Certificate 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/XzJmgaFhKYrbnsUzWapBpWp3Xm0.cer
File:                     XzJmgaFhKYrbnsUzWapBpWp3Xm0.cer (raw, json)
Hash identifier:          5G+YpCe1XFk3UEIjXBVbOPq3Lyd8ktqsFnZp8RKm8FA=
Subject key identifier:   5F:32:66:81:A1:61:29:8A:DB:9E:C5:33:59:AA:41:A5:6A:77:5E:6D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01857245D36C53BA53912F9BCE0A6F605AFE
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/4a/ff8091-b193-4cfc-9ef0-463de0f6969f/1/XzJmgaFhKYrbnsUzWapBpWp3Xm0.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/4a/ff8091-b193-4cfc-9ef0-463de0f6969f/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 02 Jan 2023 11:37:36 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    AS: 57598
                          IP: 37.246.0.0/16
                          IP: 81.162.128.0/18

Validation:               Failed, certificate revoked on Wed 15 Mar 2023 09:42:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:45:d3:6c:53:ba:53:91:2f:9b:ce:0a:6f:60:5a:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 11:37:36 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5f326681a161298adb9ec53359aa41a56a775e6d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:3d:00:83:26:cd:f1:d0:98:9c:b2:02:63:ba:
                    e7:68:08:18:11:e2:65:49:a0:ee:8e:66:3e:1a:59:
                    2b:0e:cc:72:69:f8:9c:5d:51:2c:2d:33:48:bb:77:
                    0a:71:88:3f:04:39:f2:b3:66:c2:be:d0:62:9b:39:
                    06:57:a7:90:6d:67:04:c9:e4:fb:72:29:bf:f9:86:
                    37:ff:cf:3c:89:bf:a9:78:21:76:18:d7:4e:60:72:
                    1d:a2:a7:60:06:81:54:62:99:e1:77:6b:1c:ac:b5:
                    e2:b3:8b:41:35:32:a2:18:34:19:16:b1:07:5d:90:
                    a3:d0:e0:51:18:20:1d:a8:a0:52:7c:b5:d3:16:79:
                    47:7f:43:08:7a:72:74:c0:22:81:71:4a:6b:8a:d7:
                    8b:23:4d:f2:0d:4b:e5:7f:e1:15:e2:5c:3f:fa:c5:
                    74:8a:00:1f:c1:5d:96:f7:4d:86:3a:98:63:b9:14:
                    fc:c1:68:17:a3:36:43:d0:44:da:ff:8a:06:8d:2d:
                    29:eb:11:7b:32:f8:6c:ed:d1:92:e1:fc:b4:3a:ef:
                    09:8b:e6:f6:c3:9d:26:e2:e0:1b:8b:1d:52:64:a0:
                    2a:dc:45:fb:f3:c5:d2:d0:1b:b9:9e:29:10:30:e2:
                    3e:90:78:d5:4a:a5:ec:bd:8b:03:10:ba:02:58:7e:
                    5e:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:32:66:81:A1:61:29:8A:DB:9E:C5:33:59:AA:41:A5:6A:77:5E:6D
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ff8091-b193-4cfc-9ef0-463de0f6969f/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ff8091-b193-4cfc-9ef0-463de0f6969f/1/XzJmgaFhKYrbnsUzWapBpWp3Xm0.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.246.0.0/16
                  81.162.128.0/18

