I do have one theory about why this kind of thing could happen ... but I have very little proof so far. (My related post).
I think it could be related to clock skew, but related to the timestamp in the certificate transparency SCT rather than in the certificate itself. The SCT timestamp is not backdated, and browsers are supposed to reject timestamps in the future. Chromium and Safari both enforce SCTs, but I'm not sure whether they have done something to account for this. Safari is closed source and Chromium's SCT validator seems to change constantly.
In your case though, if you're getting a transient ERR_CERT_AUTHORITY_INVALID
error (rather than the CT one), I think this it's probably something else.
You could try create the net-export dump as documented in my post anyway, as it creates very detailed logs about the certificate verification process. Could help, who knows.
FWIW I couldn't reproduce the problem with your domain on Linux+Chromium.