From 13d99f2ff19e04d81442d7d61f497a7ba365c49c Mon Sep 17 00:00:00 2001
From: Alain Lamar <alain_lamar@yahoo.de>
Date: Sun, 2 Jun 2024 16:56:52 +0200
Subject: [PATCH 01/35] wireless: T6320: Document 802.11ax settings

---
 docs/configuration/interfaces/wireless.rst | 74 ++++++++++++++++++++--
 1 file changed, 67 insertions(+), 7 deletions(-)

diff --git a/docs/configuration/interfaces/wireless.rst b/docs/configuration/interfaces/wireless.rst
index df153763..8039b039 100644
--- a/docs/configuration/interfaces/wireless.rst
+++ b/docs/configuration/interfaces/wireless.rst
@@ -42,7 +42,8 @@ Wireless options
 .. cfgcmd:: set interfaces wireless <interface> channel <number>
 
   Channel number (IEEE 802.11), for 2.4Ghz (802.11 b/g/n) channels range from
-  1-14. On 5Ghz (802.11 a/h/j/n/ac) channels available are 0, 34 to 173
+  1-14. On 5Ghz (802.11 a/h/j/n/ac) channels available are 0, 34 to 173. 
+  On 6GHz (802.11 ax) channels range from 1 to 233.
 
 .. cfgcmd:: set interfaces wireless <interface> country-code <cc>
 
@@ -84,7 +85,14 @@ Wireless options
 
   Management Frame Protection (MFP) according to IEEE 802.11w
 
-.. cfgcmd:: set interfaces wireless <interface> mode <a | b | g | n | ac>
+  .. note:: :abbr:`MFP (Management Frame Protection)` is required for WPA3.
+
+.. cfgcmd:: set interfaces wireless <interface> beacon-frame-protection 
+  <disabled | enabled>
+
+  .. note:: This option requires :abbr:`MFP (Management Frame Protection)` to be enabled.
+
+.. cfgcmd:: set interfaces wireless <interface> mode <a | b | g | n | ac | ax>
 
   Operation mode of wireless radio.
 
@@ -93,6 +101,9 @@ Wireless options
   * ``g`` - 802.11g - 54 Mbits/sec (default)
   * ``n`` - 802.11n - 600 Mbits/sec
   * ``ac`` - 802.11ac - 1300 Mbits/sec
+  * ``ax`` - 802.11ax - exceeds 1GBit/sec
+
+  .. note:: In VyOS, 802.11ax is only implemented for 6GHz as of yet.
 
 .. cfgcmd:: set interfaces wireless <interface> physical-device <device>
 
@@ -131,7 +142,9 @@ PPDU
 
 .. cfgcmd:: set interfaces wireless <interface> capabilities require-ht
 
-.. cfgcmd:: set interfaces wireless <interface> capabilities require-hvt
+.. cfgcmd:: set interfaces wireless <interface> capabilities require-vht
+
+.. cfgcmd:: set interfaces wireless <interface> capabilities require-he
 
 HT (High Throughput) capabilities (802.11n)
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
@@ -149,6 +162,7 @@ HT (High Throughput) capabilities (802.11n)
 
   Supported channel width set.
 
+  * ``ht20`` - 20 MHz channel width
   * ``ht40-`` - Both 20 MHz and 40 MHz with secondary channel below the primary
     channel
   * ``ht40+`` - Both 20 MHz and 40 MHz with secondary channel above the primary
@@ -297,6 +311,52 @@ VHT (Very High Throughput) capabilities (802.11ac)
 
   Station supports receiving VHT variant HT Control field
 
+HE (High Efficiency) capabilities (802.11ax)
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+.. cfgcmd:: set interfaces wireless <interface> capabilities he antenna-pattern-fixed
+
+  Tell the AP that antenna positions are fixed and will not change
+  during the lifetime of an association.
+
+.. cfgcmd:: set interfaces wireless <interface> capabilities he beamform 
+  <single-user-beamformer | single-user-beamformee | multi-user-beamformer>
+
+  Beamforming capabilities:
+
+  * ``single-user-beamformer`` - Support for operation as single user beamformer
+  * ``single-user-beamformee`` - Support for operation as single user beamformee
+  * ``multi-user-beamformer`` - Support for operation as single user beamformer
+
+.. cfgcmd:: set interfaces wireless <interface> capabilities he bss-color <number>
+
+  BSS coloring helps to prevent channel jamming when multiple APs use 
+  the same channels.
+
+  Valid values are 1..63
+
+.. cfgcmd:: set interfaces wireless <interface> capabilities he 
+  center-channel-freq <freq-1 | freq-2> <number>
+
+  HE operating channel center frequency - center freq 1
+  (for use with 80, 80+80 and 160 modes)
+
+  HE operating channel center frequency - center freq 2
+  (for use with the 80+80 mode)
+
+  <number> must be within 1..233. For 80 MHz channels it should be channel + 6 
+  and for 160 MHz channels, it should be channel + 14.
+
+.. cfgcmd:: set interfaces wireless <interface> capabilities he channel-set-width <number>
+
+  <number> must be one of:
+
+  * ``131`` - 20 MHz channel width
+  * ``132`` - 40 MHz channel width
+  * ``133`` - 80 MHz channel width
+  * ``134`` - 160 MHz channel width
+  * ``135`` - 80+80 MHz channel width
+
 Wireless options (Station/Client)
 =================================
 
@@ -333,13 +393,13 @@ Resulting in
 Security
 ========
 
-:abbr:`WPA (Wi-Fi Protected Access)` and WPA2 Enterprise in combination with
-802.1x based authentication can be used to authenticate users or computers
-in a domain.
+:abbr:`WPA (Wi-Fi Protected Access)`, WPA2 Enterprise and WPA3 Enterprise in 
+combination with 802.1x based authentication can be used to authenticate 
+users or computers in a domain.
 
 The wireless client (supplicant) authenticates against the RADIUS server
 (authentication server) using an :abbr:`EAP (Extensible Authentication
-Protocol)`  method configured on the RADIUS server. The WAP (also referred
+Protocol)` method configured on the RADIUS server. The WAP (also referred
 to as authenticator) role is to send all authentication messages between the
 supplicant and the configured authentication server, thus the RADIUS server
 is responsible for authenticating the users.

From 0839aa604ed8ba5f4dbe56eee2e984d32e55f8b3 Mon Sep 17 00:00:00 2001
From: Alain Lamar <alain_lamar@yahoo.de>
Date: Tue, 4 Jun 2024 13:14:29 +0200
Subject: [PATCH 02/35] wireless: T6320: Address linter issues

---
 docs/configuration/interfaces/wireless.rst | 58 +++++++++++++++-------
 1 file changed, 40 insertions(+), 18 deletions(-)

diff --git a/docs/configuration/interfaces/wireless.rst b/docs/configuration/interfaces/wireless.rst
index 8039b039..1930a1b9 100644
--- a/docs/configuration/interfaces/wireless.rst
+++ b/docs/configuration/interfaces/wireless.rst
@@ -7,9 +7,9 @@ WLAN/WIFI - Wireless LAN
 ########################
 
 :abbr:`WLAN (Wireless LAN)` interface provide 802.11 (a/b/g/n/ac) wireless
-support (commonly referred to as Wi-Fi) by means of compatible hardware. If your
-hardware supports it, VyOS supports multiple logical wireless interfaces per
-physical device.
+support (commonly referred to as Wi-Fi) by means of compatible hardware. If 
+your hardware supports it, VyOS supports multiple logical wireless interfaces 
+per physical device.
 
 There are three modes of operation for a wireless interface:
 
@@ -90,7 +90,8 @@ Wireless options
 .. cfgcmd:: set interfaces wireless <interface> beacon-frame-protection 
   <disabled | enabled>
 
-  .. note:: This option requires :abbr:`MFP (Management Frame Protection)` to be enabled.
+  .. note:: This option requires :abbr:`MFP (Management Frame Protection)` 
+    to be enabled.
 
 .. cfgcmd:: set interfaces wireless <interface> mode <a | b | g | n | ac | ax>
 
@@ -248,10 +249,14 @@ VHT (Very High Throughput) capabilities (802.11ac)
 
   Beamforming capabilities:
 
-  * ``single-user-beamformer`` - Support for operation as single user beamformer
-  * ``single-user-beamformee`` - Support for operation as single user beamformee
-  * ``multi-user-beamformer`` - Support for operation as single user beamformer
-  * ``multi-user-beamformee`` - Support for operation as single user beamformer
+  * ``single-user-beamformer`` - Support for operation as 
+    single user beamformer
+  * ``single-user-beamformee`` - Support for operation as 
+    single user beamformee
+  * ``multi-user-beamformer`` - Support for operation as 
+    multi user beamformer
+  * ``multi-user-beamformee`` - Support for operation as 
+    multi user beamformee
 
 .. cfgcmd:: set interfaces wireless <interface> capabilities vht
    center-channel-freq <freq-1 | freq-2> <number>
@@ -276,7 +281,8 @@ VHT (Very High Throughput) capabilities (802.11ac)
 
   Enable LDPC (Low Density Parity Check) coding capability
 
-.. cfgcmd:: set interfaces wireless <interface> capabilities vht link-adaptation
+.. cfgcmd:: set interfaces wireless <interface> 
+  capabilities vht link-adaptation
 
   VHT link adaptation capabilities
 
@@ -288,7 +294,8 @@ VHT (Very High Throughput) capabilities (802.11ac)
 .. cfgcmd:: set interfaces wireless <interface> capabilities vht
    max-mpdu-exp <value>
 
-  Set the maximum length of A-MPDU pre-EOF padding that the station can receive
+  Set the maximum length of A-MPDU pre-EOF padding that the station can 
+  receive
 
 .. cfgcmd:: set interfaces wireless <interface> capabilities vht
    short-gi <80 | 160>
@@ -314,7 +321,8 @@ VHT (Very High Throughput) capabilities (802.11ac)
 HE (High Efficiency) capabilities (802.11ax)
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 
-.. cfgcmd:: set interfaces wireless <interface> capabilities he antenna-pattern-fixed
+.. cfgcmd:: set interfaces wireless <interface> 
+  capabilities he antenna-pattern-fixed
 
   Tell the AP that antenna positions are fixed and will not change
   during the lifetime of an association.
@@ -324,11 +332,15 @@ HE (High Efficiency) capabilities (802.11ax)
 
   Beamforming capabilities:
 
-  * ``single-user-beamformer`` - Support for operation as single user beamformer
-  * ``single-user-beamformee`` - Support for operation as single user beamformee
-  * ``multi-user-beamformer`` - Support for operation as single user beamformer
+  * ``single-user-beamformer`` - Support for operation as 
+    single user beamformer
+  * ``single-user-beamformee`` - Support for operation as 
+    single user beamformee
+  * ``multi-user-beamformer`` - Support for operation as single 
+    user beamformer
 
-.. cfgcmd:: set interfaces wireless <interface> capabilities he bss-color <number>
+.. cfgcmd:: set interfaces wireless <interface> 
+  capabilities he bss-color <number>
 
   BSS coloring helps to prevent channel jamming when multiple APs use 
   the same channels.
@@ -344,10 +356,11 @@ HE (High Efficiency) capabilities (802.11ax)
   HE operating channel center frequency - center freq 2
   (for use with the 80+80 mode)
 
-  <number> must be within 1..233. For 80 MHz channels it should be channel + 6 
-  and for 160 MHz channels, it should be channel + 14.
+  <number> must be within 1..233. For 80 MHz channels it should be 
+  channel + 6 and for 160 MHz channels, it should be channel + 14.
 
-.. cfgcmd:: set interfaces wireless <interface> capabilities he channel-set-width <number>
+.. cfgcmd:: set interfaces wireless <interface> 
+  capabilities he channel-set-width <number>
 
   <number> must be one of:
 
@@ -413,6 +426,7 @@ The WAP in this example has the following characteristics:
 * Wireless channel ``1``
 * RADIUS server at ``192.168.3.10`` with shared-secret ``VyOSPassword``
 
+.. stop_vyoslinter
 .. code-block:: none
 
   set interfaces wireless wlan0 address '192.168.2.1/24'
@@ -426,6 +440,8 @@ The WAP in this example has the following characteristics:
   set interfaces wireless wlan0 security wpa radius server 192.168.3.10 key 'VyOSPassword'
   set interfaces wireless wlan0 security wpa radius server 192.168.3.10 port 1812
 
+.. start_vyoslinter
+
 Resulting in
 
 .. code-block:: none
@@ -491,6 +507,7 @@ about all wireless interfaces.
 Use this command to view operational status and details wireless-specific
 information about all wireless interfaces.
 
+.. stop_vyoslinter
 .. code-block:: none
 
   vyos@vyos:~$ show interfaces wireless detail
@@ -518,11 +535,14 @@ information about all wireless interfaces.
       TX:  bytes    packets     errors    dropped    carrier collisions
            183413      5430          0          0          0          0
 
+.. start_vyoslinter
+
 .. opcmd:: show interfaces wireless <wlanX>
 
 This command shows both status and statistics on the specified wireless
 interface. The wireless interface identifier can range from wlan0 to wlan999.
 
+.. stop_vyoslinter
 .. code-block:: none
 
   vyos@vyos:~$ show interfaces wireless wlan0
@@ -538,6 +558,8 @@ interface. The wireless interface identifier can range from wlan0 to wlan999.
       TX:  bytes    packets     errors    dropped    carrier collisions
            83413        430          0          0          0          0
 
+.. start_vyoslinter
+
 
 .. opcmd:: show interfaces wireless <wlanX> brief
 

From 8118c93687b89e267111069c475e02f8e89f648c Mon Sep 17 00:00:00 2001
From: Nicolas Fort <nicolasfort1988@gmail.com>
Date: Wed, 12 Jun 2024 09:13:08 -0300
Subject: [PATCH 03/35] Firewall: Add prerouting information

---
 .../images/firewall-fwd-packet-flow.png       | Bin 39628 -> 30593 bytes
 .../images/firewall-input-packet-flow.png     | Bin 56752 -> 43944 bytes
 .../configuration/firewall/global-options.rst |  32 ++++++++++++++
 docs/configuration/firewall/index.rst         |  35 ++++++++++++----
 docs/configuration/firewall/ipv4.rst          |  31 ++++++++++++--
 docs/configuration/firewall/ipv6.rst          |  31 ++++++++++++--
 docs/configuration/system/conntrack.rst       |  39 +++---------------
 7 files changed, 118 insertions(+), 50 deletions(-)

diff --git a/docs/_static/images/firewall-fwd-packet-flow.png b/docs/_static/images/firewall-fwd-packet-flow.png
index e4bc2adcc75018d2bb0428d9db015975a50ecaef..1ca213e8790e671fe7c61215262fd331465bbca8 100644
GIT binary patch
literal 30593
zcmeFZby$>L`z}0)52zprf`oJ<-8mov0@6r#w}5mFBZ7no2na~0AT8Y>($d}CEeu1)
zUgPt=$NugAzVGk7=QunRyl3upuXSD5I?wYu*MzDl$vk{O`TzofJd~4_QiDM5et<yG
zl<r}G-w^8+!N6a4U0%qk-vck-d*&hFXA)OwZP(Y1maZNq&K3|W2gf%SY%XTb78VXJ
z){d?R=*?o_A_mk&lFk+;t~QPiRO&WwEFkVS7F3)9RJLvoRNS20yi}Y*!rXkqyqxoL
zB2OU@Du|qvgt}+)?wptJ7i8`2?F3Zbl6y+_j)@$V{r#}_?+PE>lbzdnpIb9pIqu?}
zUAeK5CF8B+(_fu?V{aFaxYRtZNKG{>SXN`J(U5rdJM)G1U8%eH=F0D$b5keCS*9&e
znsnT~qtM08lW>YS?4nKBYZ8x{tzB;_xvVRRRDJ#W@k=QwsqCk<a}E%0Zti7Ke7va9
z^cohLH(c#L5SstIhOfU6;N$)Kl9PD#AT;FPS2h*>2k`d4FSXCnFaCQya~J*rT1bfg
z_vq+oPh1Jq|EtMLOG`HdQw`^-Gt>R&y6E?)f6FOb*-J%7&g@}O(bCfP)8gUDJ^WZt
zp7p?O>;Jg+|K|{7<*5G-IEsRX-~rx)57S6rJUN5^j{W!%L(Ki=g~*8=sMRk<f(O!R
zj5K*Ye@7i6Yv<RT_MB=kYha$ApTEQBp22T(Td@PnQtcnQMQ<s>L$XQ3+TVAsP!l{b
z;ZD$P&ro5K;v{a{K%f~{&#dq%;K@P$-i9tjg(+}ihn^T4A1C;JaO)w3T72o0J>+gc
zi(q87-Q55Q>{cr9pZD(mn6e*|iVBg{;z{cJs=y#hfooZw@SN)1#7=le#&asjb6s6h
z%W|PqNx~?>*J`p-QgjlYjfQvpAwede<KlwaGb6Xm3FWq>Z*m}8TU&1_Vnec{D=I3i
zxtYjt9zXbSFSzyW+AqEK1rr+^TYnZol;_BNPDqICoj;e?L)-ZDxY21Q#Kb}Va}JT3
z@PF>0(O*bq&wTB(WPKuk?7Z4VZw{XD;%k1Ol$2X9Si1XEkM2Ff2_A#z1c$1_Dn&&&
zXod}RHB)qpGz&FZT8tmXbZ0-K#zXtN(9xW~mVWe4pF9sTIo`Zcp^2{1)x?taejtr6
zebIo2r}FJH7|4r|US3P$m&r0TDQrgqd)?*Tp|Z;#>HKL3!}9U*qvHO%^jjG;V=qv@
zsoFf^`p@dJazEBtwZe<K_uo+T{vlhb@;`q=w|0Jgvw6G+RplhU>um|=iOH*F`Pgnc
z#F|R8m!17NB)fvh(9=Kd<~SFdnDgCOffhQa%`n~e_O>o`z_Ogn_snU(c7tNQFKJ@E
z>~~L3?ajpwns%iv;fD_&3`9J^IJSNmbA}9T(EeR%pDTO+s8tnZd~6IZ>;Pj<S*k}=
zY;1~zsx(|`VC_~}j}VCNt}ZGv9G9!Jx9+=>Ex$fs*;rdI&ifpMpZ)>4k{$5Ag-TIT
zF|gGHyY;6-wM>B$otIR!msnclbE@Z@#B@-oK`3<;G1GErNOF5tq}cD@u`K6{0l1SD
zHjlN8V0@6~%ejN-6IN3}vi&HF6|iPRzcvtfIKidbtl7D_EYx4J!3Udjo0Lz1kRG}l
z6_T8mnHnOCZO{MIV*w@r;p5{Q9UXPG_Db_Ty6-Xj7V|NKg7I*+oaotN!0t>n?mL5e
zcU3jD7jkm<H8eDaCdfoRKSxL7zmk_1@;&2(uxJ)8#_2gMEr)Sff_Gh=b&7ZFxyu+K
z<_`Sg!F8!V`$9KJquW?6vyLAYJ#jeU2H>d~L)5=W<=DorS`lMB3Hv9e8<kZDr=32s
zH20N3Hb)UxHef7RmK*$WM$KAv^Yxo5`>9`S)w938a+#qP1XuJA#IPhjidKf(eODV2
z$6-VPo4Y({#{Ky%-td*GDqc@KhgHk_f4;=WyG$5(aGCtNdvmoRj_9I|Oy=sZUhqo-
zgHhGhoz5r?3kf+Uh@yBArBj=2#fcqIQNjCbiPQf%)qE?Soae`PG&Ed)JVmb#BjI<A
zCx4ijTUZ$UDQmhql3(vlX#K95rTxPgjUqBQ^f9CJ<{)*`*)mo~B;~-H>bVZ9G+0NO
zMbFuIb<;n-u>^H%ae5HX?YvwF>Mgj?<3|vIStoQ#-#=&~9{c8_-&Kdm=Z=n?!Nc^w
zLqlixoTagPt)~|@WzWFKm@7ZAg7gNfx{XIolY%OAIKhOky{TF`qfgY}QTsU{y1R6)
zj^dkFw{p`k((CF-BRd03h>M=RWp4`?nC}9A?(r(a?T9gIYir4%-e0!2ZPSHn5oarr
z<!@&ABglkaczX*c2{?8*RJ-g|PAt3EPc`}oKqP~(mo|s8Ao{LD(!2AGNp3siT(+a%
zH-)Wwzh(q}rmJ)k{M55X!@?qu=|nTkOanc^ZVf@mW|xB+wVlP}?1!q5$<jUZ67KaW
zZ&x}F2PJX2d`@<8*sAmMKXy{WlaV_UuZ@frwoAKo*n(SI9tzC<EGTLE{gIHRtEY#S
z-~pG%zJ6I*S*9G-yI@Mcvrlg7nwnL0bJdOuIN>^UniP?k)ia8knoq*R!vkMX@4AcN
z1f!DCz<}Jn9y;CAYFqh|<-pd~7SvvIOUpZbgtAY<KJ@k~Br7pO9zJ{s(qzR+aQTEn
z8YHCm15|P8Uk+tVHJ)$qN@<#vq3{aqOA_F5SyyPf-gAseP3;fB6$77cP_QxQKJ%vG
zV!NPFzc%{j`V!p<(I<fZIVFW0Hjm2HKTEB8jVH(XRDC%#bM(&cRe5=#pFUwHCMH^g
z;f(eC-a$sEq$pB7`nl&mGCC^d?R}vWZ^NC?)zt-l0|xbDX3yY83=B(3%|8NPN~%s(
zkj!$X>J4P}Z6~=x692>CRy@UfmG&WmAPHW6B5nbdOQ+oOVWZEf<;C&Va~Jxd5IkDQ
z4{g@oRA|yvxs@3)hF^1Yk57F_vNBk0%>ur}pF)kQ_3frDp!ifzAwuc+`z*`Zk&jTd
zjxHZyfvr0p^Ild-<q51tP01|*nB`Uj6gNA~H(_8>5d9(tPFvsN%e)YlhQ5c=7bkl?
z*>W+Eui|jANazVMqf+vsKPH9snEYBsFvara!mU{I#aPK?r5zC{dZ-U9EG*P4j|**U
zt<4`%f-68NQ4hN;iK+qYDjFJN>(?17Ax78RT346Nw<2q6Yc+EYe#cpqT;^SmD184&
zR5>p6#~b;PC_d;*;0f-e@WDRY9xe^pDXzzPXO-#|1Ty_8h^bgD!){!^Kj>gmMm`)U
zWt%A}-;s`%${l!;m0*UtWnCOVNLf&JJh@l&^z;yQb@etcI)e>RdDxVpNP?A)@RiC5
z!?07QY%BnvK+z^4AvvUYRbQDLJ->rocCPK}?rt$HT|}H)TU&?plWJ;d1)C6qa9cjT
zJoFSbH#Y}}A+MkSgtIhdn1V!FN=o>`L2gqMMg3gFoP%;5N!P4{0NDANZ<}bK8r+=*
zLe2dV^?5%QnDgXfUx2N6^R)REYByeJ0><*(#l<!%^_OM&5QrL3IxWkkFL5l)%@>_(
zooe+3$#4`HURUUL*;bmCYX9+W{Hl=S!k_a5ENRpv6To57?{LTje~uUFF|)F+E(KFs
zPFL6*Qbc#@fcce%S54U$S(3`j%hQUBQ=a8dRdk!%mXp+t+0qLL2zXx}>vW7h2Sr>e
z+lBe>XZhVA(h!KWThaMe5H(SE!5m}~#tn)hzPBz}yQqa#0Ym}{s*Q~eIfeY{@Vt5b
zCoQSz9Of-lzDY^pf0@|%mXSg2-CfjYN&D!Yijk2r)uRv_5|GYk*Ecwk^kg_I&b67{
z%y@EssDQ+aaxmdf%8HK;4Ux46lLnAcQc{=+@pHttS|k$5%g>KWDl;=$5MrzA>!#cZ
znTogN<>hZ{^+9<6P|E-LJCOZg(+BBw_YN9ZOwEGW!a`Qa|ELi$_qAD{aP#oI6;6Th
z^74L8O^s+>3K`&#mJ$ws_8%mSuL3q`G90t=sm%M-*844%{7Gi{1Rv>qbQ!$UYws}A
z(xQX>Y!uzo2g~8gz!BV<5p+uf4g4>9zR$#sZq^g1BGp4eIzT_{(Z%^m6ZQ^l%wS6d
zQDH*NWngH@%||Jg*tgE#Nk`Ky^IxEQmq4zeBKGS3hZp3pdZqA1+2R4F{U86E*LCRK
zScEUh=7ZLv)tx14${6=@FqhGvMvkVHQ@4mE&Xx{O&d`>Z?Jqo!P6rPPV9C!dSJU#T
zck6xt!AU)Z%CKW0JVmp=eOp3$4`?faDs^xw6C-X|LR2v3-QkM-7gi5!v>u#R=fC`T
zwR?KWmDHCQXPAxo7wZAyAp0KR1X>mrtn#T(0O2yYI6FIM$|Zmu)}CLl!sK{MF@4Wn
z1mMWX&c}@afPruZFuL8c+@yL24OIm>vGv)BEX!*(4rmI-0FY||xrR8e+Y+FnG5DJn
zs0X;u3c#*zw+la;)f4ngISOl~V<}6VFnwK1P)fVIh0KJ&`p(YI^2eiBoRfkF{~JYr
zLFIoa4jm+>JJ5tU@%kI)gS&T#gYZ(G=z`FsQ$=M9O*EuX)6O-BWJ`xeE@LDY{sb=+
zvwTXy&+mo=7A!@_XLEqM77f7pUQ3=Or>{9V3>w(<wN8QxOavcq*!nD8T(_-J$tRT|
zY>CPcV-S+BAIeyUg!Z1$ba!)p+O#m+uzSP;o&_KGKZHWol<6;F@OG_KF+WM_a{Uce
zTvg)=YtMXuVmor$|6T_Wcwo2r_F-rsxGMx%fvVe~w0{9|wx0B}3>xv%QCrj-qNH+P
zj({5s7x{`&f|?2l%fJSxXQ&iZi~AeW*)vl4fi&Gz0MvuGgoepp0V)F~<6tQyr0v81
zz63yjkj(i{@S|$Du_bw+C(i*`628m|NlyA3+QV$Rn)h{zG!+;g|HZM7Qo<Favg@^r
zGyxRdL3a2s4R_PXQEOy;OiugH8)!6MSeBCjmbP%vX<M1ED=W493xHPsBrpO{1UzwN
zgynh$NHrdWCa2xVgCS@4q|D1Rm5rpv#k~|H({!Z9+j3`!2?db_()ll`d)H^#YCi0R
zFn|1)k_`<!Y2}oamk&GrAr<}p-`lR~GWesIPhrEDZTkj7+GBlWWMoBD4Ns09j3&6%
z|1YImKJ*+lW0E5Y!rP<$5*L>fgZ(eO2b+dEC;$WxDr>V+Q&W|6b#-}dP&2pX08%5V
z?@5t0_J<cJDj2F?H8UcWUk~mT=?e#u`!|ob)Wp&_60wD^%dlg*3HEmIurV~)=xE;J
zg-S!A8H?`qfI5Vna!S$p|BXT#gJ*FR<ZLmLsE{9qj!G+nX{b~8Nvz6mDM01g=}>C?
zf7rV00~G)G_eJ*)s!ad;ihloJegz`v{|meSFSQ2oLxAE>|Gxg;$D^i``Ty?8p#ueu
z?0{PK&d3S%F#olqtj7pHBTeYPdXVfc0N0(klsUz9iPJ$C`k>@E5yzN(PKbMHXvrXS
zeW9wNE$iUm&=AZr*SqCf=5b({pPz4SZ*T7gF(t+T0Nx)RQ%zsLa8FY0<H%NaU0HOD
zOr+Y5a|($_dD*6h%JZ~L8gS2C711YA<{2O|W$^_o;NqA~XLm|ETj|OZ^86vh7}`Zf
zP-cSnF^ocs&ZQX*WJz=VpH;J%$hhhJ(BmBr*W!%;J$pj>^yyT!Bc+J@?&4&rS&cqB
zzzF{`1QebH43AjMR}c&dP*@cp&m1g;xhDLET~1cJFd9Y%cQZU5dEZiHW@SKrX~52}
zscu|8!%P89^bf%7d@~!}KoBWSH$@C+cD@-wRJOXB+MVY>A4`@Qb^}vX|NHk3Pf`87
z(}3=~OHK%hzVoKw7Y$aG__E4YtE=6@kEhUuQk2B5{zw9B;(2?0I&j_$1Q{-DTJQRb
ziZ3iB4bfLuzLo>2b9*zv|LSU4dJ`;pEnrUVS}|A^74^yQ@h*_a&teBtlQ~4BxQo!{
zDyZ&$`C9R*lSQjIyP@IgQ;knu*UB78<eWqG^8P=sK3prwDWbMWIhEkwJv!AESRT4X
z<}x_8?_1p2R&3KEgN#2DX%!kz2j0gPt(2tgJ}4g$TM6T6GM=k*^F1DtfozDL30{|e
z{P^J6vu9uV-;jb`0L-1!kTj9o)>rAe){Ku2#$gxC3l-X3wpP8LYNj``#0ZwZ5wd*c
z_Y+0eXrbP4s`B(L{z~SB!$c7#>-#UxY`VH~X_{?JItXlCM7UY&=wv)vKr=kw<+-B3
zmF)bql`QdU)_%Srfurf{J&;CXvt%Moxed-5@GLAW$ON6<og+2?$!cp0eJt`en`X}L
z;AC%?nZq$6#Sb1F7rTex>+Ii~IXw5pu0LDuC&@l$`q)Vmy~}&~6~Gvw8Xp0p{rSE<
z3S}1y6-L<H{^5_@hU9>?wL`zKVYHcQN2`tgl!iaQu++7*%(xSTuQUt{`mi_}eij?l
zgP@XWSjg=9M@ZYSKlSK{Jv0UNSuJz*E7woxTTqXvoc;<hp1aGg!aB`vEDML1Nl9rP
z)9ADv2h{?6hnH-6UE3ovFz)EjBU|R35#+2oWr0CKK{zQ<Vg{0u=<;!_fO~Kn|Af4u
zj8+F>wNq_x6Ood8amUT_s-ZD2bir}%m8OLMjlf-0zNAY2B^0X&<W4OES<v%zA!Y(>
z_x;o7@9ZS0#f+N8<{dTIf97ixOxC=m1$PTODcI~SG3$&_)zs_&44n9&`q?mhT8Ys>
zWv;1yZfBqIqdREDK#mZhe|4z+9}11%=6`*8Ux1&xrnL0@d3IRS$E3u20{qUKKm9$M
zEo_1TMOD+&>j`@JlryQ%;H1)KgaHiv^7J6`RPRY>cMCcuxLR#?bo5)Pi>w*#QpZc2
zO*riuGitIjdpZGcXp0wd=PYV!n&bIo5F&>}7G7StU_2r6IIqigv7f7pt+bnP-==?H
zRqnp0>+Iq}BI@ZBUm~BKb>e#?^tzteU8%6d>N<j)U<Xe7?ca|@m61D6!YQ7KiA?rF
zBih-y(nPcD$LD`|`IcOT#|o(K3#KTcszo#W)+<+V9~%rex3pAsCYY{4c9->ITR;1!
zB#5+OiK*4c*QkkpiQ=($omK~_KVJEXwoolO5w~*opF?>)Id4KA-``l1;0)QC<YKk3
z_^O;7vV{yXQCUU2J^qQdXU^acyF7V&_GigGEp~sbfCzpulGfGVzkYqXuwf;Bsnc5m
z_54F+<ahopM=CDR9lYnGuUO(8e?$lL=*YTmC4xWR41S`cK%uN~Sl)H8(Ul?jF@-t5
z@vug##L#y`WWfZGKEQF@59a$`D?{7o8-2_SbC*j)T<KBh5&vhXSts$j^AN!Uz6Cs-
zG^9_>k4MGz#kB+N{^*|*<bKqARat2IbA?z$q#%${2VU$%m-z+tH+^!!<U-DYP@fZH
z{-haX9ZEd`k_QC4)p}y*bbqdAC`)FhvPoM*Q}ZZ*^6FiF{xd`GE&2yoSoP-6VMNOJ
zV$1I{;f&lX#K}mXN!vF~up>Hk^$OjHi4D7mybVv-s!vl-dwgev+l5cm>R_s;J$J%c
zJBOcyjSVwO9nfcIQ26@uv9f5(oW}xS*pW6V1|*TvQYhRb2Vs0lDtqc}V>|S?74nNM
z^>OW+t+}TwixMwH+#eNw2W-RsbU|5=1<S~RJtIHgrAh495<+#u*=<ZOT4~k29+1Jk
zI(3u&WFdt#v6SW;WXY^k>%$?EH>QNOQkmtkv9WJ~)+p_`;I)x5>%CJXdiAF@rHOs(
zd|SU*vlOBKb|5(}i0~eTNYL#{<iO=s`JB?Jx6st!V1lD$w5-qa;c9mbGaH-5<;mU^
zLj0Boz;qylk(Nw^{bj~&75&AaCefs$;`GIzv+Ka?oAvU!jq<l<2%>l0fwe~B_FG$l
zFfmdPOtn+Cf&{-FujsrAEdf}+b0zfL`NQn2{u5U1pFk%a0PH_YF5^VsZ~f5op7b+D
z;qDk^vF=RiFbFZHHPeT7$;ldbdQe!<R7_>3i=d@Ed+KT-g{-U|^P#m`9PcYDd11$R
zE$+P?-zO8MryoalMpEMP3WTNd+Ta7l5X|03AQS>fYZlRMfCm<U2DJjA<$x3s|EY9Y
zC!6`{zdGms6w(xcnRoj~^2)*EavWxRJvYSqnq5KAc}rf941v}LG!NL7pZM+d!fjv8
z+m+1IYDVT!=f;#$*sR-x!I#)rG)|k2ScTNL8poyKc3NfDLp0A=SiFFIC)~g;_i!&f
zC8vTH(tCZmBI5g1<qew+>@wO7(WfqcO4c$xJvk9>YW2+4QIwsD39^`z<Y4QTup2=x
zqFv);(i@uE9|0zt4Ym2;TLqaIL&7s2F(~a_kziEVf1d8xOYivrJ9S`f^oilOeiX4a
zlIMp|eBlRID8U`^We#-be5|*6U{<PaD*Wy%j}^}AT&1<rPKvD3Qm%`O6U_(GsWU@+
zS!HF>AFznjG&NspDzR(%!NfiU1ihq86J2@sAS@Wsv23MX=gJKBuZFYbux%c?4Z_eA
z#U&>f@pMF6<Inj<Pg2r*HFKUg<ab)r4~nXzx$KFnhO+W>%GVp-#yAlxFtqm*jLmzJ
zZHWMlzYTgiD+%xmN|+-uaK+=X>NoF8<l`!;E(d8ZtM_k;*l4mKgZ$Y#Ztg%7$HqoE
z3?BSUpK)Y#ndIChGE&%E@8fEmw<|R+-!!8l0gWS+av-Qo`8cM#Z2_#3%h9SFN{0lh
zBh#~IcZ|C}Q_s2#KvBczBJTxqSXF%~a!dCF_xJDawe|WN|J`IBEBj|;ykF{xu09Jq
z5tp>E_;!IU*K7X-ixEu^d!}OJ>@8^orK4Ng&LA~+(8GX2R#7fZGA~7jVH(8(`n5LF
zNdHZj-@ku@vJJ7H{NbPEP!|fYV@LAp)+bL^8fSiC(nlckbx25fwTl8_O$en>QTrR;
zvLKwb#iO-Rhq+gRWDK6q5(p}EZ608lB}UI%R7S@pkZgFcmjZyhy0(^5J@mcXoCYzv
z;Cgd)UPQsd&Yn|K^Hs~xi#`WEs-Z!2cw~gbvp4q?w{EQ%F1UdxSEdhlhgGS<g6J%D
z5)x_(HD4GWc&!*N5o&$rai(MBcg*n~$ysN(&V4qVn5-n4p`!45SRf}i#?4k!Tn<{=
zVfJpW-os@~LyOC_EyP+a7k+yK866vIPu|?J7JY&zMD({pKVP`H7E;&vkk^zN7rYZC
z-=I4$*5tw{L{Cp(<ijRJ`_i~{ru*458Uk!JpyQ`LvFe@ihOJhKu!Lp$UDs`r%UJ<<
zX8LEbMO{N91z}8x>f_kB-HztH_5vVIr_r0Q8R*?vjhy`+e?+VY)3KTYcl56V`sqa&
z1upcFB+=T(`xB9^!MJAmC6V(URW({ZXPmHH<=j7ZMy;y)3c8jII_Q}A$DV=}Hm@rL
zhH94?-ia^<`{&~9(j&pTJ#1ZEi4<S2nsG2&ZVSEYgkNC-Wlo->ks!WDT1Q96RkN%3
z6Ue}gtiSs*F{cyNTD`jow3GhPUozpeIHG(Q^a4AP`$M5b02OgtEnM73t0;4Sa|i({
zcTBAGP`X6Qg;=&7HYsli8ajqljL`FffKZn?hpDhkXh|g5Sw-jh1!nszuuz)P0T`uL
zrw+sY_#%28jkNV1k9EreCE^WUmMpd2_iiM+T*hkhy@e%iZ}(qbgyej}#=s_<taX%v
z0DTqoBZf<i#K~}E8iGf1WJM#|dR^L8n->O@{f-{*H=Y`HM3Bof5iFMv{N^Q|`L7p1
zY~=%yVR}Xe8espg$(lcdXvJswcV!(M*iVjKNx8W>W%@m3NRwVx)HHe^EKeM!UB^2I
zJVd^xghQbzv$H&x^|H&|eSP%cr_4-L>C=O{UwkvpU0`QnS$Vo}_VTzC0bSt42K(z<
zL9)GRG1EOt0v6QTCF6+<JjOhIGxxjc%}oEr*|`IYyL*u_XIFI-k`1z7e<0>ix5Yq)
zgUO%7)=zu+ijD%8Opuc_a)3}Pl2W|C1b)546E{+Jcw1`-rv|7m8~V3?Jff9}v@Dnj
z_qaSM*%x)I`cdwfgo$H5+D_zQTroV?@rgtd27}5Bs6HImLG9G^@%s1(#LSF1ljb(h
zajg0G^pJQ}BBS28xYF{lWd`2P{-`V&@K*e=-@ji`z^~q-{(z@BU&4iV@lEIlOzbFz
z+*PING{cKJL5Uu864)gCpXTb_mspv88flDK?8xmbq<!jDz`!LLw%GaHF94dns3zUZ
zaMJev6cIFC1It03YWY{MHUY|#G@TV=uYju*j#_=!;Z|2^>sh3hoUAp&bc0<iiaTfb
zjGK{jz5|~Yg#C0Jd>Ri5$21<mB7gmQk)x3CYj>)=cDJkt!~|$GFtVH3l0<s!O^<E8
z6?6uCt-|0?JG*>SO3GFhHBx_t+FkB>J8P;%SA3`XBo4h0{iebD3v47L*~p#F(H;%}
zg%$6oG`{9D>%a!EGq1QfXP*_SBAf{z+$TUWNq8)iPis@g{!ZQ~>ktdmvc>jVJR-G6
zI=wjJxtUpRhaxt5SgVBYLes|-gI)c%pp6#&O+LQNb!*uA{bq#7zVYT@hBj-QgSeAo
zwx=(<Uo#~TcUvOmZHGfcMoq!45jb$mix<`Q`hWA*TK9wL_LDa=f^~16QkMu!Z&qY2
zDDpqOX0HvD?}*IJuHc<_<e>*Lyz`vf1X@b<>q?gmr7DNH-+)n=CgKZe0xAufR9t>n
zo-ZTFy!toX-EY%RzKd_IhPMw4It_P&-ltm5fQq@EaAPjPXB9$%Lv>Zd{wg*-)E&_x
zb6+o8GLdzdR*xJ+%M-hF(|-~ixP7TSbQC=(MKpDD07Ca;SXe!u(3g9MXTE^TgGK`A
z@tIZXzOA1FjhMyLOB;Lpwk0PfW`eBLx`nB@Dlr#Vn#>I~;82i#Pr~I)r$~WIo$h?;
z?(1->1!ZIZ<CEAb(adE=Y^atQs6ysy>DCEU0no#{V|;yq6in&=n!_tLaSG5?j#A1i
z8=EaJ+~;-qAd1u~2UNH<RNCa_Y?#^OSx7~aX7|@Ig&&EJaC0*e^8`f?4}X!nN1qfo
zbNhw)^%=4RuGkD}v&CGLr#&&o&Un$zi6>c@tfXCh&j-*2esoW&xlpqJ{{?=zRKu6o
z!oesR^S<?L&D-pmy}(~4wz!n*XDtDNN_)I7*Xe{{`K#s7R4sL>G>HJ>k_Q=qgCrsv
zpuPWd$;p@)1GHdG22!CzQ?}EWFu*gueEGuZFk6G5c<1VNo37nnKA@7RrBV?~^-<;@
z>4r~foc^F`@?wdT5r<;+EJKorKmhFmn^ekB6)!$p<%0_MGgek}&@t^z6Q>Mrm2h`=
zuPzqHkMws4?=0m`P?+3v2N9gL!<C>w93<iG?VVdF=}nOmBFk3is~{Dv`RvP~Fc3O!
zHfc$>cczRCmF7Ypb2V3K9n52saJ}y>WMxkiGZ>lb=q}VLpKe&q{f0G{=PaC3Xiy(_
zap4V20upX+ZoMndn3xtb!`NvU8H2Yrro`&%;VM4r6tg`~!_v?a;gJS&R!l=NFRVu9
zKv0bjO$yaid@0<uZ|@fj;j`>d5{OLTvEp{!9CT2=TluYi`S8QN4=(_vfB;<|U~wnG
z<VVfb=J=7<{pJ_Fa_x`tpdY{rL|3R$GZVaB{D}sF{1xz7x$*I#`s)nUPt!UdL(5Yv
zt7B55BqSuzyg(6g5+vra{A9_Nv2mbYIV+}=EGVI&K?vH=z~=J;08Er}{1P;?L11O2
zr@uQsb_JV<&-@;3>UDtWSPCpC`i<U4tAC_vCV^xHbO*pcqo!9nL2VGT+ufZgp=>-t
z$SEsZfuJBDBI@)xW8TnjEC-E#A<#t!WxXkI&t{mLf>PWsnN}tOGz@{aVaU_IdZxR#
z*WN>P|6baF4CtL{77&(9$ZKlGv6I^|(tj|Gw`HV>PWks~nVAUy9Y#rJKpbe@bANpA
zZf2x(zB~pt@$<KDOZy$FKR*-ENNI$%p{9Q{&GqFaHgXhWv|Cpq>K-8Zm^ftVfFE>p
zbnx5=04v(&Of?7K463`Ivda0Y8xNW;@rCh5<D@PdBGj>@FNm1=D?p!MBj+(*w>%VZ
z(`cX^?vsc_Mv;qdkqDQ)9!r>!$vnpWs3CfZ?G}vav;Tq(mY3jsfmpyn|5&WOzio^g
zk05~>OE!N`cu1^-mhctm6RxhVwpm~g`{9aTIn63LfvUWXYFp72VL{Cht1-%DCapo6
zXeD%!nZIZrggr<Q^>Q9o_otgt(x5p7_wqO;*~XbOkjM~BXaM^W^Rs8K@&!qTCMRWK
zFxYH9cEucH$^N9c?6(KVR43-#HYFeh$m#A~JE3;wAsNbVK<{J;rk^wa`3?=`+A#n9
zh53-;w+=nH0XOPlJWjw3qTbxME`Og{&ZKn0+Wm;}v47QN>bHWbOLgT3^gG{@|C%dg
zhiwOfU3voM8j|N{Z;+V8hK0;QF^YTLq_#T|<)(W{yFx#(-nEAjG47%%bML9szXs`z
z%odZJQ<WIvR$AZKa5<gxkXb3Di=3X;Md^&-M`jKVOnecgj-(S@?;zB3v}ZqZ-3z@Z
zhYk8pfA5GO)Y3<VZcL}r#z~3z;Fx3#yQWWBkYXCF?TF72rABF%7?K}QS2F9k=SLTT
zP<W$V{~oZkJDiU54HP3*-^-<!R{`9tz1*)~fs$>dgWHb-RY~NaA!hI`_k0C>u-tX+
zMk1g7!?G81t}Dmu223iN;juV&gID0jtzj~@!6m_6J>6EzlUvvv6msB~%3|l{4Z*IO
zB@IUp92=2Oz@tz;e?cDzpi$QSjIK3PC>!-%POlD)S>OC4o2}t*Tu851d{Kfry1My+
zD!5Vc@tt5qfP^ca36gM3i*I^G+uTw`36bGkAa`;DRX(bKo!h$sxs${~#Sqab+D{wR
z|0O<VK!eBOj_hPkdT7II00}xkmC~gTj4sM>^&!9^{XK`}CkqH35C~?0G$5>PO?@QJ
z>$W{A7%3(E+R)IjLYGT*#az_pHr?t~&^3CLR3?DD$DU6G>><XUhu=|`=^2)YLDV(!
zg{*x<&sSrHC`i#U9<HVSBd#zVG`trDdv?wTm@t6yrRLrE^g&9YWP*9YDg!ZTX}Iaz
zHT>4M=^Mj0{y?QVq<9DHha&o3#MWXibWr(KN7D1BJ?E9Xl;+$CdBQdEx$vq-VePL<
zuEajox{_vfD((*oZznSfR#d;|idRBkoLUfj>6hj=>$(v@uDc&m^mNlmUBU36$@gZ<
zTayEx;&pmOdmV<++3;yMd3KZD`RPQl`B0`b0LeMNX&JJ=s5m${P}BD0Jn0#;E5jb;
zvHrC9qtKMU4Mw%+de;F8mOKeljWxdg$WIA^51SV{gAdp<?8kh_btfW}d(M0jb(?!r
z6Sw3smc4s}+>NOW<E(J>jZj+%#zVHXL@$r1BqJw@p4Vxpz9$~&83KcsCtI$51YICa
ze3*r$C6B|l0)(Nj;iJ~=X|->iAD<b6QfpK~UrXbf?@>$r=om$=^1_StdBL>g+4(bc
zKh#rQ6N=pb=jxb}7l`h+7&}@VRvT4{5Yg-M555~io#%g2nx$Aih|QdF+1;Kz(VFvR
zd^&y;{!$CwjKQ#Dl%*KMxHFEMAAUrw7|woi%wf9!5W$tuCtAH}1z|O+`+9%GGAcG^
zCSUFQMVE=##mr2ypk^p7Pgq!ovc>Ed65^oH+w*}mPV32gyIVN!4l`0p4q_9%^(@m?
zn*cOPU1HNCDv+qA)ZRBBB;!R<6hf~93ZJlKu_s6|5v<CtNsy8%mF;p2#3aPF7M-$F
zJ^EAbJ@pi_J6RENw5L~dw1cR<sd7~Hxgt(0HfnF%a_R2lpkfq=bez34P*@+YCuJxn
zdAFA&X40V{FjSu|o+N$)vFdwkt4wBwJet_jQtw3~4mQrBT2T|2ZDr00+n+$IvF~@&
z7d<S~>^bJ;I~wn~4H(#2+V=9`v7VF_J6|+#e{;)Q*AHg4`}cnPr-CLWMI_$u@j}R`
z6{>lumh?9wyuZg?2Qc*2aOZ5T^YA2Dy+U|F$-Ym@Q7u~SX7_B3ctD84(|Qw6=d<&M
z6u)vVIfY~epYUWK)9m|gsw(8H2S&Er(i3wsZHoUX+#%sP<i>c&oRK#qJ(d9*O%?3;
zyp&aQdnw*wTW-ds*VV_7zJ8|K%YZfI)pt!@=Cc+R8#`jF<J04@h~(wknf4;UecJM~
zrFE+I4K1OOz1iqwXx{+~OYq_A5{NN^u^=-(!~X&s1f1;l-wteca9&}d`O>csLpKsY
z-tp@l>6@6CxU=YFt^&)h?d&gW7R3#c5G11k9+&(Qv*R;nGI8DR@v=(aItN0MgsI*p
z2a5Jqv!r%Lo_e9u7|U|>M-MO#&l`OI^cx8}TZ^MLr>QW>x|bjZKCTyw-+$hbXCBpU
z-;tUsVI~PX79!D^8cKV^FXGpH@M#UGWP~5uTfNK<c~}kVzLb@5qbyrs?=tgNMuko{
zO05Q=vx*}5od>67b~C`xfOU<5)8h6lkNdJtZ%a>*=|WUSlV39|wpL)iV|T~#+xDX0
z_{|=hnBloYuUtkIDw{4@+?_`RZc{UtO&X4S9q)a(vjH>c$h-SGtH7(l-x#8tmDC^x
zn}K2=Nl<Pc^~_WNqFi|;KOfVj)IzIs;VOYW8Uy1<J0`vI_Y<kGk1_qa41HgL2%778
zCJTnNW@O*Kmv1#9!=h7Z&m3g(XQ_;y^=7U_P}3`fH;Fu{FM^NlAq3PgNf<d;x<~g?
z#q%EHVV@;+x|T(}NfPVW%g@a#jjEe|tj(qgIoX?%+Y2=-G8Cvdrm;V9<%eCNVV=g7
zySFFZy>qkq&1`S%@dY-s(yM2~?!f<y@-xb+CGy#6qCD<4mVJqYd)F=*`*l0)PuO(t
z@}gv*QP-Ufu%0U`xbsUR%9<v`80E$FvGN>A4|z|QYA?p?t-rgV@}c!GEA~?wKUUb(
zuWXQVdj>!2;a;iLhBuU~<Gky$e;z_!h9})!dPI4>_vVh6WAA}UZ(C2-!ARs-kI_b3
z)T<`<l|A5T8i&<<YWje_HPRf?STDBGlaf~HodTU}3HR`Q8rJ^1jGjZq%b0_wq%L$R
ztD~b~e?<BMTN+<7><ODG2u-4f2G7k;d#~uGtm}#JY$&sUlZ5O*A|#|@0@#&xfB*>z
zBjT_G_{0k40BpdJ+w&}O_nt{z-AX?p$D%8jWB0_dmnO{;v&WSp#G`Q8>d4%0k1IPT
z8yzv@jf64Z-6G(WIq)=p-;JbOvWd5q6SR>Fxc@dmotJ24Tue-;l|>KRgsL}2+_K@H
z+j5Q;4d=D5upz*8EeBu%bVh?tN$mP~WR9=ltLRY|t!JYZ!xQ*XOxj?sa+=_$&DonZ
zqni&+u*)Om+hb*5%VWWM!U~B7@MZf&)#d)Q_}LOibHKnt1N3Q-gpwwEyrF2gT}ci7
z^!M8r$v0l}Q{#>XeV;S&FHR_aGN$=;8O1>dPWR98Br$LfqLFTK{qy1>_8fVC;B<M?
zpmi4gMfc>i23QR7Z+aKMyydAq{5|tk?C@271o<lb_Ud*C>DBLPSVL}eaUxpHmS(Th
z-kBsGGT*cpgjr*|u1K!;UH@~}iN21`RPkOd@SR=E%HC4Z2MQZy52$D=IaC17sITOn
zF{6<Qq#X;usfwC_%(?<)l~W0An%l74a9N41etW&!oaNzw#v<+&JoZ%6)jA;;o?1<S
z6D(Y@`!X`AnbpVNj4=YjX}U?gUyrOOINo2#So<iutdeB|JdU|(-y(Of3}nAad(@b(
zO1;E+ivDiQbgi+{(Rs7WFFzmmu;XL=SC26PFAt;|MZ+Fm8Be*_n<)g@_gTpt+AzJ6
z+Tf_x4iybph|%rRLapsZxc!uBM|NpEkH^KtRK@jUO}`_Y{usXF?wuaDatDjiKcxVL
zhTZC3-K{o&i@)yZ%dT6$*L-%}?2P=B^xe)$t;+4;pfAH-Jl5^cwA+j3p;sAvPj5S(
zvKTI>>fJ<H*cs-wxJ8pZ-f-S4^n&;vZ3Q<}pD03#8<(FL!Zwt98?P{mlicj|{hGUr
zfBg9Dg;<v^STLPR1+Mn)%{5bimBP=RxoSD1#3bv*X1Y2mS#-+G?>~Pbklyrp?-?F)
zdn^nz)64og`Rylv`W!R{1Ji+Wn%J!8N;t~+3~<#UFiN9*(Pf}h`7)BCZ+onu_H^C{
z@B(g*<|}SW&<+7+QxP7^-o>Ko`DNe{UKD6Pe+WqYO5^E#>zXr{^&l1MbOAUNpaUH2
zC5<Pfh>d{_)WyIY3+zs%o`<HumH3q>*Djwo8-@?7ANbvCGCpbt`O0O(E`HPJah_@V
zv^>{PKH!p0e!(XSdg)=xokRk?!gomY!E{d|hyUzE#V!%y%)PtU*yMumXB=wMEDDUo
zR}fc>&DV@Cu^YdF;BXS`_1FhRE^>FJueniStTe#fa+UMV6=83xI~xW@q^O@bDn%UU
zk58YwtT{>CK=$j-DbFGqDbW^{<x@@jD|Whe#zb_P&C93Gkd!wmPuG0|jv7TKwR9x5
z7Q<?+<|RR4J)xX$Wr4%uVjfoZe)T0xJGddJXG;k_xK{P`JEs|D0KiN(GWxp}hF;ms
zFxsE<M(y6d+H<6ymP>20<L3#MG;ubs#1%f7^UnGw+zp-t1I;(}nga&aYmzyi(z?4$
z%)U?F{=?CT#JnIPcze45i+8OLxP|S>DUDKy>|CG~C;HLCd~m76tKZ2qA>o{Qy75Ia
z<CX3smsfLR9z5yBRPf8QH~DrEDz80~>3fW*1Xv<xiks7vJ$P?Z`^cGK@l`QcRx_y_
z74Xll3fw0owgc|5-$65~va+(M34-dIg3g8vC|<Z?XH-DbTDZMAB@_1}E3XxzfL$GS
zqI!hPuX6z77X+PJ2+&)oMMRQ7XB6TDw1OaPk{51nd?=nG8I1GS9=+HS&;SmcK#JnL
zfR7v?_W^KFg%KDaPZ!|gz|2~sU%Y>Vlzkd)QD3b)%$dY?ri3)~ap;DZ`W$TZ)?cs}
zCwTEZt%9}fuslKkbC?4TiNMG`X3ySGe7#jBgBo@R@5EQ1dpYnYO`fk=t)6bT_I4Y!
z&aJK|#QTMJ&a^cmo^aYu65m|3*x6s~uDC>Su+SzYHMwI#1bWXgco_QLAU$1;Oja)S
z`43;^=yS)A6Y7CnH~VGcc~~SqIH*0aCm{N6X6|R`wAr-QBf00mM6xA8Ga)R$!xIpi
z-ZJ+ba8mvKn8KMd(wOev^c%^%0!Oi$TGQWr3Zy<lV|+5-McqHMaMY(tTn8H`*=E_#
z=(@wsfm;Y0V!ZmJv^T+>9Kz9bz5oFa>%dK(ko|2+`*?O>vdZpp`-j$k;ndk=-(gl8
zATX)kwphXDKZUw5lW-?`pURz3JlmKIeKxDe4xGp??9Ki|tsE`3ie>{hDJjQEbxu&P
zOUGI$5g}n7TqRlY{{Tw7x>29)@!6D8`<7aR&#U2=)taYJuo)E^HB+EGB{2yJp?#Js
zs9e{pvR{gpXGb#zM>%>^W_+nc>?b*K$b|!Y)|P<@MBk;4Z^(j7*fj*mOlm4BKRNsk
zvA}T!;5G6Cjws-Ex1DoY?={&T%>!|i{FqUR)91vVz3I#p=%n2;l(5mU<_Mgv?zh~U
zhx7XZEs#n^yL-X!?axioDI6aMVB+L<==9A?uIc-2k#!i2>i1Q+ZM>}VEA^jgzJX*o
z0sX3NK49$=370=5{4}2UCF1<LN^D?c59elo+6TfkQy0XbOp7R~j|8Qi)Ax_{@2aAu
z5poL!QjzOIGrojgP|UHOAIvtbnpZ-T)}-lIh(%2Aw4(?88On(z6ETzyM-cP%+gd6l
z_RwcBaMi8i^ZPzYyN&Fh-$%l~B#&Zk@1j}+TNoV8*TI_uK_<&_1qXCIv@G66h9&b5
z-WqV!%HV{;PN0br)=;(Y$;%9!;RWmYj8Bubd!KNV_g(Xq@g#XnZX39zaPKD<il%#Q
z;8Q)qUUYC3C}E+!9Chi3uGP90gN_usF*k`i#UyAP9ee)s&p)%ih(4=XBVfs&vX3|+
z`rX|fI!`%N?{Tm>&>Hm6?EGjA`29hi)&S{VyULz~kdP1@GYG<^jObi3Ib3cBsy=4(
zf-*3Bii<aodDB+YYDi2?^_32qmI7n=eCUC`cjj+1%yW3!g~YM@?R%Og{%eMal<#-b
zwNA8V^pq?)uF%9OlxgD?zxFL<VQOofP*4{7#P9YR_BP*$y~J(K?nACtPildEke}mV
zbfdD}o`DuxFmgiZoucbd2Sta#e?}IRqMg|`x7o_k(i$}Wl){e!VjNT@-~88rTTYI}
z!8<9zEElks5)XPj0`MFSh8dkQRWP=~kX4&3%u;@yZn=HN@>S@3dvk?kE5iC$m%Xps
znj-*10FY~Cg(=7|xFPw5E@>_1KrB74c$Sw%w$*n(6XR44qU1j8Eb?rs`VzEY0Nfp0
zH)E^b0RN6-)%gVs15CHRScCet&g^OMx>Nv6t>&S(vbUKnT#;LYP0sH#9t8x4x9PYf
z$ETk2#gx>1l#8#PTcD?Kx1W1{n`wIFefs9qE|N^_CnL+kl9U_a$uTzAqI$EpHsFp=
z$BT_ureh%r3EUrmfK}}?H%C7Xw(I59DInxavA}h~E=&ac<Dg?`Y002uh46O-a>}s~
zFtEcZ`0a_oxvcP~0^A@CkB*MI0Ga|DJ@9FR;`{4pt!JtUCW5NkK<-(~6~AU~G5#^;
ztq8pO`Vb_tuXO6*bj7`1<h0MD%seut^wsKK6IBW2#K1WQIC8Mnm09B?7=$+eIy5%s
zp%E-6)!xapQnz%5oS1kPh7e!GJ)83Rku0Fu&^E(j1hrG^8Z|Ydj;_e_;DbA02B6IX
z9pIGtP9g_-*e=T%x)^B^smPTWk5WpZtzfLDtzj{iHN0@2sZT6!8vh)@_ScCHeU-@@
zEo$&~>4$aJmdjSmMEuP^(z~<e;as!~KMwv-h%H<*FEnf&=#kG#DNqOm^re-ogcEXb
z+w86to^7%f#_@I-@e&qHy*K$fc{U}3y(#ip!{VUQyQtkZqwa)h#smI)bIHuikE8XY
z3~*rrXh~E)^=o@1j)f?vXsU2}Iu#2GE9;sY@SHY)pz_3ZI%l7*r@2i91jRY`HPi$8
zY(4Q6u#sfH5AE0#{AC6uVH!*XyMw&FhRToa;+k7D1Qv#hvsIV~+E#3qQ?zbF#u7UM
zdn{d62mSa9btEj^ak4s;M0f0rjIOXXFi-FN0lhVjjHil{yE7WxiNH$ul;3_49K<mL
zHL?N7hQL$K-gvC$E4Dx~z`@SmVOv=SY*W^2LxUNTQ)L!d=$JUD!!br1z*q+w+KkHl
zlu}w+T4|*X@8916rm!jCaQpV{+wN>_jFU|6hc8M|T{Dey`^LQ?_pN5r()4}~`hNp%
z0dh&q*k$MXNf%=xki+5rEp`WDoyCnawbwz8Ce=cj*Y}sM(l&@9Yra%#-Xt``j-OQV
zilpsL2Z}G69nts2M<BZoI#ba_0CC5vKlO{4x*DU-95emLSf>5SMU`1c>3r=!tCkxw
z3j_O&BKNj#CF!X1hAKknz5!!{W;K{}od!>?0?ne2mpDc;Aig|y?i_g|m*7UQXt%WD
z<zcS)q3Y9j{AosNq8~*ZuK0r^DHbE)UJu|u2Lh^Z#lc5MB}DZ-bh*K?g0Yn}T(iFJ
z?7N%TQ-_ulk@QcX*NP*@62ixf!c4+Yyh+ST3{>%(vRyBBb`rSlA1j6;I)0#B7F`Ut
zl|jXUrD^Cv>|ENL_48b~#I>AN(g3ukI(bc=Xr<6b?8jW0AKw5J>Ed_WLwUGe-n`be
zbZymOd3cbzcsBH^%JC+U9_}sd4ez2{+!Gh?;c33$g2RxJcdz<pM&vf`&wHQaUY(Zs
z^<v#3?_xI1&aG?TY>2~u`8YPT>6Kh@z^@VI5OqqS-r)^+C;WE16VU$0_BzeN!r@0F
z;(A>R^S<;K7gq2~Vn@~+XmL=?)d2h^P=%@M=v$c1=@K`js@SL%p?v$^$`5I#*>LXc
z>LU(otQ?csG8l|xacl^ei#O^X6Ii(av-Eesn~3_GY@WnNAFp8eP-<6d5Q3;m0gkjT
zf$+Kl9cXZ-yUe%+1ky}X_Lx2YYkhri<iiv+)1D(pR#lkVewg$@Cqc<<2Q5v{^R;*(
zr$q=#kp_oE1Qsxv@oWF<1@J8gL=Vso&?ZBjnDs_(OCQWP-oJat01-sb(A_Y%;Ikw7
z1)HMJt|xWlI&xwCNPfd<Wp)Ow#`dL)<d&6@UfY4u1)+@%zr*bX`p<Lm0iI!=vtSYU
zJCI<Mw`Cz8(M1wGkaPOnw)hYM_#O_~iGrc`4lV$Jl4%W1Lz6oCf}b*P0?zFxEUWfs
zi4i_r*pI6h&LHl3!X;No9p`dH*Y7R|#NGIiws_P@xi3YsxKXbxim-^-KkXm088)0H
zi+D#Z^uTX6Bj>oQ)E5uE?*#{B&+rIpSH|C7c6Qbv6YFcQhWFE=&!ajIFr$6yBkc!>
zoEhptN7~U3kp$%7=$Is#t@f3Hn&iT@H8XH7e&Xhg0JUTIOTJ>#LsFonMd}^s4Q}&w
z=Hnd2i$nYVsG22+mV0?|KoNG_<<7(+Th0-h6y^u}1GUSEdNtNp=7unLywseR#f?aZ
zDo4Z4`MEU2ZMDb7q3XnGQ|AIt%vYE+mAQ5+yU2?>_lWNfWp-JXzR(>V9}X7lsy!VV
zS>CEeCa>5G;FUz4@CwZu&e#&Yuhw|1inaXyZa`O{v?jXTJvvTmRukD5_;GYDxA%A~
z8GGo;SCPJ=o<Fbrco3I2UGZMMr>&=#H)63@Jm;5~yxt1}eu#toqP(H+Z)5m8+lU`>
z;;K$N8mU@q2U?2#ko}OWw7Gc$^<EruwA*d7nLeZ3;j^73fYz*v^iRl~ZWXi__@$d&
zp4y(~Qd*Crhw+-unj5f+73^&#@xD3neMlz!LT}+BCZ}IvwBnM&+I`N1wu9exVj{S#
z(nYThzqwLjC8yW=%0pj0oz131E}zoaVZLE%r8VJO1d^q5W3?mvsU8fcVFEEQaeH~P
zKG1!#t<b!2DRKHeFHdz0Y4-p({L38s^~mi_R7b?u?|eOJJ5f9J7nc%_7pZ&lXSH)A
zJ)ICw@`ABxYY`pg+ca?_m!h&4w{b_}7W?Ab@)Y{t6nfkfJ~4!o37_<HyyS_v@y%Vf
zv?G)Lc(RTy6j!Y;?5NTF)nE5`?|_eGR#we*fmlvW#p!$I#c^!WaWtLH;E$+8?iIh-
z_$hU#qp$Ygh}@8`^4N`-#=j(lZVMQv=k$Lqcq{`v%j(5Jkv2{C+*F*hr{WC?(Z|Ro
zSl!!3-OvTyV(L~IyTL)c-$D(_UPhD-E+p~Yo4J2BFP@M8>9YRtL3*<%xrmz>J5ks!
z_3HYH&-~1Kja)q2<`g=(TlbLscmHrIxgOuryiT2!^Gce(z#1ms=$PL>p0pQ@R_92{
zTg9p}HE89sSBhACNm8|gwZg2YhXB^|#{?h1)Ra#Zf>!$bm03DoIt4lT3Bbd!uNMT2
zR9(%D=-CVk{9w~*eD53uFI==1vKoaXuQ9MkkA)C!f|pn+{ZMvsIDAfI2hD0}Rp}Rv
z<AE%ZK4qESYZrNqSY&-KS%3fV(6vwUz?(NhdfIIQJwDHRc6jt&{Mwcr4`+zE6YxS^
zLv_CRgje0G=!JW|f#cN$y_}lCn<9lAN6p^?4aJfPMe088_G4{Zr#2_=+r#_4^!!vL
zi#N62Rc9>t#Er@OefJQ%3NwVWNViB(>k3|SwJRs?>|3H)zt4OGNpEEcPucIKdAA{}
zq@?-c#e49zAg)JUXoN&htZjy;Uk-2)e@b*;@KvmLY+{equDlH!FrPw3?I)0xEPi&k
zCz^dhCM9cq9XGp@LuWmFJk`H~=I_te^ug?uLGHo*5)KRvg945_W257n-WuOBFUK)u
zo+>iTHFz1Q!6?SV`Q6*^-!B*_&^}ji&a$g;HQ3-17l$@1*K^}WxKOZgl-qP-Itn2I
zM5&XXKpGV7n<ZWuA_n#yFy4t!S(8E_l+m9*r-P+Q=(E)LGIe~D)I5@KMYeGs)7d<H
zU<gz75|T0JBqk&vdzLjs7n66$Zu~Mv6(c}`ew^o-m``1w-AgIy0_6o_!u2#2=>)~v
zPFx$Gmx=k$O6E!%-)40%gFw7&K2wnXr}p>78FXxP)|s6=?BhPmPJ(Yr|D~?c{^YZ)
zZe_P>qn$~@4OhR2V*RG{8qgT5o{9B2PJi~h#CBu6`e~oOZTC0ChU@O4;YJ~YovJ_o
z8{a9NN7D^nJpWKbAdBTp56}!Vw;c2!gQPNCX5di9vvPx>_GL%+QBonx%npU*oVhgL
z^iR!KnnZ=tx;6H(ckTp`HU@(PD2>VK*7TOcJlVBJcw+>p;<6bP{Rm-t1G^l!xL^tE
zP^hUkm}$er_-Ch-5l$s84u^ehk{kbZr_Z29ine3iu|V{)rTxLZ2Sd3Bw~9-6Lmxji
z>769%%BjH-R7i48m46r`w$%Ia9#Zlc-VeocTb`771KWw@CcWn6@^jaV*J{^D>VLAD
zUze{or9&x#{_W|L3GiJzzJ&FWXofV*%v%v?xs7ZF&5fr$`!r2`MDCP3O3cj6uM`zy
z>B3Vz9m9kqoeca2!EuxVu!`4<nBs$=YfCQ&zVN_%HA?1qyP(9jJDQ%|uAHUx@~h*H
zVtu6B-346Vr}dE%%Nyeqy##j}-nE;)y}9!)0>rQTlP}5?Lg~%+zO`eJ&H3*Qz3Z&^
zKx_cOSWBlO40^=z>;}#fSZEMP9j-L>Pb@(U*ZDF+Zpgr}TEB|>c;~)D+>D!+-{5Cz
zNf0->DQ+%X!}RowjCSA{dZLg^j^9anT3%*mX3xYw5XdIe#~1I2Cd+fhm|_!NK!giy
z`c?KzOT67ozKb9NuCA{uE&E6tk>h%7>n-3jSil!9fRiqnH%pW^65y*~E`SMsDcTMl
z0&%?y#?lH-gA3m3>*>jxe1D9Qi1{kI_)BbEE&V$m@BrZLB3P1_W$v3J&CP53mdF~9
z5yO$DLh|TsM1VdNtGud8b3p8}@D4h9Y;^SSroO6b)XBj@3Gjnk13G-s@6nV6yl2)x
z+bo-zBSLI4g&5R2x4(G<@g`lsg}lprw0P*gKbr@>%R)}g%S%YUOPG3`j76@_Io21~
zC<bO;O=mMzw&vgv>akTMBsmvLIU4=vj}z?na$zElO;250dsEc#e--xK@l^id-=|bc
zMZ?S}kwnzD$fgu^jO=WR?2N2qWVBR-93gvej_mCy$tcGP*|Ls(GLP-KZq@U9{&=3(
zb6)j&9mnmyKjZpb<9)ra>!_-pMf<*a^O$YAD<>9+NxwF;FqF4d(hA;x%FTJaY1Xzd
z_T=uhS~A5T{EyoLp=YxJ;=DiGRkgH{ds$lS==EvJobu9hc7<EFtKM-oeP~@~`7n@D
zJaz>3L|He+bKOGb)~yK|uhr*^9}*cIe|_Fh%!QUE`wtx85f`t}?QN$AbC{wS+1Gi%
zF%ari<W!5v7~3!Z=Myh-aNPX#>63pz?u)FE6DLm4GBaoLnuIMs?sT8Cq1GGCIbDI<
z{Cv{a-+#=jS}eVI^oWxgJp0-6=Y>#}!Yc04;`#^}xDeSy40!E$SoanwMqaa4b#^X7
zX7Kz|%dEAf|A<3gL4i87eQ?kf8`4335B$*B;OwD|r?$fzds_Yjt3p!*Bs*x(A}D&#
zzyJs3PaTSU3wKTPwE<xC<+Ru!>Mr^1Y`<AJtW;8}G4YnyB)RdDc>GRq(I*kXzWIC^
z;;I`#8AGJ(N2{u0;m~wVXvxX>g6o>hVE9A@Ap#e=En8+A;;U}=cBt1hH)QJ;Pt`IQ
zsv8)@==Q!Kl-iH^LWsQ-Ik@>%ME-SiL+JcgHRksgYC`;`g+=;?>d`#~7Nhk+d~7r{
zG+jW@*75MPT{}D2x>2Z;ty5?jf>8GIwI|qfb93FsLNv8b{F0{klR=}=*d)+Ee2O}m
zzh83;6=yg!etXn2|4ElHW(2WdTuuQ+Y;e^}@KWLjH$vy8$d$A1ML9!6XEV<^8<cmb
zNN9jy^o1Y4#np_&zCOA(-6S-q?&emOm!GfgLwpGbqfxviYjt(i=J3I}CKmZjpses^
zc4UwTH=||!V-r?I4)^yLQ0LOq35WTKgw`*AvH#DonwUg}_D!dR?assovtGxOJ)cOS
zL<7U6y<e@b6yvi2&n<NGTo`R|+n6n8W}UVU`90u_zpj+4lP#yDq-klHaW)~LGUM|5
z=;d68QY~rey<*q)qV%4Tq6gl@_C^O?*yoZ~L?s=txT!?%JvRg=WR5_y7lrzL4cX}T
zK|!rJqR0AVYJcAeRHe4PeO~@Yd$6%vCL`Z?F6Eb&YBYgwv}Ds`Mc9mkg6L2h(4hqs
zpcE*!*1PaFU5ne>WIV<}9<}6rwAe0(JAZOZ$cw1b+o|hERbVmljqt1m`iLCr0HtJp
z9+VQ&ONa-wZ_DDII581lzJRfZrFB&cuRkL?j&Oa_r<NCa0-^$I3NVu&IQ6TZgr9qe
za(j_Fb|mQZJ`}3O2^o2N>)B?Aak>=w_IQu?MPI$;c?^Z}o>r#aD}F~-)(4nJqDue_
ze>rglCDEuaa&wdtG;0Yx-1d2t80PMtJ$rn8eeJg`(KU;J!NVPwN@561XQd9JP}R$u
zef=oZAZTryq9aBiXiYI;(b4^CihI59iP-yaUJw-20EL%UF_S?rUe=b}_4pz~Flak1
ze&_@@bP6;-3Z>un@1c&De5FySxNmxY2YH>G$PLrb`>gSIR7*#$Kp#2pZ;payuQ$)Y
zyO<gU#P-^=HvJh;98m?iWq$(rZ-3@NDFYX@SkJxxJMWEm7vPp<8df4V=`^kXTyuQ)
z8V+o5a0qxJNlBd1;`Y~7JwBNOOnH$3bh{lzXy6`{H(R^i8^*O8u<CQQ$a7l~S!&PZ
zJ%^wB{J?gg;_6h6!PD)ekZB;V%45i#;pJ`c8r(GGb^X#U6<9fV#W5rxvx8U5;oVWg
zyNQ>(3p$Yj9hS<<4<WxCa{7Rb7+x)h|5H2Y-31M@955%552~%;1LO_dYoQ_GUB3+m
zbF$@I3vu_O5k~pau&zs|^Sd7bKl5FOr3P>{6RAxuGt#oKWPSL+=+F3{w2F#~&7%uX
zUN)Jkd3sjK$;m;=ts|=$(A$Pb*P!GgK#~%<S@D0KWN`ysT2ZH|_kgS?0SpOcUz1Qc
zRpv6E00j-|y1Km3z~JM@%b>)RplGoJy717QIFSI7rwJ$13A6a?B~)-F0yLDCm#3O~
zH(K@X-2i^Qk~pg_TzX21tf!|Z)zPCGJKI}=ZcFC=rv&BL+1VomEU*9w&&`d)E}*=1
zg};(O+cpBCxH)&D0>=%RumaG)U<PF%<@g4mrAUdo`<K&jxVuok1MD*gpVk1ll_pM4
zC05cyz;-~KC(xYXb}TO+Uq@=JXOB_r)l>c%nVD*?uBEWBk;|okW4G@v;1bW<L5WyR
zx|cu}jfW{rE;dVr)fxq<OEKE!K>6<&kqCWZw98x<Q-D$*2R)XYG#!3X1e}(_K@F@W
zRNbvFe7khc3D<m%lXC)&c7(WV9x(CS^_#3a{(sJr!~hqv?p1#C<(S_Q3GZr+RBUW;
z+o0zrfgJ!L68y{Son_tj0Kh`jW4$28W%!VWrlu8?7tU2lxWsL3ka^FazYS!(P(rNK
zrNq{s>D#848Q(`oXG1HYDX2q()lq{`L3a+J-8G9ZzJ;>u>CkCpp?`b49jtt%IV0&j
z{N)gAv_*T0VwvM478<Jf;or&{XA&b~@bGgR5UGQM6G!R-%QxtMJwT=&6%{4xf#cZ9
zOg3b=Wbgy*IP?Nbg`~>Ts>D&IE4RRJXBM(~G`|Ua`1es!S(ELlR?yLFy}Q{n1@sJ?
z%{gS=w&RTW)a2wsVNcTc65n}u^89MJ^tDLESJbR+z*9_wB4?uGRWQ`UB<fiaL$JNT
z*j?M$;JtP&RM7XG`XDiYO(Fw6(@<9z&g?nrRI~%{CZaI|L9wy1>txa(PO{jhzYN#k
zV!ge+t&?x+Z{W4%B(X7*-$Xcn{`@qQE4x95C3S7>bg#8AFBNO+Y)DZLVgD?T_0c*K
zEK7F4AgkyVoYCfhgm@MA`|$8|NHb2fCCjtwc>Od0FBJ>hcKy0HI9KBf<X2?i`o6C<
zn(UM;HfxS?CYO$mJ`B?<{_FK!vmMBK|DG1{#xOCwJUngC*$OfK0P<*Im!MscCHQ@A
zfM!K{2qSxRT@Cgq@b;zCyl}XiOxwZv7>mk&aGCL;z$x9$%6uYBG6!nSh1CeH?#N+<
z7Ir<wwz1#VHRXvkY~tLJO)1ZwJ!7lH|9^eJcyKY;tT~X4A&oHNPm8;J)craeFi4*5
zty}GXDeji?jw8K7jOVQ)96E%O3l!&>6{}AUtP*apg4#et@Au4ZmfFz^3JL;`V|v9(
zaA~PsX&O+%{O#Ybq=W-Sd~Y!D>)EmKUbvug|9;%(ni}^4q)RBOBG7nq;H2?|uO!?^
zt_(X28fsUg!Hd5gii;9)kOg&+*Zn9<aVFVKKK3v*b!ShZ)iRtrvB0Bj;#wfL?ND}^
z15%a=&RlnQx7$L)d2La!KBzdwN|TFYe&R*kj_XSnboBJ1sjs_dor$HPY|Q?$65FdI
zh**F#z6@QK^bCQtmDy}NIS=i;K$LE!P9=l5I<CxUhbyEwFNZY*pPvpli)jV52Njrn
z(c-SE_?;~huuapQD-E!~_i}>pgN@_>zLndEzmVhnunaL5HoS7FP2O$3mH`SYF&2;~
zS#MDCY)hO4JAxYWI0X`>!%Vp~BDI|e@c)nDjYoYYDiC*AR}DO!FSl}eqyp`xrl9Jj
zsjZRqlw?3aK&RI>(aRF*OUj_6fwRF};M(-N?8<@pRUp`ky02t$DMpO8xj)4S!~46@
zq8;Nl#?)Zv+P_`GUzC!PGBGpb6%bHwPgUxIVv7O@exMU!c2k!a8|Y7+dzl(gQ90`)
zw*HmmwX-1`NU?Wsl#JRdAOZ0R3Kr`2?tx)flLc7uVg&-!pr<vow6qdOKpxZ;6yD+t
z@dI;@#YZq*zkenuJ2@5N3@UqY;_*-<hS&tD_13@wn|@KnDB)afl{5+XZ3YlC2-lbl
za2y`|?Cdu{jMqVKmcKIF-oYXV_UI{rJH}t%wnBrnUMIzM7I-?!wks(2N0D`J0kqd6
zj=(9JhRlT;#8Q%Qx}5_@nB+@+>gZp>oz?aA`?GHToLw>P_zcsUgk+ROqH(}E6UD+M
zw^z`pucNcmId|;$J@9*gH*UFjv%b{}$_}I3Px;Fx?uDs$%oPnJTI^)vaQF1}qYsmi
zT|>FuYoB-59hplZdTov%$Men(v|>yKnl+RESLezYWZxdD)aTx9u_-Rjl+)7G?0OWg
zZ6y=GVi0E6Kal*Z=SRRwq_;O}t6gd<_$&uUA@qI&Yg4=-q1R1>rbvlWkxk?Lm8X%1
z^`URqk&g0deY_rgUg;iG4uG|4jqkeZi8&g0kxIlf4(w`lj7)2Ig0j_`%x{nASqDhf
zbim1TsI9G?tbR(d-jU<k5${RNkTlEHf^wA6Cl!_*JlR^g(hUs_`fi5EQ_SVf>Qw(K
zN?5o8Ame-`*$fBCu%qE{gWa~K|LJ}{fVwqYA-<(W8IA;X<$<ciL=PJfL`0F&GBKrt
zI=1d9NN>$5T(Oghl}Do=AGlRV9T4nVe|h#>&o8|J*$0R>a~(7Feboc_S5xh&fruK1
z;1GFOu1x&U(0!TPw=?td+De!8+&wXN-)SvL(=*QH35ki|Yz%)b_Yr&f;sw;e0#jWB
zGjpl6wH4fI0J@nyR=Ujy`rky`3=<O)zya!;ymtQFxdx-$JJ^)w@EnLZqKPXev&s-A
zK&=nx`j#>L?gE>m&AyV}ym^C7g6dF=3rp>4zZ2*T+LI>}!7IopDOn9@W)-%J8z)5b
zrc0LUVdwBWp8hN%s?ctvr_vo$j$>kANCgphtZMyjNpavv3!);Rq*Y9k>^`^=1N#e2
zE3#KtU25y<#F{~aT7XHPEgS#%pave&{;LSuzCr|O0CCxa<0=t&m*nryN1})$#Eb7;
z>knF^-4&rJUY^!P1c?&4iR_jhj$;Iq?s=jP8c6QKFwqh7HLLxC$gp87ASgvv9&z1|
zI-wABVB#mR<~h;s<hc%rIa_g7qM}#aQekR5TwE#o9{i%BI#^m-+9V)PTocs<j3BDg
z;XH(kNaVP9lG*&jX<GW@$;oIdI=15-Gp^&G9<R?WUNV>OvC7lQ9zB96gb8|9CcM0=
zmevP2Go0vak=bgc*WV86*BJXD4k#5BRa@MR=chE7Bl%C}_s)vi4SC<g>2*)7`DoOI
z5}1!1sQvmCT-ZA*DovDK6RbK@4%y3LhMU6-)-jl+(oTZ>lzOaH#OZ>I7S@r?G<bah
z(Z>%@|5=JMnf6?D-H|isjI1ojfM3b$3PVLPgG>K`4x0a&@Qzb4{E7@{75~shf$TG7
zQ}a*{Cg8d-%3sVhU=5+9|GFM#Stz}#8Lmt2x3=PyO5^)=T!lcyUPXNJI57bhJccOT
z_?QpuQ){jZiS3%>gtCmR>=fja9?x-gvf`mDX---i_fh6+-}{S?2toAx0k9_l&&^ev
zSqE~TLm&u1uV8<xWufR{>3}h#S-yjUv{GjAp#w465Ol_W`EpA;yOSD^gp(+NF~WR#
zhvjU`PoKvvLgHoIoM;Ckp#%1rj+J#bO11OjO~>WO>gw--x{@y9FkZ58?-x6`SBVf$
z@Q8}`jBPdLI&{P3(Z43FA-<GTP<W(%%#xA2UnL+a9wL4-f-(dFsQ@Rzi-l!`3_}kK
zOnfVw2uDnp1s@4GTvC$x*7~wF{S!DSi>_&AI#4`^FDpN8eTa$*+wibWAJd;aJZuEY
z^IFe(Z|e=wMPW|PTfnBmbKQ+f165s)j0$`YK<8+W9g71xUS>+l*K=D<_b+pU?LlS)
zk%b@>KVRz&!eSGkdGHNY56>2i=Wi+6V~jt>HVz*=()O`+1b&DMt_z&#D|N_7OH-DX
zmJS<)rr)URq%lT3<-UDsB_%&aLZ_yL8_flHU<`0)Yo|>%Ha48$_CnY?lp7)LtNUE(
zZKTf!CmP!7wjks$DA{*tBoI2GO^N`p#@M!d=M{X~+EmNSnOoT?Y1n>%wO@udMpM9p
z(D%gG*WYQ15>bPw$As^!4ivJnkByF&R5bguN$7xGv0f~VZlak=o5>0+ykzx?(*l?;
ze-FkLjQ=2WK%$Y65p*bOn-Mv5=n%B-o3@X9^0Ka()}Hb5eQ$su$4De_;L|cSbFM|m
zb}o@q+P|OLmNfm&2$r&S?XWo-Y%A;#9IjC!k=VyGe;3^E#Y9<uXbl`JVA4nn1pW99
zE6^jz!~nwatE!YWK7V(*$X$SjiGT6kFVV-N-q0ivkvGcIPn3WC`ql5Oh=@Q{_T*~6
zX}*(7-<)t)(0qCKqkDiEa881k#V7enTiV~XNr9abyfRRZ)36$%o|`571{FW&x>g_#
zgr1pd4<9B$qok%4C-X4eO6mMa9rW894)7ot<#J!RfW}6x-S~A}qW$(az?ZNq5j>5L
z0JZCYCbU0`*pQtJD*^w{u1Hz!`w2_Jw68Sv+S(fO5Qy2F))q|Y7#OBuEQqfIb_rZx
zI!4Ac!~!*$E>E`Ke){w&gpeo7-^Q!mjg`!X*lrq7HXc5{kPb`h!e-DbQ&60DPg(gL
z<lj<{bI2B~4g7_+)niW=%&hP~kVvoio&t$23&T!osz2&A<$N6}VCRugxI#vDwzVTa
zAD{ol4z7wK?$P`C-H1yFUHG6JDFcMsmC)R*1cB@+*hz%`^8HN73y8HJJcx&=Y|t_m
z0kj0nmCM)ll*T9v8U8A*n@awJx)FR|F2;wtdZ?tGgN)IE=b!qUu3u^kmozH`2Kbhn
znP<ypEpK^2e+92L07&O%1<}jX_CmG;7xTMk#_u6|_qSmGf1b7$MaS}A=s;h6iZY7*
z>`Mg!D<aU&5Y&p<4M+~@1YS6Z#=6=?Rc&k@rt*7@?Xc{CisAQI>@Z}PkemDmH&MEC
z2Ts?s{4=92Z^xhHaqn}<1J~6o4zeM_9;7t}w~NYU9G`6&G7(z}XFoYLRgH1ig{6Z?
zvuilE^@9@s>F1=<$0I(VH9+3M1kcQkJ4U4b&$KK2N2Ep?PFVJ{`bonkzyY*zk{5Ep
z{rstg_<8g5^9Fc7z$Ze$6Xry_K}Y8TD7xBDNy&TWOm!2V)oCRHjpZeK9~d-h@UzRH
zd#Po`pruN^QSJnIcIjZS#J0wNv;2iRE1X%Aqq~C7qEPge$ae%Jaz8B8iLU!@ns4Cp
zYrg~#F3MoAb@Z=U*v$|rjVaN~l0Z<<KT`Tg7g3Qe7rt&(CG$c<DL-jN%G?3r%stB#
ztG-tv^Q3le)ynM0RtP<=Oip<B9L^1_AAkU<P=h@Q!Zy`goWrcstp{+gs+!ul4k9I=
zyw3DEy_3FcxZ?SM86+=2yE~OjH7<ifB`_5um5J>Qk|xx8$|_Z89%j>@jG(Wvj-Vcf
zTKBOzE+;uyRzI0|AC~<I=VPC!K7RZdIL{8c2ZD;n|B042`9TFqw@h@v_8x6xeLa$=
z@i4tdF$KtF!N~Jsb;wRb^y1`Zdb=k4QVc=m46@1s59{Bt@lvlzdn&sJ?b<yT8klxE
zOxskqjnuCzmHz-z<~S?%K7R4Da`O(S-zOQIJZoC069W1Kngc6H0c%486x?iA!LH45
zq<<00mA%~k>>Xz~W!+?XGd>P%51bmnq<yWY5wWAGg;_h9RFJxsyle9`v9w}eFqC<f
z8b4?4MnH|1mY$QSd34PRRH;s>eKH{XbZl$`*<FjZn{g`#@%o$g3fc-vN@1LT#DNCZ
z5aZ-rF_^_YdgnB`vp=Xsw63{;_s}BvxHil)#X@T4aH|M03~qRMxUBNnXiLXtoFB1y
zYF28ycro|WedRmmB|d@CaoRNEXA^U~lO)k?%=k6T@+5QOxy%@A=eeJsDtijI`q{#>
zY1xjCRS-S2#ok9m@MLz#5fJ2W=msNc14jrTN7B7SDIqA^_}YsX`w+(+IvuMA+9;8x
zHsd})etdOeKCgFL{oO_(wHfK2%dG;gyZD@Lhgs+HafyWzQ1a#WhxzHiL->AE7ICv+
z9|0a>H`_%5#c5^OUHBl?of_koq0OF_N+qpWY_AtlQ1p$CT)uI%MIw0Q9QwJBe_P5<
z{*B}?f;={0W<y##wj!td@M*ObT;TG=NhK>{CnoAD5+W5$Ct^Z&mXE)bxrHzQ{0BCE
ze!5g>i`lYyFz>*?1Js6;Cb#Q{-q56fch)X1!e?R~UQ$sVYVUg$YFYogHM)%QHlZc7
zpest`=ARRTib)+4yx{%nN@UYI(QDfboG%N=u^@8Bxva-t&wlP)t@bfrR+dzf#LhGM
zl=}l^PHGxmjT$N{DVtFo%Ot5Z&+(wvhgi-rmY&q`MYek`4@aiQ*f!)0y+X2s$O>)W
zT?gCJPu`9uHsTCgiKi=5TRt8<$FCE=nL{IwJ;L>TW<}Jx`R7I5NfSQB^&lgVzY#uL
z0K}N1t7u@bkn-1n4u}w}>`g-ivAX86+ChU6=)7T-SUnNbV^o!ngYz^7WD(IaufWCm
zmLOw6qnR(V&Ed3C<+c5LeeV+Gu%?8KP{{8JI1dY$n0cH<i(<G8L5r)IHMM^{ZahZv
z3L``}gmLOus%Cs+@D(&MO;|t5n3jHZeCkWk7LRC1<}YI|$902xrrn6LSytts0lTp9
zPivVol$u1!!iQgezB%PkKBT5%+CK1owkK~5qmw%>LUj1dk*ND*c6o{?T)~s-;1Mk6
z{#QO84!DfGZLK?7xv&z%(u_tbblb0)EZP0(3s)j}ZQew&!!%L9m1$pkJ5K~`#)ZDP
zEi2TxkV_w<>Pa}RpR>(nUS1eozxVkw4PD(t=B`Y-V~j~wV<txl9SpuK`{S&}G^2^q
z($i)J{*l-?C>;_Dq}*4=UmfxH#^SUuhk`-te=|);N=o8}lmOz)<s}vJyAFoxRk;`#
zo^A}~)X(H@53gW(>2sUs@&qA2=>Rnou43d>0Wm-Ol;|*9w6I&XD?$9>iz5e~Q+tMA
zkP1c{YUf1}A*a)kYWtRIQHk5;hj6r%X4<phx}_m3iTg757ZdV$Jre{2u}EYG`6o`5
zU895&is#-J8}i{p8hGX0?CkOFq}J%Q8+;c;om6E~@5*84s1E+{{!}9{{ZwYwZT7<<
za>nY6#Tc7Zmi)QeQ$m6Uq2B{Fbk!2;C&~q_2F}jz*r#48wrw4KA(BTQgS{ckbVOF7
z;7Osg^<YA_?T+@-r#B*^E^D@8$e6XQKME8TQv*FMEp1)ykJhhSXT|P>n^Ct>&u#(C
zRHP9oIj@jf{C%$J+IF2AS`|`#k-BYLP@<g!E#1PK#;F-zxt*0tOYJXttiMvGv;V-$
zw4{<dlU_Y(r8ImUFWk+_k|jD5_9Bs?>K4xakE_}Lt-Wpo>o~uuUAa}aV>92E5Ta!9
z^L4I7-&s;?_`IZU+n{N2FKLt0g|04-6LN8o206#YC2F=+P-~Pc96Mc4v#|0^Sz}DF
za(>#YozlzWCb2oXRnu?|+iL!!I-aAilj}A?S?kvOt7fnNsPH>j*Lu5tay5s)=knx`
zrB7K|kBwzC>G#x_aoDApuEFi!h7lqpT~T*YrE{Iq2!o1-PoEEXHpnhU>khUS+DCHL
zHfwxpFfQXgqs-eWp31RNrQCU*WVQ0S?tSI7vBdh9b}H&a9k^Li#;9KWGwII)<oIMl
z_Z`F8{$!2~a$4C`L;`6pRpfA(d3AMsnTCTrqNA?5iezM#ChvJZBCr!=E7Y@gXbyTF
z7d~0DhxGlO^%UVBo!{eQzSB&hKe5NV*);_BluvV1lE+C9;$~BZiKnMYdi3}3|1m8E
zNnSH&6l4A?u63xR_DuIE$K1gV6ZzH0iyRdrm%UG%INf&Ib2;Y}t&p4$PE&qGRAOZ`
zpNFTuBc{1%aw<fAs&_DJe_*!ytsni?0mQ>f(Lcgst=lzvP4>TfF*%^UC}1N;Ohk)^
zXg1Sc37@jkxlJauuDY99&U~2^4Gv2TuA{EEDYmMk^wMzZ5R~{mA*Z3KkNkPK!gBE=
zfpAW=$g35L@rqY4_T*WnNE6=5tYoy5D&n|Rj41+5<t9UO?CxM<F3jsh6x`eM^i$8`
z<UMrT{FWgPc|sFG9N1ikne<B?Z%~p=%f?6)O@-=u=GNoNkhIP}Bj7=J5_{pG$XiA+
z6|~g)8_%V7L(7hy(^jCP=4`M@w)Q^%yuy?eONbojZ0He%BUI)(QU(qc!H}*Pqs(9K
zCKKzm6eC@8_I-)@%LTmTMf8;qN3c_M>u@A_&R)?unbLeuMkZYH3GouuQNI>nL5Ld1
zL!CWJWK^d|T+91$fyEW+uP4e2FIr>|%Lay>TjbDCe_z<Ab!oig>Pr@%0G7;OiFKKV
zGiO*OKHk>kH&pNLPz~wEnGY9i2pG-WI?5z+?|cA@`AQFZK3@<NcemW7$%U6jis9jD
zo)iZxr{0!=D#82S9pe!Ym&Q6yR%mP)9k6UI#-I1vL7}nw&fT+4JR<J0HM0KgnAnZ<
zx3X%1172pro!AxAqh{1cS%h0s7oJzBY(~AjLc<gfG(hN8e-p}3cJ*Xjn5eT|P5^7)
z^phu=*W+Tg=JAt#;ZFdOR*V)@s*!ygg5S{xGlFlmqS*V~ai`{66iE&EXD3q!Q>(U&
z1#RRiBzGnxG&D7eL}PL?Gei1qG`mB-@f3$3Baf&YYGte3i5Wf#DB4FmwCer)?>N(8
z{W5rYr<?l?zK)TIIo@&Ara4Cg--dE(XxzJlr8YC01S>~a95cCA>(7=t=`cQRx56MA
z?XKs!y<LXsqySDCMVXo0GvJgt)nk*N8=CTP3g|7;^K~8joKw+Q>OkZ~%O>9F{QTrk
zMs!H_ablg-(u;IL9hdP|M(ngkaosxmvhh~S$Jg*=zt{HLrDY2doRc+}?Xygf;F<;!
zmQ(hoW#q`(nxE#BpVAI4aBw3NY=BQ-c-(%!*mn)h=Nq~2RyheB-FKja;WbNbjILm@
zV`W)c_u|`Pv3qySJsw!}z2B!8A=&FHdFHY*(5u?#B6BRrO<l<+GFQCj!!MRgwt-hf
z$8sWLf1pIXYhaf0<5ngUkA<qLpSevVe$tf>$p58#UQ<TgYvL)>!{Dbve8UTN4D#{V
zB%49cD!!a8Qf%gUry?4QxQbdYWCJ3zUTmCx-|%zZt4Py2%&F*1b7{NQSm6~DkIkou
z?f+!{qve;e0K(iV(bsZ%wTlj9dg|LjoB(;XzRul4GDpYcQ9LZ`Z{=JuskPHHYhrR#
z<m+0S&`FtbKArgO@lS&+G>60Rv0j-YYb7dV#0G|R%Y`^R#8c08r-KvWqHyF@=ISFA
z?z0(z(ls1T3qLhaT{izfh$aO0{JekhERT-I`q#9}J1^iN?Q0G%d4ydRX!zFxs1Dl~
zI!ud2kn2Z$edjXchLoB7xxy8=W;ZYEn;l+Qs^$os#(7`gzfU06e;?VxLMSuzSqglI
z$yG1J!2eIqKd-K*N8Q{diA%9u$!SHDE=Dvxr|P@<edUiSgcAHsk}+)XW}FP1aZx|%
z-gcpB)i)Y&(%Z5lg`75r47!in_ij~1u0;6yQE{Rn1IB?c22m4Z{Iszh@s+VcqMgm+
zcgEQ{084WG{Y_ylTw%Qt+cCZY{flI|f@AIRl1VME?;yUS6`hIO=$lks*5)w7%7h*A
zhN0Ex%B$eI?Rz;8b88sWrQh$6Z!?-N!=Bih1kwhqKTH9#1mecHXE&uy!s2U*%>OUT
zuKDmszo^&BTW7C@r#Ag1@vqY)|5E$}JXZGV^ImE%0+9wKg=mtwoAPd}HmxTzJEr<v
z6)Z~`f2aeU1b9q<z9$9WrcNvQcwIiYlc(a-QccW>Q>W$>dSfqdNmg!WdTFS52Ef7@
zf=3*(+(0Sn&Sl6IjK1j;*y(YY9^&AS-2}JX=RT7Po&lT|BVJiu?F~Efvcc%9;}S^?
z^UEYddz|t)B9;3l8v?ihp@)Z`$Goc<N%CJO-RBcOXZ0&xwhm!2BW`q-t6#y+x9G;c
zDw*Ju<Mlc&az6J~S`qDglNVb+&Zk-4-r0D5HgT>KOju*{XxEgBr1%w`d^WA5o1x84
zE`v7vDPQq;680Wtl}tHrQ+eA}U&VakZK;1zvir6fbClN#8K2oYvS*xKXTFk1%W{ef
zR_M9=6}porc+jV$oP542MYm2=CPLDutwZXOvtnXH(wA3Z7v`OnHEzZ~IIgq#<*I%q
zpCd)x#rObvW@H5+2@BsZ_6?F^z^+ME8A&a15(&r0;uW~0`YW{YNi&I<!5?FOL?=+7
zj??2#vpw4}Q!~zdE{-Po(aY;!KWLcp0v_*A&##{x_wJpnSZ0U;PiqHnm_XLc^zi-$
zoxl9;9j4<vM`6|C2EA|ie_iHd5<6#L%+;S+9d|5*mI003`}`&+x_PsvIa0z4+^kcb
z(qH6tN7fFJ368je-zEl{v{SE(cRpnJE@Zm7tXYOc@v1guM}n8o*xw{g178{jh&}=Z
z{`h|KcF^Z&k(+{rf<QBBFwo4bh^j$MCv-y0xYBDv7b}qscl`mh_H*b|`+y5O(=`!0
z^&^BXG3U-;PH?9>IvIc1R>#S9eWa%|@9p)v2R!dGJf&I5E=dR#cNM6zlg;V)AN^oP
zKp%-dZ20HX^$X;Tw#&rtm#<3HKV6k+ZM!4$^ak+e+^Zbk9T|jgUI_^g?;a!DnGssX
z4%hY+%$pELBt47~M!bIMlN(stwlgMD!WR_^1qI6<Z$(~qsw22ruPtriFRagPyFFUY
zU%0yby>8Dgrv@d;E6k}*!|$r<j`2t$4{TO`=15o`!k(w=NX;pa91nR?#_fo~??D0`
zj1YwZ0cb<VTQOEZ#(((k#?w#izW>pLg7!7n@~GD~kttm)1**&_ku+#d{^;{&gD*Wj
zyEW=%;Ds{V9kvSx|IEFbPWEl|ghRP^seEsuEDBrIzyyJ5#vg80DyZc0<p{X7FSFp?
z8rlBDJru9%@2AnA17DZv!YR8zUe#=D7D-41PqQTLIv}dSpIR2AEP$b_@!nA5#@u6|
zOy9v~@H9FBYgk`c^G7zBz2lNvFRT-QZ;Rtiv@bw}P}NO9qnsV(HqFv4zH3s%+bFT3
zQOw|@v)GcSaZ1>+#M#<QbAvq7g1CL16oCcno4LWM;7QJIk5Y8>Rj{K0sVV~oZ=>^=
zYH^XE*t9Vqb2Y<=qC{0!K5<)P9I})MxmvJterI5OZK%agqGGe0FUHEktTOjxs^GWw
zsa~m-fb?yB8H5@Js20B|)t=~gQBgB}|4okuQLKOa8m3`j>fn$me%m#?N&6VA5y)oZ
znO$BIn@_^A7W7;_)53vWIu*(r6UV*J@#*=oBd&WFp6?FAU4WMgz*e~v@(;Y7AtDi>
z`hW3YS-ws04&lJp4f70b74xC$r`RMa(KpQ^08#(rui8!lJMYiKAPrtcnwoLJ!?m@(
zbl4=;(@Rz1)K&b%dQWuQTc*)+$FPCWKjbgeki`FhFrX|D+9+UkN;IbKkxDz;p<rW>
zkH)@*U-%L2CQmrFE0^9Fz|11ct_%pl*O2r?vLO(boE(-Dfkd{4LlBa?qE)Lgc(Tho
zKmWphNk9NJwO@(@kTf|ZMGpH9up6f@^)W8}0N64x8eyK*VwVTVM{%b}#agsjB<j-0
zyq8{5QZk+WvKIlT;S03l&x{^WlyVH?%GPkX^*&O!Lj>Hh+0`LFqJ1ueuPv#_av>OD
zv7-qBcizb$aRWgB(9=-hny7NLE*cpdLoVeEq!+IS*EB&O{+Dg}It^%6QZn-n^kwDR
ztVVo1cKi$u7lVvT8R3pY(TpT_Ax(dB??tLTcC2-;Y#=k*Mdy>3FX?O}6#MR7weuqK
z<RJ=>U5W3#_CECpSrU*};J4XP*w+6c<N=MG8JL8M;v#<-dkD7(D1<@_U!vIm$VMC@
zEiNdfhJSzHMuU(aL8bgzepJf_LREY%_U{Sa18;!o{J`zXzdKG;A}r*La)-Y|@E-7o
z3qF-`{JX##hV<J7_x;}!hOWcUdvX7Jh%G?VtM+re_V4=ZYB0o0?Lq&Bh{^`Mz$JcV
z^bf5P(&2~U59A9&{)!c9=q`-F00-3ZS`Fqu%FJ5~*nO+sJ|Z`<e;1|?Xol6dg@G0M
zNB5vgIAEeQKu@LJJtU}E>Hp0Pyi!(<U{COxaD}n#zTDXVFSNpm9f~(8%un~^h>(zr
N&@y*#;iT_B`(FkJ#Uua#

