Help understanding CSR fields


I’ve made a CSR (Certificate Signing Request) in order to understand better how a PKI could be made and how it works. Using the following commands

openssl req -new -newkey rsa:1024 -nodes -out ca.csr -keyout ca.key openssl req -text -noout -verify -in ca.csr 

I obtain the following output

Certificate Request:     Data:         Version: 1 (0x0)         Subject: C = ca, ST = Some-State, O = Internet Widgits Pty Ltd         Subject Public Key Info:             Public Key Algorithm: rsaEncryption                 RSA Public-Key: (1024 bit)                 Modulus:                     00:c2:ac:2f:7b:17:93:1c:39:07:aa:cf:8d:fd:b7:                     2e:f4:90:76:16:d8:cf:cb:1b:02:ec:56:3d:ff:5e:                     a2:fb:9e:8b:af:9b:3b:f8:27:4e:82:39:aa:6d:90:                     e6:52:71:16:0d:f4:e0:fe:eb:50:31:79:3d:09:8a:                     49:c0:b4:cb:1e:50:55:83:5f:81:58:46:03:1a:8a:                     cf:22:56:2c:5f:30:ce:1f:cd:39:19:b4:4c:d4:8b:                     c8:27:b2:34:62:31:e9:d2:b0:7c:f6:50:7a:12:f4:                     1a:20:53:53:fb:46:ba:0b:b5:16:aa:ed:2d:0f:79:                     eb:a2:7c:65:d1:3d:d1:74:87                 Exponent: 65537 (0x10001)         Attributes:             a0:00     Signature Algorithm: sha256WithRSAEncryption          4f:d7:d9:f5:fe:87:7c:fb:2d:e4:50:28:4d:b5:7a:5c:4f:87:          f6:7a:83:59:2a:76:33:12:61:bf:c5:0d:5f:c8:41:d5:ec:b1:          ed:01:21:98:b5:ab:3f:c0:12:78:aa:8e:c8:95:fd:e9:10:e7:          69:8c:c3:e5:56:3d:f2:c8:b2:bb:5d:88:3f:5e:f8:f0:6b:e9:          2c:ea:92:cb:90:60:3b:57:e7:09:6a:70:38:d1:43:0f:e6:72:          31:99:a6:03:c4:3e:21:41:61:61:07:57:72:2a:41:ed:85:3c:          d0:58:02:1c:81:ee:09:3c:39:02:21:fb:9b:25:4a:84:97:1b:          c2:b6 

What is not clear to me is the bytes after the "Signature Algorithm" field:

  1. How they are calculated?
  2. Which key is used?
  3. Which fields of ca.csr are signed?
  4. Is it possibile to extract the signature and decode it (e.g. using openSSL)?

After the csr creation I use the following commands to create an x509 self signed certificate

openssl x509 -trustout -signkey ca.key -req -in ca.csr -out ca.pem openssl x509 -text -noout  -in ca.pem 

Output below

Certificate:     Data:         Version: 1 (0x0)         Serial Number:             36:e9:c2:ae:ed:b2:a6:a2:00:7a:16:33:19:b8:57:a8:d8:c6:09:af         Signature Algorithm: sha256WithRSAEncryption         Issuer: C = ca, ST = Some-State, O = Internet Widgits Pty Ltd         Validity             Not Before: Jul  7 12:16:26 2020 GMT             Not After : Aug  6 12:16:26 2020 GMT         Subject: C = ca, ST = Some-State, O = Internet Widgits Pty Ltd         Subject Public Key Info:             Public Key Algorithm: rsaEncryption                 RSA Public-Key: (1024 bit)                 Modulus:                     00:c2:ac:2f:7b:17:93:1c:39:07:aa:cf:8d:fd:b7:                     2e:f4:90:76:16:d8:cf:cb:1b:02:ec:56:3d:ff:5e:                     a2:fb:9e:8b:af:9b:3b:f8:27:4e:82:39:aa:6d:90:                     e6:52:71:16:0d:f4:e0:fe:eb:50:31:79:3d:09:8a:                     49:c0:b4:cb:1e:50:55:83:5f:81:58:46:03:1a:8a:                     cf:22:56:2c:5f:30:ce:1f:cd:39:19:b4:4c:d4:8b:                     c8:27:b2:34:62:31:e9:d2:b0:7c:f6:50:7a:12:f4:                     1a:20:53:53:fb:46:ba:0b:b5:16:aa:ed:2d:0f:79:                     eb:a2:7c:65:d1:3d:d1:74:87                 Exponent: 65537 (0x10001)     Signature Algorithm: sha256WithRSAEncryption          a4:91:01:17:9a:da:fe:45:5e:8d:08:1d:12:1f:63:22:81:b0:          b5:cd:93:02:86:35:2e:e5:b4:17:6b:56:a2:f8:51:7b:98:8b:          7d:ea:e1:16:0f:97:0c:e4:de:8f:1d:b1:d1:5b:97:aa:7a:07:          58:db:cc:26:2f:21:f8:cc:f3:94:f9:9a:95:a3:ad:8e:53:a5:          25:62:49:47:bf:a4:40:10:59:dd:f3:96:02:1c:d3:a9:04:82:          ae:7d:c9:4a:27:7b:b3:41:7b:a0:35:54:79:48:dd:34:08:8a:          dc:5e:dd:31:2c:67:9b:fb:84:b7:8c:81:9e:16:bf:4f:ab:43:          e7:6f 

In this case I have the same questions as above: due to be a self-signed certificate, why the signature is changed respect to the csr file?