Accept mutualTLS for clients with cert signed by specific CA

From the documentation concerning mutualTLS on it seems that Tyk only supports mTLS for whitelisted client certificates. Is there a possibility to whitelist not the client certificate, but a CA that signed the client certificate instead? This would allow for mutual authentication based on a CA certificate and not require to enter all client certificates on a whitelist in the API definition. If not, is this feature on the roadmap?