literal 39628
zcmeFZWmJ@1_&z#_f-i!oh@^muq5^_+gMf5MH;76zbho0QqJk(OEz;f1fQS;(Ev?dB
zGYrkSAKv$Oe&@saaz385{<Bz%VPfz7?0v^|U-$L!>Vb+Z83`>33WXw*my=dUp-#o3
zPz1@RiQp9l%hoFRb<$Z<Uh_0Od`>@k34hbL+}Cx{us3&cH+3>YS=ia5&DfnEJDHi;
zIa}JhtP<9V!G~@jAChu1Gj*}Dw`0<@LYtw`R`X1p0!()HZcJR9T-;2Yf<jzeLR@#<
z0`Pq(6cb8b`ktmo+|romM@?M((a~UTDgK4ImF3BkwCA6Ges+`8+VG{K(np%|LT=g*
zubjgJ<!iZV{&KLiwmqTYcCNksMC5U8i;_~?7pY-pT9*fZpM8EC(EP~K?Ya4)-Dj$-
zsz~qE)zB^D>ZJM={i;Ymv5rg)EhDXRF|C97+HzxD?W#>lS=sOjSUcBTU#3QQiUbo=
z-9+M_ZWJo4LYFPglIOPk?K^im)+|vE9Xz>2;e*EyiIr=%$ZjDI=C=hj|2{*7@q9D?
z@2N!3=~#mQp3DC~KHMHP4=?vv3>BG0Gn_zS71=I*VD=PY@WhOhh7zFyzDK9sYAs@x
z_p1|cNPe1(!5B?!H}Z3dk}|E*<mTqOr4bXL<U)sshn2{WhcEip5iiUwdXj0iTZRx7
z6i`%D^xr!~mlIzE)ZeEgLs6e#@L9Vz=DmuEW*|bv^=E3NGs{1f2rzm_fD&ZC6mpC9
ztwQ+gkPvPWS~i0+CB>*a?O4u$D}g`F;j6<VBQX5&m4wayzhBe;rw#a@4?hf0>iuY@
z_m5}?Pdm?>(<rXa<DEe!nxY*kqkJnfy}2`m^O|0dt4`?TQNEw7Ca-R4`sX3(c@)uQ
zQ*IRME7PkVkBZn7*F8jfrCNlN9>}TVy{GVd+#)ece@;>{gv$EW9bF3~MScD4c*r7~
ztOnc6?;;jY!6mHKRsYc8LDN5|z*orOF}1U`sxx13bdN4Y3pZT*DfU!CBK!%pjAS+Q
zEbA=BVVo+lQ<j<>rT1;;DkuF}R))}OlTZ4Q*ISF8jFf%*<B-o0L-;hnN9+qVYA58#
z0WQJniC*NlKLxfUk!E^!(;rN!qZw$O0=Vtrn$aV6{tvSLqL_pQ7IC_4Gk%3j&)a)~
zbNQGvGcsOskP=LZB32Z@^IH0<-9zfrC%401J^xjfo0oTIs4Q2P&27M_lmHdjnrZj0
zX_AXnYTd&y&Fbgm`prurmH0C!PuOvip?2P+*(0m?>+_r0Ql^Ns;laIoPe~i*w5}7Q
znnhTo-Sj0Xsi;~Paak1=zYb{7VJK3{=k3Sez*<IrCstx^=Oo=ZI5f`XMWLc+HTi|v
zi(rdjkbS?pFWon_+EGCl|6Qfy*|XAJZ!{hCEgZt+QO$Q$KGBmBjbT*d0#B&-lRmt8
z1#uKPirL>1^rYu9dz|kGZk|Dfd8X^|H%&Tb#SoCnA5RQ(%P(YCMQ53#q{xudg@;7A
zO1@oM7R}cO-~C07UkSK4r#H5Q^UAa);+#6iM|k{VN`S_gt==VMP0WXj$6gWeT<_o0
zaZ3vhr(|mlw~E>D5PALMQ8a^!HYcf6kZJQG&fM!Js^`sr&P%GxcFCFixop>HEP8}X
zStHE~-q!oUNeV`D>IA_v3nta`Fdxy>VBKM9EiTtyKK$?x<KaDWk+lHk`PZy@4-^$!
zY4CV2OjcG_&-Ez7FP*+C&M~|;+LEora4BvDY>MyYq~WB>(9dSXsDrMw7IBHb$?4tn
zUElG+mJn^6gR5rBRqE|4eB6Zn8^U2d{WD^>p4{*A{g6v$Ub=9pasgH`3kwTQBjz3$
z;~gI{FN(>yIF9Q|y_!6<S|SWlRxz)eCU3K`wPDv#Dd%hmQ4$L9Dbe-s6f3y0GQNX(
zRsWvNPH~RbBCP5WR<&xSYEe^LJF;Hw>{*L)dAIZ6<vUkt-&WmoW;*woi}K(v*4FK8
z40UJ|Wyp`wuhAT=0sDViu&|JwACv2IKUwo#RLe)5LKr-!&bKFun}lB^c~N3FR`pRV
z-703cKi@AER&KSmG*q?yH^g-@w|s%WZs#rC_R3hbPHAarR&H*;h4|hOcjS8Wwa|+4
zI{4H|r~C47YQ7&XyXx<2R+m37sI2Rso!Z?hugj%iQNeocn?)I=4G-&&xli~G7h8nd
zVQ|{Yv3&4@R+zUrg+eu7WT7uX8@zb&;$*wrOH=BN9UnOOBD6uF?wiPK5)6nnlD<B}
zQPYJP9Uo8VF%!pjNga>RZcvu-`Ljg*!v`Z}=w4W<vhS?$#Czs=|HGXaZi{!!^X>c-
zng#|2`DQu#r3&G&b7?ktl``QarVT`6ZX;-~!=2gwp`px{4=jt{Ur`)yfbeRK#^uYG
zS0>}fj)a7Tai#gb$}s%nWC%J_5tcj)WgTlCFDb$V8aOYWJ}D4(H7r<H7=<GGG1DG9
z)|xCEsxst6M@NTSD(+MW&#PV$$~DI5+t;iIc{6=WPxRAoZ*LDz5nic~Qg^?ORph`-
z-I@GdA82iB`;mFfrB|8c<Ozt6ijiz;IyzBcm)IUfj`_;jgkI-P(ey80t}c&Nm+MrY
zvly&vY?Qey?q?_tHiAr+1?FOwPYIDxBaWjRJ(4y}p#E)g9h?Tt7Y<*EoLJ&D;(zKt
zi`a6Fss}_daC*B7I(2YG)PhbacdD0)K8l){nWZN9Y{-l5Onum$;jf!tiJUE2E<hVp
zyRSwvk2y4u+2zkA<Z>DN?U><<oY%g=L0TOh9)zbD*j3)|@9z(<Voia|m67jZJX{Or
zZtU&vPhIst+N;|5$;#`yi@nkvOA9+Go~~N_ef=g1WzjVF9u@Er+@K0S?!8yTPEEQn
zakxC8zDr;>)%>1T%%{TG|G+g@w@?z2DVW7-?OvXD;&Gb4d9y2B40lTu*QcRh?UoC9
zPfJ^SCa9g_hEmrLDib#O;ljtkd)xilI*ay4TlQm%DyMz7*G%I@Jk=>FDOb?O`8v+C
z9m+$CgiiNvUQ`#L*Je8Rz{+a=v$($qgN}hg?9bNL%re3N9>-_qnboIGgpt5EBF(z}
z&Ng4OeM^Yy`MHR*{{HfO)&52+?kgd=<;GOYEh9e-jSnkzM}Esg#px#ay3Gz@SfA>x
zOCeVMSz7uP4oL&~CLHorxB-K)Jy$okswnr>@nvn<#Fg#!NzAvIpFb76s80m4U3m4x
z>ogKArGJs4<O(I2KBGs<$c8r$)`G=d0%z=fCh4kRY%N{gj3!2Z!%&fpW*U5=kZYEC
z+ovROjk(k)V|6{fXvklt)G%&%_yzoi_~E4ZR+g<8l^g4+6bFHv2RBo|sPI*N7<Va0
z$3kXUWhMX^u|(BVr%sW)khEj$LcXUMJ20RvudbyPQN2Ie6xv#bhK<g`V8%o<9>6y3
z`-v~xz)Ay1ldvSHuwFj&FmvV}$`?Q8o=9@$%yoHT_Z5-F$8m(G@{Fpr^D$d7%vK$7
zf?1iFj;q|R3z~SR&PdwuzV7a%yu7@=8WdBgtE=lRNZCow;01f-lS|LgF==1AGXU{S
z<M$x8c`fU$sl9&vdh}scK|$96BeG8q*N|{uG%$|w#_cZV<2{}9O-SkZl+@ijwbQ?O
z;uiY#E1goS<7Q@Nj9W3&kp`NubsFg^nYFdX;VvWSa$HqsTQoPX-@b=@55$|#K|w_B
zdgWtovB-{ARaNoSSTo^qOVfJ#`dQDOo!~zyc3`<#hR#k&k$x)ibu5|bQV6cv{V~%y
zheVEZr<+&t>3^>y3zI{kc~B_5#qzp?T)(}Mi7n5O3dhM3>;Bt_KMhy8W~Z!t_2|n`
z8?JWGKb$r>ygzZU;!gQW8ryla-|4ltT#m~>+RYD7`TO_Ln9pXreyvaC)%Pz+NJv~J
z-|}zi*EUUdll!d^j`<%QK(bLcGK#-_`*t4$HV=`!q9QJKy&`6eJt}O{i>OW|B)V7X
zNodn#&=1I{5Fd)zqSNG$oMD+vO$DdOQO#C~NBgs-9_x?#`}&%BlqoM>oGWZ%=rwX5
zOATi5k^{#nLhrpXTC}g6zJ%Yv4VtWOy<bL-b2ss5hjGkf@+~c&?I)FZq15x&WGuVC
z+((uRJNSNUka(&nfwJSkY{czbC`5i#n4acwf?la!9YFF!W9I~1Udf#!+ZyA11OSU}
z{|>Ymb?X$x&n0-T%x^l{V{nn)JNbtT`5jgJ0E(^Wdr}z%-)UuQ;~tlwR4nu&*;<`g
zW8w>Tuz_eH{9WZ<3^_~`up|jiM9n3c6b2hN?lDPrFz9~}#cb91h9-vJ-Z)5>h}0;^
zG$T1#3bF|#ef3qbHgEy}YVq;$5R(DeagiqL{9bzA^~XUMKJ!$9=~_N=4b%$=!j@{}
z@LNA~uvd3f?LD@NUlg9$QJEn+DFI_bh60>hhHhQOR}+(bOaXr?*QqkogCb=BuE0x6
zfa=nv+YF(smqJ=NNsp@$CaL2wWxylB;>}{x(v)M<@_m<WVg#Md(}GV;)qvB&K~xT&
zAtBLx@StlEfxlW>TE1dp)TFnmNw+*>2N$(GJw5XiwKO%cRV(;CUfW*<(m`jDbAIvf
z=wK#bEl{VxYbeylh5sNNb@<=)3IM{73O@lBKF-ItZ{C#4VAt^Wu4c~6$zki4(t=Pa
zKyPl(fYST7I0)>R-Hb2I1>6{T<-)6s;$jVTe7(7^SRx=Dwo4lDV`^%e&!={9KI8}B
z{ocEV_mjIz*r-tI$7mkrC%qMER(a1^P3=8IjIoipb3%aH!HZ@$=cige0KA)?p5EB0
zO8)rn-B~CsA|fNJ22)qQR+g4(!8?ExAzG~zlEU$(tURU>ApZVVCV63QE^K1eo%M@y
zZy)6N>2(iHJ-ti_W$r$ZODx{dpo(6w^!^J;QPfH*bBj2y&eQ0?`p+Yh4V4qJj{5cj
zt!%e$y&qf@o!n7SP?%cxxcEx?;@RLm(Q$A_ypz1Vyd=9A>LKTU$Tr~0k0LgCA)D4S
z>0U!T?SAZ?lj{|&fM-aE0s;63nO2Ci-nj#5#=*eZ#nlz(U853)rVe^m|1h744psEe
z|G;Qk9BFAh)5t$H1WbwlJ9H-LyC08y#~DJKyvI6CN8A#l#D7Yx#5NxgFd6*sr>vY!
zW6~s(9^{We#Dt#|@(~>mk+F68PU|NuVJo2tNoAV?7SSr%Zxh&sJIZV&Em1=q|92%v
zdZU3;)6g)dqeJCIgX#UN=K+sKr_Be|{`m33&aAj|7CFqD7sJsbuVs=EpV(e}-Uxp3
z$Dv~I-oEXKwybQhk65DjLkX7VtsNh@=t#49DAZR7PIk_~Z*V4yWqvYLw6xj3B?Gn7
zv-;1FXem#h97PQku>o|Ch=`~(Eno%<zeP<7@a2W%6?m0j$?b$i-Nfo)PIh*-4y6kx
z^~a{kc}gB|ABBapnTiSuqhW%Oze-9<28-hFQU@i;G54$zQl0qvFuCa8dY@EYEU}Z!
zO<X}<zJ&%ki51ratQn5<MMy|UXGLAIg~xJ6R@Q<m29gR{2JEWZ(7)aRL7evZY{CNL
z#y^9(N|b$m3)U_X;~~NTg-b7w;7fA#s|=xvS1pMG4AsCVv+>-hDdF1)rO@+Tu&M?<
zf;oHPBr|w=^}XVzhBTx+Dmr730l%#N;=INR1TVb83Vjjbe4r9hbL@7<RaUc*Z4$5@
zDX*F))i|kL2xp<F{PE~+R$RAz8M@k;h5l^oG0Fq4H}|rH!M@VWA&U-^QTe^3$tRoK
ztwjEhU^6EvzvbDJC!!gU2++myZy^YFxdKcA0K#FbxEE%6B|!pb(p`xtk+QPc{CN7n
zuTXIo6g-GDJ1>C0!VucZqx`K;OyKw<5@p9M3AMCJ1h-d6(<C5wyHgzS-GI>smdo(_
zi6)ddW_n;K$8{Vsb-+m^Nu!vOA-s&pG!(HNL(_lY9f=diR7Kcb(d-z2uT?atfGf`*
z>!NmokLx{}Nljiwb*OUSjUvs?NiyBYi2C<TjE*%#O#a8l&vea8o0s?m0hE7Pu>?$t
zG(mq7wk6MHK8i^rZD_`FLV<OBgj`=Nw7`x(G)*QUV}TJlX2&Y`rW_E2UwSJucH8rI
z?9=^wkS|aH_XdlzhF0+qnr~esk-yO2jtWZ!YpteIV7}0TbqH&K3LDs<rb&np5rd2E
z*f3Pe>ElU=j5@Q-SuD%Y29PhpGwg^0*rt}AKB5kSZwSz*`EwJo!JzbKtI>Mk{As}_
znO^)-MGE1-ELa^J|K7n0TIJ<=sN{fFS@-x=dI?qZ5`sD>wI<LWb<8eV8uOSC=etPV
zs}L@15%-u6)y!yH37h-y0T@VhTBZck?=9;{FFYY`#|OB8T)P_%L;*`(oBpmmv=Qi$
zB6O^%n#yCnNQ24{azW>&<AdgGNG1q7Yg>v8(<PwQ4uJQVm6;%mOkMeDo<GRi%L6OA
z?i$<+_7P?T<O1YsNV*1$-RhH4Mn*;}LSzd#v!WDZZ(f3Cj{g~nn9xabrdB}9Syajb
zIh{R$qx_vCpR`c@K>~@|zjX|7=|nHAVhDGCk8!)C=_9t%?00N})E8f^D2x`1--MR}
zmVRhMwRQYpvO0bnc^;5*Y*oiEhsz*Gcl`LzXOZXs=fnRK!T!%~{Qto=c8-~AB1IdU
zY+#NNEDsfLFV8g23-Y9<y84%m4JQD6W?r8p>Npdh?o);~jn%C~Ij75ZqqS&ia|dAI
zXMmbWod%GtSLzhesYMY~^JVavfEu^oUkP~m__6>zLH&}Qt;nJh*98a(MnQ%Lo&>5;
zK>m<6$QZ>8HPV#2J!j*i=Km04{+q1SenRZ>P_+)Rfx&h8#|M6IBQ@<tHWWw{t=BzD
z+IjlzVs4WWX=!LA$82^EzC3@8OVEdD`YgS`=gY!w8L6qMgF^XGXLeg^0?LLwj~VcU
ztEu|^?2PU#fdmoa%^N*Hlb2fc-hfCZ>b+&TInzE|=U?|PMQciJ5eIqSdVhO8M$ES=
zCN>tRXCCJnCFN+Y>%APrQuLcN%_cCsaJgN7qWiM?tES{^QmMp^z3UBgVz?i(A8L$S
zcuHq}-^(2?mgS9zh!OCuvbMG+!k<FjDtp{?7Cm002dJjnZMkP4*Pzt@$nS+@lGva-
zY*$8x9Mr&rP%8HK^jys!%+@P5&jj`brbPwOLuQpQ7Ia(sG?1g03>9{%&7gHd5E&E@
z;mjjt)9XGS6(?q;UMIt*3%f0Ky}K-Yk(9`_<$Baj+PBs~G{uPf*UG%37o5u{mNGEe
ztjx}CjW1^ioqglEWEd)a6=5`J>FBf`JoxHERMeFq>RmD&@2+`k{)}j#*~p4mdCtn$
zp|U-(D4vNj-ig`Xtqzp~E1b15gQ$M*Oq-gTTKDfdCZ>Nx2R&^Da=IJe(v6`7GQHym
z2X|G%0XxIcW9SN?r8En5l?=-5%;Jerfe7Im#t%h(%JN9L4Sr?J3s^n?!Pi?3m>$Jx
zUvbM@gq=o8vvFU%k?&uM#0Sh5x=XBj;XvAW>PSA149z%qaww%7w%g2bhxzi=t_Qi%
zi)09kGE~N!$A<|LXk1sud0?GvvW>m|oNBM#cgl);&&_8)o&%JSDv$?#M~ACN358_t
zyVK4_p)$!{o9+CFX&}`m>}(9edbGzx%;*rH!VnbU`3S0gIL@9Bj@pb|gK`C-O)0sn
zP{L#PCXS4I(^aFG;{_Zgb&OoKdRk9)yx1X~%9msQ;+kKZ<slnfJEwUoz00-m(-uvT
zc8+oGP_c#0F|#8UW{r>+XBoxfB3;LeJH;0BHid+QN*>lfONlyz65#KYoj3(KY72<g
zxvx(Ny=I~<u;bpVEl>nh>u<RxG%v4W@CgZ?Gc>%syz~7!Chb^783tirF&1w7PB&q&
z**8$K^XufQe=gSWrwMT_Z;@-TdS<nde?8Zv&bZorsTtc!)Ug2H1mF6A3<RVQyV(d@
zv@_my{3#(Z7N&l(d!0~X9KmK&C1iAbb93FvNDY4WvQXcmRPf;9@}@}l2>E59l<C%}
z#pd_d^y~b5(@cam9++$j4taW)jYM~T{cV6>$leH+th!4dsZ_l8M32#UW%1+hWy<x6
zl>#;l#xXf2CWh;v=P7p%EKK$tz2l%~=D6LWXLWIhuopIi&-Pc?eAHQ#CsH4V6~l*1
zoM%-K7B85b5vocn@ylX9x~$qcT|fzKuf6;DNQ`g?JtDlCF}>|LcHt~OPulIoWO00W
zg)i(#Hkp)t-40UJq)nXo3dBT;QMH@dllXENbHEd@E)vz^p2VaL<QZkR$MV|@<{7OJ
z|6@_!;$l2eY7<pvH<ksC_>-qysgAOlFuilO{!>$j85pA<@Ug=^zcN&1lgI8Apvi}=
z^mU?ShRVuv45H@C3Bs^{gzOgwa)&YA_|Lhkqzzp_g_nA6n*Z;t*bd><n-@vu5hkQR
zyL0E^`<2D~+TAS4q;u7eu3q=*n5~a%>Trd*jQz(e)Tn5JZpRl?TI_|~6R11vyR|Ip
z^xRtI$qP6rWRwUUV;U?j-jv$w05?cU@&XzC$!;#h?5S3S$EVH!JB5q4YLDUF@ZiE@
z=AmH$5d>El>Z?@$kn{1RgxzD<%G}IM`Ctg@?MYq1lubRK6Ns7HOVG=|itdBu-SS3%
zm4MO?7)n_P0{~vze+k67j=!PdM#ArFr0QuFgzyA@toHcvV}0*E-@eSkLN#DUfCuit
z8a$(K^dZ_98DAc8O=9*J@mnE0NZr8}YNWehr{sD0`7L(Y>(7;W<5zO@XP18!UhB30
z2Q_sWDTV|sW;^1CYdnh)O#Yw*wi2p6tKkx>Xa*9ei%8T4wuCq~7B{bvE|$a75vJbT
zC(zKf2N?jER+`Iag7O+08(~;r0IY$&fv=&aD3PeEVr6fy!$aF&>$^9)aB-x}J6>4j
z$dl<@S8n-u)?$90@#DrfYHXK!lca)69{nJ}tbIEJtn;jok4fu9xqaeHTXgc)mK&^w
zY{C2K=%BNhFgwpK_o_-ALg>6=N$A>{P2`Y2?(amf>TK<;cPzJAFqJ|y$hi<I+i>mt
zeWEpi>>Q;(RaM2~D<h?f^%1PZA_<!+@jYp2H;jaS%bsYlfh9t01d0+cJyD5YcnVOs
zs)>7}vphBfNa=f7$VIMGY%k|<yGeX&aXtOWXLTHtvx#CNL*klXYGtJ!#9A~OO}K!Y
zUH8C_t@`N{TXeelYXg}HT%U5hkQTRjTUP_QxXADIlG4&!K*v;8Mw8#BE=brEjP`5C
zPx#l-@hFCyQvZYd)`s;FbD0afq4bG!uJcSvYoSyy57z~???oM_>z`2f=zY7}x_abr
z<xc@=>q4m^E4}tq;9;k)=u~}U8(`{VEx@5|E93cBbDBH~6+v$-?d-I{X1u-k0tP*2
z6a8x$yqE4GOqF=7fa8}#h~mc3=*h~@XI%4$<M0^@A`IyJVgX&Wbb4VoC3bdp!j*P@
z`*9I|OTUH8^b*VNs|cxy^o^M3s}}P#fYOrmJ<`|LcfrneE7h_$tG()&O-KhGZDDJ~
zeh~I`Z2CrVjZ)hzY`O2@X5!$i_>rgR;r3+U?x=(i(lDW9eBN%9Hnb?>G>l7_?Uwjz
z6tq)4aqF-*aZBijvFCJLsQAdnLE$G7Q3l8nR|8i`g0i5kbEBqX@25`f7hv9yQB3y#
zQn>;%yBP02{+=279xbbQmYNRm8Qq`>8dNg}!fZMz067lWWNhr}7)c&^-16=#3YHR=
zdG%v{nW>itX+A-B!shSyS3s21KkORI-As-g-1JgZ3<22Jvla8cE^a5TxuzIx01O|r
zh2AqCOtFY}<7@Gv_^pKMvv_yUa3WtZen=<4kg7paV4jy1-+d2}Dv(@E!16JwC-oY=
z_B{|rgx2vJsCU|x`WoR+op9PxehK{3uJ>~1WTz`;I}pdn`3t5TEg0%f#PveTaP7WN
zB_EFTf|iF%6~nP}$)VOuzY2vMeh1``Z!u6e@2V{1m6_9>MX84%F<t}GYaeVx_F&>>
z(zM|qG{H)J_uTMh(7AA&Y@Cm=$$QTX*-9Cxw*zD2&c%*T0Z$RST7X`~a-1e8snc((
zSZK9o6N~Ltt=8Io*Xu2Tci;Kr;L$bXEF~4Vusf$%Z9Bx(KRCD;Rkxptpfxi#i7Y{X
z*#r;6^S$(4kKZyxv~Rtjy3OgDRg;>^H8MguRwDnN{I(FqpO7X!i!0Z>>>A_`OvIHF
z#m0;p5%AN*DCqQkj3V9Q{5Oe#blV03i3J3EI=u$gqG?hdSB{xY@OA<IS#Duv5I^eN
zIgi+rq^R9>Xiwm?!U=X;5duBB%O`;k9b;F$%!fHT+&gY0B7GCS2F?qIba$1VAIxm_
zq$-xe^6|TIrv|MT+5~sUG*mN^m!BJ~EB$_BXy$j0Gd3+Vk3lp_H0Vlp(}b?cAV&1t
z%(qq!cMfk>R;}&z&{j4!%~?8othc9VKHYl7-*u1M##cF+%Frw&Wc*%OOZhQ>#cMKe
zx}?ZOQvl2(xSouRY!`aSSzB9M&l@j>Hkri_P+UfZ9i!BabuSFYt)4z3A(S0PR#tv1
z^M*R<!Of3r9s$zVxe|c}t%WNA{!MhF`5J78#ZqM4+=N`!tTUKdB%9tBXpqROTY0AD
zVW!XazlpsmUsbw7fS%Yd8#l)MB#WbB*OxXRo1&k!FK8_@(~TVI_#!@gFH}~W`Kr7%
zpoXMegX!FyzO`8U$npx^AJ8ZMK*!fC<Z3O^%F7(Bu5R+{M2p;$cpY8cIpf1|d@T#G
z4<ltz(WD{K9J<SWU<cFBYj2t%Mi_c*g!_K}`QtxTRxwZGI815{5rFZl@G<TMhtItz
zL#I~^e%q$L>meox9ZXzP^N{l<Xou#@i3D$U@9YnC`e{RUM6i<E%IK}ore0PNpvW*@
zI_9lDVi<8}xKz7bZwa&Mh!x+TKUrOep1la4BI-~%#q*TgN&a`>!qgr41cIQ4O#^xT
zg{3y$M{85^G&Td4Q{P^2fnLbQ`l6jJ{aVE%Kk-GjC(nyJ=;n4?GDWt$F#5&jZ~d^z
zjG$0hSv^$YA9V=4p&XM^={%d2lw|sKQMBw2iV3%^KnHH7ps1*&uKu^|AL_YE;Dex1
z3A{XjOwj{K8E#SDJJV4tC8J<{AQ!RNj=y(D!9~m;FnJg=v~XO#Hd<J4#fb+>p`u%#
zsz*6|{+vNx($d$D;oYoEO1h_G;#*3`6H3Fc=D(Smk0*)ouClF{^qo;O(U~VM=P)SC
z8Jv7-JG;4aac!q>9(Vgu%xhikp4mS@s_&FdB>r-$F@|_=wiaLiKnrN(@bGYg{3w+K
zk@-85(8m5?rU&h9B*E=%LQuF~Vx$Yrw4R<Gr5Z5H@(cvCe$2|ct)-(w?m_kYM+lV-
zbe14CLLp$Ec(4;kE<vbeWR&}-A((vIQR2(y(9o$$h{>HJK>tEnd^NF?|F>ECV=;Vx
z;!visSX2@D?Zo-XH-=i;>R-Yp@=vtVKKL=++<Hgj&&%_#Uq}i8US?$YW&4ZMeJE+m
z?LJY3p`v;-r>3!SLM8txse!dW4HST2#xd1{TwALX9GTUrAFp*!dcL9MRe*w((2pMV
zd+FcIoR#%6cYt2bzV@2zyNsM1C3U=ARBIH64k&QEKTF6%4(klqJ53vu)YGH>&77IJ
zd&j5gvU}Wm@$1(l2YCOZa_0GNS;l^we9R4b!kFI7gigl(#7gnFuhC*1&G#F!vvGck
zAy?bm3BBU#vJ|w6&E?B-HJU=Rah?9!>ltdaqW-naw;0Z5drpWA5sDP(4H8qfKeuUq
z4qL@i(qUt3i>Oq1oTlU;M$f}_Ei5hdLDOw{++uHQ`5*g+bvz1{c^|m5=3B`!Z^M}(
zv3WwUm#AZ{($3LM%Fe4&c--`^|J#c*r4FX6SwEp)rvnw@Wrx*Kz%coP6#-A>T*UBD
z7kz1+4;Jj2PH_^$r;9uLcQ?^gT0^=XuJx_1f*y!jO96T)X#M@Hx3RY}Woao10J$C(
z@l5%|{i)zHrRZgkLr>TH$p^*>&VE@XnhmVCr#9E`a_W3a%amgdr^;20b8Q8mhAM#P
zGp^VFaMpi;ZelyAL;T1GN%WY=y+%6wic^GydaHuo%>`t{sLUVQL;x{Bg7cPMQ2hgo
zs+$yBdib>AEZ|vkQEZr9)%*=3#~+lmyw)F~cYz=}{&5c}|Lq3G-O{+;P8%B=FuL~c
zw)bJuvzwJ2@vSP`aj$kpyShGCRSDsDKRHsk8jKOjvuiA@Op3V9(3j^n7MZnbnwY2>
zkUhy&OP0AseLAB!N2#9SAW~cb`~4pbZj#aFZ-h>kbq_P;$0$~Yw^;`V_)>42b-d5f
z!ShB6c8<XpA6Qthx=&<87zU9t7JvuRE{1X!Gb}rG0eFXn1#6%??gyW}Oxv|<1^meF
zKzVKIh<%+A5H@N6e7lonaZnFdj5rV)nG6gJSc9Mf$#Jibb6f{h=q^jY?gHY?EG{md
z2n~_G>a{gw;eGi*TKdziUDjK-y1`C(T^ITYM9<FM0)wrBJYu}e%f*{WvD`Uof_0S1
ziw0chCVRDqIF~2xr$W<Eo-9-y!gWW!b*o2egO4L3ibNQcKXG2U%t2w*2OGA#>jfug
zxiVT=wYO5u3*|=~X+pY6{6ZNY-JFm;6bHM9__~Q%^sAgrBp+GzrjgA#q5?ws*3Rxi
zOF`GwwG=vWJOJj6mroGw!4uMmj~_GOAfU)_(ycv)eqiI3_lkS@u0`A{Zulo|maSsI
zcg1_9QWlhw$~(?v*CEgKN;NA|DaB`1G$rS~Cb`e1Xxgh8WtQ1mM1-qqeA5kGN2{dw
z4N$qlIp!m~iiAc)M+Qq$4zH?v(0K}`LA0hjt_%<ce)WK^B?ZWWY-oRi3-y4%jsDC{
z$UWIHkjz0@9!h;z5`g5u(oiw+>iui>@it=QjWrB{PEXV~1tSik_d-DI+B-U$19OSa
zvfe1xg3ys>?C_KpZO~1@@+5ZVb7;MR5qo}TdPtfoBX(BCOQ613W4#7YvXSR>1Qddi
zO1*6h1LuHt=>|y5W8HU?7cbypE>u3^HQvET?_g(3$aLIucT$IKgz707mfJeJ*}_@n
z-M5va@0ge9m$0-9q(4Nf0dTU+mo$<+dc1CVJ8>(X%RsSNbi_TMMc`Oo?XESyB?GtJ
zmqW-6sy1Dty=G@FEpVIcRw;;k)S9(M;%LctSr~8MC?0ClE7sK2WM18wWqqXg+V6qu
zQk<+xb;8e)$@}-Yva(&*Q=@L5I}K&-R}_wA&9T<j`OwcFvb5aKaSUZvb~Z1d>h=Ut
z1LJ)DWuQ9j-OK*K+CTK51zL;L%h;Gc0F1<br%;^(G9$c-T%CmUVgy16@cJM6l$MoQ
zAMWo!hHd{Wx?1D8sR;>(HLv1PR{}*e9==qe^>{vGyLrmz&aGSWmSXAE$019w)T#0j
zSFDkkeS$GaojhgUs&B9T5o6`l@U`3aq186XzMCwI;Pz<0GeyR}zP@R}UFlDKJO_ZA
zSoK}?-UTp`1_qFomv@}bL3sdjl^%hgPb)zt*9WKUxjAD6$U1PVW^=Yv$I2>mrZX|I
zXF4Wr{?K2<;K=g0&q7H`L_GSKmYR*2oIw+IJ(ArZEhdH*5ld8o5UOa!|8!Ao_wcZ_
zKXwd-s>~=W(^kjdnGT`i00DH*B-k*bc|q70$hIZo6QBvoy8F1%^3S&yS-@lNZC>#f
z=r5Wlop3TkY6z>A@axu=mSKHke3QclD-YT$+Jf|!0blxVj(B<FZp%CQ>y-2h@UyJ#
z-0ax%g#48OqnMeQ1#(vH7rCz*^YZXypeMv$yt}Np=<Hcz{5D2VW4a+|zA@HbWzl*1
zj79aW2?63u`v6t)=<F)4*torSAMk_-))PcV*K_EDU^IlcD<T6a2gvWBN(OQRVZC2T
zgKof#I_Te?HfUdp{$d!dVLxUV22CMq&@d>wE!wOWz_sQaZjcNiUBiuE4^GEkp9eek
znvT%v>*@L8x;T)UE4ftEdZ!mc8*V++-w@Ju8@9EPNqD5uJ*%PIHnB5$u2bZ}qISLu
zp@qDDjmO=mn}YO$PSR&Cu~BzDhSgzl`Tp_b@&8zk)*7wa4yTj_61#FKFB|*Rf3{9j
z)sgqC%rmJ7bI4BI;I&<`f=K7J{U^BCJU=vHu_h=es6=bGGhP@h+2Ot1ce1zxzd8_H
zh%kg6i>slBdYhd+HA|52bnM=0vi^Is#VDQTJHT&+H3cdBVv~pJ$!ocEuy1@k?=2la
zXs|@hTJNy3_97<>$im3AUkhY|3PVNjg?EeB<FnS-4UYX4Tx4|daiek{+Lb)T);6<m
z-0d4W`-<z4AJ>rfwF|H2LjCuX_e}X?nR_Q<$m3r*-j1st9&ugk^pA}AmhkDimR45f
z?-KyN7h-JkBRXYgzaRdbE%03b`y+<SOhNlFUTCofq#5X61y`mQYZUKPN`qNgO#~IQ
zDI#)89JDX;2N#Jt@87?#hpQ#OK6HuCVzTgDT%};xq_MyVir$bq9Vp8H5x$S#%rm_k
z&<KNTWz~InuvZEqy_B=Rpx)sz`*{(rS_SD9fSzzDfcD#N^}4UucBJK69C}mGV3(U*
zn(tHx<aJe%b?JOO=fql)^F!bZO5ECMK}Nv4Jf1r#8>&#oP9q~ZTmR+i+jtSZ`(|b_
z>IT`0cQ8D?9Cv4**mTZ7mMTYgOJHrUe_ZxvlD>K#bGW-`jYjwHt=8p33xgTckqu&4
zQ0(#gY&)>)7Cd}#$Ow!YGzpA}CwY`L%Fr79arfXNp}>>|ZJu0OaCf@&5xLVFV(j<9
zQQ-5=1MNTNI%qXf>kFC)T5-P`0GRneTf_sKJ<)m#<UwG#ymq4kKnoc;wOo(kG?m;X
zdS_gOYw+`r_j4$f25XJ(92!PYA|bJmZ(RH(Caj}MqU{i`I29@MZ4!5}>7{0y<}?hU
zS)Jl0!CT83t%Z+YH$6HqR?)lvLMHTbc9CfVfZaTV;s$!nir({3zr<4QIGCMmw^-Cl
zY`<6Bhv}$>%O7(c2ie*M<5?tsL*s>JC}?x<z;2P0#gbcD1J3niyTfHcC+695chx}%
zgOCC$i7!o2lS|P-OPpyHIHr4uG7}h75GAFoPd2gAzRgNaz0abWpb3H^P;-l)-ahc7
zymTq6rUvoLj}xmpAPBlsHFs4xhUZo<hlSiwi4{_MhR>U(DBXTGtJE=TIM=za2G!UY
zi7ktRTUH3Mumgjzo9#eQVM|HRCt-KHL}IcpS(X0gZE=~yw=_zClRz|WHS!<&D9>gC
zpO)020&>HaH$ULc01@N-6Hfz3LSAd?X{7=%hn<7KlooQQ>ZZ*s)rG;tv1M-}VMzOd
zoLSg;n|P{_9|(j3Z8T1Q)>9;5r7rlJB+_#O7X*n|@`wX;&;ONDZg^o<1P=U;K8K!a
zzG$(h6TVV0dG_1Pm6u4}T8@-^@*i#>S|=f&?SiumA{oa*r*7_*Mf{!?91(>5w+x~}
z)3UdSy@)zr(SNoon03B`vsejjy~Nhn7wtS+M%x<6uHox@@VTsC7fw-ITjhpVz*obZ
zgf?wh1A-5rOOgs0WC4O7G7Usnv#svVO3<hQ3ZxZw%aI9XXx|e%8PC8uJ91|+J%1D8
zY2Uy=nl7W(5in5Dxm%f#N-O{4rOmI=|0c;C^nLVA1PJ}U4@Z>*TV~|(=S6sxyTu!s
zWJGlEx+R_5vRTFV6yYoCH#>15fO8tGvj3dyP?_F(c(P+?-!!{!bJ~`GTipf}kO%^Y
zHC~qox&dS(Aom3<0&AyXxWYA!O~?=pjPn_L*YX1`kX}^@FiR{kG|N2B6s!>h!05DK
zN1|RH*Fht9G7tOoVq9?N44N^83asy8Gmss}I(yEpV8G3y`)du+3^Iw4cZ_1z8r_8g
zpK5|7tsG-ohEJNl^3T5S_=xTJ_}J3@gos~aJ5<Dd`&96wun(*w4t{ke@KgUV45m&h
z;&LB;A5Z2j@W=3%H32G41Gtf6k>>*D6gD+2t#KJqzm7g1KBcLnV__CcAitv4w)Ysp
zzaZv!nefF=E4`2v!&<E5+b&GTz3p(7-f_`6HvlXb=)(2O?ZyJmz79%i(i;>=_gT>y
z+dNV)%a#45BJH30NcenogzCYc_r@~NCXS!K2TG&lV+0WV5h`c$?R6Xu=jmF&N17+S
zd%>bO8`=_a5$%<ukC-NqK<Pd5PkC-o-+?!Mn^?!tXK)3mA$tG*2;nvR`SA@_PXv?2
zK>gD2@F=zw=HnuA7IuVtpzON8LSwe~(5G?<yFBKzN*;>+4Dzb3bm0Gt8Fzyt$Oos^
zHF$F#c@W9Iuyxyi67sIR)N=4}IlPLnt?qEKZUA9zYI2QRf&;FZ>~Z6DZtMwIe25oz
zH_stC!g2_M?`UdiP5YUWU{j$%-4x0=2wl=q3<We|)6)~YZud&jUHGN)U4rb#@^?et
zi+c^%N|6%WLbu8#bC2MW?vBHlYwIkJ=YAh)C`sjC4}<Ihdp{|T+CyQ4T?gVr*LeAF
z9EYfFu%!RYA?<>1oa`IwE4R3PFU7{hc%6cq27HR4Buu-<NbEESVG0M-C(<ehGEKke
ziTuFUVJDR>%T=14+W1e4h)k7TzvQOH@YgHC$PHZ^x>wOWUfQ3O8N{_ravtO5m}g)G
zwR_3_VSSkFCwV%tz+fWC(E?l0eqSn6d{ZLV0Hbc7Z#->mQsc26b~=tb)xvd3r*?xf
zEBbvH^qLo`>b76FE&WOY=r$KDzMnMH5g$8mI(@y2;{ENw%6K_CvWE_ix|%2n4pH~?
zy2Z#&3kT+A*M^_jE)5ao3JZr0F^d>o``R6FEf7)JtxEpt>gvj7oPfd=$8WMLbZ?XR
zjzPhL#GRf&t=;;)LNNExrNOt~`vwQAkErg{?K?d)X9fYO>28~a*fn_}m$`Gk&wF1k
zOQ$H*qFGLCBf_fBR2EXJc?M$Xrqfz93}jAYOVR#+j5~1T=XVOu`~mjUyOixy@$ca)
z&P-pQIt*J2Jl&j+_$~J~;fNyc^EtV`0@DT;XzMCo@XxmT?sirER$>_ife#WLe?z~(
zokNwu-;_x9na|yvnxD&)6>!%IX{h;})9zm(N-LF-H%Trqtka2E!83UgSkvE2OF<!1
zxEyOD^&|^dk$SC#!uXe(kA=@St0J*VOfC1BrlXiNy@&^A!!??ixUiDhrzrbe?}u^>
zryV~3$L(QG%qI9UzNgPpeQ&L$#b{T3jxU{R<dqy{8O76mDPT$*3f~92T-BxZ85&6R
z>@~<=6tAt5_TQa6N;#-Z*e<tUK>m)ujF#ts(r&(=o9SfuUD!n>@+<kU9G6G&Bva%j
zX>hL*DxlAx%Ec<5P_SLkAs5(Fg`@QYa`L!o@{?M3Z7XgVa~d&LFL6xaiPeRI#P@fP
z<bz}rs}`NZQ`8<e*>pU!;r-%etB^RmR)3Inv@^Ne>Rp$z5aSr0qBv{9-pVsgo{~0L
z)~h|~t}2@Ju8hL&$2N!mjv~@Wof1T5H<U#*Q(>}5q41<7+!)RMAEld7u9F|m{5IC*
z>4~SGg@#qLrkk(uGFqum4!o_(U0K!CGz<@Sl&<<_JzS^5OL3!8oKDoO25?1U_%y!6
zqG^EJkI#F&^p-yZi^F*B4jO~;il7tV&@YiA7u$aLGZE2dH}k@YpirLQ{t=HiQj0%q
zOD}K#<le5FMXSaxZ!PX==<hRQAvEr!nXPkZoLI5UAg^w-c|P}`m*lcofod7r3j1qa
zzhF&UOZ#mY^JU?llyYNVwWhO-A8A4|eSSF@iQpBCI43VG4;3nNupL!0&wow0yc@d8
z(QPumcm1+pfvU|RR@P{{aHwi#W(2ntqot1@Rxonwmu!hF%Q0bX<>Fm`7UD8ZR^9?U
zpr&YrfB68WOr5<6beFg+^HJ&cx|I*NS@Zks{Wdc6LoY`%A8fT8b$L>x&uO^(s;KUd
z@Kc7~cU}E^q<TGdIy|M3oerncuqZS%%oYk1PT?dk{^ugEwURrpi+|%J)-m#!P!@cO
zh+~6<yb!VE)Klp_?kFwN-e;;l`r#$%j<JslLD>89aBVSh4mzVe_^cN({>v<`OAa3r
z{CDe~=sW5~rq23pYFtKpnH0~OB%eAXeqG*cr!u|N-#uAIbI@{TX(v1->wJIJ%!l&q
znvJ&FnsM@PQ_HJ)I<4JORZqtIfv-N;8N&^it+UIkkF-pB9nK%AZ+1(?z{ylS-2E}!
zTcO2qbjTl`QmMnPDX;f}*=lRw#&v!4ly7YZ`{Llj^lXB5MzK`X;Sb&zp-uJ6qtzO9
z-V04|kR=n7j$KWNAXk6_%5)S;FfaeGO$CSc*9@g$Y2bXKmnJl<GWWICh{V;+a-nS~
z#%~=q4(xV#dnS8$WII8o|BZ&u+((60R$j-S_itxYr~UJRL(`&3K0@cLPQm8~V2M_n
zyS%q=v-iH>w!rVyFwlfEH%xYug{-_c^?>_4$M?Z{1S?D!V>hXa*cEl|?3cV&Y~}Uq
zIaS1_VK7jac}*GaGHG)0Tjt@dDN~PMX5sbQ&@8ub279v^qvKEv&)e&Zr{#Bi&D_E>
z>9rc~>g7I0x4W(EKa{_Ym1eYntNP4;EV89{%{y!(G}TW7F+H;<#yH+m@P_<wttY0;
z-gsiMmPJ37cjsF)E$}F3F?F(a9{Z*dkvfQ7^{dqBUOPiVye}m4R!}vl8`EF}H#f?w
zGt);hM|_OTF5P*_m*aasspITW8T&{Xv;4ZHv|r-UwWx`q?zFtFTk`6zp$Xmnypy<b
z;l(~D?1Q={XQ5pIuqPDbRpbuO=6eS~;xPu3uY6$M0od)|6)qW`rc|fPeJ6f!vG)G;
z)bJG5Biw{Fev4hGz&-sPA0~g<fX{L-lB{a$gFBpzA~AN~IDZhcwC)mIQ&!cm8Z@Y5
zy*XmzGX7lO_mNuszF4B)<_B3bJ?*-v)syqc{kfru1|8&kq6xMCTELu4r#ZwQ`VW@=
zGqok<@m<4FM>plO;{6JJj1z;j-hO0ueIb>VN0ScGY-7(CPUoq_gKkS{@bA8iyR-8#
zu}2E-{(p|<C_)yP<*Vt+v3@5Om#(1w>A~{DUFzQ`@)T9c6zZ11U82IwZVi*YA0xFg
zK4<8LyKH~0WoQ*+lBZRRkBOwhI>L^8eSpM4&*q_21_|?&O?wBpy9DSb=lo8H%68eH
zX>ZltOQ+P|sWzD(N>Av@_uuz-{et_HC8KFG&daYDe&>^CCP|2b%frsIxqkD4XrD!1
z(Y?M<+^D@@mL<=ZvPpI%JR`m|F!0ts)3H@%*=yBEzGtqGf?595sr%t6V0hRLgZz2v
z#lq*t_IhUSbRo!|&z8AkHy9Jtb_)K4r=VAPZuU@W-!sKKqkT5Dc<qKf8o8k1d(=4|
zA1tdkv3KNeo+!aJbmhrun+sd_B~DzuAbq~{=9fpTR=L3m`Z%gP=(_ZIEp%sQQ-ZzK
zo@kjouCHu>p<bPpi0a~#U?xse)h8w&IGMxVvPqP+>>r-yX1)@J4sT)3Z*raf*(T~d
zu^HVm8r@klBf9GSb5xNKw(egoz#DIZUo|sQXP3qsw{VFL*e(X21JZJljEB{Y-k5Kr
z3<CVQ6025hmlQ)W_E$wCW?o&r+7sO;BPE>@tRN@nfIBDcRr>t-$@HydS8adufVkc!
zg0-!!dTM%wwhYJ7yX*w^iMxkQettv@zFz;Bpm*c05x0Aw4!#iG_1&u3U6}uTjzRZR
zbG^~XuTnF1S8dj(_pW?rX`6m$Rg8K`FYq$S@o}@L^Rs;XDhRNNS8U#H>ybY&_KM!$
z9Qqh#WUl{Bqy|$nv^_*j-zLXmj`g^qtoqwYjeyFj<L~5T>r2NEcEcUdg;yJ!2BX^E
z<p07fE7o9qsp+}Ht^V0OP4bWZ;4iyWew-s;v=TE53n7kO%H^T-dHnCC!JFsLpBD~=
zKGi$lay4n`s?_h_rDbnYGBS3)rexJOWVwF*N4EvG&cw4^qlv{qY?c1#V9?~;rJhh7
zW8ImBKQ1x2`NRUdy(Uzgh-c4_<awbj->xTIuG?f7?mceB!Jl#_oe5awcbjlKis+ru
zyRq%eH*P%QihdayYVSHnPe*s=E9gPmpfB7v)bLRoxudM5t!*mWBEfW_4|>ijvB<rk
z5}l)iaham|YB4NT+N$yVZa+ls^6~<={!s-(cE0jnMEljNqR?Xtzh+y8cXyp7iR6zu
zdfhA7M9023$rzC7&x0QmP5f1#Y{*kIFtXiGTdQ>Rd}4p96GcrJ==pFad3z7<y55|^
z{R@9@ul_GI{f0})hXX~bGwwAEkMc<wS}e3xzM=PLVa)f4-RQZ{<oxFVKe2jO>+AaZ
z`uC=$$9%E!ii!=keC4-X++^$a##ZfUbe{(YZ-$uce+iLg?&0h3dg~OCmq5iA-{5+x
zo$mg3qfCq9mvZE=(Gznu2kp|5lFueT__{xNP2cvtTO*otLFE}?prGf<O@E)G@;K3n
z{n$f;%bYpa`RIN*tVH>9g|0#@qdwP0h-dqqAiV0nuq=mvNd9|ixR_ihS-iNy*nVy@
z?&HTP0d%3RoTB1mV8h_#@fmwVnl3Ip&}g#5asz>*L!Nz~FSd4cctmiLH%r)Zv8DhM
z)A1*!cU;iI#$IDn=DZ_SmhGkU^Jb%^&wkwT`zAUnI&IvvgYP*E4wU6?7AOf!B7E$*
zcwpkZFsfF&`D@d59Cs?BKVl!dV`5rdKVxK4u=n+n!cT?MB&TQcT8g8cbq)x+2UfQ~
zx{hdXeic2_T<wyOuS);h;%LJDGzqDx>VS^z2<BbL{T&Z)PwpoVNy$6B-rQ5eVVrdA
zw}t0v=sYY3Bv-1v#ZV($1Dh>D5#Lp7f@Nn!ey|>`-f#Nkzuju#>9IxehFU1Cd+<u<
zOu|(h#^eJ36CU>oPsT*M-GHKvR?@p<vza@Jr|%9h-dt8!V_@_-)N#5KcTIrvll^G*
z%hC~T=gga-iM4As-=wZqEp%RCx7;QptR7ej>{#k#8<SF9og6Kw8tPyW!cQs8&iAHs
zL$k=h*p4q2NFWL-4&(15Be5Xn;sTbRh@64+>u{+JNO8%?#rHX>?il{=N|J&$?Q7^1
zZ*H`5P*6}v85=X?*BuI>I>nDfpqDwl(4UPk(dJ(R2x@>%yhus;J~FZqIwu*KnOAP#
zetqi9rE?S%gnj-FuKU}LKs$YlGVznw(xN<CXFR&+>dMQilQ#v^Y;SLKf_zIvL`3N5
z=?A+cOupKfyyB+h=O3P<{Wg?7W%G&jqVYc>Y$#8jI>~Ld#KRC*8ul~GroH1&kWAA?
zF#eFEP)e5j(Hu43()LFd2A`mo$LY>1`?m({OqAbE^OS0{5?)nmd+i?puM>v3`iQUQ
zDO|T}w)895o<J2Cw*5Ien4b9O%zP91(e#7?ul>pG@}oV>?!?5A>S5tbzV3$e=`*i>
z7ZP6*&Z^GNV%=E_IhtOiAYNPF`jaPLoLQmYkw<9Yx$wv0RicNg#et`EN|d@8cn-&O
z9wnRdeH`6s3B4a?D4&`|a)+&*NUf7}Qk9Q2ed}6sXG(o)r=`A0U6c30?n%p%O>eSi
zHw%0mx5QwgP1Kw!!>lM)>j#^nE_?GAZ}iqZa7%qdyyEv<xT*8^_o0TGN*@}kGaMz>
zZ^Xp>M8sA{P#&IM>$y9M)R%?V(-u8Fy$QlhJf12Gi(AZ031Z3VzP@sn-S#-xd$)**
z+PVaI?5=<{buUZ1`N2EYN<(eKIx>#@GSPsZ%oy!=ye`?kT?~?Zq%l;?V(FhNi8+a0
zaJtSIuEYrvSFF=J%pTQ~@#fgsW$<eW@t2@S_z)4r&!0a(@!K;%!~sFt8|VTD*3^ig
zeDWAS_S*7kXli~3jU@HmM<-Fxav=N-|1<zaO-cmx1kqQZPz#4_-_Q$Q2mk`%Lm)9Z
z7qliBe6eayPEOm%y|H<Ql|6HAVmnh5l9H02L_E1riGI7cXlQ7t-^xHm-wJXM0lykY
zn-lYu!<)4IW4!THW#$a{`q|Y-VjnwF3VU_2UG6jj4>{@T^c$!Q#H*(1JN9;K*40fJ
zgz;$8jbGKL&#cJW9SV-?7rx;hYKrD_yo8?+P5ja$Ies*yy3{h-owe6B?0GF9J&I*O
zh?P}rhhkDz$y{kkdgBaRj_!fDZf+?mXDp`iu%UW>geBm))n;?8Lr`GTmZ6CW5~akn
z_(EQe6f!=Li%T{=6(U?{Iti0|7rUJh$kGtW$Zw_<czC*#&8Ob+;H|JY@$Xl}iC1ni
zeX1~hyuJIKplr#wsqY`|%ZvT`HuAeG*${dlc<o|$2_xD3ruN=Y^AVx4`+tHd4p|?D
zr!)AK{V4SE_PlG=#v`U*PA?)-;k-X4aq!fbcB4itXoEGi2D{XGnlFe;KqzS90LR-g
zGvI$2>*L2qbtk^5sVUh1V5W6@hnAX>`{~5~eE%-mW%D)9avi@-1$kpr6aO$3=qoI&
z^FoUcJ{ySY^(xFJJOtfv9NbUPT~r@P%x%#@U%UPH3<{B1%e>9X=Pc3B1qECn2#ky2
z{%BcBM`dNQquHZ<#+sU%=FUzQcJ}u3e2k)AA78#aef8S4%lFp6C<x%6D=<UDVibCI
z9v&W?zFxl5Q!u=s<KL5lf`acxh^Toi&w;ehipMWQT-Q)Zi4>ZzGav*`Dk|z3BG-yq
zWZ%=WaE|hP<h=Q9pkwlmVH?3i%{GrmM4?mfy4T}EJ8$p^<opmcwDSB%{P2+D)ti?m
ze%mu*<a0|S1>Hs48j2H9Ojk?9TXl}!zZD)37^sUM=%6DI$r~i^h!Ki{kfNbuF}*#M
zf2&Si#kA%6Zm_Irt+DQUyZ!!|LMa(;?_m+Y_q*3nBBE6~2c|l06ueXsk#nfx%jpGr
z($c8Wv>vwQ*69@A%9`$?48LyX@8VsSdP`w+_Ia#%A03zVeO(7RCicr^23c>`$~6o`
zND(*w^~L<0bn?7Qsnbe8&E-%rDI`VISg`n2d*jZG+x}VJ2I_N4Yq&@n)A|Ecg|;VU
zz?X1E6!y&JfW&-)0D|*3e0=va@-i1buFDM;5Id5!N7psqPk!HFPD*mcdX4j)McF8E
zNxIca<w~BDvvW&3dSCy6hDHMr?9i@6J^WQbH=#f+<Z=_#niccB{5NhiuD5?|ZkBr^
za}C_O!MxaUV@e(vdFeX8gKhX%0`Omce#7k^9$sD-C@2CG6B&W;x1FeshuhB83=Bg0
ztxr|l;&~Sm;vAQkk>Ow{=J3#$HzPfrC6I{hFG$tg8XK;O%DKn0jN2Li8ulFh=*Ydz
zbwF`w@gsj7zuLMsC(zh9R{yZK>yo|r=lt&TJcPO%#h1%XEjV7@yjdxyj8+z2onI!q
z+dm<$s><=~gcNK^M0SKuMuq-8E!P7-2GNI~CWX4+O9?nFJV<|YUs~F<_+>@z_O?eF
z=qeUWU2Jl5=k7);u^CnrC@)sLzU9PuKIwp9ZIhStru9vY#<3Tn<@U*oLxI22jQ6)x
z*S4&8H{2%!?)dqU4cLT9dh=xLJJ6%j<S7eF>z|rh3$K}fJM34gP|GxQ_hs7(yu`Ph
zY1L3koI1}|z8mAK8W|Zm@Hf_FPi%X8GISF(O@dnup*l6~&FddN2|3$k+byaa-(jrX
zBYq|+Deogz+3>hrxWZf51brB%Mv>;Q+Mp_guEuETS^X0$w#NeC8};^xxVn0vCg}fa
z?5m@y+Pb%oqF5-R(xo6sDBZ0fAxcPhcN~yz6a@qU3F%T0q`OlQknT?D?#|yl%Dwj;
z-(TMz!*RXGbM{_)t+{4C^I7*PDAwVg!5=@i@1rf~`r<q?E;O*Rw6x6YD<Tcgnm@JR
z=dTi;ot&8HFSDapQc{9WCMNBlm&wS;vIk623VmtG)Dr{$4J@IC+c7Jt^V+%Z-@hM?
zU*fMeWXW~je<iZLxokdbt7B~!`JhljMLi+@u;n(Aoxa?$q8(w*AK)||d+{d*{?p#|
zV_g*qt0`GZjW~|#f#G1DZ9lh?<z@C5BwJMgJCB)(#X{Y@e>36d{StCEOhfDTA2Y}@
z?)h{FZDC>01YRX%wC}S;>!MTS%JV;qg+eedK6+$0f3fRi=KBdpsi0(K(xo>>e(sgR
zN5_Y+mItw&%U$s9uwtYYga*(0Yhz#-ZJ{TA*3`i}=W-rp!3T!H9b?0B&zqGzcavB1
zGQ#EP03qdEQk`R7_;tN6b(!mcl8>eMWZW&xXCoyur4Fp}wXjzyDf7|K@C_FI4wsg9
zYLX7`4%>ftDI-Ho|42*nfYM$5Vyg?9-!P}u4Rpb=8-Dv;pWM(fB}w*Yf<m)~{XmiL
zFA`=k>eW>|kBn{qy*#b)3w|bil`cBDS6SS`5N|T6S+jeOI%8B=$>@E83wk&IrBOh1
zlUR<IPfZQERcm2JIQ?)j6EifVI(P1zKaH*vtuM2|0>36G#dfnkQZTj9MF6G5NB*1e
z1u(Xi2Me?!i0kai#whQuzhBYV#DtoPs(89^`TY6wYnz)1si{80!>ZakIyuT2Q&Us<
zhpu)H&X%)ul4so(v}p6BDI1}~#aXD3=zKpOJHMc!bJVBOK*Up;EZsjG$vIqoPLPW3
z(Uj?mm~j1b#Q5<3fxO{yO#*mKwPRBJ$cHo~IdQRzi4Hnrm9PDgRWWUCl=^F;3k&Jd
zZDsp4-&W%Db_Tk;WkveaPp`eAy&4rG0?RB)->q8R(>21q{FrYn*XL7QMa>85-B(9j
zeMEc?AMt}%ZHV4}rN+c8cB^xi2S1#a-^t4<X|!!RSDWd^SDm#@yZjYA9JSMesbjAe
zp|@MfOV6ks!ZO`54i2I&c*LCp?EoWi&Rr+{;Ex}0y8W^A(U(gYpWW>5fRnWrhB>M^
zwPv|=>d4MF$``ZK^W3OP<sI_TvIl^orq}C94Iq30POY6p<b>jkE6#mBFGi}V(4s!}
zyWe``+KXPwIb0XtQF<=uS>&t-=;FMI`T24WY^B!N#H7;6Wj%QG9bDC^U~IQ9g@vBy
z(7eVC)*j3*U17`GzZsR`-*H<xGd_PR`u8L@lDie`bDnms&y9ervSK-t52JUO*jWJg
zFQ1`YyD{BV0&q_#fa`-fh82g-467lV<z+gFXpYCSvUgs;el6gV)d6jd2$6mw5|SI$
z0JP~ZLXzs|MO0S{0QU)p#W<p)qob%i2KH4@Y-}rp*~Nh5=5XF)0Mz@ZkGx-hD4Az~
zpT6>ib+cI6<T~>7m|eC{mf3D50T1m>1AVrXj7p8S*7l*I%8bSC==Mz!2@>6?eQ|`d
zvomq>>_{HM{o6^$-u{8Ks`9T(aaH2>qHa5+nX7RtOAZN_NS@={;d1XHe|xaH=^Z3q
zkcj4e)3ZP_=6xG$HxaC6BJMmjl4NjlbRJVXBTt*JI3}Pk>ppl&hX&0Cqv`eLWuwh0
zyOXm9nksdUy=E$YMManiI+SZ`OAjtzOId|x32PS2X6KNs9i-OgO2KmiW<Rf6v6}n!
zZi%Hy1m8{%X3Cv#vW;eEm-x%0Zt8p^Pc*-V$+Nek!$0oPcG4Iz92_FAs((`9t5`Ba
zY;0^|eqdZ!EZ?=3@#rwVVxotHBTOU9yFzVzSe4LEd>_XasaF5Bd{fcH`0~~3v;KQd
zc#P(qFBaoCEyD}aM$zu>HeVS%%F-oqn|WG4O%fYR)ZE|tdSoc4x0lIzN>QILySgJX
z>D%47n5e3|^t(iCD#U2$H}q$QFTQ>Il!bd#^5n#zHIBP>_@ZQ<Tc5nKajMwS_bO?V
z482wV7tuV<AANFP9$}ndknp{k&ztRdP<^?Y|73&Phi*D&jk}FmbNnWPPh-0(n%na2
zA?ZFP?q+LniNPgASz$Vb&LO(%$0Kpr?1y${)4#rB&@?`qzkTypaYGmJr#9SIZMly7
zr0+>?iEm{qg52Nz{k^_{)9KCNAOYllG!K?8o!fIfr7O%h43`nfQ^ts5?(E}E?fyJV
z?3`56o?7JDYzw|xohCyz^fB=rZ^?jk;BnhN4B$KXMt-;Q)7qNF6G1_cWb<wVPC7b&
z5Lx&JQAPaZ<Rqud0n4QuMB_lW^8mnU6Di5DWE2$dnwy_PV}f1Nki%4<2o){uBw*T1
zhl>Ltvc)1GXoPOL;Tb~aPFG?FzgM^!5%tHKmP~QTlaDRjRq?5%L6t7&BV0w!W2*62
zYk=f>pkqw$|0K;bA2KdnRl;P$Yp0Jq)OYsCv9v?9*SCk&2JqDz5b|rD_Lboi5I0ST
z#7!2to#6Krw8pTX=ixcL(wG(UYRMW0vH;9F8x?p*7`h}weakm)Qjzg`hyXT&FBb=^
zNSptSg``u$ifKbbgFic#a6+I#tV2?5JuT$5*0(>Ox=xQskS63y)_!85QwX_<&3F?u
zRi>Q!bkFI@DJ1x26!={UF-sN3%lVFP_nKw#6C43PUyUa+v&({X=@+5BZ*Awd04q(Y
zUylws*sn(|E-cuyPunb{%dbQ`kXBZ@>aL84b$sQiT<@-8u;23*UJMIUn;BnO)?GRF
z$@Uhd{Mn`}+Dzqduris}5_g+ml$0JxPe%5F==1>5JE*)8dwBVFQZrzAeRfax2vgH&
zB0?E3>FJRm_g-<|<C5Lh$jf<<nU;#1-^+C4_&gaoLbAP2-tG`q=PO}m)0tgN4$#BG
zG9t6xx<EG-J3ZWxaKY>8S_=jJ@9E_c?S7&=1fC8<VN<cZwQGSo_ypXZSd)}FZo6!@
zW+!jvv@Aam@W1P-&*gA==sSSP-#T|irX<8J7IW+c#a)KWn39s{n52(~`^DaR?j~fm
z`ec0{FQx}+*6Rx``1ygL4K3i2`Oa#es@n`$Ni4{8&CEWr(|0rT?DcBiu|YLFkT}kL
zmLQJXBB8HTJUtgN^S-DrwvVdi_K1w097R}@4<kC>{3I!&+O2AnG`g*A=Bt6*42S#Y
zH0wVJz@85DB=(l4U(G_8IRa>+o(egB^X#EPF;v+wd?1+$a65g3OE=BrI;C6pQ(~$*
z5Cb-wOkL}o?PDt>xPmhwG>pLw-79>p3N(%1${pWT$KUj<^@E&l<HvAm*$@p%swv<+
z6VPEux>wUMe2DFG-j98oEHg7zcRh%7a(ViNfF=X}JmIf4-uk!H%p8#=VQJXYABgzh
z<=8z(i!aZAdt6rdYG)5iTiCD4!M!go^B5h&`fb6}i~G@hq3=L(2Jjtc?cpCq;PD54
za&z<u`XV096<h1gXqUfNyd6LwBx--Z#6YqGDUhEKbXc94fw<r7^r7;cF#2`h$))$?
zL`<v2>M^PsUeeO)jYXBGf=_A=*~^YS@P`<Yhe7VucatcZO?J3=OZcq>cT#6Y)f*m8
zNJMWFP>hTXnvn)p8jz!rU$W|(8ko|^wcz8AI(LlD#PBLR&FcXf@5dkdSb-!|u<a8Q
z?-NhOdmW6*(67(eVRC$O2}ww1y29l7YHVb)1pEO7%omw?s~)Y+Xk)Q_t*`4ezo1{A
zeA0>^T2=4?ru4aoCl>e4jRX9nAs)|j9-dsv`fr81y|U%{GS5l9w7=r66XC=eT2j>E
zNb$6YUopaH%`Y|e$I&&!+qWX)b}k=CNMg4Fe3BC9Zau}_jK|ipvdUD?h~F5LL%;*l
zJM_YQuMuv4+g`nG(G>5nSlUB0S``JNJAC?!eSOtx^BlgDquY$<bIRM$5+L{M;RGeu
zB<r)%EJzu?3kzfS@?ZI#U_*O($warYxXhmFw`DTPgU3QYB~VTgW_R}0myWTTI#gpy
zd*x|f_li1{kmEyL_4^&kr=MVB{Ni;A@(m^O*IS-c?B$zr*1;mLmo)EMc5)gE=W?{~
z-F3+CC?;1K?&rp1-_I0oI=FCQ)V8d$61{$&@HKLh=9sXkYj4NYhP_qA#02TYef^QB
z^9}l}IvK5~<+^jh&d1JCYFX*|Z()kAfPEwMjjiq4oN*1~g_a)~-u=q=TS9{dPPm{D
zNFp}x1T;G|_6TAHsy~6j!$p{Lsdb01b*I{4YEKN~J$}zzX-|(FctVM8vMf0X4-gg$
ziZ~ic8RJ{)=|f&EHfG%EB8G~`uS03F)F?VxF1vpb#|6@%AANmUJwxyDq%??CURu9T
zZ8QOy%^6tuRWyZYM+&eY&;?xt)ErB^zdaUADd^=&{emo|wb{P+Dvs|Q-qE3y!!ph2
z=;#*6b4CG9Q%To_3+RQZKbr9F{J?ZQYSO1)d~_TEk)e=~`P0ASjw+EOolV2W_RCaI
zRuvs|LShjSeBa|X7>82FK(Gjc=u(eKqvjl%K;<;iC0nG9=+ZZ!f9dvK4<0z|(SOwz
zeb=SNVCy<duG=h5darWj_A#l}+G<zo^4q6EOf2RY29iWGd6*}t%1t!CU1aCPlOKm7
zjMhI55o8Ho+6|oIbvxH(736|k4mkKKD^<%J6SxLRMC0}j5Tks2AEH=dxRYA6LC2XM
zED6@VDDjPEuIIGdpwgjyL9R8b^T?n6aLW?Fymwj3NhSH55^!CS^KB0y(j$At&F;1;
zDU|4|^bkh@6Qu0XBel|e>8#<JOU;P>Ooa_$p-6j8Eix!0*_tUe^%fYxV%_J{qO*G*
z)w9G#e(8p`;V_;l8(4nxOtp&6)SSJ2eEY3=3JfA9RKaQK#h8HoDHYDclaog(&clsp
z*J5Y<=dY+z)9duj6x^ALGuR@QQOe#sw0G$3dp68yh67R{CFkJhQC7svq8~zzmz9x$
zt~vFV`^qA_`$q09f0ALrm<<2->&y|3ZK@E?^ymC$zDhsC=ulTN%)Hwn@0ZakFJktB
zwSbk?UoSM8`JvmUf`2?GAD=oeD%uxHR6u2Gi&dXJyLt_muDcID9Q<qqRcJzzkWZnS
z7+1CSymK%}84G)cpu2M7^MlGRLnYZQDN2d5<c?e|OC9_5WIxPY++KPgk;?6?jLHn;
zL&w5_Y4y?3Vb;UPE0M?JkNUPZnHlW9cd<W;b2ugU?*a`}xnB`xUfLRC*Y>-$Y?h^L
z#1##MQseq{KiC8tqrGvE9ug9ovXvcpNJeMC76o;wOcGCT@1fjFtzu%^X2eS_(cn;(
z+3WHuK(wExP`-RQ@&)B>Xxfu%|Fe`8k)R+gfzgZQA<i{Y*S*haUSwnwz3@9i^j4=%
zc4~{23p*#x*D){bogA)mFB5W6Q&az}tGh)=*aRRoLbV-eb^8D@B0$GxLxyfa84k;m
z@?8tr#7mVz({p$E`89f=swL5$AFv4pwDR4VEUL0mNky)tv_s}9z`QDE^hyjAqPDqr
z9yL^G!g3Y#@%@D14rCJAS@{K*;&%!Ou10fHlDqIi*=op=kDB^DHm$t%;4%PWA&u04
zgVX^eb8{Sj9DuhNEGL9wU3Qe1n3=iFR8hi8R`dnp0aZ#!9a@$`*H{LNkWjQJKzZxs
zjw2vFYy>%}s?+0Dln=SX1^r~R_53G{fQT%I_H{_;d<5KFE+iv?Z?Pw3@;2%Pjh?{<
zFK%x9L`xW>KzqH<q#wB@yTgd<FXR|B(ey5p<Vn_7zE<MCf#V2dGIFf495`k}!ooI(
z#!hyUn!vY$wx<(BHPUsHP~Ca`sVj6*=Ru1J4K1w$5PEXEd?40x!;plIzKK9lNfzi3
zQ^5RO-@zlz<pK3v-T>5!ML_nOjcavwwl76PBs6s1FTxuAkg)UJHQZAB`xRja97U1}
zy9VZs`g!Zn?0Xv*w?0)a?N?*tkD8hqO9xli%7h7r&O|Z)X=w7iFb>VgYD}&E5ZArh
zzM1G{sF>f5O?r8oE%L!LgLWS2#98Tn5U`Hycb;lcn}KwJ&3D6}nOg3-;7y|5+DB%f
zo{BCbOL0EcT_Q4>uhp!p2j0E5smT{wda$Ef>Y(Y)6X?ZN_45XZk_kQAcc!n0*@yr)
z=*5K^eK~et=B3e!Axq^f&emjyFC0;*_Y6k8=li5bEK9&w*z>HWc1fd%|C7sy56#4M
zB!0zZo=9O*w<Ak<zJN=#N)4<g(%@igzBz_F3??VnW>LO=;~X0LO#*_e)qrs)Zo(wu
zKvV<byUaS;tY^*b2ZX_D9Jl7LH0v`1I}gIVS?}jQi{u@HPIzO3mw(<k|DCX4%l6lh
z%uUFOai_NQB2R@r(RR|+etlYApdB%p7KqwPwa?f;^R*VuG@dj++J|OfAIN?gw8h#y
z1YI!o4p$v<my<Js|8&2td}q)Eh?0HW-4Rghnn?X!=+mI94UkU(7n{xH8*iyzaYKX+
zp*d#pI==*$*Ub9~jK~K*Tc)F#B<|i@Ao?nyZ=(Of0#NVm?@P<c^(;*f3=F98kQx2b
zWm;d<IE{n?zmNDerJ`dUrW?zeE4%@>2<}KUj|XOwe6g0P{krX<u&ckKIkFQ#+yr4#
z*;B;_exSfZfaEqBP^~&Siv7Wr?{y*$l|Jqf)y3abz|3k=dezEe9EEazGyKUlnIaT(
zb*}&)jeNp%8_y<&%i+#6((RBCXo=C$Jzm4}QN6Z|hV6H8{R+2n=u}0a`!#`P+pg-6
z7+Sl?+1NrsWhh`umgWG-BlNB|0A!sQyTyGH4P%}Nq|V7Gma5aq9_oby%9WAc-kZ(Q
zoWVy&M?>lcwLaKI(boNA&Xg1sDX+d>+^J91!qzbXQzUYkqEmfPvaBlU&{0!LH0v5l
z_i+#EyT=x(wP@$8L83G;63D_odlTj<G}7iT5Ww6rTlXxQ85`4pT0?LNyAKDwLZ6i;
zypA>hQa`VxHXgtGSpv7=;E-J6qf)^*6{DEZ;rbHp9fK9WB{NJE=}ElQAO*BFwZ+jT
zIef7OM9EV}wt|kEfpoy0(VM!M@<|x#*$6;E13}++Q#PxUBL@Xc@lr+?>`q?RB}>2q
zF3e40psHpHH!`~V0frV9ieP_pd;5bmvD2Prjv|NKN%>^auZ%g?`T`cokit$r+D>jN
zQ=C9LRM&>QTAOh}5Y$wmYn0nTs8g9TSj-JGkR-Ec%W`GqIKqiLxFNA!<7bOuEEO4<
zt#QIVGBr?z8FG(U5KxIzEP18(AV5?|DAHK@w+S*$+P30+|A<~<7V-`YU?!*yasDXu
zTcD0R^_umqqB7mq#=o;=k&}@T_uW3^NaO$Gp^47Qz;;nfDmac@22?t1TrAw2-3e1X
zj#aU-snFMX75tm;qM57x7}Q+I|M*DJ;-EsU-xs2{NR2(41nk7p+YWDUQ4^FL0-X@o
zpz)H}*iR?qNu$}IvEr-N?4uS9&Kno-P&k8=Ki0x~^UoyYKul(v5f&GhwSao6RUcpL
z!e1|?v)~S!uV|QJkvVX2Z*FdyD9Gh|dvk<wZ(9QN1@&H7eQUPc2%*H;MNvgnIk{Re
zXfYfFpx^18NDbUk$wl~23iE8~E5jRL1a}JYU!>*!8GhpCw_GJ5t`RT+-1(KtM&91m
z^dkiUc?ZnCsKFJ7!W7I~@9*yedV>An^#Klki;?39Br8yMZREM#;$-?s^B?P!naoB&
z);ZtV)rC}sV6Lvs?PN15)XU2&4=8pr@j~IwA9*cK03c0d#>%I@&IX?OLT({}-d76n
z+u~GzaZciOK`SgEQC5S7a8Yj+NC+<uqYy1C$^Cao*7T^ghl{wk$0fSwuji0>h*Iou
zNp#5l_n{L?_n|)2!Hf<L3UViWZ6$nga06Ke9()h&sBQi{L&WoR#hf1<b%H4WLr7Je
z7ot`np`R&S3I9FN4F$M>(MbGG|94F$NX~|qJa0&9ux;>HyhyM9`FWyDLGr&pFDBhS
z`*~mJe?N~!c{*^ZC4qrGTjz<&vwMb>%Kdjw<k>x&So`Xg&K&dMD91k&<1NmzJZY+t
zbhZR5VkqDZxIHf+$^iFH_Dnk1lThV1c)eC#CID<RDPaD6T`qyY{{3Guv<^p!`#;w_
z18Rl;xjMD}jskTTa3X8|4)pKuM7>b%&OcY+4b%?$_aZ)f^xq$HH4pWm-NXva{G-0^
z{rx?Jb*L{T;);riSpu%>@0I8!1Ip{)Yn}mBPu|jm1|aMIz7r+|&g{R}|MLRb>K(#0
z#s#m|C!T`cg}i_KmoMkjdVE^+!F53M_%2{!!Ek)I`+$t>d_u?E!aZN>)E_^dz*kG`
z*U6wGt-HIMW9JenDd~AMwD%uA+~?tm2Dw+jR5%-<Bi^(PuS~#=DA<ymucj`C(W#w}
zheJM~a73q3`CLzrf-UMg>gVUrd&AFZXs&vEchAbAhi)ZZXb=UPSF)$>%^_lBL|yMs
zOwP?61&ztTZVQ>Q&v2VGg)Hp?<@Jq?FOqS5@JO&#3<Q3t!Xhzo3-~!#u3mk$J#zDG
zhS+V>$}{uxLtwALaR6RfSy>xg>^<Z)Ge<|xOiWD0j@vX~TbIVF;=onWDo|EYWrz1E
zF6IE;`K!5E7XbUuV|noD>9gqYO1w9r#V0T@@UfQGJ@8GT3)u?*O0VF^3Y<RRb)(P8
z$$1{b^$A||$B!SdU;B~)o%iSJq-<Pt^diA#Q^}BrE`-MbqXCaZ6KDhO;No)A?QWTt
zJhid3WCUs`ePD<CK+Fw?_*8_!ouI>o?m4B5!3~X{^T28ML|>m0TvyZ4@(B3HdcBMR
zQpjft!>17u5f~&q;ha`8Qh>1tXVk%CH&->dq4v+JAf|09!~?EG0jEbZkYQ6jdZY)f
z4E|CrH8lw%Lp+ey2U;<GXsS`nkk{7M4rkKy$@6^JX_PKcOUPzA4!#u7l*I~q-8e@)
zL<)Eed+=l<7_`nKP(Y!|!<DXN?|)wQAv{X5iIlkbHIzlxr^7T}%{1emY$fvtMn(B1
zCntBgvY8M6f@UfXn}s`&?XcM%!7j-F&I%y>^QhJSU9me#PD|UAawsS-j{|gXBqb#!
z&d^p5JuM{%bnHNg@x;{hA<XvDa7kW=9vr99=I!UFH&SXtM-cN@>_u1O%QNj>9cGt+
z$N<{F3eZP<M{9!6!?_01de8<mLcolUS#0t9JWvK&ZI9p>h4vWhK|Ar(^z=IL%=^I_
zN(_*K-0zQ_9&2oDZYn{4RN4V;$qy(<kDAp}o-M5mb=G3VFqdg&YN|FA*`m4a{OK$A
zex$_tv+M?kg^4ID69DIuuD*Wh!HVy&F1SbF_2j&oeg<7pTsCe1l+pqTLVX5Z@wR?N
zC8>r;<gE4Xdmo<(=w$;vJW<%EQsKx7P0j|*;f&9tIRXvhT;van&R&%p1~4*QYOo0*
z8U#5r!IFIQQdwbz*@_RLRpOjGl;sb$7yBrRXgh--Hx7L0N^m#mz*EbWgpR5_$8BRM
z$~QDN8h1TL1Aj5<`Wwiq&xPdh9&dFWfxA1gTXo6{Pk+F|vX!*>P@^)sPu<BcJDWk>
z{`W=b$+kZ|-W`B)F>FmrKmt(foNd1OM<IRN=H`TKaWE%9rvlV+zR3oCIEJK9M-C6i
z1B#f2Hy5v!ZWTU_l#!RO3nUlm&(*s|K|!HbDhZ&;Y`rEN1mMy>bQqfUI8p|u$OPaG
z6(Kd$9p@?3ot9ZqO=24wr`sBSbXjR>lbCLMXo#x)79?x}N(9i*98Hp*jzgpOG_*_U
zCHqO9Y0zY8^#|rd!a6_;M#N?9{pQUZiTVA`&NeuHq{Mca05+z@w&1-VKnzI*vk85E
zbOWS7Xz^TH8Vis{nXXhske`+0KW2flIm+2jPfr()`!+K>E2FB4Q4J6Yq9(Y<<!a!L
zD6_3T+Z5&!4l%`gdYb^kOUcYcZF02}>i4K<3+@T%x0|@Qvq6mBh>+0Gmr_y!j*g{G
zJD1#{PxdAbjxeag$B!S=5sCo*P90FXY0hv;%kP3d^+|v3mH&;o)VAeF|4x2jtbjv|
zdz3tzfu3IAr%ydbBDtpGtOjOgk6<%px{4;^a)WM$W<=Fui|=0#Yap-$m9T7!{T;X+
z4L}V*W6wvFqZW#Z$57o-?*J#1_)mjeAT$BMqsAq1w#Ifz<r3A`X;EqgrP`s@%+3h=
zLHDk03#e<2Dpw&9kuvLtolY_QZYbqZ;_QatfZnIipFcm3Vr%IUG@450Kc<E)I0@?1
zUoSQ`78RD4L*f8npqs$W76#}ssA)bG5I_LJ$MU!LAOB29XxM9mE61uVo0FbC00i&V
z{>HSeOA9XtNBCFqu%M405!FBf(Q=8@xqW3ln#1x9;Dw5uTmt>69zOgD9(8bV*Ua&E
zh+p9wA5kZPU=VS9ghO^(<M`Vi#5w<f3KC&KgkeT>G!bY(U|a)7ugKxJ6)?g7|Dlom
zUy1u!k<XrW2q#fU!XXZpLyJ6cn#r9zck+#R8W&aTmw(Jatvxp{Z)lsk0VYB0*|Q&p
zEL@=u_V(6ux5L0tfw+OWdHe2NffF~`vb3V&FJL@_V+2e$H}~L>mh$<zbm&Oc2ZERn
zc#IQCnuV;8X()L$?IT_@1Cx<!J>MA>S_LPpl*1qPM{X1EAK1g6Qf<RC;pBbkv{~AF
zp=-HeC8V#!f9PEc*m)S?`276)KW;&STop9<eW%STe*%kaWMl++lbi9<l3|6WZ6{@=
zr4V!(1FO>Z)F(Q-`A!NtwbE{wU0o*5H!~o@aNNq#ISmaBb(d|qiHQmOtqu{T9PNuh
za%47258wR>K`B0*pW{nP{Ez0iy4<pe+TIh(%Pw6TC^`sK*bmnBrK;-i%rZ@u6>-tk
zs0?{pz!AyH%5t37j+d*dsHi}xp_G)Aep5E+L*U>eHfq`-IDzK=1VD~6ujKwR`xF)?
z^YUfqpV8$2121CKVU`%!P!Rp)4$QEj?HwFomp8yR9V+Knt#ppq*w~OL@B7EJsafC8
zDg%rEVu+B}5zyLpq|o@Bn3zbFWyNfc&8DEBfF=bI`^-r`5VA}F$>_y+x6>0pIups&
zSx-POPT)m}DgdKJ5*%6A()JtTYR(_}#W|R8$_fS|s%7SK&QNM@?#n}uGu=+#5m=r{
zjYJ|{A*BRpfd<h0bx_$Gs(3MNllfa-%L>k*n6y)IDqvAf{#{DEJb(em$pD^ext&dD
z5O7!pCT@nUTk~BJ%mz0Q8ZO(|u;rHrGhO(x|Irg!<PK^wl6?F3q1+E>pAAs<6@o)D
z>azsIlHW={9$%T6o_+^bo1DsgaW!ekbk%kVHPhgMy{Z)?tB9_6`dlQg9{OG<Q9BtF
zlxn$sV9}^!n&6?J2!BI)Oi0L``uRTzNb%$mh<E;6!?AfArSb81aULmOs0LR6>a_4k
z&*9YEfxbRmcVM7I`Bk>Nrbc^0CU^oxc20m<@XvW~O#y;*bbLHCe7oUfsHVmP(h@^F
zaMTh)*T7(N6<BT|5m)3?wYIwp0EuLo6{NN{86>4FN40aZA<GAW`rtRrva?ZGUpJVx
zfl@Qo$;k=$J@Q%V8Re}nO62tN!oqO*`1mfMqjSB<-8o|E2{eQKc=P5>0RaK`Yb03n
z%V0JxU%hI)Yqh&S8)tW+1@bymQ@UVWx%2t^>!+UM_<ogcCxYSur2C1(z9uHJq}rc_
z1A&>pKa{ru^cqfsx$F+Pte4Q7{`a}e-EK4;SsMHhsrIdyapW1~L8_^;vQh%GPe_>@
zTvJGN6)ke22y0Mnvk1P!C1w<5aPpSI!dMkQtSRxJupo>D+9T@sp)J7v;W{Vc!{hG|
zZNIJ6zQ@Xn?G7q|Yq{`DjV9_5w=C8LkOp)ZUeE-8o4Az{r2<ss*w8?A-^Rx7`At$_
zyCcaxSQZ101OT)zU%O`YJAtf1&fcB_-Q#=5vxI`SA)v_GY(cu-b_Y=SIsjpA-?<|M
zfTVl(?!EQ&)MmgNEa%@lJk(*pyNrox*LW;0CT4VpWsK9xpWF}~AZ>JGuImpjpua<W
zjEsB+Ed~c1f5L2tjX(R(*Z}2$g()p9ZCXu9+y+;lWm)44<oz_^W>>F%Nl(WxRLcql
ze{KWLk2~*28x;qHi@*efSq(nxK&6XQTA{%yFYuEk%Uk;7KZQ|)jKaHF9c&rJ+q4Y<
zAH`S>DWHynfUavc$?SBR-c1YqK(j&8F9``KF@M%SoX@}c=I1QKbpqS2?GKOdJrs5J
z|FCtPsBIW>p=Y{5Exp1a=6Dxc&d(Kt8v$O7|3rJCdHsosL(F2anw}NJRUl><#9a9=
zT$CZ#b@}>r3Ko`-@o~-i9ms1=Dvl;g#<7`o_4S3pD&Hm~T>K#-<XHCD104$&w=Zed
z+@#XKGjw^t4Rk0G{mtbbC|IjpY_Ww5UQ%m$9JfKMrKzAx^x49e3Oj9b9R^gq^E^g)
z5bsN?&nlZM3}7$-5l|*@3xcopEiDag!2?PPGsO~Jn-GiW02M(|`LJu{??5_a5wBDB
z%;cn?wRQgHYN9AD@O}jWQlqoV%?+qy+(YB4fN1iD+kTUVIe^S}yuho5hz@|=LS?H>
z%LmLwiF_8Z*W&+YdbHFH@&=Tfu?S+_wtEzaXO}Y=26J6&Ho*usEd#NwCnl*sNIOW7
z4bQpdo=7#D(YCe#p#EZn^Q08`iGXMN;zg8l2F$oxA-}zScTwv6Se08@)M`<8TuDK9
z{hw$a;_yY*=0(*&aR>@Q^gx`$RXke|!IUq^C@DQZe*7pb`S36}Ew4>7g6X20o7<-;
z@gfGJ&ifG0;&WMl6W{TImWW$;c)!5=9%4N~H5y?vb?+J!Do_`BRRnB$uWwK0>{?2Q
zi<|7Soz3>t4#A9#T7-DNByE-zZ_)KAFAV%AAZid*nr&TJ^ofI2MD6P&$+(pTug4b<
z2_3&6Q;iCsz_U{;<-c(8BBR!i3$PPc=W@E0m*?At7wU!nTTNNJ)<wwAmHD*8sTV$d
zgVkm=`tG3AZ{4|r0@M?I-HbVg+QoNbyW#KOq!Z@)vf|Q6&trK3uIm;KP8|>zzRSu&
zhAm-&G8qPb2iTTOj$3nVeto8FfCe4E9GL*saBljOpVW`@Vk!cxYN|O|S>;}z<q<?5
z%x5}`03kQ@50T%y_gU_DPKDv4d-uLK1W2{b^lG8h6hLsuKtq9bVyB5g?!7fBEw2dk
zdiRde<-i(t61?l1wAIRAFIFmc)lu+$Ak!eXu<hNfnn!|8hsOG+qN109c+04ZBL;Bg
z|FfPZ`5}Fr+(jm4>IUF`6<gfH@qGudL>150>w+_o#;bSi<Wh(H!0GRW$JRn|d@k_%
zq;T2}xL+2(e_TW)hfRPN>kbDK27}^Y0Fry$F_XX<2S-OH-CsAs!s9V$BEZK(r8ZpL
zAe{hVmIuT)&{E(V5FnXWA08gwKNq(TDgckw^_c+=ksp+n@wv1y<mCFOO2b7Q95^9J
z1_UgVarZZgDwi|cI{Kw-#s;uF;GJpbC{oeW8%);uC4T)Xt**X;H->5;ha3daBFdw0
zygpdH3`+`z4_r(tDynK-CZHdw1J3Q}ouA-DJp^7-O(2;0<2KtVOcj<_RJ?!x{&Rf1
zJ7DFZ$C8?s*2)+&ky<9Hy~^#B?P3c|60W-aXKA+?uUO~06f<V!34jxpyWMd`=ck*B
z{#srh4Fh{AFE0#;sxZI5xi6u_<VAnbV~R3_?B>=F^DebizZi3eempoNxA{td@M;G+
zH045;NL7^xPK^Qsd5ehXxsnn-IAVT{OUwKjocvJGf^NU}-rkzPG4`{zw&cLvC*KFq
z+|Wp57aag`Eu>Y!)hKjw17o7o7(yNXoD#lT1AfZ-mZ{nU5+FPy58#>DOD1MD#2Y&r
z701geDwuobithH@!wZc~WZd-h=gWU&(|dE6CM!=l!>pBJDVaO657m+KJ~eWvHR0R0
zUo#7jIaFL-`9QrTzzahZ3b_kZ44|J@l?I6@OiaxBZNk`9NZ%YEZ0r2`cn{?PLh%!n
z3`+MmxM0nrSfPPgND^)XaLUQy5-aeHrPS1}54*apZEsVMk-Y(p0jdV_S-PmAo8);F
zazLb@By%6svKDmZNtD_V%g8JLsHYuGD$l?0?eymcwC2_8GL_it{^Ny<ca_tzvxmXK
zc#x(r2W8TB>B0pL)+}+@bDW&}g?)fPHytT0P#aopan$WMg`{{J>~H9sxD=n88w8aW
z(Cp8kqXOOwTt;UXmn%1JP%<#wq^GCHKu2R_WQ4-*#O&<sgwwqVB5(wW_+6tRz=3)>
z_{^UZ6W;>)3`kN6H0%=XwHdN#vk(Bhw-!7V;Kc{grUIvD&^ijl&c6^}YAmjVc1S-T
zV98eiUBnSvg89vjQ3)7CB2WLZ-fwnhY*03jly8_CgzE0=>&(7MC<Zpucw$HEep7=2
zWmHxXq8rG6z^;&h_>?WG1&i(yXnHKH$FPB;QrVskOKWL;o=i?pUrNg6WMKFR0uOc0
zE0~zb&7G)|t{YIEZ#{ZCLT6Y=OZ(`z;tUA@5zm_weYS<}V>*(Ezs{a$+tfn&ifvCz
zs<C;MIu?`;`u?_ga<z(FC#chT-&SHFlo1wKIf})B1~_?Yi!*m^{<XQnNP6nb4l08y
z(G_#ZTon4RgR*s_MUFi!wM2(UjTeD6j}Ms?!iz1}ZpB%Z#p73l`-jpQjIK;lr((0f
z3j^xYYW>&Wuu$k{1ZtZ=hiU%vF^d(vEKq5u7Tb4)hGTk+YrFF7Ty3FL2V6k71ltC#
za}5TiW^OaRYs`DMNBOVvdyoRI9~{S4NHf6JFPnb~Rh~cBaBv0Y7R0Zw4^mNpwvtz(
z=8{@@qL-k9#uCo%gtnRzNPB{Jn@RFA45k2%y(9<Fa(pHKCVSQHEpR7r1JWk}E*g%G
zdCAnjnv<LyP2iu+CW@)WLcr;`1qUy`gVOIOFwZ59qUIU3u_%25Nh0>4hblkK$E#n5
zKTlG}{{atO-;6sYf*p;r9?zfaj+Q&90*M8m%R#ZDeN57WEd%pM+m?UlIxzN$(pU>9
zMFwcVrJyKrq#6-+%BuwPy~Fo)$LDEaFH|N_O&AK>MLAwA*PRXq?dqUIh#7#-Kzakv
zb*tZ0F|>?~IUT;8F!RHuX2K=_;P@C=`Fb+q(EXrl9cWZ+td;*NXv=Gj2Z_9ck=v|<
zZ0s3|cZ_JA0-{Ex=7&}Lhd=V#p8y$XE$D#}F8e~ohmen8UufeoIQc?C$};rnQ>ev5
zD@;I8oU7QZISZyN`Qd&E%2C@RcTo2$x0)e(?xExOBK-a`YVW^WVkT-CZh}G?BK$d;
zQsI&UFQ0`uwW;|p5{Xeboz@(eC#ppsB#3wxWsGxv&Z=^d^)-lUtX_^j2U*WMXI`;r
zQDVB}U_wbcJ#<)VoF4QQwHy$<Yk{yF#@LrN?CWuVKHT$hG?bp<;01{xTVTQLDx7{O
zpY{pb@e<^;0A@Gt0L~uh+j`3j-7DYNxBqt$RwR_-I0RL4`9%6np(|HZ6tPf6a2kW_
z);W*%DRxnDhL0^{{{aFjDY{VFmKZQMHBFZ(>>2?r?z#~iXWfK$ZKv*}IRi>Ke^pzj
z8uj9B17ow^StI^+R67e!YedzzV6O+fBhb?FzLZ3CVJ_)W9?UTXMc~Je)u@vofxqi=
zchQ{1bT|Qe3v{7hjg0!+eRzy&rI0!ehmh)H5GcJsFf?$9B9qf4qf-i$;-I;j^gR;;
zm5^2tM{T#$%B6)km8;Pz`pC3(=wf9C07<%hTGIh1YOZhHB62H&Fln#Vm%roGQ@{IC
zs}<qJR#1mm&m8HWUqiOv=M_*cZWhK_ynW`eJ#~BbGR9TQ1GX{~r}KFOOM4GSab95J
z8U86soVPeyF<xjJ=94jK)tlPmCU!y5S;4NCAvHLYxhr}u6Q&sr2Si$Vyj0BS7wty9
z6BQWQ?9WHG%nXsF<g!A(3C>7S7V&D`;D!^s@Q=iV9?MQ!ySlo<@)pe_UPEgobf+`@
zm3boU=FF?%%cUxAGvW><&U-7Q&__?PzCWd(C1bIE{?vJPx2Qrwfl(dFs=Yc1>#107
zpYxCU5)G5-ebCw)ncjAoL_szJp>tSMP5(@OVODO1j{|5=ztFN&Ibp%S{+94@#B8%h
z_wV@qmeW$sqwURAK~cjCldI8>m*%b%sZ}B41HsyT*PI*rY-vpaB~~3N2G}5+2OM$y
zZYN1q6@L}6x2Pl_b`o!o&}gnm05$_<PBx`IJl7Q`tRyP@!lftIS@G7YJ#w3#0^s*)
zB?TeB2fv4BEo+&CTFj@)bC1mje$<TC<6B&4-RZqQvR`udpX>}4RO6zXNf>}0#~XrG
z1<cvP(p3J<kh0mEIF^$+dq;6@lfx+qQ`50J?b#dvG}hbR;J?LtKXgtj2Lfb)A07d>
ziEvzH2>tSs{Wp5*SY<=hDaks27E{}eSUXWXy=c1cj2*Vo+Qr`fYij^AD8~hj;%S(u
z^GW@McW<@w2KuW^Xhm-5OG(Q=i*pyKdlB23IDbW=Y;0ljpVD8&dnhJ803`;J&gv9j
zwbF=v9AQ?-)%c8F=A|k^Ad#8?fkcubp83#OmLz@zl=E#oBFC-+g)G@My}_&L1qB~U
z$YT*Y3}tL?mR;MGs>gg!!#2EqNE*k(1D8f}-f!eKA?(#p%ZM0|2D`mBLYTffK*}IN
z+JpiE;vH;hZM{vAC~Nzl5xql=2#CLoin!XxmaXO8W`_3b<HiiFN1*{!X_G|9qWRmR
zxG6$5By1yN_4H%=+KIsNx$}fvmU}4ZH#lU$Ynm=niw0{3hhe1LnO4+ePXI|??&55}
zmtufw53*<$t;d7R0fHmjgcfmSlOzG@9{9Lsg2QRzvR5;AGy$8(KLY6ug&U9!kEL@~
zb{y>*;-z2st*o@`pZ`R`DCMSE|AHoy`xh1n3cjzc-iEj(N=E+W1r(gHKKDc#EviDo
z!tg?6<+fXJw)d~ostRsQpACt2juQc^RCjl>b}E`LRAgVC5Mon&(Wi_QV$``2LmnK_
zV5+BQXKT_lk}{aeYiw5^nHobQ6Ku-HoF_-Fum8%LB~r)_?+#Bj8g|0?IiJEe-rkqq
z2<)Dm8yWO@^UAu*nO`onT%>Asb=i1uV_t(l%h~z3yVF@AsJq=l+|Q2SzS!cJ+TzyU
zVqYczwm6^6$36-8dvxcT_1l(eM2Et0GjRmpqEd3}Olexr!J6Bt%0+HA+ItS3Iu&tM
zV>$sk1p_3?28)_%K>vfBPc71A;HbhLG?jO7*lu02c8o@ydx&sP-T=4*VyhCmDmgE<
zh$~d|7(Cvbgv1sr>*)N($@gX6R#rKj`qEV2PsA%$$AfaLMQys3j?=lykx|5l7z8Xr
z=U$sJXSg^!-!UTksukE_Y+O#Rp+V~4v}=Cdr=s5BN6388)SM-_Xcdm?s7E5)M}Ic!
zS9_Fvi7O$$bnVqN?#;Vm#wA1PjXp9#iQmFI2yWf^;;F)3Y8}1)UPdmwNG^<~>C^5f
zB@d4$))S(E_Z#@WJJ{>y|M2u{FG%Yd+z31EnzOt@!>#_%BOpLoMVYAnSp=u#Vdeg_
zk|=)p&JRkd59zx~x*mMuFiT>p%uBzNRjIS}hmr?@kOW4t;{H;b#rxaN$gH%32<}%i
zQ;hX(e0-GzL_}ZSH>5<KJg>V=Y#=J-jZ?mty0dch@@xGKYBCz(Hohv=sM8~-g8cjz
z)t!xv-XCAHjAlav<ZRZ<3Czd3(+%SKTIu=ZO~if6D+Vju8GAx9;S}5$9!G(T8pz)G
zdygaeoGLpzad-M{>^w<O>_rH~xEPS?;i|x42;kA^vPD7lxQF~+0_|bM>h2DGpKWDu
zqW8Bz;+3I}gFUeZpSX~t{!I*mTZ#L=8uD{%m+{M8y1VT~UijHfO)jQYfA^pe8y!Xe
z+S(wy5Z(NsBvJkGKSFeY1efh}hrdrWNd0)8KH6Lqy_hzk11R(#MzrXQ{OXTscYuS_
z{Rc5pGU7_IOqf-dH!<Ck2Wi7tZGY(c`Nw@@eh|>0pJ#M5b;rS>#6Yg1qP~Rc)Z`N}
zH!OB*YpcAxd}x{%ie(Mq-lRy=RKPfUEMks%^-2%s=t(^v5f(`;uS}S0wSFGlrPL8`
z?dI;KrX8AhA3k7+)CwzrbD12^`Hi=n$nbIA{YUES<bF{cPs8YB4f}fAWHl7h@bj2I
zRgOPZz+BE*;%!ZtH_OWaQI*`_LOl^tE#p9l;g94QJ2kLA`e{zwXKc3o8SBTSJ{!Mb
zmlx^WL<zI<Mq_}S?NK(3M2wVxKzvebblOxmr~mPdr3Sf%?-j<CLy7&xR|q)u%Qq^S
zOq{iSa4NS_Z`_$mHQcrR`juYRtVK^Qnk!|sszO-s%@bMI1r_3l{hv)(6{Z$vlNl#(
zvl{%q1{L72?p_5adyUx4KJ~z`qQ_X$j7)kw$-m~LgA!@waF*MKQfb5JQwvIz?rGJ8
zXh)`95$jUji2l4f!e53W;jq(7%H!T<F7t>V|LkZ!@Js=7GNpa;&rzEK_0Gpf1%~sB
z0VBy1TUVAFj-M1QWYO}Fy=>z-R5LqRL%V+EY6qsm>C2$46}RKy^72Gnbr%^8x0468
zbrgmt6RRnONza_@TvM8GTVWAsXej09eM4zjoQo4%nZd10^0>$?>sYQ>gzRl<qZa@q
zt&zlx_H}|=!)22GQEPh<E$D(Ov9VPy37!|;85%DTja1smIN6#?zu2Y_>m10Pq!}zw
zvx_2NWi`t@Lc3(7F)A-+78foW^gVf*<12-i^`v7A<%<`e0s;b3>Ew(TlNW7@QlvL=
ztI~fOG23j+om(C)ln#=WaS<D0cm38IiqoQ=Eo5Yco0`=4<pm+1)MO00Qii<Q$>yq@
zSxWbZfz3~q-^^yF{af5R_Ve^y4phGvkYL}pW$SW)GQY%QD`UqQ_ZyMCPn8eITuztW
zWTiyE-RD$C!||=HB}Wl-A*y*<hf6=3&0J5dvXz^>70l{5EVO(yaa(MciBF7a4^Ov1
zxxi_NvbOGpZ1*q5Ql}!ZxYK#NQduRsuJWgmF(pC@bSn9f3YJPM_$rP+n&aUl8&W0s
zyM~NqmAfhABadKm74MfUKBci;Nl#z<qh@`Ff@8f8#K}sVabev!h&X<g)KuSDR%fC7
zX92_^_rHeEG_Yiu32W&HdNelqH>Dk~k1k)zEi7D^Caqkye~sg26xyQSwKWjoBQE+f
z`hHVM9+yqIV%`jWZvm}b?ttmlE7!Y<-#2VvUIyB(_1r<zjrGm0Wfk`BehZby_dXMF
z^GSaftYLw-94U2ByZ5=~V8vlU4<c*XbJnjr44rku`#YW+97OOE^0uPp2Ql1bo&4Rh
zs_?KyZ7V29zqvEzwn)$5;1^KZ%GtW_?l;ggNL?J_x6^et8^nQsf7!WZa9>OWb49u)
zBkEZ=lVGrn{<9$S-oE*@N*=k8nD)z)-z1pJ2WjPk620f7eI%o4NIe23DDOA6@yCb7
zV(m`uYgv_H)k*uuc?j0r7X!U^UyOYrQ!I$=i#E}r5WbF_y6w^DNuj!*TrRg>+HL#X
zM`_>!tEPI1L-i{8gg~7MRzuN`G!k*$t8SZFR|C9*7}+G=Q&aBaIp4X%BioTsxA0Q0
zq_?U}9wvmzpCE0of!gQt<)zPQb`=0&N|w4K*+#-Ol!m=@Ig&THqFyP8+@jFULU8=g
z7Q_=Rzm8t}BK)ZR;A3`S_O7s6M&c#rN@>hxB<^h|dXXFhXD}9Alu2BLJ-vp*KdEE%
z?bm~ozNJrPU$ryq`p#S8^MNEKJZIg1&G9ZCgH~R^@6oT04h02X{kkTHL;5CT7DzXf
z!@^7Z2m3a~t~+mPeOUZ$m2nC9R8P*mc3e)bYM)02G`>{I1i7)vr_y-fe`kK0v?3#0
zi+rndk-ul4^Oo8-jtpb*ug}D9q~uS1WC}}{0*fr^P`jopoFGjZ+)y&Pe}w--AJZnU
zQbMo(24|>_w)W-7Kh6P~gh5P;yhxqhDT{vAjonZ8$8P8o1;j;vNu1A%?gd3~UkqM|
zy#7O<3I8E?%t@hQ*rQLWrS|HfjaOr6IKL>29ubPX$a=7OM7#86{IgbSTE&;hR9}MI
z{9-|}W+_XZI)YwLzh&<Dn94_y4e?Xw$c8qJPm+6NWr6+d1lvv!$MQmqSs#>B>iFU#
zE?bKLnkGpj(KRWxw3J@&xj?XgaPGT|@)xriqL@dt>*3iB0Q(1;|7#@awe}y6h2QMV
zGI4XO0Ao-{t#-%jBh^nN-05G_MqgSuwb36`eK}g@`WOe%sU7MpY=pc2MNBgj=3-@=
zj-1SeiG4a=wud}Vg1YUKzXz`OsFx%HPdMN=7gt7-Kxz+4l}Ab~)l!znq|D8XI+7R1
zWLl<uQ!A7+yhU{a)Y8hxOhZ}j8AZ0nJ(63m9LXI>^c-ThNy#l24~Q|2O!JW$TNsax
z$xX@dJ~EVk{liPdxHf8lYuhYmXQ}^-wB>CU^NBkH>GEo&QuiPk=jToG^}s|y?_{!!
zfPhU^=A}VXU!Np)vZQFx7j5C)(Wf=b;Vm;F=q;F@&AVA+*;*a|?Rk(lkRG*dGZ?;!
z@-s@OFJTi}oru8dB-^}x?SYMhm4a`@gngT^Z`mq8zi<w-YM;F&oL8eOw!tEu{;*I{
z#P_Q8v2g)Lr7Hm+*|U`SYa<7{OL@_|F{8ea64hmjfMf$|;t;CI`{u!g$fN8UvpgnT
z6Xyw8>>0D*uendStM-H*e;2fwn0rk}>;#g>Rcw$<7ZUgKq%Vq<gG$kB*EONH7pGz;
zuS%gS#uKLX4RMss%9hv*v6uufmZe=5D(qPrG6LgwMZ%Zo;a~y3sPM$d1&kOfy6%oI
z=l$NtCF*t&!PCNuihkz=`1!o=v1*cE5O|ykJ1jUWu4>|TvT^Gh+^J<VsaFf81^L5r
zN@6*-$Pp@}$78MESjzdPU%zN;Q;4<cWpoC*l;y8RW$Buk$$@crj_(`7WTmd5$~XM;
z_!FLOz|{!S;Rhg2uyLS}<qvu+1zetyZ&`B62VX{sHe?7%@H0MZ)#&97$SSCiH|^(v
zZTPG==C+tpqmfo12d<bBjYJwuRafDp*RBb;GE-&@hEw78tn94wPipbiDlOFMtJeFj
zl9CLdDfC#GclS}-ZHoBE4;Zo-Lw)fAintTuey(M3FtzJ}ziqME!O}i_IprdK<(CTX
zs_vA@S|4wpj-}?>!JPs0lnVJ>>7!#bPz6Y1$rW5K%S0)4<Fbx1<~G;lWx}a@pJDr6
zQ#a(cb1-`EPdfU5{}l0*K<5)1GSJ!C#pz()LL9urs^g{ti6(LR^7VGU`D+?d2S0F$
zntJ8aZY3ufz4B>b9I4c-#}V628k3CSRDc}D@>;az6)`YL3l>pOSJ!WD?Eat>5kO=$
z{I-EOG)iaO-a_6=;mOS50G#yTUp=5+G4B6*^Cxx6vq;OVQ^O$xLThlr!A-8lVhj63
zByaiKTrDdju;_dIuW-eP8M<!oImk7bf`6mNV<+qzTA5jMxY0fAtdL`Qh08WxAPBXD
zviXN5$IdNobM2$Z`(kZXM}lCrEx2YO3>cv?EtCy4(P=&O*8?CtB(rh-FQeua(FX?L
zP-><R3)U)-F$X+ELjTjnAp=scx1QWPPK%@`6*cu<B0`I`eXa+;ChbCh?_avGFfbct
z$0Z>-W2v>-#bH+{tHQ5Fe_H+cSxgLdR8Q*d+QVsZ#fvXI(cFRqxMm()k01?+iOGOd
zV0X(%W}#1deu@#?4hk_E&SHhKBIL{Q_<NCj29+zrm0u^lcIIE{y{p`v?72$F_QZ21
z%5?=i#<kz%cW|)2GOpj2vnzOpOVdh4r<Ggx^8o~k#<c+o;z8#xUAK(ROG%Lqnj&3W
zYeA^Ka|OarxMD|RJXHqQMziz^3TgD9P4unj;@XK?P~zMByJ>{mLT_7)4`s<F%al-q
zIovF41RWDt*YPZ-ObXlsRbC!@4p1p@(8-Qsc7L2>v>97kW?wJLp4~SRvi@Mo7Ugr*
zRx}7AB_ClwVtO$+yrJX$1R3!o8pFeo>|_00*wQFBww@6*{{l$-Qz5_Zw~0nU(SkEG
zGnC7NrP8>KlGKjfiZ7yr264j%sShIln4-DZ?}AUZCQSIHJ66oNT<xpiQBR)Kd@9j>
zH<{!*r}nmG`IgM{XV35TKOSQy@B{4c;<`?$Rlw%Ta#X(4A!V}7Z!GC&fF8?;+BP;V
zekA5&y2=`sD5{e#aR+zac$*@*9$%;4cE7ykQOkkp@nLF8E|uPlYD@E8W_bna*g*Ht
zoB<GS0>SL8Pyj)~*EH9a1uYE4w=M3z+w$M$T6tS{2roPf0(}FX2@9W5q_c~257>>I
zILMDp8bq}iYs_0e<gd!?)07P%=_`mdrnvv2FMZ#)%<>|y$Jy%q3H~r={drq4NAIq=
zg5JbtFw7<(G+*3!XXOtkRX1G}>s%An32Oz|F{v`U>noo+NePEW>D`BC)8w9Pxx8C{
zZtIFufE5H__c<M-#RG_6t^XncM9x?Iyjk%eTl0Oz+Cw{|-JKU)4qNU=M`$71&)k+K
z(FT!wb_@17{&%LqeXY&OU_eHVo^JD}Y1Yq-mbugIJ)CucknF(&uXq%TFysuJP<aTg
ztRBS*#{$%od^d`qs}NIMA|}BAmtFx>_VQT43q1-iY;L;8O8k3i63D@bkI|`X-c%#y
z(#gRhH+~tHvDcJ*EqMB<#ZJ%6#lF`{qgYyF)|y-ZYTbT_zZr`9cwsa=0o9Soqx%<+
zgM+$Qs5zGdhr-hB6Kb|$inbRdPYS{8FyoroCYh8*&i`E}M67=V3=g%{01b%mXLekF
zX~Sx}e(dBK`@*6s4^tcX<|EXG>VRu~e3n?@K)p~8i1i`!*?d+DJnqN9&^%75FRA(*
z_xHUqSghI5(4y0vqIt27oBvFO=3Q-l<^!SU&p)Jjxl6Q94l|!g3nF$!`cHP*tzhU?
z<rk#zg#eLV<f&kQ)oy#+9~aUBSJ!3ENUgz(NXrTuq7n-&uFM&2b?=aFaqx4Vjbg<!
z9kXIyI-*{XISSd^XH*{=aG)={rU)+*GIYYlMBwLdjJ}0Qe6bZ?@k%teX3E39gRzrF
zES9L}lu&U6ZY$I<RejPic~jDq;$-?w-LTZTG+O&+Iv$lotya9xfOeR7<d5yzCy(s6
znE!lx7+Z<d@ufl@Ulu?dqg=jg=TMQ83kKb}b1U^NH4yq%e%lqk5}=dvP+?^zfJmbQ
zq<}T1fTUVG#}L9Trl^*n!BJB1I%u>St#JdIZC0{cJ_?!r*+bRKAGbf3#j-3~U5%n>
zFl94Ap~|P@KeiY03kqTrG3AGOUYFG5)cAd;GU7R<zJudU-`X#Lo|Q#e-Ne_20o{HF
zT+`+!zf$5H{<VsTBB5Td<ZTwEF+r`oEsJj#c&;Qc3M(l!g?B7{Ms=cYjed-b<<vZH
zAg)&;V}?%p?a$I3pyl#eivVIJlwM=>YkF2q_CTvCTUvIu6prsxsPFS~iQ3~NbWjC1
zOcm!4@kD_e36*HQ9L4(uE;OaqJt|jkTmgPnM@i`uTjF1BHV<X6{!HH-^4CGToMhBC
zFB_b%BZ4o=+j=&!2<z5tKrXmhZr??0@dFc9B#TiHR7nAom{|70uT<GZ4C=8=b#*0<
z_Pi6qE-{ryQvnjk%_vm+nWPF_3Ln6TAL7ZWk2q5u?hhc56)$4{GJyF^CJ~bU+4uqh
z>u*UQg8Q?R5V1F6S`d!U-Bv7<&SW{>33Vfdt>pi{R0>CW3S`Y={x{w&3@G1MG{!hZ
z|FgH|IAIIS$*uHHKIi|tcLdsW^qJlHCU5-D&u+laTpB<9&nG0PPg=46=My@vsB>E-
zl}rDP2+5F#?=HTr|KE$az^PL1P20l%^9h`N>#j1_@ZYEpNZ{3mpGa<Tbp72|h;goF
zQ}l7$*rb2w2+;=&+~c9KiU0En9DX!jSlapTd$>Er!{dh>RRgTr+Zq0uxZ%spFwAS1
zI~-#HXA_R-gP*n|dHN?GcKq{1I>_B^(eCd4HwHe`C)_&`Ey4*Mwd8+S!JSy^@0@`#
z87hYo@YyAB3i#8rzt6G3O#QtCicseU{=G_3=eqyB+RgqD_@n;E-5iE;_ObQQDcYA<
Wp2OESUSyy?5_>8kl=(#S&Hn+E1UO~@

