Last time it was KZ's MITM cert that was rejected: https://blog.mozilla.org/security/2019/08/21/protecting-our-....

Although you can argue that US' FPKI is "rogue" for the purposes of WebPKI (there's no control, no transparency, no audit etc.) and cross signature over FPKI Bridge was one of the reasons contributing to Symantec forcible retirement.

Those aren't the only two "rogue dates.