Jul 19 00:53:08 router1 stunnel[2933]: LOG6[6]: OCSP: The root CA certificate was not found

1. So your stunnel does not trust OCSP responses of your own certificate.  Consider adding your trusted root to your CAfile.  This is no an error though.

Jul 19 00:53:08 router1 stunnel[2933]: LOG5[6]: OCSP: Connecting the AIA responder "http://r10.o.lencr.org"
Jul 19 00:56:05 router1 stunnel[2933]: LOG3[6]: Error resolving "r10.o.lencr.org": Address family for nodename not supported (EAI_ADDRFAMILY)
Jul 19 00:56:05 router1 stunnel[2933]: LOG3[6]: OCSP: Failed to resolve the OCSP responder address

2. This is a more severe problem: your pfSense could not resolve the IP address of your OCSP responder.  Do you have any idea that happens on your platform?  Do you need to add r10.o.lencr.org to your /etc/hosts (or whatever pfSense equivalent might be)?

Jul 19 00:56:05 router1 stunnel[2933]: LOG6[6]: OCSP: No OCSP stapling response to send
Jul 19 00:56:05 router1 stunnel[2933]: LOG3[6]: SSL_accept: /var/jenkins/workspace/pfSense-CE-snapshots-2_7_2-main/sources/FreeBSD-src-RELENG_2_7_2/crypto/openssl/ssl/record/rec_layer_s3.c:304: error:0A000126:SSL routines::unexpected eof while reading
Jul 19 00:56:05 router1 stunnel[2933]: LOG5[6]: Connection reset/closed: 0 byte(s) sent to TLS, 0 byte(s) sent to socket

3. So your client has disconnected before negotiating TLS.  Which TLS client did you use to test it?  Consider using openssl s_client, as it will provide you with useful diagnostic data.

Consider also sending your stunnel.conf next time you ask for help with your configuration.  8-)