Release Notes: Provide checksum/image validation steps

Current release notes do not contain information to validate downloaded images (whether from torrents or from our mirrors). There should be a blurb that explains how to do so, by using the checksum files provided as well as having steps to validate against the checksum repo (by verifying commit signatures, optionally checking against pgp key servers): https://github.com/rocky-linux/checksums