BIND servers which are configured to perform DNSSEC validation and which are using managed-keys (which occurs implicitly when using "dnssec-validation auto;" or "dnssec-lookaside auto;") may terminate with an assertion failure when encountering all of the following conditions in a managed trust anchor:
a key which was previously trusted is now flagged as revoked;
there are no other trusted keys available;
there is a standby key, but it is not trusted yet
more here............https://kb.isc.org/article/AA-01235
a key which was previously trusted is now flagged as revoked;
there are no other trusted keys available;
there is a standby key, but it is not trusted yet
more here............https://kb.isc.org/article/AA-01235