I have to say that I like your UI.

Would you mind adding some more metrics/information?

• Which certificate \EFI\Microsoft\Boot\bootmgfw.efi on EFI system partition is signed with
  • Reason: In Multiboot scenarios (e.g. Win10+Win11, or multiple systems using Boot2VHD) the "global truth" does not always match the "local truth" reflected in the system registry
• In case EFI system partition contains \EFI\boot\bootx64.efi, whether it is a Microsoft boot loader and if yes which certificate it is signed with
  • Reason: When working with multiple OS (Win+Win, or Win+Other), sometimes there appears such a fallback bootloader, which may be used by the firmware for booting despite a "correct" bootloader is present in the EFI variables. Getting to know whether that one is still outdated
• The thumbprint of the Platform Key in a form that can be copied.
• Whether 

  "C:\Windows\System32\SecureBootUpdates\KEKUpdateCombined.bin" of the currently booted Windows instance contains a KEK update for that platform key

• Whether https://github.com/microsoft/secureboot_objects/blob/main/PostSignedObjects/KEK/kek_update_map.json contains a KEK update for that platform key
  • Reason: Getting a better feeling whether there is a chance that the KEK gets updated when flicking the switch now, and whether there is a chance for it to work in the future

Thank you.