Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/gKI-rE1iDcLBsXAfIeRuzKBeTb4.cer
File:                     gKI-rE1iDcLBsXAfIeRuzKBeTb4.cer (raw, json)
Hash identifier:          sT/RyzOR+QNhYk+kwD2FkfunHqGtHJlCHGq6oYaXK3Q=
Subject key identifier:   80:A2:3E:AC:4D:62:0D:C2:C1:B1:70:1F:21:E4:6E:CC:A0:5E:4D:BE
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC725B4D70C322E42689867C79FC9DCD7
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/2/80A23EAC4D620DC2C1B1701F21E46ECCA05E4DBE.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/2/
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 22:29:46 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 211244
                          IP: 2001:678:714::/48

Validation:               Failed, certificate revoked on Sun 30 Jun 2024 12:15:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:25:b4:d7:0c:32:2e:42:68:98:67:c7:9f:c9:dc:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 22:29:46 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=80a23eac4d620dc2c1b1701f21e46ecca05e4dbe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:dc:56:0c:c1:29:14:55:3b:e6:1e:c0:45:6e:
                    42:82:12:44:89:85:8a:63:92:0f:0c:e5:b4:51:54:
                    cd:7e:0f:81:53:61:b6:36:06:b0:c5:d7:cc:5d:12:
                    e3:56:ee:3d:3e:03:26:e0:3f:7b:42:e3:97:42:16:
                    4a:da:4d:f8:43:9b:74:6b:ea:5f:4d:1b:dd:1f:b2:
                    33:32:b3:dd:58:24:1b:f6:09:cf:22:8d:2d:a5:5c:
                    4e:7e:9b:4c:89:33:b6:ce:84:26:86:37:8f:a1:5e:
                    05:65:c9:ea:4b:72:61:16:1d:ad:7e:19:a0:a1:12:
                    48:11:65:4e:f3:7a:62:10:c9:3f:72:d0:d6:fc:10:
                    bf:e4:37:f9:15:0a:87:0e:39:76:34:63:0e:49:51:
                    d1:99:7b:08:37:5a:e8:74:e3:c8:7b:46:db:36:e2:
                    35:a0:9e:37:e5:f2:35:3c:31:a1:d7:ea:d5:de:70:
                    94:c4:0c:19:28:c0:ba:ec:13:07:a5:12:f8:d0:eb:
                    c1:f4:a0:da:43:b8:fe:52:c8:c3:10:8e:57:7f:0a:
                    45:0e:b2:79:f8:48:97:7a:55:24:60:0c:be:2a:1a:
                    fb:50:eb:18:f2:71:58:1d:f5:d9:1b:7c:51:6d:6e:
                    14:72:be:d5:a8:3d:68:65:5b:87:30:47:38:95:ad:
                    ce:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:A2:3E:AC:4D:62:0D:C2:C1:B1:70:1F:21:E4:6E:CC:A0:5E:4D:BE
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/2/
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/2/80A23EAC4D620DC2C1B1701F21E46ECCA05E4DBE.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:714::/48

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  211244

    Signature Algorithm: sha256WithRSAEncryption
         09:22:be:f7:17:42:75:98:cb:0a:61:64:78:be:d8:fc:da:58:
         bf:00:80:00:4c:4d:32:fb:d3:f9:af:67:39:51:fb:12:6c:c3:
         54:e9:34:5e:79:b4:55:1c:b5:77:38:66:d4:bd:11:7d:b5:d0:
         87:29:c8:48:68:e6:63:cc:cc:64:f3:00:cf:18:3d:6c:4d:0d:
         f5:e4:41:29:bf:88:cc:e8:10:98:f7:48:c1:65:b6:32:17:a3:
         dc:c1:f2:ef:19:5e:05:d3:8b:4b:2a:50:98:41:a1:5b:b1:76:
         51:a2:16:27:3d:7f:89:f2:bd:4e:1f:47:45:ca:7c:ae:e6:49:
         7b:d5:31:44:34:cb:fe:a1:78:43:9b:03:10:bd:fa:94:f3:3f:
         35:a1:4e:bf:0e:70:4e:bf:a1:4b:be:44:1b:90:37:2b:27:50:
         e8:d3:36:da:6c:71:1f:42:ac:ef:84:27:8f:61:be:b6:77:8c:
         2a:c0:c4:4a:47:78:3e:14:96:38:69:d6:21:ca:a4:c2:66:60:
         70:7f:8a:46:10:67:a9:fd:2d:93:4e:de:b3:f6:83:5b:3c:75:
         96:a0:85:05:af:f6:9b:15:f2:9d:e2:a4:18:79:2d:8a:e6:74:
         07:6d:4f:a6:2e:bf:d7:4a:e6:29:b0:05:13:dc:18:82:eb:5f:
         2b:fa:41:0b
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAYzHJbTXDDIuQmiYZ8efydzXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjIyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGEyM2VhYzRkNjIwZGMyYzFiMTcwMWYyMWU0NmVjY2EwNWU0ZGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA49xWDMEpFFU75h7ARW5CghJEiYWK
Y5IPDOW0UVTNfg+BU2G2NgawxdfMXRLjVu49PgMm4D97QuOXQhZK2k34Q5t0a+pf
TRvdH7IzMrPdWCQb9gnPIo0tpVxOfptMiTO2zoQmhjePoV4FZcnqS3JhFh2tfhmg
oRJIEWVO83piEMk/ctDW/BC/5Df5FQqHDjl2NGMOSVHRmXsIN1rodOPIe0bbNuI1
oJ435fI1PDGh1+rV3nCUxAwZKMC67BMHpRL40OvB9KDaQ7j+UsjDEI5XfwpFDrJ5
+EiXelUkYAy+Khr7UOsY8nFYHfXZG3xRbW4Ucr7VqD1oZVuHMEc4la3OhwIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFICiPqxNYg3CwbFwHyHkbsygXk2+MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdiNTc1
ZWE3LTc4NmYtNGIyZC1hNDU1LTc5ZDdmYzQzZWNlZS8yLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2I1
NzVlYTctNzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNlY2VlLzIvODBBMjNFQUM0RDYy
MERDMkMxQjE3MDFGMjFFNDZFQ0NBMDVFNERCRS5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMH
ACABBngHFDAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMDOSwwDQYJKoZIhvcNAQEL
BQADggEBAAkivvcXQnWYywphZHi+2PzaWL8AgABMTTL70/mvZzlR+xJsw1TpNF55
tFUctXc4ZtS9EX210IcpyEho5mPMzGTzAM8YPWxNDfXkQSm/iMzoEJj3SMFltjIX
o9zB8u8ZXgXTi0sqUJhBoVuxdlGiFic9f4nyvU4fR0XKfK7mSXvVMUQ0y/6heEOb
AxC9+pTzPzWhTr8OcE6/oUu+RBuQNysnUOjTNtpscR9CrO+EJ49hvrZ3jCrAxEpH
eD4Uljhp1iHKpMJmYHB/ikYQZ6n9LZNO3rP2g1s8dZaghQWv9psV8p3ipBh5LYrm
dAdtT6Yuv9dK5imwBRPcGILrXyv6QQs=
-----END CERTIFICATE-----