package main

import (
	"crypto/x509"
	"encoding/pem"
	"fmt"
	"io/ioutil"
	"os"
)

func main() {
	if len(os.Args) < 2 {
		fmt.Fprintln(os.Stderr, "usage: inspect <cert.pem>")
		os.Exit(2)
	}
	data, err := ioutil.ReadFile(os.Args[1])
	if err != nil {
		panic(err)
	}

	for {
		var block *pem.Block
		block, data = pem.Decode(data)
		if block == nil {
			break
		}
		if block.Type != "CERTIFICATE" {
			continue
		}
		cert, err := x509.ParseCertificate(block.Bytes)
		if err != nil {
			fmt.Fprintf(os.Stderr, "parse error: %v\n", err)
			continue
		}
		fmt.Println("-----")
		fmt.Printf("Subject: %s\n", cert.Subject.String())
		fmt.Printf("Issuer: %s\n", cert.Issuer.String())
		fmt.Printf("Serial: %s\n", cert.SerialNumber.String())
		fmt.Printf("NotBefore: %s\n", cert.NotBefore)
		fmt.Printf("NotAfter: %s\n", cert.NotAfter)
		if len(cert.DNSNames) > 0 {
			fmt.Printf("DNS SANs: %v\n", cert.DNSNames)
		}
		if len(cert.URIs) > 0 {
			fmt.Printf("URI SANs: %v\n", cert.URIs)
		}
		fmt.Printf("Signature Algorithm: %s\n", cert.SignatureAlgorithm)
		fmt.Printf("Public Key Algorithm: %s\n", cert.PublicKeyAlgorithm)
	}
}