This was a tough one! I just couldn’t come up with a reason that let’s encrypt would be going to the wrong host. Turns out it’s not always DNS.
tl;dr: You told let’s encrypt to get certs for your bare domain in addition tothe Discourse one, and later changed DNS for the bare domain to point to your other site.
And the longer version . . .
One day, you wanted Discourse to handle requests for not only discourse.gomomentum.org but also gomomentum.org, so you added a stanza to your app.yml as described here: Set up Let’s Encrypt with multiple domains / redirects
So, let’s encrypt requests checked that both of those domains were originally going to your Discourse server.
This explains why those requests for SOME OTHER DOMAIN were going to let’s encrypt.
Then, another day, likely years later, but sometime in the past 3 months, someone decided that gomomentum.org should go to your main site and not the Discourse site anymore. And at that point, let’s encrypt stopped working, but the certs last for 3 months, so by the time this happened, it was mostly impossible to connect the DNS change with this cert renewal failing to work.
I removed that stanza from your app.yml and did a rebuild and you’re back in business!