Most private keys in Git repositories seem to be test data. But why are those test private keys sometimes used for other things? Probably just people lazily copying from ~/.ssh/idrsa or copying to ~/.ssh/idrsa.
Keys (at least rsa,ec,ssh ones) don’t expire - certs do. Also you’re not required to set expiration at all and probably should not in test for the very reason you mentioned. Unless you’re testing expiration validation of course in which case cert will be intentionally expired.
I'm somewhat surprised how many keygen type tools don't support ways to do that without putting a passphrase on a command line. Gpg is nice, with --passphrase-fd.