Which phase in PKI occurs when a certificate is canceled before its expiration?

In PKI, revocation is the process of canceling a certificate before its expiration. When a certificate is revoked, it is no longer trusted, even if its original validity period hasn’t ended. This situation arises if the private key is compromised, the subject should no longer have access, or the certificate was issued in error. To prevent ongoing trust in the revoked certificate, the issuer publishes revocation information through mechanisms like a Certificate Revocation List or an Online Certificate Status Protocol responder, so others can verify the certificate’s status in real time. Renewal, on the other hand, is about extending the validity by obtaining a new certificate, not canceling the current one. Issuance is simply the creation and signing of a new certificate, and “creation” isn’t a formal PKI lifecycle phase.