I took a backup of the LetsEncrypt folder with cp /etc/letsencrypt/ /etc/letsencrypt.backup -r and then proceeded to delete the certs that had expired/were invalid.
The dry run shows perfect results now:
** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates below have not been saved.)
Congratulations, all renewals succeeded. The following certs have been renewed:
/etc/letsencrypt/live/old.thermalwatch.org.in/fullchain.pem (success)
/etc/letsencrypt/live/tcn.cag.org.in/fullchain.pem (success)
/etc/letsencrypt/live/data.cag.org.in/fullchain.pem (success)
/etc/letsencrypt/live/tegi.org.in/fullchain.pem (success)
/etc/letsencrypt/live/cag.org.in/fullchain.pem (success)
/etc/letsencrypt/live/www.thermalwatch.org.in/fullchain.pem (success)
/etc/letsencrypt/live/old.cag.org.in/fullchain.pem (success)
** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates above have not been saved.)
Thanks to you and @ JuergenAuer for all the suggestions and commands to help resolve this issue. Much appreciated.