What is the SC_Online_Issuing Certificate on an Intune enrolled iOS device for, what role does it play, and what is the severity if it is missing or expired?

What is the SC_Online_Issuing Certificate on an Intune enrolled iOS device for, what role does it play, and what is the severity if it is missing or expired?

We have devices all enrolled the same way (AED/DEP) using the same enrollment profile, same tenant, etc.

Many of the devices have a certificate that expired June 3rd 2021 named SC_Online_Issuing under the device management profile. Some devices do not have this certificate at all.

The ones that do have it installed and expired have their overall management profile marked as red not verified and the ones without the certificate are verified and green.

In the Intune console, all the devices with the expired certificate are compliant and checking in. Newly deployed profiles for things like mail etc.. seem to be working and synching seems healthy as well.

There does appear to be an issue for some people authenticating to Microsoft services though on the devices with the expired certificate.

What is this cert? why do some have it and some do not? why was it not auto renewed by Microsoft if it is important? What is the severity of it being expired and the management profile displaying red not verified because of it?

Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities. Enrollment: The process of requesting, receiving, and installing a certificate.

A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.