Does it mean I should not be able to watch Netflix with a rooted phone?
Funny, old S7 has TWRP recovery, open bootloader and some custom ROM. Netflix app still seems to work. Only rooted it because I got sick to death of watching YT ads twice every fucking 10min or follow-up video.

Wow that is kinda dumb, I mean if they are going to implement such restrictions at least don't do a half assed approach or in the case of tethering, don't monetise things which are stupid to do so.

No, that is already handled by the bootloader removing access to the devices widevine certificate when oem unlock is enabled

If you know what you're doing you can run tweak the active memory, pull the Java cache and edit it, etc to give yourself credits in games, convert a free app to the paid version, get around carrier restrictions, and more. You'd be surprised how many things don't authenticate data with a server as a cost cutting measure. Seriously. It's shocking how easy it is to do. Back in the day I used to edit the Java cache to get around AT&T's tethering restrictions because I wasn't going to pay $20 a month for a wired tethering plan when I could wireless tether for free.

I don't know about ganking DRM'd movies from Netflix or getting freebies from the major apps with quality 2FA, but it's really easy to screw over the little guy or to get around artificial software limitations like needing to pay AT&T $20 a month to change a 1 to a 0 so I can tether over USB instead of WiFi.

Why are they so paranoid on custom roms? Did anyone crack DRM and download movies from Netflix app?

Probably to absolutely ensure that rooted phones and tablets can't lie to Netflix and Disney+ about not being rooted.

Ok, but what is the reason for that ?
To know if we modified / replaced the bootloader and ROM and refuse to install some stuff because we don't have a Google spyware infested phone ?