Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dLkKJ9hvahkUwmHCFGnfhT4yvrU.cer
File:                     dLkKJ9hvahkUwmHCFGnfhT4yvrU.cer (raw, json)
Hash identifier:          7WkXS82U+g4dXNznDHsB6StqiotWvXlUd/8ARScJko0=
Subject key identifier:   74:B9:0A:27:D8:6F:6A:19:14:C2:61:C2:14:69:DF:85:3E:32:BE:B5
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01872D0D9BE9D2BD62A6F3A75F975B7B9998
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/94fc4752-f81a-47b6-8f0d-ff74c8b0b0a4/0/74B90A27D86F6A1914C261C21469DF853E32BEB5.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/94fc4752-f81a-47b6-8f0d-ff74c8b0b0a4/0
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Wed 29 Mar 2023 11:07:59 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    AS: 199099
                          IP: 2a13:df80::/29

Validation:               Failed, certificate revoked on Thu 18 May 2023 15:19:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:2d:0d:9b:e9:d2:bd:62:a6:f3:a7:5f:97:5b:7b:99:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Mar 29 11:07:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=74b90a27d86f6a1914c261c21469df853e32beb5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:6f:4c:a2:e1:56:d7:2d:e5:da:65:d0:53:1c:
                    58:38:b5:d9:40:6c:b5:be:1d:56:cc:87:93:29:d3:
                    3f:b5:16:f2:6a:27:8d:4c:3a:25:df:5b:c4:c9:96:
                    50:a7:4c:7a:8e:53:1c:2e:d4:ed:c7:ad:2a:6a:2f:
                    d9:f3:f7:ba:56:68:f9:e1:15:6e:c8:a0:9d:e5:cb:
                    be:34:89:59:29:06:b9:3d:f1:5b:31:3b:77:98:c9:
                    a2:af:f1:9d:bc:7b:e8:40:bc:79:4b:5c:10:9d:4b:
                    7a:ad:12:4b:51:df:4a:7c:71:64:55:2c:99:d0:f2:
                    73:f0:fc:f9:f2:ab:80:af:59:89:c6:a0:ba:84:bf:
                    a7:28:fc:ed:d2:58:7b:72:d7:04:b1:dd:c4:4d:02:
                    09:8e:fb:22:94:ec:64:5c:af:9d:43:42:8a:26:73:
                    79:3b:56:26:95:0a:51:8d:20:30:a5:53:47:26:5c:
                    05:94:84:18:d8:05:56:a3:3e:25:43:28:d4:9f:dd:
                    11:9d:40:cb:a0:81:28:21:9c:9f:15:6d:78:48:e1:
                    56:ae:ef:27:58:e3:fc:44:43:d7:97:ed:8b:22:18:
                    e9:36:b7:9f:a3:28:6a:05:c7:9e:d0:23:cf:22:75:
                    1f:ca:8b:df:f4:8c:ea:f0:c1:ea:27:ff:0a:3b:59:
                    ce:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:B9:0A:27:D8:6F:6A:19:14:C2:61:C2:14:69:DF:85:3E:32:BE:B5
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/94fc4752-f81a-47b6-8f0d-ff74c8b0b0a4/0
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/94fc4752-f81a-47b6-8f0d-ff74c8b0b0a4/0/74B90A27D86F6A1914C261C21469DF853E32BEB5.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:df80::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  199099

