How to import a CSR on a root CA into the Pending Requests queue and viewing the applied policy on the command line?

I have a standalone root CA base on Windows Server 2019 Core.

I know that with certutil.exe -dump certificate.req I can inspect the CSR, but the root CA's policies may override the requested extension attributes.

On the Desktop edition, after importing the CSR into the root CA, I can inspect the pending request and see where root CA policies may override requested extension attributes, add additional extensions or remove them.

For example, the CSR requests the Key Usage extension to be critical, but the root CA policy overrides the Key Usage requests and removes the critical flag, as you can see in the picture below.

My questions are:

1. How do I import a CSR file to the Pending Requests queue on the command line or in PowerShell?
2. How can I see how the CA would actually issue the certificate, on the command line or in PowerShell?

To import a CSR to the queue, use:

certreq.exe -submit <csr file>

To view request extensions, you'll need to know the RequestId, which the above command would have returned. Use (for RequestId of 123):

certutil.exe -view -restrict "ExtensionRequestId=123" Ext

To view request attributes:

certutil.exe -view -restrict "AttributeRequestId=123" Attrib

While you're at it, you can view the request itself with:

certutil.exe -view -restrict "RequestId=123" Queue

Or, for previously issued certs:

certutil.exe -view -restrict "RequestId=123" Log

You can add -v after the -view for more verbose information and you can add csv at the end for CSV output.