use warnings;
use strict;
use LWP::UserAgent;
use Net::SSLeay;
use LWP::Protocol::https (); # just to make sure this is installed
use Class::Method::Modifiers qw/around/;

# wrap this method to fetch additional info from the cert
around 'LWP::Protocol::https::_get_sock_info' => sub {
	my $orig = shift;
	my ($self, $res, $sock) = @_;
	my $cert = $sock->peer_certificate;
	$res->push_header("Client-SSL-Cert-NotAfter"
		=> Net::SSLeay::P_ASN1_TIME_get_isotime(
			Net::SSLeay::X509_get_notAfter($cert) ) );
	$orig->(@_);
};

my $ua = LWP::UserAgent->new;
my $res = $ua->get("https://www.perlmonks.org/");
die $res->status_line unless $res->is_success;
my @issuer   = $res->header("client-ssl-cert-issuer");
my @subject  = $res->header("client-ssl-cert-subject");
my @notAfter = $res->header("client-ssl-cert-notafter");
print "  Issuer: @issuer\n Subject: @subject\nnotAfter: @notAfter\n";

__END__

  Issuer: /C=US/ST=New Jersey/L=Jersey City/O=The USERTRUST Network/CN=USERTrust RSA Domain Validation Secure Server CA
 Subject: /CN=perlmonks.org
notAfter: 2022-09-02T23:59:59Z