"Do you really think the official Dutch CA is going to turn down a government request for a false Cert, especially if it's presented as being for some important and legitimate government purpose like tracking thieves or terrorists?"
Perhaps not, but everyone who gets MITMed by it gets sent a copy of the certificate, which is non-repudiable evidence about what the CA did. Publish the cert, and the CA's untrustworthiness is exposed for all to see. A few tools so that some people are more likely to notice this, and suddenly it becomes a very business-risky thing for a CA to consent to do.
And if a government blows up all the CAs in its jurisdiction like this (and believe me, CAs 2-N will flee when they see what happened to CA 1) then the attack no longer works for them.