This is possible using a process known as OCSP, but it causes its own problems:
* It's up to the CA whether to use OCSP or not. Most don't.
* There is a performance hit associated with doing the OCSP query. You don't want every outgoing connection you make to trigger a query, so you have to cache the responses.
* You disclose to the CA which web sites you visit, how often you visit them and how long you remain there. I don't think the connection to the OCSP server is itself encrypted, so anyone between you and the server will also become privy to this information.
* If the OCSP server is down and your browser is configured to ignore the failure, then a DOS attack on the OCSP server could compromise your security as you wouldn't know that a server's certificate has been revoked.
* If the OCSP server is down and your browser is configured to fail the connection, a DOS attack on the OCSP server becomes a DOS attack on all the web sites that use it.
If browser makers were serious about security then they would insist that every CA certificate they ship either:
* maintain an OCSP server; if so, connections to a web site must fail if an OCSP response can not be obtained
* publish CRLs; if so, the browser must be pre-configured to update each CA's CRL at regular intervals and refuse to connect to a web site if a recent CRL for the site's CA is not present.
I just checked Firefox, and it doesn't know about CRLs for *any* of the CAs whose certificates it ships, let alone automatically update them. I also checked Chrome, and it doesn't even have a UI for managing CRLs!