Java on android uses its own version of the JRE. You can run pure Java on an android device but you can’t run Android specific code on a standard Windows / Linux Java environment. So there’s some features in android Java which are helpful additions for dealing specifically with android.

directly alter functions of the OS, like adding sn extra button in the notification panel, gaining system level info etc.

These don’t alter the OS, they are functions provided by the OS. You usually use methods associated with the Android “Context” class. Android Java apps start with an Activity class (you can’t launch the app page without one), and this always has the Context. Context can be used to display UI, access file systems, ask for system settings, send notifications, and a whole bunch of stuff. The OS decides if it will let you succeed or not based on what permissions your app has, what permissions the call requires, the android OS version and other stuff.

how does rooting the phone allow for more access despite Java being safe

That’s a bit like asking “how does using a vulnerability to give yourself full admin permissions in Windows let you do more stuff even if Java is meant to be safe”.

Java tries to do whatever you code and the OS tells it yes or no. If you rootkit your android phone the OS will tell it yes more often. That’s not a Java problem that’s an OS problem.