Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/IaHRuiLg-ZhfS5bg6BMl1TgRZzc.cer
File:                     IaHRuiLg-ZhfS5bg6BMl1TgRZzc.cer (raw, json)
Hash identifier:          KewxFSFKF922eTrVhZFqQZ8xkpMClLTEvrAg8vPEpOg=
Subject key identifier:   21:A1:D1:BA:22:E0:F9:98:5F:4B:96:E0:E8:13:25:D5:38:11:67:37
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CCA29E09AE6F369E48B868A905543A336
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/a3/4e8e3d-6593-45a7-a3f5-86af3e3c341d/1/IaHRuiLg-ZhfS5bg6BMl1TgRZzc.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/a3/4e8e3d-6593-45a7-a3f5-86af3e3c341d/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 12:33:11 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 62359
                          IP: 91.242.173.0/24
                          IP: 2001:67c:6d8::/48
Validation:               Failed, certificate revoked on Wed 03 Apr 2024 12:39:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:29:e0:9a:e6:f3:69:e4:8b:86:8a:90:55:43:a3:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 12:33:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=21a1d1ba22e0f9985f4b96e0e81325d538116737
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:9d:65:74:b0:9a:d2:fd:bd:3f:55:23:e3:36:
                    fb:b3:67:49:81:90:15:0d:e6:b2:ec:09:67:78:18:
                    8a:7a:a4:48:2b:8a:1f:a0:d3:93:68:e7:1b:b4:df:
                    c5:8c:de:af:d0:97:04:2c:ed:58:69:80:3c:66:87:
                    96:fd:5e:19:c8:ef:6e:ed:e6:23:7f:d8:73:2b:64:
                    d5:25:4e:ff:6d:e7:23:2d:9b:aa:29:91:ad:af:66:
                    77:e3:98:46:8b:98:a9:61:5c:14:3d:f7:fe:90:73:
                    54:ee:be:74:f0:94:55:b6:a7:91:ac:2b:ce:2b:2b:
                    54:33:54:d0:5c:ad:18:08:de:4d:69:45:44:89:fa:
                    e2:74:a1:7b:25:54:d7:b1:5b:36:70:c9:96:cf:23:
                    ac:65:aa:0e:29:41:d7:ac:fc:73:5d:08:1d:e3:a3:
                    8b:94:e2:2f:3b:99:e8:55:f1:4b:fd:91:50:a1:24:
                    74:c0:4f:d4:de:ad:ed:f4:b3:65:56:b5:15:67:79:
                    ab:de:e1:57:44:b5:bc:8c:86:3f:d2:62:64:dd:e5:
                    82:d1:b5:69:2c:64:5a:8d:52:35:fd:01:b1:65:5c:
                    e8:61:d7:cc:a0:65:b6:c2:17:37:4b:9e:da:7f:e6:
                    0c:cd:8c:2a:0c:84:d4:3f:4b:19:0d:67:15:a7:74:
                    4f:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:A1:D1:BA:22:E0:F9:98:5F:4B:96:E0:E8:13:25:D5:38:11:67:37
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/4e8e3d-6593-45a7-a3f5-86af3e3c341d/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/4e8e3d-6593-45a7-a3f5-86af3e3c341d/1/IaHRuiLg-ZhfS5bg6BMl1TgRZzc.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.242.173.0/24
