Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Dh-2Nij-OhEGUYm9zxNX-_wG2t4.cer
File:                     Dh-2Nij-OhEGUYm9zxNX-_wG2t4.cer (raw, json)
Hash identifier:          an2IVx4F/FdLXJ3lr4LgbyHwn1nY0jq3Ool26+iCpis=
Subject key identifier:   0E:1F:B6:36:28:FE:3A:11:06:51:89:BD:CF:13:57:FB:FC:06:DA:DE
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       0192DCEAD764562E1114CAC0684F43ACD176
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/2f/207b40-5fff-4f43-8b82-103b9f327924/1/Dh-2Nij-OhEGUYm9zxNX-_wG2t4.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/2f/207b40-5fff-4f43-8b82-103b9f327924/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 30 Oct 2024 10:13:51 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 16003
                          IP: 2a09:7380::/29

Validation:               Failed, certificate revoked on Thu 14 Nov 2024 13:41:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:dc:ea:d7:64:56:2e:11:14:ca:c0:68:4f:43:ac:d1:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Oct 30 10:13:51 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0e1fb63628fe3a11065189bdcf1357fbfc06dade
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:b3:48:5a:c3:3f:87:bb:6e:df:98:1a:99:e2:
                    ff:96:9d:8d:f2:24:85:80:7e:98:62:7a:21:ad:bb:
                    4b:94:cd:85:11:9a:69:ce:50:a1:6c:21:af:a9:45:
                    cf:ec:cf:9e:f1:ef:12:cb:9d:1f:78:92:6b:c3:b5:
                    c2:fe:95:97:35:5b:fb:e0:54:d1:e2:07:9d:48:41:
                    0e:e9:73:de:7a:e4:3c:87:c6:e8:d7:dc:f0:f9:f9:
                    ba:47:0c:57:cf:f1:5c:78:1f:c6:d0:52:df:2f:62:
                    0c:5e:f9:f9:96:2c:cb:7d:86:ea:09:e1:86:12:0b:
                    84:3c:e4:31:fb:87:5b:33:28:95:c5:76:0d:b1:e7:
                    94:b3:b7:be:bd:3b:37:47:22:7d:8c:14:64:b2:c0:
                    0b:1f:88:47:6b:f2:e1:e8:69:a0:13:c9:09:a5:84:
                    42:c8:ac:a1:a4:27:5c:24:f1:49:86:e8:0a:53:0b:
                    3e:44:64:d1:4a:5d:e4:3c:53:ac:89:00:e5:06:9b:
                    e3:5a:cb:c3:23:08:81:73:ae:08:9e:0e:d0:79:d0:
                    3d:76:f5:7d:65:c3:79:da:48:24:5f:72:53:32:6c:
                    3b:44:eb:49:29:26:52:b8:f3:6e:82:2a:e0:6b:5c:
                    99:23:fd:cf:cd:c1:0d:3e:56:09:96:5c:60:2a:72:
                    b5:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:1F:B6:36:28:FE:3A:11:06:51:89:BD:CF:13:57:FB:FC:06:DA:DE
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/207b40-5fff-4f43-8b82-103b9f327924/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/207b40-5fff-4f43-8b82-103b9f327924/1/Dh-2Nij-OhEGUYm9zxNX-_wG2t4.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a09:7380::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  16003

    Signature Algorithm: sha256WithRSAEncryption
         3d:c4:33:e6:7e:fa:c8:86:da:07:45:f8:8d:29:14:63:85:1f:
         1f:cb:3b:db:30:81:b9:e7:b4:9b:c3:2a:9b:27:c5:7a:26:c8:
         8f:d7:06:cd:c4:26:a0:78:a5:8d:b2:b9:39:db:7e:6b:26:23:
         07:b7:8c:32:c8:8d:ed:b9:c5:96:70:4d:29:e3:1a:17:6b:70:
         5d:2a:e2:40:54:56:22:8b:b2:00:da:ad:8d:f7:14:e8:13:8c:
         7a:97:85:bc:55:11:88:38:8c:c5:bc:fc:18:57:19:d9:3b:15:
         20:e4:1c:dd:b6:00:50:da:11:d4:14:9f:de:51:e9:1d:82:5f:
         30:01:96:65:d8:86:7e:1e:c8:7e:42:26:6b:c2:74:b0:3f:80:
         0d:79:89:66:e3:fb:a0:7f:c7:88:0a:31:95:4e:ca:ea:bd:e9:
         c5:bb:6b:e5:e5:8c:5e:65:d5:9f:51:b4:27:32:26:f1:51:74:
         a4:42:be:40:92:fe:8e:c5:17:ab:f9:7b:90:1a:78:3a:05:8d:
         ba:fd:f3:80:a4:6b:49:97:9c:58:29:01:4d:ad:05:d7:75:0b:
         75:ba:53:d1:6b:77:6f:1d:bf:bb:9a:c3:71:d0:60:f6:17:6a:
         b4:56:f9:c6:0f:36:df:3b:22:4b:84:d0:de:7b:c9:ff:4f:11:
         a4:2e:d9:25
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAZLc6tdkVi4RFMrAaE9DrNF2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQxMDMwMTAxMzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTFmYjYzNjI4ZmUzYTExMDY1MTg5YmRjZjEzNTdmYmZjMDZkYWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7NIWsM/h7tu35gameL/lp2N8iSF
gH6YYnohrbtLlM2FEZppzlChbCGvqUXP7M+e8e8Sy50feJJrw7XC/pWXNVv74FTR
4gedSEEO6XPeeuQ8h8bo19zw+fm6RwxXz/FceB/G0FLfL2IMXvn5lizLfYbqCeGG
EguEPOQx+4dbMyiVxXYNseeUs7e+vTs3RyJ9jBRkssALH4hHa/Lh6GmgE8kJpYRC
yKyhpCdcJPFJhugKUws+RGTRSl3kPFOsiQDlBpvjWsvDIwiBc64Ing7QedA9dvV9
ZcN52kgkX3JTMmw7ROtJKSZSuPNugirga1yZI/3PzcENPlYJllxgKnK1LQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFA4ftjYo/joRBlGJvc8TV/v8BtreMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJmLzIwN2I0
MC01ZmZmLTRmNDMtOGI4Mi0xMDNiOWYzMjc5MjQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmYvMjA3YjQw
LTVmZmYtNGY0My04YjgyLTEwM2I5ZjMyNzkyNC8xL0RoLTJOaWotT2hFR1VZbTl6
eE5YLV93RzJ0NC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUF
BwEHAQH/BBEwDzANBAIAAjAHAwUDKglzgDAZBggrBgEFBQcBCAEB/wQKMAigBjAE
AgI+gzANBgkqhkiG9w0BAQsFAAOCAQEAPcQz5n76yIbaB0X4jSkUY4UfH8s72zCB
uee0m8MqmyfFeibIj9cGzcQmoHiljbK5Odt+ayYjB7eMMsiN7bnFlnBNKeMaF2tw
XSriQFRWIouyANqtjfcU6BOMepeFvFURiDiMxbz8GFcZ2TsVIOQc3bYAUNoR1BSf
3lHpHYJfMAGWZdiGfh7IfkIma8J0sD+ADXmJZuP7oH/HiAoxlU7K6r3pxbtr5eWM
XmXVn1G0JzIm8VF0pEK+QJL+jsUXq/l7kBp4OgWNuv3zgKRrSZecWCkBTa0F13UL
dbpT0Wt3bx2/u5rDcdBg9hdqtFb5xg823zsiS4TQ3nvJ/08RpC7ZJQ==
-----END CERTIFICATE-----