Having a non-garbage domain provider can be a luxury. I used to work at a place where we were paying boatloads of money for certificates from Sectigo for internal services, and they were charging us extra per additional name and even more if we wanted a wildcard, even though it didn’t cost them anything to include those options. Getting IT to set up the DNS records for Let’s Encrypt DNS verification was never going to happen.
This is a bad idea. If breaking the law of any country can result in extradition to that country then people are going to be getting extradited for things like disrespecting the communist party.