diff --git a/docs/_static/images/firewall-input-packet-flow.png b/docs/_static/images/firewall-input-packet-flow.png
index 1c53c34a1624342606d17281331d288fe57cf8e6..20d356bd7699bc7165d87bb88ef6e80bc1d4d0b7 100644
GIT binary patch
literal 43944
zcmdSB2T)aA(=K=rL?s6mB#Vkl20=2Y9D;zLD1zjia}E*&lq5-VR!JgBL~<6843a@|
zlALp%-s<<?e`;!~Zr!;vRded)MPQ$O_FAh~_tQ^5z5E`_O5o#A;Gj?_{D+cgc@zrk
zH423>d>$KqBe_k%4d1YA9z1+@9$qic>-xgaS8T<UY@b@_+d61j>!A$HEzI;-Y;>&k
z^vrDxEo@gYtAybq2IL}9YdtMnBMWo7XGUgvD0?G4I(8m9V>@#?PIgW%Iu3Sz4nBTv
zu5cGweH4lg^$>mknPdFYh?7!;-O1_ttX8NR2I&*a`)5@xH6GhsGn46-Pw(VnX)w+I
z+8VhZWK{LTNGc(gv*BB;krYz_m%%qK76&mp(ta#1F`-Yl&V03)JvynjIde(uEP<tZ
z@FIVITS-SnxkWL7v--=G-G-2N@3h6y|6WV}UfH-r#D8C*pVJ>p{`*56!R?DA|9+n*
ziu3xv-VpNO>c3wT3#9x{TpotpzeJ&?rlyefK5~~O$p;TSv!#hL9#h=DPXG6%?ZYK6
zi8dBIuK)97jA7!Rq|H)8AN>0>y}jgz5Z`|<YWZ9L<82pl{QmuV;OguDw=NH_F}*uf
zibYHuDmA6Mcm|FB956R$NaH+r74@soti}EGa7;>Q?6X3q<4lC2;YcaBNnaMmd-v0m
z>o;!XSx!7ysXSa^6mi#E9IX&AGBRq7x#ROBSzMusPYm76#LXR{;eLE6xl>YBRyN~a
zqbB?K%1TgGl}NU7!S{xShBp!ZzP``!kikW{?v6P0<r2~gw>E{{H2U?;D5CFYnS%wZ
zYVkcUY<$L}0nBp**RNmqCKTR7q1@fwvGK?s&-CA-mmi@Luzx!+p!D_YS4l}pI#$-8
z>1ka~PR?75jNdyuiP_lLj*gBDyVLMlR0`{AYrS&R%DT#(Y*eDy=;^InkV!@{g!!#j
zozi&x{P}ota#E?toLWwB9UalP{yWa%d9xKE6>l{>)P)Nd@^ThO%6KYVc5}ivdvzlT
zJ?P~RQ`6GEI&JE+s+TwZ2&D824z4n$^s4b_(xn#?O4!=6B_Sa}oxgBlVzNG<Cs!lM
z*Y|uN6$x=D#X})5JdfyTau}jVQWCA4(Dud0&eI`c9f?902nh6R-{1@G4%^r+^!Tx=
zm9o3+nELzsdrVgGo;!Drl!Bu9gQyR=kTaK-me$r{e{gQ)!9uCs*6LW&__*d>^I=1^
zBG*HE@nD)qhdav`2nlBg4U%T2o5E6eR7!1ci~10xx*qOqEe}P#$kz`I4aKNdv8d3i
zP+0V#b))0ujc$wM$v5t0^z`z&BK*=ZLnm9kB9{1?IML<H;tfI6S9r{+hKekTDicFO
z?pa#0tCiW$442pl9?T_wvlvT!g?aAzfSIA6pP%62QvTLLZ$J>W0H<-!twQq=oa)eP
z66XmB7~n%vQm!uw-;_(d4*w1bA(BlJHXE_um~OIN8IIXm9=c=Hbv=ky#C*h{>D>*i
zbLZ~pHD8QmQ4#OYQG4;t@X2dcFW+Yt5<yfGhpSby@Z95Ggu>%<oyoksyy1sdTXRn?
zvnbd7Zj0MLIb7wloeRlkdx%C)ry+ZPq6jtTP<2QRyS=!$SjpllQ-*8;KdLpB8yD<_
z#%Y>(V`F1)DZgWHt6NUmOoubZ@pp_t@n*Zg6@J@W2JP`$Ki*!U5_J4BY-cu78Ue;Z
zN=Yd_R_O{hqIG<*Ex7elRJGiZ*rP-E@NK__dqPjoGvuy<LPGl+Eo?E|CYK)%H>BIl
zwxhU=y1XT5oV*zx#j0+;q;=gQW~<mDfnjM?dtlfu_6354(70|raod|Xhf-Bj!)R=6
zosKa`tm*C!1ACQC6l@A$tCZB%)-K6iRkpUaj%L?7v)G@TE*-@>>@emEPZ@GE>E*k<
zJxApt^G7}e)F`DYw+cHEX;)ab8|>^M-RW|7?3a{aahg3aF!yR{PpaD!1Y+PeF)=YH
zm>-noLeK3{=S7xSE+fy}+*Pw)Hu_$TXU{HjaBwiIm4?F;;$dSF5D*l78?JESfe)UU
zO>+O8p5*p*I~9D`@I~0++Pg9gq?C6}QJQPxHN|CR@Ts(@zHAjmV->F&)Wu-(gGG(g
z=5I#bS=Rz8_a<>sR8($<y$5?!!JET29UKlTs?Ix0euJjJTiB|Y9n4lMc4=VSULa-o
z0$wPR`Nad+HYJYh^x&{gQM~Raf?nqce{c6|%+`}>Oc(U4V`@(Q2#l6tz$T!QJUuyn
zHK{VC?z*j@TwrY1TLK%b?r47#W3NTy<h$ot+`ay)llr~&DUP_da#-}#oDN-1u$3B@
z)ry9VnHHmgFIO4DGI~CJRI!?@yTETdSG_h->vVd&8zba$ccj!V`OBA(M{##C*!5e<
z-*0s^kl+MT@sW7Q3GaKiw#qo~uC$4qtP|?D#ny`w3e}a^%<dg5=3-b{Ggby1G=^Sl
zO%RCc%~XU{85sJkf&N@{O(G~HB&7P?4QXU#K|w+NFA*!>{}qv&B;uZ!Djfw@Rb^NQ
zfu!da1hl#pF$oEqiSK7$y1LGTXGVb|A+%gpX+#}tFB%+|N(9r~TVIwwd-g2P@XA1*
z&dg_~n>QQyKi{IK|6b|_+l`9f*4K~p<{5U^1KZ2YO4X}wy8;`Vo7s;(Z*FW9+s@0E
zw4WsclQ%bKy_ccV{Dy!U=i=Di$izf-<0P%xHyGn{bCPBD%P4UCth;=<sW2JLN?$x2
zMxD;(56Y;k)0~`~qy`C@4zLf8j0_f8(88X&%EA&T<gzoqu+SWGRTQ<iKb!Pwl5S~f
zFh5?%rSI3%+nk(Vd-y6UDwtdgd5H5WU{7i5=<LJHH8nOCuiT<*NiNUTD7E#AU{bUm
zuf~vn`qa!d1H$agNAYg3Kjs=ac-(8^Z&Ci3mu|US=CrV|SnN+sOhiSu>34N?nHML_
z6y{Psl#?rx^-(P{AK@$t@bl9eEq6MC+3kDW@NwF<nMXTgq__7H4-e1c!MnDn-QC^N
z+*+(ou92?H6%pnN_wQrCrq)~jRgjXB5?+ek(!a8@f=7Ax?Iot?U$knmVLdovWbi1s
z&V!#pnb7St-Ar18uW){!PDAGH;f{_DejFLJaV`X_FDCu0?MWgU#?K7I_+Z(eJb8jR
zD+v}PXc{1^oO9{Yr56^|E$!{U!D<xEY_eZ8%FD}VX{emgFO83T1P2q&wkI$ZB>4D9
zWGpZA=W68qVxGW$Z0s#-Z-4j2ix+)vyum^{<nS+<M8TN*Uf5PE!+eP@D<#$m$tlj;
z3mEkiO0u#++|#$OXgj&Ms8A{?MxMpJyq0u&<WpUJ?=qYETlkFC%0pHGhZW|6k!TJb
zr9ADkA}4#-0x7u9e0k%1BiEqLm$<J}_A*RFYNFx~A5r2Ab+_YfMOdCe2=Ez11Dfob
zcjI!EM;8`Fj<-l5p!KC4!Ls$noRBfo+q3ZV$A*VrT<FOVH8o`h2iw;m%~pY>dU*Nk
zy9!h0JFmftU%2!rDebT@GJf5uz0JpRwC(8V__Nf`1a;S9)Ku-X^-c$ZC4`UGL?IeC
zHaDNqY!1I|3#;@@Q$b1T{81ln)7Rw!h&zM7(52JdD*6|3adFF5d{h0uI;^Uru<<DX
z++ltA@S*QYEptES&kv&K9*Bw#<{J<W6`D;239NkC@%*Yvcu!m$8{7n3`}6&M%&+<R
z*{?!<2Z8~d6q*g$E9BC(Y%)a^Z5}{y<Fg$1$Yy&10qG3_50_$Z9L)_C<=UZx>%sV=
zc`Qb`Ev^bUZ`~qgka=%DQrZ_P9!Vo|gGHk<zPOkdLggb>RVr|~GSTcGhPQ=Ik2VFj
zd!8cR7|;(yfq_a_fzi>?x3nTOfEVK9<8LuD>q5}#$y5wp9x5Wec(HDMsv(BQf~G@g
zH@@JeoUJVvTjd@-q2OAz!t7_2B33z(V=jxT<GcC#ZQ5W(5Y9pq1RN&k<{H7(sIHV+
z=&lTx9Bn3@mKz_(^Vt}7emo06B1^68GHebQuehcr-NT0uO(8y7RPO(9R`~(38S#%~
ztg7Rk60|IKCPQ_8q{#l=UvHp|5p?3jr@X5R-cwgkZ+*gtRvD9rIO7=1qzUXBu2itj
zoCBZK*xt^-&0WyLQjFM0pf~`y5k^?~pp87PNY;#pVGQ5QhAtO7fBOl+<da5~Fd!Ac
znm*}?&dvPSo<Bs!B%T~v>qFT6&FJZ<(`<rC`;kH<fR>G#bF_ePegI|w%VY!CslC53
zvv+tnH9Ok?_(%*!6nEE*{_53N^#Nom>HcHij7aC_=kcy^dJC+UlS)WPfXBWsE8EW9
zu{#|mx6!9!(fL(Ry7KhI1w7R}K*uEa6TS-PZAOO?o_FuweFxx>>#S>F@F&C>{-gtw
z*<Z-aCFixILy!Q>_iqSGsj=uWyMDF4T<KAM?0S(ZwyL9d!mbBIq@=aK3QUZ8KVJ$U
zV=HX`!9c$=0YU3J14AT5n~sy}Vo7c;oBPRT5@0<1#lGyR5r?r<h0NzOqhmESub!sM
zT5U`}RM9B)^=-7f0)C@;?DaEr3Ps+QF#zdLUu|{(O#(){%&MyN+f)JO3<DDz^~Ing
zk+Ec^S-oO+)CKYB0G!r)6*UG+sfaVu`m$csLe8Ke8_#Q1Yer2)rSwG;<LcF`b@lb3
z5fNfhtZI@EA8H-#tt+;1zKDd0zN1}tevvtlUOs<t@-%^7;eJuDpRZ(KzF{XlVnZ@A
zcqq2=HP1jMlF$X_n>T&Fefwt39kDu?e-rLX#cSyirS5zotf_9i#;d8NrM9=XVE7Jm
zT54(pALCOrI;He6l2CEWYHQQy<>g^vVX@mS^x#w!JVG1OhBcvKsT4kh==FVh$8WcQ
zRSo+RiI(^8--qmm_{x=s;Bqr`R88CiU;|m7lLUh+{0MpBGy_=m_M0KNpP`}E4VTR}
z9w+!RQ+wmvgNmG=YSXtV5y#oz-^Z{7Oh8IRq^agU_w%Z{)669qhVDm6MU1g30f38e
zxMMGazX(-sA!+30<BKppuhv(~8K5OAOF$@c#2$82?l&Y<-%R?0DqRmF7s(@Iu1Y6r
zz_9rL<%tEc$;sCsg3aLAK*ode_4lWTAPOGfV{$TvAuL9T=v6s6Ig@Ib1bMZ;S#PLv
z+sFvDhK9yp%+{~=qrM)4h=RgcZS2#NYbeNL9BYqRq~QWVK|xceK^QboO5y|fMlYYa
ze|Xpp$rISFdGRu2Qsj5^@nFYJvAOT#zJC20TxtXW9QgE>-l+5M#R4w(u><H%DgDp$
zDhFI<@eK%IQglx`I(n(@vdqmO8!ri<ls!gfX{;*ghIC{|Xy}s_n){J-QpiA`{!NGr
zVj<3$o0|h#PU$iHz+`}(FDUo$;ly&$SmlCUOSTrzuPUplAH^jl6H`-9n-m!!w{!WM
zKuc!#m)IB}2ruT2LDpgp)%MdT9T2W$(q$9O%k*LTo6`UvAj4bawiu-XQ~;T;%F2~G
z^BLmHm*2n#gFzHl>cW+jU6Owof;?OR`PaZ4VX6T+G?yPQK2Pcg*9yrOcz2a1MdWrI
z|1x;Bwe|H6It@VpGYU-yAK2U5zos4<8A*Ue?W%Nj*(O2KLD9b~z(C+#vtJ=$VVL)H
zb+1E0UF0eQ4+NoD3_Oovf6j;*tsKnD=UaanjIyp&X)=IN9OQUN8k{T<e5PuIz<#D{
zQaRV>%^Q-77txUaT{@5KspP+m#*!?!0tCSd*e|^|>P|zT9t>l==tW&~tXeDN=(DpD
zfZf)1cGBdMgiG~g&}if9e+dZfsFyEak_*4&1pt`}QE7U5+7eJEm;+=b*Lirz!kWCj
zyfAZeavYtVNr;H<!8BRf*`>nZWB=TT>)(C)0e6dKKF^kX^k}9h<0*NdIHd0oqQ03=
zO;3CK_?!dy@Dbb=#TBsJ0?&WEjK2iI{@xxEeHTla4iS2!hk>Aw^&UdKfQ`{1*T(!$
za5%<XEXaD#6q-LO&z266x~uEx3#<)sC?m4F;bq?Zy*|ICVmbV#{%FsRe4hEvp~#G1
zOoUP(KrfzBSD2DNum5dK(*Mmv^9`1wz(Ek-W?^F^Oz!jr>I7g^A#1w4>-Kg-ybKqo
z>w$@ab>$6dGE2^Nt~>hW3dXLMnRKI0yKH^4Vqy&K*Aw*iH+oG6NnYG2cv$~6eK*v%
zG5haslyAFu=@JJd*(lh9jmNuV!DVFvtgNhebFy}Zs!rKm+<wU=@VDbp4MdTpiHLQ@
z*wi%~D;o=(^TK4vZxUCKa+-6!PH(OAmq7b`JGrxw(xSWuzV6?<hjKsYPAZ;FbZKm9
z$&Vu}BqnwRwu0Az>yw;(*NaHEol6`d%b4#)5AO={J5gc03gmO;_ah`@n^>E0q@t#Z
zKH76U*j;^{oQ&D|B(GfLRA&Ph$K0{fdr#v<!Ga3PjgP8B<8;T}cJY_rQTdrsjWwP~
zHkC(JCl!0^KFiD+Cu1s~2{n5@xs*5z+*|0)l+c})V~#%MaN0j>yWAHla$<!C7IvM5
zCE*fN-`ep(8|vs}cbC(2Z}pQ(e^__=J0;agNBO%I!Dw`I+F$3#?a^sC4J?Wt<mEsV
z1Z*$%+st>}0EBL_*v0s$A!ylA>wpyEo<Gl+V{lfMseWs`_&pu>m*o{P`@d|hH#eN7
za!;#uIqxhM%omrGT6ct$k>6c1f6jbLo8)?M36tJ=v#jRW;@~Le#UKhi*<&Rotm<(W
z`aQQ}eYes4)5t|2pD5kqx9H+{mZ#ZHS68>@I%5tc@M>ztt6SJa9=%(qazE)F^Bpem
z@u8(@quzEsZ+@w+PDHrzz%FjD>eR)nwUrsTgbz5!ZbO(ZFKPXJRf7@y1V(+Qf6-l=
zi{eFr@g>-n^mKF{YipK2f~cjzVOv^Te^#h?ijBW;uKJ@`(!0dO`{wF2Hox0b`V&T)
z%ESFKGjYeV4uUFN2(1}z$1psigiYKSEMjhOxHF=wuRAp<?{hQB*&FiR@WuF*6?3jF
zlY3xUZ)sd<QGjJMU5{sl&MB3Ab-doWH7_?J?+V;ho$1}pUjNh3D2?hwp~E?m_hcIG
z71$m>0*{S)8iOO4`Zv}ak}w}vRkER2RL)v$4P4OgI5}5R;&f?EEvI5jn1r~5<FB*P
zixzPg27a$HyX97Qf$#uelTdh+UVp-Z?bWppkg9KO;X&M!VNqXQ6s0yWK*>MtM)A6^
z#^lewdo`KXDJLWpn)V3O%90%gd96~84Z#(D0O{wHlPrcP9_mihoH;{*VYxDFaZSp+
zpwfBN4!kk*@gycHJ|Us8gAJB^b4BFxo&CIZ8FwQbU@g?jv>j)c>+5bFHAiW@tUbPl
z-JPkZ2$a){yrZftrS+-}cTqF+>NVof1?fLwL6YV1hL@S6BQL_ouJ7&^*}W*bG4p^C
zXw{y~Sutm4Y=_||v>v!*@>xap`v=aLKd*n`pcW|5+g(X=nrxC-+uhaKNHHSEBY0W(
z?dTPHIwxtM+~}Mb1F1pBb(@Xwyq-ldF|i^wjfHwHplP}jlU`@kt)uK$PhviexES>e
z1i!*O-0<n#&9jl<60k?-n-20YtL)&{WGl1(t~rcZTcaH))}qWXGUC}Zi&*>=h&=n^
zlRvRr9v6XK!2SUl83-Q6Zn3Yx?%~Yusl~QWPj(}fi}W^Sfv{}$@Ew(LGZl<;AFhec
zy9V>7c~~gv@83E-OSX16MtGBlCpb?>qASaZ6qu^O0BLF}YHA~@@s1IP-J1deKES=o
z7v;?2n>>`_m!4h`n)!VAd~t}n#K-N}g_yWA?)Z>kbG$edqNHbm$=$URPoDjqA=-fw
zp=SP#TWmbR7?{rMOFd19t9kc!R#L9x{ijd9o}Nc>r*EWVj5iJe^*#R^bZ^%}#ERj!
z`~0X~NV6LCR(#5?DDS1ma(^x@i}JTmd9<38Tx&DIVKmGID?dM6TN-nZb}!G5?o3`y
zHt5KS=Z~mc%x$~2e<X%F;XkB4;Wc8;ZI6FG9KU~hA}%h@kmO$ZE<New8vOFdSG`O=
zcj4C}Z)s%fJOr4&t*B&MG_)I1xbIx@^1+)vAr|G`kQOvKDSKtpG`rt%vxS_``26me
zNc6XF(l6Kd8MWPh`Q(R@n*DmizMppiSU2n6t$e@Bw=3<?@^)zu3naJo0FZMGm7XUK
zRUxLL!n^n2!FT+^i^Lf(AQu6$(=diszqYpa3YQ@f=}p<J4WokoY(ImE$-$XXw`S5i
z7RD|aN<4?hNgH)CZ}12+>ij>;+PTp_Y)d|Mkor%RgZm!D19*4&0%n$QqknkPs02NI
z>R&XPktXHl(bnEx*zTP|_=SE32~d)Qe}U68(UwRSrrx<i&a@wQDFVTap6ywQeGd5S
z2%f7)_dk(e%ErN=VQj2Qiei+2oZaKor%zHM!IBD@&B(1D{j0RtGyZdF!L)MlG&a9m
zuL=qd_vyU|q_DHdc+u3Ve<veje(Beh+MA~*?~Xh@r37~0rQ-6&IL2PNGy3_P4LHex
z*uP;~;I7@mv*+2$uR9I13MYQPSuN7!O02J`x#ttKOn&#s9H5L+sjXgWg3XBwZCFCW
zQ=<klV&V(}+rwz2phJy&{yc=HCw;S#mY?`Xo)?-Z;$=Q}ZRyv@oe8Wu!So0Ti9}_+
zDD$3Y6V@BCZ|XW*zTbz3dNalo&219(v&e#%mN~X%<5EBj`vf71%VN|Ue!W(WS?f3z
zD6+oY?9O4*hg)3SgQ2-#69!cMG=4B9yY1XPAW4Bi#4R?k#4_n))%xyzF2{)l;_}|O
z7vD>O6XiUoxwfl)d8*q;K*0X%JnhYacu~yGl${6(b`YXC;I6I;rQO8~LeZ^H&r_}_
zDm^}5{biy`XZ>Rbuhr4T<c47hO-&sf+<>fH*TZE()8XQX6(N37;?CK$psBH+!8a3M
zMsJeIN5eKd*jYS#?@8$V=PBEzfgpewHGZV&j+=qIK+x#_Xf?v(+NsKL2Asv{Z%#`J
z=$ny@ipq46BqctlJR9%j=khnRX+r7?PBL5Sk?tj>!-u(Q`L6~Byc}IzIt$fqJ&NU;
z?8&%;LQ5RC=BSAf(>lD>s$EGl>i%k=Q`Tp-(3>3qP*uad;7xS268PTvpLuQEyR=-N
zXi))|U8TUMmN+@J#t4L|JJ=gIOee<Wq<@_|eo=Pg`t<=Qm}Q9nOD_rvms%|Lww36Q
zv9~_TC0RbtIf`t}TC!eEdiM_J-t*^H!E^=&vy0`=cie+>?Wl4~)ln(xGG*m$^_;u8
z?mmQ&Hl?H+pe)z5*Vh*gPcDBOkr4uLS|okij95$C99v(nSEr#az>fZx%gsN!7yIfI
zwe;$PsQ8*8GCq{ti=YwWzcb&NSI&EE2X+iMbSy5z7?*Fj0wm+OOhj*FXy^rxA~_+{
zN^!DV%ut%DWPMYUpYwJ(xVbOpE)x%=X2_gLw<@y|xX#F+bHtF!6cjUufqTeRCL<!M
zhAd+ch>U_5zoiFKjEj9{^w(2vxE^ewsvQrQwU&p7XhvT@3=T?u{~jfJsn2%2S___o
z@JNeSsMJA!EBdf`*na9qHVX0YYWzh8-)r6JM5;WNhv+jutHQ#{|DDPK4uFtQYRu}$
z)FFS?)z8!y5*OESjZ|W4X}S&wqZ@bb#35!<VnZe=#UGGw)7v(n$CWrElEj?;B>9ct
z_7?i1!>Q`;!oywK-?XdD48;mWr#w@95Qd$O3!JVeu^mR<fsbp}{U1J0>k4+Z)(Sm$
z@Mu+U15<AKcli9A(nnd$Fw6Ot>r2+O?tk3eVQgdV2=zIMbC73WxL{T@WKq@rkx+PM
z$in@Loe|IRfAfHK&$nE5cjgXn7DPDz0apV6jU}O60)>(6$Yf9BGqe^K!uwl7z=C4Y
zx^MAalORa_)L2*P>SLxB3uFxb{0;|#`UNf#5j{4uAkDlj-`(ZtGWq}#y_n;E#q)Tk
zbwit%tq*M9WlO`xD7hN=HybR$A96tFxk`j*w?N&y#OS{lq5tKgU{M2CM}!%W{HLH#
zlrV6zChyw5JAlcheWN5hVDfUizA6w+(Z)V7H&>52EHdqU>%$;;ugv}`Fcek`&qy+>
z_Jded=(C6LDsOrou28<Ms-ksra;j^fo=PT+(w5;@$>@jMTbCicCcKPqEI3g9M+=Z`
zrs9D4Gh0Psk)KVD@PSGZJ%j$L9p(r9N0?3~D>D4{rY$)MB6%xik9x9IqUPCTwf5G^
zFy^{SggON8_)SmaLVUjV+&w>tfO=@7tK})<?sxbIMvuQJRx;ae!Is4Drfhez#LdfW
z2Y4Q=Y63_pqGzRoS!4YwRMln*Uf5ue^O#@MX$YL&pVbFYQwtfYR$nXM(ufO@$E6m<
z&6>%oJ8s`GO$WY2L}q)Ul=iok31|e*RIh80)@WA$VXMt7dyxb(`EMCtJ`)&6za$OJ
zSZ;i*_bR)x)4zWcmoUYSgt{1xRdSo><e+R<x)SpZ-tpNlVFCR*vlOFiLWgB}`&xjR
z$~7wohjhJ`-*pYNnB%YK<v7fTZ~ZF3)mt6)s;jGGBm#E8Sne-7&|@r6NG3-%Rv~c{
zVl}WWucGHFrf0~$*e$YxmCyH-P$$x?K&>=yYGZ4IhGr!tEltg?JUk!+<>=(})ne@G
zXkt-_^!&UauRWGUn^QzbB<uJ}*`dP7Stu$D)BndXlp)zWa$dq3DRY?o`GL2*TyU_m
zqPYLD>C*kKF4oQp7XuWaufe=)6drHi;w_9#xb%YWIzWZQKBpo#8>DE8%no&Qa{gJV
zqeA0q%Pc2y#}7#kCcf8yE=I!+RQdRC;ug(@3gdqEWzY3yG7S#$9c^{Hp=22D2sog-
zQ%%kR{Ad`=uP+M1SQ>L67pW4Mv*Kevv$kcKE;nY$s@6QM^!>t0g#!`T#s$bquf)7S
z0=UE2i7(J%_!K=w^{Ftd@VNh2N0E*T7wPF9o!4p!s2nOTUc9KJF;wn!ZkK=(om4qt
zdSF#%cO0dWljaiKel*|F@ztoCfb&lNe0Mr<>2^-5BZRj(W7c+ZS|BT1+qJl7E5l3!
z<sEANkhgDTAgwS8kiG=TI?vzGDZiK?EiCtPIM>^|P;+)>sFrzhGRSJjl=I}ot?xt>
zl`eO4eM8!PVnRZ^yU0QgCX^2%=;^^8F8#G#)Y=SL=50n!Vk<>j8Yf+@l9GL@M|%-a
zPxg<G|C(O*2T=Um(`wPe#|4}kWwy65TSF|j95c3W%EnK!<yNWvc4Nr*(`$JSczppU
z6Cp(Zi#WPOGVG~dQASMC^{zfZxWJAN>{&tT9|@Ix-(gp0{C%bAV0i#kcRKrK5J+(Q
z@3^#!F0&pH;*y;-^ywk)#5*kop61W%|B;&Jzi}Ybf21hzxcV_0b*)k(>Wq<<r@*LP
z{x`GcqHlbVAPlIA?*BVB<}YGJ2Kv8ioc}W-qyIK7|1VsA^~Q~Q(?xoqyu>UmzaS(S
zyae8bglI03pc%ve?i^TUh#EIl$mqbWZ;?@k#x`(v$*pP-hkpJrR#qf&ttYkcA2a&r
z?f;9<nG(rP5l9~RBkq?vdMWDPxI>i@GGc#ocC(o&SCwatgCekR8C~c0j~Xla1t7&Q
zD2RcPvAHkx*=HbNRiYkGoH=vmJRV*O(3CO>{Jn_zQd4jnUz}<PzRAewzqYm}Uls6H
z{2G&D&NL8T=QQWLQVXGA@EJo?O3Ht*PYfaFTYQ?ly|E}2>E*3He*EaTKNIy(O6sfK
zZFvj|9`jbvyMU~w$nG}1wgK}8A`hVEpfXZn90$C~>jyI_|0DnDMMLa|Pd@h^3as!r
z5nsNrQ!3uzVdCS90pc~1O{2ZW>)aI)H$eah3hdYE6&8SIDtPmtAIF<{$k*5PsT`2b
zp~jOlQ5x8E^z@!k8+iQcG5!qjv`R|k;1ZZY6h*f-)bSklH;|_qJZ~#I7wNTW|M-Vz
zm<XYB`?eo^?DmI@8=!`Q<)mX~ehamo-yKO7i|^2N?MmWj`1tuF_hWqr{<^Oj-MfnF
zl)^1Ur*O5DfX_1_5fKq6AY$ILwfz>DNlfgba|Qp|vuCz#+w}Ach}z8>KO-aKI%Qx=
zl2A*1s|@GnCPz#gFFBrLUxrt16xpbo8`pWfx`u|?!VZHAuWehDmZ7e8t{S|nnW~@f
zz%^-$t588R;Z1o0YLO2J5u1WFwLV34IzzT$Z8JYHelPbUJv({z;C@k{41=Wf6k4Bw
z<HCjF;?k}xGnH5_3%A8tZi-i9XRtDam_?qpbSR-y7+;8=eQ~n)9&RcB?vF+JOJGy`
z1^u{v)8`Ne$KQ)Czhn=i{(gww$c*0R_Xn|YZ6Oi$yLox>!q(n>6BCy>t&!*W7#{B@
zlkAO7`NM;2@5<h|PPD(-AqZS`RO;&YM>~WR@kt#w!u;6on!Z<@ZRfghA;Vir40e@z
zQ|En(8`tS?{Ba&-JBzO{sRDy%ALd`d!7*P{vfJErB2ls*M?taZ+cS4MC<N%79POhe
zBvd4NdY=DL7Jm4C77L4roLn-PMu^KRz41}kk`BFgKcaa7?bY$&Zcz@RzJqI1X`p!i
zmYl;AihL1HSs?jY+*zQOzZ3s9c-HWxAmQ)d51u@EEkx7WHlw6Ub#rRc)YT8x4HL>-
zh;nRq%)P4b+=GIMPQ&Z4OW?<(ljFn1*<0462$oC11In|ZwiYvguod<rNUDf(%QtYY
zT)85+(Ri(pRnGjWu`y%W?#fJ)r{|dSIknC^bM}#hzo)<4x_g;TL}Z(s1S*8EmB_)=
zQTP;Gnvhz?p8bj~B`eDSdts&}%4Ti+{*PeV4#+p`GUFxr3{ygUC9kNv?d!Q6txG^<
zqz<amNUaY8l2$_YG2N<|h3}?!L7!!+CSG7^xoiF=S_XJi!S4;ap9l1`u6niU6ReDy
zEkaxl<tzss2MXZg8Wfiqi9UaTop2r(cM4I)LFE_A?Qqb)aT{5u+vmv0$QWdzQTL>z
zaBkneU1V1dS}6_?NtN2pKiFLvaazi2;B`CVMFFDB8+{WQ9<Dnw3+g&RUZf->-@&9Y
z2EJ%vf^6qH?6Z}TvQ4P!zKe*^8<_>^)>Y8E!8pQ2PWL+yy&UKXN1rbj)HKzhTL%ZZ
zTAFSXSTW8MhbIK`3B=Wr-ZXV>f>nAAiy9gpj#g5NKKR)~;^yWCLqP<2^715`vmHft
z59xao!NfzY8NaqliCIb7W)e{I*TGXE#cX(#6kt_N2fx0SpmhxgME8GEgH_SG?O}L8
zL63x-yb&})P6zYpAZ0XwO0DgD*K1gs&F{EustU8Q+$M-V5{j=y3NB_=TjTdj)k>dz
zaP@9>wk@;u)A1n~Ja{LDHqL6MNHCcffb8VS?FO=;warbP)@Tk$#wCV|DMA<IkQB4|
zDi2Q-Xriz@K-M=oGh^4%z;C}q?l59UX7=mb#C&=Z16%-QCM(dN5zq?DfDGXZ6dVtC
zR}G-(C=<(dVUOh^1)ueG6z*ka)Hu9BA9NikL~jFvqjk_J{7id986WTO-UbSQe79p~
z@Z2w3?D{W*r<(pfO%xraIE>l&y^HjdXVSUfvte;zqQ=I?*~=_ku-376&6+{jz_=|)
z$zz@Zv?Wq}l<&AkUl<k}+q~bM{!m)>x3)NT%>I6Kt3DMTw%}q<O@DWo^U2BHS*+om
z)o0STQdE8z(}LqfEjAhx-;P6;hZ9kEAyxT%R+zQJ!>V}Lq8XvQMUx<;oq{jS_mD(`
zeiX`%5KnIK@m;w^;4tbqg%8E)2B=_K+SurT)UCL*lvB5n2&g9CGQoU>$B&8N>a*{`
zOrg|{l&+y%m^Hful9DqYTG|;HNTQSEWS<aYdtu}cs{SU?(6IgyRPozN_4L?+%GxHk
ztV-{S(&Orwr|HIKx1L?%ymRM8xg!T?^b~Jhm&Z-uxALs3^=WEpOD#*jCWMO{;AL+x
zJ9d{dhE6D<4(h#AQ&v`XH$FY0JmcwUJ|7<$^MD1zvxg=!DMR1u(qA54@7AC|V{dN+
z$OSm`n!|@^^b^Cw>yUyGY>yI9lx6fYi%yS>j9j^EO3w5=OB3|3dj|*FoH69UJ*um#
z_Ys{h)~EGmIwkD^CDqX9lDj1#@iGBf%+@S-g6_vi=g-tiI`dz@9?mbT?&h|BE_`vx
z;>Cf!?%HCB%_TRM-p-;ix0VK4_tvfXZbXFnP+D4N?&k+YstH9KPpE`)yxg+{{ja2q
zObUo21VK}S%(C^gBvhh0HakQJt3icw0S`|X)XAWif`u`W2&B+kUcW)ltpcu3;^Rll
z=C+wi&oh>mw-Qk(fA<D;9W4F)kMyw^x_ax!m9F53)9r$3a7M+@=CA%5!#~0Fo|T5<
z#MzytLD4F=<7m*rK(SkJXFw+fqzu2zVe4cm<$2P&ABBnsQed!yXacp+mu)h#0+=8T
z97F0(h4r%#FE8cB7b$xBlaWyp=1+)klszLK|2#`zw=j-(F+o6LqCJ6UxH4;YWq&`#
zK=;|O*fX6-mCIGfJ1U8elNS&i0#emB(12Q2QhkNQED$!^8f+p&p!UUnS((Oh{1s>L
z{PJ>J%EPd|-Kx{JT0#*Sc;3&`%IFm91pnZh)~o72_ynHzlVC;6jVaQ2ZEiN*Vw~K>
zr=06e#eL-I#q>d*IP@1%)R4Ty8P^8(NqB3ewkuPSZE|WV`_<zQGa~i(Kn`#oA72lw
z93cS&R*Jnq?SiVm<_DT9zkq<+rlux-XCvT-r)OuM=BigPR(_4WR`ecab033m#!yvx
z*7}xr6j{*JkBPbEN1gQn(;&)u0{Ykvqq{MUEVqicKbpJ;C1(`4#}L@b6SY2kb_?O#
zg}ET&2?GGBTxi-vrtz`{f?qBr4!|O1uP2~5NAz<y`swH+W(R7#r~(3}Ac${lS}ZE5
zGmy%iY1vs#r{jsbygZ~R6G~5Se-9bs4PYAL?ds4E5kaog=5Hz?=kV9KWM2(BXewda
zOYN6|!gJX>+U!6I@{nzx(}bE{YobsbE*b0ETyikTtqg_w!f!uyTq&6aRTvEfoU5Qa
zfJi(wGoxVK$GIOkX!-+hI%<=x6BZgZKJbZnKV43z)G?GFpK_908>=bFO$sJqMr3zp
zlTvCF=Sjc|Pf9{U!uPi0Mi*E>q627{?#`Y31>B3oaeP<E8uE&H0U>1noDx=gR`+$!
zF<w>Gkb*@1L&Ig_jBEr_KJx@|qe%`=j7)1BPcT&JiD_x&o<F~QN57Ts)-B%#8ke^q
z*0)?5;4rym+pp%p0owKPB9#VaL?&7dI(S5ngy<rvctc>GLqT5mY_hjk6`T`hh~C{P
zP0r)K$G<c^-r=XQiSQgBFqK@na#3F|)Meo!Tv9c5N)sH(Vr4WG88B3+=HT996Xu2a
zre&5atD+PK2dA;Ik&d06=vL)6vw#4l2gpn~m!=~Hh+W>nTCWT!B{JXI%RW^;>&$-B
zN6ck+viJQfXFNaOa4*=8c_tvYEB>ryCL`0zLd^v22Hs4u#2V57vjIex8XtpTIaj&J
zdPWKbf*~{rDRP}%!HM))&MAXb=jnX6cRv@atgJ4IHIkvTKh)(!FdhV)YQHm{I({>~
zpsqe0Zd3Op(F@Z~s{OsrEd8}>^F0})K7_Ps@81JgRf-}4vK5qQzMwl@9j)jo5tPUM
z;zmtMDypgZUZ0LM;{%|XHX;2@i?$S|8X^e^ZHLvg)sU+Z_5`r49wbPJp+A2B)eTTc
zydc{}UF1oR^q-iSf0&kkhfhpwI##A%?O<nK^yhSwquq+B+A0YV>Yl9e0{(6h^PPl*
z_0pG=5%-dWU6m@FxkZlFFhRbd(>OzD9>(zKJLt_pPEH2F3^FNn&5XJX=pnxu_xd+B
zO4={~(reieo4$M_k@ppVmfwSe^>+dkx{_bW68v5=l^sQ|@<7J$rxw%u_`i#>o`JMQ
zZ}FXRpuo{FpX&h^K@_W2nqwq;08^3%7lqM4Iw6L`SfES3e$V<=UFJhle`_1Q?QXg0
zOP7$9-^_B}Hnc8zVr{ksj!?OZM$nNRbl-)-t9{v&V=p)HQR2zOD3CJIxF4-&26cmS
zMEGFt+T!NBBAL?SVs?wsa-3W>^yl_GQJ*=d`L0JD?Dk9mXzEtH&Kdp6dXbtWjZR@e
zG)VIJ75l&A%HgY!HTgM?>96o)E32N8$sLZc!MC-SgxuSy_&kkfq+)kg0v$4+U!0k-
zI*HPd94HQrZ@KeB&B8r^ija_E(f%fr&5bR{<`!6>Ic7MX>Wqa=THXduYsXEVn?5}~
zJ<6Rbw>UZ9Ay_Xu8lkbWRf_b7i>&}zMwy%ff_tK*Bncf57G;rvlssLaaUJ==BrpA^
zGFb*b)GITN@(K+NuX^d$5N;%Pr=p-pr3G!n?lRNnHl+~TXB9F<o+9P-4<I~!p1^14
zU+sCuI>0~c4o74`Yk=?jPmkhEXd0YmW#hGV{(yq$q>jP5I*QZ7T?n1JHJ)dY9u`Pf
z!=j=ZK%fVLUu^fop)teW&%OA;dAdy`;G-=BE;hHe>aI`L%OnY_eF%|c`IF5p$;N$Q
z-+_JXFn({IEQhK_9;1Ugj_ZTnP+^g}DGSJjG%F%x&`T|^ZDtK)Vjc$Rg{RHz&TvQm
zwwYxQH{>FOMxf}$zEpO$;0O8prH3k!+xcJjxcN$~SwH!MvL6y6Pf!ja`p)fzUQDD(
zsr+CelljG0Z=?kSFf7nuoS<fuOcoE^gQgJZA|cK<==cq4=9_??W<Us!IA{=x`u{JW
z0S}PzLzBy=Oom0G&{&DUG%=9ja}nZv@9hrr#Kv!AWzPC0@uc=mF({*YzNRAL-@3G}
zJDiqnZ8y?C`7V9`zQ}5$t<&_PEOLq4q!GRiXRC0Om1=`4kFWKyD6Z0*kByU7)=$f3
zJ1zvpR9AQRd~aqHH_;i;g;BS~a!)}MLbN%1T$<ije<YM;JWZc`>2$XhLOF-ihAvdd
zC4h-A>CdTHu_~{qh~Y9KK>?SrW@jLBDKz$v0Bs;O(P7lDW-RFe507=5zV)Lt9JR}(
zC0aY1$+HO#zYgTZ(59>qYH@IzSQzO$bW1Z*r{3QuU+B4NQj2Z9x!F=d`}%eLY<3L*
zQ&f%<ZagSZp&m6oGo!Xk9ywHwNO7uXu5f+ey^aGtPLL#lr2Px5)FMqoXJ@E*)Xhhr
zRY-R`KH#xqp_do>QwhnF78Vw^UG94Aij8ToyPV9<Lw3%q<`?^ceWYwo&R(IB=wT4G
z$xAj|;?N<zyKx+t`$g=F(Jp27yxe9|vZ_=uKo=jCuqBN>{((mICPYP%p+JLNyifqL
zS^0EX>fzyG^Z9|uPzlgegK#|LMXiK_Ut{(k`GP$Y?{)92Rv8(O^=b@j)>E-U!3xG^
z<-YZ`>ReYB<=1aWewEs#YIyld+8MBuv!ezXNU`^_IZp8-34((5w&yYR@5~mNC4-ni
z_3%ZcezoQP5w`-^A0kW!xirYPYYu#{rP<yCZG?hMMWk<LdK%SF5SkPI?%kPt&`$vQ
zH5N9ua&SaK0{%TWH(~hslFJi%`Ru=YzAr<XOi)k=s1{XTr+48k?tYcl{!ZO9Ra}%(
zf>j&aZ`xufD9I(EYYR~UhCgl?jFHC1WPSa5X0)M9O@OMRyirQ#dNS43hKP;$cuT9#
zgR~A*R8&Y85u)oyG~wWNZm_WhLrcQ=<m7kgSi!mny)+nmW2Yw)(DO8yr{l9t-rn90
zT|iKj{0?|3`<nOvHMZ4<ok0Y<&@HsHG9sNo@~DbMqoJ-2n2k?Y8qvlW+ei_sjEsup
zJ0$o<qiOh8CnkE<*RS^L(wBW|JZR*O@u!TAbTr>D4GJdAcG*cWGQ0)O{yE70tk1F$
z5^}~TWLHVI<Zl`G6L^HfjxiQ#;jA6J!X_t2sj<JjI94Ts@D-Jnl`o;!aA_dV3sS00
z&}hF91p$lY!Pa~&q#`dWU-E%A{G7kU0WUv4Cy28D@`T@Lia-sS1$}UkD!&2)<$&}H
z1zlU->FGC-nSz9z%ecqav!x;id?2FAhV@<gRgmdlMM^J!#n|4K6&URMh=B6$OWuZH
z+J@SefTbl<)<h9GYimxv7cZt~e=AFz>$S40Z>z-wz*!D-OIuqYWK5k|FY;A{-9fkj
zDs12kfw^E@Yeu6@bG4Gi<E5m&PjubD)2t}S%({V%xe^sepMIU;o!YZ!Imc40`Q_#3
zw{~;Cnq<j9cTEa7I=#x3@$qU%gQT;W_yh(3T}E^2;XD>hzH*W0GY~Bex%|%ogYN<U
z%<7PMORjbNtG@m<z}JyqV!o0Ef7sm=@AvQNJUu-@z<Gm%BNV7a(2Lw=wrcST3nQhW
zq2V$e2!Tu%$B2O%*7xzJNXVH;QDFFAt!~g4b{9V+oeZX`8PsJ|taT%EaG+w7OK`g_
zl<?hpMbSEDaYjtDJMC`e#zKqfyw6Q~`$tG!qLF)VZ*P2RN)&{<S&NJ|*m2NlN_^>3
zJutxgYqf+-GgR7?aXc2-U+#Ke%98+}QCwOQIx+D|$N2!CQfyXV|LgBwMT^gQwoQ6Z
zDxBeuM%a>|>HQ-SmzRy;^LhjdD~PHLK$b$Z05}^hB@p#20mv?dm;&w~EA)Z(u5yu?
zwCVH9P9V<ZZqady40;s%lYu#lB<JIAP<D*RSyblPU7?qM^r`ckudgIG0_lJ(#!xCW
zy%H>P!h4R8=9`s*HPgGWFg`~>-UjX8f=Ip|nTjpFc-#_M?Bw)hd{%L|xa!Ln`N*^Q
z6ypo?4>#Y_sc3wKsZak?HtR*hbE*`YY5^_)p*n}nZyA-S>qQwLfCg?su_(w-_3~&L
z&zOPk<B(V>t>=9#V>HkEx|(V+4cy(GN1f8M*%Z(z;(y1D$ZFQ0NA3%NTF`C#`TKvh
zdw7~uArNe`(7xMn%KzfLHwyb=1f8#^fInq%=cIhUGLwv%iBW@WdP@a$OicSQzeAru
zl}ozA)=uHrt0CE;dD~LWA*0vInb~Fq#%f-a{?E>e-S_f%peyZRS|y?_AHq_TwdO2L
zBgj4*AHOL)?YPk-kkoM~Dl4Dy%r_`V9CibQk8)~)P`M|J5z(>X-t_nH^=3R}FDkTu
zaqCxF*@G^%Y_cZZ^U&P#G)-2I<tjb>IgZ;vhfV7|V^pY;W6;&tKZCNiv8kZCK<xBu
zz-sE}$NpNpdrzNv7yka;UhvAaG?UtP=m1qhRZBujoD|~W&7m_)CP@55q&5YqfH;LK
zXBX~z$Y=IaDT{HT9>wrqdUgLky9)ECGUrR&mo5>Zlu+sJ5@-n>Ng2E}*@R|q5D$k%
zUqq_v!Ocxg^J^9iuYIx8@}_=VwVr!SC1{C)G}Edi1&haG*m7^*3!6}Ucp&ewx3}g>
zxf2zqIJ)PY3=Vv7Xv4SF8$Bl+q@rldF!_wS3MR#m<>ge?ug^GF(D0a;JW)_M>-v=R
zm$Hi1-MFhHenfO(S0z6nTJi5bc&}7hB>-Db9`LqAOQm{>C*Obc2p{~g+Dm;j`sCF^
zm?rv-=$#7hUu-(^zJ{6sfq`PsQuR%l1yT?1g#}|S9-dl5u3tr=lGj68W}utkfvM>d
z^)8-&P>{a-r=$aDhen~G;YB^jyK(o=grjM!T-ZJgMcv^*qoq>6KK<IDop+B2D~gs$
zNQm0FfMRfP5L8J#s+H~=km&B9u5C31{6`Cb8dLP8qT8@XC|NFc+g|C$P&+i&my&B&
zv6M)$k#0A)WB!x<4)@X-@@Xfy6R*v0JfM#Up87Uo{GF{KyMF1$&TTY0Crv)%i%~ZN
zsu~)BeF4GYKttiW^|Kx_Zf<VmeQvvDV}mXi2Gv#Q7h)c(sF<wV6QR+rp&=nC)GZd4
zZR_jkp19W5R`oDpAbcC!+O{9VV?Cz`#0I=1rl*%$Bzlz$X5@R?qc~Mz+qcWI3%T$h
z@EZQ?%Jv@eaUDq5cI;esSL%U36)=-PPv2&YzyaN<a9^%Q2L+d#RH{5w+s*<N&;ZK+
zJ$@3tS3<9S8!gr;Dd|r`Vq!qvpbM{isqz?eN2iL(opd1jhUT^<7BFlEXnZr}*(M%J
z=+Us+;eeI2&IDKWEA0NrlZ<Den1bbAfBX!d8C^G_1OK0XUU9?wpcDjN#Ka?4z#74U
z8ZC8-B7ZvlYpLmG17B)}t|A8CNv$o93?^PX?#A0YuaP(H^Zb3&?ZUwtUTJdpO{hDV
z4RVn+G_#;I<q&(K7isvjWB8awM8-}mpcAJKxnC&l-%F_qf$HGm;zFS)C@6Tn-@>~a
zga29%!4R}%_%tjb`xZT2b$yh;1O9p>3J_=7n$MO$!8OM0{0k_@kzKn+Pp{bA-oEmU
znTe?dH<T!}?B6Y*15eJ!n@E%T!Omm=P)NZdJMu6G)5d&!d<l_oQICk#9`fjX(>ot@
z?&|63(FA!TLs0#@8x|tW=9J_X5e0N(75kqjsW^bj0zW==zLB9}^*P#?;}gjBzH_pF
zKeB?6nR&@h$bcT6iGG9aj~PA*rlO`Ogl<h9i3iAFa_as}$@U!Nr1pkop!X=_BSGfM
z`o^Cr{iFgrLqS17)(l!X{%dD0MBd5wA1Su-5^Y32@aTLPa<d*5gD}A)w}Xs0`ajdH
z_;+4Q!;_MrAz-e@rcRr~Cj>@Fynn&32ouVK^kcT$3kr?8obcZvXZG_UBY{+Tqtl`$
zT~Fm~ahOjDZ79~!f2{n^ogyM$XJus(v_NYlznS9W$Kx4)&ZB62&HEBrFXUy2`fDEl
z|NZwnM*$SF1h8m90J>hT)trNtBO&vs`1s+8bwCh#R#V~*Z^Y3w)qfTbwgf8T-8)Zc
z{8BIKHZIt452)8pNl!1k!%V+HL_muyKRrFgduW?Ow9V;>P=kWgM<&z2lKuq(_;dC1
zEG3K*)s>%x)+O;3-o6LKe+&So5&H`WXMBnxB(KBXwbtQ6Pe1%)OR$jmn&3B}TaCa>
zz;R9U(=$dM2{bzK`+q$abS9Uo`-C*jSPLF+b<=>tMewgR!=hrehkoxQ@$){L=6CRS
z(<7h7EAb}e#*G_RbL9UCaPTo&P(lf5(pAd|Yng$j-Pb-aB!|B?0q=pabeYLZrg#5&
z(_e#zH{DN_w-XRFg>pF+zjzPf!*Xh*KV?4{{GW>e7Fc-l*wJqu$4S4NKY#r))?f&0
zVs}4z$tEs_UO@&B8l11hOoUZ4q!p56y}cb45i#@CwZH+uRhCK-L5JWbp4)nW1`4&X
zxX1zTdrQHM131U3#R@tVGDOM^pgt_h5N0QdQ&3n4$7_rPJRuG(L-y^oC`2*iTy-(E
zNB9dAl$||&*!lHmLh0@i6M0y^KI8QUzm_NhM=G^zXyRRPr*Xk8CMHomy&Jat)XbLy
zTodTdL%bvB(8hu`P1lu!7y$=X=sR6+7g*JVS%T@PHp#7c^W%s3(P7nTSyAmZ`UP}m
zFA|v*b5!Sd5-BfTdJSN7e^{vKCM+JPi)-Krh2@rLBKn0Y#My3OD6(n%m|3k9HIc^E
z_pg_{OM!78mD07!!x{JLz&V_U`@{PbtgqGg-cpFrJh8GG#f^XY9hyv$4$V1Re$`Uj
z3-$H&pK@}<pFSmpgycHOg^M_6flu{^F5YXx!Zg+;RB+w~wBx-ksx2CV+T%*us_@Zv
zu6upAoJb&)nV8kf$)TR(Bb#2Ebh35x<?(j^7bRw7rPiQ58ij&f$OnpMA7D(7RQ<Tq
zA?W2p<J{O{Ac{U#c=+%F96s{Cdmicbf^Pi6A(s`Xg%FdGohwld0-iw|XzNjev8!-m
z1TWNu!P(P=HNn6a8vcx)KKprqjWN=1Q{176Lep1keqr!#)nBv-NUdE}N+!<pL~-#<
zwLDFKtS;|q)zsv+&2qiu&GXE901XhV1E8$+0Xjds?`r3fUk*5nkB@I?YFY<OItr!p
z<L!MlHR|?wJ}<!OhjrV?Sr)KSr{FY@d$7bXStrY5C-|tfs?)=&fv<YF$gvO46cwik
z-S;r{+vEKZn#4fl@Cp#PUZ*Fkr$1mS*1M$Hw4e}A&TsoEs>9d!AZ%xM82I@q@DvGe
z{0CP`0s{jL4GrfkJ9>=^c%gjIF>K>PLQRdIr-WC{Z~Hbsh<IBA+0jl-5${N-gq=uC
zQsuotyYiYL?CGIWSKk})unTcj2RQlZk7|9rv3Sr@m2;4i?ZLWP?yYG-ri?;4XX#iS
zmUeZ?het+gLv6^=#6%PT9<*!C^+i*!L+>?m3`+yBTY*5j<3WuV3-$73e-^190nc?F
z1-;V9XrOG26;SWFv0)t^6*UFboVr~1V-vPS4B~AGFe~Jw93Y*Mk41S%_H3ftmsiUQ
zT>zPG{_N{}17~b#!l^9gf%~%Hi~w3sLc4E0=wtz*6PFODr`)99@C-0$A2)qMoS3IX
z^s7&Q`BG0q5|I~1hY~Zd%K=xjzkj)_@iYdK^ula^f#Y(Z>+n2%=%)@52!)Wd{eZ@9
zq+no?L;-*m;So`N6Sy7)mL{;a(Cr=wozgn+5I>Czej0KS1=J5fI!QrExejN8ASX0{
z6J2;r7Xe`!8a(ho{#FgW#UGw$uFfU809Y{{Ex!U;<9FCB6|TlY&5ez4KF{P&j*o6Z
z0Kt3(vnG$6R0Z8>2n)Uy+g1_A$n1Sd!6J#l;}Cv!^Nnier%&f0ZLWu!k<Y=wfqGSj
zJsObpsLQGlQldMLgR|ir{K3P+gP`i{eP~9+dV^2-CQ8F?uu=^=#!=&NphC?@v4F?w
z>OoMADBt;I0y=`*P;Xn=ANTvDahsL(2XKeO)*Y@}of5=EL>_f@XfpJIGk6lfqKKpI
z$V&(3dCsUnnd&xkov3q#-KXfmrLHl;`E6e7jqBf(vy0>+hVOw(DlR4mF)r+m@??ul
zi&G<0Q#72m0h{;b#sN~&ZBG;m`1q0jA{iN?dw8v!{R2+RV26`+jyg_{2xDVoiLP9^
zfC6u*9u)0+l<+)L?8y^i=vtjDbTPNG%99(lF@t8Exn&~X#x?~1HhLk%cj{$a&CILQ
z#`<?6{pxQCT4QCjM3&5wPje%1xHDPeiJIDo&hh)o&pA170EFDT=h1;rwl~A(exX7g
za^m%1_P91AKL!f-OpMGMI6a2uPp1<&U_dlyM2_d>LL(!8FNgRwb}SF(p97--TyI`7
z+t<^B9Qgxr3`!OSExW5Yj1kQMX+z@>xHf%tCW@{0W4Bg{>}=mu-NH8S6(SF&nHh3o
z%EdmN(An^ahz~hA1c0%3u4oNU0RI~eoG7bCr77FSk`eTspHX+5cufF@M2QuRDH-VN
z|5_vjUG;Y$2R`%~TY<e6joRSi;IM0b$AWulK~smh00Hq6hd)j)B%r=NdgSN$7M_kP
zNB##4pN@Df`A@XBnVIXLvZyBC@sS6V3_kK1Tgm{d8;3wZI<fA;3b1b)|BvVJfY}dF
zCsa@w+QntL{NB~UmQ470LBR*HT%YHeujMmr*9Sw=!6uLZQTcL^MU>p!VShspepDAh
zbJ49QN~19^ASjZ?a=G~uni9{DBSte%iSGP^;HtK365rW%u$d<&Jeshc*l}Ms=C0#0
z=iPdFpNMFr@6G28>$~iSuRxGC0hFz*yN(bLVdcj=Lr|El2bl;ze$&E3F|o7IE$$0d
zVqQvC;!uq;IDQ9CVxX#=WmWouLNsYWC}?p}SV5a4a*PhI(?&{dLysXB93Vq7mhaa%
z^=F<uD0_R!dk4-}44SHG=Gh(&eU!&&iBd7R$i#N;B2Kinjus97MaNyW_u1JEvqNq^
zJlqrVj{*<nf`(V%_=9503D0gj7T9BaP$R+oBD=WKy4lj){8&L@re~chwbPLQDDJh4
zUt`oW1%(e;S*;&j^g%J>21Sbpx&7B5#RB1!60|*@9L<VMNr)VT*6wzK%LR4GysYR=
zdTWY5Gx&IH;JlLx<<|1Tg$pR=<-$CnNIV+64<FC`p45((lD>NWjBc<9fwbiLU*S^G
zOiV5>D+9~3@p<B6hwY@M@3*zJf#;IN*Fla$0MFzDIl&b8kJohPWrfD>zWm<XV{GU1
z@h6gN!WkmKeyF-J14REhZ(HoNnI^j1iX6uCrJZ0O!owL9F!?^<$`C~jKmz+Y<hT&D
zjg8Hi7X$smH3VV`zOUExsMov~P~Ua<Ln2t&9d+-zr{e&7qo=2)k%`yJ4}2e71(jC)
zZ{&CmMBMv0`GapGBQN{-aNdfLLJsX3C@>+z!NpyEc-7!dQo*-x)uxMszv&?dZ)|G9
zK%wj3dNST6kl0-n2j_xfhvZ)v&XE(%?H91^U}k3aZqoe@5&<Gw+F)P_LBxJ9w;zd|
z1Y-`{&J``IC1`YzCSvn#%$ISQQNQBj?PTt1V|}N6Nrd|O{K=~~LN1z?8!G6Q>?xOz
zj~PmQW}ee`YUlADO-!bX9N&h63lKpJP+x;l0$~@8-BlG;MF4p`&g?~b#AM)x#+MFM
zuFRc`z{9>0PoB5`<wQ>}XStK8A}{X=N%Q2a$SEI!0#JR4k;pDzSXiK{TrE9-4Ksaf
zx8wg{>o1_H+P?R3_^1eoNC}8YgQTE@N+TU2senjGH;725l8TgyAdP@@H%N&{mvl?V
zA%#Q7JGb}q9pn9t@n_uO73A!__FikvHRm(u^UOjyDZctkZ&2rax~ye_NAPP}u}*TQ
zL_`Mf-W7K~6&|&;A||?e;o!TgIoVq(@7fXk>A|g5?-4z*w^HXL<oeOwVC?T$4c_|x
zw~Yg4aCdRc4Nu^ZF+xs|sxF_8GDL))l;qpblP}87a=16sxqiXlE}%eN2~6Bz@&Xuo
zmXUQ=waorx_j!1Wo5A|W=fT@>Sx$@E9JR`)r=vsF9ZhT`sb#`W1DBSd84h65f3r^a
zfL+>`Zushb&NUML36Z?~%!c`64;^?}e7aRw2TQ%UaeS@Qi}zu*k~rb65kl}tisxU$
zrQ$3Go)w}%hj`xLKq2Q^#nF28Ih4J<y$e*k(UAwcPlVCos<4tOT`Q}N2P>|vtsUqW
z&TjfReeE%K%H~pWorGL8$^Q@&C#PL%>e!%+e7FUu$Wd2mngX=J{Lui)Hikhr2ZT~y
zgFnT{$43f3aWJQSLkGHZ`=Q9%@N7`N3`UEHgzCLaCh6z0GQIQ<v^AzzBxFJ)n!4gM
zIBxkh8NO~c$3jJ?sx3WY4*ZsC_d$X9tBT7(M=KeC2R|Ac-8qkMk-SZ+z{KP~E&kS6
z1sXg*fBl+)f|XZGu}c8=V_m$65m*>Q<K)&3+{h40F8?62s6=ZLPtWi-3l?qQdS(5d
zh&v$MtMc)?drGobMW&~x;av0#`W&>>^)Kc)CmBfC9NDH2L`m6mI$LpZX=nd%q!{<1
z+=JC36Wkj@<R9uE_({n&TJt0?9J`j3a7c{|Y}<szN=gukSVzZp1qrhW3Q~gCCI!Gm
zSnC56oMDcE^B}nM1FDU}Anh^@x*EYXN-}oxP0`WOqRM1b>L*DFegSN2V?|v=#IC^#
zX%Zlj!bkZiU;hUvy%9la3>4|$5Rs6a&wTu@q=XMNCo%>s1J}#JZAR_{#k=Lo@j=*h
z|E(9xpSYjmgm5efd4r=l$%C-Y&9f*a4Oq)4D&R>N8lpa48f}kKEpxtYtMLSL=n?xl
zoJgwqXT^?ii;$tAArTpw$=Qo@^`di0<;`Ub>1EzRhaS%u+OESI0HwDA!fVeeUOtLy
zY;yY;S4ELE>|)*NNezXruuq3UL?rPeKs8+jH_fFORP*;nAnK4{k2Gw0M}|m90e=iR
zTcA!+r{YD!^pP!OE)Dk+9!cpT@p%Le*eNXRi^<&l6f*(XXo=v9=3?*DCuWOgn^j@?
zmZRO>t?{l%KUX38q>xsv^j26d^DzS}D{gOZZ~VJEQ=+7+yUpN4fZCCdr>@=D<u|BE
zg^LiV_hV8tvLn8HxrEw16i+trtUI-K3@BTuwaw@K6cN!dZ7enCq>x4e(H7{473`5)
zZtOOLz(ykgdV*`|o@%w}ix8tS25pQ;&E5QWh__T+x~eif{(kW5*NtnFhh;qjVNHxO
z&yQ2(oryRPV!+h{cq}O^aMCc3$7YmI@e5DW^jdr_?Hudibp{5zFFYpin%66#9!=WN
z@atHZq*OoIzo}!g-7$|7b0!#Vk)vSem~f(6-kiqOV7<e`)n(I6*Bu-d)(qtu$T2Ys
z3Tmhx1By4<G%QR^&q10h$YJwv+3JK&wh&oFlAt674kDse_vzE8;i&4vS|P7v7kI-^
ztX++M927S=I*Jz};|s!Wg{VVRJ=^lzAYoRME-GBfz#kN(#_@uahW5*LMk+*p290;D
z)^+R>*&9YP*f}^H%&~9C0td+uvTYDW`)J(?kYjqIb*t=be0df&A*4UgK`Ca<udlu4
ztC#4<UT|x&_>DeP(tUqqhk4M}-7O17CO!ETU}~RYV%|X{GQ3flSGxg9s?Xt)1QQNN
z>_S3Ep@V((#=y);p*_KEkGkCq<h&~oaSje@*ab@4{sSIx*di4aA1O#I?QfZXROmJ2
z5jW$hoO6zS{H_ON{yazd25)W>=h;3+e(ej-#qEVoUx{QNIi{B*VG_yp5DA5U`qYp9
zw>rQ|)6@4yz4_f$G;kg7lKLnbf9t{(;>uvPOer<B56?C#)xRm)qurfAQVWtiLK7Ut
z#l-+L|0$bQJ4@;{--I*l5^PkhBI8R=>*JSDibNP*2^*W-w7t%tAdj$IZgp+#m3g^1
zO)agU58I2$Z0r)x9JZ-9ZqxBoWc`$SFE97tcZmg8P`HkGdY=JER8hN?KxB5jqFMI?
zDyMs4w!SDX?06~1@xO-3;91ay1Mj0o$#HzlE=}z%R9_i@=MXLG=@!=Pq<KPT#@BDP
z<`@9bx|UB&(D({yNU^f9H9#I$RbSs*cJCSZgdl_?;IQx<`P{<7o;9onFfRXrjC|uU
zs}i@!8;yAmOm4J2JFc8q&dD3Seeb{U1rc9BB5Rlo(8>CFS@lD9!8h2!*Wmc3XT3vY
z8hp`FGk?ZS`eH{pWpJ5*yltXkZ8c`Px0izCsxL%~3<ez(VTqRoWK(*dLp_pne+Crh
zQi7Go60ZjY06`><tnYQ5hK7a7N=TdsEt)&F;}tYv==DSKP(#F?r$Rk8BR@aI8@i;D
z64Gn8^|1aNpA2f0+W=?*OGp<$Em+!Dz*{I}@k3cD4+5H1eX>87=$6Hp+G`%3m>33e
zoBOi`s2l&4p_)P$A*bcrLWsm<2f3%4At3-%G+e;x8Se3Ezj?F5bvB@}o0`w%&dje+
ze+DKjhsDm>aBkXpxwY8Zds%=}fv#3qKmazxU@70e{hF?Th?m=bM#|6M-$3v7P?$_g
z0|bz(jZNfvI<pbehM_%=KN(o9qft5D&7jLFnWp9{z|OD|23I1W;`f1wRCLNgQc^M^
zCT6Ag-_(G1q-6Ghlh%6o8jIbgOm(s6hK|0ORXYN*0kEh@aDd>DEq0i|)bK~Ht^(lc
zB@dzPi_6FXmF~HJKP5M<X_AqZ?hcW7LqpK}_fq@e^l<b+VeBiH&l#_C>h5Qa>WkgC
z9Y+8bh{BN-S3H6rA%_LQ8z{L#0X9A)zacRG0p;iJHD3LeccG;CT)mzcD_=)BN%$3v
zHgXn(0I`yVk)gaA;sFTquRt&u6GMsk>6w|AAmIgP7DEK?>({SAFg8FT4XFztCMETQ
zWHX%QZZ{Y1PkCGgq<{A<A(CP_N(JEcr4E$r>v?QR!x%colEW_`Aa)B5{653Id*s@=
z<RC#N;plibCN>r#leMv7w=gMbY5IHjK8yGsX6{ZDQQJJOL?3SX!{WiMiOhj5-qzlJ
z0p<0Fo}nC+s}N%eFCKoT`t<3gc%`A`gd0>;??H^0fs3mPy)gpbOe0h^8z|##oys9;
zsqln^P*6>Nz!e3~PX8EvgzvwohaO3nHTG&mf4~k9vUpti_i!un{}wFYn8<xLw$|DX
z&8gxi>|_aUD{Mfdk0|v!mebJqJVfFWO5hE$Ud_7B6A0|cO+1&5Jm#^6e)X2AnHkWq
z>rY=t9m|%mQ)ZcyfekuYc&6lS_4wfBKbzkZ&r5+1R4WL&Ckg!Hm`L8DwA{1g($sFt
z&gu_~Zt5qP)9$1fU94HQ*yXMl6t?dDDh);dx`}3LH>Vol_&wk>n~EE-yqn;C>iSqi
zql)*|-|&nKR_oD{O8{6*5~Mvl9nAO}`0sI&YeDeR+{VTq@()cvn7@i$#X1MRCeIgq
z!@}XQ>3zO3!ozFMrG(gSYA^x>lostXr5~E!<Yu5G8ucE&LU`kSpoZw{eXTv^ix2aj
zXzB-7#SU!^oGRNVA5+1qiinLx_q|PqRA9zmr`b0B6&!(gjsbCIJYSNA&`6dP_x$+_
z7rrQNN}3j5hZSXGW3xM{2a;YMoYf7x;%7ayqd2u0p0U#DeIqP&n@+L*I>G<)ast~S
zouHT(($=QHq?`~4gP30LY3W>9v9e#?Ik$T3!~qtwz-~&^F0lXR*nJyRmG$ETJnwAU
zxtupA`qL19pnO38dGPv5K(0!j6oY|p9WA_a<i%6q?@Da<UmwFc2^Jc|xsaQ#A}M*{
zvJ4>+gB{KTsX1G4k}`5~q&!yn@9iJH-7LWEh!!T?Dx6h$`t&ViFW`o`P`E_|;**V4
zj%ZYUx@fcoAEmoQ%RQZ(x|@C|Isr%S^}2y=Hb}}P3o2g-={1L#?2R0gp+rU^(Oao-
zIVSiM5+E>=NrKkJ0?(eaef6XIC`c+G?1@Xs=iWfNcx4ahExSI^+^%_1jP#m#gu(SQ
z{ZCMTilxOpD^=6LQ~Gxn&e>f|i%))c-Cs8GgiPYcCqU@5s+~B+Zj~5i(=$aB6g}`}
zfK)XR5emXlgQ{0WhDS->e*<^VMcg)kDDbc*<>Ez@&;IZh<dt<eJ$j%fH7%e?JU${m
z-X=epn2Z-MOyr28j+1o_|5<!81bDFZ-hyYy9AI16$@8m<_ayALQrJ4ju;^0VuqfS2
zsyYIOuU;Ej3+yQLecArHVLkORE5#ZseK9#El9Zya`1#)p&XK$&^<@a4vp=*}lvAip
zF&gimtdA^GV^T`If^tFMK6@KP-&kO|_R+ayYUamz{IF2z{Xfb44l}sBYsXm2VJDXZ
zWW!#$&?Xxw91&Hf962+xu;5UJnAQ(nFS_Y(-S<WP%)tGTO+L40*qZNY@Y)52=B;=T
z|29W0WqF0m-3nlMMYO=B_4?=aVuL#+2HlIUDjO$%Lqnf<NQCe<6OPe#>u+7?P}F@T
zdt`0XJ3AKtEV)MY0xIbGUF?T_yvgr_R{Ku1%)qA#3PKP}c!|5}Tw^2>Wz&Xu(ySj$
zCoZC*U55-kcJ}K2{EYCFi{rlWQks>$P2t5-Y`1;!x?lkQ6N6q)E23{y_`bb9o<d>`
z^S_Jl+_*wP!;5!WQ`m>`$Z2LZ(+K6GsW<FnmT-1;cXilsgYDJflKASG+YR!mI`WH0
zbpd&q#BX^Qo)1nuM4_5k2Kc?q33sZP@vqZ_Nblvnmb>*!NZ>XK<+QM9IJ(N`=f@_r
zLz-3TM21s)ihp$F!Q%hb0^HBK8_pqd$A0A&Q(CG7k(A4J+S!ASr9xc%53?`|Ty>e}
z7H;2ax_So3hrm?<5e9x65hPbe@h^YeA10tKCdVFOc>L+ho!Cbe-!dN<8Hv;m|K%d3
zH)z?PF1|x~Wq7Yi1NC65u#uHb@U1_`(DNo=F^LI`WgLIeHQoizH#`g^25m2dH}{q4
zNSv)LgKP(K*aV$$GlMk^Ud+9q65GF0QaYsSoI-iz<n_j&w@|AP=reUrWP!B@RB%j2
zmz&>2J@0xmAI)c^6zEyD<T$+B5NmE_)9_(OmYCO#iokPQpo=WNfOh-k@>4%Q0*RHG
z$c)@dY)rZSx#!@fK)P`FUqwMiqNTo=x#@~T;I~*!)*Rln($cb|?>o2N%UodYjti!j
zOu1uk$y0msSAEH`v!MQbaMSxNjws^$rVKPELyPnzPp^uSWRfzc__RzjR*5LhycY<1
z`_M;k$ghnfN(IJmzcstHuk3v}^A-_FAy!+ET)$ra8!aYr^NLbYsimYBetv$A!<tX!
zxwW6|$UXZUI^1i-ZD=gql_2=;_lA<e@!a*nZM;j3{ZE}Qph9U!t!M+V3m}ew$<RR}
z9%2md|Kh(PLhXu|A&q^V_xbwIq2~TR@7F0F96m5?ulAv<H{@<KEKJIrW@c7=)PP~X
zf;VtvKeMTa#Ua7%?J8(EOC8%JOKkaQ6|3d^Ih5(gOW+^xn>Lf{RKL6~<9p7u_)@a3
zTOwI*Wikzl$b;i46G<>J1u4F+k*{a$pKz6<I+LOY6!<pryZ>LIC+}nSNXbPc_daKb
z9L5YQvTj+l{WpA*$rhEUeYI{i6cF2+S4BSlQYU;t@(K6u+8ljyxI(Jdt0~{;I))38
zWKo4@XdC{DBZt6`61oER#<W~f2~AnD2@<bX&A*==o&hOw_wf6lXP20DKi<_#X$>OR
z<%J3zM?q{Ps$=;2+7Ha@Um?nnfT?lyy6HBw0B{w+l|kiTd^M(GbhB9?!N4l~ms5L8
z`^A<u@k*&<bYvMR&r>?X*=F%upOfaQC0Ku8Pg_r`^4%RYYVr*;>b~Y$p{DWfB8Qg`
z>M5OZx!W<yM~b1Tv+4#b2b&D+C4y!<9?Bf<fvKOFMmW759IXz;>)5FzY^XoK{fkuy
z*7;|LGq|tXo9_`&3GH7=J;$RXtd9jwH?82pEwH-|>A*$-Obzjd>J;$5bebyNR=z-x
z@6N!mxRoa_<;BLy*$L2lrJ}ZWOwF#cz6s#vS0#AWuL*u4I`8u>AeMi>lOT@2<QhOd
zHm=y;y1x+CYX_Ri%P>>gSr)GO-nXw&@Xajlqa%KJ$6=Cz6-Rbvn{&f(498A_;Y$4*
zcUlzcy>iSYtq%T8jM<&CQb7*_Fg<jJEq7MO4ldd1^!-UVqIm;sm}wFH=NXn*0r+7u
zBbB@rF1xP+7cXMB+D|o#1;87*=DH!St`|^Eo-c8{-%3Dx<WwdoS$4i3UO&_$OD66u
zUIE_|QrBY!M6RU&o)5RQw3OTqM_g(y2Q-T5#KdS(AWaht;j(S{BRM$~>ibTtw+mC*
z?k>&9Tbt@L3vVjANb$S3u(Q`)DYzSFg=v)C@2_OppQ>>$C_#REzwxa7$0j}FW(VWh
z!azkFW;~Gw2L)L^H-Qhe#k$=PIsxZ!b<3@GBEFxHq1l|ht>EsSBg#i1?Qg80WNvOQ
zcoA@dLjxC|{lN}9T?<>=fL3GR0~g>huIfV0?AGV5M+3k&$GC`2s%dKC6l%RMC@7e`
zzniqMU>ek9nCR{~(eMR5*|+AaZ{vn-gKhOyhX~8hpOxG5xAm=R_tF{_Z~gI8uXRgV
zyghm@!E=&0veP|pMTY-2RcoCM+Y#MonB;7BAk!=-v>pl;E59F9^&<f?7g3{xv!Dg~
zN?!T0vx0op<vmUhqHWV#QYMZUPfxp}dPfI;TU2w29=&S+VpIKcX-<zy_%!5X%Xd%o
zb(3>$RdKvp;&7f>h|Fw1CPyQCZESP}hns%R4Q7bmK*2qp-aEQXkG+(j(#pc(wNm=_
z7!4^z2rnzYHxdTosycg|RA~mt{HgUPG;BJieO|yrQcbv4U;8G1-8`|pF0tIKFnYs$
zs_L_;^}&qD<EaX46on8wF`CEgO-n=LhIyUToRAhIwT^$UP5mAdRoqKU_h(VOe*eO(
z49j^GY?a#aGqyaP>i2Ci9K(kLM{@edxS~^0VJx&B1j+AIJdT^HS%-9dBxv5ePYW{`
zUy^z}sM8SaeI!EOT}{XmJP<A5%0=G!?5&Y>V8KxjfjQcWo5_RqbGpfMk7HvUR<S@$
zhx;=PWMPaqm$~};^%@iPkM4d>&HK?Q!`bgYb-uvsW0^(c)ModZcljRa;qKB9G6)xI
zOx>SgJ27!1brChQTR)0QUZLufuexu}pDLe2wXf@iggJc=k#^W<`dfmZf9!b@51^r&
zTUE_oEaQ*^xXY?j2S)Mq5WE3={jt?}Lj(dN_||PreEOjj12I6LRXRfu;nnEb<=<qC
zYKIIZ3baTM58VJmO)f1ZJ9qA!IZOxOC5p_F4i3D4*$_cY1Oo9;P?!S003da(a&Xgm
z$c_6;oP(tZxd!+rBqkS(Cjc%nDyQZJAb#MdSHF)CZXe1&B9f-~ZOVBOmD;7_H+8z9
zys5j)){$6>AJU0wIeW>=r6YPdLhJpdE%gG+-bUO{7k@mrZv1?EvdK9u{W;(DJC;AS
zgk3gf_YJ35;wQV$W^ao%4y%4lva$$hGHl?r@_zdcB-56MXp@Sn&cFL}rz64b{zA7N
z_PO&3M}4!=q89gPo?=K*R^8JrL9E7;XMCs8Cse3EYv0cr-;A^qi<%eIq=zdqHzISp
zuDgj+XnSWbul|mkk!7ZE$J_rgL(_crwaw|>a+N8q!2Y==euq=6^Csdghtqc7x0_kM
za&1|WGpuOFtyxT8dCh|kjJ+qx!DMJ<dnz|AI$r(foFC!4`Z3r1KW;W;r#Brg%osJ#
zPAH#_8jLlv?9rL5=u+GlBu<N}Ydjh|4VaGTbvecn6IV&1@;>9g0cOViy}{P^qdTu&
zkTQIVa9Nl2_R;!X7-20mcxqI=>3cJbf&C>`t?2%BOUwM^-37<FH4nnJ@E5`rGxl+;
zWvB5?&OMm;DkZL0&LVrIUPKeuy>ob(A{8Kxf@}@UlJ>J_o@F@F&hVWgvw9#c3Mor~
zvXuX7QeedZB47a2VBGU4E4v6-1ppJ_zJVnp7#rX4d}(vom}lhbB}j>dE2Kd>0iqB{
zl2Ffp*fA8a25Q|xN?hPJP~UQk{9%;jM9cQ^d{vafc{=ikJx<xXqe8CvGae(?Q*XEa
z{9U~++mLx-e=b`GRo`GV^+&7MK-gm{Z0l!CV)9BAwmZ~%{XNmSMLxaS)E7j-hvj^8
z%GcDBSI_%Qx};=ft8vGS+v^oWnfEq#XuRmKkq3Q4vX*0aBg)79ny^p*mteu1@^Z4!
z^&fH9FGujqbCE`o&uI0EYu&0}u<@2m$va0lafB5Ud&52@FUIB~1MN>RfhR#WIlPXm
z7Soq0V{fQJxcY6ujY_nVkRbw20@-O(Nov%e^-pPtEr1CSSJ!>*@1Q|v>Oy5)Y^;(v
z8s>1V`}uG<E2_St_haGn-Iu8P1?4FeD)qK2DPHCIbLV*GzHgsbiWdsd8d$QORSl4)
zdq9E$gigf6xO^<FOUuu%;*z;}p6o~@$>XUEsp8s85cFPNm<)!^LKlhs=f`|8*Wp8q
zu6OO}n0_|^;yJW)Casyl$?rm%!MlzCv<ngie>(3^fo{pCa!K@uhUY#b)&VdvpyL=N
z!s;<E`BD>9LTx9%j~GA)1FX@}QB=KXoFWkxFhEL5OOXr}!eo5DVFK$0tO-Qnupm}z
zf>8D5d<;O&1ONa~^fz=+DjX!m;6BsB4A?wC0&wU~O0vSoA^TM;rvJ+QWp<szT-6@-
z$JU^#Lv5`N=D6cL6lbp6dn)2EZJR4?d7qxI?_7))>>U*<*<4j6_0sf#IQ?946Fzvw
zMej(MLgNFbPK~c(H5{IJX>KfvzkYfAe8dQaa-1&jDPJluJrI0<BR*(9;%bs8hEs_&
zo7>^<cUvQ}w?8RJL`hM1v;;^E=-ar;W23|UT8+}_@39l$gs#b8Fbe&a*{a#O;wv4}
z(L7$v%uI^n4a*nu_OA+d4nV*+KDpGbbveuZUkaceC-J27)J~kp0P~?#1uJkk%Ab%D
zA7yS`rqocQd~$P_cEUto-+8-AgpE|xJjm14Gld*HbC_)uQC7jdVagamFQ1j{g76op
z!CyB~6pv*1&@s8qcm$whKNKSMGAvs&|2$Mxos0Q<SrIQn(srZ4uu$vx8&{Yd(@N2U
zq7myd7F+AFk<aDcc_C5^ul4ew*@z$1ytNwlpfLaeKp_|)0`R9fxDgG{Q9YQc<=xp~
znlU$)h>guAv>q(dv%@<5QCh;V_rFB8HIfeluu*qd`F_-LDRSdtr<~*D6zuqNk5)6g
ztx)siX05=nfCQOufoYSVVo>7md3%P@QZn0nmbpjO7%xuZU}7rLnWC~ENzab1;FX+;
z-KDr<{`>Cv{aRgyNGv*jx#<tH#1U3V^)BI+Pl_(eQ~f3RO*5CLmTt-G`e!6_gC`zD
zDR@5lojCPiFqW0`3X#9#ub8Lm8^3g0AFiT(edl)lBDD5v#cz;*_3Jg3`j~eK-sSxp
zmTT?Mt?8LI2K9U+@>Tkr_#l?5k%I^-X;S*AM*Y-l!itX)`1X#Kc_)}0z<r~l0^{PS
zKE(-KsvmVoV=+^rYN(A*q&q3}ZrEIkAZUIyuXah%lvgH{2FGU25#0V@xmtH_(=Oem
zP0{h(iUL$)iV?A>OGaOJjZ-OApwmWuNDPv-GLlf^G3`R1jN|Qk`vY`v0R>g0;7_7=
z3PqYeR}^5dEG;Y$4Q)6Nh5EG$F$r7JWlvM9v~6$D09Yq@)56y5;bBQx8RW|Vc$Z`%
zNlt6h-qDBe()*HgbFaXOig<?LKXG&YIjSqnC!~fV&kKft=53)TZ!k0l8Z^DZ0Rv6?
zm*{8K3_b1xbnZ_D&)L0=OiYM2z;IaDZS)W7Q})EJ05$;I$ogc()1&Mt#rC7bS0|f`
z&whVPZau8E;kn+MV+DR}FDj?8-rDA(Z{ZcellVRM%e5GjC$qUfKRVVuLdDf-PO)`~
z-YYoxv53+~s>LxJwc6%_8h1za%&S-=e*_x381r@M@%#TQ?0d1iaxqT8`+QiATUNVW
z^2d*A_QxFt)+d&{rb-FH`2^O!k4bzoubPRoe||tD#qV~A`Wg^guZM}EPT+`8P*K<P
z|GLd`hu*8Gagj&Ri3(B#>yn9*w?03gvN=ktUADZJotI}8sbG>X_UYqCUwHQ^$*0WZ
z6V>0wJe%KB`lc;^QIU}nB<q_N5#m-P3yw%>7QhJ0e(C%s6cbQcDjjC$Y}+(*MC-)P
zW_&NU=l9p<(6G~UnS7|eg^uP@jwsd5HBA-203=495Z(JYKBW3o75iVmE#+%5*g2Bs
z){Tjf5KjfM3o+7a1(;$uOq2VT5p1kRk5HVbN|El|U}`uWE}W^pI<}8&#{xXwHq8+1
zX+ixScunqK)3g1)aAq1m<QZ|Jir72&>qtw%Dmyc55&v11m66->Ck2(514WAAucXY%
zOV`@E4Z2DWi0J;zc26}_7BL9F+6W_J{WylcdcLMEQJGSRdd%tUsy^*7_R|M+N{K?)
zFoUh?Ig-r*QuvMje~bCmUy>}gcRjduddm3qv0;2?Zp98$fFSqm@N*NUPszl)+XDI;
z_`GM{L<dYrM&Y&vUkpK*=iTdbx6Yj(G!YKw)c+n_=lv-p>45;ab4@)Bsu`IzgBC}A
z!&@%<wX{Zi4b;dzB76g9TLZlaOfnpYhiWc+`RL-5&o*{X{>XBt`B51xeTO2qk-_w4
z8vR-OUI7NZM@%a;I8DI_>v;an-C<92oHCCsu7&hl(#!M3s6eHiFES~G-NM-XP9kO|
zCJ5;QsY~@f<Y#Yhf8o8*hkFGr9GCw!Csk58`J?Ra^iH8<4?2cOl%E999>*2&Pe(%`
z8AF59ZjsnS`MOPSA_r4Hjy(TqcII(8lFUS<DfHLxfiK~5X&FP4^<WW_RxAbHypen{
z^x=qDsA}60v+(fjHF3(Xq*7@@t&WO~X%<z7HFg4zlk2vRt>`rUp3n3@l~a)SrwiI_
zyL{u0>CEHt;uU&S{WI?aWj~N}|N4Y*Ha-q&TZOhAxNV#$O}q62elSkW?AW6#n?k+>
z9dLM|GNneBEBZ{koBy;JL`S$0el?O!f%SP`|B&#p6?>H;-raty!lUA_oW(Vky&J_N
z)@RRGFN-kgaKhn==l^4}T9%1q#0(G3{+1E<{7*ysKsO$ew?7m5&*gZtfcgvsiASfg
zF)>i`yE;|^y1Vb;CwzDB(zCL*pd~-H)a4)1njUlfby}F2y*=sw_*T>S^5ue;)4nL5
zrp!I@F_qwQ(XQ7`hT@8kseVTppI<sT5$0#5P|iQOS>}ZiJuSS6lT7a$UOT6%cwOu&
z>cyD|;lKGt9NMPs^~Uhc<lQof9812hfnh(F9h$-A#+9(WLcI|JFRjN@`A^E)S$*Kx
z)Q>k$+o4XR&ET_?s9Z*Fu1VYHj6@2#3GMsV!_Uu%;$vgSW&?T0rsmV8jvE;ZuV8WJ
zau#SQ;^N`UNSj<gof12}di^0SGI(K{b_Z`aDj#qCy)ty=?N)3^aYA1{EWok=7JUDO
zue9$4beC#|?JIiPd`5q;-b6thg~CkUHn6sm{8eQpB%EGVbpF|-*Tt<_7RCcE^y#Gc
zi8QOkk2|glI*%>bRh&-o*Y&C>uckB4rj)+~Mw-FXUn#7DUKA#a-Or)B4}D~t;Obs(
z-7$-z4C60FMG3`YetgX)hQ0jQB-~4ls~6i<y|$>{g;M_jETn$FmAC2<UaroOQJjDi
z7LJo=fWYO?j9!K$mhAb@%_iNWx$Wq`%KkEHmbEhi=(QudI;qcocBa`m2wnZ-{OW-)
zp+&of5v)Y&vtMK;!!bvKD61c~koOi<|5?jY_O+^PT2sW66=Y}tSfISq7>phB4>_1Q
zw{<A!Fj4IJM-Q|Wsy;LOv12zFo;yA9PH5QQZ{0UItaF>&&$Fe)Pjzzg{xOv6j3BgL
zkiC5soiH|3m%CvX6LVv$c{Ne;E+60{PlIb#;)#NP%25c^?y;z|z{@Y6Gj+C>$CE|l
zj|7zK)O{15D=@$1{ijgr?F|$zEe}45h)MIob#CxG(I_8c`%BS+Xj@2OtHKK|DZN|q
zR5SR-KxDL_(3ObB6mFYAU4G|73U;o~&vz=i8ktRAi&wZWTcYZn(?h?)jwvx&4x$zz
zXO#H`KywP~$@=54#)_W|mn0f<FFuvT@n>XW!Vm0T_o2g$zGo&17=WQ{n6!mGy=jMT
z&vL~Y8To2+@`O-0zb64RlcUF#<4i9Vchlk#QQpsDJK=OMFY4{p&d+-v6OSHh=d`<!
zN9E}~h)pJ&m3j2nNlWV04a910K=OWdqB_cd_PZ1@)tio^#9!Ckx3@-*Vu@hc^K5ui
zMi7S%Q6_DS<ShzK1g1C!Fa*jP0YDtb&L8yfW)oPVXi>A*BKE&y!^O)@Q$Id)r=keK
zUW&;r?ucU_4*O~pxH@*P-&r^He(D5K`2x1pbl)E$s|ZJkpzD*KFHzp0dY4|a@J&YR
z7WsF~-!mN4omfSp;5yo_tG}Cis@!Zi3DzcGxAHC;PJWG~9z1w<lC&$u5aG%0^!4?d
zp&C0^;{o;E>CL}M&u=9-(|$-FpI<8oTDph$z7c)j-X~h*OFyVhsTP!6yYvQ^cY*8Y
z`^w7*)@OuM_u6eLDmwfVzH7mSzKhPP1PodRx!m0LmU!Pf;>`59F5|DhytanU!wS^?
zC|<>EMbcu<^HqB2{U-h3k6wmC3LBfjkz{<C3)=3{WGwtYwet--!-}eM)_%|Pyv2IR
zOXJUO`pNT)*dQS=Fz%{GFot6qr(A^a8CEW4Pa{Y*Bcv;bK^^TeI~gUqba?mlMuo?8
zj_1k2%tx2mrm2*jRSVoVxZ*D_N-@}{CzCT2;zA99g2VMlO)iW}#~l-Xh5&rY1Ahne
zoT0C&6+~dKldWu5?oO&2F-wqB_`w5;OFzA|>y2T1FXQXE6wTv-%NKR~kJ_>`|95vB
zDZ@)0<q1}?WQzd6W>l+&z{h?7D4x26MR~*4usbwNXh&zI4P&KgzwndTJ)ilJ^z}*i
z`R-l69;hMxLWBUxUcmq)i`gGpKa-N0D7?uFiSRHt8){2-j#V_tuSdTsT6tgmL3f9r
zt?R4iX4cOPSkYfz<)4$d_2K#Pr|Ug~dd*vs?ry>fbU_77C&ZATDV&{k-kgxX`|GBX
zvw6&ZJ)OY1`+jq{T<Si<hKPAv`-`EOCqcA!@fxm^A{_LW@qXpmoJpB$@nicF1~i$+
zKehaSkXJsLuvouOB~AR!3s_DbJA^?}B#KH2Lw(b|F6zM?CO6^ORV_H<a2H?RZM};;
z&*{73Fye!^2ov*i96`y-VQ9i_vun#!hmEU7>!0G|L%<_P)epD!Rp;<Z<z>_EK%X^3
zU|#NTg?YaRY!-!5P*5l^Y{L7#KNAdPy^-yPPB*(m2kWk+jx@(1`QBe6&A5Ni3%I+a
z41X_JmX4lEO3l5`$+_h&ad5mm>#`Rq=KKuhMrWBZ1n4yYv6YpTTx_gxk^}>Dvzkr<
zM#-=TdCL~UVbPw0_Qx$!bI+=>cpt-K*aglzu4mDb-nemDoM;pDN?%o;0vQy@2|u8Z
z7b1gnd^l7mV`MZ-O&bMCyOyW0M-E;~2IlyyjR5X=xUwrKdDBdZVCiSL5E@55P3?Fy
zPz<EcJ^M{WDqxJzB8#@}>||rBFY%NV>iqZf&kk=#QN<$Hx{h3{0t!`*>K-wJVvr|M
z?mKK$|G<zNkPkP2S`EV}VhIRcp9;|(69el*vnRif=CAU;kAhM#&AlIdUlf6f%|c8;
z5wyCxN`Qt^ZiJGNqg{#zI;lTF_rVV-9RekZ0<G_w3#v>-_bx%Fv)j)|FtpaRM8puV
z&20lq#TRN@P!AxX9T<)g|HO`mQgQx>5jl)~(}#mXWoxFp3y_@gsG#vHv%OR_K`LSE
z=T+tBAf?25`*!*5{H(0=h=5;5?JXW25&*h)-D~c<@^VYB8{DBlp}<FJkJzVynt|J8
zgh5mgO+<wKACGkIJ5cI?0GxO-(H;?=O)ca}gn}~M_@UR=&9SxP>754%S6YE08VW+F
zh>*{&Ntv;VqhqP((<e{JAk-qJq+A(vabx%gb%9@ALw=$1zd#xICX)nBNS55Y(DT6@
zKNxKft$#dK*FY00iG}abpAxD_lJicnYe&yA%Nyyh9c&iY%}N{yAjKsj@l#m4O%F18
z=eiEXMIzegT|iwCX&if01Y#IaQgs1I<OAs;6k6&bj9-wjg7d~UEK>-;ZNN(Yt6I<t
z_SMM-G!@Di3=5-0{Hy9=HUESxx&!2}{u;RNt^y*CF33qvJ_o8DU!xfQD#P*x9l-M_
zq*&n;eRg^UA_6ELS_uX)<$rkdXm!At-m{h1Q$4em35>7XM<61@{R!GZ&w<;liwgQ8
z)ivv%9cm&XpO7E%m7T4Mhax^jW?%RdpdqDn-&W(lmWuuNVPMQ3k-8n3l-|=(H8X44
z9b{o(;(@}|-Y_dA%1%$8+&&MoQJ|gaQa%>-`E%7>F8%4%14}+iq;X_qWaK)2urP>^
zBEx=pM3nSeDp!M%m-i})=)a0-Mn1*m`HaJF$$G&PiJp*lD+Ai59tQ!`RUi;_tFfUc
zy_nez9srW~U*%kb5!_z4q{S}*SEK=PMPwD`QmiGLZ8zBZy+o>i3d*LbO@jciER?Z>
zbQnK=H=%U)*W`B^^a27SHW%OE@Qn3j{m%;=oAkb51Sa_9ilJTL0_h{^FP;_AHbHSL
z0l^rY|H_n*f(puzxR4IQ5z`MJfkdy6rWg84tibcn8Pp}L2q7j%6>3gFKId|^ZsMm;
zen5VyXe@gD`4X-9;=?&Ma5iCALm`@YG|zZGi6ms$iwLhhghqGoLm*j6V(om$Qfpgd
z^oX8;c0gUCr7U5}m^eac-zuKoZU_!JIOgsnW*`a7Kw#NesZ~@gBmLLc2yHq+O8^3(
zNzeIi^9(QvSzVMXrTa{Kj_xN(zz!s!MVP}cQNVQ&{eNl8luM(^)00~HO=Wvio0%5q
zyJRLV8<ApTS0#Y9Wh!og+!PUCm@|SRudJ-BxY2~5mU!z{^0601A9z_j8MqP4_|L#|
zAiw((AGyb`-ee=xi`idS2<RCZ!Zu4e<;F|@uNFX1GKUt)&AwVh)-`t*v#aRIj{1FR
z390@s<!JmuuYUw{G?ZY^NkY{;;EVBYp<1^Vh<F(Ovf2$?H#|X}g<%LN%PoOAHEv`8
zEJ6n2v@dcO4VDpZKWCqi$NTe89Jxy#%N8gQ?9>1STB(ul|KUJanPl@~p&%`Y7)i<%
zJHy@@D;+l~s8X%h77J=@0;_v^w!1FOx+2tlwx3-szTS7)ocQOFObSs5gN(y_f$uz~
zUlnJJnP(rX3D#xhz8x9S-)&j%_;p~@d5q0mmt`H=sdy*070d8Lr-kC<_oGR_7_kW-
zoV&4Q&DC&WX^M83I$UyH)I~Ilb?tO_>)=<IM$OcLhaPQ`bAcKz3biArKaU?li-kh<
zl$+z7L;294*W&2^`l3*%Lz+kQ@M8`)4zr+RKx2JQ#lI1uP)m13I<GT`!Do}s{<}m~
z-opPbarW;LqP-*kyM&JKzfbU%xBvHvddC*h^C*;OR!v;;3f_$aakvealsYnwU^sYL
z1q7Y~gfHmjQkVKIpciBkhPkj&s6XeeX)mBqC*Kapx&Mt!Cpc09Zm%y8BW{dy4uz^9
z=kQ0N9@M4K!*l#`<AZOIFKoIP_%-C~0uk~k@a1zZ2pJK4)uaC17ykAf^_2}i2VZwk
z2NiDc$m-B*&=K?R_v&Z=J>$P$GfX2wg*gJ7R+A8Jib4thyDjoJY`T1Fypc60_=gMl
z4g|=LszSBfN`<|Spm<(gRW$+<k-!kqR%G>UNP=_*bjq>-qYb?47t?anoYwbZ!E`*<
z)5`-KT*HBjj_!eJ@l%j%=nz1zRq^(4;>5*TJ)@vN1w?h!9z6<yp6!{S2aX0t3=rZp
zBqe<nnLkQMNPuR}okwx}s?fzzLq#Qgy<(Q22`aGN_BS7-D<=*DY0PoHjf{+(oLx*z
zAGC1Q;ab4gn4g_Z0oBSYw4yq2)u9UeS!is4)Vx|jeQO?#=)X}&85kr(6N`+|QSEq8
zJ3X8TanVt4F)d!s&aeFqe6~_Yv<Cdc*8wYhY+p#=JbC&w6AItVDAwS5uYgr{g+^El
zL@86ZgOuz$DuEcb3~lGl9lEZE$lSem4>rC6)Q;vZj6)@4v;%TWY|<6yy+zeWNaxFC
zsN5W_bVvuXb?P_6@5RUqQ&C9**5eBJM={V#i&;5gT(i;t8o%3428c*~1;(!h2!MX5
zy1xkZi;gFUjyIW^Er0l3^1M6lBm%9DM{7N+y>^QeEkKIuLn?HaT6&E`)8l>I>}?M0
z^b=8LWDJwRhZDRmis~(fg-gI!Mq12gL4WSn=XYA*KihKWgCP)K1{rE~H=tfV(bP-_
z52x~Q_fG(@X4Aol)&Oly(0w=Oy^K-$LTtlx6<gapg@+Fv!E!y(&|rsC;^y9`FJCfQ
z5<S!;0|^{k_h7N3Hof{c5*itmXraYsG&0*zsHzT<V*t2YZa16rmAS7CqTzcLQ`2u?
z!5nv%R5hm<#yfy18JU<kW!U9t;#G=qI6ZbnL<a?dHWx}QG`O(`6~h3|BtgsD%ueL<
zJy0ji2VQ087hc)AQ%wF7pjmdOAp7A@D;37w)YLQ<<L<n|zOq+4yUXDZD-~G+Knu_u
z7#Qf9H^uf%?$oCibf|&ZgC5|2F_<U7CUGaF&$Q^G7I-NIKZ6D8<Ww4qUOxupbg+7(
zmV=g-7M9v~bq8Ch#ulkgj)k7)7;xd1N{96N)RjdBRt{lU(9(&!X7k78s+aTcPL~r;
z<$<#e5>V>-9%9JEYz%()0$0zn+{<}ML09@@5`<~lN<5F8)+TG7!ILfhK5gu(0%{+u
z7!bQE@i_Racjn=e0KB<&!@`~AxUm{{=k&#KxRcww`wdFUoqly?3qUUvl$D2+y${tF
zOFw)df!|iP8qDbh*Of{B5F!PbWZGpAJF>=v@gl<*e|I>sU4hvx1WN3P^*v8$;@dSq
ziR~*6_+h7hwYw+Cn^k!n6!FeeT^IrivLkGS`T2Rw=&>dG5Gd2e#Umhr-=DvCjgm48
zX!Yr%MJB=Tf`j9`qoSf7et`PWxNfkGiXhmi4%?$Hlo)R6vuNMHfkQyG^s#DU%L+UX
zjQj1E=tzms)W5Y$cP80cSY#nKr4(|qPV~M82{}etz^WNPw)QVhl{zdc`3DAafFIRe
zmtC27JjZefEbtsneb0e|xRmSA!CYX`0Y><DZ%-5G>2;xm|98U^)rYEedo<-Xc<`VD
zgM%wTHa{tHoQMBq<>p3qni|>7pzf+H=z!8FsGO#QFl+C@I8X<mcKMbk$YsO;?H_c4
zQo&mg0d|-*HL}usl3%MmbY+CA#tS+s0GGV$rlC{ygey=rWl~hbg#QL1(!$U+7=5sq
zI0QuXiFNdtn~t`27EBNG0P2aF+E*Z3eo_3U)ENa_7?FdykCY;AB~ZbijF`wsO+8i6
zv`?SBEe{t5&DF<s-Ic&Rs5w1E3wob^->!rTTV$ObHhUk-f~LG2GT-@Lm~1a<08mk=
z?!ND^#4-pVD*O$;e;#P!gSleAeH#`@Un0z(AjV6+f1~E7O{|1Q_7fn9TSjWE_Z-_B
z8>gP0Or7a&ZEaP#VX~N7VcW)puhmR#Re&W=OG}FZ{zU%dWnoDRi%jt6goJH65CX8<
zR?{`aBExICh=XGV@et^S#UXEDpuhjszE|@saCurSOD%yE;rT*#%6&dkQ(Jg<d)wjO
zBWe(I$a??&y(l$AO0Y>BtWMT@G^qK2o_(@gUKcrGI|K@KWYpBTKzy(SXZ#Q-)UIQD
zLMnB81TY7%t21HEsk=%*S{K=Qh?<5uY*S!NXlH*@F@wblgweceXrF>^i+iY~r19iQ
zWbOXUW#oN+NFCC1e+2x1m^%h<fLYL!xnbOe9G07}bTiWsJqfV&h(UD23}~A0eAxjq
zq6KjBV}xCcz={cB;``NV8sR+xSura++v;xSs*`)RElgi>g6HlCdAC5>r-`iGJ)wRW
zCIkV2jDhKv=H@C;kR5myF0cR+!k>Zp%5*nZVS9U9T~02D$#MUBc~@Okl_1R7?u;(-
zQXZUDm3nPttP>CtM)kicfXe1i@LJ%sBfEMv1=vn#V6RZuPHi2)q&9NKN`!j8ajLFS
zkN*W<8e<)!R(OuP?w5wBwPH3Nt*w0D+TQM)Iy;%-5Ej;{cHYo{y6|+dl>3WN-fpwy
zUOY0M(v7ThpRr}j6Fpe0K!Py`VbjqX_woSz>tET_zsY?7XH!S*;T2=s5z?2(uMhY4
zU%8V>JI6?@&0lLca&+#xLM`~XTkPyRIF}{fXI>`|QEmMGj?NV@E7XFTuLY0qZWzm4
zok}$z%`NpVf|G@MAX}yVu;%Ras0v7!ccDjb4REhNq!tzN_y+_yRTVP9UM4TM#*_ch
zYOMC+#f$9v$uWDypmk$BSaj{iJdVpEn>4!d4zPONrv0yx($M4qe1M!LoEo`~GIkxv
zzA=07s-p$#%d8CBZL?Sh_ZuPq{4CE*j?%~ASpbrhU%g)S5NMBrFXw{DZ|mhiw5nU{
zQQ3zf#kg<082hFIwgSj2h*z@M>kxl1&`_wBQM^$+w)XD*dpO|3FK<xhA<jrp5H6UU
zNvB#V85zMF65hwNv=|Ua5>)0yw|RsF1;K@$mp8|K{>&WQ#2_Cd;vMl}VG8~Ib5!vo
zkh?6>&P9%nu(P9o3*cFmT3vHf6B{?TDp<Nh5Pl*hB1!^Mi2QFjK!tRh)&JWK;HR;P
zis}KkvfOhmh?o%sH5ue7MLjB*EI`K=>}w7f1!%6Gr{rlSA@K&d>eXWAE+wG29YQ0b
z4T29fYgVARZVv_*&ORl1dHF8ypG<6Eo<Y@Mt=~D6@~#4?l<CrB4_FQWCEKJ>i<E>s
zS(-5SgRAkIZMWaY?k1r(QaHcd<`5EkMjk8;0TZ(s_{*pV`Dld`QDD^P>Q-wY2V=Qi
zA_&hTvlK7nyaH;0@p^1hCzC?sWo)0q!;`=gI$L@tjaUydh6(?ksRX}C;RA?hX6M(P
zR;f=dN4HQ!gZ3{O8QDOlz_shw+2rwXaeJV5fwm3@7nf7sWMw=|9W*W+KlShA>n6mz
z6x>r(;)r)8*c>Cc-GX(p|7Ee{=C;YxT#c6j$UEM7o7cYqw(vLY=_bwzU{L)aK=}%$
z*>it7a1^+kQGZ`&Ot}Y+-SdaVkG%fj;bHQLU(d?lf+xK;Ri_Vf*_L~5+nxb7y7wvY
z-@SdS3Zf4T4BFR*C@4l_9M(FcypPJg(VJC9U8T;tYUK;#xd-CyeS?nshdr^6Qj7w(
zTdpG;p@+pbH%&0hH}zZ7jm|S!H_a8+O!rdK(S@={^zt#>Mgib?YFjT>mO2bS3p4A8
zP6oC)P1yAWPHyhPrZ{x=0rTC?N>C_x<z`JikK@S1ck9Q2_WvHze*xpJKd2hI0b~Jc
zU7>{RL~yqeLjZEuFB6ytuZaPXPgP3F4>b4ZSDpm~L(6CdIGSU4OcWBkD&;>ivk41-
zS8u1z)yOWUpBv^H90^cykl)@ID2n9>2K*#4CWbwGV06A4v7$cDDvP|zwR3f|Y%+Xn
z7YAYd3i9&3V6Mnu#z4zU_({iBUtjZoXMYZK=Gj<z<{u0ExmxJMoDG<aUZP#-$9CwC
zvVkwV0X3Ye(5oUiKxO;Ea^A~1e1AV_eun@M1+G4EMdt9&pNuJxbaJZ+<)I9L{b*h6
zbwBo>e*|k)$a-HZS7Q;~^Ron0BfXt4bb_G244OTuP&1mDlcNZ$k~8$wNilp~m;ev&
z_nV8C`GB1oLM8Bfpd9Z$lmOECHb5P$SiFe41_pzv;hBQC0f^q9ne`RU@upwDocKe*
z#)#~VJA8=w>+7{se0Edp%!g(wG11#cCM5Ben70_Un41>p^r->}2Ts2G@dz?*Y%bZ8
z^~J?>uytmf1AT&R=6vj|ta5<VuMKX%v2oaG=amAg*hmlr6ZIR&R`l}Pl`qo}O#l&4
z#A@s89DwkX&+uoE*J=K20zOc_imKg+;_d&`pQ9G@(gCDQ6^uie*ln0=&}!<1&|oAu
z=pMDOiwZDrYD5>|9p^)@4X6Fl^#vTqC$?RSZS5n>^4dU57LY^+>DKWC<Gw8j5UB##
zpj^F=adA0-S<{5IKC3uUpbrEia&UOqHZ-IOZV>EC&d(7Ohv?k)j+iq+5DNjJrOty3
zB{$*Y@b91;`*&+AqSF-JkNA}kaPfH_zUqwTmIPP9W={x~SAy4}#iCQ;O)(FNtLdF9
z#qNB~A)f_oOG2q9^C3(zF*8Gh0){HMe2Jbc$N)E-tWIo;N2+wnh4LKJkeLSoz0XYG
zgOnUlYFsLv<L2<Ef`9;&+tc2?!=n~)d%OrMZpS_F%8hT}=_1<z-09hU!B+~(i{qdX
zOG-}eH1@wEi&?(wIH{-L^h?T<$a^-e9#01%?=}7WX+GZ;N%ahIIg?~{RO{~RbH3t$
zdo9>Mq7QuY<~(u}M@Pphm#wdDZEcU$)l;BwDXXwh72d(==_v?8e+Cl=q2m0;Mn0VA
z4s8@w^AMW}zFG>;)2qpXpc5RYGNDD_p7VkFF0@552mgbT*HkeuF+L$75Aa|4M_@+m
z5=aIUv)F9}o%oeq1;)(rk^Q%H_vC4v(5YE9oS49t47P%r0OQQbA4ahf1ovVefky}D
z4B|9FNF6@}GQG&b1@j1gXCV)6%@5P!%!&#vI2LT2yP)_TS>cvl7)>t~vj{+m;E`|d
zXr4?CTGGQ4ch1I2*c6Vf@lfFB(O_eTuXhM!4`hM#gy6O>xkyQtY;)%xvz2^AnQ`r{
zObh*WNauiXwXQHbTn9Dz?e@xEna1Tpg$x@RO~RzxJwy`T=#@B-PE&aF$nl=v=d@gh
z*nn`RFS5)_&E3N3;RU#0xpVbuv_YFQkA@t%$nCys826Vii(p^HU!iX{Dp`npL|-4D
zmYyzjA<amJd1=cm0bLH317ufnkOLQH1SD*vjga%nM^>xO%QLo4_Mu*-C;sFj$gIG-
z0gkvD9QfIReKzZ#Y5Skf{d=vOe4%I8l|QQ-*^ZGy@TCa}<7(Ne22WTHtoQC|z^O^&
z{q8ZaH$dBmL0-GsDfcs%ZWh2Ou+u7CjN@m!4#eZ7yAZ(Uk8Z}Eh^F1Z(b_$Ki2J~4
zd<uxL<5A<ZD9rdy_0&n1(VnVc3^?i#?Z8rT=oU#o+Njfq@XBEfJA!de@dK||3w3$0
zqs)`EN6&clH5}7IjL^vJ6H3=?=(?$Gl#h^Bl?GvcKDlDf{wJHmrfs6~iOEgr55mAc
z$o&@XJ7TQ?Zw<t=G7xYA9-I;sz%I*-XhX#`u#TAS&f{<@KU<t3#^}H;nh6%cclyt9
zs&7=;a1Wf!+8eXR<J2kuYOD#R*ct(+*NZ0`?<u$(tcdH3nh7)sGoOL99Q@ARMROt~
zkW!G73l9qmYv&0PzAKhd{NJ%BOo*v<Ubd*2%3_10S1zm^x6UkVzRau=i?P6sjGR<C
zNJee!wuLTm=#R&zh?hWn7Fej5XAUhl{`v|A$04p<y#tIWJ)!?7H#8O6^jVlR{<J7|
zv-5jV*;9afGi{tv{sOa9hh-^H=$`?du)qtN5@mn?{=K`d&#;j7?%jbABJIy*T~;?F
zJ{Z${Num|oj+6MoU|gzQ3jS(nE)t`RlfpPx<ZCt@&{xUZ_2ktQ<MzmlE<9=Jd@&2k
z#uYA1CymzktU%O38**`wWFe!Z98I5E41q}}b}K%Z*D8vRjJzrT-&(Q_aGP>>ET6O+
zAbpt{=DxBlXP!9QUBYr{8$9C|PYb6;6qCs~G+1xmlm>jwa}xLEl7&~#L2=sQnD<HR
z!SM4ttgQTxQ&^M+#;a+=dxtGm6PcDVVyD^Igdx9w4=9&b?XJD98QofTKPl2?16RNm
zvLRz2>_DGApzz-kl*!nu(R4<iXuxiv2A|c*MFfCN5Q-m!wQz)SIh^bwq!e)bE)$l>
zP+g-c%~IQ!Jgy6#RDa2cbE#V{#3Da%XrPGJTiG^Q^JZtA=0XMc=!b(Ma0kFa{BL$q
z_odZwY1-k%tc{lDQi`7p5LIDVn@udxZsYc}Jh!wzl6+*6FHHHh+<8_mAH@|H$wb|C
zq%H7FtmnHst;Tw2H|9@@Sg$5+4O)k-e|R{9I<Y4G%?1Gn(=7@3RN4Nj9pS3#WZt*F
zA0O1#2X@1X`K;C_6qIU|Bg=x3$7dH)&+$njN*ga%v`=YvM$=FUNWyk;TEMrr7J+F+
zRV0?}rJ`)xtnZ;|Pp4^L0dVRG!r;jEO+B^35&(fcp&Jt1j8}K|dAl)fBpo;I=Vh0D
zQ-B6f>@8yBI|qf2IKtjDe`I1id!Ddx>$`sPG-ut$&+@6IYP*+roqoUSe7b*uj7DhY
zyT()dr$S=x`VGME&@EECI7R(|>AE8J$XduDpL?-&6qn`G(c7fFJmQIVt`G0q>Y#T$
z`CkS=NfZ(c!5$-ia0MB#Z9t^NCI$3<a0;$pIu$fL)ez|<Txp5$tadb>vR$0rFT8r!
zbf$zn|4Ra2erMl#1*Q0KCS(u?2RP<4B~RNrN7&^B9jYEURqOIDa`gifY91{lXQp&b
z?gKlQ{_iFSlNfH6Cyifa%@^W<7wD3xfTwJ}<Ci&6d+k4Wvc9I5^o=ZZoqYB5YD;qY
zw(ls9=?veaijmFCyb_CzUFA}fZEwr@tI9(9S1D;m7Tog(2ilDPMu0oS#CC^&?#QZC
zGbZ7(r5hJNQ-^Eru0ko(vWl%zaKPgyX}R}p-~QXus2A#d{ys`e!N*BuegU#&Eq@Ei
zuVvAl732+i(w0n2${U}adu<6Bp3-c`zuSZ=kDizmTRjS4kiC%cE$fFXG(WPKADFw|
z8YAkSu<a^#HhH<=zmNnqPWXu4<tBKmRvfC}L`K4<$Yc{UcO9+LI~XqmaXgJF>W)aJ
zfybIFJFOlU0|VN{{_JL_%KQu&Y)!!_J!%gl6*K)1N<Fgi-8A$DBfyjw+{@aVjep<&
zOtn~A5F~enhB9sDjgbPy{ikN#q}faR<yB_OVRN)Z{Z@MmE!Y2dR>K)|Q=ac%5K=E~
zj@Mw7_U)Tx-?vB5BXE7!Y{$e)<(UFrSa#|rL~-GXbzfyee~(v3y;`Zc`fW0~=(oC{
z{Z2U7rznfR9ZXNlyz>GM-TY+<ddK}Ame_S`j-D=)-(>ENDy>k#zHV}d!g1=|UDyuf
zo;&4Y?Nee8-nO#6qvH8Kv=R2dmrWZ0KF3I`7`KykANOGQ@u)~}i7z0k=-XnyeZxdY
z))<R%ilV%#RX-p*<XTwjhRt||D#&C(Z!29}0*tJeig&fsTGndFmA{0zYOYV;7EQXy
zv+Z&A^$RUj7z+=6U_iVlwZ2Sn;E`j>vwZ^XDKF?<_SpL<U#!&CrZo$s?o18E!de_&
zrB5!(9mcLY9j)nOh0P3q21^|I`SZ8_{>O`1iI4#!U$mk=5KovS%BoRI89Lj%eYm+c
z<ha{m;aO}J_+BPO=4Y7wNHlD9dIRFFIQsuAIGy}LMQ;^)9Y^~Ze|^R_;McDJQOfwe
z&80P?Yu$+h`uZnzF~yrW>>`e8^Mi&VL9{7H(A+sJKff!1Z4fL_b_{#$H<q*vm`}>N
z#r#NR;oL@7eGW4;PK@(LW81`5C5^`p3m!h+V5stx`oR~&i&*}w^R*^j19DTV6UmK7
zPT6^7G7*vi7N<22$wV0R?yuOHH>Ynb!z#NwIHj`Fg2n0fCy-Og>x~uUV{)|$CE)#j
zsI?<-EP0tBw(WbU{#>PC{pn%!?)tvsMjhszL?eS^_wQy>ZkLRQ&Hs58K4th}Z=cM>
zv)Sk!?bg%GuZ=Q8FV{-VF|n@SIhD>F0vOSn!y|7E>mU5O)!Hm0H!zz<%9*K4eoo#8
zg|Pj5dZtY|y<8%HFa*5P>b`c3W+>sdn1=t_*Ymy-ubRjGV}w(VdYRVSQZzw%<&j7(
zkf*KMs2%w1N3G*UzvRzOtw+JZP)0bVp=%Se?)4&a#nS4rK{e~g%;nD^|NmCffcXF0
z>h-}PH+nMP9K**b-~M~BwOdT3x^7?Y!>d<QH1Yg@L%^w2AQV1K<<jR*zu;b8Jy(aL
zZIxZwGuZ~ZseERV=DWwzdVNGMDR}K;etT_koXm_&nPaNz`l8?V=>RxBwTR!D@c*mo
z%HyG0-}v0z6p{Kx=w4LDI+nUBWZ$yy%M=E2yS74hvULl^6-_9z(_k#)+GUw`u8_eH
zGF;2pm!f2y-*c#bpWpm7bLPD7dEe(f=UKkb_dG9I2lQ!cOG_sNh&Uw)M6F8sZVdo%
zJ&>kCl{GdgEv_w2&uk=(B%FF8b*T_6jxL@}7-Dm4GCYtkUI?D``=SV0l$i$sj2t+r
zBxIDA+Be*J&$wF0jhs<4IKLk9)`m6q*PIF0*~C*}F%p9+=6-%x25)_K;BPc*IT1Fe
z8ON`p_0rMN?{|g=t|`zCUbVGwtuJ=1Sm=VGa?1MWK*%#Z)7brh?h0zV9QQOUcCr;-
zxh6(w#do$TnETExDJOAen0UE7LQlWAR1~EZ*NGQUma?~3(Z%EZ!LEo)E0vgz3C}hg
zt6*{|0NxMt-D}Kay0o060Y#mbh?~ca6VEX0QpVo6=+oaKVbg2J6FayKPgavs8FrZe
z{cMP0%R77Hts(MM+w>lQJlfOhO>*BDB$5`7r_19yM;pVof3o&scu!9D!2H2AaGhG>
zG0eE1hlua#0A{{-IWCU9d~lxF5MpXst)Cj?97C53E3;oDlLNKPMNgqE@Z*aD$90J$
za`saUHnnu<!<&iOF$@{Suv%nik55EX?Fy68e68&iuyN^qMdH`=cvLP`OiFiUe<1nI
zyfR(;x;}HSF2KDP7vSFY*Y7ydnwcyi?R{UaVokgXj!Iq1mU}@`Y=tNntqVH^^p5V?
zO}LJzvyA1tZ1$vdGz&X*mu41K$+~Z45v*0@(8bgn8ZS<!kxBJtf{;!bBI_{Un)`AA
zrcbr7gy%v!*d?iHdo+AyZNu}e!zsi%T5opd{<apV^~>vj>K6#Sj0ghr{oH<^-0i5+
zUTRfv`bYXJ*az250z^|hT`?(7+F08t4oktHP^@jbnrar%jax4+_RMUl)>9J?Y7>c^
zc%|7nHStj%5EmuGzM4vgI6P_9GeY#udhlSg$1vxy{rT~_hDA3KFT0^v(WV6)Tnt7Z
zaK!T;=VkFdlg;k}#wQrd4Ktp$57E4A%zGnmyUvYk3Q5;$3p@2O2CUvo5i6(imh=9`
zoK0$7+th#+J${Q)@Rf4p%wk6LctFM9Gpu#;nHcGOS9>pr7N7_T?%Yn)Rm#OLugNkd
zTob(AYfYxptIO%X`ZcX=so#&(w{oiu8ee@EeY>@<xn?L>`SJ&}&|i;>^#+9|1Zeq8
z_2jN87V{zDsN9;sYv!U7j%9ypy!6`~^yK7I&~r9QPdqQ@AR%$m>{j%J!rGBX!0qep
zmw7FIe!B#8pCA`^dMBccBRLdv?zCjH?q^G;xBxcXh0XlE5GJz_HgcH#)AGYi`&p`v
zS9-Nkg&W3Y;OaSr<!Fd%5&>tmOyaWM93h7NGFt){J{#JLbE}jk)-KgH^;h7)sYnf)
z{8K9Q9;h)2)6pbO{(y6l%IyQi2PUix)0MEYrS@?A#ueF?E2|rJ^ta*|F+94&o}7{8
z3R=V=LIG<<1jAV!=<!J23Or&6jL(-j*M}GghdRM-89t+L3=;ks&pk5CXW@0R_7exa
zknq$D6xsv-*)?L!+x124c2;3P8|BembFL7d!*}0hsfGGfNR3w+p2(%-0p!|+%$}qi
zjJ+E`5IrS&(Vur9r17~!Pbj7rtclGEWq4a6oPiP&&KLD=@ru-Dqx5%m4^(~D7^?L*
zynOhU-{L1KI82>$L9v$RmWA=dTd{Ng^`KKsT0`|W);uUji>Nb-K?ZL1yuL;MPj_gI
ziLI2lmahI-Qe{s1`Sa|K%B{kR#V&U;!#Rm_+?}3&z{1A-Nm_{jamDv0Wco)h#P{K1
z1@I6f6g~Lt=%_vItJZ{`elqOQV|;GYlh;sqsBTGFNce1M7?{hXOtFR48^u2YzXJ2{
zos2#+v-|bz;@6Rq8IR>fEPak{tNL(DQJR$OT{rS=5+5nr_l~Ob4#;c6{#6F6B?jFz
zX%)&o#uo8~V3f<k=)MW3Pp&l?9PIHu;66=dUCBQ<F%Qvw8J;d}wK>JIb$xcLbu3jK
zq**DKypUq=>Ag+s3owaorqJa|LN;CZGDk!HeD>MGd<-jVGTJaDD4)>QQ1RMXn~k4v
z#XXERqX34@Y|*~7=dqe)``+l=)7jdYbJN$dIpnNZ{HppB05OC7tUK&m2H3*-NC~5-
zR!qkBX?j~<GgkOPe5t+XfZ3P+8=ljnYZZtp9jXnpR8S7JkMplTs!~g&{u8W`+eWO!
znK?N%F5s%Ie^OJEG_tDq&9>!wDD7hLi@wYTzA8@#!kXls6=%%?*n<KU0d+ehXV$9?
z((dQ6bT1}^t0uI*)kEuU-&DiriG;6(6!pa)lQGR5xDz;CkdYbO{OhFA0Z+iMvP-`X
zhF>XoN>pDZUCjL?BSa)$$NkMRW~(Hz!c;^RkA0m3@SjJC;`K9Pwka|e!zLu6-eYk4
z&ZmUyz&j+CD|Z4d2c(F_D~SZ!Y3(s#5j{NXGTHKZKy>BQP3^SBfV5%}UFD`Gw*pz0
zi@sN57t4}4r^m=!mtN*va8Xk!^%6u_J1EtF9=k$Hrc7AwiI+}@HuCMn3+7S^4u5pA
zRXP(tPBqMatskDpm)VdX&-lW<w(n=R-Uh9Xlf1Nch&G{8q0%-Rmd=J##1drfgDGo)
zOP!+asWmzer86F&_ny`7=U`(o)d+1Y#ce4Y3|%j`({B1YLIS7QmV*?er%Zt2;t>d+
z2!$Hr;^8d5k*rK;R8a2T@NCTKEYlgPSUIi5#y>NY9fT%%u(I<WEdhUUe&+JCmv!RK
zq7vSB=(I*nX5MiDo;=ZI9Yps=pNUMv6_$E8RTGG2Fn>uS4)=`O;pFwG;CAxrWvzpJ
zG->u-P7`V+>hzKPpdm4b(yr^&{i<E7@=($VfgVGbdc(zKCzqACI#3K%M5}^*7Yo)*
zV~Zjrtd!k35p$RC$q{X`soM5szWy2;0DMyAt|hZYRWtN9zJ4XbvTBLkBQ|B*;Vo=%
zPat@v*2xHk1`C*VpQ}RT)PD$)9y06*sDko3ovN-XBA?0&2n_bge7RA`hGC{`)PT?M
zC+e}oD%Nn18gKY}b|)&(T^5EoDmT{e-mMV2k?VhL%j9z(Nf!_0lZjn9N6K+co%v4f
z?Q0)+MTZ*dn0NY?B+-<aSE{#Ld97EA!snNQ9lQz_>_3j3BUSm8(*VA)o^WO7<M$b~
zU}Ws@xB!CT#zaPVAk56=SH)w|tFzM5jRkP?#cEF|0|wd=l>nI5AAbmc8@&v~j~?Dy
z9SI`GckU>ZB9q~XtbHHEoLl%35H1-Cm62;{E-Ea10so$r$rmr^+(O|2_?sZTJ;{gV
zC>m~jxK{qjyIR++mBafg3CWI*@E5FJFS0VsJ}h`a2Tx2v+fBazcMG34@fHgR5Y08~
z8^;V4$UGCeNF53$Tbd(SF+T5_z`=&3gET3|lCo}BdH{a03(IWXacGBJ7BQJcTeTZ1
zS+zME2{0y--<{EWjODIiYUgGw-)q&2;e<n6n2TaP519eJ*=^*UO<OfmDqLkpQ2*ie
zJV=v3JrcASKqImI)<VlIw`shR>xK|hPfKrfl<XKPs8mvp&lLc06eB38fj<*Azz4Qa
zoIAcCK(0C#ft0UuBlA>b0<>$YB$(VzNI-vsT)|~l5|Ff&0(l`-d0qC`Ju6{MN$K0<
z1IWf5PrLzZF!1GHg^qbg;Iuj#AyFPb;9T`9c{I-&G4xr(M99oe(CMwfYjH`K3O{}N
zbWB_v5F`GBk+%hO&TUsivc}#)6eQxA!XoGw3u!@*_awc)jqJ$hCg)ig*-OHq2-?_J
zZCOFVmt)5?z)ewze{5`IM6caR3N7t{<qxB~%4>`x<U3SE0PyE(BSgk`Nq_)8#}N*V
zoLoqg(G1(+&;_cbsz)5CbNVJ;)TvXQoO?b*)c<I}v=5Ln!`k0=d4?zyPayCJJzjBr
zzrwR;z}54T*-H7|BbzO7{A8(p|2yFVoZu9C|N9B5$dDRoZM(EXxVu!%_b;IufBc^%
z4@25F?eTp`5jGUgJ&Fcc@2D0IBxQ)IjD|VfJpbT(hgpJfMGmUzj|PL;Vm}Ag+W15f
zF;{oxfbxiiHhWVi*>t}>R$eyHNc!IvUi>#nj8wzK>|VK5b+PSS#h2A^M;`z$v1Muo
q5hi@H7%-NdZ#)qQpAz}7sWJrabXp0$QR~q{e(P!(X_l%x{P|xG)C>#&

