{
  "$schema": "https://json-schema.org/draft-07/schema",
  "$id": "https://estandar.luvameta.com/schemas/certification_record_v1.json",
  "title": "LM Certification Record",
  "description": "Registro de certificacion del Estandar LM — Version 1.0 — estandar.luvameta.com",
  "type": "object",
  "required": [
    "type",
    "cert_id",
    "status",
    "country",
    "issued_by",
    "authorized_by",
    "root_authority",
    "subject",
    "verification",
    "protocols",
    "issued_at",
    "updated_at"
  ],
  "additionalProperties": false,
  "properties": {
    "type": {
      "type": "string",
      "const": "certification_record",
      "description": "Tipo del objeto. Valor fijo obligatorio."
    },
    "cert_id": {
      "type": "string",
      "pattern": "^[A-Z]{2}-[0-9]{4,}$",
      "description": "Identificador unico del certificado. Formato: [ISO3166alpha2]-[NNNN+]. Ejemplo: CL-0001"
    },
    "lm_version": {
      "type": "string",
      "description": "Version del Estandar LM bajo la que fue emitido el certificado. Campo recomendado (DEBERIA). Ejemplo: '1.0'"
    },
    "status": {
      "type": "string",
      "enum": ["ACTIVE", "SUSPENDED", "REVOKED"],
      "description": "Estado operativo del certificado. Solo se aceptan estos tres valores."
    },
    "country": {
      "type": "string",
      "pattern": "^[A-Z]{2}$",
      "description": "Codigo ISO 3166-1 alpha-2 del territorio emisor. Debe coincidir con el prefijo de cert_id."
    },
    "issued_by": {
      "type": "string",
      "format": "uri",
      "pattern": "^https://[a-z]{2}\\.luvameta\\.com$",
      "description": "URL del portal territorial emisor. Solo se acepta subdominio de dos letras en minusculas."
    },
    "authorized_by": {
      "type": "string",
      "format": "uri",
      "pattern": "^https://[a-z]+\\.luvameta\\.com$",
      "description": "URL del nodo territorial que autoriza la emision."
    },
    "root_authority": {
      "type": "string",
      "const": "https://luvameta.com",
      "description": "Autoridad raiz del ecosistema. Valor fijo absoluto."
    },
    "subject": {
      "$ref": "#/$defs/subject"
    },
    "verification": {
      "$ref": "#/$defs/verification"
    },
    "protocols": {
      "$ref": "#/$defs/protocols"
    },
    "issued_at": {
      "type": "string",
      "format": "date",
      "description": "Fecha de emision del certificado. Formato ISO 8601: AAAA-MM-DD."
    },
    "updated_at": {
      "type": "string",
      "format": "date",
      "description": "Fecha de ultima actualizacion. Igual a issued_at en la emision inicial."
    }
  },
  "$defs": {
    "subject": {
      "type": "object",
      "required": [
        "domain",
        "category",
        "title",
        "description",
        "language",
        "territory_scope",
        "owner"
      ],
      "additionalProperties": false,
      "description": "Identidad semantica de la entidad certificada.",
      "properties": {
        "domain": {
          "type": "string",
          "format": "uri",
          "pattern": "^https://",
          "description": "URL del dominio certificado. DEBE comenzar con https://."
        },
        "category": {
          "type": "string",
          "enum": [
            "semantic_identity_company",
            "digital_project",
            "organization",
            "tech_platform",
            "personal_professional"
          ],
          "description": "Categoria de identidad de la entidad certificada. Solo se aceptan estos cinco valores."
        },
        "title": {
          "type": "string",
          "minLength": 2,
          "maxLength": 100,
          "description": "Nombre de la entidad. Minimo 2 caracteres, maximo 100."
        },
        "description": {
          "type": "string",
          "minLength": 10,
          "maxLength": 280,
          "description": "Descripcion del proposito de la entidad. Maximo 280 caracteres."
        },
        "language": {
          "type": "string",
          "pattern": "^[a-z]{2}$",
          "description": "Idioma principal. Formato ISO 639-1: dos letras minusculas."
        },
        "territory_scope": {
          "type": "string",
          "pattern": "^[A-Z]{2}$",
          "description": "Territorio de operacion. Formato ISO 3166-1 alpha-2. Debe coincidir con country."
        },
        "legal_form": {
          "type": "string",
          "description": "Forma operativa de la entidad. Campo recomendado (DEBERIA). Ejemplos: 'Digital Company', 'Organization', 'Personal', 'Project'."
        },
        "owner": {
          "$ref": "#/$defs/owner"
        }
      }
    },
    "owner": {
      "type": "object",
      "required": ["type", "name"],
      "additionalProperties": false,
      "description": "Operador responsable de la entidad certificada.",
      "properties": {
        "type": {
          "type": "string",
          "enum": ["Person", "Organization"],
          "description": "Tipo de operador. Solo se aceptan 'Person' y 'Organization' con esta capitalizacion exacta."
        },
        "name": {
          "type": "string",
          "minLength": 2,
          "description": "Nombre real del operador. Minimo 2 caracteres. NO DEBE ser anonimo ni placeholder."
        },
        "role": {
          "type": "string",
          "description": "Rol del operador dentro de la entidad. Campo recomendado (DEBERIA). Ejemplos: 'Founder and Owner', 'CEO'."
        }
      }
    },
    "verification": {
      "type": "object",
      "required": ["method", "proof_url", "challenge", "hash_algo", "hash"],
      "additionalProperties": false,
      "description": "Datos criptograficos que demuestran el control tecnico del dominio certificado.",
      "properties": {
        "method": {
          "type": "string",
          "const": "well-known-file",
          "description": "Metodo de verificacion. Valor fijo en v1.0. Unico metodo aceptado."
        },
        "proof_url": {
          "type": "string",
          "format": "uri",
          "pattern": "^https://.+/\\.well-known/luvameta\\.txt$",
          "description": "URL del archivo de verificacion. DEBE terminar en /.well-known/luvameta.txt y usar https."
        },
        "challenge": {
          "type": "string",
          "pattern": "^LM-[A-Z]{2}-[0-9]+-[0-9]{8}-[a-f0-9]{8}$",
          "description": "Challenge criptografico. Formato: LM-[PAIS]-[ID]-[YYYYMMDD]-[hex8]. Ejemplo: LM-CL-0001-20260412-a3f7b2c9"
        },
        "hash_algo": {
          "type": "string",
          "const": "sha256",
          "description": "Algoritmo de hash. Valor fijo en v1.0."
        },
        "hash": {
          "type": "string",
          "pattern": "^[a-f0-9]{64}$",
          "description": "Hash SHA-256 del challenge. 64 caracteres hexadecimales en minusculas exactamente."
        }
      }
    },
    "protocols": {
      "type": "object",
      "required": ["investigation", "operation", "policy"],
      "additionalProperties": false,
      "description": "URLs de los documentos normativos del portal territorial emisor.",
      "properties": {
        "investigation": {
          "type": "string",
          "format": "uri",
          "pattern": "^https://",
          "description": "URL del protocolo de investigacion del portal emisor. DEBE resolver con HTTP 200 y devolver JSON valido."
        },
        "operation": {
          "type": "string",
          "format": "uri",
          "pattern": "^https://",
          "description": "URL del protocolo de operacion del portal emisor."
        },
        "policy": {
          "type": "string",
          "format": "uri",
          "pattern": "^https://",
          "description": "URL de la politica general del portal emisor."
        }
      }
    }
  }
}