The receiver "encrypts" the decrypted signature to restore the original signature. The receiver then runs the same processing algorithm on the message, and compares the result with the signature. If they match, the message is valid – otherwise it has been tampered with
How do we know that the key used actually belonged to the sender?
Ex: Joe Schmoe gets fired by his boss and sends a digitally signed message stating that his boss is a total weasel. Before getting the message, his boss decides to rehire Joe, but then sees the message. Joe says "well, I didn't send that message – I haven't used that RSA key for years – it must be from someone pretending to be me"