From eb470b0b58cd4e839d299c690efbd7c697e68140 Mon Sep 17 00:00:00 2001 From: jamesholland-uk Date: Wed, 19 Jul 2023 09:29:21 +0000 Subject: [PATCH] Sync Terraform module documentation --- .../docs/swfw/aws/vmseries/modules/alb.md | 2 + .../docs/swfw/aws/vmseries/modules/asg.md | 5 +- .../docs/swfw/aws/vmseries/modules/gwlb.md | 2 + .../docs/swfw/aws/vmseries/modules/nlb.md | 1 + .../swfw/aws/vmseries/modules/panorama.md | 1 + .../swfw/aws/vmseries/modules/vmseries.md | 1 + .../docs/swfw/aws/vmseries/modules/vpc.md | 2 +- .../47d0ec0b-9080-4af2-b82b-0445e6910975.png | Bin 0 -> 227979 bytes .../centralized_design_autoscale.md | 215 +++++++++++++ .../docs/swfw/azure/vmseries/modules/appgw.md | 8 +- .../vmseries/modules/application_insights.md | 2 +- .../swfw/azure/vmseries/modules/bootstrap.md | 7 +- .../docs/swfw/azure/vmseries/modules/natgw.md | 2 +- .../swfw/azure/vmseries/modules/panorama.md | 1 - .../docs/swfw/azure/vmseries/modules/vmss.md | 5 +- .../common_vmseries.md | 10 +- .../dedicated_vmseries.md | 10 +- .../swfw/gcp/vmseries/modules/autoscale.md | 71 +++-- .../swfw/gcp/vmseries/modules/bootstrap.md | 1 + .../swfw/gcp/vmseries/modules/lb_external.md | 6 +- .../swfw/gcp/vmseries/modules/lb_internal.md | 7 +- .../docs/swfw/gcp/vmseries/modules/vpc.md | 2 +- .../7690846b-2aad-4045-913c-8a5cdb80b16b.png | Bin 0 -> 71886 bytes .../reference-architectures/vmseries_ha.md | 298 ++++++++++++++++++ 24 files changed, 598 insertions(+), 61 deletions(-) create mode 100644 products/terraform/docs/swfw/aws/vmseries/reference-architectures/47d0ec0b-9080-4af2-b82b-0445e6910975.png create mode 100644 products/terraform/docs/swfw/aws/vmseries/reference-architectures/centralized_design_autoscale.md create mode 100644 products/terraform/docs/swfw/gcp/vmseries/reference-architectures/7690846b-2aad-4045-913c-8a5cdb80b16b.png create mode 100644 products/terraform/docs/swfw/gcp/vmseries/reference-architectures/vmseries_ha.md diff --git a/products/terraform/docs/swfw/aws/vmseries/modules/alb.md b/products/terraform/docs/swfw/aws/vmseries/modules/alb.md index 598343315..ed7fac0ca 100644 --- a/products/terraform/docs/swfw/aws/vmseries/modules/alb.md +++ b/products/terraform/docs/swfw/aws/vmseries/modules/alb.md @@ -141,6 +141,7 @@ No modules. | [security\_groups](#input\_security\_groups) | A list of security group IDs to use with a Load Balancer.

If security groups are created with a [VPC module](../vpc/README.md) you can use output from that module like this:
security\_groups              = [module.vpc.security\_group\_ids["load\_balancer\_security\_group"]]
For more information on the `load_balancer_security_group` key refer to the [VPC module documentation](../vpc/README.md). | `list(string)` | n/a | yes | | [subnets](#input\_subnets) | Map of subnets used with a Load Balancer. Each key is the availability zone name and the value is an object that has an attribute
`id` identifying AWS subnet.

Examples:

You can define the values directly:
subnets = {
  "us-east-1a" = { id = "snet-123007" }
  "us-east-1b" = { id = "snet-123008" }
}
You can also use output from the `subnet_sets` module:
subnets        = { for k, v in module.subnet\_sets["untrust"].subnets : k => { id = v.id } }
| 
map(object({
    id = string
  }))
| n/a | yes | | [tags](#input\_tags) | Map of AWS tags to apply to all the created resources. | `map(string)` | `{}` | no | +| [target\_group\_az](#input\_target\_group\_az) | Availability Zones of Target Group ('all' for target group outside of VPC) | `string` | `null` | no | | [targets](#input\_targets) | A list of backends accepting traffic. For Application Load Balancer all targets are of type `IP`. This is because this is the only option that allows a direct routing between a Load Balancer and a specific VMSeries' network interface. The Application Load Balancer is meant to be always public, therefore the VMSeries IPs should be from the public facing subnet. An example on how to feed this variable with data:
fw\_instance\_ips = { for k, v in var.vmseries : k => module.vmseries[k].interfaces["untrust"].private\_ip }
For format of `var.vmseries` check the [`vmseries` module](../vmseries/README.md). The key is the VM name. By using those keys, we can loop through all vmseries modules and take the private IP from the interface that is assigned to the subnet we require. The subnet can be identified by the subnet set name (like above). In other words, the `for` loop returns the following map:
{
  vm01 = "1.1.1.1"
  vm02 = "2.2.2.2"
  ...
}
| `map(string)` | n/a | yes | | [vpc\_id](#input\_vpc\_id) | ID of the security VPC for the Load Balancer. | `string` | n/a | yes | @@ -149,4 +150,5 @@ No modules. | Name | Description | |------|-------------| | [lb\_fqdn](#output\_lb\_fqdn) | A FQDN for the Load Balancer. | +| [target\_group](#output\_target\_group) | n/a | \ No newline at end of file diff --git a/products/terraform/docs/swfw/aws/vmseries/modules/asg.md b/products/terraform/docs/swfw/aws/vmseries/modules/asg.md index f2d045d80..a3071e747 100644 --- a/products/terraform/docs/swfw/aws/vmseries/modules/asg.md +++ b/products/terraform/docs/swfw/aws/vmseries/modules/asg.md @@ -76,7 +76,8 @@ No modules. | [global\_tags](#input\_global\_tags) | Map of AWS tags to apply to all the created resources. | `map(any)` | n/a | yes | | [instance\_type](#input\_instance\_type) | EC2 instance type. | `string` | `"m5.xlarge"` | no | | [interfaces](#input\_interfaces) | Map of the network interface specifications.
If "mgmt-interface-swap" bootstrap option is enabled, ensure dataplane interface `device_index` is set to 0 and the firewall management interface `device_index` is set to 1.
Available options:
- `device_index` = (Required\|int) Determines order in which interfaces are attached to the instance. Interface with `0` is attached at boot time.
- `subnet_id` = (Required\|string) Subnet ID to create the ENI in.
- `name` = (Optional\|string) Name tag for the ENI. Defaults to instance name suffixed by map's key.
- `description` = (Optional\|string) A descriptive name for the ENI.
- `create_public_ip` = (Optional\|bool) Whether to create a public IP for the ENI. Defaults to false.
- `eip_allocation_id` = (Optional\|string) Associate an existing EIP to the ENI.
- `private_ips` = (Optional\|list) List of private IPs to assign to the ENI. If not set, dynamic allocation is used.
- `public_ipv4_pool` = (Optional\|string) EC2 IPv4 address pool identifier.
- `source_dest_check` = (Optional\|bool) Whether to enable source destination checking for the ENI. Defaults to false.
- `security_group_ids` = (Optional\|list) A list of Security Group IDs to assign to this interface. Defaults to null.

Example:
interfaces = {
  mgmt = {
    device\_index       = 0
    subnet\_id          = aws\_subnet.mgmt.id
    name               = "mgmt"
    create\_public\_ip   = true
    source\_dest\_check  = true
    security\_group\_ids = ["sg-123456"]
  },
  public = {
    device\_index     = 1
    subnet\_id        = aws\_subnet.public.id
    name             = "public"
    create\_public\_ip = true
  },
  private = {
    device\_index = 2
    subnet\_id    = aws\_subnet.private.id
    name         = "private"
  },
]
| `map(any)` | n/a | yes | -| [lambda\_timeout](#input\_lambda\_timeout) | Amount of time Lambda Function has to run in seconds. | `number` | `10` | no | +| [ip\_target\_groups](#input\_ip\_target\_groups) | Target groups (type IP) for load balancers, which are used by Lamda to register VM-Series IP of untrust interface | 
list(object({
    arn  = string
    port = string
  }))
| `[]` | no | +| [lambda\_timeout](#input\_lambda\_timeout) | Amount of time Lambda Function has to run in seconds. | `number` | `30` | no | | [lifecycle\_hook\_timeout](#input\_lifecycle\_hook\_timeout) | How long should we wait for lambda to finish | `number` | `300` | no | | [max\_size](#input\_max\_size) | Maximum size of the Auto Scaling Group. | `number` | `2` | no | | [min\_size](#input\_min\_size) | Minimum size of the Auto Scaling Group. | `number` | `1` | no | @@ -92,7 +93,7 @@ No modules. | [ssh\_key\_name](#input\_ssh\_key\_name) | Name of AWS keypair to associate with instances | `string` | n/a | yes | | [subnet\_ids](#input\_subnet\_ids) | List of subnet IDs associated with the Lambda function | `list(string)` | `[]` | no | | [suspended\_processes](#input\_suspended\_processes) | List of processes to suspend for the Auto Scaling Group. The allowed values are Launch, Terminate, HealthCheck, ReplaceUnhealthy, AZRebalance, AlarmNotification, ScheduledActions, AddToLoadBalancer, InstanceRefresh | `list(string)` | `[]` | no | -| [target\_group\_arn](#input\_target\_group\_arn) | ARN of target group for load balancer | `string` | `null` | no | +| [target\_group\_arn](#input\_target\_group\_arn) | ARN of target group (type instance) for load balancer, which is used by ASG to register VM-Series instance | `string` | `null` | no | | [vmseries\_ami\_id](#input\_vmseries\_ami\_id) | The AMI from which to launch the instance. Takes precedence over fw\_version and fw\_license\_type | `string` | `null` | no | | [vmseries\_iam\_instance\_profile](#input\_vmseries\_iam\_instance\_profile) | IAM instance profile used in launch template | `string` | `""` | no | | [vmseries\_product\_code](#input\_vmseries\_product\_code) | Product code corresponding to a chosen VM-Series license type model - by default - BYOL.
To check the available license type models and their codes, please refer to the
[VM-Series documentation](https://docs.paloaltonetworks.com/vm-series/10-0/vm-series-deployment/set-up-the-vm-series-firewall-on-aws/deploy-the-vm-series-firewall-on-aws/obtain-the-ami/get-amazon-machine-image-ids.html) | `string` | `"6njl1pau431dv1qxipg63mvah"` | no | diff --git a/products/terraform/docs/swfw/aws/vmseries/modules/gwlb.md b/products/terraform/docs/swfw/aws/vmseries/modules/gwlb.md index cc50ebf00..1aa4b7d18 100644 --- a/products/terraform/docs/swfw/aws/vmseries/modules/gwlb.md +++ b/products/terraform/docs/swfw/aws/vmseries/modules/gwlb.md @@ -70,6 +70,7 @@ No modules. |------|-------------|------|---------|:--------:| | [allowed\_principals](#input\_allowed\_principals) | List of AWS Principal ARNs who are allowed access to the GWLB Endpoint Service. For example `["arn:aws:iam::123456789000:root"]`. | `list(string)` | `[]` | no | | [deregistration\_delay](#input\_deregistration\_delay) | See the `aws` provider [documentation](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_target_group#deregistration_delay). | `number` | `null` | no | +| [enable\_lb\_deletion\_protection](#input\_enable\_lb\_deletion\_protection) | Whether to enable deletion protection on the gateway loadbalancer. | `bool` | `false` | no | | [endpoint\_service\_tags](#input\_endpoint\_service\_tags) | Map of AWS tags to apply to the created GWLB Endpoint Service. These tags are applied after the `global_tags`. | `map(string)` | `{}` | no | | [global\_tags](#input\_global\_tags) | Map of AWS tags to apply to all the created resources. | `map(string)` | `{}` | no | | [health\_check\_enabled](#input\_health\_check\_enabled) | See the `aws` provider [documentation](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_target_group#health_check). | `bool` | `null` | no | @@ -83,6 +84,7 @@ No modules. | [lb\_tags](#input\_lb\_tags) | Map of AWS tags to apply to the created Load Balancer object. These tags are applied after the `global_tags`. | `map(string)` | `{}` | no | | [lb\_target\_group\_tags](#input\_lb\_target\_group\_tags) | Map of AWS tags to apply to the created GWLB Target Group. These tags are applied after the `global_tags`. | `map(string)` | `{}` | no | | [name](#input\_name) | Name of the created GWLB and its Target Group. Must be unique per AWS region per AWS account. | `string` | n/a | yes | +| [stickiness\_type](#input\_stickiness\_type) | If `stickiness_type` is `null`, then attribute `enabled` is set to `false` in stickiness configuration block,
value provided in `type` is ignored and by default the Gateway Load Balancer uses 5-tuple to maintain flow stickiness to a specific target appliance.
If `stickiness_type` is not `null`, then attribute `enabled` is set to `true` in stickiness configuration block
and the stickiness `type` can be then customized by using value:
- `source_ip_dest_ip_proto` for 3-tuple (Source IP, Destination IP and Transport Protocol)
- `source_ip_dest_ip` for 2-tuple (Source IP and Destination IP)
 | `string` | `null` | no |
 |  [subnets](#input\_subnets) | Map of subnets where to create the GWLB. Each map's key is the availability zone name and each map's object has an attribute
`id` identifying AWS subnet.
Example for users of module `subnet_set`:
subnets = module.subnet\_set.subnets
Example:
subnets = {
  "us-east-1a" = { id = "snet-123007" }
  "us-east-1b" = { id = "snet-123008" }
}
 | 
map(object({
    id = string
  }))
 | n/a | yes |
 |  [target\_instances](#input\_target\_instances) | Map of instances to attach to the GWLB Target Group. | 
map(object({
    id = string
  }))
 | `{}` | no |
 |  [unhealthy\_threshold](#input\_unhealthy\_threshold) | The number of failed health checks required before a healthy target becomes unhealthy. Minimum 2 and maximum 10. | `number` | `3` | no |
diff --git a/products/terraform/docs/swfw/aws/vmseries/modules/nlb.md b/products/terraform/docs/swfw/aws/vmseries/modules/nlb.md
index 1f551a52e..393890863 100644
--- a/products/terraform/docs/swfw/aws/vmseries/modules/nlb.md
+++ b/products/terraform/docs/swfw/aws/vmseries/modules/nlb.md
@@ -71,4 +71,5 @@ No modules.
 | Name | Description |
 |------|-------------|
 |  [lb\_fqdn](#output\_lb\_fqdn) | A FQDN for the Load Balancer. |
+|  [target\_group](#output\_target\_group) | n/a |
 
\ No newline at end of file
diff --git a/products/terraform/docs/swfw/aws/vmseries/modules/panorama.md b/products/terraform/docs/swfw/aws/vmseries/modules/panorama.md
index faa08c277..66d9d0ea2 100644
--- a/products/terraform/docs/swfw/aws/vmseries/modules/panorama.md
+++ b/products/terraform/docs/swfw/aws/vmseries/modules/panorama.md
@@ -63,6 +63,7 @@ No modules.
 |  [create\_public\_ip](#input\_create\_public\_ip) | If true, create an Elastic IP address for Panorama. | `bool` | `false` | no |
 |  [ebs\_kms\_key\_alias](#input\_ebs\_kms\_key\_alias) | The alias for the customer managed KMS key to use for volume encryption.
If this is set to `null` the default master key that protects EBS volumes will be used | `string` | `null` | no |
 |  [ebs\_volumes](#input\_ebs\_volumes) | List of EBS volumes to create and attach to Panorama.
Available options:
- `name`              (Optional) Name tag for the EBS volume. If not provided defaults to the value of `var.name`.
- `ebs_device_name`   (Required) The EBS device name to expose to the instance (for example, /dev/sdh or xvdh). 
See [Device Naming on Linux Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/device_naming.html#available-ec2-device-names) for more information.
- `ebs_size`          (Optional) The size of the EBS volume in GiBs. Defaults to 2000 GiB.
- `ebs_encrypted`     (Optional) If true, the Panorama EBS volume will be encrypted.
- `force_detach`      (Optional) Set to true if you want to force the volume to detach. Useful if previous attempts failed, but use this option only as a last resort, as this can result in data loss.
- `skip_destroy`      (Optional) Set this to true if you do not wish to detach the volume from the instance to which it is attached at destroy time, and instead just remove the attachment from Terraform state. 
This is useful when destroying an instance attached to third-party volumes.

Note: Terraform must be running with credentials which have the `GenerateDataKeyWithoutPlaintext` permission on the specified KMS key 
as required by the [EBS KMS CMK volume provisioning process](https://docs.aws.amazon.com/kms/latest/developerguide/services-ebs.html#ebs-cmk) to prevent a volume from being created and almost immediately deleted.
If null, the default EBS encryption KMS key in the current region is used.

Example:
ebs\_volumes = [
  {
    name              = "ebs-1"
    ebs\_device\_name   = "/dev/sdb"
    ebs\_size          = "2000"
    ebs\_encrypted     = true
  },
  {
    name              = "ebs-2"
    ebs\_device\_name   = "/dev/sdb"
    ebs\_size          = "2000"
    ebs\_encrypted     = true
  },
  {
    name              = "ebs-3"
    ebs\_device\_name   = "/dev/sdb"
    ebs\_size          = "2000"
  },
]
 | `list(any)` | `[]` | no |
+|  [enable\_imdsv2](#input\_enable\_imdsv2) | Whether to enable IMDSv2 on the EC2 instance.
Support for this feature has been added in VM-Series Plugin [3.0.0](https://docs.paloaltonetworks.com/plugins/vm-series-and-panorama-plugins-release-notes/vm-series-plugin/vm-series-plugin-30/vm-series-plugin-300#id126d0957-95d7-4b29-9147-fff20027986e), which in turn requires PAN-OS version 10.2.0 at minimum. | `string` | `false` | no |
 |  [global\_tags](#input\_global\_tags) | A map of tags to assign to the resources.
If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level." | `map(any)` | `{}` | no |
 |  [instance\_type](#input\_instance\_type) | EC2 instance type for Panorama. Default set to Palo Alto Networks recommended instance type. | `string` | `"c5.4xlarge"` | no |
 |  [name](#input\_name) | Name for the Panorama instance. | `string` | `"pan-panorama"` | no |
diff --git a/products/terraform/docs/swfw/aws/vmseries/modules/vmseries.md b/products/terraform/docs/swfw/aws/vmseries/modules/vmseries.md
index 932faa63e..64ce1f072 100644
--- a/products/terraform/docs/swfw/aws/vmseries/modules/vmseries.md
+++ b/products/terraform/docs/swfw/aws/vmseries/modules/vmseries.md
@@ -68,6 +68,7 @@ No modules.
 |  [ebs\_encrypted](#input\_ebs\_encrypted) | Whether to enable EBS encryption on volumes. | `bool` | `true` | no |
 |  [ebs\_kms\_key\_alias](#input\_ebs\_kms\_key\_alias) | The alias for the customer managed KMS key to use for volume encryption. Should be prepended with the word "alias" followed by a forward slash (alias/example-key-alias).
If `null` (the default), the default master key that protects EBS volumes will be used. | `string` | `null` | no |
 |  [enable\_imdsv2](#input\_enable\_imdsv2) | Whether to enable IMDSv2 on the EC2 instance.
Support for this feature has been added in VM-Series Plugin [3.0.0](https://docs.paloaltonetworks.com/plugins/vm-series-and-panorama-plugins-release-notes/vm-series-plugin/vm-series-plugin-30/vm-series-plugin-300#id126d0957-95d7-4b29-9147-fff20027986e), which in turn requires VM-Series version 10.2.0 at minimum. | `string` | `false` | no |
+|  [enable\_instance\_termination\_protection](#input\_enable\_instance\_termination\_protection) | Whether to enable termination protection on the EC2 instance. | `bool` | `false` | no |
 |  [iam\_instance\_profile](#input\_iam\_instance\_profile) | IAM instance profile. | `string` | `null` | no |
 |  [instance\_type](#input\_instance\_type) | EC2 instance type. | `string` | `"m5.xlarge"` | no |
 |  [interfaces](#input\_interfaces) | Map of the network interface specifications.
If "mgmt-interface-swap" bootstrap option is enabled, ensure dataplane interface `device_index` is set to 0 and the firewall management interface `device_index` is set to 1.
Available options:
- `device_index`       = (Required\|int) Determines order in which interfaces are attached to the instance. Interface with `0` is attached at boot time.
- `subnet_id`          = (Required\|string) Subnet ID to create the ENI in.
- `name`               = (Optional\|string) Name tag for the ENI. Defaults to instance name suffixed by map's key.
- `description`        = (Optional\|string) A descriptive name for the ENI.
- `create_public_ip`   = (Optional\|bool) Whether to create a public IP for the ENI. Defaults to false.
- `eip_allocation_id`  = (Optional\|string) Associate an existing EIP to the ENI.
- `private_ips`        = (Optional\|list) List of private IPs to assign to the ENI. If not set, dynamic allocation is used.
- `public_ipv4_pool`   = (Optional\|string) EC2 IPv4 address pool identifier. 
- `source_dest_check`  = (Optional\|bool) Whether to enable source destination checking for the ENI. Defaults to false.
- `security_group_ids` = (Optional\|list) A list of Security Group IDs to assign to this interface. Defaults to null.

Example:
interfaces = {
  mgmt = {
    device\_index       = 0
    subnet\_id          = aws\_subnet.mgmt.id
    name               = "mgmt"
    create\_public\_ip   = true
    source\_dest\_check  = true
    security\_group\_ids = ["sg-123456"]
  },
  public = {
    device\_index     = 1
    subnet\_id        = aws\_subnet.public.id
    name             = "public"
    create\_public\_ip = true
  },
  private = {
    device\_index = 2
    subnet\_id    = aws\_subnet.private.id
    name         = "private"
  },
]
 | `map(any)` | n/a | yes |
diff --git a/products/terraform/docs/swfw/aws/vmseries/modules/vpc.md b/products/terraform/docs/swfw/aws/vmseries/modules/vpc.md
index a70ee81b7..e89cec5de 100644
--- a/products/terraform/docs/swfw/aws/vmseries/modules/vpc.md
+++ b/products/terraform/docs/swfw/aws/vmseries/modules/vpc.md
@@ -100,7 +100,7 @@ No modules.
 |  [name](#input\_name) | Name of the VPC to create or use. | `string` | n/a | yes |
 |  [ntp\_servers](#input\_ntp\_servers) | Specify a list of NTP server addresses for DHCP options set, default to AWS provided | `list(string)` | `[]` | no |
 |  [secondary\_cidr\_blocks](#input\_secondary\_cidr\_blocks) | Secondary CIDR block to assign to a new VPC. | `list(string)` | `[]` | no |
-|  [security\_groups](#input\_security\_groups) | The `security_groups` variable is a map of maps, where each map represents an AWS Security Group.
  The key of each entry acts as the Security Group name.
  List of available attributes of each Security Group entry:
  - `rules`: A list of objects representing a Security Group rule. The key of each entry acts as the name of the rule and
      needs to be unique across all rules in the Security Group.
      List of attributes available to define a Security Group rule:
      - `description`: Security Group description.
      - `type`: Specifies if rule will be evaluated on ingress (inbound) or egress (outbound) traffic.
      - `cidr_blocks`: List of CIDR blocks - for ingress, determines the traffic that can reach your instance. For egress
      Determines the traffic that can leave your instance, and where it can go.


  Example:
security\_groups = {
    vmseries-mgmt = {
      name = "vmseries-mgmt"
      rules = {
        all-outbound = {
          description = "Permit All traffic outbound"
          type        = "egress", from\_port = "0", to\_port = "0", protocol = "-1"
          cidr\_blocks = ["0.0.0.0/0"]
        }
        https-inbound-private = {
          description = "Permit HTTPS for VM-Series Management"
          type        = "ingress", from\_port = "443", to\_port = "443", protocol = "tcp"
          cidr\_blocks = ["10.0.0.0/8"]
        }
        https-inbound-eip = {
          description = "Permit HTTPS for VM-Series Management from known public IPs"
          type        = "ingress", from\_port = "443", to\_port = "443", protocol = "tcp"
          cidr\_blocks = ["100.100.100.100/32"]
        }
        ssh-inbound-eip = {
          description = "Permit SSH for VM-Series Management from known public IPs"
          type        = "ingress", from\_port = "22", to\_port = "22", protocol = "tcp"
          cidr\_blocks = ["100.100.100.100/32"]
        }
      }
    }
  }
 | `any` | `{}` | no |
+|  [security\_groups](#input\_security\_groups) | The `security_groups` variable is a map of maps, where each map represents an AWS Security Group.
  The key of each entry acts as the Security Group name.
  List of available attributes of each Security Group entry:
  - `rules`: A list of objects representing a Security Group rule. The key of each entry acts as the name of the rule and
      needs to be unique across all rules in the Security Group.
      List of attributes available to define a Security Group rule:
      - `description`: Security Group description.
      - `type`: Specifies if rule will be evaluated on ingress (inbound) or egress (outbound) traffic.
      - `cidr_blocks`: List of CIDR blocks - for ingress, determines the traffic that can reach your instance. For egress
      Determines the traffic that can leave your instance, and where it can go.
