Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/DS_VEorPVEA2NaGh9q7vNzQUuj0.cer
File:                     DS_VEorPVEA2NaGh9q7vNzQUuj0.cer (raw, json)
Hash identifier:          czWba/hoMRAXwP4XakpLjKXu2sCEap5CeYL2vngCdbA=
Subject key identifier:   0D:2F:D5:12:8A:CF:54:40:36:35:A1:A1:F6:AE:EF:37:34:14:BA:3D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018B28D32E661E5F23C4055B35620F7D7783
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/1231fd86-c539-46c7-89e9-f3756f3075fa/0/0D2FD5128ACF54403635A1A1F6AEEF373414BA3D.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/1231fd86-c539-46c7-89e9-f3756f3075fa/0/
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Fri 13 Oct 2023 11:36:50 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    AS: 47496
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:28:d3:2e:66:1e:5f:23:c4:05:5b:35:62:0f:7d:77:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Oct 13 11:36:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0d2fd5128acf54403635a1a1f6aeef373414ba3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:c1:5f:ca:2e:fc:e3:c9:13:78:25:7d:eb:29:
                    aa:23:17:51:16:fc:f2:a8:2d:89:f2:15:ff:a1:a2:
                    1e:7b:87:19:1e:85:4f:7a:9a:ba:f9:2e:fa:a2:96:
                    fe:5c:c3:64:05:f3:88:d1:21:ad:fd:07:d8:79:57:
                    6d:ab:a3:8a:66:63:95:ff:c5:25:46:bc:ff:21:1c:
                    9e:a1:0c:31:c2:48:99:b1:65:46:60:82:a6:ee:54:
                    74:db:6b:5d:57:f7:6c:72:64:8a:d4:9d:03:80:58:
                    26:52:86:db:17:b4:3c:f3:1d:20:df:e9:8e:d1:fe:
                    1d:72:29:19:44:4d:b2:e0:6e:40:1a:61:e5:8b:2b:
                    01:27:7f:dd:00:f7:76:93:1c:74:34:77:a3:c2:6d:
                    78:43:d9:32:8f:25:f2:27:d2:f1:eb:55:8b:08:c4:
                    55:34:7f:be:37:49:57:34:ad:c6:f3:9f:f2:ce:a2:
                    22:a3:0b:c8:ae:be:16:24:a6:e1:4d:f1:17:02:9d:
                    17:4b:df:ef:85:2f:27:41:0e:bc:71:e2:f8:7e:9b:
                    bc:eb:a5:2e:3a:10:1c:d5:58:7e:ed:67:2f:34:21:
                    5a:80:02:de:16:df:14:9e:e7:bd:82:23:4a:22:1f:
                    8e:6f:98:ab:0d:7c:a3:53:d2:50:0c:5e:9d:fd:57:
                    72:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:2F:D5:12:8A:CF:54:40:36:35:A1:A1:F6:AE:EF:37:34:14:BA:3D
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/1231fd86-c539-46c7-89e9-f3756f3075fa/0/
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/1231fd86-c539-46c7-89e9-f3756f3075fa/0/0D2FD5128ACF54403635A1A1F6AEEF373414BA3D.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  47496

    Signature Algorithm: sha256WithRSAEncryption
         41:5a:4f:16:e7:53:81:5f:ca:17:c3:3e:1e:14:98:c9:0a:23:
         24:07:cd:f3:11:48:e0:ef:f5:17:8f:ea:a8:5e:04:94:eb:4d:
         8a:0c:bb:8a:34:01:56:5f:9d:c2:62:88:6c:5a:18:38:d5:4c:
         94:e4:1f:87:0a:fb:67:e4:8a:ce:cb:5f:51:4d:01:51:93:a8:
         39:eb:07:e1:45:ba:cc:5d:95:d8:de:c7:65:32:04:14:2c:a1:
         33:fa:42:c3:4c:e9:46:4e:09:05:bf:81:6d:b4:d3:e2:ee:45:
         09:af:d1:ff:b3:39:ce:44:4e:b8:36:fa:34:b1:d1:bd:73:ca:
         c1:a1:90:d2:23:e2:80:df:d0:a2:a8:a0:cc:fe:dc:24:ee:e1:
         30:1f:e5:70:e8:e3:30:27:2a:ad:16:68:81:93:cf:9b:dc:21:
         e5:a4:7f:b6:8d:97:50:99:48:7b:ac:3e:cd:92:11:fb:e1:79:
         8c:ac:29:3f:89:c8:ca:5e:ec:e0:8d:fd:5a:7d:88:1d:2a:6e:
         61:1b:69:9d:ab:4a:9b:2a:a5:8a:78:23:3b:19:e6:ba:6f:d0:
         86:00:2b:38:16:1b:13:eb:e5:41:24:4c:fe:e9:4b:0e:28:8a:
         bf:5b:13:cf:be:e9:bf:b4:27:fc:e4:46:3b:18:3f:05:e5:b6:
         e9:ea:ca:7a
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAYso0y5mHl8jxAVbNWIPfXeDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMxMDEzMTEzNjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDJmZDUxMjhhY2Y1NDQwMzYzNWExYTFmNmFlZWYzNzM0MTRiYTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMFfyi7848kTeCV96ymqIxdRFvzy
qC2J8hX/oaIee4cZHoVPepq6+S76opb+XMNkBfOI0SGt/QfYeVdtq6OKZmOV/8Ul
Rrz/IRyeoQwxwkiZsWVGYIKm7lR022tdV/dscmSK1J0DgFgmUobbF7Q88x0g3+mO
0f4dcikZRE2y4G5AGmHliysBJ3/dAPd2kxx0NHejwm14Q9kyjyXyJ9Lx61WLCMRV
NH++N0lXNK3G85/yzqIiowvIrr4WJKbhTfEXAp0XS9/vhS8nQQ68ceL4fpu866Uu
OhAc1Vh+7WcvNCFagALeFt8Unue9giNKIh+Ob5irDXyjU9JQDF6d/VdyFwIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFA0v1RKKz1RANjWhofau7zc0FLo9MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzEyMzFm
ZDg2LWM1MzktNDZjNy04OWU5LWYzNzU2ZjMwNzVmYS8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMTIz
MWZkODYtYzUzOS00NmM3LTg5ZTktZjM3NTZmMzA3NWZhLzAvMEQyRkQ1MTI4QUNG
NTQ0MDM2MzVBMUExRjZBRUVGMzczNDE0QkEzRC5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMAuYgw
DQYJKoZIhvcNAQELBQADggEBAEFaTxbnU4FfyhfDPh4UmMkKIyQHzfMRSODv9ReP
6qheBJTrTYoMu4o0AVZfncJiiGxaGDjVTJTkH4cK+2fkis7LX1FNAVGTqDnrB+FF
usxdldjex2UyBBQsoTP6QsNM6UZOCQW/gW200+LuRQmv0f+zOc5ETrg2+jSx0b1z
ysGhkNIj4oDf0KKooMz+3CTu4TAf5XDo4zAnKq0WaIGTz5vcIeWkf7aNl1CZSHus
Ps2SEfvheYysKT+JyMpe7OCN/Vp9iB0qbmEbaZ2rSpsqpYp4IzsZ5rpv0IYAKzgW
GxPr5UEkTP7pSw4oir9bE8++6b+0J/zkRjsYPwXltunqyno=
-----END CERTIFICATE-----