I think software is one way they can try to implement it. Would work, for proprietary software, like CUDA. You could have the GPU support signing and refuse to load any firmware not signed by Nvidia. They could sign each CUDA download for a specific GPU serial number, so you can't use one download on multiple GPUs.
Then, in order to download it, they could try to use network-based location services and filter out known VPNs. I think there would be too many issues with that, not only with preventing legit downloads, but also hackers using bot nets to hijack machines in "allowed" regions, to host their downloads.
It might seem like open source would throw a wrench in this whole scheme, but all GPUs have firmware "blobs" (i.e. pre-compiled binaries) that the GPU can't run without. So, they could still lock down certain GPU functionality, so that it requires a signed firmware blob that's tied to your serial number.
Obviously, whatever signing method they use needs to have quantum-resistant encryption. Because, "you know who" has quantum computers.