Verifying PKI certificates
A certificate is automatically verified when it is requested, obtained, or used by an application. If the certificate expires, if it is not issued by a trusted CA, or if it is revoked, the certificate cannot be used.
You can also manually verify a certificate. If it has been revoked, the certificate cannot be requested or obtained.