Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/pwm_xK1wpqd-kXa4hQqCuOTEu8U.cer
File:                     pwm_xK1wpqd-kXa4hQqCuOTEu8U.cer (raw, json)
Hash identifier:          HKSEnEVvbuR8AjImZerSgsQe83cw1QxXYnu8bM1LwSM=
Subject key identifier:   A7:09:BF:C4:AD:70:A6:A7:7E:91:76:B8:85:0A:82:B8:E4:C4:BB:C5
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC348FD4FBC8971A63BB3A73C2DB9DE09
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/f9235055-1904-44b4-998b-ff1c9e311c49/3/A709BFC4AD70A6A77E9176B8850A82B8E4C4BBC5.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/f9235055-1904-44b4-998b-ff1c9e311c49/3
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 04:29:49 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 195.191.231.0/24
                          IP: 2a14:4380::/29

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 14:55:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:48:fd:4f:bc:89:71:a6:3b:b3:a7:3c:2d:b9:de:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 04:29:49 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a709bfc4ad70a6a77e9176b8850a82b8e4c4bbc5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:d4:96:f4:22:e9:38:cb:86:a3:d3:cf:85:c8:
                    a4:a5:47:ec:4c:e8:89:c5:5f:65:c3:ee:b9:ac:88:
                    db:f7:0b:b5:1e:bb:e0:f4:4e:d4:27:db:62:72:9a:
                    fb:18:ff:c2:6b:01:dd:e5:50:08:43:73:eb:b2:84:
                    54:dc:e6:5e:8a:0d:9d:e1:4b:65:56:05:bb:0d:55:
                    58:65:96:ff:c9:d4:d1:47:ea:9f:cf:9f:0d:1c:2f:
                    da:95:ab:3c:04:14:02:74:82:2a:4b:57:b4:b3:e2:
                    81:8b:fd:3a:bb:6f:c5:3e:ae:7f:b7:29:b5:7b:74:
                    92:cf:64:67:2f:90:f5:2d:86:43:a2:9c:0f:9a:6f:
                    be:0b:e4:17:71:0a:d8:56:af:9a:79:f4:62:8e:e6:
                    24:1d:11:1a:62:c5:4c:0e:1a:c1:51:3c:14:17:b5:
                    42:4d:da:b3:42:1b:33:68:66:34:19:8e:77:6b:16:
                    e7:be:68:5a:60:94:03:6c:1b:b2:96:ee:22:aa:d3:
                    45:91:a3:3f:6c:9e:63:ba:aa:9b:2b:c5:99:aa:ab:
                    cf:9c:9b:9b:59:0c:b7:9e:91:b7:7e:fa:25:6b:5f:
                    f8:9d:f5:26:5a:63:6c:e6:f0:61:a7:36:e4:f3:9c:
                    c8:51:d2:06:3d:c8:8d:0c:16:48:62:7c:25:54:7d:
                    cf:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:09:BF:C4:AD:70:A6:A7:7E:91:76:B8:85:0A:82:B8:E4:C4:BB:C5
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/f9235055-1904-44b4-998b-ff1c9e311c49/3
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/f9235055-1904-44b4-998b-ff1c9e311c49/3/A709BFC4AD70A6A77E9176B8850A82B8E4C4BBC5.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.191.231.0/24
                IPv6:
                  2a14:4380::/29

    Signature Algorithm: sha256WithRSAEncryption
         36:8f:7e:2e:3a:81:66:f6:03:3e:fa:ac:83:29:c5:43:73:91:
         ec:d9:7d:24:d9:b0:19:86:42:64:26:dd:31:4e:48:9a:bd:be:
         39:83:82:76:e0:4c:80:e7:ed:c6:df:46:a5:70:7b:b3:57:58:
         27:3e:6d:58:01:d6:63:10:11:fc:53:3e:d7:d0:16:05:a4:88:
         43:3d:f1:5e:ca:83:4f:55:af:88:7e:ed:ed:c2:22:67:27:36:
         52:f6:3b:0f:44:3b:6b:48:bb:f3:bc:2c:b9:3b:08:f9:96:d2:
         5a:34:56:44:95:3d:07:4a:94:50:9a:6d:26:e5:84:db:e2:83:
         d9:42:ae:87:9e:9d:9e:e1:ed:c0:f0:09:e9:39:ec:c4:c6:8c:
         05:51:ab:17:a4:18:38:9b:84:b3:e3:43:32:95:5c:3d:d9:1a:
         4f:ac:ef:1e:c6:b1:3d:13:24:ef:d4:d6:cc:8b:31:ae:71:73:
         1e:06:d6:a2:d6:69:27:67:d7:7c:a2:d8:1b:c4:37:4f:74:90:
         9d:a2:de:40:66:b7:47:f3:25:d9:f3:dd:ef:a1:aa:bc:80:20:
         d9:bf:f7:2d:45:7a:e3:93:b1:61:22:09:01:2b:bb:c4:b6:83:
         56:09:73:18:dc:22:3f:db:19:7c:bc:95:09:7d:0c:79:54:08:
         18:aa:b9:29
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAYzDSP1PvIlxpjuzpzwtud4JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDQyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzA5YmZjNGFkNzBhNmE3N2U5MTc2Yjg4NTBhODJiOGU0YzRiYmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9SW9CLpOMuGo9PPhcikpUfsTOiJ
xV9lw+65rIjb9wu1Hrvg9E7UJ9ticpr7GP/CawHd5VAIQ3PrsoRU3OZeig2d4Utl
VgW7DVVYZZb/ydTRR+qfz58NHC/alas8BBQCdIIqS1e0s+KBi/06u2/FPq5/tym1
e3SSz2RnL5D1LYZDopwPmm++C+QXcQrYVq+aefRijuYkHREaYsVMDhrBUTwUF7VC
TdqzQhszaGY0GY53axbnvmhaYJQDbBuylu4iqtNFkaM/bJ5juqqbK8WZqqvPnJub
WQy3npG3fvola1/4nfUmWmNs5vBhpzbk85zIUdIGPciNDBZIYnwlVH3PRwIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFKcJv8StcKanfpF2uIUKgrjkxLvFMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE+BggrBgEFBQcBCwSCATAwggEsMF4GCCsGAQUFBzAFhlJy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2Y5MjM1
MDU1LTE5MDQtNDRiNC05OThiLWZmMWM5ZTMxMWM0OS8zMIGLBggrBgEFBQcwCoZ/
cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9mOTIz
NTA1NS0xOTA0LTQ0YjQtOTk4Yi1mZjFjOWUzMTFjNDkvMy9BNzA5QkZDNEFENzBB
NkE3N0U5MTc2Qjg4NTBBODJCOEU0QzRCQkM1Lm1mdDA8BggrBgEFBQcwDYYwaHR0
cHM6Ly9ycmRwLnBhYXMucnBraS5yaXBlLm5ldC9ub3RpZmljYXRpb24ueG1sMFkG
A1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNybDAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA
w7/nMA0EAgACMAcDBQMqFEOAMA0GCSqGSIb3DQEBCwUAA4IBAQA2j34uOoFm9gM+
+qyDKcVDc5Hs2X0k2bAZhkJkJt0xTkiavb45g4J24EyA5+3G30alcHuzV1gnPm1Y
AdZjEBH8Uz7X0BYFpIhDPfFeyoNPVa+Ifu3twiJnJzZS9jsPRDtrSLvzvCy5Owj5
ltJaNFZElT0HSpRQmm0m5YTb4oPZQq6Hnp2e4e3A8AnpOezExowFUasXpBg4m4Sz
40MylVw92RpPrO8exrE9EyTv1NbMizGucXMeBtai1mknZ9d8otgbxDdPdJCdot5A
ZrdH8yXZ893voaq8gCDZv/ctRXrjk7FhIgkBK7vEtoNWCXMY3CI/2xl8vJUJfQx5
VAgYqrkp
-----END CERTIFICATE-----