diff --git a/x509/json_test.go b/x509/json_test.go
index 85d6855e..c7170dee 100644
--- a/x509/json_test.go
+++ b/x509/json_test.go
@@ -24,7 +24,7 @@ func TestCertificateJSON(t *testing.T) {
 		},
 		{
 			file:     "ian.test.cert",
-			expected: `{"version":3,"serial_number":"13905679301969112323","signature_algorithm":{"name":"SHA1-RSA","oid":"1.2.840.113549.1.1.5"},"issuer":{"common_name":["IAN Test"],"country":["US"],"locality":["Champaign"],"province":["IL"],"organization":["UIUC"],"organizational_unit":["CS"],"email_address":["test@iantest.com"]},"issuer_dn":"emailAddress=test@iantest.com, CN=IAN Test, OU=CS, O=UIUC, L=Champaign, ST=IL, C=US, emailAddress=test@iantest.com","validity":{"start":"2016-09-07T21:10:12Z","end":"2017-09-07T21:10:12Z","length":31536000},"subject":{"common_name":["IAN Test"],"country":["US"],"locality":["Champaign"],"province":["IL"],"organization":["UIUC"],"organizational_unit":["CS"],"email_address":["test@iantest.com"]},"subject_dn":"emailAddress=test@iantest.com, CN=IAN Test, OU=CS, O=UIUC, L=Champaign, ST=IL, C=US, emailAddress=test@iantest.com","subject_key_info":{"key_algorithm":{"name":"RSA"},"rsa_public_key":{"exponent":65537,"modulus":"5Sj63YALzwmLnXNWuFmAZlv6sWelKFbP+SWPPEtsjXGHE8R0rAE6lRjjCPw8CRMIIQgGeyxDuB0kLDiR6gG6aHOOb1hdOcxhS7Cw7YsICeZ7V6fN9+opFGwdKJ998TvWsl1Vw2crfTL0P9YmRivevk9kOVfmj/dFvqRzLL81CmNnDwfsgqo4l1/WxpOpB5+gua5Fu+q3WyEk8oPcr5jX5z4d8AVhi1ZUYBr8wNrlR/RWfTJYqL0uch6hg2dLlzodG7v6kKSH/GVhPd1+eL4Kp4kNaFiJkHstRDz9YZ0y505Z8VF9V3WRsZ7l6JyyRR7dbqJTwiVYM7uESKN2inDMYw==","length":2048},"fingerprint_sha256":"688d5164e9da2ebcbcc8dca96513f500687acc7a70aa025c7f268a75ebc23f71"},"extensions":{"key_usage":{"digital_signature":true,"key_encipherment":true,"value":5},"issuer_alt_name":{"dns_names":["example.1.com","example.2.com"],"email_addresses":["test@iantest.com","test2@iantest2.com"],"ip_addresses":["1.2.3.4"],"other_names":[{"id":"1.2.3.4","value":"DCBEQlZ6YjIxbElHOTBhR1Z5SUdsa1pXNTBhV1pwWlhJPQ=="}],"registered_ids":["1.2.3.4"],"uniform_resource_identifiers":["http://www.insecure.com"]}},"signature":{"signature_algorithm":{"name":"SHA1-RSA","oid":"1.2.840.113549.1.1.5"},"value":"NKUyMbXEPqjfHmhThDqPF5onrwqVAtumI0FQtfZs7V1Ve4fPU+Hc7jNvyGzv3h2qynKORbX+ZgXX1yUaVL3VJBpKogwr8ogpVbr5q/D5KrIwI8nUHF9meMPjDj0imtuE4KqSSvHa9YqT16e1iMwcs9vYEmpetIVs8pGIUp9DtpSKV9sn0ZlaLRO4lA1Cx25N8W5Ue3Qoj78Vl/lZCIBn4Whqpo/h5joOlETNyghzm8Cw0PAMviC/k/rFstizrWa1c8s60Ex5S3A4cdIvF03U5mwYSGMxgfi7TvD6uRlp/L7t6VSxHChq3C9j965Xec2qK6klS/4XXVAizN7/V/6TEA==","valid":true,"self_signed":true},"fingerprint_md5":"b930cccf8bf02db782dadb8e7171d783","fingerprint_sha1":"51e9e3ddf2d7d46bd269851efbcb574aa4ac47c1","fingerprint_sha256":"2b96e909ccec2ef95d0ef20678a05844c46308d44a78958b4fa9e474a522683b","tbs_noct_fingerprint":"7729889cecc4fd392a4b1bff3222093345e3cc0a7b8f35b1fb3b2a7201818093","spki_subject_fingerprint":"d417ddc01fb3d88a50ed9dca6fd7e1484e6043dc64fc743fbb17f57af10cc13b","tbs_fingerprint":"7729889cecc4fd392a4b1bff3222093345e3cc0a7b8f35b1fb3b2a7201818093","validation_level":"unknown","redacted":false}`,
