If you build the binary using guix, its SHA256 checksum should match what's in the SHA256SUMS file.

SHA256SUMS.asc contains the signatures of the developers attesting SHA256SUM is correct.

Without using guix, i.e. just the normal build procedure, you usually get a different binary every time you build it.