When you retrieve a short-lived access token via /oauth2/token, the response includes the expiration information in the 'expires_in' field. You can store and refer to that information to check if the short-lived access token would be expired at any point in time.
To actively check if any particular access token is still valid though, you would need to perform an API call. For example, for user-linked access tokens, calling /2/check/user or /2/users/get_current_account would be good options, as those don't have any side effects. (Likewise, for team-linked access tokens, you could use /2/team/get_info.)