Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/s55s7LoqBcsHC5sjnsTZgq0dlaU.cer
File:                     s55s7LoqBcsHC5sjnsTZgq0dlaU.cer (raw, json)
Hash identifier:          BEbYII/PqIvoA5nG+zXfiiZsaouFYIC+BpD3tda+Jq0=
Subject key identifier:   B3:9E:6C:EC:BA:2A:05:CB:07:0B:9B:23:9E:C4:D9:82:AD:1D:95:A5
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01907DF1E6E81238808E841F6C8AAFB73C0A
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/da/3ef1b0-9f26-4fa8-9798-aaf68b6c9fd1/1/s55s7LoqBcsHC5sjnsTZgq0dlaU.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/da/3ef1b0-9f26-4fa8-9798-aaf68b6c9fd1/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 04 Jul 2024 13:32:03 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 41023
                          IP: 195.189.76.0/22
                          IP: 195.189.230.0/23

Validation:               Failed, certificate revoked on Tue 09 Jul 2024 08:02:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:7d:f1:e6:e8:12:38:80:8e:84:1f:6c:8a:af:b7:3c:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jul  4 13:32:03 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b39e6cecba2a05cb070b9b239ec4d982ad1d95a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:77:ab:26:49:62:5e:8d:92:f8:e2:ca:ae:c3:
                    a4:23:c5:40:4a:4b:0d:ca:6a:4e:49:94:45:84:29:
                    60:33:78:f4:f1:23:53:6e:91:d9:28:7e:d6:1d:39:
                    8e:32:b6:3e:9a:d1:00:38:70:32:87:69:26:c6:dd:
                    dc:78:9e:e9:e8:30:f7:2e:ec:3e:4c:71:43:16:3d:
                    e1:ba:03:8b:14:d1:bd:d2:8e:63:2d:d9:25:09:4d:
                    99:f3:26:e3:81:23:37:35:2e:5d:58:04:d2:5c:5e:
                    28:d5:d1:86:f8:c9:f2:fa:05:81:f9:cd:33:db:75:
                    13:84:1d:9c:a0:1d:c5:39:90:23:16:f2:c0:62:d0:
                    c3:ca:97:c3:fd:15:55:75:87:f6:07:69:ed:da:e4:
                    97:4c:b8:d1:ff:a8:bf:63:67:1e:27:d9:26:9b:e0:
                    79:6d:2f:92:05:0a:5a:33:85:dd:81:1c:83:a6:59:
                    a0:08:d8:45:58:0f:90:80:6f:3a:05:9b:8c:bd:20:
                    c8:51:64:85:8a:3f:57:b3:9e:2a:79:76:2e:bf:b0:
                    47:08:1e:af:19:2e:6c:43:70:55:f6:e2:81:a1:66:
                    65:cc:f3:c9:44:2b:71:dc:41:d5:3f:64:de:93:af:
                    c1:7e:6a:28:9a:39:68:7b:c6:dd:63:72:8f:52:54:
                    a0:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:9E:6C:EC:BA:2A:05:CB:07:0B:9B:23:9E:C4:D9:82:AD:1D:95:A5
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3ef1b0-9f26-4fa8-9798-aaf68b6c9fd1/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3ef1b0-9f26-4fa8-9798-aaf68b6c9fd1/1/s55s7LoqBcsHC5sjnsTZgq0dlaU.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.189.76.0/22
                  195.189.230.0/23

