The "CRL" specifier indicates a special PEM message type, used to transfer one or more Certificate Revocation Lists. The format of PEM CRLs is defined in RFC 1422. No user data or encapsulated text accompanies an encapsulated header specifying the CRL message type; a correctly-formed CRL message's PEM header is immediately followed by its terminating message boundary line, with no blank line intervening.
Only three types of fields are valid in the encapsulated header comprising a CRL message. The "CRL:" field carries a printable representation of a CRL, encoded using the procedures defined in Section 4.3.2.4 of this RFC. "CRL:" fields may (as an option) be followed by no more than one "Originator-Certificate:" field and any number of "Issuer-Certificate:" fields. The "Originator-Certificate:" and "Issuer-Certificate:" fields refer to the most recently previous "CRL:" field, and provide certificates useful in validating the signature included in the CRL. "Originator-Certificate:" and "Issuer-Certificate:" fields' contents are the same for CRL messages as they are for other PEM message types.