In order to verify the validity of a Child Certificate one has to:
Challenge the IoT device to make sure they own the key linked to the certificate, typically this means:
Sending a random byte array to sign.
Getting the signed bytes.
Making sure they are signed with the right key.
Verify it is not expired if your certificate includes an expiry date.
Verify its signature is correct.
Query the chain to make sure that:
The Child Key was not revoked.
The Root Key was not verified.