If you are running raspian jessie lite and upgraded dnsmasq, as explained here, you may still get a lot of INSECURE and some BOGUS or ABANDONED validation results. I know I do. I've already raised this here, but I'm not getting any response, therefore, I continued to investigate.
I found a discussion on a dutch forum, discussing the problems with DNSSEC and read about a great site that not only validates DNSSEC, but also shows a lot of detailed information.
I'm also using this site (the page should NOT load if DNSSEC is working), this site, and of course this site (from the pi-hole settings page).