feat: implement Gateway API allowedRoutes namespace and kind validation

[SinghVikram97]

What type of PR is this?
feature

Which issue does this PR fix:
#786

What does this PR do / Why do we need it:
Implements Gateway API allowedRoutes validation to control which Routes can attach to Gateway listeners.

• Namespace validation (Same/All/Selector) for cross-namespace Route access control
• Kind validation (HTTPRoute/GRPCRoute/TLSRoute) based on listener protocol compatibility

Testing done on this change:
Tested manually and added e2e tests

Will this PR introduce any new dependencies?:
No

Will this break upgrades or downgrades. Has updating a running cluster been tested?:
This change might break existing Routes. Routes violating allowedRoutes will be rejected and show Accepted: false status. Breaking scenarios include:

• HTTPRoutes in different namespaces targeting Gateways with listeners having default Same namespace policy
• TLSRoutes targeting HTTP/HTTPS listeners (protocol incompatibility)

Old version of controller ignores default validation

Does this PR introduce any user-facing change?:

Gateway API allowedRoutes namespace and kind validation is now enforced. Routes violating Gateway listener policies will be rejected with Accepted:false status.

By default, Routes are supported in same namespace and kind depends on protocol compatibility (HTTP → HTTPRoute, HTTPS → HTTPRoute+GRPCRoute, TLS → TLSRoute).

For more details, refer: https://gateway-api.sigs.k8s.io/reference/spec/#allowedroutes

Do all end-to-end tests successfully pass when running make e2e-test?:

Ran 132 of 132 Specs in 4823.666 seconds
SUCCESS! -- 132 Passed | 0 Failed | 0 Pending | 0 Skipped
--- PASS: TestIntegration (4823.67s)
PASS
ok      github.com/aws/aws-application-networking-k8s/test/suites/integration   4823.711s

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.