No. I don't work for Cloudflare. Back when I naively spent additional time and effort "reporting" abuse to the abusers, the only action ever taken was them continuing to cash their customer's checks. I'm here hoping to either help improve LE's architecture, or find a minimal-cost way of updating mine to deal with LE choosing to live in a bad network neighborhood.
I do not recommend blanket block on firewall. If you must, then I'd recommend only inbound traffic on the affected ports only. Otherwise, given Cloudflare global usage, you risk severely crippling your internet connectivity (e.g. unable to access APIs like Let's Encrypt, or domains you host for the 1.1.1.1 public DNS resolver users).
That sounds like the "too big to fail" logic that always seems to end in catastrophic failures. My connectivity is improved when I cut off hosts on abusive networks. All ports. In and out. I'd like to think Let's Encrypt can function without being a part of that hostile side of the Internet.