Document how to deal with APT complaining about Kali's expired key

Every 2-3 years we either extend the lifetime of the GPG key used to sign the APT repository or we replace it with a new key (never happened yet). This means that users that have not upgraded kali-archive-keyring for a long time might, at some point, have an error message like this:

$ sudo LANG=C faketime -f '+3y' apt update
Get:1 http://ftp.free.fr/pub/kali kali-rolling InRelease [30.5 kB]
Err:1 http://ftp.free.fr/pub/kali kali-rolling InRelease
  The following signatures were invalid: EXPKEYSIG ED444FF07D8D0BF6 Kali Linux Repository <devel@kali.org>
Reading package lists... Done
W: GPG error: http://ftp.free.fr/pub/kali kali-rolling InRelease: The following signatures were invalid: EXPKEYSIG ED444FF07D8D0BF6 Kali Linux Repository <devel@kali.org>
E: The repository 'http://http.kali.org/kali kali-rolling InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

The current key is valid until 2023 but the former key (before its last update) has an expiration date set to a few days ago. It would be nice to have explanations and instructions to give to such users who have not upgraded their Kali install for more than an year.

The easiest solution is to retrieve the latest key and store it in place where apt will find it:

$ sudo wget https://archive.kali.org/archive-key.asc -O /etc/apt/trusted.gpg.d/kali-archive-keyring.asc