I had an issue with a firewall that showed three blades, TP-blades, licensed as “evaluation” and furthermore the license was expired.
The firewall itself, showed the licenses to be alright as shown in the picture below:
Various things were tried in order to solve the issue, but none of them made any difference.
- cplic eval_disable
- Removing all unnecessary licenses
- Verify connectivity to Check Point contracts service (curl_cli [–proxy ] -v -k https://usercenter.checkpoint.com/usercenter/services/ProductCoverageService)
- Disable Plug’n’Play – $CPDIR/bin/cpprod_util CPPROD_SetPnPDisable 1 
- Remove Plug’n’Play config file 
- Install an All-in-One eval license
The evaluation licenses were still present in the management database and had to be removed manually.
NB: Fiddle around in the database at your own risk. Remember to back up the system before doing anything.
Expert@Mgmt01]: psql_client monitoring postgres
monitoring=# select * from entitlement where exp_date <=’2019-12-27′;
monitoring=# delete from entitlement where blade_name=’Anti-Virus’ and entitlement_status=’Evaluation’;