diff --git a/awx/ui/client/src/access/rbac-role-column/roleList.directive.js b/awx/ui/client/src/access/rbac-role-column/roleList.directive.js
index 0ee778939f..55bf04dc51 100644
--- a/awx/ui/client/src/access/rbac-role-column/roleList.directive.js
+++ b/awx/ui/client/src/access/rbac-role-column/roleList.directive.js
@@ -21,9 +21,38 @@ export default
                         }))
                         .concat(scope.deleteTarget.summary_fields
                             .indirect_access.map((i) => {
-                                i.role.explicit = false;
-                                return i.role;
+                                // Indirect access roles describe the role on another object that
+                                // gives the user access to this object, so we must introspect them.
+                                //
+                                // If the user has indirect admin access, they are system admin, org admin,
+                                // or a <resource_type>_admin. Return the role name directly.
+                                // Similarly, if they are an auditor, return that instead of a read role.
+                                if (i.descendant_roles.includes('admin_role') || i.role.name.includes('Auditor')) {
+                                    i.role.explicit = false;
+                                    i.role.parent_role_name = i.role.name;
+                                    return i.role;
+                                }
+                                // Handle more complex cases
+                                // This includes roles team<->team roles, and roles an org admin
+                                // inherits from teams in their organization.
+                                //
+                                // For these, we want to describe the actual permissions for the
+                                // object we are retrieving the access_list for, so replace
+                                // the role name with the descendant_roles.
+                                let indirect_roles = [];
+                                i.descendant_roles.forEach((descendant_role) => {
+                                    let r = _.cloneDeep(i.role);
+                                    r.parent_role_name = r.name;
+                                    r.name = descendant_role.replace('_role','');
+                                    r.explicit = false;
+                                    // Do not include the read role unless it is the only descendant role.
+                                    if (r.name !== 'read' || i.descendant_roles.length === 1) {
+                                        indirect_roles.push(r);
+                                    }
+                                });
+                                return indirect_roles;
                         }))
+                        .flat()
                         .filter((role) => {
                             return Boolean(attrs.teamRoleList) === Boolean(role.team_id);
                         })
diff --git a/awx/ui/client/src/access/rbac-role-column/roleList.partial.html b/awx/ui/client/src/access/rbac-role-column/roleList.partial.html
index a4b93d930f..587dff8763 100644
--- a/awx/ui/client/src/access/rbac-role-column/roleList.partial.html
+++ b/awx/ui/client/src/access/rbac-role-column/roleList.partial.html
@@ -18,7 +18,16 @@
     <div class="RoleList-tag"
         ng-class="{'RoleList-tag--deletable': entry.explicit && entry.user_capabilities.unattach,
             'RoleList-tag--team': entry.team_id}"
-        ng-if="!entry.team_id">
+        ng-if="!entry.team_id && (entry.explicit || !entry.resource_type)">
         <span class="RoleList-name">{{ entry.name }}</span>
     </div>
+
+    <div class="RoleList-tag"
+        ng-class="{'RoleList-tag--deletable': entry.explicit && entry.user_capabilities.unattach,
+            'RoleList-tag--team': entry.team_id}"
+        aw-tool-tip='<div>Via {{ entry.parent_role_name | sanitize }} role on {{ entry.resource_type | sanitize }} {{entry.resource_name | sanitize}}</div>' aw-tip-placement='bottom'
+        ng-if="!entry.team_id && !entry.explicit && entry.resource_type">
+        <span class="RoleList-name">{{ entry.name }}</span>
+        <i class="fa fa-sitemap"></i>
+    </div>
 </div>