Certificate 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/pI14rYm7b-aK8r2xFonELNsPp_M.cer
File:                     pI14rYm7b-aK8r2xFonELNsPp_M.cer (raw, json)
Hash identifier:          ZjMglEy3HyHLOaePybkfxdHJx4wl7mnwqUBE/Wb94AY=
Subject key identifier:   A4:8D:78:AD:89:BB:6F:E6:8A:F2:BD:B1:16:89:C4:2C:DB:0F:A7:F3
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC8DEB049B82EE103A967F54FFD238CD6
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/a1/6bc9f1-5fdc-431f-baac-72a4e16c19f0/1/pI14rYm7b-aK8r2xFonELNsPp_M.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/a1/6bc9f1-5fdc-431f-baac-72a4e16c19f0/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 06:31:26 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 207923
                          IP: 45.158.100.0/22
                          IP: 2a0f:4c40::/29

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:17:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:de:b0:49:b8:2e:e1:03:a9:67:f5:4f:fd:23:8c:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 06:31:26 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a48d78ad89bb6fe68af2bdb11689c42cdb0fa7f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:d6:d9:6e:6d:7a:c2:ab:a4:5f:7c:3b:13:20:
                    b7:04:e5:ac:2c:c8:e3:ff:16:9f:7d:05:62:8f:e6:
                    86:0f:f9:17:a1:05:09:e1:70:f6:1a:76:b4:60:17:
                    d1:fe:36:16:64:80:14:7e:b0:70:1f:f7:38:e8:d8:
                    31:e0:45:94:e8:9c:bc:a6:da:24:91:7a:a3:17:52:
                    9e:a3:25:61:94:cb:79:1f:d0:7a:33:8d:b2:c9:05:
                    cf:59:5f:41:83:7d:08:22:ee:6e:54:49:17:67:1a:
                    d3:c9:d2:f0:94:1b:19:16:1f:5f:66:ad:88:56:2f:
                    f1:ff:eb:ce:48:f0:7d:4b:9a:de:36:23:2e:33:2e:
                    a9:39:ec:cd:b3:4e:44:3b:be:14:74:6c:b4:90:31:
                    cc:46:11:72:a6:77:91:dc:a5:c8:96:64:d1:e6:d8:
                    e6:56:b1:4d:0e:ed:e5:76:57:58:10:dc:fc:b7:6a:
                    aa:d5:e0:2f:66:36:58:7c:13:2b:9c:a7:0a:4a:49:
                    e2:0a:d5:10:62:06:ce:aa:76:f8:07:ed:bf:71:3d:
                    dd:bc:c0:bd:a7:c1:37:31:1b:31:bf:a7:aa:72:f9:
                    02:02:d4:36:ce:a3:9a:03:d0:ab:a5:45:4f:38:e3:
                    df:18:43:f4:c5:1d:e6:8b:56:ad:74:b1:b5:8c:42:
                    f4:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:8D:78:AD:89:BB:6F:E6:8A:F2:BD:B1:16:89:C4:2C:DB:0F:A7:F3
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/6bc9f1-5fdc-431f-baac-72a4e16c19f0/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/6bc9f1-5fdc-431f-baac-72a4e16c19f0/1/pI14rYm7b-aK8r2xFonELNsPp_M.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.158.100.0/22
                IPv6:
                  2a0f:4c40::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  207923

    Signature Algorithm: sha256WithRSAEncryption
         20:21:3d:73:d8:61:d7:25:c1:4b:77:a2:db:f7:d8:df:00:e1:
         ca:37:f6:b6:f7:7e:d5:aa:c6:1a:f1:00:60:ed:a4:24:03:2c:
         1c:9c:04:ec:ce:56:7d:9f:91:7e:6f:50:85:be:a9:4f:c5:53:
         14:87:66:18:5a:ee:c0:8f:95:44:6b:d5:17:38:73:68:1d:d4:
         d7:e9:82:83:75:2b:5c:b0:2f:a5:45:eb:b9:6b:4f:b4:32:54:
         f6:15:8a:ea:8c:46:bd:aa:fa:47:b9:e5:f9:9f:31:5c:83:6f:
         62:bb:a2:40:2d:32:f3:c1:63:e5:26:0c:da:67:c6:ad:73:d3:
         28:68:15:d3:2b:8e:33:ef:5f:aa:5d:c6:72:3e:25:fb:6f:9f:
         cd:ae:20:f0:10:01:87:06:0b:83:77:b7:7f:c8:54:e8:10:e9:
         69:3a:3e:f8:82:ee:14:24:b6:b4:7e:a2:11:33:b9:91:49:1d:
         4a:c0:69:e4:da:ed:74:6c:30:a5:63:66:63:5c:70:8c:a0:0f:
         0c:4a:96:af:29:8c:7c:ea:3e:b6:fa:67:d5:34:3a:ec:7b:0a:
         77:3c:62:41:1a:17:f0:d0:ee:1a:9d:ff:f6:1c:68:04:4f:cf:
         fc:a2:e5:7d:db:44:e0:30:fb:b7:e5:bc:90:7a:e2:5e:16:a1:
         9a:8b:de:aa
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzI3rBJuC7hA6ln9U/9I4zWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDYzMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDhkNzhhZDg5YmI2ZmU2OGFmMmJkYjExNjg5YzQyY2RiMGZhN2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNbZbm16wqukX3w7EyC3BOWsLMjj
/xaffQVij+aGD/kXoQUJ4XD2Gna0YBfR/jYWZIAUfrBwH/c46Ngx4EWU6Jy8ptok
kXqjF1KeoyVhlMt5H9B6M42yyQXPWV9Bg30IIu5uVEkXZxrTydLwlBsZFh9fZq2I
Vi/x/+vOSPB9S5reNiMuMy6pOezNs05EO74UdGy0kDHMRhFypneR3KXIlmTR5tjm
VrFNDu3ldldYENz8t2qq1eAvZjZYfBMrnKcKSkniCtUQYgbOqnb4B+2/cT3dvMC9
p8E3MRsxv6eqcvkCAtQ2zqOaA9CrpUVPOOPfGEP0xR3mi1atdLG1jEL04QIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFKSNeK2Ju2/mivK9sRaJxCzbD6fzMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ExLzZiYzlm
MS01ZmRjLTQzMWYtYmFhYy03MmE0ZTE2YzE5ZjAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTEvNmJjOWYx
LTVmZGMtNDMxZi1iYWFjLTcyYTRlMTZjMTlmMC8xL3BJMTRyWW03Yi1hSzhyMnhG
b25FTE5zUHBfTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCLZ5kMA0EAgACMAcDBQMqD0xAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMsMzANBgkqhkiG9w0BAQsFAAOCAQEAICE9c9hh1yXB
S3ei2/fY3wDhyjf2tvd+1arGGvEAYO2kJAMsHJwE7M5WfZ+Rfm9Qhb6pT8VTFIdm
GFruwI+VRGvVFzhzaB3U1+mCg3UrXLAvpUXruWtPtDJU9hWK6oxGvar6R7nl+Z8x
XINvYruiQC0y88Fj5SYM2mfGrXPTKGgV0yuOM+9fql3Gcj4l+2+fza4g8BABhwYL
g3e3f8hU6BDpaTo++ILuFCS2tH6iETO5kUkdSsBp5NrtdGwwpWNmY1xwjKAPDEqW
rymMfOo+tvpn1TQ67HsKdzxiQRoX8NDuGp3/9hxoBE/P/KLlfdtE4DD7t+W8kHri
Xhahmoveqg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:02:44 2024 by rpki-client on console-fra.rpki-client.org