the instruction listed are either unclear for beginners or why am I not able to verify the checksum correctly ?
a similar thread got this answer
“Those are the gpg signature lines in the checksum file. The line that gives the ISO name followed by OK tells you the file is intact and usable.”
but nothing on how to actualy fix and verify checksum
Hi,
Simply filter it with the ‘grep’ command, for example:
sha256sum -c Fedora-Workstation-41-1.4-x86_64-CHECKSUM | grep -i OK
Have a nice day/night 
The above tells you the checksum verified correctly and implies the remaining message is not an error. It is only a message about the remainder of the .CHECKSUM file
If you follow all the steps exactly as shown with the verify link on the fedora download page the message no longer appears threatening.
Verify your download for security and integrity using the proper checksum file. If there is a good signature from one of the Fedora keys, and the SHA256 checksum matches, then the download is valid.
Download the checksum file into the same directory as the image you downloaded.
Import Fedora's GPG key(s)
curl -O https://fedoraproject.org/fedora.gpg
You can verify the details of the GPG key(s) here.
Verify the checksum file is valid
gpgv --keyring ./fedora.gpg Fedora-Workstation-41-1.4-x86_64-CHECKSUM
Verify the checksum matches
sha256sum -c Fedora-Workstation-41-1.4-x86_64-CHECKSUM
If the output states that the file is valid, then it's ready to use!
The curl command downloads a file that is used to verify the gpg key when following those instructions and if you were to do
$ cat Fedora-Workstation-41-1.4-x86_64-CHECKSUM
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
# Fedora-Workstation-Live-x86_64-41-1.4.iso: 2458187776 bytes
SHA256 (Fedora-Workstation-Live-x86_64-41-1.4.iso) = a2dd3caf3224b8f3a640d9e31b1016d2a4e98a6d7cb435a1e2030235976d6da2
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEERmzy2LYLwwV6qUU+0GIkYumdatEFAmcg/uIACgkQ0GIkYumd
atFBXA/+LV6jvzAPgkH3zinYGXT74HLT0O85A6Z/vV+cyMJuY8muUQP384Fkmfxr
+4w8LEJaXqYwTNTrx+MKxrobH817CWCImvQJUsvNNWSfh+lf8VegPHhNSxrO8fD0
mPzD0p3fU/CU2p8M+Or9k9MOCFE0jKmKHqpyQmb4F1mZvkRhz1DBxXxkyaZCTzg8
buSS3NeKex9VxmbFPbKgxQsPYTQNlxoLMCe/+Q34NwrW6Yo3AkKmPeLPsGWfUwce
l+noiVT1W/XUk6AKZ8uou2He8aTXl+4+qjRHt38omGcAtvexJMKFn/IWHnNIp49r
dyvGfx87IxGZ3IRU9nv2nX3vqjckMZ/nJz/yutGyujVfazbuWR6zVl5U+/YGFLas
CKGxyShpkzJSFQLU82T5Rq25/wg9nr9X8gUGoYJVH4/gtHVh349r14xezHKBOSf7
XvP+Pvj9NP3GqJKI7lRP5z7aE6TA9kBAw2ADD8O7RlYDDavM3gg0psGxvGabGtgj
wDcOZdnT2rKCYHAOj6WPci81N3BgsSty2/HTemmAyvSyUe+fr1myyhlwXYfxzIjr
r9lP+EP1otA7812TXFOeCrQfVgDcwQ3ZGrsdqS+6R8GsfvCZGGNf1gxEoaUwLcLh
MzAtN7lto3HUsTXoC7Cts8R4zKytnwgmBSr4vwlqnfBEm8GPgI0=
=amRS
-----END PGP SIGNATURE-----
you would see that the lines that are “improperly formatted” are actually the pgp signature data.