Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/gmH5f9eFfBAryWV9fzwq0-uGW-Q.cer
File:                     gmH5f9eFfBAryWV9fzwq0-uGW-Q.cer (raw, json)
Hash identifier:          Msy+CxgXYI35Cd4S21m4m2voEwqPFdC3ZecaINfiKFI=
Subject key identifier:   82:61:F9:7F:D7:85:7C:10:2B:C9:65:7D:7F:3C:2A:D3:EB:86:5B:E4
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       AAABCFF250
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/16/4ccdd6-7ec4-4df3-bfb2-cab4d3f3fd45/1/gmH5f9eFfBAryWV9fzwq0-uGW-Q.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/16/4ccdd6-7ec4-4df3-bfb2-cab4d3f3fd45/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sat 01 Jan 2022 15:58:25 +0000
Certificate not after:    Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources:    AS: 39900
                          IP: 185.202.0.0/22
                          IP: 2a0c:6900::/29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 733026972240 (0xaaabcff250)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 15:58:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8261f97fd7857c102bc9657d7f3c2ad3eb865be4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:29:8b:e2:1a:d6:1e:a0:a4:b7:bc:76:59:3b:
                    4d:07:d6:8a:25:ed:03:d1:b8:c9:5f:19:df:6b:a5:
                    76:ef:ae:1b:49:10:8b:5b:d5:2e:9c:dd:97:71:07:
                    35:04:5d:49:67:76:35:13:8e:a3:6e:72:ad:e1:0a:
                    6c:76:ef:ee:e4:47:bd:88:bc:9f:11:64:88:a7:be:
                    84:0c:73:35:01:e9:2c:cf:41:53:76:83:fc:14:fd:
                    d4:99:d4:b5:43:1b:72:6e:b4:f3:19:54:ee:89:ce:
                    18:4f:eb:55:10:cb:64:06:17:8c:63:ed:4d:ba:db:
                    36:66:36:c3:26:f7:29:2e:63:5a:4c:4b:fc:ff:df:
                    01:c5:f1:64:78:ea:e8:0e:a2:9d:6a:33:6d:a1:f7:
                    2f:49:e7:10:60:2e:87:a4:f9:57:0d:50:d2:d7:cb:
                    54:a5:c2:67:86:4b:91:ae:74:1a:86:e2:a5:f0:21:
                    ad:50:84:69:7b:d9:94:37:c6:b7:26:c3:35:76:a6:
                    4c:69:b9:1e:b7:d9:6d:45:a9:ae:ca:af:b0:70:7d:
                    86:e2:77:74:56:c1:1b:a9:15:32:9d:34:42:0a:89:
                    41:5c:c1:5e:02:dd:43:c8:58:a0:d4:1b:15:6a:aa:
                    5c:dd:15:fc:c6:10:f8:bf:69:23:7b:25:40:e1:e0:
                    99:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:61:F9:7F:D7:85:7C:10:2B:C9:65:7D:7F:3C:2A:D3:EB:86:5B:E4
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/4ccdd6-7ec4-4df3-bfb2-cab4d3f3fd45/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/4ccdd6-7ec4-4df3-bfb2-cab4d3f3fd45/1/gmH5f9eFfBAryWV9fzwq0-uGW-Q.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.202.0.0/22
                IPv6:
                  2a0c:6900::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  39900

    Signature Algorithm: sha256WithRSAEncryption
         31:23:f4:c9:c8:bb:69:1c:96:b6:4a:30:c5:a8:bc:25:b4:0e:
         74:a5:57:7f:cf:1e:51:65:2b:ff:53:fe:46:54:6c:3e:70:93:
         8f:76:70:31:a2:7e:bf:5c:1a:e9:bf:d0:c7:de:4f:91:dd:2e:
         2f:f1:29:45:47:4b:bb:5d:02:09:73:49:b1:f1:e8:a1:1f:41:
         2d:bd:0a:c3:15:e3:29:34:de:5e:6a:58:d2:a6:1d:1e:60:9f:
         9d:84:ef:12:40:a8:f4:3d:9c:b1:82:2b:f6:53:d6:e4:93:32:
         ab:65:6a:99:dc:05:ab:b0:ca:d4:fd:e3:19:0b:ef:32:17:59:
         f8:9b:3d:68:52:63:f4:e3:3a:65:58:35:0e:07:28:2e:22:5a:
         94:a5:24:0f:2c:d6:29:ba:83:f5:a0:4c:1f:8b:74:17:5d:3d:
         03:65:1d:f9:c4:8a:42:93:0b:c9:99:11:82:a0:60:2c:ee:e5:
         79:9a:17:04:24:8c:7e:4a:73:ae:24:b3:6d:b9:e8:e9:6f:04:
         6f:e3:09:e2:ac:3a:bb:fd:f6:27:6a:42:f9:57:a1:ba:bc:83:
         6a:66:3c:fd:72:8b:67:59:45:aa:95:15:db:ba:51:2f:1e:25:
         3e:68:6f:36:26:38:de:8e:fa:34:08:a2:d8:b2:4c:4d:65:4f:
         87:19:3a:b4
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIGAKqrz/JQMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTU1ODI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4MjYxZjk3ZmQ3
ODU3YzEwMmJjOTY1N2Q3ZjNjMmFkM2ViODY1YmU0MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAsymL4hrWHqCkt7x2WTtNB9aKJe0D0bjJXxnfa6V2764b
SRCLW9UunN2XcQc1BF1JZ3Y1E46jbnKt4Qpsdu/u5Ee9iLyfEWSIp76EDHM1Aeks
z0FTdoP8FP3UmdS1QxtybrTzGVTuic4YT+tVEMtkBheMY+1Nuts2ZjbDJvcpLmNa
TEv8/98BxfFkeOroDqKdajNtofcvSecQYC6HpPlXDVDS18tUpcJnhkuRrnQahuKl
8CGtUIRpe9mUN8a3JsM1dqZMabket9ltRamuyq+wcH2G4nd0VsEbqRUynTRCColB
XMFeAt1DyFig1BsVaqpc3RX8xhD4v2kjeyVA4eCZfwIDAQABo4ICrzCCAqswHQYD
VR0OBBYEFIJh+X/XhXwQK8llfX88KtPrhlvkMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE2LzRjY2RkNi03ZWM0LTRkZjMt
YmZiMi1jYWI0ZDNmM2ZkNDUvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYvNGNjZGQ2LTdlYzQtNGRmMy1i
ZmIyLWNhYjRkM2YzZmQ0NS8xL2dtSDVmOWVGZkJBcnlXVjlmendxMC11R1ctUS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQCucoAMA0EAgACMAcDBQMqDGkAMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwCb3DANBgkqhkiG9w0BAQsFAAOCAQEAMSP0yci7aRyWtkowxai8JbQOdKVX
f88eUWUr/1P+RlRsPnCTj3ZwMaJ+v1wa6b/Qx95Pkd0uL/EpRUdLu10CCXNJsfHo
oR9BLb0KwxXjKTTeXmpY0qYdHmCfnYTvEkCo9D2csYIr9lPW5JMyq2VqmdwFq7DK
1P3jGQvvMhdZ+Js9aFJj9OM6ZVg1DgcoLiJalKUkDyzWKbqD9aBMH4t0F109A2Ud
+cSKQpMLyZkRgqBgLO7leZoXBCSMfkpzriSzbbno6W8Eb+MJ4qw6u/32J2pC+Veh
uryDamY8/XKLZ1lFqpUV27pRLx4lPmhvNiY43o76NAii2LJMTWVPhxk6tA==
-----END CERTIFICATE-----