Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/m_sVDQkLLJ5UjZWLNQZUbDSAkE4.cer
File:                     m_sVDQkLLJ5UjZWLNQZUbDSAkE4.cer (raw, json)
Hash identifier:          hcWdqflyxo18rASr4ET0sNt+MDAxkLlMRcsd+pjxfX0=
Subject key identifier:   9B:FB:15:0D:09:0B:2C:9E:54:8D:95:8B:35:06:54:6C:34:80:90:4E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01856C3F2B4D653074ACDF1C4BEEBA372F60
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/cb/fd36f4-0352-4a3b-be59-925d5aa61306/1/m_sVDQkLLJ5UjZWLNQZUbDSAkE4.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/cb/fd36f4-0352-4a3b-be59-925d5aa61306/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sun 01 Jan 2023 07:32:37 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    AS: 209481
                          IP: 171.22.240.0/22
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:3f:2b:4d:65:30:74:ac:df:1c:4b:ee:ba:37:2f:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 07:32:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9bfb150d090b2c9e548d958b3506546c3480904e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:d2:46:e4:3c:bc:4d:dd:5a:e5:0b:92:e4:b9:
                    87:e7:bf:82:f2:71:c6:0b:ce:56:14:e3:43:bc:5a:
                    d2:13:96:32:e9:78:1a:26:c0:c2:38:9a:cc:a5:01:
                    63:0c:eb:d5:f8:97:45:d0:ff:54:62:81:48:e9:52:
                    13:4c:c7:ca:80:fb:a2:96:ea:79:f1:ec:48:1f:83:
                    c8:38:de:b3:55:88:d5:30:2f:f3:ed:11:a5:76:38:
                    82:74:c9:21:92:74:5c:83:6b:67:7a:cf:69:38:64:
                    c4:c4:96:68:5a:ea:ca:54:9c:7b:ff:f0:b5:b4:c2:
                    65:ff:51:7b:77:d5:3c:29:ff:e6:cd:41:aa:69:66:
                    c9:ed:2e:0a:9a:a0:7a:31:ff:40:c3:38:d5:b9:4b:
                    62:f8:46:7c:f7:64:78:50:98:99:df:35:4f:b2:0f:
                    81:3f:2b:06:b3:38:a5:0b:68:5d:fa:87:6f:f0:4e:
                    fa:9c:a0:d6:3b:88:50:ac:80:9c:b2:24:53:df:08:
                    62:cd:e9:f5:e8:6e:ea:cd:94:43:c9:36:95:e6:40:
                    90:53:e0:bf:b3:f8:1f:02:dd:9d:59:64:b1:87:cd:
                    9a:e1:97:f3:bf:41:be:7c:f9:b3:3c:2b:e7:74:d2:
                    a0:af:55:65:59:a1:ea:5f:59:23:75:58:c9:1e:0c:
                    82:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:FB:15:0D:09:0B:2C:9E:54:8D:95:8B:35:06:54:6C:34:80:90:4E
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/fd36f4-0352-4a3b-be59-925d5aa61306/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/fd36f4-0352-4a3b-be59-925d5aa61306/1/m_sVDQkLLJ5UjZWLNQZUbDSAkE4.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  171.22.240.0/22

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  209481

    Signature Algorithm: sha256WithRSAEncryption
         28:35:a2:8c:1d:a6:6a:e7:f9:80:53:ef:e0:94:7e:e6:df:e0:
         c7:2f:58:d6:22:90:60:c4:27:b7:5b:b9:3f:76:55:38:cc:5e:
         4a:8b:09:c5:6d:74:01:64:05:60:a9:da:ed:f4:d3:c3:61:c6:
         c6:b6:3a:40:22:97:b6:71:f0:9b:76:94:d0:c9:75:d8:54:7d:
         3f:33:ab:b4:4c:69:05:d9:d4:80:e0:eb:7d:a4:25:e2:ba:66:
         de:d5:5b:f7:e1:c1:2b:7e:af:4a:4e:57:be:1c:b2:fa:1d:16:
         ef:f3:90:89:b6:ec:0e:0b:f6:d0:71:03:61:2e:8c:6f:ec:e4:
         02:b1:51:79:16:01:b8:fd:05:53:be:6b:1b:45:c4:5b:7e:22:
         7b:38:d2:02:3b:1e:fd:d6:4f:88:a5:1f:19:45:fe:60:06:d4:
         39:f1:c3:82:e8:3a:47:e7:07:12:7c:00:57:77:1b:5e:23:8c:
         80:7e:1d:0e:76:d4:41:27:ef:dc:da:fa:9c:2c:1a:9e:b3:d5:
         7c:db:8d:98:6f:60:9c:c5:a1:78:3a:19:4f:d1:97:75:dd:be:
         0a:6a:17:bf:f3:db:1a:2f:0d:eb:c4:5f:67:31:f0:a5:04:87:
         ce:74:2c:88:ff:bb:e6:ed:a7:e7:08:f5:07:06:62:45:e8:58:
         39:10:aa:0c
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYVsPytNZTB0rN8cS+66Ny9gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMDczMjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmZiMTUwZDA5MGIyYzllNTQ4ZDk1OGIzNTA2NTQ2YzM0ODA5MDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA59JG5Dy8Td1a5QuS5LmH57+C8nHG
C85WFONDvFrSE5Yy6XgaJsDCOJrMpQFjDOvV+JdF0P9UYoFI6VITTMfKgPuilup5
8exIH4PION6zVYjVMC/z7RGldjiCdMkhknRcg2tnes9pOGTExJZoWurKVJx7//C1
tMJl/1F7d9U8Kf/mzUGqaWbJ7S4KmqB6Mf9AwzjVuUti+EZ892R4UJiZ3zVPsg+B
PysGszilC2hd+odv8E76nKDWO4hQrICcsiRT3whizen16G7qzZRDyTaV5kCQU+C/
s/gfAt2dWWSxh82a4Zfzv0G+fPmzPCvndNKgr1VlWaHqX1kjdVjJHgyCNwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFJv7FQ0JCyyeVI2VizUGVGw0gJBOMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NiL2ZkMzZm
NC0wMzUyLTRhM2ItYmU1OS05MjVkNWFhNjEzMDYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2IvZmQzNmY0
LTAzNTItNGEzYi1iZTU5LTkyNWQ1YWE2MTMwNi8xL21fc1ZEUWtMTEo1VWpaV0xO
UVpVYkRTQWtFNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQCqxbwMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwMySTANBgkqhkiG9w0BAQsFAAOCAQEAKDWijB2mauf5gFPv4JR+5t/gxy9Y1iKQ
YMQnt1u5P3ZVOMxeSosJxW10AWQFYKna7fTTw2HGxrY6QCKXtnHwm3aU0Ml12FR9
PzOrtExpBdnUgODrfaQl4rpm3tVb9+HBK36vSk5Xvhyy+h0W7/OQibbsDgv20HED
YS6Mb+zkArFReRYBuP0FU75rG0XEW34iezjSAjse/dZPiKUfGUX+YAbUOfHDgug6
R+cHEnwAV3cbXiOMgH4dDnbUQSfv3Nr6nCwanrPVfNuNmG9gnMWheDoZT9GXdd2+
CmoXv/PbGi8N68RfZzHwpQSHznQsiP+75u2n5wj1BwZiRehYORCqDA==
-----END CERTIFICATE-----