I recently published an open API to obtain information about IPs used by bots. You can read more about the API in these two blog posts: article 1, article 2
Except for Tor exit nodes, I DON'T crawl any malicious IP list. All the IPs flagged as bots are obtained through several techniques that enables me to be sure about the fact they were/are used by bots (proxies, honeypots). However, keep in mind that some of these IPs may be also shared by legitimate human users.
For the moment I consider 4 categories of IPs:
Disclaimer: IP locations are obtained with Maxmind, they may not be 100% accurate.
Disclaimer: Autonomous systems are obtained with Maxmind, they may not be 100% accurate.