Your DNS config is unusual.
The www subdomain has a DNS CNAME to what looks like a WP service:
www.plumbingandelectrical.net.au 60 IN CNAME wp.wpenginepowered.com.
But, your apex domain points to a single AWS IP address (probably LightSail):
plumbingandelectrical.net.au. 0 IN A 3.24.225.144
Would you explain why you set these domain names up differently?
Further, this service at www is proxied at Cloudflare as Bruce notes. This means you are using its CDN. Yet, you say you use LightSail. That is also a CDN. It is very unusual to have two "layers" of CDN. This makes traffic flows very complicated. It is almost certainly not what you want.
And, you could not possibly have gotten a cert using lego and tls-alpn for your www subdomain with this configuration.
EDIT: I also thought this seemed familiar and you had this exact problem last October. An error occurred creating certificates with Let's Encrypt: - #4 by MikeMcQ