Same issues here on Bookworm and Bullseye. We are currently rolling out the new Sectigo certificate manually via Ansible on all our machines to prevent issues for our customers.
This should be fixed in the stable release of ca-certificates! It's an important CA provider (Sectigo) and is widely used!
