In the context of membership, I think that one of the key things to remember is that there are six "bases for processing", of which consent is only one. The ICO have at times suggested that consent should only be used where other bases do not apply. Certainly that's true for membership - if people join, you have a duty to store their data (safely) and contact them about membership matters, including for example AGMs and renewals. You could, I suppose, call that legitimate interest in GDPR terms. So don't ask for consent as such for processing, or for them to opt in, for such mailings.
They have a right to ask you to stop processing their data, but I don't really see how they can do that without also resigning. As ever, you should make clear what you will do when they first sign up.
Consent probably would apply to optional extras, such as promoting club events, sales of club clothing, or whatever. Although, in a small club of 30 people, who all know each other face to face, and usually hand over membership correspondence at the weekly meeting, this can all get rather over-kill in my view!