How to renew an expired keypair with gpg

Private keys never expire. Only public keys do. Otherwise, the world would never notice the expiration as (hopefully) the world never sees the private keys.

For the important part, there is only one way, so that saves a discussion about pros and cons.

You have to extend the validity of the main key:

gpg --edit-key 0x12345678
gpg> expire
...
gpg> save

You have to make a decision about extending validity of vs. replacing the subkey(s). Replacing them gives you limited forward security (limited to rather large time frames). If that is important to you then you should have (separate) subkeys for both encryption and signing (the default is one for encryption only).

gpg --edit-key 0x12345678
gpg> key 1
gpg> expire
...
gpg> key 1
gpg> key 2
gpg> expire
...
gpg> save

You need key 1 twice for selecting and deselecting because you can extend the validity of only one key at a time.

You could also decide to extend the validity unless you have some reason to assume the key has been compromised. Not throwing the whole certificate away in case of compromise makes sense only if you have an offline main key (which IMHO is the only reasonable way to use OpenPGP anyway).

The users of your certificate have to get its updated version anyway (either for the new key signatures or for the new key(s)). Replacing makes the key a bit bigger but that is not a problem.

If you use smartcards (or plan to do so) then having more (encryption) keys creates a certain inconvenience (a card with the new key cannot decrypt old data).