Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/HLnq8qZq3xikSzxUVQ_hzqGRsAo.cer
File:                     HLnq8qZq3xikSzxUVQ_hzqGRsAo.cer (raw, json)
Hash identifier:          A4cRdUOLtS7hACKDL3JiK/Iv4U0dvOArY3RRHXIz0x4=
Subject key identifier:   1C:B9:EA:F2:A6:6A:DF:18:A4:4B:3C:54:55:0F:E1:CE:A1:91:B0:0A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018572455FB9590D17C2C6C31E06C5E7C792
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/8a/94099b-1727-408e-9f1f-48dee405d0c0/1/HLnq8qZq3xikSzxUVQ_hzqGRsAo.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/8a/94099b-1727-408e-9f1f-48dee405d0c0/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 02 Jan 2023 11:37:07 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    AS: 207513
                          IP: 185.196.30.0/24
                          IP: 2a0d:6c00::/29

Validation:               Failed, certificate revoked on Wed 12 Jul 2023 16:14:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:45:5f:b9:59:0d:17:c2:c6:c3:1e:06:c5:e7:c7:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 11:37:07 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1cb9eaf2a66adf18a44b3c54550fe1cea191b00a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:f8:12:8c:a9:14:77:df:b8:4c:ca:2e:4b:26:
                    b1:ed:d4:89:e7:95:89:e5:dd:a2:fc:7f:90:3b:2b:
                    b6:0a:d9:e5:e2:26:ce:90:29:70:09:d3:6d:9c:0b:
                    e4:41:1c:89:07:ad:26:3c:3c:91:6d:7d:b4:06:cd:
                    d0:ca:57:c5:dd:c0:00:dc:93:af:6f:aa:62:15:19:
                    57:8a:60:5d:70:45:10:a4:aa:75:f0:e6:06:74:b0:
                    bf:df:ec:f3:94:63:e3:13:2e:7b:f9:80:7a:d4:82:
                    29:fd:26:95:fe:8c:96:2f:d9:00:5e:80:6f:03:4f:
                    18:5c:b2:ce:8c:8c:70:fb:37:2a:8b:39:22:58:ea:
                    3b:74:43:45:5e:cf:2c:d3:cd:7b:24:84:d0:b1:99:
                    90:36:c7:a7:fd:29:85:c0:ce:79:fc:b1:c4:95:be:
                    d6:aa:4c:cc:f6:ae:01:da:35:69:b4:5f:4d:74:55:
                    5d:0f:77:14:75:51:44:fc:79:b9:40:0a:d6:12:d0:
                    95:5b:94:3f:76:4d:ec:ff:5b:b8:eb:25:de:c5:70:
                    05:f2:ef:33:6b:81:71:d0:ce:e5:6d:c1:35:45:0d:
                    bf:94:b6:ca:0d:e6:8f:60:92:e5:b8:60:27:09:ef:
                    bd:1f:ca:43:23:91:5f:96:3a:3c:73:77:78:0a:03:
                    52:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:B9:EA:F2:A6:6A:DF:18:A4:4B:3C:54:55:0F:E1:CE:A1:91:B0:0A
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/94099b-1727-408e-9f1f-48dee405d0c0/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/94099b-1727-408e-9f1f-48dee405d0c0/1/HLnq8qZq3xikSzxUVQ_hzqGRsAo.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.196.30.0/24
                IPv6:
                  2a0d:6c00::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  207513

    Signature Algorithm: sha256WithRSAEncryption
         38:2f:e7:c5:b0:3f:6b:88:bb:d1:98:7f:9a:8c:b9:95:ff:6f:
         55:ac:72:67:6e:d7:df:ac:39:32:03:7a:20:be:e4:6f:96:3d:
         a8:67:db:66:0d:b4:1f:14:de:2e:16:7f:e5:05:60:da:cf:ee:
         b5:f4:f4:1e:ac:1d:cd:38:ba:65:fe:51:ae:4a:e5:33:22:94:
         36:1d:ab:68:d5:24:e1:c0:e6:75:fc:7c:9a:a5:e5:c3:ad:14:
         26:3c:ce:e0:41:01:7a:c1:fd:94:8b:d4:86:fc:af:0a:ed:1a:
         e3:ed:10:ba:33:cf:b2:8a:09:30:63:a5:c4:c0:d5:52:05:81:
         16:a2:c2:48:be:e6:24:30:5d:8c:a1:f2:09:2f:2e:dc:fa:89:
         0b:f9:cb:21:52:3c:8c:e8:7e:a8:c9:a3:0a:77:28:4b:42:10:
         a4:6f:6d:a0:01:e3:c3:1a:17:8c:00:91:27:22:db:48:a8:41:
         a6:99:01:cf:8a:0a:2d:70:4c:ff:c9:26:81:ce:e6:46:44:82:
         2b:bd:bb:c0:45:46:0f:8a:a1:69:74:95:d0:8b:9d:63:d4:df:
         74:53:de:5a:98:ae:b4:eb:ca:c7:6c:a2:74:6b:f4:b0:e0:77:
         93:19:6a:81:6b:6d:74:6f:8e:e1:b6:0b:fe:bd:13:9f:7e:ac:
         99:a2:24:9e
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYVyRV+5WQ0XwsbDHgbF58eSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAyMTEzNzA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2I5ZWFmMmE2NmFkZjE4YTQ0YjNjNTQ1NTBmZTFjZWExOTFiMDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0/gSjKkUd9+4TMouSyax7dSJ55WJ
5d2i/H+QOyu2Ctnl4ibOkClwCdNtnAvkQRyJB60mPDyRbX20Bs3QylfF3cAA3JOv
b6piFRlXimBdcEUQpKp18OYGdLC/3+zzlGPjEy57+YB61IIp/SaV/oyWL9kAXoBv
A08YXLLOjIxw+zcqizkiWOo7dENFXs8s0817JITQsZmQNsen/SmFwM55/LHElb7W
qkzM9q4B2jVptF9NdFVdD3cUdVFE/Hm5QArWEtCVW5Q/dk3s/1u46yXexXAF8u8z
a4Fx0M7lbcE1RQ2/lLbKDeaPYJLluGAnCe+9H8pDI5Ffljo8c3d4CgNSbwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFBy56vKmat8YpEs8VFUP4c6hkbAKMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhhLzk0MDk5
Yi0xNzI3LTQwOGUtOWYxZi00OGRlZTQwNWQwYzAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGEvOTQwOTli
LTE3MjctNDA4ZS05ZjFmLTQ4ZGVlNDA1ZDBjMC8xL0hMbnE4cVpxM3hpa1N6eFVW
UV9oenFHUnNBby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAucQeMA0EAgACMAcDBQMqDWwAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMqmTANBgkqhkiG9w0BAQsFAAOCAQEAOC/nxbA/a4i7
0Zh/moy5lf9vVaxyZ27X36w5MgN6IL7kb5Y9qGfbZg20HxTeLhZ/5QVg2s/utfT0
HqwdzTi6Zf5RrkrlMyKUNh2raNUk4cDmdfx8mqXlw60UJjzO4EEBesH9lIvUhvyv
Cu0a4+0QujPPsooJMGOlxMDVUgWBFqLCSL7mJDBdjKHyCS8u3PqJC/nLIVI8jOh+
qMmjCncoS0IQpG9toAHjwxoXjACRJyLbSKhBppkBz4oKLXBM/8kmgc7mRkSCK727
wEVGD4qhaXSV0IudY9TfdFPeWpiutOvKx2yidGv0sOB3kxlqgWttdG+O4bYL/r0T
n36smaIkng==
-----END CERTIFICATE-----