You don't need to "use" the old root, you want to configure the chain of certificates provided so that it links back from your leaf cert to Identrust's "DST Root CA X3" not "ISRG Root X1". Specifically the chain will be just one cert, an "intermediate" which you want to ensure is the one cross-signed not the new one.
This provides a hint to the client that it should trust this certificate because it can follow the trust back down the chain to DST Root CA X3 (which it trusts) not to ISRG Root X1 which is too new-fangled for it to have heard of.
You want the one labelled: Let’s Encrypt Authority X3 (IdenTrust cross-signed)
In nginx you need to concatenate the leaf certificate from Let's Encrypt (often a file named "cert.pem") with the file you downloaded from that site, to produce a chain, which you could call mychain.pem, and then tell nginx that's your certificate chain with a config line like:
This provides a hint to the client that it should trust this certificate because it can follow the trust back down the chain to DST Root CA X3 (which it trusts) not to ISRG Root X1 which is too new-fangled for it to have heard of.
This page has both flavours of intermediate:
https://letsencrypt.org/certificates/
You want the one labelled: Let’s Encrypt Authority X3 (IdenTrust cross-signed)
In nginx you need to concatenate the leaf certificate from Let's Encrypt (often a file named "cert.pem") with the file you downloaded from that site, to produce a chain, which you could call mychain.pem, and then tell nginx that's your certificate chain with a config line like:
ssl_certificate /some/path/to/mychain.pem
where right now you may see
ssl_certificate /where/letsencrypt/puts/fullchain.pem