According to what you show us the PKCS#11 attribute CKA_SENSITIVE
set to false indicates that you should be able to view the value. It is however likely that the token does not allow you to extract the value. Most of these kind of tokens do not fully implement PKCS#11 and only allow certain operations to take place. If this is true then it should not be possible to set CKA_SENSITIVE
to false, but that's IT for you...
I would track down the manufacturer (or, if possible, the developer) of the token and ask for the specific functionality implemented by the token.