If on the first time my machine accesses mywonderfulbank.com, the request gets been intercepted by a site which has a bogus certificate, there'd be no way my machine could catch that, but if my machine had previously accessed the real mywonderfulbank.com and received a certificate, there would be no way a phony certificate could pass muster without a warning.
Nice idea but unfortunately certs don't work that way.
Each cert is independently signed by a higher CA. Many companies can (and do) switch CAs for various business reasons. For example I switched my company's CA from VeriSign to Thawte to save money. Under your system my new certs would not work because the new CA does not match the old one.
In PKI circles various ideas have been kicked around about to increase trustworthyness of a cert, such as co-signing or otherwise having a 3rd party vouch for the CA that signed you. Microsoft already does this to a limited extent with Authenticode-signed device drivers, which requires a Microsoft Cross-Certificate before Windows 7 will load your 64-bit kernel code.