Often abbreviated as CRL, this is a list of revoked certificates published by a certificate authority. Certificates can be revoked before their expiration date for a variety of reasons. For example, a certificate may be revoked if the private key is compromised. If automatic CRL generation is enabled and an interval is specified, then Oracle Certificate Authority automatically generates a CRL each time the specified interval elapses.