experiment with canceling auth-only orders
currently authorizations leave a dangling order to expire, acme doesn't expose a cancel mechanism.
Experiment with submitting an empty (or bad) csr to close the order (should start discussion on LE board, alternatively lobby for pre-auth implementation to avoid the order entirely)