tests: Add test that verifies using current issuer certificates

[jku]

During #910 development the test suite was passing but a simply running this failed with InvalidSCTKeyError:

sigstore sign README.md
sigstore verify identity --cert-identity $ID --cert-oidc-issuer $ISSUER README.md

The reasons for this seem to be:

• SCT verification code made assumptions about the order of certificates in the issuer "chain"
• At some point in time "chain" actually was in that assumed order
• all of the current test data was generated during that time
• current "issuer chain" looks different

So the problem is that right now we have no test that actually asserts that our SCT verification works on current sigstore trust root. We should add

• A new asset test/unit/assets/new_bundle.txt (like the other txts, just a text file)
• A new good signature bundle in test/unit/assets/new_bundle.txt.sigstore (the bundle is the result of running sigstore sign new_bundle.txt
• a test that asserts that the new bundle verifies correctly (copying test_verifier_offline() probably works fine)

Note that if you create this new bundle, it will contain the email address that you used to authenticate with.