Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/uSBczuZpGvUAuWpzL6OG2_l_Cmc.cer
File:                     uSBczuZpGvUAuWpzL6OG2_l_Cmc.cer (raw, json)
Hash identifier:          yio2gRKw884yRAiZJDtsTmvhPmaGQ1Y1qyCR8iv6V5M=
Subject key identifier:   B9:20:5C:CE:E6:69:1A:F5:00:B9:6A:73:2F:A3:86:DB:F9:7F:0A:67
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01856E65E43EA71A50A968754782A69CE32A
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/51/7d3b5f-42ee-4c89-b802-4b6babecfaad/1/uSBczuZpGvUAuWpzL6OG2_l_Cmc.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/51/7d3b5f-42ee-4c89-b802-4b6babecfaad/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sun 01 Jan 2023 17:34:09 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    AS: 207185
                          IP: 185.157.4.0/22
                          IP: 2a07:a280::/29
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:65:e4:3e:a7:1a:50:a9:68:75:47:82:a6:9c:e3:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 17:34:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b9205ccee6691af500b96a732fa386dbf97f0a67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:25:20:16:3b:51:94:1c:76:71:60:a9:50:22:
                    dd:51:63:51:f8:45:57:c2:09:5d:23:3d:db:57:08:
                    ab:84:ed:8a:0c:6c:3d:13:d8:82:4e:66:b6:b7:af:
                    b8:5e:f2:a7:f8:92:6c:4e:86:6e:19:ef:a9:7d:3e:
                    4c:47:53:2f:5b:48:3a:64:e1:43:40:48:b1:b4:cf:
                    75:53:5a:a9:ff:6e:fa:ae:71:43:a5:01:86:3a:c0:
                    72:c9:34:8e:22:41:ea:d3:6f:44:79:25:b5:bc:a2:
                    52:56:9c:56:46:17:3d:69:3b:87:03:71:ad:4c:0d:
                    f3:a9:75:2f:a9:68:2c:70:e4:4a:9c:cf:fa:ac:3b:
                    8d:58:6d:5c:cf:d3:4d:75:19:73:db:fb:fa:b1:de:
                    a0:3d:21:0a:4f:85:49:e7:bc:5c:65:ed:99:85:88:
                    c4:7f:be:d3:87:17:7a:98:4f:51:9c:39:6d:f0:fe:
                    27:b4:4c:28:47:86:f7:34:cf:91:15:ad:e4:7a:b2:
                    65:d7:50:a8:cc:14:3d:10:5a:94:7c:63:36:f9:85:
                    30:37:dc:0b:55:94:21:0d:a5:4a:45:87:27:cf:e2:
                    75:9d:61:b6:0f:c9:73:ea:7e:0f:f5:c7:c5:2a:4f:
                    c0:51:d7:db:d5:f9:a9:ce:b8:ad:1d:b3:67:77:19:
                    d2:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:20:5C:CE:E6:69:1A:F5:00:B9:6A:73:2F:A3:86:DB:F9:7F:0A:67
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/7d3b5f-42ee-4c89-b802-4b6babecfaad/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/7d3b5f-42ee-4c89-b802-4b6babecfaad/1/uSBczuZpGvUAuWpzL6OG2_l_Cmc.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.157.4.0/22
                IPv6:
                  2a07:a280::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  207185

    Signature Algorithm: sha256WithRSAEncryption
         48:25:78:d0:13:79:da:5a:a5:16:58:a6:33:7b:f8:3c:67:22:
         83:f0:f0:3c:89:65:1e:97:49:50:b6:74:f3:1d:23:ff:8b:d6:
         8f:31:4b:68:53:ff:cf:b4:80:93:6b:df:82:3d:8c:4f:bc:7b:
         33:00:d8:ee:ba:68:37:ad:7c:09:57:73:ff:07:35:12:a7:d7:
         ab:0c:79:d3:b7:21:d7:a8:33:11:88:d1:b9:75:2f:1a:f4:87:
         df:91:4f:dd:50:4b:67:a5:c0:e7:4d:db:c4:2c:2e:6c:43:f3:
         1a:a6:43:43:7b:87:1c:23:9b:68:cd:15:da:1a:0f:fa:2a:df:
         d4:f3:ee:62:40:77:ff:fd:98:c1:72:5d:4b:1e:fb:b7:31:75:
         3b:1e:a8:b6:15:ab:c2:91:a9:7e:6a:95:69:87:3f:8c:5c:35:
         b5:5f:70:d5:0b:78:ba:b4:4a:e4:dd:5d:7d:16:6a:ca:e9:b1:
         3f:38:14:a2:62:71:34:4d:6d:09:8e:e3:2b:6d:df:30:89:c7:
         7a:da:a1:cb:f8:51:6d:b6:5d:c8:ba:8a:fa:ce:1e:d9:2f:f2:
         32:d2:36:ed:88:cd:02:cb:a1:bc:06:86:7f:55:63:b0:62:3c:
         75:b4:ba:13:4f:12:78:17:14:ec:fc:a2:79:a6:3d:08:d4:a4:
         58:11:2e:45
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYVuZeQ+pxpQqWh1R4KmnOMqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMTczNDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTIwNWNjZWU2NjkxYWY1MDBiOTZhNzMyZmEzODZkYmY5N2YwYTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0CUgFjtRlBx2cWCpUCLdUWNR+EVX
wgldIz3bVwirhO2KDGw9E9iCTma2t6+4XvKn+JJsToZuGe+pfT5MR1MvW0g6ZOFD
QEixtM91U1qp/276rnFDpQGGOsByyTSOIkHq029EeSW1vKJSVpxWRhc9aTuHA3Gt
TA3zqXUvqWgscORKnM/6rDuNWG1cz9NNdRlz2/v6sd6gPSEKT4VJ57xcZe2ZhYjE
f77Thxd6mE9RnDlt8P4ntEwoR4b3NM+RFa3kerJl11CozBQ9EFqUfGM2+YUwN9wL
VZQhDaVKRYcnz+J1nWG2D8lz6n4P9cfFKk/AUdfb1fmpzritHbNndxnSrwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFLkgXM7maRr1ALlqcy+jhtv5fwpnMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzUxLzdkM2I1
Zi00MmVlLTRjODktYjgwMi00YjZiYWJlY2ZhYWQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEvN2QzYjVm
LTQyZWUtNGM4OS1iODAyLTRiNmJhYmVjZmFhZC8xL3VTQmN6dVpwR3ZVQXVXcHpM
Nk9HMl9sX0NtYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuZ0EMA0EAgACMAcDBQMqB6KAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMpUTANBgkqhkiG9w0BAQsFAAOCAQEASCV40BN52lql
FlimM3v4PGcig/DwPIllHpdJULZ08x0j/4vWjzFLaFP/z7SAk2vfgj2MT7x7MwDY
7rpoN618CVdz/wc1EqfXqwx507ch16gzEYjRuXUvGvSH35FP3VBLZ6XA503bxCwu
bEPzGqZDQ3uHHCObaM0V2hoP+irf1PPuYkB3//2YwXJdSx77tzF1Ox6othWrwpGp
fmqVaYc/jFw1tV9w1Qt4urRK5N1dfRZqyumxPzgUomJxNE1tCY7jK23fMInHetqh
y/hRbbZdyLqK+s4e2S/yMtI27YjNAsuhvAaGf1VjsGI8dbS6E08SeBcU7PyieaY9
CNSkWBEuRQ==
-----END CERTIFICATE-----