It is probably due to authorization reuse/caching on your Let’s Encrypt account - Let’s Encrypt does not force you to repeat authorizations for the same domains for some period of time (~30d, subject to change). Instead, it skips the authorization bit and proceeds immediately to issuing the certificate.
If you want to make sure that your authorizations are fresh and your hooks are tested properly, use --dry-run. It will also prevent you from blowing your rate limits and wasting Let’s Encrypt’s resources.