Maybe you don't have the router do the authorization of the prefix.
Maybe it asks another box that says yes, or no. If that box disappears
you have a fallback mechanism (prefix-limit and as-path filter). Of
course you still need vendor buy-in.
I don't think this is realistic, so hold the tomatoes. I'm just trying
to think outside the box. Certainly you have a problem when you have a
catastrophic event and have hundreds of routers asking for authorization
of thousands of updates.
More realistically, it would be spiffy if there was a tool that would
listen to your BGP and tell you about routes that don't jive with the
IRR. This gives you some idea of what is going around your network that
might not belong. Today not only is there the potential for abuse of
peering with big providers, but there is very little that can be done in
terms of identifying it. If there was a tool that tracked routes outside
of the IRR you would at least know what was showing up that looked
funny. Could also be a good stick to beat people in to conformance by
showing who is not registering routes. Given good information on how all
the IRR stuff works, I think I could write a tool like that. Is there