The authorization fails because of the User not being found in the authorization mapping: The User is disabled.
The User is not authorized when requesting a GET on the protected resource.
The Policy Server 12.52SP1 does not find it in one of the LDAP servers defined for that resource:
ldap1:389
ldap2:389
ldap3:389
The former Policy Server 6.0SP5CR05 had a bug which was corrected in 6.0SP5CR25, to fix a known issue for a condition that was allowing access even if the User was disabled.
From smps-6_0_5_35-readme.txt :
80437 The policy server directory mapping feature will no longer
authorize a user when the authorization user directory has disabled
the user but the authentication user directory has not disabled them.