Consider the case where the signed document is a pdf (document.pdf.p7m).
To verify the signature and extract the content file, we use the openssl command with the smime parameter for signature verification (-verify)
openssl smime -in document.pdf.p7m -inform DER -verify -CAfile CA.pem -out document.pdf
where CA.pem contains the CA certificate (Certificate Authority) that issued the certificate in the p7m.
For more information, see the articol