literal 56752
zcmeFZcT|(<*Df4;MXaC*sAE7nN|lZ<fT8zZRHQfQy^M^a0wSSF?<KS-5Rfi9NC_Q6
z=%{o;kuLr0N9VWJ`Qxnbec$i=d$Ptgpm~z#x$j-BeeG-CFIAQ0s7}(IM4?brnEQXK
zqfkfUQK*9&$B)9_*q?6{hyNXRmcnQrhnLUs$1mXbD=sp+E*cKzF76MV%up8g4t8do
z&ZbUgX7<jO4lav_YLSbWkvB;@nLTu|a<IRyX=P`Iva_1Ge*5lqdk44cJhypxuiq9D
z=HU^(&71pS)eD8Xj>7zTPtzk|ZrIaM>&V{z(uSGIVaG!kFDbEZ7&+2*%Nq1Zbq_HU
z;ubT~=Y`C+c_v#TkF4Zb@etLE)ti|b)GxYsDh{bV2@O7;Hn%;ow|9LZz~IvnE+S>q
zW2nKX%}HYFyYz&w#FX>trluzI18|SX>%kEb1KQs|qEI=T$K(I=585|vku^YGx}oo`
z{Qe2`fd7;Ezdr_${_8g%Lq0pl@WzcBrCbLHFX|q=b3Fl<OO|J3W?GF@d6se=$|3!_
z9|PJ0s2tG)2M)j+kuS)7_V(>%gBVngbx7y$FO)2pn3=JnoDUEVyhDdlm1{{7GjN`4
zdGGq`-c&QCq@}NLAJ;r5{6Bnzl-IW}pZ@n-Q9Y0TZiUZ&+iDKq{p)3Y=YRCX@aCMG
zr;i2}DEz*haQPuGs^^?}aept<ufGY<5BWc@CcUlEuQ#MTdTe3Ae)FcZkdP1?3(K3j
z2X7)GB8G;B#%E?&MMSnjVf`j<z~=O@eSS{Wy}2?qF*cUYAmVl(d;a`+KFf~ln6By0
z^tFY`MeV#T6pDqrxIceos-3br(_P^*gH>dXK(k6nm@r3Rjt1U){rYwEoBq~Tr2>6|
zIx(7aVq(IK*mVFU$@ypBX_V{Vbq{h%eA{Dr<@R?M{h2UsZf*mmcJV$wK5X;5)=xit
zxcltcGn`x)Bi-F6DFwvx!tQJpn}1%M!)DwIJZiP{y<VX3IO<8BlarInc;mT5VOM$h
zT8s81Ef<%P?_*<82?_b1K7CTBRF;=FH8jX^>X)cawI#aF_1!72tjvSYU0zu!?o>me
z0tTMLvdtbZ?l)xJZf$Jrm~4&bY(I7C6v1s?Uu<hSJ!;u+;u|c)?)HWPmY#tjZ(OW)
zbMmV1YNwpnc(|PWvsRnl{P3p7-}%hJ{$%9j*xA_RuUxq@@ZL1&%r$Wzr4K%9wY;$A
z!tM(RZHXe;u%eA*vX1Zex|X?lmZ+#G--C}R;lu-|--fT<|L$R+le4p#g+=za&q0*z
zWWTOiQeK``pY83-uvL1Qi<_URB@8!Q-Q73X3epR2$G7stDmp#+S}TCE#^>jAJPQg!
zw)xw)Z^BQ$2DF$LgV{`I@9b<Wa2r?U@Z0p}sHMwRY%f$sB_$OW8dc`Pt(1x@qEM=V
zo!UoG@0#QIZP1u%?~UHR_ohsjTn+30`Ny!>-qtq%;K73z&z?;=a*AepD%rm`l2xOp
zz(CNI(yQdZNi>Ok^G4M={^Li<BZm*O+`X$y%VpRRp(2hG_ub0T$X53HQFn}!fhZX9
z=FJ1oQHvzcte&Efkkg!oA5?G3hNxyMC-&e?BwF9zkq!?JC(qqtW|nOi+emnRh9Oru
zQP`^S%?+<vT(--?kPuNA9RK9;;~ik5OqgW9Egam~YMaR7eYUuM`m<-B40qCXc6NGg
z&1CaG`6@|p7&R92UhnC_X~3oq*!0eKXNSQRe0BqTu*#HB!4cJ3zulhqrgBG)9kW>+
zsjl5Fk0kdN81VaUxvVXYnk0(2_r5rHv*bbD!OZMz1;o^kQqg4u1fX0OM~pl@Ju^#3
z2{thkQ%hSEyn(R_2GhB-xx#PTciVNk<6gDbTGv>ZMB()GwEAE>L>GugvmL2{JiNU8
z&XbC+GhH&*{C6BP8F*2B`s(Uf_~LBmsWz+5G?`bgUSYvc6B84)He$F<dW+167a17~
z1CLQ#gE^OqYa*L=PT&x#dH#ESaJ1?=IA?FbfkPaLm3cb&8gpMA9UbBrn6Ax0iIqGC
zqqe)X78M(dgYQ#=Ezz>KU*I1^Gcj2$k2fL40{#~n6O)~j!=e-~pma+mi9=@>Y&q`s
z!>8gqKco}Ief5tVIf8h5sl#X?t45Y3DOW4nH9b9@-*3mmcYk+7UQtoAJ4?xR>AOsU
zL7B4Ymypg_UJEp4ZI+}l_9c{a@KSr@>W?2EtT?X<+G{>}@~*egC@+|nyV+KNos(0^
zdws66TScNE#>8*4BH2t|KhC^0F4K${%?cI`3oY#P^Btq-_&FvfrYMSYd8}5R_DrYT
zHPUMak;wS?yf2|wk#MA6Vj0e?oRG7#<I_JlXfyP|5&KGfY<{pTW<buv<HN+#A!^a<
zm<p$fS6^N;<kbh$vU71M!|g`*+xBKD#q+_lFo^r~6@|vf$7iGkn^bR%cn^GVOowp8
zwxfF>rQ*K4ygGc4a*`;HNg<krle0im&{<|EEiJ9YX+j>%rLf0?1A<G@b%>{tgWyn_
zy1FbPA|j!e??|<^wb2RKzC~Nj4-m*LFH6hH%0$Is@geeLgD+V@w2VGQN)+?fe)#Yq
z*%tgI1-z8)k3Xbr$c3aT&lU8g)|8zepQ(vj`=6ej;=H$(yuV|?AnKu7={Bz(bcO+q
z;jY~&QrFO6!lb6AHa9lD(c}yBgw>DUXl-ff0oUci#N9D{9?hZm$TRHag<IAQuNmMT
zd#Nb*!E~M5#j;`LJiWZEA<znYt>y^W4LlY~^sIk%>D7xD?`$<hxxPatXl`!q8maca
zbm>xNXS$q$c+4es?MT>^a}iA${ySsWu&*W`I1H958I;;~hFsxAV{R!YbifWVVc=GZ
zTTTtXdnk?DwH+wIV0$WDZ4f`eu5Q%sS8EFXq?Xu8u^TMKnKrzRZkvC^v`=4PT&?d=
zyIYFb%l2YztyCB-DmSpCgwJlIO7G5{JNjkziF0#vj~yJiVV#KuKQ~DmW=4#(wAsj2
zJuyv?1kLV2?qMnWzAypzZBXI4SU$ywQTOrLQIa!+XrM_gw)zJ4`||GS{%*2aKR6=3
zvK2xYYhc}VOq{4^k=dD*(B9hEPoJcGH-_D@84v}gU*1Z3Q(Rme$7hx1xiZNLfiGP)
zv?!#J<xF@Cmr*WQrabof=_`*;XyOG0#<h{>h>eZKW>|G+S#_k`D=I6Csjc<L-MPT7
zQ&_d&ShY2qmupg6GdDlK_H!)EAR3&mVu;^J#qrh>mPw(+vhxoGT5na=H)e_7+w0of
zRSq3J{RWLJ!sg~CHe;+Ij9pyZ7<-YPo&(47k1?zY8V3PB`rOThg$1vl--4JhYHDg*
zYh)8V&Z;?*l}^I1YJgyKOG2Xdq?j=(=Zt{ENd75WE=vd%<d8a+nqf;tS<mQOXtX8R
ztFZHA$V5H^n6^Q^mJ13sasI-E^b5C?@3YaRs@eYdTDSb;hpLxXg*M(89@NXoeftc9
zu<lb+jP+n?!GvSemBxBVX1DzP{fW-Ujvd?F-lqKc_8CmHV}ck%diU_NLE%2x#GlY|
z*`8czggZrCo9UMG-CAWO_(9|}<D(;(Hk^U`$m_|W#*kZ>xPqmF&ge02EDTrn6mc0<
zG`6)V19A{{o9p8rtoZODvf`~qFbyY17`I7{;X+(tLw&srghO(wbWn-IsCa=<r8WSE
zmoHyNyUP2WfyE=Q&ksgLM`wW#14wG@BH2P7zGM33KDI4c!r@9__}jNR4UFC`MPc9D
zoG|b`y120jm*IXgO4VRzXQf?UMTHEmB)=Q4*WZ>TmN#7KPJD115`J0FWh5fRBM2*!
zxH0PQ;JGtkgP$RgjVsL)*C=F4l#X$DdioeY@l_=@xV)l5Uy78UpFe73g3T<}#ugP9
z6V+>&ETdN|S0b5a_IGRdv;B7|CUBQ5-P@4_8g6d9IuWd9VthO!A%UKFISe~X#+%HR
zgK<tQkxUiyqmq;HLe7)A2ggQveSSXSx9+(QkbMB~#?z-yInpH$9y&xSvC_b>xf;UX
zXMTAW=~Dfp3c!My$Z=H84Rv+(i&wAa{rK@@VscX3s*mH+kzoKcnvWkp#_{Tcd)Yq+
z03E=?8{ZoJ{+M7ybhI0>?jeNmlc!EGMV$$ED5=qOQ7eB`Pa9gP#WZ@8lXE_c^5x5y
z*+6P>)qD5;f|Oih)y<rE*HH@mIa4@|nD_Wi5*Dj&t>@-enn~H1eNYZqWxgyrWwT~`
zp}WR++XeF0)wbtukVgzrw?#z_Sy@?yoyK3FqvG&}cw;f**bV9DEX>T46=e|Sj8_=z
zO%+iorTw-3wOB0HWwr-*wau__ZX04h+l?EkJ+)=<7=oW2Ea5Q*%N&x;78b^vBG%^1
zMx!fyHz#7E&pv65<0lU{)CC^nboODIfjsqI)PA^Pjh`|#KCb&z9>;Q>D+yy*>*vdF
z*^#2y&{1Tjpdjfx*Y{qXFgH}L0kNSA@K=fburPzLOJf(4&#3Q4)99!PAYgE=mPI#V
z+GEp#-Q~^}#4+&OD1Gf^&!zfR+ljArfzb^bS&HE?F)^o)epZ^&3cDs@tgiNA55m73
z7`>CLE2%O3CMTuDw!h2im7AiXBJTCvRaciol6KJm^)fQh^ZmtBS-dgq+v1S$e(kXs
zR7FFlp_WK#dBuI21%rgZ3RjBuY;T!^332Wlr$K2X-32ucCMKCvG#sk-_Jy!;B~QLd
z5sMyver~kkJL*N@G^+8@>+kQ6lkl%$x?a<{C1~p4;1GKy0sIIurwZil3ZKoQ5${DY
z1Ro0sXd6|!ab9{%dn^yG@)`>j<Vf`b;KPJ=b##26e+?1}7-anOHb4*WUG)9;Hm3$E
z-SL2Am6OE_0Q4zf0n#!n#c58CRcYxI8g`c24cdDUiA44_p#)J+b?ik5`;bE3^-QU%
zQ+f+H{b_1`em{lj0uU$fnl?B%NP(M)(sX&)q$0lgr+Kj++@jZHtVK_?w>uyeN?f4>
zDyIPP-<B4|E1|MiP9KdQIYWOp1p;H^W1jvkQ&={B6fcy7W>^4BR96M=V|R9UNsy>1
zg@TX%IW8kB%O)tOBeC~09a5f-wdZJ!?^>(isAYeVS!P8b7#ALrrb%%v;0-ojUJYcc
z0p?A_jCifhTJ`4ZO$bL@B>QS3fCvB-681Uuiv9%j72V;nFjQ{cnf9!zs;cLMqp4Aa
z3kDvt8>$7@&1JLApFgMHH!yZLT=UQW`O|~ynz$j{wI<*KO|Z($tgP9Oe;u0bEr@?k
zeXS7U(0+xhho|Svwf&z#Ngm%%WI_cEUWGs%*Z0-gNnY}RojJ&kBd>1Cy`B!2V=Vu+
z3`hzo#`LQ^-ovICd(ZRxF4fZ_1&(YeT_%z|ARy~kdl6pK3#CD5Gbm+%ECZ3%qCDr(
zl4U6Nl|PN6qvKYC#9k_FlPZK@D3EwApY~cPpDK*Cph6L}pxl7esa+`43LDZ5fq~EC
z#{<|V@NkSlnLP<SPj8ZP^?nylBbyJ9c6~#GiF3F%gxI{!e#r6>FJ2rchKxz<e4`dL
zT%`8@88{I$j!o>S2aH?dGNZmW-6_q*#f79=Mvt!te8I@biGj8P@oW7S$uo#~R903R
z8X6)+2{?fw{NW(K_W)2d(H!M9_r9SgSBo7ZLwkxIDpc|9IbJ}_t;+*YuH`~tY91ao
z!r^cgl)}mqpG_yFWN{-guhlmIlpz>SeE<FjB)@7X!K{ZX2=ojL6W_k2f(?(9L{~0U
zDCB7ubOFA|2E!pf=4m1l6{Me^?gVSdf<3J=Y|ss_a9>2W&cuDlF(@G+Au=i|6O3fm
z!GAj**+YV5r_}oTI@$27(|BWebTST)$8W9Ad$-nH<+sj2F!Q&dYthNc$;->j;|mLg
zP*cwow~KfGed0py_~ip1dm-6G#mBR!cj``FAtKQI{{0sSR0f}G?Cey77})*K%L{8=
z3fxiNZYuzwAv4?U0-+K>_wh|ag5mp^++!$Bb|`eP8U4i;Hf;$)0tHMrZon5&VbP(C
zV)}~^!58g$VdD}d{EfxM#i3r7GmCj4|IT?zS>cHU6h>leJsPE)$5FX=(mQhi3?gN}
z*@)ZL>I`5lqz0qm&`oJ<yss3;*R=d>7%8#(`ucbl%M@a`=tMo<neALe_3!}#K6&Cq
zct*Uj!{LCn%jw{_Y=(Y*HBf!IPPSaBUhPuAqM=MuN)#r2i8>&;hJ?zHkPxTP4i@n-
z7C_zS&H?R^sSv{^EUXV!`zkDqo9w5dp%E1kp)olRtjVx6z)BR`5IFSO*FfrMulbqm
zWNiSscADo<J*V~b^d?TmS65ea`Zp|$){YkW8XG4;A!??F7k%gq9Kgh<0%c`ovk^uV
zs)qr1B2>yJaEGSuZVd>Jh@+dgysaBDLwx}6KLV&53xNUxV2k+*=dhqnZ%Yw1Aa1~(
zI32t(>|FPI(*`77Kn1ZLy`i&Q^E0gqE<`@~YZk(-X?+1W(!$&I>GNlH9GzwsKs3w!
zy<H&9P}XRGx(I$AGbnd=b}qJ+@LsnCEP})`@Rr%m^q{@Xc7JOKP*CY{bo)^ql`gMH
z1zu<Pu?6MeFQQ3?o}PYua?<>Sr^A}|kS_-UueQdn?dL3wHBg|GiqO0$8^$PB(X!2d
z`Lq+H_8uSvpYS602j#5Nhw^e9Ku5DPf5RGcZXc(n)&UFw&s%ESpEf@J7=s14T>i=2
z-Q69+vaBT--Dtf|_wS26JUnuci<A24Aq5N#848Jr<T;Lg$t-nuafw7vOijgj)<V2D
zHa3QINm#md2!*mf_?y~GiL>l`mx{&#;EC>UEpsx_)y;uKg~7^(Tuw!>C5fa3n;Maw
zosDJ{7T!YEb_4)87_Y!K&?l0u_bhmk+t9pFSXk)f=%`j~-Wmz`CCe^`(;y3BS|DY5
zt+Wa%a0Z8kkyRviH4B4x`R#{v!J*h!++gDuQj34lj=AAbb0J1=mQ>&~(R^ul4ew8i
z<}`?mi(`Y$hGp1=;vi1YAqfI?b5;9yq4r<<tK9*y4_>7E5JX&7r`7nOtfA#L<{*Xo
zr1v-17aEqQg^6!XR}kmt=l$Kc^Gp_jiHH-hWApaj&fSJ9B|~KpYle?_5fl^z!LkRS
z2vTnAYtx@L@in<Z1WQKZ6>wPwzVO&7_76gSF}j+(0CshtY#^n{1oMQ|<m4E@Hjh&%
zc~B<xZH>Wa@*ht8z00kTa#*ilmju`%54ALGM^w!|z$`97LBS(Ok800sA4CPj{mT#M
zrY4DbH(T=M`tR=z)cATwRpZ0L!UiCP0<{FYLTDZVI=IK@H=`S14UqUgWMoaeadqxv
z7g=C4NtNyn1gmaYz<H%>-wr{TLRdd|<+7@%sDN|epc<P6jxqCSD})m@@P-MvZ>SOn
zw>rSMsSwf<UL@TJW+j)YME6{HKON8G7em9t?4p+Tq}(V7OE;mcfzRsSdV^e2-|~ym
z&Y46iL+^!hIfx_3C28sDu6sM4v90D{zC<rGU#QCp5%c=|S$ep_RRfCn+{pmgh=PB=
zls^Dy2uO^K0G^<h$bm%j>g7u{AD=2nzUZivScml?h!thSZt=)h!D6%AzO4#Ns^xqg
zwx{<Gs5p?woB_sc4R`vQQH;&P!UCbD5bX5q6m8_Mkat?)r(sJ|6NZtI5%K~S(gUOx
zU>tE^xy|kE?Xq&<-_}=u)7Ci;k=$5pp@QVmsrF<t<e%~R`2rvgFfwC22;|2=3W}Zw
zg0m-0<`luUAFB)tqWbMOyPxtL(*5$r2GqW_XrP}BfM#lLYEpwb09+mU;>k&7*qi=-
z$50Qr%=6#NqMx|BM&;$@6%gT>TrZl~fCK+}<;(uwBKYMU9pKsDuaDNh!wT|Sp5tGV
z$p87j^z*VhxujSejrxp#mW?p#DYC!25~`*NqJC<SxSiabSXWBVyl!LT;80C%(mWAW
z*PFk!NtcmSZJ_0$1lGp?`-80`6DtL0dS=GVM(k%ZYAr|i=3j|BzB`}$v_NlV#n*Pr
zIZE{$+$r@`GSYv@QKM%_v^7EkWntj|nXmt^yC474#sTusU;w}SDgnaGf`Vjd8sx}A
z3N0!svNbx2N})lBDimt=ZJ5NKF7N}`S5nNHCUtci*7FtI{1$ELrCdh{y0AF{wtXoG
z+Wmft6(zYT)K~HAv$bvkDnl|Y6%`bj$xj0V`5nLi2~<0=wY9Z(LhDon^AVfx8OKU&
zro>y5uRWqT+2<-ut$TUz1!o$wv#_W>dQ`MNx2I=<*Dc7Ov%RVn6o=;FQ3w7DczTTo
z4^j{|56Uc7NJBuMm2y#|RHe@X?+Gg#*=eb1X_*6be@~UCvr;UN3;<P4ZEc!5XDSU<
z)fBNxAnp^45=igI7)~;J<9BxBDFpJK=dj(}+-WurJ{_~zoC6`U>F@!^lMbLJq<+~^
zkE3k58vF-bbo3Le>5f!7At&^=E~OF&vUWsv2x;EEBq}hlx-D67c6+gx{f|dwW{KuX
zzI?mknAxt(M0DUI(>Cj-DRvj0$r5xExxs*!F*fIQ;s6v~YEx}rW>(sDrW?bjc}S4V
z(~q3mGxHot^W^pYxp-u@KQAwi&z{90nc2&tPC@vx>z~KY(0BeFv_O`-=9k53;HK5+
z=+Wa$UcGXGRH@=l%A3miV8T5e%w5x2<0~_!KX=+K?nlREs%qx|I)3Yv{Cs*D8HUd9
zDlwGiC{0Y)$G?2}?1y}<C&`-T&Z%&lR!y|*F3bPSEbn-z9w<DM6bQQqSR0}B0hogm
zmvWs$skYw!m6-x$96#^@CV)6M1BAu<7I*X4l>HLBL4AL3izH#!g_LB!R~>>T`0z4!
zQ?ZpfMW{b?vEy^&IfA2mc>qFF=Lc^RwzjD%c3%&!P7eA<IcPXQAgo^BDxM|R#`q1r
z(=*}N)VCYhqD<%{VY7oOwbrhLo{07wqN4L)mEbnPj+3im7s}n={!u!oDJ7-;j6Mi0
zwmUagL7|o|v7>NR*Zz=z*b=wV6#>Q*g$|{2jbT<g(~F-9-J1T~POuu&K5}G@tiUbC
ziLrK$uTApyi>6PcC;aTjm-tw{9Vl5N4?5IZu37vw>dtP$aw+-55`a1+rvR>uLUVB(
zN3lF>Lt=Z%Qy@ZMw-sK6gp|0ll3xS|S5CM(^pbSRB1zYLo<sr=Dp?*R=ogJ&MQFyS
z$X9()xm=(WUurd-7&tyZtQ&NOkyI;1tAIU!fg5L2_S(AtlM0R%x3y5Y2BD|tOXwgP
zv%9sSJ=Hc(DxJ66n)vw5i8T5Bdp@9)#*q<YJ-vS5={)!yMl`Wd3`*~sO`Z~VubFPI
zJH_4de(P>RVq#C8jt-OIec*j*=Wnv}D&VWu^8tXRhKcK^X%`sCW0e!`X4)BSuy9M5
zc)Km?$eL%Nahd+70DQ83lS*@2c%kVfo8`AT@otWOE;1rQr?5S>0s?%o>j^U8eqzaj
zfkSm>yZCm<IZ;%A`mgvEApg#q#P;m@^MQ(xlNv)L-Q`bDfnAHi;~f%DCk>XY#h@7^
z7)?D3JcgvZv%~=fV*T?bu^Dgsilbct`ao4&s+S~k_wIC(chF2{Ll%@Bbv)4@Nv#CM
zH4l%T?g3YmXs?2I?^J`u^>XKc?y_NJwTezDPkU|p^`kfzJ(@Lga@*b!M;9l!5rGCE
zWgxvspMvxEQN6%OmmYCTg?%>Wv;O{QD>frgO)k=jNz3=3x8=+-wd?vEUf5^)0|dIX
zs+}DkUmDWzP`R_6k<_z?hpACt|4k^(8IOO^U%s5<zqgXSytYPg)zfNzaQi;CW%4|2
zA8(|GtpIVP(9$|J@!Qt+^l)YT-p<d@&^IX>@fs5|!eF{1RQ53LB{mw9Uh>A*-+g?n
zzMM%Ms1Z|#HW(+tSlLY(H+9L8z8>NW+jyXgeC?=1x(*N!X?nc-xpjftIHPS8!G^4z
zC`{1k=r|C^JH=#FgH4Ntf4w2SmFqlp#+ocHX}WL?SGjll&vuEw*#DaUj}~BC78gKI
z(rDtn0fZj`dRjmn_g8SBBrpA&1etZ*1;{e*?^sOC5C1tocube;DUh)S81*6iQgbVj
zyg7QXOTbQFuk`92r<{c<=af>1!2*CC_pxbduV;URTM7va=UVYz!(bD?xnqa(41NFl
zm@E4FrkwJ9ES<n=S8VrGR7^6SIrM67tcgaZAtpl8<*z!Zc4zYNH4$jI+PZGkL|anQ
zhG09BO>APd?k|cJ2wH?LLHy&}mshhTlt{km3+fw;i6`Q1UO<6KSs!#LbAfy?%lIof
zrkp=~^k^=WM5SC~70u3c`=kTKO^=I0d~yoxYtus~+jfckcy7IAf_8ynw)kJeYmz_2
zAZ9eTws!AQ4{>7jYw|6b9e!pp&`CTDsc@OkiRH~^-Rv?u5>}~l=FIxm^uBLlz@UKw
z7O1iu*pAsYkz;I3Oj=1vYdv^>?)n5_jhP1Ba}AE`L-;MT{Tpl3{WAW(j<5at{Z(%+
z)@bbQah7~dR5emm>`D()(q0rFCYY}st^bk~9+VyA;~UQ+CMNCZxCBkwhhF2In1TJ3
zd-Hwob=KG2W;>SL06He#J!deJEUl&g?!jLL3LgsJy?f`>8q2*``4CF&OmhKVDOd~U
z-)r#{Y9RL8w>x^x40Y7iyEyUQYcdBEj<yiQETdm>WeGm%AV@U4(~_8e++x-0?O4OC
zawShKU9R!Lo3^Bv-DRVNok?OcV;n`!PODwPi<VnAFI?ht2>_<~lJjyT@M;E$VjFqi
zzkesCjxo%R*2e6u`uq26T@#oYz2=)LIGU9Au||yGzQ`Tr7Xl`YU0sln=n0X#m8X)t
z05nwk_fXokk;-dU4X>-Q85<+JWm)ZSbM_8xA)e39%WKft`Cfm0LLNe`)!Hl-05i>w
z#6xR8TdW`?s}A95q4ArVIf)@3t*fgm<@#39e4a1n^jn4R-vdx6X(y+m%?+JHs2)v(
zi+H7MQ?*5V5Q^1^$jFSn-R)7A#IIk!T6>4%lY5gpzWg8{*sWzyIdPSCez3OMa4>DF
zcyemHZ*{7tScQF)@FV~4=G<B+E322A*&zg0eiII9zo$e)N0<BN%~_1PqT>A4!BaW*
z)4$NvN8Arop&D(&6bhC9iy}bvs3n}F{%Wlg*3RnbcIX~2>g&e8D5hnuzgXxJqa>@J
zpC6#8YIC167J?{L^V44-F-ICf_IkzUovFuDBC!^C&)$ZfFR`un2m-%y^h?jgNlQs_
z&{`jS;Qcod74Ygeh)IzT1quzpWhYPm;Zk^bw9qhvK&jD;_(El81lpt=(_efDDn<U1
zNdN~2ha&P;c&deGC-aIi5l{IYyAEX<1D_AAV=dd3D+NEdyc0zo2bc*3JLaKt4D^w)
zv33y~#{h-V{x0lt4VxbHTk`exDNjMRv}stsKi|iQ8?N-z);2Ho+L$Rka>`hnNaH7f
zo1r-LT5c}iHZ!{bejAW0^Q(3aVACn8EZ23MHjEHXR7tv<`3oA^gVQf~<JqsL5Vlt5
zQ&(!~*7{5%_`O>0bM882*6eu^&{nH&&jBmPI`Few``O<dU4Nf2<ujYTi~Kv(6ARUg
zTtavIY&Hs$*A~N~kxa)RJXCnZ-(L?&zypM<{JvlQ<hPy9jJWk^t!{f??NOH*M#hxS
z&@h4Dbl`$~g^S)O-uMs97BQceZ|bESDNBi+32oTpzqgxthEbRq18hQXiym)JnS%<D
z43t`mAhEkRNp{3Hd+*W~&Tr?=_lkzm8Y2UxBp&Uu(N1lMBEtS7Ig7Oh_!lpRu`Wb@
zScHMUe&Gs~fMfdYa%OkotEaK)(rPLyvR;#%4l&8e+!z2kfv$sgd-?>YM8zzr;kBR}
z5F|vHFh@3zU^8eqcLCb56quB$efi+wIy0aawl@<dIOGn%9sG55mDj&FX?Xk6m2wkK
z0|9bzdwXO=dOF%_wrA<&$yt0!iOaKR1v($+%d9?r6t5*|KN;QyR`UM?+4bedL8;sN
z=dZoXeHKT<miFl9=4O*6pRv21(zHuWx{*Qk4=FXHqaq>%`(de?ni2W?_j^hUDv9rI
z1)^~&DXJ?|L5+|s+uBlQc$ssJf=~s<E9ppKi}UkU5!>y_L$c=UYhj(0r%ZH$&XkQl
zX|EqF(AzbU`ExEhu)5l7b@~r({1)Wk-c6HGIsu<IXx8yS8DWnfIW^P<_;&IAuVwS6
z@Rg&-uF*3A>sqkmRuIjxDT}>$EjeW>DLHfLf~-w<mfb{QKaGI>Ku*ajWnb@bz8b^+
z!oh&%Uw#x|eS?p$r<W-uj_r!D1aG#NFKcIx+M%^;9hE&c@d9?;-&Jba$Svb<BeFRU
z*nO%;W3X~!8|oCpnuIikm{(s^&}hR*G^x@$k@8a9Q68)LfM=#F^D&f1xTK)US@Omk
zkS?HE1tvqx65sam&JI@&Qf-j43Tn|aKbI~OZR%-dYzKPeptY$@HjEOm8_H?){RV6u
z;p{`+fQrAN=?1Ud>hD+D+qj@M%8WD;*|6&I)!?74!EIS@LZ5n2zf9A7l5mr6Zf<Xb
z5)%>8%}>nS5AA+~F2?1g_dU2Bsh^$lk8bcMDd(kuT7$fqib2fLU5EYpdmC#b8`kwi
z1^b)QFB_PQxgCJNNiqM;QjwY=Xw4kVlg?6%O>1myyvoIWCN_9qai?VOPpv3z^HIM_
zZTB-*Qw9f0y58P#r+_v^0n5W1ES%u$6R+D_J@&d(0Jr3&-rWUMDmyK$1;K7m9z;_y
zu&tm5bM2mo>ZEzF^5sAobw`b_8aBgi{?%*t1+vG)<ix1$inT@E(^?`@!V@Jq&z(R2
z>52$y7X7<A7C1*k<MugabM{R+b7Olu`PRN(R*bQqd<63`8*-a(#oM<TrVYyS*rU`7
zd8d|WCrBwZ`UGn(oMl^a0pwS^{witrQC>yoBp=PIdzCUq6>gD%pIiNn48ifX4!e;L
z)onCBxXmIcsInpPqzrAfS@bTK1^VKeyruieRIncb!mJ!~1Cm`p5EfgsYybJ@pP?t?
zf@Ng)(tNkm#sR=LScr3AUcC}d!$<pPx3t(E39HswcXQL<nvlm}izCuGiG-hzngj=`
zy=&?Ce!v3Wbe)?%!65Eps6G>Zl_@bqsKArEjr`v97QglCak0C8ks*#JytWHA2)+%W
zl_c=X`TxXJcUK)}CCX#t8c{`Jj7hEcMksl-I&-bee%Q{Fo@PDp(<eU`g3m_ME}iSB
zCUFI9Ff&O(UDmvpA1`)yp)+1QCPS!rD$2`VK!I3ei1UBOrLM3496hs3JrapF`Z@p9
zkL*0xhXL@gM-?+_jhKkrZ$d$J;#Fmwjeet{fl{on@<wQd0svgn^R;+VS8X|Hk}{nw
z#$1Hg6AFk>%kv-p#oGk1U814M0tq13QN2)~(x2>?E{^Bz2Z(QVCug(q^BWlmEOyYE
z_~adoXzHB+*&N;P94Q%va0P$<`8Qa@3D3>Vt<`S)>P)stf5k;aCG{`)qs4|GAw)8n
za{hPfMV#lqK_2~w>Ik^lQA!x`-lu{vZ?l}y09`v9y-BEVGl>$|;NapU-!1;cyPmV|
z8&j~!pj0u~J+`V{Y+l22Ipd#y9?uVM2WuB>-NWH#qFpKFl{0%^z4=o79r$f~B%#!<
za1xU7-q=esQ}`Sim1xA;0JNhu?Z5mq-HVrE>BSa)QP4&@xV_3k$hTOu2cEfibLES{
z$vCmua?0?AarZc@DX4@r5=A!hl<SkU(q*YuC4W?JT_3mG-10E!^<T=o#sBcrWhlDs
zhCXOr^&en6CU-29kyqW{_o3UfYwUmv5`P1j0P9C%Sp`U1ot3z)dd|Sz!1x;9ZB^{W
z8mmfUpQRIPlu?Cb|5B+u?cM7*7Q;QK{vd3|47EgRlg3k0k(qOSgGo;we$VIx?Rh2)
z6<rURh!;%{2<VLyvv@w)>Mh5`)iyg+UX7lqr`^jU>ZqeJdD?}fF~Hh4Zm7LJbEcV_
zC8wwzc(Wcw1l$8B%75;?SvK%iUh8ulI<&MHEG&iB`Yc-nPSv1vuH!jXJQL=S->DQP
zoX+9`NNc*ex2f6qIkf_hZbYFu0q}!>B7<E=eQilj0gVB#*8F_b7<fmmU-n$Llny12
zF4l#0^VNutbE^2}<0}BtP#>87)11i2G_!OVKLG6+oO`l8Hp93YX$#2I&Pn9Jr@DUq
zc#esgnH6w~*+tn}KQSf@sNA#;adVfKm&;=xDI1D7-DF-bfd@e2Vw3Smrcwb6mANfD
zoT);~-7}>i#kYa?@BHyCaAJH~ccuX%iS@DH5iLhnz<!7gL-*5Q%4uo$OY$pY!T8oK
zN9n)OkgZ3YTwFAv9s=n~s;_st{5<i2d%DTyX>0~U$f`dc=Z;(dLEpMRcuaqH_bAZ$
zc_y{SUf-J<R@+8RqSFsuxO@Qhaq)Nk7hwH(e=o4YiAhGx+cio~3_9Y&N?@-8WsCmz
zma{?!AM;$Y2AL-awv1s1U-cD9A7PFtG{k_OH5!dGsw^eX)!N1P!tzHnY37_-IuT8F
zc5;GpwH<_cu}R+RuB|&OhS0XwJ8+<Ylx`8zEb#<fbPN$PB73Z^YuP*bg8@1lJ^x_p
zKntt&Pjn*NPrKD;Xr##X^`?f-h&E{G-k`0Vf4)weZ+!+gp@3a&2)Y(&!fQfwTcdbS
ztL$&cVY-sUB-lB{G@vWdlO0SuJM3-}WBM}u$_d&FQAx&p#Qx#o0w-!npgkuOPW=MY
zq?RwC2K;VAz7^X^BEd-x175AdR|RafNBzY3pQxsQ6g5vHyIn8Z_x<=)!s6MKLHiY*
z#@dlyoW@in=xa*t41n|00_|&0tprDf>euj_x6qifQO9`ky><!LRm+l-O3x~G*9Uv5
zWOy^PEuirhsP&`=!co?LR{x8oV#m_h9qUnX$?Qk%(?k6qY<h)$5YHhC7J5}s^QVJR
zYkg5s@!F2FgJsLxa5}ymJQ7Mlm1b1+HpfWBzt??qH)U?l5Towp^*qUcoeFY`9Bih>
zXpPv!^mGm}Mx#W?C#c4Fsajp5J8%300^<JV&q*CC?bVLm6Hv+m_n$g9M=xXB@7cOM
zG$iV~(n<$^;zoV(<3yd+rdvehPqPs>?AmX}z32Lf5}oxwjUuF4e+O_9>v|muM{yK*
zu<gs=Y`68<_N_J7{X-ipAQh*O9lCT(d@U$g_yqL7+aG%Vs<*6ZphaH=#J&KVzW(17
zGh!L7a{ndA|NBGW&HtU4{=dC>^1<)!WlH|Qa3`T<@UE~hkz6Ljq!~DyQYA6Evm*+a
zLsLoyEJf^J=KpkHT}tKiP_~WrL=iWQsn^47@BYxd)w|=fa_S`e2e7Gs$p~mT7`czy
zQ_jOpJvr3!t29Jz@c;k#!|#9qAMxLrmH2;e{@=$;eov0jd2cL`K)#OjK6ZdSxjjEz
zN$xd+AY>06{^*9CYxI&vkM1ig3k+5qhp~tg$B+M>FhQwu{`1d2eHDjOv`s^hjtTPm
zh|H1%2!GFvG429szAc3Z_4WCy_J7`rd6!PM#F~y-!?Z*#5Cp)7%BMw?3LmGU(gH;V
z^sr_RLvBxbeP2NV*wkMimO}G84j{k$Ut36k(~FQ0XpnG_-Jp?ybfWrbetRlPQs{E1
ztWuJw9%$*yE(*(mUI{2}(4A{Nc<|to=5dr3vF;bW(8CXHm{-BU-Ovr4v95UC(V_aA
z*R@8}r+@wRS9CnId<ql}q9V@%AqpyHc0N8$xaQ=UGspx1UXL4EIq<=R!(AXD%b8U_
zkRtyJdTE{mVMn?1)cM<E(IB#dUN9?g5C{PRS0)HK+ZxfJz6#d+3(|&lvz$p(02YId
zv}RaEh3b+0<%3$+;gdlU_g>VYE8`{7tHx>Ex~lzbb^+Az&{ysXzbVIY;|tt40Te$5
zF-K89m6rN%)tfMzh$)ZFPWf0JPZ9XF+&PbB)8A`$>~u&|TYdWbgh2jrex*l`(u}=k
zAXhT!Dc4V4v_<7G%DV}U&Q^fb^B0;7kQZ=YFeHu%j`~ETTrr!3_Gj6M7qRO^twlTI
zm-k2}8yep6p0+-!I`}KpXr_UwDX`pinO6N`o-$NbUCj@z6r?ragX6w~LY2C*GZ0<)
z59ORfNOZ{p9cW*{K!=&RIoqvU+47^6k2hF{72idJVw}-y`UZyFhB|`k>s@peT-gT>
z<^ZBclPqus?Y)uWebw3e;EIH#!nvItn_jE0lUdJ0>2RrdJksnJ6fBd+Wj@y7RXqn1
zR!dL%D_1-fvh5C`*hX8;1-nV7Qwo3KcY>6%@@wVfyQ#d{D(qr{It&R3d>`JaQk^~u
zePW)=ueAB%gBMm-E+xK62?W&_XxywP<_l=thi)Kp;)37>4NX3f0uoIj2;~^Rs*J~<
zNtl7<&_VV;fNt?;s<g1v&IccQ`c>73sq~2nuW0(B-d@(G=b`1j+@q{65_r$)Nyq!h
zi!!#Og)~%GXV({oNg0@klLeg(4cSr~K^1wAAtmG(7m|k+b&z5h$ud2<AiVBMZM;8W
zW<gOo8hHBIGZ}^!W{uA3ejnln!^u;mx)EcwD_2f}w1h0Opt`*<Z08FTcqz}zD=K3P
z%~7r=XpbL;dZY_c-hm|b$oROW`oq-I>S`W_x|Ss0vZn`I`7R@3*x_&Az-`{GrGi|6
zF5~enUZYmjEFFT^B}1Lrg!Q-6()ijQym9yQixqzBu(tQGSdXHvUNV-Q+~d%98;IG#
zt#>e>Rto*cKW^T<1T`>4J@-g@CuBzn=;{2PaLd-W9H}bb+1dHfi&7;bmJ~oY(Gtr$
zKzk|krFk*kMVdW_drOLwC#!0?1$FkLN-T&pR9A$GK7}0t5d{|-{U`8xrCjL)Y-hfy
z#euVea7yyW=^iOWFcH}g88{P0Szu~s8Z=a;RU@EyBT|?gKxW+yvm{8jPew*2%6tDK
zh@dWBxq?$ezVqV6R`bH~!QuY?=Jv*pz4<{q-=9$aUWK0Ny?gf#x3bWJbHk`XQlUc%
zO&atLRc8S9f?S;N@bl5#)ov9~i;5RhRJo3=&#AcsJ=EC7Mdz-T@3A9eCMp=uFD_zm
zjV{#s$ySMd<$UQYF&03=ZxOXuEKmJ%6%4P?3A;e^VMQ77cdk2k)Ieo~%qnQ->!yP2
z5kizTO!DYgxZt3+RK15d)TOq%x>QX$Cu{3mMC1+)P8>9l@U?ptAcf=tvB6bsJ$?k6
zH;s&pe2MDuX`p6MH+C!CGBewC=#jZZXKs<5Si6%3A&%J8glitXh6<QXdn~vjO)Zvj
z;sSHuJG!2WaOpC%Onrpjn-OUWbl*!s-~~=K{mPLXCWLLxc>+pbM4mPwVBN!lOh5e+
z@SB;LS;75Y+Dd|+D=~&!2PDm)1kD6tJ7sTsk^JfsJI7y(V2>PQLRl)wey!p(T!xl<
zHL#dO%KP{4k=ZCjs)!6bfyk~4Iw`p@P!Ks#qmnF+%u0bByKJpm4g2r!!tl{&&d@V;
ztsoVj{;@PhhfU;!lKWY!mQUqPL7fHj;<PaO_iGJMTetrG_usnaXJO(k9@$dxWhw??
zO_;aCYOYR!Bxm3Q8|u<u;B=~HpvQ6W1j(;<>bBpvXSA!cdH7k-_CtLd4hnP-o#Y~t
zO?>rw92y5p4=fkZCZH3QS5o36gn_CYg9T;P1YZZ}^C^EFW9)$5N@RFAqKlkuj$+rZ
z@hN9ke4Dbm>Ox!xeHAtXhR4J<hMf14t3|@Xa%(mu_L7()FvtIT^XwxUJr^8s{BP8&
zryn#feV2bpuIO1Gcq&o(!VX_;WEj`$T~IfWXXikuXLv*iV|&$new<E^?neH@m~f^O
zH*O3nns4r&Gmn!DP~?eiLgS~#!W&|Fd8b51op+jrR$|*XeSoPF@QhP=5ac#kX%llk
zM3&0wZrsyWdw1PvJpy5XU=e1>rSpLrQu@PhL~BM7w|oiJ<0W$P@~`$APF4;V!n8wB
zxg6^0Uk`Xu*B^tj?YqC|gO33zgi0GSS2dIe*o?fw3VBG0$Xp9N_jL@SlLlD>GX|+1
znE1`4@P_4GqhCPv3zZcYri)5&=z4JdA7KsYpvTNhO}z&Wp<nKlxwp4bOIh^auY6=`
zN&p2F&4d)ttF;oyG*0r~>Mi8k=)`?II@Sr<17+@buG|8<E2#C|XHR@zd``WL0rA1{
zjT;A0tCDMLYej?e1Le-yi2Jll>>DQg@0BAz!?Z-ReOX>jO-;9Wt>@%SzFx8LymN;$
z-+t#GeeU81k5gMi)Oy-BwuFq8?5)ktTKmE{;NGdm$jFP}(M*=fF)-$Y7zh^XVPxJ0
zhD#N=t2OKE>zBQ%5&1VZBEogpl{^zuyOWulmq&P1e{$H1Qh?0>JzL{w65iMl#N%fe
zMOiQvOJA-=flv;|D!l~*dF15@A~Ll)draczz2H4QKECOuTgg4(5Kl|P#QH%ksY!8R
z>;CqJJwVY>#iz=ehU4xOWm3%h;^5q|pi;WIC(}P_e4*Ub{Wy3KbrzXrocXc0E4(}r
zBkVUDnJ=4eYhJ8gWxTfRWp?|r=FOQ8bt#ElF?6DgnX3y02WDpEuZrrzIOQ3A6Q2oQ
zbT}y_MFhq#K2)NvA3y$UStguj;Qs8_2-DM+yOV;oCuaXfbj}EZfzg~b5F_K#(xi;>
zIwn3#&-TTXvo)}f3Hq+xN`h8EB<t7uRl|Z@x^``mTEN2Gd={&~6^@=CsUEELefTi7
zX0z2{i|l)E8qsgVG{fv*8GfH1M1(Lcl`?Ol;yyR6mPvP-r()RY=(|KgwpkPQwKblE
zb2;k*e2x9DUmiUsz-LK$dBLgNaL?9_Z}{F1SW{%45E*}!+S>%Z8Z<G*bE~REVY=;)
z@nmXLo!jy_W`4LrE7Pr#hm*!=aVbYfGxD*hZ(vc~lXY2;7m@P@w!8}Zi{(rpv40bY
zfByO^`MZ8*b=<K-8tUr8LyXt?cb}-Kt4p<-r^J7~dLEV19jnO9bnBK4%xrA+mepKZ
z4N(O@@?Nag*<PQw>E2%aFm{I1s6sO|G;|B3k*=-$WJ^$MVlx0>ZjI__XpH$+xi1<6
z&@UscgW{p{`zb>ysiz^bY+6SYHapYha|@zAkA=e+&ONLS3|-#cuc%+f%Z_-;v2i;r
zRWv+MmA*coXuL>qQ>gaNgYAGYMLm)F(bH$W-{RZCLDb>a*RAnu^$Wvv7VoF;6_?`@
zB6|3&=4W1pwP(j<Toq+(veka57mMVlV7ZWv>6aHo%EnLujA2L!nC74fhCoMC)V>W$
z&v|OT{qb88oeb_nsW7fCw!gE2OeeH??ZfB@ba?LC!P-J}*8~mVkbT+dqtd|-oS{{<
zzjQN9wCj)JO`oT+1S;HY4=a_uZDjYD+KTAoK(hCUYefAYqyBH71;X6u?{fi8OwF`R
zN|s8DdR5h><mR$HZJk=`HE@_A>6nnnwR^6f)yBy1qf_N@oUm&yB9sRxU<E6_)uiH=
z269%b^|^ke5o>0aiO6Jw7`^U;<>nR?z-(z@h^%Sw%Roe?T~Q&tyA<Z%b3sKk6&6kb
zOT%rPufSFQr^N1z%4Y%v)nQK}k+!C?lXGiIwW;Ys?M`x-G@dRq;0=+ju5d_xeN7}w
zfvZ|`X=&-+G$#sWadZA8>g*DfB~1KE9UGwzKGHBVgw5#c>T<Rpi)VQPVMf2$JQU5!
z&aNO3-@2a!dYR2@g50<p{3I1yOUvVJXTByFa>dYd#iY?)C4F@xcFrwIQ9@grEj{GI
zqBj>R%{JTIA6HPgJimmV`cOSd>HQ)LxA<(S(Z#ps{LO2=tKrB%2uxZ*>4HpyZ-Gh(
z&A)q_2?L`RUC*hmy1-<QRaXWEB&(H4AOIEc?}e%0sK`h(reeNy&;^9R$2=WSDJxM?
zQC6hpDEY#?Zn9CKzu6tZ<owcVg)li2_sS?koov|Zty{`RQP=yBa8XeL3upu2tYB|b
z-ei?RR#De@&=vE|5ah}*Owlpg7Hg7gU$rC)W7|2Ur66{K&LBu32p;V}m&T&P!*5``
zU{H5A;ya8DAcrN;3EC$B$tLm;|7|Rfz*%N+22b9f5^X5jq%2HZ`ipdGWH)zYhruL5
z<eTf1d_5k3A0zYa<Qm+2HSo5F!ffGnPb#8wV0aeBETo5Bx|Q}sj==<8=l5!^7zJda
z2vq57!;5}8fNfxQLkq?@;>Fq7*@+SddLbgY!tls3N0on9qBU15ZhUQ)C%c%nV{YlN
zuV-vG4r7e(&DWRtcm>tL$^sy2x+|L7WaNAA<|N2YG7!xo*~mQ+;w75@NXYiaA|AmI
zNTOhb!D=D;GrQkuYk?fTx|(OQD~|<16n85eJphBY5ud-kAz71P8gewv7XT|V?*jIY
zr=z1o=80jFBR4Bc7M=nO55`>_rx*hm+q}IFN(43BOdsS7i}Pc3Ao4U@Mv}k1(NS;x
z5}FGGuWE4BVuBFQ+ANcec66?Q9X7jEAjK^dD{71vwNSkKq8CJQL)Sc%m6W1-iWn<k
z0GnykVdiykum(h=W+Ksb=cnU7wK%H72rO=<_>+_p&t*RG!|qC<?v<p=3<d2cPw{V8
zP@n)AoJl@`nifLr;*XKtjZyBP&#6zJ9*l~KAzBk=VUmS}z=E>Dg3-P8GN-%rd&_j<
zf+HU3ASDMN0i&iQm=iA^XoFE+M8pMn-54BP*mX7%(k*Dm`FytrM|)xPOu8scEDFCz
z_)LlFq}ZJlht@QilKgJbkaCGa&fDo$F{m=u(PJ$z!T*zokFK+feE3z8e{N(rYdsEM
z86xW+dpyBJv)GAwD(>z|%g5?%mr!++Hv<jcTeX2`9^wI)tMQ<QKP1Yibn>BRA%==7
z_r=T3Nfil_nT`oVQTq{;i@y&r42Ny^b~d4K*wbs@hZ$Xy>{5R&uql}E>;lbso0nbP
z(<2~>xtBNS3sHHm0m^ZT(BL(G>qzJgarcFRrF@{Ombsp<orlKtT1MVD9)ZTF+sQmT
zuOhLo%i&a#Ze*buS?e(U0cKirs;Uez7))+Xj;fYc6dDKE33S)totBXeV`_SOu`mx=
z0)OXxG`{KXv9lOAn1~;XimIrsshN3cF5%?1z8nWpuXC((VSbSRQOnyOj6fxo-2<@P
zk={chHGO+x33~4><T)^19~{T{V9xdS#_6dpc4k?Ec`-+}f^~`3awO|3WyQ$s)O#ic
z`V;;&?K5<vSWOcnPK$tfdF*FfZIEGq987hk36=q`s+cPxB9rC-0%6{9i}F4U=FLUi
z7c^nuB}+Lm7iPR!VDgWjpMOuCy=I>gVnZB^7n`>wTqztr5FlV>Y1t8tJ#RGsgpZ`P
zzLXdv>^<XVQ~EhIiiwGi@9}Yow1cRpPa$EY$Zb+g_H$v{X`q%7=Jk?y=PbTa&T{3L
z)cWP-=BV15WmaKNtH(#fi36-lSOqj*hyT(g;rGtjkG5cJV&)o+;o2IT#1l!U%0t%V
zOP83k$$3y}s4_gY$HPZdEL2cd0cPao=E`4SR_uTY(P{r(k<rc95J-if$pI)pV+)WH
z4#^+6INXxTA3_czqW$x3AoWv%!ygXEA8_%^6meszd(iP9=%%gj<vBO@I%}<&*9>&-
zO-v6d$51KT*MU2jRzu1xm>FrBce81EduQt#wLdbc5>#n$H>~HcL#{3MF)J>u<|gyw
zr#Pwejq-ke`+NyN#8Llw8@e3=em74Iuj9S9L@h-BTA*yoptt@D+rXnG70V!IWIAgB
zV9EX#2nhMz7lvpSo7&oXL0#(GTgn(F2YumQ=%5?eiEwhZN|a}}^R|n2KiUQO)(OBo
zd)@6CN~)Q%mg}-;Y-DV(jaMAIUH+j|+XlGHz7rSPa-*nGk|~JmdqsjI2?SElE3Y2^
z2qk;Ty)M=~Ej0qcu1(55C%@;p#Lm4~Uh|yMj?|*{nVVtVxQL)LR{jrDmHjr&;)`Pq
zO5)$7@WpewfRd+Uo?h7HzHykGw2I2f%hTm7Z;9XR%X<I$0#&0l3~Eo$8688pIK%p)
zBx7iR0*U<R&&1rki0mxp6uZP*Dzm}0`(l>9OR{o#;%xG<($5bUD4`_VS4gSSbUl46
zF%36$P#3mI!|usdG(@36er+w*Ns`W?q}xwaP19>;>*^+9rg(bTeH1y<K~qB`y{}If
zsW}CQo&<tg{h<A#g~WC&@FjlG4?bFrhalb^?@)sS5{`G;?vUi|vk1X%G}3s-R8v>&
zMsPnz;O84*Xwzb{G+_awtX=!l17KvCzr|NU+rD?&L~E3!yL(l>;)Pktgr)eM2WLId
zLPHAyWePaFj-#HQ>h^h7@t<E0RsZ}RyzC*0Kyn#cqm1QcCm?I`K77!H5R(T8r(<&6
z+Qvo;^mSHd18{7IaHbLJIL%X}6;3Sfx0RpkmLtu~I7LSv)if2dB=+gDiW}1!`8a-{
zK8Cvfltd=yjm&6Pb+cNeti|mw$7F?!Plm`|aj4OoC95RuZXa^cP_OF7d1Y%r5e8A{
zgva)MEp6>AWV{h>Yio;KTL=N1WK!mZj3>e{BMe;dC?(tlAzxVUM$LxU{AjHS47+B4
z@|P2Xum!7|Q^^!$jQmy}X*SvPYx4e1HgW_7;COg6kjNW%!^tQtF+`-XRBp%x19Do_
z;y+X1kPA&s%?y*>Ssmo;06!4GDqz<aNAZiki{4Poli>W0;k1iGa8QK{WM$S{w{HC-
zM}=x@_xOfPSN}cwcT)uE@`algK2`LLVRS<aZ@83VW9i;t|G2saY9a<z=L)o@i)s3-
zO0wxdRX#2}Jxg{iTX{2P;oQv(zuk;DI{ti<Yr5XqF*Mo5GNWFvfJ^}2g(Gj$Wm5F8
zg*98&$a7;$z^?@eg21&RxgLugV1%$OFx-Khs)F`~qY!xFTai;~0Fq@u9?VNgNl~(s
zlaoW(hc{?|b;$c+;K!O$cu=zOmtCE^Ata=C^Es7<qIuR3O>lxSK7mo?eze-m43?Ce
zkJI?<dl`i~R|wU2Crq)}m(hta3JJe+*_gTM>{g1#xvg0XU8NfsHZG}4dER}2X8oev
zYx;0Bz=0~6lzs~s*5n*<zX3@H!DMJwV6}9NJu~4zqg^{{`n#$KG67|DR^?)i0k#BY
zc?1Y{0`aaenEvZbn!>8(W<~?ktCD2dE6_MTdxu#$DgV`lTjLBu>J4SK;SFQqP}``l
z;9u0N@y5)1iZL_EWM!a{;Z$Id5(zd?jeMGLYC_|_g*fYaNAH@qV(V<R$2!x63C<Ql
z1H6d~1}fu1a`U!}Gg!2_^Ao9C(s4?+MUkVSlrlxz);3XRUn21+-~|t*nVs-`cO&Yq
zeZp(oVKzLGWJQQG)llydxhV~~HNywsEDI>}MAa*;*#&8NAHU#04#kL|^tyf!YoDoE
zL(jmPW+2BWj4d@<+Ip_ITUp`ItZ>vy{Yq=#X8@jdd!p{eO;>&Y+T{%^FYEVjkQ_J~
zQ23MwI&at0;G``h-&X$FL45L2<+s-zY;Ci9EMK=bs!Ew>A;To+Zp!}cU3LI9{CEAM
zaD~|)<+&R(%U9aQ8nntSRDuSbkw@i$<9`4R%>avqkT3d&!^!!2=`el;`nK6-c6=my
zpFtUpPKoHbczOiJ<@4+WsX4aipzyw?I8tm8_6sub(1pT@7dpYEOjaPGE+|!E<_jnc
zL1x3wIwGTBy9q-2#a@KRe7QS69!4>UUXCm^_1e(h%26x&=O0U$DtpWa%n2I|&2!;(
z2-p^5=)FFsdSIo5314$5oqvhNX5~-1m5dowgvgdxjWFtPv4PnjaBr=0bXVD-W;08>
zKtB^`GX@Di!yxKw(U1|1+=nw;y045Q!2!z7RXB(OS6HYVFX*5R2WVyZo1x*L42<<j
zj#?mxn#Fh11JGJpS~G&Ro1w_mxI0wESQnC(4hH00yk<Z}0ASr+aIe(>Y8A*%rd{?A
z^cODNjA%jw^px1&Y)2+`zl2>I-8^;@bx_hAG!-v&by^Z|aD-5fzwC2a#l+kX<B$10
zME4}*iW_M41>xDhHikFTOBf%r6#xegl0>Rx@B}6dznYrUhvE4x3c$MB>LR<rf#KJS
zcxJX-2nJYoe3d#9=D<yuv%7KJH9w_5aik7YrhZGoCYCTczqc_7v}X~KOG8O16qczL
z8F!E4F?)q>nsJf0K6xKz<G|)D;j|lJ&*cpNZ5S|TgYhOHWn;Q$dR)my+41%j7<G*|
zTQEh9oVHW~M};93IaE5T!KI<H=?E>YSD=lYE^;hzRayjf_(CjXg6nBiS9t!kva%Ye
zaLoe_uIo9qPW{ptn}nMpNlOb$W)CB?r`J8{?RrFj(<tuY1mg4Gzejjd;Qu7w0Bp2^
zw0GWXqZg8U*1&)p;am(9b55GtxmkL*i>u))<)??Y^W*Bp>fs!SwZ@xahCh6vEZzbJ
z(7$&DPOM4Zf8S}@18mK}_cd@W1?&IC-B);3^>tle1OXLLM5RMSP?1Ku6bzJ5>F(}E
zT17wsDG_ND6lv*_i-^+QaOv*uy5BnZJnuWkH^%o5e9!oeXCQIzIs5Fr_F8k!HFtWe
z$4bS{JRnR~g-7r*c3=03fnSbu;1=vAN=W*A`rs^T>>fg^NQngg{URN~JU1T5(eo0Q
zKv7*i9YoaE?{q6ze$P?y^sM-)odY;VCKp$pdKSp(kvQ9I+zELD__5J!qQPt{<NNnV
zQ0<gWycd2oEaq0k!;*FC0;MH*y2&d=QoW~-f&g{al+t~lMnyrH*&jo@x^2Qv>v>?_
zmvlG265tYR1TI0%^1<*yJ@*X|i25me1RaC<2_Tq)fkCneT?qUXQhd;)gD2UAJPp5C
z`CVMcKP-tJ<KBZmuiWr~ruc;Ha4XEE%d~6`o}LmIswU%Txu^=;p5Dgxs`_zFE-rIU
zs>qKC!=IrmH}oW?S%XDY2ITwm-a-egnuz4_%NIr{-P2N1q`;<#*uwk59;~z}Z<%^>
z2JWpTjLKW61DOTYmT?JAVfyB}%CT$ocNYSM1=Wxr*o>g>T9C0d#|szVUot_>wzwJJ
zWd=t7Lg~~;jl+<Qjg9I)GDm_$kM*}mT`LW)3PcVzD91ma>?S4y0wb;osmtZ?-}Zh#
zYbrPn=5vE3w)7+@34Wx$KqZm&Tk?VBo^&|0i*NQBgn*EALT~vpV>^t&7qF~)WKN|5
zRnu9A5R{{Dv$4YSd#{M*=FDx&0SU=C-sDzX@Y{5}ex1oS3J=9#ij>@_HpCM`@#)ji
z#2c&P#}ncRFQnzze*Z)FuNO#Yf!7KO%1H5KwQwu}5h~2e-nj_CuB-CT!>J?>B@GoH
zztdFCU{*MwMO~0W(nr)i1`ZB+SXRB@YXr#lH!%JY9n`vqw{FzH!^O}hx(Q<l+iwT6
z^!qZQJIX5llMcz_6GqZcI)MTNe@7JItp;fSM)~^WELK5~J#*=c7O*09yEtW^0TyTF
zxhA=G?Li$TLnXD>Y<qkD>n`cF57A-B&-~qYAodd>s}gn9Fuxyhgn;4!as8_FMKU9p
zr~z+RTEKcu)`xO-`kP!Va}<V6TByh(YW^0hQRrmktFi)SrW<CHkNP`0c%23c+Ljnl
zNwr8xfx3Xt7aM#gx`h*545UFS83QBt8$*dA%xz>Zm!W?5ZZcBQtaxF!>h-ZiuKdFu
z1#a#Sy7^{xqg4&#1ki}XauvCX&kyK~3>~tLLfY2JEb-f}85x<d-n@Pv<Va6F?DI&L
zhO=TKScJQbHAm1?y!yUhGL;b;30#=&&a)vH*}tnawzlqw7h#qFrehc-N_vQpPhbvK
zXjhFNefx^w{DP6V>r<A72E$disXG({1u~DM!`QA#w!<<erukm4riSF3JIgqzGC?Gt
zMG<C9t2K)m^5f3d>+9?DPOLX7si~#WVu~B7s57o6KbTW=D!kR$sHCEj>gR`lr%aRk
zF?Vz`goM1Bnp<2qr7I>T04M*D@bO!_LCp=29}Je`#UZ8zzlTnv?n)u^7p2!NlF{$K
zXp9O)yeE%3o=iEHZviMd*T_++c>n&J`T6<DEjNvyy`aH`tr4gW#CQpeO^mpsUkxNK
zE?OdPDdCFGpMQZ1;}?2vTE=a>Tt?^?6zcc4!c1fOJP=;Itv3XTR9Q!7=TWO*yc}e?
z(&7D<AOGslZF+%~=pMcIdOZtXEa@ef+<@`=FmU^oBO0~YQuRjj?KLBQTvUs3t}4O=
zgY`rxUd;7+<9wu>`MHA6DlECHdzy|q&|Y<ml{G@jn5RwaB#D$zjpNAZpYf<NMM=#5
zca<JqzvHug<L1rwbfpZYJCUYqN1-?jd89}&BcWPwJygb-2j$4d7b^>a;6vA?+a9AY
z32wah@u>i^1F<7HTtL%vp`^qRq6Nh;IS}5xD7j>enpL+how_33@t-9I)>Sglf=UI1
z)c(#2{q*o>R#s@7Tbn?F0N7Gk@@Y`GpJw=kL_D}kOOts~zvc0$!$xgKWnSzV0bGe*
zU05yPE+M@h)p3KBbt6g&HNXf@4DBAoF8nAwN+VtvpbO8N^J6?IWdU8<u1tuCNQM;X
zz^3!#_aP#b78n}_LUwKrj}Fy=e@wXmM{M&nM|B?93Y}_};J=UL2dI0u#KlJvFS}%0
z8jUOz584L;<d+ShD-^jzDBP}`90^veSRWKNGormX5-u>n$e(@t{=F{oOz%gI5p<Hn
zMw1DA52bao|Dp(^w}<tY8sm^x*ya@W&nf}Fp5^>Ev5^L6*tC8R5uf}K;lD@u0dXF1
zxWe+=@Gek3%l;>m=#(;uGXS!%bwREsL4FTOxlwp2Nl6mnifU@oH&3qNbrR?<go5YF
z9=$lw-g=9O%*Q9&_uobGfW^X2fS;pZE(?4gRd(^@PE2`p&JZU;?9NX(xmTWl^B}fj
zd%(iVjRbyCqE+%_p;!R`G&t`dbBPeX`HN;5`56OuT!!WY;0EAXKE%h<j?>|w+C2MC
z!dppquR!gofJ-O$)yCW^vLTbv3ic-pAYDN)w0ncs;4VVok=e9=?q<$_2ZxfXDuo{%
zj>PE6HsEs(I6xrUX9ab{-8OH0g||JM1lE@M2@a*2db4Lx1?Q_ExkYI{1tCv{j*q7Y
z@+&CRrsl~<+TLC0&55cW1BMO#95Qtj%8mWxkp*(V^J(K_+v?{J$S}9%pFHxf7ln6x
zz#u0JqzBISHpuTgD*d~VHeAT2^MHoLA9S&O^%bz8pxTuF{gq&0p|2nKP6?iTwh!IA
zlhJNT6MYHF3$HRVH>3eSDdS&&bb!D}=o$+z!TFy2$tO7d8=drRSkP&CdEqBFDslc_
zXv%V1D(oGoVEcFJgnzR^T?t;pvenJ6$X#rT{JX=C+weGc<wLaACsV}mUsTU`<bA5C
zr6qgv`eyZ-#+H%KEK2}4C*{OMK?mcERu15?AWe+#gLeUwm-b{p<Ng}w$8W_AS&Ppc
zbar&84<W-O(R%k}-XXsy;eYb*$d@Qbij%)VzWo30+tJlS$SA`qN-%`Q52!X<0xJhc
zRK20lLWOm)2H1}ZFYLiap$Uj+e9uFa>G_ix27ht&0~iB?2}r||bFu4jlaq9MW~OCf
zFxXAV%~7Kq@r+KUDg+Tzz?r#Yg+F4WVEv>Fqa;>C{}U}P+=ISolgM_{3?OTvFkz_^
zJ>@gX@Xxjd#o!ALQowdxrlqA_Eh6!kgd}U;R~tv7_P_6jFc%CriiEC?zDfD^t-(0o
z>0SsbY2qZ_!VUVWLbd>#+o^#XLvF;SX*mT}-v9nFS8Ve)xLcpcW+g+`%=mb1U;pR2
zh-n6Ve{yp2={;PDs0SzW3xWX=aAF8k@NFkXhB+?=V9}G=2_N?RmvO!sJgC*JuXoQ7
zqr!YnRte0QPv8{YIA#mg!-qE1g){$ib70e41o+X=w;db_m52ZRfS~NM`Sf#gmp(;A
zkbQxnIyku{2??lfkG#qE^&ypEU;L<H9fnx~iW}g(Q_UzwKfyuhmO)8Os+QR50Tm9&
zxIunDuiK_6G`db?_QDvz#|BXRTZzoD?;+_bY%r+VkLa~vn_2J<v&*1t>9WATa1*&f
zw-4{$orNMG4fq-$$YCA;F#xDI=sCgIB?N>=)kCsLvJ|Zl!GVrchs+&t<7bkRuYm=G
zx(c#+7^MaA#OUTBVc)R$cu(ad=tNcrPrfq>At(mhp#vSzaWWw`fI!Me-MV!PGLY`J
zwxouJ$MIk~2P6@E9PmWY;Rc*iWR>ny@U%ln(ap_GTNirM&#A#P-q;;)uyOEAK@4HU
zkJmzuTB9N(=Rhl?4D}O~TWrDf;$lG+cqlxWnlfO<2GJJSS942CMIa#{kAP2P0P-H%
zW58HV9-b~7`8t^D&SP*D9pYZK%<qSop9PaV9V+_pNn3#%pK%zzI97Ut#k4?HK>;GE
zfGdJrClPT}g0Pp4Mr(t(0RQz^rjd+H5H~kBFZf!*0M%RaSsd=JQE}-@mADXyYRc2L
zV)qiUX^2}Thxc9}0&XMNY&c>XJTRaR5cEY;d>=ynVhp(LFeBs@2taSKv-bdz2KVpO
zvJnmSXVTr*y!Mli5Ti%L1Q;B!0Fk*7`1j(n*4cEZ6ajuLc71=53dMK^qL@Un1E33@
zVCI~jlheDuwSZh2I6Y|~pkNtpR`%{(uSo^Ot=wg$2jo()^s<2bXqa;Z&rz!~@b`)g
z55Ks6bhou<z}4E+bTvdHx!tu#U^`2g22$t>4G=Jdcbf;-t;NN}r2Er*smhD2`66h+
z>{OIa4?v=bc;pt~ek0i9o$J!b$K-e)SwQp5Gni#afg<m{uYi>H$i|<B;HOuv%mc6a
zSWd1-mVYP(A;p;^ZpM`pqD1d$X~iQ3&wzoMf`v1p-GFU=z)>tB1)NOhfN4WCJBZgB
zV(13{grBZsHAZM*Ngm{AfFp-BdT*L@hY)oNNdVfi!0ONfE`%s#hP|<#fFwT&#|A#$
z;NT=zcM*!;U(9da{7bGg3lL9a^;p{{E`z!+Qgv|_BK+7YDRZf!^<#(;Cuam;O5RVd
zc>rWP7w<CM4g<YaML<6bwNO;=LbpMPDAJPE-P1D<qoEAYiP!3D`a1pGS@1gR0p>9W
zG4cavE%Cj2dBg-65t<=3$6|YvWJdr%MAc5TpNGG(U13ByS~!<$fn}irWbyz#h|&t$
zOFchmF$o7B5k7>#fe;=69||4XAdp>@8+_fi7TE#J)yL{FU43m7DYEG%VQ$>M{b9%&
zk;Xxu&p5ZpadW91)+2&WK|vnb_2KG^zn4`UOSDEkC|a@l+|ipL3}Izqd5FBoDO&+Y
z_~|ULOi@g1;0_DfXc?5=h`ZC{aByzVgdVeJAhPH}ta3r%^f)}bWc(~*7;d3+5Cf>$
zw}OI#A4}w@O+3V;5$p>JUu+nALctLJ$^l*{7-GmEN&vvYHxcy_yZ~^gcYHcPk_tNj
zVyFhp7UZ$#TwG8L3^nH}L9Cf=1Af~3>x~>+)3G+@AhQ7U5dJ$B@-|_|Y=C<T2KfO<
ztt`NlZ*17e(ZJ;W%=;jWLj|4L#NL-c_KwOUOeHXjb-@14h+|8!g&;fvP)jHT8o^;u
zy1^yphBUJFnaltS3y;Z5$<NE%L}bq(-UUlHqO}A_DssVu51HQx`T$nGv|S6_BkN%K
z>^Ao`3NhTTz#bof9%yWMiDcvGf{^#|A?FSr>eNHXz!}D^z|k2{(M~Wc--MDa-sy=k
zrzaF|>P42()_^S`7X|~4<$~6Gt$$p_iUD?-MWpk9q^UP=mVwj|yazGkrHI!Xl9KW|
z%`2V=EZ~9CfWbsmsy#5=TR`UDVmc!5N%#ZWGoWG+-$Wp`g|<AVZ3Q*~pq<SwU+#bv
z{hivn<a4JO>m}Hnp%ni_aX~_g5q9hg?TgOkkDoj_+QNc{CKZd!Lx95)K+|%qe28vY
z(#P6&ZBPvT_A}!24GK?F(1t@H3y%(PLlj7FoR<gFU`IRJtrZ8^OvP6yb68>1U{%f}
zbXdVjI#`p%F9A1ItNy&}Of&g4H4l)P29Xs^cO^^C-}Q${_Y8LHe|M7$7wpN=$pNcL
zQ*b+GW5(HZt2o|qs@VtsGh~WG+=uWOE%QyT|KTQ$$$OLJ_P)7^zGAw$i9Oh0+d<{$
zj)0B`%?;&U4ic=x0JDS@g6PG-PX9aX2_t~iLP-1q_JDQ3L4ybM*s>VPQ5f+Mg}{mM
z3ZV(Dh{O(-F{rLUe!jnAjf3(f0l35`V5`;pSi#B3Nxj_JDp1|4dEvlmdLM=ZsrLaJ
ze{=9OiP}^wK~nI&=R%lB!o>JEgkTOcK(Y}KeRI&E)eLA>x2Z@Kz+K?B5En_rh}sQQ
zAX~}wM~}Qga)7MD`AY0TW%ZCJYE~Iu6G*l`N3yE;O?ec7x*oi9A0>KjtCgHTjoN%<
z2>U-{I7BxXCusRhbT%jcb#4zd#>id(GrmNl$?N^9u1Ik+%*QOqhm>`|2=fD|`@cF^
z3&U1)1f=h53b;RcAZkWfGKiYZ(xo92EbI}>$|392OQ%u36ej~v;J#xG`wu8^Secwq
zty{$)zeN5$RL(!>k4GA`2Bb0xgl$C)jSR5L^4;=KR#N(kc=p2xkBKp%+9r@>GT;&H
z?#E|Lep>;B38s?05So7vU6#601F=mQJmo<qQwsBra@%15LeXcCyTXQglaG%t(-X%h
z0VyCE#udTef6ftcbUh}zlGBUPpL3YrfHVZ!ExM6s1(-HHH}{#2=T;;VX#cZrXNJ&)
z+dwEG%?0q<z%X1arS?=<&YtUbWSePYiSWi2905?V`uiM$6*0}Fr6wTDsBe17GlvI8
zX~_sSc!(zX*{vQePRCr}wsgnh<8(`W2G9)PQkMa#3xHH@3pth9U?sO<J)(X9XKp9~
zIEy&Kg88=Jp(;v3{yywr7wllDCLM(!b-VnOO#(DHU~;Mn@nKt>9K6Lr%8leUpyUI1
zLi^WIT6#LX=%;FGlvRRwnR~9wk1D1?1lUV&`Vp)v+p^W8gG^8o?#Q?-IWGVVj+5xU
zT#5A>dNC6po&u>Ft*DzKc+DYj5lHBrKnaxr;<QmQfc{kB(1GiaaS&cbKorInPyr}u
zYtz{tq31eN4{)0S;!uKqh~<hMZE(PqKVd-9KwiC+POPe}oecx>X5$CLy+Rk*Taoz%
z!gW5NT}MW&9}b+Wbp;46OAH?+<p+0BI%EwZ>RU+;@BivQgKILG!5)tICnIXj`O4#k
zO2qbQs}qE@15RSXplgTuPufy_3MKk)6)M1#%FE-%T1B8S*F9Sb!3Zi1Y4z-Yj$;lW
zU1DOWAPX^vQ!@}C9u8w^H?>r7Z|((?WEkmgvxA`JM*aj0&+<Ra9^`nprB6&cSrS}-
zW8F410x<&#DWM@IAhLw>K6ZQ0ojr@-q^9j(Lbm`;-~tT^<j-ezJ+1)J1G-~r<iL~4
zOEs`D9<IC%2|2%8CT}iOD-_?tuyPYM>Vf3wjB=1}gS6^U$2f+dyQLTnD`#o2v=bZi
zSHB&yLPrP+kHe9z6_5+Q;$DxTUKWO@#GnQO->BXa9txtenFM#ltq?R!)rntM9E^!)
zi;8q~bm;TeG=Y?c(`@n+bn*<}LaPw60n{1ize(Xh`D|O5nm)C%vidcX4{0ir^uduM
zZIGK9<*Ih|^&xtX0}S|^lI)g&RlrDxd7<C51WMvOQsZ2(1404R-2U?zcGVxh5~bC&
zw6ZGU*qZ%Do#T#ds^aiT`%-noZj{y3n(L%<Ip$76Z4hNLDDLKf`EY}c5AxX=?`B=j
zf&(mRF@`pLEe;w*0m<6!%{Ol9`M##MkLe(HOi%AfT$2HbTbWo?<CHu;Avg&gSs+Ky
zfI7S6BOE0Fi^3dE3;=OuH&nNoVCPtvp%qelEp6^6K8lbSid>%nL+)tx4}^q@8&(GT
z`tZV#g14-!%z1~vG-o?#25MH(!_{h#R3m~?xbc=-vF*dyheGZmm?dX`d{lw(3{M&M
zyvTb{gE6A!l?vzO-_aN-HG0i=$!qbv0Jxk#RR$3vCu}{-3p^k<!zCcOff!itZ$3*D
z^JKcyY%$vS(HasAr`Z@%)CG!@+akMsx%*2|UJjoQLnEB#F$bbj1*mipK`BDkL!pik
z@lL?R`CtOyzgGr@LCJYy#;5MJ8=&#O230ToRT>m8(57|2CkoPjg1GVy*X`3Go)M_+
z<%p!x(vjyLiFjD|@dGB)h9C>3dV1S!BMCBFpoDM2i9Ap!;Uu;KI|cEG7Y>C%=77BT
zQ30~CTjW$IBjlLZZZ-Yma5!KBlf4nm<Sh&E?2HBWs20j{X{0v;ULyzDh1m{JLIURm
zH6*xr_rmrvYvTfXq$P8HkXFHAFK0Kx?lPILxS|29yDqJw<rJw6G8@Eb*bPK!M@wR>
zzi{24iUd>A6?UG4z<2L>fhX`zdNG=Gb-#E;WPq`4aPR|V?`-ypNcwQ94$Noiz$F}%
z)<f{b22sQ1)jdndLy(h^z;|MO3h8=*MTH!IgGkoG9YOkBu(03cLc$wcpO5SFbWBGR
zCGkfZPG&JTH~&?5036A8i2PsxFa$Q!$3kAsd))S?Krx@5l9J+6j5{El;8~2f12L|<
z7q)MxFj(^YX>2j^TnQQ(t&5G?Vu`z*(XCx}Ft%9`{}8q>wmD1NApXh5Mqjjp{q6t+
z0Gr+|wR`tY!MPh3^pPr_l!c3{Ju&TK9g{J#7XUoTG=~{EE<&V;hyvxt({RXd$!)d7
zb*71`j0+yZy9Y;DuO0{RM(<99BTl3{Y`hONvefb)Jl8F}^;$H6Lou<G%>&0|9>Jv}
zKYh9(4Ms)n0Qe9590G^_qYyX|Dr<aP|Ah!$FeT3e0KUUhV7eA$EZYO>FK$7Fx<GYu
zYpKBNg~y;JJm9rhWe<VQVrA|fYxYx^qS>X>R9X(QjhPJymkc}rPA`>=yu3|22g8LW
z+SV+#SQF2^`8xyya-6je8uL8Gm!0Bpk}SY931M!5SpaT)jW5v!5evhFQ;gDfOM?cU
zY`9BA#74!b>jN?f&<=rMC(kFR72z!>CeHBTN(4MZQdB!=NCKrHSe*axG2eka<7oDw
zcn3_`Z}24Fp>hW$gplKGsJ7>p65^PBJgUjC1m%k+2wmV@s4+3#0Ez$JXJK)?Zt#r6
z!hddZ0X!{JfWXHU!-^a%<|F3o1(5hl%TC1s&`<~nz36(~HROy7h?|gpfG<io4vOJV
z9gq@IDR3ypEKnSfxv0p>%ElHu2++8};S5`d72CdB(iRG)&IeG|fbjZs0d1Qmyv}Gy
zDm6az685@U+jveFeR&U*255hxp_w28|2*B`7m)`V5Z098oExjH!tE{#I#IU*pn0#X
zI-`8vUqyx^445leh^gS|TzG^0!h9usaTC@ZJT0VF0lGs*NFW0sVjs5|okv+k#Cx!N
zszr^*_(0qp#G&A0dw$;p2Q^Rw&_>@6Jw5S6VmcAkD}iqef!M<3M&_vnL?Hwk0u$iY
zbmCcuY;~_HS5c_{p;4<1%6iG-&e@_C{sc*`Y@}C#H{rEfVrka*37{ofLB?4CT?UB5
zImj-F`kkUzoPaflAfXEF7azLKiJRqchk_u3fl{!f{3Rj6buj3IE5G^Zub0RXGfl=0
zf$E;<$_=o4tXlvK3!=WVx;m9wvuHr|*la;jD}REpyJl>&F>rl_?jkPA{~bwM$ot@z
zk>kBSK-WO{Lf&+aiIEXxjLK1(_R^1bVjW1z0ul2vNbHcH!344?=t2tMJy`=wkcTTl
zm~(;}4?4U27HuG9N9Hg{DXu^%bioa}x)e1vZ>Kq&Y8|6#g^0RD)e7VmxaMu;m^6RN
zdQm!Zc3RJjOh=7a=ht47j0MnJL;#DxyMd<Dm`r7hx)u}UtS@k7V=rIK3ticO)*LX5
z^&Z}6i571;rPYpfGa1%jL{0(YF=^@2!S1U_KiAUI`sD8S2w}D_w8L^hj)eO2M+%IZ
zZ$bhNr&MLa(H3B#{RBXkL4VX$AgRHYp<EWOU`gsqqFnQkDR|~-kBK$wNuc0@Xp0;x
z!(-gEI+EKN?F};!j8Z=UYzs=TOY27!00R`jT_Ej6Ca2>)?@q&@LE+C6&Bo{lfCJLR
zfS@x-lNyv(Or)+gdz63&{v2Dz0}(qBEWYOoM;%b*`<3#?&%h!<h;h($ZvmK+nEy@Z
zVH7kiuMtecy8c~(A<XT`3;S1@I>G`%&c^^0k@h$)TP&gaS)$<6L~^h1#Bb;idcjrV
z5v>V|kPEh5km5-|AqgM*9F|{dT&o`(lm@CMq(s$=zhnz$`EF1|8S=#<=GPzyPuxm?
z>Xgiq<Ta9dczdw3u@O7ilog#b8o^ld!Q;U>c4~<5_WMduKJb)2*4e3evDXo81^nb0
zxTPbt5#X{(g|zhaIUoc{b6FWK8-K@&%(j9eQo#Z6C7DeQnTJyk6aeOeelyIGnwFCY
z`Q^)nH)6SL+d_YQXf_R;Pk(%5HFpj&{+nrYm93!I`5ol}NjE4B5hXv;mj?CDSPm{V
z5#UKMb>9Mb3pP7h5Yh><mbQOjmSO}QzIlrZ2@U8tBjq+=w9lYA_~h1`?^LMkVA6uy
zp^f&jWB97=@p1;v3$cJP!ArRM7D^^ZchQ@Dx9@0`Kz0m8o+iP0I-pw8MCjzpF&o`j
zYF^V&_%uXP=YZ4wx^Qd!peZP18$Y3Zz_kT<^r+_0n0X%me9H$K7m(CK50I)`Y;4^~
z-3;3l$%vl~pxDMu6wrKuXpGK1nG5Q<4QUk?5CU~#=J0MBF)g+}4{&A|-Du(&TYiuM
zsp>#s{EBrY!dM`X5N7Gyr0#j7HYzJkxMI022xo)A(BB3*6BLn1pIuQ=Q8Q*|zWWJ~
zL{xCckk%lYwx*`0mIY3A)0O+yCgp8^#Iw#ksCigYn-5bK`r(xn6`9h~ENd32ZKAB&
zLVdQcX{Kk~Ds*VX_f{hwiMrYVN?22vQD)$m4$!eORG-M61=Sg!4RRz44lcealoNTX
zx2Yg1BVw+%q9lXS{mmEEnzin#oZ}-0)o2mM`kV{DkgUmvXvs-Ve}pV|^n){007F39
zao+_8D?NDN7blmBbU8qi7$SVl&27g9x+^Mv05w5ZsyzMIl$0Bgv4JG9Z1zhauj6c+
z?TTE;b4|@mXl(Q^r@m`Yj8TFm4t$|AK|-})!nMz08*l#XNUxgc+T1u)buJ%D{45KJ
z^gR{`+K6r#-~*(nfG7c(fReIuI?U<9!a{qYcmTqoK7#B8aa4y6Dg-rw*$heWiRUv!
z1&CTDE_1ih3>q7Y#{Sh+d-$U7R`ylG5hUwXvnXULfKc;+$`k>@Ar^Ik=YZqxsvdGC
zrCjPp=FWrr_mLtouip~c>jA@~_M=M{wxDwbBWq=twGzdher_TUpF<e`#63Y3OqDpr
zk&z4G=kldXNUDu=Yl5l(^m#4bVo+HtN=jC%t=x&0f##=^{%qY}C^)20oJf?U3DB~`
zmwY<PJTsJ=m%x8ThOVy~VPiH4VR9+~!gmJ<7U^)z(#Os@=wd*68UE^j{zf6BwV`nq
zs9sQ6V7ldQ)HpCfv<!qKuOID`&*2d3!-MkGhU^pTub2p$4sYXpP)+vJywE#0vUdz<
z@zo5<EaVU`0FA4Mg7bl!Lh9|MThueG&w4zvFP>@^RhT@=AVx`C_$0#&Ys0sk+VnnT
zqfuFAeZw)$%`8vM62?d~=>=ZF>#PuS(11-FE!2Yc;el+5;jm2KENFYxh##ttRRiXh
z@X!l_Q*|v<nhv@JCeJM$IgkyE+z>zskG=IPg~dKSeU^NHuIyQm!C&AFK7dauFFJR6
z<PWzMFgsaDYwgHx4L>7ub+T~R$-dyC1^f+=An^ZmAuNMKcgc-;sleSB^dyHNq;8rl
z35hu#S6(^92doNhu!|<$K|XQ@reRwavxVdgur$XKUsoEHlAPXNQ)4o5bu8X*vbs+@
zlU)t+RlsAHoEsOm9*29MDX38~uYwc7pooAY4<URH4$VI+k&|L@+jr7WG0!5RnIf<g
zJGnY^AT3lzYKQM{Nq77RdN$w7e>14!o{IChVX2&Aq(y60e0a>MPq0V!ZUKPngjtMq
zIQ{9Gv`bd&pmLWTi8#Oj@UmdaLl>VnitD09A)_Od`%uneTj74D?4L2SO2J1bxsAg|
zpS@2h;HaYsJi0n;$t&1X?K$${%Rkq|h#M&`PitR&9``-Htp-k)(q9@uaNRlRE>ePC
z_Tn>xr!Brz+Af^gipIPXY8jhYb5+NS0Yc3%SM~Q0n^fqu!K3GaNrXZKy>Dj&mc8OB
z=B}`*1CkjRa1+-*yY}g`XH^wusJ38`L2Ewmyk8B68e$4$H!ySlMnN5~O9$!RZVNtB
z`dpiM@G|8aRSlvvaR?Fm21*O$TpT#GhVl5y?*zsFd#C(WN(SNOV1ZX7t0&+Xdv<Js
zwR(Kb6?Q~`1)EjpnKW4#RqwrsFM+j&9i)c&62C2oVlsY;LdAXETiSFPcJ-!kfAy$0
zNB&E8xkq-&H;&Y1o8n+8*lv(dWxBu3<_nPm*^I>7L~PqG9ARAOuD5v%{BQ9VQVYTx
zbs7%5kjAO?UQ_5qBt61j{@rNGyU()%aBrNP$tU+NPrLX4-8t*tx2PCIAQbo4<+IC7
z@J^ae;vdc({4neF-NwU^Ye!F{TuR<>g0se7DIdsacLLs`aHm)^#?A>OMxS{<YAQyl
z>#~bIHwM!d4rQFmnF?yDa$<ayCalGB$`p}sw%r4P3wG^CP&>#_$^yMSFCID3h(mWN
z=gv1|3L}}ENy=V>@n#Bg>2m^*)v?X#;Fye9mCOq0NQAyck={lxy5{s!=WcD5b7zy0
zT57VK8bTBwzXZdwUg@rRz7>Gp=1=Y&JbSNFnpsZ8#U5nQ36kn2{iiNh$BT>Y^^~gJ
zWj>Af>aQ;6E`0>pYr`b`VH;2QZy~eUhWWQhoq5%^V7?U{D6Ww)B3i1NcsP+Ihs`AS
z+W6$PGpXMlmp*T+(Pg)+*^KKe@sJ|e<L{D;Cd(HdJGs+k1j{P0@63LKo-YlV$q#o7
ziU7OFgsb#nH9uTe_dK|6R#%r>=GtKN?p+>U;rSKxHbK2^m#oV$i}ZZr$IqFR`H^uk
zSGrmS?RS&T9<TqjE<F%_TnHx@$(A{O6R|G-a=R++^df7<TJcwoSw*F<;s%Gv;eEj6
zG@Qtd!h#^v04*kLRE4f<<5!G$j7MC{EnoYYN{-dS5yp}a8}#4yq|Ha%65o$(cn`-J
z8s<+=d1>TUjKAtQ|4_1Gkzl9sqhJ?y(5HZi_)#O_<AdfUjFx?mLquvT$^HxkN8w`2
zHoxB?M>sRU2*B~iH)azFfKQkDrym-s!<wwLR3~SzRA9wT>YJDhb?Uf%MHllVRfD9S
zcBKdCW<|!O*E*PY|L#sWmYeG~UpXjh)RJ>gOdwNlZ8u+Pw{1(tXHyTQy~}{3W;BBP
zGBlDY)QFj9<KSA;Ckda$2x;vQI8FfE|Ir)Kdg#fB-k+5#A^eA%3Ge2YT0J~5L1sLa
zcV#qBp)N-~+1vC!zGt>}y(n|<(*d0pN<#V>4u<bAIB=$Abge{su`{Hg-{I}Mx420^
z7!qk?l@(mqMA%a!0%lcfz7GFw6RvTX@4Kt)xypx{k)xdmsnl*dOw~>q9i&9}t=_Dz
zl`))tJz_XRzED5()32V#_%#8^;(#A!Nq@90Y|sgt{7H7JvwOotKD_(|@!vP(Tro0z
z2PB63qUTBJNdK1G98zC@Lyoh%T6z3v{nyo|7vpN$2TP4zg0v!qtEs+z_ffW+zpS?>
zJzA#18H1R~&Uo&Jx%F23Vd++p<Tnu+7Hje0u-#S;WwpHm2fTzO$Pj0N*QZq3+n#L`
zl8_+gCG<m-fYT;}Tq>@A^2bVc@7L#Eq&|x0ik-`+`?9JpmiTkWL~~ha(3+oh#53Z_
z-V2#Hu?QFslxp$1XiI{~W6f9b?PRIA7s#T1HTk2ZrMiLxrK7Xo)IZ!_`m)<`x<>v<
ztuC*<>j*o^@-U9X-qdrk7b~row90-JM33msez%Jg+P}OY=0)z)MVWtwI0R33d{Zsx
ziLAx?3%b6-U?<j*<oU<f$(G~lf3%Ycc<&3)8&$}et$j5PseR%ZcOQ8cDg~qbfPjEU
z{B4Tf#x`444opm2uyjYA%fH{|m>7&EQ`AZ`?3;ZXM8$vFr(vBNIwAkeCHn^y?|l6>
ze@l<_84(S4_-dW${&~6<D1)S={^}Q=Hdql4I4VaoFx`$DOJ?EQD|s+a?#DwBJSc91
zgZ~<E(&lYq@8r=#wHlc+vJgzORzCe_6;-?=eB!@L&UU)J&S%$K$1@$c8I14*V|#7C
zj&mR3pWoQBw62?23oUn|MeQ{0UGXF!!TB|nKGBw-xjkh)wQSR5)8k6@oZbXp6=_(`
zO-tmRozX3xZymhIUVJX37T2fV@JnXN1)pmNE_R04><7hctT**nSKFDkXzSkmRQS0u
zfAKftmmfQ{j~c$)Z5Ev_-hJ_h<+=f9SE3_19VM}ZmD3&6XFbvnmoBeP6$Qh<{FzvT
zNsjZ~q3fa{N!ikIj^alJ1*gkCzWAcaWQ#`v1uRkHPsn3L6Bg1!kWmhJB>JYA5&nmh
zUV0QAJ2Ae;gTgy~x_v?Y$yuMP$u)MhzGlJJ)EBAne_fM5zQz(lGdegoq1n(nQTLKV
z(0=rZvFN5i^#gg+_K8>-=8@J12A*{bpT!Pa_B@CWT)ghuV=pboM%@kVZ$hTNb#ZzB
z!4Cc$3jg(IiCIVg|7roMoZ<M6{Myb-TXx70kv?lRMn=r1Yv8y^Hthz70j5kI=Mm){
zlKgrZM;RNGd3wg9A3N8phNF@gc&v-h1^#_k{p`uu-whZXo{g&7-E9}_+k<H%l<oTL
z%bN3}=ogPLG*RmtC<?b)S2vbEJ0V))SJO3Db2&uNa;mOOMWNa#O%a!GRp?fn3sG%i
zY#d#+YRFu4<3>hj=)=wjH`29`_agW_JUsPvb*owlANT?v@+4TaixpYzQd@}a+bA1W
z)U5YnBlE)V>5pIh#J6!5<@Y{8!uHV(2qOlK1CfivxzU%^a`M-Q`0WJDZ*s6PA1tZt
zO;!}|n(vUjr|WBeD|vu=wAe|Hie<y|d3DIM*q<An7yesWbY%7WKHrsxBp&r^uiaI5
zda+j-g|7I#cDMhYl~!{_6RTQYY%@Ola)^JiT9=d4ZeIq)=dmv4?rb@|afjZ)bwuvA
zGDepCvSqhxj?yQ0+?fT|wsPuX%+Qxx4y0@10ROLCMb_I_J}P)tRlq7M{TVuv;q38Z
zi;>~&`BtJ(m-QPcV}}c4VeLe8UIY{0QVdAaSG+9?2V5uXP4@JUQfUTaU*pWicSWVS
zjOgfy(vtr5+~Dpj_vFFwXa8QZC%r;?-+bS)Mm8Ep;$9+}h=M!ZA@%)Q_cHAt{#;uf
zhm@9*kcRcfOL5{)jQ$#ZOBo62H#8n<*y)Qce^Yhs0gsotP}GxmC7~`cNet&CS17!z
zy<nk6Fa*9iD%JU6uwnA4`R*pQNYKr>9Wv6(nDpEs8Tt7MOJ1t9tgO@Xm>;f~_W_T3
zm9?~j`z@Jo%x-(GK&Xjn1j$rK(FWChsgy>jCsyA)2kgku$Y^L=3_u#RSTc4$zgWo8
z<J1gC!k7;B&^zGmd~>U|>iEi-<EJ|sV#ZrD^f<O47ZMNow&5Cbw|r=LIy6`Gfal3f
z!%&`IyhhIfJBMb;56tNn_NYMM$bueR14g0$^9Dd8cBPuI(DZUuh4fN7XrK}npdq;@
zDVeLDbxbE0s8!*1Ik`Qc+gvHs?HmxXP~(8TMZTm-Gucr_c?-3$K|%>M5dfSjyvZe%
zl5i{bzEl~a_1ph#Y~$T4k)3`pAzV3TINbgKbMKX8ZY_&LYyA0$4x5t12R$AO=w08|
zB9A5;?{yZ`?`p<UjwRApuif`v7<Q2UtW9#sEdjR{W!l$J(*+M0Lon(aFQOb5kLWb!
zvD{=5Yj6vOxI5ym2d9hnEiHAj4vfe!lRZc#P3=50dhSP=!&e6o!vbk9t8Kzd_4Zu{
z!QGBRwcA&qF0vJhhetsqhv^-q`7>{NTgQZ6PX{wz3@Dpvl9!V5**Bl|`}tA@CgDoN
zk%XcAY;7ND1SOBh#W1}v8gYkDSj}x=xkQ_?$79Cl{D$7w;?fQ5;3XYBth96#6yXg&
zSdMAbideSltqse*dgo4IyIo(5!4J`Wo<QuDuUN~Kz|*g*e5%JrK|#>f)3c8*bC5TQ
zsQ2wQx7z%A%jyi?@cFk%=!X6=+fiEqP%mtI+Fl}57viwYT9~nwHCu|yFAYh1ksN?`
zN{KHpU{k^>D{r&7i_67s=1(-b(Z&Qz;C_B4yxfKrcRyuyKF@pXPjt1%O#4j#53uwS
zFyEcqsH~cJNsPhPyceaunQ`M9BX77F*|Kp@!T#y?9?K)v4E~%^bosP>?y86mEvCA0
z1j|OM_iRyQ^>nOD=Ja!E9OH=SV^92zUqKJ&ViiYNUH%SWjh`&5qqz*|b_Vx2QLzra
zt7`*ODeo%+1@qB=TaQNq(OlThoP@Eea(aVVpRiy#e-Y1RyeA{amnHW@Mq8wJR(rQr
zo;`aJeY}0wV`0qX?b#fi8(BXl8CN{_P1f1tu5#ZF_cs=6NpEJoal5omUT2qFKY3he
zAyLvgd5jWYyIBw)lP{j{NIX;#0>_^Gw&a77%;Rc)_1G`{T*rmSCb7+a&Bo<(TY!O}
zolm2T^P@*cb#=B(fr5vbjYmK*VPEQz6J0&VAR-c%l*9nD;|2!@0mJRvM1g-_)lPga
zD7X|+FJ)-R1gi*KV{{&waz_)MIkP4zcmMurxzq@-IZRJaUv(9cx_^Ic&9%gB>lTTB
z^^Ql%%n#Mu=(C>w)h|2enBe5<q+9Ve{2X}J!XX*y=-&-n*y^zef)aJlHvw&rYC>Xu
z<MK>DQ_vWiq_LK;KkMy!fDPx?#gilmGF<AZT<^n`=hEv^Y>5-EN^eyOjq(l`iVFNA
zAk6c8#o+h%G!%_MS!}VGYD4JpwcX)Y-uMjI=XBVWVC;PvMVsTf6|74BbTA5n2=?>w
zfs1!ldE#O8;VTjSFXOJ8=+o%=W%Y-|E7+yV-T6McS50?isJ;1B(r@*nO~^*vRw<v?
z4tGDpiZFKII^{$s1Oya3a!GTPn;#<ZdB+-sL&)8WeYQDQb3TA5#CUME9%b2}_BWM!
zgoRJ&Wza+P6Z;O7*w8Lc=|K^1*+}-0&Qs^oPd5!#eqS`yTgWE9ja{Ht)XW-13(s(x
zZ92Y>7ptQmQTzRM{9H4Y!PC&ly&WtqiaGhMjrig1YtL(jZG|KH@g(l9o$j$Y_)u^r
zKOjVUvM*ZFqrf<N#o5NBvSH4FWj2a8G;LzVxVfj&zVu6h7d^8=qqfA{(_R&Re#d-+
zHtKtPL@_hQBB@EG)Px}c`t}2s%wL;Np}o%Itz)Z*Uu47*<G;@Fb^sPVB;C>a`?qg?
zAdZ6^Ft^`QHA^{8js+qn+NV{Q6SeiZpmFNAalRg3Z!g{po6gmuVb1=83cXK@wgNxY
zv!H2W)V>rL$e&|{Xt%BO94hMh>Sf^NiSTjZ3>UD*IIXCZQ4qW%$!K#2-EX<A#7|)U
zbz^Je_jJ?5@WCdV{kE0f;rE*&$HA#{5q%*}Iv&4A_&i-Z1>^Pxe&+tzWyGKd>wKSe
z2E1KtE`7!GGp5j2!6by+Xpv~SVngq7L!jFB+QQ;sWuaQ@=hBS_sO0*9#wEsuiC#)k
z$5Yo7YMwv+Am8&23yCAP(xCgBr8E8D-JH;;9jSw@{pV8q+zn?64=jdnFfKibY-YR|
z3Ml@esIT=`y+|X5wb9S;`Q;>*xT{L36yLGc74rJt2{AjbR<;+4JkS0zI4^Qv%9KeG
z|NUf!fqP$x!JUZOl)Yt@nRJ7(P7Xc3=v7zU=8yZQpIm9$W0xd&k2g<VJpeN<)?REv
z<Gh#yCO1Zwxh5p;w|~Y6&g+-b$t&<1Zf13^Rz#61jeAu*9AuPqvXzrnhnPg2vCY!`
z&bzJTaZ~rkUI1FUTg&1V(5-K<JIZyqy%jaTW5-r9o9=ix{C$k;Q%uajtg52-^m1C7
zSPQ+^?p2$gYxvNKeoUtw>x!EWQQ+Rad$#360`V=(tnuZNvziJD4w5Uz5C?2+IYCo`
z^7ZrMGtYXapde{wmBpcmk1YQO5A-=HtO=vz<x*`(`E6!rD%hdfBBWLl{s#Yb6*;4O
zhT_8fJe4T488P3!-Q-eQRMf*?1D^(G2tu>BRU&z9$WJW0R>iGiR@+id(DguU;*6F7
zfKMm#Xe$!-@y3zrinMRjZ<^z4wMsq^{93I_rW~}Pn0Sz4FSd2NJ&db3zB*Fn<J!c^
z@jKs=eQY^)eT+WMp_|KM;I)YBjsfb={o0L|cUZ%r9(j+Q%E;*!Y8;|ob3zlDgl6Ao
z3U=jMG@?hBBUM;$va>RY@x6_+cyn1^WOFBFlfG(5VR;67`-l|vK(aUe?qbl3FVkP_
zg@^38W?E8yK*H*A>Z^<Cw#iE9QNM6-(e*7kX3;J51I+V%?+VVQ$c)R1Dmte}RlE;p
z9u%|Qs_;#{YcY-E`J7WHW4%OEtsye~F=~H@a<W_&EA|=*Jmehl76)YJ_gqbx!g|$>
z|441)CzX8@E4Xo!6)(xfkx}`{(Ok=0JLlVXm1$ZANGL-b--B%^wb*9#*6M^8Rj^~h
zYQT-~ed5X4<Nbs<pp$f=Cmm!^wXN4Is3l*Y|M_z)lK+BJ`4HNfm^tDMWTdm(FYBi4
zhc5hrY(bNqJi($;lL|kfSB1?TykqvX&*k?I-f(mliiZ#YxfBF>@<T1}O7Qo~*3QCe
z&8+cOOiNVfLWVK2M1?;>ENL}&{IepqV&(LT+8OI&>ZryyopYNNwPoW3QpGXkd@gkS
zYwzbgilz*XuPx{hk}UsCn!FlB#r@uE8>iUwuuXdmokYn{Ihwh`_4DUx()&hHwmnWw
zx!oh$*u$U)WUw<U_9{M8a)@MAQu*%Gg$j)mXmg33^gX5#%FU6iVPq7I{cTKo#uU;@
znFNvkk!o;~V%HkT#6a^WD7|~X9P9>)ex|o;Uqh*~@$EAc>yFcQ5_0ovht^a7(O&sm
zd2q(KbF1=H<?%$lxs`1tzIP@ym7>?~6`xXeCc8VT6yLImy=7eGn|*UwBZqox#<dDo
z_kC(4dk=7b+=R}(&7BKETF%bfR^m--bgwsNT4%s8dXv^4itd^p?Gw>)eC28(O0H`(
zE0tRWj9<RgyL#Eh)-D&i)XsS1jw$$sMAtPDRQ6jRET!FQXjH9S_l6Yw?04)A7Hs31
zp)K}MB(G>gd5kLf0jLUcM170rdkncDr-dbhHgAyVfrdQh1DfK^7g{5Y1NynU=~be1
z=Z*9GU8rsT=J9{nW^XX%q#!(ZuG*B>9-Ks|Pg#|$xjb|ME~4wZsPCYrl@%MLl~AD^
zBvny!YTUju;+~VSZG-Oq`D0%FGtQtJoy&-p1LdH%0Kxm^Y0G12lK8$>mD+9F{XskQ
zR@=zP`dUt+jho~_O|5!$qA0P~{{Bo+6ZPl0(ra|Myy^u%=4zK83z;W;0_@vDzK3k)
zONWTo(aNaAXIM_B1`xL}w??bMW%6(QqwDDRFWdMx_uuHoTq{r!sH&>?o{fGSDj0y4
z#<eS*7x0?q9MgLie2g-?!7bv~7Rs5esARuC$mK^ubNbiZ1`Fzu+~RqOfIE0T9gX+V
z2MNvM{gYxg%2qv^?O|Ji*vlU;joJ$Rz*8%E>dLO0-sU#W<(@IIx^Hj+?G+5O=CRQW
zO5x&60#oJDLDt)G(q{QT`rQi6n!L4+SvV=8H~!>X4TMy7m(K5Qtmx>CZ$<|t#tcs%
zUDm8KnEB{*NlQRJKI47eEXDFCfp`Q0ai_mLWrW_Qe2S%0EwZF^F0W{w*x<J@oyt<r
zPD?Z6He9w2#N+!5ualDkVyi&BoX+eVu@ANKMgG5*d<q&GPh@31?|*TzyKm#O0tsJL
zqD$hHz`rW@hvR-=%Ed!!CoBZVjs)9YjM!*#(JYx$C0LCvjnEQa&F{^E=owuLOac3q
z_*(s3?ww&9+^sAwucLYWZMxz98<y5BG}*9|J#GvX^jsFWh9816+O)T?Y`T^!jTg;^
zhnb%VzHX$`O5N(%_A^%{hjXOgX69TAcgYCnpf#wb60AGDgdaa_CIe&U`E#-E<C=;w
z5A_@lp7z~l?2x>3+1AO0CspKEDz&)oUITx$m>u&&d9S}!6YkMsdf#kFKQ2%b*{*E*
ztL1K2s-f3qmt#CQqF5i-4;7z|z0=oQW}v%%0p(2Jbd~*9!n=$q&D%eF^d|=B&+ugs
zC%5}zmc}QXR=D+7O<(1_>0%3u>r342V`9IoGa9_()%xSE%a4N$TD<7jLW^B8W)*(}
zW3$=OLtG`$<2v1%*!t@9IXFMaWai@*O@C!<DP=35hEAQe3zw<d7jMnRre&ouV;9X9
zj|hg2YnGapob`B%M)dFRrG`v67F1LOVV1rW%wD87sgTo(kN6{YlsoXMUf45;IPoXE
z592?dFo|Xni7xL#^0YU!zz^;^D{Dsc#KJ8qcJ>+KOgHtq!O&ux4bVLkl8{(m`o*tA
zJQT`5=pYmytX&S9q>jLBMX-yWs*TN}Ut~Io|HQ|0wdz^QBlrCHV%c=XN<M6liEjMD
zbkt~&(h**DaNsqeQ<<?}AMnOr@$al!EO<zGJ~$=m2E9pq#AjUpQ*5!-&2ihrB(x)q
z({ZgR!n1k1UTAD~DT?VYi$S64O*W3{3i%O6zFP@H1jW58N%1qm_(U>44X7~AHj@?d
z$4y;pb2P%9gi)-VEdgX<zmj3irufgjg&EeAc7D{pysrO1kUmRI4pN{UIqy#gCL(T)
z2VZ5;<Qd&H(}Q<1hku^R7YrbMUAsCu6hca-G$Jo(^owx$iMua{vyEZ(d!-<H!8bN3
z;x)qbM=T^Jo;P$kDN5l6Ge@>>mY-i{xFs?`{=C>12iJRNcE{CbDpAmBSzt<qePgw$
zR_(YxR$w7cbo$bqgq`R4>5nw8hu^8#jB38fV%%1K>7Zc6d-mLVf3De`H{`7o_Cjw1
z-WzGoYY|l#91`z{J1sI~h`CbxARtMt4u|ov0>^$fKSl6j^HH3ruvo2<N^O!}@}qK_
z?3_EY{||iI!u}^cb|+E5dm1l)My!5$Db`kq*3e@m5t5Nyiv_p$^n;C&@9Z;+boYs=
z8oJ6?SeSTed|XC$`5&L<;9e1Kjp$1iM<sf#>cj~;2e{9ORDBJc>92HPMFFP6xU*5{
zVY8M4kzsKd{Z`W5q4fDPxksiHE;66yGd$3?%e<_^d-CB2si7jAZvY7iKmO&hE=Ql7
z-BQ1sHYZbYfP+F0RKz!Dh>!mn!!0I`btukUQ%aNE(eS9DR(~OqK&Mte_yGz<*yo{2
zgiH)~tGgBw_F^KRu?4X*>*52ygjN!N+}Bm38SjhKvycEKOboSVxB1sEUw#*>PBims
z{>d#Xqk`{&f>TNU$<DOaCP(P4XpMBijgl2M)uvSHVUy~j%4ZATKdU^VP^kU75o~ep
zu+WgCm){Q6YI69gJ62_NujS6@%Rj^QgFHu99}rU#NCae&pQC&6K5}8$U`IumA~f#z
ztA_~_F5YgG548>;o1^=Az;!F<qr>DR4&O|+-o9^iUnbu+{a#)p+l3p9FXi>}0c`8}
z@r4`8U2uTBmGnB89J|cYTs9=`u|Obe%}){3gmxgwU$Jys%i6rT6CpNr%$yS|!W>+0
z&|$q-vNLoi>L6Pw(>0hndSG^4w3B{3Veb5$f$bb|_r@KE#6QQu?6`QCd)9qdhFM?P
zh;8yp+j(+Q$s)Omg2Mf$PcP_wCM~8(bxiQ9)wK|xUBhnyUSarGX{jgl`y#{uS#jgv
zlmho3s+o%;C!l@xm5xBK*M59up8xoPeD7ZJKYy-sGT#Xf_)c-QB_1bfbWrUbdqOI9
zRFCG!{Jj76GE<ogqXDyA?b!FJoW_w~&ort(Y#wk$H!b!R#K;dH@W^|uJp2^IFDEM7
zdv6|i7&0<)dB+tgRFCH&JK)R=>{Tt_*Az-%CIRv(UG+vJ!F8M9lXd4Slx|%e*N4mG
zw#%Dm@QJDa`g{mOE!OYF!8Ia8YzY-QR%Rx{a4knl&T2d&yjCN#y;X6W_2#6#8kgkC
zCka(UUbCGRz5PsrT;A`GoVt2cWclZ}yyCy@^Khu;`F3@6#SXJvfGMX3AOi`>GU-(Z
zDXER)oI>?1)vTUaZF(9S8CzT1h~E46hju@AG+WbCQ9)Q4u_PK6Yi;gNbmV~JzOkTN
z!J*{lchM#+POQCN({Cf>y;(Lyll>X;ZC9_V5S!A<XOcC0zh`2Xas)&6V(GCn#0SUN
z<2CYNc50#rbf35qZA5p8u2yZ;ZdaoBDsckdn(tTZl7{s>M>etGJDJ}-phvNg;sO79
zBKAm_{ZfL#=8rQ$GL(%8lBKR9bj<H#-s33oxm<?+;U#;%mqXSzPV_SwD!0C;l|5FK
zx`gW=#3aHUbNt%h;p;j#>9bt^L9yE+7u~UU7e}^EU)3Aq-(+;|>iIF+PjA2%eTF!Y
z$)!;pUbJ4*pE;W0%D{BiNFr*{uxAtBP*2sgYaqG^cy3;J?H_`+^XVPVt{^+G9Z5dt
zvp+u@@sLE9k6^7X0vphMrKzur_haR;d&A?if_9rI$%pUD?R0wI%FjPhv^+H<mzd<D
zpO+Kv-nuP|N*Tf4sJK@>Cu~cY8bYhD)6!$nUBA^Gr*f-t55f0m`*xXkD*1OD?D@PO
zn5yC_bi^Jfr3>$vSbx_u?H-ae4qN_`oz2c5X>3-i6f17n*y6M)JzHCF#zo=jr`Ek!
z`Apl(l8L@v$8-q+jyz`(05uJ?Lx^1YK1o@c_ioSm-G#Cp0lRHZfB8igMv)lzWsgtp
zsp5+(pX=`o1FG1{Y${7X^JDc<_&&+xz2Td~FPzQ*{{(y=lTnv|8zv_E+t0{9Xj~6A
zo-Y&gl6?afOE?Yh&fy5;d6PffUNLv9%nN6<{yS`wv@$dP>KsbyZ;f6B--Fjxk361p
z8(n|%L9>jonJ_l?xsubHnE6{MxW07q0(;aIesk&zG#A}ElU{VrU#1zXcs==2vc#o@
z49|bCgu%dNrFAeAB3@z8g|O__a?`K(rW5p9GHqZ&_q({V&}X+WW~vB~t$eEC@0clG
z5IV!in1pPd7<1LrH;3d6U3o{McYap-UoCEX#%7`3S-Tg;f(?V$2n)`ReQL&T@>dj%
z;Og~!I=48zWR`;2wPxZ06^iWBfpk<mPPE+SG_VQum})$l1;m8kFxO+qZ+zibv0dbG
zZ%F6vn#ghvNBR7`^_~E6bF*tpZ_UI)?Xg=GQ($+;<Pnq^$mo!^=Zb9Z^2p+64poS6
zY+X`)i+6=KUo^1Z&=?+s%cQ6HQ1lY%9L^;`VFLp2K51;(EsMLlCS!zX3O`)YVida>
z{ejc~C15v+N;ERD0~Scbzj^s18_5+~h03<)vQC%JY@<;hE@>wf6<rCOnijRlA&*iW
z(f^W}5;_oL4tt^q9slXQ7pP4+8T?<)SuXZ_Qy1YaC$%WeWV}O<rIjp5PKJg)wXC|@
zrKqCE7mLhb$gdB1Sk4fivrvAc;wp7%<X|l)=4W>5rpXDZW%dqgL148|j`?CON-EjB
zWm+%HxcY4>9~(N-B(un}+^G9KH{p*^K$Z2L7|W}uOOuIut?!#R<tc|Jm$LaCH}RZ3
zb6-MEkZZK`*zL`me0R(P&1@m`(Gb1fITEuTFCd;MI1QO#xfo8ldmFE=3d8QtH1+lG
zpBfe}-C07^#c+bqM3<Ps*52{&S!0X!$#`nF6;(X7XqSjnLOcrz9G+fq2}*1zxyjRq
zw!6Hbf^MZHOAT|GzhUy8-gt8NCalR>t6G=s$!E$YCZx2OSR1hoCyv8}j>HqXY|^+(
zQC6zV7g~e7&)=0|VgRW?0Cef?ooWWQ3bm@4F&X^ihr`HEqD*CK$RhMR(=8tdvWLZp
z#o8$t^Om;yig{AP1JIrKD0C+P$G6x!S0GorCNK6R@%Xhs0l&YNM$bj+#6N?lM=Hz$
zLt;y9mLq~<V_Lc!&KB9I-hWp0;z3Ys6a4hAVP;Mg1-}vg&1*GJH58hMX%l&LS8a7T
zwN++Nx_zId|7^;o<b4UMc6S-yE}@K#shKP{R#2HSTo{PFq*GSsJI7OMv3;$XDi$;G
ztz|B$Wp2}|u~qo5u=imwhbg4aR+}pbZOYg|_B~Gx9vLDBVrSVIbYDt+Y+tMeMMtFg
zAqwIAlRhU?@H#5y@0jq$?A92Jm=&<ye1S4Z9qcy6{JMJW#ae1Gd4J$s{GT`*tU*5g
z0w|Bn?91ydjR%I#b1p3tSi9-K7%Y~`5C0Hd8Wuz+R{y^CVw~Q~w%Uq$NH9>^rN!L7
zvVtta##Nh`m_p=d`<7^y_zAaL*Zl9^K(hgTsE49NK&eg<0}zvGvoN|e5m#;$ocOTE
zQ|UugF5|)-oi@v2OnpPc^S0Z_gNc5G>AF@9-bNs7d4X7X!-@;@nO>S0<g^_wHL5r@
zLo&M5I%s?K7c|QhVkm`xGlPzf(D3lzAb+IN+JVO62>1t3EtsiXgiVzi2t2ta94mL~
zDM%{kjY-3tZ9VB{AV1vLruUZoTj=$>gD-w4aSz<Iud_#GNN%&83~~ap&_`ad=Krp)
zz6@U$klB3A;zw;2bw3>)<SW(aS$)=Hfo=rIg9%ESYC4XaH{VXwhKy`;fhSlMfF4cI
zn@1_^d>b5Sh`_OX<%iu{g#G5d56Rdr=*o&#X28&)u;T)$*~9sXL9fH^#638+feBJH
z#6%$#ny>3IKQ~&04?$TAo<9NP+O995=_(gm$ia{G7btRpC`9g+kr?6mE8zf<7s-w0
zU&p+O4}uc}-2a4J3tLXvw9l>dZ!<^>alkk^dQWT2b!U)^?^c}$czV*M@?eO#w|vO@
zc-3DVwF=EDA3>NLmWVx^5jozSfW%}Kntq*jDKNiHGqDa*R`*h_Q4ryKpZ|<$7kMW1
zYWgkX(8>5_Ku0NGnPs86@TQ|-X@!{Q{;oS=2k{FmLp;AtLgK>?2l)I2M`!Qp1*pLj
zJl3WCh$w#((0f2%Cjr%IQ-Ipg?`DuDwIb-_zT#8uf8M1*0P`C(7;CODi{_XCet(KZ
zuX}yEy7X{EYK}05<((tP{t_#rSLcs6eky?4fXl&pwdtP>J)b<|##%3$w~pj2Ep(p?
zexmii=ARNWi`f?_mND5eK~qN5|9L|EI8^q(S^$m;-`a^W5I9vC=kH}(P;~GSeXhWi
zyBVbdHvgtM-TLG9Qx%n&12rh<J4K!i#3Iif;&t#YU_^7|UNzF0oyB|D<X(34HveJW
zP-S;(a+pN#YDhaMvk&Z;PQlxyIi7FzV1<J<jG*;;ai}~B2~kBX%*+>QX^DS<se>nG
zXR#mm7qm7AImNMoDAVJmE1=AY53jv!nR6U>F6W{OR{cM1eFr#||NH-;p+1x}6d8pE
ziVDXjQOL{;A<E3C>`jBRXW0_jE62#L6p7>52M5RAGkgE;2Yo)@>wo>vb#+}O=Xu`G
z{k-4zzF)5^)NYi?geF)*$j%awtsOO?Wz5~8qI-8t2(oQPFxr92SlxJ}nkAJU`tJR#
zY1?sPYLJG8M%w)`rk3i};f;>CRa*pFSU+Er-(@Y&GOE#d@bzgO)I(^f-xyPH>jy#f
z0Uq@^ZthT{IF~lvN^|O+y6{h9Zs;zA5@pqt?Yh(b<L>ZIcA_C@DPg*N`4>@qyntIF
zbm@b`N2z6lrDYhQG5TFs_ro;5C(nBfaG+y^m`r|I6wY&Q|KUtbPFB{`sT;?MGT9M<
zNqO;5Bh_b$Y2G@bcqm6&Ug>^!?e)UkwfO*N0<`UxNZh~VhiG<?DCXfeQqT__MFzs)
z(HL4(S-p~!Saq_G;SilsNhqL!%%`>~JxNJ-Jq9OI3p7EU#_P%o!nd<^%2r^Y@jEg@
zZiYS!=&KtrX!H?a3SDW<=V9~*3d)KVy?TKBU>RjsBBcx+OHloT*;!~~%vQjpMGC$f
ze%qu8J8yx)6A(8ttIjjUz>t9-R35Z?F0!*vB!&3He8q<?ZV|WGHo8Nl*{YRnRl_in
zv;10-Df81n-bBgPeM+A<<Ig;-rr+_D7tnlIHaD90^n^MkIM7$mT)qlTxz{6P;Z3_p
zHA*AWY|yB%grw44L&J-x>Hx->+3Jw5iP7;ch@KVDmY1(Le`%Ov`DqR~l<dC088j?S
z4sZkH-z(b1EyT(o6m;lmz_=)zD(Tn7>f*wH`Q0Qefmk`A2-&y{-BnSjw~x9IRskZ0
z^GZf$CUhUMKYeF7x3p1k|B7i$V-2jLpkYQUXj%p|mvu4J=?%N(Gr5ZoT3X_7`%nkP
z#VG(%*$6Ifc{wMMyg4<{qsA#?U-{P#tucc3J|j!FVJO}APV`C$GjCQKb04Rpn<S4?
z9lBCDuo-x3LwsJsgcW<@cCje*y)=!19&gJa08SkYt3>cx>W~FUMb=srP7uWtqb68g
zqDvgzhGXlETLgxgJnqa(P*IUIT#=U$K>Bnsn#L#?tIUBG>7xumZ{9qZS^G!VQp?Z#
z$*Hd%9Co#lcf{tQ^Y#=s;=sMh+lSmQ6|9t|^*X4pf)x=kt+qX1J4$j=c%RmH=T<?@
zpv?Qv4QR6&enJV5FJP&fNU!Z^+$jk}7HPvvPnHmpH3*RUFZJj|AK8Z(7P7~^lmD8j
zRLex<c2a^!6cv;7NsOzdu*n{bo8UukxZwjp{n3XRi}C_mNVSekiEdqd*l9XA64M_e
zx>Z$p>>+e8B#bcc-c%g9X(ZUPf^k<+nQ0c(RCAb{Qv(@WbvwThBf0Yn(CSe*?y8oa
zud3Pzw<srt#w%z?K$c-Gf~g=o$0RJS^}Qbol8ChZ6Tm}k`?K`y;C<i{%MRfBI+)k7
zMHd-RD2gdGuUb^?*tvGob(Icy0DYLpG%v2uG=Xbf)z1I-!YcuwjK)sFs(w^eq1Rrl
zQPap3Z56<b!%mnJp4C>Zu^F+`ZMPv~&MlFs4AX!^p5_oMZfuN*R_HmInO%W#(-~jA
zw{N7*I_w((xRnOH+CV}E{tVjDIXS;I1-h~}e{c6e*h36|cSYkCh$dO69C@raEy^HW
z_?Y+OMC!+JJAZGoN%8YU{xi>~e)?Y-X(I*;J|?^|t^Y2mm|?dittqS21KA@U**h;X
z-+_pnkzbBjd{U)FVMtim(364lJL1?%h}~&oYnqN6N8FmLsF0><lU9+|UAHvx$!<&G
z8|(0ib-ob`4MN&~>ss7x%L_W%+9m>ht{KX1J1Yu8Au$nr1RgwD<8xZ)aw1r!?7CG_
z_@uqtv1&H`yK2$^qz6X=WZ9kd?~B-faqm&aEdCQY>HFP>p7Tjs<4fPWX0Ost&l_Sw
z*7=+YQ~&<>-cB>*o0S;Q7J%*2vin3VH}_V}@y((T10CgVl;X%@B{ZdB)BXF&i`cyr
zB4Q9S*Y09=M8?!)i0p;GpG53#D7E`lsi@t{?|v@`z4tzMzi6JcE12D{cGgYKkidx=
z(SZF5ePg@711)oK=O6|qF0N*x__4j~SjfU&`}dQGMfPwLmR{7g>%ZS&xCvG6e?R~4
zA{}MV9(iB;6X5v(o(FNmkfwm=MUaIAPYCP?u;2Ztu0C=4w4}ZLmkO^dP4O_c0t1`F
zO`l{y8}(WXxKxWH2{1i978aIcXV1#Om`Q~f``=aj{wbbLCU{}t<Nz<h8-Sum0UR!$
z)6$jqoVrO#Ne7{p3||L=L-=}NXei)VR_cGgX4ZZUm|>ucXmK8M%!CnOR_OSjzXHMq
za1~NBGFUh{1HeQ<j|$Y3VIl=e+i!e)U=N>QVDN7=X5r_LfKfV-Qr}GS?uLeb%t=EB
zZRnzcL===WkxBAmREv4#Fwm_4dk)}I^n(ot@b4&qb^-}lI1vFD2K=~N&=La<t`W?4
z%7$Mf38`s0%zWC!4LbA(hlgRRNmg3=FwBY$!kFL#m>w@!o&pyXIFz71837B1X*6*_
z)fSOEx%bYf@9E$-ZAx-FhMs>0Xc-Qj(qAx3ys|NmgL?U*wk3B@xtxuO39F#(<U@er
z@ulVQhGE6$OOqNf$O+?%Gr#(L@=5?~>a*LnE8r}^6zo2jlU~%uM-Rjo7e@kh4hH@Q
zMtQ0MeF6|k^#GQ>>sd8DJ-_wt5~#)whT<3Ly4lRiomX!F3?py`L<8vdkJD*16rO4`
z^8i~#CuASkfiZ$&{TU(qYakM{?DIa>XJD%Ucv=yB4Q2}UU?Axx!QTt8RuJT~Dqos?
zU!h^{3t&7fuzuV-Gu+Y++PLTI0Y^wB^z_aH<_itrdG`Y*(+H4iobju&T?d9ddH^aq
z41<FY!BlLy7BdwB_DU^49p7?wMc}N_z+q>MALs*jx)cD-qXq5!p`@aur8O~=+$9CB
z1Be>}r5u2sx`Qv<_*0Ag1IC|4{p5EKN1~CU4u0O+C#NVe@fBdYJcao^1Z@j^AZVQJ
zt^lfvDnKErhSj&1I$$c|3Zz1yS`L6j{V;jAF~sQ>|K-aUaepruMh9$<Eg#r4fEC@E
zv2}NA7QC+9T7S8{JC!Ku;JFSsw?BX<0FWbot6>TR5T|poIVh<dUbd92E&4R44p6jj
zZn>^8@!m&h<}X~hqFYXv+}sgg{jz!NF&H73yv}jmTvPKaOieS!6uAg&0L#!b=!^so
z4GV{oQ|xN9vz3%wfPDj4W3@m$k}#mPw}LQuxerK)7zYq$=(~4+=BgPBQ}Hq~gCipt
zKsrYOBJXH-iCwZ#)~~5aVntk2lM=*q9x$97`sjP#(;R>_1qeAl09o*%J|YW&`He%<
z&B+QSzEcpt4I*!jxV=eq059yVzkhijdZu*#Xm;tJe*mex6eg3Al>>K$?Nlcqu(QMN
zd0GM?{LUva8D4|c0qb_>;W`=^OuV0Odg{)j5o!}gINUHDih<Y<P-qCL0au$4IKZRy
z0zW{8zyUVV^5|nmhA$H5HULW|1g%jvqR<^0&tA1O-s;1+(Mty83G5qyVLyQIo+V5`
z-rWuGAW$n)mTodIe~p5+Hanurd%#5ZLAWpI(IR^Xa{3PJQ0fMAZe+;-bO*zW<AJf9
zh3f$Fv=6ieouF+Uk@NK-IOK_Wd7&`Fxi)0aXFq!mUK^-@we?T4bM`_)tAimhEd2`R
zdfj2NpL<Or|HB7&kSz*EEoTTKFolnTvHq^2eLJ};Xj^~!d&056J=09Y;SbAEua`iZ
zV!f8kq65w{T=n?LlRpB_i*MXGNaYS>CCE9?HSi(&leq&jAfi)1lfn93&q|7440#Kn
z1aD`YM+6ZW_@3phw~MJBnA_~S_G-yuCPUd}SNamg`-W_e=Y(P5G=VbPM_&+ZAd|)q
z?K^yS)6o^W$H%^bz$M_q&{#4%G556Z`vDm9EO~Hy7Jv>Sgq_g9x@~|sb5nrVTrN@%
z_!mp&M2rz7D&dabc*`^I-6OyM2HYkv47;n~J%OWOE#LdZxKqjS&`=}HG6OT!rU3O=
zQGJ{!4#d6TDukLO6b1ma34pTq&%|^8X^z_p#YXX30pBSRozVD;oU`;R;1$XM%1s@x
zlVD+vbQRdzfQEYrhS(Md-t6r!Qm;P(9;hQxoN&yb7ZMg=(P}acChQ8tRsd~;(s7#N
z0c?mewSW--j{)wr?AGPeCO&Yg;j{yY$yE^s2$Lv<W>LTea10<(;<K{+A?}=qGla3|
zF1}-aF%qCkDc{!uF6DLb{;rn0Nq#0wA@B>Oz{cfQAPNu;3$P<AKxu3MY+kh?CMY(x
zKEQQ>8AeAZk{kaD>0QB~4UCBk0j4mR6%W8`0?dYvBCAWl_;3+;Lo;au{s?Rz`jxW^
zdNLZA$W`Nly8!Ov%7ZU~K(<Om16op&!ULE-23rkh?%0VF&EuPI^6tRGpqmSl8+j`(
z8vym+lOr(khKl*jb^ZNdG|JA0oBKoKbe2xpI6lV#pqxQAqn=X;5zQ)~XxUdT0mig1
z{K??*ytr${o37@gvnRSscmV)^yU}<m8EAYF5G6R8)$=$}1qi==suN1<MK|2)UD&}Z
zP*hQQ1?lnwKe4MKV98yVFmcer@~ggnX$nWcefqRM?`p?K2kqIgy*5|Uq!a+6SPDD{
zA7UZMeC_}iNalv#UW)BS7^5un+awtrUd_(Vs?nbY!8|Cou8HH^ara@rS$}LBwn5l3
zT*R!v5Wr|(A7Ige8be$W7*z%%fBdN)rgjJ_7yjVe<gNG_qN6(UpPU9XH9BAcyqB<9
zfHq!o%}z<_1)5q{N7ckjFr}NAk&*FpMhn7hAT_N){s2jlG{9Ctu&NIe);C>z{Gbt1
zjh+(O=DE2|xNP4&i)ZZ#uNG1~WamUh;{Y-w6e1D8nX3WwjgnGOP}ezqlQhfEv$78b
zx$=Uao4NoE^$oaE_qQy+FiGJli#uBkU6qz*OfdiisHm*m+`pW|YrOQQ#|=&`3Ib`}
zH{D7A-z31Wcdi}ZzzuuWiyvg&Szc6Qk(7`?9v*uCe5yZ{X3ZaX&<+FCE<~-)eMx;T
zv^|BH!cip95)7`Bd8e1u6MLapcnrA+z_Y>_Vo7@e?BWA}8LO@@G9>T0aZQ`~7qSIi
z*0=%v;RB=;WaC6)0A3~}JX{LtD@OxiSLQe&WAA1zm4H+WRc3|&GT5a3Gx(WiLSa$<
zI$)}RujW?D(p2d{bTj8?5MrPN+#W^%W?=#)26Lfv0Hj*5_T^d>)?7rZR}Gr+T||M-
zgUfBpdD7O&OBniecRpPYwEjS(ZU%@a3>j+doD~~4)U$Oiu&^ZFTlZ-jX81iJp!;>v
z3?h6K9L97x;df`t8#{9uXO^L}nb<BN5b{(1JRjee))`$;FNjKk$!ln_f^+r`l#8;4
zM#uO7{6aWT3LSMQ2fQ&P;b6xPFBHJExHT7)_e3wC01E-97GY7c8f`dFca+ScFbWur
zf*_b8Q~*wh&gpZcS-BmLZ%~~)DFH~_FmO6mKrB$x^YrvQPD|S<pFm{-LEa&dwB{y*
zD=<Gf05Ux4S4~adGB9z$Q8pL2So+9R0gyTXh#(wN&nTE+k{ag?OjxgAffYfb98sn4
z1f7e|_B7#OTW2I5Ako6(HU=;G6=35;8B;77H38&0E&7&&_6Yfx92#f`_w6Zjf+G{5
zHj@DAT`N=V3bjm$*Apfz6>K12wNLM<M6d`sjdhBiU$87&R4Z9<^A8BP#KDmzw{Cp-
z(j_l|l_3r#mhW@m9^glPXJ$h3R<P1?Z=(bCdz&XFJ>Nn5!2>#Q(x9Du4)Fcf3IZ5K
z8Qj5d1l%00Xw}Qv^8xM@Q6V8AMF1fm<=BGW;QrxMlwW3X;`s4vXDELB_^~pl8WamG
zI@D3vJJ5Ry+aK#n1bl-)z&j&#2W*zvMoGq1w#2eR;GBcwpEqis(_sc(rU;6~&??{;
zpiQH$vzk-G$i+H`f_xM<r!i#Z@&pfCZ7n1QSRqiqqE#TfH!%l6s`Qij;>H9?3@iu*
ztL!K+KMU>yFL1(<p#U4tSk)pKG#=><GkICrABGsP#bOXB%-Wpw)pB8kyg0I{8@}YO
zMiDnILacucg}6z;x9osf8rc+i+6y(X{*xweA;tiU1IR|vLJr4`d)Al0JT20bfrc5t
z@)Aq+h)5eR_@SnabAi#(zBP|c-{<f%Ggso#`yN7W5GtdkeYSm6_v*0r{#{p}xR~=G
z$#d8X;gDU5s{R}N6t;DiS^%7`5C8%#OcCBgmT=v9d!4vEH4m_$2nBBW2J8#`>8IrT
zNulc(vRHM1=Si!2fjA9Jl#s@iv$p02OIp79`qitI0<TxE@{FN7?KR;0A^p=U-cky9
zpiqK%sp;dgg_XRhNzGQNF3fkw10A5bqX_H?zZb(fPxPKEi(!yjUP$w_fl}ucq6i%F
znz}l(=KFg`YH&$23J+us2!d}8(4#}Rn3A5J0HG=3^!n&-yZ}5jYNHdsCpIpfV~--a
z<41cNj6FcLexI`4xAJ?iEDMb9d)+?(7E4@koEh?rd)H;^*7NY{<;!mXU3<wbm<bDT
zOxNV&MC1U)Dw}G1s;2_6x*+N*xok`99HKsrjW2__G+(qTQgs_9q*6vtXqlz#PWU0g
zxoJ2aT51Txhk9xuI4wnR{p&B3z7NB%D%?~<@1vmQK9t`28}i-PX#M=scmyYMTTKmC
zX8U{@ggb%dbKxm$7>IbUfm>KXPkB(>B|UOwWkrpbhyz)i<W{&F)jIj1D89x7vs!Z6
z?H2SGpg=!f5EhPshF~>6nLS}yWb5gS1U&d|%&iYtaro7HUp=vk6>LKg!M*kNHeIOt
zQ(h#n_UFgj6Nir;Rg*5aJ`6>iOK|W34P<4={>-(9D6qTWfW)f~;C}rw&O6rI<vT)q
zb$`1Obg+m^;sdG))%=2jC9Ug!<5#UG;dmQEj=oI|hZr~T<-01}+~AN!2su1Y;Jt6;
z49q$2L9K8B>Z@A?1rzF(mlv05%VmfTk%USz10_7UFAbL`94?5~dp<rZOcJ%i=$_b{
zRHULBQ_<$nuC1vtQKiy!buIVCN3wpXG<46)gM=beIM7{YTbCzP06EYZUJE*~v&jHs
zv*mhN!Wr2KfPf1gDx?ssf6qPqd_Np*P7B7#_ssQ=w+FB_HRpweyH9gpf?-fQoek-d
z{a77%Oh{`&{)26202mfGc21iod!jj+5_AIO@p;*WmZ&q4*}Zx878i)@pbivq{n0`2
z{t&s{8*{GY?OG&gIk~{Sp#*XPk`I8bwX#0u)AbN^E9gA<Cxvcrm(I-gL<O|m8rFr2
zsi>R;V{6*TM@Sci?8AQ>>x;GyzNbjrYF+?*56Dj;&5KaF;5`y^*0T<_z+$(81uhS!
z(zmB(#PU?7qz*xL7odzo0o|G7!537+^rsbY&t)UI-vY)GV5M$sWZaH~y!#ljLKFf|
zmh0Dpz~2Snf)Yl`zP>)hlmlXlAud)9Du|fs@Svc^QPFv5l)Ub|@WbDppB7pkX|7qb
z<mb0S`-GH%!3BW#x&UQ7z<RP<8Q62g7EXfD$SEmDfNTu{O|YOf#WoY*@*%zvZ#fci
zA+gf*JfKvu@){>uP@(sMX(lh}mcMt8%C;m1!aYD2BTV@T!e#+1q~8F(7y+za6>(X=
zu0r_&@Wo`|HvzQ@{6>J?=*%Z;f^Cfe)!l1|j*G)VkkF7KI?r3as!~#b{X(C9HN1U=
zB?HZV`j0%a99V8@O3FDHVQYrU#?Ggy+vaC!eMwsjEY+D%D#rD+lBNOH0su>SmFbOK
z)=@b$fU$r5@vmdxoF679XTEVG7#0f76Kz<BQ$?gz5g@|=55V!$r>hsnnrUu4ep3;b
zB!xNScL&l}gC)_Sp+6v94K*8+#X0cMD`CYDF8I>%2LmgaJ~ul1EK*zm6Fj$>9MfWV
zPGO^x@=!%v+ea=9^Kb3zM@WUB(6IjY6Y0*xGi0)ttT3hZL(lX1-p_7zwUuV++00L+
zq!k%ZKrqVSM){HX<jIq>p#7A9!UVikh-m=+Z(y!P6o4jQetS6EUEVhYWT{9T23R=(
zP};h1;Wgx+09||I&jX20fYx~d$pK|W#hW%ZJVy1=@hK^Xyedh$*6d;Q>&MTZ*8#2u
z@`8sCANFMw?OB$7X!Y38Fc&5#i9^sq9S#lfF|pbNsMOCv0a@kUdy>Vt`y5&Y6eZo$
zBSCL>-8XAa{D=(zrh-yGR7h}Xe(>FipPM^Rdmi!WAjosBB>>wA+Pt$RZF5<r8*R1(
z6dyn*hddk#JYsQ3kAY(Z4T|7F8e(XCe%^vvHc({XUc%ZSLce(7!T|s!95FiIBmzMO
zKQNtuC}1?H&sqS|2?OBi!#0A-mt|iCL{pGY_<a8ga1H`wS|#jYSf_F0Bg4m!S2_)E
zy0{J3n?*I!L9TqzLZh~EQ<rqHLKcBQ8Q$J=ap*sQivw;6U=5qThaDyLu(Gb-QRdy1
zd+3H+-6Cd7fH)0t3y}RCN6Z<77g<?Hp@EqEJ(NBmbIA-2)os-%CXbXaU)q;d@7;SQ
z-cCnNeFwZIP%}_+D6rqgZzt1JQ~k{FVw`ynCiJ!g4b%r8Ltpb(JbMd=X5KFx^9j&i
zhysh<h{1QK6>F$sGn*el+IUO|=1w2O({Lb~FM$TP`b+}*9-0+6pB@DMhWLMXm&K@B
zD>lv4f*vUzWfebngAC{Husv+O*!a|OLsg!_*hb>MV?oo*K-hV&L5O#t$elcr<U8}n
z@TfUDaY+T#xain}oQEW!JzW_h_8j)S<dzl{fc`sc-b_=UX#`Z<bK6VH=O85k6C{o8
zT%r{<INS)-X^mUrR?iZh(`uKDERO#FkMNhi_knwt-G9-NaTL65l0{W4NPBK1kTmkU
zVUX?YcA*_iVD=o2tY(}(ePI7dk6VgVKgoMY67&^Y!ow3!aa}C1UQV=(5YcEK>%hnq
zC|Jf##bPk#IQ}RMUpF9h8!cJOCJCO_|0rFm_r_SZZ_}0R_V2SyFT6jhv~Jx~k(Oq?
zd_eUi5y#JvTG+FkNz@7r3rTie+|bn2L;%)*R#&GN6={fxiN!J~WkYcrLC1!&H%rG_
zgzoAbk?jUsXC?DQd0@je8YQI*8uT7k1_qy4sQ3`38B{Mb6Em~TWIL2fFK+&MU(o`|
z3Sr?yk#w0DEFcO(hKQp!m!t&nupnRSO7lHGFK<-6Vl516oWa4t2z(wCE>q$Dpx<K|
z#II)hqfm6eq$R{ubOPpHyAEf4tVT$>P`&KG)&zj3BDB$1MNcn2*{h!?mSw`}al6?J
zYd-G&{$l7*xD0qTx{HMN%HgG$@+CK41eqG#%a*35kHF1G>EBcaDTwH;guKMwd=c%a
z##3^BN76FdGft2#OXY6*13K#c7;5BZ4VMBJ`=o{B+m;)0R=?5sd>zQO>ss)NsL%R7
zyfpc39+HLJ4u1wk=!F3H03ad-7r92ta=J!d8kQtg9i$iiB2&Wln`IG4sg7I?<wB{!
zSe(wT5m&o&wFrKP8;QQ-yn4rDWtAVj<cLmh`uwuQCO+wI@Z)PNCar12HD_q3ZSRT|
zj*jLsl8+;g1)@h-I$hz35J^*$Z%-KLf<{!-%%1PB4+aWusa~KxL7`^vQX0Bw@RNsz
z-w4j23>ajakdc*bnQ>h%@iKIw|2_=)Jy<H?=ybK%@#18cV@B7`sOacS7g*t2TZ^V1
zOzWeg5X665Rx=A6gAgZx$HOb}Kc!f9&u!djn$0nKhY6?0KZ9~QCtcr%jU6rHXx%n)
z5)Co{5X`%|E<9W7*%gfg`(DooxIPW|-R5>q8Y=F1U>WOr-UB{SVRSVCN;L?Lm`+j7
zL$}HQxvV!_wk0eBSFz~_VO;y1RS$WslfC_{&De=#*3VZ1AKNt7!xjT5J%rAnVrwxw
zA1VjZ1>Q#${8L>T=%`M~HEg*5N-;JVx}s<(AIn0pQUgXd&|;JUJK|{|1}%PzDGpxb
ze~n!VyUhIY<Kd8AY7HxDsob)HL(zgp*{v(9IJc~tkV~~@Xr~NZhcP$Y3P0y0Bg>FF
zQ?Ye$<_JeS>Bwt&k9mmG5ATYD;dUFD-Ncm%ax=F|Dz;Cv{V$y)ByN{%M)zncJmjXO
zx9krX_;z3))(}HVO3G3*XJ?rJy+x0QuBfd2kd+KTuB57|c{c!|6GMGv{<YR?5o6#Y
zuZI!7?Bh$@V#R!`;&{jO0b_1j#$qJ{b#N{=fr@-=I;V?+g+&7BRRZ#FK7<Y?*c}K{
z8k{aZ!)s1#4-4iCT!-0D<0dNIwlCejU7gZv^pj&bwZvJBabs><<au1r@eVZ}{h4Rz
z2w7kOxgcDREWlmI2)Fj}qrQ;P@fGj--14tvl&DgTn>XF7EAOipccz=g{RHUi!Mtu|
zRhlW}ZT#K(r3A70neF&TD`$^WXN`uRj|}IRF&Vfh{AY!PD(H7zjk58myM<o@Z--Mf
zbHYIr_1h5%)i8cpP&vbZ+!ys#{TO<m@T49Ih8GkNSkR|k@*wq32eOM6uix>DN$G7+
z1hNk~{De*US{_G4Ju3^hYz?zyiBOgP^(SAyrif_t>CHTQH+U#|s+FZ@Lv!b<D0`(>
z*qf9&WOcy&s1ET{ve&#+Su0M+#Wq&otILf;WV?5JY;x>TvHey?u%v(6>-pBT!EU#<
zoIVp;^bNTZHZ=QkhXL(L!7t)|cNWJUb$&J|vq0<M1MOelNWx9d+8<f8SsR}ZupZLS
zJSZVCo?3)UdrmOqY0<s+4Yw8b@#7;Ptj)JGD)OJsZowwqc}?l7Se2K|y_ou-P@8vG
z=BN)9=gbav{djmSB`2q0=$2d0?-QGKYU#J-{P3+$Gv$L%TAsNm{SO62FbiC_anUoK
zHsrb-)k^`}yFA3=RKHJ89$T2VuCR8{p5d1gEOc$utMH2}O<rR^9mZ$&O6kt0C(BDW
zx{ZrDr2km1mrZh6G#3t?<u)5M#{SYy<f^7L8By0|;}&`_aM7S>Dst=@LiL40ZIbA5
z^<IPokWPLBF=0VPbUtBYHHJ6Fg6zP7v9a4SVK+?82-N8;W5a%TGFQfktcJ6S(gg=d
z34#uf<LWXqZzLwNEo*2g0(eZ4`B}WcQql98L|D_QGba;&a#p1E_8$A>d)LnQ8xE%s
zoM&lN#KLOVsC4Aanbg6c1XY(mDM!x~mhhOp8{Jz^c|Z=$(|t}~Cy$VC+9dI=MQBT(
z71fB3?+Z?RCs=4xKAy;icDtDVvtQ*U6}3nM6?aKfiz25qtq^zPXLDoy;98f1KPm1#
z&6%=0F36(eA@<F*%uYSHrOR2_&VpAaxM#DHEqNeYw}cHmu|uD_Uo-50YoU5;4@G&n
zCKkf|BG6V@%0^a|t+kHZx?2GSmKw<m(#`aQm*OuN9T<FCJN2Skf1>dZW(pH~c@FI7
ztDx7+q+VTJtedpnQ=RUdf0h@3vdteVa>*YYq`y5WqvjU%22}pq7=m_>Xl`b8(R6Ul
z=P4y~zgm|p-I6pXbFPSNouZUBr)9eJS6-AV#^L5kHV*;e>_`nQU0e!0I!sGmcH554
z6#Kl)7ZAZG7fdHy5AbrrYhQMcfbi=Gtb4$`geZo+r0_i}AGb<yi{o;vX_~^_;N!ub
zPaaByMp~k6#)J~872bVze#z0IlDbi=bmYyOrpC>%V3zg$Bj@MddeaE0;Inkv)+#ni
zJOl3H-&U@lJa*=?)sysr2g-&*nK8O9skt_cY>(DtTUBBjI+UxqUB@YgI5fwr((U~I
z3RC7#6bUE5t}xYXmX*bh8`%yme17R4w{PD|?sGTpKDuOJ+NoR=U=!;>buV(epMA}6
z;xuAN`i}>5FBchTE{}+&<+q}(I&e5$@^={xZHtWKN>luB3gRQI;+orVqM=3ks#~rF
zoHnxc^+6qGZJ+m*<hjfXz_Dw{)0htp!+bTzchmfR9oca1O1}bi41gb|gLMSz(~=91
z7aogRIc0C_tBwdtd&`^|ey*!dXs(h|>ii-d;2b^cK^0lJa^W`RTV;2*51P|mYVhv<
zq4-Cs-JK+u#cdm9P+zY+JXu;@l*k~qtJP7X6V5lxwl+mi$^`4I*5G2OS@xA8lwFW8
z074l0^N;Lqjlh<WH1~WwVKhC}NujVlx#_058RkRFZ}`G9*{^l%5g8~F9>?z|S63a3
zw9Cq>i*ofb@^oDTqt7@1l^3p*?1f;mq1>y(P1Evhu>{I8Q6@G`qT8mQ4jt8lx%wZU
z0ss#oSMzEt!$D_>^@klgp8{d-HKl#@pOBitliZSduitN8HGY@)vvylEp-R35(S?qc
zmrTu4@CzCazazFkCVMSOEisJL(Gkp^I0eiPlp+L>;CHBQk&yUX3Ked137MM})<5|i
z-p&1e3wy~3Ejrq~OuRSM(d@W2#5n$=uPjZ(K_xz3FH-1{|3!m(+sVQwk`YIzw(cxX
z7hJwz<Ll{nCi4%c43Fc+$*U{%?49{#vS9=?E4z`$_ykAV+TeAUnMM60zHgLTYnVIB
zTzs-xweKlD&AH>tkljJ9qxkgc8x}3ysh*gjVjZ{Ju3IGDGEz#m(_G#PvhP^5iyk+D
z=0j9<-SRXmn_*7UV_ajnZz_XBeZzVu&Y}S0Rj(Z}HYvAR*K>~Pd0?ytkhNCYGcD{n
zx|)hl-%xX`PBSm3irA<K{uaSwt0uhteDKOvajnTS6$!9y*TnibS)|=oh}+t(u1)0G
z8&XlC>y)1olb-bSS17r3UvR-Jl4}dOseyh!EY12`<BLS&XK@yr*goL!p6V&TT}?UD
zoO#yopQA@ro8H`uj48a|w~yIrsb-FJQ{T|)ru$Xp?Djmheas)Z`K<~px=Z8fwc66B
z{~VBRia6n=y1IC=+q@{DM#JhP*x{I=vn(AV*Mkz>ZxS5*89Nh_CXUeZ@+*6IcobX5
z-#IJds&1z>ZQRrU9yzS^f;ln-bXFKkt9JPZxhKT;aF#H`qS+bz<SKSGi3&s~Nl=xw
z`k#%v<F-?3lW67Qcog`_&AB)WGuD0TWB41>ai@eP^u+XyxMF1P-i>}STo+yHO3%IS
zoe}+dt!KjWGHl3Tx@>4m8SD$%aVC3XK=+tD8gnu&wN*{1QfQjJ_b7jHK7gegx5C1D
z?%GX&87H7!(?VN5-#vrAWj9kWirHRK*G@@QT52ZeVV`l(E;4Qcr4&{7u8qUMp3H7W
z(cmZb&!hg$%|7qgT$-$71aftCT^B57L}?frI1SOYxTW{!4MGj;o#cbBqD1V5zi_n1
zHV4MP1w~WHVsdw>`L}B)I$>7c3X>*J_fD5Ew`G1QHyrCYMwTt8^I^UGa#*WrYo3O~
zT{)a$8cTBrmw<zPoMF9I#uIgp8q<6>Hi0{EdX%J$!-FLgYk*z-8sGgw3-p-${MFkM
zx1S7-&Uw?FOz2Cf8XxwX@b+fta>6N7B1OD^K9Ex!tQ4=5Q0IynGg>m=+jdWNYo`pW
z9nGh(8Y}b$vT>;)l9a#9EL3kbJ;l1Yg4yJ|B1_<P8UD3mX2uIni3<1^EYf7QGm7)r
zvv=e8v`-|}1+sJ-n>E0(NE3OcB7USM#?XFI9q5PqkB5YzU2{qIk%kEvmc9_b<upn&
z$Fa$5X2I1GIJv@qL*Pzu%kz-}z;f=3WMSnvU-Mbv#rfN+myX);DL5;6H(xq`L_J$7
zxFBm=Q48-jnm4of#D*5lBnNv|#brEvYh^h5)Y<pv#P6n6Db%Pvy!nBNiH!BSLn0WN
zv2M`}B?*;0iW=rHw4QhWt;#Oz#aKX$in(=9h~H_{EL$yy*?38AiNQ$P|7*wAw<8`q
zKJo|AIm$zd<Kc(t3nYKGfA2~1bd;tvbgrRaDwMff6qnG>RX#vwCwMVQU^+d!Ipy;S
zLF{Z(m0Sx<sTyoJCfLqgR(9^ccEL~9>J`2`OZPR_gJhW#kHfW{(+_K1Ds1hvt=`<c
zYQ8Ld`7&So(2~adY4)CLT_#%AlgD1a@-+FW;F_f@dGwcx@+X=65$g}Rw<MR<$3IoL
zYF~fpH7-cpd|OW^nmFH@Y~7)fFyOT`x)Lw^+sU=4>5{zDcXm%s;FbAZUvE2YFJc#&
z(;<nxm$xsS=n7$0;!xzynb?#!iosG#R^eS~F>$pn7g&G&^c`qCk#zY{r);u0NR}nF
znZmODO{3;qb47D1^SX7TN&>9qaaw9yjrjWFpMWh)LK0qmb*WX@^Ox9l)0B#j#WMM{
zL1_74SXA?;M+s!rsqtIh8Pw_h1QFKjttxQR6iLLyOv`PQ5hFk9oBBIkL>W{Rfj1lf
zty@q<*+yv}GufDCx4{uPx}>~kAuQ6#0gO#mO*{ft{eiewSg3Vhv1mI$*`_b_t32?-
zX3-TkwkAkiK^h@1{iAF(<#cQC3;fBBwt1iO>|Fg2Th&m0i+M|gpBRP0Gm&+4Qe^3*
z*_f56IAzIHSN*7x4xa9^uzl<d`!wa#r`zAYoiBDO{M1a5{W)HTH!6!AGj;a&aGRRT
z#<W&i$^G=T^!KMuTRtV^J2HPCMnAfdG~N|4&{=2|m7$ip+I9pK#(2}`5X?x*+91_b
z&u3M&4)0%-Di-RKf%aFo?*+*-bR>f!W#_l?g<#`y`p=K#BkAA{B*(w4K~&Qxx3!nx
zKQ{iT(||xrZ80?=IPq0tpRirytN=J$lt&^NDIy4#Zb0Y;+-V=dmq1=@CyymNm@ai!
z#m}}_(OMPdsl2OK%-r?+`*|P$306`n**uduthPyrs%Tu$m`9?5>ZKEsOJg^OY_%&K
zHAuw1(ca(|i{K|OT_bi}deUR-$f=1j^n-qEVLqlE(Fu+8bW@vau9w%Y8xCJ>8=VU=
zxI(<FESF#4x)lV6ZEVy-TU%f`{B3idQ?*)5wm_;kc7ppHlaf=#>Rm&tbhV9zij*N+
zt7Mv<rK=OxOD)&s>Y_8_4@(z!JInB9=_(uF|H53iWbg`We#Z~1*gf=szT2q9<M$M@
zokDVrYVVgzZ*7qT2%*oj-o{<gPSqyVK89oV;)Qr9Xcj}9n;86eWGKH(W~QA@e}jlQ
zAx90|1@E_h&EG$<hXsZ*NjqMwxCv;Hh!4r?(~<E8LiiDmmQWgn<*K1dnY`>DIZpR~
zZS;yjFar4Lnq`jp7To9*@P8s{C&I!oIhVXPet7=4WU5$q42&pG3%<sB+7~p;ld)wT
zr~X;I{`Fd-=*^^Y<zl<SpJU~fP8F^Avm!xmH{Ct`q?*g#QO9J9WcrNY#y+WUhv<9#
zDCtY<N>2SOW-uZ0bU*gsOED;EG8ylLMGH@;F&fGK3{M@1;7^`}NMc^sS%YY{dFvA8
zjPiq9!G=Ru+o}|LLOM-t7%#H0s1R4D1M(6kt?0WgL*vZIH-&lZf~L+6-fILEJg=K0
zY}+~~E>LQh47&G}rPRH)W^xFS2B(uNCsrP}Z>({u@prqruBOv3)o9GVcurl~`^Ega
z7Pss3cNb-AY-J0H<pyPm>&-KlaN!9xT*F_S>sl5lJ|!7_DaC=0+-x*#vQ}5><<D<Z
zxBvan@Te$5bZb{wV3Dv>@0A)VDCe9mz5bLz@VYWh^UN}%`Np7djEJpb_0h@audtVn
zPPK{*ptZBJLqJmfAxfdbMjoCQJIjCn8C#!8S(-Gt`rwcDRJTSJbXu`p;L#?tGk?!A
zwJ|QEYC*`TVBON~oX4sMCywZ>c_=AW^9c__P*BQdhHh0cnTjl=FT`Ll`G#0pN`Hh+
z9EHN&U<sHETrJZ79DXV;^y7%GYwO(h+EPdLy~fY}n>y>+ZZm&Y+P_GYed)hMDePuM
zqXQ;(Sfntc`Pmv<97R;zj}ETt{JsIZQ{eg3X*lF+UJ)ps(K>MO04q<-u`|Lrk@VGP
z;=^Rn3u^+%g)Uju{1-WN1Z)+tyq3Vh2|g$R?UI%=>k)}|inV~iy3)yZTwgAKYuxKK
z68(^v`?$Jlm5Y5A_hh@sA;#QPmDV?Y0ogh&3y0w}=zzMcb-RCA`X6$}QTw`g?*xMr
z0~`E(NbLXFtlK@SMFcGGVvp7~(9dSDa>c5tSZ6G`uIIC`3RkX=-*GvjXBE|Q{Y2=x
zSvj&C;yX(ya^>_NsSM*c^7#0X%*oMy_8Dj!;N-H=%4vV^7@eu+lZD5R{fI9MPK<vm
z4ctg+UFElfxwn754-<Nx$5LZv(c0(|CZJf<y~L_V(9eB#SlZEW>~1wbn1BiAMU$Tw
zD4M|o4vrQdc3Re4SoF*n(6v!|Tf@v_t8Zxez%+T(XlLJla5_lg+vLOUn(^EGtd0Fl
zA>7K_+h4V3zLwr+Eq>$}x{%BDZb6m8`F61xFmY_0oObK{WkuBvgd~N0^X6oEg8sm9
zZdNCMiyq^am|?Bp#FYXaD`{`u#L?06yV_;W-^TdFfB)hToi1y0f)q@lD!81iT*Jn9
zrZIn(-K>q26%yih^1!HNX<3H&3kTc=#`G3sUSZu&kESX%Mma@Kk?+5&1TH!fEebqJ
zdqMirdc+p<NEANRIJNYj<&9$xzJ1fq{+1%*dLKW|!7ltL68yF<KlZ1TYY{u9*Byxn
z*GMcUpSeEu__~BRE8NcR)7-?SpYulaJhboSMlMK;_aD)A1Z=`4J;LZ=Wp2msp_l0L
zof>gFNk)|OTcZlWqaX0?PSNx8^A~Cw2b?#087KoXm|-1=#~hqzv+32jJcaKp7*j@k
z?r-PgBZFh+e+`Hes5b<`nOss=`_<Js{snix{GR3Zz;**@X2)sL;@%J*OThzJXl6dY
ztBp`Dw0c|(0qswC{vjtvZuLOpa}8wbjg^MYu-c`v@p^r0OA~$q&y2Gn4aB~^E;?b|
zSic}0;q52W;Foleo=_n}J+TQzj$yU@o)UJSqJfN&o`#n8-n?TUzCC<+{^riU?LCpw
zh*|@6%qJ=@w*5s~gO-<dB7Rx4Vng*kff;N}7~^&(*dI`R8A3Q~p60)zpy7htNm@#Z
z6m%WjIAgY14N38ZWa73Oq}>@9A}k^G4uR)sYU<<MJEa6v+^u$sg-0%_)kU0t-}V9-
zWbj1su-VsX_ukS?w_8SBsDNd@b*6uRQdwuX5D7H~1xk{b57iyQd;1nuUayK|s0kIF
z<^t;7g3K>)3G0P3@zq66d%s~%?$oC4H0|ppNvhkZAu@Op4Kzm5xvyp1OB$64b`1j?
zD}R6UY_7-xi+Y4tZ3LE=_H3TPCRrI5+e!u`{KN9g`~d<hA(F)9W%^eK_1iQa81ke@
zwzBngB8+B2p%6H6PV7FU&|acDTfE)OjY@}4{U?67@v6bZbj90D&HUdlnZ=Ns8ZU6|
zh@|wC24hz$R1S23vO9nCAh5CmKae!yID<#2s#gC!_Ur{`|J0<rh_!OQosg3gSg*<W
z@J7U*A0l0_?3EFH00IGQCG&jrQa(*^3U=qU+Q*P#%0Hh-X6G_0HzIp2GW0CB{HPv=
zCG6e1G^p%76J%oRTryJ3V@f!<*pSmlE<2JI^SuzB#n55x7_0-~&jEz5cP(zBfu^Qr
ziXFw2(Q6UvnVPp7_R0|fzjt!Ud^hY%I<1Tt*e9%L&@%Mm7kZzap@71G?r&d1MpY%H
z{)L{vh!DIbsgbf=n6mjn#+04)t&!%6SWD{be+1IDHWQ>0(~-49%6AXSN_P?(Ghe>4
z1U68_o4#^|jA#g+<}Qb<bb-R{_a{q}pcVk<4yltgWqIGIHfPh{xvt9*D8`IS=a$P?
z8lvpOw^{~dMRy_#)YpUqP=MZ6P@p8eNjynIlZx<tF)`f&u*qV=b4hhhT}2rg3<Yay
zEJLgoHxGK$Ctz!^1-Ai%xm0^QSjZh{Tf4rWc8VU`)tsnNf$xSWivbzo`n^|*5@JAp
zGDQAAKM@g#BKe}KJN+zaPs#PxT*uJd3>f>LuUS*-ak(?Jo_752(jssn;d;=0e{c4b
z5-zmB2MX-(g}#=BcTjv#cMuQY+A~9_X~}kq4|s>%>IhfE9f`QdinUXGWfp4uR}wdI
z@faF+$pypzz9k$0PbQRg>A#ze(!au@N^dDF@cljU4Nj2Yvp-_D^xscPM$HcP@^t-o
zX?LS*aA|eNU<RYT(~A=F%As+`J4XM{Pki7f>Jv~F`Mc;?NjUS_ODPN^Z^W+um8AV)
zL-f8;E{4fx76E(Dg2FMG9c)MzY9F}rS0(ozfmJQ=PyM&@*`u)XHJ0@{L%<K}3)&F^
z>Lz?~_iv~#9u>(u*)-(eqwDbXz5nRG)4r?b;m2qY{_f{yAvB2W{k_-^xG#1;4d&a7
Yl6G<=$8Vu{ke^83mY2x7_3*|20nZ`XUH||9

diff --git a/docs/configuration/firewall/global-options.rst b/docs/configuration/firewall/global-options.rst
index b3f311aa..7c52045e 100644
--- a/docs/configuration/firewall/global-options.rst
+++ b/docs/configuration/firewall/global-options.rst
@@ -145,3 +145,35 @@ Configuration
    [emerg | alert | crit | err | warn | notice | info | debug]
 
