i.MX6UL with Secure Boot and HAB errors

I can't seem to find definitive information on what the cause may be to the HAB Event error of (0x22) or HAB_INV_ADDRESS.

--------- HAB Event 1 -----------------
event data:
   0xdb 0x00 0x08 0x42 0x33 0x22 0x0a 0x00

   STS = HAB_FAILURE (0x33)
   RSN = HAB_INV_ADDRESS (0x22)
   CTX = HAB_CTX_AUTHENTICATE (0x0A)
   ENG = HAB_ENG_ANY (0x00)

Can anyone help point me to the proper documentation?

I've gone through AN4581.pdf and HAB4_API.pdf and HABCST_UG.pdf.

Here's some further info about my setup.

Here's my CSF:

[Header]
Version = 4.2
Hash Algorithm = sha256
Engine = SW
Engine Configuration = 0
Certificate Format = X509
Signature Format = CMS

[Install SRK]
File = "../crts/SRK_1_2_3_4_table.bin"
Source index = 0 # Index of the key location in the SRK table to be installed

[Install CSFK]
# Key used to authenticate the CSF data
File = "../crts/CSF1_1_sha256_2048_65537_v3_usr_crt.pem"

[Authenticate CSF]

[Unlock]
Engine = CAAM
Features = RNG

[Install Key]
# Key slot index used to authenticate the key to be installed
Verification index = 0
# Target key slot in HAB key store where key will be installed
Target Index = 2
# Key to install
File= "../crts/IMG1_1_sha256_2048_65537_v3_usr_crt.pem"

[Authenticate Data]
# Key slot index used to authenticate the image data
Verification index = 2
# Address Offset Length Data File Path
Blocks = 0x877ff400 0x0 0x074000 "./u-boot-padded.imx"

my u-boot.imx is 0x73c00 in size padded to 0x74000 using the documented objcopy command:

objcopy -I binary -O binary --pad-to 0x74000 --gap-fill=0x5A u-boot.imx u-boot-padded.imx

IVT looks like:

> xxd -g 4 -l 48 u-boot-signed.imx
0000000: d1002040 00008087 00000000 2cf47f87 .. @........,...
0000010: 20f47f87 00f47f87 00308787 00000000 ........0......
0000020: 00f07f87 00600700 00000000 d201e040 .....`.........@

Any help/pointers/tips to get me going in the right direction would be greatly appreciated. Thanks!