[ found in old emacs buffer. might have already been sent ]
Invalid according to RPKI or IRR? Or both?
In this context the use of the word “invalid” refers to the result of validation procedure described in RFC 6811 - which is to match received BGP updates to the RPKI and attach either of “valid”, “invalid”, or “not-found”.
In IRR, the challenge has always been that “route:” objects describe a state of the network that may exist, but the semantics of “route:” objects don’t allow extrapolation towards what should definitely *not* exist in the BGP Default-Free Zone.
RPKI ROAs (compared to IRR objects) carry different meaning: the existence of a ROA (both by definition and common implementation) supersedes other data sources (IRR, LOAs, or comments in whois records, etc), and as such can be used on any type of EBGP session for validation of the received Internet routing information.
do not disagree with your pedantry. but ... as i am pretty sure arturo knows all that. i suspect he was wondering if mark is gonna throw irr data in the mix the way chris says google will (or does?). and if so, how? seems a useful question. irr acls scale poorly in routers. but mark said customer-facing, which could be reasonable depending on the platform. e.g. ntt uses irr-based acls toward customers. but i am cheered if mark is dropping rpki-based origin validation invalids. it's a big step. randy