ch4: move misplaced text

book/source/04-certificates.md

@@ -48,7 +48,7 @@ OpenPGP certificates are typically long-lived and may be changed (typically by t
 
 ## Component keys
 
-An OpenPGP certificate usually contains multiple OpenPGP component keys.
+An OpenPGP certificate usually contains multiple OpenPGP component keys. Component keys are used in one of two roles: either as "OpenPGP primary key," or as an "OpenPGP subkey."
 
 OpenPGP component keys logically consist of an [asymmetric cryptographic keypair](asymmetric_key_pair) and a creation timestamp. These attributes of a component key cannot be changed after creation (in the case of ECDH keys, two additional parameters are part of a component key's constituting data[^ecdh-paramters]).
 
@@ -76,8 +76,6 @@ The fingerprint of our example component OpenPGP key is `C0A5 8384 A438 E5A1 4F7
 E.g., an OpenPGP version 4 certificate with the fingerprint `B3D2 7B09 FBA4 1235 2B41  8972 C8B8 6AC4 2455 4239` might be referred to by the 64 bit Key ID `C8B8 6AC4 2455 4239` or styled as `0xC8B86AC424554239`.  
 Historically, even shorter 32 bit identifiers have sometimes been used, like this: `2455 4239`, or `0x24554239`. You may still see such identifiers in very old documents about PGP. However, 32 bit identifiers have [been unfit for purpose for a long time](https://evil32.com/). At some point, 32 bit identifiers were called "short Key ID", while 64 bit identifiers were called "long Key ID".
 
-Component keys are used in one of two roles: either as "OpenPGP primary key," or as an "OpenPGP subkey".
-
 ### Primary key
 
 The "OpenPGP primary key" is a component key that serves a central role in an OpenPGP certificate: