Dear dev-security-policy,
KIR S.A. seems to have 8 missuance issues all active at once, each one with very similar deficiencies in the reports. While the underlying issues vary, two of them involve delayed revocation, five of them incorrect data entry by operators that is uncaught by automated checks, and two involve OCSP.
I think it's worth taking a harder look. In my cursory examination I've also noticed some suspicious certificates like
https://crt.sh/?id=4547403311 where the Organization listed is the CA, despite the domain not clearly belonging to the CA.
https://crt.sh/?id=4186923909 also falls into this category, and the domain doesn't seem to be used, a mere month after the certificate was obtained. Obviously it's possible that these are legitimate issuance, but it's definitely unusual.
Sincerely,
Watson Ladd