Hi Jim,
Personally, I'm not too fussed by this. The bad guys are not likely to be forming an orderly queue to get their certs from the NCC. And I think/hope the Dutch courts would take a robust view when governments or the Scientologists come looking for a court order. But in the final analysis, I struggle to see how an RPKI cert revocation would be any different from adding a prefix to the "official" blacklist that ISPs are encouraged to implement today.
I have been told that the Dutch law explicitly makes revocation and/or confiscation of 'our type' of certificates impossible, so a law change is necessary it make it possible at all. Not impossible, but it's another hurdle in the path of bad guys. I will try to get a formal statement from a lawyer to confirm this. If for some reason we need to fear intervention from the Dutch government we can look into the suggestion of Mikael about parallel authorities in multiple jurisdictions. And I would like to thank everybody for providing feedback on this proposal. Thank you, Sander Steffann APWG co-chair