Why in lumen in oauth_access_tokens.expires_at field does not work?

In lumen app with dusterio/lumen-passport when new user is logged into the system

request like:

"token_type": "Bearer",
"expires_in": 31536000,
"access_token": "ey...",
"refresh_token": "de...5f0"

is returned and new row in “oauth_access_tokens” table is added with expires_at field and

also 1 more row in “oauth_refresh_tokens”

But when I tried to change manually value in oauth_access_tokens.expires_at field (I set prior date) I expected that user will not have access ander this token, but it has access anyway...

Also checking sql tracing :

   SELECT * 
    FROM `oauth_access_tokens` 
    WHERE `id` = '336283f12e8c41d6c84a0f304191e93047ff5f6b349ad0e80c634460efb1e1d516d3e50f2d227f03' limit 1 

in sql statements I do not see any checks on expires_at field...

Looks like that work a bit different I expected...

Also what for is “oauth_refresh_tokens” table and how can I use it ?

Making login I set days_to_expire parameter in LumenPassport before token creation:

$days_to_expire =  30;
$tokens_expire_in = Carbon::now()->addDays($days_to_expire);

LumenPassport::tokensExpireIn($tokens_expire_in, $client_id);

$tokenRequest = $request->create('api/oauth/token'), 'POST');
$tokenRequest->request->add([
    "grant_type"    => "password",
    "username"      => $email,
    "password"      => $password,
    "client_id"     => $client_id,
    "client_secret" => $client_secret,
]);

$response = app()->handle($tokenRequest);

        

and tokens_expire_in that is the value I see in oauth_access_tokens.expires_at field...

"dusterio/lumen-passport": "^0.3.4",
"laravel/lumen-framework": "^8.3.1",

Thanks!