Agreed, there should not be a tight (temporal) couple.

But it's a trade off. Long-lived TLS certificates have always had the cert revocation problem. OCSP stapling never took off, so in the end the consensus seems to have been to decrease expiry date. (Mostly fueled by Let's Encrypt / ACME).

Relying on expiration rather than explicit revocation of course also assumes (somewhat) accurately synchronized clocks which is never trivial in distributed systems. In practice it put's pressure on NTP, which itself is susceptible to all kinds of hairy security issue.

I like to think of the temporal aspect as a fail-open / fail-close balance. These centralized solutions favour the former, and that's why we see this resulting outage.