validator: accept a confusing NODATA proof with insecure delegation

validator: accept a confusing NODATA proof with insecure delegation

Honestly, I find it ugly and probably unintended,
but it's correctly signed and other vendors tend to accept it.

Example:
;; ->>HEADER<<- opcode: QUERY; status: NOERROR; id: 24204
;; Flags: qr aa rd; QUERY: 1; ANSWER: 0; AUTHORITY: 4; ADDITIONAL: 1

;; EDNS PSEUDOSECTION:
;; Version: 0; flags: do; UDP size: 4096 B; ext-rcode: NOERROR

;; QUESTION SECTION:
;; _domainkey.mail.cez.cz.              TXT

;; AUTHORITY SECTION:
cez.cz.                 3600    SOA     ns10.cez.cz. netmaster.cez.cz. 2025021801 14400 3600 604800 7200
cez.cz.                 3600    RRSIG   SOA 10 2 3600 20250302073317 20250223063317 45620 cez.cz. JnAonhCOi234lF2A40lYaHcuKtxACKz8X6UFILSgSaK00xyXDk6gWDWo3nmMjXxBwgfP98Gaj8nLMqRZ7ezAEUfWi+5P4YCQzax5Habu3nKB+XKocIPMCHHMhOMf410w4Taz4N2rKgi1p71QkuujISi3JZWzqG4bqzot2cGL12w=
1vk9lupeivbv7dhsb7udm5da1hkd089j.cez.cz. 7200   NSEC3   1 0 1 ACB298B834ADA5FD 1vk9lupeivbv7dhsb7udm5da1hkd089k A NS HINFO MX AAAA SRV RRSIG CAA
1vk9lupeivbv7dhsb7udm5da1hkd089j.cez.cz. 7200   RRSIG   NSEC3 10 3 7200 20250303115912 20250224105912 45620 cez.cz. OBW90lof86IoVsiuKkNEf4useG3fikE+npAVkpbiVsgMZWLHRNzAAlIU9wPMH5S4CWpnwoMVTaNtWJxegsG7cvCDZrjVVNOHE9hLOG2eG9f57vx/tVFTe4/DegO9KOyColOOYt4nt/uj7LTJZbzJY3Ev8I9971LEkFf5IxVwwPU=