This is my translated understanding of your question, please update us if this is incorrect:

"Hello, I'm using letsencrypt to put SSL on my site, it was working, SSL has expired.

when trying to renew is giving the following message:

Attempting to renew cert (qcontrole.com.br-0001) from /etc/letsencrypt/renewal/qcontrole.com.br-0001.conf produced an unexpected error: Failed authorization procedure. qcontrole.com.br (dns-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Incorrect TXT record "XXXXXXXXXXXX" found at _acme-challenge.qcontrole.com.br. Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/qcontrole.com.br/fullchain.pem (failure)
/etc/letsencrypt/live/qcontrole.com.br-0001/fullchain.pem (failure)

I have already added "TXT records" with the name "_acme-challenge" and the value that was entered in the log"

I can see that you've added a TXT record for the subdomain qcontrole.com.br of your domain name qcontrole.com.br. You can confirm that this TXT record is working correctly with the following command:

host -t txt qcontrole.com.br.qcontrole.com.br

qcontrole.com.br.qcontrole.com.br descriptive text "v=spf1 include:spf.umbler.com ~all"

In order to setup a TXT record for qcontrole.com.br, when you add the DNS record, you'll need to make sure that the 'NAME' field is blank.

However, it appears that Let's Encrypt is looking for the TXT record for '_acme-challenge.qcontrole.com.br', which also appears to be resolving successfully:

host -t txt _acme-challenge.qcontrole.com.br

_acme-challenge.qcontrole.com.br descriptive text "$string"

At this point, I assume that the content of the _acme-challenge.qcontrole.com.br record does not match what Let's Encrypt expects and may also need time to proporate once corrected.

We hope this helps get you closer to a resolution.