What exactly gRPC framework varifies with SslClientCertificateRequestType.RequestAndRequireAndVerify

[umi...@gmail.com]

 Going through the modes of requesting client's SSL certificate by the server, I found this explanation for SslClientCertificateRequestType.RequestAndRequireAndVerify

Server requests client certificate and enforces that the client presents a
certificate.
The certificate presented by the client is verified by the gRPC framework.
(For a successful connection the client needs to present a certificate that
can be verified against the root certificate configured by the server)
The client's key certificate pair must be valid for the SSL connection to
be established.

I want to know what exactly gRPC framework varifies when client's certificate is presented to the server? Is it just CN / Subject cert fields or something else...

Looking through the code, as far as I could reach is file grpc/src/core/tsi/ssl_transport_security.cc:1884, but couldn't exactly get to the point where I can see which cert fields are compared and what else.

All the best,

Ugi