Well I believe anyone can issue certificates, so technically no issuer is invalid. I suppose an employer would have to decide whether to take the certificate seriously or not, perhaps by visiting the issuer url and checking out their website.
Now if an issuer is trying to pretend to be someone they’re not, like if someone made certificates using M.I.T.'s logo for example, then we would need a public registry, so you could compare the public key in the given certificate against M.I.T’s publicly registered key.