My understanding:
The enrolments system is best used to check if somebody 'belongs' to a course. Usually this would mean you are a student, teacher, or other member of staff specifically related to that course.
The role assignments are used to control permissions on that course. I think you can probably have role assignments even if you don't have an enrolment. You can also have roles in a parent
context which might affect permissions on the course. Obviously, you can have multiple roles on a course, and there may be many custom roles with different permissions in a Moodle system.
Fundamentally in terms of user access, it all depends on your role assignments and not enrolments, with one exception (this is a summary from memory - I am leaving out logic relating to hidden courses etc). In order to access a course you need to EITHER have moodle/course:view OR be enrolled in the course.
So basically, do you want to list everyone in a course? -> use enrolments (but be aware that there will be some people, like system admin and maybe others, who can access the course without being on that list).
Do you want to check if somebody has access to something? -> use role assignments/capabilities (but in some cases you might also need to take enrolment into account).
Not sure if I covered everything here...
--sam