwavo7oi7l/j9mV37Ooa3RI2kBrxnu++E1AwK6
hT4h80oZZS/nvN46b5PGDlJCVNRQNiCtypzI6c4PyeJUBVB92JEGEdfxOFHUFa6y
DBmzC4j5jQA2KbN2ASWer4Qbzn29uQqxGZdWLvrDvKxm0FlEj0LJdUvutwIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFPWtqhEFTp812Ugyu1iKndHKy0YTMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA3LzgxZDYy
MS03YmNmLTRkYzAtOTBmOS0xNTY4YTY2NDIyYzIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDcvODFkNjIx
LTdiY2YtNGRjMC05MGY5LTE1NjhhNjY0MjJjMi8xLzlhMnFFUVZPbnpYWlNESzdX
SXFkMGNyTFJoTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAu8MBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwMrNzANBgkqhkiG9w0BAQsFAAOCAQEAM107kqGhefZb5N36R/IZ3TKIgJ5+
RkJWqZRTK5TJlwlwRO/z6R9T+KFqAtDX/S5QE7jSLBT3rbpXUwpLgaDpr0zFG1S5
OKi3x+w1thM2FLzMyVTZCxGvyxFYno8gBK/6MpHFZkSlNsPbqTRiREdU2vTIsKo7
IvLfjjeZ2O5jteFY/8mx5fygUfFSDTTX42WawNAjqAr+/wejf6W+PUVAODDkhu3d
EcFUsSlKpHtwHMDMlCrUSxgAbS7kCbaolKNfW80AEMJqio5NzWjTNuQfsno3/ukG
b/D1nSSmerLf7ySy4Etz6tv12ddOy4RFlLX6XqSkSgug/ot5/VUlNddXKw==
-----END CERTIFICATE-----