Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/LwkcmpVoMFYCOezpohEqJFgAiLo.cer
File:                     LwkcmpVoMFYCOezpohEqJFgAiLo.cer (raw, json)
Hash identifier:          ZpVLB+kgAbmtt2HuNJ3VQGUhwsMV4UT0DgbKjxqa5Ac=
Subject key identifier:   2F:09:1C:9A:95:68:30:56:02:39:EC:E9:A2:11:2A:24:58:00:88:BA
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018F4F5A4A46B1392822D33FBAC1A571BA1C
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/522a88b8-4771-498f-b44c-36ae2f0ce5c4/1/2F091C9A956830560239ECE9A2112A24580088BA.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/522a88b8-4771-498f-b44c-36ae2f0ce5c4/1/
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Mon 06 May 2024 19:21:08 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 215731

Validation:               Failed, certificate revoked on Mon 06 May 2024 21:05:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:4f:5a:4a:46:b1:39:28:22:d3:3f:ba:c1:a5:71:ba:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: May  6 19:21:08 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2f091c9a956830560239ece9a2112a24580088ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:25:f3:ec:13:c6:7e:45:dc:ea:68:50:65:f1:
                    07:06:cf:a2:16:e1:9b:47:fb:2a:b7:d5:21:af:3b:
                    eb:b8:21:34:8c:77:07:75:b8:75:c1:b8:d1:cf:d3:
                    2e:ac:7e:cf:81:7b:62:ce:1f:ff:e2:f9:45:b0:a5:
                    8b:6e:1f:54:7a:65:98:d3:02:da:39:72:57:5a:d6:
                    ea:6a:c0:c3:ef:da:17:55:4c:09:9e:5d:d2:cc:49:
                    3c:e4:b1:ee:49:b4:b4:68:0f:87:60:66:62:a0:db:
                    f3:9b:af:ae:98:5d:89:c0:98:7a:f6:00:f6:3e:44:
                    ba:f8:fd:57:c3:e2:59:0e:a8:4d:0f:da:58:69:df:
                    6e:54:49:76:76:ad:89:e2:f5:d1:0d:67:b5:12:a9:
                    d8:75:44:98:fa:3a:bd:50:d7:10:c0:29:e1:45:1e:
                    16:87:01:29:50:9a:a6:ef:d1:92:f6:8b:f9:b3:fb:
                    ab:ae:4c:92:a9:0f:a8:6f:25:a1:88:ad:b4:49:a2:
                    db:17:d3:fc:51:e3:87:07:04:db:e3:2e:49:03:e1:
                    40:9d:6c:de:2a:b4:73:b5:ca:0a:43:c3:0b:f2:ea:
                    4c:5d:a6:11:76:51:ac:7e:84:dd:de:58:28:b1:a7:
                    a2:bc:48:df:a0:58:46:68:34:26:04:ac:c9:d3:42:
                    df:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:09:1C:9A:95:68:30:56:02:39:EC:E9:A2:11:2A:24:58:00:88:BA
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/522a88b8-4771-498f-b44c-36ae2f0ce5c4/1/
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/522a88b8-4771-498f-b44c-36ae2f0ce5c4/1/2F091C9A956830560239ECE9A2112A24580088BA.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  215731

    Signature Algorithm: sha256WithRSAEncryption
         35:65:d5:ab:f8:03:64:4e:21:c9:e5:b2:4e:51:1e:36:9b:1c:
         04:7a:94:64:3a:e0:a7:05:cd:23:e7:05:ef:fa:f4:f4:74:be:
         fb:af:5b:b8:97:b1:3e:d8:7d:f0:dd:7e:56:3c:e1:21:26:60:
         0a:21:2c:b7:26:16:7e:9f:93:bf:c8:dc:44:4d:40:06:9c:93:
         53:67:a8:3c:60:0e:12:5d:02:11:bb:6b:c6:55:ed:dc:a4:25:
         16:7c:36:5b:03:52:65:85:04:08:84:9c:36:ab:97:6b:ce:08:
         3b:78:86:a7:c0:9c:c5:5c:f8:fb:3c:36:d6:68:fe:88:8a:4c:
         7a:53:c1:1c:a0:8b:9b:b2:f6:d1:18:9b:2a:21:88:d6:c7:6f:
         46:92:ff:f9:4c:98:6b:98:41:0b:87:3d:0f:a1:e0:16:30:d5:
         49:2c:45:f3:fe:75:c4:c8:7f:1a:cb:5f:15:e4:44:22:b9:42:
         0b:ae:96:c9:79:1b:f1:4d:4b:94:26:9b:db:b4:4a:04:e3:76:
         a1:04:26:3c:a1:45:8c:cc:30:50:c8:eb:bc:e8:b3:ba:6d:95:
         31:f9:9a:cf:a9:81:93:d8:84:e2:73:c2:a8:4a:24:7b:13:16:
         55:c7:c9:97:af:0c:b9:1f:a4:11:1d:5f:55:dd:ce:a1:89:12:
         3f:01:73:19
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAY9PWkpGsTkoItM/usGlcbocMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwNTA2MTkyMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjA5MWM5YTk1NjgzMDU2MDIzOWVjZTlhMjExMmEyNDU4MDA4OGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuiXz7BPGfkXc6mhQZfEHBs+iFuGb
R/sqt9UhrzvruCE0jHcHdbh1wbjRz9MurH7PgXtizh//4vlFsKWLbh9UemWY0wLa
OXJXWtbqasDD79oXVUwJnl3SzEk85LHuSbS0aA+HYGZioNvzm6+umF2JwJh69gD2
PkS6+P1Xw+JZDqhND9pYad9uVEl2dq2J4vXRDWe1EqnYdUSY+jq9UNcQwCnhRR4W
hwEpUJqm79GS9ov5s/urrkySqQ+obyWhiK20SaLbF9P8UeOHBwTb4y5JA+FAnWze
KrRztcoKQ8ML8upMXaYRdlGsfoTd3lgosaeivEjfoFhGaDQmBKzJ00LfRwIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFC8JHJqVaDBWAjns6aIRKiRYAIi6MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUyMmE4
OGI4LTQ3NzEtNDk4Zi1iNDRjLTM2YWUyZjBjZTVjNC8xLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNTIy
YTg4YjgtNDc3MS00OThmLWI0NGMtMzZhZTJmMGNlNWM0LzEvMkYwOTFDOUE5NTY4
MzA1NjAyMzlFQ0U5QTIxMTJBMjQ1ODAwODhCQS5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMDSrMw
DQYJKoZIhvcNAQELBQADggEBADVl1av4A2ROIcnlsk5RHjabHAR6lGQ64KcFzSPn
Be/69PR0vvuvW7iXsT7YffDdflY84SEmYAohLLcmFn6fk7/I3ERNQAack1NnqDxg
DhJdAhG7a8ZV7dykJRZ8NlsDUmWFBAiEnDarl2vOCDt4hqfAnMVc+Ps8NtZo/oiK
THpTwRygi5uy9tEYmyohiNbHb0aS//lMmGuYQQuHPQ+h4BYw1UksRfP+dcTIfxrL
XxXkRCK5Qguulsl5G/FNS5Qmm9u0SgTjdqEEJjyhRYzMMFDI67zos7ptlTH5ms+p
gZPYhOJzwqhKJHsTFlXHyZevDLkfpBEdX1XdzqGJEj8Bcxk=
-----END CERTIFICATE-----