allow certificate validity intervals, sshsig verification times and

allow certificate validity intervals, sshsig verification times and
authorized_keys expiry-time options to accept dates in the UTC time
zone in addition to the default of interpreting them in the system
time zone. YYYYMMDD and YYMMDDHHMM[SS] dates/times will be
interpreted as UTC if suffixed with a 'Z' character.

Also allow certificate validity intervals to be specified in raw
seconds-since-epoch as hex value, e.g. -V 0x1234:0x4567890. This
is intended for use by regress tests and other tools that call
ssh-keygen as part of a CA workflow.

bz3468 ok dtucker