Certificate 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/HGIIzm2R1rja3ljlKRuxkp1eOTM.cer
File:                     HGIIzm2R1rja3ljlKRuxkp1eOTM.cer (raw, json)
Hash identifier:          kL1wYmbUtrQryiloeym4gNP6X15wcl/Vh4JTxHHB6GA=
Subject key identifier:   1C:62:08:CE:6D:91:D6:B8:DA:DE:58:E5:29:1B:B1:92:9D:5E:39:33
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01905F50934C8AD21C6DD69CF67696563932
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/e0/a092dd-590b-4fbe-89b7-e48c933c16ce/1/HGIIzm2R1rja3ljlKRuxkp1eOTM.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/e0/a092dd-590b-4fbe-89b7-e48c933c16ce/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Fri 28 Jun 2024 14:47:14 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 197722
                          IP: 46.234.128.0/19
                          IP: 2a00:9a60::/32

Validation:               Failed, certificate revoked on Fri 18 Oct 2024 09:13:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:5f:50:93:4c:8a:d2:1c:6d:d6:9c:f6:76:96:56:39:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jun 28 14:47:14 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1c6208ce6d91d6b8dade58e5291bb1929d5e3933
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:30:2b:40:19:7e:62:56:a9:ec:9f:47:a3:44:
                    5c:73:23:a4:07:c8:6b:5e:a4:a6:f4:df:9f:c7:1e:
                    bf:0f:eb:14:ec:ee:09:81:a5:c1:f5:50:1f:7b:59:
                    21:82:37:9f:e5:8b:1e:c0:bc:eb:0f:52:e7:cf:64:
                    12:3e:b2:32:ce:92:59:5e:6f:f5:4d:e5:34:d1:89:
                    f3:94:12:fd:c1:16:7d:d1:eb:63:d0:06:fb:fa:fa:
                    de:a4:53:44:80:e5:a0:b4:67:92:fe:14:ef:b7:c3:
                    34:47:f4:37:e3:7f:b5:92:b9:73:aa:ba:e1:ce:45:
                    45:97:17:7f:6d:38:da:7e:35:df:c6:da:9f:d1:d7:
                    b3:25:32:a4:d6:24:d5:66:07:8d:ac:26:d5:50:11:
                    c5:78:b8:18:d8:0c:8a:ac:3f:71:dc:9f:64:ad:0d:
                    a9:5c:08:57:49:5c:20:59:9b:40:00:5e:e5:4f:dd:
                    c8:01:dd:74:a0:04:85:2a:7f:79:15:70:18:34:3a:
                    82:97:82:f3:fb:04:ef:1e:fb:f9:16:61:51:54:d1:
                    74:56:e6:81:40:9f:04:57:65:a9:df:fa:e5:f0:3f:
                    38:28:8e:45:59:a0:ab:90:47:dd:d1:89:73:03:59:
                    c2:6a:70:7c:03:04:b9:9c:db:fe:fc:b9:ff:45:0c:
                    1a:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:62:08:CE:6D:91:D6:B8:DA:DE:58:E5:29:1B:B1:92:9D:5E:39:33
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/a092dd-590b-4fbe-89b7-e48c933c16ce/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/a092dd-590b-4fbe-89b7-e48c933c16ce/1/HGIIzm2R1rja3ljlKRuxkp1eOTM.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.234.128.0/19