      - `prefix_list_ids`: List of Prefix List IDs


  Example:
security\_groups = {
    vmseries-mgmt = {
      name = "vmseries-mgmt"
      rules = {
        all-outbound = {
          description = "Permit All traffic outbound"
          type        = "egress", from\_port = "0", to\_port = "0", protocol = "-1"
          cidr\_blocks = ["0.0.0.0/0"]
        }
        https-inbound-private = {
          description = "Permit HTTPS for VM-Series Management"
          type        = "ingress", from\_port = "443", to\_port = "443", protocol = "tcp"
          cidr\_blocks = ["10.0.0.0/8"]
        }
        https-inbound-eip = {
          description = "Permit HTTPS for VM-Series Management from known public IPs"
          type        = "ingress", from\_port = "443", to\_port = "443", protocol = "tcp"
          cidr\_blocks = ["100.100.100.100/32"]
        }
        ssh-inbound-eip = {
          description = "Permit SSH for VM-Series Management from known public IPs"
          type        = "ingress", from\_port = "22", to\_port = "22", protocol = "tcp"
          cidr\_blocks = ["100.100.100.100/32"]
        }
        https-inbound-prefix-list = {
          description = "Permit HTTPS for VM-Series Management for IPs in managed prefix list"
          type        = "ingress", from\_port = "443", to\_port = "443", protocol = "tcp"
          prefix\_list\_ids = ["pl-1a2b3c4d5e6f7g8h9i"]
        }
      }
    }
  }
 | `any` | `{}` | no |
 |  [use\_internet\_gateway](#input\_use\_internet\_gateway) | If an existing VPC is provided and has IG attached, set to `true` to reuse it. | `bool` | `false` | no |
 |  [vpc\_tags](#input\_vpc\_tags) | Optional map of arbitrary tags to apply to VPC resource. | `map` | `{}` | no |
 |  [vpn\_gateway\_amazon\_side\_asn](#input\_vpn\_gateway\_amazon\_side\_asn) | ASN for the Amazon side of the gateway. | `string` | `null` | no |
diff --git a/products/terraform/docs/swfw/aws/vmseries/reference-architectures/47d0ec0b-9080-4af2-b82b-0445e6910975.png b/products/terraform/docs/swfw/aws/vmseries/reference-architectures/47d0ec0b-9080-4af2-b82b-0445e6910975.png
new file mode 100644
index 0000000000000000000000000000000000000000..6575f7d9e35b145acb148a1359f2e7854cf90d4b
GIT binary patch
literal 227979
zcmeFZWmuG5+cwN)B7$I`fRxf89fG8yga`=2&>+&?-Ki*@0@5W6oia2i9TLM30wOs>
zNjJP}nBl(eXM47H`+j_X-}BN7=A3h_bFCxxV?U0ymO-!OBnj}y@NjT&2&AQ+E8^hb
zrr_XQs>Zzn?l`|=Oaecs^`sPKad2Gead5o-ac~a6E$>Af90v{@9MoGJoF|`gaPC=u
zfhh=qFRr|kk$jGGivBOPE+-1yxn?b;W`~2rMuYzQk8_r&Be;3hURw6W)rG592n1Q$
zao>A@9&x0fKUH!bTR!%3SK3b6JrxzFf53mupDHT&VdPup6KX##CDXTN27U;-pJA@>
z5LxS$wy-70b^owAJBz9l9KYB~M8(j3(IH28(NqOjZvJukFXmzm#R8RUA6XDDFW|EA
zrg;Yji*b-rchGL`>m_{d5a5n~WjO!JkaBmNwTf%aZr($Cp<9|+Kz_0azhP?a9vJ6;
zE}{TV$p5(E-T&$Dwf}q#eo2?uyY%0m6=>Wq{MTpiuQx^h`LEAnLuf(&dr_PE%m4cc
z2ZxBanc=@be;}K_{okLThy1_S|0|FGC;We9frIn^X?o^ZTfUOi<8!*={J8X(n?Y)(
zFrsxN>(P5S{350^G4%&$CfxXBg0kbVerS}|Whz3%OJgI6Y`@m!dS*V;fd7wyZ)yYI
zpjr4Q2iR6P>*3S8hsTh6XltjI-3pKunW9T_5$1auB{jzyzR|!o=Mlq!1|0PDod{#r
z>+qSFF;AL`BY9-=KTzoYvnDQ+KNE`D@$eYTgE);}F%BlSyzimd<~G0}FTG-=t|jYS
z`7HPM8f{zE+0g&xpWOm6|b>j;|gVNuTbS-j&v3$h=PVQg|WLZak}R
zDwORKw`HvT4|??tY)4|3FdcnJo?`Gg$e4aFw{cf$Ung#(o;jpOy|eg7QLAOxtcT8l
zdz}6J_H=+kYft3I)A*Rz*!I-;7{^Z^tbAj7;y9}tT6C9~UDl3eLacb)=K
zs2rQw2AW`7HD189!Y^oJp{R3Pgv&{2EPh`Wq9I6&K2q;&m_U8RqF$pd=1G626Ys75
zhaFDLTOvSpi$=M(TNl?~GNh2eDCC<;#aNQ@6XC>IWAZk@2oskzl20&B_<_~|VJ>Oo
zqIqnnr#Q@-dP}5y8ryyNJmyJ`-HyTO@xEEs@Q=xHt#{S5OpcOH0*1BAN1~Z;Zn}?ZU^=uUlq^>DS+AFltmSJ1{UIcY`9}8Z?HtwC7AQs5Qo?$TjZ$O$a
z1Cp}%?_uVQ7kh=sebtvh6ugwD#k?$3=Cs54T2~o4D?xSOyl*$4jkx)>~E4M}B*X}u)
z8BQ8n53oIcCpa@dYKm>=tgyTBR$Urme`(34)&G_^kg6J>*#!DhB(iV?*h3|j&p;;KN$Y}^MrHN~%E+jk{Q3*?3!bC5
z6}8oldMC`Y;%&+@&2|SouVUJYy`;vd(vPxe$T?)6nY>K?yV2!v0AtG!Hix-84A1;{
z{aV@=SGgxAA8cy(QnG;KA9Q1-`u02a<-enHdQ>QbBx@)d<;gT2
z&UwBd)1%U6%pRxNcFh9#mn0jxn>2k@2Y}a0Ptx&N{^_wb_x<2#ldy>r%(!r{(BQ3v
zn29;ji?sO#VeC2KuPo3R+m-S<%69qLyu5eW>mF{>?Btz>yF5Sx<2R6HahcbzK6L9l
z12?^U_$E^{6xDEkF#Q38u(pNTb4z%N8FMb%P#y#K)JLtv`04TyCRKXbT0s$3%fNw^
zh~6Waw+69k7r4$qM)72&L|~`QOV86o^%%?38W|-q+BZmp2*)cu=-G2I5A7d)Q$^!5Xzj~r@QT&AMjlN(0@#9LFPCND6Vz5Ly`lb9t_7-w5gYasAY6mpoH
zCe8?gYP_JNXI(c$G)VH01}jJ@YRn7r@G4LpAly0}N{D!!c}QB-0vhMS9?b&a7}_z*
ztV@cm*^w6cTe;nqPE2(Em`M<>CPoXH
zjzTxDk%#HW@*>U&w8YzB_+|9$KloXOxqQ<@4Xz7Y_HU;7F|4><@cB$rrG8H+B2zvY
zubk#!7TJhm3F50{B)UMBzk(RnI;Y7b|0H5Nx!Bj&-L_euu&3Tj6`oMfd(;TTs5r?Q
zc}&lAh{tqT+UUG9r)ZTkyLm}_*Z$JHNR<}MnsH;seM9MY*GFQ>FQ>xRvR4pxNKq-$
zBVGcGS{fIdt$2YsdMgbb$hVgG8cb{SeD?z}zg!9sBv&1cG^M{ziYG~c9ksmY;Ie31
zuo2*dA~){(Po6gW
zH1f)1zN&GNHPVqcr@;0}bnz_ac`FUB7w$W+%7QNc+}yO$NaI-{MRpn0<9_)ru0v!n
zFPFRZfhYIjI)Xa7E14rS3BvdP@eS!G4afy&Dq+mnXGrd1y|3E3k>8L7zx>P7
zjSh{sjjZ-}&b~+WvPhy2G}Bw;GIqnNQDp{@~x)
zABU)%c?NjjO-zQFS-M`Os`XF$v>@+>!1*xF@v+&d6@^C>!s!TQ!G7g^6Qj*cyfs0H
zinp=8KzG}*2$Tiuz1|;)&NSq$KjhGiIv+FjL+rE+8%FolE#*
z-pKqv-WZ6^A_9MmOwf)J2(
z(5O<^A|)!3S&m!W=*r1WEq)y!mjj=}%z?V;YzF>6zj-w{o=$t^ZVxd*W&U|+>#iAQ
z3G2}ZPHylwPHX>re3
z&lThfvY)-m5`KDk&_E>A^wqZB?8|;&;cZA`qZi^
z*Fh90$)K-r>N5>oSphoja;p^hA(dhBfA;W-8ySZoO(+
zcbf&u;2c}qZuL2n`7FThK77upPzDmc-<;UswJA&7_bu`+y3zwKjQ$%_j+b^;0)Iu&ja!QFE=ZnON`5{&EDER{$K>wKltDh9OQW{^(cJVuYwodOeR__KE5A
zv${Qb(d!4NgK;|UPYGEy3ZLZ+qPQ>~N5pW3f#E}rJNeT(X7~EODNcFr30{)tfQ?vj
zg~sRS`_S5WHrRASr2byYfSh~}I!LrSP6=E;ty}Ye%3w@djQlLVg_ocDo#MJ`3C+Bm
zaGUZVi;6dKFlqb?yvn_{Y!ub`Hv3q1W+bzwpb(EF;#tm{-P0Anr+RC3hlQ?guK8?O
z)VDdK>|z5A4ZGSumx@?b#lVXPM;>mjhdQBWseanQ&*zy2SN?~_@y8aDneh=mnV`)d
zf4Bi=M$~d=wk5UUXn(1${@sB+ROUkZK>N9jcnkK;IS_n7bK7(-c<0o>!GL6OcBZu?$Vp9$n25XD
z#pP*HVuDEJxfOrEhH+uIzQ6?*V|+)`40ueMe3c~NxctdpIRGU&^{U4Gv4SguofW{$Zhf^oN2(k!BA0s22bWB<$r5q=$OTL*D*}GB-
zE8W`3A#N=J)EN{w{)6XA*cUVJ(sw|N$wl|S!DF(Dc7z84F1D_-@TqB$V!Omv+rsm>
z%m>O(b;%p7sfm2W{&;LeqbD;L^S__$q@S>;KL}D=y7yhhsBGvY+ve9J>T`aRfr~}M
z0FC3>E%y9EwmS0TK+qKlE-qFmjf~hZ;gALq6*$>d3`2nFwjgybT@dw?J*4vSCc=&_
z_&ns?Gu^&D#e|%_4N-|ZaIIAwtO}mVcg5ze)Gsi&KG2j|lVwvDJX6s3GN}hVITk9c
zFX9Qm0TIT&IsDe1ESlSf-{3M=>|oDojc>J}@>EVZwlVi5>LHX-dsFXx4B}8qb%jIK
zN_4L|Z>W4;I9ojL(LQ!W)YmYKa^T0v!`!!OZ!4mFK(?5D2vC@6pK}c49*?4ORxQJZ
zjx07U2E9zTNzbWh_fJQ(?MN}aNr^NMXk7=$J=jnTgUuS+J+ChUT>D0>Vgq{Hn9~+o91kjSo?~
zwdT(A->?_y7CBoTZ{`3WaWwOi&isG
zHevnc+pODDxxXz|tX@)i2$$k~yn~z8uDeZ2pp(CZZe9&{A1^n`lnE?(dF~3q4>2Ti
zKpE5lHtx-jA6#JcOo1zh-k6|7hE4HI#e(|8Q7D}Fyu$GdYb9#h@jRQXn--T|KOC%Y
zbH7Z=L?l#=dJIv)MNbl3HZL%~?c`$MQ^{e7o9d51n6^D~=CXv$7JR}ygY)(dhN4ja
zygOgY&|Ov0z(kR7-E;9!rtFV)#N8KW*rYK5sB3_4}eR9%61aYj{%!BCGC1A9=W=QcHsu_=x?
z75W&;YvqxgGlImp`tC=MeH?jm7q{3iJV+ci5?`|$y?yDt^q+~X`aip`amSdBJNMz1
zh*9OsL-sg1VTOGVhzj}rq@IC@@r$g1&k7vhvEb+5up6EEU#*+Filwq~0_2Hk@`12
z@Mk-H;UX^TsC9KM2mLF7a=qpR4Qu5_7c3l0$ssD(sE8x&bLN5G?IEmq`FjdSeLj`k
zX?t?gDMEC|ZL~=FshD1>Vwi0PrPbS*SU`T(R;U5hWL4xjQaAs8{1x4;#C)Wh4^ih(PG*!mKE<<$3s0kmjV|gaQZI6z
z++{M#=Ba$%dHj*5mC}Xr$66FjPD(39O3N#z?!QdI2b2mS#)cyFoC)X7mmBd}d-wdm+rAf%gcR2Cde5
zlo)Q-vDal^#{PV&)0G0^Tk8>363dfrePlXu`y
z7x41&<&~6_oNjL+2YIa~g`i#7XCy+f>vfH;A}R7cJw1@Pn{jp<`|j5Svk^}ua*49dp`3KYU#Y9B1BoA$bAKZ8}G&K7J8M{)Z#yW{P@r{tZk;>
ztf($q*llOAplVW4Mn>k8FJ~}U!>UeMCiaoSix&armEVsmbiZy=qC}S5PMiF$!himJ
z%bz19k~sZ$-+c_`0M+)~H-N+8q?I+AY{I+0?6TYNx9dnk)s7=3p&p%`o#pQP8#hzj
z^z<^c-Pd0npX@d~t{dK+bSt{cs?PIg27l<+uY99q7m4>bD7ZA&Iy+y+#Ka)e-cynd
z3oorZ`=a79YgS<_i=X`(RIZYtlDAyz4u1O)Zq-a3%X#g!P~khE-@EtQ54Mo(HfzoQ
z&b1CJ&*vR~505>e=rB>NI6hi7_BU$#xX365wiWUb58CxHaem&A_};xl%caG|@Ci%8
z{mFv^*Pay7Df@Bj)3VaFv|}+y1hD$J*dfi4R3k@E8YoY-PDZs;9^?&Cm?|-O`Z_pLX
z8rb)chDJ}-P6+}DWqdThxnFKM@ucPWKB{)Y(&^PR;s{UqZ<=ftI)~2Y|ZCZ}=|2hlVR%_mzprJX|j8yKq9d@-&dvjyx?-Ozd)b|blvx1Y4n>-#%k@R+@J+z
zn55l&cM!kxLupo4)@#S+Hz=O)EbltkY0D<^v8MkHq6PCb9V<7XF+~hGol4wd4!^Mb
z9gI}c-J|!5fFA$ubKp7&+(vTGo1*GB9ji5IERp5b)6E~&S^@*F098RtN;uPxb)2UI
zQW1V$Hz{e5XWufATJGK^tXL?p$k-Q!)8Wfiox_7}&=&bZZkcX?o~(>~>0b05{ZLSV2b
zD
9NNGa)B8AXcB>=s4UP}CTRa=51_sj6dR-Ex;pN{NoSYO{7PwO7{Bi!obE%*z
zUF1Emg&T*IrY0t&TqAeoJUl#Sx3jpnP}p1
z)#yh&zc7kknlPbvByRKZM$cAHp*qK%9Ctff_7f7wczJoZy?A+ezGi2)ZvC?ZEvhHm
z8e4Hp6lrvNk~CKDQIn96Fx20lmYq#+Fa57h%4Vl@H5Rx3PL1oD!#i;AsRszg
zp)V}nv)(JX_S_*k&GQDZ@|DRtjfsf~Q)6R}<6kHgN=ZkD3U1Q_(X<8QDK+>6tEqtx
z4e7f!RF;>MsJjvDjF}aY_8M5@cCR?@dKGF^ng@NI-`KDf|C_mX=mg-^wq^qSIoKMM
zKWqroBNoAu<9s5ID6p*rCo>ZmVD*G05c_u6@m7u~#ZKoffV0eOY@x
zMi5k9UT(bp=LZAqBtDC=%(stLzLBxjv=(Xyl4
z&u@JTpI~!x($YZylYLuX%E(lh!kK~Yu7n_lhdaT5sRozFlvPyBfX$VT*6*45OjxQY
zC`9Dt<)I+}?XWki%1V6I+Kmo(R@BRl6;792Hs?)FPmZ&9e{%N;-Bw6#2_8fa9c(Wt
zD=6HwC!ovy`c;aUn0V})jo$Z7EvE^Gz`n<1C7)ZmhYK_aM6c#Sp?-xrCMLPREUQ3J
zG2GL3-{@cfXjiC9QC43+Sahf0Au@m866ahm$-
z^Nf;`{?~T0vLTQnZ3~ze=nTwE(jChi8ed|T2K|(wknN&df3{r-R-Qf7y^Cl4Bq!p7Jsxx_
zWRUy9;V}h9V~Hz^pNv>>gy!Zl86ud6uXu&Z3Iv)8a+AC5uJQ&0AMUlE0um*KBnD+W^p@zgJrv1q
zndWe(0_Np^G==#bnQ!*Zx1VpB6AezJ@;Cy9$^g=ue1
zHkF^^BeAh}LDzCnm7?K{Fp(#-Cw}q5&Q`|8i>HX=kdTn4gxMPE>RU}$sV-GaUQ;of
za=%D`Z_l43M||hb=i$Y5XZ@;iUfpK@lO5`-gp@p5TDtt*kZNb(y}pp&;re4&X5Wh*
zO&5n6WLH$cIfkoHoq!~~D$>jJiIY+pAo)fX5RV+pk=!CBZ2K+N0>VET*K579QF{Pf
zR|;lt$x^@jYW8Py|CP#5XQ2G|LiftxzRWBv6_yjQ529Dg1VC^}c3Z8!sdehZ>US_t
zUR&BHHg!0;i=W0>2KR2}yk6^Ha|5sq-h%Pv&k^Onf_^vv?*vAR=Tfv?kb2uP;4TK^
zs7KF|0`L0Wx;13T<4Igs#shd}%U+iRm`k}qDoNO)|eed=krq8f;&
zh;O*_v!<|6jxsFg)Ta^vszr-!7i-n?^<0mpeBO@6nAf3{!lushk1nwL5mY>p1&02r
zg~58#Sz+W7N;qMR3hdhBEYQtwG#EYOa^FMMgWNEaXEpA`10jT;D`hS1iBjJ
zFVZV3hs)~*ta*5N+UIP4lvBtH5!^_*bLS4eTWDn^-=ND(zpbR=NNUiXCt`#5Am<)H
za~7h*?-&~>ym@omF(pphl_~w|qSv;H7pN6xWxc4H@~m-O9(hnTULd$uJNP#_4U$h{
z-VsSBzRK-@8oH!e&Hgz+>q=qa+hN;<2uaEy=aaE9byh7{`Kj5DkHimDQeBSL+gh}t
zMkyYAX$X4C?q`CAtbu`JA_EW>z|sMT#dOVaT_Wu4>Oyl_*Wl7pE)cbT{8iS{DgY69
zF#MUgxcFy2N{t
zjy1d%W91)0MT_aeM^%I<^AZb!6#%(`S$TNW>COfFtOQ*#H8)q%)6*N#Lm&`cbGGr7
zqoaU~faoNg4iV%_>?tSiehsa`cO18Vziv;?9|CIWg3KAv-
z(4z@U>d}#V%Lq$R?Yk#oeG7vLyk___ehqDZMs3@cp9It}TutOPgLI=X)5Wi({wxI{RV=LkdrD
zVn_gZ&cwK=)Z@?*aIsuqWR_LqTXxLM%v@SA`oQb~tSW-Zo%(qdA)p|y0bHdgSy)3R
zj*VCA8iU#+jmmBgKCct^0<9Vd;4P6Co_;_lFMu5edR(2#0Jjo^-6{d3gFkF_TZ-Z&
zEeo3_bDc2>qF(jWV<6{1E%s*s9GwiW=mQ-CFCu`QTtu(;9B&NKua*Hg*3Q)@wc1wg;X~Q7iTHZ!=G8RuMLb)}
zWqo8KGl1WVfiaAkVuuuE>;3O0YhCj4^Lf6s05z9`
z$W*Oa7>;NtEgi5Htp^F))5EIr@ak*EwVVMb_gXqlkr`zF}bAVtr=trDTSf3=!sEeZG
zD0#U?0>nz#OsHVF#W>$!-+bVG%MT{lb$_w+;th2110Mv^Llp_t22YQn0^Lck)8kYG
zP*!JqJ336BCnm0d;ltg9Th=Cl{CM2hlf?E=B4UoyE608V|%>
zw&5xSdRDdTfhNZu(63v7mwrHfUP2T-b`SeeGbfh
zLQGtoq3sMf1Vs4X1ErC8VpFqXtX)gLG)vbV==hE2#iwv%7eghTLuUi
zd%4w=2mlDCyzwp#$U)gru*nt2NPCnB&Tr0d9!<>ERTiTd&6#xg4O;^y9c_yQA2Mm?0fFwFXwuLHWTuW~?_E9+=|3
z&fbeI&k$UPWJwVN8cjz>2U6#VJI)_g9BbybUFX)FhbAWrfwLd)wTbeTH+(HDyfIpM
zVSR9Sbn6=NT@qPPP?7t>pBBX+Z;BeqZ4qHe>C5Tu?ft4DM}TPT`#swcMJDQ5yRoqm
zsJz=KFg8BEy}yuR1|EfhKtgka@44F~z`|pMD}USl4o+c85HJ@rK7@ffozm;qL_EV|
zV`OnL^4(h=BK_Jq{dx02ZGPHCE+`YQzxfW)Q5Uh(A1Z8j_ecF%~S4(TzJG3I#t+la`br(};jL)eO?
zu%cy}1Y%9A!0Pl2dFZbA;1_mV13sp#$>}f?^7u+!Arv}@c35C7ClGFswZPNF-~0M9
z$mP5Ng``rLI}Q_b1S@(|B)GioG250o=dAh5fmwi});F(wV0`xB(UM+jUG+DN?DM6Tg=b;E!a1*3oqzuSe=>p(dNxUk=7rs*=SD?4UzSQ?
z(dCbY8Q!RblyyWTsgv%`e-eH&yPeyEFmqrsDKdXn$wnn8Q5lR6_HAIs!GYPP8T=%<
z5Cq1Y8^`q^pVm%+&ow^JqLJLaJ8#@STLOvWG8bvk(a>N=&BcDoGou-b4%T!`tmiby
zhsc(7B})@wbzF=&jS+HSGK%iJB64~@;VN?qp#O+d32WhDXxy;
z^3qjbDUt^-OFo_T)lLxbR0_n_+`W||)t7Vu0jD-_fw@*#pQ`yXWV|X^NPoHGnN5)+
zSina2C}pashoKMZyk>MsULqoPRhw1hXLg?W!tBbrh8A|!F}(5&x~P%7I?D=8f|Tm1
z!HORL_<(jAS}&!l9+#W^=y!y6iA5hgle=`j(cBEP)+*ftq#AnBB76Lcn%>rkeNFur
zv%&3ZwT$cvnLN|_kqqGl*j6i&4erWDR$0V9R!A4smdD5dHm3M}lh?u}HP5r3U7Tzt
z*D|Z3)0#lG4#J^fY&WLHZMl@Ax#g4tX6)CHZS{@JCjHGPX4)0t?-%gX($xE2Ot?LH--lhMlHxd{
z`qU;sOq>=0rMa~7t7Z&DLelR((TBnNtKZC)UR{^~qpd)Nbqr2sqgw0&OE!+oDUt*O
zaKvxf>4)_fj^0-0p0FI*X^iMIX~3pVw3y9fv;|kgNK`Vv+RqyA56OTnBR7kU42{S0
z-COorqwdWjQ4}ZsoDi?VuJVb{Lo#34j320U&6owFt05KkyQarBMer=Fv6=*6gfsm6
ztv9z>uy(a!E!;qt1W2YLm$r}NWNl>v5|=%d#Ct`)Qd3wv)choYC*fOBJhc(zuhC9d
z-;;k~f#nE--h?HcyZnivvrQX
zC6?SF5$5}PEa!({NJ$wM#Ar(_{cI6bOc6L4X{%*-S1Ih#^QPDcUE>fg{yp7*CYB|4
zy-roA%(G}gS#21|I>^DD>SUM2uyeF7^L5GjJ5nN?S{5+HIXtnZ4q%1K?vR)a9^2w0r*V&fd21
z;Jpg`dM|g+2G4_zfMN%H5vnpb>o%lZoh#~{SApN!jMQpV)9(83Cl3woz8W8&l)X=f
z5dt-43m-MB(C9LOy2VUECEEli9Rnlz--Ly9Q{j7uI)t7it1IhESKDe$k*g~yGoB0I
zQUxaYCrEkP;Boq<4hoj->cFSV3;E?M{~--dLy-uzX;^5%+9GHqckVg3FK(O6co&D{
z)Tq=LUKQOtg&Q?hK=^HaoB#1!aE2Dhq{IrO!%p6`(aX2fQeM$v>2MaNsrK@8s$^N@
z-XGxC_-W)-IbO6NT215_8peJJ!L@gST!x2Z=J+@M_JUu1&dIQVTvoN(g9VP7t5+x6
zDw01P*cSE>y$*utEMl=#?C7k>B&I%s>;z?1c1jfc7yjX5<{v5ut
z83|UT>AU}QrbUcL2-7bw-0fI+GDIFRbgP3r=-btno__Zd$@jG)6OkzvxLEJNkz&)6
z5J3wsTnIvGf%urQ;<`QbBSJnf9GKZ%D&xT;!rr_SO+-5bIUSiGtYS|rkuSNHT3)3H
zK9^apqRwW#?!zbSJZtxFaJ+Oz*riCf7hpeWcGg#nAQ4TCOf_gnIWI*!t(De{iD&W}Y##`l~ZUGY|B>g*WWQQL=E+=3?4
zHfId3JXu*%4xnj6Dc&*^mrkzt`a#Fs*-;LQj$UY|%$PvP50x>n8&6)U&%xlQw?2k~
zF&Ui2^l(0NQqr;4T$3oSTb&WY5~1dI!(TJTz89`hI8l2k%6zsfdB;FY-%EU(;=FE*bNq{&7m65&=gvxVxJZN&WePqm4
z;S*uG37l#igm#O)BTv>}UJ&qo{&^o_Bxl<^!@1O97t?NAS)r~zi2MO&_qAzhaCrC=
zBrcL8nQgV``6%eg!9pwHv`OthS|qxH*$IQ46b^RNnqq4#v<+$q(|REg58Cqq+>?%c
zxxxpP391pyo^1yz1ww^qWroxr<_U?8pYJ%u@sBuYcmVV(Huja7+{odYi4h2E<@y^V
z<+w*9+}!1-fq*DSK!BMKaTrAwO8Z%35uYPr{k{--6f}`Hnr^G+@I3B9VK*@1;QLf!
zV+v-N*mJF!_$gEDDN|Msq*A(*l&kF6IgkXO1wzHvJkiRfoj|?|jMs+UOWIJkZaF4b
z*Jvn%V2V;4c&R7(cxn*SL@e@b%aM0<$@=VNc!dKJ5JvReVkAXX)+hUhM*1xrm~5&R
z`qH9|%r*xG=SWq+cUSD^a(a%jErKEWl4yqb_Brkq>f~v<$60+hw{>CHY=X0hGRcx^XF=UzQL`JR$|az&U&#sMWM|29d!Wf$a&#n4
z!2sC>XUEZ(_bf)xOf#!~3qu1F(BVXi7T0ec%kRQKh?`M-1GqVRH#xhTp}y{At0GZz
z)~kJo)0AbL#ENkr0swqn_~i`-RN%^Op@D--3dB74x4}ay;sQ$9t--h0GoE
zTC*7qlhk=m`0HLSY=$c?Rexn)7z?EMP1b8O+|wRI(<}gh)6&X#FzUt5=OOIYA8HZB
z!>SfAMky9RVk5x`3w;I9^4COxZ3>J!#cS4q*V#jTyKU!Y-))w@~PX(5Ytk|
zQl4nq?IcB18O=5YgaBx3LvCGjqrETbxG|vvLMXFy8_jNRL{%7w`^tdnzPlBRwYG3d
zEDSH#d!{?;h;o{YH}E)nxc+Tl;EXq0_o>WOO-g6~pkOM09GXmgSs*Xo5&1aN1KO!hhKtG`&TRCX`2zFGKvyz-Sv-$r
z2<+%ha#*GYo?!aN@sB$=6}kyNkon%Mvd}m)X#7T)~`f{BRRcU*b7^Q}GUG-kzj~MzQ-|mR0t<
zsGJl{lKJI%5JQQ|VwA#v0sjNxX9##K+WYd7$)0GIZdsd;2?83Q2XcnkqGD`fKwXX5
zRQD&9k>O1P!638#xKYXV;71}q>E%_{+8LU^>UOoGIq7Wad+qMh{de-OLX{E2#AU_U
z!=K(m&(F45GU-{^y}!FEn#cp?iJmvi9f;6_6%-bjjcf*JAe-~xOu&FqeFUeP5;P#p
zvrWuMC!~h4(ufynQ^4j1l65`V5?^jSv(&ID*9xJSi2Y)uC+RfcE{`212L=$B^m;e}
z!olp*xdod4i7eN*b!@koOr92gO;|PXLQ5lVm|~Ou=m>ILq6G}wOpW6~gk#c*l8jRk
zpdnSTXiq@&I1|k}W=qCy(RbTwh>sVqjYfcY8EZC0Ix+b(_U8=NOi3uu_=XsHOrXi9
zKS)Y#sa9YxPY~b3#}VY4^zOvB=mn#$cwULn{Mr4!UqTw@W;P&g18m|!)s)9y&4Ka&Y2HCQ
zE;?z0+wZEzq#oVz|2B2#`?O`dlXqqgpVJ6TlP^WcYMTiw8!4`iO$`@dCU5jq)N^L=wZ?mMd6T1g;xRNfx4$sSjSxhZc?3+x{SnS_;^qxc2NT8*c_ms}G_
zj+vKj9|qoGdX^W`Nqtp*+Fap|*9Io-bn;HIeT5~ok|DoG@x{~7&drMmtka2YUzqwO)nYTG@x=HdGV+bZ(`=2eOqU%e*K00P0bNjwd*&`qfCalEtJpW9q$3k6Q`
z{+FkQxW=zg;c#FLHHPx9U`yDV0kx{@Q6LGJSh06iTM?B%t`EQD2w6K?4=Rgr>S6Lt
zG>7Cc{BB%+;=CBHpp%$ttV|pV5V_4>1L%BJ=%?W}@?1){&Vr#gze{_P
z>~g-(Hr0TmF%NIK^*SJf`-(sXM0u&2#Bu7SWGK*N=%`Ck1DAY*)e^)HVKf54s6kyT
z`hM9A0l<3rpce}5)cRc?dU)j_f^tr#fN)zdcMO7z=DU7x#y!`Eur@izoyCzKlyx>R
z84%N6i7xqQe-;oiT+oV+%4JmvLkzT}Bw98Uq_JjC+4)(BxM=V4+s?MnPsxG7qOXpR
z7-}Rjb~N7wT5OwP8q*35OV7zMR5B!dG7>p=`8Mp^E4Y+j#yC7|r!N
zf>MsDrFJavrx5pM+Tr=@`FUjvnpLs#Aw6HrLS0%adxKiDBZY|PzR#bmy;0_uv-+~i
zMF0WthU&d&F~;lm?o}Amrk+b_|nz%EaT
zEn|uuovK>VP!Po+ak{UO?Fvghq2CImI5BXY=!D2OTN;3oR5`1886<-$j0hX6M`Q?%
zTky^lhg#_J?15P{H%l=}_Ms`unJbD{g}@5ZWG9nHE`I@(x%}`T=)mE#vd5V+!Epih
zYELute&Eb-U}XvOauJ7P*REZEG{VKDw2(kzdzhf74NqD6h+IEY+e7@sF3UmS;7fZw
zZ~nm2d*6b3nG&*{b7B~Q$y1(fg5vgLdKWTp^M=MvaZ*4wbqvoDySmmDUMxky^1$*pZw
z;gFkEgD3{UN5(8s@DUVSS`+(&iFC~*1yI*V2|^I~n>Le~j_ZLIXf&9Ss-=r6lbjPa
z1mRB5i&OfCn<)20J$>s+5_bBuk1?e=gM5qCw?6{@8P?4+f$(U%BA79Le=J`_89O*#%n1O+&p^AC
zeVt+BM{d2BpD~1h@^KE{r&`+{XMwUmn<`x(e=02KLJeX=5;h;p3F6qm{xjv$oa{Y-i}EIR1Qr<-9QcrFP*
zf5-O1-{+55L8XeVMwa;Ux>;Q$y4Enn*&wDIaLMHg#@^c6+$TT!l7sr9+3xnb1r^q*
z-s)rHBrq)fE^6m@XOUNBnd)~RAa=)(U&$pd$rUq|=QZ2p*?;Hr*9RH{MNeL<3(y{{
zI65#%SvWoUs9w1Tq#kZS9Z-iBf{7dUC7BeSEa-zGnGt7R%50%WLg|SCmsH-vSrHX+|$Ah+YUh0#S4Itkm0DVFzk2OWSP&%9Fste%T0Ap&w
zS25^vI;e)i4Y2b$w;Bl$)j$lNL#|eUw6J8uxCX?V)Tv}7SZ(-bwh0nD5D3uO*)sn`
zF0tge!{(`oo&yuMmuAdA!|?X|fiJ1pBfw2qFLh$R^3F6YLoYnxP(w_!$G6|xO~BkA
zkuE*A(KnKc+_1>?>bWOJ&H_>t3&xHz@MZ;5!lRgq|B;Dfvm`wSg+jpefJvhhdEg^C
z)h=r4JTCblgG>U(89F5taLD3=g%_A9x!3tw+ep%eCLnmRmk&t7(Rm_>a^6|?uq5bsQ?sCUlyd^pz8~zhoR>G7DyQ9S{UT3mN_oTcWxFA_p&Q@#YUJoxZrpzv`56`S>Ca&C$I}_y4)h`-?+uQoDhC)TE?QN0BixJgaI9R&M1e1RX{JohH=b>;11u4K&2;?%12^EhRqHgI~Umixz%!Y(#FLnM#+*eJY-l
zKSnhLYy?soAo??RPB(1cG6B>Vlw4=auN{E}mq#Gg0;?)7&eV+s4KWg?biDUF5j{V(26%}w6NQL?^LkV&;!W8`0oyg4@N`PY
zU$?ek>&?<&t#}|Z2daWD+;xfJK}8V;4%jRaC){4~iTeP@Vv|n)2orj5zLbKK?2+xy
zrN?7r`E1vuWD0lXyS7hET-=V(1_j*I@ylvC@Uama*c)^q0J9pWZnC^M??#3(F)3Rx
zn167n6*gLfD`1y!B7yn92PRnLA45}UJ3-A0owAp!-puT|_YJ-5S@~b(s!g#(v|F8B
zSOoL_>H@pKqDWpd0$@q%DTq(BxrMCTEwY%W8jb&hLwPx&gAc62*r;S$$x2lC9%w|C
zgMAB3AZked7$pQ(cR`;P+Y0*0-wC7~{zbBJ9GCn-2Dg8-!FZL3Ac
z1rbrg{22?d@&Xn>GOmWXTY^H(CRoKom&bqQuz|UBZtm=%*I?&XE$LokM?))s%|ohY
zjbza3*&gTCg2Y7))Czl|7h*y3Q3sC|K^zQ=PU(q?cut}e6(=)fSMm-w>$cC9>9FDM
zyv9Qc%6~vcGLd8M`O!r3$*b&zYX>ZL1#Aqu!#%iP%s@urz{Iq+YvI!v1Q?!0RA~X*
zIWHx_E`+~B_9GpS;or?=DH1`wiK$0~UL353!gxhB0FTKBU4b$px|#@b4D`GXTcb-N
zGtVmT?Zq&1tjsa2M(kyYfj+36&oEyD0d@-@T4W}uU#g32N2acT#VqK_2%CJIPUtdz
zK?7Ic-$u9J%bJpJrJAMwlY
zqNqw)pXaw-o3DNKYy2gjX@>T19C>mkqT?UrURGZowrtdBj4kx{jn5#!s>e=4;kM>b
zoSnr}!c`SernrB4#Gw^QKi+ytc#khp4ti(o#YP~n
zm#@RqPBc|sQ=p5Cpt}8Zf!jGWbpLXxk>|}D)+w-5Vy_#q{s|ei)8<}FBxOsSd+t-F
zO9ShPImH)V;D+&Co)V2L2g^C9DT(Ym_%6Z-ip{{ftHN4!Pg9_yMxsOHk@g@De!AQD
zyU+9Q@$HV?=HCJUB*-@?$@h-m@nO~M-H&0h5|{f@sA45slH=3B634PmuI@yzW=khA
zsI*-t&*>@xT5?@1wFwj;n}0PxcxwND2>T1DDx;=-9L4|@X%rD81Qi9P5orV@MClTw
zMCtAZB}EY=6s1E#TDnV0y1To(>pwT3&-1L`yT0!%mj~sXJN7+$_RQ?-x<*Ax?T33A
z4I3x>KuTNj;GrxP6k@S^4NpUEAIJWi_tH!&huM*0M66$7#8pZ(y0=?`X=_Nd41D2ATDdz-|%j#laeb
zWkZI|shYtiI6EtiC;bCLti2%?^06}{W47LqVb{HzFATF9RN&)Doeg=AJ>`ItvLb8
z5E%hX?b&#fv^+Ft!0;=ej7+frI_kr7r~uppzZk%`Dg)q_fi3QJQfgiv+x({R;)Hfe
z#qi$b&%_k3>3t#7`Y&I;9L_y#)hGt)!_Va81t(=?Ws*#;ehZSuE#;xC-GL>?I6pr;
z5h);lq~uM04|1YK8J()jt6J)Ugv&jUkDh&hHKQ@23(zd0bJq)Xy>BfTEZwnZeEKap
z$t*easOi*L@!W>0D$53o>{y%*_kH{HbagXrH*^#0K6-V{b+}-26Rs~?rvc&!P_Jzs
zZ7^gKCMG5|TMt=So?Jnr501{tvZ%Q*YBgvR2V9|dRoO;EDNjBSi1^8+yu7~IU*EWK
zxVHpw=nmgKTh1`g$<(BzcEE??5eX#x{K@$8>)Q=irEgK`>5>R<2f&Pci_+54(L!Vn
z%(EVcBPo3n8!W7>bCbbFSW2oE7FnICs$?b(9G3IVqm>^j7V&3_Zd?L1`w!8t?){7A
z>>I73bQ?p}={U7)hCRP-N74S?;Yh@fcaWm(&4Fw1`Np@5p-~xdE?4yZRF-w}6EanUDY^
zI!*E2ts>w~sSizU*gii;kkfA}+Md-8a7>`FD&`ui*95Ww;tp6s=;-Ja=-KU^oj-GP
z6##)qvXVvAXd|GpHrW8ILv^xs(N+M@GHW&7sQAhBnMjOW+t>ksru>~bCS!sP-u5gN}O!6$%JjM3Ec_a5KQ$VIHs?a@fMWPD*dKy*v{1
zGBHws=mw!apehl-{qH^2W9kIvo^^}+y?(>3v^g4DTGC&|2qM2?mz(hYuV25^QC%Jy
z_Q&rn78nUs7cLd=xnFIJ2R_-07cT_%u&^cp(s?2IA-=(*80My9L7Y?5@OIF=^4MlVJbjT??kloEzoSU$_+(*=lF}B5#Y%q6PPlzEd
zr()0~Fs5f}pS=rM$j7P<*uTM#z(a=Vk^t;gprm=cd{8>Ic71Zj&UdK4|2|kZK!p)(
zIavM0z2<`!Au<*c;0FFoN%_(?!#v=)HDE0M!k%m!Y!gcw`R@h&iesQQ>Qg;S%4sN^OJx5l0wj`eL&KoR4l7}
z2F!)-O~J^V~-F5RQMey%Do8}RVUn5R}*}gW_#Cl#Fkg*6G;ek^2y3-SO
zD(CTEfOKh08a{fR3{e1h`knnGXTN!XKx{aRC}`Jpj2)Nmp|1Iw=&YEZIi&CWC~vL+
zOvl2GKNw;=mnvn;U~2T^*b%X}_X1#S#YYEA#8rTt#(4bRo0!#Ixg|0;_tCT-a1Rs<
zEP)D)o@qWKWze513D(`-`a@J!LL#Cen3Z_)5$OJ?hhg*VO8~eO_=ugzFM%7vqSuKq
z5vlLpV{mYOi4Z->7fkaq-_#KxU|fW@w=!0pWw&L>9})B8$L+h?8TLDf1BE{hOLjxV
zEm@A+BOaIa;KyGI{b8DR(q768hbOF++wgqsRdT|!7CX}eX3
zr?n_O8jJ8>WwLusiPO!V>Wl
zp@&U&-IqgCwF2(Cyo$~3X7AYs;dPZDiR|9f|UBim!k$;r7NfA7vF^DZV4{kK29tS0<{n~(3b!8bRxF#H
zED|Wf%-|^35n^#wnEk4VNGpgRXj}~ET&rioW6l8BgxEo{D
zK3hD5q=ir2fZdE9h5>p7G6;{6Hy0>#lQjIoNT?Jdrq#^0ku`Yl!2`_RuB3^^;V)zr
z76%($#8qf2G#SgnZ{AG!s-p%sbe2f*GcxKmt%D)CVc-QN$C|89x8!zcW$#v1VDsGg
zRqW-3&cFRy%`@Jp(Qc`TRhtZ+r3b0)UD~NMcvuzPK>fXHdIZ7=V&LqsiPmh3D$v7&
z98w&3O6n160IRDB(B~YwjN-p=v~*|beO1@*`SqqZUBlzpVU;rjs2|aq5V~P|M$H?b
zwOwUv+$`4KJX3mH*D%Yj+=}Z;4fegVV2MW4&>#gMtGdA6ziY{MO#k5%)ajTvsagcP#+l$3FgI{6N)R@ws|yjEH->!Ugi(pk%Za;3Hlr
zdZ?ENQ7yiOF)Zu}pp7uJ(`bd!XP7(Ue#jHdwU3qc>RBc%$+5k?y=kiHSce!`n!>GF
zT`I(zT(GP^P93tHOAhK}Zm#vG!qjk)FTXzDsbqv{%SE3w4oolIj-L?=KyFD%R;qtT
zE(gL{i*^I|Wv);!>d#{HAG69dM#?E#&WpI~vfwATwn|m7OzRc3RqL|^89#W2R##JVaTlaZ
zT7kg(Jaq#&$%K|E*2yUT!az-9`uGi%8;z(Cy*}wh#;9C)k1k2I4;l6zX-21%1F6Hh
zB!8MdEZZiDszmI=fp;qoR9F)^RDi!hk}3|49|J+U>&w;$pRx$z*{{G_$c4jf3FvICt>%ljl?D;^M
z2ew}Dg`WRKnh0C$`?nC%+vQS=fc8kU*HxPG;vDd`kk;|1)Z_eNEndOozgRxEfkiV9
zH|Gd*n?P0o*f3XD*n+ZRR;)QI@(qF2O4eyXym+Wd;}O(B()5Kxb4`D!
