Take a look at me.com, for example. Before Apple bought it, it was owned by SnappVille.com. If SSL certificates didn't expire, SnappVille could have continued using their certificates for me.com.
That still doesn't fully explain why they expire, as CRLs and OCSP allow certificates to be revoked. I can't quite explain why having an expiration date is safer, I just feel it's a good practice, to protect against possible key compromise.
But, they would have to get the private certificate? And if someone got that even while Apple still owned me.com, lots of nasty man in the middle attacks could have been made.