Since when can you not spoof any of that? Grab a used android phone from local used market. Put any rooted rom on it. Spoof the gps... Device id is irrelevant at that point. As for origin, not sure what you mean by that, you can just order the starlink equipment to a random address in a different country, it will look legit. As others said, it's trivial to bypass/spoof all that metadata.
Once you got the connection up and running you just use a vpn to hide everyrhing.
The only thing they could do is block starlink for a whole region, that would affect everyone in there. But you still couldn't distinguish who is using the service.