It's not an MITM attack, just a self-signed certificate. You can verify by changing identities and seeing that it's the same certificate serial and fingerprints no matter which exit node you use.