+			expected: `{"version":3,"serial_number":"13905679301969112323","signature_algorithm":{"name":"SHA1-RSA","oid":"1.2.840.113549.1.1.5"},"issuer":{"common_name":["IAN Test"],"country":["US"],"locality":["Champaign"],"province":["IL"],"organization":["UIUC"],"organizational_unit":["CS"],"email_address":["test@iantest.com"]},"issuer_dn":"emailAddress=test@iantest.com, CN=IAN Test, OU=CS, O=UIUC, L=Champaign, ST=IL, C=US","validity":{"start":"2016-09-07T21:10:12Z","end":"2017-09-07T21:10:12Z","length":31536000},"subject":{"common_name":["IAN Test"],"country":["US"],"locality":["Champaign"],"province":["IL"],"organization":["UIUC"],"organizational_unit":["CS"],"email_address":["test@iantest.com"]},"subject_dn":"emailAddress=test@iantest.com, CN=IAN Test, OU=CS, O=UIUC, L=Champaign, ST=IL, C=US","subject_key_info":{"key_algorithm":{"name":"RSA"},"rsa_public_key":{"exponent":65537,"modulus":"5Sj63YALzwmLnXNWuFmAZlv6sWelKFbP+SWPPEtsjXGHE8R0rAE6lRjjCPw8CRMIIQgGeyxDuB0kLDiR6gG6aHOOb1hdOcxhS7Cw7YsICeZ7V6fN9+opFGwdKJ998TvWsl1Vw2crfTL0P9YmRivevk9kOVfmj/dFvqRzLL81CmNnDwfsgqo4l1/WxpOpB5+gua5Fu+q3WyEk8oPcr5jX5z4d8AVhi1ZUYBr8wNrlR/RWfTJYqL0uch6hg2dLlzodG7v6kKSH/GVhPd1+eL4Kp4kNaFiJkHstRDz9YZ0y505Z8VF9V3WRsZ7l6JyyRR7dbqJTwiVYM7uESKN2inDMYw==","length":2048},"fingerprint_sha256":"688d5164e9da2ebcbcc8dca96513f500687acc7a70aa025c7f268a75ebc23f71"},"extensions":{"key_usage":{"digital_signature":true,"key_encipherment":true,"value":5},"issuer_alt_name":{"dns_names":["example.1.com","example.2.com"],"email_addresses":["test@iantest.com","test2@iantest2.com"],"ip_addresses":["1.2.3.4"],"other_names":[{"id":"1.2.3.4","value":"DCBEQlZ6YjIxbElHOTBhR1Z5SUdsa1pXNTBhV1pwWlhJPQ=="}],"registered_ids":["1.2.3.4"],"uniform_resource_identifiers":["http://www.insecure.com"]}},"signature":{"signature_algorithm":{"name":"SHA1-RSA","oid":"1.2.840.113549.1.1.5"},"value":"NKUyMbXEPqjfHmhThDqPF5onrwqVAtumI0FQtfZs7V1Ve4fPU+Hc7jNvyGzv3h2qynKORbX+ZgXX1yUaVL3VJBpKogwr8ogpVbr5q/D5KrIwI8nUHF9meMPjDj0imtuE4KqSSvHa9YqT16e1iMwcs9vYEmpetIVs8pGIUp9DtpSKV9sn0ZlaLRO4lA1Cx25N8W5Ue3Qoj78Vl/lZCIBn4Whqpo/h5joOlETNyghzm8Cw0PAMviC/k/rFstizrWa1c8s60Ex5S3A4cdIvF03U5mwYSGMxgfi7TvD6uRlp/L7t6VSxHChq3C9j965Xec2qK6klS/4XXVAizN7/V/6TEA==","valid":true,"self_signed":true},"fingerprint_md5":"b930cccf8bf02db782dadb8e7171d783","fingerprint_sha1":"51e9e3ddf2d7d46bd269851efbcb574aa4ac47c1","fingerprint_sha256":"2b96e909ccec2ef95d0ef20678a05844c46308d44a78958b4fa9e474a522683b","tbs_noct_fingerprint":"7729889cecc4fd392a4b1bff3222093345e3cc0a7b8f35b1fb3b2a7201818093","spki_subject_fingerprint":"d417ddc01fb3d88a50ed9dca6fd7e1484e6043dc64fc743fbb17f57af10cc13b","tbs_fingerprint":"7729889cecc4fd392a4b1bff3222093345e3cc0a7b8f35b1fb3b2a7201818093","validation_level":"unknown","redacted":false}`,
 		},
 		{
 			file:     "name.constraint.test.cert",
@@ -32,7 +32,7 @@ func TestCertificateJSON(t *testing.T) {
 		},
 		{
 			file:     "san.test.cert",
-			expected: `{"version":3,"serial_number":"11969031822203118914","signature_algorithm":{"name":"SHA256-RSA","oid":"1.2.840.113549.1.1.11"},"issuer":{"common_name":["SAN Test"],"country":["US"],"locality":["Champaign"],"province":["IL"],"organization":["UIUC"],"organizational_unit":["CS"],"email_address":["test@santest.com"]},"issuer_dn":"emailAddress=test@santest.com, CN=SAN Test, OU=CS, O=UIUC, L=Champaign, ST=IL, C=US, emailAddress=test@santest.com","validity":{"start":"2016-08-24T18:55:08Z","end":"2018-08-24T18:55:08Z","length":63072000},"subject":{"common_name":["SAN Test"],"country":["US"],"locality":["Champaign"],"province":["IL"],"organization":["UIUC"],"organizational_unit":["CS"],"email_address":["test@santest.com"]},"subject_dn":"emailAddress=test@santest.com, CN=SAN