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  57598

    Signature Algorithm: sha256WithRSAEncryption
         8b:e7:74:ee:43:23:ff:a6:fc:b3:d9:33:4f:4f:a1:74:11:93:
         0c:0b:08:92:ef:1a:49:4b:3e:9f:92:9e:27:bf:96:9e:d3:ba:
         9c:a5:80:d2:ea:5c:f1:a1:95:52:11:34:68:fa:21:c8:92:6e:
         9a:6c:de:a6:eb:9d:c4:e2:69:53:dd:ba:13:cd:b9:45:e0:78:
         33:75:c1:ec:01:6c:fa:6f:bb:a4:3f:23:35:6a:2b:b7:26:be:
         6f:9c:3f:74:25:82:20:2e:87:3f:eb:a4:0c:d9:56:c5:5c:9a:
         34:4b:eb:e3:5b:07:a4:26:03:1b:c3:95:fa:26:80:7a:39:df:
         4e:26:dc:b3:ca:c7:c3:d9:6a:c4:d0:5d:e5:1a:54:73:fc:bd:
         44:01:3e:0a:c8:e9:b7:3f:6d:ff:99:69:92:ce:b3:21:66:d4:
         01:49:4a:8e:2a:bf:8d:fe:9d:d9:3b:3f:54:69:4d:b6:d4:07:
         1a:20:1c:d8:1f:53:29:5c:f1:32:3d:45:68:dd:50:96:a1:e4:
         79:4a:df:bf:70:eb:ed:a3:2b:a5:42:71:69:91:eb:41:6a:fb:
         3f:e4:83:11:c4:32:f7:60:52:39:bd:72:d8:a3:b1:35:25:cc:
         7b:30:e1:a8:16:12:e8:c6:59:d2:d8:ea:77:16:c0:39:e4:c9:
         fe:88:4b:d9
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgISAYVyRdNsU7pTkS+bzgpvYFr+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAyMTEzNzM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjMyNjY4MWExNjEyOThhZGI5ZWM1MzM1OWFhNDFhNTZhNzc1ZTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoz0AgybN8dCYnLICY7rnaAgYEeJl
SaDujmY+GlkrDsxyaficXVEsLTNIu3cKcYg/BDnys2bCvtBimzkGV6eQbWcEyeT7
cim/+YY3/888ib+peCF2GNdOYHIdoqdgBoFUYpnhd2scrLXis4tBNTKiGDQZFrEH
XZCj0OBRGCAdqKBSfLXTFnlHf0MIenJ0wCKBcUpriteLI03yDUvlf+EV4lw/+sV0
igAfwV2W902GOphjuRT8wWgXozZD0ETa/4oGjS0p6xF7Mvhs7dGS4fy0Ou8Ji+b2
w50m4uAbix1SZKAq3EX788XS0Bu5nikQMOI+kHjVSqXsvYsDELoCWH5eEwIDAQAB
o4ICpTCCAqEwHQYDVR0OBBYEFF8yZoGhYSmK257FM1mqQaVqd15tMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRhL2ZmODA5
MS1iMTkzLTRjZmMtOWVmMC00NjNkZTBmNjk2OWYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEvZmY4MDkx
LWIxOTMtNGNmYy05ZWYwLTQ2M2RlMGY2OTY5Zi8xL1h6Sm1nYUZoS1lyYm5zVXpX
YXBCcFdwM1htMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCQGCCsGAQUF
BwEHAQH/BBUwEzARBAIAATALAwMAJfYDBAZRooAwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAOD+MA0GCSqGSIb3DQEBCwUAA4IBAQCL53TuQyP/pvyz2TNPT6F0EZMM
CwiS7xpJSz6fkp4nv5ae07qcpYDS6lzxoZVSETRo+iHIkm6abN6m653E4mlT3boT
zblF4HgzdcHsAWz6b7ukPyM1aiu3Jr5vnD90JYIgLoc/66QM2VbFXJo0S+vjWwek
JgMbw5X6JoB6Od9OJtyzysfD2WrE0F3lGlRz/L1EAT4KyOm3P23/mWmSzrMhZtQB
SUqOKr+N/p3ZOz9UaU221AcaIBzYH1MpXPEyPUVo3VCWoeR5St+/cOvtoyulQnFp
ketBavs/5IMRxDL3YFI5vXLYo7E1Jcx7MOGoFhLoxlnS2Op3FsA55Mn+iEvZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:03 2024 by rpki-client on console-fra.rpki-client.org