A global role administrator is any user granted the MANAGE ROLES system privilege. However, not all roles can be managed by global role administrators.
When creating a new role, if you specify at least one role administrator, global role administrators will be unable to manage the role. This is because the MANAGE ROLES system privilege is not automatically granted to the role during creation.
For this reason, it is recommended that role administrators not be specified when creating a new role. They should be added after the fact. This ensures that every role can be successfully managed by both role and global role administrators.
By default, at least one role administrator or global role administrator with a login password must exist at all times for each role. This minimum requirement is validated before you can remove the global role administrator or role administrator from a role, or remove a role administrator's administrative rights on a role. The minimum requirement is a configurable database option (MIN_ROLE_ADMINS).