ASN1_TIME_to_tm() in LibreSSL and modern OpenSSL ensure that at is a
valid ASN1_TIME. Both GeneralizedTime and UTCTime can represent times
before epoch, so the error is currently slightly too aggressive. Use
the idiom in the timegm(3) CAVEATS.

We could use OPENSSL_gmtime() instead but this would require a compat
implementation for OpenSSL < 4 (and LibreSSL 3.6) in portable. To keep
things reasonably simple the compat impl would likely be the below...

Index: x509.c
===================================================================
RCS file: /cvs/src/usr.sbin/rpki-client/x509.c,v
diff -u -p -r1.131 x509.c
--- x509.c	13 Apr 2026 03:36:10 -0000	1.131
+++ x509.c	27 May 2026 03:14:50 -0000
@@ -298,7 +298,8 @@ x509_get_time(const ASN1_TIME *at, time_
 		return 0;
 	if (!ASN1_TIME_to_tm(at, &tm))
 		return 0;
-	if ((*t = timegm(&tm)) < 0)
+	tm.tm_wday = -1;
+	if ((*t = timegm(&tm)) == -1 && tm.tm_wday == -1)
 		return 0;
 	return 1;
 }