RRDP serial numbers should only increase.

RRDP serial numbers should only increase.
Warn if the serial number decreases between syncs.

On top of this only allow a small window of up to 2 deltas from the
current one to consider our cache to be in sync.
The number 2 is probably to conservative and should be adjusted once
some data points got collected.

It seems to happen that CAs restore RRDP snapshots instead of building
a fresh snapshot with a new session-id. Which results in rpki-client to
ignore the repo until the serial number is bigger again.
OK tb@