It is possible to sign expired cert and use it as an issuer

[pwalski]

What:
Add suitable warnings when using expired certificates in scenarios like below.

Problems:

• It is possible to sign cert with ValidityPeriod set to past (is expired).
• It is possible to sign cert using expired Golem cert.
• It is possible to sign cert which ValidityPeriod is longer than signing cert's.
  I report it because I believe openssl rejects attempt to sign expired cert, so maybe we should behave the same. It also does not allow for cert issuer expiring before signed cert.

[pwalski]

It is good that library verification method rejects not expired cert signed by expired cert, but it means rejection will happen on Provider side during Negotiation, not on the side of author of an application with Audited Payload the moment they will try to sign it using invalid certificate.