If I generate a key pair and use it to sign a file and distribute it and then I publish the public key somewhere like Facebook, any recipient of the file could be assured that the file originated from my Facebook account. A commercial certificate is not required to do this. As to whether the Facebook account holder is actually me is another problem, but hopefully major social media platforms require at least a photo ID.
Edit: Sorry, I said public certificate when I meant commercial certificate.