Test, OU=CS, O=UIUC, L=Champaign, ST=IL, C=US, emailAddress=test@santest.com","subject_key_info":{"key_algorithm":{"name":"RSA"},"rsa_public_key":{"exponent":65537,"modulus":"zNNJPiLkZhaNcLFfuffykzP4925ggaM+XcLoNkvvHivT4bqFKChmhTbE5J9ZGJgy2adniWEApjQHLRhRui6aO4CWkbP63iJTKJ1CyjV2tUO4ObgMsWlsOPD0ccqUdqw3QpqTgvelBIjENl+bB9yXSe+kDb64cQpi9SaT1STVr/CTrDpDD0THdf1GFqFlKM0ioY8u2pa293rn50o9TLtIr4l6kzQaRopzfZPnJ+CWXTjGIp4YypULsbvp8LIcPIRyp/6U7j8XMhJr33DW5wOfPcKBT/aJm5PILRwKHodQ14yNxKW0g+OizTHKdRkVHEKSwFEp4rEfsr20erx6Vyh7Fq+7IjoP/5gTbNJmWRxJ1h88xpCxETNfpqXt4x5LkTA9sXpMNTk4Bpy02k/0KNMqTO2osI5Mof5+hxGe7CkhaB1OujmaoPMRB7+cKCIf5dv1u+0GH4k7YlOwYiev+mHzIOd04rdJG0MN/y60tEgjs7JiC75AKMldRfqHZ+ZII0NV","length":3072},"fingerprint_sha256":"8aef7c362bb4dfc4a83f33dcdcb016b1473ed2a87cb815ddf332f6eb076bd133"},"extensions":{"basic_constraints":{"is_ca":true},"subject_alt_name":{"directory_names":[{"common_name":["My Name"],"country":["US"],"organization":["My Organization"],"organizational_unit":["My Unit"]}],"dns_names":["dns1.test.com","dns2.test.com"],"email_addresses":["email@testsan.com"],"ip_addresses":["1.2.3.4"],"other_names":[{"id":"1.2.3.4","value":"DBVzb21lIG90aGVyIGlkZW50aWZpZXI="}],"registered_ids":["1.2.3.4"],"uniform_resource_identifiers":["http://watchit.com/"]},"authority_key_id":"b970e26ca9347b9f94a434d931d0891cdc273f56","subject_key_id":"b970e26ca9347b9f94a434d931d0891cdc273f56"},"signature":{"signature_algorithm":{"name":"SHA256-RSA","oid":"1.2.840.113549.1.1.11"},"value":"FAHBXJgYGi3MSKfj8npv+C1LlBbUdSMvqBEm4VSYIrsWHQeAabn4xiEzEs9QX3JsJD/muSo5y7VOiDOOuICPgh8ZDVJ1Rp1IFpr3HZsvLxLaKC7p/6Qc9MOFrZR2zwLjTc4VgVJ2r1X596duXuE/we5RMfAPTrqT20CVuiblsF2vvOJLmQr9o17a0kqAVukkffUoGvHRe1FC4lO4BkJq1DiXzRSUwxXh9Mzb4aGkNzltgP3HSXPzXTAGq9YxDoV86S1ITzTHDlFQpZoCsXXG4FKhw64gKWO3mFAbM8YMp4cLzdci9TRbiJVO/ZZnNROlBfPQTLtxSri5Emj9sWCDLAW3TGfDRDCPsYZGcImhpNFtlUkt+RLhdMsQk95lcahZp9pyHd2NgjsaSsQdJ+/H3F6+7nUTiwHmF0+yUfp6I5uVoFwEM1LYPWQ+YFfDSaZqzYty9TxwIBy57w59l74+lcx4AilhpT9yam5UfknMXdfI+ZYLK+uuqqhvcEKP+hR6","valid":true,"self_signed":true},"fingerprint_md5":"ce2473da2a3c2f6f6abd24523acd70e3","fingerprint_sha1":"8cdead6be60527f06708cd2a3b771914dcc5e927","fingerprint_sha256":"97f710a8fbec337da46bdc700df02029e1bd68abd1ccf8a1e8c61cd0db99b5bf","tbs_noct_fingerprint":"1ce4125fdc6a8fb884ca8c83e7b0e26fcddf5703ff3c4819573b9c907f33fbc0","spki_subject_fingerprint":"603db6169df03726f8f3c390a8f2e48ad749da598ea8b16befaed05c7ff62d4e","tbs_fingerprint":"1ce4125fdc6a8fb884ca8c83e7b0e26fcddf5703ff3c4819573b9c907f33fbc0","validation_level":"unknown","names":["1.2.3.4","dns1.test.com","dns2.test.com","http://watchit.com/"],"redacted":false}`,
+			expected: `{"version":3,"serial_number":"11969031822203118914","signature_algorithm":{"name":"SHA256-RSA","oid":"1.2.840.113549.1.1.11"},"issuer":{"common_name":["SAN Test"],"country":["US"],"locality":["Champaign"],"province":["IL"],"organization":["UIUC"],"organizational_unit":["CS"],"email_address":["test@santest.com"]},"issuer_dn":"emailAddress=test@santest.com, CN=SAN Test, OU=CS, O=UIUC, L=Champaign, ST=IL, C=US","validity":{"start":"2016-08-24T18:55:08Z","end":"2018-08-24T18:55:08Z","length":63072000},"subject":{"common_name":["SAN Test"],"country":["US"],"locality":["Champaign"],"province":["IL"],"organization":["UIUC"],"organizational_unit":["CS"],"email_address":["test@santest.com"]},"subject_dn":"emailAddress=test@santest.com, CN=SAN