zSQ$w=njMDMc9?+#6@k+N3tB3y5!EqRD4l6gRRZ)SY)F5O!7~3!6MFMqkPYs{@LfMr}d3gr5#1lnDMG?$cr=c`_;$M-I{_*xLw0hDM
zEFo113Zjzz2|5>*f|n`ksf@1(nhA3m%PhK-uU#R982s{ep6pzd@U6usmxro=mQO}`xk#946iA*Y%h-<
zbo!B?g`+<-sje8>L0R1ldu#|DIWncq^%6b?PcZP(RBUH%|0DRojELQ0a&AdHE{H|z
z1!8_A{l{qd+;mzWK}m4mc&{-G)YBU+dtFH{D8rjr=eLkWT`pj|inW+w-sU*j>2}(o
zJNj|dM-y~TY@ope%QL3!0thPE
ztZBlrbddZuKP7*by5a^9qZl#&Fh6{FBH;s6dYqrjwnebG2^}$9a5@5AqY3vsxPSci
z@}EF-&X7x1d_x${pdr{iXPw>ux&9neWU-No!-i}HVc97r6aD>U%+uO9|^yxc3x`)BA%o{M)gO~!d-RAtE23&hWZf>`+PiK2O
z;X5&e3yfM$>C#k^oh=8pw1`c=aS)Q2oQ&Cqzlz}w8HY!1rx)jB%jDpI@o
z^t5Ez*||BStQ3)s2nNibTLPt*3Oh6!Iy$n|GDEodk(={s5av8i7KP~qwVhOCz&4dL
zG`)3(Uk|@rQLxdV&*hT+bcim>&kvp{j8
z$OBQrYP^zYcxvyp|w8ze^-){bjmB
zwcR52_N_D!FG!;OWwoTjuKGinW068%y&Z!_bA{2CxS?tQK#q
zxC}sTjSH%W?kf;bRy@UMX}pRJaeGuC1|A9bJ!jfZEW9qNw@5$7WE>{fI
z?@qg!Fh}e)VAuuT-hG1V0C$8F-QM1QMba}Ca#>)x
zvV>OaKe-jxro+w+JlCx3Y{4s&)O2+6dU}a7KcANzEEr){e~{;h9@*Ci0xd)4?f>jw
z(=%ocT#qcn=B)ekhr)IUBK9OdKfj3dOZazO`%6G%Y-`A=1jI;wB5@wO@vt)(EW-d~
zeii64pdp|K0uj9hR;dt~#&mYdAu>S7Bcw!cfQ3~D$o9Qidh$m%K(PxdaJ#)-#j#K(
zgYwJ$s18bqZ7{lwZjJaV8Rp%dKR4al+In+JAzT03m-{d9EHERx7c7xF0Av92peoRu
zWyT(wztO2=0d(!em>2=8eiI=+#j9?N+eBjF++5?u4v{esRnK&%YuExGbsZwV1Tal_
zQoD5}`=W@F3&I&LNBfM-AFv^=z4?rM2+3hFwQ}1pbXOX3$0U{kZKCXAxS}_|yEt3z
zdO(pYD@zvPm4g6G667!PNGMQa^TEr@e1F^IU^AzrV{fS>6_oK3v$M00ito|Tw0(so
zJFN^WxFHtC1gTy2W@!1q?V2AQYNW;bzY6_LxtWR#Vua91pnagX$0t
zE5jPLFq_G55nUC^7BwTr7;{s4;3OAw$FRU|pCdGNNL}OI-Q6SRuFN#CLH{g8dHJvU
z-@YB|JpaXL_zC}C`wJAQT*$PBKpiRdO@b7c92BWxU*I?pdb2TeMpzvv&v|)yk2OGI
z1sAncFk`Z@NydIS{je(#-zdPYszz@4@n~i!S0X0Q&MVoF7e8nnD6x{Gd=-H{9SHi_
z;r6Cd;WpfDw>L%2cP84H7rbbg9rvwC8!2xi-x_n;_2*_c6?p!ftgf%+rU=MJ%Sf7}
z)0WtO*Hkg{{*{rDOnX)2|KcY6;gL`D0XM9x-*J^ML_BK*?$;z?U!v+_Q
z))qc|opvWSy5;&#a<0f~sH1VgD9BKc%i?KroY=&MRPRXS=>X`Md%>Y@MySJL2o%jMnVJO!_YK>3VUCkOnrl!FnRPAYQ8ot1!$V
zp8Uq`klzu9M(!5M!=%S%Mj6IjkN%fYHgy_pSSF^-2#M@|k~M>|WI!;f3{a-0U(
zqU?%5-M#2&=_n<*c=c+c_~~Wyp2g)BkuuD&`)&5<#;2hAb10vo1anNI#z65*IN~%F
zxIjcK$n235&409+%3-lLdRs0W3#ZkIl#Ow|!=Zk@|Ij_ibt(g^Wfop
zy>ahMEQklZvQ70d&muoPZ1m-0pd`8L7jYi%8T;z*J}(@eIwxdkHU732OYPFz&^gUg
zg>g=B*B7gg*5iU2yI|Clxo?-s%q2)Ogs-h@g}-o6{CBCRXXjM(024)yfkq{E!)GUC
zsu!Sf4^BUJ=|lwYVq`=b{iK=7s~jZh8JVirnpK$%?ax(rygK6k0>j^))N^l+i-*LIUYD1YEf=ny;i0k^$
z;^ACS!$wEyfbPc3=}rA@xI#Dtq8GKCR{b_#ktxVcLLLLc@HuoUjH5P(eFIL<|Is5F
zPA;ZAt#5%+1^1O)f~acL1eV}iV#7icfdwlst(OU{J#d7-*s4n>`__bfGxI(9Gc>C2
zXNwR~{w|PJnw3VOV7$X5jlDmR!;;tzrGmlrz|`r%y~T{(Q&s?qLg@*os8rh+>~8l1
z8|(DMHB}j{sY=hmHMk=^xwob9{-L4CFimS%?6Uh)5AACXsy{Wf960UeP@4lk_!MLA
z{N$AUAQ9P?(07dvH1m$8$cn{5)m||sIm%GAFlhMFGf;es=-TWDyvE5B;te^zU&5HI
zjew5Z(Zr|@WqrAM6iSjpfM+-YEo`==?rkm>cSr}Ok04(
zxjQApaJW~u^%AY`;_co3kKX06);oEEbrlpZc(`rbk*!z4j!&cqO%YvRRk<7fZN*X@
zqt0&)yp$tY-yJ%%hy%Bg1d0gGlC^Uiv*7D6iGqE@jVxZAT*7H%8o$_U*De%oTAELH
z$gA9RK8sRHkErF8*hn`kKo5hIAnt+L){}4GoSxy0meyQss{L*4q?s|ES>#LzSDRjU
zf2Nz^V9dwyu91*X^Y&=!5t-cAlTAJ6N55Vu!$Ej|ZPOiXSlTFZ>F#d(92_?kz#@GV
zkvh1_qRe6zd+VOlr~nKb3b_ul68L<&(K3R~gRy(m%$@O68PUE-raetzOae|C>*413
z_iZgibRDwsWPmt7ub1xsu^WzF#KpDSv(|LlyaGk7eXsW&YW_qg>R*Vd^P^+lS1F1H
zBa_9@!O_?GJb*gGXvE7|EDhnDN_Pt5ACECwdf&oN$MJ&Q-m|1ZaOW=(bLFr5GAHU}
zD1WjS?A)$(40CjT9RQZ6WT+ewJk`*Z9(%`OwN}Joa_3oca-4SUIh0Zq_-+8~Z0l|6
zKc}OWv$V|q*Pfv4c&@sBh6B(wgw&P{3YJtI>}?zsAJXwJ=1eBU!8%Bo{+)`H%ryMS
za!WPQd{ZA8yyKVJ&0`Gl$v@!l|GzCYzXRdaxvXDnkm=(Ih*87C-pHX^l4On@pIJ^b
zJTfX>+TGsBY)Y$l?BLPJ(gr}@`tlAQYqVuh>8KcrV5Cz2I~m9(14vUuOQ#L=*JEGs
zc;2;N)t_6Ewc8wWsmi{>gClwIwa=DDMLPb9icjjm^5CEMtpBL5$WcC`pGdX;J>vfh
zf%@Oych2a4$>;u@f4E-RowrbRFwZKQE%KH}OU$=QnX=~w(!Y&K*zWk@{X68oh25>C
zz1AIv)=J9ODI?Kh>CYuc^_|UqcVy4MySo`2)1NA=@ga%354KrP-RJRlf2;V&vzMsq
zI!Uwd(ae;;-6l!o30j@Mrr}Q=BO>c}fCfE&HadiL{`YM9+YYUH%B>0BZ=2r-HtHWx
z1TY$YVV*dn^Cw5U4gbRbe7LkGbLn#3o>QtR5NgSf7F*
z*X!?nz`NS^K6k8a0`*89tzLl{S!>({oqn&MJ;u}uNxKNan&?CoULxyKN|1U?loRBu%sB_*r?RK
zd)y0*@8a#JuHrbXfGrg>5B08n`MI&JrB8=&%{(VDZ!P2I(A)y!mYfyk9en*E)9i_(=X@Y+DA}JTi*{T(a(I<^xP)IJoO8R(
z&dDt0aS2-&PKRBv<^k^$jW_|TzrEPt)TPg$4aL53g!1!S(6lX-}0E6W8)TBrRt6XXm4CRAcam8HOZ~e$E{a9O7BvDW|acs4*$J``KGXi
z_p~rbIMc5_tvtHlaHs(Nti~^eVSLfSPI5OL;MSQ`dfV{=+R@1NI@v^Y;FKS;q5d7<
zT`07(W2Q<&7ruLrpUNNUGWa^PhUNpOYwP-hnX!^fNoUVV|BsFF@`4qc7MSmUUfz3d
zr)lmkhDJ=tmwwfKaH+ntl$suChY=DWxI*IG@`qV2G8orAdMGUB0o2_~9qSznRPnxir0f2jUlFMPRRlWU}J
zz8n2qqD%d@%`B?;?(6QD@+D#D;aG?oxuv)JWxcjdPCodwEy?LueH+D&_}ESLrWc@T
zMJqOZImRXZ3DP%_)(-jugmXSYd4qBs*Zn*2@stW
z-pNr?e#2+drKXS_+L!v{Io%6owDRpbpF@UGhny=s5df`zq09)!`SZ~a4}h$Gf8Kmm
zHT(+~_H>12CEK!V2HAY?s4A|~I-9PG>1@8w)Kz9aY0&B1^4l<{E-VKp%HHZK54++!5D2F&L@n88MK`i)V|2_W3^6FLFiHW0d=!8YI
z<63%Gqp6{T^($>hP(82(%8sfB2dbaEnA#h2x_R#DIrQ05>#q?3v5f6`j3RW
z)Dv>wEO}iWN6EoG5NGgQo{rw0!Ua=S(#iz9A`!Yg5{ETxA(djiwB(?&K`#VwE5Ag`MG{=`7pJ%Y=6M)y1h%+rM*5o{7
zP*kp9-Pnjv*g^jyc=@ANQw8Vw
zXXy@wgHV54Pj5C`^5uX3kXpPGJ@(+`O=z(CHafa;tSbDhKb9NaI%P(&jVyAH|MfcP
zu&Tb%@vy)0`5AX^!re88Jpzd>r6cOl-_OtZEnYy2J-1?ok{*44t!b{{tS1+-fj_K^
z*}NXMRCYz{;+uMQ@|~&3%Wl8pWBQgdNz7c$+z)OsPtB;qv;Au)C-1YOoU&vhPOO=M
ztSR47+FqFiUl;caKkr9+KBW%hdF5xqt0-6L={wRnSGPW8^9+$#)XxO-SUP>ok8@r-
zLW?=PBpgEgea~;-teRn<;*mv(g{#x9+J^rbQ*r0NLv#AhH(sF8+QH)&zRw+li;kI!
z(t)3k9d@h!Z0pbk!>qGiCFgIwb}R09F5mLBnoaO<(4_Iw-rLBX!L4)_6qc>OYY`8XS;x!fy%bJ#QDc^6LLARnj!uhUCIYe@!hT5}~JYn2$^nr#8H<2qk`V
zOCnX+pDHxlzj6#73QEjhAemIrc4W2sh+2yUN{{C6b()
zddu87DxQJjHFUclJS5fZl^1nM(xsw<|y27xNAO%SYI`
zhd*it{OL6&@c-B9qXrxIqpa_%6VTJM*iYS9TMFYRk$+y=BXlG3lQ5cie-_C(u_kkw
zmphvegxrFJi8n&5lUCjc(L{5<3l#tRI4I)t5-wS&Iz8ArbvE(X?-%vUZw2Ri*V*j3
z5aQ0%b|>>L&>dihz@)`nL<^99yUkHdX63F0F50eW>|oQ#d8rsBiEPg?EL+2QC9bsD
zUZ@~c_-PO=*Pv~;T}P0L>&V|LkD|}l%!w{8CaucQG9F)6S5Q)#2*W!WsSSoUDjD@w
zftBqX5`RiE?iCPR*}vtxPHqe>6qDDB4FX2@$p4hKJGnm$Gd?fEe!sNx=qzm^t)bD_
z;;5xsJ6VMiZk2Lot4Xpq-R0_%9ZGt2tMN%(L5y&m(?{V}%Thqnmu={_GJicU?${v<
z2sm`d;Hr96eF`$HSil~{Ep2&c+|ll^{92nkLJ{M)xW)OWd^ZJAV>m~wGfo}v86}tX
zO-y3vIaROuA`x4O8{9fQQ$a>nWx*=WBlxQy45wwL-NiO^l-fEj3v+CK?3Z4&`Y0VH
z^mpljp^qQRP)zPF)S;vaJ-IkZ1?6jdBvS4Q0%Ol}saE}U4t}rYe|AEVDKS3(r2L-Z
zrH}hu^rKd#l~&IALtgxMABw6~V+j^|OwA9GEZ`?w{l_Jur%%S-Dcqdm5kV6VSXs$+
zn3cgGVSl!$b27}5WWL79cxfN1o#-9X`=!l1gU>$Ozq{JO6?LUFE&S0S>!HkI!EjJh
zv%Sfipf3*p8NAODc6J<{C7E)}VGj*C9UocIO110e#R;FxG>6)*qf5;B-nZ+^m&b8U
zo9b^GN`-6F;N$VH{vPp<-MSH|Xv^mQ&+7Q5$NsoPr6*YRza=}=rbQDFs^j81_2qiB
z#gwF?h4PCpJ_nTHCHwY%I%BDqiam|tYj^hVw03v`7lSq5M@1OSphqw{*`T$2>R|X%
zE6#Qk{T{p2HW7ARuPZCtRzeeDFPi^rj6N$yOQt1#^r=>ETl!+Bcyicwc?)J?
zpX%oUcADe0%@-;)7F6rF5+hDmQ25Lh3i*_mxc9|NV2d>D^to+klHmKm`WAJ?wCN+K
zq}Wv-<=%T+N$;xud38z8_O7l=U;O?2#{Zf6o6d^S^js0sCa=QxMJk+~CXW|ipnCsj
zn&9j-?uM$p2n@Nu6>u_BQV4
z1N*~E3FkcOxG?{o<>cKjijaB>gYT1p)&Cp_{y{OJ>)p?E@xP4s?mWvdY~BCP=Z9NCh1ilMrY4hEDCb*B5A2HG
zUg|A#&v=N0kQV1d>dDJ-V&=A+EHpKm`XbkIFI0OFEA5x1tf1j7~xotbEa6BguxFhtF
z>mVRo9P&7~w^@5UBz|Qh;@od*wSUtQ@RWVwJT;6Fyl6ktoHf))uEEL$(&=hj`Bm;{`hEFV
zvFTpcprD`LPwrhQ6eSnqqy<7)*7LLk!@84O$I_!=wo06yqBq+jahyN?dWNR@=yQMH
zD7iYWCls@8_L$+EzTtEbyYBwbv*Z9AL;9M_(PNE@EvIG1FfNx8r}dkQVQiv{_x`Rf
z&s~-XY+G|4uBnnU+!I-xfxD0l!tnf5wV_cxdhJ6v4yq*f
ze4hvC58tF@lK$s%eF6983M7H9Rp>$!DV6Z<(dbr^98F^w*9Snup_BrEpWkvmtVS~<
z5|&1Q{qmZbG2!9kGr+F;5q3gZ5Kx_wBqu$(H}?FxSgF#d!l6f
zdqRI5{Kgpoq}-*UF?*1zQpEoH%x8c-Ktqe%FW!P0;aK6|!YCg+Xvj+H&^>oK{I0uK
zHLc-=s-k;axBaN(y+_j@HrGu3_!98YS2XCH8i9Jm_DZ4
zJ10`As9|7=6ezl)l)@hU=g@}lW9>Z9nrU?6tE%M#9_aCqyE7TQ0zjmQ!onK>5vl;{
zQo8X7UrcPQ*Cq#G!iTK^JMr%64?a0L0ssk&66N&hTLTxKZB^($M(QjH|W&GG&~Jpg%!9q(VCMFC3LYUEISOXl=zAj{4n%~3l*{V$1=6G
z;O?QQ005fqVh0YOT%fkNT%+<9bOAJvje~`uQ%iUEU7`Z>89(j%9f_^}JhS-ZWN+<_
zci;g4ODjkpE0ypvHGi|}prhY;xuaETj_cba6N=Whw$I_=OKtoH3G!i96ZVx`(&AjV
zt=;TySr;r)h1<8zRd>Eh9|rsyf?^d=)o9e)Jy>!gYwwa1{~iuD2(aZ_WUjhdiU7tQ
zN^PQ4o$t-M3=m!a{lXQwB67mURHg(oXcIS@Qm|MKh{6N*xXM?!4j81i(>J^J7G=r%
zXEs2mKSwe7E*)Jpm`56@rneM!=w`jXdMPTboaW>EqnIa2PETTO&2s4ATX^NGw_fI(=O*$Yt%YF$)$=i&H
z9q3U1fvzWKo$p?hhbghXZvK&kgTOhONVrQwJ4=xhI+;i$c33awO}#vWlhJd-k6NqI
z`Rm@651h5&XOKd&+PM0Yf_8*#f9(Kh1??V$ij4&bnhpORa&
z(*SXYvV3HxT5i4)lze774Ta%=!?S;k*@>K#_)t1e>nh$ki0u9bC0x*7^knuVq@)On
ziHYTu;afElU>*dD#qsOu(Ewe@1jq~K=H~0UodW1?XWiV~qE?_+Qs0~-Vo%!h;7l*s
zayQC*bM)oqLKlXby1KPFv-G4S3
z7ZrnJNm9&uY8nd5kzn)+5$6mb#V}@OX3`Xs&oq!2yYg0jygp_|{xd4-Y;A2VDG#;-
zi`C-G)H45+dQB#Pk4Y#iFSKngj`+h|zx2gwz8kkWBr!3u05c3{0}U>AdU~1{@Lh=U
z036sczHJ7^j2=4DlKeDSrGR>3Jf#n4x7zx*oL2bsLZv$TruECmXwl0pzO2P
zrAj_@frf^L3r##zF?sHJbjx{rRZogH(3v6S$cl-PF%6a@XP*gDN2cHgPahv48JR0l
zQBgSf_+x8ZSpx-D1$;DNuiw1Mn?%ryK2S^vr#4kqFJfr^;f?=afQXi1RWfThKUM_*~qGt
z?h|wc*+oP_gTFMN22FetEwDMitsiqHp+*C;H9-#zzH8U3(Od5m3Uh5+8tvS?&B}UB
zFj{ii66P0pf!Z}IOj?Ee1U}d;FzM8piCS7(-U5~otWO{4mtQW7vxj1ZhJyU(ylad0
zx(-=_vx{P~ppMQxMI|NW4zrlzlzmL0^Nc)OUPOy)&{}rc#u1E#kvFD87dcu_&&-Nh
zxpdGE4!K0xU%SE(r2(kW6JXU9+RRVGGT^$G9e&G$H-uhX*Sz(ZiR7=wK*y7SfB?^I
z20{#2S_`_y3gk)sc6a*#{yC?itf)BK7D8sf{J6zhMC1}&Mr7BVvJrq&pJ-@M0)5!?
