Initiator authenticate using reverse zone and the responder using forard zone.

Road is the initiator and east is the responder.
When road initiate the connection, it send an IKE request, and
simultaneously start query for the responders IPSECKEY in reverse zone.
23.2.1.192.IN-ADDR.ARPA.    120 IN IPSECKEY 10 0 2 . AQO9bJbr3

When the east, the responder, receive IDi (in IKEv2 AUTH exchange),
IDi type FQDN, responder will query forward zone for IPSECKEY.

road.testing.libreswan.org. 120 IN IPSECKEY 10 0 2 . AQPHFfpyJ

Buth sides authenticate each other using the public fetched from DNS.