Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/r-ofM-QUX4L-2U7NKD1hYKwQhnk.cer
File:                     r-ofM-QUX4L-2U7NKD1hYKwQhnk.cer (raw, json)
Hash identifier:          82Zct6AZQVpLLJDZ/XOd4BtXh2heLTIyXDwWE2kaY0w=
Subject key identifier:   AF:EA:1F:33:E4:14:5F:82:FE:D9:4E:CD:28:3D:61:60:AC:10:86:79
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       0193E95366BD9DD84C086F50DC0BF845D66A
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/eba23213-7710-4403-b78a-e77ee9461c95/0/AFEA1F33E4145F82FED94ECD283D6160AC108679.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/eba23213-7710-4403-b78a-e77ee9461c95/0/
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Sat 21 Dec 2024 13:06:17 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 199310
Validation:               Failed, certificate revoked on Tue 31 Dec 2024 16:45:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:e9:53:66:bd:9d:d8:4c:08:6f:50:dc:0b:f8:45:d6:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Dec 21 13:06:17 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=afea1f33e4145f82fed94ecd283d6160ac108679
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:1c:67:10:0c:e2:e4:60:95:cf:11:ed:cb:c9:
                    e4:36:61:60:df:12:ef:7c:1e:3b:7e:82:6f:28:56:
                    22:16:64:e0:15:62:49:2a:4e:dd:e8:96:e8:b2:c8:
                    d7:09:49:47:76:be:67:02:9e:f4:e7:ae:81:c2:ce:
                    87:7a:a1:9b:b4:03:9b:42:97:ff:3a:9f:e3:ea:34:
                    2b:95:cc:4e:6f:2a:2a:9f:e8:28:53:57:6e:51:c0:
                    d1:b8:e9:c9:79:e5:45:7d:74:c2:35:10:f1:6e:67:
                    87:8e:8f:e0:89:1e:b9:7f:f7:36:e6:a7:f0:c4:b2:
                    d4:16:7a:46:09:22:a4:77:0b:02:ea:0e:66:e8:31:
                    6e:9a:dc:83:0a:ba:1c:cd:6c:9a:b1:f3:6e:38:b4:
                    9c:dd:90:6c:c5:6c:e1:ac:e2:1f:c0:fc:74:89:84:
                    d9:d2:55:52:94:ca:55:f3:43:d2:db:d4:07:64:f7:
                    76:49:aa:1e:2f:f9:51:34:c0:1a:43:38:65:2a:c8:
                    84:83:fd:f7:f4:cf:cc:48:f2:c8:51:73:17:d4:e4:
                    b5:6d:f9:1a:1a:42:b3:5e:91:13:66:b7:ab:14:3c:
                    8a:97:da:dd:92:5e:2a:ce:15:9f:27:ce:55:55:ea:
                    a3:7d:a5:db:a9:25:e5:0f:f4:15:67:c2:c7:31:df:
                    8f:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:EA:1F:33:E4:14:5F:82:FE:D9:4E:CD:28:3D:61:60:AC:10:86:79
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/eba23213-7710-4403-b78a-e77ee9461c95/0/
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/eba23213-7710-4403-b78a-e77ee9461c95/0/AFEA1F33E4145F82FED94ECD283D6160AC108679.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  199310

    Signature Algorithm: sha256WithRSAEncryption
         35:e6:fd:a2:13:ed:53:ef:f2:4f:a1:8c:b3:de:fa:43:d3:5f:
         14:81:20:e6:10:5e:90:e7:36:a7:8b:24:07:74:f2:93:9f:f8:
         61:aa:e2:66:a9:fb:75:92:f6:9d:f7:db:2c:b3:56:bb:06:ab:
         44:2f:cf:bf:ff:17:b5:61:1d:f5:54:10:23:c1:7b:dd:46:7e:
         c9:a0:ff:8d:79:e3:41:57:51:b7:0f:0c:d8:d0:d2:54:fa:74:
         e5:79:78:72:0a:95:45:8a:7c:36:da:1c:b8:f8:f1:56:9f:1c:
         61:41:b0:bf:05:82:2c:60:21:1a:12:5c:98:f5:da:4f:f1:5c:
         a1:b1:bd:9d:9e:69:4b:90:42:3e:75:b0:8f:81:dc:f2:62:a9:
         42:a9:c7:d4:ca:30:77:d3:7b:98:38:8b:7d:6d:19:5e:a1:3d:
         f2:b5:5b:98:9e:b6:fd:77:a0:17:79:21:47:d1:5e:9b:6f:e9:
         e3:53:2f:0a:ab:f8:69:73:61:3c:fe:91:99:89:cb:df:6f:46:
         85:b4:2d:c4:55:e3:cd:06:8b:f6:c5:da:33:d7:8f:65:5c:1a:
         9a:e1:50:ec:70:ce:64:3c:25:16:78:e3:60:4c:02:27:fd:7f:
         97:5c:f1:4f:86:8f:09:82:68:a0:36:67:b7:13:57:73:10:a7:
         64:c4:58:93
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAZPpU2a9ndhMCG9Q3Av4RdZqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQxMjIxMTMwNjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmVhMWYzM2U0MTQ1ZjgyZmVkOTRlY2QyODNkNjE2MGFjMTA4Njc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBxnEAzi5GCVzxHty8nkNmFg3xLv
fB47foJvKFYiFmTgFWJJKk7d6JbossjXCUlHdr5nAp70566Bws6HeqGbtAObQpf/
Op/j6jQrlcxObyoqn+goU1duUcDRuOnJeeVFfXTCNRDxbmeHjo/giR65f/c25qfw
xLLUFnpGCSKkdwsC6g5m6DFumtyDCroczWyasfNuOLSc3ZBsxWzhrOIfwPx0iYTZ
0lVSlMpV80PS29QHZPd2SaoeL/lRNMAaQzhlKsiEg/339M/MSPLIUXMX1OS1bfka
GkKzXpETZrerFDyKl9rdkl4qzhWfJ85VVeqjfaXbqSXlD/QVZ8LHMd+PWQIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFK/qHzPkFF+C/tlOzSg9YWCsEIZ5MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2ViYTIz
MjEzLTc3MTAtNDQwMy1iNzhhLWU3N2VlOTQ2MWM5NS8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZWJh
MjMyMTMtNzcxMC00NDAzLWI3OGEtZTc3ZWU5NDYxYzk1LzAvQUZFQTFGMzNFNDE0
NUY4MkZFRDk0RUNEMjgzRDYxNjBBQzEwODY3OS5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMDCo4w
DQYJKoZIhvcNAQELBQADggEBADXm/aIT7VPv8k+hjLPe+kPTXxSBIOYQXpDnNqeL
JAd08pOf+GGq4map+3WS9p332yyzVrsGq0Qvz7//F7VhHfVUECPBe91Gfsmg/415
40FXUbcPDNjQ0lT6dOV5eHIKlUWKfDbaHLj48VafHGFBsL8FgixgIRoSXJj12k/x
XKGxvZ2eaUuQQj51sI+B3PJiqUKpx9TKMHfTe5g4i31tGV6hPfK1W5ietv13oBd5
IUfRXptv6eNTLwqr+GlzYTz+kZmJy99vRoW0LcRV480Gi/bF2jPXj2VcGprhUOxw
zmQ8JRZ442BMAif9f5dc8U+GjwmCaKA2Z7cTV3MQp2TEWJM=
-----END CERTIFICATE-----