    Set the global setting for related connections.
+
+VyOS supports setting timeouts for connections according to the
+connection type. You can set timeout values for generic connections, for ICMP
+connections, UDP connections, or for TCP connections in a number of different
+states.
+
+.. cfgcmd:: set firewall global-options timeout icmp <1-21474836>
+    :defaultvalue:
+.. cfgcmd:: set firewall global-options timeout other <1-21474836>
+    :defaultvalue:
+.. cfgcmd:: set firewall global-options timeout tcp close <1-21474836>
+    :defaultvalue:
+.. cfgcmd:: set firewall global-options timeout tcp close-wait <1-21474836>
+    :defaultvalue:
+.. cfgcmd:: set firewall global-options timeout tcp established <1-21474836>
+    :defaultvalue:
+.. cfgcmd:: set firewall global-options timeout tcp fin-wait <1-21474836>
+    :defaultvalue:
+.. cfgcmd:: set firewall global-options timeout tcp last-ack <1-21474836>
+    :defaultvalue:
+.. cfgcmd:: set firewall global-options timeout tcp syn-recv <1-21474836>
+    :defaultvalue:
+.. cfgcmd:: set firewall global-options timeout tcp syn-sent <1-21474836>
+    :defaultvalue:
+.. cfgcmd:: set firewall global-options timeout tcp time-wait <1-21474836>
+    :defaultvalue:
+.. cfgcmd:: set firewall global-options timeout udp other <1-21474836>
+    :defaultvalue:
+.. cfgcmd:: set firewall global-options timeout udp stream <1-21474836>
+    :defaultvalue:
+
+    Set the timeout in seconds for a protocol or state.
\ No newline at end of file
diff --git a/docs/configuration/firewall/index.rst b/docs/configuration/firewall/index.rst
index 1d904901..daf5f116 100644
--- a/docs/configuration/firewall/index.rst
+++ b/docs/configuration/firewall/index.rst
@@ -26,14 +26,23 @@ firewall are covered below:
 If the interface where the packet was received isn't part of a bridge, then 
 packet is processed at the **IP Layer**:
 
-   * **Prerouting**: several actions can be done in this stage, and currently
-     these actions are defined in different parts in VyOS configuration. Order
-     is important, and all these actions are performed before any actions
-     defined under ``firewall`` section. Relevant configuration that acts in
-     this stage are:
+   * **Prerouting**: All packets that are received by the router
+     are processed in this stage, regardless of the destination of the packet.
+     Starting from vyos-1.5-rolling-202406120020, a new section was added to
+     firewall configuration. There are several actions that can be done in this
+     stage, and currently these actions are also defined in different parts in
+     VyOS configuration. Order is important, and relevant configuration that
+     acts in this stage are:
+
+      * **Firewall prerouting**: rules defined under ``set firewall [ipv4 |
+        ipv6] prerouting raw...``. All rules defined in this section are
+        processed before connection tracking subsystem.
 
       * **Conntrack Ignore**: rules defined under ``set system conntrack ignore
-        [ipv4 | ipv6] ...``.
+        [ipv4 | ipv6] ...``. Starting from vyos-1.5-rolling-202406120020,
+        configuration done in this section can be done in ``firewall [ipv4 |
+        ipv6] prerouting ...``. For compatibility reasons, this feature is
+        still present, but it will be removed in the future.
 
       * **Policy Route**: rules defined under ``set policy [route | route6]
         ...``.
@@ -67,11 +76,13 @@ packet is processed at the **IP Layer**:
      new connection originated by a internal process running on VyOS router,
      such as NTP, or a response to traffic received externally through
      **input** (for example response to an ssh login attempt to the router).
-     This includes ipv4 and ipv6 filtering rules, defined in:
+     This includes ipv4 and ipv6 rules, and two different sections are present:
 
-     * ``set firewall ipv4 output filter ...``.
+     * **Output Prerouting**: ``set firewall [ipv4 | ipv6] output filter ...``.
+       As described in **Prerouting**, rules defined in this section are
+       processed before connection tracking subsystem.
 
-     * ``set firewall ipv6 output filter ...``.
+     * **Output Filter**: ``set firewall [ipv4 | ipv6] output filter ...``.
 
    * **Postrouting**: as in **Prerouting**, several actions defined in
      different parts of VyOS configuration are performed in this
@@ -120,6 +131,9 @@ The main structure of the VyOS firewall CLI is shown next:
                + filter
             - output
                + filter
+               + raw
+            - prerouting
+               + raw
             - name
                + custom_name
        * ipv6
@@ -129,6 +143,9 @@ The main structure of the VyOS firewall CLI is shown next:
                + filter
             - output
                + filter
+               + raw
+            - prerouting
+               + raw
             - ipv6-name
                + custom_name
        * zone
diff --git a/docs/configuration/firewall/ipv4.rst b/docs/configuration/firewall/ipv4.rst
index f7f98dc7..e53f2480 100644
--- a/docs/configuration/firewall/ipv4.rst
+++ b/docs/configuration/firewall/ipv4.rst
@@ -31,17 +31,34 @@ of the general structure:
                + filter
             - output
                + filter
+               + raw
+            - prerouting
+               + raw
             - name
                + custom_name
 
+First, all traffic is received by the router, and it is processed in the
+**prerouting** section.
+
+This stage includes:
+
+   * **Firewall Prerouting**: commands found under ``set firewall ipv4
+     prerouting raw ...``
+   * :doc:`Conntrack Ignore</configuration/system/conntrack>`: ``set system
+     conntrack ignore ipv4...``
+   * :doc:`Policy Route</configuration/policy/route>`: commands found under
+     ``set policy route ...``
+   * :doc:`Destination NAT</configuration/nat/nat44>`: commands found under
+     ``set nat destination ...``
+
 For transit traffic, which is received by the router and forwarded, base chain
 is **forward**. A simplified packet flow diagram for transit traffic is shown
 next:
 
 .. figure:: /_static/images/firewall-fwd-packet-flow.png
 
-Where firewall base chain to configure firewall filtering rules for transit
-traffic is ``set firewall ipv4 forward filter ...``, which happens in stage 5,
+Firewall base chain to configure firewall filtering rules for transit traffic
+is ``set firewall ipv4 forward filter ...``, which happens in stage 5,
 highlighted with red color.
 
 For traffic towards the router itself, base chain is **input**, while traffic
@@ -52,11 +69,17 @@ router (starting from circle number 6):
 
 .. figure:: /_static/images/firewall-input-packet-flow.png
 
-Base chain is for traffic toward the router is ``set firewall ipv4 input
+Base chain for traffic towards the router is ``set firewall ipv4 input
 filter ...``
 
 And base chain for traffic generated by the router is ``set firewall ipv4
-output filter ...``
+output ...``, where two sub-chains are available: **filter** and **raw**:
+
+* **Output Prerouting**: ``set firewall ipv4 output raw ...``.
+  As described in **Prerouting**, rules defined in this section are
+  processed before connection tracking subsystem.
+* **Output Filter**: ``set firewall ipv4 output filter ...``. Rules defined
+  in this section are processed after connection tracking subsystem.
 
 .. note:: **Important note about default-actions:**
    If default action for any base chain is not defined, then the default
diff --git a/docs/configuration/firewall/ipv6.rst b/docs/configuration/firewall/ipv6.rst
index cbf18a7d..423f3e09 100644
--- a/docs/configuration/firewall/ipv6.rst
+++ b/docs/configuration/firewall/ipv6.rst
@@ -31,17 +31,34 @@ of the general structure:
                + filter
             - output
                + filter
+               + raw
+            - prerouting
+               + raw
             - name
                + custom_name
 
+First, all traffic is received by the router, and it is processed in the
+**prerouting** section.
+
+This stage includes:
+
+   * **Firewall Prerouting**: commands found under ``set firewall ipv6
+     prerouting raw ...``
+   * :doc:`Conntrack Ignore</configuration/system/conntrack>`: ``set system
+     conntrack ignore ipv6...``
+   * :doc:`Policy Route</configuration/policy/route>`: commands found under
+     ``set policy route6 ...``
+   * :doc:`Destination NAT</configuration/nat/nat44>`: commands found under
+     ``set nat66 destination ...``
+
 For transit traffic, which is received by the router and forwarded, base chain
 is **forward**. A simplified packet flow diagram for transit traffic is shown
 next:
 
 .. figure:: /_static/images/firewall-fwd-packet-flow.png
 
-Where firewall base chain to configure firewall filtering rules for transit
-traffic is ``set firewall ipv6 forward filter ...``, which happens in stage 5,
+Firewall base chain to configure firewall filtering rules for transit traffic
+is ``set firewall ipv6 forward filter ...``, which happens in stage 5,
 highlighted with red color.
 
 For traffic towards the router itself, base chain is **input**, while traffic
@@ -52,11 +69,17 @@ router (starting from circle number 6):
 
 .. figure:: /_static/images/firewall-input-packet-flow.png
 
-Base chain is for traffic toward the router is ``set firewall ipv6 input
+Base chain for traffic towards the router is ``set firewall ipv6 input
 filter ...``
 
 And base chain for traffic generated by the router is ``set firewall ipv6
-output filter ...``
+output filter ...``, where two sub-chains are available: **filter** and **raw**:
+
+* **Output Prerouting**: ``set firewall ipv6 output raw ...``.
+  As described in **Prerouting**, rules defined in this section are
+  processed before connection tracking subsystem.
+* **Output Filter**: ``set firewall ipv6 output filter ...``. Rules defined
+  in this section are processed after connection tracking subsystem.
 
 .. note:: **Important note about default-actions:**
    If default action for any base chain is not defined, then the default
diff --git a/docs/configuration/system/conntrack.rst b/docs/configuration/system/conntrack.rst
index 1401e02e..6d551575 100644
--- a/docs/configuration/system/conntrack.rst
+++ b/docs/configuration/system/conntrack.rst
@@ -64,39 +64,7 @@ Configure
 Contrack Timeouts
 =================
 
-VyOS supports setting timeouts for connections according to the
-connection type. You can set timeout values for generic connections, for ICMP
-connections, UDP connections, or for TCP connections in a number of different
-states.
-
-.. cfgcmd:: set system conntrack timeout icmp <1-21474836>
-    :defaultvalue:
-.. cfgcmd:: set system conntrack timeout other <1-21474836>
-    :defaultvalue:
-.. cfgcmd:: set system conntrack timeout tcp close <1-21474836>
-    :defaultvalue:
-.. cfgcmd:: set system conntrack timeout tcp close-wait <1-21474836>
-    :defaultvalue:
-.. cfgcmd:: set system conntrack timeout tcp established <1-21474836>
-    :defaultvalue:
-.. cfgcmd:: set system conntrack timeout tcp fin-wait <1-21474836>
-    :defaultvalue:
-.. cfgcmd:: set system conntrack timeout tcp last-ack <1-21474836>
-    :defaultvalue:
-.. cfgcmd:: set system conntrack timeout tcp syn-recv <1-21474836>
-    :defaultvalue:
-.. cfgcmd:: set system conntrack timeout tcp syn-sent <1-21474836>
-    :defaultvalue:
-.. cfgcmd:: set system conntrack timeout tcp time-wait <1-21474836>
-    :defaultvalue:
-.. cfgcmd:: set system conntrack timeout udp other <1-21474836>
-    :defaultvalue:
-.. cfgcmd:: set system conntrack timeout udp stream <1-21474836>
-    :defaultvalue:
-
-    Set the timeout in seconds for a protocol or state.
-
-You can also define custom timeout values to apply to a specific subset of
+You can define custom timeout values to apply to a specific subset of
 connections, based on a packet and flow selector. To do this, you need to
 create a rule defining the packet and flow selector.
 
@@ -177,6 +145,11 @@ create a rule defining the packet and flow selector.
 Conntrack ignore rules
 ======================
 
+.. note:: **Important note about conntrack ignore rules:**
+   Starting from vyos-1.5-rolling-202406120020, ignore rules can be defined in
+   ``set firewall [ipv4 | ipv6] prerouting raw ...``. It's expected that in
+   the future the conntrack ignore rules will be removed.
+
     Customized ignore rules, based on a packet and flow selector.
 
 .. cfgcmd:: set system conntrack ignore [ipv4 | ipv6] rule <1-999999>

From 4f71374b273cb0b0f2f181563134324f1d7e57fc Mon Sep 17 00:00:00 2001
From: fett0 <fernando.gmaidana@gmail.com>
Date: Wed, 12 Jun 2024 17:30:56 -0300
Subject: [PATCH 04/35] T5307: Add doc for traffic match groups

---
 docs/configuration/trafficpolicy/index.rst | 50 ++++++++++++++++++++++
 1 file changed, 50 insertions(+)

diff --git a/docs/configuration/trafficpolicy/index.rst b/docs/configuration/trafficpolicy/index.rst
index f99c2a66..5414ce77 100644
--- a/docs/configuration/trafficpolicy/index.rst
+++ b/docs/configuration/trafficpolicy/index.rst
@@ -212,6 +212,56 @@ You can also write a description for a filter:
 .. note:: IPv6 TCP filters will only match IPv6 packets with no header
    extension, see https://en.wikipedia.org/wiki/IPv6_packet#Extension_headers
 
+Traffic Match Group 
+-------------------
+In some case where we need to have an organization of our matching selection, 
+in order to be more flexible and organize with our filter definition. We can 
+apply traffic match groups, allowing us to create distinct filter groups within 
+our policy and define various parameters for each group:
+
+.. code-block:: none
+
+  set qos traffic-match-group <group_name> match <match_name> 
+  Possible completions:
+     description          Description
+   > ip                   Match IP protocol header
+   > ipv6                 Match IPv6 protocol header
+     mark                 Match on mark applied by firewall
+     vif                  Virtual Local Area Network (VLAN) ID for this match
+
+inherit matches from another group
+
+.. code-block:: none
+
+  set qos traffic-match-group <group_name> match-group <match_group_name> 
+
+A match group can contain multiple criteria and inherit them in the same policy.
+
+For example:
+
+.. code-block:: none
+
+  set qos traffic-match-group Mission-Critical match AF31 ip dscp 'AF31'
+  set qos traffic-match-group Mission-Critical match AF32 ip dscp 'AF42'
+  set qos traffic-match-group Mission-Critical match CS3 ip dscp 'CS3'
+  set qos traffic-match-group Streaming-Video match AF11 ip dscp 'AF11'
+  set qos traffic-match-group Streaming-Video match AF41 ip dscp 'AF41'
+  set qos traffic-match-group Streaming-Video match AF43 ip dscp 'AF43'
+  set qos policy shaper VyOS-HTB class 10 bandwidth '30%'
+  set qos policy shaper VyOS-HTB class 10 description 'Multimedia'
+  set qos policy shaper VyOS-HTB class 10 match CS4 ip dscp 'CS4'
+  set qos policy shaper VyOS-HTB class 10 match-group 'Streaming-Video'
+  set qos policy shaper VyOS-HTB class 10 priority '1'
+  set qos policy shaper VyOS-HTB class 10 queue-type 'fair-queue'
+  set qos policy shaper VyOS-HTB class 20 description 'MC'
+  set qos policy shaper VyOS-HTB class 20 match-group 'Mission-Critical'
+  set qos policy shaper VyOS-HTB class 20 priority '2'
+  set qos policy shaper VyOS-HTB class 20 queue-type 'fair-queue'
+  set qos policy shaper VyOS-HTB default bandwidth '20%'
+  set qos policy shaper VyOS-HTB default queue-type 'fq-codel'
+
+In this example, we can observe that different DSCP criteria are defined based 
+on our QoS configuration within the same policy group.
 
 Default
 -------

From 1dbb5579f048821e3a793a12df170021c6aa382b Mon Sep 17 00:00:00 2001
From: Viacheslav Hletenko <v.gletenko@vyos.io>
Date: Fri, 14 Jun 2024 13:56:50 +0300
Subject: [PATCH 05/35] CGNAT: extend configuration and op-mode examples

---
 docs/configuration/nat/cgnat.rst | 55 +++++++++++++++++++++++++++++++-
 1 file changed, 54 insertions(+), 1 deletion(-)

diff --git a/docs/configuration/nat/cgnat.rst b/docs/configuration/nat/cgnat.rst
index 70916318..7fc5e03b 100644
--- a/docs/configuration/nat/cgnat.rst
+++ b/docs/configuration/nat/cgnat.rst
@@ -82,9 +82,10 @@ Configuration
     Set external source port limits that will be allocated to each subscriber
     individually. The default value is 2000.
 
-.. cfgcmd:: set nat cgnat pool external <pool-name> range [address | address range | network]
+.. cfgcmd:: set nat cgnat pool external <pool-name> range [address | address range | network] [seq]
 
     Set the range of external IP addresses for the CGNAT pool.
+    The sequence is optional; if set, a lower value means higher priority.
 
 .. cfgcmd:: set nat cgnat pool internal <pool-name> range [address range | network]
 
@@ -98,6 +99,9 @@ Configuration
 
     Set the rule for the translation pool.
 
+.. cfgcmd:: set nat cgnat log-allocation
+
+    Enable logging of IP address and ports allocations.
 
 
 Configuration Examples
@@ -134,6 +138,55 @@ Multiple external addresses
    set nat cgnat rule 10 source pool 'int1'
    set nat cgnat rule 10 translation pool 'ext1'
 
+External address sequences
+-----------------------------------
+
+.. code-block:: none
+
+   set nat cgnat pool external ext-01 per-user-limit port '16000'
+   set nat cgnat pool external ext-01 range 203.0.113.1/32 seq '10'
+   set nat cgnat pool external ext-01 range 192.0.2.1/32 seq '20'
+   set nat cgnat pool internal int-01 range '100.64.0.0/29'
+   set nat cgnat rule 10 source pool 'int-01'
+   set nat cgnat rule 10 translation pool 'ext-01'
+
+
+Operation commands
+==================
+
+.. opcmd:: show nat cgnat allocation
+
+    Show address and port allocations
+
+.. opcmd:: show nat cgnat allocation external-address <address>
+
+    Show all allocations for an external IP address
+
+.. opcmd:: show nat cgnat allocation internal-address <address>
+
+    Show all allocations for an internal IP address
+
+Show CGNAT allocations
+----------------------
+
+.. code-block:: none
+
+   vyos@vyos:~$ show nat cgnat allocation
+   Internal IP    External IP    Port range
+   -------------  -------------  ------------
+   100.64.0.0     203.0.113.1    1024-17023
+   100.64.0.1     203.0.113.1    17024-33023
+   100.64.0.2     203.0.113.1    33024-49023
+   100.64.0.3     203.0.113.1    49024-65023
+   100.64.0.4     192.0.2.1      1024-17023
+   100.64.0.5     192.0.2.1      17024-33023
+   100.64.0.6     192.0.2.1      33024-49023
+   100.64.0.7     192.0.2.1      49024-65023
+
+   vyos@vyos:~$ show nat cgnat allocation internal-address 100.64.0.4
+   Internal IP    External IP    Port range
+   -------------  -------------  ------------
+   100.64.0.4     192.0.2.1      1024-17023
 
 
 Further Reading

From fe416b56cfa30494172a0310c16fd2787330c7bb Mon Sep 17 00:00:00 2001
From: Nicolas Fort <nicolasfort1988@gmail.com>
Date: Fri, 14 Jun 2024 11:14:53 -0300
Subject: [PATCH 06/35] Configuration Blueprints: add new example for
 firewall+vrf. Also, add note about usage of inbound and outbound interface
 when interface is attached to a non-default vrf.

---
 .../images/firewall-and-vrf-blueprints.png    | Bin 0 -> 84270 bytes
 docs/configexamples/firewall.rst              |  12 ++
 docs/configexamples/fwall-and-vrf.rst         | 121 ++++++++++++++++++
 docs/configexamples/index.rst                 |   2 +-
 docs/configexamples/zone-policy.rst           |  13 +-
 docs/configuration/firewall/ipv4.rst          |   8 ++
 docs/configuration/firewall/ipv6.rst          |   8 ++
 7 files changed, 151 insertions(+), 13 deletions(-)
 create mode 100644 docs/_static/images/firewall-and-vrf-blueprints.png
 create mode 100644 docs/configexamples/firewall.rst
 create mode 100644 docs/configexamples/fwall-and-vrf.rst

