No, this is to be expected. When you run
dig AAAA www.saintjoisd.net +dnssec @dns101.register.com
you send the query directly to the responsible nameserver. The nameserver then replies with the data it has. A nameserver is not a [recursive] resolver, it does not validate its own DNSSEC responses (it could, but that would be fairly useless and not helpful). It's like asking a server to tell whether its own certificates are valid - it can obviously do this check, but if we're going to trust what the server says we could also stop validating altogether. The client has to perform the validation, and the nameserver is not the client - the [recursive] resolver is.
A resolver like Cloudflare is a [recursive] resolver, meaning that it retrieves the data from the domain's nameservers for you and performs DNSSEC validation. So the SERVFAIL you see is generated by Cloudflare in response to getting invalid data from the nameserver. Internally, Cloudflare got the exact same dataset you see when running the above command.
The authority section is often changed (primarily removal of irrelevant data) by recursive resolvers, so its to be expected that it looks different when asking the resolver vs the nameserver directly. Recursive resolvers also add data where they think its useful, while nameservers usually just tell you the answer to your "question" in DNS-speak.
(Also, to clarify: dig itself doesn't do any DNSSEC validation, at least not by default. I don't know if there's a switch to turn that on, +dnssec just sets the DNSSEC-OK (DO) flag, so that DNSSEC is visible in responses)