Remove/replace certificate chain verification from the library

Proposed Change

The library currently includes built-in logic for verifying certificate chains when validating signed metadata. Since certificate validation policies often depend on different use cases, this responsibility should not be embedded in the library. Instead, the library should expose a protocol that allows users to provide their own certificate chain verification implementation.