Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/h9SBRmIyRmcwVhUfZKu40e5rdyc.cer
File:                     h9SBRmIyRmcwVhUfZKu40e5rdyc.cer (raw, json)
Hash identifier:          pHGW9FxJlXYxdD4ZQ6xiWA/ImpUjSiq2Vyjj8vtiRBI=
Subject key identifier:   87:D4:81:46:62:32:46:67:30:56:15:1F:64:AB:B8:D1:EE:6B:77:27
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018D0DC34DEB001BD2C110C9E0C138BA7818
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/a84b548c-275a-476e-bfbe-540e73e62383/0/87D48146623246673056151F64ABB8D1EE6B7727.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/a84b548c-275a-476e-bfbe-540e73e62383/0/
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Mon 15 Jan 2024 15:35:19 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 210036
                          IP: 193.36.104.0/22
                          IP: 2a0d:d740::/29

Validation:               Failed, certificate revoked on Tue 20 Aug 2024 09:45:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:0d:c3:4d:eb:00:1b:d2:c1:10:c9:e0:c1:38:ba:78:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan 15 15:35:19 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=87d48146623246673056151f64abb8d1ee6b7727
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:86:54:83:2d:3b:d9:c9:96:d0:45:b1:2f:ef:
                    45:10:4b:a6:92:6c:df:cd:bc:0b:93:28:2b:bd:b1:
                    af:67:68:ce:9f:6d:85:8d:11:9b:6b:a4:aa:60:f0:
                    ae:51:a7:4d:ba:59:21:fd:66:cf:e2:78:12:8f:05:
                    2b:83:8d:7b:ec:fc:b9:e6:83:d6:77:5a:e0:ba:7b:
                    05:e2:6f:87:cb:58:96:c2:9f:ee:97:e1:c5:ea:12:
                    e1:6e:5a:55:a0:32:db:c2:65:09:87:10:00:2a:cd:
                    2d:72:01:52:81:14:15:27:99:19:2d:e7:f5:e4:f1:
                    45:10:d1:51:88:31:b4:fe:96:08:b2:d2:21:b1:8e:
                    0e:08:b8:f5:5d:c5:09:45:27:ed:84:d7:3a:24:5c:
                    4f:1f:3e:15:29:11:fe:13:b6:29:c8:11:d4:d2:f6:
                    25:b4:c9:4c:61:42:92:66:47:d2:e3:7b:e4:87:fb:
                    57:1b:8e:f5:df:05:12:47:3e:07:b3:23:86:9a:fd:
                    1b:94:38:ae:3f:50:9f:f3:d4:26:9b:7e:f8:fd:c4:
                    12:ec:5d:ae:b0:66:21:8b:9a:7a:69:a6:5d:5c:c0:
                    d9:5b:7d:60:40:3a:f0:5b:b6:e4:1d:23:2a:92:83:
                    dd:ec:37:bc:8c:fe:33:e2:7e:cf:c4:d4:9a:69:f1:
                    1a:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:D4:81:46:62:32:46:67:30:56:15:1F:64:AB:B8:D1:EE:6B:77:27
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/a84b548c-275a-476e-bfbe-540e73e62383/0/
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/a84b548c-275a-476e-bfbe-540e73e62383/0/87D48146623246673056151F64ABB8D1EE6B7727.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.36.104.0/22
