Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bTMY_9U-QZyltZJ9N-z41j-NAJw.cer
File:                     bTMY_9U-QZyltZJ9N-z41j-NAJw.cer (raw, json)
Hash identifier:          aII3WGIJTb4OuqA07hXI/o8iWs/Xdl15+3nJ+2zn1vU=
Subject key identifier:   6D:33:18:FF:D5:3E:41:9C:A5:B5:92:7D:37:EC:F8:D6:3F:8D:00:9C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018570FB199FAB716DF6BCD9EAADA979F189
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/e2/007d5f-5b07-4eaf-a732-3ba436a3cc68/1/bTMY_9U-QZyltZJ9N-z41j-NAJw.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/e2/007d5f-5b07-4eaf-a732-3ba436a3cc68/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 02 Jan 2023 05:36:22 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    AS: 211949
                          IP: 178.217.234.0/24
                          IP: 2a10:b980::/29

Validation:               Failed, certificate revoked on Tue 21 Mar 2023 12:23:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:fb:19:9f:ab:71:6d:f6:bc:d9:ea:ad:a9:79:f1:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 05:36:22 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6d3318ffd53e419ca5b5927d37ecf8d63f8d009c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:95:d9:67:fc:18:71:b8:fa:22:98:c8:78:4c:
                    e6:e4:61:98:52:f4:b5:4e:c5:f3:b7:cf:ed:b3:84:
                    86:4a:4b:07:79:28:72:b1:50:6d:91:1d:b2:1e:d2:
                    c1:d7:d0:51:51:8f:40:f9:9c:a6:98:f6:4c:f8:3c:
                    79:99:28:9b:67:fc:9f:aa:15:88:14:83:2c:3b:56:
                    87:3a:d1:2d:c1:d7:17:ac:ea:48:8e:2c:2d:4f:6b:
                    14:99:d2:cc:f2:ab:08:e5:a5:08:77:a1:a7:fd:57:
                    8a:3c:1f:3c:43:43:ef:5c:d4:a0:a8:7f:a5:31:38:
                    67:e9:45:2b:17:6f:a2:d3:dc:bf:37:24:2d:2b:bc:
                    c9:31:71:3e:cd:ef:5e:37:f2:60:8e:59:71:26:64:
                    98:15:23:15:1c:0b:b2:5f:8c:d8:fe:b1:4f:e7:9c:
                    b0:f9:a9:92:2f:94:a0:fd:68:f7:e0:63:80:eb:9a:
                    44:17:7c:ec:fd:26:8f:25:bc:1c:b9:c5:ab:d3:8b:
                    de:c1:6e:8b:94:42:b2:3a:17:f6:e6:1a:10:80:1f:
                    b7:5a:99:59:ee:ed:14:ab:ff:f2:5a:c5:28:95:67:
                    53:cd:12:4f:66:d5:9a:69:ed:b8:33:c4:7f:b7:62:
                    4d:34:f5:1e:78:61:8d:6c:31:94:72:ff:3b:b4:67:
                    7f:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:33:18:FF:D5:3E:41:9C:A5:B5:92:7D:37:EC:F8:D6:3F:8D:00:9C
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/007d5f-5b07-4eaf-a732-3ba436a3cc68/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/007d5f-5b07-4eaf-a732-3ba436a3cc68/1/bTMY_9U-QZyltZJ9N-z41j-NAJw.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.217.234.0/24
                IPv6:
                  2a10:b980::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  211949

    Signature Algorithm: sha256WithRSAEncryption
         ad:6a:d3:6d:79:d1:b8:e3:3c:99:cd:3c:ef:05:ee:4f:d4:c8:
         20:46:bc:70:86:c6:7b:ef:7d:4e:e2:61:d3:02:20:3d:3b:9a:
         25:e2:8d:0e:49:32:78:7c:ec:4b:6f:5d:1a:d8:b5:d7:2a:7f:
         8b:29:b1:c6:b8:21:40:32:1a:6a:39:df:56:ce:e3:e1:ca:c4:
         8f:77:94:35:45:24:64:95:5c:85:32:48:c0:4b:29:34:d1:8c:
         31:f3:05:3e:96:30:f6:d9:c3:b5:15:a3:25:e2:91:a7:22:f2:
         1f:be:35:9e:cf:18:99:0e:ad:07:c2:6a:13:b9:3f:f9:99:e9:
         c3:a9:b8:71:53:38:a9:96:42:c2:63:c4:c1:b8:ce:93:13:7f:
         1c:f1:c1:ae:5e:9a:95:4c:49:d7:42:d5:a3:f9:b5:66:aa:19:
         5f:13:6e:f0:46:af:1c:6c:08:ba:3f:38:b7:3b:70:6c:54:2f:
         85:f7:50:38:f3:9b:ce:e7:ac:04:56:1d:83:c4:3a:e7:9f:27:
         78:3d:5a:e7:a0:c6:5f:5b:85:62:a8:22:9b:aa:fe:07:d4:69:
         79:18:b0:e5:98:10:d5:a8:08:ef:fe:a7:90:63:a5:89:c8:3a:
         4c:cd:46:62:2c:2c:4a:3c:23:2a:8c:49:14:3d:09:9a:d1:3b:
         1d:e1:8d:99
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYVw+xmfq3Ft9rzZ6q2pefGJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAyMDUzNjIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDMzMThmZmQ1M2U0MTljYTViNTkyN2QzN2VjZjhkNjNmOGQwMDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpXZZ/wYcbj6IpjIeEzm5GGYUvS1
TsXzt8/ts4SGSksHeShysVBtkR2yHtLB19BRUY9A+ZymmPZM+Dx5mSibZ/yfqhWI
FIMsO1aHOtEtwdcXrOpIjiwtT2sUmdLM8qsI5aUId6Gn/VeKPB88Q0PvXNSgqH+l
MThn6UUrF2+i09y/NyQtK7zJMXE+ze9eN/JgjllxJmSYFSMVHAuyX4zY/rFP55yw
+amSL5Sg/Wj34GOA65pEF3zs/SaPJbwcucWr04vewW6LlEKyOhf25hoQgB+3WplZ
7u0Uq//yWsUolWdTzRJPZtWaae24M8R/t2JNNPUeeGGNbDGUcv87tGd/awIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFG0zGP/VPkGcpbWSfTfs+NY/jQCcMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2UyLzAwN2Q1
Zi01YjA3LTRlYWYtYTczMi0zYmE0MzZhM2NjNjgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvMDA3ZDVm
LTViMDctNGVhZi1hNzMyLTNiYTQzNmEzY2M2OC8xL2JUTVlfOVUtUVp5bHRaSjlO
LXo0MWotTkFKdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAstnqMA0EAgACMAcDBQMqELmAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwM77TANBgkqhkiG9w0BAQsFAAOCAQEArWrTbXnRuOM8
mc087wXuT9TIIEa8cIbGe+99TuJh0wIgPTuaJeKNDkkyeHzsS29dGti11yp/iymx
xrghQDIaajnfVs7j4crEj3eUNUUkZJVchTJIwEspNNGMMfMFPpYw9tnDtRWjJeKR
pyLyH741ns8YmQ6tB8JqE7k/+Znpw6m4cVM4qZZCwmPEwbjOkxN/HPHBrl6alUxJ
10LVo/m1ZqoZXxNu8EavHGwIuj84tztwbFQvhfdQOPObzuesBFYdg8Q6558neD1a
56DGX1uFYqgim6r+B9RpeRiw5ZgQ1agI7/6nkGOlicg6TM1GYiwsSjwjKoxJFD0J
mtE7HeGNmQ==
-----END CERTIFICATE-----