Certificate 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Qj8FcXhe0j8Qpsx7J6wbHIeBpno.cer
File:                     Qj8FcXhe0j8Qpsx7J6wbHIeBpno.cer (raw, json)
Hash identifier:          iuVI6zSVBL55KfPWPdjm42edJQLTNeUoxgcV+nhws4I=
Subject key identifier:   42:3F:05:71:78:5E:D2:3F:10:A6:CC:7B:27:AC:1B:1C:87:81:A6:7A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01887BAA15EB0FF12C30C99D0FE2725C1643
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/853b8c81-6107-435a-9df6-47677e8fa74b/0/423F0571785ED23F10A6CC7B27AC1B1C8781A67A.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/853b8c81-6107-435a-9df6-47677e8fa74b/0/
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Fri 02 Jun 2023 10:32:04 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    IP: 190.92.168.0/21
                          IP: 193.30.117.0/24
                          IP: 2a10:e6c0::/29

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:7b:aa:15:eb:0f:f1:2c:30:c9:9d:0f:e2:72:5c:16:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jun  2 10:32:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=423f0571785ed23f10a6cc7b27ac1b1c8781a67a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:3a:f4:eb:9d:9f:89:fc:5c:3a:ea:e9:6b:b3:
                    bc:c8:10:05:26:1c:3d:fe:16:ba:d4:b7:b3:1e:90:
                    4b:3d:af:48:8f:46:17:6a:db:8a:be:05:b8:ba:8c:
                    fc:08:2a:9e:2e:9e:b6:3e:84:ba:ab:3f:e2:cd:1f:
                    72:18:9d:b7:3e:16:a4:0e:e6:ff:d7:5b:0b:88:9e:
                    ec:84:f7:70:f2:ee:62:56:ec:28:c3:f0:99:99:f3:
                    50:e0:70:55:4e:31:d4:75:f2:b2:7f:1f:02:4d:e1:
                    8d:55:9a:ef:d4:12:92:ce:be:fb:2e:e5:9d:87:ea:
                    28:24:fd:74:03:e6:0d:d7:d6:e4:c7:d8:c5:db:38:
                    03:f8:fc:77:b1:d5:ab:bc:01:6a:bf:37:6c:2c:cb:
                    32:49:3e:50:c7:ff:3d:ef:83:15:15:aa:4a:2c:35:
                    14:dd:c1:6f:c0:2e:68:e0:58:8e:eb:d0:b0:07:5b:
                    49:38:9e:04:60:7c:57:7b:e9:1e:eb:67:7b:ff:20:
                    d4:52:a6:13:75:5f:84:02:21:7b:28:5b:58:34:97:
                    30:e8:5b:fc:77:b6:f2:9f:07:c8:eb:d5:08:4a:15:
                    0b:84:42:ce:8b:53:cd:ac:07:fa:26:60:2f:d5:ff:
                    ff:58:95:51:5f:77:33:83:0e:e2:73:1e:77:a9:6a:
                    1c:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:3F:05:71:78:5E:D2:3F:10:A6:CC:7B:27:AC:1B:1C:87:81:A6:7A
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/853b8c81-6107-435a-9df6-47677e8fa74b/0/
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/853b8c81-6107-435a-9df6-47677e8fa74b/0/423F0571785ED23F10A6CC7B27AC1B1C8781A67A.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.92.168.0/21
