If a permission applies to all authenticated users (is on, for example), if you then filter by specific roles, that permission appears to be unset/incorrect. See the attached screenshots. In -role1.jpg you can see that both 'Content Approvers' and 'Site Owners' can view published content. In -role2.jpg, which is filtered to show just two roles, it appears that the 'Content Approver' role does not have permission to View published content.
Active
2.0
User interface
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.