The certificate's Common Name (CN) or Subject Alternative Name (SAN) does not match the proxy’s IP or domain.
This is the most famous paper regarding proxies that perform TLS inspection (which generates these certificates). It analyzes how these proxies often degrade security.