diff --git a/internal/handler/msgpack.go b/internal/handler/msgpack.go
index b649f6a..64def3a 100644
--- a/internal/handler/msgpack.go
+++ b/internal/handler/msgpack.go
@@ -272,6 +272,13 @@ func (m *MsgPackHandler) parseCommand(frame []byte, command *protocol.Command) e
 		}
 
 		command.Command = signCertificateCommand
+	case messages.CmdRevokeCertificate:
+		revokeCertificateCommand, err := m.parseRevokeCertificateCommand(frame)
+		if err != nil {
+			return err
+		}
+
+		command.Command = revokeCertificateCommand
 	default:
 		return fmt.Errorf("unhandled command code %s", command.Announce.Code)
 	}
@@ -382,6 +389,18 @@ func (m *MsgPackHandler) handleSignCertificateCommand(
 	return &messages.SignCertificateResponse{CertificateData: res.Certificate.Raw}, nil
 }
 
+func (m *MsgPackHandler) parseRevokeCertificateCommand(frame []byte) (*messages.RevokeCertificateCommand, error) {
+	var command messages.RevokeCertificateCommand
+
+	if err := msgpack.Unmarshal(frame, &command); err != nil {
+		m.logger.WithError(err).Errorf("unmarshal failed")
+
+		return nil, errors.New("could not unmarshal revoke certificate command")
+	}
+
+	return &command, nil
+}
+
 func New(logger *logrus.Logger, handlers ...RegisterHandler) (protocol.ServerHandler, error) {
 	messages.RegisterGeneratedResolver()
 
diff --git a/pkg/messages/messages.go b/pkg/messages/messages.go
index 34eba94..bdf5077 100644
--- a/pkg/messages/messages.go
+++ b/pkg/messages/messages.go
@@ -360,3 +360,37 @@ type SignCertificateResponse struct {
 func (r *SignCertificateResponse) String() string {
 	return fmt.Sprintf("cert_data of %d bytes", len(r.CertificateData))
 }
+
+type RevokeCertificateCommand struct {
+	IssuerID string `msgpack:"issuer_id"`
+	Serial   []byte `msgpack:"serial_number"`
+	Reason   string `msgpack:"reason"`
+}
+
+func (c *RevokeCertificateCommand) String() string {
+	builder := &strings.Builder{}
+
+	_, _ = fmt.Fprintf(
+		builder,
+		"issuerID=%s, serial=0x%s", c.IssuerID, new(big.Int).SetBytes(c.Serial).Text(16),
+	)
+
+	if c.Reason != "" {
+		_, _ = fmt.Fprintf(builder, ", reason=%s", c.Reason)
+	}
+
+	return builder.String()
+}
+
+type RevokeCertificateResponse struct {
+	IssuerID  string    `msgpack:"issuer_id"`
+	Serial    []byte    `msgpack:"serial_number"`
+	RevokedAt time.Time `msgpack:"revoked_at"`
+}
+
+func (r *RevokeCertificateResponse) String() string {
+	return fmt.Sprintf(
+		"issuerID=%s, serial=0x%s, revoked_at=%s",
+		r.IssuerID, new(big.Int).SetBytes(r.Serial).Text(16), r.RevokedAt.Format(time.RFC3339),
+	)
+}