diff --git a/docs/_static/images/firewall-and-vrf-blueprints.png b/docs/_static/images/firewall-and-vrf-blueprints.png
new file mode 100644
index 0000000000000000000000000000000000000000..8c3bf9f20a27aa5aeb70b601bb14ee934f3b7e53
GIT binary patch
literal 84270
zcmcG#bx>SQw>JvG36LNGf(LhZhv06(-QC?IIDsI+EkGc+ySqaO&J1qBox%C`@I2=|
z=hpe-yLGGXE>fA<yQh2g>LtG=J3>WC8Xc7Y6$S<dT~<ay4F=`~82DF>j0oJ>)<Ss?
z{0HwQE~|kIT>i-B;lTH|?vmQ>>Q0vKUM8*<FjkIE4i-#qX08?%j&9aY?#FN)!oVPE
z=%Dwm7AEdCPL5<6HVzgro;DU_Y@B4a9*$(}tn8d*tbF|J?ELIpdD({&Ffe2=vJzq%
z-Wdl=J{kHJnUIGGzB(<h%PgfoI)pD!Fkf_iVQS2mL?M$h|3qP)ftle0Pu$1E&%=7o
z+bKveZK9gzM%Wrgv;Hj{--8S_fh=D1K!#NYSLTmS%hYaLNpth8+mVRv?jF^y(jWQA
z$95z4;=O5|a$BQ{vvi}ton|ypy@LewGM7j(6N146t~f7t1jpwOnE9Pd<iN%LDdYLs
zTmF%18OnHVO{|gOCWHYQk!?qIG=;E;skKf{MYJAK2??p}7Y*TqI^*>Yj3DY%nb%+Y
zt(}f@N*ELbNe1c<-RHTh?>>Ds!RIAXx(_7n>yx|=5YAwx!9Z}rj8nC;PQt>BtI_lF
z;$dQPsIBu__2i?YW9r(tGKPyVk2hzR-7W!lc5<RCaLlmb#}4fN{Y!}z@tT$~KQ}iz
zH#b-uSeaIB6&I6FUMH!qs(-`XOWL_f-y7_>9zn@nWQ<-ES^rgWI~^>e)q+m(kmX>e
zgIi$oO@TUMV1t(!gIc+~cjuhWJ1RW-1+f3PnrH`5FE&aH7pLh0cc{s_Gru!GQEvk7
zkU9HON#^4%$*LY$=_wU;x+t>2;^zx5_PAcoAGxg=xw+yQN*;KT;n9@O(<pEf{4DzU
z-I+GJBL^mIN{k)57AY>h$E`k}BwAw&Bu9<n;j!k*pUV0pBUcnAS^kHfgn7QTt|&l(
z40#+G{z2}~pI>w1P0^+lCge;_@cVN_3QUYs;99LLbyYgud1>kC$+5mpPJ`uWr$a1s
z%<hLIC6=2s{=CNIi~1sNQ0wKcqNyuR9_PlfNq3=ZMa{%_+F?|%Ov}XdW7iv-ISej#
z;Ook<Kwec;_+Y2T8kBw7Ns_!o?{LsIT$^AKOO34p5zD;O5kpO`h|<ga3kwlB(d35Z
zP(sByxk;pnL&?c0-oF7DhH0sT8)u!kU7*>$=7<$RX>68Xczo{DmY9fR2I7v8c#*x5
z+^$m{^a1qu{N5b%ruP`Mz|oYUgf=BcNkD^xij9nuv0aFR8HYWom;g-ri-D-1tS(bU
zi$|$2Z_cm4rXWa7{VL>>0e*q3iwh=(wC{?2H}_xS295*aSTsSO2nUF7=H1N767f6S
zC`{TD4zvDg^@ngke33siN=it{u;S#_)nyv9e);-w;<)F~^JkI{&D3&Saj=(12pcgq
zb24G_$oHC0=KT@AjY#v$6}1i!5Q`UH?7(~A2=h3+eMvPWB$VVn0tW=&Ys!|Eri+Z&
za&i}dgM(Xu_oJ%nFzc<D8V@f4@Lfe;KhcpvcDpro9}TyNt+Nuzk<Epl7$3ja)Fpn%
zT-n1wLLxK-sw>F6%hTdoT0D-iNI_z-sgl<0umThudEpidy=4*;o^Gqo4rs5N58K}y
zT*y=GSR7p*7%Ibn`qx<56h2#XhED9vpeB-&_sBr0N})=Sjp5;5b8SJv!8Ik2;?~*O
zp11erzJ<4;fS8=D+HFeg2bwg;f~~V!(s!L#op~erHm?1b#VY8?$=??O%FZ6mIFegd
z1~;|Vdw7~pKhX41;8JwFB*V703#KXk$Csl(rPs~s>315v=xXYSX`uy(IGAr?QNaKO
zgY^#l{GS`a%wR_?&-VSSAt~1qu+YRE;!%P!GVkj5A&KkuxP{Ka>2|+d&+UlJw@EJD
zJ}MFto1?VOQQ>G5pipbd$dRq?U3be8P}9dnd|GWnI1j7rVblbnnO$%yyhHHl7n+6f
zglXbLArD75klfPmB0_3OiO^@8^HzqM2`hs4)SLW4P^?iv+=So$6;b2RGB2P1$2;>|
z<(Ko2hkOgnuTl{bxuUkkqJ>itKA+NgBqhxM;sDa2^w~m(G68pKX{ols>(AtZtQW61
zCqbS7LEoY0`;Q{uOKMD-A&LnPx{9}k`Nw04pIM_dLfR(i5VL+#j`S-z9in>Gc&&)t
z3$tKTC#tKdMbGW`bB?`>6_b#-ost8@xsWzX=J)KZ*wW+s6pV!GYOKhp7rX{aj3d->
z3I&V2Xuc3<2+B;;%sy<g%kc~nJI=1~Vc^Q1r>EXk+30Y>?tlcj7+_+yTwzs=R)R-%
z&DVQTG&B-3yYVF?@>!skM*a6&w8{B-310Bnmq>P2wUHVDBFhT7%FMR6afTlWT?@AM
z-!!_d3@s%Ea19Rnwht@gHr|Ce31I&@yx2=B>OYnsSF*DcU@lB3E{?##xkhSg4-d}>
z*OdcA^;cV7!tAUkRs=j?w7pwN4ldBcxVe)Ytn@_LVVk|=QQ8(IZjp{IFfPzRLLem1
zYLY|jj=739%Bcj?V9;SfPGzvOR!YIPCX`T)9H^wh$H^qlCUJ`!nA{@-3L3I3#cA_T
z5G-89jiOPe5>l)C2=I6pS|YQt0-Tmy7~Rz0=ry_9bZN0#OE(+<ncvl*=k3&)%=5ju
zo<5+K;<hJTux*&wry^3i{Kc^`8WcuOzVRKZV6QnFYB3K`&5Vr~5Q#H?OryqcemN8t
zDX=kr-)Le<a(8TJS-e&dCv4?-twgg0CZt8mm^80Ul|f8G2f<~Gx##PeH&b9PF7lsv
zgS`bE6^UudT_d3)gBYhk&8NE(-m}(u44GOYmPN9~=D^Mv1H)wM8vLnt?QZ<8cQ}qR
z&Ufw#agZK@zdA4*_ZZDUa94W?x=4kkDxnF7#BP2Lb59<TB+pvCoLezJ+mr*`P<~El
zY|k2g0o_Z$lHa&b<%bWF#qiWQpR8iq_w?>xnwoc4+H8MWfh}HKIBXIVfN<^336-o~
zWR6jK#brddGkhQjjj*vKaVt-)>8AYcx8Nzj^)4sV@NMC-;&)G5r1+$e@3pLopH)~T
z-oK}K^JYsSl^vyHg(teh0&xD!&?6GFe>yj+WP+R8?Ok)eD6zMqUtGBQCj3sYL5Py)
z3j|DNgN9$P?sxGD3^x=C$%6BHLLh@QdwRa;3hW|OD+7CuA5guGkoY7aDCQ>5;MkCE
zqh4}y*H(B+_y+T>(X<+1l*8+1JtO5u0H=!2X9D6J6J{c5a-gEYSWK1kD)^dT*t6Mt
z?z*GIkYcejTTzo<J!4Z@Rhq^9y?ujCvHJTpc*D=IKv#+V2WZWG-L;8U7I$iLawsnE
zGJ~f?w~UIM{Id!G1>Q>V68-qqs}$leB~#~kQAASsqCT~q?$0RVZlIWe)ixHQ@2Gz5
z@&3UTcn4AHm^tnMjdr2ioj*}8DbsDf(`-c0(o#WI=n7*g$wFQGFAY}2pUFvCE35GJ
z_0G2sfx!9fK8pgTJSD8!n?v{C<C;zAHFM|*0Sw?azdFBSP}3W$zu1j#4Lca-G9jB6
zoWU15f0kH%>msx@l?i39IDS5{$GIt6d6w?Nb-{qRPke<W@(g3RiPWLge}M`xnf=Ik
zz2OBasK96aTV|UNyO+{Y7GLv_y|U1c!k>VaSV=j5vi0&cE2yGWKdk3)3ji4tB1$z6
zXQHf0@pBe#gOs-Zn*Sk>g8{|tz&mq1Ou4<ZvQ%=an0rr&wbj{0F`DVN?EFv+Y$om>
zxlWCl;PiF;#yQ0!Z~EJ+S-3`dU*^fD;oT16Q2Ph-XhV}b__`y*>YBI<g@sH<mUqO>
zek3(c=EbX0$|p(=tW`|u65ZYX!^{tkX;QW~zS5R-en<s9`3ywDfKY`G3S>NQOW%<u
z#{P+$uM7_{RJKA#4lxb2GKfmROK&fB)Gbf>4~g9B5m&b7%I{3S#>|Lq&u!B-uVFBo
zO+kZRk&wfI27+MfXx1nv8HsYdf^OkSI^c=2pXpcC*8Wzeuyf@?*#Ekxep0<lsqQ-(
zlk+Q9<sle**O)yXJK61nhaHZgjGDp~5I36rNI!Syr>s>6h{Btc+bWs(G-{Regz#`Q
zC8$$<jZHrs(YH>yj*_8d#cvLI1u8P!(YWLRY5t+nw<=sCWYs5xgFn2u!rn6|P{OPB
zD_&TL^lGl4EF=}IDfKHJ>6Q7p=RU~IR#~MM;s}GS!0?cvVdQ7Yjg5)P$LCgxL`Lpf
zpDt+gVp2QWTQH`F)2|^eW%uz&c%;(GF_%+W`*a*Ex?tri%wCgnQI?W@Km*BmsF-pq
z69$c4T)|rE$Yu^xav_*bSRK}_#@YZ*z5h0d1VE2j^nhFb4B$K^tuJNvZ(59Ch)-xd
z{4GPVC<5>-CLZFX>X*SCDuTc36KaM=HB2Fy+mu#eurd2}^JASzDJk08Md=bB^Bqj^
z5knAkmklJ$S&N~bx|<cPKso)B0|@Yx>&__)s8<m^SEAo-^Slt!GmMuj_=Q$wZtu}f
zj$nA~uI%%?ehP5RnD~mgbxusz1Rc4DPs$|9c=7CH37CBe+$SeLCVHM#Oi~i1%lKQl
zGtZ<oTE|NA-bWHzjl!wwNfxl>c+$CG!}=J^akj=&rW(T0a*160f+fDt;j)xtQ;QXs
zY!55z?(WQZ0I32Ih72{91UV+)sS>C)F)VTbH<0%11{(F5sg*KBH%={e_4KOBOd}(s
z)Hu95U-x*9E5-o_xYh{E=H@s!w&Xe9#8IM1fG_n#lA!Q+d})#6eUun0er{PEF<J_D
z8EWi6K))F-rcdFsisr7b!z4MFP$d9ZTOyb3MF_(6y>NySQq%X{1N3iv4#Ywq1!%^%
z$5q%zUC;ff{R_KmG6OP;!wU=1Yrh`29$Vh#0I(#gAKA+b@FDL~6;_>75|eN_s;W)r
z2N=oEl%O$~E2^A)<f*S95ua}~fUoUG$Ws;8-3!{4YPdFp&+V)LulrE{^|gR{<V5??
z4F|-gxry?QFFr|<5tjmIFE@`uMpE+ahY#3v%&5`VDS)EWp@GJ2uCOuV-bMATA5;kR
zPEri~-P`MDRp!N%AsN!>bYL9m-@jB*RqaotOZb(cQeXoE1xWxWfol-?Pi-(XFeImd
z;!bGv2u}xy25?1_JqJBv&Pe+m9g$otTo9kUtT7RtzT#~Ag23Mi(=|5{VLCS(V;4fe
z_-NvPMtk!RW@(T0Jh{^_G{F1S)1)ulpU;#&-dM&^Bk@VQ^6UrIhSsI;hkyNREGe<6
zVNC+Ks2bVYm^w&l&R$T3=}qYcH_|u4`UJ5n`(>F!y-NvsOSeldu2JS8pQmd}O_4<f
zm{&7V$u$?`W2pf4NP^mlaq15<8V%EDCv#ftcQg#zf5Qx;3J0z#x6iZJ)*OUBoO}?`
z>4u9H>5L!kj{RC!8kCD09D<z;-DoshT_S*uBn4}ZS3j~alRFzTL4+EA7_oRR1qDQX
z0DaO}I)T|YobTMoHj>G4ffMnzm7Y+-TN<mVcQgadI+WfvCK=&jzO{oQXRFlIAP-WA
zfu7j;%a!%^?75u_GamI84<ywW8jbt&CsQ8wjxN~Fq7UOsZ9PpC4;19&W=c$ehqFqc
z6h+`N>WJ0z4E$IZE3A+ShYZsj9s>L6z}u3GkIO-DGQ}|w2MFk(G-p_t2GdlAv)rG%
z+KSYKHq-8Q8Yq4E0OP4yc^_ui=+|Bd`8f2okyzC0n=uwNU>e7IrY??l^1yB4UZCl?
zehmC5VPN?(>hTu0*hqgYjfK%{;=}o`v)*4Tgyvl$73(nzZYgfe_TFYpkf2Li4s0Z3
z=EiJkVI3iEQYi@um`f-b23Sojf}?jAsE(;gHCwp?I+sf=I_!j=PbP5tM!$Z>h!(>r
zy%}k5|3p<IH0`k5S&*r!k{1y^n8INXsvq!u{VaFK8c?J0U-AY`TKspe0(!Q<CH3vU
zgcX_-0Is)Uy4O+?l(D6^55hzRVyP=*Ms0q3+OMPmd@BlwF=g!it_op^QTax7ss(iG
zKH^X=`%v2aoTYb5>Bo-+W(|dgf0VJ>&(EcwKmY1xB99M(u6ic(M+wRCJ@l>-G^p9c
zg!1t$79a#rDtJeA=o6>^{RGhw%9%}cs4@t~x7nyc!|B!^fa1qXL$T7ovxh_Hc~k{<
zGeiMh|K^|dt=9-K<L>jGM?>THA(3a|B%q5u{j(T!;(tffo_zh!B+vZ#cL-FVH%Xr<
z$c0Yz&xZczlFc@1|Cw-!lkPu5paH_adwizt-{pn=o5EjV|4qvOTIV^n6nA>0ZAWwX
z!_odg4B|mWaV-nrtgiC+1Bl>(Lub~a)|3|&evM)DKpfRo>EL(b<PDssrqlFH&EppF
z{o2=nT2IffgIvrhY!R>8{V+(4{OKH%_ZR?8kp$Rao)~aGv~qeOUlF@_Ngw(0x_c~2
z$8`a$+ENf6e({VGsk)A6jcy;OTH7JWFo6|eX(4#7lchEqi8yTf91ne_C>SJm+p$hZ
zTgok0Rt+nclaR9_DlN1LK-A0!p=U2Ov_onzz#y;>qwTsyb-(oWxaasX`Y)GJ&_0Za
z?=3<Mciju;i8Ctyi#;C-UqwvJUBw!J<<Xy>?hj|}=O3?;D%Q&_NC{3W(Vd5GIBpsy
z0zbV?pn*9#EHqs8_H*v70CpqvyppzH+@=UmD{5zV(~c|1Lo0UgQa%dxdLWhsmW)98
zWNODw`tla=dzpZ|3?knx)i1%f<iRkuSlavkn#dMTePs}5OXcIapKivEh#7bKoY45v
zb~XDBra-yaczl%3j5|gWZvr+)XnJh?Gu*@)kOb^ehVt<XG5<26sK<vbI-;4;m_n`d
zbx_eTFY$hp)#(ezRyXvoH2nEyNE7!XuEIWtz#UH%FOkNifFD^66Y1P^clXY|3IOsy
z`)3zkoEX7R8k&LNj;w)>hRBuU81&O%GCh);7qL#ZmWyA#-0m(va6Woct!RIc-$n~G
znovxO)As*s25376R7TmQ#9QXh{_Y5O)0FFUj`1*W5SDQNN%=DWlA-bDShI=+1w^7d
z`qfBRxt`=Oyc&qnkD6UDc?|C`k8Wah#bJJo-3Pk8-e%n3$krQI%)TSw84a#a=B_mR
zl?tS1q@KaI_Fo_hFftfAAK0$EZxPw*5-47P)ZATPE%Jl4z(dJSvX^=jI*-V&0)B-4
z8FjgvI~`50X<9o@VjnP=h{-N9KXlCb5!1uwtXytM9-J2$k?>K4I83j96FV|o<{6ma
zBe&fWf%uKr?~>hmS{Fu}PBDZzDTa^mxLq47)7%);4{1UYcG#?>a&|<6(1YA2h{4Y1
zs7H<UsPUIX!uTQDiP~6T$5%xZOO0R>GO1EOG~t}^aC5!^Ul>3JRJH8B;s3tA$OPYy
zOxJ6poy@rKqU>b-?L_&YpwRFMFA)d!@>}#r7SSJYi>9ik!Rh#?+BnV|S6@%U05&H;
zP3K#a&^X`P!z>2`3s`VxZ*2KywqrT9pTN%^#UeN*AB?!68HJ0k_E3I;k2XWT7^JXr
z#i^R9O@R|I(Ni~M<m9fp&+%Tj99$qwnt*ST221NYKQ2zs8q@xQXJu;r!^G)zNBQcc
z(UI(jUrR-AC9fR(VjNob-(Iv!uZRm@FQd-4#gGO%p(_VK^aO+8sRNDa&WVZ)(iZt^
zT9WezC;=Gqk93Y@abpH&-o;+nGa7b_1fDxC8`Y=RL6*n0NcE*RHv7Qt=j5m#|BNJ`
zJ-&rqH1z!<{Z!+L{N@<ur7#3JyQ$z)Pe))1S9)5i??%A=h{))O=7d*k0BsAzM_tK6
z$r-@w*rAzsPSJo2AJlgQd<nW9Pk;f}9lU33I*Vs}I}j;7S9vEYbX=S@`gF6n5<LXu
zX8I|flaKTF=LPIRvl=k7f_JVJvoVurBY1WT0XZbW>E-R-(-kb_>{-vq;#0@d2{{aZ
zOSk{N$Xu-L-@w3q43eiAY8c$ntnojR=Te7@<m9=~Ou6cLuT#U>JVyso&ach^hq<;e
zDlNnK%s%r*V!q{Wj&xfe;HNOui8yC@ECHWvzW@A81f=<TWTA?TBXrtQCU_OKVr6tE
z=(wH5@%?PQvl8K0Td-@bANPtxIBCgK=>q~}<<Vq3yEvT+uy5&5YeEaE-+BFXnm%S9
zba(Pg|9JKl<Ek4^+pFX$Hu^aLPA)@LyI=HA^*k^x{i!;;O*-BBWoVT>p*>-GmZWXz
z^h>1+Ne6sm0>spx_GoZmC7Oic7p*1Dk!d$OY(FT2LA$*s1o#v)9e|ss$^Q<d_oPxR
zK$J{TKmco_Lm7|z<A|0d`SVLl4K-C=QM<~h`f=t(AlcWw^ra<_k}=(xQHm3n#zyC1
z+zua+q#^1>1!1Ahx+~u=T2vMN)t`->VK%x4g6`3gF|V=ZU%>ktf|-#prW77{N8PpY
zFyrF#QK2?dP8T<G4cTu$eSYQl=yKiwpL=V_cFgOgD&8auvjyCG#oMN@4xst@{HG0b
zqp46>M8w@ERy6D>nGlyLPS&p)zpffH6Om9;b#;cDK49}U6vy*TQL7z5)>*kszK0LW
zJgb!ycTqYngw)Ow^24k(pf-*|(ZSta@^4HZvb3p$smpqVd2xt2erl+gO-^tTwp<Ed
z)u-Wjm^JH+!lx4&(^Gh*Lb!^Nkco}%V-NMem#hxrZ)=LFS^X9%i)p@NpZJA&0Jiqo
zOfu%4!ViEx9|%r&f}{!f7QtOr^%!Xa;_y97lx1sA#g~5I#5ZqPt7^k#fA(p7$5U6;
zm(j@yuFicS$V?-h2J$f;b3*ozMiP{E`51eaD^8t+n4%U}95|6FoLYQ_)#~U$92t&=
z6p$Vnp7GI}d}wmpbD4i}Fso<4``j4rjxa5vcb&!oflvMC#}@^fiLQ^+a@z{oy?hDu
zDH@szALlY1Fe9kqd$D8{HhP&Thz*w9-96Ojet((RupIuPb~Vb|k1$2!_Bb5@(6#|-
zls<3+{3a3<<P>%RN#`ESy_mX_;qicbpC`=b<~$s{>l9TTDb6f1f>`Vbn(%(C-gOkL
zBrf}Rt%JuFx4rDl!d?V;*&HF&qGGoCP#L;X;XxV66(HE?b<5cFCm|#HdU_QnwJiJx
z2qlo3)<4;nr>KvW(tX#!d4n+m6>thDPEt2t;5LY(tvD#&*kNhwpWNoQR7~xp5q9R|
z!kZ}gQI~m}gt4dROG2p2{};^*Tb@!@S91?hc7)spq^-FpB^ze5?w(&fIqALrWsWDf
zzh0>zF?p30E%N0(%sls(JXOQRQ*M?g3sQqg+MgkT<W<*nLH&7(4uVsE#$z6&n>@Q(
z8rP~{p874N%>Y?+PAJIQ#NqPza($TXd3GTmlq-O{^ME(8eLKQzel;D@XrNT;o};9T
ztI4lI6ORk9naJstS~kWe`q<%ggQs(8S%M00_o(dFXr^k21L%Hxh8WHe1f#D+!(-^f
zMyl%!TT@K$B0xOPEwSMeSZ_l}XtXj0Y}y{w&x*Dlv1t>e8D^tqs4-}Pr*ZzIAH*ez
zARGc^)3Zv^@h+2?pQqnl&m@UVk)WP`l;1gP_u1jdt451uxcr`$wnLzQVYpEBd&fjv
z_FYYZ0vUmPU53O4N^_perzO?Mdqco|5a{v)3fZeCO(09@x4q)YuP_{m+H|ug-{e28
zP@s{x>d7yoiwmI0EbxW2;Zjq!Sy`qPPPH2qQ&f_1cv;Jpx(?B5=m<-GH6<(K4&d2X
zpyn!cu-f5jhUZiS<TdsCPmGD^Qk5n5^kay~QF&ftr?kzF?09j~K7>HImjQ`5w{#ai
ztW$^NN?|Q4is4BP*vgbOOjIF;uSnZXNlLOo3VOd@j#Ss&^{u1C)YqO%EvXWK`01E0
z073Nj*a<YeJ=f#(@{E(gP@W$LDi*o|E!Wv|p6q_MR3XB#j`={ah5!}p_c&<M^K-v@
zk9r1zH6||f!eXHksjq|ttV9I_ZfdKAl;2R7Bm+r90$E@y!d_&DiC2ULugL$H_&jka
z$E1)@9;27^b!2xnV+cD%TUSDhGVQRdo-y5+x0^u#Qgx>S_Y+nG*pz7mWze!$N{ouF
zk2fHY9xZA?u*lbRXLr2w^Wtt+;q$V-J<8NJIz;@-!{hJK6|%L<0p#V1`pmdrT=?7G
ze&N>H>8}snx0<-Ja=7Maj(HoVWMw;*EnMEcp@Icun$>ENk~u~AEvSAsrhhl453mOA
zlDV~rJwy(UJthPXw?7k-B-Q=C6<m>h)3y1t>#VYR$y&t76=L*b;=QEHJ9T=wR6`v(
z9o2UoJ|0K{SEN6f=4VP2w>0KEKlbA;zBd7EO2#Z7)YU@O@}1lmv+JG-SCWi#YgxjE
zLne#@Ey`<o%2XAsRcCbuj{#lY-}BvF{kSpQ4U@R22@1L?yITvy1*rySZ55-6Uz5kv
z#&6VV*zJblfr-`hS9^9@Wp#1G(ie;9Sqkz>2rEV;r5pV^2?aRhN3#{keSACM02HkN
zb*tg@k*Gzq%)Ok^9J)zMoM^TXBIBujzwrKbN+yPfgf#l!)eZ_hIgBcu`Ddoh<f>_l
zpWP)*AH*ASFG_;{s~4bWEyq_4;mNtjkM^Y5g`X&e@4HKw4ZDLlO3?X71{ul(32a&Z
zmS!94!&MnKKi|D>&%Ja3>pf(QX5)#`h^@qeoqJr&xF671>}{@icDft27OT~*xhF}f
z$l-Y{LW}jQkO-Q1I7F}5k)hgQcE^&YXu3C4_@QE2l>MhyWI=q+i7T`1shNcWB+AaE
zb)Od-Fx1>mZ+L-vqi-ly?9@k-eELn{Sd>QET8GF7Lwflaqp93<0_t*<Nr2^?#6_E$
zj<eMP$jdp>F5Yt_K-}sJ(dVs^i&_OzCgjgYWP5aw+qu8C_tI)|8Z-ANg}3haqj}ka
z1BMIV6rlhts4gXEihLH&#+%{<JdZ3TBcS@#HA$kj+wmKRVvjp@2KxTvI2hdZXWL!A
z{5?xJcLBTUybp;u`B`{)*R&Tt)gn!dBLxCW(#!L+LnA>8BR@9EQbNT#kGBAG*uCZc
zI%43|N5AmC39#l2|I&o4y7DJxU~3cZeCOoMXnEUPZ$}pH0yxhTm$gwkeYahrWxq+E
z#taNJwVJ#Ge)nj_pyi%)q&->fwhFwMe!$rY5!$Y7mQj2?;GY(?;uZfm_ul1W1!R;i
zBrx)2E4=^mK{VY0%+clQc_WIaG%t917!cs*TsG?OZ`^i$rs!DcH#@6vhv5(sac{%6
zIDkCUvzL316Gb!cQTY+rc@ksmH^9S=f4&5ihhmyo=%;N%4<{Y{iP{Il_+mqvgbWc6
ztT}yOSgrB0{w*1%w5c}{XZ;_21NH8x0bjyWCGlkQU=O06Cf+K-YrvF+e1WSC>jwUa
z?Cpn+0La7~_8G7xD1Aj)7XaA6mV2Rri$u$OQPt6&y7IWIxcJG0IuX9n_|}{`jW6VD
z#c@IB{`P$l_QVMf9XWeDG~1BzNyRI1?usP$M_EEp<D<}Mn%Ynj59BNvPI`AQ22+_@
z*>}n$6!7hjrMqB{jXNkt0GyG&hERwbjh1n~lXo;t!u^)0kn+<S*W<-(m;E=Aa0d`z
zGCmv5)jOC*z*iZ6syD`SBDOiW475xW%La{s-zGHe8SDVcy0M#VXtwhMaXH}eLagE)
zIeFW2?kg7xOA5H#+m5{Sg$vUlM*hObnO-CnN8kyDma8dZp&JEKn59X40QEtoHDIl2
z-qUvX3S8M1aE$qQ?p0B}Ggy@ndbnnak7(Es<+G!-k#^(eoPr2~5L@n-Kh%1Lh6NzV
z19m_humhW%0AP(NcYJJYiD@<)Q>b9v02ia^UzY0}h|Kn;BN6<vv(C*cx%)CelOT(x
z_HyH5i&b$vRln<wB~|fH{k&hk%e-&j9qM)4=r2aIqiFi^bX{3J+R^M~;oh|kCL+5-
zAT$@E|7aw!nF)>FH#ryT74>Kp0Fjfo!c!y`D;|~ybfC%F^3C}~rj!<?+<QHw%dtbw
zy0E{IQnCeFzR^_ifE!x#5ZL`2`J3b*mkYmu38#Q*UJ_WPs$NN#|2<{dR5nB)*@oa+
z(2*Jk=@&hVQtaGk3y{0Cnf;1i3Sd_OmmsD0E9x3K#2?r<G~Kj`2KBV#ubDF6d6L*0
zFMeUSRARJp^<fJMd^MH%Q-KlX^;epRer(_@zjR}w1{l`2d3=*$96!BqJp_IO2$$}A
z6Tq~EO}|>!+U}Q$1<8J#1N>R;@11w6kab9-OG}2g0kgj$k7MCy;6zWalmO`G{MY+s
zmAC2dH#GlM%nwx+j57~<j}1UiXMW<uH@B&(I{kbA5O<Q}GmMRr;Z*X|;`!nHWhson
z+V&M@Odqs&K=x(wRM(eWaX|ej<7I*Lx8*AQ0qfYoUOXb=(S<3{gz{OuB0YE|YHlkx
z|F^Wu4^qGpaFXl*c`KyYy2^$}USJC!s)2w7ns^*UmZgjb0G4a35EMkho;2!f;NYo!
zQ0<<M#Daq0A-<^-zokU@d%!9I=f;RjlP2>A7Zp3AudBX>M?<_gv#-8u-$h;R@4$|y
zrPk-@fdnYq^4QY&KTS8(*6cV_gr$S59bf$+j*6YB0MbzU&ryYBl|)A9EJjR&SGC!S
z2~k0W4Zd-H@k~K#8eM)hZ?Gc0HX%OF8*e&v9P^1O+&%K?%snJ!1ef$#<CG)oXzy-0
z1Xp`t^VN*;p0`b9>7@UO{Hh%)9ip%mZ%y!x)2NAmEZ3y-0zET@6nFetGV!&g_7!zs
zGnXy1HCKQVK{OH6q}GHxyl1z;RO;{dr3FG}h0!XKU}(;EP#_h`p(0kq6(D^^nGF5%
znvWPG17l!Sp#Ae(eEeJau<${;e>_;cIDk_gt4R7&=r4SnTiowrfuBC->~c}4LKM<f
z#9cl*m4>lXD@++5MGt8t!9OqO^PKn#Z)K+0QO*P~X~t)pn2HMJ<esj3w?YoUA4WcG
zoU;%CF@&A}gGgxj;9FL-&%56(ru7BWeP+~88Z$Q5N#rU(eE{wUJKsnuWUDON2?IHR
zw;2SdKpT))+{#Gn9$haM$|w`!9YGp$NFJqfZM-502O8kF!gM}-pVntjFJZ|5A~b@1
zlZfz5;-1-fb6`D28=ZqPr}YkQhmDE5R{$7JkfHV|^v~lb#z6IV+@44q535KSu-KW9
zVR^>_jQ>Z&0nHkB{<64)<o#G@(As{?3Z%kH!#w(lFcJWAuYZ4PV&rwA-jYPHr2z62
za8M9w)%hG90RVJi?)T_bTi861++@lW1HiiWE2qH>jD$a;uy~rvYt;)Jd|s{y2_umx
z*KNH03+TB(o<I=_Xz&3;ra~zd;3fdzAKvNd;UE3D7+m$PK(J6Q<6aszA7v6eu$5a~
z8xF8;G()?;7R3TMlHrSCcGLh81P9DGljjh0lo3?$vnGmS%z?<(e#_cT0EkCxL%M6d
zLUs=#f4_;q`Z`cm8ux_CjRqGx0x13axD|QXXW;#vN>YKD!P3`)Zi;^77cG77uF4<)
zY#gB*q+m>v`2)sW|9z^7!P7AL`;VBq^tTw5lq2m7Z9!SaEHV?FUTj&cA<Ac*UgbbY
zICyUompU;+#zFJL1|MkpBeL9^v`GV8I+&S;xezXPO4j8^ED9AYU_euJRl93ZerkMA
zrZxVro<O#5GP(d@11KkQI?k_Rl9ATpIsCy2{Ka|4CykRuxc^10v=7(AWuEHfjJDtQ
z<j+imN2PNYK)DWpDjf^GvA8Uz#m5%_PNY5ads7ae4`_;g5Fa3p;oNLt0q}5UpbL!#
zw=3mEZj7G4T$0&h#SXo!?6F0n0F)|NIM)S$ZYb~@8Imd!{ZdCdphTD(WP}5)34s2s
z3H+~u+*_mi@=c1M02aG?uGmW%z*uBB$6UeyNlvZA`DJv$`_!@0jy0vDyL+Zl2GZNf
zE+Il6$9)pr#k^IF*R+}9msC;OoC2)*5F2n;D4t!B9R^n4doq>r#HN=zoE>SwW+(e|
zPP$`@Jf9xwk+zw)V(f~M2-rOIxT}4vgu1?@pY6J7d(V&;%ZEOu0tGy1$JZe5oBX2=
zE!R8w4%1yLEoX?)7zOK>JkKY8Du(P`Jz|K8#~3P!k2Bra=T@W3TY{q?YoKiH3mMfN
zeuxE2kM$-PJ^fAcDBbl6L<Uz@2CXX1R$WDTRlCX`KM0*`RUQSch|dhM00o>LsB7wP
zSaqBYI``y$w59V3dT>k{Czd-XH{SJ{bAhzdcHI(}2K)`2ZLN&|5M`&$J$MHxoKSfv
z8t}PKn2`YO&tLUEfS*QvH6OiExFC#QoQ3LG?9HVEaFk~RZIc-DhnIG4UzM$m`v~a?
z9z{O(fZJmR8aOwa{$gk@*CZ}H(q1~*TYBYC6V~Tl*4Zysf6hB3DbQEzSx5Nb4P!bs
z?XV(sn3Y%i<sGXF?uXON18e%i?Suwa7MR!O0~2$VRaKGukAZYG#Q(dzsc(gp-f);x
zE-W*uK7LSAo@aTb5;zCQ0W>2Dk9?#*@sPbZc$<E-ZI^8@Y^?Je8~HU54$&5w?B)*W
zocBAXrGNh1kv-l=q8uzrCQ8N{OEt%`i8L`i`R9*#Wgr|RXxor`7NT!AqnzaY^osQF
zhli^~4HY(R28G51+Et81bpr#*5IFkc;-SrpZM>tMs~{cafO>Fyq))a_#)s@I#go)K
z?JE_BiKZ9w*9YhV+UG`MX*<jo%cie-ZFTM*X6#eEk>s6LdeSC>Lc<y^?=dtV%u!wm
zKElY;+xl!?3FxG&TW9x(0}kaa4>amzj~Da2zYlcubAj^`tc(}H%b<NNweYb2p>!FQ
zDa_92rf+HWm*v_$JumCvU6{I+^>Ta6j0nbS`*Jf-6k*XoPpg-**?C7$%-72|jJF35
z-~b1N%MRV4Hj(AdhuGQ5ldiO^eUX;5nTkRqetK>1DYX}Rnl&a)jBQMvtyB$_?z7ah
z_Bun=vG&HNm-0HkQ&_l~K4h(_A65*N+x$qp0-dNDG!9nRSjvqbutkh}6k{uqgHe<G
z&t2N<I~Co`qI0ii1TT&D7wSEbCi`BR+*#Hm{MaiX(1tK+I=oc#=z$YF>qCGCO2S6o
z?m*>u4>!r5TWI{o>ukztS=^^FD<>!?&<$wRqK5idLqUxWKg_6NWz7Ke>J6=ug}CJo
zQ%`g+|69kSjF)v28TSv?)Xq)@BgJLA3`!XT@e|8KOCtn6*V1AsJ}<ojT;I)L{Cd0t
zH66{>l`b`>5)To8Q};z`=mP>f*^ri76898iYi>i_n-*33&LGS?M+0-L$3<MFcQc6G
z_nU#-f>n`{*+E~v*YMOdy-m>(a~|QJg_#tE!8kBcCf@Btm!$dtFGr^GqBp71dfj*S
z$pl-Vo%0p9L&1XT*qPmM(ZeG~F8nX&xvI57kJoPhRJl15Fy>-lwzgpDhpjk7;i3V+
zkOVb&X;zl#UV#A!BY0@INDSI%tMo_Bw4yn=pMvi+R>Jl`Bx`Z86aB=<Dwrqv+=z47
z3NJp2jz?2T!oLvp18UmCQ#(ets~cb!RZCKyE$ojh<t9soHQAw^?wtmTV}(a~+v*I~
z%gv#8M>>7mr2bJJMrCqKjXuT{c7gF6tVj|)sd%cnRT&WQOP$+C`dN{>IP`S9&Zse!
zw#0qQfnVtF_gG$(_&t)tc;~WJ7s_l40tJ3)sKnlXnD*bZE4|(%rw?W2A{AA&;QBz5
zx@}eo5&8%y&Mmy(6HzgP$$7i3En#wvJGqLH{Go}lE>{ilH=EB_8k(0PPrbIqZdQB|
zTvK2}F-er*u*eZ7lOgax(UO{Sn;WJ&k&4$%KxvS>O-H2Lxq8unbuQ$}hlj~xd_t@0
zbcHn3^3}O;UE)HFYm6p>u@%BdP-AGzj-M}Sq5|X-Br^@b%^3iqigOu#KjY`LV`ro@
zo=ZQm+7in-VDEUdNj@vmn0oi*$(PPTSNM22b`XR3tI6Z-%t9w|{uK?x^_ayi=8|bM
zrh@q={|*aU7oKMI0b!lSXu7mVQ<(LLW4%MHc%Lb5s}tRMU`MDQ&(g#hh`ZWY6Xw(9
z0SdS~&52Pq`<+y&ldSKoS`w3Y#$Chg`<zg{a>bvIl0gA4XIRQD$MBM>c8Yy8d`zd0
z(W_UpwOj^DFRF%qu{VTA%L7n=o!O@tx9UF1XydAH*XCp#>jRHa=PRF-u<ZH4ZAFj9
zLZ;267R{58*v;9TylIC8QG=t8u&?F<Jm}gSB{S-S_i?$-&&D0>moX87-pm{ujGwg}
z<x{VIbP~k)@CuNB2mATgeb~QDm(d-4nMx9(#Vb}+5V(TsQo<S>JKYZ1aSIC{&h_1C
zO4<om*GMZY&Plmd<bxwqU+RGO_1R2ijl-WJ$pBAnG7m80k_>RXV_9{jV2!S7<yn<O
z()}&~6?;S5Vu6eO)Bh7FLlHCbe|i|8xCgi>WTsw3hHplcYkv|N_@vE!y@au?#7waN
z4(OD4{ao~q0PeTmb>YGMdN7)cKD7p%{;%g|0vd&$LE#3@ypnL4<==w9bY`2EZPN2+
z+kwmc{u%YgDP8Sfdrsk72-NmP$5U}~I)zR|)SC4%iie|`uEBKE`uyqD!J5|q5{7b~
zJkK7K_5OaqiM!_EuqV&8O;4mUcw*^7SYN5Eh?$%n7pehLlh_@gVY80wfU7zn@;~BJ
zr(?nRHpS*D1=KOZ2=(UuuC+Zud>`I`gYLrkf^4@=^r5{L&pEY3!BY@Ws#2i0$9r?#
zc-Rc7+#Hq<WwM5NY<j<(urJ=aDHDK6QBfO=ZNES%_>dGciU7#7=rd_Ko)EDk-)lOU
zaiHv7@o=a{oftD-8#v*#)McjZ0At*Buv>b&ZWKH0At^yA`ENb`A$<%6=gqY=mpz>S
z$(axMF|JRvILQBDn>f$Y0Tc5%Dscg=2zOt#NyBIdKFs71)N=^mK8B2@>L7G-usr$v
zk8)lmlhYAW=kX<!=ze>mIeqR|!94o}*4Dd3H7-D)!~><1!hT{+3I?dcUE;*pS`JK=
z_?#YE?^z7^9_h3O6CUfo-$02)sXku#?tj^j0KQ(Py028;8Eic-u*&WTxVWZ^2EwTE
z=W;c&-OEteU$hu#4>=F}KKFhl*AGYYuU}bj_XQdBM@kzOj2yppjs<HbU0tLA0<rmA
za;zNHR|zP5dU<F#l9zploZV;%%d^rL?NqubV}@nQQo6d`q1V?=Y42yv#uI2G<dFKA
zNcF1Bpv!=VdA;9Gq+94oRUSDQUqNSF<l$+*F`(VA(*>Uo?)QZTARW*i6>~;+`_-z7
z^35AFH|@uz?6XzknS;B90DnIR;v<Hm&5?#tSmW_CY45);xy-G`mpfvtmNUlCgBlX~
zj(k1u?Wyd%;51Gj1(IrVTvzw%0k%E&jj_G<z2vL+=<J2C?1cK%q`GYo`&&yTF0t5e
zI-79qXciPt|5G_vVu<Vr?P%J;aBTEJ@Y2^qfR?GFV<rn<19{SafN+0a`79Y*&grf|
z(@k=bLlypN$%Zr5xX|QB?BbM^BYZkqx)*!z-oj}t058bsJ+tlOr)n5S<8^7RGi4sF
zgu`afMmmq*Q#F7N`zS*jhbTsOTwq_vT#WLndG~oR(uVfv&DI<mb2!{(Z=41hbmet`
z-=jIVsK40{0A-nhj(icbODG51#|RgyZQxo6O+^#?4+-b1Z75o%IAB6s{B)ID9p@?o
zgrRMt|J0N(hSdyL{Ju2bW;9hqC7;Bu*!MrQ)s?nEJjIVt$J<QbjyM@gyzAVO_j!t5
zYQ6qLAxLn3@_P=cNye3D;^_|cQNS;P7Nof{!Y!zOIT3YTXeZbj0B9lvC>FzI0UcYR
z*(RWR%P=gUck1b3Fa5sbX{Q5L`{o9e!r?ZY620MP$8*x6<)xzbcjLzCX(J_COu}4H
zO&+j8$alX#@xl8S;l_EewDMD%dGD*hb@*}BU2I+^ci1WPlaaF<K68;3$hxdBH@yg6
z%)Gnabz=dVSwQ?P-UmhKFy8t~j(4lws%`CnaeRI|1@-Z2aiq!Bkqbsys3U~5^p1FK
zaBw2~;Z_gn+GyqJEfQfG%=Pd<#gFPuoTL<>p36}HZ533-I*2*@c`P!v?-vWR3i17=
z<NXeAEKN#MR<+~jin11C(&}oJ<>U3X;bW~`kmsENX#h*MoYo>>M=qeYG`iYJ_(mWr
zaQ9NR#Zb}()~L~kO`bVjz;+IJTZsg!!Dg#pn|)_HT0e`lR>jVamt!{dBXCfkc6m*#
zZA7v39sXgg{I6c5Xkxp=e4**DV?!M=6jhX3BDE;NNJ)l+@h@r68?!-c#%exn2!@d0
zW8i(PziLD8CCsB0=^0GbbS87|JO<*w$SSgEt7;A-Od(+a3%hzwGD4fw$RP!C55SuO
zGLO*I$Pl)r(t7<gIxTtpGiE-Ms6cHvs|O7JKTn~}bDK0!{3!SXD0s^RLfy*{_W!sY
zKLj3zhLg|DY_aCW;OA$ro_`W=L$A6Fj3<Te+=o(cZT1fj@Zq1K|FhTYxvTBpo-*h%
z|MspuPxb%lHnbn$-&V6p=u0*KcEJ6=SThy1p{y5ZYx{>CG6mfZbWZ<ixy${(6PNm(
z`UAAL?!Wg8UH|{DJp<JKgwpiSaZvz^e{TSG9`+petA_lin=Ve_Rl_=Ptp6N3#s6Sz
ze3>)D|8;||v!$F1*Ys`%h*Fn3^C^EHG&kq63x+LLTlT~}RR_Fm{qaL5?*_D_W?EmJ
z?1pjw`6e8AC**c_ocwqi@b`{0<BW{LzO@9k=cMZIkLIkg3V$jt&%EfZee#8|Ly;!f
zY!emFk%U?+NE=UEMHio!1Esjr0vnQWCj_$H8aF?<Q;hWZ5I%UlL9`DG7<H|RW1()K
zRB%4Kwo!}F^S)SjfZ+2e7uLa(JV*9@!xG%l2GGbs&$7MlR;c2(Yd`$r(S(GL)dZKc
z1)0QuLnkW$!FD;phoZaRNJRd9xBOVOUK5NrE({Bv|A{4YX5wN=OIyrgI(M~iAFg4P
z{aW4Kww1Dh@8qR^kgUz|zJW7ryE;jJviyo0)z6Z^F1xyl-%4CmqD%FM(^N2v^Jl|$
zl?U`Nh9yf%@GM$Ph6=K`XnM0kL(Fn?Og4E(bIR2&7U*+$7|un%rAY2~jGRFUq$4B@
z<nho(PWIvYL%!aidrJ-gIr!@i+<lbMN;EL&!ak}oTT$h{ccEFiT{s8denjv;Du4j*
zgDSc8!m%<mIxP6N*8~VmJo>&|2~?)9#aigDncxvMK_}JIM9*g!8CNU6-6IIR@5)lI
zeLAolZ@R=g0APdX7W|Pck8o!ilAmFAL_B1gb>;3Q_pIYuU2oYmFNJ-Og+N^V%f=jY
zJdcWYabhjiF=oSsS;X;|znV;4Z)@x~hphID_lUu6Q@HJC^EHAu{$KW;&aT?SYZCX0
zR2q&9NgB_6+aE}ro<4>THWolP7@2jwq)BqucU)5uK*HlTkt*loLI%nXDEJS=!-r9R
zoZvQG@(8|jdScyCE+fi{g27{K`6~b9A)v=CIC2%#5_zMv`rXRs3fa4&<$J86(9P*m
zocrg{26&bWyE%N^g!0_&7xRsF0-#r-W21BPYM@ZB$K<BGb=dYZFs`A^6Z?!kP#nZe
z@qMFZn8?pry(=5&0$=>}s43i1`ei0IAk1p+;nP*R<Dq)rmD>3YXyJ0=)!Bnz`vfsz
z$0!2DsSePf`|OwEX#!im4`j)P9Ok|tZ7_h4B<cGMRU#a=#}GNKr7G45c6cD&?WZ^0
z`HAdE8{NWB(aR%=c+*-g4VN7^B{QXGZSC@q7(e>YpY0o|B-3u0WjCe{HQiA!&R;(*
zjh<!a6TEK*d7TXx9M<xcG#!q|s-oK~ANwB6L8|YakJ*x1cSzbHkU~te%=4zRJ=^(5
z0zF&M4SU7OFy^mz8@9P*;gPn9*6t+T#+jy&LrmJX>d=x57|g7Pg&IzkF)OEL)MIg$
zxoik=`#E?@5aiF$pt%`Xk34#d3JKbi6|US90N>T<`P^a`3Tt5c>^#>F5b9c9S@vAr
zOwl|UT^$Jt7w_rcKUp2NS+OS&qM*D(L7{~Gk|XiiSW)GrDr2uHmj+YLVbT1R_aWc+
zMa?QaNxyc@`??P?S@eta#xqzY)}oWa<UqLk>GcsTR=ns7l%{cu<F>${QA*g&cu~i{
zz8!{esi}1kT|f3zAIq_t?7oV?3n4@aX-~UsSr;~Nz?8XE0p-~y!$?uN-R7j^@ySKd
zQ%;nx44IQJ#;bDLoYgX{?U-_^ARoHkar5oO4USZy#PZR?i@)h=XWsXHg^iFiGjTUt
zo;Q`&Q!YXwE5qso6NKq~qb)An2xV5hF>T2Wq$69`Ut$hMY9az%G5hT1)TJ@^$E*u1
zzP=NpPk@i4y=_dv(sCg?_BYiuzH9c!Wh(iSFEG>sMv&t6nJeTto_vAJRA$~E8%xX~
zg~JD#pgOKg-4wY%4pBejza^uOJVVbZPNa>@y$H5i(S;K=*S3y@2T7-2l%YAcd6K^#
zBn>hf>t_aebx)@%M2Ey%+$7>myF<kPs}}%Ir4kOSV4Mtc?G2JKo^8RRqpJ2r;YbKB
z#-hL3v-i7w*oQleY1X)R8b|T1_~~x&E`$LtIk)UPje@+3fp8ono<?AO5|v%lDSoQ?
zS2r<B?$k9EHGPS-=1Xt=U2~-KhW#XF6ASc8D`Bl>xDRsuBDycUY5n=0df%w8Td_j$
z78*U7SGx-3rxTNMX&p2=%V;D2j754Ss<+k<1*f~Q>`xlE%y?k;v$0cQ2G5Dy=I(nE
zr4NkKp?F8WOnv$zCnrng<U6iqnHsyYy>{moewE1jq;*a!JXP%@g`xbt4rz<YX`J6B
z<lD7<wRFpgy>9n8=?8IN+=Ww74cvuPX2HHFoz_`6Sv~~?q+jMkBM8%2irbepDVGVe
z@+7HMt2&tz>q0anYPW~4I2e}RPhy|b9wg<vORA1b(ywabNbXunrhCD?-a|EUot13k
zjwxXtf-!cpq52-S*J544>{_@JZ;V^Dx<D>S=QEn(eM?VVB;u1H(BE`YnmKS#D6b59
zJjmxbt%kQ|EciA5zI)#O4|=dhb$>y37J1|_+zrSK%~)ADO3RN-IGK+{c)%^lu8nd1
zbhl`gj{K=E9^30pRu9~(?YQ6Ca<V==qyQ6l(B3#RMCQ8JI9MRT;D7f_t0o>eJv1C=
zs3`xz?H#ahRBo~N2K#28hGu2E(=Yb4Gde;coi}T@;XY$Wq|~~F#q4^uKHKX+WWJ~>
zBhqdi?MzM3Tku=p#^|bSSfPnI`%aurK0zIhFn@aA5>ZA>lb}FK>pD3HLyH4qpu%iQ
zJ*b8n(UBz}fKBpi*K~@Rtz*kzYL;~K+K<0={&Gs}9NEr2`bT4GKVjcU+R&I+uxJ&~
zMxI@Ij^sTV@3+G#j5mi1I5swa*5gvS_+5AJat^tkT7NRlCqZruYRdm88>BlVw8Gy-
z-GX;wBodHToj(LlNgqD?Iiaq>2Q<6io$DvSCpox191OsEpCk?G3kc_p#Hgy`Nb>P<
z^*oE0ZXs8@+T%oV&R-{yosM$SiRp-qn>FQ~ldD<8%KEAk5$dx62tkhPyN(RrRI3=_
ziPKfrtf!kgg%(@EDXTG)zU9ubmSw$hW+V6o5ub1Ajv0MRA_TEh4RIez7(P8T0Is7J
zs**&{2XPT^5Y!Rt^HSt91L^jJvdAdB=Gkb5$hnR@>fHUUaDONq8z1<5+Nd$mdtXy{
zw!Il`<vP8|#UHJmc*JKrb&GR-tMd`{H&R^U>ldQl;^dQ}H_J!kae(ZpDoG-MBXeon
zx)%G9O6u3$Vz$!sT=DtY!w3t%_W3yTG0cixoQO&62Xn-2o=da-UTXf4T)R)QDdN-`
zmmbI#g+}bZrN?J{V{Lo-V$~fno&UY_-s;Qcawzc_AE-1`aeit||Mo^cDO*dm+3-Px
zVG%|i)yUR>hfDZ0LKG_f`Usx!WP@^)IA!7L=96N8p+7F~=LSIdXxrZZLm7F}BU`YO
zV8i2~R<uX`%0{#tywV%@22{T7oy}Se?WXKAIhOp8-;E84x@1gDb@I~CwcTUn=z#Ou
zwLE%_1T#irboccZxtcovlM_V=D!1$EU?6w<Eo+ef-w7Pz7tZTwuow>ce|tO<iG>41
zhOntQ{w#=2*1S3&9#KBu?B=@e9&o$-()o#JO!{Y1V@6E5fT*M@&Q{{TrUr2UfnF$C
zlSuE*_ixaB$cn;5&hA5)&uaP8`pty#rbh#Z4RVeZtBEb*r2Xclh|sKN#AaeBc=TXp
zc~oYF!0-ViE|<XvzW@DMA@U`-Ew8k=%*GY0m8_u!oKJID@jnu`{OHZm@pK1*5%io;
zkSaji`|cumx#zn4;7y^r=BOzc=v5Id22hnQGxm?}mJGyDl6$YO+Z_jh8O-L}E8@LG
zFmTStA7*db*byaF6P@V)(Q=NkALn^P$uBA$N0@P$?tV$%RRFc$A+031*Xyh)d^Y;A
zS1Vf6WtkIWTKSVJhy9s?p*9^1IcJn3HBci#^^b@KlLqYQnSVvqc<EyyiTQN5*uv@8
z+#!4wdg#{}^f+=*R*GnRrKp98_h$0&;fjyz2K?O%FKSk7`*LdVZDrVfSi$K7jl8d)
zd1S6X+^=9gKybnY&l2pKthKRVM&=w>XT!4AoGLmd78OAYs+xV{XXQ=y3kKuWx#;(6
z3qhwKD?^JQkDT5i;yHsZk7Nt?g;Sg-M;!6SrnA_a(R8-Z+P|Hnr(?=^8@tZwYTG-F
zm@#alfi}Vo260kP$UG5d1*e01%~#_DQ9AcgcK8X4qzxd&^<Ssp`vEhnU;DFTJLM(P
zarkTfLdG~+%T>Ya{ha~dD_D$W-{h~fe`~;F**xSSrKSPDpL`ibt62jml{?3Wu;*<^
zG`{!tyh3}lI&ERRafTZsVR0&Z%xKUITK+#YeRFi2-}iNFr?J(bv28VJl7@|K+jbgE
zY&(r@V`AHBY+LX2^L>B+&RVnPIrpBs&$)Z=^GxOY&;#P`;oMi&=Xgb(HocS`2>veu
zEGhF_llx_~665Wc=-3-<35k(S%v|LZHrfGh<n_UapDM$hsDgt|d^pUn&Clb{2JC4W
z*%VwIiO_6SJ55E6g?fI}PSldhH>=**>q61@3wHG%5ro=a*vxE?j0oDT{8vjnQFMBJ
znNoH}>D1}>Q-_LmWw@w}v%u(HXtbQ~rmSBsXiR;GjE7v0#R_PCJN~a6+|}q!wWM3s
zF>Xf#Ko^ubMwBHk7g?cWvA=1~*V4A>+%P2tueui-$_H2T8?7zFR0dXpM#KzcpZDYk
zrY3H=a<BRP8g4>^kX)2t$B9)m`VS}GH@^fWY|p$8Kt0Qymxt~3u5r6R!QV1MUjk^R
zaq7=z9^)?loIZS<6~Ls)<ef8V<mv+S`u!?IGJmqHvmC?r5YYvKv#B^H(FMdwX*uM-
z6Dh-`1m2uaBg2H7l|Fnl-xJ8L8g^P{Wi8_PLRX2}*%-prU8;YVOQZV)sHL{vop<?b
z^n!lin0@t8wNLKj%-hSHJRf)5LX+pLpsJ-gQnm&KX-g4s7YAR-Ag$ogKZ-3gW>r>B
zn>P=&B(V}@vGM&3msL40w=kH2kH1CcVY^ps=H1AC%WwWFN=e35nDZZ$N&OGX=)3$V
zuiq*7<~iv*GEGqe=Hy<spKOUWV2QFIZD9J(cDHnRXAcU`73OpIp_<!=yZqq&UTjrf
z<w7%popFk4;f1LfTwH{|q&ChkdiI1<i%i&l1NA!d-xEMTa)?F-@ww(>I>L%dH8?mA
z?We1!9SAEeCufr}bMcd)KK?IqQE!ec&88-zBzqa{jJQs${2%aaWQhtp<ht_T8d@;o
z(FWu8ILF7dEmuER{u=&J<6O}&lJ0>NM?Vi_*=2Ru$!l@<(Ld<)W*FQTe!*o0{GP%B
zAyiQM4ycmwgqe%lU&oq<0z)1jey&z#kBz_5jYQL!ejpZYk5XQ~rV&{y<F#!0|Lxu!
z(#ht>aHTiZWr>XkMvdv9`BFd1duFdCPaHPkF<xXI6+abueBo>xejDuElMJwW$=c(0
zAb_5lJZJ)UW1Z0+>5#%vOy^0tClM5Wnb#QqF=EzR-|Qf#%2~yPNOLEi@S1>E_;|Nl
zL^H|-PywN6B3sRV-Vb=jG@noM=Xr)SR<d=f0_D2>EGFAH1|nN!vYhn2c-*p^$-|rk
zH{EQy0v*OQX4_)#letw8A}o#_UQ8yXeP=v&Y&GsXBIG%Z;HU#Z!#uVCm6_a+l$jmr
zUn+mbvju;3>8<$sjlCT1RYU~5OO+Upr2)D?bRh_ri`L+1O>&+MmHu@RZi)Q-p^DuM
zWUn*#70(k9hY<=}#qrO-N*tC(p)MHKCw5cZE>l5k>lyUFGR8(Z`zvgt1*g61%Sr=k
z`#zXE3fcR;bUkz-k#%{{g(NpQdKGTNw0lF1al`Nz@h3EK=`W<7xBCA=Cv}-M#$jVX
zye|rvUBK2pMX6YPbl!J(Ok}-8;OdJTo~ZVs@zwt#8g9gd!u75Uw4WflrTqhMyV#Oy
zf&RDLCPbJUqt$9KExNwbk87#J{!IOwUJHy{4L}j~OY@e2n$pvr&W|x-kmZD6$2Ec5
zn}2DYEvN6Mz_sQtCk9c#Ii?*0_n$q&8W-Z-jeys6o?9A*oT;RX1VTM~Z$4BFGuK!h
zInCvXSC(&x*EU|*mnpYbN#j6}V*F88l!_IS3cF;uPyrO|fPcM8=^c|iOTSl#6&hOY
z#&DWadgH_1dA+glCioP3qe5hUtRAqXhh341Q3Vx3f)gv2{`cpHP8DLoz^SthE-dgP
zUgJW_I5bR&@VS}tUBxcJV!5gP6xmx^O-<qb^Lq12wef6kghdZfql~AleWkH|a5U4p
zr~8Gd<!_nE*s3T(c2{I0-_EVuWuZ+OIz`giY5jK>q7AJtX=YkBlUF}moT*%dvPE*i
z#EHJ8R1F&0YqvII9O!vbxiOSO{eno-;4yCFPsGMiyfQ|I9$Tz4-WR=zkJ;o>VH_)&
zPLQ>=UoRR%SS|kr7F?3x)IZ*{YrI(Js{u|GJ!33CYNA5#9|>n>H~Aq`*bTm-5~|Y;
zS?){Vx}kRVlC_*|S<}&ww3poLandw(-RmF=KMR|T`W>=vU)ak_0BR>jEE4xOHU|WQ
zCzNKlLHLz%Fk4_%`m?;By}(Uxy-h+-)@75uSxS^NC{^uvOCW8#Eo$5A(*3G5fjI4B
z77tIJHuRyz=y)fF=1TO9_j20V4#XDl4xOCD`=?Zvqdy#XZ#5cta{~Wpj3dAdB*`Mu
z+z6lCvkg0le6R6&n{TD}-Yca;_d0MgdC~b&#h6=jAaB|Tvt0G#!rPaOt*vf5Bu@Ci
zoJO}bI4~V=JRJH2fks_N_T<R<gfppuqte@z6P2+%*nmx=;f%)=2@z#ndGv3NywOEA
zwv5aPX<4VO*2&S26Hcty?p3i1N}QkHd+W%hrzkrMQ<eNn35nfVsA~c=2F~svWbl=T
zeT>PR0N=7_<_cG$?g)FT)&f;^f;AfP+lwG7b|YmF(RfAO0uRK^<<Vel^nS<?SR+~s
z%_2Z;N`FI>(b6>*!&4LEQQMaauYtM?9-G;%pU$5{zu*q0s4zp-{+D@YnaC|Z#os+#
z7yyinxfN|qzs#Cl<S2N_6QdeLytz(A54u}_U)B5sbxu0ebf8?rRKGjZL{OV&IZdX~
zgp>os$#32fYL~2T-a#obBjH>SKb4cXXrQQOfL28j7<H`Zu7>^dXNvFz^6{51%`odp
zU+5VMv2j`--^&D+VeE@ocL(psxqG{GjOs^LS#tW8BCmdo_NuB1_iCb+&DDS3Ku2nM
zCAXkpKvg^c`u2KLi&B9wE+hMWEvkN67#D5=ybnHxnca;){TnelMv%RDAi8(v57gNu
z|2x7yTONPwDhNM{<*(`=J)cT}4YAStscWARs=DFX?$DAakJE;1Xl>u7OY%YY@XE;%
z|Ft@6&ZLXON2adtJ_$H$O$yzLT=>aoV+%MXY~(!IpN}Vei6nodiX6V_j7d!1@hj=2
zPK_2p&u_2>mHz3WXFB#6Cv>wu{Zmw*rk3tcV1BKl)YcSh2#CD<>`LgM$z@rdRvv%T
zvMb(BH5bUjQ{WfANUQ2H^RzeFkH5VkM@Yt2;u1*7FAABL+>gzGhE`~9D$j3Nhm_<^
z!)c@%`Pq7g4(dOw$7WoM4p<Jmoy;?KV@AoitiYkiZfIGZr1g>&@~D&esEd?uX7OTL
z+rJ|oR}MD6k~}>!_1n@(E$ec7(z=nMRe_r;9u@#&!~m1Rh$Kj!xT0)<y-yCk4pzc8
z8Ty<?To;IYZX|C=uUDqVV<M}1QIvH>F!gsfXF&whuzDdzd#LDDAEbBLo|GWe?uwgi
z^=}_MHMuV)dUM)0o9Ae{^VIhm8CLlU5XcGtiR1VD2zw@^0@zZbrlHlDa(PC&37s<A
z9ECtQHI1#$_wSP&?lAb827ISlvZbT+o0}mhVLN@6;Q!biH!|y+Q2MR=t>`E<#&Ov5
z2%P)t_QTJob}M&dmn%zm6x2f@;fE1jkv{5pK9+QeZ@07+4vIDT@kif1ejrT=88}TT
zu6$7?VKUfEIHy)^V^r9mEP%BAJCc<ieToD9rJ}OX@>rAqJKOMtqoU{*#f0S9s+_wl
zjv)!-kZl>vnv}k-mOpmjrVymS1?%0>O!%}2oS9HC#otoABjrPFM9N`bxL@p^-Fd?U
z@XK;o%VFIEf9U%J8(30tY=ag8H)>E@U*(M7b)#;J3kG8(xnHJ5c|q-u9^0XIkIjo*
z{yNzYLV>7D-SnCEAoRe(WttdvuP3(|$);pgvN&ng2-#y4NlrGqVdKpL=)LNSfqG{u
z;$NI>C4P-f4j`^-<wpAJ&(Xm3$W|K-S}Ik>uDU=Mcj8F86la>S_CJN;eM!9@hs!D#
z0{iL(BU!w0M@x}3-n_s2{+NH2pCDW1rrYLJ`Yz|tTdedOWRX_WPv*NtJ&p4N8$EQ|
zziN+pXGTk8=14hvHC1l8^Z28-6z?fUyi%ofkoCdrnRrJyP@xgo?M<t8Pc7{y20D)R
zl6g`w;v})r*aG+hhBSRxVa(djAB98uUCrn)lDK^WXz1Bd*lD5IKH#qBDa%P#wN}k!
zol?Rtv2sc3T`<g@M`cU7)W&4%kZo@)KS7x_SzG5XS8Ob10j>3*2Gtdg)#>$JHk|4!
zYvx80hj)zwA4ZZ?zH{~X@!T+{C9NheAaJ2EK;zP&WR*Ng1F$YzJO*O0>eIRpe|WjF
z>@HvzCI-mfJMCrP?6yUg(zY76%4obT4JL*v7_SzV?%s?S40j5Kne%@Ubj3kzBGx&Y
z5<6})qyq>6YFsX9J@#Up6yMJH5l%3M)6#uT2p@Dw1z=fFD+anBRmUMoNZ+Nv;L{-m
zZukj<937B4p`})xqn_Z+cf`;_GphcOk|S|x4(Q*B{MyESfQ-7el_ZIe#P%UJkLgkO
zMpnlnF}N59(tU!hc-P3j{9`*}T;wP0Nv>r!KkE`7g*N=rwx?Y%jL0MG+o$g@-p}+k
zv8B@a=Lsze2XVq7sz`E1t_lNGmN@(onv$}a9br5)oYLNJyy*lO9f?P+n6BMe(;jc0
z6tM006QKDWw+wG|vu1SFYWM~Z;<;uddS^AYmkzU;srh%3fzNZNgX>M~IcuzQseT^V
zWs+D$R8(Is%b+O&)=!<}nKxA&OQH-WPslBI&EmLb7P3<|Pbp{h03KJ6-d=ixyxK^!
zP*Ave0s4Fn2%deapcO#R4+3v$=;e%a&Bafc&YVtP^Fa_b-;R+WVa2Qbl&+{FOZ7^j
zIBg2*hPEbgU7$`)hDAFPt3t@kT$yp81)Z1@7kTJ)G=3@Rz&U2=-{-*bh_pgfV)4>%
zg|9DA_!$|rn~Fof|Jo!b5)Ig`NQEq)M1Mb~EgNqk%isaEYU2AWw=XfllZ=iRIkKBp
zY$JX?D5#8M`>n(pf_wq%Wjrm(*zs%}kLAboV3NG`H$v3+$5N@Ej^I{H*gpd^j^>?j
zE+$P50GE_Zx4~NR9~;`UBy{<fGQ>QLFVZ~>kV(>(g1zmh9%nC=y%J_nM~rvAhnTE4
zws)zK=#plR#Z<Ff;nr1175wn#7u@3J5Pf*xrF4UW(ZYvS20Vm>BZ&k2=H`|;GJ5Wy
zu(!%SAm+BB>?Lzi+xXRyB|4ix@jFA4P34)Oe@nOixQu?J(SC%+vxs>6NT#j$FeI>&
zeNbFmo~`r&inp|!1@075q3ng2klZ|1A#`Q9kWs|%J{$hxkre`sZmA(W?LSgqzmEZ(
zPg6mZlTihB#fyzQ=Nm$~16QgpSTF@f<tMi`&Ko|1wf(m7usl>f=+QO0kUk%9V&$*`
zeA+PWqn=nKZ@vUm<YNXU4(n&x>Rt1n{c+j0f*YqlA~TN@vp1cRh$IFNZO4371*Nh4
zL1xAdOgI3+Ok5OcAuQ%<k(x?{unM>};nFf@<!p(s`LsCv#rG-8nv=;LlQee9Q-v=;
zh7m;hP+AyroDH;}e?Kc02naC;166lozU<f?Au&W*czWZxGW~Y&&rL4o$33H^OWU<-
zc7Z3it|)c^Zlx;3NoTiUxC(JR7F?+zfz%g>vr%&6vAmu?NysKoT!KNn`R$M*&93rY
za{stL+Qa#8W&0MQ>4Jvj{o#=aW^>sHqo_oAE2ozaU7f{)7o%bW;-OBv!45~Oigu}o
zlPOT3Ex~NJK>ZlqR}T{uNe{4F53VQiwC0?gKR$Yw3|LI_Tnb>v`0weu0(6?OtPyw4
zVBre8(c5ha4mOLxxRt6=lOIl{nVE!9MF7O$ha2IvHWj}CJzh{2o;Br*2Io59p#+tB
znr0*j|M)xZLzNzeA0*4zj3t=Aq~Y4jEo;uQ5nbPtiTDkapqGE=Hza&`j`!ynsdW-m
zNJ5y)-+dU_Q_2m7<1Mx7YiUaB34FYNV}7LXty+U=ihxt-lTHOQPsJ*amD^u#%wVy>
z%xh<kuR?&@Bhnd`oSWGlBJI4F_QP}?Oz%;;?t-cCxuhVEN4r>-AJ6{BcTzioj$>$E
z0b)QgJi8n)zO%NkQ2ZZn(2%f<yv9<#q`zQim7%vN8n!JxK8VXq%x*^QYDU%>#)9e_
zX!lw_JmdqnCK*g+fRr9=G++~eK%Nd+?+sm7i`4G=tt<Xe*v$y3qrs_M$`a)+nEq;E
z*KQq9u?Ft1(+pW|$e?MAV7NV4ib(^ybxyAH{ExYss`W`-ATd~|2-$v#GnXg)zLW>l
zT^+&1hgad@>44u#0Z<UgK(eh>sYex#a7(>GO%R10;QKr6(MRo#z%7BreyuY={a`vU
zAbNqY@RZ-0Q4D4yWca{{YAEZ)-|$adPRh|&t$?0eDtrG2NWlMyn^BFL6HdcLpMdj9
zl=WP^qZy-VSls|PB4-%BJMzx3S|1lu8_@MOCU4FGDI>yuuz>@UjD<UNVt~aPhMW?=
zF#3*2#M7$xM7sx>v=3tj16VMqvySa7J4JSu&Qxp3nQdzIZ}(OHV{aXYC_jSAYY3W}
z7uK*Pabprma>I}%!zazo;iaHn{2hWbKb;y%<3O<?Q9R?bKlT{mw4&pu^Py09AjI6|
zz^uk}!3tc&vyHZ5r^jH&1v_ja!<ng*+DNPpw-GJxljJKM|Esy{JW2ntxMtFb?L`>n
zwiL6N>KHn>2Ih(dGp_&%Tr>ClyaQoGxdB{uyd8OA051uHv%c3KAd3xh!<8{;G0hD|
z%vtcvFP1Tz&%t)Wg$ZIK!ttW{TfpC<hm-No#4_TL_rtFSVh%(9rIO7&QggnyPGv_V
zdst6ayMNmz@z_!vd#$BVzb&oUYQPtioihNsAC{){`pQD}BB6O6JZ?~xB%*@g{r8k~
zNCtj*0S^pK^*%h<wE!PHI5#9uNBQjmSvdOmIrRV^eSzhJv`Y}Pxlix|l%F>oI~uM8
z5$L~IyE_sH)Ua4DhZI{vdVEGG5}n76x_k@I`zv&#?-pR{7}#Oc`Ou}-gSY>3nkj_G
zbc?$cpVK}T@Xf&Lgu+GIp>B4%sAEY;%VzPHfmp|{|8__Zk@$Bq_Rp0O_~AB_dOV>Q
znS+Xo{z{B-UXj3+D2;aF<7!x8?w33XB&lFz9-q~a#DL7pY<e5IbN!r>kwI);a&o*G
zJ9GOuqS!7N<9i(arqYnEe_P^@(9)jj`Aw-!PL=G|mpi)w+;$y3B5E{C?n55+XCFn1
zxYPbz(l+g0m2qz=?C-T^Hhyc59mb)O2Ov?_&=ViFGCtC{ELS4h{Vr7nQ%j07mc3hQ
z1HXE7d+er|jRiI+QUN;1nE*nwW1+wem6#2snGG?U%lcM?_FBSYKF8H2QS+l(94OOP
zaBIZlGEftUoZOrt_2-|ERRD2uk(+N@RGvn~@3_k`?pql@u1Bxmi^(Rv%nq>daH6@P
zjD6fDyio$9$kI@tH@tXMUgNw!)9zu)siJfm6`ze(`VHbLR+v;FVxPyFJzi`1XZe27
zY1V?OpH}a~%nK}&wu5;bg+hDT-NN6kW~eC~zn<pv&zg+UKrH#Th=#c6*K0dpl&!Yb
z)b^XW&Hj>&AL0PvU=;HW_}K@8r3+zAh7B$?5W7@O%TZE9a~Rl&s9v)eWHsB#f4}7+
zo*?C^O16T^aPW-f<Y6nrc#Q7UBTaf6inm7v{w-)tt;F##Og0rAk*aJL&q)v6YALA)
zfI0uI2QNMuw%q`Bc>5Q0dVoC&=tKzKyDAx~`9*28Vw_%iTAQ)M5gksG<cCnX*h-AX
z)c7n%W2LU)7+x@mds_D1koRFs!zxIICsY%cNgzQyf}x?re)Q10Z7?!-qRlq;gSf!w
zHolTgTMjb$XP6m2D7cxnuFQPr$k9qFmGo^5SDc6o&^#<qVq{S!)$ztgCynPv6!Kf9
zAUzgM-|q2SAI+$uHIwU{pfNM77U=krvA{`n&)L$k!yYlB;nx*m)LYYvq7LGEGibWg
ziC*TLFWwj~UG}cOavo$iL-aPGBZRgaCH=^ZgZt$dOo7zl62KaM|EeMrkxw&<$6W$p
ztFwfrxrJb*B}HMPpB3(;v#{fNg0B^;lZf+wMD@wvw01k1r9_~|XKzIT=&gHMnP4S!
zZ)Pp_&F?>6r*sAy=tuvYUOm0()CqwHx9d<Mho8j1yCALs&daQ2q0wV}!?&&P%izeS
zcNu{@c3|aruRmF4z2H7CLUMVS<BM~p3bWpSG@tj|E(d8mpd36%fC?R``$|P*hEb4I
z=s3Gez!8;d$ww!9kKOF~lfupucY61KUH}rXb}Qd05CUycf{H6q>W*#qCXQ)46$T!^
z)mCyY{B&a%H>RIshRiqj-Gb<f&4$SSd%2BSsh3#yuR8qk8DC?1kGV^-U42CRhMh5@
zAn2_4#m!6-Q08qI41G9S`gDMt7kNq}b`>kbHww*HD@{Hdb)VB{)Eb8+Hyag*E!KC_
zw#U0az8_0@TA7b+x!xga^Io|z-JwN^w8Bk<Ox@`deLx&n1G{gbYu>{X38wqP2;2V{
zm%x}AajEKGc$5n)W5a09d*B{U2rG;pPt&)dL7>l~ifZCq#SJHmNw2AF9sFw@XL+!m
z?;_#)i7)~!7AY7K%$pG_fsk6@N15~i1Ie*ph$OmyF2P@3TK#{`N38i#xvu$le5WeC
zuOE?64rkm*O4P}NV7FSGDXZ1G_d!Jl(8jH$#l@N786Y4kV#GLA>6M|O$e7=+vrTJy
zU2to^5euw9d2>l&%mM~ZS?0OgkeU?L#Xfgik&Q}IJzi)S=jg|KyvML+yEn#yWc#)c
zZour>{q@I-O-Hvc!B&?&ZueU+C5+@_Ts>b=2s^>5?B20$F#77wM976WpqsE{XQ=(z
z;jFDv+7I$$_E%gJ&Y_2ph!ZepWm?mcxw$*4^$@wRnhe((6&UA$>bX9cRgP}kf*#6u
zRVxZ2Bx}uN@#sL(om{3ec=J~%h-J4c=CyB@!|iW|o1cc%SYf9ul@~sk)4}@l+uT)M
z=C~YTC`M~~=TjC(#ziGp8+InKEbL`kK&K{r&5k$24-C#Tq>6Zq69h7|b?7MK<R8{5
z#wkU>C-1Lb<(5y*xAKBaD{>QYUx~dx80b)!Zg)pgT;-^@pd`Pd?sX$~yT?LTPwX_|
ztQVS2{4J9rHd8|o=Jjx!GM<T%sPOY3rZi(Yt(&`SavtO-_Nc3S54{mR5K@7wBE+zL
zw(NPIY{NL9S6_AY8Hg3HW8w$o1^tD0aZ_B44W@{mNIYAaf<2Yxwl9rA?OGmbste-x
zeZ7y8CSK-v&)mm_r2YY8*3uX&UmO4zOdPuTNiI5>6Kyx9R|~L~c(IH__KK6+w+{tx
z-sm7{cTmX1h}aQ5b<-tXj_E`*2%br+mkU1NKWQ<}h06b*^lNeWqlcl$`n9d8YNbEf
zM>T4_JxA-S$<F<2Ah`YGgezj+4l6t8t?o=+-51}U|FFavczfM3SB(>nT!}bvBW10I
ze*G~v)WpCqh^e)zo*Zqmh8r5R{Gliw%I!(@_!?lgWsTTGZKgBe_v4*2uj+zUfSHaV
zf_4R`*5H-+!*0autXgpV^W#-4zhA8NqAtqz_|}S6Fbo#^@T%wgg?!cr;c1DG+dRX{
z*@KXabwL>-4?Rwk&cw47^i4I<sqgzkU6VfFfPp;_dCTDM@-3g>hkP5iKy*fl_T;xq
z>{|0@DHWos!zDkjAiuYlF!9j)2QKNG<sM}?UL6xvxL^th21jw`&o!`>s0M!NQ+j#J
zM*aXy0vkkUNOX)4Y!1Sm@T0egucCaMjS|pnAnY+KoPu3flHnH=BJr+`uBCuz43Qfv
z?l^$6^XZ6)NIMR0MIvmQsq_dbMut7XU#T+_BC%TwBl6xwhl2s$Q;+ZO#ovbhbSRCP
z{e#~jh?!$ysDYhqvwQtqTV##cvYSuQ>ZlFVhe9^KFTUhiMfoDM`5fG+B?I1Kp#-9l
zob~A%5Vf6k5dfP!Sz8}l<sjwz;QH4l#cQC--~1Qpbbm*gTU{>_IH)z$tq(|$d+b5F
zn@cB4?uQDL-}@o!X!+^W=ZEU>rElUIg-=c*T7Yl^N2jP}R&^1BjkN;uVgPEb7F}!;
z(@))L^cZ{bY~R-e<Oy`}m@8o_jI}W9s=hz!(YWm3JH*qi>sPyg^2lTW$Vl*9d^`u<
z427@BU$Ir2VwPO>7nMaZm^-TJH;xy|;!Pi)L<<oLlFsR3nqiK`4i^JGtwR`;jAaNn
z61k|DG%;HA7W;~ZLoCiFZT`qE-?6W=92ybv=y31#fYjxF$DVsUtat&R*Fp5So#va-
zGY~9_fTIBzc&;`RXYkJ?XZra})!~~U@on*Xi)-)h2sd%k%V<KfDTN4XJBFZZ&ZyV5
zyqpnlqU#U-N2eu`UFCZ`$zGI+xT7{8W=EYo*3!TOJffjP-z{G|yP;NKK^<0YcdZtz
z-2jJlx=(pJpGi14`+4`9DCYEwp1+SV_02Hx83o^UN(Y!IP`aZ-S)>{C<;Je;2w^lo
zlq@umMP&BZ-HN{!1cNTgsaxXpt6xWm#o7}?WPoCvHZx^ja~Nz-ZmMq~QdIBhZN2B5
z>qqNJy>inMhlomPM#UX_C{ol;8JF617>S(8&mU7sLSB#cmFx{r5J3c0Cs~9iw=mT9
z_eFReuh)_Yf-4me7fwBO3Qb_ltW>pHbJFtr#ot#t8a)MyO|B=~7&-~;5s3`Mp-hX4
zpvv(qINa=wBJQ~KRVxvo*6!E9kauE$aW_6uy-RtmhEv|=Rk)yofClqX=@)hYIsB6K
z)XWb%+lR}KhmP?*OzCRev=EP<kqm7zd@fn=pZMAJX9{LruzTc2p?l8`x|}75n&zUa
z)WCU_bSRUnFhvSyo7tH&DOp*)BMG^ERAEh!=j-osCi#+;)59VxD-k#(vCA3wg8MZ{
zs&yD3kd@Ws=ah?g<~2^t-Ufh6X=%AHxl=U?-_evhoOWZ%Ow*g#d(+q~>Zs8nxK(Tz
zUm$aVpy|egD~bG!h7748R-ImtL7xI7UVg@**nDGP`tYgV-MUpc8_MzzwSVa6xj~5v
zE}zym`xFs%8Z<1_4q{$^>V9II)e5U%8eD%MPbH4p;UbSx{$-q^L@sc@jZB;}jdr0P
zylA$?2@3Y5LhyNXW%|tEcon(hedH^?)@paL&drSH=DRmy+oszM96`DOp{+UZem)6`
z4z-gy>sF^TyViqBjpeTEiGVKoI%8(&W&ub0BT)r3DMu})-AOcoMr~o@-f0(b*taLl
zDV5WVXJ!uPdi|UlrN^63cR!6f`!J}I11)KE`SfB}$d5hdX#2fCVGZ)EE~t@i`=Wm|
zXbR8YU?l5FAglKlMh{v7k@z6(*OKCC=C~cgLA=j=u%+g#u$tZS=q6;?)R}(U?*s7`
zSdrZ-;cFB<qNYc**#}s)cz$?VD${4Jr$-!pu4D*^ofyzs$^RomtK<*VbE2jpUS-}m
zNw55#+3Sk%+kKf1y7sr>`f+*B=c@%~#XV6e04Oc}yLoIT(4Z^+ms|ie2qW>+1>U^m
zSS~A>@;Y9Y7j7SxG7UL81?l?E4MFKqtef7u=#%8#X2Yb~h-~v1NvvDdHAwKJkG2|-
zL}K+zaDvUxZhHv6x98Z|`_$cc(x}3GSbw%6<G9;_teU<B^{?J8*A~3DD)EVJb@;66
zw=Z-XyGL6J&4PCLOIPFPkG1(!apqk1flg>z-;Nsu0bbF>f!N7`r5cztNal^Conf(E
z{cuYoW7r5}Xcz7vHppDQVVaUq%oc9a8r8olQ(zGZBzlW0q0Cwjtv@q?WR>80z3qp&
zjtgl88~r?jdY)Ksa(3}OwErwhnE`^B_G?Xh(oTqDg75LoLeKHP#awh6THG%qB9M0T
z8z_hLm@`k>U^baHWju1;rnigEvbwLv`%J7E?0WE0dYkQhVzs&xMi+(T4g!ie!00<n
z=&j5;hjJhX4ed3HDxPw}JS<FT<<Kcooe#A?oD9jWwdED5kUFlrTMiG9xR3TCGl+NV
zRjth5CLiH02PstBlyHRX=)<$GnEkpe&`8z=6MmsQ{LRY>oz^)*@4s$5V3P%jO+&Wp
zL9W0334{TYJ#pO76C7wezY!0tfi4QrXcNLMyUa?}&|_iNg8sx_WSVEkV-BM)KGRBb
zx<%r+;iY-GkFMV(K{qugg)R7&BDn<M*pQCNfP@s<(l50{K14B0Lp(NmylPqx-xVoB
zi)Tw49UZ>*m2=aa!NotGq}*PTUg+Qfa4JlQ+9IS^Pu;vWN3Um0Z##avMYOxFzPD=*
z?2I0%9-mGmlZ7Gc-nT~U9gk|*w(|Swu*7@mED={G`t7TaI7-g<jqB_-$kiPkq0Kq!
zJ<HdqtPLH3nxqu8>K0_CXxFyOZOw_0*uf-jld6$Z`MpLkfPih5a7;bBb~z}(arshG
z_RPXmM(z8M(;R)z>S8%?0bSIoKq^Yu+?G-fY&jcJ{hkW9c8mAEDMmVKpnMwE8!^~-
z=$nkIVGW2Oj>?-8PKT3%>hpN13vxYIGj_7)P$WYO{q}Qe?dN}fA+!4ke=V5^2C{Xm
zJ|?>tc_#X$&3nSo7_p_5hLS+ooM)V5AM4z5_<*(Jo^$7H)oC3i)v0Bv%~ShV#r*7D
zoZQW)O;!|j^dBwPrb8&G0VF<v=B;P8^39du%I;x(eHAz~(Yq_8_*arfgQ1CauUF$f
zJgHqXEA^Iw#5%E9!tr)DUadLFOm0!I946d!!qW>sY_|6tK0e>+k{RsWW|+N9a(_E3
zryH=Yd(T(cv<FnK@C0q4w)g9`oRJUS`cL_@OBIqy&1$Vp%=g8%4-d8`%)v10?Jy>9
z&og%|K*{~`YE1RJ`p4x#B;V#p*^zw1l}a!lip3(VDL_C~-6cal1Be`u`)X}zlLODt
zu=~wfW(}ZIkJrwzy+{Zmf%5f!|K~>Gf%GBYwtaYcay}(Kc(;NM2=qVn?eQ^?fxtl}
z`4PGGB2$BmhJ)4XvVw;c{<~*-Dt~-Y<8Xt0+I;}lUE{u;@ONPI3w>@!prriAf|I(p
zC9?o!@<(M7GJ`$LZM}~m6B_u_l~+J2T;HT?3lS;2cR1feEzc5WqNf6`?rirBHE19r
zV=`9hW)|qh*EpfTq;RTDT|z00*c;vo)qO}h`$yy@MxX1V$96q}n1xV0$KB(ce@&El
zC5XQc(Yx1fDl;xT0EfbvS}$zL40JHE7pXVVt!b}c<WBJUG=WW*R@T?s_pdCK)i9pd
zGjZB+ESZ;41kqz2Cuucv4ty?x?Vo>|NR>tP7mhJ?q;8%f?SA@hPb+?7mqOc|f){7r
zNl|dReU@Ulyolm1@IE~vD-*Aef!xOurdLT;T7Z}&D?_rD^ANC%ILgssNkp8KwIZ;4
zO{KaiHG;QZBIa#wL~XJWx>)pSxV(HiSMYo<eC6xCk2$+61%6mRy1iZ2-IG~wd=xGz
zH26?IEX^(pYkZej^8wfS>^Kfz1WLg5nur-GJZV3V-fz1Gy^?%xOs=4(V;c2fr7lQF
zD<JDr2*6(bVw6H8iejGp*jJTV*-7}rH}{bETHB%ix+%u_E2u#v5H3QLgk7*^8SqcV
zxA?c=UMX+saiG2&gY+wTl<b^x8vg|ZjB{`NK>-HuW8>Yo+PFj#Zt;n@2N_ztUvdWe
zz2)B5la6&5L%ZuQbk(31?B)*Ga!5xlPgL_z@34T+m>JtUJm=#0Vf+=zBWVfoV_dJm
z5l*i=wo;8Avx;~NJ6v^Xv6-XW^NzG?So&h#fkvR@W*WT;#6N;9xZESjAryXfe!eX(
zN{l8+nKe&RT7*-_vewan^Mn!u0*rDoEl(h(*1+QozPvdaHWN98!9fa~kT=wj4IeoE
z^L;EB603($IM8V>>kp*ClqTb}w?foAQoZzCAMMcQhGllx^y`lQ;lPd9l0+nMzG*5k
zdX1Zat$FbCzk?YSL68EyFAC45Cqzd};vbz%P-xfT`Mb&QB}&>2t{@&3<G|I$-2i_r
zS%t*H*lmG~Uh6NLoVV13eHb_LP&QZUcOyv$T_xZxZToEaUO>f$_Gt3PIpRGx@FR2U
z9Y0&+iSE|73oKu0q~*ocHXWB{Cne4cQf!IIcvsd*Jy)nd2PUT&(+q~|b4LUp1gERe
zenU8H@$haNz^N+pPybp6sn<TLe%Sj1jE&J_%7MFo=9AS>)2{VafGiU(igW*Mab4^o
ziD$Zw%`p{$$9vwZFbUAFi#5jTul{WnE0`qGMOJr?5galDC3feh`q_|@ald@wz6j?T
z9Mr~lWd#lLE91ibUfbp9)<?PV-&n&3GSZV00Q~y};nf?%1>3>(U;eG1KE_U1lB130
z@1f+Ax#{6|iw3IR!8+}j<H<b+p@S4KrsV6jca2LH|H@NHEKs5MA@D08C7+@Fxj$0Y
z%ZtWFY4^oxZ6PHVca5Ynh??U?E)vwD4(qi?d>GiW&cf`}+k7;7LbiQv0l9?PoEZ1x
z<H|PpUlP7;Do!dKGQfcD7FDMIrYcxtUO(DmE4}Erg*XDbKTnc%@q%U@P`g{AxFR{x
z4^VcVw>D$=3J;YLIWOsUxo-7fwwKtdOjofwZ`TE~U5qg|i9RE{9if+Xp<q0_Z{hLo
z2|z+5AJLPH9+BxjT?fGdxlbb;1%}k<J+4@l6aXK-lG=FHx1#MlwW!+Y!h`6z9JNB7
z=Kwrv06skSNZHNVySo^+-4pWT{<g-7Gsq_3K%68q$mmXC+K}mJ{sYv>Cc63<j!5dv
z+27?YP=NnfE6y7ni#xyuxfyt!%j~YF&+d&@FuF}<&aP*d|4Lv6whS}-CcmERA~%7v
zhEd1y(8K$OK$8$9tj;L^yHaUALOBLjcc1kUU+NuqoCbE66k{_n(d#UHGjhK^M+FZ@
zaC5SGIMT)Ik2s1efGDG?+<z~OP;ExP-KI016XeZeEa5>XV+o&jM}wJlgYrAZcx(TN
z*k}++{bggsbq?%4&3Tf&g)A3Apr|R8m;Q06EK?}XnQV0a3D@pPvE0j=l?OR(BvmjN
zb+Z0nct&>-iJ)1brj1j~b6_dAcQEyq=G@N8xmvNw?tMlJQZ$9!M5+?n4#LhyhU52W
zz<KeE>!d;#UpC*z8^XQZ#9OytNALfpu^xX!)M4dV?>%$<f?#$X(C^~<xI?t3>9lj!
zB=`8GE&dTkpsw2x;A@aKp6RFoxML{VQ($5!GM@4U^X0r}B^=UFc{sKd1%|gnfCR{{
zVpa$VM5>QEZ+16wlt<y<0t#6h7&o()86zNC{Igfbsb82*H{u(z`s-G&S>yJ2Dl(jR
zMo!<KH?+6=0M?K=G5FRek%l8hxc-eYvDgooiqXc@_7Ax=Sg5=_)HWoW>8A^gM5%wE
zA^!P(>G%1%NgTXYM^i31{)egQpLtdq4>x7%Y<;l7ni4JF>dq;QnVvR#eGKSeph<3<
zQZJR_Ae1IjtJp#alViIvmPZj?@#4*9`%AxKgQMdnDC`NSMRIe)X9b3fhBav<)E?t&
zkcEhpxaqWVlvlCVmhz|n-g;AKXtIv(Z~m*xX;@=^^qR+8QIYjJ-tcqx#|`51%6vBb
z9iJHPj()~)GJ>(J$+qNL<Q)<CL^L)F(##Gf3bZJ0c&x8Ex>(!<mh`0oGeKOo*s{x7
z%^$&mD&4R<LYV##?1YHhK(A>dRy0ZT5(s09=b8ul{?&WlI$x#$RHR(w7BmVQI?r{9
za|?P9X)}s<jLEaE+dWb|>v-_V$9!9Mimzy33xgU(W+D7JXT8yG&3ARMcb$=_Mp)=>
zhUYtGsvn#IDnri?sfv^X$fV<WZd%M<#k$^)n4nkN=bpFm4UCjFP#V5SIIpPt_$Jgr
zhAnHTEx2lF8q%X~z35EJDpAX3Tj6VUtbeX&fB<;aRcp2fcNSyUzP*jH`c>M9ZS7Ib
zv8Ai_younevEvr%R~HQuoe5h;V1;_98_>J3n)9km2UYA+2<0%AfCYovjr<5E7UapT
zKY<+I`0V@h!ER4pfKG3BWCy+xBB)O&xrz)bCMc8EZf}5Jt6vwp9&21b5Kns!x9uSE
z$TAgi3;aUk9689nf0hu#{;MhFFXBB!r5B1*B~$@i*NdR;lzV+SYOBu6Bbd4bURoBn
zr$)pfQB6g;!->RqtT=}+I4)=xFDZR~O^m;2s_A^!&aN`gT?&-&T)U&S>n`ujuWB;>
zvlgH3hnTwFhnOcB0vnsZEJcx;<wp!}sC@VV>YB^Z?N{fX;Cjy>%UWO}oRm<*2hQ$~
zPH3Z^A~=D>N$>n5Q%uuAnQ?(?BceB`@oi6NPa4m4DqPwnBgz9(!Yp+)8JWU`K-GKN
zgQme{*vMWl${Lvx3PJ%BgrQQByn9*5ybra18napsT#LfqPajO#CEwosN1@_Dvxf(J
zc}sh3zb+>S-X-sELCcJ#<r`X@XY?iJx3(avsIVz7t;$o4n~*nx<-NuJh}3Z?D%VeZ
ziBT~Bj(Dz4<5~kg$BxNpt5=g>*Kg@eT{xI8I4=USh0+HuC7O7Z<MkXKROKCT7&1r(
zt2X@axS#@UDF_)X*~$9tqyWUx_L44iv7q?W7EXHL<0k?VvHmeH@nPBa64XI9h{pnf
zK1Z@|894e&)=1;lm~c&v;5dJAZ)F=w8`!E3L33gGgaryP>&Z5^i>uKcUB#(cSPPv3
znF*kIDo|}AGZFq0Mv&gha;ViQKne18XPg87FbpZPqL#agX$e?O&-8_1fDA5C;2Pnv
zA6Z%-8#m-WF3Su7OX3q)1T^nUX}QZyv77w?Y3FjEkvh$Yh0t)*I_9-_+>C9o0*uQ0
zHvgt^@&px&_S{WiQU4`Hk!qNy7fp%t@vusMpXf?gcc_?D<$5W|6`y(lx=d0UKTTa-
zcoLVl(fl-3__y`f-p^8m-?#c%o_HIE<A{XfG~LLxA*aO*A(lcGTj#&f)&kB3=yZN-
zw0&9e1|th9N3!63>4{{S^(zgu0hKJ<X==!eCBe7MDYvu!x>wtaraX&({j&h9WvQL5
z>1gwOKHBemC<_#jl>)xj=1mgHbm3Kc4paKjoF`o4!S3wk9QS%_NV)}o2S0pTKE;q6
z0^F5a_U`){gaU`@ikCW8c`d4qNYgx&S(6CJ88gCzYq69!s8jL(e;uTtbz59NKPWw@
zEs_>e^3D^v14Kadmb08y#`H|E@a4szBV}sxLX&lfg~rnxHko|T$Sz}UelZGY{HXGd
zeKw5J^->+=&@X|LqVybBpC*Je`||NV7T3jF!*G^N2Qr(iD21rDLwEXp^&FP~sq%0X
zQT2MFI^^#Y!$YhUVg$A2k+rCHL$)-KdNntZ(`aOhM?utis2?brXXe56W+&I6P4b?*
zO9LI|tBkMh-z;$nmvWwth99amLwd?ikJ>`(8LqH#Hwf)z1Hs*xuO6P>0{qwV*mm;K
zy*o^(X(4x8?3eZX*0Z#_G(hUB&`wleI8m6rWDt6Ui#>;{811aJNP6_LluXU3o57OJ
zP}N#6HV*`YH5@rR_yh;YIsmulk;CXBE))B8cFW(otk<?mob#-|YAwdc9P=TLNdF};
z2qU+Bh8)I-Qa4o47(sKs=D{%tgwQf6r)<=6t04YF84)_ix^J38TV9H^MzAdoZvM9`
zPZY6^@KA$|W{04+FCr~fTNMkh4VtJ-eqTQvs%mc&$Zke@-h*+zZ)d311<>hcs7Z}J
zM`S#s0SmBykcz|w85jj$KBqR{fgB#2k)M7Nw5>)XFfzZyP9-z5hS*m63Nx6!BsH}L
z8wvC3uu2bUT+P&$^wbySth>vn>lKfyzaN)ic@+zDF}Tm;X;d0m!B)VUdDgJCH4VwZ
zHblxUs<#I9zP?I5oul@YrQW}L^WV@Mv|XOI#arGS_;g>MzRcrHM@NdeEtKe21ln2~
zo0}wLFUU1iP0PiWD2UWhe6jXhA3g5w9y{(P5`KMs&5L&MteUZKwj&VAW|`5`KfB)|
zCI4`Beo+{cj~9h=h|podyO`6YDZPK&0IYf-i0!E!QB)g_=k|D>rLu_YVu|dTXak>(
zID~6X*-P5}xSsD8Jgc4?(5aLxi9*o&a|wdvNyPRJKeK9UxiH>tKhdn+a(&)#8W^z}
z=JFbAA%VvTge7CQ*d+}tXbv1kNSJs=sp0ZMWGXi-#jiMTj98U(0Br8b;{=jipLLX8
zz>LK^#94M?h%J580^7mKDX!N>H->?{*|__dc?YH_+;xOA=zm$r68F^<vP9?Doq0ES
z{@}W#_yC8d`Q{%vkDYn%e(AUjo)gjr!$E4IF)a65e0o8x5kdjZ3&%c7y0FAN0f;7@
z21vXcxcWaXbHvW^b3;D7UYu#nrNowQ6&En=Psyk8sL`)iJjAu_#2$}nkA~=&^L3a)
z&_v%Tsz5V;aAbmb?4SS{wk1x@cN;FjbbyaD_s#E_g3mZdO0T}arMBDo&YbzS&BND^
zwa2w?`MErTaw)famnb};AeP#QC_FoZ@s@}@mv#!Il%0Ecvfv{H2wSpXT)EZbi@I1N
zb80P~cZY8!3Lntt#(X6UsAStAlYr?!>b&xVE*pJduw@-ZRcN{3Ag&J*?>@fs?pIdO
zN{QZY{Q`#gs(qEtYC;o@B8P7YLHqkV&xHx+NyNMe{l0&CBB>MHEthF~5gDn)<>fkx
zMLWng6Mmz`YDNcZP^haT7fm!gQsm#0pozkfG3Lp7MPFB9Ts*mwC3y*?IOG2B^D32;
zC(e7YtjmS#aW{fxPCvZz%Q13;J~(-y%^&+ykAW^^ts}KT`0ouJn%{$j0`3NB@6K;=
zdz^9uLOX3W-?PMr($gOHzbF;sgWIo-tvnoZA2573v)s#N1aOxw`-U%TCCA!Y=Neie
ze$>nV06ZsC6)G$}3f$`w?YnYe#ygFqTbyO=Z%(Li5(6`vqFR+DuU21QbJHfO7oEIi
z7{_cAh!{dz%-j6On)^yYAt{uOH83WUJWgUHchqLx?L#B9RqOnp7l7a13}Prx0m4ln
ziOFuLewS(By#r3mSx;HtjweLHw%BD|8w0xtjSKs#`Dg1N{~Jlv0C1wgc-^Mx1-<*Z
zj?Tc*PR|F)9|exb^S;1_y62IF#BMD8bO**`WrEW6mUBXIF3Ld$LNt5WO}C$|GXWm!
z>)_zchv(-i*3L#5ZNaU|cV?%S=2E9CS2w2QI7RhmO^BzWa4e}|6ORmezN4LA-VU|L
z>t^ynfynONFb<pu4L6Z6_0|ex!4iA;-yI*KwnLJ5ih@^{#N0%?8MRka3%k}ASrb(1
z^o;DfzX>;lwE-^=(<FszM?5NY`BQ?`uLy1Oc94Z=)dZZ0c3NObdwTyMoM0z1H}maY
z_!R^q+lBPq0r-8@@4&QN84(-bJvk6_tcN;EGtIh9zG6%RktSPE^>Q0SUS3Ssi9G)n
zm*~rKK7K%8aL)>F5HK`kM-8}FrWL9X2vo0Lt`D$H4fZXoD|Kbb&PrEd!;wwSugEy5
zk|FACNnQj&)3*<f+xs%05Uvh|>a|8>X3K9f90WvHBCA;26tme9%VPf^s_X8VF+JI`
z>^(oGWF7h;>PYuJ0VaE2Xs_owIb$(FKdLjPOi$nz7fjGR?_z19MZg#0h(!`;ATLdB
zBDr3pyY%zzwOLWaExd&fK{|)`?i!TbqLL<uke>lI6&h#yYk{y&A2-g$*%TLo7x!qw
z0AFpe$Hl{y<Xie<%$`q4s-#!QBj7PS)SEkh53E+Hdq3)RYhs0tq^Mh~^g1OQ{Ky88
ztH;$7SOI#$mWadx*}*0kmVN#CJ}<wgz>B{Bt{`eaE&PBkL3-*8ZUpf(Ad>206%n-o
zoZl|7<_tE&;jwr-C-1FzAyFtzKJymO@v{1C$&~V4lc2m^FVfGCDCsqz*7U9!<ToCW
zxD{bb0_^>jp4<-zOVQ`kVqODm9+kBIiBGoT`!2&kny07n+v}ArvHR@nP8WT0Rx=JN
zvI5S}r(5i|_s0%AD@wAG@c37ya4O-k7nAkRzT6wmg6RBns&S&b6+HL$cn$?#7@eJ<
z<!Z))y%Bzlk6!w&lDzoedhXH+w50DOr!pY)Q<StTuVoZssIDSATyojNN~*CwNK<V7
zY#|vMip#b!UGjuY(n5**(4ko4T-d=&5#P)Lr{ipLT!+o3U}$OY$>go(S{4-R0hB=A
z=}nNI1|iTj{rcHl8axk~2PSwi$&cZyBeHS*)AT)4ueHmR^V6FN=+#9z!RgrEZ7(p%
zpi*%e84Tci1^xSTUBC?}H;K}OZD%a&#)%21Di6}QWN22>`{Ex@>|qVlw6sS~R0M#Z
z+h3WnxY2k8Y-eDa=oN&SI7&pdA;2{WzR^5AFe+jD<y<n!kX>l!P&qiISuvEDR0r`M
zzEh5$eKZ{Lif^2PT1FPWA(3Y%-|=P!BU?Almiv1IPLkP#2GW$4B}AH1%K%y@+LlM#
zF2TX@PXXAB>~AHuM&QtxbSpL6Xh{TGS5hTcJpdB@3rYbXfc<t&jjimkRoGm&BLF#a
z9Ln1ke-Wq7)QpF!yGF5<J26`5P_;=77E22?@3PZwNK9-2<kTyPZ(Ls7@S<i|%h^fm
z^k)gE807p5HsuS8EYC%3nC3dCt@O8j3$r^TxmnYkXZAM<1!h;Q=!;x`dpv0{+9$oF
zhn=3lL3LrQq2Mc581NFj%BYXQW3THt_iaILUhe%%Mi%(ruEyZI?*yei03c2-8`|hG
zZZzcUjdf>Eh?SPKdTWST_en1a6q2$=i#uZmNm;?o0*s(zD8$nO4;#<CI=HWp?{;RZ
zwF2UrUe&g~TTf*-ZA`_*s^yec2Cd)e_!4|i9t^&q|1z`(y(~uo@W(|bVwn|9Ns$9n
zPMQD~1@e4KrQ}w+{0os2tV!V=hBcx?8MLN_`;IU6MMLf04#dr5iva;Cw$|#8?2R@5
z{;rf)v*O^7B$DO9DvDf%>@k}h+plIuL@&Y!P9*YR>u0O#^84rnb6p$4CN78p4&T4<
ztBR{lbxu39eo4!_Uz?h)D~mtifrn}X>x|>BPg{mZ^RnR;Q*}DJmyD96kTilgZl+S~
zaw52RT=#$O__Z=#>9ukL!s&MF4e;iiAU?X%JCnG&;l=kf+@5z&DqH_$dL?YC>y$bZ
z{+erjJ=6D3)%g287=(C=vTu_`SNC0+?Sd=A{QpXG4s!vv{pqd^y;q_CdfFj^739-<
zmN4augYtJh;{r!jA}iuK%xP-H*o1-L=H^^#;hwFLU@M~;$cx7fsH0!i%L@@g+a>i0
zo5H+~nc2(p?IY<*QiDSf>(r0~8?C{u4mtT8b+0YAmAd+q`Gup4kNbvER43=5Kb0rz
z6W3R6O)z@iEx{juHHOCA!os1w6y>`4f<h*>zoDqo{W*ZBa^=0i*_6Zq!Z8`g9Qs3W
z__~mmGYBc7#H}Ua4IAi0{_Gf!>F)mJd1s{@tK5rd9rh>X8azn$B_8v^;dMUifeH3_
z3>~SB3=~ab8PeXRzRgFG&!jJ=o?4|>5b$NoFiiaHBcbPrQ`3&yXbjY#DVin({H7(v
zn%s~=t=aE-vGONT>UW3jvx{}nqtTLYz>S9arCspxgmE!llWzc_F#-q4<SpqJWtR&1
znJ__$N1=WqRagT{#wo$HuxE2<XjIj@=OUZEuS`f;`3ia4hvjKF$0dyvuI^kDh-3po
zabw*}mo41ZV>u>kOfr+0){sx|PmuoTyWGsh2l0aN5TJ$JjF<H!JVMU1gXrD@_!dWh
zp?K0`G7GvTw2I6`f}S06ki_Ln3fYno@naR%KVz@!$_n<iri|M?LLQ&8sEBK!H60fK
zSiN=$-VJe&C;Sc1_#y==7!E_e9)$IHx9a8_Yf<g5va`3ZorGtB%kFHoxM^+M;MqQn
zG3S6Os*635rnh|XZozoz+_}%0>C0-gzkgdf0}|(hr|G1F@RX&y8Bo0Mt-a<@sUMY^
zOR%aM<9rj)hl-e)IIuNOOV<c`x|;)%{j-BJl)}%E-fyBs{E~mz9kHQ8IA^mPdNut1
z1H4V;YfMN!-~YlWZ?;3RX77jFHmf%CUh4f$nzbR|j{nW$pw*G?&xyG$vVOxsEiZ80
zE$KXYTD9r_vGvYzfkoZ>Xs$_<jj1MElWX#1PPT0~Vd7-lwr$(CIoZZN&HH}u5BL7j
zr_QHy_Ssl?*0a{$r}5#d-MQvqZ55~*&VBlxy-dWLMbROQhqXZW>%5j)i%z$nv|7DV
zwWT$AzsY6<ZLP!IEvmaEO~3h=WLScYI?UyeJvQ^I+qRWj_r3CdGzwd4NKo2?3>dQ8
z&5rjVL^Vc%{oolnY0LA~DLapd04Up(z3V0~G%cT#?ByDljS4D*%p|JIyN-6kTZ90%
zk)X-T;)>l+*?DeXYvhf~;cNCW9&wLH7TFl-eY`lV=g;wIVcM^KkEW&;U3_%ETdm1$
z5B*8e&LT*4<!OGo{Mq@QJN0AtEAzhX<V6X}86OAwYhYR8`C2E_v2c0@60v~=&8H1d
z@3{j_I$4=%ABX%lwej`S7WQ5(JOT##F=9%l+4O21y8Y9*lVz=e*>WSWCkT1t0RbVr
z1<*3l)y5Vqn;FtHXbuO6KYvKh)IdlSX5!^y>uF*gy&PEMDiUPhZj~oI@+{>zCOnT7
zUg{rOVq4KAo;)OeFfi@@tY2?$cJmDWYWHV?|9wc7IJ3@{89nTEBOT;7NSpFAr*A5$
zI-MU<27ChP=KMfj<n!jeYBZ-$UQzSQ1DE&UkI*&32V3XT{FiXgfly|YVvtWBn*+2I
zSxn{8S79qAiyPh~nWEOIowZ3~qc5%L-W4&@&CIJHJJBk48uIT+*%1&vp1fD!m>%en
zDi#rO3TV&p=v?>P>?mTZHx968?%t&jAhd2Its9;74PZK<hRd`gjqmMfH&Yj{qG}X0
zB{^HSN};x&61iT#U>f;19)>bkyKF`o=4O~b=Dy|U*4XSr&7Z7w_LLF4JbjH{o2uw`
zbHjiuQ>So!#ZC{p$ax>uuvh?FOnjcROU7-u9PM}IZgDZY?=a${#T{O{1I4ngj$$J6
zKJXo1M~}IQu`tL}l5gtppLdFDv_{m3t|XU4EGsl1JC1@j8B`VA%bAF-uJX=3E3u$;
zPqB3-)gj<Iq*A}J4b{)OEyU&fgyqhQ>VA0po!ryQJ6)F3DjJ)oEHT0QZyROJd*~5}
z57HroL76>KFL|u=49jWst)~ey>1`E_hCz%JsUMOu*5{P-B#EG!=ZLA9AKLB7&;W{^
zs;K_WHXr#m`HkEAvL2-#a|J4ua8bRx``ij~&gtESOSr+IfnZIfi^tr?r4uVd$cH0Z
z+8J(4^u?wuY>qxQlGlk@0)tn={1=!4xzu;BD;U}izCYwxqVsU-6qSgQx)7c}y)EOw
zubqKFg$3=U{!I@X!0kreX?qr~y^=k}8nB*wUF@uR_f#py7GR$(R==O+3dVX-2L_Xf
zjA~2inbFj??`8Va3_D{)Ud-c6pRWY)(FLKEAa|?`cGrEwiC>?n{~VfVOvZS-{DV{d
za~JJi?5b(*88WW_?I*Owk)h~3Nx-eiCe#PGn_)n1#ObKR*pf0corZ&bYgHRMLWWua
zd5Wc(E&$OVGuT@kXV=b%9A2n^B+HAL^P=q#`y2aGnhK4Pi?lM;z0QVX!htL??E_7*
zAuI5dE1N-S${fVw8rgR1$nN=$N!+1Bay~$B)8Xi{0JnodqrdglWbKkBPPDnAdM_90
zxl0Q#ENjdib~v4sjQ}vwq<mUZ^O7X#4fwNjteXVpWLqT)LHKY_yN0D&vAqyp%;C*Y
ztNOQ@d6mtjeyy{|FnA`JR>nMIWg?+FoX=y#AYI7qRRH-Qvpa3{FRb1x*z&h~yP6|4
zP<^jLC>!r@Yx5fhUuzLM`>aE~E-++?>4gV`%gVg}qVR0E$%`F-Gz&}rMblh5wXypS
z)~k~yAfod^M6rSU7gpPT(tL9Sng(JMzXyn@50(Ll!v9G8_<zH3qEC%IU2l3Q2%IQ{
z_J|&(|88x}PUYFOa+XbI#rKsC-0IiU0LS^ML0_@C|96KG3%-|h)Oe4YZuUCNZvCxu
zK~dyPDhAt{K_@Zx$G*PPvQLjSpYKus+u|=WT!%yW>mrkm+MT8bjA&PVjYF3i2P-Yb
z;GUVaMUBCm5{E+va6%|`%CoK+CyW@q*{m7t!C!gj_&+~4vuF1+yoSVQ4d9A+3H-UZ
z&4}wT-bby7Y1t~9N)HA`q06an?z~YRH>#~T%qxjSoT)F{qSg^TdLFwKEJdcjCA93k
zAm7{@hSCv{tvZYi4nIejuBK#AnmKITU;hPlFEed<fY~%+U9`tHK5GS<OMYxR6kV~k
z1PQe(DTP*J_i{ErZghgK4_&w4$^FpfIX{lwW9miMoq#OkGa(W)b)fq}?|r)QpA2Ei
z_i!IN@pF1T?TgX-$=h+>)?mmHc*DcXfGNPn|1#}7f8P}jw5ly2_CwNZtmVJsiOSF8
z(a6Dn*r-#h_R0T>ZVK(D&Q+V-qR&DssU~e1m~WcAUp79a_nnz`CC3r|%wq73rR=tk
zMGAE6N=NYUCFht$9Sw(B$@EzoVa*dtv^~Bx^T*2L83C;qERJ|`ef#Nj*usTLwNW^m
zx#<KUBF|L4mW0COpYbU(X;U>(OX<Q6!ZWTBgJ(R7DpSU(Z?xxDAyC2ba%<OCZgs^g
z=wXZ8mc|2<I|ysQ08(k!7E3SF#?+=!D<bX`0SSVi!6qf04|J}s`3gR=<YWTVY}2;m
z4+E!UPGOIeX3&@IeUDFWY0R<L`U+b9Dy@h{BNjvff?B3R4tmbHbb#CZ3SYA@E!z@Y
z`%q)-M1SWp#Amiy`OLtTkR&McuzU&HD{VlW`P2$hC?&l5tH%Yt|58#$UF^2Ylav5@
zMCDS5B%ZL`a444_9O853L|*o2rH)(xf%V{<AChjF@c~5IS3u~AEmBo`JVc_zytI~E
zL13rk)?|c*Q4tE$>uVM`G8*{MGX~(W7=#?52ay?jg($s0XIK~BQR}q6EuWTZC<^H_
zK&=Rlh=qe#-;15)leMztMq5BFl*?aL!<s6BuEz4zCimmQs^0TZ2XuM3rLsrxkFrqj
z>xQx!0ODFXU!#!JyCMLC%sY;o9=xTHX1HrmmV5W-_pXm}(ckg!Df?wvRO^8#)+A#%
z2;_LBt(QjPnsth7Wqmj6uu2O9G3SE=#huv4ktfbuuv98WDgmtN&v`^or~-bhWn6t_
zF=!1)0)AmpkgLdKk_#ZGRPCtWX(l}sGEvOCS+*}Ui8$vWYNxiYL8p*zwr`7(7?BlD
zWKWg*UE0|~hDIrRv(yGxWP6%hXm8MJDP}ATB#)hK6q$mw6+7nwDo(v9JZGf?IS}f~
z|8#SjSYLrsm6r*liS9;vj0Rz%&eJCc5XjU4Q}~P-A9II}3aICtf;^MRwk44t3@!<L
z)R;<#1y})G!3^}})I&0^ZIRBCUEwZ2&wjU~qHvNym)+|mwZT_1RXLj-hcm&pl>oca
zPX~-TBE<713<y)>pV*|8aj^>Y(=a?92e{<<wUmg$b(l)(&vPm2-tm4d!ZA^LYW6j|
zkso6S`8G#*oEIYL5_xWmX^?-nY*2V=^yuW)R1c;Mejt8F*%J6^r2ALQCd0Zl^Ygju
zQ_V&)C1?YZZh1wn5HUbX!eAOhte)ZLDW2T=Gz8UuDYQf!COH1W*)6$ze^p7V<>RQp
z`15|OKz~4JwZ-gGgfymO5z6~G4-bXVS<mAI<XK5Q;DrA1j@xeAyvW6r@_HpkZoO(p
zR{uu}IWAnM?5R}Vs0?*aN^^Km1?@m>NAkAv=ShApDc&!K+4Z?d4O5*rT*^@%aswkd
zf2ZbV>%lKK-Ao~y=x<wNP=_c~M@q4$8Z*lCY{i()%7QM!@mt{Z_G!ou@-1lIPC(B)
z?B^U%GHhbxPV@HZ*!tL<yqCoFSiHqgk#^=%3pyN~hfsbC__ef0N6V%E0c_?LZmY#m
z`gszIfLQGB&wcr2_U6g?jwXR@2j-^ClF8W=$wSFmWy_w8_b(n1YOLRDcs+FzUrp5p
z+Hcjgid948&}hkcRYzR)BKA+&3a;xr>NS{!Gb!!oP0N6GED&jXoc9wwBz81gFV*TC
z?PF^?+F?qRX0rivHh0I<p;6=5p*<`VVx(R#ZGOn7!}sjDXpPP16&H`}pHEYIq-AHz
zzLQqKN7Rd6bo#Ktx{$G42kvEtdsTH&P+`8)ULz)<TC<Zn(CU05cq$~SQ>z^h49bdA
z>bM974M;pRoj5mCpEl680_8VvcT)oi2Jj;XWK0LtGY?8;#8JvaJXZh<s`hmgL*UQI
z$-rEN+;#s-f@SNXjP}@TQqgFe?UNy{0t}H5;Xe<{bm<J?Qdk<$u)zh@$u1m0`!{4X
zktt~LP)4)1`DA?ji<jB`MTeJ5#6}C^J+Ie!$6D`plXeTcFW_dezWt|(rt>CR7JM6U
z2Iu*N$B32pINRX2=<vro!ibA^Gpz%9uUA}<61#&dYi*gvTzy#J!NbusGQeePIPg8s
zske3AHSB-2KkrtjcdbOY*rV^g?!9VxNd1cgGXJ*i$b0ihUsw^$1%K!OWkqL=JG-5K
zLk8YlvOTy~ysg2CpC-+AVH@}Ra$jhFLtP}N;JFrc&H%^Jn4n}PtA#2Yy@mdSHN*0k
zpd{XmwWjz|3XeKe3uPVlINkz7dZS;8>Qk=%=Gjo!H@rRSA<1-UjZjcuTkaTCYoou(
zY8vEE_zmuqw#v8X^f%4cT8cj$uVq)z;fUT;hcsC}(m-jjPM0;!8=#Rauh+Yy&rgQ<
zeESN@*KO8ghI`B@FsZQebuCHIn9CxoGW(jQ+^sqB{rFDH@q1G(#qUvSCu3BSk|gfw
zVD2pgX;C7}3HkzFvTb-Kb~^Oh{4?$s&kOPTXB>Rpl2<+kqu@$(Vf~z!K3Y~4Z#(WA
z=Dk%dKIl?(v;9z4#y5C*I!Q5NdiN^$ylmrc(CCn1CknVr4a>0nZ0JjDH4Y)T*^(+T
z7Qmqy<z&$45uAl<Rl&;I)ZO!5xB)>*O#6}pnQo@;1)m1;_3+e-tE?9V_cV=wxQONh
zXZ4caEwB4NaDjc)L_3%jc3h~UHh2Q5YtIFr*D^j0*-m^O`oP+tI>k2CkT#x(*0V2l
zmVs#^=%aAeRg{}Yyq?>q!ipH`&z$V?{bTXy?CZ5V7c}G*&JtSGBW#M%__v?idYR$z
zHbfoo9PG4AbB}(KKQcGx?EJxsCM-92O>MvaRbjxy(Sor+$5lS3l+9MQxkYQ07%ezg
zerq7}H{GShH_myqptdOyJ))rMylA&wGk}((bS-h?Rl+~`x*%!PYfyU5gL<f~E}#jO
z?#vurKw~L4R|rVfRC##4FoR^IVU5&29E(^IP--Vbd7leGL%+@PULj`B47RU9kSAB3
zpHW7b^t6{Cvvv#gYknJVX;YFFhWsPTpmFCQ!xE1x&_VRjx_(WtlvSKX7;A#ITxspN
zDNIzhIn=I$tCJm;z0Ey}yt%9<rGIhq`rGH${dh1V&wC(zrwoqzFS39i{m_5r`QWo4
zXgbFkGYMzKwGB|!h10}J?T@v&S>t?R6PCdtGjG44JmD0O5wGmo9gys{&W9+M!N`1l
z_pBP7A_Q;KliQ9HmP6>4^wtzLZ$YtmHr)AQhkeU+@^Cgz*1RTtnnI<*G$@AS;_w_E
zXV5H#<&9W};2Z;9P^<%-28%uQUFNjrDAz)a?hbUS+5e<KDGGzDn=;+^NsHD{UGqCU
zMhWC0VzI9l-g}(b*$5N}=PziJV(0BJhL{=}aQjO9dt`KC8o)Dh=4khs^`U^CIkBBx
z$D5>7jk9#6SgEP2|1QEj@c%^A?E|s;p+1ff(x42|L3mxNo_9)be#3mZ*LkC8di{tV
z0r$%04;6OMk`m->%<(-P#k&ji7?T{fTzrjvgY1GEQpsiqMab>JNQO?|u-Rhe)T{@#
zfNgLq;X4p2nEN{TH(}dr=b27k?=iHymW6t!ddHoTE|XF_7;ItSP}Pjbmp>W4Y%1Au
zf6LfrYk9{q)R#J?ik`TX+IJ&HUPA@X2oa;rKBPn4JUgAy)LwZe2iay;X|ctBtdT-G
zX+g<MXZGch<VTm)Ir;HM07LYK4I~--kaF@$;`)O#DqR<}0Mc$0q3G9f);aTgfD+ZU
z-9w+Qw>W`xnf_ZdXZw`>dZ434<GZWV+ZKCNhJ@izj_~Ls-b)#CylTTiw9NweuN^mb
z#<wr-A-L>r55z`_B+)~vCV4lXxaw{#3%QQu;tcH0s#9$X_X3~UWi23A6>~lO^IBFL
zm(jDK39;h%f2xmFnl-LyhOr;D)XY>FT}{|qyr+=G6$T~7FsaxnGv&WcdHMx$yPFpV
ztSCs7v&IxVVOlzDoM7wr<5hHevW>S{C9+-wh|c}(MTgj?RT+2DeQh#XK8A$vl?ldu
z@`ojQEBb-ZfTU*<sBQT4lha`zogK>XaTY(za1wr~uW`I;G^Gn`;3mb6a`ot}DbnjM
zZ^tdXqb{@yZURAK;-O!%SO(ss@%b+rJSRTqnhTRQw#Mhl28&dpDx`wt3R5q}AmzUd
z1`Bpi0{cs+ukUo3wRZHYtpUcv3l|7Su2~n@cTT;`?@?ezBA}=is|{zW7^{=^O5{>0
z&QnRz5=z4moEv33{+LJXpugVkz|P#+(JW@>#Ahnh4|@j>3N%+iCft<ChLE*zoMZL8
zW^jkyWH>gkjjn>PtEi~LWXf_+2K~cJBiow5rDg;oI?BmUxlMC|8ZhOWs-lO(;!3?d
zX-hCZ!`4HGjOmPhw(KpW8*bMQW`;qMTJC1iBUZ!%n%LIq=zsyLy&`^YB2uZ;*pDZf
zLZctdP*a*KZ9TzTXt&*r@WT?7|1+`y7+xgU%-;G=CsMDtig;WnwUFr1m_{=xJE06Q
ztqg&wErJoXxhBgg#T4Vo6T@zf-xnB}r`;lsT@CWp7&NXh_p+bjJPPFipzl(&p?9D`
z+E{$;s?>hMD|!rh#Mx`@=@B_Tm^9k4(tl8}G&r0pwj1bpVik~xTMic&CDhOOS3BR%
z@*EdM=c=P@zeQCQkX>$+eu0B3-(Qn+73Zjdi;s)WuH{`5bq!@kLsI=AT=%9+2BY#e
z9r7YlEk2gIP=a(0#$(2(JVqCblyrsdmD+`L;MY9nO>AQPmQ;p@u7~eUf6MDi)lEb=
z<VU7+hrX^Si|ymHF|XM%_eoJP*1)OWS2}*@D=rC+3$Ys-8#j0hixKl2lveliZ!MVD
zX&HRy`X6dQ5cgWu4ns}O$LfUZ>F08B*rIa-zakSh+_S&N+DPlI0j4?Lv&$_3Glb@%
z^9k;x<2#MP`3`hF^9Ul{H)C{G>9|DK$5k%%u9lYI<Qm#lWW#>$sgRwZxmmaIY0ob1
zRCYv%Zx;eaut^QM7w0nHCdIrzzfHTPUx#YAdpPUb$3_+Y$b@sFuI6*NSPdp^y$HxK
zZJM~+C8<x}{u44NdDm@#_ER`an#8y(i48Sftn03an2AhaWnMt(yjg(lcTlCgN@^fS
zH}J|hMM7}mQ3GoWor&v5gHc%%>uQCTl_2ZruvT)XtLFu!DDFnQ{57%De5&I5MN>{3
zscp^2QfHQG&n=sEYJiZ(E!x5mfDbX$MGT7IGA*sy`9;j(;HwdX|I8@6Zy00C<541=
z$}fDXWhTX_^|X3x!_ux6!i*)@@3XgyU!$OQp6O<e>pB7jEu?e>OB2hhD6BiwmK*mq
z!|QKL&E#K!_qp1)iGC(eu*szEXv~g@QP2A+;aB)H=l`h%5E%eHfNOS#r;>Vb2dCey
zFuD)49etmw`Nig_Lm4!04c3f2`fedPayMCZa$-5Z4Q|qBY?_!TC8h4vL0(;SX`Hdw
z={3qRK-ekSp0iWRx;dQch{s!JwHbp<7M)N=>bkUi?aXD&Q&un^p;HeOCV+ha&mLyd
zl#?ZYmid*UC2hYs*f1_LTWI~kM(P+)U9$-$Yh)0hJdDG(bqNY}X0XG3Gw=Qm-+z|?
zKhZZVy)D@BKGhX<T^Q9O*Qo|hk9jZ^Gi)h_e>*3PrCmPEUG=T=>d%+Nb1LF@bZGy*
z63XZC^y~FP=WmStwjeHV>(;M(RSHSB2+SQ1s&F0k4GffyV1zGb;9Q?^l4^?m9v4JW
zilD<ACLctYmAxqco}}HwR^Ioqp1de{7y3cyy;X;3D+Z_$SJYH}nH$w^BfKTRU*jPM
zn5%?zz%l;OWs0&*2%Bp;UG(~!Z4!{M%*ocfAIWSj3p%J8?;4U+6P%0*Cl*5JQs~@~
zR{RQ{!7NOxi|-3|c270f){tC(mhz4EUa|VD9Il1CVqRIn9YPPoAQ}Tf$T%`e@rS-W
z?Hu&ADywDZR2E7S;hwCmC}dv5eDv$ZV1EkdU$x}7&Hc_Teem@67ccIS&zxQYd*<dU
zKf&elA>LS>vF&-GBRkowWHN0P;M6l{es9x$&2Wz0!Q;UzcIB7?a!&E>@q;Pl`kuu}
z@y_q7&#MRvVHQ$0z~C^Y0aC8FGRbO!h;=^PLz%X`34d_|a%OEQE3>Y{bELKCmRhW}
z4sD_3v{23%L;r>rpADiT1^hPrERF<i*7Zo%IMp{;UxN1ROC@O_mZo$^y@*+Tqe|V=
z=!x4+D{E=8^2ju;Kib4N)|7P6&^uGod-*dy`5cI&lr=LDoCqT5@BGlZqZu-$9h+o6
z-C(P{+<4|OTpJI6etvbefPL&(UP-adP-;(rJV+Wie#Z^&e($sBX4z8c@d5=1#y29n
znOr2j2S8ksj0GGyDOMCCaIYg*T&auv(P&w^qF`Y&Y;3Z0ndXV_(vGwcrH?bWwulz`
z*jrGYik)kJ>k(Pn61d(w@SREbqk)do{#@gK)gim`jE!LJ7VcB1YfHM*m3j?0u99vd
z@D_izhK_a8pnJbQHbNx$H0MwM@RUIJ`~a}2Vq`#guLprPeJ0+6W|6y{Co=m0U#$?>
z?9Y%KI-sl@0;T*Y9-K_izDv-4hI6$l{7NW6X%4m#u6A;onY&-(*#mqjZ1HumGJTI3
zM49&I*umjK^2BnV(d@lO7W^a3>h%~J2=CLwSH8!k`Vkz5bI%fggq35^M2_2<+=8zf
z^;JOd_5paXh)7veLS4{*LQ2d(etSMN7AG)2ugNZy7Vpr;SWY^Zhix`pl^34N{~eL9
zf4bPPc!?soyot+0LSwKI7mDH__dMLhbO~EeSWZlGR~mK@$8u`_%et!r>|%hg;c`=f
zPhWXw#aD^0sWIHcB{kzMI~@2y^fu4VdC(oVOtAV62$gZ(Os&MDExjL7c1Ku6Tc3=%
z*UYoAFK_hUm<r?Wg0Qv`=(ikB8Ay(&F57jk<%Y_K-A0vpnnyD2MlGv&;9%qtsSm2S
zarBPhiJAVb8uXw=lzzlziEYB5&&O-8_)k@WAvf?IaIt>~Z};>*eCi>v=jHM+(B+jp
z@Tb<*z~|S8xi5@6<$87}o2LkZ<;`X^wy3;g3A|qT^}R)*39JqNNP3F@p4Z)tFYxL~
z_a%(JjT3v>=F-MJ{R>~_2^nKen`1fdwtV6Wuf;D9)QWuC%@+fx8xkJu=#Zc19#usx
z@hHZvN!9v-ge%mG0XrRbVvG?3It&bN0ccDMixX`(dXr(VRimH-2jx}w<#;=uoR9#s
zZ8fR?L}hG^3G8~XvrZm$@dfS46=EX9WnY&)1$Y9K>dP>IWQ$5Sk5)G7ESqlZkygJL
z4f7ozxV=dmeb*(?$dFw2F<HHJG9w(z)m#$o>G6G*w?!Kzzc$5$3JI%)ggskxDkd1~
z#jlD8AXK?{<dg*+>HcYOlWx^{a~qUJ$WvE3sKOsN5o*a#Hq6ge7hyb2&=wH@O)J;{
z1eP#j0RUm&{bxRHXP!|U*}27cT9{I@z2Ex-Io8I_wikfW1zU%1?O%P9#V<`{VaSp6
z8~&Z3>{mU_7$ery(9A`0+AX&cU>Y3Oy$oem>^%MO3z4z#q{O<H&E+K%E@1$8FK?Xn
z3AW3x8dSo~+ovzxLRZ_w!Jf0%Dt%WRS^i&E>Xl??5aSKwPD;xS4(?bNvlVf)5iQ+V
z6kC95z}SyC1zALdwFlopE|oPSPJOwOSCPL@VJY!0Av#I!M~)e>z9SL#<@XPaQcTfY
zW6dUe+XhQOXWhd|k1pYt(tm|sx;hJ`qGH82y5)RdNk!>Uy0DW6&LGK>))Zpu7q^EC
zkjzfBrd6Gv*uwL{9Wr&Q)c!yzYEwu$$4wYNu|mNwNbc{SD{gWlA9dGl1O@w$QZmlI
z3sKLDb+$;~JqB1|3jB$R{>XfE4;DhLN}(&V6j2mCmbx?ehPH&LJmXUbmn0*!pwnDW
zS7QB!L7n$sGEjM5BYsq79yw(#b#D(S_Ax+fWnpa@$Ld~Clsx+knBSpY`kFLsn|uBD
zaTkaFp;0eY(o^8O;4i<?FSfX*K)b%-q^u?ytyButZUK~F(*4q9*7mgvD0o2O**b~d
zpCEaGgQozq4lL_jr0p1y4-JDMX=9TL7Z4L$;m5S(mvt`tGOp99!w~sUh{}4{=U92#
zdO)RwTeQaIpqB5)v{Ah5#V3P)Pc2cEhrTUa1_W^iKc^qNEg47+BWpSXNV|nkuS+P`
z=AbA>-715Vm(y6-KUWqwkw0rue^mv&pEtuJfBVh$9SHFwS6L|i8ikfAS{#|EkEC|F
z5Nn+7OePL81SiDHb6jU~nXGBul_rkvLw_fVk+IioH_Q0>WZfG-c|v{fyPc7=@*E5Y
zPC#^=L#L6!aRcQ)<~c5Eg|@+ncF||d+n^`aUssDZHr6@w$~457H!-=Xo7z{X>`nIm
z#`%l)3yzOgs}?#jnO^YEKfKn@kuxX)f0%y&Qf~`XIkXLZU-bw_PRl#1&=FpC*bZG|
z+gfY(3EscfY*4nfRO1g83zRng;%wfLpP81I&z#^pgUwuYHe^xHMKLb^m98JD*_FN}
zR%GIb_VMB05gTpKd{YcbWN%SYBPFJxn&>0~a5JRXLjI*g<W-HudPm4>!s?wmnu6l?
z{ZJisfU92G?RAv&zcaHN+hNp*5p$dvzeNs^eHtvuhQg(6C-Lv?)u3{VC;L_Lso?XU
zZ~Ec>y<e$esiY5h6}|PP*dsvWg-WOXDe{jGMYgrYtJ1et+8QBYA22rV!<Q&x$M7|j
zCadvzF5J-Umrn>beRrFNf@b5#L|465t?CgST>>MV3%rM5nCibeA3a(zAl2hkg6x!9
z%I2b6UHc6@`|VEddRV-@NaQ+jnOl;?Yc4@kJHQ=H;7pZcmo!dpQDb=89X)>ZLS9`y
z^i>GwIK?>{v&_#d?I-!1Ol&sI=ojlk>m(hLJV^9LUmf|?S&Uuzl^Kk*;o^fUS?yt>
zOIz~!fzJS0Lsg{YUtCtVJ0_krj3cF916}~T?`ry$YDSK{Uam1G3cbj3b|QHHy9cfG
z&#tGmy+t%xs|gbF_W0n0c%}{>>^*!gMAm>>_v$JT_&K1WfF$n|0CgNppug>#n<~X%
z<WQ)M#v0Hb6hV!Zm?kTw<WOeqnja#^W&M0q2WVupFqn{d?G{mLHJvF*xnQH@s4Voh
zEreSW?Q+%avE;q8Vp+ar&@u|KsXq+nkJhP{u&iq9rFfQWxMgZ%Ym7J)KuWFSuHG?O
zieJH~Vh%Cml(aFp)&No}>1QrJd!FfXk%w9oI>HAXu048xG@W$2!-KQ2RQfvL^?rUR
znQ0lJ<e&`X(tfhUVvVIH7nGUb+<hY~AD=0$3eFcws@)yHWf`l|U>41!yq-626SbTG
zGIzj-u@q*c=S(={Uf<4cyn5*u?oy{~|A$ro;?VA#QUB&{ntc0&B^4xFo9I#!f4Av&
z>fO=u9uBTH=li-`uvnWK&7*c))SfU^W!)B^V21dr87?z#m%cc|)}dPqxQHMBfCh%O
zWx7%L_mHGE4RvMByt1~HVoGF2wdIgN)>9MTdQa8rd~Xb9<G6ay9fH$~qIB<-T-8#g
zv3i%Lc(wsN*iqU?wVt9H`01(4J@rZ1=(@Ucd&%7A*0hib6dPygSrrSlewrHKGgC&@
zMkc_SK3QjMfu4*EYc&P;v9f%OYU_95Ay>SbX4=PyjhGQiA4ov2Hy03jMtHA+{XDAG
zMAfUDx?S2qoks=gq0qbSMa7WkCj&d9K&MNE{H4K`m4K##*e{C#cJ7ew-%9m8PC4z!
zz^ur}@Aw5F))Y5dVwo@#F=)u$mpSt7+EE}YFs+enShsrxmT6G6jA{E+o#mSeThk}S
zabAzZ;towReZNJx-SJj1ESto~0#tnC7x^9ljxC#hE_eP3(+u$26sH^ec3ZG^XHN$(
zs6!i-0iNMZ`sumeGQy`F+$jZ7+rrNBjU@;(t#v2A7@xb3imV59PxlRGDd6fkFtRV@
zT1+^TQgDi%2r-vX>2qhOM@-fMD~hz;{ckziVc<sC%E`If-|flrGwx%A`2TM3J}f$M
zQBN~bu2_G0?82dvV0x<FAwf4MwftSTfjXrULqn0WeDPWrmS{=_@9matjE;srw*wBJ
zNER?~g__g+fkghm5tEV%{K*On>a+6&tKCsR5lfGgw2Q{>`Gg)i+_?rKT8W2O95a2Q
zF?=@=sZ<@vBZGig@6nioYii+?VeNmQWmy4yEgBcK$u*9oHWimQb&O6CP11-tcrI8N
z^n67cIOXCn`_htLNVRGltE*KsDi)YNp@%4V08nG`O6~I`m9A?FOYtLO$l!=8VE3hH
zNWQES-0>Lt6k@@DUn!S|^*SQCK2sIETdpsP+;#&Rl1&j;U0z)<Qf&?YS%Y6%YbY;)
z$ht1hG%G@tUcZCb9o4`E!d{sd+1)^7WJK_&#N4VL(32!lJ<@-J`doQ#<$G+e;+cR=
zW>jOK#Tce8G1S^4tXCP8{HoLJ&cU&uo!xLo921QKI8eS1GCqLRt;_AM6>Ds`z?`yq
z0<j8X8n#&FIcHZkfXngIqdgv4+uzN{1HHs{n?vuFh4lc;O+UB+4CM|C$dwavRaO^g
z@r;-w@?hJWmX4`MaYpIR+EJ0W(?`Ym?w*LBIvbk))ZKo2cfaP*F&!7IQwH5H6CSb&
z@-0LWSdqz4&Q%ARqv5-AGKIv&{g8<9{??`+#{i*Gxl536i!H(J<ys1_jH~pviHs-=
zQ7^*>K?uOh^=On2ep_fU@*hh1^WRDT&&3D!8?po%LH_nHYsEl}{ec$#4OR&2FG8cJ
zGY;?uk?;Qn5u~Ki+dy)wk_ZTb1pJUGDUpHXEXjW^mP`Tc+#T@|Lrdg_RjVT$mM4!6
zvx&OXy>q+WQT=Bc2|uQh4uvg`4f{{a1Y>s1>??Zdj}+<DseiCjU0HVOglhx4@mtxK
zzFffq=ExRDo0^nmpU1D#Ogapq#?_XT=;NO5T@C+r!rnwiOq5G`EN&t!dvc^~Qm`Ka
z1&r;#?l6$IoG&8{-I*rO!kKHThFL5HUF!LaDc-2G*Rwv6>oA*GpEF3J*cN(XnJ7Ha
zitJj9>ojH>AS5E5j36ayl(uDoR6K2SOgAlEb_~;yr2OJN;1D0vV3$Q+d_)6JKGbqc
z^dqunC<6Ly;HihVg8<dP5h-vs6ZQa7zpuwo(U~Q%B4aILJevC?G~o*Cf`?}8SG{Qa
zDG99uJ2-!ij4Ld$YPBw0#GRD2VlFZx_j?QYz*~(Z(P4HGPf}etU!|4SXwvC`8O7Qz
z)G?J4r&(dCrGfFS+dN;?Zw?r|()=eW`r%Rmvy(W*<r0coA7^FOI#Ielcc)7+u^?cT
z{v{iGwpW^c9wo$0gNJp-0$`QKjxzH%Q+8W-19II}8)&d0{{Y0s?F7AX{IomS9V@l1
z(8`Y#!|s-j`0jU_Y(|*jR!2M=!u`&Ei)>Iu`gK$)p+p8v`*<-5>{73s=)D>#3S{GN
zC1bZNX&@uC-?CFmDBY_=`!oG(S1c2AzOS9@Wxz6Or}~qE{i)P@wSzB|PJI?lOd}-y
z2<ip=GHQMq0xnzUzxI6SeM;@h2-Lo_i8?S@s;=>Th}`&2NGaBrX-s5&?b{*cG)#Tg
zYI_V1Uv>8<u2qH%*alQ%uCLk~)_*cnj@%RE_rYc~M~2d!!i!Q56h_=j!w@@_8+<Cb
zPrFw%ovJw<Y28mAC2#!pbA@i-zImhIBh*gq%Yp8N@>Z}^(*Qe){0Ki(CctUg_gE9%
z$4cB13LXkPz}&9z%KOM}i_@IPvEhF=>>yM}L7oFHI3K7jH9@m?RDEO|vxZT#lV$GA
zwH7i)_24M8r!D4JiBCg&;<V-wpKvh$KNWs?LH+d#pyZVQ+oWTwyfOZNOge-1Cb@#7
z1q(=ig>ejzFzEDP)0$+_OxSbVH@$5sERb8F3H&6g;sIzZ2C2~YN`89g|LP~8)4h}Z
zy?Rajpv#w(L0>1t$vB2WxBOs540VY5AFJ1Vi=@SC>?v0W1=WTK?zmam7w@*Lta7WC
z#vU<XPmo{tglJ%0HcXGko1bl31dT-o`ZHC^vhEtvvhFfN`WxDi4Es3sA+8C8<>i4I
zq%BdV4<7A-CF$Ov+RYiA6_P`R+mu4e5Y5_-@zULW@jmubwjKkBWs5lFOHssVi!s8I
z`AWV(@G;QP2U~4wubpCe$*DBvR5=|lM$0klLOmplTja7F&IKd7eg?AH87~045s;YV
zy1UWt7k528xTMzmqOQ59_gQCS844Akh%gaQYgCyk68p>Y4A!@Z85e(yc`~fErKTQF
zFb+|Ne%L*+@Q<i1;2-A~q*a;DLoZTu^;a$UtVXcZzt)Fp{*9uR^HY(;V8%}7p%nB4
zA7;;uzaaE#``x!z5ONLn`o^a^ibW&7q2eW985{XmA=~@pWukHAU|X<!!*5sC4N+~n
z<oKw{^38bxRCC_0P6Q>M)$u1mAY@lsFQn~-fs`w9f>M4#z3%f><zIa-C@4NWp@1Jr
z+Ppn<IN*<|*Nq96hUCu0U=P$)><2JK-8lhU9Kdh(QGFEp<9{jl|8+4~?F|@o&;J^9
z+>L)u_W#HD{~w;<f4}%)EjDy0EeJRfn187?-Q0%%R<q!Km~SDhsQ={>fr}KNo`Cq}
zKX(enLjttU|G0!Qu7R=`ypKU4e6YqqKmSn<A3g#I?EiJ}e{TIhT**I&_0Nt2{KS8Z
zEV*7SIj|!{@4-z%9N3)ZhefJcAannA#i!=LiN!_s>#F~Mb*<Ng1N~&%8G3!-dTJo`
z=m@9IRY;pBd?;TfU*kSWE~V$kfB2x>^ADb<@t1UQ8s38fH7;;KJ>UDB#20o>(1xi@
zoiwITYgky!PVgDeqYssX4%&~*Ko!VT34ISOQ3KNU)gd?fZW@W#*1(+8x-}oKS(lSR
zuSz@jBj-NZD_lm<Bg-C_mxSo%Y~iS3?pFXJBIycQC8G&wSam#h2)0)4u)W;oL~!r~
z_pNBB7?J7Mqu<V&&adDCM{Wn|Ec}&AnfM34|K};Xu5vohrH5}TDQXv?dX@OtjPVsx
zY%x*MgMnV}iBIoby;(VyLL#A%B9CWdy3x@nm!Cg5IcA03l?@C0@)?wh0ob;^gfQ!x
z>#|ootNTe-@r~PlTUhP1d3+168%FCBuLS4S0rny&5kp=~ai&$>!+Wn6R7<aCuCyFQ
z!8t+bP<*&gmkavINMXEJ#d2v8NEr}3+O8<pfIo+n0>7Q5Twi=ASV>m1X>f;0CrHzI
zo>9jAk@ySWlx_Tb!OUe!ytAq6JH=bfQQ_zTArYuE*2f~*tY|+zR-`<3^Z>7R3SZVB
z?hoBk*g@m<@}OCd;5BmU#!R$;&DeAGgHetKQY{)($xwujg{`k|jKj{YT^qbt_HMC0
zmOJeJenShkHI6t7{l9{T7rX}E?%(m^yT1MC#Q(<W%OCzaH-b9n6#h2HRlIasrQeUF
zk0;u_d;G9pN-tOcx*(*<^TChP`KF_kGosi6L#hrRS76`Z6S<^zEX2ppQDVYT3)^*@
zwo0ACx9I4z-f+zr*RfIDw`T<20M*<qU9<6u`PLD(@_4udQXms?hTo(hS+)9v4hIxI
z?~<o@^;PW<hCPKV2>e1Z`B2^MY4$lsoPqb(s01h0P_s&eoAob6Gk<|S49+iiY4;rH
z{U4q8=mU-{UE;cLq&Tj9?>OjW=;06WO@%;{#TJr7yNV?rWh$l7JS{3rpG#jubXpvB
zqFzatUU{QgIjOv>HEl_mGjc8dI?~IWE{i6~0EreEvkA}8nR;+PU=tgI!JxBof9yXt
z>anqLocuTa`EB&Jt$o3erJC&+{(UJaTw43wLDxNvEOqIU(WRMEwa%3dld2?b*;4$=
z1MAck6h(0?41~|wu7eoqo*Q^hU;r!Roq@bqg_e0P%BOY$s{CFdo1*;qwIt&o?|*-F
zgj=u?LpT!-=+$Q`H8JVW%338M9cvhWMG<(JRh+|KOpO<l)}?ehS?u%B{&I+}_O^+k
z&Gq~Hq^9D+97%$=Q6ymxcv}i5n>cB-R@>qaQj`~{M*TuIyPJY*yw|_nbFVDM&vt&m
zp^&p`CwLR|WDS*AMT+}3Toyu+gy~eI*iFJG<1ayP^3U>L8kI~Q!%#u3K3X?O<&c>Y
z#wRO54-(q0Rr*^_XO}G~V%Jz0x(c_aQC#F0Ovv*aY1Jc<Dklw}{CdgufgR;j<Ddb=
zGh(Mgo)Fpb61{JqSzht{cj35nw-|k@gYY3+c(_lS+2v3~^^iX6qPZW_l)gDx#C>Ow
zCVa4KQk~EeJj56^iw(b^(Oe9)jn}evSr9q$>GFCz9otqY5TRS@@3Q?jP!COfY-8A^
zblc>UZo5$>b+{l}s~fQ2%qHktPRW>Hzc<wcr*9%M3y^$T2){)AnDm3Z=(t}WT}Lf&
zb-$*oeR?9O`+Hop`xMpVVqir~=+P3G)6^%`{--nf`zD^+o=wPk*7q-mWClz{6s*fV
zFkNe(VHDkw(051rhN;>)Vx=zg%tm=M0$U0NM1-Yyc31@)0gL(4xKG{5nCIadEA=%2
z2BJ-{Bo+lZ90dk~r*o43joVICuK`9VXQ}%xr+_`y9x<)G99QI|186+33dgKUUGf3Z
zW<dLtf4)gCn5v|ZIoW-+eoBwDA{S)?lz=8R-CJ^bd;jcY*$=F%0<FqK{tMC#3jvj~
zUboL;^*cn|oLea$bHeh5JBWg)ITk8%cac4*fDP9QDF46@8nQ}NIVv;?P0b<dvd-lY
zTBR{1^&THFqDn}gcJCjQ$Uq;%ASzW#Pq=N9U!p@2M=`!e_xmrWX}g>_xz9+hUQB-P
z7xLfP*$M~&KGY%egd$*bue)o9%@hPtr0Ana)nn!?5;zp!b_xM3LKTU;I0P8~xlY4M
z<r1FP+d4Q5+(j03m*!97%vyO-M@yc1jBWKV5DnjfA>a!6sRO^h$rt%uCKJ6_jnC5E
z^LVz0(mNAwJ;)rmtyg&lAgzJ{0x5%(Mg|GSZ>?Xq^ho!L=3YJS)Kt-D)}wRu=xFqc
zOw<So_B%6Uk}6Ng5BQV+GjT%8X11(O!jCF&M+B*hW&x_0tjHl7TU-9+9;qjwqSpov
z=p`TjKPg=QUSzY?kw2iIVBBf;?0P&fOJMcTTrxPfaOXm~^XC1ZE{tGF8cFXb$hyU`
z-X4!CLCJ%EHyT$(yG`I+(<X~!kUbT<+5A3BP^`UM^Zm<%qfM3g1RFH7*Cl)0Pu3G|
zx8TuLu;R2;rgr-O4jx6-weN-emSUs8`2B<ticP4#V?(*?{<-|6QH+E{g@HEwSXB7U
zVg(TB<$}ZPc(#t!GYhtI4!=zdKy$P<)1+D+@0|lvjrdLt2u#VZ8x6OAy#3l3BZk)a
zf&}CCF((}`a=Hp%4wLyRUIVN@XMlA|{T(h-=(k%N)P+a95!{-#PtXmS6S?e@$TdE=
zJbi;7ru%t0_B$q4QR#YIAI>If#BH=5SSXleWFPg55#(a^FNcv0Y-eUDD={LXmy<85
zF0PHY!In*u;wqVhy1zX~Q*80y8!n;i&$#-hGGJY{GSnYOz#DFZ34uktFc+OQ2c*r1
zV7qsTnD_0C0VGCL^s?aj;4XR5Dq>@z<@ZVfDM%#`PhhMsALkh6Z(tr-i2&;;LKSt>
z#Vzsa$5-M)S|kn7j64F!&K{|uo{pxep>=i@7H6m^B2bWD%_M6>>o5>tU6qJ%GyhWy
zPytTV_{_kRgcek5{pn1^`b5AM4kAt7oS}MW(G<igjR{fazFi^S`mELkL>e<bN>ld8
zz#0(c&1KPDK+y4!&-M>Ih?Xq}!rS;QS5Cgfv75c#L2f|!v<oR|+0N`-k_6VRt9bgA
z9nV+2%98o-u_hX%LkN9k_&eW6)5;3_*}IsQ+xdCKz$|^UXKn~WmLK>UM$O%^1MDp<
zn4T4x>(Y)S;mHwJjTzj;m>2e`X2!*RpIq!~rBB0xr-XFSC*dF5HE#zIG|4#doqlpX
zzsnH$>_dVO;Z7bu3jx}rstAk8y%wwDsTGl8)iWa%bb~Vo$oIW&EBBgQQ?p)`qJD$g
zg%Zb(P%H>jvi?e0)e=#!dRRhAwQ?H@%o8VR+?-TIAOwQNx@>#c0)dvaS`#(sWlfU3
zJ_D==FS(PY{><_75RLX&a9<S#H%jAu9J<EU>?T62rDyuWJbst^ksgLA)#B@=n^OCx
z*kN+upIA_iq}?R$pauBft*otg3%6(iqefeTTe}`@@ly1(<eM4hNvPY0#F)DWQeyt`
z+Y&$9UZ()L;O$RiCXZyXg(n+{tFu0*G?1qRp97B+uV{mS|5!u$Ac#-0vYtU1!PJRt
zhIm}ksd*3btQh7KZ}4&AUqfN85BeDeiwax)%F^b`VVgpOrUV-ef6-J$5%C;Fe4pGf
zIr&1FFcSGKF93V!WkEeRPVlgMu2co(_>U3z&^u3ply-W*er?7M<SR0-);iW!y42HW
zQ3gsf`-AGh#68F;(q~t?J$0u8ZXpABwEa{O`k74Zeett>%iUz|q&L0^`vU{z8{Psj
zFUmMg_mCv}1d`!3m2lZw4M1T<Vz52hkYkpbeAL%vi*M9IZQ;7sM5|U#rA%>}IRS28
zd@8l0v#o|qk0k{M!e$~Z8YKuVPa}BAV0VKnT!$e^-SQrPbG%kgFbTUrckzpt#x7GW
zYn@8zH;Zr7P%)4xYXNg+J!UmTfZ;pHG4d{fTR60c`aa1zZ=Y+d<V_Q=dY#f&UsUX)
zX3joy4g;;R!a<kO4d?BK1d0F+=?CF^%i=H0iUi)o@rYFG{X?6?5Hpw`L;6RgK21cX
zPV4XN>&Ndl6CE;uEv{fsO%pZpWMsV+DR|l{SG+jH4_Ykm^49}|j`75a3o0gQja(X)
z5FL>{SsCr8;^kNujZv@gPI>GOam@W8{r3=rVFx$qw3g1U8AvJe4v0^>Z@i7v=o)Ol
z82aKkuOz4$l4%lYFiMrEl~NFVheF4!tWj10Pm-8~6w<pN+#>(`1Sgda1*SP4r;Q-;
zaqD#DBKj7_9Fwni{wm<0S_Q+SHJ*!GoxnJI9;OhT0!K@Z0wgr?C`@OJ{2&xrSds>r
z3DqBgO-guXyqv-y)A4Fd5zr$kyO0qMJI)M=CpTbNd*#{dCT42XPP88es2g#17MI;=
zpZnaaEd<kJuCaO0R+;lG`Cz#2*Nr9)6(;5`lWBxVuoMQhQ3!g;TKMoBB#1I5N4izH
zAL32FMU_o`V`@aZM9#d<kquswqE7>GGFRnyu(k<iZkEW&-|K^DfJgESgYO&wpG420
zg%$uw3gDP1BVLE#Amkf6IF0XD+B}0wlw|Q-kt9Ri3>MgfB`p{#@`DM3f`ncDS&s0`
za%RzM&{tLQVXocq0d;|K%3L?uUQ7~ryVu^(saj%CFM}wAX0Wq~tXTusiLAgB1pCF9
zJbE(r6!d;_)EZDBNyUGfuczk#;S2uD)p>+YtMy$8>ao~;NdI?c1QD))#V>}8j0xT2
zCz4S&CeY8^pTbfkDbP*W92_**vvkWNU4Jw2Y#QcXyg)`mqGE3aQIf|9ln~aiggZn{
z{;^qf{hf_MBGj18ml1*S=MT(znKKm<p!6631`=gRqP5`q75!QMPR~>&Gf`QitMCth
zC_eAv&^ia;g$9S|iCIYkcbbGX&j^o7_WNz8X0gY9wZ4M<_&T^(Z51+VoI$_WLb8;b
zL6@2Nf^sWjzW}XC1il(8gorcfhb)-L%o_lb0lN0Besh6;M?g%y1aiE*cl{Y+W+vTe
zVV~S(`vsn?57DO>4$bI{oM++>@z+$@i4oCj{b_{DQi+X;gNh0fz7wz&=lM*m_|aP3
z$a_shGGVmjfFs|m8RMMC2iobkOC};n-@#`$KC+0RRrWRxua#w+G~~aUV4whUXcr&R
z^HL%xfE#I4R9LVyMF8xR4j-$2K!8n8BSpXH=fCl`kgssSx`D7dLbdbSq?QF%Pc{rz
ztyZ36Z4mPKOU^r6{Q>?(2kci-6<R{UObTtx%35X8MJpIbuc5vsFGdjI{wa=Tw?tpQ
zR905BQ%3I`ZC7}(EU&zPJ;<)`qd!SN$$DwT+E`|DYo*{Wk*BL};Cr1Q>&l6fI8`mg
zqbt|9hp*KRw`wf!8a;P{&r8Xw;8c8I#3+f^lNS4{=|2i#8%xzPoTsn3?QJ2?y_&-7
zpwS_E$!Z*y^aLo4%%vIO(<Kacs7AYnxNi?&*FC-9j`<k2c-f<N6Vi?1y{=sh<2VB|
zv<P4zI*jJex%;2B&vWv}CrNfvXq3j|l<dlDqsN}58F<}bBF0ms6$`x<pyA4~{WhJ5
zom$e8Il)uzjW2qtEQ0Bd)GRw>vyL|h+d~S(hX6@g<s^zv^+7?*;FT$=&o^z^#jG#k
zb8L?_=3Nx9%@Yix(Abs4V@>_T|JF#^LeEzxt}QzLs5dRM2X--4@B8A?9*f@5(MDOI
z_2n@1unSZwBEsmvegy4&Ka96()YT5%o)fpzoUY<5b!8ipPw!m2Yva7**MQD`Ys$J&
zsdtgg#nCMJGX9f^la>NUC$gZ>3~pCNLIU4<zw$G4O8S719}+5da7Kc01FHjb5-nP+
zlFhCnT|)6K-Z1Y#)WTbzHbG-pl73EeUqI$L2}DCo<<g1b+}!o)R*VIYL-e*d{;P*n
z`8kMlzmOk;>n;P`k=bHYl%O2jn+ZjE>2}c^Zd2h5I0K(8H=MDQ(B85=SmQ%>yiEP6
zzO~4=z?zB6n|I6owgJq4Ywp{z9P?1fFfD_5VW|eyAc=i!k&ygjDFgJo_XJ2k!e{$x
zHn89JE~hi+DZNgTLKOF7N#YI<nFMu@bLkGetEs_bMh7y47F%lrn89c<+Mj?h<5S9-
zNLkkpBP*h}_4Eh#2C?N6XCbIZMkf;rk&v{yjkBEM_S2hG$z|8xP06No-M3R2+m5#k
z!sOmN!n5?A(1%3rGY3qF&o@R(Z4D^9B}T8Gq1jVC!aD$Q?XfSoX|&{jH}0xs2l_0l
zqBJC`eZJk$AnjZ)@vG(>OBBb*>MV8L*%JbYy2OUN2$vcU*g<CcMQT_c=e4TbS7u#^
z1;Jb{ed!q!M_)Q7>aX`gKEGtsO=Fa#wZiiBfIoGFH^w9TtbAHLb+T}}kZrC$8Ba-_
zEN^?ZjT*6u8XDwO9=$&I3Ywd5c283z=FhX?&y#haYGyM+tJ-dv8J&G#RzU5P4C51g
z<yrLDrg^T$Bi>riEovjKSC39*@sAd#b!WDFI9vgLF*-^#-xiI|G#10d?F+laX_uMM
zof+=|;^wd99Onbe^Bw~aIy;|1LW5!U*KsTClj(toO7;2_6oeQG@&*9OU&)AL2hPQ}
z-(St){P)z}Ue}1;-0%FTIqSy_NONQ*M6$v|!SDy*91YM+9<OOh9yZk7@7pOFIRPyK
za}+@hv>&g!8aZW$1-tX=;&J<dv=iVjXI)>9yt0|7)!`ve13s5NXjqLnAT~yMAYT?l
zAC7U^CnrjZCY4E^H7^h1^V+Iv(-Wte*qqX0tUa+FiU(3p@DjDLeuBpb@fxyszb0vG
z$Vz@4qWazgT5Si{XlcfcDvDq|b=77(#O@JZ_8e~eFi->X;O>5P@Eq;dSO0x-VKK%v
z-ltju<YhrBCUv`KcS<glkRw!(eB$D#no^5TOY!>Zmr`5^r>yW8%;IHi1SZ($jpPb#
zTtM<bQ`W+#Ecgp5?CYu50@~NTr!4yQEK`CA4tczbs(KnJb<xEAB?@-9U3+Xq0t=U-
z6vnH-XhAsgSR2LYh#~XCai>tvw2^(Go*3vjeR7su@rK7SebjA)3(@FWuNT3z9!#j+
znI@vsyndg&zzycgLp?rcM&7R)F6!0Ds}=Q3W*h7eUVPDN<O?GD&C6q?{N->2P-<xJ
zjOCb5B!L`b5r20?Yz}v^VMprlMrgC9DJ+rZ)tF!%Qt3+m-aN?pw*G<piHf-|rBQfj
zJ+%NxA@*X*TT_1Jim5`w?7~dir>U(`X{;qhvNC3?V4wmIOLWd}yV%XiAmRG-(ms_V
z{j;}`jg4_&gGk2E9m1pEIxl9}|HIc?Mb*)C(V{?bLU4Bv?(Xgm!6CT22e%M{yL<59
z?(XjH?rhw-o$nuK+?O-XJM8XSUA1biIp?avsxs%kNw)8OsZe~p%Dvb4nLhFN@Qrh^
zhPMb}Zo6;uoegOtTgccathl=ye|%!s#<4%~h2(L5H`mE@zxQUT?g28ppfKJ*C2Za-
zKd0_tB0s<i=^{fQ>7~-)L>r)qhOL`?k&s${zrZOqm=m=Ajc<0A;8L^QZeBH@RK0;D
zs!*WJY5!EpvV400&p|LI98MIgiUm5_MMxiUZ_v&0?EQT?wX;#77Y4Z_(jJDO$_we%
zYn&)MSlb`i5sJJvAvANVm~H4kl8BNE-c**Lv6eDmR_k0Xqo{95@hzPozCW-;Ja|=|
zgv!?gyLKSzyN6V3a=rrGy^7;yaCZcPn!^W36s(wkz2ed1d}6-sV-gor!5(={&yc5Q
zWuJCQA8qt+|L~(p#qJHeqUaVDpL0ABm_Ff`7k>3hbq8DL!G!5GW>YpQC&rjW4LNC3
z3^VIh^uJM4^Ql^Xb;$lY#zAn`DsC;Eay0!0=fl5909+F&G$kaTnZFs59C|W>RAW|i
z+}^lEh;{}%RENZNe)sSCvCLTyRa0-;$TK3Xhce1U=qRcZnAN0N0DbTDuMu?yTlxyT
zyhS|>eB@i7e~VQm?2jUQEx084^TMeF^4Xztzh{A2c;aqzh}y!OQMG0XYYG#)Yh^r>
zlN2&1MTE)i)D+?Miqy7ynTOwc;~x5a&Q-MOO5UNCiz*j)<>WzgC4q8;>%)NacMw+F
zyhEg#=FRf^V)B!Rxj=oE^4O0(48jbQ&#9|Yv;qDhidULWbP2Rvj)(9w?&p$zv%1>z
z3eESFUm@Fvj)sIIqS~IXjh89r+p^vXz<@o+Y=o)v!cCs|@y_WOHoH>0e}U}DLOv^4
zL9;7p6cf!_chcFtf_N4_fp5J0#r$T>94^Y(M8auNa6FvovS?~g_U!f0^S~X><LIH*
z%MZ~a&eK7fC3gYRYW8ybhJSU)n=jyTv~>C1Z3g)wl{;yggp_?xyTHDr!vKz@1U*@R
zvWcDp4=6`UPfkioS#_rkT-yV9@^Q+>qn51-CccXq*o)D`ZV7f}Zc@qb@{A{nLHH6D
z-m14fF5c}uk>8BLSU>sbBI<lRvz_{~<w@%cJJAs%m``Lc*4!=}l!%^3x&HB7AIQAf
zb*vmSIZd~g;tXgg#->L`o~f$5B!*D`&XcXUoCre#6-b!Bf7xc8(*#srp<m5T!xgLS
z6xl)1l?UaW3|%jMR{Afem~|atd`&hS;QmHEXl)%QhDN}>G1nd6XQP$Jo-Ug$(ECk%
z8v^gRg`@>SD3u^XcxU8Ix*;LKpS|H}SGBYG<`jROTjQf_yFs|M5~P>ghe(Aps)Hst
zUn*Oy0s%_Qq9G?iwxqPY*C=_b#ASb(Hy#%0Z23s%0BKXj?9Sx5$7Cn8x#!J!`FUOE
z?3p26TyX$3#|=ssM2IPCF?wfMJxu3g!9hr#qqsTQ!WxC}-J;z%O*z-%OtYk`AA>2i
z_<Y)(6j>LCK3NL3n;zMPjH2XhgsrD4WX)5R4!qB4aL={vv6o|p=8%QT2pJw{3nfAV
z?Q>+m$Qo+%Lvw#04RMVL(dYt}s>cT4p^*DF_|}Iq_H8TA0ZK0AB=e3EYC;Uwj_Nzi
znGYRRw^gmGHQU?S?r9`tgam6ZG}6vbIAa_Ea@YdvLkwwO9QLC!IsaHaM)J6YtI}b3
zbc}qehF-GuPrZ0EqOVt$pTBAf=Q_dK#t*}KKv0fJbS>5f70?0n<ji#o$+7XN5O5fd
zygHP&KWmxi<Inl1#lI3&`Z-nTN5#3IuI~`I4b5dRVEy0O14hu0a4h5{<oqGf%;Hg$
za+-e6Id<0vA+IS2Q6}!}R~Ttt2@N`@qSv?nt^zX<fxbUi(QEjLZyU5M;_JwbV~)VA
zWBce)j7^9;RL86g`GnLrF22x<!llU9hVD-_n_N!GJy7o%-xGiDrS2B>u;tLkEuy8&
zyahw?l&}zF<iG`<%m|I8Ex85xk1{<XX?wkb9$_19dtO^B98m+ico*7GkHSJ%@P~Jj
zy{7&oQr?e_34Y=r^42<PDeNZ#1aylu9))Kr-E(med^~W~E>!lJXY5;gJpUOsz}|^X
z3H|(XP1X5Gx*gz~QqIw)R$<WtfrE*<bk4!QmPX5bWR+%}Jh<V&3Qm2>4O-`*gqD|x
zt<9S3q@}#Az~FNW>S2B}Zx=eKc#Fs)3@@Y=Wv)#X@Ze8Z+1RmlB_$kOh&8@5evXV!
zhxAq#J$F%ToG23ocxPeS?sGoiSZrVM`ffRifPBX>kO;x@e!WxxjZgSmRE}8TU<Kvj
zpjyY|ufu`v#6RUal9a3-SBd===<w+N$78;31xQ9NVptODaARpFlG-C!Z66i1)psQ}
zjDh|k&gs{kuI%H(zX@p;zd)nv(!zG1L;g{L1K-eJ<FS;RwN9L`_x9O>%s%6iY9HPa
zyX2u7+YC(~5Jx-P6_<M?HtMPDnCY2cy&aer2Ve%tp*OQJ9;Ok^4$)zVVE4=ELhUt(
zJ?9J6{Xl4w^G`B&J`PLpSYW76Ag6_)jl;VthR@VS(!L<iTl<RbuCzv`C##f>JxgD~
z`ext9<C}gkHLX3qTI%prTt8IycPa5E<tc<Z8ETZn456u?BigEE6A?I2+D<Y$oH20m
zQXm*#ny+>sD<)@s4}`Z;bsL`tl7@6XxG6caiMS98^sX&2Gx;Tv?QZ(E8x1nqO@*T#
zG{v3dzdORSqu%d#Iwm85(`(Os(Qgb5)VvhDA0o3G+rk~|R~Jw|IAL$s3KW6*gI2Ww
z{VT_DKDlKB5;t$1C1G&Fc_7yxj0vy;>dtB=NAJpI{rh)HHv&P?s%*|n!56`HvqlOm
z2K}AfMFAJS1~1h>GVnEZ22(Q^Fjn?=033%W9t0BZdgMkmX*7ItI7&^`<@{q`lmiFJ
zFKt<$OX5^+`}_N${+#;{Io;wkDJ0rMCl+uIw`l@}Q;w&T6?uFf&!0+u_8c91886yo
z_7$506=STrGraENMSxy}^d2KOaO~ZHKStVG^>_Adp3v^^%Pi>}p~gmjuhuVEccPrC
zS5#p64KdmleN!Sb3Z%rZZ^aYTE6%AYy-BKFAE!r?tUi6j`Au8r4eAvJ8a7|nuLaf{
zDvv>~WT7>@jqrNyIQjh&GT-2+wJ5-Xf3$M<xz~|B6P!_e8-i^K{bmZDc@QEr^@6Tn
zYK>7p@pVqwp`@bsP0wWJ=K=EuBBBX?qzSI<^@LyUF974d9=5U-!Ct&kDL4b55X>%}
zt#t7m;Rn&bvftp0dt{mwO4HVd%Uy@Y)as0BB2isQPh)U=SMt8}%`!jK>8)7m-gN)k
zafI-7E^F*p^fCL(smgr~CmD?Y<_2GE=%E7m_swN^x4nc~vZ9D~bNom*_<GmZn=bBm
z&n<i~<KDLPyiHbi@F7zX8aQ7<dMa{pnXoNwiif-oVNFi4N(9%0Z?0?Wi+UvXv#E}9
z7Kf~n;r3ZW2p?-Q8zC&;DqhkGh8x`;R*zzcZs4`<wBW&V-#6CWRWHXe4P+lZTH?8W
zaKU?i#MHd?j#{JF_K!?wUvnF%1oYVruF6B9N;WfMHGfW3TTu(k(P&X!={Bn85TB;|
zMoU?Xp%Id?3`a&?F||#a$RfZKc+}mU`DGrB?xhlsOHXq^JTt4)rzJ6P1|D-F?bk?s
z{tx-ijGb_8f#rticARA}T`c}T(l(!T1?QqqL!UuC^kl`QoSeTdom8Ah(ypPSF)X;h
z<?P>GDgqQFN7$uUq#zKC)p}awI?3W_JR<Vw-l$&=2o;D<GS=D!!9ev?^7p(+tbApB
zzoxjJlezm-#fsfbFt);;-uK<C-7|qC`4ELkALl~U_1@FCj+OX{&~(-GtPfCymX8sl
zlGv5dtpw{lqU~j72*6gh&eV_k2X-dIps{U}%m3=1FYuGnitRloKXWVQ#9eM<49W}F
zmNS#RfuoGgi5ZR={_{00xDnD53BisRF|bwG15eH@bjvN)ad6HNpU*Xk1iT}H5cg+M
zy7LUVLMG#WDpG@z?(q>%jzcV~<D3I2^wVzPS%><D`ZJHy1XjE+P2+L>X<lg6&O_sF
zMH@?iUxV%@`r8Ij3>CQ9k#<|DmmRtPYLpTLw3$UpEv!;)@p4vp7d5;wf(yZ^*?RRk
z9tO4XE3nBg4<FoZuON<&mF(qPK1$Nylp&?pHojI{%wdxTB_-|dSk-3TQn$Sn*#gw}
z>n__de7t#j4qxg+8QS9F1>+j7#`2nQxq+12+*b##@JLIlmGSK__v)-9JQ=CRdD#4Q
zWmd30FeFWx!Q*B{r43mLqFO_yDhcpdp;dOx@sMg2@Cgjp`k4X^OEz<O@+o8A0J51S
zH9;9AC}!!rn14+t@z@!9C5>m}*@=oe)c1@%y)%<PAk;qlIeb8BwA@5e0jGp}|LnQs
zt-sn>WR6^d6Tv~l6KT>4kc@;mjcZqR3WD+NJ#_6aG{+EC%CON&&1_OQjdA;2n+z`N
z@O3(GumS!zI;|yY_FGFlXj;_6Wy2-!SxNXJ?^^cA>Xcb0leTG}1*caOV##rjJpD@@
z#@eTLz7!O!@kkKaR4^ph@Mtzr;3)JM)vHvLZ-=iR1I!>G-{@j6*cK)MatAyXH~iCn
zrpAvb?I4u!`Jd(6b5~C8`}e1VxoWp2heKslFW%If1jCeXF5po6$;F&*_|(nX&`s1~
z_-rw7WIvhAy+4BsXb74v<NV0)M|qoY6YEq=RBK$8q={vd?9Bi4i->MU@fiU?j`97!
z#}AHZS1)6wVr0m_?m106NKV1$_b(KFHjv2uQdYiu<NK@9t1Ka=iHSXEZX$D?HD$~@
zF{%IkFCQS2IhGVgUBpTLUs%l6_>OM{dlm|W1_WcIMaB3IY|kn!O-z^1TxJHGaaTfu
zMbA&p$bqY2OEzww%~*j~3Hy^TF&?Mi+08xiYazT=S5LPuvH@neteB!+{CT)Pt-;eJ
z;8Oy5gOni7+3Le6@f$9no2V_~Ec@)RnXXvbEcyeBLmEV|)g8HOq||(0PP7rYA!=V&
zCk@A~{O9yG#qgc5Tt#H3rw#OgF0cQLTj`h7a}jSoJ%6u|&`E|1^^g@|(;+V?uD?tH
zwwB27x;W=yCx<PaQ;Ef5`H}v1PLz7E_*JC@vXM~tit0#E?6Dcm(T593_tN6T`Rj*D
z{G-CS<7*FNImgxUHiQ7bE?8Hwu)h2bukvnmdftPXFywiDC1;##MGE~33zx<>;r8LR
z7Jd^!u>uzg9=czkG}vnyS{&3Z=l)Y{$Tuw8%#wMLfd~=3R#r!P92B;k{}y0mV>*|{
z^QYwg<&59!c7tZ_bx(0p<dDVu(lWme27+TBy^xNQjqv`d!_VZqy*}7P7rnKdlB(u4
z4ZnTO^&IH1$6J)d7eZ(@R<?`xS6H6;1$5cOj^)R`(E{s}J0){4H^aMT5<}IV#eFrQ
zt`;D|P%&_&)~1wx)70&u>zQoqF^f1D7$>OXt^5hjpucPjkTcG5m32J7pdk<0N;Yg<
zWyY3I8OJ>1z{`CX82dHLM5{1sPqrHQ%RW?SYS2-2sELB(myS^o7?*+8BF(d&_IV0~
zoUO+@J{8W<@e0i|!L)36v~MKfE+H$bN(d^t=1Rzv6!zS-`#%3jmQxn8^l42!0*@o*
zlx-Ve%xn||#S^>7&K{3898{-7(JfDPlDBE+oH}ZDp;??t{%}+L5hue5(VU_`BKb^-
zhFO;QD<>d06q3nUjxG27%?~jikoAQHjjJm0!YM;*Eo#W#$lux;EJ6EG8BR8Cyja!|
zuZL13AKWUiT!laIunZ>V9(PGdl{;Z2;pFl5SFEBk>9<1jxiiKX^Cphga2t|mS$gam
zd0!ir&%ZbB&UA~|goy=)$_zId21!TEey;^iiW`#ta=3?vgE}Xhh0qf8`g`S@@+rXA
z^{W#w{#K<nvCUg>G~CELc&P+SA77v{+dFfU#OV(>0T)9g6jRege&1Nvsq51E)mkAm
zH5o>9Cja`~{+&xFXxhj+%GW&Exy?{`wj|C<AyMsSVxksIj!2-21d766I<{lNrPIKu
zcDba2^=iJG&MkZBK*g0_r9`y&9^=dn?_1d}wAG;U#jH^+88|u%^~jer@unfuh^WuI
z6*zDS$EDKT3H`ZeZG@Mfh#yS>>dLY<r&?qage1h6D4Sk<HzcgzepH>qND?pOsL@Os
z%k54d18jTqX2xdTpD$?k+2@rt)TmKz5oF$(Lw|*`YG$a6wbo_;*UIEd>1>jBx$h;Y
z{<X$izjoAME6DywsLpNn!e!kvMqtwJ^Y9lWm!{Dm>cI&%ivG#`S)ZJ_WVuG#e8$fE
zy?(WNsmrRCEY`nFEl`)Hz?8>i7vxkDaa1KV<9z*e(&fl<^P4_J&GG+u0ho0D0y_$+
zXrRYIryXf&_Izji0+*KVyqU1Ey3e4g@*AJ->aWw{t_xdYvZKv8oQRb2iD)NT@+c!z
zr_|dt)Ky~AH3HSNk&(fqs@HHEDUT52(CmC}=V_sPNyX~DJ4NZy%0VwpQg^`{=*l$=
z`A|@~!ocXqs)+<&>cD=#M_xAnK#9iga|gdHTuCM4?h}#<*Ej8G8WTF!3$G~mY-v&{
zUyA#*VFUh9$LNBbM5=4M`!9qzJ0ASJw0J>$X-CR>tF3V$U;1E=vL?SB<cn-BNQb&q
zMO)-eUZ)YD#?&ok2lY>rc5rD!`cqED_d$dBRd=J4OU*~S)YXoq#~;JS)(`-Dhw(+X
zf;menq+dN1^R}=Y9)CnPxJGAFU5&QlwmAJAWo^E6pZZ$1@5Q<3jK`VjCx9E5ES1{*
z?JGo@$hKaLs~5i_Oj8{+RvoQ2bJZ4diHe`8;{)U2lq)joek>TLs<e{-A*dba*zl_^
z-t$#WEvllhLNdIySXU1lf2+5tn8_|;@%9++Wgl1oBJ{3>Q6Jfmp46)e+i2EYkb2XZ
znQ2hxWRUK>M;$)DxgW~+u!W2F96aTws&1$cJ}&rc-YA*vg^3GRIcuDh1x82)Jxq;s
zq*vxWc=Y(8iGOrEk6EkS(F9f?onhVAeB9$5@TEhO#7nh^%D+#bbG&;B6pR?38DOp#
zv{O!$8xCiyme@OgJBatGffPAFIb5u7uNZu}W8oM}uQuG^b2UcCENfT4ebEfS^v{^V
z1u){{3xnkIaDt(){Pg8%sGC7;z>oaY2ad~wo6Nx$+cDbw;JJuw5A$6+V9N^(wM!SN
z+Dud|$Zl7fIH=pjZmFK0ne0~{86|13<-h|2Ak1jlGv@`&l%`TAf7tQv{_tapp_I+H
z-?XlCxIYA_-W(=8-$CQPQQ7n-jym+*ZiO-OFA7!HHw0^fUVIO0F;ivtjDsfi?BS;n
znfbiNxnFAM7q*#$eAcjMNv#O53MuDw<_@u7pGif2*NMJ^Z00)GyQ-m{_?YgfwMW4}
zQ4{&da0sv609R1AiiTa(nvh<+2iFr7ReKv5rGIre+zt3v_Q?}D-uDH*a?QJ$(`Q|u
zql8x$7B_8ZN74OC7Xq7u0*&tyE$UoOw2`g_!7DPM>R|X#8nHdpi%-CCJT{5JG(Of=
zC>41e){`UK#ZYm5-U9+`j|GmiAJR!RVmDOLQN5k)IrAKOD@0pzKd{}LX348C@Z;@S
zvQ3R){FrL`T@32A&GK0FP{zaeoD)64I$a+R6H~0XlaYaeKUvhGe&uV)6v#NsnEAM&
zw`eInaWwpcKNP5$^rx}0%B-XWeZKhkT++oPNRjI)-0+aDkIzf`+VycPO@>x&3AL#+
zw6oN|PTInF+TUaq9@@!3k@bjPfv(S{C3IY&$vnmPb(=ik$~&SOJJyB)W79uV6M)EG
zZL1edEaOp~+Ny4#Swvxe)Rj0AFy&nS#Q~J<%zyK@kA8LJ8+S}?&AEgu$1+ttu_8Ic
zgk!ZTRUb<EYp^jD>sON4t1=uUrXv^sxU+d@Y)1o{CrIYws6&t4@%}#QmzH)5Lh0e%
zSj<Wb+Pb+<rCr1cddt>QSPV}daFc#z2eAnSknOM1)}fQ8G37y5%ErnD0qqQfXmzqx
z$-nnNLDGbR*#2nZErmx9QD-a>n0V@UW*la^-;D>Lx~9b|n4dF?L4$+sr_W=}{TO`j
z7s*Gs+OU&ZY(H0vsF2SVy-c%Ro_RW!ofGZ^@pBqBhE&TqYfh#&0ar}kqIVN2IVv20
zc9~Mjb^n&;R&=~EICP4c@P<b>5bRwd8m*4@M((8-In4G=x1aP5uZeU#ZWH4a-7Kej
zCQ*HK1at~Inm4Wh#QN%=;8)Ex&rhjGIpF`0n#jDy?K)td^uZ!&TFswT6qgOd6bfr`
zv`r1gW&d9MHMb99JDF(n*n=nZs>(u|H;2+uhIHgp$)ERK@B^JduKR$R%T;Uc=Ku|9
zUk<3CLGmQQgkLqZUe@tS$#y2owbaEQ=CqY#O4l2s<%4V{rt!8)EXF3Q&z-jC;Cc~M
zO)P*|ghP;bFpT%}Us<s4OT>L>(dbpEJDKXle|b3!^<CwUeLPq;hxhl^-S_?Y%l}`>
z-0&2oSMq9#1(d&7QPHQ-6?p*T>pywmWp`F#E2?h}nI_1PKYn&NEP>*5%3bOD*)GZb
zq-y79uM1qMpn90r*I*{a<kx1;&~dV1(8tNbk`No4`+AzbZX?Ct7n^bOSGO~$0KxqI
zFNk3Q`#;D7Qq__#8tnV&QP0qebrM;mvX%xFXpIOecjJ+veBVanSSurEA_<cw5n3pd
z>#*atOc$WI8yA1;%L;g%Ok(=jW;fB?(QI=gn55v^8P8nt@<Qc%L&r;asM;<NOW13~
z;eOepuDiAvh*HxJ;3vRq#a48<1DwWozrJk!w2*ZDU1KHs4+2vk>YCDnSvDvB+5dKZ
zy`btrvo9a%Zf5lgU|4@fH}ja((_c{^z8i=ND68~1tlqGS>t3{#f0u`V;+|b+)?<g0
zHRD8;EXz)2!{^ox`pJ`Z&910aW>E173R`|+lHjAj`)b@5tc`#DY4@#h_jG@4gzI6G
zC6dO6KoEaoN3cY)8L&X+iSSnTISFfQ77n=XKIHHN-s@KO3O(^pI00K4fMr=DoDTqk
zLM7mtgjb(jcwGEv7>nf-BPx_p1x)o%*&>g^`btRTHAKQX1eaK2-X^@w1X2UthWIw#
zTo9wliz~<UPw?6vv;;O-6aKu}a$6n^4RQKYWG6Hlh<h#?sc9|eWGUWO(N?){Att%A
zY#>g)h7|`)l(YVzM`jWlUSAAxd~h`c%V<-Y&+v^?mB<{HiR|t<*u`4%UL&a@gKl9h
ze#ZyP|M`>o@VR=zsS{(d|Fh}Bqh<rqh)HkOE?u*6+N`xgYnhsu<j-B!uKeNTK4xX9
zGq;Ubr&d*;mjb{6L(Dqqs6b97@7S_rxA(47SpBj@J%&k}{$P4N*qU}4omKYNc0QFk
zUuZDIO~!^J&n32=x)%$pP-10r#uqZsI(37Alg?M$fPK3!5)ML^0|zHcoS}ux(gcs#
zLJoi1Klf{T#3vjRtom&GWq4WK$_<XxYU6mV*(RxvGjJ9cf1V77&JO!ZlUdXQzSKaD
zXB2_u=G>5_4hXLr6&Io5`v;G^0u9f*f(I$?P*LKKa|{7~?_gss=!9uUwm%8(c8Z&T
zD#dVLuHe52PX^-&dK@$Kz8f;J+DsjcqACLEs<5H;q^F;t8_X#il)-!lf@9vi!oaEE
z@Mz4G%6(<5U%A@2Y@><y4$uQxgclJ})5P}Eh%@&7Fv__B9xbhRt={KJe==RXJF@IX
z1Y8LL4=XdPAvze~vKePhuSsdQVgy(85r3?u9`h26Om58DNgs>*X0)nGZGKV}z$f60
z{qcGUsqp$Fak7~yxk7~Id0A1-=itM&3+;taO@D;xBDt{}P%R)uj!K#(XS?CxMiH+b
zS9pg{|KaVMJmcVidr6-*{40P)jfRMHU}C#uvSu~mtew;g414I&0*+M@GGC<xmXJBV
zNMQ8Rqpjjh=X&|^7GDCgM9K3RIrb6EI?AQOn&+;PEin;6GAB+-N$-JXIhkO!aP7)^
zSnkV%aDmD;s}0MIfkJNI%!1kb3HM`@R7|ni^+vP8x^>7ehepx&MOv-+3aE2%8M^OZ
zrT5#hPLxM`rGL0Ehjr?StqoRQ4;wodfAGY-+H>aJrS#2gQbNSMMSEets6ab1X6`KA
zOzTB(W;b=ACi!I!#Nkk!WfULGO+=btC-l8tpr9to9F5**P1jr>v+wB;OQlW@6vZzu
zJqnkaU#+d`Eu{mb>r-!1wg4@f<keh&bX3do2>X~Pe4Du#Z{A)~9mAQ=(y>S5=i`!E
ziK)20uYRccub!q1YDbZ0L)3?(K3W;0j;|-b2{0F|{Cp-b7b;gpR>Eczjw8RS`36U2
zjQwpTG*ZaOM>m`(UDa&J{i#)XxmOJmQm0Jc(Csb^;<f;hIh~La`goJXB7&>VX6>(a
z@?~0<HGsb3ANlD{ezbS|*7KAg#q#UcdElIE6+`?opjYsxVWUe?94i&o%M?Sl1tGn>
zxd#@NDRn$ST|aLCGXNq6ytyB1In%RH<Lv|vU`W83NJ;DNpjDZVPZz6>L*Mo=)N>kJ
zb_h_#ZxceuH+j>QFoXoM8TGqbZsN6CJTYeZ@dpdaJyRbRiG<5i##yN=nM(S}zx^9R
zQl8=Q0fro>tM5bvKJG}vr@@ki#cHS3=oCwSyo1w<?{dXy)se0hy=~LKpjiU-yQNmF
zrC$#U*gjjSuZ|N=k7+s}ZPP;<`6%O3d)+8|eGNceplb=CNUwwJr(pIgj;gCv)$}wF
z_{`mphsH=WCA4Dg%+mmq;O&Ow?AwT9D@A&P^_BbH7M>Psd{D<Z;&5l>Y`x$uV)4Lv
z@)W0dCoZLuIi|r95s5B1Cjv=Y#Xvy+@ZD9Na2aR+XULXa=<7MH=Uryp0oHF7&&vWe
zB}!D6OCw5o-HD%mc$(MOMSr~AK3^Vr@;&U}oo9U4;MgFux8FyLF7nt7|77#{mvBBt
z>_Q8KU->~YQ4L$AxJp}4HwP--lY-B#qwC}p8z;q#pG$0?7#bn&%_IMzmJg~p6J9My
zgfQPZ+#bmU<x1UQX~jCDrpo=E^gm#Oc+17$dt3Vf4-#c{1)qg!HKG|Iw>`w%5OfOe
z>GbUh+U199zVplqV@1gUFaCeX_aWRx)3kZNBK&*CkwCYl_-!y=5a*Llk3T$>bnJz6
zR2T7xWNC597G{1HvM0N!|0yJ(v>dR2ZfYU^1VH(%SppcZ^~Q@r(9NB7s*KUN`Dr#L
z$oB^#VGtFo<2wX|N#Y*Cb5fn_=<sWG8iqXsxf<r!Ed?!X`3;#i)X~GuyQpGqy8yO5
z##AAZ9P_gIZxSPt=~CPo{ma)3oMOT$7Zc!C`B+g1fY28Ea)x)z7-&GoZer5a)>%}Y
zupgnBF!RItJ8I=CZ^=_LMfyV=W$iR$*dd{8@NdQC)B;LALlmOI4&gkQKm0h|d!75v
zz=x4*dz~mbUn2yL>Cl0v7!li8>If<j6>fY`<;YM)<(~pe-dv}3bF&i^9;N!2=-P_y
zYo*rF!nYv4t40~~HYc<0@Co|U%Am29`Ld|)X=0v$hZ)#PfV#;r@a|^r^%c(G3R(xN
zZTeyXIMc$=4`ekEesICr==6~OHm%QgYIXMabS$Hd){7p_+|r6)7BBmYXR^^vEB!zk
zP_j)7pm9YWbkNclE|eE7xBcJ`p%g6atcfa6O~*SW-|Psv!^yGy>ZWpgH`=y<y&bhY
zdGW@cBYn_KF&wOoRxIBcI{9Ejb_0Uk!NAzt-xHN0#YJKoHj>uAW0{rFKX})mUAe1l
z<~4pu0FMQu(SU+aJ{bKwZPRbUVO(EtXGVH@kl_e0KH<7iJ>pTiE3cl5c=Fie=VP(=
zr1JDfIvFs}nPpnZ`az@zB;WpO%UKvhwe=7G@o9jv&4EUuC8jl7Y*plxY%1U4e>2@^
zaYk+>Y6+bjWn?uQAz?&nv;RdZ)R|qMnZ;UH`qq9kY$^7|s&gg^P@Wz^Lq)toUs|GD
zHh4dXWIcS%`QzWOp~FML*2Y^{-5ZxgB`rh9^h61kD7`;Jy4qE;Mb^=M8VM#xl{OvU
zWSQ~|j`s*9Gg@1CV>nALj8lgE9B%xV$Um;yar&z?3GXiY8vAkS>uD)p4eJOZ0-*TA
zW=KAvC}hBhm^r`f{Vc1S|J6|n?L1|200~~>c7l|=r)mKquEYfnR`VSq&_55bEs$(H
zuq~T+8H><?vnZ_rdzgR8pK~Stke>b!m;<@}14u~<%%J6wB(%e&*dzt%Cvm!kEX!28
z`jsnnuUIC^pIW<vOe2lWW7}RjZr9`8V}#W&vP05>frJ`6_6AFI4R`Do^6+`_m|$Bo
z8v*)&9f|on|N48EXR66!D{9HK&~VGdWNOZZuLeN#I~V*ezg5lpL5*=<RnYcs;pN-`
zU8BKhHf&DuHJ`}vn1CSTHFKGE*j`FYub1C(+2j;Y-_Mee=wf|}_?kD5;3b5o4pZre
z$E+rXYPs93+1K);9BMW5cUO=Wcm7({zh0p(&m-$%s4KXEB4)k&SDqwBeR;clLPY6<
zyXb5SpN!#O!|?DSv|oG*yTrHQQ<&yIiKp%zk&sfto7V$A0lKCU(_()7@&;QsUgtrH
zxb$?{f^Un)fjTsa$T)-pdnvhnP+r^HGx+@Ou9g}NJUC=O+TpJHRvWpAc+T&Z+Zt-Q
z->BXdc|A!=GJAQ2)1A{;dQuBO!Osj600d6!5?V>Gtg2R%o{^PJb@ALNEC^08_Y=L|
zoGB)9Lb|l`4(hvy0K8J&)l1b<(lY}_QSx)upla^58<2#)4{v0@y*^>=MUStc*X5r>
z2Z?4w<pQ7!g$oHuaSfaSLv^88Fv#wpyR%{^WHF0)qbz7wEz4u5%Y?-UqAPgW1QPwL
zTF&HfZp3#|_VaPu`!5Zc=L_A+qkInjcy47F;q`|zJU~qew3a1?|4m$aKQ=<dvi7>h
zymxl&@0A6g%b~ZoLq*Gc#bj*j_+4<rF6gXF)+~77FNq#Y;^H|02w0FU=<n~29FODX
zpukbm#UyV5J+}C#%A(v15WLPqg>iM^XrkKr?s;S*K6X+ce{G;rX@2v|26^C~lG8o@
z`M@9ET0tgcdv5Go?azqGl0gaxLOGk0PvTQJJT<j7!u)yi&D+Bd<s_^2gqMYd*V}<V
zL+&E?fA$jW|4i<zikrjS|EXxuR<jlMznK6jPbmQLb!DJ16R~-|^gG)w6`CMV%9rF~
zs1URq2vunTQ?Lai_;4^+uH5&SWM|xXksvb%`?jz$G7>AM+)q9&Ym;V;swHKEHr0kX
z?dtdEXnTS&xxyWfUUe5Kp2WP_&Zfx~8{7IqXxaWS5-gmRWQ(~!L4-*{uaCoG&u+dp
zp_-Gi&V|sVdB4=A_PNQBbrG=L?8pny6IA0E!gcYayxauB1t%zvDv*{x=AFr*8w9>3
z#|y8-e!jkQ8IK8*`wR}x%C(?5w52PcjZpkL_jNU5F~q0Sg7W95Cmj4Ti=_`C4(K+V
zbf){0x6{v~)I~r}r=|e9@idfLcxG_uFadS9z>wLH%b8Hd>>+z0_TGwRbjFPJM-1)r
z48GIM>~J~6<uq=aX^t&-3Qd5P>YJ48Q{cm<D@B7q;<-3-l><X{jW@@>nvfV>EMlze
zd31?Mau9V9Dq4<UXSN>i4G316*f)hNGIwLE$)Xf}J=x8%x-e>1d|&hLw>5Pck+(KY
zE_%Y&^@*SSgJ0X0I>6l2o0z5sVT{Xh())iZGno3X#G{BpE9>hGQs`kcU?MP{yYZry
zpc7Ss%Msx9o;l+7K$lXNR1}>VL4o^rm}ESM&0ODOMciW^GR`a8JBk6rE-YN+FBA~I
z4kl~!b3jyNoG@HT(DeS>kA8qp!k>?=wk`IvE*@VkTk)XV`*y(_{?5NXB_p$h_=eoc
zgt=K9naP)JW2&E96fYZhQX?S8UP<`m<b$lfj!-lyf1&<jtBB5z1S8RaG@MYL9G1&%
z3tKy(kD_l{#{TfH$uchv_TI)<S8Bda3-g<X;83lHPzM1|8&p|0XwcAuXB#iTM$TLF
z);B(Gi!BHMC+6ar*Ek2p8K<i-4fSeyYmmywXwEvd<y4$0?qq#Po9xF^)5)eyD#%k?
zre7;dFq%$}N7ek)*xf`FWqEALzaBy$X)S&j{oh{jBSgvXvT)EGUN$TY7QBn>9qwBj
z-bHb*&mMxnCLBDHfr#V;rRRaj!5VT1OfsAuUzkD7Zy0&To2NzlSZV|b=hGX$`&Lc#
zXWP9@7~rlE+;nI2O1}<u0f%KI`|4|$s}5K85B((nhL$8JTUR_mKkC*RCvJxpWS|SU
z7bf)Tkv<;hXn!Je7R^DUrN(L(>FAWeSGqt2P*u?xoFHDkQ}|s;RY{@qoPZ8NyGVkG
zrYd0@8A17zcTw!mlqYg#pC!;Z(h1xXX=ewcO}qQBA=>%5i&(49AGJExS~54u$Md%G
zzQi{_tn_5lFE*Zxr6?EY|6LJk>houe(a>FJtEEffuJjS<GLPa}gITzgjHcQk!KI{^
zGh29V?t^Y_U{{G7SxMI3dx;+|OwNMVf<StwPSK60olYY`T;<_5$Ms=w3O)h4xu9KN
z*cybc5URd8Z4r%nvgbchoCmPC{Q$#;l18FHCFfLHQR3trx~y>ljxmr#!wOG2v*&EE
zg2*=^Bx<;TK}?!qIPZTm{A8e=boB~D{SP-^8cNgY-9uN7Sy9Os$i5)I9r17+B~^Lb
z!sAVNpb3~#TW|P=^xYTov|ib7)z!B>+rjL|_U31**l8Nsr<!~PSWNz*y1~u72@9i%
zJL9LfHoS~;1vG<mg~ML@C<fD7^Klb9Z%9zkD%Qp(K3{ifByU=<lR4m%j*+TbJ#T7h
zLMFf&AUaSmx2PhLs0|Ta_Iw2q;eo;89u2<LQZm`9k*k!ThlB&h3!_#Pz{{PRTSx51
zOJuh?sbNW_)YQVlO%g>>JFtCPLEbsgqXDCEHIL-QlqT0igPt;W@J$(X4|{*J-B1GO
zQKtKN8~Q1OvCL+LGFdw8Gu%$<M@v|7jQ_Vm(_}T?K3CzOE`~YBk_DHiE3il9UgR*c
znfC#-2Nu4+mkBVQM*E#Ztx5xbQeeOFKjWFVk|D!Zko>PZ8CM$3=+Vg?TIYdacL1(B
z7=~BSvjJd22Qov!izWJLHxEH051x=;l;Vm(=7j^<scB%)FD-g^OZ2C<cyg3AfK#U3
z70F#bn#xxbJ2&8cjn9WgSyU8<M@YI)sIst>@|+}5%0YF=QI(5f-CbUhn2yO`q&#a=
z4mT{iHEzv{HT|Km_GJj}v&3L@;J}9)Cs9G>E@+aqnAxQbmhHR$%yedTE~~Lz4h&NH
zBNbrsH+Xl5F~?e;ChO3n-y|9%zYHWh5qN1qQMi{NM%J~4?SA`MZoPRdF7x`>txO#r
zGl`Rnlcs!;KqW>?GL$t5s}bw^W$_2In0+48&vt)-rm=lSynNBx%i8iZWC3&KcLT=)
zs<;@Gup2pw)KX6pnDmgyy-&^f`-^d$G%2qc3tR@E7>u}gY+iDs#SeQ;WH<{15`Rt`
zJfN&~{BQ(F8Naov$mGsW?D}M{#$TE@m*s2?Jm0p1CHfsI#!wW>bXp%5w^@KY)FOI5
zq+dqP0qu#WwS~*K13eW|JCbrB`ZtNsGgnXj`{QWA5XEArq5+Dw-@y@vt__pY^qjD%
zES8r7y2GOhIHJ79a;qDd{O{{atOhc68cEXu3qMKMfv@8jo5g&w9EtVmf`?lrH*Kx_
z>5`YSj-CdU`)bPEe!hOZV7o@W&3>h@Yrvb+p)^4WW3$BqZTyWc3}x@_K?wWvudjFR
zPaBH|EWReUIS&POrCFRDmpgsUDqw`!f{8@FwwRfew5{+~%j!zK6@l6S@t!X_x7fTI
zd3toVbG2;L=Hr9IOqy1`4Q_B8!Zoyr5V97OU*PKPTN)EIs5m`0!}I;EJt<82y)90l
zf>-wi?ZVI4J}YTmFq7<XgxmX`^wMs!u%JAM3UflF0RL5Q)*XN3aPrdU=lDU2-cvqB
zNzew2FtVK=sRKeFQ!(abmYA~+jNco1`pn6XtdE;cX+pe7J!1(}f>LpYWW5i{#v!YE
zWv#`&=|I$b0{&gTj-v~>*DLE<FePdey1CG5rOOl@-IXcktv5hJt#ijdK4aV6zL^&-
z%$DiaBMThjc0+9)XNPjFI0%7iY{)qB``8S6J(?tnF>nbhUmjd?zx`Y?yo*glB%jmS
zVvu?lu&`nIr?@Tc3@s#svC@t3WBh^0%-g2v6c-b6JBk9Lkr+1Uq7^|E7U9--e1M;=
z(KXJi<=5J*c+dt?7^H8L1;=KZ-=g|tb7J%A;_l(OxJa>}aZnq~S=L4te3l<uq&Z&t
zFt5gsb*MO?f4h9gUhti=vf~9OT|iLSt0*@5foOa8O%l4D(O5DV1cd8omlV3)Rv7u>
z^S_8~VImYoleu17)ZF8n9>$8mk6KswO@oEO!F`|jGtI~1OqvVc5wu_zZC^-vGc-oc
z(EM=ph?2mLU0mUOnYGF(LX&uPGk9UVed}l=5HlGNFV2Pw{f-tw8!JV=RuE2dUcpS4
zAz-Jpf)2So@!w$Wb_>+5&g(3_d2MlRGbKv#beMJYI4MLZ6H)gLgCzK`@)tNo3u2Hg
z0x~-=<q2fv<<F~N*Z6N8Q6{GMPX@lFt@2dwwh&mW!*eTl;|?}N1_A*Tg0vGx{s~Ex
z7#E8od~q>Af1^forT(&2qUKamTDY0y&u_zl*WKOi@uFLA@uq=Up}bqxBC;K32j7e@
zXg~z<_SWQ3jUSG%xwZCt3e2F<`-B)aa7*T2gowSxjU^?R-NeX!1qABI_Jb53zO&ym
zz8b;MeZvb2%ZG(?+{8m*Or(NiMj1<s=?Xa_{(_O9qP59Zto{`Wh%?)Nzp@4aN1Qww
zhJd(t>U?2T=*y;phmIGKfSEY8JU@Tw-AW*bNjpn<42$r^!E!SJo*P9NJowQ-AdYbB
zQZkMqDkNSK=od1%7$*A=!NDp!srud03k;lr<lp@1p^uR&fP8$qHjtgg#+%j4(uH5`
z;8FZPUI63Qgx3qNXx+OOp04=<-#T1D!qmjE{8~zbhqVZ9Y3$3?zJWK%rN<{`tOq${
z;5(83??<baZRR*OUe!L+Zk-^$*xaY%m2UXdq^whg>&@W_BSQ-R3wp4QN$v7u=YxA3
zpZ=iSn*}Oq9Wbu8=IwY|1?uV*o3ZTVk%(Bs#~&?rp%Fh1Fz>UuBo%zSO{4GRsHHnc
zl{>u02Qv3E=yNOj{Rhmq?xC<Cg^_=Rb<x8HUSVW(s)>eAj}@#y?~n#EkL=-dyT?{A
z(x*WJeS^iX3drXaWONL3rammGbh@SXJ1Rc2rqNF?rN?zkRV!x+`lUvb)etAzpTYk7
z0!_dEB{^6FWm_Mzae8P4jO5+(^N?km<{eMqSdQ95MkQVjTwU}go$@KyNE`}+Og(h{
zHZgTkR=}1~r5)-fE(45qHQ>J=`P5~?F*~&;BI-QKK51=hT~v}Et`JU;7;4h>;@H-f
zG(y>{PQ;lyKF7(fx;e+UWedzBSPjY%8#o}%*6bWG{7!GJ@Y|7RStUN*&BPaU_U*a^
zMohfM^DhM>LoZ)^f?4+2+VbC+wF!EaV5OJ9yH8&$5CeklK>xo#i5)k~&z~K7e|3KK
z8SDzVn5babSh^xfwz2|J1Msw-F600mWJtppO<SOIo;O!mo075*1+&<2bD2dB^Hih7
zzNlZpG&#6VI)A#fUx5tx7tzT71{c(2R%_U}3<n2qazIXS%u1OT9i3O48+0x?F*CK|
zJNr=gNnG9aOwjX7!CFwrEY;P}*l=Gc4B{&q@OsF0sZ0Ofv%4SPxs<}<b#9FnI1VR%
z5S6H~pspk{>Hdqr>kboTJe-d=o3<c3uKm92rDsWQ2(&0~Yg86VXK`RQly#TR=*;r4
zrhnv1w2J!T(e)uE5F6d>|K5&)G+suS6ugxnu_(?fj_T@YEKCgg*|B83=kSmr_HNh>
z%s06{6V#&2$7KugKrRMG{BR|7Kq5*L`@MF#T9aP0r6~K=dXpKLh_XJ$tTG{in{AEp
z$*h>jrJ()X<>4H)n)jeg7o5ni81Qmt2ps84&OjKu3B<NAf#ApfszOe1;?C5QxNY&s
zN=ugWkN!Qv@c4Lzv+?0#-gz^r|Fy8GE~1_V2R<ZYco!8Xo(aCb5eqn)C4+`*aJc6N
z@B;G4n~h;g1`xzA_dU(X@;x*nJ@y+TOo@lGc=ce@u_(T0-7zDLXZCl9N|uz^I}9cR
zYi&D<>ffRa3?IY68axZ*0n(X(K8@rOhs;tPV{#@;^vts9nR`dSQNL03%oh)@k`zAW
z!AE370YVnHZ%K}~W89z536krL8-tdOwpDCDl?g8Oqumt6XJ8M$8Rw@~dBb%Ffa}sx
z=av*e&8nAvhX<xZ1=+tx+PUW)p;Cp@mRMPI+q_xvy6J|?(NHWIjHjUF%E{wz*SP(F
zeEN|e{uvq{0iQP@8fmYF@e<M%aWTt)K2hcu>^+(0d6*0Yq1!1&ubY8ccnGkb9v`xL
zvE?Zb<mOQDiJ-dvFy|NB+2#MO`9Yku;(vO?0_smiozR$@nOiuXY41~)ftv2dEsTgV
z60^t|T|t2qKKd{1+0`E3ptZH~M#q(QXP+SNUG~l_$9t06uH-c6xKw9651b~eCxa2P
z45DA98&+#Fr`Xo{S+?BY_Hj+1Cn7d?txwHN;ORI&e*bW^vHQ9d|2KRa^yJQLD|eRD
zNDteSDf%zJLF?%h#U^j8^t`_!Oc=A2B>dU}Lno~8(yCedtH#MTYs#j&xHfP~bYXrO
zcGGs-7YI&t4Cvlc&wor?*A={4;S>u{Lqwv6Z3w6CpMQscp`u|4RKP24;q;S-y{A|j
zoHe!G_{~2!0U8~%t!sElYJSl0LOVJP3QqSfaztBcjZmBC1dq{ClCcw}27mz8q_=Iu
z=zqH@<-e~JR61*N5DHups7jFtMm`{MH8n<F7)=zZcG40vzgXQ9Zo}=6&|AdlQ2OUL
z(cj@6#YqNJF^ew$dXk5$E{p1!wSyFBqq?QXzg541Zp)SqHg~U_{j9G-3>x3l1!9*3
za8{3cV*F|aMtMhX?7h!kUp~1jn!T&>SEF<X&G=e-QN2WG8SY;6vejWf9-4<*o-$qE
zM7%&3_y8Lp-M_TURP6h7Uo=tGZgSzmg1N?e<dc%X6etZxw&b++)$i#$RlPj)`{8+c
z8*nCA*9xFAwN;x6+WRH#@|o3XGN+DfmRGE2RpvIQ+In?<cXwl`5x6wuiKI+!@XD7d
z#q~HYrw4odQRZ=>gT!p;GM01Sy{OaQ<5d`w#uqhzX}7;Md}G7o5O@>=#&SS`WMu#;
z-1HVE6aNpUuS+64(N%)^i#uO9$u3=-2DDP$v{#NpZJ9Vye7v4j-BiaXYiqWj@*%w+
zchRq}esRH;2hbVUhl?AI9$^DGkW?k&;Y7V8JMSYuwTXsJ8|}ura=%)gY6<YG%gb9Y
z-Z4Tf_}+3ST~zi?Ce!2IR;?!|7sX}!nWH=_M+vlbSQ5F8+uEH*6T>!AG4}v7F2~b;
zlNl^e1mbBTsCIod)ehk@YpgmD)oBtPv~b^hR-RN-mh*Gw=LUiBN+f1mV$g#V4i0*k
z@l6q0g&Ogt0EeRqTl9G509B~M^vc4;j2>SF&<=>22Ri2*e3!CBBf@X(gBfJtj_$W=
zPsJ}cbgC0n&108~T0s7DQJ&#hk(UHaMDQ5L5B`X-Nc=V`N5l_C{zP-%2h4Bjkw7lK
znG<zyZIumVGSRZ-SgRUnCJOu0+O)*<-)aoXYgiW2H^c#Zm`vF_*tl&ZHbreV|IJkA
zex-k}_4!u8TOn)_c>knO%3vgIKXTNVQIkionhWFVZQ-%0=!1CCBIt4=em)E*BhjD~
zZeR3w0h&WlzN!2gtIX(hjoC_M)bvf<vzyGx>as^&kEgzF3|X*Z*us?V`6FSB6ggd+
z`N)<)tTi?YVc$BMD?XQgSJv(!khOzp0U(dhrz+-S-74GY&`#)Q&$!c57lHqWo#@kl
z7zVn3c?S2;Pf_};6G}&?+pLC#Gu}BbCXIs(J~64-5m3inxRK;$Ae5>ONU~NfzHit+
zT#c#aP-M$jmK)7>L!?ci3OeHmdb`1a1fsms?mN5C826a1$2qcQFltQ4?U(90W6~6+
z`TzxTS#d}T?(#wr-w6o^=yJs-;&oRHJJi=>dN>K3_MnE|Kb>7Hc&2>69~Ov1+npNW
zkAYwZuu9^$86)hq<1hMI@H@Rhso88vb7A?))O!<ySy`-cMTZfPTWY2VlCtUCDhqwn
z7lH(ogN%DSEpES0S3EzYpz_JtAHmTi2e<Z@53Q|B$r-Kr)7{Keb(Iy<)x#)R0{Xm?
zVnF3=d1_!3HXcsQsRh)pkG<?;_u#WnbPMhGlrQin-GWJfLN%`E(1tBq>~;PNMCtAz
zQH7DjyxE2~f4t8VMcr_nn7ownFe`1!I{%OWHA&K^K?LC3hQTRIvGNmwRIFfLJ;~%S
z)`G;gr(^JulQbsnHMFLA8b!*;2oX}K5;++;hpsB@V@v?I1Pd!K+JND&?uS^iPwd);
zeyhHIq8pjcOK(nDW|on|c-lK#9&1_C9Wn3;Eh;Px^S%=I<ro(G^`%Q_BF)^>IU4mX
z4uh`dg3@}IM*myi^?>v6SO4okkri~fzCoN}uQ#m)TXtl2svuLxyR+4*R7A%1z=LdS
zPvWuZ=oleC8Y|q#i8?9YI*;odKcDBC<uhRMC)B%d<*Sg^E-yLneYWO2C!F&g;x{1|
z3yIBQ342mSt!!4_Y;q7B2zdcL-flcCQ8CtYL3miANsi(h>Tc*o39wCdJ{VcU>G-xp
zxOzf+8>ytc4;hJ=AfgjJCuEFa4GFG~lrAPAQy`e%&zAi<nTjihkZW#x>Y;JNz8&*o
z3G#oH<M?X;mwO4SeW??oFrU-_T1`=h&DKXWmJENH4#e&Ev0rTWmZ!dUXvx1CWRt_g
zF5cglbTrEYJK2#Liw>772(@hEEn#KBt??`sDd#GNnVBK5Zm;^Wq+P3ZAB@rG#@G92
z_vHWR0QmHA5CnbV9Zpyk=Joap-H5!l*#}EJ(c~Nt(TIl!tJa_p*50F6|6t|SX%@;w
z_43&$hd)D5QPu?UNSd72hOy03XXLASytK-ks;&}5Y{`)~?$>K+!;Rh_gdQB39yns^
z=Lh@cQ0R%^>jACi!F^WFZ+QcF(+ku62-YlGck7a0D=fEX$wGoQLjMG7&X~)YXd9i;
zpa13;=!piQ_<DOi!yZ<L`hlR6t?*tVrRvYMWX-a``<M3rYTuA6^MBe@G>f^pFiR70
zebfZkqVO^>Smy1~tBTB^fz_%BG-tV0D%<LtQQtcsFFfyX@s@)^#|kpDgCH4)7BOQq
zJTC4xS;Ip3#xL(Vx~!rt(u|R3LVSADZiz>_2@}YKe#Waj)Dr!md^k{r$Rv+7x_FT)
zmb^TGr&CK^S?<ozMR@WLGIsk|Iddz+ixq+#WZah;a4oHwzkiW+j1U;DU@FKj4R%8N
z+G7L<9utCw3ayr)v;ig^5R$=<Brtm$Jk%4W{Z3lzRbjg}-eC-_R1m`z9FDMZ?xy{j
z;IFSA)wu*KyL@@jLW3HOsojhwYQD(yphQjr(pn{aqORL=bzqzBic;L|Roq6^x>?Tf
zA7aODBe1<>Jt%pML^kl}p^K-x0F>a;oSeE~T-rzUL+1un={5xzL#rf#On7X|Qkq;!
zKfEWzE!G=5RL09VVp#uvtNr+lUGH0Qfjc|G<tz@$q{;%h!iIuOekyosx=N94lHO{n
zxhVjuUL^vego%n}=kFhZ4!tX%>pnpSqfMdxkYV-Q9<E2flS7Ia+iLvKo&Mm7M~TNk
zho^}0E)=Rzf}oVk6cQJJvPI_P2<UKJS8ItB?6`vWDyt*sZw&NotlE&E)<E7W8&Kuu
za&E=@Ot4g)f3K2v?{q#`h-+Z)&6h|n_LGT&GC`=G(~40;qlgXg1wqVNK+I3%b9c(`
zE_(eyfTVbHL1Lso@+&Br1vQCG-?%ChYd}z<oeQZ7ld$)(C@y*#Xg7db?K?y|fb@7Q
z?R%fk#s(YcK=J<-_Lfm~HBHnYB)Gc;2_77RJ3)g73GVI?+zAACcXubaT-@E=T>@O(
za*;WC-udR&%$l?APdMGDySlon_O7a&ePZ*myaXKeC1V$rWi>C4&uq-Im`&PiD}L7k
zB{KBK$Di{ruN-A_?1B*1`=;ZZic~q93>@bIf=IDMXx_hse(intqC{WK0Y{Cnv|TXx
zA-6W3h{3`{Wcfwlt~{Dc7ExPISAH|8TBYnN?n}Z*DB?GRUYpPFkZ|ZN_|-&Ecc@N0
zOG+C^w8zG#YD%C;(4UQP#|}4Ft0^f(-%IDP^_&a)Rd4SdgfT12%Ke6G4H*v_Sb!++
z?v+5Ha4Zl(N%1I*YfQ)@%QcYbj9qZ!>0HT3JhaOvj4b<PA=YCesP09@<<G%xC&+kj
zWx@NzKP`?`eCkS^NbagRIxvrVwmL_0E@$BQh~V}SMA9~HcAwMUeaLbRU`9hmPKwL-
zH)?q?5e7ZFdqDK(Y)n|uSBW<``or3d-zQ9eF9J60N*wittBa1-%um(11!F$n_XG-+
zy*mWLVgOTrbyD!}On(q+&bdb*IR#@-Vaoze=GI`bAmOu3HJ<9uadEI%Mx2j&2Xit8
zF3$I)Z|}u58R%-Do{hthf_DQ%<&Xs1z;|B7bJiX^C8u;qatCSpUA^t8+GKR3xR~Rm
zh7Gt24!N>2gGYNC`+lj?GwTQa3?l6GX;it-&#M)BC1GI_V$7VlNk8$*WlF&?K=m|o
zo&AU#xKP=TdeFtYwl=GpP;JzVS!v<XIQvg)k3RQyj^XOLANVa4)iHt@K_puIARax{
zp4FI#xn(Pd>MlYXD;7l{Zne%YEfqSLGM)v`tEtMx*vA#xEocLjeWU-A{<!65Thv}X
zQdM9L)OUzlMfTBwK`v3;RwO$g7+RBsvD-=CCynN%#EZbqn21)Thc@ys@PLE(rb|!O
ze0FE1jY7nfSuIEYG(1*N3d@1*Y+*7z|6o>bayT&`Uw<dK*ikLM)tW(qi%~~K(oq>G
z4||7ELaPU>fjr{rA}En1vpYmH{pdmSK?wdER(wP1N*h>d7EB*0_=2NTaCB;2cdOQM
zo7Nf-Y1vxI-;$lAh{t+LDhRzOGm7ju!mox{uCYs5!y066LsV~Ex7^^u>369(aAZLP
ztHxA+RI)wSl#!2wkjB@;W-6|xsHa8)8!kYPbckU&YA#ic>FwO_67w_Tuj($&7JP43
zDd5OxD8Y7lx_!{i%KD{eP!VFx9sd<?owJkQhHSUHEZ?{0Lmv>K==-@~wP!Ly{R%mc
zv9RTC^SOH-W@Wl5p^C@A9ks7(Qkj|lb04nKJB^QbeENJ5@!bU&2Ma<~Ww3Bs8|~BL
zv}N2!`t1=0i<3Dj(ktb%dmYC6QF&WZes<2<ee@OyaIED!8HqQ3v0RTo+<sbZQqn<6
zheeErP0FIi`3_A$x7wMUFXT2ur<_)WTry@-T)sIY>i#o_p$o;W9mx8dOjc9To16Cf
zhBx`X%Qqy}jRfN07ndae!HOe}&x~=zV3YFXxUc%MEKpQ&aExX4e$}&6ql-u-H+n^}
zW*@@7;P5F2=sF_4fiTp{M)>@!F1c8>CASH(USUwd{!AZbx~1K727WszTDY6k7Jf|8
zp&5eVsW4TDz8|_lLKcGEaW!mO1?n>q`$0I?sti9kF#k&iFaZk;`>RN#hWuEDi(TG$
z!o{twn6ucwNjQ3X$QGDXUu+Xx-YklsX0l`ir1rJ#07~L}V``<^>*?vu<6lAW21tWo
z^&VICM!#YUZhHoz?0(yc!~IaYv`Jawah}Bl)&6obBpr#?@sy!)!h}qxvj75JyPpdV
z`R@98y+Q(E(6YFBx-?P-uAJ~K#iadTu6bXvDPGdB_7JubK)+gMjgRryF#<pQD9?}X
zI~r}#_<lsZoFGm8tBo!|m4bX)YCzC<&w`_&p5;v-WD;-AGs%+bRY=d|)tT_M&)}+%
zV25;<(G2;Op4w?J#$<=1!;7CX4x{X@q^KYQ-RYX{Q_WyB31~T2yd_}wud8cTm7)3<
zCIGf5vuDR*xsnv)C-d_S402PHJQw6pE4SS|(nwFkz;(1X%<!zs)*Q@^d+Qm!D8W1}
zUh?g$oiNFob9`G;LFg*G)E@!6oUSb9nm^r~v^X~R&yOHZc6V4_7-oB#WFu>Xen?H?
zIX$mSKpo1-7_^yxlp0ItRhl^yI07mSU)Y;H=yB7Pb9*aBUzy7^z_rQ+IvBcJo*(y%
zy=y~YDiGtG^tmp=Lj2X>xw?|QxRg<?Kq)nu<hZYM^1bigf%4r0#-d%VQ+r{2{<Tb@
z@=C7noW8V9DqiDgg0TcHpn``SRv^j*#KFwSAY=fd*+y6~FK6E3Zd2F|8QfIRmcsY*
zePj2%7H|9Dxw@5+@$gM`=M(?igja&yi)68k<Ccg206%xaRStuu5O;EhX1ZnN2rcAB
z2gzFQ6HsAEL5AG4{hkJ_B)a(4(Ywm7MI>o&+&X0TxfvJhby{W?yV|Mj4$Fhg&a62m
znO0XonJiza-hGj3bImOhz)HS`BAP42d#N*W0nvlg;;hNnmn+asmVd#R%{jCB*19fR
zeb}=s)1-Aw61P)jd)nO!^`x<&$~PJ*Yho2;BM$ek1H*x=&LsT$G7`G%|106$q<kXN
z3Lh4?$D^YpHdCZUgnDjw62bte+`vYH^E1Bhz14j~abHE46EI1SBeV`yYADhf09!?C
z6;x_(SunSs%H8<M6sv$jtWDNA;y06sg3>Q`gA0Cjw*e;_$tR~8=2R~i^7RU2vkfW8
z6A<zk5mFkicv~L7mO9)yDvo*ocHN`UM9hQK-A+Y<T#PDmSusL=Q$l!_9oG|nlpIIo
z@-l2QtT|AZW2Q7a^H7?6D{Ol>P{vKvYApTc$H1D2OzXoq-<3A<7xk{Nq_Y3T-uf@3
zCts6Tz$@;0mFD$AU)$p1bKRxggPb%2W7U4lhbE=(7X%}|_oq&OgHRP)BNN@3=&m}n
z<y=!MiJ7ebyv~is&C)1*zYo659_q&IrN;8?bIW06#wOPxpg_x_GkY6B<^XwctW0T3
zj4r$LwY9No+t*a7OKg+wp1BT@1%<%JX$g~Nu!r>@BeV<XszddmHMlrCoO$!|N8>s+
zwc`OfShPkF`dDt|H;uMu^rfb5Zo_sqUEbEC2!6PLUn_l%wi1{AIwzU^v}*GwW9{+w
zlF(5B$FcpA0)3M`4Kx@<L8BUB1XV%gn>JuoP*)w-UO(WS?h~0VDfKn|Ghcd2*Go54
zlS$!cb3ul#D>}NZCq!WnfuPHZ#gVe3x#s#$CkV9XPx{wn?7ew;vF}4r<WimEY)^%X
z`Wey&VoGvh|Dc;*>t&}WUKAEQyhCcPb@f8@XU9ueH-j=3gfpJ9TciORNlg3^5UDaB
zaZ^TwM+pKwag@ZuRis}&nkah~&$;1Uo~)g&*nY<nqDg8X+~MYw@hfN-#BHy$A!pF@
z%Q<XPc>UX>P#1&$+3k<}EoH&X-wItm`-YCW;iqeQAz`)dXtAfsJz*V=2oDwKrH)Nm
z@;z{z7MOJ9L+@G?p4212V4+b^=My@pUE2X7HBvHODX&1K`?14cK#1d`RVX6(<BwM{
z2VBgS5NLpV$;=n{_PY4u?VBGf?A?-5+@z4wL|A&i5B^c`_{Edn-lr{xQX*-xGgKeJ
zEjn4j>4Er+2+(;&zXu&wcpcLkykPiKy|BenaSr@8Ag@z(K`@r{?Hw-|B)XDZXO97>
z{GAR1DlOGPb3<1VLl<uH-Rx@d9YC9Rduh`ZCk7A4;Cm$6G*&|BG_0*sjb5>NjC|7(
zf}dDu`zCdrrGb|r%3mM2W19_`P9G}R<m9DtV1m|`>R)Z&pGXrvf~TmQ6yL2%$U2x<
zP*U@=lk8QlQWpwji@t0n-<*AT;(1e~S8=~8KpFB|GD&zU$wnNt9(n#tzxiy5<nxCE
zEwz@i_i-$S?7(m9DH0o>o<~<_@?_T$zrooj8;N(y$Cw#?g1~R=;Zn`hVd@jpL*yS7
zn-L3ORWH6i&eYKysWN12D1Zkf9a*^erXFHt+KvJqU>u|f@L|*wMhc^!Rs+TWZGjT_
z7ZQts_f=O6Ifs}}*3_864F94}SBa%yb9zK|1A(;59<F4`59a5F-351=ctEO-Bk1W_
zR1h?|_#2d)JjF7vf0ao$Lj;z0jx;Fw6JT%Y`v)C=!stFw>DlW669}k6zJq+`%pxO<
zuPUY21%);bYzfEQ>hIHRnl_r_zrQ6Y*mUvE?i4c1kl&baX$rfCu9rO|ynf?5al-mG
zX4J}0m)U53Ju<-^FEnvw&l>O74ilfapUnteqZ&WNuwB5?TuJlNXxpBe?>s&xRG&Ox
ze_%|MHp$|5MJ4SoNzalVdS_pRVKD2s>A{=T9qqj+)EqxSW`2F*rmTUrn_eTUlbX!^
zdYWOg?w5&<o|&6lImn5s8`KpO4m&p(&-TC^@azNk{3;}aZWe`Rw0QjSsCJRrsq1N5
zYBc>*scZX7?eZCM=koB55V;O>!e`#qE;l}z$iv{xd8FPdB0|h@bi5+8uOb}jOlLff
z!D6uZmUgEtudvN*fQYkNtMj`?go)_e2fX<3c+|#+2jlTYnx!<`HfYdQTYa2f3Zbq~
zfJ|{ZKWql}{-m$ux{Wr%pP!xeczRG*{i%NOsfjs|Rd@>8(#u<iXK%09<LZh7$QD;R
z-{nsDTo(Azk28!d?-7D>jYdcAseE``)8h5@QOtTca+KmmpRAUNHe!KSvy!AWP<^qI
z>Mk3E=*J)NEEYttu(I!JpRN>}B6~nV-D)nv%Nc~jX`=6Ieff<K|4TCQXmNiz)!h|t
zVbqUEZEG<o>*_t2pyW#jCM#v>jB?W(NJ@(aV#_Co2X~W0andy2xbQYJW*vZ+S=Cp>
z!cJe5S!#d^;PkE4aTS+$iR@m^81<0A%VdRmc5gB!m&m{e?{t%<RUXyZ;k@`wjOxo+
zJuWiue1x4|s4FEp!Ve^ahiBLv4NZm}1FiEtMEYh5(?EbHo*lnJeB0FxKCmJ|L(ZUn
zx9l4Lj4SKt#<*a}R;E`qfngIU47L=A*5qH_-3P5UjZI!9j{SwT@hP-^khxbK1`02@
zT7IyjoXdY3MAB=YboF1AmepXhL}Wmrwt;jdwO=dYRcwAGKPYi(;irnI%-pb1J5(;4
zPv9#G+>okU>5!MsR+63-<mNi>Gq8ZgDfOv#Y+4A#9D26bXMr_vJYy01O7ZJC45jTR
zpdd$PGBeQNkm^?L)E3P8kb&;oP?_emLB4KMdnNJXy*|zZ9{P3S7;^?X_)m`Z&OKF+
z5~ll9n5azoAE3DMS1M;k5a_-n%@wqv$!hMb`UxA`2=Vetl=;2_-{0%g&1Ec*9vv$~
z{k7<GrK_82Y6D<HT{d6nWU-qZ;c)6)W$t4_zlb)aPChJ@4Y3#wD5fN2JDl^_l$J?h
z&UV1&@+CJ&&^>#|A|@rJuns4)n!EC7e&DLVr+hye#-Mq1CwlGFRQt-r>Pa2Pr-DoX
z*-|Zokt0BnJl6Y5K#J=huX7!<Z=6}y<^82_rvG5f0M_mDA)eol)Qh7j<L?B#u=3)*
zci*~cQ@qOj^u>`jb&AUr{6$v$XCcu*hn+#7N|_DUP>w+q%M3ZR4vRyxv$N91v>brL
zGzsl!{{wvOWX;R9NT5NWOSz1z>-ZMRcOAKeV7ULo1%NQQqNsuFjxzY8yP|K&+K0m>
z5SPe2n(*SEehm$u&F7I}E98!g80s-6sZqB{k61w4YSHgpm@BVTQkmM(@5~uVBd&}e
z5`CL$&6)2Wv;UAC`!o4n-CILI60a2swH4kQ^RI?W9j>nW%mIAmY3rVE@94U;&VVu&
z&yF_u!Ld;Guuj0eld;S{RFb#RKQmh_RIoFFv%o9rUa}%{ALLmFsT{ae9tM^ohxmM|
z#R0Q7s3JjzT5cg~+Y5cX9o#x3Ywhl*UtJ%XI1Tv6Us_P-8wpojnie(Pi(6i=ji5J?
z2p?#Io$Z(K8GT3E0*N-n#x$SCv2M8q*hS@g*Ew#zZs>;Tx($@_qhx5#uS_f5D?x{Q
zkIu8$pEbSM!sdCkzFA1;kW3z;(kSCkv>KJFPijm?#He3q$hV$t7K`)Kket!Ax7gvX
z3b&6O0;0}NKQmYyJIh{a%V~&3{U;<z#2)r$Fp$+=&K{x0p8ftm2_AV$pEj(!ehT{Q
zi=6M1Ncs|S*Ka|9eaL@2B|(s0$;H2RGx_^%Kj<{ux_0&WbE|LGio-t|28s#*xD;Q|
zm!34|me*MR@SjvV>%0*Q@-L<`8pTq39r~Os*EYN8xAYO2_O47n{_lLFLioW*^NoAm
z6y}Q)S=@upn^0j#x_tW0g_d%*=9tu!_mf^3qaSC|fxb{XQ%sW2Yx?E5)V{836)UlY
zPvSZ^O(JA4kS}I|C^7~2v~_tKVaHYy88Wq0`{r$bMc-H=1?c#Mf){BV^5^K?9dfDa
z|8*ZBDIOE1>%c0L3l^mjV@{!T`4QK-BM$5k0gZy5)d@4-9>NOnH|q5R@K3jNeAtnT
zQgYaY#8%4LS{^TRFg@}C3o^5V!SP&8+<{9CuDWWKB@I2b34wWIy`4@jFZ9EI%lBWJ
zKSeI)BD)MQp9g?E==Z&iU9p0rnJb&LwS^Ba_9Swf!}FV5Q|wIzh(o)XP`rSU99@kq
z>2yr(yq=6vUqgS$*1p97RJrB(AJQIIn6qsCK%X)}!A$D8iv`#S%ufJ&K_j$=_8|uO
z;Ppobd3#$?#g_LafI%g4^67bL@lTvFRT|qH+9N!uk7NaTdiFjZV_^1%)VC#b3Gt@-
zy<pcA<PCIZQ<@L6&=)LBQ16Aj!)ysMENiPx8YgM>_B?Ko^^2wa_3U90oJ|YP2*1S(
z2d$%IY=BXg0rw2@J@=G>TJMy20IdB@48Z&=knV2w{jUrKSUcTfu1Aw6eQ$bV5;>J-
z_DfyY*DcN59<0^Sqf+vLIgZQ_Ny4Ig8<MM++1V7eR$)V+&ZmoFM-WhN`_@$0K0Y`#
zhPTn^dHIEaKtI+n{j~{Pg_iv?x9paK4)D15x(IPyCZ0WRe1#@?M-)4GW6HuP;cj1P
z>C=Iu<%Y9n(fV8fQtA;}2M%s{)fEvb%PK%tA?<xp4LtqMIR6lQDLawX0o~3Ysc+>P
zcv*~=;B=WQ^|SfEsj(4B!l7ni_|_H1PrzS4J)2-gRi&`-ks$zg@OVbP@k!>$r+o_F
z4a@$wA3F?$XCz!p_7jF1Qt+96iU0_m7={=bjx;dlw0+3H{b7|?#WAcyO2O%J-(&PN
z-Q80juf~@p%ZrwF{o02igC8P~eL_h6XRP+k&b}LuYzirWbzc0jBJ@)IDpzRTqcXp&
z-mf-$){I`8xaLRHIgM*}mEq9}(b1C@*@5YR=Wakd{7Y;5-<qlAmbaF%HC}D4iIrKa
z*G7gEbFwtCRb6A9&0<z(K)SqLekHawlM0-pto^|35$K?bic`v4YW=hLSkaM|M>c`-
zV&Qm=toc$?<(xJy@HQwV{_>0{DYdyAO=eb6HDyQ92zY00yB_RPu)O$un}V}GH-iB6
z$L@Qfqy+H$8@P#~x48U6vo`w=-VjIkUoOg=tg@YY_6~A^uT^K<WZsSq!5UT8qAhuI
z!!fT7aeMgmP?y)L@c{6BMOiTY7lNj7#gZ^0YUv^vqNu+;ykhi6d)4D=Lb24!=78UF
z4z3u}a2Oj91U$YdGd275_adraKeG7wA^Hj}l_m)OG&{z=yt&#nujz_dFguDNJ3EM(
zVr>2M1jH}?Mj2^WrgTxx1eHUgj3DLv)!zU3B6gT0+Y-({@zE6{9Y`5$kB_;@o-H)l
zIjf>E^vqf7UYt4C6xI2s(7|XsDt{R#i7_7+#2#<_Aj5=BbH$4LYv_|i(~2?>B5eGT
z7j_y)AZGGf_k%X&57E<22xR8b{pxbVGo^tJg^9ue-4JMzG7?)+!vq}$!@tCE$@jbN
zp0sFWTZ8WHMd}b$YZ=VO#T-sMr=r>A!3{s9vwyh~vA!Uf18OfTa07MLH%`WUgCO0i
zIn-2xj^&IlW79#O5CT|Jjox*HBHkL!6mDYp*5+;S;<q0uR`n=7G%OmJtesdj-68Je
zb!K-Ac((m=m+Ovt(|a7c7xVs64D++-#_V$W#SMMB9@G?8Aa&U#?4GFqOdT;>&ga`~
zNXtGrfOW=FjJ63D-zM!f`Amm}e-Zhk-qX{#ncaY_c_Wm>0~U%ZCQM5Bv*#rdn9@fL
zi|mY7T*aE-{#;-%SS8x0R#BBh|LS?A;8$h@Ny(6I-hC552!iSk6|t9u@w^${2LwiE
zYtvrnF|Lm0&l)kHz8WK{O3If#%SSzYQ*(|0@y@Tt=$*i0cw2VGaClZAto*$pws$&#
zo>F|JU-1?;W3!V*()xU~JOAbU7whA{i4s$;clePZ6>I>F+0LWsu(<fYQh!WnbEVpx
zo{=zYHIClW-ILsW46=PXTh<Vr?>jku{`takIgGqEE$|o3p0Vq?SL**AL?%;|i8LR|
z^A-};9X(Nbsj!PeeK;o>ScKgxz!BC1#HpEH;Z#0zF{4H?+L@H0-1_vNI9Xz&p3^{;
zYqc#q)`c_CdWpHWbp5F_0`R8@HfO#7$Zjh*O-zuFFY;;b*4vderz%7NB<N6q<2bLE
ztz%eF`K9RoTAUB2E}9`!oHg*NtV4+|NrSO!xeAYi-p!j*28vKUL&T_FtZ<M_m_;$=
zF1M|A;c1I4kGnJXx8;=9;>$*N{K|$u#Pk0Xm?b`!bZf5Zmy6X}5rki33qLOp5(K^`
zK+HQ9{pyPlWA^NaUY7Z$fA?E0f1o;-oAS!~2<=k`xp!n8A`5ZNQ5z<vzMau@q1^P<
zN{=@{cjZ;lnn)#BvU%q~nY_s#1v^J;RJX42<f<MgT?F$4p-9^FrQQL;HN8OJJ*?cy
zrZ}ghJMZ&sx--5X{-c9xjA~1rsQ=mqg`t_f_Q%b0a~Od{E!BfUB2U67HF&<q2nk&y
zxe*fh$oAfEf#$zH-E&rsJtqbry$?4KtWWM3u7eoSJ=zjY`RSmG95%;4?v6ZYkgWNj
zTO;!8`2_ia>GE{5y4%T~<4X<$#a_7_%RicoAZ3qCi&X_+%c{pUb7wR`X0J}>I_2Iq
zc6kk(PH6%>!4@{kUp@qcXMMAUpN?vsIN{76!Gx&xU<XyorZi$?4&y$1o8~f7P6+#o
zwY=d;riR7J_zilOXr~>ledWZ*eHr|Q{rZ!}?>2lIBG_8H=FEE`Q_SR@UWikrLLi%@
zC9YOZhY#{*t9((Z<6zWvQqs=`4ojh^cz}2L3A6#uES_1P8Az+Mat7FFi|r=_6UAVt
zvo?F_F!At`5S;pv;WdyW3quC!@##e66=kbie6$i~4*>Ub5U$p0*e=_swaMYx{HrL2
zS}_qE5<+bIQ@B&+soS<Ou{k(Je<EMED>LVXBCRQ^<`SZ=o*z0+MQMynSTr^)Kr;4z
zs%!XtLf=l}UR$wl+Wxp-Xi<zw{mzC>Q+rc(VIqE5O=%(Gw3Ms8B`#173JFO@wzM`N
zrgCb@+~6OxGhq82K(UWRQ@V-zcjh&Ww}E5f=VQ-c8_e8pSA1Q-nIrF~H4$CA6W#5j
z3+K2fFqYw!c$`vc5a+_J`9b}vjv|>mTUHX<z0A{1{OS5)xySX<hV6+uX|jw9yn9}@
z9TK5jy8;gy4LJ?#7VHPo658a<?z28o(e+%3+19R>mfG(m{Gv@`r^B>YMBo36o)Rn+
zfohe$#^ZE_1&=(Ix%G@iB@Pe24ZNy)hE0`=Lq%CPX2zt)q}HHO3m^ppH{$Y{tNAwC
z;-jN|9ch?+SaZp{6)10=#I73^t4b>~mXVK^iCEcR&ByK+&Ni~A>c~zIuhieka1`8%
z!``-j%jt<pDcKSGZ0oUNlFgFW4xQhoZ-En@jsFGKk=o$%PI{X$uu#1Q(g;ck82M&n
zXt+Vai(`rw<EDM-oHip&c_W21R;xzYo?z+QLB?$Tws3ETZ;kQr^>dFappj^66Up#8
zptOr{Jsme}zTdut?|p}f_iEiriY=5boT6aXmqgCA`}U#b-vB^9MU%kMj|7MReKB5J
zL)3Wf0AzzoBW#bGC7Iw<wR|oP119fBBj5w^cy=bbkX;-ci1;NsqPK&#g7hnGcdO2M
zOZOcGOq5f=SVnak07j~D?y4#?L^=b6v8`CBmA(*-<00eITYFf0p`Gg%S8PhrB;{UR
ziQ<#Ulolt>DCLR6TE^0KT5WSpFB-jzJoBMT%FOoF_79g?ZTZ_-yqQ<aBQ!IIwY}vt
zjT8=^fdeXpmqKHkQDT%zj!y!V)|RaAbq5EyCWr8!FG>Ic3~LIvzTQ}k{=)T<e)09Z
z(^LENAFlM`s%`Z#<*>wqI@sJtK`vP4Lw|eg703hQ^_H&0;`oCG4MW~KO!#k&A!lq&
z9&$sGAmg93bmLWuY7Xy#BZt60ZOQTD)|>b3B}Vc0vQ280n&`6+AwD~Y?`O()F9eua
zp))3j02uZ7u-R^%&5|H<`Jl`u$QGR%E26j6o|2N|9vdq1X07LDJpcGe2gO;Rqb)nQ
zEHr?GV`XQWVl6MnNaR>nRtnSb?YpQ8?I$B6#5mmtM}RnM*iybavFS}2snt6Rxed%U
zSCXM&xmcG}5aUDdm&lEU7TP&>-kF~D$x^4^@_d!PMGCFq>vqyiN=zXlpA8-P^VmPn
zX7Ybi6Tl?mc<cW*wAZBR_xUB=YulX@;|4NL1j8vI8Gg_H44WM|>({#2;7B}@D;dMK
zyV8KmR1DIs`D>y$5WjkD-9wK3dU+YUaXak2wJ^FU6d`fvbU|xkjYr#LZ|tdo6du6H
zWm7}-XXd*AyZVm%j|M#opd>W5+3AdKO<t|#c=U+T+~UG>k1%ddK^l%m<9K$?F3P3g
z`It%b7LpafPv=*Y6_kfMTDm54TH=e=j56pD_uzDBr2F_~C(v2=@caT<HDCdTo>S<v
z#b-h`Xe7B*c}Wp}(SzM13KVI;u7U>KDWTV09&NO&!m6o&peXq0>y<cmG5U2vzBT}U
z(|7U@(V;P(9sY!;@L?(~BI#^GSjsvDvvCwVDCDg8;SBBil%%G*(%wk5!MI;P?v|0|
z1!vLJ><VJO^vjR&@6(tj-%zbfj&G0AZj4#{+Z4VAi}sLxjXH}|9_`)%zNMF~pnj!(
z6y3L>vl8{|m$VMt?sB4ZDDm&Cz}Fd;AE|%qvh4NM;t+{q{-rON1Fr0V+9pB4*)pLt
ztPL#9EiDfu`Z%g3?E$+@Cadb82<aeMc5NfN_=!>6Z!ztTT8p^Z`xC=|Eegoa`uC~h
zLW7e9=4GX)`n8wJFG&mpXr@+4w0nCL?hfhM0d@3f_{qu}CJsW(twD}==2rYy*Vp+4
z1;318@zXdx<Q^zx^6@J7)sfZouK04w7&Kn4!iA)KM+RTI&epUKt459Wawx-FoU=Uy
zv&^e!Q}%-Jp$R_la}+-Te0BtGsRCEkoJ#wXmkn_Z`uaO-I-ZV<sc338;bQ;Hak=ZX
zK9w$StSnLgcdS`cX7+k8*t^wpq4a4U?2Y?2J~1ve3^Q(EGbz|WMro-nL5bSxGPj+>
zt{Bx?aHw(i=rP6}VDLS6?7x4+#aIV;j@$r2tHIg%`eaANhSxcKG}tT{lD-baSZM|&
z;y>HrxJ<ygk}%}%;%#!^sC`)e{%x!}fXEdWh^kuBC{xhlEN8ie4>*-zViG%SKu{W{
zV(`D|%|UgaAr`=O0CZo#U6l<*+KHH>&ZGnLbAHZ**VB?;1GKG&4==x*m8dhFz~wEL
zGtx(zB#${R6<-H-KktR%n73H(EVX$m!H(b(xtiZQdkgzxy)%N36jR=c7nxb{ex2hU
zO%jKQ8`QLu3j{ps#@k!12OU0W-yaaSUjgRob_o`_HxH)&nmlkBpX*9qM~osamLe{q
zywM?D8EVnQMD|+L-W-;|Tb!J=oe`(qt`@BA>1|G)jE*&1TO~bVTe-AD{ETnx^!|dE
z;EU(DO92O7o9rC=qYy=?hxAewCNr>AC|}qI2d^G%;ZKe~*PTb~70TxvyMO$cR>Wdn
zcPoQGV&t*CM0O>z1v!(xaFbD$q#-lE<=sx`e&02G<|ePtkACz%T2ao)udYGAXgu3U
z5U;}cQ}ypv5yM7*KN2wNNmyQ|T=bP&bifoTiL;76yrDx__c<I;FgSw*U^EFd-wJUj
zT9dg0oKeTL$OL=_j~^Ql4ckTE7+Gp8RU}^epxyL5h@NgJy8~?u!ZC9e_*2g7ViSu7
z=*cNMlgVshjqK{I0QuXf?i-Vin(mbKg-u@P%GK2#`s~FIkBomNg|!?J?nq%=95LwI
zm&3*Pax(*%g;yl=Lf$RhDFG2lP>gL}?|!oL{3?J8A>q+l)voI-@$OhSMA$K}(B{?N
z808Ncb^k`j4B*iK`RfBfmLz6w8NS%s^52uPdV~ifQud~PrcYO>zpML=8Z8lwJ~fTK
zUo$A?dM9|V?9w9_fx5lfj}fpi>KnrZ^5Z*bl=r?KphF{O+1Am-)z5IkXQ!p!-8<mj
zo+@k0OWSBI8D6~#s=u6?i!l2U<GcT}nfl)@WnVDM?Fg&c=Qeiy+Ilu-7xtj=nHGHj
zpttswmoQ6ZQH~Qj_397g(10#T#hL>J&Y3myOZCLuBJTN2VFuG+wrq5pH5+qiTiBgC
zxT(X*X`ACq)~`HWsq5zf!Sp{;KlHEN1#p+LosxyfpVMQyZu{Q>enmToA!c<DZ_#$W
zr!9&f0eyD6NLBA<^@Hh<g0+`<7c3Lh6jRn%JZ}PgAu4cAdVJzt*q$9`7++f~$&N<L
zAE%aHdyF5p#8z*^m>KBRmDak81zXQ}_ETlBfSiUYGSEda7|5Lc8a@+?Q{WFq*RJB?
zmvFItzoBdR6Oa=$*CSy&23P)+Bx6)nFLoxj<c9qpFsRdNp2Aw0qpG?n_7^<kGfvSG
z)JZP#?;S4~(ozcdfB*m?E}c*{Hedkg3ixiR#&(klFG~S|Wb3WB$S%M36t*96Fn`P7
z8Qn9+@kXtQTE6L>3*g~bA0(L~hatWGp_~J7lo|3qKa%Bh1sFTGSe`dFlgIMJ$S|ZH
z?E{ZKmd{)nSwLJYyy63piv_Tq<a{Jsl915jC8gNyuL&fjf>A8|R0f9<J_}{<j(SFC
zvy`+qg-u$Yq59SXYuX=V*(!@K7W-B;Uxfo?6$Q5q9Vwd1$r1d^>@+?aJK;#@alAL<
z-st4rYUd6s!JiNXlgkinNdrK~`!ey*h2bkdjj8_jfCe$DQAIqnvcx@8nbe~3ljaO8
zhJX~A8Pnc*U1}Aeow1!b!2@-SaqsY_lskTA9a){0Mbn3WNoaQV(ugxu)Z$LhqOiOr
z5xnYpvI%+bAy7UTOetds=(onA-Y{he*a*j)@H#E^p}>I!C|pk%$m@6+sA45?$<dR(
zMe{WtQ42C5Gm#5sLpF`TsD)!zKqeB#+3Cas{<zV2sP)tcV1r=<<{9h`f2E0zbavwo
zTuVe)w*%Tr*RBLF5`#wv@m?RL?@?py9)4@s5=`I;2o^RpxEa*Se)FP#dYXmp4-Str
z2jmL){S)A5W7^2PeyjR9JC2R(yDUj;$$~T`AT=?ID{Y3d_fj>SUgO_^|A;{00P+Vq
zJ56a1lsXJm;{$zz{p@jP$o<9PP<=<PGYn6&3pPxfzA0;t)gm7Nty123t42m6nJ)Ij
z^alL8j33i!Y6Li;z>9hvD1b9RZ2CDrfW!M7EG=Tc-L#fhTlKzv;qZ`DFDpb&Mn?mK
zk}`m<tdf#THDbl8Pq9cGpJcRj_?w%X(tk5I{0iuBRG?)EIgp*0$u{Frnb(*V)5X)n
z4?>%@tZS)tTf!qD?)Fi^LPWnbwy}XRHl|$Pp#JZ(1IcYIY?FS3)UDbO^LS);&?1F6
zFDH8qf6Yo25&y{oipl=r=Js!S05O7P>lK7aT;g&(6D6cxKm~(GIpyaDb}!BcT4nEm
zB$o9JlK;Ka@Jl3M4PBfI_r~3rYS@aogPT-G<z7Dh(b5L!Ioq#gd;e#6@Hc2H`$Gje
zksUUH!RQbv7JC(d*-v>S^Qo#FXog;JrR)zw^)=ROI99r7GD`@qh_7fvX}s9HPc&j7
ze8fhg?D8X%2XWHf#Bh;vG0k8c0VUGvf6IFQky#*=s~~L=tw0;Hb6(cHrV_T#x0VSD
zdHTmU4zTo0yxzey{WqeRD}O2zUO2;P7#i9~)x9+c>i^SVA+tw2ASB{_a~8OJgQOiK
zXC}3sJeDfR=Ksr_nU#Vn6_K*wO3kCKf#pA`K#2~cG!8{U>o=)wYb0|_L$Oc7I^lfh
z=AJ7&hh^OAX7sLrQVg!vO&=iQ*%<+q(9^4y<1nzx2UN)2U`{(}rA3NVx9J{Qz@QF)
zliHPIj&#;EzzK2%0$wsf@b$D*+ZTILF)0XZ|3-5FUB=2>CGtClYD35q41x4K{UR=d
z*c^1X7_x!qLbl^zrDZrkrU%X30$2ayz1O8-rw<}767^jH@ujJTi-P@o#keedtS>$r
z)vo?_@f(78Fd$y5?3H08Q39b<m>t)I#s^lfo2j|w#gj$fM~{lfQ$I6<T3)zk&#zS5
zbSdn9qXe^HA}O2F#i)*UPT)j@g~&--{3P4b<-rDRM2l1Gj2bV;f2mnMek8qsL@|G%
z!#4!70RiP8wJ7w<MhwWX#!P5+%P?Un%CsMsGxELW5q<x%zFe>U?;4aY!fH=Ma&rS>
z`TtDw<&?pd^-;TKpwMdV9>FE@m3sY0-ngfcJ%q)_HlNk8Dl7oM`%g|C_<`K9l$pR4
zn;yG*OkCpbOliJD`B_Y&V{V&1uD7lZel*(~p&O`I7Y49zJ~%eK{w72AB0u(byPebR
zUGiR~4*0htv$!rAqdszNdhf1ttk%ZYtlOB?joe0li!)qsX7t!TjPjU2_>A;@1!dp;
zCvno7EY-u^X39SL2903%uNdqd)`<cSL)P3)45vvc<+Wa0=<R_THNIP05Xni%;~hkZ
zMZ*Cb6BBcW#?a?49a6KMVM-HfCy8Is;E=Pxv&%(C_M)zF&x<JtRmd(Bc(|h0n(b@a
zq_6Zap@lj$ySb*8E~C0$tiAW_IlMO@jb4IPEHKDmmJboO6ciMz;^3|eA%X2zS=EiV
z0~c|IL+CsF78eK?n$Ibwz_yycmF&JuMf}7iB`Pon%nfY6hS$K1X7Gz9xSSr87I^v!
z=~N!z>JG^GH+E^hyZ?Jz!5|ogi?RU7mDBM0X)6ZsZ@d6k84vkT8<Tjt{M+|~!MTe{
z4-a2rLB$1Q&=P918$MdYJ$bDI{+^~~Wcwq`A2Qdzb6*6|J6hJ*x+b}7PQjmFf1|CD
zIrqJ6yUq)e_H?UG`qp9$Ay$q0PEU;<^x&Z|RTEnLAdcgM+?`KF)ubvSl_^5m)}T$$
z)ns1%n;E@yX+s7(mhF9*qlZL=Ka@-_C4+iu5|F|VC39Q+J21mp>8E=}!RH6_sFbAI
z1R>~;T4G;&CxR`Q5nP+cG<=cwO{I!#X<?XajzjvetY!z05nLNaEY!s9`l(b=zu1bb
z`c2bijg2v|rM0#?=C<ny7DXtJX0MIZ^0Vk#;!hM&xeJ|Us!zI$0}pP0z?!tL#wt<o
z?AvB03fYZsrvWEupyp$F-WoH3Jx$TtPZ8Kc;TQABhaZ3&i9wJRKOPafPyOVonr|O7
zauzj_lM>S$(K$!^w>EY84jk!xq5dvKk#7?_POb|EN1Ws=X+;?%I727dNRwwSmfxy|
zKU`k}k!W>3`I;D~KKS1xlKN$3GD|V?FHrMea^b!ghUIhGQdmN7N`1%$LA9U|#CSk6
z1kE?xJ#q6yadY~QNQk_pKnbXb@wnX+W5JU2P(nYJbNglUt;eL@GMX_r_P&Qw!&{L+
zcCegof*w9Ffc}lQ%X7X3+q@Qae#dm|={B&itcJ9)b<rmkRg>TBVO#HoTxN-#JgZcb
z5_iNy3W&+eo3Y`3T1dG5tQIt5%a~HWwufsEGtT$Mzh~B?d(g2`W_e$s&p0+|3HPD*
zeKC8u-y4eS2}FH8g%-d%6B}Kn@EAj~L=kj*cO)lbZ6|fA2eraj2McBPj_w$N%VM}#
za{6YzE6<(?im`A~aysRHZ-K12r`Z)8#4(Ou-%U#5=|bqCum?=U7PGa?iAU)TqrANQ
z_h}IB1I0@xI{dl>IHtV3S8OYarGwYsX$U>fZf*8O>rQd|))c!adjIqg8hA6aq(iA4
z=-I`e7zzpjPg?wos?T*L7(+o{p+-1c#kZ$3r&7TQ5aihx6P2RV$oLzladt!BSlC-n
z0xL=g?XNiVrZvdJMcZ!&&_0fEUjW3;rw2Ck`|r1LoabZio8c0v8N*K|w4T!s)r~IK
zcv#0zOYaf%Id%lsBW7-@rlAZJ2|Dc2jUQ#OM*2Sm4<&?>%>5jIF?zFoS0*H`$GziM
zMs^O0kmm_1M09^xTr*$Ky3QP=1T?|zYhZs2S{^t@!MISvtJ;brN--Ey$kQB=<n{~n
zr78myAqw#u7X|)MoEOi}WJ*4R!I=j+<Tjd!1I?lvC==$8tA4jB^0=j$YZIvK)4gN<
z&45nTnMRTu6=AC{k2b_NT2M?<C<cyDwAtYw^$OtwZk|V%Hzlw~tbe-IpygCNza)4a
znP$FfHXVO|U-WysQ&ukqjvLDQ#}l?;kJd1>gIL9#jdwc{L~vEODc_|zV3kn(F%(^d
z^kmDtNpjPhI1bp6(-getlHebAM<lGtQ<6&r2wWi;R<q}_BHRA8`XTRPLB6PBHTUHH
zS<`q%$A1m++csq=w4v(WoS=2h_r5AlbvNML`rLcT932o3{aci0yN^llMD1xVyJ|Ss
zd0&|-Q1c<PAK^lhlV!6IN{K7eKk{|qL*db|vYq?e`@zF)eHhqYQ)hFZg~ypqeNNJ(
zV$tS9r(tf#l#+y<ei>s!(Ib*Dq6$8KV&<@8a8z5R>xvaQQ$|vA!7$$|ARs1^xYZ=P
zoI!xwWK#RVKVFl0&Y2*47YO|w{HhtccN@XBZ9(9Vinsm@3(-{$hSnX3^%jP$#|T8j
z4tuB<ae*2Xf*K|l<ot!gF@OHhQ$}?!poXp+)%|RMWkwFQktD`v>$fbxxjB(zUNpV*
zmt#`i3)9;Nr>`XP`xZjl7^c9B<U5N$0~U%<NW6u`avI;Jy-7`khTlif_3LThP+qH|
z2rdaedf5|Mw(R)LoBMT`=;5X5oLsd{!I0boihia;?bm%CTQ}@JGha>Ct0fGJ;{J|b
z6}~M$bT00%B`x*JxW4CE)4c3_+Np+Fj~hg)Vy4oUFEFgp{@lvL-ys+lXg#HLTs|Ss
zPd^HUpnngE_@F|4n*YFuv&*W&-mUaDczBcu|M4L&jHBIEP-&0B_-!BK?F&q;C_!z?
zyU-V#+^-IZ4}YsC<Sz!lhjkh?S0jIrfubH%f?RY6=itWihH-hp{$866%J9yInu$hT
z(`CQzbN$f%=Qqk0qkX$ZJ<U%nePfN)Y#pmP^$+nHl3YHU>rc5G$u(Lj-3f+>WF7U+
z`Xk|~9axtl+q3-^O=~Etw$Ht?9@aXR+6&)J&OCAe#m#Nob(VU>3TU($fX#`40~>lV
z4+P`n<U|`Wj!7Ij^=*RM$J;I4&Xhetk+{67e23Kh0}fw)YvXqiy<=qJ7sZn2xBU|L
zyyY6P6Hpqgm!_#_OJ&nc{yKR)c%(jf&%A{FLYC6(>)WpDTqNyo0al3E^T~32NuIl3
z)o|c{TDCKOSP8KlxYnF;eJQ^sy@{AA5MOxgf3xYLN)hh1M&5QD9HXK3{QS`~3hVnh
zZbz;BU%&cYek1IoiFPBLiFb)Gn+^PKQ&A5xkGag7R-xAxM#Lwv%k~kkHNT5RvJ+lu
zsF!D$jb#NvV<Xyr0u&VaRYlJJX(<)v&d`Z4Q~11ao0$nS?7mlRAFbRp@(=lj^h(;d
zoWsEZB80P;ISJmbl14*k=AMrVy1IV9@2(?o)}L7NxAok-%!|5|5M4LRXl1JXjOF<5
z>1NW6@7cfp&jRvsNn&KJ@58DN%B5lKv!2q~%1l~jgY39ysWeC8LaH2FJ(fHNYR&@K
zTXlZxSvF50k!kue55iruD?#?R!>^K^?%1i39`67dN+C;X(hB7x?qFZSI-Po5W*I%e
zeRE4DU38-{dFxjC5UVfm^UcwB%pH{*xDIC2e{!+~JPPEd|3av2<5&~jEy8Q)Fcsw|
z8dwhEdR$z$OogxprG5BW{Nb|776e+HgyT4a!Xhh)&4iC65jia2sDtg+-K+gTUP&}X
z-X$sZ3!Ol*BvuD1QVTgu8XK>@bW6YM>WSC(LW*Xbc-zal)nDx7&IwslBZv_T-z!#w
zkX<->tK*IT`KFolM>>XmI@LeZZ5@yGHQ}xQ(VKL!VdIqV;gsC@#eo={4izm-_7m<S
zZ<;tB(x9)g%UmEj#Nkj_`L~W<sSYs<Sx(E%>gy4!`)J7W!*i&dg+<rrh}S`sK|jYl
z6TLMjXdU++Fc#MpI?{;S?r$BT1`<>e@?ZW*dzK1MzJWQYxfek^lQ7z>wQi(gZnNJ!
z;iJi#)`;vZeB~3UZ}Rz7Seb$beOwOCbFvA)PKCd;@&w{BMPlmHiVlgHz983a)BKzJ
zxZMkMg7CTMRCuuV$_VtW+`DCX7)7|;R>twEsrOI~M7DPjc0v;*C?w6)i)aH=N|7Lp
z{L3o6F4l`w^Gu>aKU@m;CvW1ul$%R1V*Z{SOIwD}miRO;*>nzBzXNkXHS!M>{hMC5
z-|yeQZAOXI)~_hs%sEltP_z=7=<?l437SsT46E6GO$r^>jsEh_C=);3{$>BqR1BpL
zh5fhdm`bp<|4o*n{3C!y{Cfby?SFP|!2cu?^E(Ez9q>66`A9}R^8fxq^$TN5*#FN<
aZv6y!49Mry15}}aM_NKbyjs*C;Qs;@nBD{c

