In processes where keys are rotated, it's often desirable to support multiple public keys.

I took a look at the OpaqueVerifier and this would be a good way for client code to implement multiple public key verifier. However, all of the verifier code is private. So if I wanted to do something simple like support 2 rsa.PublicKeys, I need to copy/paste all of the verifier code out of go-jose.

Some tips in this directly would be beneficial. Ideally, the verifier would also be refreshable so we can hot reload public keys into it