This is a new warning available as of FTL v5.25 building on dnsmasq v2.90 so it is very new and your findings here may really be the first ones on the web. This is part of the recently added protection against a DNSSEC vulnerability that could take down your Pi-hole in a denial-of-service kind of attack. More details here:
Please run
sudo kill -s SIGUSR1 $(cat /var/run/pihole-FTL.pid)
grep "DNSSEC per-" /var/log/pihole/pihole.log
and quote the output here. Another question: Is the unbound you've set up your sole upstream server?
Depending on the result of the commands above, we may need to increase the validation limit.
We need to add this, thanks for the reminder!