This is not true. They can impersonate your node and through that also change things like payout address. I have not tried any of this, but I’m pretty sure if they list the address as the one your node is still running on, they don’t have to have any of the files, because the satellite would still ask your original node for them. And even if that weren’t possible, they could still harm your node by failing audits and getting it disqualified.
This next part needs to be verified, but I think you only need identity.cert, identity.key and ca.cert. The numbered files are just backups of the certs before storj’s authentication server signed them. You’ll need the identity.key to sign communications with others on the network. But I don’t think you would still need the ca.key. Please don’t move anything without confirmation from Storj though.