Base64 encoded ignition file gets messed up

I’m currently in the process of setting up an OKD-Cluster on ESXi (non-production, my own Hardware), following the official documentation on Red Hat’s website, but instead of using RHCOS I’m using Fedora CoreOS.

So far I’ve set up the loadbalancer, created DNS entries and generated the ignition configs.
I created those on a CentOS 8 VM, and copied them to my Windows 10 workstation for backup. I’m pretty new to ignition, so the only thing I’ve changed is the URL from https://... to http://... because I don’t want to mess with that in my test environment.

But this is where it gets a little strange. This is the content of my master.ign file:

"ignition": {
    "config": {
        "merge": [{
            "source": "http://api-int.openshift.<mydomain>.local:22623/config/master"
        }]
    },
    "security": {
        "tls": {
            "certificateAuthorities": [{
                "source": "data:text/plain;charset=utf-8;base64,<BASE64 ENCODED CERT>"
            }]
        }
    },
    "version": "3.0.0"
}

If I copy that Base64 encoded cert and decode it on my CentOS VM, it generates a (valid-looking) certificate. But if I encode the whole file (which is required by the tutorial) and let the machines boot with it, I get an error saying that the certificate is not valid and there was something wrong with the decoding (I can pull up the specific log files later).

If I try to decode the file by hand and then the certificate, it gets gibberish with invalid characters (object replacement characters and replacement characters).

So does anyone have any ideas what my problem might be? Have I missed something?

Or maybe I can even omit the security part because I’m using http? (haven’t tried that yet, came up with the idea while typing this)