Run the CheckAppSignature.sh script on the command line and pass it the path to an ipa or an extracted ios app as argument.
E.g. Run:
$ CheckAppSignature.sh /Users/dpich/Downloads/myApp-arm64-debug.ipa
IPA file is extracted into a temp directory, and then
codesign -dvvv /path/to/the.app
and
codesign -d --entitlements :-
is run.
See TN2250: Understanding and Resolving Code Signing Issues for more info.