BGP RPKI-Based Origin Validation Clarifications

Deployment of Resource Public Key Infrastructure (RPKI) based BGP origin validation is hampered by, among other things, vendor mis- implementations in two critical areas: which routes are validated and whether policy is applied when not specified by configuration. This document is meant to clarify possible misunderstandings causing those mis-implementations; and thus updates RFC 6811 by clarifying that all prefixes should have their validation state set, and that policy must not be applied without operator configuration.