Let's Encrypt "DST Root X3" root expiration affects old Android clients accessing broker

Running Snowflake with the default config mentioned in this repository and shown below Snowflake fails to create a connection on some Android devices (apparently older Android versions, I could reproduce that issue using Android 4 and Android 6 on a real device and on an emulator).

The error log tells me the cause of the connection failure is an expired certificate. WebRTC: x509: certificate has expired or is not yet valid: current time 2021-12-28T16:12:58Z is after 2021-09-30T14:01:15Z Retrying...

Default config, I'm referring to:

snowflake-target https://snowflake-broker.torproject.net.global.prod.fastly.net/
snowflake-front cdn.sstatic.net

Using a different broker and domain-fronting I can work around the issue (config taken from https://github.com/cohosh/snowflake)

Could you please have a look at the broker / domain fronting setup or adapt the documentation here?