Allow directory authorities to reject descriptors with EOL Tor versions

So, we have the option that directory authorities recommend Tor versions but it seems there is no way right now to just set an option that blocks old Tor versions unless this is taken care of by a new Tor release. While in theory we could try to just get those new Tor releases deployed as we decide EOL versions need to go the fact that we often need to treat bridges differently (as they are scarce) makes that route a bit cumbersome as we'd need to convince Serge not to update to such a new Tor version yet. Things get really complicated if we want the directory authorities to deploy a Tor security update after that as for Serge we'd then need a backout of the "block EOL versions" part.

In order to avoid all that hassle it would be nice to have some option directory authorities could set to block particular old Tor versions without the need for a new Tor release. That would make the whole EOL process easier for a lot of involved parties (right now we need to get dirauths to block all the fingerprints and then once a bunch of relay operators get back to us one by one after the upgraded their Tor version those fingerprints need to get unblocked again...).