Expired certificates will not cause a problem if left on the keyring. Digital certificates can be used to encrypt data or tapes. So if you remove the certificate that was used too soon after it has expired, you will get a job failure. So you need to determine if your shop has used digital certificates in that way before removing them. If you have, when will the data be de-encrypted next? After that time, the new cert will be used to encrypt the data and the old cert can be removed.