They are quite literally negotiable: https://isrg.formstack.com/forms/rate_limit_adjustment_reque...
replyThere are also a bunch of rate limit exemptions that automatically apply whenever you "renew" a cert: https://letsencrypt.org/docs/rate-limits/#non-ari-renewals. That means whenever you request a cert and there already is an issued certificate for the same set of identities.
Your comment is 100% correct, but I just want to point out that this doesn't negate the risks of bob's approach here.
replyLE wouldn't see this as a legitimate reason to raise rate limits, and such a request takes weeks to handle anyway.
Indeed, some rate limits don't apply for renewals but some still do.