I would probably just process the lines one-by-one as usual, and look at the first space-separated field to identify the subject and alt-name lines. Then, you can split the line to another array using the punctuation and pick the right part from there. (This is assuming there's nothing before the CN part -- I can't remember if that would be allowed.) If you want to actually check the surrounding text (the CN= and DNS: parts), then I'd switch to Perl instead then go see meuh's answer instead.
awk '$1 == "subject" { subject=$2; split($2, a, "[=,]"); cn=a[2]; }
$1 == "subject-alternative-name" { split($2, a, "[\":]"); altname=a[3]; }
END { out = "openssl ... -keyout " cn "_2025.key -subj " subject;
if (altname) out = out " -altname \"subjectAltName = DNS:" altname "\"";
print out
} ' < whatever.txt
openssl ... -keyout foo.whatever.com_2025.key -subj "CN=foo.whatever.com,O=XYZ,L=Toronto,ST=Ontario,C=CA" -altname "subjectAltName = DNS:bar.whatever.com"