Hi @Manuel • You can use below query for this purpose.
AuditLogs
| where LoggedByService == "PIM" and OperationName == "Add eligible member to role in PIM completed (timebound)" or OperationName == "Add member to role completed (PIM activation)"
| project User=TargetResources[2].userPrincipalName, ExpriationTime=AdditionalDetails[3].value