When you speak about making "claims", this is exactly how it's done. A private key is not meant to be distributed. The keeper of the key is the authentic user of the key. It allows them to issue authentic claims. If that key were ever compromised, then other claims could be made that would be accepted as authentic. In other words, whoever has the private key can impersonate an authorized oracle.
The public key, on the other hand, is meant to be distributed to all servers that should trust the owner of the private key. This key doesn't allow anyone to make claims, but it allows everyone to acknowledge that the claim is indeed true. Other technologies, such as SAML, use a similar technique: the issuing server holds a private certificate, and the relying parties use that server's public certificate to verify the assertion.
For what it's worth, there's nothing special about the public and private keys. You could swap them around after they're generated but before the public key were distributed, and it would work in the same way. And, technically, yes, since JWT has a documented format, you do know what the payload is supposed to look like, which would weaken the key security a bit, but it still doesn't really help you, since each bit in a key affects multiple bits. It would be very hard to use a chosen plain-text attack against even a large number of tokens, simply because of the large number of bits that are used. Remember, the goal of recovering the private key isn't to get at the decrypted data (because the public key is already available), it's how to impersonate a given server.