Debian repositories are signed as a whole, meaning the metadata containing checksums of the packages.
Expiry leads to no more updates. See
Revocation most likely has the same effect. In theory some monitoring software could show a warning to the user or send an email. But i don’t think it happens by default.