Only the binary exists on the servers as far find / -type f -name '*.go' can tell. @jsha when you are in for the day, would you mind taking a look please?
I’ve taken a stab at fixing this, and the immediately obvious fix doesn’t appear to be working. I’m going to attend to some other tasks and come back to this in a bit. Thanks so much for reporting!
I figured this was worth fixing because many people's sites may "mostly work" for a lot of users despite a missing intermediate, due to intermediate caching and AIA fetching. Since our goal is to let people know if their visitors will suddenly start seeing errors they didn't see before, I think handling this case is useful.
The site in the OP works now, but I can't think of any other misconfigured sites right now! badssl.com uses another CA, and the only other site I could remember got fixed!