The CERT_KEY_ATTRIBUTES_INFO structure contains optional additional information about the public key being certified. It can include a key identifier, an indication of the intended use of that key, and/or an indication of the period of use of the corresponding private key.
When the CryptDecodeObject or CryptDecodeObjectEx function is performed on a CERT_EXTENSION structure's Value member, and the structure's pszObjId member is set to "2.5.29.2", this CERT_KEY_ATTRIBUTES_INFO is output from the function call.
typedef struct _CERT_KEY_ATTRIBUTES_INFO {
CRYPT_DATA_BLOB KeyId;
CRYPT_BIT_BLOB IntendedKeyUsage;
PCERT_PRIVATE_KEY_VALIDITY pPrivateKeyUsagePeriod; // optional
} CERT_KEY_ATTRIBUTES_INFO, *PCERT_KEY_ATTRIBUTES_INFO;
BLOB Structure, CERT_PRIVATE_KEY_VALIDITY, CRYPT_BIT_BLOB