Test, OU=CS, O=UIUC, L=Champaign, ST=IL, C=US","subject_key_info":{"key_algorithm":{"name":"RSA"},"rsa_public_key":{"exponent":65537,"modulus":"zNNJPiLkZhaNcLFfuffykzP4925ggaM+XcLoNkvvHivT4bqFKChmhTbE5J9ZGJgy2adniWEApjQHLRhRui6aO4CWkbP63iJTKJ1CyjV2tUO4ObgMsWlsOPD0ccqUdqw3QpqTgvelBIjENl+bB9yXSe+kDb64cQpi9SaT1STVr/CTrDpDD0THdf1GFqFlKM0ioY8u2pa293rn50o9TLtIr4l6kzQaRopzfZPnJ+CWXTjGIp4YypULsbvp8LIcPIRyp/6U7j8XMhJr33DW5wOfPcKBT/aJm5PILRwKHodQ14yNxKW0g+OizTHKdRkVHEKSwFEp4rEfsr20erx6Vyh7Fq+7IjoP/5gTbNJmWRxJ1h88xpCxETNfpqXt4x5LkTA9sXpMNTk4Bpy02k/0KNMqTO2osI5Mof5+hxGe7CkhaB1OujmaoPMRB7+cKCIf5dv1u+0GH4k7YlOwYiev+mHzIOd04rdJG0MN/y60tEgjs7JiC75AKMldRfqHZ+ZII0NV","length":3072},"fingerprint_sha256":"8aef7c362bb4dfc4a83f33dcdcb016b1473ed2a87cb815ddf332f6eb076bd133"},"extensions":{"basic_constraints":{"is_ca":true},"subject_alt_name":{"directory_names":[{"common_name":["My Name"],"country":["US"],"organization":["My Organization"],"organizational_unit":["My Unit"]}],"dns_names":["dns1.test.com","dns2.test.com"],"email_addresses":["email@testsan.com"],"ip_addresses":["1.2.3.4"],"other_names":[{"id":"1.2.3.4","value":"DBVzb21lIG90aGVyIGlkZW50aWZpZXI="}],"registered_ids":["1.2.3.4"],"uniform_resource_identifiers":["http://watchit.com/"]},"authority_key_id":"b970e26ca9347b9f94a434d931d0891cdc273f56","subject_key_id":"b970e26ca9347b9f94a434d931d0891cdc273f56"},"signature":{"signature_algorithm":{"name":"SHA256-RSA","oid":"1.2.840.113549.1.1.11"},"value":"FAHBXJgYGi3MSKfj8npv+C1LlBbUdSMvqBEm4VSYIrsWHQeAabn4xiEzEs9QX3JsJD/muSo5y7VOiDOOuICPgh8ZDVJ1Rp1IFpr3HZsvLxLaKC7p/6Qc9MOFrZR2zwLjTc4VgVJ2r1X596duXuE/we5RMfAPTrqT20CVuiblsF2vvOJLmQr9o17a0kqAVukkffUoGvHRe1FC4lO4BkJq1DiXzRSUwxXh9Mzb4aGkNzltgP3HSXPzXTAGq9YxDoV86S1ITzTHDlFQpZoCsXXG4FKhw64gKWO3mFAbM8YMp4cLzdci9TRbiJVO/ZZnNROlBfPQTLtxSri5Emj9sWCDLAW3TGfDRDCPsYZGcImhpNFtlUkt+RLhdMsQk95lcahZp9pyHd2NgjsaSsQdJ+/H3F6+7nUTiwHmF0+yUfp6I5uVoFwEM1LYPWQ+YFfDSaZqzYty9TxwIBy57w59l74+lcx4AilhpT9yam5UfknMXdfI+ZYLK+uuqqhvcEKP+hR6","valid":true,"self_signed":true},"fingerprint_md5":"ce2473da2a3c2f6f6abd24523acd70e3","fingerprint_sha1":"8cdead6be60527f06708cd2a3b771914dcc5e927","fingerprint_sha256":"97f710a8fbec337da46bdc700df02029e1bd68abd1ccf8a1e8c61cd0db99b5bf","tbs_noct_fingerprint":"1ce4125fdc6a8fb884ca8c83e7b0e26fcddf5703ff3c4819573b9c907f33fbc0","spki_subject_fingerprint":"603db6169df03726f8f3c390a8f2e48ad749da598ea8b16befaed05c7ff62d4e","tbs_fingerprint":"1ce4125fdc6a8fb884ca8c83e7b0e26fcddf5703ff3c4819573b9c907f33fbc0","validation_level":"unknown","names":["1.2.3.4","dns1.test.com","dns2.test.com","http://watchit.com/"],"redacted":false}`,
 		},
 		{
 			file:     "dsa_pk.cert",
@@ -56,11 +56,11 @@ func TestCertificateJSON(t *testing.T) {
 		},
 		{
 			file:     "qwac.pem",
-			expected: `{"version":3,"serial_number":"202093337738244911112370","signature_algorithm":{"name":"SHA256-RSA","oid":"1.2.840.113549.1.1.11"},"issuer":{"common_name":["Buypass Class 3 CA 2"],"country":["NO"],"organization":["Buypass AS-983163327"]},"issuer_dn":"CN=Buypass Class 3 CA 2, O=Buypass AS-983163327, C=NO","validity":{"start":"2020-02-04T14:05:09Z","end":"2022-02-03T22:59:00Z","length":63104031},"subject":{"common_name":["qwac.prod.vipps.no"],"serial_number":["918713867"],"country":["NO"],"locality":["OSLO"],"organization":["VIPPS AS"],"postal_code":["0150"],"jurisdiction_country":["NO"],"organization_id":["PSDNO-FSA-918713867"]},"subject_dn":"serialNumber=918713867, organizationIdentifier=PSDNO-FSA-918713867, CN=qwac.prod.vipps.no, O=VIPPS AS, C=NO, jurisdictionCountry=NO, businessCategory=Private Organization, L=OSLO, postalCode=0150, organizationIdentifier=PSDNO-FSA-918713867, jurisdictionCountry=NO, businessCategory=Private