There is no protocol MTLS, but it sounds like you are concerned with client authentication, also called mutual authentication, in TLS, which like server authentication normally uses X.509-type (more exactly, PKIX) certificates.
Background: X.509/PKIX certificates identify the Subject and Issuer (and sometimes other things/entities in some extensions) using the X.500/501 Distinguished Name structure also called X500Name, X501Name, or simply Name. This structure is defined in ASN.1 as a SEQUENCE (ordered) of RelativeDistinguishedName items, each of which is officially a SET (unordered) of pairs (SEQUENCE) of attribute type and value, although in practice the RDN SETs are almost always singletons, so Name is effectively a sequence of attribute type and value. This name format was designed to be used in a global, distributed, hierarchical network of 'directories', rather like DNS except (since CCITT-now-ITU-T is an organization of government agencies) rooted primarily in country-based national directories rather than functional or 'generic' ones like .com .org .edu .gov .mil .net, and X.509 certificates were designed as basically an export of data from that network of directories usable offline. In practice real X.500 directories aren't used at all, and even the prototcols for them like LDAP (Lightweight Directory Access Protocol) aren't used much except for Microsoft Windows 'domains' (Active Directory), but X.509 certs including the name format used in them are widely used in SSL-now-TLS, S/MIME, and many other applications.
The conventional textual or external form of a DN is a series of attr=value items, where the attr is commonly abbreviated, e.g. C for Country, ST for StateOrProvince, CN for CommonName, etc. Java uses the standardized form defined (with small changes/improvements) by RFCs 1485, 1779, 2253 and 4514 where the items are separated by commas and given in reverse order i.e. from last (lowest level) to first (highest level usually root), similar to DNS. For example Java displays the Subject of the cert currently used by www.duckduckgo.com as
CN=*.duckduckgo.com, O="Duck Duck Go, Inc.", L=Paoli, ST=Pennsylvania, C=US
OpenSSL traditionally used by default a format with slashes preceding each item (instead of commas separating them), and also going in forward order
/C=US/ST=Pennsylvania/L=Paoli/O=Duck Duck Go, Inc./CN=*.duckduckgo.com
but 1.1.0 up changed the default to use comma separators with forward order
C = US, ST = Pennsylvania, L = Paoli, O = "Duck Duck Go, Inc.", CN = *.duckduckgo.com
Some OpenSSL commandline operations, like x509, support other display formats; see the man page under "Name Options". In particular x509 -nameopt oneline,dn_rev gives almost the same format as Java:
CN = *.duckduckgo.com, O = "Duck Duck Go, Inc.", L = Paoli, ST = Pennsylvania, C = US
Wireshark if you only look at the summary for a transmitted certificate (in TLS) displays the attribute=value pairs with full names instead of abbreviations for the attributes, in reverse order like the RFCs and Java:
but if you click on the plus-sign boxes to expand a few levels you can see the structure with each attribute item separately, in forward order:
Precisely because there are and have been numerous variations on the display format, it is not a good idea to compare DNs as strings. If you need to store it as a string in e.g. a database, the better way to is to rebuild the structured form from the string -- using consistent conventions as to order, abbreviations, etc. -- and compare the structured objects. This is made a little easier if you read the javadoc and see that X509Certificate.getIssuerDN() and similarly .getSubjectDN() are 'denigrated' (apparently intended to be 'deprecated') and superseded since Java 1.4 by .getIssuerX500Principal() and .getSubjectX500Principal() which use a documented API class (instead of an opaque internal class) javax.security.auth.x500.X500Principal with a documented .equals() operation.
