No, you cannot do this from a search head. Validation of audit events relies on linking events together so they form a chain where each event points to the previous event, and so on. When you issue a search from a search head, the search head is responsible for bringing all events from all search peers together and show them in whatever order you chose. When doing this, events from different search peers can and will be mixed in the search results, which results in that the search head won't be able to validate anything. The alternative would be for the search head to retrieve a bunch of extra events and hope that it has the correct certificates/keys for performing the validation, but that could very quickly get messy, especially considering that more complex searches would include commands that would cause search peers to return their results to the search head early in the search (head is an example of a command that will cause this behaviour for instance).

I agree with you that it would be elegant if the search peers could somehow validate the events before returning them to the search head, however this is as far as I know not currently possible.