When you add the EXECUTE AS clause to a procedure you impersonate a database user, not a server login. If you are logged in with sysadmin rights when you create the procedure, the procedure will be owned by dbo, and if sa owns the database, sys.server_token will include sa.

I have an article on my web site where I discuss EXECUTE AS, certificate signing and other permissions functions in detail: http://www.sommarskog.se/grantperm.html.