Since I’m an idiot sometimes, I ran into this issue and ran across other people who were likely smarter than me but still made this mistake.
I started receiving notices that the certificates for this and other domains were set to expire and that the automated Let’s Encrypt renewal process had failed.
The issue turned out to be that I had Cloudflare proxying turned on in the DNS entries for the domain names that were failing the renewal.
Turning off proxying, running the Let’s Encrypt renewal process, and then re-enabling proxying solved the issue.