This tool and associated timer (systemd) or cron (init.d) entry
 ensure that Certificate Revocation Lists (CRLs) are periodically
 retrieved from the web sites of the respective Certification
 Authorities.
 .
 The fetch-crl tool finds all *.crl_url files in the configured CRL
 directory, downloads the CRLs listed in those files and saves them in
 the same directory. The default configuration uses
 /etc/grid-security/certificates as the CRL directory.