app/views/service_providers/_certificate_expiration_td.html.erb
<%
# locals: app
cert = app.certificates.max_by(&:not_after)
%>
<%= content_tag(:td, class: cert&.expiration_css_class) do %>
<% if !cert || cert.issuer.to_s == 'Null Certificate' %>
Invalid
<% else %>
<%= cert.not_after.localtime.strftime("%F") %>
<% end %>
<% end %>