When an anonymous outer ID is configured on cat.eduroam.org I believe this tool extracts the value as-is (which includes the realm) and passes it straight through to the Windows profile for provisioning.
This results in configuration failing with an 1206/13 error - corrupted profile as Windows is not expecting to see @realm.tld appended to the value for the AnonymousUserName parameter. I tested this by manual crafting of an Microsoft XML profile, and this expectation/ behavior has also been confirmed by the community. (https://eduroam.slack.com/archives/C019BE46C94/p1654175069502989)
3.2.5.1 worked fine as it wasn't attempting to configure the anonymous outer ID for PEAP at all, but with 3.2.8 fixing this bug it breaks. Profiles from cat.eduroam.org without an anonymous ID work in both versions as expected.
@EdKingscote