This section will decode an Access Control List (ACLs) from values in a SharePoint Content Database to descrete Access Control Entries (ACEs). This will also translate the values of each ACE into the textual Permission Mask value. The output of this decoder will present you with "Principal ID: n". You must manually query the Principal ID based on the specific Site Collection. This requires knowing the Site Collection ID via (Get-SPSite https://siteUrl).Id to make a second query to thse UserInfo and Groups tables within the Content Database. Two examples to retreive ACLs are below, along with an example to correlate the ACE to a particular principal.

'Retrieve all ACLs from the EventCache table
SELECT ACL FROM EventCache (NoLock)
'Retrieve all ACLs from the Perms table
SELECT Acl FROM Perms (NoLock)

Based on the results of either of the above queries and decoded ACLs, taking a single ACE, ACE ID = 4 and the Site Collection Id = 4a3e0a57-92ff-44a6-8f66-339d3211ee4d, you can retrieve the textual values of the object using the below queries.

SELECT * FROM Groups WHERE SiteId = '4a3e0a57-92ff-44a6-8f66-339d3211ee4d' AND ID = '4'
SELECT * FROM UserInfo (NoLock) WHERE tp_SiteId = '4a3e0a57-92ff-44a6-8f66-339d3211ee4d' AND tp_Id = '4'