A CA has two complementary keys: private and public.
The public key of the CA is sent to users using trusted means.
To certify your certificate, the CA signs it with a private key and attaches this signature to your certificate.
when you communicate with some user, you give him your certificate and the certifying signature of the CA.
The signature of the CA can be verified using the public key of the CA that the user has, so you can trust your certificate as you do.
needed to make the job easier. you do not directly work with each user.
and a CA can authenticate a bunch of clients with a single key.

https://www.youtube.com/watch?v=-YyVEgb5wII
https://www.youtube.com/watch?v=e0BBMP1JmJg

what did the CA encrypt with its key?

Nothing :) The
CA signed the certificate generated from the certificate request passed to it. The key of this certificate is generated at the time of the formation of the certificate request. Yes, it happens that CA generates keys too, but this is a thing that cannot be trusted.
Why then do you need CA?
CA with its authority (CA differ only in authority) confirms the authenticity of the information presented to it in the CSR and generates a certificate based on it. Technically, there is no difference between Thawte and Vasyan Incorporated, the only difference is who believes whom. And the certificate itself is just an information container, protected from change.