Check certificate revocation using PowerShell.

CheckCertRevocation.ps1

# Potential workaround for errors:
# https://stackoverflow.com/questions/2675133/c-sharp-ignore-certificate-errors
# https://stackoverflow.com/a/66882479/1277533

$webRequest = [Net.WebRequest]::Create("https://www.company.com")
try { $webRequest.GetResponse() } catch {}
$cert = $webRequest.ServicePoint.Certificate
#$bytes = $cert.Export([Security.Cryptography.X509Certificates.X509ContentType]::Cert)
#set-content -value $bytes -encoding byte -path "$pwd\company.cer"
#certutil.exe -verify -urlfetch "$pwd\company.cer"

$chain = New-Object System.Security.Cryptography.X509Certificates.X509Chain
$chain.ChainPolicy.RevocationFlag = [System.Security.Cryptography.X509Certificates.X509RevocationFlag]::EntireChain
$chain.ChainPolicy.RevocationMode = [System.Security.Cryptography.X509Certificates.X509RevocationMode]::Online
$chain.ChainPolicy.UrlRetrievalTimeout = New-Object System.TimeSpan(0, 0, 30)
$chain.ChainPolicy.VerificationFlags = [System.Security.Cryptography.X509Certificates.X509VerificationFlags]::AllowUnknownCertificateAuthority
$chain.Build($cert)
$chain.ChainStatus.Status