Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/iUB4hWnGN9E7k2ogcrsT_P7OnjI.cer
File:                     iUB4hWnGN9E7k2ogcrsT_P7OnjI.cer (raw, json)
Hash identifier:          eFpNKlgYplgiR5qcOHPzd5hEs6R1+fSvbbs9hEqfZxg=
Subject key identifier:   89:40:78:85:69:C6:37:D1:3B:93:6A:20:72:BB:13:FC:FE:CE:9E:32
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01906910C80C21AAE2B20F06D60708B0E10D
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/15/8940788569C637D13B936A2072BB13FCFECE9E32.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/15/
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Sun 30 Jun 2024 12:13:45 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 203024

Validation:               Failed, certificate revoked on Sun 07 Jul 2024 18:36:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:69:10:c8:0c:21:aa:e2:b2:0f:06:d6:07:08:b0:e1:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jun 30 12:13:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8940788569c637d13b936a2072bb13fcfece9e32
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:00:aa:85:fb:f2:0b:2f:34:4f:ff:da:92:ec:
                    66:a2:8d:2c:d1:3f:6c:3f:35:6f:4d:3d:60:78:86:
                    90:c9:a9:28:91:05:2d:70:84:85:c2:e2:68:f1:35:
                    d2:ca:3f:25:2f:e8:9c:5b:c4:20:ed:2e:af:da:16:
                    44:11:89:b8:ce:55:b6:ef:6c:66:a9:cf:28:48:41:
                    75:81:66:68:19:29:a5:0a:05:52:a3:be:02:ae:17:
                    b8:fd:09:2d:40:42:ee:5d:0c:c2:bf:34:b4:d8:93:
                    34:2c:f2:09:4e:db:36:d5:71:6e:fd:9c:93:1a:17:
                    fe:ba:e4:9a:51:ea:a4:b9:94:b9:6a:1f:e0:2a:48:
                    b9:f3:53:18:4e:2b:44:39:6a:cd:14:39:58:e5:25:
                    9f:0e:b0:1a:b1:b2:60:2a:cb:c2:c3:0e:27:d4:e9:
                    59:8e:34:69:7e:7a:d9:71:b9:ff:b2:e1:94:22:6d:
                    bf:af:bf:a9:84:fb:a1:a2:cc:73:bf:77:e6:ba:40:
                    d3:66:b1:28:2f:ec:6f:d1:a6:bf:00:f1:64:a2:b1:
                    2d:c8:99:81:a5:44:e3:72:4e:81:80:ff:42:8f:ba:
                    f5:0f:4c:16:8d:e3:a7:6e:9f:b4:76:ad:cb:9f:92:
                    95:82:25:a2:ea:42:f3:c7:d8:d5:c4:8b:e5:80:35:
                    6b:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:40:78:85:69:C6:37:D1:3B:93:6A:20:72:BB:13:FC:FE:CE:9E:32
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/15/
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/15/8940788569C637D13B936A2072BB13FCFECE9E32.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  203024

    Signature Algorithm: sha256WithRSAEncryption
         47:62:db:24:c6:2c:5b:53:95:65:15:57:4f:c9:0e:ac:02:e6:
         f0:6d:58:a4:70:d5:ce:a0:a3:68:4f:3d:68:13:09:bb:22:36:
         a0:d8:e2:e5:d8:64:19:95:ce:54:7f:b6:63:9d:97:7f:b7:6c:
         89:84:84:92:9a:31:5b:30:96:65:59:a1:30:c2:a3:2c:81:d5:
         64:a1:43:66:20:d9:2f:9b:3e:04:5e:50:48:cd:57:79:7a:8e:
         88:84:39:51:3d:50:b5:63:8a:04:e9:1a:80:5b:75:c3:3a:8b:
         64:e1:2c:6f:98:f1:8f:85:a4:d0:f7:d3:33:e2:fc:83:2f:ed:
         22:7b:07:50:fb:57:38:84:3a:61:05:6f:3c:4b:2c:4b:00:be:
         b4:ab:d8:37:79:d8:69:87:c4:cd:36:2b:2c:e2:e0:f2:60:a0:
         0f:3d:68:06:c1:27:0c:fe:e9:c2:f6:a9:fc:82:8d:4c:7f:f4:
         dc:6e:b4:02:7f:ab:4d:fd:5e:19:bc:ca:9a:de:a6:ca:03:9e:
         8f:e0:81:95:8c:65:f1:5c:0d:00:53:a6:83:36:b9:4b:ed:5d:
         31:af:61:93:c1:b1:0c:31:26:6c:89:13:35:7e:c1:e9:49:75:
         99:c9:fa:3e:c7:a1:62:41:6e:e3:f2:a8:74:2e:af:47:b2:f6:
         40:57:e7:11
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAZBpEMgMIarisg8G1gcIsOENMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwNjMwMTIxMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTQwNzg4NTY5YzYzN2QxM2I5MzZhMjA3MmJiMTNmY2ZlY2U5ZTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6gCqhfvyCy80T//akuxmoo0s0T9s
PzVvTT1geIaQyakokQUtcISFwuJo8TXSyj8lL+icW8Qg7S6v2hZEEYm4zlW272xm
qc8oSEF1gWZoGSmlCgVSo74Crhe4/QktQELuXQzCvzS02JM0LPIJTts21XFu/ZyT
Ghf+uuSaUeqkuZS5ah/gKki581MYTitEOWrNFDlY5SWfDrAasbJgKsvCww4n1OlZ
jjRpfnrZcbn/suGUIm2/r7+phPuhosxzv3fmukDTZrEoL+xv0aa/APFkorEtyJmB
pUTjck6BgP9Cj7r1D0wWjeOnbp+0dq3Ln5KVgiWi6kLzx9jVxIvlgDVrsQIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFIlAeIVpxjfRO5NqIHK7E/z+zp4yMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggFCBggrBgEFBQcBCwSCATQwggEwMGAGCCsGAQUFBzAFhlRy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2RkZTgz
N2ZiLTYzOTAtNDFiNS04MmEwLWYwZDAyYzAzYTJjNi8xNS8wgY0GCCsGAQUFBzAK
hoGAcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9k
ZGU4MzdmYi02MzkwLTQxYjUtODJhMC1mMGQwMmMwM2EyYzYvMTUvODk0MDc4ODU2
OUM2MzdEMTNCOTM2QTIwNzJCQjEzRkNGRUNFOUUzMi5tZnQwPAYIKwYBBQUHMA2G
MGh0dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnht
bDBZBgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3Np
dG9yeS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMD
GRAwDQYJKoZIhvcNAQELBQADggEBAEdi2yTGLFtTlWUVV0/JDqwC5vBtWKRw1c6g
o2hPPWgTCbsiNqDY4uXYZBmVzlR/tmOdl3+3bImEhJKaMVswlmVZoTDCoyyB1WSh
Q2Yg2S+bPgReUEjNV3l6joiEOVE9ULVjigTpGoBbdcM6i2ThLG+Y8Y+FpND30zPi
/IMv7SJ7B1D7VziEOmEFbzxLLEsAvrSr2Dd52GmHxM02Kyzi4PJgoA89aAbBJwz+
6cL2qfyCjUx/9NxutAJ/q039Xhm8yprepsoDno/ggZWMZfFcDQBTpoM2uUvtXTGv
YZPBsQwxJmyJEzV+welJdZnJ+j7HoWJBbuPyqHQur0ey9kBX5xE=
-----END CERTIFICATE-----