⚠ Starting with Kubernetes 1.23, the Pod Security admission controller expects namespaces to have security labels. Without these, you will see warnings in subctl's output. subctl should work fine, but you can avoid the warnings and ensure correct behavior by adding at least one of these labels to the namespace "submariner-operator":
  pod-security.kubernetes.io/audit=privileged
  pod-security.kubernetes.io/warn=privileged
  pod-security.kubernetes.io/enforce=privileged 

oc get ns submariner-operator -o yaml
apiVersion: v1
kind: Namespace
metadata:
  annotations:
    openshift.io/sa.scc.mcs: s0:c27,c4
    openshift.io/sa.scc.supplemental-groups: 1000710000/10000
    openshift.io/sa.scc.uid-range: 1000710000/10000
  creationTimestamp: "2023-02-01T08:40:24Z"
  labels:
    kubernetes.io/metadata.name: submariner-operator
    olm.operatorgroup.uid/b6942f18-e4f8-41cd-a17e-cbf1a043bec3: ""
  name: submariner-operator
  ownerReferences:
  - apiVersion: work.open-cluster-management.io/v1
    kind: AppliedManifestWork
    name: 5fd0bf4ade2c79071b989f39af47f34a893de281b892c5a7aef575c94fef288e-addon-submariner-deploy-0
    uid: 4cbca467-97af-405d-bc18-7f94bb121717
  resourceVersion: "66359"
  uid: 209a83e9-af10-421a-997c-2d3184e3bc53
spec:
  finalizers:
  - kubernetes
status:
  phase: Active