As a sibling comment mentioned, the root servers are unlikely to get such order since they deal with registries and not what I would call end user domain names.
Registries do get block orders. When the Swedish registry got that for piratebay they choose to treat it like a domain dispute and gave ownership of the domain to the police, which the police in turn could treat like any other taken property and auction it out. The trouble is when the police wanted to destroy it, as there isn't a good definition on how to destroy a name so it can never be used again, and the registry was not keen on allowing the concept of a block.
You can choose not to delegate it, but then how long and who should maintain the list of names that should not be delegated? Who should pay for the work to implement it, and who should pay for the maintenance for said system, and for how long? Should there be an appeal process or some kind of oversight, and who should body those roles?
In theory the law makers could specify this in law as form of registry regulation, but no one want to do that just to address one or two court cases where this question comes up. The registrar of last resort doesn't give any direct answer to those questions either.
These cases come up far more frequently than "one or two court cases" -- many takedowns of botnet/malware (e.g., Avalanche) end up in ROLR. See "domain generation algorithms".
In general, the vast majority of registries are fine with marking particular domains as "allocated but not delegated" as long as they get paid. ISTR ICANN waiving their fees, so the costs of marking a domain as undelegatable essentially turn in lost opportunity cost, which most registries are willing to eat.
The number of times a domain ownership get turned over to the police are not that common. For malware it is much more common to just remove the registration than to keep it registered for all eternity. There are a few different procedures used for malicious registrations (got to be careful with cnc), but the absolute most common seems to be to just put the domain on hold and then remove the registration after a short period. 99.9% (likely a few more 9s) are handled like that voluntarily by the registry and also by some registrars, which mean it does not involve the courts. The number of cases where it does goes the full length to court, a guilty verdict is reached, and the ownership of a malicious domain is decided to be given over to the police are very few.
Registries do get block orders. When the Swedish registry got that for piratebay they choose to treat it like a domain dispute and gave ownership of the domain to the police, which the police in turn could treat like any other taken property and auction it out. The trouble is when the police wanted to destroy it, as there isn't a good definition on how to destroy a name so it can never be used again, and the registry was not keen on allowing the concept of a block.