Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/L3Y1bRAaNHjKPlswnwInEa47jEY.cer
File:                     L3Y1bRAaNHjKPlswnwInEa47jEY.cer (raw, json)
Hash identifier:          4sZaBAGjxjDBt7zDEDClj+Ql66yVw1XQt8aipE866fo=
Subject key identifier:   2F:76:35:6D:10:1A:34:78:CA:3E:5B:30:9F:02:27:11:AE:3B:8C:46
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC8DF3818EF73B053AF6A493D04F0C421
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/c1/a917a5-ea8b-48d6-b910-31d2fdf0a5e7/1/L3Y1bRAaNHjKPlswnwInEa47jEY.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/c1/a917a5-ea8b-48d6-b910-31d2fdf0a5e7/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 06:32:01 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 59593
                          IP: 91.244.69.0/24
Validation:               Failed, certificate revoked on Wed 11 Sep 2024 09:50:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:df:38:18:ef:73:b0:53:af:6a:49:3d:04:f0:c4:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 06:32:01 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2f76356d101a3478ca3e5b309f022711ae3b8c46
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:c5:a8:e2:86:e9:40:6a:25:59:22:49:a6:a5:
                    26:42:42:b2:4a:93:3a:c6:a4:67:c4:fe:ee:d6:c2:
                    4c:3d:2e:02:cf:e9:19:9f:32:a8:34:9a:5f:42:5e:
                    c8:4b:ce:6f:3a:c3:a2:4e:17:24:13:14:56:90:d0:
                    e2:d5:40:27:11:ba:a8:8a:36:f6:d2:9a:c4:11:79:
                    ef:41:14:bc:e9:95:78:b1:c8:ac:a8:30:f9:15:77:
                    68:a4:14:7a:b3:f1:7e:7a:83:57:87:e8:f0:c0:0d:
                    ea:c1:40:b2:98:d7:65:d6:0d:f5:28:2a:af:9e:1d:
                    ee:7f:66:71:f0:ae:fe:60:10:ed:1f:15:91:f6:ff:
                    e7:dc:9b:f6:c2:29:2f:0f:3d:87:bf:26:62:54:e5:
                    78:e7:89:e7:44:36:c8:55:c2:57:2c:93:23:bc:0a:
                    91:58:05:91:ac:1a:a9:6e:91:50:d6:12:4e:ed:66:
                    97:7b:f2:52:12:c2:eb:db:1e:2c:39:42:e8:1d:62:
                    ab:2d:60:e5:7e:f8:59:a0:b0:3d:fe:73:4c:86:cf:
                    e0:18:af:03:01:fa:e0:eb:0c:d6:03:7a:6a:c8:b5:
                    ba:9c:d6:63:53:06:7a:82:20:b3:d8:a4:eb:30:88:
                    17:67:e1:69:62:e3:4e:84:cf:a8:85:68:50:65:2b:
                    4e:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:76:35:6D:10:1A:34:78:CA:3E:5B:30:9F:02:27:11:AE:3B:8C:46
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a917a5-ea8b-48d6-b910-31d2fdf0a5e7/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a917a5-ea8b-48d6-b910-31d2fdf0a5e7/1/L3Y1bRAaNHjKPlswnwInEa47jEY.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.244.69.0/24

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  59593

    Signature Algorithm: sha256WithRSAEncryption
         97:bf:b6:de:87:2e:7d:5c:72:0a:01:f6:89:84:be:32:56:f7:
         0c:4d:b7:d8:6e:02:ae:36:5f:0c:fa:12:98:f2:0c:7a:ce:92:
         f0:5b:92:0b:05:3c:4c:c3:c0:8d:57:e7:e2:a6:be:32:ef:02:
         d8:8a:3b:8f:c0:96:ff:b3:18:cf:d3:63:e0:82:31:9f:ca:3a:
         b0:de:40:cc:05:93:b4:b8:ce:b7:a1:21:26:08:7e:a2:6a:c8:
         ca:4a:a1:43:80:5b:a5:0f:c9:75:df:5a:22:36:25:22:fd:92:
         b4:27:ad:ad:e1:16:df:c6:d5:f0:e1:96:42:fc:b6:cc:33:81:
         4d:e5:b3:71:bd:b8:a3:2d:e9:a6:78:41:b0:fe:3e:10:bc:e4:
         e9:c9:d6:0f:5d:0a:26:a3:c7:36:d1:ff:93:c0:bb:8d:39:a6:
         b7:67:62:79:4f:03:a0:0e:89:98:92:67:d3:24:f4:81:e1:7c:
         de:12:10:06:6d:4f:83:ca:9f:e3:9b:54:3d:29:37:2a:18:fa:
         a3:3a:bb:bb:08:b3:3a:6b:80:d2:07:05:35:88:99:af:51:c8:
         8b:7e:48:c2:53:49:09:ca:90:c5:f4:a2:7d:f2:1f:40:61:9a:
         61:5a:69:30:a3:53:d9:07:34:ac:7d:bf:3c:5d:8f:46:ef:d8:
         19:1b:2d:55
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYzI3zgY73OwU69qST0E8MQhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDYzMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjc2MzU2ZDEwMWEzNDc4Y2EzZTViMzA5ZjAyMjcxMWFlM2I4YzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7cWo4obpQGolWSJJpqUmQkKySpM6
xqRnxP7u1sJMPS4Cz+kZnzKoNJpfQl7IS85vOsOiThckExRWkNDi1UAnEbqoijb2
0prEEXnvQRS86ZV4scisqDD5FXdopBR6s/F+eoNXh+jwwA3qwUCymNdl1g31KCqv
nh3uf2Zx8K7+YBDtHxWR9v/n3Jv2wikvDz2HvyZiVOV454nnRDbIVcJXLJMjvAqR
WAWRrBqpbpFQ1hJO7WaXe/JSEsLr2x4sOULoHWKrLWDlfvhZoLA9/nNMhs/gGK8D
Afrg6wzWA3pqyLW6nNZjUwZ6giCz2KTrMIgXZ+FpYuNOhM+ohWhQZStOvwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFC92NW0QGjR4yj5bMJ8CJxGuO4xGMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxL2E5MTdh
NS1lYThiLTQ4ZDYtYjkxMC0zMWQyZmRmMGE1ZTcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzEvYTkxN2E1
LWVhOGItNDhkNi1iOTEwLTMxZDJmZGYwYTVlNy8xL0wzWTFiUkFhTkhqS1Bsc3du
d0luRWE0N2pFWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAW/RFMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwDoyTANBgkqhkiG9w0BAQsFAAOCAQEAl7+23ocufVxyCgH2iYS+Mlb3DE232G4C
rjZfDPoSmPIMes6S8FuSCwU8TMPAjVfn4qa+Mu8C2Io7j8CW/7MYz9Nj4IIxn8o6
sN5AzAWTtLjOt6EhJgh+omrIykqhQ4BbpQ/Jdd9aIjYlIv2StCetreEW38bV8OGW
Qvy2zDOBTeWzcb24oy3ppnhBsP4+ELzk6cnWD10KJqPHNtH/k8C7jTmmt2dieU8D
oA6JmJJn0yT0geF83hIQBm1Pg8qf45tUPSk3Khj6ozq7uwizOmuA0gcFNYiZr1HI
i35IwlNJCcqQxfSiffIfQGGaYVppMKNT2Qc0rH2/PF2PRu/YGRstVQ==
-----END CERTIFICATE-----