-certopt option
customise the output format used with -text. The option argument can be a single option or multiple options separated by commas. The -certopt switch may be also be used more than once to set multiple options. See the TEXT OPTIONS section for more information.
[...]
TEXT OPTIONS
As well as customising the name output format, it is also possible to customise the actual fields printed using the certopt options when the text option is present. The default behaviour is to print all fields.
compatible use the old format. This is equivalent to specifying no output options at all.
no_header don't print header information: that is the lines saying "Certificate" and "Data".
no_version don't print out the version number.
no_serial don't print out the serial number.
no_signame don't print out the signature algorithm used.
no_validity don't print the validity, that is the notBefore and notAfter fields.
no_subject don't print out the subject name.
no_issuer don't print out the issuer name.
no_pubkey don't print out the public key.
no_sigdump don't give a hexadecimal dump of the certificate signature.
no_aux don't print out certificate trust information.
no_extensions don't print out any X509V3 extensions.
ext_default retain default extension behaviour: attempt to print out unsupported certificate extensions.
ext_error print an error message for unsupported certificate extensions.
ext_parse ASN1 parse unsupported extensions.
ext_dump hex dump unsupported extensions.
ca_default the value used by the ca utility, equivalent to no_issuer, no_pubkey, no_header, and no_version.
