It may be tricky, mainly the part how you identify destination addresses. Websites often download stuff from many other domain, not just from their main domain. And even the main domain can be hosted in some cloud and can have several IP addresses that change all the time.
But let's say you want to start with something simple, for example this forum. Add destination to list:
/ip firewall address-list
add list=route_to_vpn address=forum.mikrotik.com
Add route to RasPi:
/ip route
add dst-address=0.0.0.0/0 gateway=<RasPi address> routing-mark=to_vpn
Tell router to use that route when destination is in the list:
/ip firewall mangle
add chain=prerouting dst-address-list=route_to_vpn connection-state=new action=mark-connection new-connection-mark=to_vpn passthrough=yes
add chain=prerouting connection-mark=to_vpn action=mark-routing new-routing-mark=to_vpn passthrough=no
This will create asymmetric routing, and if you have default firewall (or custom one that blocks packets with invalid connection state), it won't work. Simplest way to fix it is to use srcnat:
/ip firewall nat
add chain=srcnat connection-mark=to_vpn action=masquerade
To RasPi it will look like all connections come from router, but it probably shouldn't be a problem.
