Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/N2aIyDcCNnG8XofYP_oXg7fOq04.cer
File:                     N2aIyDcCNnG8XofYP_oXg7fOq04.cer (raw, json)
Hash identifier:          Il++Lt89k3yXpfIzGlMdqo19i7b62Ogl0S365Kl3jh4=
Subject key identifier:   37:66:88:C8:37:02:36:71:BC:5E:87:D8:3F:FA:17:83:B7:CE:AB:4E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       A89F0E7F72
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/b9/6b0707-1584-41db-899b-3abed42221f6/1/N2aIyDcCNnG8XofYP_oXg7fOq04.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/b9/6b0707-1584-41db-899b-3abed42221f6/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sat 01 Jan 2022 14:01:35 +0000
Certificate not after:    Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources:    AS: 62349
                          IP: 185.196.92.0/22
                          IP: 2a0a:6b40::/29
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 724223033202 (0xa89f0e7f72)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 14:01:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=376688c837023671bc5e87d83ffa1783b7ceab4e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:13:49:dc:b4:46:61:48:33:95:06:5b:11:aa:
                    96:3c:2e:af:71:73:b8:5d:9e:24:aa:b4:60:2e:e7:
                    ca:d8:5b:8e:06:57:83:f4:cb:ac:4a:1b:50:2d:f4:
                    f9:09:12:bc:9c:ac:99:df:bf:97:b2:94:11:eb:10:
                    cf:13:7c:47:bc:ef:24:03:8a:50:c7:b3:db:45:19:
                    f2:7e:48:26:70:83:26:62:8a:d6:9d:d9:a6:ff:f3:
                    df:3c:5a:d8:e9:22:84:96:b5:d9:81:42:2e:67:90:
                    79:a0:ef:ba:93:b7:5e:34:52:17:11:eb:84:20:4e:
                    a2:d9:ad:74:a0:8b:86:11:08:ef:97:bd:84:ff:65:
                    7a:09:55:e1:72:1d:aa:a7:6a:8f:c7:c3:1b:40:8d:
                    67:b8:57:c0:06:d2:43:7c:e4:95:d1:15:9e:65:65:
                    94:ed:f5:f7:92:df:36:50:aa:97:c1:3f:8e:0d:e5:
                    68:2b:6c:a6:d7:ca:a9:0e:b5:a4:12:d6:ac:04:ce:
                    e4:7e:62:2a:ae:3f:4d:a2:1f:f9:78:f0:d7:3d:bf:
                    1b:3a:9a:f3:47:f5:81:dd:86:e0:dd:91:4c:13:f0:
                    45:90:60:87:5f:a9:13:ad:af:17:73:96:14:73:eb:
                    f3:98:b9:78:39:15:5a:95:e0:17:04:d7:c8:63:21:
                    b5:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:66:88:C8:37:02:36:71:BC:5E:87:D8:3F:FA:17:83:B7:CE:AB:4E
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/6b0707-1584-41db-899b-3abed42221f6/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/6b0707-1584-41db-899b-3abed42221f6/1/N2aIyDcCNnG8XofYP_oXg7fOq04.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.196.92.0/22
                IPv6:
                  2a0a:6b40::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  62349

    Signature Algorithm: sha256WithRSAEncryption
         31:50:5a:b9:a9:4d:53:0e:8c:73:25:4b:ca:5c:1d:65:94:42:
         a9:5e:37:b7:78:9e:36:1c:b0:46:11:b8:70:3b:94:f0:17:d8:
         19:31:95:11:11:b7:9a:e9:12:81:37:5e:b4:09:09:80:23:db:
         0e:da:c3:49:4d:9c:59:dc:dd:aa:81:54:c4:e0:d4:70:91:7b:
         5b:17:68:24:f6:87:38:30:b3:fe:00:fa:be:a4:cb:f0:ce:0b:
         50:05:6e:ea:4c:22:dd:fb:a3:d3:f2:4f:08:ee:27:31:3c:2a:
         62:ae:bd:5a:d5:dc:4b:09:45:0b:a8:98:94:85:df:e3:91:02:
         36:91:75:6b:2f:f2:f5:a5:9b:5d:ff:9d:23:91:b8:7b:25:e4:
         54:31:3c:c1:29:ac:c9:5b:58:88:ea:bd:1e:6b:c6:7d:89:ff:
         2a:11:36:dd:9c:b7:17:bd:86:9b:00:a7:97:63:64:d4:7c:4b:
         13:c0:53:97:cc:8e:12:59:61:c0:a3:ae:c0:81:f1:36:48:6e:
         34:c2:ec:fb:6b:c2:78:89:58:2d:80:cb:16:10:7c:e9:c6:0e:
         28:a3:35:8d:47:ca:92:2a:79:a8:21:a1:a2:f1:c6:30:1e:c5:
         e7:5d:e0:bd:af:c8:25:0c:4c:c1:52:0b:73:e2:b0:c0:05:18:
         9b:e5:03:01
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIGAKifDn9yMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTQwMTM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzNzY2ODhjODM3
MDIzNjcxYmM1ZTg3ZDgzZmZhMTc4M2I3Y2VhYjRlMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAiBNJ3LRGYUgzlQZbEaqWPC6vcXO4XZ4kqrRgLufK2FuO
BleD9MusShtQLfT5CRK8nKyZ37+XspQR6xDPE3xHvO8kA4pQx7PbRRnyfkgmcIMm
YorWndmm//PfPFrY6SKElrXZgUIuZ5B5oO+6k7deNFIXEeuEIE6i2a10oIuGEQjv
l72E/2V6CVXhch2qp2qPx8MbQI1nuFfABtJDfOSV0RWeZWWU7fX3kt82UKqXwT+O
DeVoK2ym18qpDrWkEtasBM7kfmIqrj9Noh/5ePDXPb8bOprzR/WB3Ybg3ZFME/BF
kGCHX6kTra8Xc5YUc+vzmLl4ORValeAXBNfIYyG1IwIDAQABo4ICrzCCAqswHQYD
VR0OBBYEFDdmiMg3AjZxvF6H2D/6F4O3zqtOMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I5LzZiMDcwNy0xNTg0LTQxZGIt
ODk5Yi0zYWJlZDQyMjIxZjYvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjkvNmIwNzA3LTE1ODQtNDFkYi04
OTliLTNhYmVkNDIyMjFmNi8xL04yYUl5RGNDTm5HOFhvZllQX29YZzdmT3EwNC5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQCucRcMA0EAgACMAcDBQMqCmtAMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwDzjTANBgkqhkiG9w0BAQsFAAOCAQEAMVBaualNUw6McyVLylwdZZRCqV43
t3ieNhywRhG4cDuU8BfYGTGVERG3mukSgTdetAkJgCPbDtrDSU2cWdzdqoFUxODU
cJF7WxdoJPaHODCz/gD6vqTL8M4LUAVu6kwi3fuj0/JPCO4nMTwqYq69WtXcSwlF
C6iYlIXf45ECNpF1ay/y9aWbXf+dI5G4eyXkVDE8wSmsyVtYiOq9HmvGfYn/KhE2
3Zy3F72GmwCnl2Nk1HxLE8BTl8yOEllhwKOuwIHxNkhuNMLs+2vCeIlYLYDLFhB8
6cYOKKM1jUfKkip5qCGhovHGMB7F513gva/IJQxMwVILc+KwwAUYm+UDAQ==
-----END CERTIFICATE-----