The QR codes simply divulge a URI with the secret key for generating tokens. They look like:
The QR code itself doesn't have any sort of time limit on them; they only serve to transmit the secret key.
I haven't actually tested it though. :-/
One thing to note is that neither Google Authenticator nor Duo Security let you display the secret itself in the app. Another thing to note is that Google Authenticator keys seem to be backed up if you back up your iPhone to a computer using iTunes (mine were still there after a restore).
# sqlite3 /data/data/com.google.android.apps.authenticator2/databases/databases 'select email, secret from accounts'
Just be mindful that whenever these screenshots get compromised, you lost all your tokens.