Would be handy to have a sample showing how to 1) generate an RSA key pair, 2) sign JWT with RS256 and such and also 3) validate the signature, given a JWT + Public Key or Public RSA Key.
And only slightly less handy: 1) extract N&E from a Private [RSA] Key, 2) build either PUBLIC KEY or PUBLIC RSA KEY from N&E and maybe also 3) some easy way to deal with standard JWKS pages from Azure, Okta, GSuite et al.
There's a full-blown JOSE implementation in the CORE, using OpenSSL, but with no samples, it's 10 times the work...
There may also be a ready Microsoft implementation that would avoid using SSL DLL's, so that would be nice too.