Certificate 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/oYJPJS9bZm4glDJg2Cv6tAfl-6A.cer
File:                     oYJPJS9bZm4glDJg2Cv6tAfl-6A.cer (raw, json)
Hash identifier:          GRzSGbpL9KM0JA6sPWiWljimnKyf4e2/2cQhlZpSXjo=
Subject key identifier:   A1:82:4F:25:2F:5B:66:6E:20:94:32:60:D8:2B:FA:B4:07:E5:FB:A0
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018AA9A16A66254B4F6991106FE4E9E150E7
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/98/49ef95-a7f1-471e-b796-b7c8b2afdde5/1/oYJPJS9bZm4glDJg2Cv6tAfl-6A.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/98/49ef95-a7f1-471e-b796-b7c8b2afdde5/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 18 Sep 2023 18:50:42 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    AS: 56738
                          IP: 185.1.148.0/24
                          IP: 2001:7f8:140::/48

Validation:               Failed, certificate revoked on Wed 20 Sep 2023 13:25:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:a9:a1:6a:66:25:4b:4f:69:91:10:6f:e4:e9:e1:50:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Sep 18 18:50:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a1824f252f5b666e20943260d82bfab407e5fba0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:af:e3:5e:c9:08:56:7e:ac:b5:5e:9d:ee:2c:
                    3f:01:b2:48:a8:99:3b:4f:cb:75:5d:f2:e0:9b:6e:
                    85:bb:16:39:97:0d:5e:28:50:fc:d6:26:0d:5e:41:
                    52:2c:7b:a8:d8:10:39:f3:4f:c9:de:f0:b1:a1:b1:
                    14:35:00:94:cc:7b:91:f6:ec:4e:62:a3:77:71:bc:
                    07:ec:1c:75:b6:21:ca:bf:45:4a:c6:aa:91:47:65:
                    87:00:24:e5:c4:00:01:18:ac:7c:bb:e8:d7:67:ed:
                    24:84:00:f0:53:dd:47:12:01:d7:c5:13:01:f3:60:
                    f2:42:7a:07:10:5c:d1:38:2d:a4:be:b1:b0:f6:92:
                    4e:e3:98:d1:b4:a0:a2:3f:33:6e:b7:9b:26:88:2d:
                    5b:6f:d1:8f:6a:17:c6:71:50:2c:bd:ac:98:f8:ff:
                    b0:66:ad:17:2b:d2:de:fb:12:3e:56:5c:34:b0:49:
                    b7:18:02:25:97:14:2c:6b:5f:be:87:34:ca:30:86:
                    c9:3a:c8:30:4d:e1:48:f3:96:96:91:72:93:85:3a:
                    eb:d1:61:56:3f:ad:eb:59:bc:4c:2a:1c:f6:72:cd:
                    4d:1c:10:f8:84:95:5b:2f:44:1f:ce:84:e5:26:31:
                    33:c1:fe:05:94:f8:aa:b9:4e:84:a8:8a:11:c2:bd:
                    23:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:82:4F:25:2F:5B:66:6E:20:94:32:60:D8:2B:FA:B4:07:E5:FB:A0
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/49ef95-a7f1-471e-b796-b7c8b2afdde5/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/49ef95-a7f1-471e-b796-b7c8b2afdde5/1/oYJPJS9bZm4glDJg2Cv6tAfl-6A.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.1.148.0/24
                IPv6:
                  2001:7f8:140::/48

