The same way you share any of your other data across servers. Save it in a DB or Redis instance that all your servers can reach.

At which point you're hitting it on every request and since it'll be a nice, fast, indexed database lookup you might as well just use session tokens instead of a back-assward blacklist.

Do the simplest thing that will work.

As I mentioned, blacklists have different characteristics, some of which are desirable. A blacklist of tokens is (for the vast majority of use cases) orders of magnitude smaller than a whitelist, which means they can often be replicated into memory for in-memory lookups on the webserver.

This is a complex distributed systems topic, and there are applications for both.

There are cases where a blacklist totally makes sense, I will agree with you on that.

"I can access this thing" are totally not that for the 99.9% case. Do the simplest thing that will work--and the simplest thing so very rarely involves public-key cryptography!