Release v0.2.0

Added

• Certificate Revocation Checking - OCSP-first verification with CRL fallback
  • Soft-fail mode: network errors return status: 'unknown', signature remains valid
  • Issuer certificate retrieval from XAdES chain or AIA extension
  • Optional via checkRevocation: false for offline-only verification
• RFC 3161 Timestamp Verification
  • Parse and verify RFC 3161 timestamps (SignatureTimeStamp)
  • Check TSA certificate validity and revocation (OCSP/CRL)
  • Use trusted TSA time for signer certificate validation
  • revocationOptions pass-through to verifySignature()

Changed

• Refactored encoding utilities (consolidated base64/hex/ArrayBuffer helpers)

Fixed

• Browser compatibility import fixes (direct paths vs barrel imports)
• Fixed vulnerable dev dependencies