Hey Ariel,
I'm not a cert-manager expert but I do know a bit about certificates in general. I think it would be helpful if you could provide more details about what you mean by "client certificates". Technically, the certificates being issued by cert-manager from Let's Encrypt (and probably from other backends) can already be used as client certificates since the "TLS Web Client Authentication" key usage is typically set (it is for Let's Encrypt, at least). So cert-manager might already be doing what you need.
Reading between the lines of your question I speculate that what you're actually looking for is an easier way to distribute certificates to pods..? Is that right?
The other thing that often comes up with client certificates is a desire to use different identities/names in certificates and to use alternative enrollment techniques (i.e., *not* ACME), since a client doesn't always have a resolvable domain name. Again, I'm just speculating here. Is that what you're looking for?