                  193.30.117.0/24
                IPv6:
                  2a10:e6c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         66:63:c9:b5:60:57:57:4b:8a:a0:c6:87:86:f7:e7:3f:85:77:
         f7:25:b5:27:b5:b9:24:db:82:ce:dd:7a:58:53:66:af:80:b3:
         c1:55:37:90:62:d2:52:20:4e:27:82:2f:53:4b:72:0b:c8:f5:
         a0:32:63:fc:35:bc:6a:88:77:4d:35:02:c4:6e:95:a7:fb:7d:
         c7:2a:c8:6e:ca:f5:a7:10:3c:6c:64:af:1b:e7:f1:e7:fc:fc:
         02:1f:02:4a:c8:e9:19:c7:78:cf:d0:3d:86:44:83:13:1e:da:
         f7:29:d9:9d:1a:a2:da:1f:45:cb:6d:c7:60:56:85:88:c6:e8:
         b9:4c:1a:42:6f:16:6e:bc:5c:63:64:66:69:bc:1b:a0:c0:13:
         ca:02:d9:b6:23:96:40:69:ff:ba:02:58:46:c4:dc:d1:70:a4:
         bc:33:c4:ee:c6:4f:61:09:76:43:f1:48:8e:6b:6a:c4:59:4f:
         08:74:13:d8:6f:a9:37:f5:98:45:6f:3d:4e:66:2c:d9:72:34:
         44:4c:30:d7:c2:ff:4a:aa:77:46:e1:51:92:8c:86:0a:35:97:
         1c:4d:ee:c5:74:e5:68:8f:6e:66:8e:d6:d2:f0:41:b2:7d:85:
         53:9e:6f:a6:a8:a5:8e:e9:bd:88:df:d0:95:c0:3e:23:db:67:
         0f:7b:5b:70
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAYh7qhXrD/EsMMmdD+JyXBZDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwNjAyMTAzMjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjNmMDU3MTc4NWVkMjNmMTBhNmNjN2IyN2FjMWIxYzg3ODFhNjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzr0652fifxcOurpa7O8yBAFJhw9
/ha61LezHpBLPa9Ij0YXatuKvgW4uoz8CCqeLp62PoS6qz/izR9yGJ23PhakDub/
11sLiJ7shPdw8u5iVuwow/CZmfNQ4HBVTjHUdfKyfx8CTeGNVZrv1BKSzr77LuWd
h+ooJP10A+YN19bkx9jF2zgD+Px3sdWrvAFqvzdsLMsyST5Qx/8974MVFapKLDUU
3cFvwC5o4FiO69CwB1tJOJ4EYHxXe+ke62d7/yDUUqYTdV+EAiF7KFtYNJcw6Fv8
d7bynwfI69UIShULhELOi1PNrAf6JmAv1f//WJVRX3czgw7icx53qWoc8wIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFEI/BXF4XtI/EKbMeyesGxyHgaZ6MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg1M2I4
YzgxLTYxMDctNDM1YS05ZGY2LTQ3Njc3ZThmYTc0Yi8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODUz
YjhjODEtNjEwNy00MzVhLTlkZjYtNDc2NzdlOGZhNzRiLzAvNDIzRjA1NzE3ODVF
RDIzRjEwQTZDQzdCMjdBQzFCMUM4NzgxQTY3QS5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAME
A75cqAMEAMEedTANBAIAAjAHAwUDKhDmwDANBgkqhkiG9w0BAQsFAAOCAQEAZmPJ
tWBXV0uKoMaHhvfnP4V39yW1J7W5JNuCzt16WFNmr4CzwVU3kGLSUiBOJ4IvU0ty
C8j1oDJj/DW8aoh3TTUCxG6Vp/t9xyrIbsr1pxA8bGSvG+fx5/z8Ah8CSsjpGcd4
z9A9hkSDEx7a9ynZnRqi2h9Fy23HYFaFiMbouUwaQm8WbrxcY2RmabwboMATygLZ
tiOWQGn/ugJYRsTc0XCkvDPE7sZPYQl2Q/FIjmtqxFlPCHQT2G+pN/WYRW89TmYs
2XI0REww18L/Sqp3RuFRkoyGCjWXHE3uxXTlaI9uZo7W0vBBsn2FU55vpqiljum9
iN/QlcA+I9tnD3tbcA==
-----END CERTIFICATE-----
Generated at Wed Nov 1 10:52:57 2023 by rpki-client on console-ams.rpki-client.org