Is it possible that the cookie could still have a value but be expired?

This is browser-dependent. I would say that if the end user has not exited the browser between yesterday and today (machine left on, browser remains loaded), then the chances are high that the cookie is considered valid even with a date that has expired.

Browsers consider cookies without an expiration date to be session cookies. Many, if not most, browsers consider an "expired" cookie to also be a session cookie -- assuming that it made it into cookie memory one way or another.

A browser writes to the cookie file upon exit, and reads the cookie file into memory when first loaded. It's at this point that the dates are examined. If the date is missing or expired, it doesn't get loaded, and doesn't get written to disk on exit.

But it it's already in memory, it's considered valid.

I know, because I once mistakingly thought that the way to set a session cookie was to set an expiration date that was in the past. It worked, except on one browser, where it was flaky. Then I looked up the cookie spec and discovered that a session cookie is officially defined as a cookie with no expiration specified at all. That fixed my mistake for that one browser.