We use CreateOrderCert function to finalize an ACME order once it's status is Ready as per the ACME spec

CreateOrderCert calls the finalize endpoint of the ACME server and then calls WaitOrder which polls the ACME server till the order is in Valid, Invalid or Ready state (here).
I think that CreateOrderCert should not return when order's state is Ready as it is possible that when WaitOrder first looks at the order, the ACME server has not set the order status to Processing yet so it is still Ready.
I think from client's perspective it would make sense if in that case we'd keep polling the ACME server as it is in this case an intermittent state just like Processing.

(From looking at the spec it seems like a slow ACME server that sets the order status to Processing at some point after returning the finalize call would still be compliant. I haven't looked at LetsEncrypt implementation, but from looking at Boulder design it seems like they would set the order to Processing (and probably already to Valid) before returning from finalize call, so this should not be an issue. However I think we have seen an issue with this with another ACME implementation cert-manager#5062)