                IPv6:
                  2a0d:d740::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  210036

    Signature Algorithm: sha256WithRSAEncryption
         44:5e:ab:e6:45:63:3f:c9:a9:80:df:11:91:9d:7f:cd:8f:65:
         91:3e:ad:d6:12:15:f1:eb:e1:f8:9f:3a:ff:e6:c6:ac:94:de:
         46:a4:ea:1a:77:87:40:52:1a:4d:94:c8:ce:06:05:40:3a:ac:
         b7:7e:59:90:c3:03:92:e5:2b:62:93:68:7b:d3:40:3c:f4:65:
         e1:06:71:46:7f:4a:d3:06:a1:7f:f0:62:02:c8:68:78:b0:95:
         8f:b8:ca:1b:95:ae:49:16:13:7c:f5:78:e1:36:79:2c:7c:18:
         7b:f0:6f:4c:c6:21:2a:13:2f:81:eb:62:56:9e:d9:70:9f:30:
         da:98:76:cf:b9:02:2e:74:ec:f0:0b:9d:84:9e:53:89:aa:17:
         35:2e:80:b9:b8:50:07:4f:ea:4d:a4:76:d7:27:61:0e:09:61:
         4d:54:0f:ba:98:c2:96:32:08:8a:d6:62:d8:54:2e:a5:c9:0d:
         80:57:d2:72:ff:ab:dd:5a:88:56:be:29:79:71:b0:47:3c:ec:
         db:1e:c9:7d:74:1e:eb:7d:b0:10:f5:6f:35:ed:14:3c:72:38:
         80:01:4c:d1:78:38:3b:dc:97:0b:40:40:0b:ad:3b:66:b0:17:
         fd:92:bb:a7:3d:e6:8e:d4:69:2e:56:b2:ea:bd:bb:3c:3b:e2:
         1a:52:8c:b6
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgISAY0Nw03rABvSwRDJ4ME4ungYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTE1MTUzNTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2Q0ODE0NjYyMzI0NjY3MzA1NjE1MWY2NGFiYjhkMWVlNmI3NzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIZUgy072cmW0EWxL+9FEEumkmzf
zbwLkygrvbGvZ2jOn22FjRGba6SqYPCuUadNulkh/WbP4ngSjwUrg4177Py55oPW
d1rgunsF4m+Hy1iWwp/ul+HF6hLhblpVoDLbwmUJhxAAKs0tcgFSgRQVJ5kZLef1
5PFFENFRiDG0/pYIstIhsY4OCLj1XcUJRSfthNc6JFxPHz4VKRH+E7YpyBHU0vYl
tMlMYUKSZkfS43vkh/tXG4713wUSRz4HsyOGmv0blDiuP1Cf89Qmm374/cQS7F2u
sGYhi5p6aaZdXMDZW31gQDrwW7bkHSMqkoPd7De8jP4z4n7PxNSaafEaTQIDAQAB
o4ICyzCCAscwHQYDVR0OBBYEFIfUgUZiMkZnMFYVH2SruNHua3cnMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E4NGI1
NDhjLTI3NWEtNDc2ZS1iZmJlLTU0MGU3M2U2MjM4My8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTg0
YjU0OGMtMjc1YS00NzZlLWJmYmUtNTQwZTczZTYyMzgzLzAvODdENDgxNDY2MjMy
NDY2NzMwNTYxNTFGNjRBQkI4RDFFRTZCNzcyNy5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgME
AsEkaDANBAIAAjAHAwUDKg3XQDAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMDNHQw
DQYJKoZIhvcNAQELBQADggEBAEReq+ZFYz/JqYDfEZGdf82PZZE+rdYSFfHr4fif
Ov/mxqyU3kak6hp3h0BSGk2UyM4GBUA6rLd+WZDDA5LlK2KTaHvTQDz0ZeEGcUZ/
StMGoX/wYgLIaHiwlY+4yhuVrkkWE3z1eOE2eSx8GHvwb0zGISoTL4HrYlae2XCf
MNqYds+5Ai507PALnYSeU4mqFzUugLm4UAdP6k2kdtcnYQ4JYU1UD7qYwpYyCIrW
YthULqXJDYBX0nL/q91aiFa+KXlxsEc87NseyX10Hut9sBD1bzXtFDxyOIABTNF4
ODvclwtAQAutO2awF/2Su6c95o7UaS5Wsuq9uzw74hpSjLY=
-----END CERTIFICATE-----