Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1-VZc0jHhiBw_FGOMW3RKKH8ewgg.cer
File:                     1-VZc0jHhiBw_FGOMW3RKKH8ewgg.cer (raw, json)
Hash identifier:          ryN4NwSNeW3r+LnJYrRcSe5ZLsumaa/1LTRYCqMTTkc=
Subject key identifier:   F9:56:5C:D2:31:E1:88:1C:3F:14:63:8C:5B:74:4A:28:7F:1E:C2:08
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018570FB10E8E6BFFE6B3B430DCE0F85F43E
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/22/0e1391-0678-4b7e-b3e9-5a71bcd27ad2/1/1-VZc0jHhiBw_FGOMW3RKKH8ewgg.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/22/0e1391-0678-4b7e-b3e9-5a71bcd27ad2/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 02 Jan 2023 05:36:20 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    AS: 51688
                          IP: 91.220.40.0/24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:fb:10:e8:e6:bf:fe:6b:3b:43:0d:ce:0f:85:f4:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 05:36:20 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f9565cd231e1881c3f14638c5b744a287f1ec208
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:c0:30:25:25:7a:05:ec:ea:cb:6c:75:44:28:
                    da:c7:25:0d:79:81:c3:64:1c:6d:2f:4a:2e:f9:b0:
                    59:8b:a5:f1:0b:f1:e9:50:48:83:da:c8:41:b3:65:
                    86:83:2e:58:32:2c:ce:a0:30:69:f7:2a:f5:11:75:
                    62:48:df:0c:4c:63:e6:e0:8f:45:57:4c:f8:3c:4d:
                    03:e9:fd:66:1d:31:46:a7:2f:1c:cc:a6:78:23:a5:
                    27:7a:52:30:20:1b:ac:3e:6e:ae:c2:bf:6e:e7:9c:
                    a7:69:26:1b:b2:6b:ab:7d:79:25:e8:f1:1d:07:b4:
                    8a:fb:46:77:90:79:ac:f5:d5:d7:ef:c2:a5:17:f7:
                    fe:45:8f:56:d7:83:91:e1:d5:53:37:9b:49:13:d3:
                    83:3b:fc:3a:59:92:16:56:6f:4e:2c:c6:78:cc:8f:
                    a3:2d:0e:c2:16:c3:5f:cd:32:aa:0b:f5:19:b7:a9:
                    f0:2c:35:9a:4d:6b:3c:4f:96:01:74:9c:d5:21:04:
                    b0:1c:c2:53:74:8a:d3:44:6a:63:e5:a2:73:3c:b6:
                    41:65:a3:64:16:2c:33:a9:b3:91:05:60:9c:31:bf:
                    e3:14:e2:99:3d:bc:86:76:71:9b:4b:6f:cc:5e:26:
                    b1:57:92:c3:93:1d:72:a4:0d:49:89:cc:08:3b:04:
                    d2:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:56:5C:D2:31:E1:88:1C:3F:14:63:8C:5B:74:4A:28:7F:1E:C2:08
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/0e1391-0678-4b7e-b3e9-5a71bcd27ad2/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/0e1391-0678-4b7e-b3e9-5a71bcd27ad2/1/1-VZc0jHhiBw_FGOMW3RKKH8ewgg.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.220.40.0/24

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  51688

    Signature Algorithm: sha256WithRSAEncryption