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  56738

    Signature Algorithm: sha256WithRSAEncryption
         af:6a:a9:9b:60:a5:1f:d7:25:ac:48:dc:a3:9e:aa:91:19:b2:
         b1:ff:13:9a:ee:dc:ff:c8:38:f5:15:0d:8e:6d:20:2b:d1:58:
         41:37:1c:c6:68:84:a2:8c:0c:c3:72:8a:ce:d5:8e:d1:1f:b6:
         72:cf:d4:4e:23:21:d4:bc:ba:0c:60:7d:4d:a1:67:1e:92:92:
         5e:fc:50:9b:74:0e:a4:a1:66:ce:db:f6:3a:ce:fc:e6:28:36:
         0d:8f:84:c7:b5:04:b1:d4:41:93:cd:f3:c2:e4:94:d4:42:fb:
         23:12:66:cf:b2:5e:29:1c:63:56:2c:49:d2:45:2c:ca:95:e1:
         ae:8e:07:b8:12:10:d9:45:e0:98:68:ab:2b:26:7b:0f:49:ed:
         69:30:e5:ed:c5:44:3b:a4:e8:a1:36:3b:63:86:ab:b5:a7:25:
         0f:81:e3:18:75:e2:33:d4:b0:65:b6:ed:0b:76:19:9b:1f:8a:
         ec:50:a1:b7:95:00:14:34:68:a3:84:55:04:69:82:03:3c:d7:
         21:71:1d:33:5f:68:4e:d8:c6:2c:23:b7:9b:16:46:d5:b8:a4:
         a6:eb:8f:16:b8:c9:e5:1e:28:98:41:c6:0e:d7:48:f3:a5:e4:
         09:d2:1e:03:67:b2:0b:e6:d2:4b:f2:69:c9:c5:62:a6:bc:20:
         fd:a6:87:0b
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgISAYqpoWpmJUtPaZEQb+Tp4VDnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwOTE4MTg1MDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTgyNGYyNTJmNWI2NjZlMjA5NDMyNjBkODJiZmFiNDA3ZTVmYmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAta/jXskIVn6stV6d7iw/AbJIqJk7
T8t1XfLgm26FuxY5lw1eKFD81iYNXkFSLHuo2BA580/J3vCxobEUNQCUzHuR9uxO
YqN3cbwH7Bx1tiHKv0VKxqqRR2WHACTlxAABGKx8u+jXZ+0khADwU91HEgHXxRMB
82DyQnoHEFzROC2kvrGw9pJO45jRtKCiPzNut5smiC1bb9GPahfGcVAsvayY+P+w
Zq0XK9Le+xI+Vlw0sEm3GAIllxQsa1++hzTKMIbJOsgwTeFI85aWkXKThTrr0WFW
P63rWbxMKhz2cs1NHBD4hJVbL0QfzoTlJjEzwf4FlPiquU6EqIoRwr0jtQIDAQAB
o4ICsTCCAq0wHQYDVR0OBBYEFKGCTyUvW2ZuIJQyYNgr+rQH5fugMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzk4LzQ5ZWY5
NS1hN2YxLTQ3MWUtYjc5Ni1iN2M4YjJhZmRkZTUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgvNDllZjk1
LWE3ZjEtNDcxZS1iNzk2LWI3YzhiMmFmZGRlNS8xL29ZSlBKUzliWm00Z2xESmcy
Q3Y2dEFmbC02QS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUF
BwEHAQH/BCEwHzAMBAIAATAGAwQAuQGUMA8EAgACMAkDBwAgAQf4AUAwGgYIKwYB
BQUHAQgBAf8ECzAJoAcwBQIDAN2iMA0GCSqGSIb3DQEBCwUAA4IBAQCvaqmbYKUf
1yWsSNyjnqqRGbKx/xOa7tz/yDj1FQ2ObSAr0VhBNxzGaISijAzDcorO1Y7RH7Zy
z9ROIyHUvLoMYH1NoWcekpJe/FCbdA6koWbO2/Y6zvzmKDYNj4THtQSx1EGTzfPC
5JTUQvsjEmbPsl4pHGNWLEnSRSzKleGujge4EhDZReCYaKsrJnsPSe1pMOXtxUQ7
pOihNjtjhqu1pyUPgeMYdeIz1LBltu0LdhmbH4rsUKG3lQAUNGijhFUEaYIDPNch
cR0zX2hO2MYsI7ebFkbVuKSm648WuMnlHiiYQcYO10jzpeQJ0h4DZ7IL5tJL8mnJ
xWKmvCD9pocL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:56:46 2024 by rpki-client on console-ams.rpki-client.org