To be valid the token must be signed by the passed in certificate and
the certificate must be the one refered to by the SigningCertificate
attribute included in the hashed attributes of the token.
To be valid the token must be signed by the passed in certificate and
the certificate must be the one refered to by the SigningCertificate
attribute included in the hashed attributes of the token. The
certifcate must also have the ExtendedKeyUsageExtension with only
KeyPurposeId.id_kp_timeStamping and have been valid at the time the
timestamp was created.
A successful call to validate means all the above are true.