                IPv6:
                  2001:67c:6d8::/48

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  62359

    Signature Algorithm: sha256WithRSAEncryption
         81:ce:2b:7a:c4:6a:03:e9:b5:4f:54:b4:e8:65:ae:21:9e:45:
         1d:69:de:ff:cd:1d:05:a6:b8:33:a0:de:2d:fe:9c:42:c5:16:
         da:ed:31:1f:e4:7b:c6:ae:74:ba:30:61:57:c5:a9:6f:8c:b1:
         46:33:6a:e2:dc:47:31:e5:03:8d:7b:1c:a1:d3:45:bf:4b:92:
         9d:4d:c7:90:57:93:a5:c5:ae:9f:2e:20:a7:78:41:91:0a:ff:
         a7:36:17:ea:19:94:1c:4a:b6:94:49:d4:da:7e:04:9c:27:fc:
         04:d5:ab:bc:54:1b:c7:fb:8a:2b:b0:da:48:b4:a5:4f:57:df:
         df:1a:46:da:c4:f3:33:f5:fa:75:b4:57:ae:1f:f3:93:2a:35:
         45:26:eb:f4:e3:6b:73:ba:a7:ab:08:28:08:55:74:a4:d2:88:
         ab:c1:68:d9:70:68:64:cf:c4:88:8d:4a:f8:cf:6f:c2:02:0b:
         6b:49:93:e7:4a:6f:1e:8a:3f:05:da:88:9a:6d:8f:1b:70:f2:
         aa:aa:df:96:7d:b2:42:7a:71:34:81:00:98:f5:ff:a6:93:c5:
         e9:76:45:61:19:12:1d:c5:f6:aa:a4:04:bf:c4:cc:fe:d7:2a:
         02:d1:9d:29:8d:7c:d9:1b:d0:68:fd:e0:9f:0e:93:76:73:2b:
         4c:a4:76:fa
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgISAYzKKeCa5vNp5IuGipBVQ6M2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTIzMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWExZDFiYTIyZTBmOTk4NWY0Yjk2ZTBlODEzMjVkNTM4MTE2NzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq51ldLCa0v29P1Uj4zb7s2dJgZAV
Deay7AlneBiKeqRIK4ofoNOTaOcbtN/FjN6v0JcELO1YaYA8ZoeW/V4ZyO9u7eYj
f9hzK2TVJU7/becjLZuqKZGtr2Z345hGi5ipYVwUPff+kHNU7r508JRVtqeRrCvO
KytUM1TQXK0YCN5NaUVEifridKF7JVTXsVs2cMmWzyOsZaoOKUHXrPxzXQgd46OL
lOIvO5noVfFL/ZFQoSR0wE/U3q3t9LNlVrUVZ3mr3uFXRLW8jIY/0mJk3eWC0bVp
LGRajVI1/QGxZVzoYdfMoGW2whc3S57af+YMzYwqDITUP0sZDWcVp3RPqwIDAQAB
o4ICsTCCAq0wHQYDVR0OBBYEFCGh0boi4PmYX0uW4OgTJdU4EWc3MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2EzLzRlOGUz
ZC02NTkzLTQ1YTctYTNmNS04NmFmM2UzYzM0MWQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTMvNGU4ZTNk
LTY1OTMtNDVhNy1hM2Y1LTg2YWYzZTNjMzQxZC8xL0lhSFJ1aUxnLVpoZlM1Ymc2
Qk1sMVRnUlp6Yy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUF
BwEHAQH/BCEwHzAMBAIAATAGAwQAW/KtMA8EAgACMAkDBwAgAQZ8BtgwGgYIKwYB
BQUHAQgBAf8ECzAJoAcwBQIDAPOXMA0GCSqGSIb3DQEBCwUAA4IBAQCBzit6xGoD
6bVPVLToZa4hnkUdad7/zR0FprgzoN4t/pxCxRba7TEf5HvGrnS6MGFXxalvjLFG
M2ri3Ecx5QONexyh00W/S5KdTceQV5Olxa6fLiCneEGRCv+nNhfqGZQcSraUSdTa
fgScJ/wE1au8VBvH+4orsNpItKVPV9/fGkbaxPMz9fp1tFeuH/OTKjVFJuv042tz
uqerCCgIVXSk0oirwWjZcGhkz8SIjUr4z2/CAgtrSZPnSm8eij8F2oiabY8bcPKq
qt+WfbJCenE0gQCY9f+mk8XpdkVhGRIdxfaqpAS/xMz+1yoC0Z0pjXzZG9Bo/eCf
DpN2cytMpHb6
-----END CERTIFICATE-----