Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/_R3KqPtIeZGvu48YL3PkV8yx-IQ.cer
File:                     _R3KqPtIeZGvu48YL3PkV8yx-IQ.cer (raw, json)
Hash identifier:          yEz2Mmym884d6WKIfqfk6npy4jU9+35GzAFqeIwavzA=
Subject key identifier:   FD:1D:CA:A8:FB:48:79:91:AF:BB:8F:18:2F:73:E4:57:CC:B1:F8:84
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018909229AC4564351B113DC958A23E0B468
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/d097597a-c01a-47ae-a01a-790a923ea522/0/FD1DCAA8FB487991AFBB8F182F73E457CCB1F884.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/d097597a-c01a-47ae-a01a-790a923ea522/0/
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Thu 29 Jun 2023 21:50:10 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    IP: 194.59.223.0/24

Validation:               Failed, certificate revoked on Thu 21 Dec 2023 10:47:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:09:22:9a:c4:56:43:51:b1:13:dc:95:8a:23:e0:b4:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jun 29 21:50:10 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fd1dcaa8fb487991afbb8f182f73e457ccb1f884
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:61:3c:28:fb:52:d8:0d:9a:d3:02:79:a4:83:
                    46:e3:a3:97:b2:b6:bc:5f:4b:59:92:9e:37:7c:47:
                    83:2f:e4:16:49:6d:64:4c:87:f7:03:14:0e:a5:78:
                    d9:47:51:74:41:47:04:8a:3d:61:27:15:32:e3:6a:
                    d2:ea:1a:67:df:66:2f:3f:27:09:a3:30:ae:ec:8c:
                    d5:24:af:dd:04:88:f6:e3:05:87:93:6f:34:63:34:
                    0b:fa:02:bc:60:04:12:88:8a:64:5d:75:20:53:0c:
                    5b:58:ee:10:0b:f7:bc:93:61:4b:13:07:94:f8:ee:
                    14:0c:db:4a:26:d3:20:8b:e1:81:30:fb:77:30:b1:
                    49:59:01:a8:83:a7:39:44:ab:27:bf:ca:a0:32:30:
                    c7:5a:06:75:4b:78:c0:65:88:f9:ea:8f:8c:3d:6a:
                    f5:11:7a:b1:79:9a:da:36:49:52:59:4d:c8:cf:8a:
                    08:6d:42:67:55:1f:60:4a:2d:01:1e:c4:4c:e6:cc:
                    f0:58:42:fa:86:0e:76:c3:7f:9a:cf:67:9c:22:cd:
                    73:f1:02:17:cf:45:c8:28:bf:10:1d:ad:7a:92:28:
                    24:c8:ac:95:b5:99:04:31:7a:bc:b4:5c:77:bc:b0:
                    e5:0c:61:c6:ad:51:db:b6:91:42:11:72:e8:33:ac:
                    7c:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:1D:CA:A8:FB:48:79:91:AF:BB:8F:18:2F:73:E4:57:CC:B1:F8:84
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/d097597a-c01a-47ae-a01a-790a923ea522/0/
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/d097597a-c01a-47ae-a01a-790a923ea522/0/FD1DCAA8FB487991AFBB8F182F73E457CCB1F884.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.59.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:e9:a7:41:4d:c1:6c:d6:05:29:7c:a5:7a:87:7a:7a:24:c9:
         e8:86:6e:36:9a:28:7b:5a:cf:7b:37:f6:27:81:c3:82:b4:de:
         81:e9:ff:cc:36:21:39:95:22:b5:0e:4e:c3:7f:77:4b:30:2e:
         eb:fb:6e:3b:29:b0:df:7c:8b:91:06:4e:bb:20:21:e8:74:af:
         f6:33:1a:77:0a:62:9c:4a:c6:8c:7d:8b:3e:4d:43:f0:ea:7a:
         dd:28:a5:0f:55:d2:6c:ea:d1:94:fa:53:cf:2c:25:82:e5:bd:
         63:e1:e0:21:43:44:5d:95:d0:c4:a6:16:1a:7c:12:02:f1:0b:
         c8:d3:43:19:6f:f7:2d:3c:0d:b8:59:55:96:b3:20:65:36:a8:
         71:f4:f5:13:ae:81:37:76:5b:60:92:4d:fe:ae:d8:d5:c0:25:
         d6:8f:ca:0e:a6:d2:e8:82:6c:1e:f4:84:1d:a9:e7:70:f2:ef:
         7f:35:e7:e8:41:c1:98:82:5a:41:bd:c4:cb:c9:ce:3a:05:34:
         9c:32:86:a2:a7:eb:0c:b8:8e:dc:b5:b2:36:d3:9b:61:70:df:
         d0:64:f6:96:04:af:29:b0:d1:4b:5f:0b:41:f7:ea:5f:73:52:
         84:02:e7:99:67:29:1f:90:85:df:81:6a:f1:bd:cf:db:c4:b9:
         83:63:3f:d1
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYkJIprEVkNRsRPclYoj4LRoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwNjI5MjE1MDEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDFkY2FhOGZiNDg3OTkxYWZiYjhmMTgyZjczZTQ1N2NjYjFmODg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGE8KPtS2A2a0wJ5pING46OXsra8
X0tZkp43fEeDL+QWSW1kTIf3AxQOpXjZR1F0QUcEij1hJxUy42rS6hpn32YvPycJ
ozCu7IzVJK/dBIj24wWHk280YzQL+gK8YAQSiIpkXXUgUwxbWO4QC/e8k2FLEweU
+O4UDNtKJtMgi+GBMPt3MLFJWQGog6c5RKsnv8qgMjDHWgZ1S3jAZYj56o+MPWr1
EXqxeZraNklSWU3Iz4oIbUJnVR9gSi0BHsRM5szwWEL6hg52w3+az2ecIs1z8QIX
z0XIKL8QHa16kigkyKyVtZkEMXq8tFx3vLDlDGHGrVHbtpFCEXLoM6x8aQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFP0dyqj7SHmRr7uPGC9z5FfMsfiEMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2QwOTc1
OTdhLWMwMWEtNDdhZS1hMDFhLTc5MGE5MjNlYTUyMi8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDA5
NzU5N2EtYzAxYS00N2FlLWEwMWEtNzkwYTkyM2VhNTIyLzAvRkQxRENBQThGQjQ4
Nzk5MUFGQkI4RjE4MkY3M0U0NTdDQ0IxRjg4NC5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AMI73zANBgkqhkiG9w0BAQsFAAOCAQEAAumnQU3BbNYFKXyleod6eiTJ6IZuNpoo
e1rPezf2J4HDgrTegen/zDYhOZUitQ5Ow393SzAu6/tuOymw33yLkQZOuyAh6HSv
9jMadwpinErGjH2LPk1D8Op63SilD1XSbOrRlPpTzywlguW9Y+HgIUNEXZXQxKYW
GnwSAvELyNNDGW/3LTwNuFlVlrMgZTaocfT1E66BN3ZbYJJN/q7Y1cAl1o/KDqbS
6IJsHvSEHanncPLvfzXn6EHBmIJaQb3Ey8nOOgU0nDKGoqfrDLiO3LWyNtObYXDf
0GT2lgSvKbDRS18LQffqX3NShALnmWcpH5CF34Fq8b3P28S5g2M/0Q==
-----END CERTIFICATE-----