I finaly found a fix for this and looks like some directions are missing from https://docs.pi-hole.net/guides/dns/unbound.
Fix Unbound Service Erroring out
I couldn't get unbound to run until adding a line to the /etc/unbound/unbound.conf
include: "/etc/unbound/unbound.conf.d/*.conf"
This will allow unbound to look at /etc/unbound/unbound.conf.d/pi-hole.conf as used in the documentation.
Unbound will launch but was still unable to validate DNSSEC.
To Fix Unbound DNSSEC Validating
Run sudo unbound-anchor to create a root.key file (mine ended up being in /var/lib/unbound). Add the following line to /etc/unbound/unbound.conf
auto-trust-anchor-file: "/var/lib/unbound/root.key"
Now I restarted the unbound service and I also restarted the dhcpcd service (but likely not required).
sudo service unbound restart
sudo systemctl restart dhcpcd
the dig commands are now working as expected from the documentstion.
dig sigfail.verteiltesysteme.net @127.0.0.1 -p 5335
dig sigok.verteiltesysteme.net @127.0.0.1 -p 5335
The first command should give a status report of SERVFAIL and no IP address. The second should give NOERROR plus an IP address.
Linked Resources
Pi-hole documentation - Unbound
Error installing unbound on new PI 4
Reddit - help_with_unbound_running_with_pihole
DNSSEC Validation with Unbound on a Raspberry