Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/yzEgrniiWyvhyP90jNGBB1gXe4c.cer
File:                     yzEgrniiWyvhyP90jNGBB1gXe4c.cer (raw, json)
Hash identifier:          Qj1Xj/AWKbyutknfb6jj8o9HF1Cz/aDf8M4C9VQoF/I=
Subject key identifier:   CB:31:20:AE:78:A2:5B:2B:E1:C8:FF:74:8C:D1:81:07:58:17:7B:87
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01857244B1E8C0E0BF1D7DF555C26A2647BB
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/c2/2ad3b7-3173-40bc-9e33-3860b78aa076/1/yzEgrniiWyvhyP90jNGBB1gXe4c.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/c2/2ad3b7-3173-40bc-9e33-3860b78aa076/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 02 Jan 2023 11:36:22 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    AS: 202867
                          IP: 185.152.8.0/22
                          IP: 2a03:ade0::/32
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:44:b1:e8:c0:e0:bf:1d:7d:f5:55:c2:6a:26:47:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 11:36:22 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cb3120ae78a25b2be1c8ff748cd1810758177b87
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:58:61:67:56:11:a1:d6:4f:dc:ae:4f:c1:e4:
                    2c:d2:22:30:41:66:01:88:90:ee:1a:f6:e1:a2:1c:
                    c3:d8:ce:88:d4:db:b6:68:c4:93:2b:30:bb:9f:9b:
                    05:e8:d3:50:07:2b:ff:36:a0:ce:8d:08:84:46:80:
                    ef:6f:87:f8:e0:41:00:ce:04:9e:55:b6:17:09:76:
                    cf:84:73:08:8d:ca:92:3d:f7:8a:17:1d:d7:4d:97:
                    b3:4e:e0:29:f2:ee:1c:11:7f:06:5a:6a:0d:23:8a:
                    8a:66:0c:36:31:b5:44:2f:37:c2:56:13:e7:fb:c4:
                    f3:7a:5d:36:f9:45:c3:2c:c7:d4:6d:85:17:c9:66:
                    ed:9c:16:f8:9d:49:db:77:16:6c:e1:b3:8e:04:1f:
                    70:a2:0c:e8:79:a9:1a:a4:ef:f6:62:df:0d:8c:f1:
                    ef:c6:23:d7:71:ee:21:37:94:e3:c1:a1:18:fa:e6:
                    41:02:ba:16:fa:3f:a3:f5:4f:9f:c7:cb:50:c0:72:
                    54:6e:06:6c:af:39:57:de:03:ae:89:2a:e2:3c:23:
                    fc:73:6d:e2:d2:72:91:1b:7a:57:75:45:82:9e:e2:
                    eb:9c:ce:69:12:02:4a:8b:eb:0c:f3:5c:24:68:42:
                    00:4e:a9:73:15:46:0f:60:99:c5:46:71:74:a4:da:
                    14:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:31:20:AE:78:A2:5B:2B:E1:C8:FF:74:8C:D1:81:07:58:17:7B:87
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2ad3b7-3173-40bc-9e33-3860b78aa076/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2ad3b7-3173-40bc-9e33-3860b78aa076/1/yzEgrniiWyvhyP90jNGBB1gXe4c.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.152.8.0/22
                IPv6:
                  2a03:ade0::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  202867

    Signature Algorithm: sha256WithRSAEncryption
         95:9d:d7:3f:85:c8:7e:7e:a2:bc:46:60:ad:a7:2f:f1:ba:47:
         f3:ea:b0:12:68:5a:10:f5:ad:79:31:8f:4f:99:9c:e0:81:f4:
         e8:39:4a:0f:73:e8:6d:f3:d4:e6:0e:47:3a:9d:f3:7a:20:b0:
         94:44:64:0d:83:fe:ff:54:ab:28:f6:c8:5b:96:53:ab:9e:a8:
         41:07:65:5d:a3:9e:ed:1b:ee:96:5f:e8:b2:7c:a5:d9:0a:25:
         38:5d:b5:24:1d:2b:38:66:5f:dd:94:f9:10:8c:c1:32:70:4e:
         17:99:16:c4:5b:b1:49:59:cb:40:94:e2:6b:8c:74:b4:ed:24:
         5e:a7:e5:80:62:14:c0:4f:d5:77:ad:a5:f2:0d:67:c4:e3:51:
         23:3a:8e:e1:bf:46:8b:69:3b:c3:de:fa:ce:68:58:5e:ba:e2:
         fe:73:e0:12:fb:a8:4d:59:a5:1d:d4:47:8e:59:ec:51:16:40:
         ca:48:8f:2a:80:cd:17:76:ac:ab:6b:3d:a6:e4:0c:25:0a:f5:
         99:85:bb:4f:28:9a:85:4a:f0:c3:00:5c:bc:65:e9:05:74:bd:
         6a:c2:85:e5:1d:7e:f8:d1:cc:ab:b2:53:7b:7c:43:68:5f:bd:
         cc:de:69:7d:d4:c3:06:d2:a7:60:e3:23:48:6f:ac:6f:3c:24:
         0e:1e:d6:4e
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYVyRLHowOC/HX31VcJqJke7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAyMTEzNjIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjMxMjBhZTc4YTI1YjJiZTFjOGZmNzQ4Y2QxODEwNzU4MTc3Yjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFhhZ1YRodZP3K5PweQs0iIwQWYB
iJDuGvbhohzD2M6I1Nu2aMSTKzC7n5sF6NNQByv/NqDOjQiERoDvb4f44EEAzgSe
VbYXCXbPhHMIjcqSPfeKFx3XTZezTuAp8u4cEX8GWmoNI4qKZgw2MbVELzfCVhPn
+8Tzel02+UXDLMfUbYUXyWbtnBb4nUnbdxZs4bOOBB9wogzoeakapO/2Yt8NjPHv
xiPXce4hN5TjwaEY+uZBAroW+j+j9U+fx8tQwHJUbgZsrzlX3gOuiSriPCP8c23i
0nKRG3pXdUWCnuLrnM5pEgJKi+sM81wkaEIATqlzFUYPYJnFRnF0pNoUnwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFMsxIK54olsr4cj/dIzRgQdYF3uHMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MyLzJhZDNi
Ny0zMTczLTQwYmMtOWUzMy0zODYwYjc4YWEwNzYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzIvMmFkM2I3
LTMxNzMtNDBiYy05ZTMzLTM4NjBiNzhhYTA3Ni8xL3l6RWdybmlpV3l2aHlQOTBq
TkdCQjFnWGU0Yy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuZgIMA0EAgACMAcDBQAqA63gMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMYczANBgkqhkiG9w0BAQsFAAOCAQEAlZ3XP4XIfn6i
vEZgracv8bpH8+qwEmhaEPWteTGPT5mc4IH06DlKD3PobfPU5g5HOp3zeiCwlERk
DYP+/1SrKPbIW5ZTq56oQQdlXaOe7Rvull/osnyl2QolOF21JB0rOGZf3ZT5EIzB
MnBOF5kWxFuxSVnLQJTia4x0tO0kXqflgGIUwE/Vd62l8g1nxONRIzqO4b9Gi2k7
w976zmhYXrri/nPgEvuoTVmlHdRHjlnsURZAykiPKoDNF3asq2s9puQMJQr1mYW7
TyiahUrwwwBcvGXpBXS9asKF5R1++NHMq7JTe3xDaF+9zN5pfdTDBtKnYOMjSG+s
bzwkDh7WTg==
-----END CERTIFICATE-----