Hello @Nitin Paras
This issue may occur when the sub CA certificate can't be chained to a trusted root CA certificate or the revocation check is failed. As you mentioned above, after the migration there could be some communication or network filtering between CA and Sub CAs, please make sure that the CDP is still reachable from the sub CA server. Otherwise, revocation check will fail.
You also export the certificate as a file and run command to it
certutil -verify -URLFetch yourcert.cer
This traces the validation of the certificate all the way to the top and generally spells out any errors it may find.
Hope this helps with your query,
--
--If the reply is helpful, please Upvote and Accept as answer--