... but there is one place where I disagree with Niels. He advised
against lowering the local-pref of invalid routes. I agree that this
should not be anyone's target policy, but it is a useful step along
the way.
For initial deployment, this can seem attractive, but remember that one of the benefits an ROA gives is specifying the maximum prefix length. This means that someone can't hijack a /23 with a /24.
Lowering local pref on invalid means you're no longer protected (just generating alerts) because longer prefix length always beats local preference.
Once you are confident that you're not dropping anything valuable, the local preference rule should move to dropping the route (not the traffic!) from being installed.
M