Thanks for the report! @alexzorin has the analysis right. We did recently refactor this code, and made a slight change.
In general, you can request a specific name in the Subject CN but putting it in the Subject CN of your CSR. That's the supported workflow on the Let's Encrypt side, though it's a bit obscure.
If you don't put anything in your CSR's Subject CN, we pick something from the list of SANs. That used to be the first in the list of SANs provided. Now it's the alphabetically first. Sorry for the surprise there!
Short-term, if it's very important to have a specific name in the Subject CN, you can generate your own CSRs and pass them to Certbot.
Long-term, we and the rest of the industry plan to put nothing in the Subject CN. The Subject CN is not used for validation in any modern systems so it's clearer to leave it empty. I'd be curious to hear what your use case is for needing a specific Subject CN. And in general it would be good to plan for Subject CNs to go away in the not-too-distant future (no timeline announced yet).