zJwBDCoqkl9+H`Z|nI+;s5_;s1WyFt4HsjIFAokbQ=9ttj;^%UaA=DlxgCMr%B(XZl
zeA+8QADQqme}TsqY?v>CEYdKiyda9Q?6@et2`$|4mXKu_<=HjLEKm8{z+x$)h!6;_s%yt&gX@>97H+938W
ztQ_bRQFfRLQAZ3n?y$9PJmBCUwk=Xwl^uYtvMF2Pc8hE+wpoha@Jy!7*&#sXiY3NL+LEhgIB-ftd&sAb~HFu|qn{;0J-X-+@=1#%&+)JzO!F
zpk6#u!a7v7tF#7IaDgdsC{$pkQqt0AN;lYUUJdf?E#W|bpV~>8nODG*T4c2eKY#9~
zl6oyG2cI;OGE7|71@TRX*P|l@sY1RWdcb*c{0p
z#b(r>iwmC1@4+J(>Z=e*Lu3{e(e%8%Ezg4|`{edT|%n;l_shm&0qhGNoe&9lKBXf;Y0Kb
zBcfIx#9$5UG!lxGxpV-zw&Ln5=yylTe;&RFnN_*Gs)O6P3s|LU^feB1`4jfTg-%C~
zWh{vuy7eJ!(rE^|y41`>-oyD}PKP#+ORHa{d#3CGOJ+ld78Y`FKm_#_J+^UkG{xr(
z^4dreJRlqYggShYR~YraJ!awEE9l{*x!<1Msg2;1zf5p{`Ck24V#*m}s)W+7{xU3)
z5P(CX<*F~HEHZ$d!1lND*fgpze5$3ugxJht$@eAYee6rVzm1FF_np@(JkaO
zG@|Bo`HdMcpMcRc;t=t?oxkvKcMbv;vj^9%U5f?#
zkKiGi%Na<|I?&@{V$MUCx+|Ok_PaB2sC)4py7rqrS}6vMjEufvVYC;s%rOIJoKFi2l63@!+2pg@3-dr@$K~8+
z3~qQg{MPRF6^NO?OIuw*M+N%JM~F$ww)>1q9$d^7&g#FEJ>gOL>T}YsQ4B_5*@Bve
z22A$l(G)=b_EA3+jAn=#@dvtVOHfYsMX9-%Pq@_A=v1zF+Y~HGslSKL?~mi!L>zAv
z?Cl4ze=T{8B^MPxD2UG3z~t_1CW
zduH|Cc!gx8`aFvJ;Rj@dvj_gOpEipMs8w}(!h8qkURelYrUOeBvH4=3eR~IFb%^2%
z2K&iktdgy7%93b+c!M9dc1A`9!c+F_4~M3EufW%(WM7HIpfYEH!bM9r^rN4&J%X-W
z*OHV9tgid4HmJVy829Rf(=v8E
zwvM6hyC3PeP)L7l`V`&I9qWm{eo}uMMHI@L*RRz;(Ilnw7LdenvObu|zkK--n(SWa
z>FJ^W_AF`xiX&0-eWE6E?7q5hZeFeN%mjwflW|VS2q4CKhf)LSej2n@4B@nqT2EI1
zH?CUUR8zCuYdeLkJ`VdjJL(UEpQI9Q#lYQf6t}Oy*rWk>BMsGoqH>6u7`Rx7({{%q
zp(e^uxKFxN(B74o6fC-%N--(ZEJ1FwQOL6`23TR05D>fw+9hj4%0
zl3N|+cV9xMG0);nh~-z;)*yBF(P@j#Tik<*lLjIdWyOnE{XEMnuge6EVzAia&D&CG
z<#uRhTq>sWA>~qB-ILbR(vs+!sI!H14WbO-1(m%@FV)S;ui|oJ0gkf6_uwI^u(PlS
zZ@nMPa~9vyz$S8bHw#X5)9GaL%aGQ&c0VZ*qq}ImK3Ff1S8|9;7IIaU3ck|GP)Afs1LL4SOK3P
zoFWg!#MOX%xmuey&?G%=6WZHlAOOiHZHC-1gv*WqNyT2vempuDI(lMhY3y{#l>6gU
z;vC6aysf=LVB8}<=N*H$;Fx?c4wX@|6(|wW_HxTS;K^^*&3bpiIgB&}8Vv5ON8lLS
zhgoj~}yRRR^vhDgS+`2NC<2g%I+;e<#<7^Yu!C+EMt;o!k1zQ~KyM?J>U2{Nm47e2_Hr92|X
zipZQl2m9l16HEug4l9*9{JFPH)cQy$qUhrdIXq;C=6NUI%X%I~;jqQ23cOvh(AVyt
zGFv{6^5^@fi0%Cgcj=3<8sGyv)%ZaN6YToB{XVnVX53^@;e^+&2UN8!m-^qzs}7Dc
zfJ!4od^Zlq@%0t9@QT?T6c=^yKVv_;gKy4G0_-oKG7HQFKD`ZoTtY_16(BHL8mG!Pf=sK^{Em-s|OF7YZqx;Vj*VVcwWyIFtZiKOwlcNG4A)J0-<=eoU9t*G}_5bS(TwVpu#u
z9al!08dCWbcqUJ$*1^g_KRRs`!Iq9*ImP3A6XVQhuP@RHidzKCRC4OSTZYu6#~c;d
z6~~M1k>V+Z-#19mM2}V|u$)%kFYRS!^OY<-FPxi*WWe3H0p-e?+S)QG+NMG8dZ=Tz
z@Eas{cmZqb{U#VI1xhu){+7o$crR@o9TQpUnO(>tklGKBt{OLRI(v$vk!HqcfQXgy
z25c9yK4@8s0m-3CYTfmpC^xVzE!abw4AjTRN$*3m#EU)rGf*Rt%&k#D1!ro
zoyZn#2}MO}>pqC#A!dd=2$mU1A6Zj`1Kko-rp9Y)%MN7W3EeHIld3TS&ub1UZ~KOM
zcsd{}5oPQG_-`;KwTvG4f#KEfi?wR5cH|nMdx0d-z?O&1lmS?%&Qozx2?A@7
zSf}i~NbWS8>dIm)^%v*9$Bul+oIP|-V;Z9nEaZK*Me4ewva&ZWr64&KRrLnfA1?Y8
zAZ)(>BrPE^jNZZ4ln0{*WKQ^Gct+)`GEZE}h!$;Me}9*tAVNv!J3Kt9>j#Dv?wF7&
zn}@dPX1xME9Jrcmp=J!C|k1XWqQm~kXZ7VLBH4EUgqWfR)7LePw#*h_0dL?D{
z12--uD7|EYxjws&)aOmMa#d@7PFm*T18sl9YX4d$UlOw7!(Yb{aXXW8Mqm1d_t6DC
zJw4t%vc!kORhRI6KYzQo^#kYg1=w0i*=o>a^7`-r)!;?GU9J;^;CX{i(69b@Rj`Ff
z8Hzkm07roc2im@4iiNUIpuY|H@+JT5C5Ty_A;>-d0ICb7rlt`vs|+af{dCnK@_=ea
z+t@kuMWkF~;h?UrE`j~y+5^Q~yN^U#H*2{$X(dLgUpd>=G(-rwyisRE5UWew^;bXbg|ETxJ=q+u2;_Ccieq>pE_
zTjP<_VWHj&$c^B!rPz(PZ|nuendveUjZaN|sH%YG(L3qjtsp)8|EPKku&DMgYIu+m
zBn6a40VzR6=|)OK2}M9cKn$e2OOP&+FlbOg8l}5aLg_|Ax?_ML-hJ@?-}n1??!EdT
zcbqxr{C2Fp*4n=Fj3B%|1*FT@s;=%=-i)Hs3P=yX<9xSlQ+~|yb%QGd78PM)nZ8nZ
zTJ=@*&pJOC@+!sH(BJK0+q;SsTQJ1E&-0%rQJn5r*-YO$6IGbC=$DVY&?+(=F
zrQVmZtS7}+srxL=@>aykNowwzoBs$cdg5!nut5ItI=OE`ako6c
z8}RApw2wiM9|)-=U>A-rnb`Wa>^JqPc*k*R;Kv#Rg14((C<~o9(Z}ttlYv{>pBcZ3
ziXZPyOEa7#`!k;RRr!49Q3^pCynw;U@ew1_Fj}K?kv&1eQ(SKi)aY`LRKn;Zjxl=X
z=H@kjA|Wm3CR&dFonyR!^|_vVi~*vglEy@YNg~TmDf8-HQfr4er7dB!acNm8h)Lri7h0BWr5ZOJ80TAWD3z{{Wu^z5l0lVG-9)3%VtxDG-j0NYuOifNhhreRqxu#q}>j0RvU95S>tyP>xdzhi&i5t
zpL=V2AUDHy?~TOD#@mk9NODXsMh4G4EDBbOGm6w*34!yaCq=HB>-d35*_MZr+)sWV
z`6x37Rpc8rySPVJvBOiZ9xa`$ngjqYXiTy2C7^822lKteI`UQcylf_%(-JR(8>b$U
z$y)#pA4PNSXD`d8{@UIvy5v&H2J9=!cXTTAjm~EFzj!|qBn40Brh(*T6ULDqecMgy*vYtMRenvT41DOKE
z5G}tcpACBmy)lFZAdumt7LT~7K=mC2
z6%4bW;J~ys;kk1N_TMVN1NfFS2+L<=ULd}j)S>dVTJrLEkn3Q|0U=Ru8o&hbhuapK
zOW=UIX47cn=dG?cGkX9qY?eLA;JL#JKmbxt8}p^)<#kWby_HY3b|+yFcTwMb?V*y|
zvtYnSo7`uDo0zyd&^tId&pVi`%3%e6`GET`V?GYRYg^|EVIpBTbg@sBya42)aT9+aIuviHd?7-#I<^szhhiE;=IOH8@rN
zLbv7=X!F1a-*#~y{3|W%{w7V}`b&>9c3LwDdJ_+~l1lo>C)02DH0v5aauCgXM-KVUCS>&^X;^F(TxcjNlwL!mcem^mR7b(&aL8@r(@96j5r!|D_+7B3dN
z?=HRW-zU&elxo>}6hG5pyg$mJKDthsne-+CgBCOYz0w_iE~mo6a%**WMM&f5=<4&B
zBNyTGk-&4hK)yqM#dEJxWrXTvL%1~UuB={(=StfKf0^qX2~x+FTFT|7xbBgU-Z1nY
z?YYFvG-M_K9E0*0KyDeVu0T{e12e0d4b|ZZ&261*4K404d}zn`uqC>+$Rib^XwGI@Wq
zXrI7t9A!1~XrkEM2`M4i*?yj3TaH;fV1dbFKtNgkH*3k5{>m$~0}Y|K_xISJk;V%>
zZwU4F7@c-1Grz_tP<1W6^Qp0@KOB=3z7<|z2S&SQoF*0WjX%fkLF5pS
zpbUEZC{p#Cy0mz=I#;xZWB~E(;q25CbLos71yAzjIaL+P#@z6*FJ@OR>M3~A$vqxLS=+zB!D!pOO5GQlf(TbUQ|i}cfp
zs@U_6`tZ~X;?9T6{mUne6IJr$RK!4n`w(wM
zVNlU*_uhYz};s|kn%PHTp;ZD3KL7qX8g74wXNOjN6o=bGij1CLH-GYvb~-{
z?dg#xS^XOSK5U7m49W{S{#J1wWH-XKeMrdG=F{(LTt=a{W
z3b%chg-OLxN`>-Nk2jLI6y)}QIGt>)>MY+fBwj;rpGgS_YC7O0HT-mw7`JIaZ<;8H
zj9g8{p~C_#>h!zswL9j9%?!tBGl;i8b6;#fA{xdwX)4({91^)|EZlLub8D5<)|C9ou
zaQ}X&!3p4qCF27NcHZ`I%aH2coJ~0{V8o)F*!J&FavT{LORDK$+%tdSp1W|?`{pTU
zrmryT!8e?x__+lU&$&@^0Xi@*c>@j~x_KS&=5Xf#5=Z7+2FI%d*eI9EsuA-uH{lc)
zMM?$BW)9zy#A5U8w;XQ3`2rWq`Fgj*y$a=sDPvp8zUnFJqa~AX3f=MU_g6W|6u;XK
zC*P{NpuXPF|EhWOz|mmAIItz|$5gYC;^w`?qCVpIp!|H92q>!ts84VB!=shla%_?W
zq3G%pM#97ceuQ&aMGu$l`Olq!_EU}vuw1YJY0%@bkAv)!;BoK@K=ZRrfT8y1=mi79
z`^)-2{#7fP64)HUgf|EtW6hEjAXVYw;=UUZnVTN%*HOAuL;em%d8*&&4TBJ@i0Wtl
zk~5ZqeQJ*MC&+@9o#nEK6G@(AjWe0qZ@GAJoXaeZHCwfSr@aOz5of20`CxFr^Kg{d^x5>!VJ
zB`sHOd<*D^4G3t7%{4W(-iuW6mIx~>q++T#kzj1;dXIS*knVq%PLNTuYOU%mqb<5K
zes6OdT}>f&FgQ&u_Uw*U?zDHK_iw>szZorH5fU+q31w|vL5ii6@jtWgeX}3;niQtf
z`bR>Y2}87)>-u3p=^^X~@|xpF5n^GOW7P-*9Jhq&&DnNbLo&w~KWKoDU~F#g``}vx
zIB>F@O$5xW-u?;H^cj=ifv6+B_t~`ZJb>|pf54yG!8H`&dgX(E5~>C)so%bTKc`)6
zzoa1@{RQY0I(cgkRebkoltEnbR>&jM4%L`=LG0+hzuZBUaHwadKAs8+p>U&6?MoBn
zzVf@HdsnNy*-^~2V%A&|C$GEyP}JC>o&&gYC<264wG#S`X;PvwVGZ+|O7vLsBD*ZB
zBFrjzIXOQ!+nspaa%y?|HnCps>4WoM$E_9ac)NxlZoi}^>&OT=O^rB!bnE9GLKRms
z4v-L~@550=+(+>6!3fi8V@l3!ykdxI@J4J0O!?%Y6a>3QJeXm__*z|Ey=1o!cyxfx
znwEm$8kv|Ha9g0;wrb}oHo)wzc-zBV6Azg{La=tOXkt-lxSk{krr%oJka~gl;q9eZ
z)o?BWM*1&0;{w4r$PM^@$ni8y1PdQPJUOE8BD1c%3Fz?h!75BMI0+iGv;F0kOy_yI
zy09p{uqZjlK!Cb`^b`W|L8adNjQnIZtqV(&Zze9WSg5Nu_cesp%}BG<-<+G)ta_ci
zqFVz)Q`Mj@PcK(ImF?0-AX}@IP=~&hajEzkd@%y3ukMd!Wes=gnK~LbjGDbo9t#Ls
z!it4|3|CZu_XX5CASI0>y%s2J2rd1dv81vB%Y=WDRKLAMF
zfO0}n{Ti|?j6O_{z$yzT`(;0P-U&?rh0AAo*$gG+;2=OkFEp9)Y!i$!jauJbQRSe7
z5;mvQk@)=~nD<6jgjKqtfx_}9_<9vth$C?#D;rzNzwuTMiU4)E?k`EHF0{X1Pl~Wv
zp#+Dnrz9f}@*=&6-C2P4QwX^c^xnu%J%q4ifn{>Wt_v#)ln?TUooYN^Bu&4a={$T>
zOL6^R|0QG>$C$7SGks>~L!!TmUwDUVBHRfFxeY(}R{uYCyEFqR{ut<*4{?;1#%)5y
zo&KtL6w|^PBmAVQTjxRlbB8y2P~X6!w$uscs;rzM=~CJEpia)iKWr51Sc
z)o3N4^BXU(2_9dSZ+6iCS_1PJH!H=#;FXiG&Svk1pB88yONk);KFjdEs-2blB}?rm
zWFcdsvWOsZ(LtZHYLxxp$*SfOPW$lZk@^eN3xP4LU9!$w7jqn>UyM9Q`oRP1@OE*2
zNCIh}u00{z=dBiVr=|Hg2J28|dq=*c_i?x_4(v@Hp{=uqC$~IK=4w6vpcPLW!SnFM
z0JF@yy9rK;nz}j;3OEzD!Rps^4BX`NVJI^2T_e-J(h`i}jen(BT>Y|_X=+b~l3+S<
zD4sk5w<^JVpZHn}0rB0~?olZZ(^ON#0+miBbpo6ZK~0L?{kZ5pQ;#mw87J4O^!c`!Y{iZkoZNp^e!4`z6+O
zIERpUD>bAQl@(tXO&YSYZO9Rw#y(a7n5s&DNHN`G<>#jYfHucoPiGnBb$7?zHw2=Q
zw5n`o-&2?~x3sj76^w1XcNO{y!`+32G071KVBX!$;7Vs*Pb^r{KL_yI879DN$#v^f
z!#z&KTA>Q<6kVhI`6Vxp47w<66wr~J;@Tl0;FvoD3yV{z3u3{UDoKxEHLOSyEdBAT
z3`KeTLc{BYa9sw5;qVt$^4z)+inOy|ErMFI0LqzD9Atzz1hX
zUWa9^+CA{6p8WKF$P66AJtsOYOG+|%a;hHr4B^hCB3H8PW7dCNKEN=%edT8QihvZ9(v|%EEbdniWBcY-Ws`Pw6i~E
zqY?}qR&vhlU70JwSL9aPVH|Pa%#0hwEUNZjplYCC)ict=<^x`_>QLj+;PvXmn=oC#jaMEp
ze|`~aG=OMY?X|N7xIM2fX+)hVIlgk~$h~W1ke2?DblAk=S<`J?hpX#5xvv)q#(mh0
z`mrb+ZaFc(2KCUQW7cja2b2@0j{za6aoE4emcEvs-w>L+?D1;x6Rh1H8s`q
zb7wy8gmEz?AZld(PKn>HG92(RI&5p^WW+UHvFObm*xd0xi(N*CxN<|Ols@rzBu}$M
z?5}=O2qOo&;8|J-V*n^bag0{cK>-0A=Wh?Ov73)NH8eG~xhtNYeE3i0yW7cLK;4Gt
z9ryBiN0UNYd{Rb)e|bBZZ29D1DK~hRhnpJ+ctkE9U~k?;Ye^6_orW}5PPyYoRb+LFO_%SdbmT`9%
zhtEA{;u9GijT?P;Hs8Jj0_;ZbLluIi(Jq*b=x!~ETz5oRaqq4u0Yf(wursLGnyKnG
zW@$CDv@RR#&pgqS(@-N+C=73K_IkzJ{k?0ehzH}=jv7Dv>$StfwClXbT|OtwD*C$rJ+CPepv{v0^58N*f8Uxr4ENJ|Nh8SVw8I&scs>I=a1p)weM>$r{bx={wnU92F
z*{cYTpMQbH=_^%d=j_c9FOalCY4zvC*)nt5;#5x`wobf{pjPnqj}Na6V6t48&7IrK
zYB$gQt!@*Cc4W~Xy1$4MiU|xsdF;DnY55mlN8dxJ{`WN#4R;MjG^WA;&*s)BHC*Y$
zz1byFM-vpaT5LIl-#a>IY-xL_p^zCH!=*41YgKA;hW3ed0oK7ig1C}C^kgeo6~GxX
zxlWX@=j#|8a1aUrdfAN#$-8HS5)
zrfDqCXPCUA(p)rRlb*nkiFr|Q-1I;<&&~5UkD<6e4D~6g_1|N@W4}wZ%e?A#1{KT0
zg!GLF&Lw;F7P>M-Zv}&jJb*oON0eK;Cl#EX%?c5{;OSRo6G)QOfWxYt0O@4(;ig{H
z8R}gMgL$7YvY`D&Pd_EM8KP8BGIkwOafYFYW!Mqs@s1Dz!8NH9PHS|^n(ypO3N*Rrp+7Hy!z{9)2%29`gBAWmul#sH}!iAZi@McNZP_
z=y2Kvi68i{=pN(omHDZ#kNpsP
zrABzc2g7RC&LBAoUVZewmkk%0t2mkHdFl^b=)PSgAib(p!-TS7$HSsd_O!}+5DvNJ
zEI{pmnuH+DQQg9W5wZcy#E^Q{i{Iz|
zDYO4*OpLQ?DKkZZX4xh5RU2RJ_b;h(tDOG}{inaGk=D1d%l6L2m)JbXi~B-=D(aV-jsAsyZ$K>(
z5qIy1{>d68zqih+itu~pvOR%L*
zMd_Y6e0fA%cW9Uoe?f4s^e-EIk^jAH9lWgC2Nk+rWD3b8j;5yU-{Fy*lE9StZ@z$IFTpVVw
zk%Qh9`}JO=D`90!cF#35<>`e;f1fujnqSmOt7^&+`rtLbA1w4z%%|qRG2B(7z;|=X
zNLQ&WN(kk}C}U9QSohnS_|f~}{OJ*g>NA|3CLBb`|0&+>!y)>opkRiOZfUt$cE2N9
z9^#f2PZ|k5W3O;IW9Hwxsm=DvsYa1W0fejJsbhL9|1JP(o^JRs!*0sV(pKdGw?$a^
z>zg86+*=Ri6{KkxLVKmHyT3F@hhM&-m!G=$puB6vtISWe=pHqFQR)AL%P&q(yHT0T
z<@8Gd**#&U`sPvq*XNE%+
zzcL1~v~Dhn#C1KWwOUez2eND|ZL;_IGmitFdzyn^|1(5r2}JVomV6^CVNB*oC$7Di
zl7dnVMqp%w`MXMbNurLhL6Vv6>AO!!NG>bHUhuzWP%pezooO6JNM9jLF!w_puKmuQ
z13%3MZ#V3PnlAV==BG-eLHCT9H8>aw-We`x!K_gQo2{SN^=
zMob$e#|_b2Etx}IJ$-^9+Ma&Y
zi@ia$P$*%e#?6oMgXB9&Tdf}j;i#2d87&h{yh~o@)p8uulY_RUV3Xe#IgLc=bMWk2
zPvpN)=PPy{%dwj>m|-Vf0U>+T
zrD;&c%T@*qnc<-d3JYtW-E0+Ss0Owt^R;UvsJ9b_Y^vC5$L@>Lt05p
zM~lWn0bj$QP~Z3FC!S{&`E~^*XGBp}nuo+TD*r;`GlN&vcpYgIb)(iD(*oLkm&`ui
zC{fWkxx+vinp#ZkQm??9hqrNBtnHh4R|KH$s_=q}KE&ri5*
zA;K0b;JCpWrdIL7JVZ0?M?~Wdavx@ZOcWIr@7%i=g;;w~Vx1nK_4?XKU2t*UOUWh~
z+E}nr$y5;Cj91Ka>oU;z=O?vjnV}LELv2(zQvfhUp@32D7z)6q;lcJo
z3E0P510r}caZ)wz_PZlD}ib=*{&Nqrn_Yi%!kh2{Bl1ouQHNCHiMb@H$}4
zbiue5hOD?ok2j|CS)E_Bta4%%>%ZsHI-Y1xqn21`nz)uo#ytU5#eZp54d>Al6NS!;
z3HlMSvDD{|?#mz4b<3GZ3(CWQ^-Qn+~ZRuFmiXg*cFE^-^d4jS`T!0I9uS0d4>}m)c;Sf?cT1gESr-
zXOHH-aLV?s@o0>#xJ;Ophd|FVw)$|)q0?yn^VJ_KH-R=<3&0nA`$;{E-fWx)c}&=v
zKF{1zRc&0?`z48IRA09)5?8l3m)}D|v23NDV{N35AbTy-Zwh;g30{$>=y?}wk!f^a5Q`G(S?o5F2u;dk9;sS4jXhsvi%{@
z(V&eW1PTg*g>?u{JX>eI(|M__%VYNzGTnqd5B^{Xe0m;G@VuvZ82!l;#gTqDaE-nJ
z=BmzP&F_=^B8MDkF6ad7V^Cp>f}L#=5kmU*Bf?OMZI*?)(tY!PXR)0>l`2=X#LCEM@0(P8x3F_D=ehx!a&r*@j2&awd2rxDFR4L{+5>aD
z%Z<&Nl)_!k|2dS5evA%n_{^G^`{U^vBTA}MuZQ=~*H|#%8(FCW=5QjT#2fG?F}&-C
zSF952x6~ZA^QsDrIHqc<+>Oo5YE~YmO?58QCw2~vkB419-XL|`{(}XhnVB(+Q3#{>
za2jUBKwz3F(LD$(O1!~DEox>^xcxlPQU%L0e6FtqgY$7#op~wCBgF~f4&sxIk
zSkHBzfYDSRCigcWBd=ZsxGAQ1GEn3NYW$-Z&X7#mi3d4hCl|X4osMDNaD{~q#7^MV
zCqvA5*~GPxE<(~azwU1YCF5YWVuP;CEv`=^SLO=adfP4_hANe#FlOF>6{(Y;1G_Bx
z0*=|uTeoLVVV#2752HjAW)IvKXBc!95kYkQCf&#sYVW?r#>6qNK0Vd+uhJ
z{vI^H67!B6&FrrFT_0ojyzrck^eo#wyFxUySd)dt#YP=WngmVY9^!wpHCcU$3~%3i4Qh#Ju0@DuGb9@FVc!0wz7Y4X=eBkJ6B0OHc(jTG+oH!
zeFSW20!DW?wPM4!<~qfQ3ykT0^~C;lj_K)*+^ZgQ_L9I5J=rVf_g=EYL)ZoFxvq8w
ziAJU6t~1Bh`9(!jp#w#GcHuyHr#&#Y4C>r(XMb-;hqvGJSF?Mt`%;Ml{>d@`o$?|-aJ0AKaHt^2s)4Eu`x$<3+@xkBRs!aHCFt2t96iupbaX9$Adik!z
z3Dg#J7b12AzFu`O<1bDw>0d-w{S7nK((dv8!q3y4f%m6X&DxN(og;-FE2^(hqg7b6
znOX```l355(F}vdJisQyvyY>>^}+zy_0*CcV!-FVWS0fb!u
zYP}gpjxX>HVA7vCKAe+8%GcgtL~wf429qqD+VDbRS2aGHsxHiupE6ab{Y8n0;pTz$
zKup!w%!_5j@3`q5@DX06X<|;lz%muLWc0hGtt!ZkmB_>2y5Zw_(qd{n`DyIhS)vjq
z+eHRPr_o~AGDIe3Eduul(Qf3v##WgVvzdPjFWYBAg`=W7ot?c`R@A>#1*eVGy|dom
zdSJU;Tw|yNNR};s>fbFXCyFiX94AOPKd>2n?>dvUJhci(YLUO>_h>Jm;zIlae0Hwk
zVICW$GkX)qWuj(@3J@Jwo5LT`t*2Iq<@UKA?+%P%jj=EX(JNv2NB6^n-z_ndi{;xp
zOm)wah?#!Bt3gKa<_EtDYeq73v$}uIt6)WqoPT=5^26G752Rn%$DtGX2r2$W$0uJ{
z^GO~U7-*xfEPI8GjhUC197r=D&tpThW`O!m0?Y?nxvwJ}`^0*VPO>%_hJatlXxeS?
z1$0;2)6ap+?lZ$a#-%lGwog{1yc=%!eK?oUn+wv>PZ}{r#4u@xlgZsl%BBK%i^MN}
zG#`nH@1Y&;rNuKHhBwPsUePR`Rruas#Aff1Aa}ce@?%{A3uAU8(~+=K}qDu7_8f+}yB)_4)Sc
z#eQ*6!Lzzwko|-9?qRL`ys|E&jP5r&pP^DoeU@cMeSJ;q7SuL%4i<1J2@_z>fmqyt
zSqhBrp;B_1iBLe)nTI>Mo{eiBXwiG|B83yUDq=Kz#$+JU2myjPGEsx^Ci0_iXN<0D
zKu}6NT7HRG+AL!ok^p!eQHyl;xp4o~ZcaVXtf_-MxpF^IQG{(8&2VPE~TUc&fj*EL&DM8ywB&m4HI&o
zf0#4H@|uZ?@{;&EE)o9wcayXDoK^IkFgRpplOrtv-EH>8J21*TGMWyEre
zsWZO4UtCsN+iCOrvvnLPEpPT(bzx3umYVylTLQwdP-gk0^83D5osw5Ysk4eK(2g21
zaP_r#|B7%^OK{BesRlim-asocyc-Z`?hg6%s=i+1HPVuwv7K$BssNKAs0-1~iJw2S
zf*%VLY_f)6ABj2d5)Hb4sIroil2DMUn}L+P4l+Q;a(!oKVTprz77&DfLdON9#>ZXQ?DPP59qEd~hi8
zwI}}Z(7S0Mo*;Q~+5hnhXuo_0rX%Z#@;Af{wfN;pi3}(~HRE
z#<9lmt<7y0JfUG)D?Eb1Q&zJEKax9h=i;n-?lTUI9r`fg*oA+6W?X^yq{5xi-ZA{9
zW!04=*U#!)yjNscO0Ui3EUY)jp6p-L1oab0$tL^W3*xGa`v%Z&6Pt7V(2dY_T>ty|
zEuKo&Zl_mfT$D0>NPpb3EET3@!UUApO%Xz9(CI79sY%A;W^DN>efs>oAHFB|%p-3%
zx#nNN+-h;3*@mKVBD{lPz-l7@@7n|zm<4#-!jxVN_I63&tAIrZq6>u0l*GV9B9g{=
zwK>zO_2UKcxXTic*k%jMn8ieI?;E6Y@;sjN)WY=zDv#mmg$CO=+&&eQf!a!JcercC
zh`aqueF|=->dnvz%wD~_esK1e5%&vyRRqz@wYlzb82iQyFueN13z-`+U_+>`16m+-
z^l+PSA6w1jaiV_yWdw)nIxt@R2Y?^J%67%DDeJM2&0bz+${qN@&DA68;z#VOKRau2
z+i`2LPdI64M?c0-+gF2gu$I-t5r^lA_<(Tq#>NK^G*K?r`5JOvf^Ej5y()|>+8AEy
zNj*8r>S!<@2zxO}@u6Fc_Ad`YKIZXhkUM;zfSp?@ZX
zt|CR#^5LW>)JL6NsZy)I#DBaD9v0fS2`}61ubR7epV;EVjoLXQ@(3S5&v4VODdmg^
zUm+iod3q$4QqZQf;smQ}-UhR;K2k1=6lc8ve~{lOL2dbAWZf;h&q(fljzFAgy`Qc5
zXqf#GY~Z~{*oR<{5f~N;
zA9rhmoS+n|4
z9KTSW1-zY}Turcx{t)%1Q7I+`>{4Tzos@upY7Jj4{$~#61V&aDAu9k@dxG@R?>)-Pns*A&Gx(n_SJ;dUwhkji6dn=
zF5yvkuUwEg;20hm!LCvO#3${=ub!0=5Nto{N``%|!TGrkdPz5n}**Xpm2pJ<5~
zZ#K-iM!_5N4VNHsx<3L}pTjM%GL?R@Qk}al-R|crUg6b;_vEg35
z?HgavL^W_yVv#+!qlC*&q9m_3r@7wvm>9Ptq)yEm!3Dngobh~{47aISk~*kB=A!Hp
zU=s$%d9S4z5|LXpFgh9nCkE=9ZzJY3B7s?OZw_I{cs-wmkH+07Gd{erD85zbd6hQPOuT0WjAVlws$xj2
z9}zyp6nE>3(RWvB-(aO^o1Z+sGspxPW}|aY|I*xca8ACk{;_`VJ!fUBld^NEcG0mn
z$N__UYi&-6be;ymf{@Xrqu+%HO`w5p<$X88YluK_-@a;ypiYxoM?`!5!>ddKGo4|h
z(>wnHoQSX_xmE7n-4xFI-3O+1iP)DOY<0B!Br={b=p52tjmW(mraGQVStydUMG_E3
zvKM#v%gsqwzP|@c;yJNmS6Gsa&hNa;_2^-vAw&{`XccCnT0BrannK?POoV5@
z+{oWBlfuvf!+$+69Lx-p@0X1|(rbX^jOncKt`wA*9Y!bzB+7fIs_q@Fj1M?j3`dtJ
z)qa861GoM&Gw^@PM})JOw%&3qPqkO+b-|=zeqg^0uN0W#^C7te-dBM)bVN9YV5M@m
zfzJmS2WQ0_rI48-g)Jj{6#eChHm3hh@my9nD=y{t!JU;yVh#s34ViI!Tpvt0oSQ#k
zp{^K3YYA&CppSliX)tUqUP;-a$r1qUG)XD&+)^P0Ir%R%Ski3#jkR4z8RIw;sxqHYCt_;)0ksCx2>-X)>Xf;)o<}TL3|oU?Ae1
zAI_d*P|g6Q-(r4TcIX-NF&WvgBB2LVk~S1Zyp~!9kN7U`k%(4)3p`M9Ly5%&%~h0l?zF-4LK
z5?*0hr3yiC6TpFNRCvq)0z;IRwOXJ*xWgc%yZX&n&h{Y%(g`BnDALVCEHy0Do&~K5
ze5uI}iHL4YZYaH5LeTSd>o0YelzmgD3`*=d!o~%NpoFOQL2inchAqtoKAoD?;`e4-
zbD;sej+YlB_7{q~1q*6T*0z_#AZsNj^5KL!W~koOAg~Xall=I|wRC*7Gx-tm`Ox=|
zb874w8M}D_&rEmqJl;yI#8ZLImFuv3(YH48$x~Q{j@%>o7VChh&N`oFPi`%0u{Ed-1{oWBJiZu5jr_4$INR^cONIDz*QGrb-RY5T9-Z
z+Q8NL3@Krw7PB_3Ram>^V7v8qx@g3*8MSMPu!mD5EV>#UT6b^42?7{(IMH8;orEN#
zEl_gBs_dqgIR}82HM3qB$>~q=lQ{SpuQqd8&)eWLig~oI2|N9e5SRX5*4FkTJIez`
zDU^5+bC43Xn$;97BH2|C0$;w<##282z^m=B752|UT4ECz8<2HW
zW6qPy5!JI(TA%U+;S(<3@>99}3Qg<_k_$fx2B{(YZ?w+*u{ftw37ZDp(zFW?^y4K$
zH_;P5g@uJ9=8m9s?~)KdV_sW-XZvl;DaUK^T!KK5r-Vi`QB7NZ+uKB?_vh!(5>-W2
z8+}kkgavV66&$L`%3XH7!~KG-$zg(uygWmQoT8w3QR~vaM59xFCs2#4f#orzo-{y3h>IHMto$J|+nrSNS;_h&7
zm{ao7D|)XDeSfjC=fsh6n5%rAOT(32ARa@)lEK}wpVB&)r0^$Q$n2iV`Y>a2>to_8
z#|A7heY*1Yrv7FF=TO!3H0;7_(J$Rk7@)Kds6gCE2PRut!o|G7S?7k+?{?^bpMrp&
zaezt43WY(hy?6Zt)B`-k+gHztFbTM_b$}onE-kyemzYDi?yT~I7;&}<^K^YCvnLJV
zv7Z^&2RS?NZ2qIZa?B*`WytY;1w89;rse&IVta>_%?F|g5((WUz{eZk3Pa_;Ni8(g
z8h0o*!5rbgam}B}4#n;axAHLJx#6V!W#*fbM;8wK1hiJ-$*Vo&)F~4p(ghyAC_U2?
