This is a common error usually related to the expiry of DST Root CA X3 last year.
Fixing this most likely requires updating your client system trust store (ca-certificates) to include ISRG Root X1. If you're running OpenSSL < 1.1, additional workarounds must be applied.