Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/GxjBHfoKuwUyzj4oyiB36QHxqx4.cer
File:                     GxjBHfoKuwUyzj4oyiB36QHxqx4.cer (raw, json)
Hash identifier:          tDtr50Ogri9RdIMiaVBrd+PQ5FvYaZafGthGvH9hxr0=
Subject key identifier:   1B:18:C1:1D:FA:0A:BB:05:32:CE:3E:28:CA:20:77:E9:01:F1:AB:1E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       0188722E09A8098AA3C7F16D805B58590F0B
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/3b/9c6c86-6aad-4f61-9750-c6dea957b0e0/1/GxjBHfoKuwUyzj4oyiB36QHxqx4.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/3b/9c6c86-6aad-4f61-9750-c6dea957b0e0/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 31 May 2023 14:19:59 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    AS: 9032
                          AS: 60338
                          IP: 2a00:6540::/29

Validation:               Failed, certificate revoked on Fri 09 Jun 2023 07:35:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:72:2e:09:a8:09:8a:a3:c7:f1:6d:80:5b:58:59:0f:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: May 31 14:19:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1b18c11dfa0abb0532ce3e28ca2077e901f1ab1e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:14:7d:be:df:b4:50:ef:b7:26:2a:50:23:29:
                    d7:9e:87:91:58:63:04:5e:a1:e2:2b:85:1c:27:7f:
                    c9:ac:23:55:3b:8e:b7:22:14:ae:79:5b:66:7b:a2:
                    82:49:4d:9a:ec:26:85:a5:08:d3:d6:f2:0b:0d:a0:
                    49:ff:43:f4:fb:21:9e:be:f7:22:ac:f4:1b:2f:f4:
                    f4:15:12:79:4e:bd:2f:b8:90:ff:a5:af:23:ee:1a:
                    5f:52:40:03:ef:a7:19:de:0f:4b:ea:a5:52:6c:11:
                    50:8c:56:04:f4:b4:1b:b6:b2:ba:21:9e:97:e1:cf:
                    b9:08:72:89:ff:b7:4e:8d:f9:5b:ee:57:30:5c:d3:
                    fc:50:94:48:b6:94:9c:2f:63:a7:63:ea:69:7e:42:
                    6d:2a:27:7d:19:90:72:67:61:2e:3c:5b:5a:02:8e:
                    fd:6b:d1:67:ba:33:45:07:8b:ec:e2:5e:f3:03:7a:
                    60:d5:96:19:97:a2:db:f8:be:81:ed:d6:e3:4a:f6:
                    ca:de:e6:39:83:94:29:7a:ad:36:6e:57:b0:8e:37:
                    01:ef:93:13:79:4d:a1:45:bf:d2:c0:94:c4:7f:c7:
                    55:d6:3f:30:41:20:1d:45:39:c8:33:2a:cf:b8:f7:
                    ef:34:40:8a:7d:c9:af:d9:49:51:ae:1e:6a:ca:42:
                    ad:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:18:C1:1D:FA:0A:BB:05:32:CE:3E:28:CA:20:77:E9:01:F1:AB:1E
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/9c6c86-6aad-4f61-9750-c6dea957b0e0/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/9c6c86-6aad-4f61-9750-c6dea957b0e0/1/GxjBHfoKuwUyzj4oyiB36QHxqx4.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a00:6540::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  9032
