L1 has been bypassed by piracy groups for years (through social engineering). They just don't share the keys publicly because it would give their opponents an advantage. See [1].
True, I didn't realize those were l1 keys. I'll have to read up on the revocation mechanism, if there is any. I'm also wondering how those keys usually leak. Is it through vulns, or just exploiting unsecure key handling?