compromised private key - how is it used ?

Hello, if my private key becomes compromised - how do attackers actually use it ?

I am thinking that even though they have the private key, they do not have the actual certificate so how they can fake an HTTPS website without the certificate?

Thanks for any information.