                  60338

    Signature Algorithm: sha256WithRSAEncryption
         43:41:af:f4:ad:7b:cc:80:be:31:bf:9d:b1:4d:b4:fb:40:4f:
         2c:70:18:1c:bf:8b:4a:3a:d1:99:f6:0c:b8:66:2f:9c:4f:55:
         f7:65:19:42:c4:74:ff:b0:19:ac:a4:64:9b:f0:69:1d:ff:2f:
         70:3d:81:06:b6:5b:77:d2:69:db:c4:ea:3d:bd:07:49:44:39:
         1c:59:d7:3e:8f:74:f6:b9:2c:b1:0f:33:e4:7e:09:e9:9a:80:
         84:61:b2:8d:35:cc:b9:14:8c:ca:4c:7c:5f:9a:87:74:4f:eb:
         c8:a7:1e:0a:a4:89:cb:04:8e:a6:55:90:be:e0:79:b6:2c:cb:
         d2:f7:ad:18:7e:5a:77:a5:7b:f6:9f:f2:93:9e:47:66:66:f1:
         30:7c:3a:5c:26:a2:f7:ff:59:07:b1:7a:a1:2f:ff:e9:33:a7:
         89:5b:9b:06:22:10:20:5a:54:21:63:fc:d8:7f:7a:e4:0a:99:
         73:7b:4d:ef:7a:d6:15:13:86:fd:e5:9e:f3:4c:04:e2:87:01:
         92:35:27:82:62:a0:90:6a:76:51:ea:20:89:44:b8:b9:73:6a:
         23:73:08:2b:bb:c6:31:bb:92:35:1e:14:df:78:9f:b5:9a:f9:
         1e:9e:46:14:8b:3a:33:2e:07:23:2c:27:09:a1:f5:93:05:4a:
         22:e2:32:fc
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgISAYhyLgmoCYqjx/FtgFtYWQ8LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwNTMxMTQxOTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjE4YzExZGZhMGFiYjA1MzJjZTNlMjhjYTIwNzdlOTAxZjFhYjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9RR9vt+0UO+3JipQIynXnoeRWGME
XqHiK4UcJ3/JrCNVO463IhSueVtme6KCSU2a7CaFpQjT1vILDaBJ/0P0+yGevvci
rPQbL/T0FRJ5Tr0vuJD/pa8j7hpfUkAD76cZ3g9L6qVSbBFQjFYE9LQbtrK6IZ6X
4c+5CHKJ/7dOjflb7lcwXNP8UJRItpScL2OnY+ppfkJtKid9GZByZ2EuPFtaAo79
a9FnujNFB4vs4l7zA3pg1ZYZl6Lb+L6B7dbjSvbK3uY5g5Qpeq02blewjjcB75MT
eU2hRb/SwJTEf8dV1j8wQSAdRTnIMyrPuPfvNECKfcmv2UlRrh5qykKt7QIDAQAB
o4ICpTCCAqEwHQYDVR0OBBYEFBsYwR36CrsFMs4+KMogd+kB8aseMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNiLzljNmM4
Ni02YWFkLTRmNjEtOTc1MC1jNmRlYTk1N2IwZTAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2IvOWM2Yzg2
LTZhYWQtNGY2MS05NzUwLWM2ZGVhOTU3YjBlMC8xL0d4akJIZm9LdXdVeXpqNG95
aUIzNlFIeHF4NC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUF
BwEHAQH/BBEwDzANBAIAAjAHAwUDKgBlQDAeBggrBgEFBQcBCAEB/wQPMA2gCzAJ
AgIjSAIDAOuyMA0GCSqGSIb3DQEBCwUAA4IBAQBDQa/0rXvMgL4xv52xTbT7QE8s
cBgcv4tKOtGZ9gy4Zi+cT1X3ZRlCxHT/sBmspGSb8Gkd/y9wPYEGtlt30mnbxOo9
vQdJRDkcWdc+j3T2uSyxDzPkfgnpmoCEYbKNNcy5FIzKTHxfmod0T+vIpx4KpInL
BI6mVZC+4Hm2LMvS960Yflp3pXv2n/KTnkdmZvEwfDpcJqL3/1kHsXqhL//pM6eJ
W5sGIhAgWlQhY/zYf3rkCplze03vetYVE4b95Z7zTATihwGSNSeCYqCQanZR6iCJ
RLi5c2ojcwgru8Yxu5I1HhTfeJ+1mvkenkYUizozLgcjLCcJofWTBUoi4jL8
-----END CERTIFICATE-----