-h
Emit usage message and exit.
-K directory
Sets the directory in which the key files are to reside.
-r
After writing the new keyset files remove the original keyset files.
-v level
Sets the debugging level.
-E engine
Use the given OpenSSL engine. When compiled with PKCS#11 support it defaults to pkcs11; the empty name resets it to no engine.
-f
Force overwrite: Causes dnssec-revoke to write the new key pair even if a file already exists matching the algorithm and key ID of the revoked key.