In the spec, there are three ways to express semantically equal thing.
CustomerId == sub == x-fapi-customer-id
As an OIDC related spec, it should standardize on
Also, the http header value for this fixed value may not be trustworthy as it is not a secret and can be reproduced by anyone. So it should not be relied upon. Perhaps, it should be removed from the Security parts and moved to Part 4 to make sure that people does not misunderstand that this is a security feature.