         45:19:dc:1b:8b:46:88:dd:9c:d7:3c:e9:91:05:84:f7:0c:71:
         d3:5a:d0:ab:b7:9f:98:de:d3:99:a0:db:b6:bd:77:85:f3:fc:
         06:df:67:76:f8:5d:4b:fa:e2:90:35:ad:35:31:55:2f:72:d5:
         ce:2d:d8:8c:77:e0:86:79:ee:38:d4:4a:18:20:19:68:50:6c:
         72:6d:2b:e7:a8:40:fb:31:08:ca:8c:82:b2:c9:de:98:4d:c1:
         cf:f2:2b:0c:5b:7d:54:e3:04:a7:3d:ba:7d:ed:44:1b:96:5b:
         5e:c2:79:99:50:45:81:b6:d6:20:50:ea:69:f7:b2:eb:48:e7:
         4d:e8:01:c2:87:a7:fe:f5:64:d7:7b:fb:f9:54:5c:d1:52:86:
         ba:4c:88:8c:2e:87:2b:51:00:9c:b7:83:66:44:ed:03:c9:51:
         cb:f3:d8:c3:30:d0:c4:ad:43:60:ba:13:e6:71:83:0f:88:bb:
         fe:38:bd:9e:53:c1:c7:0a:b0:84:5a:a5:8f:84:6d:6d:1a:06:
         a4:85:17:d6:a4:3e:61:2f:be:b3:de:4b:74:53:db:dc:1b:57:
         7c:ab:4e:70:80:44:43:5d:27:cf:e2:65:87:7b:ba:ac:69:4f:
         60:80:83:b1:6b:08:5a:2c:fe:0e:5d:14:e8:a2:b5:a7:72:29:
         a6:8a:9e:f3
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgISAYVw+xDo5r/+aztDDc4PhfQ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAyMDUzNjIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTU2NWNkMjMxZTE4ODFjM2YxNDYzOGM1Yjc0NGEyODdmMWVjMjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8AwJSV6Bezqy2x1RCjaxyUNeYHD
ZBxtL0ou+bBZi6XxC/HpUEiD2shBs2WGgy5YMizOoDBp9yr1EXViSN8MTGPm4I9F
V0z4PE0D6f1mHTFGpy8czKZ4I6UnelIwIBusPm6uwr9u55ynaSYbsmurfXkl6PEd
B7SK+0Z3kHms9dXX78KlF/f+RY9W14OR4dVTN5tJE9ODO/w6WZIWVm9OLMZ4zI+j
LQ7CFsNfzTKqC/UZt6nwLDWaTWs8T5YBdJzVIQSwHMJTdIrTRGpj5aJzPLZBZaNk
FiwzqbORBWCcMb/jFOKZPbyGdnGbS2/MXiaxV5LDkx1ypA1JicwIOwTSxwIDAQAB
o4ICoTCCAp0wHQYDVR0OBBYEFPlWXNIx4YgcPxRjjFt0Sih/HsIIMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEkBggrBgEFBQcBCwSCARYwggESMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzIyLzBlMTM5
MS0wNjc4LTRiN2UtYjNlOS01YTcxYmNkMjdhZDIvMS8wfQYIKwYBBQUHMAqGcXJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjIvMGUxMzkx
LTA2NzgtNGI3ZS1iM2U5LTVhNzFiY2QyN2FkMi8xLzEtVlpjMGpIaGlCd19GR09N
VzNSS0tIOGV3Z2cubWZ0MDIGCCsGAQUFBzANhiZodHRwczovL3JyZHAucmlwZS5u
ZXQvbm90aWZpY2F0aW9uLnhtbDBZBgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jw
a2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhD
MlFIVlYzZDVtay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvcKDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMAyegwDQYJKoZIhvcNAQELBQADggEBAEUZ3BuLRojdnNc86ZEFhPcMcdNa0Ku3
n5je05mg27a9d4Xz/AbfZ3b4XUv64pA1rTUxVS9y1c4t2Ix34IZ57jjUShggGWhQ
bHJtK+eoQPsxCMqMgrLJ3phNwc/yKwxbfVTjBKc9un3tRBuWW17CeZlQRYG21iBQ
6mn3sutI503oAcKHp/71ZNd7+/lUXNFShrpMiIwuhytRAJy3g2ZE7QPJUcvz2MMw
0MStQ2C6E+Zxgw+Iu/44vZ5TwccKsIRapY+EbW0aBqSFF9akPmEvvrPeS3RT29wb
V3yrTnCARENdJ8/iZYd7uqxpT2CAg7FrCFos/g5dFOiitadyKaaKnvM=
-----END CERTIFICATE-----