Update 5/24/2012: Facebook has finally added the ability to manage app restrictions into the Developer App. See https://developers.facebook.com/docs/opengraph/userrestrictions/
We posted sample code demonstrating the capabilities of Facebook's iframe Tabs for Pages. You can view the sample tab here and the code on GitHub: https://github.com/Affinitive/FacebookRestrictedTab. The code also contains sample php scripts for setting and removing demographic restrictions for Facebook applications.
Demographic restrictions are based on the user's Facebook account settings. If a person doesn't meet the demographics or is not logged in to Facebook, she will not see the application or tab at all. So this has it's advantages (unauthorized people can't reach the app at all) and disadvantages (not visible to people not logged into Facebook).
With the March 2011 release of iframe Tabs for Pages, it allows us to use normal GeoIP methods to detect a person's country. This can be used for display of geo-targetted data to people not logged into Facebook. If the user is logged in to Facebook, her min age, country, and locale are all passed in the signed request.
The way to do GeoIP targeting as well as access all of the Facebook data that is available is demonstrated in the sample code. Also see Facebook's official documentation on Custom Page Tabs.