To simplify the key export and import process of tenant keys, Utimaco has created an HSM Bring Your Own Key tool. Please reach out to Utimaco so this tool can be provided to you. The byoktool supports all key types (PKCS#11, CNG, JCE, CXI). The storage of keys is still restricted to the internal storage on the Utimaco CryptoServer HSM. The BYOK tool does not support key creation, only migration. That is why it is important that the settings of the keys' attributes, that you would like to migrate, are set to extractable.
For more information regarding the commands and command parameters please check the Microsoft Azure CLI documentation.