Which role meets these requirements while giving the lowest possible permissions to the user?

A system administrator recommends a role-based access control implementation which meets these requirements:

• Permission to download a vApp template as on OVF package
• Permission to view catalog items
• Permission to view all VDCs in the organization
• Permission to create or update vApp object metadata in the vCenter domain

Which role meets these requirements while giving the lowest possible permissions to the user?

A. vApp Author

B. Catalog Author

C. Organization Administrator

D. vApp User

Reference: https://docs.vmware.com/en/vCloud-Director/9.1/com.vmware.vcloud.admin.doc/GUID-BC504F6B-3D38-4F25-AACF-ED584063754F.html