literal 0
HcmV?d00001

diff --git a/docs/configexamples/firewall.rst b/docs/configexamples/firewall.rst
new file mode 100644
index 00000000..e0a4ca55
--- /dev/null
+++ b/docs/configexamples/firewall.rst
@@ -0,0 +1,12 @@
+:lastproofread: 2024-06-14
+
+Firewall Examples
+=================
+
+This section contains examples of firewall configurations for various deployments.
+
+.. toctree::
+   :maxdepth: 2
+
+   fwall-and-vrf
+   zone-policy
diff --git a/docs/configexamples/fwall-and-vrf.rst b/docs/configexamples/fwall-and-vrf.rst
new file mode 100644
index 00000000..38663a18
--- /dev/null
+++ b/docs/configexamples/fwall-and-vrf.rst
@@ -0,0 +1,121 @@
+VRF and firewall example
+------------------------
+
+Scenario and requirements
+^^^^^^^^^^^^^^^^^^^^^^^^^
+
+This example shows how to configure a VyOS router with VRFs and firewall rules.
+
+Diagram used in this example:
+
+.. image:: /_static/images/firewall-and-vrf-blueprints.png
+    :width: 80%
+    :align: center
+    :alt: Network Topology Diagram
+
+As exposed in the diagram, there are four VRFs. These VRFs are ``MGMT``,
+``WAN``, ``LAN`` and ``PROD``, and their requirements are:
+
+* VRF MGMT:
+   * Allow connections to LAN and PROD.
+   * Deny connections to internet(WAN).
+   * Allow connections to the router.
+* VRF LAN:
+   * Allow connections to PROD.
+   * Allow connections to internet(WAN).
+* VRF PROD:
+   * Only accepts connections.
+* VRF WAN:
+   * Allow connection to PROD.
+
+Configuration
+^^^^^^^^^^^^^
+
+First, we need to configure the interfaces and VRFs:
+
+.. code-block:: none
+
+  set interfaces ethernet eth1 address '10.100.100.1/24'
+  set interfaces ethernet eth1 vrf 'MGMT'
+  set interfaces ethernet eth2 vif 150 address '10.150.150.1/24'
+  set interfaces ethernet eth2 vif 150 vrf 'LAN'
+  set interfaces ethernet eth2 vif 160 address '10.160.160.1/24'
+  set interfaces ethernet eth2 vif 160 vrf 'LAN'
+  set interfaces ethernet eth2 vif 3500 address '172.16.20.1/24'
+  set interfaces ethernet eth2 vif 3500 vrf 'PROD'
+  set interfaces loopback lo
+  set interfaces pppoe pppoe0 authentication password 'p4ssw0rd'
+  set interfaces pppoe pppoe0 authentication username 'vyos'
+  set interfaces pppoe pppoe0 source-interface 'eth0'
+  set interfaces pppoe pppoe0 vrf 'WAN'
+  set vrf bind-to-all
+  set vrf name LAN protocols static route 0.0.0.0/0 interface pppoe0 vrf 'WAN'
+  set vrf name LAN protocols static route 10.100.100.0/24 interface eth1 vrf 'MGMT'
+  set vrf name LAN protocols static route 172.16.20.0/24 interface eth2.3500 vrf 'PROD'
+  set vrf name LAN table '103'
+  set vrf name MGMT protocols static route 10.150.150.0/24 interface eth2.150 vrf 'LAN'
+  set vrf name MGMT protocols static route 10.160.160.0/24 interface eth2.160 vrf 'LAN'
+  set vrf name MGMT protocols static route 172.16.20.0/24 interface eth2.3500 vrf 'PROD'
+  set vrf name MGMT table '102'
+  set vrf name PROD protocols static route 0.0.0.0/0 interface pppoe0 vrf 'WAN'
+  set vrf name PROD protocols static route 10.100.100.0/24 interface eth1 vrf 'MGMT'
+  set vrf name PROD protocols static route 10.150.150.0/24 interface eth2.150 vrf 'LAN'
+  set vrf name PROD protocols static route 10.160.160.0/24 interface eth2.160 vrf 'LAN'
+  set vrf name PROD table '104'
+  set vrf name WAN protocols static route 10.150.150.0/24 interface eth2.150 vrf 'LAN'
+  set vrf name WAN protocols static route 10.160.160.0/24 interface eth2.160 vrf 'LAN'
+  set vrf name WAN protocols static route 172.16.20.0/24 interface eth2.3500 vrf 'PROD'
+  set vrf name WAN table '101'
+
+And before firewall rules are shown, we need to pay attention how to configure
+and match interfaces and VRFs. In case where an interface is assigned to a
+non-default VRF, if we want to use inbound-interface or outbound-interface in
+firewall rules, we need to:
+
+* For **inbound-interface**: use the interface name with the VRF name, like
+  ``MGMT`` or ``LAN``.
+* For **outbound-interface**: use the interface name, like ``eth0``, ``vtun0``,
+  ``eth2*`` or similar. 
+
+Next, we need to configure the firewall rules. First we will define all rules
+for transit traffic between VRFs.
+
+.. code-block:: none
+
+  set firewall ipv4 forward filter default-action 'drop'
+  set firewall ipv4 forward filter default-log
+  set firewall ipv4 forward filter rule 10 action 'accept'
+  set firewall ipv4 forward filter rule 10 description 'MGMT - Allow to LAN and PROD'
+  set firewall ipv4 forward filter rule 10 inbound-interface name 'MGMT'
+  set firewall ipv4 forward filter rule 10 outbound-interface name 'eth2*'
+  set firewall ipv4 forward filter rule 99 action 'drop'
+  set firewall ipv4 forward filter rule 99 description 'MGMT - Drop all going to mgmt'
+  set firewall ipv4 forward filter rule 99 outbound-interface name 'eth1'
+  set firewall ipv4 forward filter rule 120 action 'accept'
+  set firewall ipv4 forward filter rule 120 description 'LAN - Allow to PROD'
+  set firewall ipv4 forward filter rule 120 inbound-interface name 'LAN'
+  set firewall ipv4 forward filter rule 120 outbound-interface name 'eth2.3500'
+  set firewall ipv4 forward filter rule 130 action 'accept'
+  set firewall ipv4 forward filter rule 130 description 'LAN - Allow internet'
+  set firewall ipv4 forward filter rule 130 inbound-interface name 'LAN'
+  set firewall ipv4 forward filter rule 130 outbound-interface name 'pppoe0'
+
+Also, we are adding global state policies, in order to allow established and
+related traffic, in order not to drop valid responses:
+
+.. code-block:: none
+
+  set firewall global-options state-policy established action 'accept'
+  set firewall global-options state-policy invalid action 'drop'
+  set firewall global-options state-policy related action 'accept'
+
+And finally, we need to allow input connections to the router itself only from
+vrf MGMT:
+
+.. code-block:: none
+
+  set firewall ipv4 input filter default-action 'drop'
+  set firewall ipv4 input filter default-log
+  set firewall ipv4 input filter rule 10 action 'accept'
+  set firewall ipv4 input filter rule 10 description 'MGMT - Allow input'
+  set firewall ipv4 input filter rule 10 inbound-interface name 'MGMT'
\ No newline at end of file
diff --git a/docs/configexamples/index.rst b/docs/configexamples/index.rst
index d5973eb2..11dee806 100644
--- a/docs/configexamples/index.rst
+++ b/docs/configexamples/index.rst
@@ -8,7 +8,7 @@ This chapter contains various configuration examples:
 .. toctree::
    :maxdepth: 2
 
-   zone-policy
+   firewall
    bgp-ipv6-unnumbered
    ospf-unnumbered
    azure-vpn-bgp
diff --git a/docs/configexamples/zone-policy.rst b/docs/configexamples/zone-policy.rst
index 95648e7a..d0101ebf 100644
--- a/docs/configexamples/zone-policy.rst
+++ b/docs/configexamples/zone-policy.rst
@@ -1,20 +1,10 @@
-:lastproofread: 2021-06-29
+:lastproofread: 2024-06-14
 
 .. _examples-zone-policy:
 
 Zone-Policy example
 -------------------
 
-.. note:: Starting from VyOS 1.4-rolling-202308040557, a new firewall
-   structure can be found on all vyos installations, and zone based firewall is
-   no longer supported. Documentation for most of the new firewall CLI can be
-   found in the `firewall
-   <https://docs.vyos.io/en/latest/configuration/firewall/general.html>`_
-   chapter. The legacy firewall is still available for versions before
-   1.4-rolling-202308040557 and can be found in the :ref:`firewall-legacy`
-   chapter. The examples in this section use the legacy firewall configuration
-   commands, since this feature has been removed in earlier releases.
-
 .. note:: In :vytask:`T2199` the syntax of the zone configuration was changed.
    The zone configuration moved from ``zone-policy zone <name>`` to ``firewall
    zone <name>``.
@@ -428,4 +418,3 @@ Something like:
       address ip.of.tunnel.broker
     }
   }
-
diff --git a/docs/configuration/firewall/ipv4.rst b/docs/configuration/firewall/ipv4.rst
index e53f2480..39370c86 100644
--- a/docs/configuration/firewall/ipv4.rst
+++ b/docs/configuration/firewall/ipv4.rst
@@ -732,6 +732,10 @@ geoip) to keep database and rules updated.
    For example: ``eth2*``. Prepending character ``!`` for inverted matching
    criteria is also supported. For example ``!eth2``
 
+.. note:: If an interface is attached to a non-default vrf, when using
+   **inbound-interface**, vrf name must be used. For example ``set firewall
+   ipv4 forward filter rule 10 inbound-interface name MGMT``
+
 .. cfgcmd:: set firewall ipv4 forward filter rule <1-999999>
    inbound-interface group <iface_group>
 .. cfgcmd:: set firewall ipv4 input filter rule <1-999999>
@@ -753,6 +757,10 @@ geoip) to keep database and rules updated.
    For example: ``eth2*``. Prepending character ``!`` for inverted matching
    criteria is also supported. For example ``!eth2``
 
+.. note:: If an interface is attached to a non-default vrf, when using
+   **outbound-interface**, real interface name must be used. For example
+   ``set firewall ipv4 forward filter rule 10 outbound-interface name eth0``
+
 .. cfgcmd:: set firewall ipv4 forward filter rule <1-999999>
    outbound-interface group <iface_group>
 .. cfgcmd:: set firewall ipv4 output filter rule <1-999999>
diff --git a/docs/configuration/firewall/ipv6.rst b/docs/configuration/firewall/ipv6.rst
index 423f3e09..511fd51f 100644
--- a/docs/configuration/firewall/ipv6.rst
+++ b/docs/configuration/firewall/ipv6.rst
@@ -723,6 +723,10 @@ geoip) to keep database and rules updated.
    For example: ``eth2*``. Prepending character ``!`` for inverted matching
    criteria is also supported. For example ``!eth2``
 
+.. note:: If an interface is attached to a non-default vrf, when using
+   **inbound-interface**, vrf name must be used. For example ``set firewall
+   ipv6 forward filter rule 10 inbound-interface name MGMT``
+
 .. cfgcmd:: set firewall ipv6 forward filter rule <1-999999>
    inbound-interface group <iface_group>
 .. cfgcmd:: set firewall ipv6 input filter rule <1-999999>
@@ -744,6 +748,10 @@ geoip) to keep database and rules updated.
    For example: ``eth2*``. Prepending character ``!`` for inverted matching
    criteria is also supported. For example ``!eth2``
 
+.. note:: If an interface is attached to a non-default vrf, when using
+   **outbound-interface**, real interface name must be used. For example
+   ``set firewall ipv6 forward filter rule 10 outbound-interface name eth0``
+
 .. cfgcmd:: set firewall ipv6 forward filter rule <1-999999>
    outbound-interface group <iface_group>
 .. cfgcmd:: set firewall ipv6 output filter rule <1-999999>

From 6a69e00a85f26c8f6dfe66afb7c59b264ea2088a Mon Sep 17 00:00:00 2001
From: Christian Breunig <christian@breunig.cc>
Date: Sat, 15 Jun 2024 21:50:47 +0200
Subject: [PATCH 07/35] wireless: T6318: move country-code to a system wide
 configuration

---
 docs/configuration/interfaces/wireless.rst | 19 +++++++++++--------
 1 file changed, 11 insertions(+), 8 deletions(-)

diff --git a/docs/configuration/interfaces/wireless.rst b/docs/configuration/interfaces/wireless.rst
index df153763..8a45111e 100644
--- a/docs/configuration/interfaces/wireless.rst
+++ b/docs/configuration/interfaces/wireless.rst
@@ -36,6 +36,17 @@ Common interface configuration
    :var0: wireless
    :var1: wlan0
 
+System Wide configuration
+=========================
+
+.. cfgcmd:: set system wireless country-code <cc>
+
+  Country code (ISO/IEC 3166-1). Used to set regulatory domain. Set as needed
+  to indicate country in which device is operating. This can limit available
+  channels and transmit power.
+
+  .. note:: This option is mandatory in Access-Point mode.
+
 Wireless options
 ================
 
@@ -44,14 +55,6 @@ Wireless options
   Channel number (IEEE 802.11), for 2.4Ghz (802.11 b/g/n) channels range from
   1-14. On 5Ghz (802.11 a/h/j/n/ac) channels available are 0, 34 to 173
 
-.. cfgcmd:: set interfaces wireless <interface> country-code <cc>
-
-  Country code (ISO/IEC 3166-1). Used to set regulatory domain. Set as needed
-  to indicate country in which device is operating. This can limit available
-  channels and transmit power.
-
-  .. note:: This option is mandatory in Access-Point mode.
-
 .. cfgcmd:: set interfaces wireless <interface> disable-broadcast-ssid
 
   Send empty SSID in beacons and ignore probe request frames that do not specify

From 99086ab972f18ad8e0da632b57606822f5057d69 Mon Sep 17 00:00:00 2001
From: Alain Lamar <alain_lamar@yahoo.de>
Date: Mon, 17 Jun 2024 23:12:36 +0200
Subject: [PATCH 08/35] wireless: T6320: Change 'beacon-frame-protection
 enable' to 'enable-bf-protection'

---
 docs/configuration/interfaces/wireless.rst | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/docs/configuration/interfaces/wireless.rst b/docs/configuration/interfaces/wireless.rst
index 1930a1b9..22e7d11f 100644
--- a/docs/configuration/interfaces/wireless.rst
+++ b/docs/configuration/interfaces/wireless.rst
@@ -87,8 +87,9 @@ Wireless options
 
   .. note:: :abbr:`MFP (Management Frame Protection)` is required for WPA3.
 
-.. cfgcmd:: set interfaces wireless <interface> beacon-frame-protection 
-  <disabled | enabled>
+.. cfgcmd:: set interfaces wireless <interface> enable-bf-protection
+
+  Beacon Protection: management frame protection for Beacon frames.
 
   .. note:: This option requires :abbr:`MFP (Management Frame Protection)` 
     to be enabled.

From df22d6dfdfbb0730546fa92978de3d1a45d3ee6b Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 17 Jun 2024 22:35:14 +0000
Subject: [PATCH 09/35] build(deps): bump urllib3 from 2.1.0 to 2.2.2

Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.1.0 to 2.2.2.
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst)
- [Commits](https://github.com/urllib3/urllib3/compare/2.1.0...2.2.2)

---
updated-dependencies:
- dependency-name: urllib3
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index 08a1fd15..d604873c 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,4 +1,4 @@
-urllib3==2.1.0
+urllib3==2.2.2
 Sphinx==7.2.6
 sphinx-rtd-theme==2.0.0
 sphinx-autobuild==2021.3.14

From e2427a9c2515780a12fc3a6702cfc95793053605 Mon Sep 17 00:00:00 2001
From: Simon Novak <snovak7@gmail.com>
Date: Thu, 20 Jun 2024 16:07:46 +0200
Subject: [PATCH 10/35] Update flowtables.rst

chore(docs): fixed typos & relevant distinctions for ipv4, ipv6
---
 docs/configuration/firewall/flowtables.rst | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/docs/configuration/firewall/flowtables.rst b/docs/configuration/firewall/flowtables.rst
index e8a5f2e8..ae95a85f 100644
--- a/docs/configuration/firewall/flowtables.rst
+++ b/docs/configuration/firewall/flowtables.rst
@@ -1,4 +1,4 @@
-:lastproofread: 2023-12-26
+:lastproofread: 2024-06-20
 
 .. _firewall-flowtables-configuration:
 
@@ -85,12 +85,12 @@ Provide a description to the flow table.
 
 Creating rules for using flow tables:
 
-.. cfgcmd:: set firewall [ipv4 | ipv4] forward filter rule <1-999999>
+.. cfgcmd:: set firewall [ipv4 | ipv6] forward filter rule <1-999999>
    action offload
 
    Create firewall rule in forward chain, and set action to ``offload``.
 
-.. cfgcmd:: set firewall [ipv4 | ipv4] forward filter rule <1-999999>
+.. cfgcmd:: set firewall [ipv4 | ipv6] forward filter rule <1-999999>
    offload-target <flowtable>
 
    Create firewall rule in forward chain, and define which flowtbale
@@ -142,7 +142,7 @@ Explanation
 
 Analysis on what happens for desired connection:
 
-   1. First packet is received on eht0, with destination address 192.0.2.100,
+   1. First packet is received on eth0, with destination address 192.0.2.100,
    protocol tcp and destination port 1122. Assume such destination address is
    reachable through interface eth1.
 
@@ -159,7 +159,7 @@ Analysis on what happens for desired connection:
    connection state is **established**, then rule 10 is hit, and a new entry
    in the flowtable FT01 is added for this connection.
 
-   6. All subsecuent packets will skip traditional path, and will be offloaded
+   6. All the following packets will skip traditional path, and will be offloaded
    and will use the **Fast Path**.
 
 Checks

From dcc1645e54fe6573efd8a2b808c9a7b8c9341652 Mon Sep 17 00:00:00 2001
From: Alain Lamar <alain_lamar@yahoo.de>
Date: Mon, 24 Jun 2024 14:32:22 +0200
Subject: [PATCH 11/35] wireless: T6320: Backport changes from T6318

---
 docs/configuration/interfaces/wireless.rst | 31 +++++++++++++++-------
 1 file changed, 21 insertions(+), 10 deletions(-)

diff --git a/docs/configuration/interfaces/wireless.rst b/docs/configuration/interfaces/wireless.rst
index 22e7d11f..b7188f44 100644
--- a/docs/configuration/interfaces/wireless.rst
+++ b/docs/configuration/interfaces/wireless.rst
@@ -45,10 +45,10 @@ Wireless options
   1-14. On 5Ghz (802.11 a/h/j/n/ac) channels available are 0, 34 to 173. 
   On 6GHz (802.11 ax) channels range from 1 to 233.
 
-.. cfgcmd:: set interfaces wireless <interface> country-code <cc>
+.. cfgcmd:: set system wireless country-code <cc>
 
   Country code (ISO/IEC 3166-1). Used to set regulatory domain. Set as needed
-  to indicate country in which device is operating. This can limit available
+  to indicate country in which the box is operating. This can limit available
   channels and transmit power.
 
   .. note:: This option is mandatory in Access-Point mode.
@@ -380,9 +380,9 @@ default physical device (``phy0``) is used.
 
 .. code-block:: none
 
+  set system wireless country-code de
   set interfaces wireless wlan0 type station
   set interfaces wireless wlan0 address dhcp
-  set interfaces wireless wlan0 country-code de
   set interfaces wireless wlan0 ssid Test
   set interfaces wireless wlan0 security wpa passphrase '12345678'
 
@@ -390,11 +390,14 @@ Resulting in
 
 .. code-block:: none
 
+  system {
+    wireless {
+      country-code de
+    }
+  }
   interfaces {
-    [...]
     wireless wlan0 {
       address dhcp
-      country-code de
       security {
         wpa {
           passphrase "12345678"
@@ -430,8 +433,8 @@ The WAP in this example has the following characteristics:
 .. stop_vyoslinter
 .. code-block:: none
 
+  set system wireless country-code de
   set interfaces wireless wlan0 address '192.168.2.1/24'
-  set interfaces wireless wlan0 country-code de
   set interfaces wireless wlan0 type access-point
   set interfaces wireless wlan0 channel 1
   set interfaces wireless wlan0 mode n
@@ -447,11 +450,15 @@ Resulting in
 
 .. code-block:: none
 
+  system {
+    wireless {
+      country-code de
+    }
+  }
   interfaces {
     [...]
     wireless wlan0 {
           address 192.168.2.1/24
-          country-code de
           channel 1
           mode n
           security {
@@ -637,6 +644,7 @@ The WAP in this example has the following characteristics:
 
 .. code-block:: none
 
+  set system wireless country-code de
   set interfaces wireless wlan0 address '192.168.2.1/24'
   set interfaces wireless wlan0 type access-point
   set interfaces wireless wlan0 channel 1
@@ -645,18 +653,21 @@ The WAP in this example has the following characteristics:
   set interfaces wireless wlan0 security wpa mode wpa2
   set interfaces wireless wlan0 security wpa cipher CCMP
   set interfaces wireless wlan0 security wpa passphrase '12345678'
-  set interfaces wireless wlan0 country-code de
 
 Resulting in
 
 .. code-block:: none
 
+  system {
+    wireless {
+      country-code de
+    }
+  }
   interfaces {
     [...]
     wireless wlan0 {
           address 192.168.2.1/24
           channel 1
-          country-code de
           mode n
           security {
               wpa {
@@ -691,8 +702,8 @@ still put this card into AP mode using the following configuration:
 .. stop_vyoslinter
 .. code-block:: none
 
+  set system wireless country-code 'us'
   set interfaces wireless wlan0 channel '1'
-  set interfaces wireless wlan0 country-code 'us'
   set interfaces wireless wlan0 mode 'n'
   set interfaces wireless wlan0 physical-device 'phy0'
   set interfaces wireless wlan0 ssid 'VyOS'

From c712670979fc1e2690482374e29b5b9384535dee Mon Sep 17 00:00:00 2001
From: aapostoliuk <a.apostoliuk@vyos.io>
Date: Tue, 25 Jun 2024 16:51:26 +0300
Subject: [PATCH 12/35] Added info how to use DNAT and VRRP with
 rfc3768-compatibility

Added warning info on how to use DNAT and VRRP with
rfc3768-compatibility.
---
 docs/configuration/highavailability/index.rst | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/docs/configuration/highavailability/index.rst b/docs/configuration/highavailability/index.rst
index 9158ac1d..93d01364 100644
--- a/docs/configuration/highavailability/index.rst
+++ b/docs/configuration/highavailability/index.rst
@@ -220,6 +220,10 @@ Verification
    inet 172.25.0.247/16 scope global eth0v10
    valid_lft forever preferred_lft forever
 
+.. warning:: RFC 3768 creates a virtual interface. If you want to apply 
+   the destination NAT rule to the traffic sent to the virtual MAC, set 
+   the created virtual interface as `inbound-interface`.
+
 Global options
 --------------
 

From d160ef08f6f2952a93bfb058f86d193c80fee4b8 Mon Sep 17 00:00:00 2001
From: Nicolas Vollmar <nvo@scaling.ch>
Date: Wed, 26 Jun 2024 10:50:50 +0200
Subject: [PATCH 13/35] T2891: add documentation for ring-buffer option

---
 docs/configuration/interfaces/ethernet.rst | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/docs/configuration/interfaces/ethernet.rst b/docs/configuration/interfaces/ethernet.rst
index dd524035..30a13b5b 100644
--- a/docs/configuration/interfaces/ethernet.rst
+++ b/docs/configuration/interfaces/ethernet.rst
@@ -52,6 +52,14 @@ Ethernet options
 
    VyOS default will be `auto`.
 
+.. cfgcmd:: set interface ethernet <interface> ring-buffer rx <value>
+.. cfgcmd:: set interface ethernet <interface> ring-buffer tx <value>
+
+  Configures the ring buffer size of the interface.
+
+  The supported values for a specific interface can be obtained
+  with: `ethtool -g <interface>`
+
 
 Offloading
 ----------
@@ -295,5 +303,3 @@ Operation
         BR margin, min          : 0%
         Vendor SN               : FNS092xxxxx
         Date code               : 0506xx
-
-.. stop_vyoslinter

From d595e52be6d2cec07e910628b86f09c0734d6b26 Mon Sep 17 00:00:00 2001
From: khramshinr <khramshinr@gmail.com>
Date: Wed, 26 Jun 2024 15:13:26 +0600
Subject: [PATCH 14/35] ssh: T5878: Allow changing the PubkeyAcceptedAlgorithms
 option

---
 docs/configuration/service/ssh.rst | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/docs/configuration/service/ssh.rst b/docs/configuration/service/ssh.rst
index efdbc651..d3ca51b5 100644
--- a/docs/configuration/service/ssh.rst
+++ b/docs/configuration/service/ssh.rst
@@ -109,6 +109,25 @@ Configuration
 
   Specify name of the :abbr:`VRF (Virtual Routing and Forwarding)` instance.
 
+.. cfgcmd:: set service ssh pubkey-accepted-algorithm <name>
+
+  Specifies the signature algorithms that will be accepted for public key
+  authentication
+
+  List of supported algorithms: ``ssh-ed25519``,
+  ``ssh-ed25519-cert-v01@openssh.com``, ``sk-ssh-ed25519@openssh.com``,
+  ``sk-ssh-ed25519-cert-v01@openssh.com``, ``ecdsa-sha2-nistp256``,
+  ``ecdsa-sha2-nistp256-cert-v01@openssh.com``, ``ecdsa-sha2-nistp384``,
+  ``ecdsa-sha2-nistp384-cert-v01@openssh.com``, ``ecdsa-sha2-nistp521``,
+  ``ecdsa-sha2-nistp521-cert-v01@openssh.com``,
+  ``sk-ecdsa-sha2-nistp256@openssh.com``,
+  ``sk-ecdsa-sha2-nistp256-cert-v01@openssh.com``,
+  ``webauthn-sk-ecdsa-sha2-nistp256@openssh.com``,
+  ``ssh-dss``, ``ssh-dss-cert-v01@openssh.com``, ``ssh-rsa``,
+  ``ssh-rsa-cert-v01@openssh.com``, ``rsa-sha2-256``,
+  ``rsa-sha2-256-cert-v01@openssh.com``, ``rsa-sha2-512``,
+  ``rsa-sha2-512-cert-v01@openssh.com``
+
 Dynamic-protection
 ==================
 Protects host from brute-force attacks against

From ccdfa9fec150a409818f6f2a2cf4d5099de37b1b Mon Sep 17 00:00:00 2001
From: srividya0208 <a.srividya@vyos.io>
Date: Mon, 1 Jul 2024 01:38:15 -0400
Subject: [PATCH 15/35] openvpn: edit of the openvpn-options

---
 docs/configuration/interfaces/openvpn.rst | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/docs/configuration/interfaces/openvpn.rst b/docs/configuration/interfaces/openvpn.rst
index f51dfa94..fb85f4bf 100644
--- a/docs/configuration/interfaces/openvpn.rst
+++ b/docs/configuration/interfaces/openvpn.rst
@@ -637,17 +637,23 @@ benefit from it (see :ref:`issues_features`).
 If you are a hacker or want to try on your own we support passing raw OpenVPN
 options to OpenVPN.
 
-.. cfgcmd:: set interfaces openvpn vtun10 openvpn-option 'persistent-key'
+.. cfgcmd:: set interfaces openvpn vtun10 openvpn-option 'persist-key'
 
-Will add ``persistent-key`` at the end of the generated OpenVPN configuration.
+Will add ``persist-key`` to the generated OpenVPN configuration.
 Please use this only as last resort - things might break and OpenVPN won't start
 if you pass invalid options/syntax.
 
 .. cfgcmd:: set interfaces openvpn vtun10 openvpn-option
-   'push &quot;keepalive 1 10&quot;'
+   'push keepalive 10 60'
 
 Will add ``push "keepalive 1 10"`` to the generated OpenVPN config file.
 
+.. cfgcmd:: set interfaces openvpn vtun10 openvpn-option
+   'route-up &quot;/config/auth/tun_up.sh arg1&quot;'
+
+Will add ``route-up "/config/auth/tun_up.sh arg1"`` to the generated OpenVPN 
+config file. The path and arguments need to be single- or double-quoted.
+
 .. note:: Sometimes option lines in the generated OpenVPN configuration require
    quotes. This is done through a hack on our config generator. You can pass
    quotes using the ``&quot;`` statement.

From 2b051992294fad1729c124d72ab88fb241c0d39d Mon Sep 17 00:00:00 2001
From: Nicolas Vollmar <nvo@scaling.ch>
Date: Mon, 1 Jul 2024 08:49:35 +0200
Subject: [PATCH 16/35] T6477: Add documentation for telegraf loki output

---
 docs/configuration/service/monitoring.rst | 30 +++++++++++++++++++++++
 1 file changed, 30 insertions(+)

diff --git a/docs/configuration/service/monitoring.rst b/docs/configuration/service/monitoring.rst
index 245af067..10b4dee2 100644
--- a/docs/configuration/service/monitoring.rst
+++ b/docs/configuration/service/monitoring.rst
@@ -130,6 +130,36 @@ and logs from your routers.
    Remote URL
 
 
+Loki
+====
+
+Telegraf can be used to send logs to Loki using tags as labels.
+
+.. cfgcmd:: set service monitoring telegraf loki port <port>
+
+   Remote Loki port
+
+   Default is 3100
+
+.. cfgcmd:: set service monitoring telegraf loki url <url>
+
+   Remote Loki url
+
+.. cfgcmd:: set service monitoring telegraf loki authentication username <username>
+.. cfgcmd:: set service monitoring telegraf loki authentication password <password>
+
+   HTTP basic authentication.
+
+   If either is set both must be set.
+
+.. cfgcmd:: set service monitoring telegraf loki metric-name-label <label>
+
+   Label to use for the metric name when sending metrics.
+
+   If set to an empty string, the label will not be added.
+   This is NOT recommended, as it makes it impossible to differentiate
+   between multiple metrics.
+
 Example
 =======
 

From 10ddceecba0bd7680090806d2f00f7975cd11d1f Mon Sep 17 00:00:00 2001
From: aapostoliuk <a.apostoliuk@vyos.io>
Date: Tue, 2 Jul 2024 11:11:33 +0300
Subject: [PATCH 17/35] Deleted not existing options in geneve interface

Deleted not existing options in geneve interface.
`set interfaces geneve <interface> disable-link-detect`
`set interfaces geneve <interface> disable-flow-control`
`set interfaces geneve <interface> vrf <vrf>`
---
 docs/configuration/interfaces/geneve.rst | 30 +++++++++++++++++++++---
 1 file changed, 27 insertions(+), 3 deletions(-)

diff --git a/docs/configuration/interfaces/geneve.rst b/docs/configuration/interfaces/geneve.rst
index bf8b0920..1e8b8096 100644
--- a/docs/configuration/interfaces/geneve.rst
+++ b/docs/configuration/interfaces/geneve.rst
@@ -41,9 +41,33 @@ Configuration
 Common interface configuration
 ==============================
 
-.. cmdinclude:: /_include/interface-common-without-dhcp.txt
-   :var0: geneve
-   :var1: gnv0
+.. cmdinclude:: /_include/interface-address.txt
+  :var0: geneve
+  :var1: gnv0
+
+.. cmdinclude:: /_include/interface-description.txt
+  :var0: geneve
+  :var1: gnv0
+
+.. cmdinclude:: /_include/interface-disable.txt
+  :var0: geneve
+  :var1: gnv0
+
+.. cmdinclude:: /_include/interface-mac.txt
+  :var0: geneve
+  :var1: gnv0
+
+.. cmdinclude:: /_include/interface-mtu.txt
+  :var0: geneve
+  :var1: gnv0
+
+.. cmdinclude:: /_include/interface-ip.txt
+  :var0: geneve
+  :var1: gnv0
+
+.. cmdinclude:: /_include/interface-ipv6.txt
+  :var0: geneve
+  :var1: gnv0
 
 GENEVE options
 ==============

From 0731705733409ab91bc9067be13936a35ba8e947 Mon Sep 17 00:00:00 2001
From: whyrlpool <26317568+whyrlpool@users.noreply.github.com>
Date: Wed, 3 Jul 2024 13:46:31 +0100
Subject: [PATCH 18/35] Update cloud-init.rst, typo

fixes typo on line 255, s/inyected/injected/, update proof-read date
---
 docs/automation/cloud-init.rst | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/automation/cloud-init.rst b/docs/automation/cloud-init.rst
index 0b9ee207..5cd9bdad 100644
--- a/docs/automation/cloud-init.rst
+++ b/docs/automation/cloud-init.rst
@@ -1,4 +1,4 @@
-:lastproofread: 2021-07-12
+:lastproofread: 2024-07-03
 
 .. _cloud-init:
 
@@ -252,7 +252,7 @@ Most important keys that needs to be considered:
 
 * If no networking configuration is provided, then dhcp client is going to be
   enabled on first interface. Bare in mind that this configuration will be
-  inyected at an OS level, so don't expect to find dhcp client configuration
+  injected at an OS level, so don't expect to find dhcp client configuration
   on vyos cli. Because of this behavior, in next example lab we will disable
   dhcp-client configuration on eth0.
 

From 63988391efed6c7f193c832abb649f996b8ea33a Mon Sep 17 00:00:00 2001
From: whyrlpool <26317568+whyrlpool@users.noreply.github.com>
Date: Wed, 3 Jul 2024 13:54:31 +0100
Subject: [PATCH 19/35] Update cloud-init.rst, typo

Correct spelling of phrase, reference: https://www.scribbr.co.uk/definition/bear-in-mind-meaning/
---
 docs/automation/cloud-init.rst | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/automation/cloud-init.rst b/docs/automation/cloud-init.rst
index 5cd9bdad..f2ecaa77 100644
--- a/docs/automation/cloud-init.rst
+++ b/docs/automation/cloud-init.rst
@@ -251,7 +251,7 @@ Most important keys that needs to be considered:
 * Networking configurations shouldn't be passed in user-data file.
 
 * If no networking configuration is provided, then dhcp client is going to be
-  enabled on first interface. Bare in mind that this configuration will be
+  enabled on first interface. Bear in mind that this configuration will be
   injected at an OS level, so don't expect to find dhcp client configuration
   on vyos cli. Because of this behavior, in next example lab we will disable
   dhcp-client configuration on eth0.

From fd7322695e28a89ce98dad7d726523f171313f5a Mon Sep 17 00:00:00 2001
From: whyrlpool <26317568+whyrlpool@users.noreply.github.com>
Date: Wed, 3 Jul 2024 14:58:05 +0100
Subject: [PATCH 20/35] Update firewall index.rst

change "bare in mind" to "bear in mind" re https://www.scribbr.co.uk/definition/bear-in-mind-meaning/
---
 docs/configuration/firewall/index.rst | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/configuration/firewall/index.rst b/docs/configuration/firewall/index.rst
index daf5f116..30f3bfdf 100644
--- a/docs/configuration/firewall/index.rst
+++ b/docs/configuration/firewall/index.rst
@@ -72,7 +72,7 @@ packet is processed at the **IP Layer**:
      * ``set firewall ipv6 forward filter ...``.
 
    * **Output**: stage where traffic that originates from the router itself
-     can be filtered and controlled. Bear in mind that this traffic can be a
+     can be filtered and controlled. Bare in mind that this traffic can be a
      new connection originated by a internal process running on VyOS router,
      such as NTP, or a response to traffic received externally through
      **input** (for example response to an ssh login attempt to the router).

From b6143b316cca70539e0b62732febcf91e93dda12 Mon Sep 17 00:00:00 2001
From: whyrlpool <26317568+whyrlpool@users.noreply.github.com>
Date: Wed, 3 Jul 2024 15:02:26 +0100
Subject: [PATCH 21/35] Update _locale/ja/automation.pot, fix typo

fixes changes made in previous commit in the ja locale
---
 docs/_locale/ja/automation.pot | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/docs/_locale/ja/automation.pot b/docs/_locale/ja/automation.pot
index 741a317b..42bcff7a 100644
--- a/docs/_locale/ja/automation.pot
+++ b/docs/_locale/ja/automation.pot
@@ -239,7 +239,7 @@ msgstr "2.5 Type the commands :"
 
 #: ../../automation/terraform/terraformAZ.rst:44
 msgid "2.6 Type the commands :"
-msgstr "2.6 Type the commands :"
+msgstr "2.6 Type the commands :in"
 
 #: ../../automation/terraform/terraformAWS.rst:31
 msgid "2 Create a key pair_ and download your .pem key"
@@ -781,8 +781,8 @@ msgid "If command ends in a value, it must be inside single quotes."
 msgstr "If command ends in a value, it must be inside single quotes."
 
 #: ../../automation/cloud-init.rst:253
-msgid "If no networking configuration is provided, then dhcp client is going to be enabled on first interface. Bare in mind that this configuration will be inyected at an OS level, so don't expect to find dhcp client configuration on vyos cli. Because of this behavior, in next example lab we will disable dhcp-client configuration on eth0."
-msgstr "If no networking configuration is provided, then dhcp client is going to be enabled on first interface. Bare in mind that this configuration will be inyected at an OS level, so don't expect to find dhcp client configuration on vyos cli. Because of this behavior, in next example lab we will disable dhcp-client configuration on eth0."
+msgid "If no networking configuration is provided, then dhcp client is going to be enabled on first interface. Bear in mind that this configuration will be injected at an OS level, so don't expect to find dhcp client configuration on vyos cli. Because of this behavior, in next example lab we will disable dhcp-client configuration on eth0."
+msgstr "If no networking configuration is provided, then dhcp client is going to be enabled on first interface. Bear in mind that this configuration will be injected at an OS level, so don't expect to find dhcp client configuration on vyos cli. Because of this behavior, in next example lab we will disable dhcp-client configuration on eth0."
 
 #: ../../automation/cloud-init.rst:228
 msgid "If you encounter problems, verify that the cloud-config document contains valid YAML. Online resources such as https://www.yamllint.com/ provide a simple tool for validating YAML."

From 63ee8dfafac3f9aef13d9e25b21216443d02c258 Mon Sep 17 00:00:00 2001
From: whyrlpool <26317568+whyrlpool@users.noreply.github.com>
Date: Wed, 3 Jul 2024 15:17:27 +0100
Subject: [PATCH 22/35] s/bare/bear across docs, fix typo in proxmox cloud-init
 docs

---
 docs/_locale/de/automation.pot        | 4 ++--
 docs/_locale/de/configuration.pot     | 4 ++--
 docs/_locale/es/automation.pot        | 2 +-
 docs/_locale/es/configuration.pot     | 4 ++--
 docs/_locale/ja/configuration.pot     | 4 ++--
 docs/_locale/pt/automation.pot        | 4 ++--
 docs/_locale/pt/configuration.pot     | 4 ++--
 docs/_locale/uk/automation.pot        | 2 +-
 docs/_locale/uk/configuration.pot     | 4 ++--
 docs/automation/cloud-init.rst        | 4 ++--
 docs/configuration/firewall/index.rst | 2 +-
 11 files changed, 19 insertions(+), 19 deletions(-)

diff --git a/docs/_locale/de/automation.pot b/docs/_locale/de/automation.pot
index acd55638..480bfa35 100644
--- a/docs/_locale/de/automation.pot
+++ b/docs/_locale/de/automation.pot
@@ -781,8 +781,8 @@ msgid "If command ends in a value, it must be inside single quotes."
 msgstr "If command ends in a value, it must be inside single quotes."
 
 #: ../../automation/cloud-init.rst:253
-msgid "If no networking configuration is provided, then dhcp client is going to be enabled on first interface. Bare in mind that this configuration will be inyected at an OS level, so don't expect to find dhcp client configuration on vyos cli. Because of this behavior, in next example lab we will disable dhcp-client configuration on eth0."
-msgstr "If no networking configuration is provided, then dhcp client is going to be enabled on first interface. Bare in mind that this configuration will be inyected at an OS level, so don't expect to find dhcp client configuration on vyos cli. Because of this behavior, in next example lab we will disable dhcp-client configuration on eth0."
+msgid "If no networking configuration is provided, then dhcp client is going to be enabled on first interface. Bear in mind that this configuration will be injected at an OS level, so don't expect to find dhcp client configuration on vyos cli. Because of this behavior, in next example lab we will disable dhcp-client configuration on eth0."
+msgstr "If no networking configuration is provided, then dhcp client is going to be enabled on first interface. Bear in mind that this configuration will be injected at an OS level, so don't expect to find dhcp client configuration on vyos cli. Because of this behavior, in next example lab we will disable dhcp-client configuration on eth0."
 
 #: ../../automation/cloud-init.rst:228
 msgid "If you encounter problems, verify that the cloud-config document contains valid YAML. Online resources such as https://www.yamllint.com/ provide a simple tool for validating YAML."
diff --git a/docs/_locale/de/configuration.pot b/docs/_locale/de/configuration.pot
index f0ae9a1d..dc70be5a 100644
--- a/docs/_locale/de/configuration.pot
+++ b/docs/_locale/de/configuration.pot
@@ -391,8 +391,8 @@ msgid "**Origin check**"
 msgstr "**Origin check**"
 
 #: ../../configuration/firewall/index.rst:64
-msgid "**Output**: stage where traffic that is originated by the router itself can be filtered and controlled. Bare in mind that this traffic can be a new connection originted by a internal process running on VyOS router, such as NTP, or can be a response to traffic received externaly through **inputt** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:"
-msgstr "**Output**: stage where traffic that is originated by the router itself can be filtered and controlled. Bare in mind that this traffic can be a new connection originted by a internal process running on VyOS router, such as NTP, or can be a response to traffic received externaly through **inputt** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:"
+msgid "**Output**: stage where traffic that is originated by the router itself can be filtered and controlled. Bear in mind that this traffic can be a new connection originted by a internal process running on VyOS router, such as NTP, or can be a response to traffic received externaly through **inputt** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:"
+msgstr "**Output**: stage where traffic that is originated by the router itself can be filtered and controlled. Bear in mind that this traffic can be a new connection originted by a internal process running on VyOS router, such as NTP, or can be a response to traffic received externaly through **inputt** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:"
 
 #: ../../configuration/firewall/index.rst:65
 msgid "**Output**: stage where traffic that originates from the router itself can be filtered and controlled. Bear in mind that this traffic can be a new connection originated by a internal process running on VyOS router, such as NTP, or a response to traffic received externaly through **input** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:"
diff --git a/docs/_locale/es/automation.pot b/docs/_locale/es/automation.pot
index 1bef6c23..c98faa2f 100644
--- a/docs/_locale/es/automation.pot
+++ b/docs/_locale/es/automation.pot
@@ -781,7 +781,7 @@ msgid "If command ends in a value, it must be inside single quotes."
 msgstr "Si el comando termina en un valor, debe estar entre comillas simples."
 
 #: ../../automation/cloud-init.rst:253
-msgid "If no networking configuration is provided, then dhcp client is going to be enabled on first interface. Bare in mind that this configuration will be inyected at an OS level, so don't expect to find dhcp client configuration on vyos cli. Because of this behavior, in next example lab we will disable dhcp-client configuration on eth0."
+msgid "If no networking configuration is provided, then dhcp client is going to be enabled on first interface. Bear in mind that this configuration will be injected at an OS level, so don't expect to find dhcp client configuration on vyos cli. Because of this behavior, in next example lab we will disable dhcp-client configuration on eth0."
 msgstr "Si no se proporciona una configuración de red, el cliente dhcp se habilitará en la primera interfaz. Tenga en cuenta que esta configuración se inyectará a nivel del sistema operativo, así que no espere encontrar la configuración del cliente dhcp en vyos cli. Debido a este comportamiento, en el siguiente laboratorio de ejemplo, deshabilitaremos la configuración de dhcp-client en eth0."
 
 #: ../../automation/cloud-init.rst:228
diff --git a/docs/_locale/es/configuration.pot b/docs/_locale/es/configuration.pot
index b7b3a78a..821ecc6a 100644
--- a/docs/_locale/es/configuration.pot
+++ b/docs/_locale/es/configuration.pot
@@ -391,8 +391,8 @@ msgid "**Origin check**"
 msgstr "**Comprobación de origen**"
 
 #: ../../configuration/firewall/index.rst:64
-msgid "**Output**: stage where traffic that is originated by the router itself can be filtered and controlled. Bare in mind that this traffic can be a new connection originted by a internal process running on VyOS router, such as NTP, or can be a response to traffic received externaly through **inputt** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:"
-msgstr "**Output**: stage where traffic that is originated by the router itself can be filtered and controlled. Bare in mind that this traffic can be a new connection originted by a internal process running on VyOS router, such as NTP, or can be a response to traffic received externaly through **inputt** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:"
+msgid "**Output**: stage where traffic that is originated by the router itself can be filtered and controlled. Bear in mind that this traffic can be a new connection originted by a internal process running on VyOS router, such as NTP, or can be a response to traffic received externaly through **inputt** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:"
+msgstr "**Output**: stage where traffic that is originated by the router itself can be filtered and controlled. Bear in mind that this traffic can be a new connection originted by a internal process running on VyOS router, such as NTP, or can be a response to traffic received externaly through **inputt** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:"
 
 #: ../../configuration/firewall/index.rst:65
 msgid "**Output**: stage where traffic that originates from the router itself can be filtered and controlled. Bear in mind that this traffic can be a new connection originated by a internal process running on VyOS router, such as NTP, or a response to traffic received externaly through **input** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:"
diff --git a/docs/_locale/ja/configuration.pot b/docs/_locale/ja/configuration.pot
index 3518562b..19d6802f 100644
--- a/docs/_locale/ja/configuration.pot
+++ b/docs/_locale/ja/configuration.pot
@@ -391,8 +391,8 @@ msgid "**Origin check**"
 msgstr "**Origin check**"
 
 #: ../../configuration/firewall/index.rst:64
-msgid "**Output**: stage where traffic that is originated by the router itself can be filtered and controlled. Bare in mind that this traffic can be a new connection originted by a internal process running on VyOS router, such as NTP, or can be a response to traffic received externaly through **inputt** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:"
-msgstr "**Output**: stage where traffic that is originated by the router itself can be filtered and controlled. Bare in mind that this traffic can be a new connection originted by a internal process running on VyOS router, such as NTP, or can be a response to traffic received externaly through **inputt** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:"
+msgid "**Output**: stage where traffic that is originated by the router itself can be filtered and controlled. Bear in mind that this traffic can be a new connection originted by a internal process running on VyOS router, such as NTP, or can be a response to traffic received externaly through **inputt** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:"
+msgstr "**Output**: stage where traffic that is originated by the router itself can be filtered and controlled. Bear in mind that this traffic can be a new connection originted by a internal process running on VyOS router, such as NTP, or can be a response to traffic received externaly through **inputt** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:"
 
 #: ../../configuration/firewall/index.rst:65
 msgid "**Output**: stage where traffic that originates from the router itself can be filtered and controlled. Bear in mind that this traffic can be a new connection originated by a internal process running on VyOS router, such as NTP, or a response to traffic received externaly through **input** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:"
diff --git a/docs/_locale/pt/automation.pot b/docs/_locale/pt/automation.pot
index 6494fae3..198dea36 100644
--- a/docs/_locale/pt/automation.pot
+++ b/docs/_locale/pt/automation.pot
@@ -781,8 +781,8 @@ msgid "If command ends in a value, it must be inside single quotes."
 msgstr "If command ends in a value, it must be inside single quotes."
 
 #: ../../automation/cloud-init.rst:253
-msgid "If no networking configuration is provided, then dhcp client is going to be enabled on first interface. Bare in mind that this configuration will be inyected at an OS level, so don't expect to find dhcp client configuration on vyos cli. Because of this behavior, in next example lab we will disable dhcp-client configuration on eth0."
-msgstr "If no networking configuration is provided, then dhcp client is going to be enabled on first interface. Bare in mind that this configuration will be inyected at an OS level, so don't expect to find dhcp client configuration on vyos cli. Because of this behavior, in next example lab we will disable dhcp-client configuration on eth0."
+msgid "If no networking configuration is provided, then dhcp client is going to be enabled on first interface. Bear in mind that this configuration will be injected at an OS level, so don't expect to find dhcp client configuration on vyos cli. Because of this behavior, in next example lab we will disable dhcp-client configuration on eth0."
+msgstr "If no networking configuration is provided, then dhcp client is going to be enabled on first interface. Bear in mind that this configuration will be injected at an OS level, so don't expect to find dhcp client configuration on vyos cli. Because of this behavior, in next example lab we will disable dhcp-client configuration on eth0."
 
 #: ../../automation/cloud-init.rst:228
 msgid "If you encounter problems, verify that the cloud-config document contains valid YAML. Online resources such as https://www.yamllint.com/ provide a simple tool for validating YAML."
diff --git a/docs/_locale/pt/configuration.pot b/docs/_locale/pt/configuration.pot
index 098a9f01..f73095f6 100644
--- a/docs/_locale/pt/configuration.pot
+++ b/docs/_locale/pt/configuration.pot
@@ -391,8 +391,8 @@ msgid "**Origin check**"
 msgstr "**Origin check**"
 
 #: ../../configuration/firewall/index.rst:64
-msgid "**Output**: stage where traffic that is originated by the router itself can be filtered and controlled. Bare in mind that this traffic can be a new connection originted by a internal process running on VyOS router, such as NTP, or can be a response to traffic received externaly through **inputt** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:"
-msgstr "**Output**: stage where traffic that is originated by the router itself can be filtered and controlled. Bare in mind that this traffic can be a new connection originted by a internal process running on VyOS router, such as NTP, or can be a response to traffic received externaly through **inputt** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:"
+msgid "**Output**: stage where traffic that is originated by the router itself can be filtered and controlled. Bear in mind that this traffic can be a new connection originted by a internal process running on VyOS router, such as NTP, or can be a response to traffic received externaly through **inputt** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:"
+msgstr "**Output**: stage where traffic that is originated by the router itself can be filtered and controlled. Bear in mind that this traffic can be a new connection originted by a internal process running on VyOS router, such as NTP, or can be a response to traffic received externaly through **inputt** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:"
 
 #: ../../configuration/firewall/index.rst:65
 msgid "**Output**: stage where traffic that originates from the router itself can be filtered and controlled. Bear in mind that this traffic can be a new connection originated by a internal process running on VyOS router, such as NTP, or a response to traffic received externaly through **input** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:"
diff --git a/docs/_locale/uk/automation.pot b/docs/_locale/uk/automation.pot
index 96148754..e8f049f7 100644
--- a/docs/_locale/uk/automation.pot
+++ b/docs/_locale/uk/automation.pot
@@ -781,7 +781,7 @@ msgid "If command ends in a value, it must be inside single quotes."
 msgstr "Якщо команда закінчується значенням, воно має бути в одинарних лапках."
 
 #: ../../automation/cloud-init.rst:253
-msgid "If no networking configuration is provided, then dhcp client is going to be enabled on first interface. Bare in mind that this configuration will be inyected at an OS level, so don't expect to find dhcp client configuration on vyos cli. Because of this behavior, in next example lab we will disable dhcp-client configuration on eth0."
+msgid "If no networking configuration is provided, then dhcp client is going to be enabled on first interface. Bear in mind that this configuration will be injected at an OS level, so don't expect to find dhcp client configuration on vyos cli. Because of this behavior, in next example lab we will disable dhcp-client configuration on eth0."
 msgstr "Якщо конфігурація мережі не надається, клієнт dhcp буде ввімкнено на першому інтерфейсі. Майте на увазі, що цю конфігурацію буде введено на рівні ОС, тому не очікуйте знайти конфігурацію клієнта dhcp у vyos cli. Через таку поведінку в наступному прикладі лабораторної роботи ми вимкнемо конфігурацію dhcp-клієнта на eth0."
 
 #: ../../automation/cloud-init.rst:228
diff --git a/docs/_locale/uk/configuration.pot b/docs/_locale/uk/configuration.pot
index 3f9e7bd2..5195191f 100644
--- a/docs/_locale/uk/configuration.pot
+++ b/docs/_locale/uk/configuration.pot
@@ -391,8 +391,8 @@ msgid "**Origin check**"
 msgstr "**Перевірка походження**"
 
 #: ../../configuration/firewall/index.rst:64
-msgid "**Output**: stage where traffic that is originated by the router itself can be filtered and controlled. Bare in mind that this traffic can be a new connection originted by a internal process running on VyOS router, such as NTP, or can be a response to traffic received externaly through **inputt** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:"
-msgstr "**Output**: stage where traffic that is originated by the router itself can be filtered and controlled. Bare in mind that this traffic can be a new connection originted by a internal process running on VyOS router, such as NTP, or can be a response to traffic received externaly through **inputt** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:"
+msgid "**Output**: stage where traffic that is originated by the router itself can be filtered and controlled. Bear in mind that this traffic can be a new connection originted by a internal process running on VyOS router, such as NTP, or can be a response to traffic received externaly through **inputt** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:"
+msgstr "**Output**: stage where traffic that is originated by the router itself can be filtered and controlled. Bear in mind that this traffic can be a new connection originted by a internal process running on VyOS router, such as NTP, or can be a response to traffic received externaly through **inputt** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:"
 
 #: ../../configuration/firewall/index.rst:65
 msgid "**Output**: stage where traffic that originates from the router itself can be filtered and controlled. Bear in mind that this traffic can be a new connection originated by a internal process running on VyOS router, such as NTP, or a response to traffic received externaly through **input** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:"
diff --git a/docs/automation/cloud-init.rst b/docs/automation/cloud-init.rst
index 0b9ee207..ef796f45 100644
--- a/docs/automation/cloud-init.rst
+++ b/docs/automation/cloud-init.rst
@@ -251,8 +251,8 @@ Most important keys that needs to be considered:
 * Networking configurations shouldn't be passed in user-data file.
 
 * If no networking configuration is provided, then dhcp client is going to be
-  enabled on first interface. Bare in mind that this configuration will be
-  inyected at an OS level, so don't expect to find dhcp client configuration
+  enabled on first interface. Bear in mind that this configuration will be
+  injected at an OS level, so don't expect to find dhcp client configuration
   on vyos cli. Because of this behavior, in next example lab we will disable
   dhcp-client configuration on eth0.
 
diff --git a/docs/configuration/firewall/index.rst b/docs/configuration/firewall/index.rst
index 30f3bfdf..daf5f116 100644
--- a/docs/configuration/firewall/index.rst
+++ b/docs/configuration/firewall/index.rst
@@ -72,7 +72,7 @@ packet is processed at the **IP Layer**:
      * ``set firewall ipv6 forward filter ...``.
 
    * **Output**: stage where traffic that originates from the router itself
-     can be filtered and controlled. Bare in mind that this traffic can be a
+     can be filtered and controlled. Bear in mind that this traffic can be a
      new connection originated by a internal process running on VyOS router,
      such as NTP, or a response to traffic received externally through
      **input** (for example response to an ssh login attempt to the router).

From 8214ffe4c61f6a14bddf2fed43bff915f2503c6f Mon Sep 17 00:00:00 2001
From: whyrlpool <26317568+whyrlpool@users.noreply.github.com>
Date: Wed, 3 Jul 2024 17:26:08 +0100
Subject: [PATCH 23/35] proofread and update firewall docs

---
 docs/automation/cloud-init.rst                |   2 +-
 docs/configuration/container/index.rst        |   4 +-
 docs/configuration/firewall/bridge.rst        |  48 ++---
 docs/configuration/firewall/flowtables.rst    |  26 +--
 .../configuration/firewall/global-options.rst |  22 +--
 docs/configuration/firewall/groups.rst        |  19 +-
 docs/configuration/firewall/index.rst         |  26 +--
 docs/configuration/firewall/ipv4.rst          | 165 +++++++++--------
 docs/configuration/firewall/ipv6.rst          | 167 +++++++++---------
 docs/configuration/firewall/zone.rst          |  18 +-
 10 files changed, 247 insertions(+), 250 deletions(-)

diff --git a/docs/automation/cloud-init.rst b/docs/automation/cloud-init.rst
index ef796f45..f2ecaa77 100644
--- a/docs/automation/cloud-init.rst
+++ b/docs/automation/cloud-init.rst
@@ -1,4 +1,4 @@
-:lastproofread: 2021-07-12
+:lastproofread: 2024-07-03
 
 .. _cloud-init:
 
diff --git a/docs/configuration/container/index.rst b/docs/configuration/container/index.rst
index a1672aa7..8be82e1b 100644
--- a/docs/configuration/container/index.rst
+++ b/docs/configuration/container/index.rst
@@ -1,10 +1,10 @@
-:lastproofread: 2022-06-10
+:lastproofread: 2024-07-03
 
 #########
 Container
 #########
 
-The VyOS container implementation is based on `Podman<https://podman.io/>` as
+The VyOS container implementation is based on `Podman <https://podman.io/>`_ as
 a deamonless container engine.
 
 *************
diff --git a/docs/configuration/firewall/bridge.rst b/docs/configuration/firewall/bridge.rst
index f84fd456..2e3d3634 100644
--- a/docs/configuration/firewall/bridge.rst
+++ b/docs/configuration/firewall/bridge.rst
@@ -1,4 +1,4 @@
-:lastproofread: 2023-11-08
+:lastproofread: 2024-07-03
 
 .. _firewall-configuration:
 
@@ -12,13 +12,13 @@ Bridge Firewall Configuration
 Overview
 ********
 
-In this section there's useful information of all firewall configuration that
-can be done regarding bridge, and appropriate op-mode commands.
+In this section there's useful information on all firewall configuration that
+can be done regarding bridges, and appropriate op-mode commands.
 Configuration commands covered in this section:
 
 .. cfgcmd:: set firewall bridge ...
 
-From main structure defined in :doc:`Firewall Overview</configuration/firewall/index>`
+From the main structure defined in :doc:`Firewall Overview</configuration/firewall/index>`
 in this section you can find detailed information only for the next part
 of the general structure:
 
@@ -41,7 +41,7 @@ For traffic that needs to be forwarded internally by the bridge, base chain is
 is **forward**, and it's base command for filtering is ``set firewall bridge
 forward filter ...``, which happens in stage 4, highlighted with red color.
 
-Custom bridge firewall chains can be create with command ``set firewall bridge
+Custom bridge firewall chains can be created with the command ``set firewall bridge
 name <name> ...``. In order to use such custom chain, a rule with action jump,
 and the appropriate target should be defined in a base chain.
 
@@ -55,9 +55,9 @@ and the appropriate target should be defined in a base chain.
 Bridge Rules
 ************
 
-For firewall filtering, firewall rules needs to be created. Each rule is
+For firewall filtering, firewall rules need to be created. Each rule is
 numbered, has an action to apply if the rule is matched, and the ability
-to specify multiple criteria matchers. Data packets go through the rules
+to specify multiple matching criteria. Data packets go through the rules
 from 1 - 999999, so order is crucial. At the first match the action of the
 rule will be executed.
 
@@ -65,7 +65,7 @@ Actions
 =======
 
 If a rule is defined, then an action must be defined for it. This tells the
-firewall what to do if all criteria matchers defined for such rule do match.
+firewall what to do if all matching criterea in the rule are met.
 
 In firewall bridge rules, the action can be:
 
@@ -101,7 +101,7 @@ In firewall bridge rules, the action can be:
    queue <0-65535>
 
    To be used only when action is set to ``queue``. Use this command to specify
-   queue target to use. Queue range is also supported.
+   the queue target to use. Queue range is also supported.
 
 .. cfgcmd:: set firewall bridge forward filter rule <1-999999>
    queue-options bypass
@@ -121,7 +121,7 @@ In firewall bridge rules, the action can be:
    distribute packets between several queues.
 
 Also, **default-action** is an action that takes place whenever a packet does
-not match any rule in it's chain. For base chains, possible options for
+not match any rule in its' chain. For base chains, possible options for
 **default-action** are **accept** or **drop**.
 
 .. cfgcmd:: set firewall bridge forward filter default-action
@@ -129,10 +129,10 @@ not match any rule in it's chain. For base chains, possible options for
 .. cfgcmd:: set firewall bridge name <name> default-action
    [accept | continue | drop | jump | queue | return]
 
-   This set the default action of the rule-set if no rule matched a packet
-   criteria. If default-action is set to ``jump``, then
+   This sets the default action of the rule-set if a packet does not match
+   any of the rules in that chain. If default-action is set to ``jump``, then
    ``default-jump-target`` is also needed. Note that for base chains, default
-   action can only be set to ``accept`` or ``drop``, while on custom chain,
+   action can only be set to ``accept`` or ``drop``, while on custom chains
    more actions are available.
 
 .. cfgcmd:: set firewall bridge name <name> default-jump-target <text>
@@ -141,9 +141,9 @@ not match any rule in it's chain. For base chains, possible options for
    command to specify jump target for default rule.
 
 .. note:: **Important note about default-actions:**
-   If default action for any base chain is not defined, then the default
-   action is set to **accept** for that chain. For custom chains, if default
-   action is not defined, then the default-action is set to **drop**.
+   If the default action for any base chain is not defined, then the default
+   action is set to **accept** for that chain. For custom chains, if the 
+   default action is not defined, then the default-action is set to **drop**.
 
 Firewall Logs
 =============
@@ -155,7 +155,7 @@ log options can be defined.
 .. cfgcmd:: set firewall bridge name <name> rule <1-999999> log
 
    Enable logging for the matched packet. If this configuration command is not
-   present, then log is not enabled.
+   present, then the log is not enabled.
 
 .. cfgcmd:: set firewall bridge forward filter default-log
 .. cfgcmd:: set firewall bridge name <name> default-log
@@ -170,14 +170,15 @@ log options can be defined.
    log-options level [emerg | alert | crit | err | warn | notice
    | info | debug]
 
-   Define log-level. Only applicable if rule log is enable.
+   Define log-level. Only applicable if rule log is enabled.
 
 .. cfgcmd:: set firewall bridge forward filter rule <1-999999>
    log-options group <0-65535>
 .. cfgcmd:: set firewall bridge name <name> rule <1-999999>
    log-options group <0-65535>
 
-   Define log group to send message to. Only applicable if rule log is enable.
+   Define the log group to send messages to. Only applicable if rule log is
+   enabled.
 
 .. cfgcmd:: set firewall bridge forward filter rule <1-999999>
    log-options snapshot-length <0-9000>
@@ -185,15 +186,16 @@ log options can be defined.
    log-options snapshot-length <0-9000>
 
    Define length of packet payload to include in netlink message. Only
-   applicable if rule log is enable and log group is defined.
+   applicable if rule log is enabled and the log group is defined.
 
 .. cfgcmd:: set firewall bridge forward filter rule <1-999999>
    log-options queue-threshold <0-65535>
 .. cfgcmd:: set firewall bridge name <name> rule <1-999999>
    log-options queue-threshold <0-65535>
 
-   Define number of packets to queue inside the kernel before sending them to
-   userspace. Only applicable if rule log is enable and log group is defined.
+   Define the number of packets to queue inside the kernel before sending them
+   to userspace. Only applicable if rule log is enabled and the log group is 
+   defined.
 
 Firewall Description
 ====================
@@ -207,7 +209,7 @@ For reference, a description can be defined for every defined custom chain.
 Rule Status
 ===========
 
-When defining a rule, it is enable by default. In some cases, it is useful to
+When defining a rule, it is enabled by default. In some cases, it is useful to
 just disable the rule, rather than removing it.
 
 .. cfgcmd:: set firewall bridge forward filter rule <1-999999> disable
diff --git a/docs/configuration/firewall/flowtables.rst b/docs/configuration/firewall/flowtables.rst
index ae95a85f..915bf39d 100644
--- a/docs/configuration/firewall/flowtables.rst
+++ b/docs/configuration/firewall/flowtables.rst
@@ -1,4 +1,4 @@
-:lastproofread: 2024-06-20
+:lastproofread: 2024-07-02
 
 .. _firewall-flowtables-configuration:
 
@@ -12,12 +12,12 @@ Flowtables Firewall Configuration
 Overview
 ********
 
-In this section there's useful information of all firewall configuration that
+In this section there's useful information on all firewall configuration that
 can be done regarding flowtables.
 
 .. cfgcmd:: set firewall flowtables ...
 
-From main structure defined in
+From the main structure defined in
 :doc:`Firewall Overview</configuration/firewall/index>`
 in this section you can find detailed information only for the next part
 of the general structure:
@@ -30,7 +30,7 @@ of the general structure:
                + ...
 
 
-Flowtables  allows you to define a fastpath through the flowtable datapath.
+Flowtables allow you to define a fastpath through the flowtable datapath.
 The flowtable supports for the layer 3 IPv4 and IPv6 and the layer 4 TCP
 and UDP protocols.
 
@@ -107,10 +107,10 @@ Things to be considered in this setup:
    * Minimum firewall ruleset is provided, which includes some filtering rules,
      and appropriate rules for using flowtable offload capabilities.
 
-As described, first packet will be evaluated by all the firewall path, so
+As described, the first packet will be evaluated by the firewall path, so a
 desired connection should be explicitly accepted. Same thing should be taken
 into account for traffic in reverse order. In most cases state policies are
-used in order to accept connection in reverse patch.
+used in order to accept a connection in the reverse path.
 
 We will only accept traffic coming from interface eth0, protocol tcp and
 destination port 1122. All other traffic trespassing the router should be
@@ -142,7 +142,7 @@ Explanation
 
 Analysis on what happens for desired connection:
 
-   1. First packet is received on eth0, with destination address 192.0.2.100,
+   1. Firstly, a packet is received on eth0, with destination address 192.0.2.100,
    protocol tcp and destination port 1122. Assume such destination address is
    reachable through interface eth1.
 
@@ -151,22 +151,22 @@ Analysis on what happens for desired connection:
 
    3. Rule 110 is hit, so connection is accepted.
 
-   4. Once answer from server 192.0.2.100 is seen in opposite direction,
+   4. Once an answer from server 192.0.2.100 is seen in opposite direction,
    connection state will be triggered to **established**, so this reply is
    accepted in rule 20.
 
-   5. Second packet for this connection is received by the router. Since
+   5. The second packet for this connection is received by the router. Since
    connection state is **established**, then rule 10 is hit, and a new entry
    in the flowtable FT01 is added for this connection.
 
-   6. All the following packets will skip traditional path, and will be offloaded
-   and will use the **Fast Path**.
+   6. All the following packets will skip the traditional path, will be
+   offloaded and use the **Fast Path**.
 
 Checks
 ------
 
-It's time to check conntrack table, to see if any connection was accepted,
-and if was properly offloaded
+It's time to check the conntrack table, to see if any connections were accepted,
+and if it was properly offloaded
 
 .. code-block:: none
 
diff --git a/docs/configuration/firewall/global-options.rst b/docs/configuration/firewall/global-options.rst
index 7c52045e..87fb755d 100644
--- a/docs/configuration/firewall/global-options.rst
+++ b/docs/configuration/firewall/global-options.rst
@@ -1,4 +1,4 @@
-:lastproofread: 2023-12-26
+:lastproofread: 2024-07-03
 
 .. _firewall-global-options-configuration:
 
@@ -25,7 +25,7 @@ Configuration
 .. cfgcmd:: set firewall global-options all-ping [enable | disable]
 
    By default, when VyOS receives an ICMP echo request packet destined for
-   itself, it will answer with an ICMP echo reply, unless you avoid it
+   itself, it will answer with an ICMP echo reply, unless you prevent it
    through its firewall.
 
    With the firewall you can set rules to accept, drop or reject ICMP in,
@@ -55,7 +55,7 @@ Configuration
 
 .. cfgcmd:: set firewall global-options broadcast-ping [enable | disable]
 
-   This setting enable or disable the response of icmp broadcast
+   This setting enables or disables the response to icmp broadcast
    messages. The following system parameter will be altered:
 
    * ``net.ipv4.icmp_echo_ignore_broadcasts``
@@ -63,8 +63,8 @@ Configuration
 .. cfgcmd:: set firewall global-options ip-src-route [enable | disable]
 .. cfgcmd:: set firewall global-options ipv6-src-route [enable | disable]
 
-   This setting handle if VyOS accept packets with a source route
-   option. The following system parameter will be altered:
+   This setting handles if VyOS accepts packets with a source route
+   option. The following system parameters will be altered:
 
    * ``net.ipv4.conf.all.accept_source_route``
    * ``net.ipv6.conf.all.accept_source_route``
@@ -73,22 +73,22 @@ Configuration
 .. cfgcmd:: set firewall global-options ipv6-receive-redirects
    [enable | disable]
 
-   enable or disable of ICMPv4 or ICMPv6 redirect messages accepted
-   by VyOS. The following system parameter will be altered:
+   Enable or disable ICMPv4 or ICMPv6 redirect messages being accepted by
+   VyOS. The following system parameters will be altered:
 
    * ``net.ipv4.conf.all.accept_redirects``
    * ``net.ipv6.conf.all.accept_redirects``
 
 .. cfgcmd:: set firewall global-options send-redirects [enable | disable]
 
-   enable or disable ICMPv4 redirect messages send by VyOS
+   Enable or disable ICMPv4 redirect messages being sent by VyOS
    The following system parameter will be altered:
 
    * ``net.ipv4.conf.all.send_redirects``
 
 .. cfgcmd:: set firewall global-options log-martians [enable | disable]
 
-   enable or disable the logging of martian IPv4 packets.
+   Enable or disable the logging of martian IPv4 packets.
    The following system parameter will be altered:
 
    * ``net.ipv4.conf.all.log_martians``
@@ -103,7 +103,7 @@ Configuration
 
 .. cfgcmd:: set firewall global-options syn-cookies [enable | disable]
 
-   Enable or Disable if VyOS use IPv4 TCP SYN Cookies.
+   Enable or disable if VyOS uses IPv4 TCP SYN Cookies.
    The following system parameter will be altered:
 
    * ``net.ipv4.tcp_syncookies``
@@ -111,7 +111,7 @@ Configuration
 .. cfgcmd:: set firewall global-options twa-hazards-protection
    [enable | disable]
 
-   Enable or Disable VyOS to be :rfc:`1337` conform.
+   Enable or Disable VyOS to be :rfc:`1337` conformant.
    The following system parameter will be altered:
 
    * ``net.ipv4.tcp_rfc1337``
diff --git a/docs/configuration/firewall/groups.rst b/docs/configuration/firewall/groups.rst
index 6111650a..fa32b98e 100644
--- a/docs/configuration/firewall/groups.rst
+++ b/docs/configuration/firewall/groups.rst
@@ -1,4 +1,4 @@
-:lastproofread: 2023-11-08
+:lastproofread: 2024-07-03
 
 .. _firewall-groups-configuration:
 
@@ -18,8 +18,7 @@ matcher, and/or as inbound/outbound in the case of interface group.
 Address Groups
 ==============
 
-In an **address group** a single IP address or IP address ranges are
-defined.
+In an **address group** a single IP address or IP address range is defined.
 
 .. cfgcmd:: set firewall group address-group <name> address [address |
    address range]
@@ -43,7 +42,7 @@ Network Groups
 
 While **network groups** accept IP networks in CIDR notation, specific
 IP addresses can be added as a 32-bit prefix. If you foresee the need
-to add a mix of addresses and networks, the network group is
+to add a mix of addresses and networks, then a network group is
 recommended.
 
 .. cfgcmd:: set firewall group network-group <name> network <CIDR>
@@ -197,9 +196,9 @@ Commands used for this task are:
 .. cfgcmd:: set firewall ipv6 name <name> rule <1-999999> add-address-to-group
    source-address address-group <name>
 
-Also, specific timeout can be defined per rule. In case rule gets a hit,
-source or destinatination address will be added to the group, and this
-element will remain in the group until timeout expires. If no timeout
+Also, specific timeouts can be defined per rule. In case rule gets a hit,
+a source or destinatination address will be added to the group, and this
+element will remain in the group until the timeout expires. If no timeout
 is defined, then the element will remain in the group until next reboot,
 or until a new commit that changes firewall configuration is done.
 
@@ -324,7 +323,7 @@ A 4 step port knocking example is shown next:
       set firewall ipv4 input filter rule 99 protocol 'tcp'
       set firewall ipv4 input filter rule 99 source group dynamic-address-group 'ALLOWED'
 
-Before testing, we can check members of firewall groups:
+Before testing, we can check the members of firewall groups:
 
    .. code-block:: none
 
@@ -339,7 +338,7 @@ Before testing, we can check members of firewall groups:
       [edit]
       vyos@vyos#
 
-With this configuration, in order to get ssh access to the router, user
+With this configuration, in order to get ssh access to the router, the user
 needs to:
 
 1. Generate a new TCP connection with destination port 9990. As shown next,
@@ -390,7 +389,7 @@ a new entry was added to dynamic firewall group **ALLOWED**
       [edit]
       vyos@vyos#
 
-4. Now user can connect through ssh to the router (assuming ssh is configured).
+4. Now the user can connect through ssh to the router (assuming ssh is configured).
 