Organization","subject_key_info":{"key_algorithm":{"name":"RSA"},"rsa_public_key":{"exponent":65537,"modulus":"pZhG4M3ej2sh+PdDZdMP6mW2w0Ulw11O6xg2NWaU4qypfggxS+HC5QM65GGyvHZh0BlVTYs1zuIQSxeylitwcoyOLpv1kZtXtvhXjGlnJJJCXOJh6g86WeWrhUxHFOQQtvtFg7ZhaYpeyldabnHcDcyxq3LVQmRL6WQwSQgEHCIlXCSI5+DCcBKr9iZYokq0kAg6jCFJojhUypv/rRYS2C3HBWtlWiw1Ln0BeJVEzXaCyQsmtX/TQb0W4O1YhGmvj7fC+P+mQh4PJqwd2mU5CGjcJWLdd664TudjU8uDiR7/VgwaCbi0m8ugcJNxvZ3/yLElj95aHY6gKG+rmciIGQ==","length":2048},"fingerprint_sha256":"7e0b4098d838ebe5238997c5418ea20b96a1f7e9b643293885197d609d09e77c"},"extensions":{"key_usage":{"digital_signature":true,"key_encipherment":true,"value":5},"basic_constraints":{"is_ca":false},"subject_alt_name":{"dns_names":["qwac.prod.vipps.no"]},"crl_distribution_points":["http://crl.buypass.no/crl/BPClass3CA2.crl"],"authority_key_id":"22302ed2fbf64bcac0b83bd204c4e972e6979b0c","subject_key_id":"a002f1a7fd4a9e9932efeebaa1a3aa1e2ee7eec5","extended_key_usage":{"server_auth":true,"client_auth":true},"certificate_policies":[{"id":"2.16.578.1.26.1.3.3","cps":["https://www.buypass.no/cps"]},{"id":"2.23.140.1.1"},{"id":"0.4.0.194112.1.4"}],"authority_info_access":{"ocsp_urls":["http://ocsp.buypass.com"],"issuer_urls":["http://crt.buypass.no/crt/BPClass3CA2.cer"]},"ct_poison":true,"cabf_organization_id":{"scheme":"PSD","country":"NO","reference":"918713867"},"qc_statements":{"ids":["0.4.0.1862.1.1","0.4.0.19495.2","0.4.0.1862.1.6","0.4.0.1862.1.5"],"parsed":{"etsi_compliance":[true],"types":[{"ids":["0.4.0.1862.1.6.3"]}],"pds_locations":[{"locations":[{"url":"https://www.buypass.no/pds/pds_en.pdf","language":"en"}]}]}}},"signature":{"signature_algorithm":{"name":"SHA256-RSA","oid":"1.2.840.113549.1.1.11"},"value":"C6EnzHU7tGVa2HUw0Y3KaRtgSkF3FNAsO63VRac/SZMykM60bM9nuwdy46/o01iQ+wi+P/kS5r6UYIBOwLOmv6PrMuj+nV3YhADI9/A1R4MqEjKWHzVefTXUT6vWOm7JDf2n4H3wdh/LxdfjxEn01/NcCPh+HEgatldcoXpnirVKctO2Kgg5dD2uLWtPQixr2aJQx+4wALCBG7cwKmp0M9CLJv35+O2/1dMwhm95NfpcX6t53F7M9720fTeFTYALX1jdN2SxA7VyHqhkc0poTNtKtutRkMMWkwcDSz/FD0NMjJdsaVIJ+bdB7gh7JT1hd4CBJDKRhNRq9aSGGIcEeQ==","valid":false,"self_signed":false},"fingerprint_md5":"ed91f4dc129bb1e645e36454b4955fd6","fingerprint_sha1":"f1b7533029586920ee56df926bc59dcd8cfa3630","fingerprint_sha256":"f42775eeb4baa39ab4ba0e3a37ee2f30a41267274ea20a75ae2721cae39f9a83","tbs_noct_fingerprint":"cff7cb3009a22b725e4d3d71762c377cbdefd196cff2712a0893e2c29870b320","spki_subject_fingerprint":"b4e3dff7dbac7fa5744f916ddaac9bb7ac09f6914c523d8cd356b543b621802c","tbs_fingerprint":"e5d2338b23acb820d285a04b800aa4f9fc162c8c919cb2b957f2b2209848a0b2","validation_level":"EV","names":["qwac.prod.vipps.no"],"redacted":false}`,
+			expected: `{"version":3,"serial_number":"202093337738244911112370","signature_algorithm":{"name":"SHA256-RSA","oid":"1.2.840.113549.1.1.11"},"issuer":{"common_name":["Buypass Class 3 CA 2"],"country":["NO"],"organization":["Buypass AS-983163327"]},"issuer_dn":"CN=Buypass Class 3 CA 2, O=Buypass AS-983163327, C=NO","validity":{"start":"2020-02-04T14:05:09Z","end":"2022-02-03T22:59:00Z","length":63104031},"subject":{"common_name":["qwac.prod.vipps.no"],"serial_number":["918713867"],"country":["NO"],"locality":["OSLO"],"organization":["VIPPS AS"],"postal_code":["0150"],"jurisdiction_country":["NO"],"organization_id":["PSDNO-FSA-918713867"]},"subject_dn":"serialNumber=918713867, organizationIdentifier=PSDNO-FSA-918713867, CN=qwac.prod.vipps.no, O=VIPPS AS, C=NO, jurisdictionCountry=NO, businessCategory=Private