zJ&qP-Cy!u{+3hamVcGPDh7>66;yIqsU8<_8UPAK$+G@fNY_28iBiQ~6Y8h@c-?w0p
z#)C#^Ahz*oV2ks8w#dnfzP`#6xn@~$;*nJ{@=|L&)lr>wFk0}(=1Ehtu79Z7$l4-)
zKM_WCHSuXryoMYe-^jUN#sI;6z!YJy;1$KyFVHAGD$@!mU
zFD+Me#>n*JYz^2ku9O2Fh-0hO!0fMeE;but9)^Xz=i!HeY~p{aXh9AE!r!R+A}h{_
zJS*qpu%c#n)(ikY94JX%p?^nw5(GrGw~2P9;l!3O_SAyRm_AH^iuyNeY!`2Qivhmx
zkxAinAlT_g9sWUMtzfvzj=juo6PytZE1!v?y!T0r=GAnQ(ctvu))f-H)tVn{nJRN5Ryo9UorTF8
z%2ew45uE3Q}DNbb2)1s;&L
zo=YArsCp}I9baq-Q+e+iblDM{$@5KQ*6|mUY3XPIIrYNE
z&`YO#9*y<58Qkw}uQ;BQOwLaR1K)qZDYmCm5f1iV1|4(aBPQ{n6OXxS-S%?F)tZpU
zKdhkRu~7+4Z~kuY@U*^E;FnXY)|Uy-ZqlY4%iIG>oQ0gW!0S*Zv@o6zuKbt}b8Vx{
z()*N~Z@*`K#XV4zVRlf730J$@xdg!9Gg8C6u=L`aAMbh3s*0Iy`2rqUz+>eZ?OXzt
z-|=I`HbFpRyWJef;e6#exSgqYpnTv@$`nHcqXK}%7t7!O*&3^**r)ln8vZa!XH~XQ=?wq5`_=s?yR{U7vhfQIWu;JHqNUuHK%BR4E%5
z{CE#+JQjAT!Oz2Kvz7fZmTyaNOGTVdK>EcV;&{U8sJUbfq6;B(!=2K$PpRx)>dQPg
z4IS-~1qX?nDp|Lmbg-$dvkDqAgO=z3z$4T({oSK*diUDD_vs7^9Zs5UnHOnjf4-1j
z|C|W}kW=g@VZFN`R?L6C@ab~
zZzF&R{cp|sG?E~BH4`zBuk1#1QL@HS2}}(!|B8})*A#flEmDM@ZGM;40tG`jVkW8c
zc@(JfIkw}@bMfQ^3EY{b%bM^OAVl97=%&xd$hc3y6f+MLSK&+G3Ab#!{uzelMiNzC
z0D%)Fw6qu$8p3@>rm@fY-$NoSLJ(N(wFkZ#cc-$`c|1c2;afP
zlOt;zV0)g41x~Xf}E^{vo^}r0Y51+Rfn{(bzaUKYrR@3
zFoNd&S%Q`?6is#A4$1}hp=2C%m$|IYOYnWX-YNrgU|O0+rUnK&73J=tIYTVyQhC|e
znC6#>F1n60-Iq`Agwr`w_l3?N7dk-<}%Xfs6R3B{}P`~
z(c%gAF5pO*gKw4m9Sl!o<>Ug#%S>5NLKz8&Tqy=j&X!#~;bLGh4a6??leD&JAEz5z
z_*cDtElL=QnC2Ok$5UO^xWvnwKVk%reE!0yBXTtUk{mPriZl}%@Y9hjpMR(dd3-vM
zJ>jh`8UV!U^*{B1ljnk`OP<-#O;&bx7QjxF-d}6{{Y5DPJXU6Ao*~}1d6gi<1&a9O
z2`dV`=-{`s5VzQz6Tl(xXM#8#0PGwb98ypZ{<9|KbRz!>j)PBf(d9d#U`=mV$
zH!~$L`5|BY|vuOX=%*v0v>U;pu2k@Q90@LPxZGa)^Gj+k4|z+(s8?RkbgUP9?NSY#gC6>W8Z
z_+CM?NQLJ!=YR&{zmWZ6)K#J>Mv;xaIAL2H9_u(TiWqmA4oy1A6`$Fi$~`=E`y~MN
zeoI%^Mc)U2HgRcbWcJ;;dza8eLe`z8o_*#$n4%yIS6AAZ#@xkXOocg|EuusmVB~rM
za^Tz6Pb;=j_~iTW9iRZIx*cPq!pK?P2Ye;8$lc=9_fX{xl?8sT(`l^D{ZmW
zWWG;EUx9tjq8fU`XoNIQ#QEJHij*e?Fe`>-HF-rvLH%O__Sz@~*2P4&QM<@ydkV`>
ztmy3km(Qf)V#c0)bv%wOx1g51+r*`&d(|wnH2V*s57}kavEkRket#|WE1$e5^}g9o
z1+<~O=XC}gsr8z^{w;_(IevxZfCdY&=|K;aGYbZe{%$#N_bz7>CW|@~xZc{o6n+K`
zZCvAYnf}qDrUZl0K(Xc(A9kn-v_vHsAIm&-m7Og)t}$6_7!sfZ2HvCXTjx>SLj56K
z77UApCQt0__&hKp6NFsS!bo=nhOV2!QN8-+6IFVr0>m6lDGXUOwGf#FxT|2HG)3bO
zqp~_yFeL%i4(OuZiMYwBT)f0g
zsOsP*5~j>``=1}57syuMjR3Mqp54PXMuPevbSHFMy4Bkrtlq%N${@ecj*ib-@`WdH
zJWK%a{5KS#9(azx@lbeS-CLm8F$UZdh~GR89_x}Iy#Wpj%xOVv22AJPjE@fn+9_ANx{&}nGsxb
zL2R7_m+U{YP*|G4I(Q5YD0nDjV}i4@vxL4+af~QRx9`%Sc#hx$QXd~Rn8>G-(%p8s
zxA=0^t#^a%@@n@L)cZ2=HzM-7?(9&3uc;``bSaa6g@g$Q9B6=fsto?3Czs89p5+a%
zLp6c4G`Y=+N=o$rKwC}LVErmXrtcpl+(j}Ioj?_HNh{~uH|rw?(?4~-FvPLV)`7Mk
z01jO$RWM}(1&Qtwl-^UkqgX<9oLv$aZp3p2Vz6{Dy-zI)%w{%D23PlnZ4^wZOKsDCWRx$j*Gzn8l0-#q{LZ+LohIdJ4*)duDN1CVbC$y0g(CLM9hUF3LUC~dFvfWabB
zfOsIB;VRe?xMZz_POZ0k|2aaV{Sp@0zHBGXLH2U9Ud9)~T))V3CiQK)+J`U5l6^I8Zr>#bpyBgsmJdksuL{rbtv=Rc!W
z6|p3nXINz3~kem;D2obd4}$9uAu`
zukjh*5+wo=@lWr!hluEW^gX*nA5I(w+v->Qt)dc6uLD6?t|t5Ju6B0+bXitb*4c?m
z6MH>2@II%iFsl@WL!8{)4e%VhoAk-Zf_YZrKl7~O|7)HViRH@(RwX=p!x4mtlZmSA
z&iWgBQuKdXa07F5;zgl{H~Bssr84bTCc^)xK8^YQ_u;##2;OVACY|{N`GI$cP|vV1
zI*}!_$`((}a$Vj|5hVy+EisljD(b>h{mk_{>T!-#_+>2m>=SK0)99={igaiKobK?a
zt9W$oyj(Rm0kb7tthb;Zuh?w63jGq+q|+BifFz)^)uWO_lnyEhMDfaVJ8t02lVi}9
zXIQVQtGldSY*>#6)(#Srrp}m^V%&C8@om+?wTVVDk5KX*oB?7~)zapx_*m-TkiBtD
z&KyZ6bq4mci62CB0F-@ma~RWA?1M*K2kQh>pFFvyU2HxgfGkZ}Rl}sjD*fKR2uQagl7dJhSb#`3D5)UQDM)vhG?I!UN()L!Nq3hBC`fmSbaQFGeVpI_
zo8_#TStH0j=Z(Fe{e*v>ip=k+O@3A&`2zAXO$0)i>!PR6RN7VA+UF*Z*JF>>0C)=x
z^>=BqxDv@tC8Dza;_!#C+XVr7UU+VU1HqX*TTfnp;nA}cI6YO9-Ndn<%YH?=r)Sm+
zniH^ezRtn%eeVxE=hBjr14p;l`IlAUmXPoO{iT(CZNV>drat27GAxm|nRPd8{CF$u
zp7L0!4(qd}r>91di3|#@7;_eaCS2bE1o)z|j*i9S@BjQX#HgzoDu+B3kgF{x_{HVK
zD1vV68fXA{zx*->%b^@jMA@yBr{MVdNmFa0`7z^GBa
z_NzCIs%u>--gyBLi-9T7fdNy2>!xtD^*m%u@PY1%b<*sfhNs<%q`Mb;nqb{;LH+JW
zm(JG8Mwhh@U<@_~!1QY!^ezqw|*o4ob~aHRd%N>C3Yk1OV)0&_*hFgj??2{!yAS9Qb5IN0k?6JhaVN`_3zS
z`i}tMsvhJKa({L=q%!z<&v<)O(Ob-hCfqapE`)86`b8ov@xsKuW+Y6iva9Ra2ED
zlOEPWx1CUcJdYBOUVS=P;9kfaS^s>+b`u>f((<}F#L(LM-S|z2M85B;D2u27AG3V&
znf*9HoG{VD0j@unG~$StRNDT&tX;V$*Mm~%xuW>Vxd-)Xrp!>Kbw7V)n;8Thh(N{o
zp7jjglU-?6FRz8-`X*Jypn32zW7NC}Ay3F`7)%~%;NV38Tu=y*CB)a@L*~Ic`@=Ws
z3sJEe_vCg@UjeN}I@|9s<$PoO9`nUlS!~f`N;OKfSdX2vKk>=4>!e(wxFJyYc77P+
z&AY`6xl-0`7cVq}r2d_9LvIfgZCXX3Ryx!G^$s=wG_zz$(Ov4X=Xowd5Z#IUEklUx
zP4j0+QviqpTrsn9a++YYjl_Ea`5DqPFCj!7Ma9c&ZrNxgoOGSjq#pYlItc
zgY8E*ZOVUvWI;Iiz3kZCIVV{3{c%muYgE@o**UhSkgTDDf$xcNv2rI
zZIh5kii*xbkHD9uZ*8CB-FHhiaM-K5kn(bMBQcistZaPCg^OvM!+;^q<+kzH*6K76F84tnA58NaGbg#@LC#}?47s!SY
z8mK6sXQ$mQg2MHdn}iSKGQc<}BO@a;2nR^qh&IW7)UL5t945kl^Dn+GPe}kc^jrSZ
ze~O>5IfC-+n%_~Zbry{X8Gwe5bmlIMvOA%cp?d)56=@yC*iDQno6FH8v?My?>*rfl
zjsv(l{5QOY`kRXuh+ljCPdkX84k%*uT0IP=I|ucpM8Kl#3YKyrG<0AW?%_RfN!7Ri
zigxMld(^83lJQ!dyV5g9!@Ue`sdoAqYS}7JpN4=(J!1O#hVdPP^I*l1Uc-laaymR?#fLO`u8eMFXokX9Yn@cp{C~B`B^ls|
zdg`DTminRZIm{Y-Nb*OSgrRBTj#;O$^e6iCf-;LGn9yw}Y20JW$P+_dlk5~t*;fb0
zcL<_^U&xt(LV-4XU+ZIiadH2OeSmJt$B)a-31Z-w=sGS2E7j=m10}#?f6#T6VMRZu
z?lN0(&tz>l6qrw6%HEVe#BM*oqcxCP_|$iWC-HpfLo1rf?_E)arBqv2Et3mcLbr7aqLpi83a5&o%2;p-c>R(o5LR5qMV468zV
zB|Pf`L>k3^%d5{8R5y?^m(nrekjV+S$6zK&+uX7M6uZr!p~*Z2kyh}{8%kyFk2hSP
z3F_Pea=GmM3Cu<$Y-TTmyhd|f`N7Cg@)GsdEdq{NAxq=EStJ+aO@AM03@C2FbFFH~f+YiN1anZZe)laE5
zfW+ZOdw*Xauldi^&>x_lLj)}jQ?EqK%2~)*^UBW9=Qh>%4~*r)61dRsAPg1gPycT6
zcy6!V^X9E(3q%|M{M=hWkTjX}BDg4Ztp91qq7-o`1NarOdo$40(4YjnkdXiGBsFLU
z%fXOUc`Opb($ZysK=gTefPp8r^U~{|DgcK-@^Jfl(gUnH=x)-VPKh$%3xjeAK;Ml!
zH^!`!l1?|oACUqfA>y=qP2{P;W`^Ap+S{|oBe@0H?F1zYO3c7zDg=Fs=573+#<(EB
zGq5SYE`G}|PoB*LhDfaUlVfAAqkpr>y~@fuJ3P0^ya%68z9a7VJE-CRX);0l@dJos
zz$e5({sxa?j1Z;&S+YfsLFH39+1uUSTHGrVzG`*W$k;c|S#=-*<}q;3)qdLUg84m^
z)KOq+HKYmI15!Q0dr=SUc1V2u`dO7f{r_Ry8V$+&Ft!pIqWOTHGX;3|2#(Wp)ctOAEsC247FNTg|It(5{7IjG?bz_|me1+-HQTp8q8%1qpR
ze3al3<1lrRX}R&Pf^>?W(YM*kr9=?yuf{yTIgZcugtZ9
zTbLl;8y0e`odm;OCE2ISToUUC(NM#aaW^l3tByIYd2em!}?u
z@i9d;zpcRsj$8I@5-$RJu|J?Um6?c?
znbD|J>qhP)#3L6X+W`D*0_~pN{_3+Q>gtAIbnUPIr5b|xq^zy;3?60nrvX}6P`gi!
zsOth6{lG4L+<8b>0@~EhwHF~*3ov)1*_JTK4lz_&vrBAuSUkfa
zLxIQK|8^ERYhj>3ii#9dK5HfzQat9oRRMlw_RLqnNg?PF{
zaSM@VW97CuC|XgU@s+I!eN*Opwu{0a0Q8)1j}4XB`0d)~`&$D_g!kmE=v^-jXc+zx
zY#+B1`awZmyZc^RI-1ot)jO2O&G^t5QzohtHt);67B|JP*Y$k0CptWYbPp#$1
z)dNKV*~CW|P~D+}w(H
zZ2)RqM8aeZ4b!HRkB!0o`b|L}gcO9&3%@;zPxvoN_S=Q1W1*pZT~2&Q;0)s;X-$9U
zwA9sajP{t{1t*D5po=N#>EEgjRu<|WbN5BUU|{7_5eA3WYQ4@9jd#ovg97kEshY;9qdsf}u-EZbTSapuD-W`+B!B{WLov_)qJ>R$eM*%qD@jWE?ZQ*Rb
z=(vV&aQb`aDE?PN_L5&7W5rI!S!Y2GE5zUJR@dnjY{c@Ac6M|$fYnbC*fkQ;@DYOl
zIN`DzoG4^9sIL_j0)MaYknLfgL?$9AMAm!cjX=5>mtv8!$Q)BcwZr8**;Mn1$iD_uA)Z
ziZ-Wye?TWrf#zp`s!Gw}1VReZ>KiZu`~qovZ3EO^ZrNhHM$NOnY^n5Fo7J0v`no0a
zN-$)TK)}WmNFg}cAel(wk9T}-W`-DMvvF{2QB{crIoTEBK4rQ_mgzElrc=AAUN+0+688Kj7fLM@ZLRZLN~NI
zwchk_G<#9cGTLT=&g+h-OY1fUUcoKOlnKESWh~{Kn_&+RlRW0a^x9v?KSVU4kxO`*NpYk_jx4OK52MOUN;(`V$iMmh@VI6e=X(rZ
zM!V>jEBf1(;Csp9A>Ie~A9fc=)u3g}=TB0?fyoObaDXU>0}@z;A%0y
zLE@asMg`tb$O)eErv$O>98t@Rq~XWcd&i_s4Wg!0aCAjHwIIs^32fH117)Ip{t<
zKE9Oi0iFy1|Bwy}KPny&ezZ1phDMg$Vrn4#1_tD~We5a(xU*OU5JRG+jPwsH(^<7(vc;Bu-PJdQh=%39&uk0cp^XH1Z*E~4
zL`3uS$i-tnI{UHliWOz|FAWt^-`*;0sCz>xCgmFr-7ZWH*ufaCdEc3ufgu{ncAI(y
z!6vWc;#i(7@R5Rhx16%_m0Gz@_el8h5uaJCIcV6B%!7!viE4f>v|m>FKX?SGU2~%8
z|0U~8x>*wdjk4vVXnxa-vdEVEITC+GNqJP`{U7T<_1Uwf{-Pvb9q^N+?_D4)t_YDp
z8GyS!c-7_SFoP{0G6*-XRuW^jiiJ9It=}7+FM;u%|}JIcGr)(}83d
z0`tpO^{j-5o}?iWx-wo~LI_Vwx7wxAq7?iC1}@9s{f15oFjQKl}+~w=1i^)g1LnlIN(_e?GNUG$5xT~~GEu`)9oY=UBr^7OH
zIKN|T3#$n3B^~$>s&8Uk*%K9Bz_>$p-)S`OZ_Uv?!8PGKZ0p$`*s88V>fyBzFJ40t
zu7+Y)MwRPeAzpN+th{%pRA-nCDS5X^8UjzFIM^v%9$etWuq%jPKI4BQ=9V)~tptn^
zq9ZdLU=ZAQ{3CbPo%;Z>`!hHM;z{U%@U><6{|`CqLA|aQ=wRMJ}qkd}Cy4)wA@Q
zfqYWesfHu`XXkrGFZfgfg&zfYG|EBq|4
zOts$Y=P@Wqj<5`VqVvF>Gykd@UDqC`{n~8x-&Mli-pgm(PipsGh7(NUDb7{N-3*@c}p74RV3}>FI^y7d=
z(ztU;Nb35VGiu38B{kp@a60nOYW~Dq0+b^VO#&{_(vYR?vOd04v{!UIWj>zUK)%P1
zjGN)FpkGU|tit&ZZjz;Lwml0%+|uC-TA?ffR{@TZi>>T24k<`=7zupi3#glVHEde0
z{fhkZ^k(1RvIBeX?83SpJs&CT^Md-bsv&Ejnrv@xGkao$j3N;=3_R$#2Y1YR-j1W&
zXlx0OPfp09M9YAx1Qvm0k^JzQ82z5IlI=NHhRyzL8sU7Md+EuFOTJf_->XK89jco!
zg2J^3!@rqkQCd8~WOMjffJ5o-^L5f*9@>|r+Gd&al|t%8OX0va0KRpU;$mIEddm$d
z?_t0BXl{TrF^Z%44Bus6e)oQ~c~Iol{2XD@{QP`sQIYEHCu2{aamD#HQ}lRC8vbvT
zUu!)928Y^n>JZ^+PzPj;SWks-OCAhx@t{ys-e|h@njIyO^*MYqann~={9Ie%vTWlt
zct)P2cuq7NnD@xgQYzDwK+w`R%rbLbd~u*)p$?nObY-<=HC+*e24REJ-ow{C#+=rx
zQ+q4F|K<=}59OFa6E2=7tlO&X5C+zzDQ+KBQKaROs!fcNZJjU1zInssQJ36uigr(sePl$@_O!kFkiGIwuRR5-U{Nd-<2H=73l`qNN^qq;nyT5y;}7mmC3m#OA6I+sKR?Dy8ugB+N58o7
zgV#k1of`E@OFK=^BDc{~Ric$T?DC~JBiwm3j^dB+T9t1|aW@v{e#v%L`3&MWF|CwN
z+8!&E?$e55F0EW{!Ntq?S@(w3r`<&)@Ym`H&$-NF$HI^Y*W4W^O=lSmnsD4}gct)!
zC2G)CT7pXSqBjL>_s1)3hWM!?5%vGP!+l`45!Hb7UnxcAS%n=V)Z-p^^&n{jkZ#8>
zoeK_QB6Q6(Vy-FEySq+3chkgP{jAzwURinl_HCe9vU~93t#r7zwDRI8B*^gDJ4|jj
zQVMH8y@wyvw6B#rzyuLMaKHf%34TH3I0hVpq0ype@k8It+N0?FG00p2xzh7Jbsk%(
zsuG+mE4Q7B8pwURGdad^`d7Awv=;ylw?$9bbTy|+Af;W32WX|?+t;-Kia1lxlZ=?T
zI=c2+=s``MKgYibr6-i29qzugtrfWa%r_#j7y~U0$FIE|pPu}hWwDe`JrlhdT+1$b
z(D;Uci=Vb3Fg(?$<>&oCuEBwFM#uQgsn15QagU!AX=Yerpz5)eb2dI=nV>5Ssd_aROL6wn?3!ErNcY!VLmEf~knz&1!+0tO>!td$D(oCWFN20+jtFy)U<
z)+>)<=i%wy*Sh(B4uS&lJW%H7^$B1Q6xAvzDlX`rlMlhU1VyIR;xEWG?EZMq-l>%5KXhqNM_C_u;rbTh2kQS`gc~Y`3PHz6KXV5)F8<4n)9sPRe
zi#`w@^+sFuy2|0gs(f!WH%pol(~!_3_ZcXZ+ink_VF647k_y}Zi!>~J(a!>pLYsH)
z^LxG7yhX@oMbfb$@)k~3MBpJ4MccXLNZ{v4agCil42|&!S{uZG31Vc%TtMg8IW`2O
zhjIE$O|G`}iE8(LM+XN19m5AbB$5g=Dvn*dl2E6#P0@PL@6YXpzxfbxT#oxQAx
zCQ>G})d-0#NZ^llO|0`#G2(t`d1?#EiZvXZ@WWC^2BS-sYutC-#u6awdQBitxku3F
zC*%9B`wT9)>dwzfEiUh`PY^`PU}iu0?%9{gN_kVKBVoVqA&+?Oz-Th++kWa)nKcc3
zjHP|NF|at`RhuDEY!`fSD%Byz=NxMHnau1mpNG+f=6d;O14grop5Dx&Y|}Y=#G7n>
zvjx+5*Tx-KuWK~r-gXe5*6F<7bV5Ig5t!R&LbT)SnNs(>wbfG(TX}V1p!BGATojKh
zO@Vb^qIOvx5?Q*Y!`>-n&Z!^ST^1^O3Ugavs6=z73h4Pl?54YOapbNwTw=hnEE@uT
zt-rbn7eC(ttx%D5vnGC5070Y3ykD$zpg27l%kZQMdnBpV)q|If=w((00v(1ds#|ZB
zIKJbJ3^yF<+=^H$F))^#=J0zn{q6h^b)doc&h*)&8D5XpoyCQP5iP&Hc?_VMM2Mbk
zMJK)hakQ}Dm8g^txWdzqb#>RaU$RQb@#CkEN+4^7+@N0P6knsR2A|>`M++;nSnS5GtTzWorW8dwX4vcEhiOCwHE9`SzEwry{Q*dZ`P(iVU(Eq4tYW
z_$((c-w2K%x;{T`>8eY|E9ID*z(d7-@l$GQLniuR2M&W*13@`_)0tZIqec6+eEc*KX&OF_@WNN}(7DK{8_hwS?pEjPbzN)W(oFT(
zBEw1q8`&l(&4d<`HZS&{{J-Y;Ah8&3#owx`K2p@V5DE$Ol-o25o4A(iB
z=?}*_w^{LxNi4>)DEdR1!AMhw6`%1~nKihtml=NxK7q52vm)v=9+*pQAI$DjC-qzr
zWROXJ?WhEM+PIpXGtl%IV9MQPHG76wPg{&`O?snsd+r`@aH9%^Dp27?zt_;=tX0cC
zgPd!w{$Y4m#Q9CB_Op$!7YRz6$t)7)*wdV!Ms9vxh^pNi^0G{L>{N^PXC2vk-4XiE
zV8?taw}f;9i2MmVM^KK~48eg>Ug|puhfW4DNhp9D+A&U05!CEm;nJM$$K)MMNr3{U
z32-X6`ucJ2{e`Hx0Bz8rQQb1a`k%@J!E@l+{bFFywq;hXLSrOx@y*Z3Hx&O?cAsou
zP>AsphuboEC9mu=zkF$1JY63x&6QQY`F+6wG<=hMef|9qkG)|Z&hSnl2zvd3{nK3i
zQ+$9uYW5$%lPfN*gE-Ju$yj@A>uceC(==K6;Y4-XSLZUIjW%H)NTY<4y_yQ{xZRn0&5kvgUkZ2(Up
zaZpHOa2mM@fNcByh4RSHpAD6_;@`b%eUUIH;JfpuJEqe_!0B(ybhq3}9ST>(*=N3k
zOb=Ujt=T!eWytbsOcwTZn_>Vkr{?>cqb|+gMCO&=G#oUv!q$lV_TA&u1mQGM=O{b^MiIG@7?*1#J
z%xj^|<*Oyl>HyX5T2igno)j1P%ydSD-WbD7xecX7Hdo7$W8Z7ooG+Hrc>&E2Q20En
zgQMx&6KQVjJLOU^wB3kA0;#U@2_3ahlF|K_NdCWmo*6SNW^<|B>}HzbOTn`
z$Y>b~f#m_C{NqCFP)Q3|ZQ={a5#RY+^W4N_Q>1Vo=d&8SX02(XKQ{PQUkz^DTN%QB
z?<^#fqy)$s-{v3oOZZR{gQRBHMxBi1Tk)lx-cniLKLr)W%qtaH&RIG
zXjAcr^5^BW&VTEUEQljo+<2Jv?neUt3`wx(T&I@V=Q)Dd!^SIS19ER8&TXRzN-@-q
z?ToWU-OqHwr-|+4rESew2{O6smIbE)}d3U>J#rzpQ@k)zO^qt+|>^W4QyLNrc?r2}}|=yG%N
z2-t_-K=kDmAQF22_O0Co&gaF?c->~RV0I4p*z(pbyzHDDhbrIpLRDm7_wcdpu&*da
zL-ylL6e=!cYQJKFct%a(dMbH^2B}5LTu%zt=w238QP*ZTXBUq71-Yp8UrFg
zSkD0LPPc?nz|fBo=zG(un#{t&bRa-zM>t^G+Tp<229_5SCui51CK4G1yqlg9C~tZ!