 **************
 Operation-mode
diff --git a/docs/configuration/firewall/index.rst b/docs/configuration/firewall/index.rst
index daf5f116..58e3463b 100644
--- a/docs/configuration/firewall/index.rst
+++ b/docs/configuration/firewall/index.rst
@@ -1,4 +1,4 @@
-:lastproofread: 2023-11-23
+:lastproofread: 2024-07-03
 
 ########
 Firewall
@@ -28,11 +28,11 @@ packet is processed at the **IP Layer**:
 
    * **Prerouting**: All packets that are received by the router
      are processed in this stage, regardless of the destination of the packet.
-     Starting from vyos-1.5-rolling-202406120020, a new section was added to
-     firewall configuration. There are several actions that can be done in this
-     stage, and currently these actions are also defined in different parts in
-     VyOS configuration. Order is important, and relevant configuration that
-     acts in this stage are:
+     Starting from vyos-1.5-rolling-202406120020, a new section was added to 
+     the firewall configuration. There are several actions that can be done in
+     this stage, and currently these actions are also defined in different
+     parts of the VyOS configuration. Order is important, and the relevant 
+     configuration that acts in this stage are:
 
       * **Firewall prerouting**: rules defined under ``set firewall [ipv4 |
         ipv6] prerouting raw...``. All rules defined in this section are
@@ -50,9 +50,9 @@ packet is processed at the **IP Layer**:
       * **Destination NAT**: rules defined under ``set [nat | nat66]
         destination...``.
 
-   * **Destination is the router?**: choose appropriate path based on
+   * **Destination is the router?**: choose an appropriate path based on
      destination IP address. Transit forward continues to **forward**,
-     while traffic that destination IP address is configured on the router
+     while traffic where the destination IP address is configured on the router
      continues to **input**.
 
    * **Input**: stage where traffic destined for the router itself can be
@@ -73,7 +73,7 @@ packet is processed at the **IP Layer**:
 
    * **Output**: stage where traffic that originates from the router itself
      can be filtered and controlled. Bear in mind that this traffic can be a
-     new connection originated by a internal process running on VyOS router,
+     new connection originated by a internal process running on the VyOS router
      such as NTP, or a response to traffic received externally through
      **input** (for example response to an ssh login attempt to the router).
      This includes ipv4 and ipv6 rules, and two different sections are present:
@@ -181,10 +181,10 @@ Zone-based firewall
    zone
 
 With zone-based firewalls a new concept was implemented, in addition to the
-standard in and out traffic flows, a local flow was added. This local was for
-traffic originating and destined to the router itself. Which means additional
-rules were required to secure the firewall itself from the network, in
-addition to the existing inbound and outbound rules from the traditional
+standard in and out traffic flows, a local flow was added. This local flow was
+for traffic originating and destined to the router itself. Which means that 
+additional rules were required to secure the firewall itself from the network,
+in addition to the existing inbound and outbound rules from the traditional
 concept above.
 
 To configure VyOS with the
diff --git a/docs/configuration/firewall/ipv4.rst b/docs/configuration/firewall/ipv4.rst
index 39370c86..abae31a5 100644
--- a/docs/configuration/firewall/ipv4.rst
+++ b/docs/configuration/firewall/ipv4.rst
@@ -1,4 +1,4 @@
-:lastproofread: 2023-11-08
+:lastproofread: 2024-07-03
 
 .. _firewall-ipv4-configuration:
 
@@ -10,13 +10,13 @@ IPv4 Firewall Configuration
 Overview
 ********
 
-In this section there's useful information of all firewall configuration that
+In this section there's useful information on all firewall configuration that
 can be done regarding IPv4, and appropriate op-mode commands.
 Configuration commands covered in this section:
 
 .. cfgcmd:: set firewall ipv4 ...
 
-From main structure defined in
+From the main structure defined in
 :doc:`Firewall Overview</configuration/firewall/index>`
 in this section you can find detailed information only for the next part
 of the general structure:
@@ -51,28 +51,28 @@ This stage includes:
    * :doc:`Destination NAT</configuration/nat/nat44>`: commands found under
      ``set nat destination ...``
 
-For transit traffic, which is received by the router and forwarded, base chain
-is **forward**. A simplified packet flow diagram for transit traffic is shown
-next:
+For transit traffic, which is received by the router and forwarded, the base
+chain is **forward**. A simplified packet flow diagram for transit traffic is
+shown next:
 
 .. figure:: /_static/images/firewall-fwd-packet-flow.png
 
-Firewall base chain to configure firewall filtering rules for transit traffic
+The base firewall chain to configure filtering rules for transit traffic
 is ``set firewall ipv4 forward filter ...``, which happens in stage 5,
-highlighted with red color.
+highlighted in the color red.
 
-For traffic towards the router itself, base chain is **input**, while traffic
-originated by the router, base chain is **output**.
+For traffic towards the router itself, the base chain is **input**, while
+traffic originated by the router has the base chain **output**.
 A new simplified packet flow diagram is shown next, which shows the path
 for traffic destined to the router itself, and traffic generated by the
 router (starting from circle number 6):
 
 .. figure:: /_static/images/firewall-input-packet-flow.png
 
-Base chain for traffic towards the router is ``set firewall ipv4 input
+The base chain for traffic towards the router is ``set firewall ipv4 input
 filter ...``
 
-And base chain for traffic generated by the router is ``set firewall ipv4
+And the base chain for traffic generated by the router is ``set firewall ipv4
 output ...``, where two sub-chains are available: **filter** and **raw**:
 
 * **Output Prerouting**: ``set firewall ipv4 output raw ...``.
@@ -82,9 +82,9 @@ output ...``, where two sub-chains are available: **filter** and **raw**:
   in this section are processed after connection tracking subsystem.
 
 .. note:: **Important note about default-actions:**
-   If default action for any base chain is not defined, then the default
-   action is set to **accept** for that chain. For custom chains, if default
-   action is not defined, then the default-action is set to **drop**
+   If a default action for any base chain is not defined, then the default
+   action is set to **accept** for that chain. For custom chains, if the 
+   default action is not defined, then the default-action is set to **drop**
 
 Custom firewall chains can be created, with commands
 ``set firewall ipv4 name <name> ...``. In order to use
@@ -95,9 +95,9 @@ should be defined in a base chain.
 Firewall - IPv4 Rules
 *********************
 
-For firewall filtering, firewall rules needs to be created. Each rule is
+For firewall filtering, firewall rules need to be created. Each rule is
 numbered, has an action to apply if the rule is matched, and the ability
-to specify multiple criteria matchers. Data packets go through the rules
+to specify multiple matching criteria. Data packets go through the rules
 from 1 - 999999, so order is crucial. At the first match the action of the
 rule will be executed.
 
@@ -105,7 +105,7 @@ Actions
 =======
 
 If a rule is defined, then an action must be defined for it. This tells the
-firewall what to do if all criteria matchers defined for such rule do match.
+firewall what to do if all of the criteria defined for that rule match.
 
 The action can be :
 
@@ -135,8 +135,8 @@ The action can be :
 .. cfgcmd:: set firewall ipv4 name <name> rule <1-999999> action
    [accept | continue | drop | jump | queue | reject | return]
 
-   This required setting defines the action of the current rule. If action is
-   set to jump, then jump-target is also needed.
+   This required setting defines the action of the current rule. If the action
+   is set to jump, then a jump-target is also needed.
 
 .. cfgcmd:: set firewall ipv4 forward filter rule <1-999999>
    jump-target <text>
@@ -148,7 +148,7 @@ The action can be :
    jump-target <text>
 
    To be used only when action is set to ``jump``. Use this command to specify
-   jump target.
+   the jump target.
 
 .. cfgcmd:: set firewall ipv4 forward filter rule <1-999999>
    queue <0-65535>
@@ -160,7 +160,7 @@ The action can be :
    queue <0-65535>
 
    To be used only when action is set to ``queue``. Use this command to specify
-   queue target to use. Queue range is also supported.
+   the queue target to use. Queue range is also supported.
 
 .. cfgcmd:: set firewall ipv4 forward filter rule <1-999999>
    queue-options bypass
@@ -171,7 +171,7 @@ The action can be :
 .. cfgcmd:: set firewall ipv4 name <name> rule <1-999999>
    queue-options bypass
 
-   To be used only when action is set to ``queue``. Use this command to let
+   To be used only when action is set to ``queue``. Use this command to let the
    packet go through firewall when no userspace software is connected to the
    queue.
 
@@ -200,21 +200,21 @@ not match any rule in it's chain. For base chains, possible options for
 .. cfgcmd:: set firewall ipv4 name <name> default-action
    [accept | drop | jump | queue | reject | return]
 
-   This set the default action of the rule-set if no rule matched a packet
-   criteria. If default-action is set to ``jump``, then
-   ``default-jump-target`` is also needed. Note that for base chains, default
-   action can only be set to ``accept`` or ``drop``, while on custom chain,
-   more actions are available.
+   This sets the default action of the rule-set if a packet does not match the
+   criteria of any rule. If default-action is set to ``jump``, then
+   ``default-jump-target`` is also needed. Note that for base chains, the
+   default action can only be set to ``accept`` or ``drop``, while on custom 
+   chains, more actions are available.
 
 .. cfgcmd:: set firewall ipv4 name <name> default-jump-target <text>
 
    To be used only when ``default-action`` is set to ``jump``. Use this
-   command to specify jump target for default rule.
+   command to specify the jump target for the default rule.
 
 .. note:: **Important note about default-actions:**
-   If default action for any base chain is not defined, then the default
-   action is set to **accept** for that chain. For custom chains, if default
-   action is not defined, then the default-action is set to **drop**.
+   If the default action for any base chain is not defined, then the default
+   action is set to **accept** for that chain. For custom chains if a default
+   action is not defined then the default-action is set to **drop**.
 
 Firewall Logs
 =============
@@ -228,7 +228,7 @@ log options can be defined.
 .. cfgcmd:: set firewall ipv4 name <name> rule <1-999999> log
 
    Enable logging for the matched packet. If this configuration command is not
-   present, then log is not enabled.
+   present, then the log is not enabled.
 
 .. cfgcmd:: set firewall ipv4 forward filter default-log
 .. cfgcmd:: set firewall ipv4 input filter default-log
@@ -251,7 +251,7 @@ log options can be defined.
    log-options level [emerg | alert | crit | err | warn | notice
    | info | debug]
 
-   Define log-level. Only applicable if rule log is enable.
+   Define log-level. Only applicable if rule log is enabled.
 
 .. cfgcmd:: set firewall ipv4 forward filter rule <1-999999>
    log-options group <0-65535>
@@ -262,7 +262,8 @@ log options can be defined.
 .. cfgcmd:: set firewall ipv4 name <name> rule <1-999999>
    log-options group <0-65535>
 
-   Define log group to send message to. Only applicable if rule log is enable.
+   Define the log group to send messages to. Only applicable if rule log is
+   enabled.
 
 .. cfgcmd:: set firewall ipv4 forward filter rule <1-999999>
    log-options snapshot-length <0-9000>
@@ -273,8 +274,8 @@ log options can be defined.
 .. cfgcmd:: set firewall ipv4 name <name> rule <1-999999>
    log-options snapshot-length <0-9000>
 
-   Define length of packet payload to include in netlink message. Only
-   applicable if rule log is enable and log group is defined.
+   Define the length of packet payload to include in a netlink message. Only
+   applicable if rule log is enabled and log group is defined.
 
 .. cfgcmd:: set firewall ipv4 forward filter rule <1-999999>
    log-options queue-threshold <0-65535>
@@ -285,8 +286,8 @@ log options can be defined.
 .. cfgcmd:: set firewall ipv4 name <name> rule <1-999999>
    log-options queue-threshold <0-65535>
 
-   Define number of packets to queue inside the kernel before sending them to
-   userspace. Only applicable if rule log is enable and log group is defined.
+   Define the number of packets to queue inside the kernel before sending them
+   to userspace. Only applicable if rule log is enabled and log group is defined.
 
 Firewall Description
 ====================
@@ -311,7 +312,7 @@ every defined custom chain.
 Rule Status
 ===========
 
-When defining a rule, it is enable by default. In some cases, it is useful to
+When defining a rule, it is enabled by default. In some cases, it is useful to
 just disable the rule, rather than removing it.
 
 .. cfgcmd:: set firewall ipv4 forward filter rule <1-999999> disable
@@ -335,7 +336,7 @@ There are a lot of matching criteria against which the packet can be tested.
 .. cfgcmd:: set firewall ipv4 name <name> rule <1-999999>
    connection-status nat [destination | source]
 
-   Match criteria based on nat connection status.
+   Match based on nat connection status.
 
 .. cfgcmd:: set firewall ipv4 forward filter rule <1-999999>
    connection-mark <1-2147483647>
@@ -346,7 +347,7 @@ There are a lot of matching criteria against which the packet can be tested.
 .. cfgcmd:: set firewall ipv4 name <name> rule <1-999999>
    connection-mark <1-2147483647>
 
-   Match criteria based on connection mark.
+   Match based on connection mark.
 
 .. cfgcmd:: set firewall ipv4 forward filter rule <1-999999>
    conntrack-helper <module>
@@ -445,8 +446,8 @@ There are a lot of matching criteria against which the packet can be tested.
 .. cfgcmd:: set firewall ipv4 name <name> rule <1-999999>
    destination fqdn <fqdn>
 
-   Specify a Fully Qualified Domain Name as source/destination matcher. Ensure
-   router is able to resolve such dns query.
+   Specify a Fully Qualified Domain Name as source/destination to match. Ensure
+   that the router is able to resolve this dns query.
 
 .. cfgcmd:: set firewall ipv4 forward filter rule <1-999999>
    source geoip country-code <country>
@@ -503,14 +504,13 @@ geoip) to keep database and rules updated.
 .. cfgcmd:: set firewall ipv4 name <name> rule <1-999999>
    source mac-address <mac-address>
 
-   Only in the source criteria, you can specify a mac-address.
+   You can only specify a source mac-address to match.
 
    .. code-block:: none
 
       set firewall ipv4 input filter rule 100 source mac-address 00:53:00:11:22:33
       set firewall ipv4 input filter rule 101 source mac-address !00:53:00:aa:12:34
 
-
 .. cfgcmd:: set firewall ipv4 forward filter rule <1-999999>
    source port [1-65535 | portname | start-end]
 .. cfgcmd:: set firewall ipv4 input filter rule <1-999999>
@@ -529,8 +529,7 @@ geoip) to keep database and rules updated.
 .. cfgcmd:: set firewall ipv4 name <name> rule <1-999999>
    destination port [1-65535 | portname | start-end]
 
-   A port can be set with a port number or a name which is here
-   defined: ``/etc/services``.
+   A port can be set by number or name as defined in ``/etc/services``.
 
    .. code-block:: none
 
@@ -559,8 +558,8 @@ geoip) to keep database and rules updated.
 .. cfgcmd:: set firewall ipv4 name <name> rule <1-999999>
    destination group address-group <name | !name>
 
-   Use a specific address-group. Prepend character ``!`` for inverted matching
-   criteria.
+   Use a specific address-group. Prepending the character ``!`` to invert the
+   criteria to match is also supported.
 
 .. cfgcmd:: set firewall ipv4 forward filter rule <1-999999>
    source group dynamic-address-group <name | !name>
@@ -580,8 +579,8 @@ geoip) to keep database and rules updated.
 .. cfgcmd:: set firewall ipv4 name <name> rule <1-999999>
    destination group dynamic-address-group <name | !name>
 
-   Use a specific dynamic-address-group. Prepend character ``!`` for inverted
-   matching criteria.
+   Use a specific dynamic-address-group. Prepending the character ``!`` to
+   invert the criteria to match is also supported.
 
 .. cfgcmd:: set firewall ipv4 forward filter rule <1-999999>
    source group network-group <name | !name>
@@ -601,8 +600,8 @@ geoip) to keep database and rules updated.
 .. cfgcmd:: set firewall ipv4 name <name> rule <1-999999>
    destination group network-group <name | !name>
 
-   Use a specific network-group. Prepend character ``!`` for inverted matching
-   criteria.
+   Use a specific network-group. Prepending the character ``!`` to invert the
+   criteria to match is also supported.
 
 .. cfgcmd:: set firewall ipv4 forward filter rule <1-999999>
    source group port-group <name | !name>
@@ -622,8 +621,8 @@ geoip) to keep database and rules updated.
 .. cfgcmd:: set firewall ipv4 name <name> rule <1-999999>
    destination group port-group <name | !name>
 
-   Use a specific port-group. Prepend character ``!`` for inverted matching
-   criteria.
+   Use a specific port-group. Prepending the character ``!`` to invert the
+   criteria to match is also supported.
 
 .. cfgcmd:: set firewall ipv4 forward filter rule <1-999999>
    source group domain-group <name | !name>
@@ -643,8 +642,8 @@ geoip) to keep database and rules updated.
 .. cfgcmd:: set firewall ipv4 name <name> rule <1-999999>
    destination group domain-group <name | !name>
 
-   Use a specific domain-group. Prepend character ``!`` for inverted matching
-   criteria.
+   Use a specific domain-group. Prepending the character ``!`` to invert the
+   criteria to match is also supported.
 
 .. cfgcmd:: set firewall ipv4 forward filter rule <1-999999>
    source group mac-group <name | !name>
@@ -664,8 +663,8 @@ geoip) to keep database and rules updated.
 .. cfgcmd:: set firewall ipv4 name <name> rule <1-999999>
    destination group mac-group <name | !name>
 
-   Use a specific mac-group. Prepend character ``!`` for inverted matching
-   criteria.
+   Use a specific mac-group. Prepending the character ``!`` to invert the
+   criteria to match is also supported.
 
 .. cfgcmd:: set firewall ipv4 forward filter rule <1-999999>
    dscp [0-63 | start-end]
@@ -696,7 +695,7 @@ geoip) to keep database and rules updated.
 .. cfgcmd:: set firewall ipv4 name <name> rule <1-999999>
    fragment [match-frag | match-non-frag]
 
-   Match based on fragment criteria.
+   Match based on fragmentation.
 
 .. cfgcmd:: set firewall ipv4 forward filter rule <1-999999>
    icmp [code | type] <0-255>
@@ -718,7 +717,7 @@ geoip) to keep database and rules updated.
 .. cfgcmd:: set firewall ipv4 name <name> rule <1-999999>
    icmp type-name <text>
 
-   Match based on icmp type-name criteria. Use tab for information
+   Match based on icmp type-name. Use tab for information
    about what **type-name** criteria are supported.
 
 .. cfgcmd:: set firewall ipv4 forward filter rule <1-999999>
@@ -729,11 +728,11 @@ geoip) to keep database and rules updated.
    inbound-interface name <iface>
 
    Match based on inbound interface. Wildcard ``*`` can be used.
-   For example: ``eth2*``. Prepending character ``!`` for inverted matching
-   criteria is also supported. For example ``!eth2``
+   For example: ``eth2*``. Prepending the character ``!`` to invert the
+   criteria to match is also supported. For example ``!eth2``
 
 .. note:: If an interface is attached to a non-default vrf, when using
-   **inbound-interface**, vrf name must be used. For example ``set firewall
+   **inbound-interface**, the vrf name must be used. For example ``set firewall
    ipv4 forward filter rule 10 inbound-interface name MGMT``
 
 .. cfgcmd:: set firewall ipv4 forward filter rule <1-999999>
@@ -743,8 +742,8 @@ geoip) to keep database and rules updated.
 .. cfgcmd:: set firewall ipv4 name <name> rule <1-999999>
    inbound-interface group <iface_group>
 
-   Match based on inbound interface group. Prepending character ``!`` for
-   inverted matching criteria is also supported. For example ``!IFACE_GROUP``
+   Match based on the inbound interface group. Prepending the character ``!`` 
+   to invert the criteria to match is also supported. For example ``!IFACE_GROUP``
 
 .. cfgcmd:: set firewall ipv4 forward filter rule <1-999999>
    outbound-interface name <iface>
@@ -754,11 +753,11 @@ geoip) to keep database and rules updated.
    outbound-interface name <iface>
 
    Match based on outbound interface. Wildcard ``*`` can be used.
-   For example: ``eth2*``. Prepending character ``!`` for inverted matching
-   criteria is also supported. For example ``!eth2``
+   For example: ``eth2*``. Prepending the character ``!`` to invert the
+   criteria to match is also supported. For example ``!eth2``
 
 .. note:: If an interface is attached to a non-default vrf, when using
-   **outbound-interface**, real interface name must be used. For example
+   **outbound-interface**, the real interface name must be used. For example
    ``set firewall ipv4 forward filter rule 10 outbound-interface name eth0``
 
 .. cfgcmd:: set firewall ipv4 forward filter rule <1-999999>
@@ -768,8 +767,8 @@ geoip) to keep database and rules updated.
 .. cfgcmd:: set firewall ipv4 name <name> rule <1-999999>
    outbound-interface group <iface_group>
 
-   Match based on outbound interface group. Prepending character ``!`` for
-   inverted matching criteria is also supported. For example ``!IFACE_GROUP``
+   Match based on outbound interface group. Prepending the character ``!`` to
+   invert the criteria to match is also supported. For example ``!IFACE_GROUP``
 
 .. cfgcmd:: set firewall ipv4 forward filter rule <1-999999>
    ipsec [match-ipsec | match-none]
@@ -780,7 +779,7 @@ geoip) to keep database and rules updated.
 .. cfgcmd:: set firewall ipv4 name <name> rule <1-999999>
    ipsec [match-ipsec | match-none]
 
-   Match based on ipsec criteria.
+   Match based on ipsec.
 
 .. cfgcmd:: set firewall ipv4 forward filter rule <1-999999>
    limit burst <0-4294967295>
@@ -823,7 +822,7 @@ geoip) to keep database and rules updated.
 .. cfgcmd:: set firewall ipv4 name <name> rule <1-999999>
    packet-length-exclude <text>
 
-   Match based on packet length criteria. Multiple values from 1 to 65535
+   Match based on the packet length. Multiple values from 1 to 65535
    and ranges are supported.
 
 .. cfgcmd:: set firewall ipv4 forward filter rule <1-999999>
@@ -835,7 +834,7 @@ geoip) to keep database and rules updated.
 .. cfgcmd:: set firewall ipv4 name <name> rule <1-999999>
    packet-type [broadcast | host | multicast | other]
 
-   Match based on packet type criteria.
+   Match based on the packet type.
 
 .. cfgcmd:: set firewall ipv4 forward filter rule <1-999999>
    protocol [<text> | <0-255> | all | tcp_udp]
@@ -846,10 +845,9 @@ geoip) to keep database and rules updated.
 .. cfgcmd:: set firewall ipv4 name <name> rule <1-999999>
    protocol [<text> | <0-255> | all | tcp_udp]
 
-   Match a protocol criteria. A protocol number or a name which is here
-   defined: ``/etc/protocols``.
+   Match based on protocol number or name as defined in ``/etc/protocols``.
    Special names are ``all`` for all protocols and ``tcp_udp`` for tcp and udp
-   based packets. The ``!`` negate the selected protocol.
+   based packets. The ``!`` negates the selected protocol.
 
    .. code-block:: none
 
@@ -874,7 +872,7 @@ geoip) to keep database and rules updated.
 .. cfgcmd:: set firewall ipv4 name <name> rule <1-999999>
    recent time [second | minute | hour]
 
-   Match bases on recently seen sources.
+   Match based on recently seen sources.
 
 .. cfgcmd:: set firewall ipv4 forward filter rule <1-999999>
    tcp flags [not] <text>
@@ -958,8 +956,8 @@ geoip) to keep database and rules updated.
 .. cfgcmd:: set firewall ipv4 name <name> rule <1-999999>
    ttl <eq | gt | lt> <0-255>
 
-   Match time to live parameter, where 'eq' stands for 'equal'; 'gt' stands for
-   'greater than', and 'lt' stands for 'less than'.
+   Match the time to live parameter, where 'eq' stands for 'equal'; 'gt' stands
+   for 'greater than', and 'lt' stands for 'less than'.
 
 .. cfgcmd:: set firewall ipv4 forward filter rule <1-999999>
    recent count <1-255>
@@ -994,7 +992,7 @@ Synproxy connections
 .. cfgcmd:: set firewall ipv4 [input | forward] filter rule <1-999999>
    synproxy tcp mss <501-65535>
 
-    Set TCP-MSS (maximum segment size) for the connection
+    Set the TCP-MSS (maximum segment size) for the connection
 
 .. cfgcmd:: set firewall ipv4 [input | forward] filter rule <1-999999>
    synproxy tcp window-scale <1-14>
@@ -1028,7 +1026,6 @@ Requirements to enable synproxy:
   set firewall ipv4 input filter rule 1000 action 'drop'
   set firewall ipv4 input filter rule 1000 state invalid
 
-
 ***********************
 Operation-mode Firewall
 ***********************
@@ -1038,7 +1035,7 @@ Rule-set overview
 
 .. opcmd:: show firewall
 
-   This will show you a basic firewall overview, for all ruleset, and not
+   This will show you a basic firewall overview, for all rule-sets, and not
    only for ipv4
 
    .. code-block:: none
diff --git a/docs/configuration/firewall/ipv6.rst b/docs/configuration/firewall/ipv6.rst
index 511fd51f..5f526dac 100644
--- a/docs/configuration/firewall/ipv6.rst
+++ b/docs/configuration/firewall/ipv6.rst
@@ -1,4 +1,4 @@
-:lastproofread: 2023-11-08
+:lastproofread: 2024-07-03
 
 .. _firewall-ipv6-configuration:
 
@@ -10,13 +10,13 @@ IPv6 Firewall Configuration
 Overview
 ********
 
-In this section there's useful information of all firewall configuration that
+In this section there's useful information on all firewall configuration that
 can be done regarding IPv6, and appropriate op-mode commands.
 Configuration commands covered in this section:
 
 .. cfgcmd:: set firewall ipv6 ...
 
-From main structure defined in
+From the main structure defined in
 :doc:`Firewall Overview</configuration/firewall/index>`
 in this section you can find detailed information only for the next part
 of the general structure:
@@ -51,29 +51,29 @@ This stage includes:
    * :doc:`Destination NAT</configuration/nat/nat44>`: commands found under
      ``set nat66 destination ...``
 
-For transit traffic, which is received by the router and forwarded, base chain
-is **forward**. A simplified packet flow diagram for transit traffic is shown
-next:
+For transit traffic, which is received by the router and forwarded, the base
+chain is **forward**. A simplified packet flow diagram for transit traffic is
+shown next:
 
 .. figure:: /_static/images/firewall-fwd-packet-flow.png
 
-Firewall base chain to configure firewall filtering rules for transit traffic
+The base firewall chain to configure filtering rules for transit traffic
 is ``set firewall ipv6 forward filter ...``, which happens in stage 5,
-highlighted with red color.
+highlighted in the color red.
 
-For traffic towards the router itself, base chain is **input**, while traffic
-originated by the router, base chain is **output**.
+For traffic towards the router itself, the base chain is **input**, while
+traffic originated by the router has the base chain **output**.
 A new simplified packet flow diagram is shown next, which shows the path
 for traffic destined to the router itself, and traffic generated by the
 router (starting from circle number 6):
 
 .. figure:: /_static/images/firewall-input-packet-flow.png
 
-Base chain for traffic towards the router is ``set firewall ipv6 input
+The base chain for traffic towards the router is ``set firewall ipv6 input
 filter ...``
 
-And base chain for traffic generated by the router is ``set firewall ipv6
-output filter ...``, where two sub-chains are available: **filter** and **raw**:
+And the base chain for traffic generated by the router is ``set firewall ipv6
+output ...``, where two sub-chains are available: **filter** and **raw**:
 
 * **Output Prerouting**: ``set firewall ipv6 output raw ...``.
   As described in **Prerouting**, rules defined in this section are
@@ -82,9 +82,9 @@ output filter ...``, where two sub-chains are available: **filter** and **raw**:
   in this section are processed after connection tracking subsystem.
 
 .. note:: **Important note about default-actions:**
-   If default action for any base chain is not defined, then the default
-   action is set to **accept** for that chain. For custom chains, if default
-   action is not defined, then the default-action is set to **drop**
+   If a default action for any base chain is not defined, then the default
+   action is set to **accept** for that chain. For custom chains, if the
+   default action is not defined, then the default-action is set to **drop**
 
 Custom firewall chains can be created, with commands
 ``set firewall ipv6 name <name> ...``. In order to use
@@ -95,9 +95,9 @@ should be defined in a base chain.
 Firewall - IPv6 Rules
 ******************************
 
-For firewall filtering, firewall rules needs to be created. Each rule is
+For firewall filtering, firewall rules need to be created. Each rule is
 numbered, has an action to apply if the rule is matched, and the ability
-to specify multiple criteria matchers. Data packets go through the rules
+to specify multiple matching criteria. Data packets go through the rules
 from 1 - 999999, so order is crucial. At the first match the action of the
 rule will be executed.
 
@@ -105,7 +105,7 @@ Actions
 =======
 
 If a rule is defined, then an action must be defined for it. This tells the
-firewall what to do if all criteria matchers defined for such rule do match.
+firewall what to do if all of the criteria defined for that rule match.
 
 The action can be :
 
@@ -135,8 +135,8 @@ The action can be :
 .. cfgcmd:: set firewall ipv6 name <name> rule <1-999999> action
    [accept | continue | drop | jump | queue | reject | return]
 
-   This required setting defines the action of the current rule. If action is
-   set to jump, then jump-target is also needed.
+   This required setting defines the action of the current rule. If the action
+   is set to jump, then a jump-target is also needed.
 
 .. cfgcmd:: set firewall ipv6 forward filter rule <1-999999>
    jump-target <text>
@@ -148,7 +148,7 @@ The action can be :
    jump-target <text>
 
    To be used only when action is set to ``jump``. Use this command to specify
-   jump target.
+   the jump target.
 
 .. cfgcmd:: set firewall ipv6 forward filter rule <1-999999>
    queue <0-65535>
@@ -160,7 +160,7 @@ The action can be :
    queue <0-65535>
 
    To be used only when action is set to ``queue``. Use this command to specify
-   queue target to use. Queue range is also supported.
+   the queue target to use. Queue range is also supported.
 
 .. cfgcmd:: set firewall ipv6 forward filter rule <1-999999>
    queue-options bypass
@@ -171,7 +171,7 @@ The action can be :
 .. cfgcmd:: set firewall ipv6 name <name> rule <1-999999>
    queue-options bypass
 
-   To be used only when action is set to ``queue``. Use this command to let
+   To be used only when action is set to ``queue``. Use this command to let the
    packet go through firewall when no userspace software is connected to the
    queue.
 
@@ -200,21 +200,21 @@ not match any rule in it's chain. For base chains, possible options for
 .. cfgcmd:: set firewall ipv6 name <name> default-action
    [accept | drop | jump | queue | reject | return]
 
-   This set the default action of the rule-set if no rule matched a packet
-   criteria. If default-action is set to ``jump``, then
-   ``default-jump-target`` is also needed. Note that for base chains, default
-   action can only be set to ``accept`` or ``drop``, while on custom chain,
-   more actions are available.
+   This sets the default action of the rule-set if a packet does not match the
+   criteria of any rule. If default-action is set to ``jump``, then
+   ``default-jump-target`` is also needed. Note that for base chains, the
+   default action can only be set to ``accept`` or ``drop``, while on custom 
+   chains, more actions are available.
 
 .. cfgcmd:: set firewall ipv6 name <name> default-jump-target <text>
 
    To be used only when ``default-action`` is set to ``jump``. Use this
-   command to specify jump target for default rule.
+   command to specify the jump target for the default rule.
 
 .. note:: **Important note about default-actions:**
-   If default action for any base chain is not defined, then the default
-   action is set to **accept** for that chain. For custom chains, if default
-   action is not defined, then the default-action is set to **drop**.
+   If the default action for any base chain is not defined, then the default
+   action is set to **accept** for that chain. For custom chains if a default
+   action is not defined then the default-action is set to **drop**.
 
 Firewall Logs
 =============
@@ -228,7 +228,7 @@ log options can be defined.
 .. cfgcmd:: set firewall ipv6 name <name> rule <1-999999> log
 
    Enable logging for the matched packet. If this configuration command is not
-   present, then log is not enabled.
+   present, then the log is not enabled.
 
 .. cfgcmd:: set firewall ipv6 forward filter default-log
 .. cfgcmd:: set firewall ipv6 input filter default-log
@@ -251,7 +251,7 @@ log options can be defined.
    log-options level [emerg | alert | crit | err | warn | notice
    | info | debug]
 
-   Define log-level. Only applicable if rule log is enable.
+   Define log-level. Only applicable if rule log is enabled.
 
 .. cfgcmd:: set firewall ipv6 forward filter rule <1-999999>
    log-options group <0-65535>
@@ -262,7 +262,8 @@ log options can be defined.
 .. cfgcmd:: set firewall ipv6 name <name> rule <1-999999>
    log-options group <0-65535>
 
-   Define log group to send message to. Only applicable if rule log is enable.
+   Define the log group to send messages to. Only applicable if rule log is
+   enabled.
 
 .. cfgcmd:: set firewall ipv6 forward filter rule <1-999999>
    log-options snapshot-length <0-9000>
@@ -273,8 +274,8 @@ log options can be defined.
 .. cfgcmd:: set firewall ipv6 name <name> rule <1-999999>
    log-options snapshot-length <0-9000>
 
-   Define length of packet payload to include in netlink message. Only
-   applicable if rule log is enable and log group is defined.
+   Define the length of packet payload to include in a netlink message. Only
+   applicable if rule log is enabled and log group is defined.
 
 .. cfgcmd:: set firewall ipv6 forward filter rule <1-999999>
    log-options queue-threshold <0-65535>
@@ -285,8 +286,8 @@ log options can be defined.
 .. cfgcmd:: set firewall ipv6 name <name> rule <1-999999>
    log-options queue-threshold <0-65535>
 
-   Define number of packets to queue inside the kernel before sending them to
-   userspace. Only applicable if rule log is enable and log group is defined.
+   Define the number of packets to queue inside the kernel before sending them
+   to userspace. Only applicable if rule log is enabled and log group is defined.
 
 Firewall Description
 ====================
@@ -311,7 +312,7 @@ every defined custom chain.
 Rule Status
 ===========
 
-When defining a rule, it is enable by default. In some cases, it is useful to
+When defining a rule, it is enabled by default. In some cases, it is useful to
 just disable the rule, rather than removing it.
 
 .. cfgcmd:: set firewall ipv6 forward filter rule <1-999999> disable
@@ -335,7 +336,7 @@ There are a lot of matching criteria against which the packet can be tested.
 .. cfgcmd:: set firewall ipv6 name <name> rule <1-999999>
    connection-status nat [destination | source]
 
-   Match criteria based on nat connection status.
+   Match based on nat connection status.
 
 .. cfgcmd:: set firewall ipv6 forward filter rule <1-999999>
    connection-mark <1-2147483647>
@@ -346,7 +347,7 @@ There are a lot of matching criteria against which the packet can be tested.
 .. cfgcmd:: set firewall ipv6 name <name> rule <1-999999>
    connection-mark <1-2147483647>
 
-   Match criteria based on connection mark.
+   Match based on connection mark.
 
 .. cfgcmd:: set firewall ipv6 forward filter rule <1-999999>
    source address [address | addressrange | CIDR]
@@ -366,9 +367,8 @@ There are a lot of matching criteria against which the packet can be tested.
 .. cfgcmd:: set firewall ipv6 name <name> rule <1-999999>
    destination address [address | addressrange | CIDR]
 
-   Match criteria based on source and/or destination address. This is similar
-   to the network groups part, but here you are able to negate the matching
-   addresses.
+   Match based on source and/or destination address. This is similar to the
+   network groups part, but here you are able to negate the matching addresses.
 
    .. code-block:: none
 
@@ -433,8 +433,8 @@ There are a lot of matching criteria against which the packet can be tested.
 .. cfgcmd:: set firewall ipv6 name <name> rule <1-999999>
    destination fqdn <fqdn>
 
-   Specify a Fully Qualified Domain Name as source/destination matcher. Ensure
-   router is able to resolve such dns query.
+   Specify a Fully Qualified Domain Name as source/destination to match. Ensure
+   that the router is able to resolve this dns query.
 
 .. cfgcmd:: set firewall ipv6 forward filter rule <1-999999>
    source geoip country-code <country>
@@ -491,7 +491,7 @@ geoip) to keep database and rules updated.
 .. cfgcmd:: set firewall ipv6 name <name> rule <1-999999>
    source mac-address <mac-address>
 
-   Only in the source criteria, you can specify a mac-address.
+   You can only specify a source mac-address to match.
 
    .. code-block:: none
 
@@ -516,8 +516,7 @@ geoip) to keep database and rules updated.
 .. cfgcmd:: set firewall ipv6 name <name> rule <1-999999>
    destination port [1-65535 | portname | start-end]
 
-   A port can be set with a port number or a name which is here
-   defined: ``/etc/services``.
+   A port can be set by number or name as defined in ``/etc/services``.
 
    .. code-block:: none
 
@@ -550,8 +549,8 @@ geoip) to keep database and rules updated.
 .. cfgcmd:: set firewall ipv6 name <name> rule <1-999999>
    destination group address-group <name | !name>
 
-   Use a specific address-group. Prepend character ``!`` for inverted matching
-   criteria.
+   Use a specific address-group. Prepending the character ``!`` to invert the
+   criteria to match is also supported.
 
 .. cfgcmd:: set firewall ipv6 forward filter rule <1-999999>
    source group dynamic-address-group <name | !name>
@@ -571,8 +570,8 @@ geoip) to keep database and rules updated.
 .. cfgcmd:: set firewall ipv6 name <name> rule <1-999999>
    destination group dynamic-address-group <name | !name>
 
-   Use a specific dynamic-address-group. Prepend character ``!`` for inverted
-   matching criteria.
+   Use a specific dynamic-address-group. Prepending the character ``!`` to
+   invert the criteria to match is also supported.
 
 .. cfgcmd:: set firewall ipv6 forward filter rule <1-999999>
    source group network-group <name | !name>
@@ -592,8 +591,8 @@ geoip) to keep database and rules updated.
 .. cfgcmd:: set firewall ipv6 name <name> rule <1-999999>
    destination group network-group <name | !name>
 
-   Use a specific network-group. Prepend character ``!`` for inverted matching
-   criteria.
+   Use a specific network-group. Prepending the character ``!`` to invert the
+   criteria to match is also supported.
 
 .. cfgcmd:: set firewall ipv6 forward filter rule <1-999999>
    source group port-group <name | !name>
@@ -613,8 +612,8 @@ geoip) to keep database and rules updated.
 .. cfgcmd:: set firewall ipv6 name <name> rule <1-999999>
    destination group port-group <name | !name>
 
-   Use a specific port-group. Prepend character ``!`` for inverted matching
-   criteria.
+   Use a specific port-group. Prepending the character ``!`` to invert the
+   criteria to match is also supported.
 
 .. cfgcmd:: set firewall ipv6 forward filter rule <1-999999>
    source group domain-group <name | !name>
@@ -634,8 +633,8 @@ geoip) to keep database and rules updated.
 .. cfgcmd:: set firewall ipv6 name <name> rule <1-999999>
    destination group domain-group <name | !name>
 
-   Use a specific domain-group. Prepend character ``!`` for inverted matching
-   criteria.
+   Use a specific domain-group. Prepending the character ``!`` to invert the
+   criteria to match is also supported.
 
 .. cfgcmd:: set firewall ipv6 forward filter rule <1-999999>
    source group mac-group <name | !name>
@@ -655,8 +654,8 @@ geoip) to keep database and rules updated.
 .. cfgcmd:: set firewall ipv6 name <name> rule <1-999999>
    destination group mac-group <name | !name>
 
-   Use a specific mac-group. Prepend character ``!`` for inverted matching
-   criteria.
+   Use a specific mac-group. Prepending the character ``!`` to invert the
+   criteria to match is also supported.
 
 .. cfgcmd:: set firewall ipv6 forward filter rule <1-999999>
    dscp [0-63 | start-end]
@@ -687,7 +686,7 @@ geoip) to keep database and rules updated.
 .. cfgcmd:: set firewall ipv6 name <name> rule <1-999999>
    fragment [match-frag | match-non-frag]
 
-   Match based on fragment criteria.
+   Match based on fragmentation.
 
 .. cfgcmd:: set firewall ipv6 forward filter rule <1-999999>
    icmpv6 [code | type] <0-255>
@@ -709,7 +708,7 @@ geoip) to keep database and rules updated.
 .. cfgcmd:: set firewall ipv6 name <name> rule <1-999999>
    icmpv6 type-name <text>
 
-   Match based on icmpv6 type-name criteria. Use tab for information
+   Match based on icmpv6 type-name. Use tab for information
    about what **type-name** criteria are supported.
 
 .. cfgcmd:: set firewall ipv6 forward filter rule <1-999999>
@@ -720,11 +719,11 @@ geoip) to keep database and rules updated.
    inbound-interface name <iface>
 
    Match based on inbound interface. Wildcard ``*`` can be used.
-   For example: ``eth2*``. Prepending character ``!`` for inverted matching
-   criteria is also supported. For example ``!eth2``
+   For example: ``eth2*``. Prepending the character ``!`` to invert the
+   criteria to match is also supported. For example ``!eth2``
 
 .. note:: If an interface is attached to a non-default vrf, when using
-   **inbound-interface**, vrf name must be used. For example ``set firewall
+   **inbound-interface**, the vrf name must be used. For example ``set firewall
    ipv6 forward filter rule 10 inbound-interface name MGMT``
 
 .. cfgcmd:: set firewall ipv6 forward filter rule <1-999999>
@@ -734,8 +733,8 @@ geoip) to keep database and rules updated.
 .. cfgcmd:: set firewall ipv6 name <name> rule <1-999999>
    inbound-interface group <iface_group>
 
-   Match based on inbound interface group. Prepending character ``!`` for
-   inverted matching criteria is also supported. For example ``!IFACE_GROUP``
+   Match based on the inbound interface group. Prepending the character ``!`` 
+   to invert the criteria to match is also supported. For example ``!IFACE_GROUP``
 
 .. cfgcmd:: set firewall ipv6 forward filter rule <1-999999>
    outbound-interface name <iface>
@@ -745,11 +744,11 @@ geoip) to keep database and rules updated.
    outbound-interface name <iface>
 
    Match based on outbound interface. Wildcard ``*`` can be used.
-   For example: ``eth2*``. Prepending character ``!`` for inverted matching
-   criteria is also supported. For example ``!eth2``
+   For example: ``eth2*``. Prepending the character ``!`` to invert the
+   criteria to match is also supported. For example ``!eth2``
 
 .. note:: If an interface is attached to a non-default vrf, when using
-   **outbound-interface**, real interface name must be used. For example
+   **outbound-interface**, the real interface name must be used. For example
    ``set firewall ipv6 forward filter rule 10 outbound-interface name eth0``
 
 .. cfgcmd:: set firewall ipv6 forward filter rule <1-999999>
@@ -759,8 +758,8 @@ geoip) to keep database and rules updated.
 .. cfgcmd:: set firewall ipv6 name <name> rule <1-999999>
    outbound-interface group <iface_group>
 
-   Match based on outbound interface group. Prepending character ``!`` for
-   inverted matching criteria is also supported. For example ``!IFACE_GROUP``
+   Match based on outbound interface group. Prepending the character ``!`` to
+   invert the criteria to match is also supported. For example ``!IFACE_GROUP``
 
 .. cfgcmd:: set firewall ipv6 forward filter rule <1-999999>
    ipsec [match-ipsec | match-none]
@@ -771,7 +770,7 @@ geoip) to keep database and rules updated.
 .. cfgcmd:: set firewall ipv6 name <name> rule <1-999999>
    ipsec [match-ipsec | match-none]
 
-   Match based on ipsec criteria.
+   Match based on ipsec.
 
 .. cfgcmd:: set firewall ipv6 forward filter rule <1-999999>
    limit burst <0-4294967295>
@@ -814,7 +813,7 @@ geoip) to keep database and rules updated.
 .. cfgcmd:: set firewall ipv6 name <name> rule <1-999999>
    packet-length-exclude <text>
 
-   Match based on packet length criteria. Multiple values from 1 to 65535
+   Match based on the packet length. Multiple values from 1 to 65535
    and ranges are supported.
 
 .. cfgcmd:: set firewall ipv6 forward filter rule <1-999999>
@@ -826,7 +825,7 @@ geoip) to keep database and rules updated.
 .. cfgcmd:: set firewall ipv6 name <name> rule <1-999999>
    packet-type [broadcast | host | multicast | other]
 
-   Match based on packet type criteria.
+   Match based on the packet type.
 
 .. cfgcmd:: set firewall ipv6 forward filter rule <1-999999>
    protocol [<text> | <0-255> | all | tcp_udp]
@@ -837,10 +836,9 @@ geoip) to keep database and rules updated.
 .. cfgcmd:: set firewall ipv6 name <name> rule <1-999999>
    protocol [<text> | <0-255> | all | tcp_udp]
 
-   Match a protocol criteria. A protocol number or a name which is here
-   defined: ``/etc/protocols``.
+   Match based on protocol number or name as defined in ``/etc/protocols``.
    Special names are ``all`` for all protocols and ``tcp_udp`` for tcp and udp
-   based packets. The ``!`` negate the selected protocol.
+   based packets. The ``!`` negates the selected protocol.
 
    .. code-block:: none
 
@@ -948,7 +946,7 @@ geoip) to keep database and rules updated.
 .. cfgcmd:: set firewall ipv6 name <name> rule <1-999999>
    hop-limit <eq | gt | lt> <0-255>
 
-   Match hop-limit parameter, where 'eq' stands for 'equal'; 'gt' stands for
+   Match the hop-limit parameter, where 'eq' stands for 'equal'; 'gt' stands for
    'greater than', and 'lt' stands for 'less than'.
 
 .. cfgcmd:: set firewall ipv6 forward filter rule <1-999999>
@@ -984,7 +982,7 @@ Synproxy connections
 .. cfgcmd:: set firewall ipv6 [input | forward] filter rule <1-999999>
    synproxy tcp mss <501-65535>
 
-    Set TCP-MSS (maximum segment size) for the connection
+    Set the TCP-MSS (maximum segment size) for the connection
 
 .. cfgcmd:: set firewall ipv6 [input | forward] filter rule <1-999999>
    synproxy tcp window-scale <1-14>
@@ -1027,7 +1025,8 @@ Rule-set overview
 
 .. opcmd:: show firewall
 
-   This will show you a basic firewall overview
+   This will show you a basic firewall overview, for all rule-sets, and not
+   only for ipv6
 
    .. code-block:: none
 
diff --git a/docs/configuration/firewall/zone.rst b/docs/configuration/firewall/zone.rst
index f71ad8c1..73ce0a4d 100644
--- a/docs/configuration/firewall/zone.rst
+++ b/docs/configuration/firewall/zone.rst
@@ -1,4 +1,4 @@
-:lastproofread: 2023-11-01
+:lastproofread: 2024-07-03
 
 .. _firewall-zone:
 
@@ -11,9 +11,9 @@ Overview
 ********
 
 .. note:: Starting from VyOS 1.4-rolling-202308040557, a new firewall
-   structure can be found on all VyOS installations. Zone based firewall was
-   removed in that version, but re introduced in VyOS 1.4 and 1.5. All
-   versions built after 2023-10-22 has this feature.
+   structure can be found on all VyOS installations. The Zone based firewall
+   was removed in that version, but re introduced in VyOS 1.4 and 1.5. All
+   versions built after 2023-10-22 have this feature.
    Documentation for most of the new firewall CLI can be
    found in the `firewall
    <https://docs.vyos.io/en/latest/configuration/firewall/general.html>`_
@@ -22,13 +22,13 @@ Overview
    :doc:`legacy firewall configuration </configuration/firewall/general-legacy>`
    chapter.
 
-In this section there's useful information of all firewall configuration that
-is needed for zone-based firewall.
+In this section there's useful information on all firewall configuration that
+is needed for the zone-based firewall.
 Configuration commands covered in this section:
 
 .. cfgcmd:: set firewall zone ...
 
-From main structure defined in
+From the main structure defined in
 :doc:`Firewall Overview</configuration/firewall/index>`
 in this section you can find detailed information only for the next part
 of the general structure:
@@ -53,7 +53,7 @@ Key Points:
   interface can be assigned to only a single zone.
 * All traffic to and from an interface within a zone is permitted.
 * All traffic between zones is affected by existing policies
-* Traffic cannot flow between zone member interface and any interface that is
+* Traffic cannot flow between a zone member interface and any interface that is
   not a zone member.
 * You need 2 separate firewalls to define traffic: one for each direction.
 
@@ -129,7 +129,7 @@ Operation-mode
 
 .. opcmd:: show firewall zone-policy
 
-   This will show you a basic summary of zones configuration.
+   This will show you a basic summary of the zone configuration.
 
    .. code-block:: none
 

From af209122161b3002019e20bd3977047da86749ab Mon Sep 17 00:00:00 2001
From: whyrlpool <26317568+whyrlpool@users.noreply.github.com>
Date: Thu, 4 Jul 2024 13:16:35 +0100
Subject: [PATCH 24/35] change interface-mac.txt to match contributor
 guidelines on mac addresses

---
 docs/_include/interface-mac.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/_include/interface-mac.txt b/docs/_include/interface-mac.txt
index 03aa6106..9c8c7de5 100644
--- a/docs/_include/interface-mac.txt
+++ b/docs/_include/interface-mac.txt
@@ -8,4 +8,4 @@
 
   .. code-block:: none
 
-    set interfaces {{ var0 }} {{ var1 }} {{ var2 }} {{ var4 }} {{ var5 }} {{ var7 }} mac '00:01:02:03:04:05'
\ No newline at end of file
+    set interfaces {{ var0 }} {{ var1 }} {{ var2 }} {{ var4 }} {{ var5 }} {{ var7 }} mac '00:53:01:02:03:04'
\ No newline at end of file

From d9401f959ec1021c3f5d84e30a8ed423d5d3732c Mon Sep 17 00:00:00 2001
From: whyrlpool <26317568+whyrlpool@users.noreply.github.com>
Date: Thu, 4 Jul 2024 13:23:46 +0100
Subject: [PATCH 25/35] trivial spelling changes to
 include/interface-{ip,mirror}.txt

---
 docs/_include/interface-ip.txt     | 2 +-
 docs/_include/interface-mirror.txt | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/_include/interface-ip.txt b/docs/_include/interface-ip.txt
index 6359aceb..5163edd8 100644
--- a/docs/_include/interface-ip.txt
+++ b/docs/_include/interface-ip.txt
@@ -82,7 +82,7 @@
 .. cfgcmd:: set interfaces {{ var0 }} <interface> {{ var2 }} {{ var3 }}
   {{ var5 }} {{ var6 }} ip enable-arp-accept
 
-  Define behavior for gratuitous ARP frames who's IP is not already present in
+  Define behavior for gratuitous ARP frames whose IP is not already present in
   the ARP table. If configured create new entries in the ARP table.
 
   Both replies and requests type gratuitous arp will trigger the ARP table to be
diff --git a/docs/_include/interface-mirror.txt b/docs/_include/interface-mirror.txt
index 66d63248..26594984 100644
--- a/docs/_include/interface-mirror.txt
+++ b/docs/_include/interface-mirror.txt
@@ -1,6 +1,6 @@
 SPAN port mirroring can copy the inbound/outbound traffic of the interface to
 the specified interface, usually the interface can be connected to some special
-equipment, such as behavior control system, intrusion detection system and
+equipment, such as a behavior control system, intrusion detection system or
 traffic collector, and can copy all related traffic from this port.
 The benefit of mirroring the traffic is that the application is isolated from 
 the source traffic and so application processing does not affect the traffic 

From aa526355b2155a42dff2833aca78dc64c13deec8 Mon Sep 17 00:00:00 2001
From: whyrlpool <26317568+whyrlpool@users.noreply.github.com>
Date: Thu, 4 Jul 2024 14:11:49 +0100
Subject: [PATCH 26/35] proofread openvpn interface

---
 docs/configuration/interfaces/openvpn.rst | 80 ++++++++++++-----------
 1 file changed, 41 insertions(+), 39 deletions(-)

diff --git a/docs/configuration/interfaces/openvpn.rst b/docs/configuration/interfaces/openvpn.rst
index fb85f4bf..1dfe1fc5 100644
--- a/docs/configuration/interfaces/openvpn.rst
+++ b/docs/configuration/interfaces/openvpn.rst
@@ -1,4 +1,4 @@
-:lastproofread: 2021-07-05
+:lastproofread: 2024-07-04
 
 .. _openvpn:
 
@@ -9,8 +9,8 @@ OpenVPN
 Traditionally hardware routers implement IPsec exclusively due to relative
 ease of implementing it in hardware and insufficient CPU power for doing
 encryption in software. Since VyOS is a software router, this is less of a
-concern. OpenVPN has been widely used on UNIX platform for a long time and is
-a popular option for remote access VPN, though it's also capable of
+concern. OpenVPN has been widely used on the UNIX platform for a long time and
+is a popular option for remote access VPN, though it's also capable of
 site-to-site connections.
 
 Advantages of OpenVPN are:
@@ -45,14 +45,15 @@ remains a relatively obscure feature, and many router appliances
 still don't support it. However, it's very useful for quickly setting up
 tunnels between routers.
 
-As of VyOS 1.4, OpenVPN site-to-site mode can use either pre-shared keys or x.509 certificates.
+As of VyOS 1.4, OpenVPN site-to-site mode can use either pre-shared keys or
+x.509 certificates.
 
-The pre-shared key mode is deprecated and will be removed from future OpenVPN versions,
-so VyOS will have to remove support for that option as well. The reason is that using pre-shared keys
-is significantly less secure than using TLS.
+The pre-shared key mode is deprecated and will be removed from future OpenVPN
+versions, so VyOS will have to remove support for that option as well. The
+reason is that using pre-shared keys is significantly less secure than using TLS.
 
-We'll configure OpenVPN using self-signed certificates, and then discuss the legacy
-pre-shared key mode.
+We'll configure OpenVPN using self-signed certificates, and then discuss the
+legacy pre-shared key mode.
 
 In both cases, we will use the following settings:
 
@@ -168,10 +169,11 @@ Remote Configuration:
 Pre-shared keys
 ===============
 
-Until VyOS 1.4, the only option for site-to-site OpenVPN without PKI was to use pre-shared keys.
-That option is still available but it is deprecated and will be removed in the future.
-However, if you need to set up a tunnel to an older VyOS version or a system with older OpenVPN,
-you need to still need to know how to use it.
+Until VyOS 1.4, the only option for site-to-site OpenVPN without PKI was to use
+pre-shared keys. That option is still available but it is deprecated and will
+be removed in the future. However, if you need to set up a tunnel to an older
+VyOS version or a system with older OpenVPN, you need to still need to know how
+to use it.
 
 First, you need to generate a key by running ``run generate pki openvpn shared-secret install <name>`` from configuration mode.
 You can use any name, we will use ``s2s``.
@@ -311,11 +313,11 @@ not come up.
 Firewall policy can also be applied to the tunnel interface for `local`, `in`,
 and `out` directions and functions identically to ethernet interfaces.
 
-If making use of multiple tunnels, OpenVPN must have a way to distinguish
-between different tunnels aside from the pre-shared-key. This is either by
-referencing IP address or port number. One option is to dedicate a public IP
-to each tunnel. Another option is to dedicate a port number to each tunnel
-(e.g. 1195,1196,1197...).
+If you're making use of multiple tunnels, OpenVPN must have a way to 
+distinguish between different tunnels aside from the pre-shared-key. This is 
+done either by referencing IP addresses or port numbers. One option is to
+dedicate a public IP to each tunnel. Another option is to dedicate a port 
+number to each tunnel (e.g. 1195,1196,1197...).
 
 OpenVPN status can be verified using the `show openvpn` operational commands.
 See the built-in help for a complete list of options.
@@ -327,7 +329,7 @@ Server
 Multi-client server is the most popular OpenVPN mode on routers. It always uses
 x.509 authentication and therefore requires a PKI setup. Refer this topic
 :ref:`configuration/pki/index:pki` to generate a CA certificate,
-a server certificate and key, a certificate revocation list, a Diffie-Hellman
+a server certificate and key, a certificate revocation list, and a Diffie-Hellman
 key exchange parameters file. You do not need client certificates and keys for
 the server setup.
 
@@ -340,14 +342,14 @@ all client subnets belong to 10.23.0.0/20. All clients need access to the
 192.168.0.0/16 network.
 
 First we need to specify the basic settings. 1194/UDP is the default. The
-``persistent-tunnel`` option is recommended, it prevents the TUN/TAP device from
-closing on connection resets or daemon reloads.
+``persistent-tunnel`` option is recommended, as it prevents the TUN/TAP device
+from closing on connection resets or daemon reloads.
 
 .. note:: Using **openvpn-option -reneg-sec** can be tricky. This option is
-   used to renegotiate data channel after n seconds. When used at both server
-   and client, the lower value will trigger the renegotiation. If you set it to
-   0 on one side of the connection (to disable it), the chosen value on the
-   other side will determine when the renegotiation will occur.
+   used to renegotiate data channel after n seconds. When used on both the 
+   server and client, the lower value will trigger the renegotiation. If you
+   set it to 0 on one side of the connection (to disable it), the chosen value
+   on the other side will determine when the renegotiation will occur.
 
 .. code-block:: none
 
@@ -357,7 +359,7 @@ closing on connection resets or daemon reloads.
   set interfaces openvpn vtun10 protocol udp
 
 Then we need to generate, add and specify the names of the cryptographic materials.
-Each of the install command should be applied to the configuration and commited
+Each of the install commands should be applied to the configuration and commited
 before using under the openvpn interface configuration.
 
 .. code-block:: none
@@ -392,7 +394,7 @@ installing that route on clients.
   set interfaces openvpn vtun10 server push-route 192.168.0.0/16
   set interfaces openvpn vtun10 server subnet 10.23.1.0/24
 
-Since it's a HQ and branch offices setup, we will want all clients to have
+Since it's a HQ with branch offices setup, we will want all clients to have
 fixed addresses and we will route traffic to specific subnets through them. We
 need configuration for each client to achieve this.
 
@@ -413,9 +415,9 @@ internally, so we need to create a route to the 10.23.0.0/20 network ourselves:
   set protocols static route 10.23.0.0/20 interface vtun10
 
 Additionally, each client needs a copy of ca cert and its own client key and
-cert files. The files are plaintext so they may be copied either manually from the CLI.
-Client key and cert files should be signed with the proper ca cert and generated on the
-server side.
+cert files. The files are plaintext so they may be copied manually from the CLI.
+Client key and cert files should be signed with the proper ca cert and generated
+on the server side.
 
 HQ's router requires the following steps to generate crypto materials for the Branch 1:
 
@@ -570,12 +572,12 @@ example:
 Client
 ******
 
-VyOS can not only act as an OpenVPN site-to-site or server for multiple clients.
-You can indeed also configure any VyOS OpenVPN interface as an OpenVPN client
-connecting to a VyOS OpenVPN server or any other OpenVPN server.
+VyOS can not only act as an OpenVPN site-to-site or server for multiple clients
+but you can also configure any VyOS OpenVPN interface as an OpenVPN client that
+connects to a VyOS OpenVPN server or any other OpenVPN server.
 
-Given the following example we have one VyOS router acting as OpenVPN server
-and another VyOS router acting as OpenVPN client. The server also pushes a
+Given the following example we have one VyOS router acting as an OpenVPN server
+and another VyOS router acting as an OpenVPN client. The server also pushes a
 static client IP address to the OpenVPN client. Remember, clients are identified
 using their CN attribute in the SSL certificate.
 
@@ -754,7 +756,7 @@ between kernel and user space for encryption and packet handling.
 As a result, the processing of each packet becomes more efficient, potentially
 leveraging hardware encryption offloading support available in the kernel.
 
-.. note:: OpenVPN DCO is not full OpenVPN features supported , is currently
+.. note:: OpenVPN DCO is not a fully supported OpenVPN feature, and is currently
    considered experimental. Furthermore, there are certain OpenVPN features and
    use cases that remain incompatible with DCO. To get a comprehensive
    understanding of the limitations associated with DCO, refer to the list of
@@ -770,9 +772,9 @@ DCO support is a per-tunnel option and it is not automatically enabled by
 default for new or upgraded tunnels. Existing tunnels will continue to function 
 as they have in the past.
 
-DCO can be enabled for both new and existing tunnels,VyOS adds an option in each 
-tunnel configuration where we can enable this function  .The current best 
-practice is to create a new tunnel with DCO to minimize the chance of problems 
+DCO can be enabled for both new and existing tunnels. VyOS adds an option in
+each tunnel configuration where we can enable this function. The current best
+practice is to create a new tunnel with DCO to minimize the chance of problems
 with existing clients.
 
 .. cfgcmd:: set interfaces openvpn <name> offload dco

From d65bc2bbb0819f8acc9517a1cb97752024a8f5b9 Mon Sep 17 00:00:00 2001
From: whyrlpool <26317568+whyrlpool@users.noreply.github.com>
Date: Thu, 4 Jul 2024 14:12:13 +0100
Subject: [PATCH 27/35] proofread bridge interface

---
 docs/configuration/interfaces/bridge.rst | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/docs/configuration/interfaces/bridge.rst b/docs/configuration/interfaces/bridge.rst
index e69a6e26..5e79107b 100644
--- a/docs/configuration/interfaces/bridge.rst
+++ b/docs/configuration/interfaces/bridge.rst
@@ -1,4 +1,4 @@
-:lastproofread: 2021-06-30
+:lastproofread: 2024-07-04
 
 .. _bridge-interface:
 
@@ -155,9 +155,8 @@ VLAN Options
    native-vlan <vlan-id>
 
    Set the native VLAN ID flag of the interface. When a data packet without a
-   VLAN tag enters the port, the data packet will be forced to add a tag of a
-   specific vlan id. When the vlan id flag flows out, the tag of the vlan id
-   will be stripped
+   VLAN tag enters the port, the data packet will have a specific vlan id added
+   to it. When the packet flows out, the native vlan tag will be stripped.
 
    Example: Set `eth0` member port to be native VLAN 2
 

From d45cf723f94e94891541d92e5655245d99cd6faf Mon Sep 17 00:00:00 2001
From: whyrlpool <26317568+whyrlpool@users.noreply.github.com>
Date: Thu, 4 Jul 2024 14:29:20 +0100
Subject: [PATCH 28/35] proofread interfaces/vxlan

---
 docs/configuration/interfaces/vxlan.rst | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/docs/configuration/interfaces/vxlan.rst b/docs/configuration/interfaces/vxlan.rst
index af00fdec..39901f53 100644
--- a/docs/configuration/interfaces/vxlan.rst
+++ b/docs/configuration/interfaces/vxlan.rst
@@ -1,4 +1,4 @@
-:lastproofread: 2023-01-26
+:lastproofread: 2024-07-04
 
 .. _vxlan-interface:
 
@@ -103,8 +103,8 @@ Unicast
 
 .. cfgcmd:: set interfaces vxlan <interface> remote <address>
 
-  IPv4/IPv6 remote address of the VXLAN tunnel. Alternative to multicast, the
-  remote IPv4/IPv6 address can set directly.
+  IPv4/IPv6 remote address of the VXLAN tunnel. An alternative to multicast,
+  the remote IPv4/IPv6 address can be set directly.
 
 Multicast
 ^^^^^^^^^
@@ -117,7 +117,7 @@ Multicast
 
 .. cfgcmd:: set interfaces vxlan <interface> group <address>
 
-  Multicast group address for VXLAN interface. VXLAN tunnels can be built
+  Multicast group address for the VXLAN interface. VXLAN tunnels can be built
   either via Multicast or via Unicast.
 
   Both IPv4 and IPv6 multicast is possible.
@@ -132,7 +132,7 @@ the same broadcast domain.
 
 Let's assume PC4 on Leaf2 wants to ping PC5 on Leaf3. Instead of setting Leaf3
 as our remote end manually, Leaf2 encapsulates the packet into a UDP-packet and
-sends it to its designated multicast-address via Spine1. When Spine1 receives
+sends it to its' designated multicast-address via Spine1. When Spine1 receives
 this packet it forwards it to all other leaves who has joined the same
 multicast-group, in this case Leaf3. When Leaf3 receives the packet it forwards
 it, while at the same time learning that PC4 is reachable behind Leaf2, because
@@ -188,8 +188,8 @@ Example
 
 The setup is this: Leaf2 - Spine1 - Leaf3
 
-Spine1 is a Cisco IOS router running version 15.4, Leaf2 and Leaf3 is each a
-VyOS router running 1.2.
+Spine1 is a Cisco IOS router running version 15.4, Leaf2 and Leaf3 are each
+VyOS routers running 1.2.
 
 This topology was built using GNS3.
 
@@ -282,8 +282,8 @@ traffic from.
   set interfaces vxlan vxlan242 source-interface 'eth0'
   set interfaces vxlan vxlan242 vni '242'
 
-As you can see, Leaf2 and Leaf3 configuration is almost identical. There are
-lots of commands above, I'll try to into more detail below, command
+As you can see, the Leaf2 and Leaf3 configurations are almost identical. There
+are lots of commands above, I'll try to go into more detail below. Command
 descriptions are placed under the command boxes:
 
 .. code-block:: none
@@ -339,7 +339,7 @@ that behavior is available using the above command.
 Unicast VXLAN
 =============
 
-Alternative to multicast, the remote IPv4 address of the VXLAN tunnel can be
+Alternatively to multicast, the remote IPv4 address of the VXLAN tunnel can be
 set directly. Let's change the Multicast example from above:
 
 .. code-block:: none

From 6072d753e21f31b6c4ece9f04692d5514588873d Mon Sep 17 00:00:00 2001
From: whyrlpool <26317568+whyrlpool@users.noreply.github.com>
Date: Thu, 4 Jul 2024 14:35:38 +0100
Subject: [PATCH 29/35] proofread interfaces/wireguard

---
 docs/configuration/interfaces/wireguard.rst | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/docs/configuration/interfaces/wireguard.rst b/docs/configuration/interfaces/wireguard.rst
index 885720e1..db2ff2c7 100644
--- a/docs/configuration/interfaces/wireguard.rst
+++ b/docs/configuration/interfaces/wireguard.rst
@@ -1,4 +1,4 @@
-:lastproofread: 2023-01-26
+:lastproofread: 2024-07-04
 
 .. _wireguard:
 
@@ -30,7 +30,7 @@ Generate Keypair
 
 .. opcmd:: generate pki wireguard key-pair
 
-   It generates the keypair, which includes the public and private parts.
+   Generates the keypair, which includes the public and private parts.
    The key is not stored on the system - only a keypair is generated.
 
    .. code-block:: none
@@ -41,7 +41,7 @@ Generate Keypair
 
 .. opcmd:: generate pki wireguard key-pair install interface <interface>
 
-   Generates a keypair, which includes the public and private parts, and build
+   Generates a keypair, which includes the public and private parts, and builds
    a configuration command to install this key to ``interface``.
 
    .. code-block:: none
@@ -101,8 +101,8 @@ Optional
 .. opcmd:: generate pki wireguard preshared-key install interface <interface> peer <peer>
 
    An additional layer of symmetric-key crypto can be used on top of the
-   asymmetric crypto. This command automatically creates for you the required
-   CLI command to install this PSK for a given peer.
+   asymmetric crypto. This command automatically creates the required CLI
+   command to install this PSK for a given peer.
 
    This is optional.
 
@@ -409,7 +409,7 @@ the VyOS CLI.
   connect to ``interface`` on this router. The public key from the specified
   interface is automatically extracted and embedded into the configuration.
 
-  The command also generates a configuration snipped which can be copy/pasted
+  The command also generates a configuration snippet which can be copy/pasted
   into the VyOS CLI if needed. The supplied ``<name>`` on the CLI will become
   the peer name in the snippet.
 

From 6c56e9f770eb6e28e567432be0a550ebac156507 Mon Sep 17 00:00:00 2001
From: whyrlpool <26317568+whyrlpool@users.noreply.github.com>
Date: Thu, 4 Jul 2024 14:45:09 +0100
Subject: [PATCH 30/35] proofread interfaces/wireless

---
 docs/configuration/interfaces/geneve.rst   |  2 +-
 docs/configuration/interfaces/wireless.rst | 26 ++++++++++++----------
 2 files changed, 15 insertions(+), 13 deletions(-)

diff --git a/docs/configuration/interfaces/geneve.rst b/docs/configuration/interfaces/geneve.rst
index 1e8b8096..a0a46a95 100644
--- a/docs/configuration/interfaces/geneve.rst
+++ b/docs/configuration/interfaces/geneve.rst
@@ -16,7 +16,7 @@ entirely.
 GENEVE is designed to support network virtualization use cases, where tunnels
 are typically established to act as a backplane between the virtual switches
 residing in hypervisors, physical switches, or middleboxes or other appliances.
-An arbitrary IP network can be used as an underlay although Clos networks - A
+An arbitrary IP network can be used as an underlay through Clos networks - A
 technique for composing network fabrics larger than a single switch while
 maintaining non-blocking bandwidth across connection points. ECMP is used to
 divide traffic across the multiple links and switches that constitute the
diff --git a/docs/configuration/interfaces/wireless.rst b/docs/configuration/interfaces/wireless.rst
index 8a45111e..97701726 100644
--- a/docs/configuration/interfaces/wireless.rst
+++ b/docs/configuration/interfaces/wireless.rst
@@ -1,4 +1,4 @@
-:lastproofread: 2023-01-26
+:lastproofread: 2024-07-04
 
 .. _wireless-interface:
 
@@ -6,20 +6,20 @@
 WLAN/WIFI - Wireless LAN
 ########################
 
-:abbr:`WLAN (Wireless LAN)` interface provide 802.11 (a/b/g/n/ac) wireless
-support (commonly referred to as Wi-Fi) by means of compatible hardware. If your
-hardware supports it, VyOS supports multiple logical wireless interfaces per
-physical device.
+The :abbr:`WLAN (Wireless LAN)` interface provides 802.11 (a/b/g/n/ac) wireless
+support (commonly referred to as Wi-Fi) by means of compatible hardware. If
+your hardware supports it, VyOS supports multiple logical wireless interfaces
+per physical device.
 
 There are three modes of operation for a wireless interface:
 
-* :abbr:`WAP (Wireless Access-Point)` provides network access to connecting
+* :abbr:`WAP (Wireless Access-Point)` mode provides network access to connecting
   stations if the physical hardware supports acting as a WAP
 
-* A station acts as a Wi-Fi client accessing the network through an available
+* Station mode acts as a Wi-Fi client accessing the network through an available
   WAP
 
-* Monitor, the system passively monitors any kind of wireless traffic
+* Monitor mode lets the system passively monitor wireless traffic
 
 If the system detects an unconfigured wireless device, it will be automatically
 added the configuration tree, specifying any detected settings (for example,
@@ -58,7 +58,7 @@ Wireless options
 .. cfgcmd:: set interfaces wireless <interface> disable-broadcast-ssid
 
   Send empty SSID in beacons and ignore probe request frames that do not specify
-  full SSID, i.e., require stations to know SSID.
+  full SSID, i.e., require stations to know the SSID.
 
 .. cfgcmd:: set interfaces wireless <interface> expunge-failing-stations
 
@@ -105,10 +105,12 @@ Wireless options
 
 .. cfgcmd:: set interfaces wireless <interface> reduce-transmit-power <number>
 
-  Add Power Constraint element to Beacon and Probe Response frames.
+  Adds the Power Constraint information element to Beacon and Probe Response
+  frames.
 
-  This option adds Power Constraint element when applicable and Country element
-  is added. Power Constraint element is required by Transmit Power Control.
+  This option adds the Power Constraint information element when applicable
+  and the Country information element is configured. The Power Constraint 
+  element is required by Transmit Power Control.
 
   Valid values are 0..255.
 

From 375761493bf9f338b95417a2aa28488047783afb Mon Sep 17 00:00:00 2001
From: whyrlpool <26317568+whyrlpool@users.noreply.github.com>
Date: Thu, 4 Jul 2024 14:48:10 +0100
Subject: [PATCH 31/35] proofread interfaces/wwan

---
 docs/configuration/interfaces/wwan.rst | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/docs/configuration/interfaces/wwan.rst b/docs/configuration/interfaces/wwan.rst
index 98890158..00f927bb 100644
--- a/docs/configuration/interfaces/wwan.rst
+++ b/docs/configuration/interfaces/wwan.rst
@@ -1,4 +1,4 @@
-:lastproofread: 2023-01-27
+:lastproofread: 2024-07-04
 
 .. _wwan-interface:
 
@@ -320,11 +320,11 @@ The following hardware modules have been tested successfully in an
 Firmware Update
 ***************
 
-All available WWAN cards have a build in, reprogrammable firmware. Most of the
-vendors provide a regular update to the firmware used in the baseband chip.
+All available WWAN cards have a built-in, reprogrammable firmware. Most vendors
+provide regular updates to firmware used in the baseband chip.
 
-As VyOS makes use of the QMI interface to connect to the WWAN modem cards, also
-the firmware can be reprogrammed.
+As VyOS makes use of the QMI interface to connect to the WWAN modem cards, the
+firmware can be reprogrammed.
 
 To update the firmware, VyOS also ships the `qmi-firmware-update` binary. To
 upgrade the firmware of an e.g. Sierra Wireless MC7710 module to the firmware

From 50c3ddb357097da8cddab5f92d1a774316c99c24 Mon Sep 17 00:00:00 2001
From: Tim Harman <tim@muppetz.com>
Date: Sat, 6 Jul 2024 16:15:48 +1200
Subject: [PATCH 32/35] Update Login with OTP Usage Make it clear the user has
 to append their OTP token to their password.

---
 docs/configuration/system/login.rst | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/docs/configuration/system/login.rst b/docs/configuration/system/login.rst
index 09e27c53..452981a9 100644
--- a/docs/configuration/system/login.rst
+++ b/docs/configuration/system/login.rst
@@ -234,6 +234,12 @@ An example:
    set system login user otptester authentication otp rate-time '20'
    set system login user otptester authentication otp window-size '5'
 
+Once a user has 2FA/OTP configured against their account, they must login
+using their password with the OTP code appended to it.
+For example: If the users password is vyosrocks and the OTP code is 817454
+then they would enter their password as vyosrocks817454
+
+
 RADIUS
 ======
 

From 98ab1807fb5b4747070c1baac20cb8e44441382c Mon Sep 17 00:00:00 2001
From: Markus Hauschild <markus@moepman.eu>
Date: Tue, 9 Jul 2024 16:53:10 +0200
Subject: [PATCH 33/35] Fix Typo in build-vyos.rst

---
 docs/contributing/build-vyos.rst | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/contributing/build-vyos.rst b/docs/contributing/build-vyos.rst
index 55be147b..ea0a4765 100644
--- a/docs/contributing/build-vyos.rst
+++ b/docs/contributing/build-vyos.rst
@@ -450,7 +450,7 @@ system:
 
 * Accel-PPP
 * Intel NIC drivers
-* Inter QAT
+* Intel QAT
 
 Each of those modules holds a dependency on the kernel version and if you are
 lucky enough to receive an ISO build error which sounds like:

From cd1dcb5d8e66e3431415ebf31a2d5902b30c1ffc Mon Sep 17 00:00:00 2001
From: srividya0208 <a.srividya@vyos.io>
Date: Fri, 12 Jul 2024 02:03:37 -0400
Subject: [PATCH 34/35] ipsec: Added information about operational commands

---
 docs/configuration/vpn/ipsec.rst | 68 ++++++++++++++++++++++++++++++++
 1 file changed, 68 insertions(+)

diff --git a/docs/configuration/vpn/ipsec.rst b/docs/configuration/vpn/ipsec.rst
index 172b3c64..c1ec645f 100644
--- a/docs/configuration/vpn/ipsec.rst
+++ b/docs/configuration/vpn/ipsec.rst
@@ -567,3 +567,71 @@ be imported.
 
 During profile import, the user is asked to enter its IPSec credentials
 (username and password) which is stored on the mobile.
+
+Operation Mode
+==============
+
+.. opcmd:: show vpn ike sa
+
+   Show all currently active IKE Security Associations.
+
+.. opcmd:: show vpn ike sa nat-traversal
+
+   Show all currently active IKE Security Associations (SA) that are using
+   NAT Traversal.
+
+.. opcmd:: show vpn ike sa peer <peer_name>
+
+   Show all currently active IKE Security Associations (SA) for a specific
+   peer.
+
+.. opcmd:: show vpn ike secrets
+
+   Show all the configured pre-shared secret keys.
+
+.. opcmd:: show vpn ike status
+
+   Show the detailed status information of IKE charon process.
+
+.. opcmd:: show vpn ipsec connections
+
+   Show details of all available VPN connections
+
+.. opcmd:: show vpn ipsec policy
+
+   Print out the list of existing crypto policies
+
+.. opcmd:: show vpn ipsec sa
+
+   Show all active IPsec Security Associations (SA)
+
+.. opcmd:: show vpn ipsec sa detail
+
+   Show a detailed information of all active IPsec Security Associations (SA)
+   in verbose format.
+
+.. opcmd:: show vpn ipsec state
+
+   Print out the list of existing in-kernel crypto state
+
+.. opcmd:: show vpn ipsec status
+
+   Show the status of running IPsec process and process ID.
+
+.. opcmd:: restart ipsec
+
+   Restart the IPsec VPN process and re-establishes the connection.
+
+.. opcmd:: reset vpn ipsec site-to-site all
+
+   Reset all site-to-site IPSec VPN sessions. It terminates all active 
+   child_sa and reinitiates the connection.
+
+.. opcmd:: reset vpn ipsec site-to-site peer <name>
+
+   Reset all tunnels for a given peer, can specify tunnel or vti interface.
+   It terminates a specific child_sa and reinitiates the connection.
+
+.. opcmd:: show log ipsec
+
+   Show logs for IPsec

From 873a461bdf972ebd815baf50893700b0a2518213 Mon Sep 17 00:00:00 2001
From: whyrlpool <26317568+whyrlpool@users.noreply.github.com>
Date: Thu, 18 Jul 2024 14:02:24 +0100
Subject: [PATCH 35/35] VPN documentation proofreading (#1506)

* Fix typos in openconnect.rst

change Cerbort->Certbot
Update first line to reflect that openconnect was introduced in 1.3-rolling (T2036)

* typo in dmvpn.rst

* ipsec.rst justification, minor phrasing changes

* l2tp.rst justification and phrasing changes.

* sstp.rst phrasing, justification changes

* Update ipsec.rst

rephrase for clarity and to avoid possessive plural apostrophe
---
 docs/configuration/vpn/dmvpn.rst       |   2 +-
 docs/configuration/vpn/ipsec.rst       |  52 ++++++++----
 docs/configuration/vpn/l2tp.rst        | 111 ++++++++++++------------
 docs/configuration/vpn/openconnect.rst |   4 +-
 docs/configuration/vpn/sstp.rst        | 113 +++++++++++++------------
 5 files changed, 154 insertions(+), 128 deletions(-)

diff --git a/docs/configuration/vpn/dmvpn.rst b/docs/configuration/vpn/dmvpn.rst
index 7a4b81f7..21df8cfd 100644
--- a/docs/configuration/vpn/dmvpn.rst
+++ b/docs/configuration/vpn/dmvpn.rst
@@ -162,7 +162,7 @@ Example
 
 
 This blueprint uses VyOS as the DMVPN Hub and Cisco (7206VXR) and VyOS as
-multiple spoke sites. The lab was build using :abbr:`EVE-NG (Emulated Virtual
+multiple spoke sites. The lab was built using :abbr:`EVE-NG (Emulated Virtual
 Environment NG)`.
 
 .. figure:: /_static/images/blueprint-dmvpn.png
diff --git a/docs/configuration/vpn/ipsec.rst b/docs/configuration/vpn/ipsec.rst
index c1ec645f..08282a44 100644
--- a/docs/configuration/vpn/ipsec.rst
+++ b/docs/configuration/vpn/ipsec.rst
@@ -13,10 +13,10 @@ address, which makes it easier to setup static routes or use dynamic routing
 protocols without having to modify IPsec policies. The other advantage is that
 it greatly simplifies router to router communication, which can be tricky with
 plain IPsec because the external outgoing address of the router usually doesn't
-match the IPsec policy of typical site-to-site setup and you need to add special
-configuration for it, or adjust the source address for outgoing traffic of your
-applications. GRE/IPsec has no such problem and is completely transparent for
-the applications.
+match the IPsec policy of a typical site-to-site setup and you would need to
+add special configuration for it, or adjust the source address of the outgoing 
+traffic of your applications. GRE/IPsec has no such problem and is completely
+transparent for applications.
 
 GRE/IPIP/SIT and IPsec are widely accepted standards, which make this scheme
 easy to implement between VyOS and virtually any other router.
@@ -163,13 +163,29 @@ Options (Global IPsec settings) Attributes
 
 * ``options``
 
- * ``disable-route-autoinstall`` Do not automatically install routes to remote networks;
+ * ``disable-route-autoinstall`` Do not automatically install routes to remote
+    networks;
 
- * ``flexvpn`` Allows FlexVPN vendor ID payload (IKEv2 only). Send the Cisco FlexVPN vendor ID payload (IKEv2 only), which is required in order to make Cisco brand devices allow negotiating a local traffic selector (from strongSwan's point of view) that is not the assigned virtual IP address if such an address is requested by strongSwan. Sending the Cisco FlexVPN vendor ID prevents the peer from narrowing the initiator's local traffic selector and allows it to e.g. negotiate a TS of 0.0.0.0/0 == 0.0.0.0/0 instead. This has been tested with a "tunnel mode ipsec ipv4" Cisco template but should also work for GRE encapsulation;
+ * ``flexvpn`` Allows FlexVPN vendor ID payload (IKEv2 only). Send the Cisco
+    FlexVPN vendor ID payload (IKEv2 only), which is required in order to make
+    Cisco brand devices allow negotiating a local traffic selector (from
+    strongSwan's point of view) that is not the assigned virtual IP address if
+    such an address is requested by strongSwan. Sending the Cisco FlexVPN
+    vendor ID prevents the peer from narrowing the initiator's local traffic
+    selector and allows it to e.g. negotiate a TS of 0.0.0.0/0 == 0.0.0.0/0
+    instead. This has been tested with a "tunnel mode ipsec ipv4" Cisco
+    template but should also work for GRE encapsulation;
 
- * ``interface`` Interface Name to use. The name of the interface on which virtual IP addresses should be installed. If not specified the addresses will be installed on the outbound interface;
+ * ``interface`` Interface Name to use. The name of the interface on which
+    virtual IP addresses should be installed. If not specified the addresses
+    will be installed on the outbound interface;
 
- * ``virtual-ip`` Allows to install virtual-ip addresses. Comma separated list of virtual IPs to request in IKEv2 configuration payloads or IKEv1 Mode Config. The wildcard addresses 0.0.0.0 and :: request an arbitrary address, specific addresses may be defined. The responder may return a different address, though, or none at all. Define the ``virtual-address`` option to configure the IP address in site-to-site hierarchy.
+ * ``virtual-ip`` Allows the installation of virtual-ip addresses. A comma 
+    separated list of virtual IPs to request in IKEv2 configuration payloads or
+    IKEv1 Mode Config. The wildcard addresses 0.0.0.0 and :: request an 
+    arbitrary address, specific addresses may be defined. The responder may
+    return a different address, or none at all. Define the ``virtual-address``
+    option to configure the IP address in a site-to-site hierarchy.
 
 *************************
 IPsec policy matching GRE
@@ -372,8 +388,8 @@ IKEv2 IPSec road-warriors remote-access VPN
 *******************************************
 
 Internet Key Exchange version 2, IKEv2 for short, is a request/response
-protocol developed by both Cisco and Microsoft. It is used to establish
-and secure IPv4/IPv6 connections, be it a site-to-site VPN or from a
+protocol developed by both Cisco and Microsoft. It is used to establish and
+secure IPv4/IPv6 connections, be it a site-to-site VPN or from a
 road-warrior connecting to a hub site. IKEv2, when run in point-to-multipoint,
 or remote-access/road-warrior mode, secures the server-side with another layer
 by using an x509 signed server certificate.
@@ -396,11 +412,11 @@ This example uses CACert as certificate authority.
   set pki ca CAcert_Class_3_Root certificate 'MIIGPTCCBCWgAwIBAgIDFOIoMA0GCSqGSIb3DQEBDQUAMHkxEDAOBgNVBAoTB1Jvb3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZQ0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9ydEBjYWNlcnQub3JnMB4XDTIxMDQxOTEyMTgzMFoXDTMxMDQxNzEyMTgzMFowVDEUMBIGA1UEChMLQ0FjZXJ0IEluYy4xHjAcBgNVBAsTFWh0dHA6Ly93d3cuQ0FjZXJ0Lm9yZzEcMBoGA1UEAxMTQ0FjZXJ0IENsYXNzIDMgUm9vdDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKtJNRFIfNImflOUz0Op3SjXQiqL84d4GVh8D57aiX3h++tykA10oZZkq5+gJJlz2uJVdscXe/UErEa4w75/ZI0QbCTzYZzA8pD6Ueb1aQFjww9W4kpCz+JEjCUoqMV5CX1GuYrz6fM0KQhF5Byfy5QEHIGoFLOYZcRD7E6CjQnRvapbjZLQ7N6QxX8KwuPr5jFaXnQ+lzNZ6MMDPWAzv/fRb0fEze5ig1JuLgiapNkVGJGmhZJHsK5I6223IeyFGmhyNav/8BBdwPSUp2rVO5J+TJAFfpPBLIukjmJ0FXFuC3ED6q8VOJrU0gVyb4z5K+taciX5OUbjchs+BMNkJyIQKopPWKcDrb60LhPtXapI19V91Cp7XPpGBFDkzA5CW4zt2/LP/JaT4NsRNlRiNDiPDGCbO5dWOK3z0luLoFvqTpa4fNfVoIZwQNORKbeiPK31jLvPGpKK5DR7wNhsX+kKwsOnIJpa3yxdUly6R9Wb7yQocDggL9V/KcCyQQNokszgnMyXS0XvOhAKq3A6mJVwrTWx6oUrpByAITGprmB6gCZIALgBwJNjVSKRPFbnr9s6JfOPMVTqJouBWfmh0VMRxXudA/Z0EeBtsSw/LIaRmXGapneLNGDRFLQsrJ2vjBDTn8Rq+G8T/HNZ92ZCdB6K4/jc0m+YnMtHmJVABfvpAgMBAAGjgfIwge8wDwYDVR0TAQH/BAUwAwEB/zBhBggrBgEFBQcBAQRVMFMwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLkNBY2VydC5vcmcvMCwGCCsGAQUFBzAChiBodHRwOi8vd3d3LkNBY2VydC5vcmcvY2xhc3MzLmNydDBFBgNVHSAEPjA8MDoGCysGAQQBgZBKAgMBMCswKQYIKwYBBQUHAgEWHWh0dHA6Ly93d3cuQ0FjZXJ0Lm9yZy9jcHMucGhwMDIGA1UdHwQrMCkwJ6AloCOGIWh0dHBzOi8vd3d3LmNhY2VydC5vcmcvY2xhc3MzLmNybDANBgkqhkiG9w0BAQ0FAAOCAgEAxh6td1y0KJvRyI1EEsC9dnYEgyEH+BGCf2vBlULAOBG1JXCNiwzB1Wz9HBoDfIv4BjGlnd5BKdSLm4TXPcE3hnGjH1thKR5dd3278K25FRkTFOY1gP+mGbQ3hZRB6IjDX+CyBqS7+ECpHTms7eo/mARN+Yz5R3lzUvXs3zSX+z534NzRg4i6iHNHWqakFcQNcA0PnksTB37vGD75pQGqeSmx51L6UzrIpn+274mhsaFNL85jhX+lKuk71MGjzwoThbuZ15xmkITnZtRQs6HhLSIqJWjDILIrxLqYHehK71xYwrRNhFb3TrsWaEJskrhveM0Os/vvoLNkh/L3iEQ5/LnmLMCYJNRALF7I7gsduAJNJrgKGMYvHkt1bo8uIXO8wgNV7qoU4JoaB1ML30QUqGcFr0TI06FFdgK2fwy5hulPxm6wuxW0v+iAtXYx/mRkwQpYbcVQtrIDvx1CT1k50cQxi+jIKjkcFWHw3kBoDnCos0/ukegPT7aQnk2AbL4c7nCkuAcEKw1BAlSETkfqi5btdlhh58MhewZv1LcL5zQyg8w1puclT3wXQvy8VwPGn0J/mGD4gLLZ9rGcHDUECokxFoWk+u5MCcVqmGbsyG4q5suS3CNslsHURfM8bQK4oLvHR8LCHEBMRcdFBn87cSvOK6eB1kdGKLA8ymXxZp8='
   set pki ca CAcert_Signing_Authority certificate 'MIIG7jCCBNagAwIBAgIBDzANBgkqhkiG9w0BAQsFADB5MRAwDgYDVQQKEwdSb290IENBMR4wHAYDVQQLExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNBIENlcnQgU2lnbmluZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRAY2FjZXJ0Lm9yZzAeFw0wMzAzMzAxMjI5NDlaFw0zMzAzMjkxMjI5NDlaMHkxEDAOBgNVBAoTB1Jvb3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZQ0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9ydEBjYWNlcnQub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAziLA4kZ97DYoB1CW8qAzQIxL8TtmPzHlawI229Z89vGIj053NgVBlfkJ8BLPRoZzYLdufujAWGSuzbCtRRcMY/pnCujW0r8+55jE8Ez64AO7NV1sId6eINm6zWYyN3L69wj1x81YyY7nDl7qPv4coRQKFWyGhFtkZip6qUtTefWIonvuLwphK42yfk1WpRPs6tqSnqxEQR5YYGUFZvjARL3LlPdCfgv3ZWiYUQXw8wWRBB0bF4LsyFe7w2t6iPGwcswlWyCR7BYCEo8y6RcYSNDHBS4CMEK4JZwFaz+qOqfrU0j36NK2B5jcG8Y0f3/JHIJ6BVgrCFvzOKKrF11myZjXnhCLotLddJr3cQxyYN/Nb5gznZY0dj4kepKwDpUeb+agRThHqtdB7Uq3EvbXG4OKDy7YCbZZ16oE/9KTfWgu3YtLq1i6L43qlaegw1SJpfvbi1EinbLDvhG+LJGGi5Z4rSDTii8aP8bQUWWHIbEZAWV/RRyH9XzQQUxPKZgh/TMfdQwEUfoZd9vUFBzugcMd9Zi3aQaRIt0AUMyBMawSB3s42mhb5ivUfslfrejrckzzAeVLIL+aplfKkQABi6F1ITe1Yw1nPkZPcCBnzsXWWdsC4PDSy826YreQQejdIOQpvGQpQsgi3Hia/0PsmBsJUUtaWsJx8cTLc6nloQsCAwEAAaOCAX8wggF7MB0GA1UdDgQWBBQWtTIb1Mfz4OaO873SsDrusjkY0TAPBgNVHRMBAf8EBTADAQH/MDQGCWCGSAGG+EIBCAQnFiVodHRwOi8vd3d3LmNhY2VydC5vcmcvaW5kZXgucGhwP2lkPTEwMFYGCWCGSAGG+EIBDQRJFkdUbyBnZXQgeW91ciBvd24gY2VydGlmaWNhdGUgZm9yIEZSRUUgaGVhZCBvdmVyIHRvIGh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzAxBgNVHR8EKjAoMCagJKAihiBodHRwOi8vY3JsLmNhY2VydC5vcmcvcmV2b2tlLmNybDAzBglghkgBhvhCAQQEJhYkVVJJOmh0dHA6Ly9jcmwuY2FjZXJ0Lm9yZy9yZXZva2UuY3JsMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cDovL29jc3AuY2FjZXJ0Lm9yZzAfBgNVHSMEGDAWgBQWtTIb1Mfz4OaO873SsDrusjkY0TANBgkqhkiG9w0BAQsFAAOCAgEAR5zXs6IX01JTt7Rq3b+bNRUhbO9vGBMggczo7R0qIh1kdhS6WzcrDoO6PkpuRg0L3qM7YQB6pw2V+ubzF7xl4C0HWltfzPTbzAHdJtjaJQw7QaBlmAYpN2CLB6Jeg8q/1Xpgdw/+IP1GRwdg7xUpReUA482l4MH1kf0W0ad94SuIfNWQHcdLApmno/SUh1bpZyeWrMnlhkGNDKMxCCQXQ360TwFHc8dfEAaq5ry6cZzm1oetrkSviE2qofxvv1VFiQ+9TX3/zkECCsUB/EjPM0lxFBmu9T5Ih+Eqns9ivmrEIQDv9tNyJHuLsDNqbUBal7OoiPZnXk9LH+qb+pLf1ofv5noy5vX2a5OKebHe+0Ex/A7e+G/HuOjVNqhZ9j5Nispfq9zNyOHGWD8ofj8DHwB50L1Xh5H+EbIoga/hJCQnRtxWkHP699T1JpLFYwapgplivF4TFv4fqp0nHTKC1x9gGrIgvuYJl1txIKmxXdfJzgscMzqpabhtHOMXOiwQBpWzyJkofF/w55e0LttZDBkEsilV/vW0CJsPs3eNaQF+iMWscGOkgLFlWsAS3HwyiYLNJo26aqyWPaIdc8E4ck7Sk08WrFrHIK3EHr4n1FZwmLpFAvucKqgl0hr+2jypyh5puA3KksHF3CsUzjMUvzxMhykh9zrMxQAHLBVrGwc='
 
-After you obtained your server certificate you can import it from a file
-on the local filesystem, or paste it into the CLI. Please note that
-when entering the certificate manually you need to strip the
-``-----BEGIN KEY-----`` and ``-----END KEY-----`` tags. Also, the certificate
-or key needs to be presented in a single line without line breaks (``\n``).
+After you obtain your server certificate you can import it from a file on the
+local filesystem, or paste it into the CLI. Please note that when entering the
+certificate manually you need to strip the ``-----BEGIN KEY-----`` and
+``-----END KEY-----`` tags. Also, the certificate or key needs to be presented
+in a single line without line breaks (``\n``).
 
 To import it from the filesystem use:
 
@@ -440,7 +456,7 @@ Every connection/remote-access pool we configure also needs a pool where
 we can draw our client IP addresses from. We provide one IPv4 and IPv6 pool.
 Authorized clients will receive an IPv4 address from the 192.0.2.128/25 prefix
 and an IPv6 address from the 2001:db8:2000::/64 prefix. We can also send some
-DNS nameservers down to our clients used on their connection.
+DNS nameservers down for our clients to use with their connection.
 
 .. code-block::
 
@@ -450,8 +466,8 @@ DNS nameservers down to our clients used on their connection.
   set vpn ipsec remote-access pool ra-rw-ipv6 prefix '2001:db8:2000::/64'
 
 VyOS supports multiple IKEv2 remote-access connections. Every connection can
-have its dedicated IKE/ESP ciphers, certificates or local listen address for
-e.g. inbound load balancing.
+have its own dedicated IKE/ESP ciphers, certificates or local listen address
+for e.g. inbound load balancing.
 
 We configure a new connection named ``rw`` for road-warrior, that identifies
 itself as ``192.0.2.1`` to the clients and uses the ``vyos`` certificate
diff --git a/docs/configuration/vpn/l2tp.rst b/docs/configuration/vpn/l2tp.rst
index b64c91a9..a0f5fb1b 100644
--- a/docs/configuration/vpn/l2tp.rst
+++ b/docs/configuration/vpn/l2tp.rst
@@ -148,15 +148,15 @@ For example:
 RADIUS source address
 =====================
 
-If you are using OSPF as IGP, always the closest interface connected to the
-RADIUS server is used. With VyOS 1.2 you can bind all outgoing RADIUS requests
-to a single source IP e.g. the loopback interface.
+If you are using OSPF as your IGP, use the interface connected closest to the
+RADIUS server. You can bind all outgoing RADIUS requests to a single source IP
+e.g. the loopback interface.
 
 .. cfgcmd:: set vpn l2tp remote-access authentication radius source-address <address>
 
   Source IPv4 address used in all RADIUS server queires.
 
-.. note:: The ``source-address`` must be configured on one of VyOS interface.
+.. note:: The ``source-address`` must be configured to that of an interface.
    Best practice would be a loopback or dummy interface.
 
 RADIUS advanced options
@@ -218,7 +218,7 @@ RADIUS advanced options
   The default attribute is `Filter-Id`.
 
 .. note:: If you set a custom RADIUS attribute you must define it on both
-   dictionaries at RADIUS server and client.
+   dictionaries on the RADIUS server and client.
 
 .. cfgcmd:: set vpn l2tp remote-access authentication radius rate-limit enable
 
@@ -226,7 +226,7 @@ RADIUS advanced options
 
 .. cfgcmd:: set vpn l2tp remote-access authentication radius rate-limit vendor
 
-  Specifies the vendor dictionary, dictionary needs to be in
+  Specifies the vendor dictionary. This dictionary needs to be present in
   /usr/share/accel-ppp/radius.
 
 Received RADIUS attributes have a higher priority than parameters defined within
@@ -236,25 +236,28 @@ Allocation clients ip addresses by RADIUS
 =========================================
 
 If the RADIUS server sends the attribute ``Framed-IP-Address`` then this IP
-address will be allocated to the client and the option ``default-pool`` within the CLI
-config is being ignored.
+address will be allocated to the client and the option ``default-pool`` within
+the CLI config will be ignored.
 
-If the RADIUS server sends the attribute ``Framed-Pool``, IP address will be allocated
-from a predefined IP pool whose name equals the attribute value.
+If the RADIUS server sends the attribute ``Framed-Pool``, then the IP address
+will be allocated from a predefined IP pool whose name equals the attribute
+value.
 
-If the RADIUS server sends the attribute ``Stateful-IPv6-Address-Pool``, IPv6 address
-will be allocated from a predefined IPv6 pool ``prefix`` whose name equals the attribute value.
+If the RADIUS server sends the attribute ``Stateful-IPv6-Address-Pool``, the
+IPv6 address will be allocated from a predefined IPv6 pool ``prefix`` whose
+name equals the attribute value.
 
-If the RADIUS server sends the attribute ``Delegated-IPv6-Prefix-Pool``, IPv6
-delegation pefix will be allocated from a predefined IPv6 pool ``delegate``
-whose name equals the attribute value.
+If the RADIUS server sends the attribute ``Delegated-IPv6-Prefix-Pool``, an
+IPv6 delegation prefix will be allocated from a predefined IPv6 pool
+``delegate`` whose name equals the attribute value.
 
 .. note:: ``Stateful-IPv6-Address-Pool`` and ``Delegated-IPv6-Prefix-Pool`` are defined in
           RFC6911. If they are not defined in your RADIUS server, add new dictionary_.
 
-User interface can be put to VRF context via RADIUS Access-Accept packet, or change
-it via RADIUS CoA. ``Accel-VRF-Name`` is used from these purposes. It is custom `ACCEL-PPP attribute`_.
-Define it in your RADIUS server.
+The client's interface can be put into a VRF context via a RADIUS Access-Accept
+packet, or changed via RADIUS CoA. ``Accel-VRF-Name`` is used for these
+purposes. This is a custom `ACCEL-PPP attribute`_. Define it in your RADIUS
+server.
 
 Renaming clients interfaces by RADIUS
 =====================================
@@ -296,19 +299,19 @@ IPv6
 .. cfgcmd:: set vpn l2tp remote-access client-ipv6-pool <IPv6-POOL-NAME> prefix <address>
    mask <number-of-bits>
 
-  Use this comand to set the IPv6 address pool from which an l2tp client
-  will get an IPv6 prefix of your defined length (mask) to terminate the
-  l2tp endpoint at their side. The mask length can be set from 48 to 128
-  bit long, the default value is 64.
+  Use this comand to set the IPv6 address pool from which an l2tp client will
+  get an IPv6 prefix of your defined length (mask) to terminate the l2tp 
+  endpoint at their side. The mask length can be set between 48 and 128 bits
+  long, the default value is 64.
 
 .. cfgcmd:: set vpn l2tp remote-access client-ipv6-pool <IPv6-POOL-NAME> delegate <address>
    delegation-prefix <number-of-bits>
 
-  Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on
-  l2tp. You will have to set your IPv6 pool and the length of the
-  delegation prefix. From the defined IPv6 pool you will be handing out
-  networks of the defined length (delegation-prefix). The length of the
-  delegation prefix can be set from 32 to 64 bit long.
+  Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on l2tp.
+  You will have to set your IPv6 pool and the length of the delegation 
+  prefix. From the defined IPv6 pool you will be handing out networks of the
+  defined length (delegation-prefix). The length of the delegation prefix can
+  be between 32 and 64 bits long.
 
 .. cfgcmd:: set vpn l2tp remote-access default-ipv6-pool <IPv6-POOL-NAME>
 
@@ -325,19 +328,19 @@ IPv6 Advanced Options
 =====================
 .. cfgcmd:: set vpn l2tp remote-access ppp-options ipv6-accept-peer-interface-id
 
-  Accept peer interface identifier. By default is not defined.
+  Accept peer interface identifier. By default this is not defined.
 
 .. cfgcmd:: set vpn l2tp remote-access ppp-options ipv6-interface-id <random | x:x:x:x>
 
-  Specifies fixed or random interface identifier for IPv6.
-  By default is fixed.
+  Specifies if a fixed or random interface identifier is used for IPv6. The
+  default is fixed.
 
   * **random** - Random interface identifier for IPv6
   * **x:x:x:x** - Specify interface identifier for IPv6
 
 .. cfgcmd:: set vpn l2tp remote-access ppp-options ipv6-interface-id <random | x:x:x:x>
 
-  Specifies peer interface identifier for IPv6. By default is fixed.
+  Specifies the peer interface identifier for IPv6. The default is fixed.
 
   * **random** - Random interface identifier for IPv6
   * **x:x:x:x** - Specify interface identifier for IPv6
@@ -350,19 +353,19 @@ Scripting
 
 .. cfgcmd:: set vpn l2tp remote-access extended-scripts on-change <path_to_script>
 
-  Script to run when session interface changed by RADIUS CoA handling
+  Script to run when the session interface is changed by RADIUS CoA handling
 
 .. cfgcmd:: set vpn l2tp remote-access extended-scripts on-down <path_to_script>
 
-  Script to run when session interface going to terminate
+  Script to run when the session interface is about to terminate
 
 .. cfgcmd:: set vpn l2tp remote-access extended-scripts on-pre-up <path_to_script>
 
-  Script to run before session interface comes up
+  Script to run before the session interface comes up
 
 .. cfgcmd:: set vpn l2tp remote-access extended-scripts on-up <path_to_script>
 
-  Script to run when session interface is completely configured and started
+  Script to run when the session interface is completely configured and started
 
 ****************
 Advanced Options
@@ -378,17 +381,17 @@ Authentication Advanced Options
 .. cfgcmd:: set vpn l2tp remote-access authentication local-users username <user> static-ip
    <address>
 
-  Assign static IP address to `<user>` account.
+  Assign a static IP address to `<user>` account.
 
 .. cfgcmd:: set vpn l2tp remote-access authentication local-users username <user> rate-limit
    download <bandwidth>
 
-  Download bandwidth limit in kbit/s for `<user>`.
+  Rate limit the download bandwidth for `<user>` to `<bandwidth>` kbit/s.
 
 .. cfgcmd:: set vpn l2tp remote-access authentication local-users username <user> rate-limit
    upload <bandwidth>
 
-  Upload bandwidth limit in kbit/s for `<user>`.
+  Rate limit the upload bandwidth for `<user>` to `<bandwidth>` kbit/s
 
 .. cfgcmd:: set vpn l2tp remote-access authentication protocols
    <pap | chap | mschap | mschap-v2>
@@ -413,10 +416,10 @@ PPP Advanced Options
 
 .. cfgcmd:: set vpn l2tp remote-access ppp-options interface-cache <number>
 
-  Specifies number of interfaces to keep in cache. It means that don’t
-  destroy interface after corresponding session is destroyed, instead
-  place it to cache and use it later for new sessions repeatedly.
-  This should reduce kernel-level interface creation/deletion rate lack.
+  Specifies number of interfaces to cache. This prevents interfaces from being
+  removed once the corresponding session is destroyed. Instead, interfaces are
+  cached for later use in new sessions. This should reduce the kernel-level
+  interface creation/deletion rate.
   Default value is **0**.
 
 .. cfgcmd:: set vpn l2tp remote-access ppp-options ipv4 <require | prefer | allow | deny>
@@ -436,19 +439,20 @@ PPP Advanced Options
 .. cfgcmd:: set vpn l2tp remote-access ppp-options lcp-echo-interval <interval>
 
   If this option is specified and is greater than 0, then the PPP module will
-  send LCP pings of the echo request every `<interval>` seconds.
+  send LCP echo requests every `<interval>` seconds.
   Default value is **30**.
 
 .. cfgcmd:: set vpn l2tp remote-access ppp-options lcp-echo-timeout
 
-  Specifies timeout in seconds to wait for any peer activity. If this option
+  Specifies timeout in seconds to wait for any peer activity. If this option is
   specified it turns on adaptive lcp echo functionality and "lcp-echo-failure"
   is not used. Default value is **0**.
 
 .. cfgcmd:: set vpn l2tp remote-access ppp-options min-mtu <number>
 
-  Defines minimum acceptable MTU. If client will try to negotiate less then
-  specified MTU then it will be NAKed or disconnected if rejects greater MTU.
+  Defines the minimum acceptable MTU. If a client tries to negotiate an MTU
+  lower than this it will be NAKed, and disconnected if it rejects a greater 
+  MTU.
   Default value is **100**.
 
 .. cfgcmd:: set vpn l2tp remote-access ppp-options mppe <require | prefer | deny>
@@ -460,9 +464,10 @@ PPP Advanced Options
   * **prefer** - ask client for mppe, if it rejects don't fail. (Default value)
   * **deny** - deny mppe
 
-  Default behavior - don't ask client for mppe, but allow it if client wants.
-  Please note that RADIUS may override this option by MS-MPPE-Encryption-Policy
-  attribute.
+  Default behavior - don't ask the client for mppe, but allow it if the client
+  wants.
+  Please note that RADIUS may override this option with the 
+  MS-MPPE-Encryption-Policy attribute.
 
 .. cfgcmd:: set vpn l2tp remote-access ppp-options mru <number>
 
@@ -481,7 +486,7 @@ Global Advanced options
 
 .. cfgcmd:: set vpn l2tp remote-access limits connection-limit <value>
 
-  Acceptable rate of connections (e.g. 1/min, 60/sec)
+  Maximum accepted connection rate (e.g. 1/min, 60/sec)
 
 .. cfgcmd:: set vpn l2tp remote-access limits timeout <value>
 
@@ -497,9 +502,9 @@ Global Advanced options
 
 .. cfgcmd:: set vpn l2tp remote-access name-server <address>
 
-  Connected client should use `<address>` as their DNS server. This
-  command accepts both IPv4 and IPv6 addresses. Up to two nameservers
-  can be configured for IPv4, up to three for IPv6.
+  Connected clients should use `<address>` as their DNS server. This command
+  accepts both IPv4 and IPv6 addresses. Up to two nameservers can be configured
+  for IPv4, up to three for IPv6.
 
 .. cfgcmd:: set vpn l2tp remote-access shaper fwmark <1-2147483647>
 
diff --git a/docs/configuration/vpn/openconnect.rst b/docs/configuration/vpn/openconnect.rst
index 845d9196..09d0574d 100644
--- a/docs/configuration/vpn/openconnect.rst
+++ b/docs/configuration/vpn/openconnect.rst
@@ -4,7 +4,7 @@
 OpenConnect
 ###########
 
-OpenConnect-compatible server feature is available from this release.
+OpenConnect-compatible server feature has been available since Equuleus (1.3).
 Openconnect VPN supports SSL connection and offers full network access. SSL VPN
 network extension connects the end-user system to the corporate network with
 access controls based only on network layer information, such as destination IP
@@ -32,7 +32,7 @@ will create a self signed certificates and will be stored in configuration:
   run generate pki ca install <CA name>
   run generate pki certificate sign <CA name> install <Server name>
  
-We can also create the certificates using Cerbort which is an easy-to-use 
+We can also create the certificates using Certbot which is an easy-to-use 
 client that fetches a certificate from Let's Encrypt an open certificate 
 authority launched by the EFF, Mozilla, and others and deploys it to a web 
 server.
diff --git a/docs/configuration/vpn/sstp.rst b/docs/configuration/vpn/sstp.rst
index cd064162..e750cdcf 100644
--- a/docs/configuration/vpn/sstp.rst
+++ b/docs/configuration/vpn/sstp.rst
@@ -16,8 +16,8 @@ SSTP is available for Linux, BSD, and Windows.
 VyOS utilizes accel-ppp_ to provide SSTP server functionality. We support both
 local and RADIUS authentication.
 
-As SSTP provides PPP via a SSL/TLS channel the use of either publically signed
-certificates as well as a private PKI is required.
+As SSTP provides PPP via a SSL/TLS channel the use of either publicly signed
+certificates or private PKI is required.
 
 ***********************
 Configuring SSTP Server
@@ -92,8 +92,8 @@ Configuring RADIUS authentication
 *********************************
 
 To enable RADIUS based authentication, the authentication mode needs to be
-changed within the configuration. Previous settings like the local users, still
-exists within the configuration, however they are not used if the mode has been
+changed within the configuration. Previous settings like the local users still
+exist within the configuration, however they are not used if the mode has been
 changed from local to radius. Once changed back to local, it will use all local
 accounts again.
 
@@ -121,15 +121,15 @@ For example:
 RADIUS source address
 =====================
 
-If you are using OSPF as IGP, always the closest interface connected to the
-RADIUS server is used. You can bind all outgoing RADIUS requests
-to a single source IP e.g. the loopback interface.
+If you are using OSPF as your IGP, use the interface connected closest to the
+RADIUS server. You can bind all outgoing RADIUS requests to a single source IP
+e.g. the loopback interface.
 
 .. cfgcmd:: set vpn sstp authentication radius source-address <address>
 
   Source IPv4 address used in all RADIUS server queires.
 
-.. note:: The ``source-address`` must be configured on one of VyOS interface.
+.. note:: The ``source-address`` must be configured to that of an interface.
    Best practice would be a loopback or dummy interface.
 
 RADIUS advanced options
@@ -191,7 +191,7 @@ RADIUS advanced options
   The default attribute is `Filter-Id`.
 
 .. note:: If you set a custom RADIUS attribute you must define it on both
-   dictionaries at RADIUS server and client.
+   dictionaries on the RADIUS server and client.
 
 .. cfgcmd:: set vpn sstp authentication radius rate-limit enable
 
@@ -199,7 +199,7 @@ RADIUS advanced options
 
 .. cfgcmd:: set vpn sstp authentication radius rate-limit vendor
 
-  Specifies the vendor dictionary, dictionary needs to be in
+  Specifies the vendor dictionary, This dictionary needs to be present in
   /usr/share/accel-ppp/radius.
 
 Received RADIUS attributes have a higher priority than parameters defined within
@@ -209,25 +209,28 @@ Allocation clients ip addresses by RADIUS
 =========================================
 
 If the RADIUS server sends the attribute ``Framed-IP-Address`` then this IP
-address will be allocated to the client and the option ``default-pool`` within the CLI
-config is being ignored.
+address will be allocated to the client and the option ``default-pool`` within
+the CLI config will being ignored.
 
-If the RADIUS server sends the attribute ``Framed-Pool``, IP address will be allocated
-from a predefined IP pool whose name equals the attribute value.
+If the RADIUS server sends the attribute ``Framed-Pool``, then the IP address
+will be allocated from a predefined IP pool whose name equals the attribute
+value.
 
-If the RADIUS server sends the attribute ``Stateful-IPv6-Address-Pool``, IPv6 address
-will be allocated from a predefined IPv6 pool ``prefix`` whose name equals the attribute value.
+If the RADIUS server sends the attribute ``Stateful-IPv6-Address-Pool``, the
+IPv6 address will be allocated from a predefined IPv6 pool ``prefix`` whose
+name equals the attribute value.
 
-If the RADIUS server sends the attribute ``Delegated-IPv6-Prefix-Pool``, IPv6
-delegation pefix will be allocated from a predefined IPv6 pool ``delegate``
+If the RADIUS server sends the attribute ``Delegated-IPv6-Prefix-Pool``, an
+IPv6 delegation prefix will be allocated from a predefined IPv6 pool ``delegate``
 whose name equals the attribute value.
 
 .. note:: ``Stateful-IPv6-Address-Pool`` and ``Delegated-IPv6-Prefix-Pool`` are defined in
           RFC6911. If they are not defined in your RADIUS server, add new dictionary_.
 
-User interface can be put to VRF context via RADIUS Access-Accept packet, or change
-it via RADIUS CoA. ``Accel-VRF-Name`` is used from these purposes. It is custom `ACCEL-PPP attribute`_.
-Define it in your RADIUS server.
+The client's interface can be put into a VRF context via a RADIUS Access-Accept
+packet, or changed via RADIUS CoA. ``Accel-VRF-Name`` is used for these
+purposes. This is a custom `ACCEL-PPP attribute`_. Define it in your RADIUS
+server.
 
 Renaming clients interfaces by RADIUS
 =====================================
@@ -254,19 +257,19 @@ IPv6
 .. cfgcmd:: set vpn sstp client-ipv6-pool <IPv6-POOL-NAME> prefix <address>
    mask <number-of-bits>
 
-  Use this comand to set the IPv6 address pool from which an SSTP client
-  will get an IPv6 prefix of your defined length (mask) to terminate the
-  SSTP endpoint at their side. The mask length can be set from 48 to 128
-  bit long, the default value is 64.
+  Use this comand to set the IPv6 address pool from which an SSTP client will
+  get an IPv6 prefix of your defined length (mask) to terminate the SSTP
+  endpoint at their side. The mask length can be set between 48 and 128 bits
+  long, the default value is 64.
 
 .. cfgcmd:: set vpn sstp client-ipv6-pool <IPv6-POOL-NAME> delegate <address>
    delegation-prefix <number-of-bits>
 
-  Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on
-  SSTP. You will have to set your IPv6 pool and the length of the
-  delegation prefix. From the defined IPv6 pool you will be handing out
-  networks of the defined length (delegation-prefix). The length of the
-  delegation prefix can be set from 32 to 64 bit long.
+  Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on SSTP. You
+  will have to set your IPv6 pool and the length of the delegation prefix. From
+  the defined IPv6 pool you will be handing out networks of the defined length
+  (delegation-prefix). The length of the delegation prefix can be set between 
+  32 and 64 bits long.
 
 .. cfgcmd:: set vpn sstp default-ipv6-pool <IPv6-POOL-NAME>
 
@@ -283,19 +286,19 @@ IPv6 Advanced Options
 =====================
 .. cfgcmd:: set vpn sstp ppp-options ipv6-accept-peer-interface-id
 
-  Accept peer interface identifier. By default is not defined.
+  Accept peer interface identifier. By default this is not defined.
 
 .. cfgcmd:: set vpn sstp ppp-options ipv6-interface-id <random | x:x:x:x>
 
-  Specifies fixed or random interface identifier for IPv6.
-  By default is fixed.
+  Specifies if a fixed or random interface identifier is used for IPv6. The
+  default is fixed.
 
   * **random** - Random interface identifier for IPv6
   * **x:x:x:x** - Specify interface identifier for IPv6
 
 .. cfgcmd:: set vpn sstp ppp-options ipv6-interface-id <random | x:x:x:x>
 
-  Specifies peer interface identifier for IPv6. By default is fixed.
+  Specifies the peer interface identifier for IPv6. The default is fixed.
 
   * **random** - Random interface identifier for IPv6
   * **x:x:x:x** - Specify interface identifier for IPv6
@@ -308,19 +311,19 @@ Scripting
 
 .. cfgcmd:: set vpn sstp extended-scripts on-change <path_to_script>
 
-  Script to run when session interface changed by RADIUS CoA handling
+  Script to run when the session interface is changed by RADIUS CoA handling
 
 .. cfgcmd:: set vpn sstp extended-scripts on-down <path_to_script>
 
-  Script to run when session interface going to terminate
+  Script to run when the session interface about to terminate
 
 .. cfgcmd:: set vpn sstp extended-scripts on-pre-up <path_to_script>
 
-  Script to run before session interface comes up
+  Script to run before the session interface comes up
 
 .. cfgcmd:: set vpn sstp extended-scripts on-up <path_to_script>
 
-  Script to run when session interface is completely configured and started
+  Script to run when the session interface is completely configured and started
 
 ****************
 Advanced Options
@@ -336,17 +339,17 @@ Authentication Advanced Options
 .. cfgcmd:: set vpn sstp authentication local-users username <user> static-ip
    <address>
 
-  Assign static IP address to `<user>` account.
+  Assign a static IP address to `<user>` account.
 
 .. cfgcmd:: set vpn sstp authentication local-users username <user> rate-limit
    download <bandwidth>
 
-  Download bandwidth limit in kbit/s for `<user>`.
+  Rate limit the download bandwidth for `<user>` to `<bandwidth>` kbit/s.
 
 .. cfgcmd:: set vpn sstp authentication local-users username <user> rate-limit
    upload <bandwidth>
 
-  Upload bandwidth limit in kbit/s for `<user>`.
+  Rate limit the upload bandwidth for `<user>` to `<bandwidth>` kbit/s.
 
 .. cfgcmd:: set vpn sstp authentication protocols
    <pap | chap | mschap | mschap-v2>
@@ -371,10 +374,10 @@ PPP Advanced Options
 
 .. cfgcmd:: set vpn sstp ppp-options interface-cache <number>
 
-  Specifies number of interfaces to keep in cache. It means that don’t
-  destroy interface after corresponding session is destroyed, instead
-  place it to cache and use it later for new sessions repeatedly.
-  This should reduce kernel-level interface creation/deletion rate lack.
+  Specifies number of interfaces to cache. This prevents interfaces from being
+  removed once the corresponding session is destroyed. Instead, interfaces are
+  cached for later use in new sessions. This should reduce the kernel-level
+  interface creation/deletion rate.
   Default value is **0**.
 
 .. cfgcmd:: set vpn sstp ppp-options ipv4 <require | prefer | allow | deny>
@@ -394,19 +397,20 @@ PPP Advanced Options
 .. cfgcmd:: set vpn sstp ppp-options lcp-echo-interval <interval>
 
   If this option is specified and is greater than 0, then the PPP module will
-  send LCP pings of the echo request every `<interval>` seconds.
+  send LCP echo requests every `<interval>` seconds.
   Default value is **30**.
 
 .. cfgcmd:: set vpn sstp ppp-options lcp-echo-timeout
 
-  Specifies timeout in seconds to wait for any peer activity. If this option
+  Specifies timeout in seconds to wait for any peer activity. If this option is
   specified it turns on adaptive lcp echo functionality and "lcp-echo-failure"
   is not used. Default value is **0**.
 
 .. cfgcmd:: set vpn sstp ppp-options min-mtu <number>
 
-  Defines minimum acceptable MTU. If client will try to negotiate less then
-  specified MTU then it will be NAKed or disconnected if rejects greater MTU.
+  Defines the minimum acceptable MTU. If a client tries to negotiate an MTU
+  lower than this it will be NAKed, and disconnected if it rejects a greater
+  MTU.
   Default value is **100**.
 
 .. cfgcmd:: set vpn sstp ppp-options mppe <require | prefer | deny>
@@ -418,7 +422,8 @@ PPP Advanced Options
   * **prefer** - ask client for mppe, if it rejects don't fail. (Default value)
   * **deny** - deny mppe
 
-  Default behavior - don't ask client for mppe, but allow it if client wants.
+  Default behavior - don't ask the client for mppe, but allow it if the client
+  wants.
   Please note that RADIUS may override this option by MS-MPPE-Encryption-Policy
   attribute.
 
@@ -439,7 +444,7 @@ Global Advanced options
 
 .. cfgcmd:: set vpn sstp limits connection-limit <value>
 
-  Acceptable rate of connections (e.g. 1/min, 60/sec)
+  Maximum accepted connection rate (e.g. 1/min, 60/sec)
 
 .. cfgcmd:: set vpn sstp limits timeout <value>
 
@@ -455,9 +460,9 @@ Global Advanced options
 
 .. cfgcmd:: set vpn sstp name-server <address>
 
-  Connected client should use `<address>` as their DNS server. This
-  command accepts both IPv4 and IPv6 addresses. Up to two nameservers
-  can be configured for IPv4, up to three for IPv6.
+  Connected clients should use `<address>` as their DNS server. This command
+  accepts both IPv4 and IPv6 addresses. Up to two nameservers can be configured
+  for IPv4, up to three for IPv6.
 
 .. cfgcmd:: set vpn sstp shaper fwmark <1-2147483647>