ok I think I know what happened (sorry for the late reply - I’m travelling)
the phone somehow had picked up PST time, but not PST time zone. So when I checked on the phone, its time was ~21:50, but GMT+1, so in fact 9h behind the issue timestamp of the certificate.
Sorry for the noise.
-Christian