zgCrWYFHWBq!D@_2N{WO(5&?-JtM&a&T}a%Z4ko6*iEB%r2ls_*7O#i5TCY44}CN+VO3wV2rMBHdBz{>-YyR*bun47ZI`=pUv?G
zMe4Ck1picVAZc&6Lm$&0o;H{Ir=nyYedRf=SY`c9crF?3a#*<;yE1zeW*F}WqPKd3
ziY=JuPH9DMX$Ov>xRr4yHp7Yyl$GDojHO9GDkK4p)yf_M{S7JKeNcvtr{0tA3fTUA
z^@o1zInLn8c?MMAA7dArd22GeB4yJ1S5(q}bv)DfthUu=#+R@KWuyHUQxg+}!j6SP
zOg9sYYB!q*DgghE<{18}Q%Md~Z7C4NE*{I}X;jxdkLy~{to68uB+CIrZwzCT#JMhL
zAk_Uwz=e$U04h}^UkDyJ(vkan?wG+3Xj(KVNY|OJ9GA4RF
zpa`<9KjlM;Z<>NT0E8}ZmBVO$J)v~%{i%;mMm4vRo-U`^Xxl}~mDsD%W4MCVB5vLp
z8$-5&gM@2&I6s*yY{$}VH&*Q}h5FF92m>I*uBSHyCeqQ52Rc=Oh6j;4FOIAASYjdN
zP2Xko`N+}zHW(uz13##;a9~bX)@%1gImJeM@C+Sux=74#Gu|+y?;H8?BQ-J!P!>64
z26jXtMA$S=IfC}W-xx}`ME6eOfiTnCS787>n5P{ApP33-cJQIMcXo>GW+XuI`VL*K
zmOJ3!GX+=tkyikr+a(c3ygSN#9DmP}GDD5s?COf5TKg*=9Aer+T^i1J
z3P2cr`*>{uq#Zuz^pMoj0%tEHWjI941VOnzsd+W{Q9}D@TU~%G4$6@s*j|fG4ps`aKh0}%DZ0jHReXMFiB>P>FXMleB%J0
zNxN)SZ8BL78%v3>uOlIMYy&47+w=)-XIED<)Okr~`LIx+1l2p$1R!VMwehKB<~1<{8iTYYj*Zbjf>R;)7|bOX_Z1=!T{*^dhW)V
z8uBIF$Dpg!=^-$EP?lB!<2a3=E@>
zPlqLvN|{1cLI)LC@F;3}vNxG37)z{VzP9A91URQ(l%#L0#Ww%@x5@Lukib5GC~l3W
z?ow2Pk=wR*Bd>q`4*E?|UbNPBnrs{47GX#=*_*nU;wv)TynF@begYVcCnqQL*t~dn
zmtpVySC+tSg{Rt|ejO{**K6#YF}hU#B!L`Glk_nCC8Na(^G53$r^DpwZQ-KImkXtb
z7*&$=67O!qpKS1VI(kO>gRk~XVN%nY*|*c0l)67sxxN9)8u}N_s{?x(kae#ioSmN^
z3^h~9*VkPO0xqjm8`*ZL$3i0y9RCp7UX3%opN5a};W-v{`m0jjucf7R!TU&v#p#5E
z!NC{Z+TOks2Va&rB$Iw?+W4|yIm&Kr^j^;j`{OSMCEo3GWlI%wo5nO*funP8$K6oH
zt+Ot=X56lU`NcX{nTRESQTcT6735#G%G|N9*(R#D=sGq|za>RGJQjwNz|i#bSJ21m
z-Q$|_g+G5BE_j0PG$0?33quAnfsg~PVZ(Z6CMGauWgBj0%1}<-#QXn`OfHl>T#D_{
zpQobGh*#BYO%s^q8I}3A`}(W1M~e9vU9zo$LNkY_9<7ZsjjdBGoQM))B9t}`93#aQ
zw*G3=;=ktZ@#$~XW`z)U=al|c#k148;wq>5JHsKA+b5R=i}1m^4?HqJn(qG+8#;Id
zoPi!Xk@fSP+qZ$BwRku5j_1Br&kAtm^d2Mw>%u{=3!02k_Nq5=ac%CpT3X+=+w4Ei
z32H!G;B>?x5cq_t6COM-{(u(FQDJM~C1ln4)W77mF`$38eWhmwkAekv9SSU3sItq3
zU|PJ%->&lg?DW`sG-~cv4_pnXYt*+loAiZmgyRMXF+D0AO%OI)vrjA?D_(?7kB9s4
zE}p8tx@O?$GOA&6gJJtZHHXX(%QQKO-a7AN2t~I(*R68u9K7(ur>Zz*2NSRBTh`aF
z^NCkr{H&Q55%V(i?8bkUQ-9`DTt;u=u5Sn1^LXR+z6`xzK40g%nLpGHB%Vj7X7X}>
zmsbNTiz&$E&5@>EKaQAznW}-Us>dimV!4?z=++F=JgdxB^5Dd9!zTmgX3op{cc0^O
ze5BvbiO|Gkt732VxO8AgDTLvNnWGshebTpQmATp9CZWuW#u|G;Mmx6L{>f`t>--HR
z#Y+bsEfO~lOR7^P+)L2AKv{i!!_MgPD|Kb)_?q4EK|qCwLB-Hh7l7GPv&;B7c+LuNsWi}(I8Hhx{
zILG*Sf34>HG_NbkD|Zez1hp3Fb--oi=$gsbrp{T{DUE$d?#sRQH;i61G5btN(i}3HF|xfy1$r3h@}(Ktp#4^QV3*xqu>or^2+5
zSw9X(u;JfC(%B0^%1Bq_^L1&En_1v(;Eljt;p6=$v-4ZBrzOhtqET;u85bHYeAlB3
zdBn2gd1x)+5qqy?Z)v6(QmyYi$Kw7WE$92`t&CV}sJrqvL4u%NsWL7#-WtYBPGsRy
z2eV6Qa`zi~j%|rjS3PdGttecx%EVq-(Z+7aaGGjRRR|g*!&ASGkto`@%4v4YPBl`j
zfPLEdxUa#B_5M&*h1#guiQ@J$x=ZaYPJ{xc7~o)JU7;T5&eCj0`Pli0Sr8AVS?YYMMHQ|Pn+3S
zjqOq*8V?0%HWHXS;KISdAy80UT#SKYdd_j-aX3fG{pw)5622F_JYH%8Mi<6j*n6xk
zaQ%B*OSi}yul;~3#?G!Uy*{1evDmv^h3vD5^ZLa=_7;o^HOYOzx8WFDQCUDpK@chxJhSw
zs-p?Y<43&5>MyhP88iDYOqBbgQO^m^Dc>{Qrfp{-!08~Q(}j}i>PG_CG+S4Y(O4CU
zd9GlnDUZ8Q3w4IR6R<9y`${dZoXofXTr{ZjjOfCidTeb?*g|%O`0lOD`a-U7u=Y62
ztBp!m`RXw{+=D$`-nA44GY;0T@A}g1&$aP80
zu9V0s(>KMF62A(XX%)NDfu-R@Y!$!tzD;&k8%f8Rn`ILf(aY5=f5#p)x@e`^ZUpWR
zVt&o84lz@j67Tu!S(E9KciZU3@L~pt@4psYp`RLMKG(Q@wL=|V7R|$L+;bo1Y@-&X
zsi(8GNP%#TTk30|){j7cAf1fl7(l$+v}^rw5+LZ@TlyLrEL7tFR}WV?b3&`IX#ctS
z9kDvq6!_H^a-kPvONp8Rpuv(PhVBL79a)JYrx*ad4ui!STbd)y_%XLXATn)O_>u@q
z@_r|vL60BD8vJC3A*G_CqEf&;Ks2D)65P6~&_PTHt$tb#~p~U$^e3KjE-H
zJ#t3=*JIOGkDH4>KFm3Ix96||bB%E4FIrJ^S^tz@(_W~FWlHMcahu->+V+^B&~4&Q
z&3VLi3(t}Xv7)l;P9^zu-AjVn)EhfrF0u%GyW4MyO#FRAL==jm}YuQFD>KdQg`x$V_pRRzRk6
znKQ1&L)9)O?DiE-Z_iAF0g6&C2QlHbm9G$8Q?g+LN|Udj~NP4&}XkK{Weap+4+!Tg+Et#Juy1Ing~qBe%-1?r!+
zvORjPb5Z#RB?0AMEv!XrdhQ_6yehAPr~Caw>`cu?1InLI%D)hAS&D@^P5qrLx78QZ
zN*9V8Zmq`oIC^PT=`r^)StcDC3~
zuhI9SQNQ}_0d~E5F`#jO^x46~w-tDyi9gfr!%T9oy;>gOJHkxQCb<88U3_l=P0zjY
zRkueUtEohS+Z8^y%2Bp19mP!v!`tVcvTT>M@5(GYvJKwmY|K6X3P1jz6zj6m3rvBe
zeWF1=gzpaC?f1yf|E_0PH6*>F)>AvP_05!>NBoYHR$<5^SkQrY!=(J-5}lsknoC@Q
zfe$lQ7LNd98k_h{SuY8HgOw!UxEhc|$M_gS3y`HWHKVBSkdJMaNw_oSb324cLgs5A
z8mnLrZ;S|krcl}=0&6IRE(%@e=~q*wq3p8oR*N#MJN>gw0A9Egw|}0;37y3-j71t*
zKN7@#z_^-xFkr08R(t68l(C)WY7zO#auHj~5NppfOt!PHe&pZPm5(@s4eeHkZ~aI-
zWaBMR%eDhrtscRzm>O45x`x@H913N;ux07Ce<1LMeFW`x493Q&sG|F8ZtM{CCIN1*6h3?e@
zI_WHP3t9DWyl*sya?!7MkItavKfqD{U$4a6K*`AYO$6>QirJd+mwvQZxXN_cw|f
z4H}??^cUvp!-P2x1=|Hbxbfbn@_g=
z<9+qT#M1F+jA+|~K)fqy<`F9vmet7-X;XPn6L`sNnf{xvNO-&~y@1cy;#y>HkId3`
z{_u#&%E}hJwPj_#^e!s0?KLIEM)pwRLv#$~^)2no#86?F&V73A7{*Z5k!#udSgojw
zRr`Y-86R5)j5wwrY2$E2tW`9)Y}@p}hv#M0@c(K^UeH!AKgFVHL60KNI-#*}J4>{4
zeur+CA^A%q1V!p7-Yv~DZ)O;L^ro|RE|3|z`C8qDmAY*}(!#)JHH<eoT&I
zg^E~?>9rVBn%a-RgYQSbb5+>pM+(-bkBXa5DMNoUOBsfw>2AK5{9yJ`HU5Wyb)&K9
zX`t({|VrTlQUE|4~TD2o0>P47O@338amKcNMTn;o$rj?uy-h0d*Lr
z+M!6hT7EiE=6tOnU)?UbxJ(N3UFJ)2{A4U(O1HrL*bhMOIq1st@*b)y<1S4}G2P-d
ze^MCos~|6CrL%RFVmI+ZqVDYsy8mh~b4rG1msPEpHsLeyt;6q$)>g1+b3JSV
z|9~de7S4}p{i#<4yVFhgNNle!jMFsIZ~HwK-Qs4uNJO&Fi_4e+293Pa&F5%+gR#-X
zoBd8Jlpk#-nmU2g`|ONBNW{geFhmilGx|77=8RL1wmtPm_8g2Ke6x{HmEY{8DF2T;
zLv`3{-AKN1gP%V2(~_Z>b~e268uSEarZ{P8HM#t+ct)Qw*0C3j7j(m?YlJC`8Dj&n
z=QZ)R_@P~Vr+^JkKPWvMm8@kvMw8UXQo%b-^r%!pZ&^F{%h!nyoSUknNg99L=`I^;
z%|5HX2+Q=go$A5A;-4`yx0vGiyoiJ~ngMMgyw*c<3l6zH)2=K!5=P9Q5D=mA_;K@x
zF9Q~}li=zwQ=|0op`?wCO(97%sf3%!8(!$Zf*t1?ITrhbnPr2I^9CX{nf-0P^EMU|
z{5;*=n04fa(eSh)_FVbtwW5H2;lv%uQ;iF{EO^a(W+4x(8!=Jp
z+$>L$ZUK=acpzHZFh~erKA@=vKZr_Ew_>{?Lb98san9jM{11bGCSQK{AC%$!#!qe;
z)oVOuWR3~+XGN)iumegq1F(%jVzaxfRR$;|NO4&?{&2Ql(t7KQPhw
z>MK#PZbi@C3TG|8%zh-_?=hS4b_MrKrNh_ZM2To(MP4KxJ9Hew<(c1P#{}F@1d=U_>-48vgG_UaBMN@^){i5Tiz!oUq=XN-ewK>yo5oKi2VV}C5)fb~
zPS~}+8Ndh|1-7Ae7qC*|h!_HYv&}3!Ig<$5FZr-WmBj042-rX2yE$sR7W7p^r)E(|
zC;ioqw)16)3!S=~Sbl5gJr~$u?EGX8jsmp^I$d5Tr?l~5V(uD(ln!P?|2$V((-s8}
zZm+aZ!uIaF&k9z%l4_?!rCI$Ij*O#l!KM)*vA==cUiQgpISHZ=@gH4z6C_;KUY^-KF_9
zu)geIT6pstzhOyJ5oYrw~B8$7v
zP6Tb>bgT{k@2xUk7%t<}sdFRyE+6YJe2M&m$Z!$n-cbIio~5e~t_(+Of&RI5VaOmW
z%mcAJaWhijFfur=^DgsM-onGvJc;%Fq@W&nfI)E+*^*gxCzCHw3*ng|5@bvD(-~^i
zFN+@si$i;kpI_##UexlGLnfm9aRwZS9R*{~0~R=ciIX$hRkA+pdQZY94ZOexy_~R3
zm>lksHwh3@Pv4No^XS-BJ^G!a9z%JFu;ZFSUn;Lji^Ar02FWW+x8C^akj%3X%h(th
zM8odcsTzpkH)_4~^G0BdirCD56b@Eunu5m%fxDV;Te7+twU(96j0In;dO?2;x*hPh
zgQ;p1_xKwaY77r+A}U9tqD5c)tC2E@e+S@cI4A@Y+ga=lc{I4Q4OX{T5skIAH8%$*
zr}Z3QHB`bLcPC2hH)qa|c?zwq%Z3!oZ4BE}6t<4}39{diGWuML4Xh+g1s)<@3~3Mx
zBR*X30(R|z&U@BAd3Hvhv=}j}l-jVqj<6e%Ri2K>6w1Y=4P~llp{XB1#cBq~N<_r|07%0-$6K{!;xE_rw>2h+7D}pBQSrIw!%*#r7le^C1j$8Tt)AEM5
z1E3hk7~y9;`yC66xl@NrsW&pt-3l$Qtb^mBUV-bz(|U<&jqqU-(Li(5X+q|-{PfRz
z6!0{B|LfMb|jSU70cwhZh8C3kZvGi4S)1wDoxxWy1i?Uw*}`~?Fiw*XCM0k^b+U_m}O
zucwgC$|}6Tf)2i!U~vP#tm&CoJ~q@EY}9v{ukjne9jATh#%%;pObhm41f?TdQ>nzI
z!Tj5BTrc&0R*sy5i9m8Fxg-mo*U~-!H<^pLux+eV@?g~9r2U|T
zj?FE+=X%DZ$^8Ww10W5ThN~4gQ~n1BZiu;Sf2Oi5s0Nf5JrLkvI!r5X{b?gGk^y)4
zH99Jo%85lCDN|^L-e9y8&<7R+j8Zj(`+%ei_y{7Yo95$sen;!%Ctv2Nt*_*KuTQY}
z&LYln$u53bKY8IRi`wk6Jj~LsR{?j}Q!syzU_4^Jc%%j98;Md%r^k)-7ws9Lf}`ir
zj@u@`E18My*#Tvl*)278W^(yneyNMlIbZ1B);B=2GK^^j^Qy5YC)}ff&Zm)HuLH*0
zARR}@7O2#3-`-p~$jZvHqY*(wwNP!|GHk*^SRf#$o$=Bnae6Ad#p3l12I-R}!23b6
zSy6sK??C1}W$pkS1B5RIWcfm6OO@8PRz?xVmrpT*UMpmKUuMK$`ga`t)x0xX&wDY0
zNLha&znd6En?M_~OH~!j?5%$dPM|Tk(}i<7%+&Sud+}1hItG+WsTmo8#fgmug{AMg
z*w{9!q>bSe%*^`?93Uu+Nmu(9ZoQT)aC32ua0%kNPDOpk8;Z|MrWesf!J
zSn?X<>{gNS*2<7?IC6g%*3ucPJ<2soD`2q=eME$HNDA*FrdK-+x5R1+`4hHF
zh-eGQ&i{|9?*PZLegA(dWbZA6LN>`>*<@9+x60moJe0jh60#~qLPpsuyHZ9H*&}4{
zz5eH|_xn4J|8Y2atG9AL_kG>hb)KJfdN0C)spR%A?9_Ln)}x@LbRAlNPAXoDQ|X;^DCB`AWe11>>vuc|W#O|2Ru}!K(a+UL!xp;ElG#%`p8lUnPcN`?xxwnU}wkkETK0n%#YuK
z_koIn!sP_*<$qj0ys1!URiS5u<+*&XJXOo1o&2c|dQp)80For`OCRog-`DC&sRwVs
zhnU>Qy1fW@fOFQSBm^ww@gCuy)pz))Pf8RNBD#lvg9~pIQ*8O(B1!rZQhE9yX}m(%
z_2*j?dTFNDbI{L&(8K5I*JB&FC3S0G>iu>l3@R%so(X?X(ozFmPF{x4IZSANA3&K)
zM}Fs9bkaoVrdOuamvr5Ms7l(wgtw?yaF`v~Ilxn_HG0pN)^u>6_4Rq-EAF?~UVFhS
zv>8MX2Ng^Rno#Tf{P_{+Mlr;YArV~yP}L)|7=ii(tOYS^AP340gYVEQ7Z6JEm>Poh
zmWsE2i*(iRK1j+FI%n#1q`5k$U~N&=<(6YPfN02Pna9q~t`uZZdHvY;I4BUf8>Lt0
zT{z5+137}Mgc`&VZ;XiwO&GABi{`w{R=8ntkz`y`VRY7`Tc{^V_V=WRc%VFG?
z5JXo{2Jx2ge2kM^Z2S)DxTYC*u}p^=^kFWf@^y`K0Xc_=V;nk$TxMh7QSIF)F-Hi@
zZOdl!#P0-Lyxz?5*ew}@D|XC>pOpBny&y7qy;0mf|$bzax4K`W`yE0po2i2LB@=pK2c}*Ot^;WVbDSuh)c?w|X{^sJ#
zDHd*;MMAf6y<5=oN6NSy6yD#Soor(ifUgAjvP9RZ3NRP|4A{ZiVIC~2D(s-#C<9@U
z{Is!PvLne`Pyv%P&@>%5EFdQwJG3Oo(tDGa2NS=?Cb&Mh&1s|@TIoN#yDiU?f>*K7
zYg>-o(>|Gq^8R?V2eBpx{xg_U`Jg)a!!usfl`?`{kGhjWY<9|M9|{|=7+D`4fOoyl
z1L|hX6wF5tI-mV+7z3+wCvjwxnG86W=OjwF7G3F46&wOoJVt8^ATYYAs2J8~xx6=p
z*O)o*7y%L;51gBxfhZ^RE|UiIO&xCQRcWljp0fBK$t;|&t7CN*V!%;0w_%_f0iXI{
zMV_~^~4C`6Wzw4z*;oA(nhV~2L8a8gPM=MVz;zF`8piya1gSNj(
z#ieJ=_Yoi$8rc*5r4RoY)r7+@*lAhXo=hg1H6J=E=fD=|6zDhZ@CG!HVRz;S|4N}H
zLI!gtRMsHhP2zCrLxx*+b~dl~82tq#8a&9s@!|KWllldo7n9WQKyX+-(Li6EjE9HE
z|KKb6(s*Mw+1eOHjZAD8zyS_crbuKH1o1$IC4>f47O5(Gc-$z)?13?4;KzvuBbZ6@
zO*^yJ(g%qiz8gf#>c;nQKUTcfZ}1nj5{F`}9MfgVaAPoD91c`eW7H%B^Ph8X>;UUf
z#XJZbAW@l8!fR*Q2^t3QjzJd6+oB=`*iEf6`1$#@3i|6x;-STW3?bB`-TE>ZbJf)o-p$;OW<>k3-O(7S;I>Lj{xlp1wMA3Ej<%rWAEU*5
zYJQ#A2-n{aOAp@TI4$hoGy7Sl%%vI88uaq0CmL|cCY3E>YIqgBpn)(kZ@%~#hmjm%
zNS<7A(ZZ)?fS<}LYjJmWweL6>HdU1Ge{29yzufKe>uhuVXS?Pf(Q80!O@lnw#A(1<
z(Dk5@*WhEs=1o!5SYOh6>`-lJC`v%<2o30?zKdf+ybUmF%+!B9ROwAC4%2I48&b&E
z^1h;D+%P9lV*dB9EEEi=m7Cnrtp$;{(YdX)px;^^AMMy#W$@O@BF&ggo^zzPQp+xX~g0#=8O
zXD;|AgMop1h6j3bx_kQ86VsxeNzdyJ-TfBc-95mpF00-WM3D^&$d$
z5^;1J=xHS(;K(f9iXd6UWK}#&-3ar05w}gQM&?)X6%YoOaB+Gw6uf(9CX^16LeYC#
zsKKC1h!@ey7xJi<^{!vP?lReoIgEG@9mR{mR4!^&4<6m~C_!2R_<|XFF07*wi70D{wcg<30wFO(CFmk3!8{;!KQaTqD0{mH(dK7Ages?
zd3u5#`v?LaOvGJ2(U+7J6(1iC1_9Xpc-<|oYU8xggqZ_)_n9uf+^eo!u%ea@8+r&`
zzDZ_lwpKIaVKc5qcOod^TzwYRFM@hcN18I!$Awhwnc|i$CJC%>j>f=V+KKG>CNn$edf7&cx}J?kYwh(arCBJ5*xnl)C|uQ7;B8ik9kV00>eNI)AJ#;Kn)xkrj{Z{a&cjwi1{Fe2AchWnn77
z4ec{oPo+U4V6t|FMJFgXj;E`<6O_((!{jf6gY-fRo$=e>Ha2Oxcot03;q))Dp;y@`ccf*F%GjOAH
zn1fv!J!z$-@f@~*B;tYo-#BhoY*$EEeZ|Rkp*n;Jow*CLq_50ULnNYUBHUv
z1Qk*{@Cze1UT*j$4G2pXGNlD2;+GHNfO;{gJ=}P2#hi_n!IPOyiWL6bC0ij;W48YH
z>W?I=ui$^Myy`6^c3zG}-do7vyuLg&mH=+n76BB_@CCIkSLdtT+%UJ;cVHibstZ62
zlQ*zc<2LOG#W}c-+?#U455lJrXk8Y_GD&&<{UJoXyZ~3-{EZJRuwp^y;a%iN@anBL
zhar2%xK5El8&0E9oi|B1A$?iB3250^)l$vyS}%#YW5dYv3I
z90O*OkmJZ;PGE6dVBTP3#}iCEcK<1s@1eEcH~6ClHWax?nWXun$Qnw*91(eno`65G
z$y0?5j<7*PM=A*y`)w;h4|8?n0*6{&!oBUS)Y4Ts)WuGgO?oet%731kCZSW3e4t{MrpB59
zf*pU)t-F8;B7`ridO%de?$Ht?O3$F3?H-_gdj@dXWrxLK*w)0|oE0#&0?29xWOc^L
z>iZo9iZq7#g{9X18Zp$T)Sue6Ns7vhNenFO93d7UYUn9_Xh@Cum+-ZOs9wy+RBU_-
z=^B#6S?3RP?JXLDgZElQdWRn4*|WVfP+Rd@3OQ4dzSf?!nFk!-6mHTZ((FI5!go9!)bQW@UBRK`>n5q&jdrx{X<{G4(9^}MH^J2qMPs&hgzNS
z2DEtby~JaoCC+@*=xJAo0iC}7@E&S(@--;802-o0z)Id14KCA)fK=>l?V>u%G6r^5
zO9z?$%1eN);UlIh*9TJX&FFUg$G!JmXdyL)|0QezAUZ%gU`ET=bvglH@5)$YI|OIuC+G5b@-r(^G9RYwM2IFKR*LgmswsN%j%L~OL2
zz0oBGMscA*IpD;yJHKiLF27se&I>1+?rRB0faLl1YCL3k5hv%gn%j}qhzY28AOOL6
z>+kKQk!mt9149V~<2zcAX>VZnsy!mE`sdQAsBdtdJl}A%aSLh9;SYWWNC{Bh|Ei5o
z^Xga~{A_G&o6pRtv5+uC82vz#81}x+lr`V
zG{zP`nZ^>8ZX-(bgenE-;IGrh!bO!}VqWSlQp^EU0Wv~>-|iQehVv(Tq0J$ohYuc{
z``e)CUKsKcB7Z@Sw6tU|C?tf$e$=5hVT!I%oY&u;ml*>{EB+wlJcsN(T{xZ`EN`TL
z&*)JE?+Qp8to`aOI|!TBk(M3${x?NM-{3|$P-rg|yoBA%n?lM3|EI{bH~RROp_9u=
zJy^^?L)3yDgft>up36{U-UqAh*$_oQ1zHa)AA$;MIleGZ3B2rB|DZ>qf3=C;vzgGJ
z@eGm+cj;b1XXtF=*370Uac(^XhtITXV%sy5=HRzg1h(1R8Pn5k({+H6H*!x00*|TY
zjyHyS4Fl+M^nQ-UIlI-88`A2h3`j$z0y3H=;DjWImixD3dRrZOlWwRr+j&`KI@U{Ff6i4g|GP|in4eCp#-8F1oO21Vb}?>W
zqPGvg2GN=Aisxlv5Cq!2BQlxo3BCQlzu-Y~NrPl^>d{u;
z&#tHhDOC`-yVznxwc|HM`q6ve?cRCIta2H28f%II(=a+
zxx_p@q)pC+5QMzD3vMTucRq-`5b|N_b`_yvf6oYm-oD{HhDn29(iU-G%hxFwHMuSx
z#_hQ@*i`%Q``52i+Lj=K4pP1nWKh%&v3bt(KdxQ^#{^)cfCE6l7fd3!KIaV*_i%_O
z@IT%jK%&meY4!4V+Dm1``0<~!{46#FvzNGUb^T&4|tRy{O
zRTLy|!EfQU(z=|Nz0
zKuCzoEM7r^=tm6x9c9q2po|Y+N=78`+SIEK|z#A3Q!n(s|eA_37LojgE
zpp@07#B4a|Bq)fj$ph-%l%m@i<=H;Fqh6xL6u6k+ah9~D%Df8=AH(0eZ_e#4hczq3HYWrg>wY}hsgx8;F<)P&
z-rzm`k>jvMC7?o$kTYbrv&IdQRGJYs3gkb{SfS*Kcd4LxbZxGp(*LmR`{xIGHTX(H
zA4BMy5c_b#%Z8va(Agn11kfK<#iv
zo&)r&O=DrsPK&Gf~dIZt@%El
z3%onRJ?W3n`s+18VVs7p+BsfWA2b%`a
zJekW{?5&O&EyrVC|K!spDyhhHYsehX5x3!wf3FUWyxzmB
zRmYm*OzpfKLQN}TYS073%}q%THA({H47X22`~mgQ!*;pdZ(8>1^v(H{IhNn+D5YUt
zEaVa?&6eDJ>^+QdsZSoeDaah)_s*MQ`9WU>kF!3^oEl`KFXky5I<<#qr2DQMRp-+OI@)%?6JHM}w`qJE0@(Oio)&vgZ|`HEhG5=eB9$U|=->+`
zeEet171@O0WbN^cM5WPmJ8*wtKMjGnh)_JLo((x-cyJb5e|t?XUPl~Y{n`+VhnP3V
zfHmzy6xDD9yYA4@(M5v;Xf3W^Oap@4z;_5P%AxZ}Tfx=oRR0FV*N`I#vU`Y4bMDe~
zbrnG7zI*#`Z*K?q5z&N^jAWrBtbxI*dtj956{{EwXZu(+fcouZni5UFD?EG_cfWxB
z+P>4UJF#b18A5`s)VkU?A^yVIWObyvZ@y~!WJg$HupDnUV4JhJ>*b&7IpWR06QbrY
zqSf_75?oqF&q`Kw^x}f`lc!=g?0w+
zg~jn`3zo|z5zn~$*bTP(7Q!yTmf8ZbL{B|+(+)v@im0g!-#kSC7p%~yA0%zt0Kz?H
z{MRi)X;(tQc`AKm+0Bqqu*~!OQg*_lHtBsfU6laBHF`>$W>L~u^@86vH6uAU?Ca1T6HhJLqc
zHR%oLIz@(mJ(lBUC122wuP`Tg`R6KOJL8?#=$$ZXOwAxAE=oKd?ozg-FPD?PjPT4w
z$-Z2xUXGFsGxuKh2R!I3^U`wDvk@frKy>ugm)(JW_J(dIWY1dP
zQz%y>JMJ!<22jl3vc#!!o+JfJa>-)TXd#`_OtPQIPx}pPALyVL75P6uQ^2jb_Ll%e
zqc;4b=1)Cxs59yY9yeqC%CQ{uot8SWwO5)a>(%?&VQ@}sEyUXny1BsybnUWV?(5eW
z0F6oFb|f??6c4blv2`F3Qg~P~At3~eaaE1S1jdz4E&kga-^$DXiujP`T6SDc6D5N_
z_;MECxhb|RYApxPOCU^yjlfg?cPkhWp>>I`&=m}$bH3lK08p_4f(bqXLkaM9GXIog
zlbf~lZ*A9?yh?bZ?uHLGBl<){aEAJ=7fS7;~}Vn`pnjO|gXWE?tw
z1CAMxr>+c&@~~Pn(fR?)*#Jl(1oA<&
zRHZsZHL*T_{@h51o$2^OXPNiTZ!6J0&*h<+Z9h68e~~LK;c^0Kv9*oPCaFTHHtU5l
z%$tt6F5LxO%=jRsaBQL30nrPIy_JEnwbaj!#*UZs-nCt!e(D2~U#I84Et;5(@c?4pjeh0@A39{asPW|N%>M5O
zbQIvMm^BZ7mOZTOJduzh4OC9tiKbJ61+lQlexybj*+@GYu0?nwoo@<{#u*`3Q#3FZ@qJq)n_6pNOb^
z!EZ}Z`0>?0>;o`BSB_8Qd5V?}q`^e^MBa<}4-ykp-Nd54D`R=>cP*P^)z12
zO!}N3*f=oIFI^Y=)Xm8`H-9=;R{Z&$nX`q1{DAWwJucm<*;QU;{9Za#<5Hx;Sg01V
zB77o)*PSe1^9=J~0OuVc4P6&|@>fJ)od(u8*_YTmd{`1t6A|EEL&-$15QoA8Xqsf!
