The CRL Monitor module is used by the OCSP service to check the certificate revocation information for the CAs that are registered in the Trust Manager with validation policy set to "Local CRL Cache". Note that OCSP is not suitable for historic certificate validation because it only provides current time certificate status. 

Ensure the CRL retrieval policy is configured correctly for the CAs within the ADSS Trust Manager. Also ensure that CRL Monitor is running and it is polling for CRLs for those CAs whose automatic polling is enabled.

See also

Step 1 - Generating Keys and Certificates
Step 2 - Registering CAs
Step 4 - Configuring OCSP Repeater Service
Step 5 - Registering Trusted CAs for OCSP Repeater Service
Step 6 - Using the Service Manager