Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/truNlPYyo87XXsXT8u7OnPFgW9M.cer
File:                     truNlPYyo87XXsXT8u7OnPFgW9M.cer (raw, json)
Hash identifier:          7ITUi0TdrDTdOxJpfRWmhj/9DOmfZ2JYvz6Em64m5cM=
Subject key identifier:   B6:BB:8D:94:F6:32:A3:CE:D7:5E:C5:D3:F2:EE:CE:9C:F1:60:5B:D3
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01856B636BCFE6AE057D7935A733C87A0772
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/03/e723d6-30fc-40b5-94c9-9599d3dc796d/1/truNlPYyo87XXsXT8u7OnPFgW9M.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/03/e723d6-30fc-40b5-94c9-9599d3dc796d/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sun 01 Jan 2023 03:32:35 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    AS: 205744
                          IP: 185.208.64.0/22

Validation:               Failed, certificate revoked on Fri 06 Oct 2023 12:25:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:63:6b:cf:e6:ae:05:7d:79:35:a7:33:c8:7a:07:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 03:32:35 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b6bb8d94f632a3ced75ec5d3f2eece9cf1605bd3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:cd:85:10:1f:1b:92:ab:e7:ed:f2:a5:60:81:
                    2f:ed:0f:60:4d:09:f6:6c:7b:f6:5e:8f:ce:96:40:
                    6a:17:8a:e7:b5:4c:44:fd:65:73:10:6f:1d:69:da:
                    6e:27:32:13:4a:17:32:3a:e0:39:29:52:8e:93:cb:
                    71:d6:c7:ef:67:18:e7:0a:85:c8:45:8e:78:3f:d3:
                    a0:32:23:e2:b3:aa:85:88:8a:3e:41:54:46:fa:fd:
                    74:c3:7b:f6:fc:f3:d5:f5:45:2e:b3:3f:35:d2:5b:
                    c8:66:31:d7:cb:f9:71:86:65:1c:29:e7:bb:8a:12:
                    d1:fe:c3:0b:0f:bb:72:ec:8f:61:c7:46:3b:d2:41:
                    c6:1b:d2:e6:97:f5:7b:0a:6d:59:4c:39:ec:6d:f8:
                    d0:79:96:9c:bc:5c:3e:7a:2a:95:dc:cf:f6:5e:2c:
                    69:f9:89:b8:89:81:96:74:5d:ee:72:74:61:7a:e9:
                    93:d8:5b:94:1c:e2:f7:fc:61:60:e1:5d:c4:29:f8:
                    f8:cb:86:d2:34:2b:56:ec:bb:cf:64:ff:7b:f5:1d:
                    f1:37:13:51:f5:35:73:41:36:57:fd:96:43:2f:23:
                    2c:5f:4b:49:8d:08:70:46:0a:40:a3:2e:00:7e:ea:
                    b1:7a:fb:be:81:5e:ee:50:cd:3e:27:a9:8b:26:95:
                    63:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:BB:8D:94:F6:32:A3:CE:D7:5E:C5:D3:F2:EE:CE:9C:F1:60:5B:D3
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e723d6-30fc-40b5-94c9-9599d3dc796d/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e723d6-30fc-40b5-94c9-9599d3dc796d/1/truNlPYyo87XXsXT8u7OnPFgW9M.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.208.64.0/22

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  205744

    Signature Algorithm: sha256WithRSAEncryption
         47:7e:30:65:bd:e6:ba:d5:b9:f0:e0:41:50:83:0c:18:9a:1a:
         2e:00:ec:d9:42:74:7d:b3:6f:db:b3:0b:53:87:0b:ef:32:b0:
         5c:0b:37:dd:ab:4f:01:13:c4:ce:74:e6:79:3c:dd:65:64:a7:
         25:61:8b:01:e7:7d:cd:3b:20:2a:0e:18:8f:be:5b:11:16:ac:
         64:59:00:51:91:d3:c2:24:66:c9:05:5f:fe:00:48:69:90:f9:
         a7:f1:a6:6c:4e:c8:0e:e5:0c:4b:d0:13:2b:2a:e7:d0:a4:f0:
         cd:ec:79:7a:87:69:ce:03:bc:c8:36:9e:4d:fd:cc:68:30:d8:
         59:9f:2f:8a:3b:e7:a1:3e:a0:dd:45:a7:3a:d3:9e:d9:32:7a:
         6b:32:7b:91:c1:cd:c3:61:37:36:da:20:4f:4c:d1:3d:4d:c4:
         c6:56:97:98:f8:82:df:7a:c3:61:67:db:9b:c4:f2:ea:86:5a:
         89:10:bf:13:32:b3:16:7c:40:ec:d3:02:fd:2f:da:d3:11:5e:
         6b:83:e0:cb:77:49:26:18:ca:7b:a4:cb:d3:42:44:b8:c0:94:
         13:39:6f:ec:fe:b0:22:a6:6b:a0:47:46:58:82:20:35:27:51:
         d6:ee:c9:9a:2d:d2:4e:e6:75:5d:30:a1:da:bd:e7:24:5f:5d:
         a6:91:a3:62
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYVrY2vP5q4FfXk1pzPIegdyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMDMzMjM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmJiOGQ5NGY2MzJhM2NlZDc1ZWM1ZDNmMmVlY2U5Y2YxNjA1YmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqM2FEB8bkqvn7fKlYIEv7Q9gTQn2
bHv2Xo/OlkBqF4rntUxE/WVzEG8dadpuJzITShcyOuA5KVKOk8tx1sfvZxjnCoXI
RY54P9OgMiPis6qFiIo+QVRG+v10w3v2/PPV9UUusz810lvIZjHXy/lxhmUcKee7
ihLR/sMLD7ty7I9hx0Y70kHGG9Lml/V7Cm1ZTDnsbfjQeZacvFw+eiqV3M/2Xixp
+Ym4iYGWdF3ucnRheumT2FuUHOL3/GFg4V3EKfj4y4bSNCtW7LvPZP979R3xNxNR
9TVzQTZX/ZZDLyMsX0tJjQhwRgpAoy4Afuqxevu+gV7uUM0+J6mLJpVjQwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFLa7jZT2MqPO117F0/LuzpzxYFvTMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzAzL2U3MjNk
Ni0zMGZjLTQwYjUtOTRjOS05NTk5ZDNkYzc5NmQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMvZTcyM2Q2
LTMwZmMtNDBiNS05NGM5LTk1OTlkM2RjNzk2ZC8xL3RydU5sUFl5bzg3WFhzWFQ4
dTdPblBGZ1c5TS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQCudBAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwMjsDANBgkqhkiG9w0BAQsFAAOCAQEAR34wZb3mutW58OBBUIMMGJoaLgDs2UJ0
fbNv27MLU4cL7zKwXAs33atPARPEznTmeTzdZWSnJWGLAed9zTsgKg4Yj75bERas
ZFkAUZHTwiRmyQVf/gBIaZD5p/GmbE7IDuUMS9ATKyrn0KTwzex5eodpzgO8yDae
Tf3MaDDYWZ8vijvnoT6g3UWnOtOe2TJ6azJ7kcHNw2E3NtogT0zRPU3ExlaXmPiC
33rDYWfbm8Ty6oZaiRC/EzKzFnxA7NMC/S/a0xFea4Pgy3dJJhjKe6TL00JEuMCU
Ezlv7P6wIqZroEdGWIIgNSdR1u7Jmi3STuZ1XTCh2r3nJF9dppGjYg==
-----END CERTIFICATE-----