On the subject of retry-after, while the CA may have recommendations they're not operating with full knowledge of your environment.
For instance I have some users managing 18000+ certs on one server and one account and so in that case the client will have to check at the very least 24 certs per hour to get through them all in a month and deferring to the suggested retry-after may or may not yield the required throughput. On top of that I believe the expectation/convention is to check every cert every 6-12 hrs [so, up to 72000 checks per day in this case].
Personally I would have liked a single endpoint saying that 1 or more events is happening/has happened potentially affecting certs issued within a date range, rather than having to check every cert every day but I'm not aware of all the scenarios that the standard is intended to cover.