How Do I Ban Users & Invalidate Their JWT Tokens?

When a malicious user gets banned by an admin, I have to ensure he no longer can access protected routes, but that means I have to query the database every time checking a user's token, is there a more efficient method for invalidating tokens?