z@T1pcXKuNjaqw0(0)DFsJF#|e4g;gE7QH#sC{#tCg}9X0aD^!-Nk4xgJ)%wg
zzsmtAN2(1xI}XMLAX<4sGX3qT`Jkv&t|^x0lD-^!N*;j{9J?u!<#e
zefIE1P!3d>Eyf=5q;P7`2i@()ZmKHTh88o5>Q`F=J$=aOuS0|rid9V`Bm@pl?!v0ZMtL^k(-xLD>6IRB{*$L
zJ9O0Ggk1F58*>od^DgqA-(H!~z0>T|3HlJQ4Gz?0V9TxtZe0Qj4b#s$WJ?^>r6PW_
zcK_$u?Wzq}gwGVxKXQZVu-Q1Ti43-23NniXAsIsgwfn7A5)L8(z71_Q_flnn-Q7c%
z{p3A-JpsGYmL$M9;5yBhy$BzU`O$w$#}JIcanEB45a<0i5gx4xMI@gfYa)ugZ#MRc
zsg>%Ve{{NH0EEg)U;py!mAZlt2uQ)>=dix!xemPXKz>QLZ4y4N
z{Y^5Z6WkZD-NPeifEXpr8cMi65s^sQwG+iA20#x_v35*j{yiX!LGIwkWD=!bvjxRL
zk`l59vCn27YOJ-sI~lrXYo&nABx&YQKK%`jd=1I#?w>AdE*(qhM>T53c!)J>bx*|$
zuN>AL0|kRjcR(Iqf>irpFDA6{0Q5C<|8qNuBK`QA
zXsY0|@5^iZF0)JAZ*~!BJ7f>8+O4(f7i0oxwRF4v2ifQIlmv7k-K^q)3utv?PTLjV
zK(`;(f>Quig#EUkRm(%}bb{8eo-rI0-*c`e23+_h!~gl*&k1@SdFO3rso%mo>v6D%
z7%nX_!Ae#Jd5>PeJgE4-C}PSrkqQ5>xWaRRy*txpN9++P6;(JyOHM&IPA%rnjyhZW
zrip^=_yE3fxvro@B_s_pNU2^M+Cm;+c5LBl}HQv&H4XWx#Ii88W8
zlOmb`*QO+#)DO9YLuIbySms&*d;1Q)GI?kfUIeQ>k0sk?6!&S?)wVP(m
zXgu`RedAL0I;9T8&Xv%h$((356ho6L;KA`NGc!T?N)rPq)A0|)rz9MB4!LFqiK_T(
zeYtm$C0^$qcf%5J_6Z5QwGhWbA6{<7AfgVXX)3DK_1XTihj8B0Rd}xpR_bx(B5MSB
zMz2j@{x1Nb{tB1GrL!s`Ua!Rn`S&_J4c06(ojnNQ{TAGS`=8E5;=XVh9J=dKwaPB=%LHX|`9O$>GGIl5Ttl63K#nO9!&fHzYK*8DX
z9Czaa>SX6W*B=c><@fbN3*R3i`x1XGKwE#>FXVAAMeM?1pcvpn2U3j|>y5e%pq3LF
z!vD8boqe_tKIrI|@VqeRj-k+4*n0~rK=ZAw&tT5B-ETq^ij1dOTH7V46Y2Z_101u5
zTcXVP>V6F!F7!0!6?#FE83`o~4HRLFL!-t%W`sM=XB)!*cKEYTgJbR#*oj*)oOr8w
z&2;)zuw-3=U?NG5h)2Xk9enTkFc5rg-39gPACl3^U#-lyOTx)WV{%uD7=+ht+UElJv%r)vIM_pv^<6VY)`g>TBlY+QFfKxksR}2PN
z!LR}PeT@OCp@!LJW4Ond1H!PIy|%k~@7C_>7`SE6da~5SFU~z
zIE|YIZwRT_f3M(==o&F`L~Q$FVEUkP{8hsVEnC7wBrxC*8InaUPRXJaD{F6*p}Uwg
zHb)H+8c7}T)78J-*tO*0Qzbld(b@h3NL7N$`GMG4c)h|6)KaN9*WcAdHPnCT#?(BT
zl+KQz#LtFqx9(Z1);8$-=j9wFmbR|B>p@7zFIJCJbhaRS3>DWkjaX07z+l-ZiVgO>
z&E0&9-aR?hRu_MZ#E9$TE@-dKH0MO!VXuttkZ9+Fw3ivn;s^IF3b`NsNYb*J*&X?6
zt>1EBLLm%Y;OGB78>t!S!U?vw_g>{qiCX7vDW8;AIW%*^J
zgH#ZjW?;oMNcf!pF#C;QhZxxeNrN)(Nh0sqb^ZG?J2n-1B~=w|zXbA#x!_%C^5JmaLp)TGF+R$F^r2!6k;8l|bKGcJ
z$<22x+#_p|PhJjZKsA`sqj~15OhD~dygZkukx>#Ve?HW~t_AF3E*pC;AUV#}NDos<
z%6=8aj&5z)@yy$#-6Ak?=)5m5`Aye!@OuT(lO=J2~d-|x_Emh2c
zHcLGlC$jbUqOEaeW|e_%_`BeXC{%Rdh9<*m(gS^epA8I+Oo{pJ-8b9gn&{&jTu1B7
zG4#@7IqT2WSP_c}Vgf^M71*tVFses#&_mfda}U3_{{i&-;1Yif`G>hK@WtPc-aUBj~n
zk_JN8uHjg?jGyRz*Y8gXq+=maCT`{Tw(xlSJEX0g`-0S?4TC4ndm-;2^;X&Wn4L9<
zOe(*6`0+@qS$q^WSgZI%J|5A~_g5BoU^A_xac5c!-k4TY!lPC5()#`5Sik1W{br?Z
zy5(mQ7#ULc{oX{Wwk9RUpF{n4ZOP}`0FvOcIw*AG5p7SB*)sU$l1A`^S(<1
zp}M-qPwAj`tv2#}btg12N0Etx1DC7Q;S;R+7+cS~17N3_hhtVJI$*fx5q%)X%(B}|
zXTeAqq13y#6Co9amZ!(*p*(UIrit|rVCsN+N^;f8;ib#M-_Q2
z4ZqF3KlyOSW9O`~G94$B=1^QThpaGAJU;83_&U$4iKF4=73WBUA9VA>ft{|oK$=klFRZ^M_nHE&
zun%sn|9n>|YFFR#UN-Ab^xlVNeZ3eHg#+8Y63@0bMnCX+uNf13TA+$D$FpyOSh
z7gJp+QsL@#_uy%gseYjrAmj|svph*yPf)EW4oK76SWdghm
z;4-BQIDN<@*ctd3PFC+lIE7xqo8Y|l*&O^#ScmQe%5e842O5pTf4j|Dz?0wWFQ|6p
z)E052ynHU>BJQJ=uOwaX*8F|<_|#bEgrhPrl^?BWgelG0t!A7iA8qg1k&54KF^JZRI|m_9Q888tM}WLoo6f
zC4IG>eL)TCGz4_I@1nNPYtTPF`~dJniO-?oDFk~{srIHKFDEGD~lYBeP|eyhKNmi?)h?ozmdA{dI3gpM+<
z_x=4i6&$4%k}ievHzV>c8G7h}w}2u)bg7;x>
zVJjtru7vTV@wC~l@r1yt)_ii(+kZ(9yxUv`&(mH0PTU;(ehTA)+u@x^Ja#MBr4Wt?
zJF4Xk@+)u@xs<~J_2b+Cy@DwXYd=PeR=_6oF*ibh4bo;-EUh>l`_taN9ErB~-83*1&0
zBrnvA(^;)X7pzj~Zc>N2=<`2VGn<=JX6LgCB+NiF^54ntbd$$+f%kAs4qRmu5)iHf
z(>_qBu54){n2YA=2b2C_v>A@o5JbKurloyJYcDJ8JAU@;8MCl(ituPDMV#sz2u12N
z1znueP$G+x$UPHSgxp|KnxJ>$%YgKj)Ee(TVGim>9m#beZ;SpuN{Pp>?=$;;4A{85
z+n64ZNPJcA_|I`VQOVWhtWQ@$63p1?>0({O-*BTTl;3Z~sFGVqd3lshcA50zfSC
z?239ExHm;{f(Mt!uvYmBshajXi~$d?I9BQ7j}tEEKc#BV1%6b$LYlW4UF){>r!`U|
zu(DcQ38~fw;SewGz72w-JBslng}&2^Qu5ylKP+B|EC$Iz1FcNj=Ln{h
z5S%bC34ZP&w6_8Y4dGQ5#Ui;kNkzgd7hiLeLJ_?SXu#KY1(rF|T}2x(
zAus-vWURD9JN~!y#!nBDG5mCSOlRu?T&LvoI=iyOQ#OxBUJTS8OO=OdAzW0Hbc$R1
zAz00=dxXvOJw1yhMb&&+Z}QBAQcRJNmh7>e{_z|II40-j_@{k_=R%fYoz56N^a)6Q
zN;duR&z<8I7)-EnbfLChIKbr-AjB7p(2;|4+GuKvqRb7K@*3n
z3FefYQ_lP_vMe?CJv%-(*DwRUvvsK&Pe~$OimWoWvR+CFHm$vRJn5E`z@_PxaZhS0$n=!q
z6#|JRB=q(FjwJFtGR-TZGBO_?S{q}mM9yv{;Xjctpp*2zcY!+pXI{^fV*)F$WWq}Y
z7my4wfC^i3j$>3c+L03lfeGejoxp`M*xnF``*EO<|zP`O35f{0>=ND&A
zU8q-03MhNk$#NyNctBkTQ$D0PnSK44Z*6an(Q{n?SEUUHyhpHa?S0wop5ADSrWUn*
zI&2ow4^3HN*Y_4!%)2XNZ6HRCFEAR+X3_Vr>o|;wjc!>Osbk2@De&;1Ca0NqG310=
z9foLB>FCb&i{8Rf3%oUHN>m$&ClQ3j3SmMerIyWz+j=b1~*i;L;$zPII*=|+vg3;!bGC6oqQo9wm7yk?Uu%Q
zGT!)zjl}@)Ui%+^@XLM|@;Ois)FXIbeOyCvs3v#6{CKo7ojub$nbb(jcn4ua
zgRHYTC^2;nF$)|LCX$pwCLeK7s@il9{UMR{?HcTjx-oD%gaA~|AUM!NloX*x4Z
z9Rl~mEnlfV@RM}?!yezkMj0wclZ^d9n^{QW8D_;MQ5TX=TvL-
zYvfCPB3~-aQh!6CaK_!cjNzVh;T7}H3u0;=(7>bZ=!o0486B(=iEkm;0Z2`fkR3aA
zpfvMo9_b&~Y>wNQiurWs?{}N*8C{YCw
zX6w}0p-5-a=H-8rB*Y13wsLd0n;o3X9-P=!TSDLgKqOiR@`3=%hE^_(v$b3FC;L^*
z9N4bCt^~#fjD~ANl*j#paoqV?Xle*jX+3RaCW*S6vtA~Fi|5YG=f3wVEOyTnQglIN
z_%ezOVh4Wzh}@0IW?DVS9_8VrQnD+TP{Yx9%qL
zs4Lja@j8E8#{D(AH~2t-d^8w5h=U`X1-?xC3$YEIw*n*?O#s+l?z%N4*&P@P)TxSE;
zN0`+S%JBrz;a61+?v&TVgf7dCKVRxR;us{OK(*2I0#POgxeOWko*wTyoJ%)5T!n1i
z+%H$n&*Aw(m@S_Bcc8N_3_l<-a+F}1<(jjXD2w3p7m+e>_INiRb!K%**bD&dVr`^A99i{=i(4oYCHxkgCt>FqJf2EFt>irQf{&XFW
zlpgs~-_4^xkkw(b_6IDig&mrcY*%AjRU~YKH)p<(X|!-b;~KN+`-i=|6JN}N8f)Lq
zwBK?(2U&BPiVo5ns~`tmBKIidobv
zc#|R4c8cNy?b%>nf)(sy$n+5y?OCkzz@^pGz}p-PwKrpV;!r)U47R<2yEUhj7Q^C_
z23<6)Mi?IcW*x)25_H`DWXqku2)Sq#HSdwiDwja0u)UUhrTKM3E^Gfm2#$v0fdDjL
z-ps0M=4!GB*dN}Ir8}*(w5JDpRU4TSWn$mPrzKqen^L+zxyd8Pj8SZazWE&a}`ayBAblM?hi1`E>3&r4ub8yrv
zfOHBNo+|%!W&};kOV$ROQ>q-Zlr2%Y#J>%9>1g7DAu7~h4WS=iYV!05b(Z!Mz*!8c
zpBczmI1dv_Tn}Li?IecEqZM0D*_TvyZ=ROh4Y>XS1J+HL3XE6+4D%`thkp(XZ03$u
zxm*DM$J9q^4j9BT9WNaR+F%pyJ
zdONa-!82Qavb_`Q8VdCYr6PY*8wr46f??~w9jA!Mp;iVmR@qYj8I?pY*J-FJ#3T_@
zGQ^o4#RsK4lAd3zJ>BD_RGgCYRI
z8sqhT!T=jN&=l!(rgfKbA@TXowPdb>SP~4688*nr=1$4Zb}Aqh@L13uI|2pX+RzsE
zGH*{vGY?=F08Js@beMT*-*@ZQtzcTI{hIGwBIqZA%+{97?-9la*rhqOL$|x)o^kOw
zJ3a8tq02?-j_QO{y+2{YpM}7HYqxxGe!FzbaN)*wCjz_I6Bj_U$iUSc1oE>cOX1Yj
zn;zz56>&$RuG4cEexK2V{e_4GSm62U2o6LXQLrR4-<idzxj3xzO}-Pf&$~J(2Q)4`#tVbFs~r5B8;zm_S#PIvUpctqK*C0-
z+FEOt00+syz0;^7mcSMFw7SK>_9IS1vkG_L(wQEmWLQ;TsXnZ@a-j)&njp!LgbKvC
zFn+i1;kQqPqFLecbx=So4=f_S_)HlpcsYm5KY#CuV7LgfyqWjF>*%)
z{jOQ-qa<@0O2S8P4WwM7f%^jHE-kIgy4JjWX~ILt+3;hFzrIc4QBE
zLp~ossRsCAWqlj~j?Ij`xPPU{{7`t*DNmza)Z_A?2x%
zB5tYmgto0p1Tl{)I`M`a$^5vTGeju-Hz)^*bU1lN5i>!yiYo3*x}$BI@w-sev_4Sar>CK6cj3X
z8i7PWvQn+2mnzZF{X_w2M%EU)Yrgb%!r)CQ!$pt{YCl+V4h5q`
zJ`bDx4>>o78J8xfb#9*EXhe?O*xCt|fFmRFtMzh|F*
zd&^`03WfWqB+Ci`P1FDI5J$rleD8f8
z=P9IAR8<$&g+PPuJn`vVF$b_5UPPfSxbfTTYmw-Gv^{Wgm=B|`vQHxsG!T<#=rqy+
z);P%%C(s?F9?k5UiPtk$-nm?|(N-Uq#Tb1yTH*55t8F
z??2HO00HBLs)@C~QI2O;8ry;31+}1$DA1KW)oxrqLbD&s;7ojDW5OuMDkrV}RgV+100@`hk@0wJQ6}XM2j3b$T%BM&&
z_Q947j3GztE^`0kl;D_00fEAn?N16LeUvpcU>H?R$M9&m9Tkjm^6rDQ@k}f~-C~ni
z@bfkKB(Z6F*6`ZVF_{kPUiaSa*M<2oGwU^=YD^XLu+@@d(;?7kW>X11SaGw8Ya-*c
zLtUk&(9+o9+gjI;#)%Fi*s#rHqv5yJzrH)-ecMAJ;Vv5MP<6i4RhQY@nB@QJPku<9{j~2kCz8zRTUL~sN*$ll
zogbLJS;IB+h9Tbk&)eJ7-}uNy=C7J+Gfvm(%yF$Idy1pggN)+-i$O*`$~CNn%(E9d
zns6j)0?tqEI2JNFtB&;QAOR1ULjNP}Zc15T{9#e-*~Tm-iEgV%{|x!r0ly!@{na(6
zcp)x7<-kdRGNW$K+dkr-ZQw~=wle}=F{mlY%#CttUHewvZpWs*I|gw7U1^?gfB(#J
z0kfkBK^By?X3Zfu)I#>uU{3pUoAWs+_&1u_Aii!cR8#Mnhrxq4Fe-0%vkf9B-o1;u
zuKwoEw!w@_xxx2zPq226@q>j5I*GlRIsCJmX%TQs*97LNeKda~xhs
zn-|#NU@g;@-H91o1&mX9<2>F)A`ct+;
zHLnj2a#s$_8$v=G&kW0LlTEwBISq<*oPEKHf{d_D)6v&g`Ij&l@>G5N9&VW2pQ*nL
zx+`Ylj63raz=M$HTT2nZcq*x)?hvBphK@~4&JH+TnqN7oV%tVgr<)MRf~W>h?D;x?c_lolF_f!bpLy
z;oL(3CyDrpb`*l01X0`>4NsMob#&iP1pUz8Hl5nz
zz7l1=$>y7J;22_XuNurR0ffzP#e!z|;_&vG4c6!#-)BK0-
z{)_(A2>Mhy@}ZJDMK)QUxe35nd(GZ#iGYl(I7ow*`rCOo&mT8S?*{O>aG0JsbK51~tJ~ub9OsvN#Pv=E`MC=>u#%@FgIp*|I)l@ed#qNP&|u^9Z6=R3>fFTU5AD{l2w|-6j5S
zU&gW@U#QCe9CZ(Kd2n$kJwwND{u&fle_8E`@n0Zh92|MORnOG|Z~m*SxP^EKk;%f4
zMHjv}9uVE$zSuJ`0P(u7U&pkQS#~gkh}cCgT$Xv>PZR6On9D*d&hS8tb`(an#Gu^5
zb;zjw^U)d5&9kIhqG)KJh@fz&f4{|gAC?tzNAI05hhTg=*0|LzEbs{OAtDr*i+@$a
zz(S|zjT|s6`U;R6CFPrN7o@GmAT@>GXXE~u7Y
zL|ojg`YtL&u6PLXUf;zhPHBlETQ9+{c{=UeCZzpitga~kya{eH&t
z-1q(5Hwt<*wD)#XzX((}$mCdJ$6p;R6c15|?VXA9H05l@CHaQ!6wS)_9XR5trTd&Ly)wq^;%~#MM&@GL!
zULE60Eg0CTV+>H3!KR{T&>7_;Is@06&KlGb5V^xsUJ8?I$P962GWfcJ61V+=)7La3wM6rVQK+NPnPwIk5P)g%1=D@Deep6aq
zcFK_7_iVFMV$@ns-}l(rTVu!L1k?M80|WQo
z*(q}`fw?$CQr-^$gUOkOMPAsxW^p~dbaN|>MhF%z5&Pe=g!##hl3I%v#gApArk;1T
z%-9f^KdUt2isi-`l+QtZS6Y%#wpNRn&C%IT8d%oZ+-Kmp#RAZ=ju9K6l<3`
zX2`+7a?)}DS0Gsh1>DA|?rQ6r&y#X>E)uvY`vwU3>gmQj|NM2FSdT}7Yv)^C?+a#Z
zR(QJ`*e{3IkOSw*jVe2^&s%0=Q(5Wr9v7h5U^+dq<$2B)iC~L}WTvzCod4WD^X`sq
z?P{qvv~TvEgTE+2ncl+-j=$gohvP}(Bg|cS>ZQgL8#ppMu
z?1jXSBKsDdst-gFwXc7W>7!6Mvrp;eGLAcr5BEI1Q$gcy
zZ!hOFrV%o$@)GBnuJmvvqTLPISK5@3yv@~}iTNNTf;$$JyWbc+{}azraKVfGJL!;>
zDczYc-ZMgEqJDlDgCRdp7iQEDa>$)+0Q%CCvM_@sKEOLzIA3iJn!GT#wN)^gc3xOs
z7N5=qO#Aetz}5u%F`t|p#=f}#poP+1|J6Um1`_UT87+gK8+E^WeI3XtfM-8xX=_Wm
zONIxZS{S+nvEGAc7S?Y}W8S=Zn)4LF`yq^X+are*8-{i^hi1eiUF9nRdJQ60_vKzv
zDp#C-PIbF1g5FE*#cWl-5WV+(|0HI0-Dgh%qV()C7oDy*wzOmv7Loz=CueMY8KTDg
zR3to=dVI(sJDqcDn^TVm{vqsX(YmtX%{GfsG@CrwU_zSF~
zqW{BL@W$G!AW#>sac(zV@6~K;SU~C1;83SBkHA^py9dKDvgtR#5wFa4oCM_tE_k{p
zJS49HW>7iz24ZX-^Q~cTTMr0<4haUim=8V2tQH%8A3!Q3?C~R|U6|{<&_nq=_==1V
z4}jl}nezbRUgeLKEt?|xr|%Ll9CdYbxJS)IirSz1ZMt$YV^U~+#Kr?ueCSuH^}FtJS1{^6EH%FLu}Sgl8TQ{y
zkGHm6pczgHi`zCo4%a^Q@;iD$TF>?`gDHuQM-%)kzQo15HucrM_}gM|?;?JSSC_%6
z?6!UtqbH1t=g_HNPgddkHf0WPi>I8^DKhDPP9GyLWbeR4B$zm=%)<)>gTVqh`llsB
z^CALVZ3pztgAgSlVzq(J3oV~s`EEbN$-}d|wC2_DMZ)s)Ot{*Cpm}Z-GC5IX0`!tzS#R5%s`($_^TEHXR`Y|-x
z`$vNFs`3>*z|=-@a3tZV=3;nHqAnw3KPJa}-LsEaTsQ_TeU=u)^Ex1C@
z-T!K95aCLpX}#C%+1;=>F=a+Q
zAMQjeeT)~fpx9j-wIsaf_QNN!Q+5%FkTe&f;WrMnPJ-j84om^vO(0zzaxTxa-g|d8
zMlmon6c0|Ya2kGW_-@nTUFJfv89xn?eP^wm(=r&<;uDViLc~ui5fk{Ico|>mTbIcJ
zD~Es2b)|M;3Q8Oa{I-0;>BT7$MXce;?Tw2@6F$AmMv%WHbEwgB?>2~Yw3_+4U)-K_
zGbjoWt^TmcH`v*2wIh_qkqYnk^%R0CYd+_x*m$O+BWg?(nyEEa>AJ6v
z_f)&FzCkm9g#uNadubQwd#tH$p$wrR2OiGjOFkUIU5*ZF#j`S2SkZ_It77v!I=}Jv
zrUH|@S1vLYmYQPlBcZ=%WTpI#3~Vj0^9&3O$dyq5q15lRc8pesOR+EpN=gLt&W|1?
z^lGw7#R(~jZL77p7#fp)Hs8hp$m6hnGz}IG46~@UDBK)hbMGD*SQ5yMwNrccuuG
?2FDEdxIG^2F5-CaohSi7D!AR~Qwf9Z&8t@waQ@!N)5P?H*{2F;
z+(j^2nVn4sAC9sk@Xm2REN2Ycx!zcrJM92SM$%S%OboNz>H`gpAjk+pLr686Iwf-6
zX{5qFsaA#v=XoB5o{o;rH=W~$LaB2aBPgfg2UwiTVm)f&eB1-<`NsOIR4HDZXPl{C8O>xZHiNeUXs)a<9s1
zGeFDala%Kh*IXdVn!xCs`TBKQt>q;(=M5A%xfgewuB%G#ZVdr$)}szum{3*4i6b;?
zpcqWo|L3rPT39AP;r$(^zFu(HbS
zO=JfvP5Eb^H_n&+4|+>a@%W3o&Hf2F1d}MxyJOW}Lkef`Re@E71@Z3qp0t4QXlYdu
z3t(_n>8(d9$f3atdXP<-WXmLJpOg|C`~1(={GM3&R|J7yJ@mS-uOA8CT6{z%Rh{ej
zB||GhZc}dhNNzls9Z4J~)@xKXKz1wyx%C#z*T<;!#nzL{_;UrU>1~(w%otn(C-fu>
zI@=S5bNE|zfrnYnW(MT6zD5#7k3|UKr$=`WrsoQ-A+~BPmt1_hstY?_YW%6VO2Gw!
z?W6%qea?x8yEJi0;UEm30ui)$UDPo|*){!$V_a{MM*kkk9g0>&pBnxFvOESksdb1C
za0>cetxC6+$MdJXJ{^El8zQp=HSO{j?yiQA^heY{nH(e{=DO&;7Hg?-vc+B~<@0sF
z1_TG=G&VOI1BNCo^V3!&(H;PAs0KZ}8xlFul0<{;o(U_Z?`#s2R
zgmOWu=4V?m7kr;*&z_-B|40WXPf6pV!TF^t{hM%XUV#1k`|zGci%D_KK*|{E6p)sJ
zpthjHvA8>I)ytPTk52fEF7uYpynB!x_#k_G|Anb5R2J1It}ICSn@j_r&&6_H6J#C$
zI}dD_&mVv~s%&{kBS({&m$yr#;Qjmh)pdb?y39fBw}90ot=8@iTmCh*uLN)(e5;zl
zss+nW%YKH`cV8}QxVx{v|93qN{2HQ+F*Y`a+I3PW{{4gOjf3TaE8tfR{m*`H>Ph3H
ze%hJ+(RH5?AbO`D=@s$(wf2Fs2w7RG03G`c;4Fee@D1n<;1P(;Kg{Z#1hMG!!+Z80
zG;?4HH@ov<8G=<87IEss@;-b`scVYyOoiSQ^H3YfQN`hb$RcSmUHh1&!kO!gmBom9
z(f}qx!Dz*t_}_-7F;U?Bk*I2)dG&5Ej;D6x-DDT<>+14R_QMaJ!fY7mqjra-m8Vqh
z3YJUt0xWPKIrijsu|YE*(3e@Ff`79MB(`5mL3>0DYE2MXldl*>qq0H82qy1jOiWP;
zf@TnCfg5&#S00XWxSg^BOQj;@&%`J`IaJN~2_|GFkfakD8tSL?QC3BT1Ue!0(wBh?i!^TTWqHj+UKMy22T(@W87UrzT*Dsg{Q%(BoiMB$t{Kk!V7&nL=A7G{bHu?7ysIL2{Rp5SUy0Az~L4I
zc5X1n56}>-9C6I>S4TF#wZa_Pbi{#9Y)f5T9fA-g3C48FO~E&6{R(&o133;;9Mwl=4J09jMz2jt@lf2=`9Mzem=lik!4Dd90$n9^S9B6dXteX?wHvoh5kPi1{fz
zZ5~VuVnzmm9TZ1?>RG+aum~Yih}_HA7SMF7wmmcHS
z(9$x2ew?QquJuB$4te&eOra5c5d0MK;oju1c(~!hOw_v62N>FYzMG+yfWcWoOWo-
z<_V|X6uL|^cyk8L!YX}mBm!!1tz#B7U}m;BtWe)x8f{M~@qN6jel91KzQPqNfnSNK
ze0VR=EBqvae1xeUk!dd^zKXs}4$F4YyU*G=bl~`%R*edKozlUDKcVD2^I74H({GQr
zXIKrKl*0|0CwNeTR)co6D}azIP9SqHFsYs4Ly~k$b@yE*CFHLU8Jd@fe+RY$CIQ{vKo<0
znpGwuiJM>(xZ{?D;xi4k+n+HH``*SKGiE5{T!&EBr&&hZLI@ftK!zNVqIsV`698UX
zc1mwORNR!~ji;fs`Neq#+J5l@jn65i39h+GQ{Uy>A-RA?+<^t0mOQSyQE*7_r<`6&
zziz`p`Fz1~%z7$gb8p)auYDF#AClkGUsZXvfK*T%wN0;fq&NsEuXB+m+T{aY
zfBSrMq~=PsPS_uif9j~_p}fBgysrg}qq
ze~0x+OloQr(E4@m9@S&Jr9aJQw(pcPwZUL>BZrP^X@2d3Jgetf0x^YrtK$Sw{t`(7BHvKVqQ(Xc3#F
zKHRIUsbPe~BLByEyXN6w)%6;iN(CHezWJ<~!hGe?lpf8w0LsWV?q9+gbNO3*L>P;k
z?!9Nme67qDN=XiiOXchijQ=5RX9CJ^Qlv>FP2D?81fh;yzOYnv{#ieSyiFQ_i);Dk
z=Jm3Adn@rLroLVU=-)4`kNTHq4h}rDu?ICBz#B7Zz^pTA5-kn-$9ZSf6IO!PtIZi`
z3z#k-fh){!QJG-I*kQMD{>z
zifwR1TeC3a<`FVnV+;b_09F4It}vLYvMxZ70iWY?a5;f_gjHYnUzv-Cm~!u$N!Qum
zrk$3m7#gw2^rZmfn%_I*UWat{M^FBBnIC@_4C7q+B^_yOx0@aYFs%K9R+PPt8!
