Add getter for X509 certificate

Users have requested access to the underlying certificate, which is
usually available (as all non-deprecated constructors set it) and can
give access to additional properties that are useful to developers,
allow them to validate it with an X509TrustManager, or otherwise use
it with APIs that take an X509Certificate object.

Bug: 111696337
Bug: 36984840
Test: cts -m CtsNetTestCases -t android.net.http
Change-Id: I6aebaa38fad683e09e095e5b5e2f3424694ec426