Organization, L=OSLO, postalCode=0150","subject_key_info":{"key_algorithm":{"name":"RSA"},"rsa_public_key":{"exponent":65537,"modulus":"pZhG4M3ej2sh+PdDZdMP6mW2w0Ulw11O6xg2NWaU4qypfggxS+HC5QM65GGyvHZh0BlVTYs1zuIQSxeylitwcoyOLpv1kZtXtvhXjGlnJJJCXOJh6g86WeWrhUxHFOQQtvtFg7ZhaYpeyldabnHcDcyxq3LVQmRL6WQwSQgEHCIlXCSI5+DCcBKr9iZYokq0kAg6jCFJojhUypv/rRYS2C3HBWtlWiw1Ln0BeJVEzXaCyQsmtX/TQb0W4O1YhGmvj7fC+P+mQh4PJqwd2mU5CGjcJWLdd664TudjU8uDiR7/VgwaCbi0m8ugcJNxvZ3/yLElj95aHY6gKG+rmciIGQ==","length":2048},"fingerprint_sha256":"7e0b4098d838ebe5238997c5418ea20b96a1f7e9b643293885197d609d09e77c"},"extensions":{"key_usage":{"digital_signature":true,"key_encipherment":true,"value":5},"basic_constraints":{"is_ca":false},"subject_alt_name":{"dns_names":["qwac.prod.vipps.no"]},"crl_distribution_points":["http://crl.buypass.no/crl/BPClass3CA2.crl"],"authority_key_id":"22302ed2fbf64bcac0b83bd204c4e972e6979b0c","subject_key_id":"a002f1a7fd4a9e9932efeebaa1a3aa1e2ee7eec5","extended_key_usage":{"server_auth":true,"client_auth":true},"certificate_policies":[{"id":"2.16.578.1.26.1.3.3","cps":["https://www.buypass.no/cps"]},{"id":"2.23.140.1.1"},{"id":"0.4.0.194112.1.4"}],"authority_info_access":{"ocsp_urls":["http://ocsp.buypass.com"],"issuer_urls":["http://crt.buypass.no/crt/BPClass3CA2.cer"]},"ct_poison":true,"cabf_organization_id":{"scheme":"PSD","country":"NO","reference":"918713867"},"qc_statements":{"ids":["0.4.0.1862.1.1","0.4.0.19495.2","0.4.0.1862.1.6","0.4.0.1862.1.5"],"parsed":{"etsi_compliance":[true],"types":[{"ids":["0.4.0.1862.1.6.3"]}],"pds_locations":[{"locations":[{"url":"https://www.buypass.no/pds/pds_en.pdf","language":"en"}]}]}}},"signature":{"signature_algorithm":{"name":"SHA256-RSA","oid":"1.2.840.113549.1.1.11"},"value":"C6EnzHU7tGVa2HUw0Y3KaRtgSkF3FNAsO63VRac/SZMykM60bM9nuwdy46/o01iQ+wi+P/kS5r6UYIBOwLOmv6PrMuj+nV3YhADI9/A1R4MqEjKWHzVefTXUT6vWOm7JDf2n4H3wdh/LxdfjxEn01/NcCPh+HEgatldcoXpnirVKctO2Kgg5dD2uLWtPQixr2aJQx+4wALCBG7cwKmp0M9CLJv35+O2/1dMwhm95NfpcX6t53F7M9720fTeFTYALX1jdN2SxA7VyHqhkc0poTNtKtutRkMMWkwcDSz/FD0NMjJdsaVIJ+bdB7gh7JT1hd4CBJDKRhNRq9aSGGIcEeQ==","valid":false,"self_signed":false},"fingerprint_md5":"ed91f4dc129bb1e645e36454b4955fd6","fingerprint_sha1":"f1b7533029586920ee56df926bc59dcd8cfa3630","fingerprint_sha256":"f42775eeb4baa39ab4ba0e3a37ee2f30a41267274ea20a75ae2721cae39f9a83","tbs_noct_fingerprint":"cff7cb3009a22b725e4d3d71762c377cbdefd196cff2712a0893e2c29870b320","spki_subject_fingerprint":"b4e3dff7dbac7fa5744f916ddaac9bb7ac09f6914c523d8cd356b543b621802c","tbs_fingerprint":"e5d2338b23acb820d285a04b800aa4f9fc162c8c919cb2b957f2b2209848a0b2","validation_level":"EV","names":["qwac.prod.vipps.no"],"redacted":false}`,
 		},
 		{
 			file:     "etsi_qc.pem",
-			expected: `{"version":3,"serial_number":"9591198274709138036589902159","signature_algorithm":{"name":"SHA256-RSA","oid":"1.2.840.113549.1.1.11"},"issuer":{"common_name":["Development Sub CA"],"country":["PK"],"organization":["Development"]},"issuer_dn":"CN=Development Sub CA, O=Development, C=PK","validity":{"start":"2019-09-25T09:37:57Z","end":"2029-10-26T09:37:57Z","length":318297600},"subject":{"common_name":["Muhammad Bilal Ashraf"],"serial_number":["578611675"],"country":["PK"],"organization":["Development"],"given_name":["Muhammad Bilal"],"surname":["Ashraf"]},"subject_dn":"CN=Muhammad Bilal Ashraf, SN=Ashraf, GN=Muhammad Bilal, serialNumber=578611675, O=Development, C=PK, SN=Ashraf, GN=Muhammad