A certificate is a CA certificate if basicConstraints extension is present and has cA:TRUE.
A certificate is a Self-signed CA certificate if the following are true:
- The basicConstraints extension is present and has cA:TRUE
- The subject and issuer DNs of the certificate match
- The certificate signature is validated by the subject public key
A certificate is a Subordinate CA certificate if it is a CA certificate but not a Sign-signed CA certificate.
A certificate is a Terminus CA certificate if the basicConstraints extension is present and has cA:TRUE and the pathLenConstraint is present and set to 0 (zero).
A certificate is a Policy CA certificate if it is a CA certificate and is not a Terminus CA certificate.
A certificate is a Technically Constrained CA certificate if it is a CA certificate and it meets the requirements in section 7.1.5.
A certificate is an Unconstrained CA certificate if it is a CA certificate and is not a Technically Constrained CA certificate.
A certificate is a Root CA certificate if it an Unconstrained Policy CA certificate and is designated by the CA as a Root CA in the CA's CPS
CA cert -> "if basicConstraints extension is present and has cA:TRUE or the Version is either omitted or set to 0"
That is, if we're assuming in-scope non-compliance with the BRs, than an X.509 v1 cert is capable of issuing certs.