In addition to the great advice you've received here, when going with an "allow list" approach for Geo enforcement as opposed to the more common "deny list", watch out for DNS traffic getting blocked which can cause some strange-looking effects.
Also if you are based in the United States, I'd recommend allowing Canada and Mexico. Probably will need to allow most of western Europe as well, or at least minimally the UK. You'd be surprised how much Internet site access is geographically dispersed into these areas for access from the United States, which you will find out very quickly with your approach.
Here is an excerpt from my 2021 IPS/AV/ABOT Video Class discussing these very issues:
New 2-day Live "Max Power" Series Course Now Available:
"Gateway Performance Optimization R81.20" at maxpowerfirewalls.com