Bilal","subject_key_info":{"key_algorithm":{"name":"RSA"},"rsa_public_key":{"exponent":65537,"modulus":"2HPVolNvA0qVuwXPcXIdra/W/VOLzx5RyRjAHUC8ssYKPLJ5rNjUcAFrIMRBELVw1B+Sr3/671cDsh12nFkO4KfCpprvG9gpV2yLZPNhpUPqxpbXa6H6VQv4PYNHuf75kPJzyn2dkhw/RGNfiN9b/qM4LSxHzlrOe+gjN7uSaLEctr16v7lu650lbNC29XfG9FuRKeHAB04WoFtge6P3XwvRkHTVvcUjx0XSRD3Fbcvi/SqKZStFLN382Xp/uA7S+kX0eVHHyIgQyEydOq5lI1mTRCsJn0vOXav2YgZiHGvpDMzXPz/j/iAFblLmGeNFRUQDIrwTYUEfdGjBGOAlVw==","length":2048},"fingerprint_sha256":"bc898e576ca5b03513505d6433e91b4ada07f86a6ce3412d088db9580b13500e"},"extensions":{"key_usage":{"digital_signature":true,"content_commitment":true,"value":3},"basic_constraints":{"is_ca":false},"subject_alt_name":{"email_addresses":["bilal.ashraf@gmail.com"]},"crl_distribution_points":["http://dev.com/ca.crl"],"authority_key_id":"30cd83a736aca535ff211b37406eb2cf5f1c032f","subject_key_id":"5e3b7f1de8d5587eee26b3c792e65ac10e5fbb9d","extended_key_usage":{"email_protection":true},"certificate_policies":[{"id":"1.3.7.8.9","cps":["https://www.dev.com/repository/"]}],"authority_info_access":{"ocsp_urls":["http://dev.com/ocsp"],"issuer_urls":["http://dev.com/ca.crt"]},"qc_statements":{"ids":["0.4.0.1862.1.1","0.4.0.1862.1.3","0.4.0.1862.1.2","0.4.0.1862.1.4","0.4.0.1862.1.5","0.4.0.1862.1.6"],"parsed":{"etsi_compliance":[true],"sscd":[true],"types":[{"ids":["0.4.0.1862.1.6.1","0.4.0.1862.1.6.2","0.4.0.1862.1.6.3"]}],"limit":[{"currency":"EURO","amount":10,"exponent":2}],"pds_locations":[{"locations":[{"url":"https://dev.com/pds/en/pds.pdf","language":"en"}]}],"retention_period":[10]}}},"signature":{"signature_algorithm":{"name":"SHA256-RSA","oid":"1.2.840.113549.1.1.11"},"value":"DyWYTIzvGbzIbUbfe0mHSNxjoacuhWWQLhyX/UfHZ5hdYL7osIvwvWu81hGiGK9Eo0279W0YexJ4qp90YIzG8kjKvK7XIbFLmYnCf7+8sXHcvH9w/b8W11cTWmC2+xuYgxCWvHkGwWVpEpZlkDc+YYjilUVQ7wIcingpT98Tek36RIZ8mcNqkXUTrCaWt9Ra4h732J87MSWydifEMYUi+fSKttw7cjBzf6Q5XFkWY0uQtY087EIRldezwa9CZASStaEVzQ7UTsOzLSbmYEQzKK8siO6Z+RjV86ZU47uSZ2cC++/SQBufAQ0Ch/tnN2O3vACfA30QhQblWHe9Wd4taA==","valid":false,"self_signed":false},"fingerprint_md5":"173780910e4430a16d0e7a4ed6667b9f","fingerprint_sha1":"ce69f32ca243df47f6fccb985d6d340b15d5a827","fingerprint_sha256":"a5885ab12e6260345007884baa9f1ca7343719d80381e3a7653be314e80dea34","tbs_noct_fingerprint":"5753c966f66d7db686320109cc4f79553fa25aa45917b8326aab7e9a42507f3b","spki_subject_fingerprint":"af9c1632cdf9bc7b1041ca90006c6956b44cfc0b224ff0c19228b980e8e1b280","tbs_fingerprint":"5753c966f66d7db686320109cc4f79553fa25aa45917b8326aab7e9a42507f3b","validation_level":"unknown","redacted":false}`,
+			expected: `{"version":3,"serial_number":"9591198274709138036589902159","signature_algorithm":{"name":"SHA256-RSA","oid":"1.2.840.113549.1.1.11"},"issuer":{"common_name":["Development Sub CA"],"country":["PK"],"organization":["Development"]},"issuer_dn":"CN=Development Sub CA, O=Development, C=PK","validity":{"start":"2019-09-25T09:37:57Z","end":"2029-10-26T09:37:57Z","length":318297600},"subject":{"common_name":["Muhammad Bilal Ashraf"],"serial_number":["578611675"],"country":["PK"],"organization":["Development"],"given_name":["Muhammad Bilal"],"surname":["Ashraf"]},"subject_dn":"CN=Muhammad Bilal Ashraf, SN=Ashraf, GN=Muhammad