X.509 Certificate

Full Name or Meme

A structure defined by the CCITT (now ITU-T) that binds a Subject name to a public key and a set of Attributes.

Up until the 1970's the Postal and Telecommunications Agencies of the world governments just knew that they were responsible for assigning names and numbers to everything on the planet.
At that time only a few of the world governments, like the US, had placed the responsibilities for such naming and numbering in private hands.
Still in the US AT&T acted with the impunity of a government agency, until they were challenged in court by companies like MCI.
With all of the arrogance of a government body, the ITU's Committee on Communications and International Telephone and Telegraph (CCITT), decided to specifiy the structure of email and the corresponding security.

The result was an exceeding ugly encoding of everything they touched, most of which has faded into history, except the X.509 certificate structure.
The security at the time was based on the paradigm at the time - the credit card industry and the card revocation lists, which were updated every few weeks and needed to be checked by every merchant for every transaction.

At least now the certificates can be checked online and no longer require certificate revocation lists, although the specification still exists.
The content of a Web Site certificate is reasonably well defined^[1] which makes them still useful for that purpose.
They can be used in other venues such as a digital assertion of the existence of some credential, like the ability to prescribe drugs.
On the web a new standard has evolved, the Json Web Token.

↑ DigiCert. What extensions and details are included in a SSL certificate? https://knowledge.digicert.com/solution/SO18140.html