The Holder object.
For an v2 attribute certificate this is:
Holder ::= SEQUENCE { baseCertificateID [0] IssuerSerial OPTIONAL, -- the issuer and serial number of -- the holder's Public Key Certificate entityName [1] GeneralNames OPTIONAL, -- the name of the claimant or role objectDigestInfo [2] ObjectDigestInfo OPTIONAL -- used to directly authenticate the holder, -- for example, an executable }
For an v1 attribute certificate this is:
subject CHOICE { baseCertificateID [0] IssuerSerial, -- associated with a Public Key Certificate subjectName [1] GeneralNames }, -- associated with a name