Bilal, serialNumber=578611675, O=Development, C=PK","subject_key_info":{"key_algorithm":{"name":"RSA"},"rsa_public_key":{"exponent":65537,"modulus":"2HPVolNvA0qVuwXPcXIdra/W/VOLzx5RyRjAHUC8ssYKPLJ5rNjUcAFrIMRBELVw1B+Sr3/671cDsh12nFkO4KfCpprvG9gpV2yLZPNhpUPqxpbXa6H6VQv4PYNHuf75kPJzyn2dkhw/RGNfiN9b/qM4LSxHzlrOe+gjN7uSaLEctr16v7lu650lbNC29XfG9FuRKeHAB04WoFtge6P3XwvRkHTVvcUjx0XSRD3Fbcvi/SqKZStFLN382Xp/uA7S+kX0eVHHyIgQyEydOq5lI1mTRCsJn0vOXav2YgZiHGvpDMzXPz/j/iAFblLmGeNFRUQDIrwTYUEfdGjBGOAlVw==","length":2048},"fingerprint_sha256":"bc898e576ca5b03513505d6433e91b4ada07f86a6ce3412d088db9580b13500e"},"extensions":{"key_usage":{"digital_signature":true,"content_commitment":true,"value":3},"basic_constraints":{"is_ca":false},"subject_alt_name":{"email_addresses":["bilal.ashraf@gmail.com"]},"crl_distribution_points":["http://dev.com/ca.crl"],"authority_key_id":"30cd83a736aca535ff211b37406eb2cf5f1c032f","subject_key_id":"5e3b7f1de8d5587eee26b3c792e65ac10e5fbb9d","extended_key_usage":{"email_protection":true},"certificate_policies":[{"id":"1.3.7.8.9","cps":["https://www.dev.com/repository/"]}],"authority_info_access":{"ocsp_urls":["http://dev.com/ocsp"],"issuer_urls":["http://dev.com/ca.crt"]},"qc_statements":{"ids":["0.4.0.1862.1.1","0.4.0.1862.1.3","0.4.0.1862.1.2","0.4.0.1862.1.4","0.4.0.1862.1.5","0.4.0.1862.1.6"],"parsed":{"etsi_compliance":[true],"sscd":[true],"types":[{"ids":["0.4.0.1862.1.6.1","0.4.0.1862.1.6.2","0.4.0.1862.1.6.3"]}],"limit":[{"currency":"EURO","amount":10,"exponent":2}],"pds_locations":[{"locations":[{"url":"https://dev.com/pds/en/pds.pdf","language":"en"}]}],"retention_period":[10]}}},"signature":{"signature_algorithm":{"name":"SHA256-RSA","oid":"1.2.840.113549.1.1.11"},"value":"DyWYTIzvGbzIbUbfe0mHSNxjoacuhWWQLhyX/UfHZ5hdYL7osIvwvWu81hGiGK9Eo0279W0YexJ4qp90YIzG8kjKvK7XIbFLmYnCf7+8sXHcvH9w/b8W11cTWmC2+xuYgxCWvHkGwWVpEpZlkDc+YYjilUVQ7wIcingpT98Tek36RIZ8mcNqkXUTrCaWt9Ra4h732J87MSWydifEMYUi+fSKttw7cjBzf6Q5XFkWY0uQtY087EIRldezwa9CZASStaEVzQ7UTsOzLSbmYEQzKK8siO6Z+RjV86ZU47uSZ2cC++/SQBufAQ0Ch/tnN2O3vACfA30QhQblWHe9Wd4taA==","valid":false,"self_signed":false},"fingerprint_md5":"173780910e4430a16d0e7a4ed6667b9f","fingerprint_sha1":"ce69f32ca243df47f6fccb985d6d340b15d5a827","fingerprint_sha256":"a5885ab12e6260345007884baa9f1ca7343719d80381e3a7653be314e80dea34","tbs_noct_fingerprint":"5753c966f66d7db686320109cc4f79553fa25aa45917b8326aab7e9a42507f3b","spki_subject_fingerprint":"af9c1632cdf9bc7b1041ca90006c6956b44cfc0b224ff0c19228b980e8e1b280","tbs_fingerprint":"5753c966f66d7db686320109cc4f79553fa25aa45917b8326aab7e9a42507f3b","validation_level":"unknown","redacted":false}`,
 		},
 	}
 	for _, test := range tests {
diff --git a/x509/pkix/pkix.go b/x509/pkix/pkix.go
index 176b6c44..efa024e0 100644
--- a/x509/pkix/pkix.go
+++ b/x509/pkix/pkix.go
@@ -313,26 +313,7 @@ func (certList *CertificateList) HasExpired(now time.Time) bool {
 // String returns the string form of n, roughly following
 // the RFC 2253 Distinguished Names syntax.
 func (n Name) String() string {
-	var rdns RDNSequence
-	// If there are no ExtraNames, surface the parsed value (all entries in
-	// Names) instead.
-	if n.ExtraNames == nil {
-		for _, atv := range n.Names {
-			t := atv.Type
-			if len(t) == 4 && t[0] == 2 && t[1] == 5 && t[2] == 4 {
-				switch t[3] {
-				case 3, 5, 6, 7, 8, 9, 10, 11, 17:
-					// These attributes were already parsed into named fields.
-					continue
-				}
-			}
-			// Place non-standard parsed values at the beginning of the sequence
-			// so they will be at the end of the string. See Issue 39924.
-			rdns = append(rdns, []AttributeTypeAndValue{atv})
-		}
-	}
-	rdns = append(rdns, n.ToRDNSequence()...)
-	return rdns.String()
+	return n.ToRDNSequence().String()
 }
 
 // OtherName represents the ASN.1 structure of the same name. See RFC