Regardless of how you configure Cloudflare (Full or Full (Strict)) the origin server will use the same certificate be it self-signed or Cloudflare’s generated origin certificate.
The screenshots do look to have the right origin certificate but this is on the root domain, your original message suggests the problem occurs with subdomains, what certificates do you see on subdomains when Cloudflare is paused?
The certificate being served there is just for the root domain and the www. subdomain, but it is missing the wildcard so that certificate is only available for the root and www. names themselves. Also it isn’t Cloudflare’s client certificate.
My guess is you need to install Cloudflare’s client certificate on your subdomains either in your control panel or whatever service is on the subdomain if it is a different server/service.
The root did seem to be configured properly as it worked before even in Full (Strict).