The false claims that Apple somehow bypasses the firewall have been debunked multiple times. Some links to relevant discussion:
news.ycombinator.com
Despite Apple’s changes to macOS with the release of Big Sur, we can confirm that the Mullvad app still performs as intended by not allowing Apple’s own apps to bypass our VPN firewall.
mullvad.net
Also, where do you get the information that the location is part of Apples certificate validation request? As far as I am aware, all they send is the hash of the developers certificate.
What does notarization has to do with any of this? We are talking about Apples use of RFC 6960 to communicate revoked software certificates.