The root key against which to verify the certificate (normally, the root key of the IC main network)
The effective canister ID of the request when verifying a response, or the signing canister ID when verifying a certified variable.
Optional
blsBLS Verification strategy. Default strategy uses bls12_381 from @noble/curves
Optional
maxThe maximum age of the certificate in minutes. Default is 5 minutes.
5
This is used to verify the time the certificate was signed, particularly for validating Delegation certificates, which can live for longer than the default window of +/- 5 minutes. If the certificate is
older than the specified age, it will fail verification.
The bytes encoding the certificate to be verified