Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/pHfG_kt7rBtiPc3HK7bGLwAmHx4.cer
File:                     pHfG_kt7rBtiPc3HK7bGLwAmHx4.cer (raw, json)
Hash identifier:          2nA87eHOEChO5xoJIGg1QYmLvX/KbqtL/pD676/uFew=
Subject key identifier:   A4:77:C6:FE:4B:7B:AC:1B:62:3D:CD:C7:2B:B6:C6:2F:00:26:1F:1E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC6B89EAFADC4AAB2BBC3D3D2621EB640
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/5f/559c88-92bc-4772-84f3-69f13af5432d/1/pHfG_kt7rBtiPc3HK7bGLwAmHx4.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/5f/559c88-92bc-4772-84f3-69f13af5432d/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 20:30:37 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 201557
                          IP: 185.25.200.0/22
                          IP: 2a00:8160::/32

Validation:               Failed, certificate revoked on Thu 18 Apr 2024 08:34:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b8:9e:af:ad:c4:aa:b2:bb:c3:d3:d2:62:1e:b6:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 20:30:37 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a477c6fe4b7bac1b623dcdc72bb6c62f00261f1e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:5a:ca:70:3e:4c:d5:f8:5c:a8:4c:ab:8c:61:
                    ae:9f:49:f3:d7:2c:7d:53:32:85:02:a7:86:62:a7:
                    bb:67:18:db:29:7c:74:5d:0c:e2:30:58:8b:28:41:
                    a8:45:04:d7:55:46:20:29:4c:cc:99:e1:88:3a:dd:
                    8b:dd:fa:fe:de:a4:bd:dc:d2:ba:be:3d:6b:db:30:
                    00:57:86:43:45:3e:7c:bd:74:e9:9a:46:d0:e7:17:
                    f5:0c:70:b2:2d:db:31:56:79:70:1d:ed:29:01:eb:
                    bd:87:29:d9:e6:67:87:68:21:42:d0:36:ed:2c:70:
                    54:d0:11:1e:8d:05:d6:fd:66:0d:c2:49:ac:d3:0c:
                    43:96:f7:c0:2a:1b:66:c9:4c:92:48:33:6f:0e:a7:
                    18:bc:04:af:c6:0f:4b:60:0f:80:1a:03:fe:49:b4:
                    56:b2:cd:4f:4e:58:d3:08:89:6e:12:a5:75:e1:88:
                    d5:e7:7c:a4:7b:1f:ab:00:90:22:2e:43:32:3a:64:
                    96:25:b9:12:30:d9:06:ba:23:b0:3a:07:c5:8a:e5:
                    88:22:61:91:6a:b7:c2:95:83:95:78:f7:4d:9a:80:
                    67:b1:28:fa:e6:aa:24:07:3b:da:cb:ee:45:f8:45:
                    ea:ff:90:ea:1a:e0:2d:59:fa:86:01:14:a6:13:b4:
                    2e:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:77:C6:FE:4B:7B:AC:1B:62:3D:CD:C7:2B:B6:C6:2F:00:26:1F:1E
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/559c88-92bc-4772-84f3-69f13af5432d/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/559c88-92bc-4772-84f3-69f13af5432d/1/pHfG_kt7rBtiPc3HK7bGLwAmHx4.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.25.200.0/22
                IPv6:
                  2a00:8160::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  201557

    Signature Algorithm: sha256WithRSAEncryption
         ac:16:72:21:d0:62:ec:75:89:3e:63:4f:f2:e1:8a:9a:e6:e0:
         23:38:2b:05:6d:ae:39:34:ed:2c:f3:1c:f0:6a:04:ff:6a:10:
         61:8e:42:d7:4a:fc:2c:54:2b:52:00:32:92:c6:a7:48:9c:16:
         8a:75:c8:54:3e:c3:af:c3:e7:af:5c:3d:59:11:cc:1d:7f:e6:
         e3:79:6e:f5:f9:5b:0f:53:f0:3d:32:a3:cf:4c:b8:31:65:29:
         ed:d3:03:1d:07:4f:cc:bd:51:f5:9b:b4:08:49:11:bb:f8:1c:
         17:cd:4a:9e:7b:fe:dd:19:52:f3:cd:90:2f:20:e8:43:76:e1:
         f4:ac:af:cb:6a:8b:45:20:8b:58:6a:d6:a0:4a:80:57:db:40:
         af:84:32:49:ea:46:e2:df:ea:62:2d:c2:5b:db:82:44:6f:1c:
         82:6b:71:c4:d0:cf:23:7f:26:10:c1:dc:40:41:28:80:f1:7a:
         b5:f7:06:a1:dc:9b:58:d4:b4:42:5d:a7:d3:6e:0f:37:74:06:
         af:a6:87:e7:bd:c5:bb:f0:12:16:eb:fb:95:d7:a1:bf:78:19:
         fd:59:f4:a2:b7:54:56:50:4d:9e:c7:c7:bb:7a:9a:7c:e5:44:
         07:24:33:5e:d6:09:f5:c8:1d:75:4b:87:03:0a:26:0c:88:02:
         30:92:a0:86
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzGuJ6vrcSqsrvD09JiHrZAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjAzMDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDc3YzZmZTRiN2JhYzFiNjIzZGNkYzcyYmI2YzYyZjAwMjYxZjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVrKcD5M1fhcqEyrjGGun0nz1yx9
UzKFAqeGYqe7ZxjbKXx0XQziMFiLKEGoRQTXVUYgKUzMmeGIOt2L3fr+3qS93NK6
vj1r2zAAV4ZDRT58vXTpmkbQ5xf1DHCyLdsxVnlwHe0pAeu9hynZ5meHaCFC0Dbt
LHBU0BEejQXW/WYNwkms0wxDlvfAKhtmyUySSDNvDqcYvASvxg9LYA+AGgP+SbRW
ss1PTljTCIluEqV14YjV53ykex+rAJAiLkMyOmSWJbkSMNkGuiOwOgfFiuWIImGR
arfClYOVePdNmoBnsSj65qokBzvay+5F+EXq/5DqGuAtWfqGARSmE7Qu9QIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFKR3xv5Le6wbYj3Nxyu2xi8AJh8eMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVmLzU1OWM4
OC05MmJjLTQ3NzItODRmMy02OWYxM2FmNTQzMmQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWYvNTU5Yzg4
LTkyYmMtNDc3Mi04NGYzLTY5ZjEzYWY1NDMyZC8xL3BIZkdfa3Q3ckJ0aVBjM0hL
N2JHTHdBbUh4NC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuRnIMA0EAgACMAcDBQAqAIFgMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMTVTANBgkqhkiG9w0BAQsFAAOCAQEArBZyIdBi7HWJ
PmNP8uGKmubgIzgrBW2uOTTtLPMc8GoE/2oQYY5C10r8LFQrUgAyksanSJwWinXI
VD7Dr8Pnr1w9WRHMHX/m43lu9flbD1PwPTKjz0y4MWUp7dMDHQdPzL1R9Zu0CEkR
u/gcF81Knnv+3RlS882QLyDoQ3bh9Kyvy2qLRSCLWGrWoEqAV9tAr4QySepG4t/q
Yi3CW9uCRG8cgmtxxNDPI38mEMHcQEEogPF6tfcGodybWNS0Ql2n024PN3QGr6aH
573Fu/ASFuv7ldehv3gZ/Vn0ordUVlBNnsfHu3qafOVEByQzXtYJ9cgddUuHAwom
DIgCMJKghg==
-----END CERTIFICATE-----