The AUTHORIZATION argument designates the owner of the role, not permissions. Since a role is a database object, it must be owned by a user or another role.

The role's permissions are set by it's membership in other database roles or by using GRANT and DENY.

So, to give the APPLICATION_USERS role read and writer permission to all tables in the database, you can make it a member of the db_datareader and db_datawriter fixed database roles. You can grant EXECUTE permission on stored procedures to the role just like you'd do with an individual user.

You can grant a role membership in db_ddladmin to allow it to run DDL commands.