How should ROA validation status influence routing decisions?

ROA validation status tells you whether a route’s origin AS is authorized to advertise that prefix under RPKI. When a route’s origin matches a ROA, it’s considered valid, trusted, and is typically accepted into the routing table. If there’s no ROA covering that prefix or the ROA data isn’t available, the status is Unknown/Not Found; how to handle those routes depends on local policy—often they’re accepted with caution or rejected to manage risk. If the origin is explicitly not authorized by any ROA for that prefix, the status is Invalid, and the route should be rejected to guard against potential hijacks. Thus, valid routes are trusted and usually accepted, Unknown/Not Found are handled by policy (often with caution or rejection), and Invalid routes are rejected.