Certificate authority
Certificate Authorities are trusted third party companies who issue digital certificates and public-private keys for encryption of messages. In order to issue these certificates, a CA first consults with a registration authority (RA) such as credit card company to check whether the requester's information is legit. Only after the proper verification, the CA can issue a certificate claiming that the organization or the individual is the one who he claims to be. Having a digital certificate on a website proves the owners identity hence developing a trustworthy environment in business.[1]
A certificate includes all the information about the owner including his public key, the expiration date of the certificate.[2]
Authentication
Almost all the browsers present today are able to detect if certificate of certain website is expired or it does not have the certificate signed by a known company. In that case a warning message usually appears on the first page saying the problem with the certificate. One can then move on to the website or leave the page right there.
VeriSign and DigiCert are two known companies in the field of digital certificates. Rest of the reliable companies' list can be read here.[3]