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  41023

    Signature Algorithm: sha256WithRSAEncryption
         0a:05:1f:84:b1:58:89:d9:da:65:11:52:b9:9a:6b:53:a3:e7:
         e7:99:cd:23:fc:d0:d8:a4:f5:fe:ed:b1:cc:a4:8b:be:64:6f:
         25:0b:bc:c6:8c:00:43:e0:29:b2:ab:c2:bc:55:56:98:58:35:
         97:db:02:a8:d8:a8:49:46:ff:06:43:f9:b8:62:f8:eb:79:fe:
         f5:54:2b:30:86:8c:ec:bf:d4:8b:f3:e7:5c:47:28:e8:77:7a:
         88:a5:10:63:ed:77:ba:53:6a:d1:36:e3:06:d8:95:84:9d:f8:
         d1:c5:84:fd:30:46:66:fc:98:2d:89:1c:61:87:37:bc:79:47:
         93:3f:e8:37:e0:88:88:a8:35:c3:78:c8:44:ba:a6:27:43:73:
         8b:7e:b3:15:63:c8:27:36:75:3d:eb:b0:d5:84:1d:2e:60:e6:
         88:c9:96:13:af:51:67:79:9e:38:1d:f0:cf:44:8e:0a:a5:76:
         6e:5a:9c:3f:fe:fd:fd:05:2c:47:2c:3c:49:31:ef:18:5c:6b:
         60:04:e6:01:59:a6:1f:db:85:31:c4:4f:db:6c:b4:17:2a:29:
         1d:92:40:6c:fc:ab:6e:38:2f:74:83:b0:6f:90:f8:0e:fd:89:
         d7:12:75:e7:71:7d:70:bf:c4:0e:34:2f:2c:7b:8d:29:c8:8e:
         24:6b:9b:2f
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAZB98eboEjiAjoQfbIqvtzwKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwNzA0MTMzMjAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzllNmNlY2JhMmEwNWNiMDcwYjliMjM5ZWM0ZDk4MmFkMWQ5NWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHerJkliXo2S+OLKrsOkI8VASksN
ympOSZRFhClgM3j08SNTbpHZKH7WHTmOMrY+mtEAOHAyh2kmxt3ceJ7p6DD3Luw+
THFDFj3hugOLFNG90o5jLdklCU2Z8ybjgSM3NS5dWATSXF4o1dGG+Mny+gWB+c0z
23UThB2coB3FOZAjFvLAYtDDypfD/RVVdYf2B2nt2uSXTLjR/6i/Y2ceJ9kmm+B5
bS+SBQpaM4XdgRyDplmgCNhFWA+QgG86BZuMvSDIUWSFij9Xs54qeXYuv7BHCB6v
GS5sQ3BV9uKBoWZlzPPJRCtx3EHVP2Tek6/Bfmoomjloe8bdY3KPUlSgCwIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFLOebOy6KgXLBwubI57E2YKtHZWlMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2RhLzNlZjFi
MC05ZjI2LTRmYTgtOTc5OC1hYWY2OGI2YzlmZDEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGEvM2VmMWIw
LTlmMjYtNGZhOC05Nzk4LWFhZjY4YjZjOWZkMS8xL3M1NXM3TG9xQmNzSEM1c2pu
c1RaZ3EwZGxhVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF
BwEHAQH/BBYwFDASBAIAATAMAwQCw71MAwQBw73mMBoGCCsGAQUFBwEIAQH/BAsw
CaAHMAUCAwCgPzANBgkqhkiG9w0BAQsFAAOCAQEACgUfhLFYidnaZRFSuZprU6Pn
55nNI/zQ2KT1/u2xzKSLvmRvJQu8xowAQ+ApsqvCvFVWmFg1l9sCqNioSUb/BkP5
uGL463n+9VQrMIaM7L/Ui/PnXEco6Hd6iKUQY+13ulNq0TbjBtiVhJ340cWE/TBG
ZvyYLYkcYYc3vHlHkz/oN+CIiKg1w3jIRLqmJ0Nzi36zFWPIJzZ1Peuw1YQdLmDm
iMmWE69RZ3meOB3wz0SOCqV2blqcP/79/QUsRyw8STHvGFxrYATmAVmmH9uFMcRP
22y0FyopHZJAbPyrbjgvdIOwb5D4Dv2J1xJ153F9cL/EDjQvLHuNKciOJGubLw==