rpki-client is an implementation of RPKI (Resource Public Key
Infrastructure), specified by RFC 6480. It implements the client
side of RPKI, which is responsible for downloading, validating
and converting ROAs (Route Origin Authorisations) into VRPs
(Validated ROA Payloads). The client's output (VRPs) can be used
to perform BGP Origin Validation (RFC 6811).
The design focus of rpki-client is simplicity and security. To
wit, it implements RPKI components necessary for validating route
statements and omits superfluities (such as, for example, which
X509 certificate sections must be labelled "Critical").