Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/mMEf0DTv-RV1VPVe4oNNs7KfzDU.cer
File:                     mMEf0DTv-RV1VPVe4oNNs7KfzDU.cer (raw, json)
Hash identifier:          6BMX+/BOeMVQmTmoI1Lxc/r8PudZ7PATRfyd1xvs21w=
Subject key identifier:   98:C1:1F:D0:34:EF:F9:15:75:54:F5:5E:E2:83:4D:B3:B2:9F:CC:35
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC726FFE038E92EEE09FD5B59EA2172E2
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/17/53fcaa-b721-462a-a607-3740507a2601/1/mMEf0DTv-RV1VPVe4oNNs7KfzDU.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/17/53fcaa-b721-462a-a607-3740507a2601/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 22:31:11 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 48577
                          IP: 2.59.4.0/22
                          IP: 2a09:ecc0::/29
Validation:               Failed, certificate revoked on Wed 14 Feb 2024 15:14:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:26:ff:e0:38:e9:2e:ee:09:fd:5b:59:ea:21:72:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 22:31:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=98c11fd034eff9157554f55ee2834db3b29fcc35
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:a9:2e:30:55:c1:01:63:0c:40:50:9b:3e:ad:
                    e5:be:fc:d6:74:1b:d6:ed:59:57:ed:08:74:91:3e:
                    77:63:f6:f8:e3:c5:f2:72:f5:a3:78:7f:5b:69:55:
                    ae:65:8e:78:80:63:92:37:77:32:55:3c:11:80:db:
                    9a:21:4a:bd:8c:fc:1b:c5:d5:70:3d:d0:cf:02:8a:
                    6a:38:f8:08:4d:df:9b:16:b6:6a:4e:ec:ca:7d:1d:
                    f2:76:b0:2b:26:27:d3:ac:cd:30:78:97:fa:ce:15:
                    00:1c:62:37:f8:e7:91:a0:ca:ef:74:f8:a0:7c:29:
                    01:c2:79:7a:5d:38:7f:40:71:97:dd:55:25:5b:1a:
                    17:7e:2a:35:b0:25:66:36:7e:d5:3e:ed:8f:81:2b:
                    ca:0a:62:13:8b:64:74:0a:fd:b5:5d:40:cf:38:98:
                    8b:a5:de:e3:2c:86:32:a7:a9:ee:98:b5:62:92:60:
                    0a:32:6a:5e:66:c1:9f:b7:55:39:7b:58:aa:4d:de:
                    84:f4:ff:cd:fc:d5:8d:38:ba:0d:a1:16:ac:42:5f:
                    40:7e:3e:4e:e3:c7:62:9e:19:94:5b:c8:0a:a2:c6:
                    7c:62:b3:42:ad:71:7a:74:c6:78:9d:69:e6:d8:b7:
                    9d:21:a9:86:47:ce:b1:df:37:cb:d9:e6:b7:49:3b:
                    97:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:C1:1F:D0:34:EF:F9:15:75:54:F5:5E:E2:83:4D:B3:B2:9F:CC:35
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/53fcaa-b721-462a-a607-3740507a2601/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/53fcaa-b721-462a-a607-3740507a2601/1/mMEf0DTv-RV1VPVe4oNNs7KfzDU.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.59.4.0/22
                IPv6:
                  2a09:ecc0::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  48577

    Signature Algorithm: sha256WithRSAEncryption
         6c:35:a9:11:d4:41:44:84:0b:11:2a:66:ae:8d:97:d8:ca:d3:
         ac:15:25:e0:d4:3a:1b:98:9a:c1:49:24:9f:34:f3:59:08:8a:
         e4:4c:a5:87:2e:ad:ae:6e:a7:93:ab:35:cf:85:d6:3b:53:4b:
         89:6e:72:70:45:4e:16:cd:f1:63:2d:f9:73:c4:57:fc:d2:82:
         a7:f3:72:f0:f1:97:26:fd:a9:96:9a:30:e9:1e:be:76:f0:de:
         2d:b0:cc:d6:3b:f8:27:78:fa:e4:10:2d:a2:95:f2:b2:cb:78:
         95:a8:1b:28:0e:27:6b:f7:0a:e0:8b:da:86:61:e1:48:22:3b:
         06:c7:bf:78:a8:53:84:82:c8:52:3f:e2:cd:de:31:d9:60:9f:
         0c:8f:98:92:24:87:f4:b7:f5:8c:54:95:57:78:12:30:db:53:
         9c:5d:f7:7e:f1:70:af:90:18:f3:72:1a:1d:38:38:1c:ea:1b:
         1a:ba:f3:25:f4:87:e2:c1:b1:c5:bb:e0:5b:70:77:33:e1:45:
         cd:9e:cb:58:99:75:31:26:09:37:f0:5d:7d:1d:94:e6:f7:06:
         aa:8d:82:2f:42:e6:0c:14:8e:56:2f:f5:e5:58:9b:ed:59:bf:
         25:84:cc:c1:23:aa:67:9d:29:2c:17:1b:62:1f:d1:c1:3d:53:
         0f:db:22:94
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzHJv/gOOku7gn9W1nqIXLiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjIzMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGMxMWZkMDM0ZWZmOTE1NzU1NGY1NWVlMjgzNGRiM2IyOWZjYzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqkuMFXBAWMMQFCbPq3lvvzWdBvW
7VlX7Qh0kT53Y/b448XycvWjeH9baVWuZY54gGOSN3cyVTwRgNuaIUq9jPwbxdVw
PdDPAopqOPgITd+bFrZqTuzKfR3ydrArJifTrM0weJf6zhUAHGI3+OeRoMrvdPig
fCkBwnl6XTh/QHGX3VUlWxoXfio1sCVmNn7VPu2PgSvKCmITi2R0Cv21XUDPOJiL
pd7jLIYyp6numLVikmAKMmpeZsGft1U5e1iqTd6E9P/N/NWNOLoNoRasQl9Afj5O
48dinhmUW8gKosZ8YrNCrXF6dMZ4nWnm2LedIamGR86x3zfL2ea3STuXwwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFJjBH9A07/kVdVT1XuKDTbOyn8w1MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE3LzUzZmNh
YS1iNzIxLTQ2MmEtYTYwNy0zNzQwNTA3YTI2MDEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcvNTNmY2Fh
LWI3MjEtNDYyYS1hNjA3LTM3NDA1MDdhMjYwMS8xL21NRWYwRFR2LVJWMVZQVmU0
b05OczdLZnpEVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCAjsEMA0EAgACMAcDBQMqCezAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwC9wTANBgkqhkiG9w0BAQsFAAOCAQEAbDWpEdRBRIQL
ESpmro2X2MrTrBUl4NQ6G5iawUkknzTzWQiK5Eylhy6trm6nk6s1z4XWO1NLiW5y
cEVOFs3xYy35c8RX/NKCp/Ny8PGXJv2plpow6R6+dvDeLbDM1jv4J3j65BAtopXy
sst4lagbKA4na/cK4IvahmHhSCI7Bse/eKhThILIUj/izd4x2WCfDI+YkiSH9Lf1
jFSVV3gSMNtTnF33fvFwr5AY83IaHTg4HOobGrrzJfSH4sGxxbvgW3B3M+FFzZ7L
WJl1MSYJN/BdfR2U5vcGqo2CL0LmDBSOVi/15Vib7Vm/JYTMwSOqZ50pLBcbYh/R
wT1TD9silA==
-----END CERTIFICATE-----