The node signs the entire announcement message with its node private key. This authenticates that the node actually controls this public key — prevents impersonation. Signature covers all other fields.
Verifiers check: verify(sig, sha256d(msg), node_id)