How to revoke a certificate

To revoke a certificate, use 'sq key revoke' and specify a <REASON> and a <MESSAGE>:

$ sq key revoke --cert $FINGERPRINT --reason superseded --message 'there will be a new one'

Here is the equivalent to revoke a subkey:

$ sq key subkey revoke --cert $PRIMARY_KEY_FPR --key $SUBKEY_FPR --reason retired --message 'not used'

To revoke a USER ID from a certificate, add the subcommand userid:

$ sq key userid revoke --cert $FINGERPRINT --userid 'alice' --reason retired --message 'testing_purposes'

More about revocation: Chapter 'Revocation'