Why do Chrome and Firefox report a different server certificate and issuer than OpenSSL?
Unsure for your exact use case, but that is what the Server Name Indication TLS extension precisely addresses.
In HTTPS, the SSL handshake where the server presents its certificate occurs before the server could examine any HTTP header. SNI allows the client to send the name of the virtual domain as part of the TLS negotiation.This enables the server to select one certificate among many. Therefore, with clients and servers that implement SNI, a server with a single IP address can serve different domain names with different certificates.
SNI was added to the IETF's Internet RFCs in June 2003 through RFC 3546, Transport Layer Security (TLS) Extensions. The latest version of the standard is RFC 6066.
It is now the de-facto standard, because in large datacenters the front proxies can serve hundreds or thousands of sites, not speaking of Content Delivery Networks like Akamai or CloudFront (thanks to Mike Ounsworth for that part)
More details on the referenced page.
BTW, openssl can use SNI with the servername option:
openssl s_client -connect somesite.org:443 -servername somesite.org -showcerts
should be enough to get same certificates than browsers get