                IPv6:
                  2a00:9a60::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  197722

    Signature Algorithm: sha256WithRSAEncryption
         8d:bf:01:d1:4e:65:ff:a7:95:ce:02:30:58:52:58:07:69:ec:
         69:95:95:d6:a3:b0:66:52:c0:2a:71:3a:c0:20:8e:9b:f2:b7:
         ba:20:f9:cc:07:4a:0d:c4:5c:7d:9b:15:61:fa:21:09:78:87:
         ab:f6:b9:7f:ee:b7:8a:a8:65:46:85:be:aa:ce:b2:8e:92:da:
         18:55:ec:a8:8d:23:68:76:7a:0d:77:27:cf:68:f0:4d:26:4f:
         b8:bc:e3:9c:d5:af:6f:c6:8e:44:42:91:58:df:29:b6:ed:d0:
         11:48:12:4b:db:92:a0:ff:b1:c3:ec:6c:51:6f:56:2a:86:28:
         46:ee:23:d5:ae:4c:79:62:33:37:7b:0d:fe:ef:fa:cd:74:63:
         cb:20:e9:4d:97:83:48:bd:42:86:a1:e5:24:a8:5e:37:3e:31:
         4c:ca:04:7d:73:ce:49:cc:f5:15:d9:bd:12:c7:d2:55:19:b0:
         c2:b3:33:1a:c7:1a:fb:88:37:ac:b2:f8:c9:74:ec:9a:d7:19:
         ef:58:99:c0:28:2d:8c:44:3a:b7:d3:57:f0:5c:5e:81:0a:6c:
         70:46:71:c3:c3:d9:94:b1:99:16:bb:33:8b:f8:b2:4f:b0:19:
         40:18:36:dd:c4:ef:e1:8b:03:98:ff:11:e0:ed:70:05:46:88:
         00:5c:49:c3
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZBfUJNMitIcbdac9naWVjkyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwNjI4MTQ0NzE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzYyMDhjZTZkOTFkNmI4ZGFkZTU4ZTUyOTFiYjE5MjlkNWUzOTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2DArQBl+Ylap7J9Ho0RccyOkB8hr
XqSm9N+fxx6/D+sU7O4JgaXB9VAfe1khgjef5YsewLzrD1Lnz2QSPrIyzpJZXm/1
TeU00YnzlBL9wRZ90etj0Ab7+vrepFNEgOWgtGeS/hTvt8M0R/Q343+1krlzqrrh
zkVFlxd/bTjafjXfxtqf0dezJTKk1iTVZgeNrCbVUBHFeLgY2AyKrD9x3J9krQ2p
XAhXSVwgWZtAAF7lT93IAd10oASFKn95FXAYNDqCl4Lz+wTvHvv5FmFRVNF0VuaB
QJ8EV2Wp3/rl8D84KI5FWaCrkEfd0YlzA1nCanB8AwS5nNv+/Ln/RQwaVwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFBxiCM5tkda42t5Y5SkbsZKdXjkzMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2UwL2EwOTJk
ZC01OTBiLTRmYmUtODliNy1lNDhjOTMzYzE2Y2UvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTAvYTA5MmRk
LTU5MGItNGZiZS04OWI3LWU0OGM5MzNjMTZjZS8xL0hHSUl6bTJSMXJqYTNsamxL
UnV4a3AxZU9UTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQFLuqAMA0EAgACMAcDBQAqAJpgMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMEWjANBgkqhkiG9w0BAQsFAAOCAQEAjb8B0U5l/6eV
zgIwWFJYB2nsaZWV1qOwZlLAKnE6wCCOm/K3uiD5zAdKDcRcfZsVYfohCXiHq/a5
f+63iqhlRoW+qs6yjpLaGFXsqI0jaHZ6DXcnz2jwTSZPuLzjnNWvb8aOREKRWN8p
tu3QEUgSS9uSoP+xw+xsUW9WKoYoRu4j1a5MeWIzN3sN/u/6zXRjyyDpTZeDSL1C
hqHlJKheNz4xTMoEfXPOScz1Fdm9EsfSVRmwwrMzGsca+4g3rLL4yXTsmtcZ71iZ
wCgtjEQ6t9NX8FxegQpscEZxw8PZlLGZFrszi/iyT7AZQBg23cTv4YsDmP8R4O1w
BUaIAFxJww==
-----END CERTIFICATE-----
Generated at Fri Oct 18 10:57:34 2024 by rpki-client on console-ams.rpki-client.org