Without --cert-name, the new item is created whenever you request a cert for a set of names that has overlap with a previous set but isn't a strict superset.
For example, if you first request example.com and www.example.com, and later request example.com and example.net without www.example.com, the new certificate would likely be called example.com-0001, while the example.com cert covering www.example.com would continue to exist. That is, removing any name from the old certificate's list will cause the generation of an -0001 cert if you don't specify --cert-name.
The intended way to prevent this is indeed @_az's recommendation of specifying --cert-name (this is the only way to remove a name from an existing cert's coverage with Certbot).