For the szOID_NETSCAPE_CA_REVOCATION_URL extension, CryptEncodeObject, CryptEncodeObjectEx, CryptDecodeObject, or CryptDecodeObjectEx can be called with lpszStructType set to X509_ANY_STRING or X509_UNICODE_ANY_STRING.
A relative or absolute URL can be used to check the revocation status of any certificates that are signed by the CA that this certificate belongs to. This extension is only valid in CA certificates. The use of this extension is the same as for the szOID_NETSCAPE_REVOCATION_URL extension.
The following details apply:
"2.16.840.1.113730.1.4"
pvStructInfo points to a CERT_NAME_VALUE structure. The dwValueType member of the CERT_NAME_VALUE is set to CERT_RDN_IA5_STRING. The Value member's pbData member points to an IA5_STRING that is a relative or absolute URL that can be used to check the revocation status of any certificates that are signed by the CA that this certificate belongs to.
When encoding, use X509_ANY_STRING when the string format in the Value member's pbData member is Ascii, and use X509_UNICODE_ANY_STRING when the string format is UNICODE. For the UNICODE case, before encoding, the string is converted to an IA5_STRING as specified by setting dwValueType to CERT_RDN_IA5_STRING.
For decoding, the user has the option of selecting the format of the string that is output to the CERT_NAME_VALUE structure. Use X509_ANY_STRING when the desired string format is Ascii, and use X509_UNICODE_ANY_STRING when the desired string format is UNICODE.