If I was an ISP had networks from UA and RU and my Cogent peering was removed from Russia, I might move some of my traffic through my partner in Ukraine, who does have a peering arrangement with Cogent. I haven't confirmed that is what happened, but you would see this kind of shift I think if they did that.
I'm a security guy and not a CCIE so perhaps a Cisco engineer here can weigh in.
What's interesting (to me, at least) is that there's an (signed) ROA for 31.148.149/24 and AS212463 is listed (IRR) as a valid origin AS -- AS35004 isn't.
All things considered, though, I'd find an explanation of "yeah, didn't have time to update the route objects yet" to be completely acceptable.
Same situation with 95.47.59/24, by the way.
(I let my Cisco certs lapse a decade or so ago, although I've certainly originated a prefix or two over the years.)
I highly recommend Kurose/Ross' Computer Networking book for a place to start. As the title suggests, it's a "top down approach" starting at the application layer, so if you're familiar with application network programming (and especially HTTP) you can probably skip the early parts of the book. It then details routing protocols, of which there are 2 major kinds: interior routing protocols (RIP, OSPF, EIGRP, iBGP, et al) and exterior routing protocols (eBGP). The former is for routing within your "autonomous system", the latter is for routing between autonomous systems.
It goes into detail. If you're just starting out, get a Network+, Security+ or any other systems administration, security or networking certification that covers the basics of networking and internetworking.
Is now being announced by AS35004 which HE shows is Ukrainian hosting provider https://netgroup.ua/
But the "Country of origin" of the AS is listed as Russian, which is perhaps where the confusion comes from. https://bgp.he.net/AS35004
About 95% of new AS35004's traffic goes through this peer: (which is Ukrainian) https://bgp.he.net/AS13249
And this peer: (which is Ukrainian) https://bgp.he.net/AS3326
Both of which Peer with Cogent.
What is interesting is that Cogent today decided to cut service to Russia. https://www.reuters.com/technology/us-firm-cogent-cutting-in...
If I was an ISP had networks from UA and RU and my Cogent peering was removed from Russia, I might move some of my traffic through my partner in Ukraine, who does have a peering arrangement with Cogent. I haven't confirmed that is what happened, but you would see this kind of shift I think if they did that.
I'm a security guy and not a CCIE so perhaps a Cisco engineer here can weigh in.