The log file entries produced in CLF will look something like this
emphasis mine. In other words, this was an example. Not all commands are GETs, and even for the ones that are, you'll still have assholes out there who are not following the protocol (keeping in mind that the whole freaking point of a log file is to preserve what's actually happening so that you can, say, diagnose stuff that's going wrong...)
nor does it guarantee that the HTTP command field always consists of exactly 3 space-separated components (hint: it doesn't).
You read the wrong spec, or you misread the right one:
The Request-Line begins:
-- with a method token,
-- followed by the Request-URI
-- and the protocol version,
-- and ending with CRLF.
The elements are separated by SP characters.
No CR or LF is allowed except in the final CRLF sequence.
Request-Line = Method SP Request-URI SP HTTP-Version CRLF
That's the HTTP spec, which is all very nice but is not the Apache Log spec.
Just assuming for the sake of argument that the HTTP command line is indeed being copied verbatim into that field, there's also the question of whether all of the clients out there will be actually following the spec — we live in a world with script kiddies and DDOS hobbyists, after all (hint: I'm guessing there's a reason the Apache folks saw fit to double-quote that field)
In other news, in my real-live Apache 2.4 webserver using the default-format log, I see lines like this: