Some additional context here: the 0.0.0.0 and 128.0.0.0 routes are only created if the OpenVPN server (aka Access Server) is configured to push routes to send all the endpoint's Internet traffic via the VPN. By adding these broad routes, the user's Internet traffic can be routed while not interfering with routing on the local LAN, and ensuring that the endpoint remains able to route the OpenVPN traffic itself to the local router.
If sending all Internet traffic via the OpenVPN server isn't a requirement, you may be better off asking your VPN admin to create a profile that only routes traffic to required destinations (such as private IP address ranges) via the VPN instead of everything. That should avoid having to mess with the routes on the endpoint.
