So why do I get the expiration error?
Android made a design decision to ignore the expiry on root certificates (it's arguable that expiry on root certificates doesn't make much sense in the first place).
"lets encrypt" is a relatively new CA and to support existing systems their root was "cross-signed"* by DST. The DST root certificate has now expired but because of the aforementioned android behavior a cross signature is still useful for supporting clients running old versions of andriod.
When such a chain is used on a system with a modern root certificate list the cross signature should be ignored and the IRSG (lets encrypt) root should be used. Unfortunately openssl 1.0.x does not handle this scenario correctly.
This issue can be worked around by removing the old DST root certificate. When this is done the chain will correctly be built to the IRSG root.
* My understanding is that technically the "cross signature" consists of an "intermediate certificate" with the same content and key as Lets Encrypt's root certificate.