fasttrack disable

Try to raise the rules blocking for this address list higher. And put reject action instead of tcp reset (not sure if tcp reset and fasttrack will coexist normally).

in my opinion, on Mikrotik you can’t block sites except for L7 https in principle - you need to use a proxy

Replace reject with drop. Add udp, youtube can work on udp down anyway.
Check which addresses the client is going to, youtube can have a lot of them, and the address list is not updated online.
Alternatively, add a static entry for youtube to mikrotik's dns, to a stub or to 127.0.0.1, and block other dns.

Most likely, the IP of the YouTuber changes very quickly, to which the address of the Mikrotik sheet does not respond.
Try this:
By adding a .*\\.youtube\\.com DNS entry and wrapping it in a stub, we will block access to all hosts in the youtube.com domain.
Using the .*youtube\\.com entry will block all hosts whose name ends with youtube.com By
adding the .*youtube.* DNS entry and wrapping it around a stub, you can block all sites that contain youtube in the address.
To protect yourself from alternative dns, you can do the following:

/ip firewall nat
add chain=dstnat protocol=udp dst-port=53 action=redirect 
add chain=dstnat protocol=tcp dst-port=53 action=redirect

Checked. This method works, but there is a nuance - the browser has its own DNS client and it will still be able to resolve the address that is not in the address list.
You can try to prohibit access to foreign DNS, but in the era of DoH, this is also useless ...