why do you need to use acl policy as a criteria ?
there are some blcli commands to dump the acl entry and you can get the acl policy name for each object, but that means iterating through each one. kind of expensive.
I need the ACL Policy, as this is the only way I can define if a package has been promoted to Production.
ACL Policies are defined as DEV --> TST --> OAT --> PRD
If there is no DEV, TST nor OAT, it means that it has been used for Production deployment, and that I should NOT delete this package.
on each object you can run a 'DepotObject.showPermissions' and check for the acl before deletion.