SBoM validation should check OS Architecture is valid

[sxa]

Follow-on activity to https://github.com/adoptium/temurin-build/issues/3484 We do not currently check the OS Architecture field in the SBoM. This came up as part of https://github.com/adoptium/temurin-build/issues/3602 where, in the cross-compiled situation, the architecture is that of the host system instead of the target. This example is from https://github.com/adoptium/temurin21-binaries/releases/download/jdk-21.0.2%2B13/OpenJDK21U-sbom_x64_mac_hotspot_21.0.2_13.json:

    "properties" : [
      {
        "name" : "OS version",
        "value" : "Darwin 23.1.0"
      },
      {
        "name" : "OS architecture",
        "value" : "arm64"
      },

For other non-native compilations:

• This will also affect the evaluation Windows/aarch64 which is cross-compiled from x64
• Arm32 (built in a docker container on aarch64) is unaffected as the build image has a uname wrapper to fix the value to that of the guest container
• riscv64 is unaffected as the qemu layer used for running the build containers on aarch64 returns the correct value in the container, not the host kernel.