An ASN (Autonomous System Number) refers to a block of IP addresses.
Most large organizations or ISPs are allocated a number of ASNs.
ASNs can be useful to block an entire organization. Instead of manually having to add hundreds of IP addresses into a firewall rule, you can simply block the entire ASN, which blocks all IPs within that ASN.
There are many search tools online such as https://www.ultratools.com/tools/asnInfo.
For example, searching for Google returns a number of ASNs.
Alternatively:
dig google.com ; <<>> DiG 9.16.1-Ubuntu <<>> google.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2531 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 65494 ;; QUESTION SECTION: ;google.com. IN A ;; ANSWER SECTION: google.com. 300 IN A 216.58.198.206 ;; Query time: 24 msec ;; SERVER: 127.0.0.53#53(127.0.0.53) ;; WHEN: Mon Jan 04 15:55:10 GMT 2021 ;; MSG SIZE rcvd: 55
…then…
whois -h whois.cymru.com " -v 216.58.198.206" AS | IP | BGP Prefix | CC | Registry | Allocated | AS Name 15169 | 216.58.198.206 | 216.58.198.0/24 | US | arin | 2012-01-27 | GOOGLE, US
NOTE: ASN is shown here as 15169, which is another of the above returned ASN in the search.
Taking AS41264 from the above search as an example:
whois -h whois.radb.net -- '-i origin AS41264' | grep ^route | grep -v route6 | cut -d" " -f7 | most
returns:
74.125.63.0/24 74.125.58.0/24 74.125.60.0/24 104.132.0.0/16 104.132.0.0/23 104.132.2.0/23 104.132.4.0/23 104.132.6.0/23 104.132.8.0/23 104.132.10.0/23 ...
NOTE: The IP addresses within an ASN may change often, so if you do use this for firewalling then update the list regularly.
Also note that the other ASN 15169 determined above also contained the same IP as ASN 41264. So blocking either of these ASN will still block the IP.