Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/iRLkGCJdqV1qITAkB5I_-UVJVys.cer
File:                     iRLkGCJdqV1qITAkB5I_-UVJVys.cer (raw, json)
Hash identifier:          gIJ3A7R6YN9k3yzg/wZrNAJ8xbpErIAJDy05of3TwTY=
Subject key identifier:   89:12:E4:18:22:5D:A9:5D:6A:21:30:24:07:92:3F:F9:45:49:57:2B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       B3504C4714
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/80/cac553-ee80-4658-ac05-92824c9da37b/1/iRLkGCJdqV1qITAkB5I_-UVJVys.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/80/cac553-ee80-4658-ac05-92824c9da37b/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Fri 17 Jun 2022 13:15:32 +0000
Certificate not after:    Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources:    AS: 31323
                          AS: 48261
                          IP: 2a02:28f8::/32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 770146322196 (0xb3504c4714)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jun 17 13:15:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8912e418225da95d6a21302407923ff94549572b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:85:80:8c:8a:61:9e:9d:c8:70:d7:d2:ae:24:
                    7f:24:83:a1:a8:84:d4:e4:11:9a:c4:32:8f:cb:17:
                    f1:a7:07:5e:2b:44:20:73:f7:99:8c:bc:3a:7d:4c:
                    ec:c4:af:60:40:33:f1:9e:84:a1:a8:de:86:2e:8b:
                    d8:67:3f:53:d9:a6:57:5f:cf:c1:05:5d:13:c7:f2:
                    2b:22:27:82:e5:2c:fb:87:af:35:c5:8b:e7:55:26:
                    49:69:1e:2b:69:09:4b:8c:66:d1:da:9c:6a:7b:0e:
                    8b:98:80:72:e9:84:1f:a1:fe:36:df:bd:75:2e:5c:
                    0b:dd:bd:44:05:80:5a:2f:0b:cb:ad:e6:7b:f5:72:
                    a5:7a:1e:5e:5c:6b:01:68:91:69:f3:de:7a:f5:91:
                    36:e2:c9:df:62:b4:19:02:f8:69:76:bf:ae:03:b5:
                    33:43:c0:34:35:19:d0:8f:7e:cb:82:bf:45:42:fb:
                    65:fc:09:b8:9e:a9:3a:b2:5c:4d:8f:06:98:0b:00:
                    42:24:f2:85:05:3a:aa:0b:45:bf:ce:8b:ed:f2:46:
                    01:fb:c6:e5:ac:ba:f2:3a:77:a7:19:ef:17:f0:e1:
                    16:c8:f5:20:23:38:28:4e:44:f8:d7:9a:bd:2e:dd:
                    2b:fb:94:db:30:9f:6f:d4:05:44:95:f1:34:88:97:
                    3c:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:12:E4:18:22:5D:A9:5D:6A:21:30:24:07:92:3F:F9:45:49:57:2B
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/cac553-ee80-4658-ac05-92824c9da37b/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/cac553-ee80-4658-ac05-92824c9da37b/1/iRLkGCJdqV1qITAkB5I_-UVJVys.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a02:28f8::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  31323
                  48261

    Signature Algorithm: sha256WithRSAEncryption
         7e:f9:f5:43:28:a9:0e:ef:15:1d:b6:e4:91:8e:79:c6:ff:e3:
         dc:90:04:c8:f2:fa:4c:88:52:03:a3:e5:04:dd:c7:6a:44:ec:
         4b:b0:7e:24:97:7b:ea:68:60:91:58:b4:e5:24:9f:67:b8:97:
         f3:36:48:57:0d:82:c2:ef:37:7f:dc:7c:67:1d:37:6b:0c:af:
         49:25:df:7e:9c:24:a3:66:a1:da:99:ef:5d:26:14:7e:d6:0f:
         27:6c:b9:61:09:20:63:e4:de:08:11:96:a6:16:fc:dd:82:a6:
         51:a0:80:de:92:19:cd:79:ef:8d:db:34:69:24:97:d9:66:c1:
         37:44:11:a8:bc:a5:a0:a7:b3:f1:86:fc:15:65:13:21:69:73:
         89:51:e7:57:cb:b3:25:16:5c:9a:0c:b5:3f:8b:f0:c5:a1:7f:
         27:4a:f6:56:b1:8c:21:43:16:64:49:01:5c:ab:4d:2b:ff:a3:
         16:37:e7:b6:ee:f6:48:58:10:2b:48:7b:ac:eb:ee:e0:7f:05:
         17:f0:43:2b:a6:b4:86:c3:09:2f:f5:ee:3c:5a:8c:b9:94:18:
         60:10:03:e1:f9:97:7b:f7:b4:cf:6b:f9:a3:4c:6a:30:35:86:
         ad:bb:aa:72:07:6f:88:ee:af:3a:eb:2b:00:d3:87:b5:3e:16:
         58:3d:38:25
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIGALNQTEcUMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
NjE3MTMxNTMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4OTEyZTQxODIy
NWRhOTVkNmEyMTMwMjQwNzkyM2ZmOTQ1NDk1NzJiMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAvIWAjIphnp3IcNfSriR/JIOhqITU5BGaxDKPyxfxpwde
K0Qgc/eZjLw6fUzsxK9gQDPxnoShqN6GLovYZz9T2aZXX8/BBV0Tx/IrIieC5Sz7
h681xYvnVSZJaR4raQlLjGbR2pxqew6LmIBy6YQfof423711LlwL3b1EBYBaLwvL
reZ79XKleh5eXGsBaJFp89569ZE24snfYrQZAvhpdr+uA7UzQ8A0NRnQj37Lgr9F
Qvtl/Am4nqk6slxNjwaYCwBCJPKFBTqqC0W/zovt8kYB+8blrLryOnenGe8X8OEW
yPUgIzgoTkT415q9Lt0r+5TbMJ9v1AVElfE0iJc83QIDAQABo4ICpTCCAqEwHQYD
VR0OBBYEFIkS5BgiXaldaiEwJAeSP/lFSVcrMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzgwL2NhYzU1My1lZTgwLTQ2NTgt
YWMwNS05MjgyNGM5ZGEzN2IvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAvY2FjNTUzLWVlODAtNDY1OC1h
YzA1LTkyODI0YzlkYTM3Yi8xL2lSTGtHQ0pkcVYxcUlUQWtCNUlfLVVWSlZ5cy5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN
BAIAAjAHAwUAKgIo+DAeBggrBgEFBQcBCAEB/wQPMA2gCzAJAgJ6WwIDALyFMA0G
CSqGSIb3DQEBCwUAA4IBAQB++fVDKKkO7xUdtuSRjnnG/+PckATI8vpMiFIDo+UE
3cdqROxLsH4kl3vqaGCRWLTlJJ9nuJfzNkhXDYLC7zd/3HxnHTdrDK9JJd9+nCSj
ZqHame9dJhR+1g8nbLlhCSBj5N4IEZamFvzdgqZRoIDekhnNee+N2zRpJJfZZsE3
RBGovKWgp7PxhvwVZRMhaXOJUedXy7MlFlyaDLU/i/DFoX8nSvZWsYwhQxZkSQFc
q00r/6MWN+e27vZIWBArSHus6+7gfwUX8EMrprSGwwkv9e48Woy5lBhgEAPh+Zd7
97TPa/mjTGowNYatu6pyB2+I7q866ysA04e1PhZYPTgl
-----END CERTIFICATE-----