Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/u2UUK5B3T5CSQgsf30xn7XN-2LY.cer
File:                     u2UUK5B3T5CSQgsf30xn7XN-2LY.cer (raw, json)
Hash identifier:          HMWEso2NI+jD3jMjzBzgLEWtcCWgUiLpCAX9T787/rw=
Subject key identifier:   BB:65:14:2B:90:77:4F:90:92:42:0B:1F:DF:4C:67:ED:73:7E:D8:B6
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01856F4196EE6F0FD7D7328AA87054021EDC
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/93/b18a26-38fb-44e7-9a48-56063ce24da3/1/u2UUK5B3T5CSQgsf30xn7XN-2LY.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/93/b18a26-38fb-44e7-9a48-56063ce24da3/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sun 01 Jan 2023 21:34:07 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    AS: 201988
                          IP: 2a13:fc0::/29

Validation:               Failed, certificate revoked on Thu 30 Nov 2023 09:58:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:41:96:ee:6f:0f:d7:d7:32:8a:a8:70:54:02:1e:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 21:34:07 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bb65142b90774f9092420b1fdf4c67ed737ed8b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:4a:53:59:47:b9:cf:1f:1b:69:f0:00:9a:8f:
                    de:21:b8:b2:d7:97:3f:21:70:50:e7:ce:7d:7e:78:
                    fc:07:4b:19:1e:24:56:b1:e9:80:71:bd:07:37:c4:
                    c1:b4:a7:5c:b4:9d:c5:f8:1a:50:8e:c9:72:86:1b:
                    07:15:f0:9e:11:96:6a:17:1b:95:56:df:c6:bd:fd:
                    0d:33:6f:a4:5b:03:99:cb:ae:17:b3:d7:f8:13:50:
                    8a:cc:a4:42:98:e7:9c:79:2e:29:04:e6:40:e9:f9:
                    0b:c3:c4:fd:24:e1:ab:4d:22:20:a8:24:28:b4:83:
                    e8:0f:fa:2f:fe:7d:08:31:a6:aa:67:60:b2:3e:0d:
                    d5:63:72:2f:39:6a:5c:9d:5f:fc:77:36:a1:c1:b7:
                    77:8b:e8:89:75:20:e8:4a:5b:1d:7b:69:be:13:0e:
                    cf:f0:d5:79:15:fe:7d:b2:c5:3a:93:4c:74:51:e8:
                    9e:b1:3d:83:7f:22:48:7b:50:92:10:a2:5d:13:14:
                    3b:51:b6:37:81:69:b1:41:76:c7:4b:6e:8e:83:ef:
                    a0:8c:b3:a4:c0:87:74:0a:b6:5c:40:ce:8d:e9:f5:
                    0b:e1:68:11:40:f9:e9:92:32:f3:cb:fa:94:49:f2:
                    57:21:a5:6c:84:d0:d0:8b:78:38:90:3f:0a:57:e4:
                    88:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:65:14:2B:90:77:4F:90:92:42:0B:1F:DF:4C:67:ED:73:7E:D8:B6
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/b18a26-38fb-44e7-9a48-56063ce24da3/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/b18a26-38fb-44e7-9a48-56063ce24da3/1/u2UUK5B3T5CSQgsf30xn7XN-2LY.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:fc0::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  201988

    Signature Algorithm: sha256WithRSAEncryption
         53:73:99:d1:d7:a2:b5:7a:29:8a:16:2b:58:2b:1c:19:b9:5a:
         17:31:4c:d5:50:ab:18:91:92:bc:0c:1a:ee:56:dc:3f:71:c3:
         d6:95:81:e5:8f:41:47:10:59:6a:f5:7f:3e:ac:ef:6a:cf:f5:
         c7:c7:6a:cd:0a:62:c8:93:60:78:d8:41:96:83:9d:4d:2c:95:
         d8:94:f9:2b:db:bb:d2:5b:48:9b:7f:cf:d0:ca:ab:1d:a0:4e:
         fd:aa:31:d9:d4:48:a5:47:9a:6e:ed:2a:e3:8b:98:01:82:f7:
         56:9f:ab:33:5b:f4:16:58:a0:ef:7c:93:dd:04:07:a5:d9:ba:
         4a:46:cd:1e:a5:8b:4d:04:42:56:09:c7:ce:08:ab:77:25:46:
         6c:73:88:3e:7d:6f:47:7c:fe:05:27:0f:be:4b:28:86:c3:4e:
         2a:c2:ba:71:fa:1a:d8:d0:cd:5f:9f:72:46:51:7f:42:ef:50:
         1e:06:81:19:0e:69:c1:fe:58:08:bd:e1:07:dd:67:fe:91:53:
         42:74:70:3a:f1:ac:33:5f:c8:1c:2a:30:f9:ce:70:bb:73:b3:
         a6:e4:50:8f:21:8f:c3:a7:3e:25:cd:10:89:20:29:90:f7:1f:
         21:c8:5e:a7:13:87:4f:3a:c1:f5:b9:07:9d:65:f6:b4:01:92:
         56:a6:8d:4e
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgISAYVvQZbubw/X1zKKqHBUAh7cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMjEzNDA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjY1MTQyYjkwNzc0ZjkwOTI0MjBiMWZkZjRjNjdlZDczN2VkOGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAykpTWUe5zx8bafAAmo/eIbiy15c/
IXBQ5859fnj8B0sZHiRWsemAcb0HN8TBtKdctJ3F+BpQjslyhhsHFfCeEZZqFxuV
Vt/Gvf0NM2+kWwOZy64Xs9f4E1CKzKRCmOeceS4pBOZA6fkLw8T9JOGrTSIgqCQo
tIPoD/ov/n0IMaaqZ2CyPg3VY3IvOWpcnV/8dzahwbd3i+iJdSDoSlsde2m+Ew7P
8NV5Ff59ssU6k0x0UeiesT2DfyJIe1CSEKJdExQ7UbY3gWmxQXbHS26Og++gjLOk
wId0CrZcQM6N6fUL4WgRQPnpkjLzy/qUSfJXIaVshNDQi3g4kD8KV+SIBwIDAQAB
o4ICoTCCAp0wHQYDVR0OBBYEFLtlFCuQd0+QkkILH99MZ+1zfti2MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkzL2IxOGEy
Ni0zOGZiLTQ0ZTctOWE0OC01NjA2M2NlMjRkYTMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTMvYjE4YTI2
LTM4ZmItNDRlNy05YTQ4LTU2MDYzY2UyNGRhMy8xL3UyVVVLNUIzVDVDU1Fnc2Yz
MHhuN1hOLTJMWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUF
BwEHAQH/BBEwDzANBAIAAjAHAwUDKhMPwDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMDFQQwDQYJKoZIhvcNAQELBQADggEBAFNzmdHXorV6KYoWK1grHBm5WhcxTNVQ
qxiRkrwMGu5W3D9xw9aVgeWPQUcQWWr1fz6s72rP9cfHas0KYsiTYHjYQZaDnU0s
ldiU+Svbu9JbSJt/z9DKqx2gTv2qMdnUSKVHmm7tKuOLmAGC91afqzNb9BZYoO98
k90EB6XZukpGzR6li00EQlYJx84Iq3clRmxziD59b0d8/gUnD75LKIbDTirCunH6
GtjQzV+fckZRf0LvUB4GgRkOacH+WAi94QfdZ/6RU0J0cDrxrDNfyBwqMPnOcLtz
s6bkUI8hj8OnPiXNEIkgKZD3HyHIXqcTh086wfW5B51l9rQBklamjU4=
-----END CERTIFICATE-----