If you mean create your own list of roles in app_metadata, you can certainly do that. That is how we are managing role data today where I work. I suspect we will migrate to the new core authorization feature in the future, but our needs are pretty basic (we have only a half dozen or so roles) so we just maintain them in app_metadata as a list:
"app_metadata": {
"roles": [ "role1", "role2" ]
}