    Signature Algorithm: sha256WithRSAEncryption
         54:2c:47:72:18:00:88:29:99:a5:66:a6:96:0b:45:03:1c:da:
         1c:21:32:81:69:0a:78:54:e3:f2:3b:df:3a:b9:e0:eb:fd:54:
         f5:ef:7b:8b:08:2e:4e:65:85:b8:d7:ad:e9:45:0b:5f:89:05:
         87:37:27:4d:88:a0:69:b9:82:d6:26:40:02:08:5a:be:b9:bf:
         65:e2:d6:29:11:8c:9b:0f:cb:90:11:4c:1d:d0:e1:4f:6d:6d:
         1a:97:e2:64:79:ee:fc:ab:52:aa:96:7f:4c:7d:e4:2c:aa:99:
         25:4c:aa:88:a9:f8:ad:2b:2e:4c:7f:37:31:9d:84:50:eb:1a:
         b6:1d:f1:b2:23:ed:3b:50:f4:31:7e:1c:a3:d6:77:28:2b:10:
         c9:30:33:fa:55:48:18:19:ba:da:14:e8:f7:58:44:85:33:4a:
         eb:bf:57:21:73:b1:07:28:98:e2:31:dc:e1:00:2b:fa:fd:57:
         61:09:66:10:d1:a4:ce:b5:06:f8:ca:9f:2d:3b:0f:f5:5b:1b:
         77:f0:98:c4:28:fb:e1:60:d8:ec:cf:70:2b:17:6d:aa:c7:00:
         e3:4b:d5:5c:8a:87:8f:f4:a6:1d:66:c3:3b:17:57:b7:e5:96:
         9b:ed:ff:e9:26:20:c6:83:85:fc:3b:81:57:10:06:21:59:2d:
         5d:65:6d:c9
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAYctDZvp0r1ipvOnX5dbe5mYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMzI5MTEwNzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGI5MGEyN2Q4NmY2YTE5MTRjMjYxYzIxNDY5ZGY4NTNlMzJiZWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6m9MouFW1y3l2mXQUxxYOLXZQGy1
vh1WzIeTKdM/tRbyaieNTDol31vEyZZQp0x6jlMcLtTtx60qai/Z8/e6Vmj54RVu
yKCd5cu+NIlZKQa5PfFbMTt3mMmir/GdvHvoQLx5S1wQnUt6rRJLUd9KfHFkVSyZ
0PJz8Pz58quAr1mJxqC6hL+nKPzt0lh7ctcEsd3ETQIJjvsilOxkXK+dQ0KKJnN5
O1YmlQpRjSAwpVNHJlwFlIQY2AVWoz4lQyjUn90RnUDLoIEoIZyfFW14SOFWru8n
WOP8REPXl+2LIhjpNrefoyhqBcee0CPPInUfyovf9Izq8MHqJ/8KO1nOMQIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFHS5CifYb2oZFMJhwhRp34U+Mr61MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE+BggrBgEFBQcBCwSCATAwggEsMF4GCCsGAQUFBzAFhlJy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzk0ZmM0
NzUyLWY4MWEtNDdiNi04ZjBkLWZmNzRjOGIwYjBhNC8wMIGLBggrBgEFBQcwCoZ/
cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS85NGZj
NDc1Mi1mODFhLTQ3YjYtOGYwZC1mZjc0YzhiMGIwYTQvMC83NEI5MEEyN0Q4NkY2
QTE5MTRDMjYxQzIxNDY5REY4NTNFMzJCRUI1Lm1mdDA8BggrBgEFBQcwDYYwaHR0
cHM6Ly9ycmRwLnBhYXMucnBraS5yaXBlLm5ldC9ub3RpZmljYXRpb24ueG1sMFkG
A1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNybDAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUD
KhPfgDAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMDCbswDQYJKoZIhvcNAQELBQAD
ggEBAFQsR3IYAIgpmaVmppYLRQMc2hwhMoFpCnhU4/I73zq54Ov9VPXve4sILk5l
hbjXrelFC1+JBYc3J02IoGm5gtYmQAIIWr65v2Xi1ikRjJsPy5ARTB3Q4U9tbRqX
4mR57vyrUqqWf0x95CyqmSVMqoip+K0rLkx/NzGdhFDrGrYd8bIj7TtQ9DF+HKPW
dygrEMkwM/pVSBgZutoU6PdYRIUzSuu/VyFzsQcomOIx3OEAK/r9V2EJZhDRpM61
BvjKny07D/VbG3fwmMQo++Fg2OzPcCsXbarHAONL1VyKh4/0ph1mwzsXV7fllpvt
/+kmIMaDhfw7gVcQBiFZLV1lbck=
-----END CERTIFICATE-----