Why we need to trust the CA
We don't need to trust the CA but we could try to explicitly contact the owners of each website we visit to check if the certificate we get is the certificate they actually serve or if there is some man in the middle in between (which would result in a different certificate). Of course, you would need to have some protected way to contact the site owners so that a potential attacker could not just fake the reply of the site owner.
Of course, this does not scale well and that's why there is the Public Key Infrastructure (PKI) with trusted CA certificates as roots and certificates for the websites as leaves. For the exact process how this verification can be done by just using some trusted CA instead of trusting each sites certificate explicitly see SSL Certificate framework 101: How does the browser actually verify the validity of a given server certificate?.
what are the things justifies that we should trust that CA ?
These are basically the same things that make you run the operating system created by some company, the browser created by some other company, have your mail managed by yet another company, buy food without the fear that it will be poisonous, drive a care without fearing that it will fall apart while driving ... - you trust that somebody else did a proper job and also will not deliberately betray you. This is essentially the basis on how people live together.
Of course, not all of that trust is justified: The CA might have been compromised or might have been ordered by the government to issue certificates which can be used to hijack specific communications. The browser or operating system might have backdoors. The food might be poisoned. Somebody might have planted a bomb at the car. But that's the risk one is usually willing to take because it is small enough. Of course, depending on where you live it might actually be an unbearable risk so you might need to take additional measures to protect you and your communication.