looks fine to me. I was able to apply the patch and ran
... key-show --clientKeyID test4

I was also able to see the audit message:
0.http-bio-28443-exec-3 - [13/May/2015:20:17:37 EDT] [14] [6] [AuditEvent=AUTHZ_SUCCESS][SubjectID=kraadmin][Outcome=Success][aclResource=certServer.kra.keys][Op=execute][Info=KeyResource.getActiveKeyInfo] authorization success
0.http-bio-28443-exec-3 - [13/May/2015:20:17:37 EDT] [14] [6] [AuditEvent=SECURITY_DATA_RETRIEVE_KEY][SubjectID=kraadmin][Outcome=Success][RecoveryID=null][KeyID=test4][Info=KeyService.listKeyInfos; status =active] security data retrieval request

ACK

On 05/13/2015 09:38 AM, Endi Sukma Dewata wrote:

The key-show CLI has been modified to provide an option to find
the active key info using the client key ID.
_______________________________________________
Pki-devel mailing list
Pki-devel@redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel