Since you want to use roles and claims in the local userstore, I presume that the user already exists in the local userstore also. Since you want to authenticate with federated IDP, you can do user account association between the local user and federated user and use the claims of the user.
To read more about associating user accounts in IS5.3.0, please follow this documentation: https://docs.wso2.com/display/IS530/Associating+User+Accounts
After doing the account association, you can enable Assert identity using mapped local subject identifier (This option will use the local subject identifier when asserting the identity) under Local and Outbound Authentication Configuration for the Service Provider. Please follow this documentation to configure that property under the service provider. https://docs.wso2.com/display/IS530/Configuring+Local+and+Outbound+Authentication+for+a+Service+Provider