It's currently possible to configure any url for downloading GeoIP databases from. Even though this option can be only changed by a super user and only if the GeoIP admin is enabled, limiting those options to only trusted hosts makes Matomo a little more secure. If someone needs to use the autoupdater to download files from somewhere else he can simply adjust the config.
For now the check is only done when setting the downloader option. Not sure if we should check that directly before download as well. Didn't add that yet, to prevent failures after a Matomo update if someone already has configured something else.
It would be nice if the error message displayed to the user was translatable and would explain a bit more detailed what they need to do to fix it (or link to an FAQ entry).
@Findus23 good point. I've just improved the messages and made them translatable