checksumValue uses upper case hex, should use lower case

[ddillard]

In this case, the SPDX spec itself is silent on if it should be upper or lower case (or if either is acceptable, though the example provided is lower case), but the SPDX 2.3.1 JSON schema does specifically say it should be lower case: "The checksumValue property provides a lower case hexidecimal encoded digest value ..." (emphasis is mine)

"SPDXID": "SPDXRef-2b698769-5250-41ed-89e3-0630615e8cc8",
            "checksums": [
                {
                    "algorithm": "SHA1",
                    "checksumValue": "2CC97F5B3328F5934224E3090E2B80DCFE3575B4"
                }
            ],

[rjb4standards]

Thanks, David. We will make this change in a future release.

This is not a NTIA Minimum SBOM element, which BCG considers the "required elements" within an SBOM.