Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/xjrkmc74-rBlKIAgQ5QzpxlD6Hs.cer
File:                     xjrkmc74-rBlKIAgQ5QzpxlD6Hs.cer (raw, json)
Hash identifier:          fw2QEc2vhmSDCya+jjbuHLadEEhp5EpXO0pzrZzHJaM=
Subject key identifier:   C6:3A:E4:99:CE:F8:FA:B0:65:28:80:20:43:94:33:A7:19:43:E8:7B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC56E32510E4885910F54EB9B8A9CCCA3
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/70/6097cb-8cdc-4345-b7b9-b839823b66cb/1/xjrkmc74-rBlKIAgQ5QzpxlD6Hs.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/70/6097cb-8cdc-4345-b7b9-b839823b66cb/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 14:29:42 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 12754
                          IP: 188.225.128.0/17
                          IP: 2a00:4e80::/32

Validation:               Failed, certificate revoked on Mon 13 May 2024 13:11:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:6e:32:51:0e:48:85:91:0f:54:eb:9b:8a:9c:cc:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 14:29:42 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c63ae499cef8fab065288020439433a71943e87b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:2b:54:a7:fa:26:cc:0d:d6:80:d8:b1:ea:ed:
                    a1:c5:1e:cd:88:4b:6d:87:0d:84:5f:24:ae:99:cc:
                    26:87:8d:39:6c:60:a2:dd:37:39:9b:10:4d:b5:54:
                    ad:60:d8:de:8f:73:3f:ce:ac:33:50:95:5b:25:0f:
                    f6:b8:ff:b9:a5:9a:2e:93:8c:2d:58:d5:59:bf:fe:
                    7a:59:d2:85:b4:a8:32:96:97:a8:8a:09:a8:eb:2e:
                    0f:50:6f:01:29:03:c6:ce:fa:b8:b6:bf:33:a2:d7:
                    0b:a1:4c:e8:24:27:cd:71:4e:61:a1:43:d3:b7:79:
                    7f:36:1f:f0:b8:5e:39:0b:66:f6:c6:12:10:d0:c3:
                    3b:9e:d8:34:55:79:0b:a3:d6:68:9e:fb:5c:e7:b2:
                    08:55:f3:c4:94:08:91:9e:33:ca:cd:9a:70:26:e7:
                    5b:45:66:81:83:2a:b3:fe:83:71:00:8e:19:2e:53:
                    7d:c1:4f:75:19:d7:73:90:b3:fc:d5:9f:b4:17:40:
                    0b:68:b2:27:d5:1c:51:e1:2a:2c:78:55:f6:8c:26:
                    33:92:0f:24:07:8d:7a:aa:4f:15:e4:a9:58:4f:b5:
                    b3:77:05:39:71:ae:de:23:c3:4f:94:f6:89:64:15:
                    15:cb:d8:27:69:12:06:98:5e:02:ff:a0:5b:cd:15:
                    d1:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:3A:E4:99:CE:F8:FA:B0:65:28:80:20:43:94:33:A7:19:43:E8:7B
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/6097cb-8cdc-4345-b7b9-b839823b66cb/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/6097cb-8cdc-4345-b7b9-b839823b66cb/1/xjrkmc74-rBlKIAgQ5QzpxlD6Hs.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.225.128.0/17
                IPv6:
                  2a00:4e80::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  12754

    Signature Algorithm: sha256WithRSAEncryption
         5e:9f:66:94:07:f7:3b:4a:43:c3:4e:a9:4d:c6:46:ae:09:9e:
         26:fc:98:b3:ad:8a:cf:02:52:3d:28:15:e1:2a:80:21:17:3e:
         fe:b5:e6:4b:bf:53:27:95:17:ce:e9:d5:35:1a:3e:b3:47:11:
         2b:42:93:8a:f5:5a:d2:6d:4e:6a:fb:bd:15:79:e8:e2:f9:f4:
         6e:9a:dd:4d:d7:b5:9f:6f:4d:72:ec:0f:82:01:86:f0:51:e3:
         2f:ec:11:5c:93:ec:96:f1:18:d9:e4:06:f5:6a:57:18:2c:37:
         ef:ac:63:c4:d5:a2:88:8c:ff:60:48:96:58:af:a9:ed:79:76:
         00:d4:6b:36:d8:78:a0:6f:54:78:7c:35:a6:ad:88:80:92:15:
         4e:26:7e:e8:0e:d9:86:ba:7b:9f:8c:28:d5:cd:ca:f4:4c:58:
         07:2c:dc:79:fd:2f:ff:7e:5f:ec:b4:eb:c1:83:ea:15:af:19:
         58:cf:5a:7e:9d:f9:17:69:66:9b:fc:b9:e3:47:df:81:09:77:
         85:41:b9:18:d1:d6:69:b8:8f:08:7d:98:4a:f4:a4:c9:b0:be:
         c6:64:6f:4a:4b:f2:76:07:cf:8a:78:bc:32:57:d0:22:50:20:
         73:53:a8:89:47:7d:84:e4:e1:82:2c:91:42:62:1e:4f:35:a0:
         aa:48:83:90
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAYzFbjJRDkiFkQ9U65uKnMyjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTQyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjNhZTQ5OWNlZjhmYWIwNjUyODgwMjA0Mzk0MzNhNzE5NDNlODdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAritUp/omzA3WgNix6u2hxR7NiEtt
hw2EXySumcwmh405bGCi3Tc5mxBNtVStYNjej3M/zqwzUJVbJQ/2uP+5pZouk4wt
WNVZv/56WdKFtKgylpeoigmo6y4PUG8BKQPGzvq4tr8zotcLoUzoJCfNcU5hoUPT
t3l/Nh/wuF45C2b2xhIQ0MM7ntg0VXkLo9Zonvtc57IIVfPElAiRnjPKzZpwJudb
RWaBgyqz/oNxAI4ZLlN9wU91GddzkLP81Z+0F0ALaLIn1RxR4SoseFX2jCYzkg8k
B416qk8V5KlYT7WzdwU5ca7eI8NPlPaJZBUVy9gnaRIGmF4C/6BbzRXRdwIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFMY65JnO+PqwZSiAIEOUM6cZQ+h7MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzcwLzYwOTdj
Yi04Y2RjLTQzNDUtYjdiOS1iODM5ODIzYjY2Y2IvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAvNjA5N2Ni
LThjZGMtNDM0NS1iN2I5LWI4Mzk4MjNiNjZjYi8xL3hqcmttYzc0LXJCbEtJQWdR
NVF6cHhsRDZIcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQHvOGAMA0EAgACMAcDBQAqAE6AMBkGCCsGAQUF
BwEIAQH/BAowCKAGMAQCAjHSMA0GCSqGSIb3DQEBCwUAA4IBAQBen2aUB/c7SkPD
TqlNxkauCZ4m/JizrYrPAlI9KBXhKoAhFz7+teZLv1MnlRfO6dU1Gj6zRxErQpOK
9VrSbU5q+70Veeji+fRumt1N17Wfb01y7A+CAYbwUeMv7BFck+yW8RjZ5Ab1alcY
LDfvrGPE1aKIjP9gSJZYr6nteXYA1Gs22Higb1R4fDWmrYiAkhVOJn7oDtmGunuf
jCjVzcr0TFgHLNx5/S//fl/stOvBg+oVrxlYz1p+nfkXaWab/LnjR9+BCXeFQbkY
0dZpuI8IfZhK9KTJsL7GZG9KS/J2B8+KeLwyV9AiUCBzU6iJR32E5OGCLJFCYh5P
NaCqSIOQ
-----END CERTIFICATE-----