Command line interface to macOS keychains and Security framework.

# To dump the contents of the System Root Certificates Keychain:
sudo security dump-keychain /System/Library/Keychains/SystemRootCertificates.keychain

# To delete a System Root Certificate by its SHA-1 hash value:
sudo security delete-certificate -Z <sha1_value> /System/Library/Keychains/SystemRootCertificates.keychain

# To list all installed certificates for a given Keychain (or the System Keychain if run as root and no Keychain is specified):
security find-certificate -a | awk -F'"' '/labl/{print $4}'