Async api for certificate validation

The certificate validation will under many circumstances want to do network traffic (to check revocation or fetch intermediates or other such things). Doing that in synchronous calls from gui applications is in general a bad idea, so offer api to allow it to be asyncronous instead.