gpgv is meant as a tool that does stricter key verification.
It currently does not seem to handle revoked or expired GPG keys, returned
SUCCESS for verification with them.
It is not clear from the manual page if this is a missing feature or
intentional. If intentional it should probably clarified in the manpage.
(spotted by Michael Schroeder at SUSE)