The CRL retrieval service retrieves the latest CRLs of specified certificate issuers. The service takes a CRL-retrieval request (see Section 3.5), retrieves the latest CRLs the request specifies, and returns a CRL-retrieval reply (see Section 3.6) containing the CRLs.
There may be more than one "latest" CRL for a given issuer, if that issuer has more than one public key (see RFC 1422 for details).
The CRL-retrieval reply includes a certification path from each retrieved CRL to the RFC 1422 Internet certification authority. It may also include other certificates such as cross-certificates that the certification authority considers helpful to the requestor.