zQdMCLc-VNo>sf**%m7TGZAWZk;5?QQAbVfoA@58{8yQ`Vl)3Oh?Hw0{3+(+
z24|h!d?y2{aOY!Jd;2YzIDo=!$^|VGM=Z*NwUbx0$(Cy
z5irqI9G0cbqK5@yY342WJ5~05SyV;1I2c#7V?9uk*Le!Otjc5o!adqBc27+nRpHcYZkQ
zY5vIy-$rMoayQd36&pw;ZSKS%xDPuMYNiiqXPUb#7ir09TR{AJ><}JV#};g~v5T?Y3b+Ccg&I3$fVC}{PMgBmCO0_f
zmydwrb1b8%=Hy^GY3m0c5wKK8n!BFRsiUdyfM(#$#r*IDxa!^C4k3`1aTVCSy*Wx51GGr>MnT>
zjR^Vu5xrK@09YSGB}A=TR$2M3*QfZ)mtPk9jgP7r)2d{VY^q-VxYw`6tdA3*b^-`-
zZz28ym-e@+NSD$sX1QQH{rQ<0NPnVGh@`j2P?xZQAP4RrLrjQD*7;mKd?ziFN3}lQ
z-&4cKPB$tQjT74^^`-z
zdIqLM7ehpu4)IHe7qcL+(%PVfIO6%&UMs?21j_==7vg*4wzQaKzp~Zkrf~yC*^v28
ztwUuvARJ4tW294jo)S=;{ZU?33@SRS>9c-7(Ylu+Q3o$iGg@~&fL2?cWT_7}BgK>Qz~0Bvt>&__*$YHD{d(?$w9cF`q6Ko|Tgw
zlQDmw*{{?ZLslU(FzcM)yq`Dz7@xMd=Ii>rdmDryKjfe?TRT}G=8aSG7I~w~<4W`N
z=kg9aJNpgLoKO;+gEAdsN%b~6#weieRJB1WHCT1!Ia~El!Y?z61z4{gbMbj~(QP@G
zrj=>0G{1SR__kp4Eq6V)>zlum1b7!I!Q8CLeT9qCnCSqjZh&R%b1GAnS)W4)YEZcz
zoH2;Ie$?*j9WH9{%f6AWRzb-~?vZNcooZ_xv=~M9Qk$z8kZnHCU8}5V(6rG@dkrox
zPgyoa9Jy?^g>(^Ye^Dg0Ab+8Di$xYQW~h^CZR?j_Le*2q&MUvhbTFVAn983n7cIj<
zN2kD3Klz4m|HCXcQF7kvV!+g<1QNt(x866K3~e~IN6_Q4zCN(WE&1@_=RSo23I#`%
z8m}kTyXtkvvg|64px&ohSr>dxYyIJo#`neeAy
zKC<)@I~f_QdvszEOP)J~&H8IE&sFkjY~Vy)=*iB{58sXJz6h3&juiw8Pi8xIR7kLm
zeYDio<~r=V7o9avCG=X3veQmEf~N&HqM0D9VA*q@BHB(KB9(%knVLVsR7J7FWft;
z!@^cjM7mgUS~}P7EDvnuXLn2LR*Tf6Rdtnu)a4
zUMtd#(lY-zp=4!SYSiyj{&=lV!*Wh6b7Sy*W}WYX
zDk{YE2jv%Nv)}MEl&;rIb7k57M3j;z{NVAb-xmY0)$Zf$#d6R{7k$Yk{O_QXFcPJQlr
z=V@!(_>Mb($|NN;c00$84B_pMqL6{V^+Hu(*j5>nL%OF00>p(^Eg){Y_zEeCj@
zbVbS3DC|6uu1-$W=7QX@vJRwgyLRnPVL&MK_|>Xqsj(&E6%G-430XUXK*J3b7`Te5
zYR%33;IG#Bu0PAIbJe-vSvkl*(%J90liyt)BW&H&OMjV2Uifm?F{63&jdzcO|9_r3
zbylrpYq$;8d3iLkN#SVc+Quve5;-lc77LkJfn6+?w%E-D6UWhfx1Qc@7{tr7hG7wO
ziHXEhcnu*;36T{>4OWv-v)do`bJOo1o^CvzY)=vO~Ab-5C
zlOFC0qY5FhhmwkFNZQWyk!ImNHCqoHcF5=kTW7cGF)D(f)rQ#*A6Uj{AWWbUj9vX<
zKn0^4c#tP?sQJ_viLm=S2@Xsl07k)Jl|3^z7hwA6mb|<}nJ;)odlF-Hgj3s8Z>n%69Bh4H7ET1}
zA$MH#Tn-A9#`;d=6=>d_6MNd0uJBtB}MaFMGK46CA1VD*F)KF#@D)ZU%
ziJ93}JsUXpi}@Uh!D&VGyzX00`y@w@EEbF-Y0ozOp#6cWlv&~C;+pyL5$>>fK{FD#
zzz`c=u}Eds2Jp}K^0D^nI5^^!hN*K*pCY
zho+U|mvxn~*|$5YodIkz-fL!xiP!t)9l-)FVATnX_uJWo
zcW$OKB_hZ7C@@V(tP)gsW7jPe(|JLUJ^|wgUv|98d%(lqGzI82lCF=1h0$912*QH)
zS+4HL`t*rCZ9LjZ%XUCBU2Tw~dV4N`d@{f&y6@DgNwhcQ&}%LKtQs0Wn{S6!H10CE1_lNj!!;>+)aryj9rtyh
z6~n5`NtR5E?VT6BUsLOoyd@@n^`mMOGUh-e0_jYE9!+Z8SiEaoL<3P?4G>T3?oY}I
zj0p7G`fc>KK;Ph(kx_u}>a$Wf+ITc{0sJf4iCOO&xfXH)T82vWDy4k5kbF386<<*8
z=Ty`v)@!3FvfRAcw|%>1Q{S`h$)|P=Fnr#}8xv5iXN&xtf{rGeoKr+rEAwcrsM|q`
z7WnCu?XuKmr5XN3xI`?
zAovYrBlbu8_H{22G#lYYAR5EW9YP-prUi)_EC)=O?Bc-t#buQi5p3YcYs<0K9pGDfMWT>y|9L)cjS-
zC9>=DGmPtp9y;rtJEhVx)e)tDY2@mZlK>b&p1XqWq$N32&co*ZBB3#|t9yClN
z4=zwmBK=1hXKO_2g@tVQf4Wh;i@%Jgr@q~iAO0LkFXKT8BT9I!x-`M$xzAo*iaob-
z0POlNy=r4mNsHezejSL!{Gt`?AAn=5qlj_NXum;b!5WQQm=@uj{XN`27_0P=$Gi7F
zcp@(M=K<2n30^YbP9|1IlKpVWfs=;Q()2t4;sBRv?vVN&602$zyx^Q)SrWFNJ$T&J
zMFkoNXno3--@`!D)@J6Eo_zR+uAEfuC{I@vNgtho;M6-I70&dmPYlaa_#bg;A9ra&
zDnJ6o#f8PcXGZj;^4f$`)1WV*jW<-o#F&3kEPA!<`KP=Yz}eFxf%i=&i)xP-@7>+2
z%+WFw!YRvj^>x@?E)b8(Qt@Q(R)>;R7Kc0gA;DMOG0WC^18}mCV4wOSer`*66Zfkw
z$yeRASj{jA#&8PV6vs&(W$Li;PJeu=$-H0ehnUey7
zXshuWscv;dDUZi|^P3@sx%ah55-6&9AKD9wMU}1+`=`7bz!|f3{QEm>-bo8Gv_KA?
zR1FN+^<=6LZ+|%mD(FlqJC*{SB8Z#)QxF#e&>Y2NEU|f*TsYbHme6D)A>O8RSCJMX
zI(4i%gKM+red$Qjl7i^PYmqWf$;`UJpbI=@c=?VGcNz`(pb3ESplK+5pbuHtvINIg
z*a!`e-AOl8C%g(f1j&Br@NT}j)9_xB=DX{&VY-brOVa?ytv3rf25zObmoJlZDoE09
zP>afT#jKrhw}yn{Euhi=)Ruun9+2<>pEN?$78@n~r-fNLMc^EB`tz#21J|9MGD~cf
zBcnIhzekP7Y%{!RNXaOHY1FAHE29$cu~WQyoWmz@o+E%m8vFBpsI-iWg-Mm6TH}4U
zMylm}ymE~F!<`Ri8&5#zfk+5$U5?4)hD2^CE($(=_%L{q{~%k}hUw1M3X?Lmpl!l?
zrY|Fp_E%5+$7cQ1nh?Ta)
zwyUAam?{Iv3QKn{vVaw%K`4VJoxL;ex$MtgN7k51CsF8D!E#AM{vcyeZCu0OsDnE9
zNOS+p-X5F$b9^fNeAu`9K-lqH4-0iV5Tqf0%CRa4)aEy#8N#{U4Z~=!T-RiCF)$aR
zTjfG*%s={u^*AiOr0?)1I-2WZvyP@M`gyxw=MRZ(^}ho=zn?>Gg6DfUQGlw
zrWG{nfL`)I_w7)4v5cdye^RnI+rJNt$ISRj32bf~%|p0NpDNrvtMiRWB&x~dLYZbW
zNzw6f)_h{RsLN*A9h1iW1fh{dF`!W!zdFuat-9v^d$`et9|o2o??FC&`=$zc3{Ce-
zE*y1ESjFcK1ngLXn{Ye`q!s>MkI_uXf@G69ZP(nK?)E>X5%rOTQxIFKRN8rN+d}6Y
zjo;^gzQaUkWnzP;eSKX?g>zq&+jNS$rX>nv12XtL2A72OVPIbNedrD}`NXD_{geD3
z_UMV5Dl|xW4L_kASv!8g&!cAs2T7jhT`Wp?oKH|DkEoHm6x?m>R|fe}-_Y(`(SYAj
zaccS*(bOG7Htg=o&~u>ECqZO`$c^DQ@IeeAj28Sf3L=N<8@PQ$4S~pPAX6TQ{c7nb
z7^dnJgE|i2qB*M)FvEcA#BOeG(Oqn+)2-jqHZCbC9ExOm@V!X&`i&3$5keKd)%U;$
zik~Fv(f#}WsxrrvNHQXlUIX_#d;`PbFBSn^1~ABj#LRg?@dyKDAwXKf^gVz{fLglG
z_m))ugu!ssx7~L?&4u)3T)h`HhE&rSMFb6721aXxUON`R!zXh4E5w(@`*Ty#oZaVO
zq-&!ya<$C#bZfIkyT2|W?U;$%&TnD
z$r5#$9Oo%DTyKoOp(;25=Uo%8{OySY?|}xkJ94sC{;z&i$>-)#@r>(TGUE%fKc3e9
zw~Wtd-M)P;#dA%(^K|ouYtB2Uf6)NvLBBtxL6~senFAVrTS?2XMCh5{10j0B3rV(2
z5u+_goJhA8RJwKyfkj}KHN(m@IcIrdk0
zc}W4#o(;DIIt|(w{X^zuX%vii8hf5V3xiY*gtOYI>%hEDeDgm8G3~{9Ik~wr?VB^-
zW0MBLOE&Jf0{62u52K9PXM>w?pfnWLBL7gGyY%o*4U{I057XR&+b0##fl+Z+ZEfToutoKG}$5<
z&b1Z$$egg9iaoIuKZ{cDp@i;rWp5gBLWT+IjF(a0YMVm{^ErPNQQp{$hC42#rjmOw
zUx5|BZVW%a6hkiiZ|fNrm8llJ`u>C+#>>HBiju&l=_SYx9Rf%-;nS6=0;gm)s$*Mi
zdRX=S$<#SjcqAaY3kKa1*vJ=jv0c4-?s81)E}OJ8BSOCI5CjEii8sb=!5#D*e+yP5ocJSMfH_J*z^-UdfCVF2`J&H_#Y7UgN)0OPY*8qWOch=?2HZ`;V5PlcYOHOK!l5fqu4qX0>S_R7#!=3d-LYHb(Z>r2La*X
z;rcQeB2Hxi(Kph5{42Mxn_1YVH~(x|M-7#UKnqO_)4EwLi|`a%l5MMg4bR&$9Z@m8
ziTiV;Tbol5@^t+$$&~l#XdK#bFCR$nfR{nx2I=JEk^=Msxc;G8ox&Nw=8W%=JY)?!
zCnGh!!sqtjl36tQbmCs$LoB2~#`hWbIpm(VhX<9#K#a5gWqPVzccP~$;T=p+A
zG#J2fIVM!y;;diZ%VO`Gi)L}cN4L|}Hn6GIQWR`;8M+Ml@YZBtL`26f$cP5;SZzC*
z!(&r{i_|>2t&do#!@wQQf-q;>>jY&8doxLizklLI9ANuN(||ChYv#cDtVb{teNvEK
zBHpdOA^!Pq>Ll6Jw~VNc+tvAu&RPYi1(LL*uOH5~z2Q|*H2-zDm#s}vp*^)|!u_~Xlou<$)&VA~H2}xurRzNtTBcsgz#B;PY++FAPguy)&#@5~9
zM3ah0rIp_aeV?BPZCOi>p)o{5u4}#F(R&H^5hPkhbv9gth=4)Pyc1c(H)$0Ne*7wpqrWwYH2fOiV847s+cS89CaKNQg
zL+`n_QWSIpy6U1Soj&BAo@?WPz4@zbv?fYM
zcC6CCLoeYLyW8*mqd)QDmYS*h^L62XNd<;f9Y0JRY{Rc~%e1{wRsCb3#YO1D&v$*OcW^7DBY?wf1LBUd4{q$dC68z}z@3bOnqI
zg4eEnUtPwG{0e;YhPr%yxnrxon9F9oa&}XgR@yiaQ*hHZA53`2#uMv9H;2B6NxGEX
zu{&0ue|JogMuX=;m;zXL#dtor{2<5cL|jZvojV%9N@(pI-mJn&za{o3WE=ys1~GqP
z*tA*(-c%3}K3HNFWw>8oBijs>jeE-$E*u5d)HChIa$rmbwsCL9mR%+ciQ;Pn9~mBgiP)KRnn1D1m>MEj!`KC>)sQhIwq6Ss
zk0RE?f$%+qgoTa3?r#tzUvLYgff5kbC4MRzlAWO@ojO>r*A@&$Fl{
z$XRObG`uA#*R_*yn+hNM74U8s=fiC`gP|bdaaVD-sn6xKGEMzIyAGX{In$qU)&0+T
zzS@umC&yvH4x1g;iHps6Fv3MKmVf%XJL;O$5}T!LU$Gj#?SzRiM(GEsB21J@6II$F
z&TqjkX$;$dV_{YHfLzI*H^u~1T-1*jxR18>qGaaKB(xBR26u~_yK{c;06e*wpomB&
zsh5QFT_zg&TNGJlDyegU9Jz-ibRy`1!urG0V>V1zxN}X__-GLEY0A2gxg*4+jq%sQ
zA30*OJ~_lB9c~XzaHEI!>293?zehVwR-E#?#CIFzq$fWfX}azZoWRd}R?F|!onIEF
z73TP9!S|`nYWI&YcBPJ)_?8TlZ@a~!X|+5I^X;KYM~;nPbT)iZP-pk#Hp1(v3K_pf9h#=LEHV@3|WPO((V#BwQc3!Xrhr`wvgFE1j;vf&PO~73AaQTZGs>|O>M(TLJ=HFmQ%PiI
z4xOAHhX3J(~!d=t~U3M3W3bN?3b|tZFII{
zw;a`D8;;@Eyj-R#CMsdy&TYrT`Ryo6C6#=9V3~E8lK+`P*C$_|5X?XAWZ+*Lv>K_-
zC-)c?mf>aWGLz-}z7mqmxOK3zOj7W3Hta(3+VVoYfzM`8uVrH~7aOoQ-@B4zvgR$H
z1-4jOHn_S-<#>XRImv0Vr0Ia?J4DTP=U9E?^v6OOi>OJ8sqAfBXml+g5i^xD`mH_x;Ls3kD>J^D0an_SsMN
zrE^tej~Z%-W0Y6MmtJ`P@5tr>7p_|E9RgrDzCH3;_~x@RR87a#Rw=CCb*YWJfjbK`
z93}Po;!=OniTfXcm*WR#)-$)Jx8_aOAW%wjQLeLI38Bj>)}C4CDVSh?3)-4z$Uofu
zZ5px+)_wHBS71Xr9lUd;v_tvbtv<_1e@+pVR+Ha3dHpzoj!_Rzwd2{hBm?4vo~2*J
zPHxw1&fUwp8ND_Cj6UCS7meyHu|Fjy2q)6p{pr0ti#3>10n!@h&XW`0QvU2
z_6jb!0p+>PQF*Q_RFPf;SFiC_ZfDuesC$d>rd4r-=QwiSaWCqcGcDebAx*qMb=2pd
zy-I>?mQXrbS-B#sKMr0eL-;DQ{(!1(7}R>6fgu@_gYb(yLE6V&)?YV*iGfq
zx8jts=&G5z@u0{2?HuUcrMWoIqwnYG?_!r$;rX@9ce!ep*4M1ts!p@1I9<;a1gJ24
zfT!tMQtSXE9MU7(vYb*Pac)?CUsi|}s
zdUon7z=iJQ(QZH8B0+?6Pvx#-g~5XduNo|cuHKu}-0!Hd9t5lc2&G(o9fYQ`2ZZ{p
zSr%!F>X&=nbX8}|AL(FTy4rr32H+w(gmi?g1QY^HwYDw8kLN#@5zY{uNQn!iIew&;
zM2?zqus_saEzrz?qTPs(CT(E(XHQQ+W8*CqwG6f*?eL=`FJP-PGBa@m654k!f(sNY
zjO#R*e4llIpEm)n>C@-W^>F!G9aefWg5DV>wWhbqWTJq4!iY;qkSc6#&r|~2oHaj+
z@mL-dwHfiNGlWd@3dr)F>r7tW*aE#j2@n$?z?^_{1?CZMI5`QufB!!E_3K7_S}d6w
zXmq9RhDKOJq5?bymEV>dJl@k!ZC|d8F|ZK7
z@*9g(e#zjk=QS*nL|7#Ju47)gZWdSL71u)ALr7LykRt3;cK+H9<|sRx)Pd303(h05Fp&NCvsD$gQ%yqNXrTReC#lOn5vsC6(
z@P7`!;gSeX=VA@47iGIYQ&}fXi$3@Qpp1y3I)8Cd=ms{5R7PMl!;+GMc8M=k&^vRB
zuVqDf(x;_bF9XVZNs&GKkS*t@$_~X1mNQ(6X8@x<@1y^;J!x@s`BS;&%!>02SLoj_
z9_-O+&1B2?*=k9L@i>eoQMMD98Y+U{IxsAOC)F1voblOERu5lLA7=
zlUgEE5GD!?5(rw0i;I(dq>Zmqhe3yjG=UO;ufC{a4T_rKJ}mrWNh*KY`{S!wtxJr{
z#(r5c8UJ;`jI{re{^K$y@#@5W5acl~z0ZkY^OApJZ_~)wzc<`@j{87eT;nQI)hsM6
z@y-8iLHd~ylSdCzkAt-$jFjHhPj+m~WwO?J=Z<8z%N|_;R|VdJ&ZYr_WCWP<|5xy?
z2uEX~RHcrEnj@H^;EoG!P83DxSD+rZ_0OnrDKMB=88E=qt0SfMcEVzH%?ZU50c0(yXlYF9
zM)c=d3Q0JU1QXMBR>@Z%|K^QR-1xnut6S-Y1w6_*c>lkJ-$|R`KvOlG|MRubxu+kp
zOq3lQ3J!S;HcuzK?nMj?u$!)&iBFE1{JFdU_c_1O6wBNEm>p*)Kv}?Gdm?60P`6S(
zN?PPXhWyp3ho&Df1Fb(EwS5#c&@_TOhbIcwzz0{Le^g`yh-zzkf~{4CSF9{6LTYKR
z7h38HQ4=#!ELeEn8!&3NT^>#<8^rPhYP8{{7_c47Ro?%Q1Lh|i2aSU&@C`i0$e0nBhxI=wJ;I
zuNxngdx!qzxD45lZC4C7J3JO3f}=QWaFh~N9N#2c*9Nz@j@5p;b&zuGc=f!394$4~
zf`xm;e{vXUKvgH-)*c80$rGY_Vjp^57WnXYUVoY{pel79N^Wm7&`3QcdY_Sz4mXpK
z=lJ>#jq(!~{rx|+=_MuS59mbIV3qPD$*l9)VWXgiMwp`t4L!eY23wnNo|Wr{;;g80
z*-QS?nW8NWTwN9pN-rCnt4oOxMO^ajhLDM7t83KH64e^s(c5S>yxXX6qCPrMqVqYu
z@kA|9Z3I8Lm4*4H`ee}m{$_XKe!gJ7|7DgUNcA8c+L^K9B%@v_n(Wj66464Vpv%2%
zz4Q>_Hng5u-uIa)H01jL1qtxC^^ZhgLI3L0YdR*GB&{|vHs)vX!W$bZ8vXbcmcYb|
zbA%q&NVs^NEM&O-mD3fbmUzwOK6=>qBKqcy0VDYaZ^0#r_D|NL(>+opcMtE;(7yZ?
zs`i23_|^-#OQcyp?xr9FPRI5nyR}tILBW@swkr-5d1HTB#|cm~uty8JJ-sEC$#*<&
zqS$X$cRI56?et_VrI+uXswG9pl#Kf2y1?Ca_z~q_!&SVCk^=EXXj3K;--x68L;fkW
zMUL-xbjFI=GT6>}JeL0H>$CjV(edIXkFvKFfW-7P5h7I^`Wd^FUZq>zV!Z3R$QjpU
zCQ+awqm)zqEl6cnGGxu~EgF?J(LBzuR{Ld53ILC&5@jmU
zGj#GivX5_Fw)K=V<8+}_5o756{AE!{sdgzJFZO~AQ*E5-&@d*R>*;G@@1UK56N2jO
zj|0bfl;khmu54a>()8i0w;q<^Kwg)7+f$-APa#d;^GUVBf2;koFF-^A_a~#b6%PQy
zOU~EfG>y^v)2NPs@IaU~XJ+<@p5ik<4*W@r7Y^JGe
zKIr!D$VvU`5*q-3CA`&(e9@Dk(E1AxoPJ
zCb}rgjaciDQGC%ZId=$utq#k*G-pA|3DS?jBsw&=>q0l>m00GQl>$CDDP3x9klTcP
z)$JU=iK!HM%lUF4LT|9&E=pZ|7Lj`p6V|nx^Y_H_-8!*bjSUVIBl4vQ*E6i*Liwq4
z%a1I6nRs}YEmD-u+S*^&viq#IOedpadTh%79^J-lqf|X%>WWa3orIUe=-`aY#)qr`
zI^S}J-q?vds(_^0afCwyEd}mR78p9i1*;$-E`r0vQvHrq#pTDslC%ARQ
zr|uWb{Y?E2HDy7;O+ij~!Hh7vyL=zHxCFWrxTqhNIvK}C-gYnH@9wo%YR>SwJ=^Y;IIZI_;Enfv8ajnF$MePy>LH-*-2K?)e|w!E38BfjrGj_60C$A>n_-+&T&C^
zUA>PL=?qQ8t8g@+j}0k<)I1?4IIGjtgCr}tLNG{sm7|NrA~Gf9VCkiKSpJwk8p!nZ(@O}CL(uP-o^#glvQ5SBL=
zOa4}S#0J7iX$ZND&Bjxt9`f~d^4F0i`Y1AnGfg_@~RyMo>J_dVpgu|
zUjaK>!y9!oG@k>f0-%Ogk5@zx3MYoANzeGFzFB7|CTkXSb~RG^mdPeFjpsSA}P
zf|~j^_SagmP(QTs`>zr=jcDV?ch?lKTqY$Al9a?=3dAdXN~j`4SCpQgHy|Q)(8<#-
zjyW4AM6aWs0ms+&pONP=J03YxR|;K?i8_l|e-$Pp_u_9UK_xFTMfb}p*cRG&)TD1O
zxht{@bcvih_;Seoue%Q2#NmsFzG
z*7b4q$6ww459Dx_SZ}FwGLkxJ-Tt#VeMhUFZCy2dPEy6Bp6ntA_W8?8S_N5#FtUKW
z=V*U6K>;e*ecPGToerOUC}?24s0};4EBErQ54fS)F~1-x@ZW+4+%Xuy&oUT_EVQ=X
z$Kd(~{ahF>ug7N|-CY|pIdp#p@BpF{*`Mw#2c?=UPW8Jom2he2oPmiKTwG_bo_}v|
zy^A-)O0qg|6DynL?4RF?x`|TQ@bk=sj?x1k-#*@G)p9lDs~me8>LyRcRQE?Ph+K}5
zak#)h^*CAB4|rFxHbMe|LU1G~ZyrXwmtYS6t=4f)+GD}7VmR+`Eo+z-vWc&AE|1T1
z(}ilNqW-strnDf5#j#=yS`b_hkHE9UZ%mOE#nyegBe7y=I&m17=+f#*MoNQG`^OBo
zsHp?as2d|6_|y5z0iUmjYO@4fXRiN9_VSG|^T}&0T-)A|uPpofm;H+2!YV{#)*#ip8vWZ2<4t84?{U%GDXO#MkRJ#7>nfu9u%&%R^~B{4d}#dmg8e4Rguo*?p7or3?{RiHYBho5L!l(6jEFTewf)@AqGI9=PAv5T)D#
zJtcF63cvHSv@8Y1?*F6eJ;1Tv|G05k**lSy5kg31Z;BAg-aFZQuk0Nqlr0sKy>%li
ztBkTjW=8hjL96uH2c@&4%sacQlCRN;#x1Y1<)aDkcU*D*Bm#INGFhDi
zu(tvsU0_B})?4FNPf>mXo=&Dk_{K$FlJDb844h-YIM=fkI(f#RuXaLY`Y^BC40*uu
z>`#8NZ7T@vr>OLnqjq0Fdcxdz)wm#LeST=8@4ydnvGcPK|Kn?a*O%5f*lJ!8~?~M4U2>SlGR!R6lYCw;Zbh2H4@
zrh*WXMxV`qQ*=bN0QL|xa_UIf^W}gdWnvlFb+}BzHxdd`<<1|yK*GSr1*wH$vP`%;
zJK%HTSi5p_!8V~~7tZa9AK}b42cJ)`elvsv?Md2=&>&K7?vLv$MPxb4ycfMcgw(Vp
zqD7TYMY`!FSxD6k6&Xaod`U5u*-+**doPnA`Ho&mRvoS)Pi0M|k(3y8Z`aA3^S|(K
zH!n5zX%T~Of3~8T=8q5D^gHX=jPwf8^0I~}z7t!>IC)sVR4{Lr-
zv>Spdd0X&4*~0Ff(q{2lqKZYR8=eLOEswq7&5rp$kFX`|&ah!4E1T=<
zZxq6etuo-Ih%>4`qVd%-A_mG2?^KlZyTEOMvGfUjE~UpMH(v*8vn>7a`frMQa~4iR
zY86w{+g+x3jqzX!gdG9zF2UD}+JzhIt@^L#PAjL5nCuc-T>2i}4e-?a9!!VVKYOUI
z&NA}B^6HO2u21aj?t;P#4T5=&&Bvpn@W6E+TrJAXi~%VL$_P6TnzAaf9`HD7bM1ML
z=l0$av6UF2xna}1QoNqU?}rKZ=4oRvi5#VsSil4F^B-lb@D~T|JvSK$3nvk0l%lw@c|q`A>rFlzUe=iqNVxRhuyl>N`FJJly*5kp(7+Q>
zY5~mX-aGjAw_uvWQkCx`#mkDJ6B&Ak#P6!>R9atp`^X9&pWYFzOPd-8=3vkS;`);Q
zu%7%|;I+2}+1T3m_93S}?#tk~?fwyKJv>Cu*=YQn{W`Al`rO@T5Mk!QsPX;b5S|zs
znza}x53><0&65kq=x|7b7nb2y9e}9*ScRdZkKt;2(<{>(f_aP86({Q6IRQ9(X1Rt_
zbvJertDVfpg(t-2z7)#b)w|(-o8IG4ki6MKTilnDjrRqO1o6+CR>&?11G@n|r-)`?
zT8$j$@LXKi7xI4c@e~@gkIw>VUq6?ql2U;Wbk0m;$qz^LWZ@m|xCFX_&o5r(SCJ^H
zTwEW*!PecHS=bJ`jY0aqaRi1Z>4+>id%~N@b+mDm#Y8`j6E0+W+WHtxsl*C+UE;>wxcbaY<``$8R
zK~5$vr316-pGK2`O(S#jc_Eld5Zw~Z)3AsH4Up{$H3J7<0f>OZY8HJyUHJm6>qgz87B4H^!~(
zTCGwXo9iAa`uWZ?95-yrDqF6@S*1@oJv;?(9bM1EwAybr_;1%&f@Z$jJ;^2BKfc4#
zss&oZ7?1}1nmq+Zg35JJ<@OaqgdEm+56S{?v+L`}pirXV1C!#S1Xb8XmFCbKFuL*G
zbEsX!^bQTZg56!+-51c()6=W6A}amjlyf1(J+OOW`s3WQ+*$82`|$WP<)(JGr{mQv&Sc_pOiG68!IR;7WC3+E-#5VZOwr
zj`=NfFN4)V?S@CmV%Pn-kuv6
z9iV%)YpNm6EW5
zm-*j$9&t6vq7<|jA)%p+e0*g1lw4UPQQ-*rbJG4E{mEX#Unvr5lOc68J9*NS#hlkv
zhY}RIZ2`6%pJ~oZse!?hb5T>v%Dvn1^dXFgcPg71cr()GKWU285tR>XC~wU@S6*OF
z47qAV{|8>6t;fvsX?D$vYSkq=!}H}1KOTQ^?KS9_arw4WXz+ad)b
z88MPY+6Ew5!8()U<12%k@H(Bk`}zKY!!4|qYKfUeyCS7F@JBe4STT_~ue;Q+Nmx+}
z!O&OYvJ?m%_s-7ZwAr(-=V`w@v%YDt>1j)~uqj{%O7vD5_-McY5?HP8U@e8()B1bf
zQ5;{Bu`Fnrid3SFjbre%P{sbg``<;xAbj}V0EEq;KSCEP%rd)u#R)VC6I(8KbnC2?
zBU1NP&dwcyDH@yQX*@t*Kbw?z)4g)6NexyyxG3OGZ*m)ZloL-qtLxc93UCvAEXG7?ld5Vj)7i@=%RyB>GZvz_;s(#*+(Av8&9KHG
zHc3ZyiTpys@duO+dNVublg_zt=(ElGxR_iAG~4#J)M9qMDUZ)h9S;S5X?5}DO$7CN9i
zuBfVd157s<*)O!zxVu1{~;W(1XLM
zM@BXPm`-3rf{~vLHK&yQjA~r_pxdibxyffi-uoYNubW*PVX=&-r<>OtX{Gk^WQWh@
z$g8hY8+6S41C_PvZtqY(Beu%#!Tnxht&TYq_xN*&H-BzyCxLk5Sf`Dh`h=~lj@iWl
zTvBl%EooFK*aGzHTycS~^`{O14*u^5^B^2FtwM1c9G9wWf6h1_pB;(3IbC<@72S?e
z`9gPDs+t0a^o1Y`1uU6O`)Zn?n6h1uWW9M3-%W9k;FNfsls{HPR~2OIAvkP
zPMox6g<+3Wd!?@twujx6c}__^-%MKDKBN>A2*bj}w|szhO3Yw8yL~d2_158FS>Ggaqy(creez(|8|1u_?0-4fK5vri@B~uLFeD{St|Y0UYv;vFO!qUlD@sZby3pe
z(#wotsdtaCyz7Ei^wvNS-<3Oine~>vR)zCDYR>E_TwD$t8$Ey&*7}d1HYszFZ3eNy
zDdstsS?I}pjZCNIqC)|mH2MQBytd~~%O!`$r$LO-TSJPf`Xe#K^aogc%xYqS(vEzt
zRni9gMaJwG7l|@xy?Gt_v_ea_CWqyZuB#>Ejy3jQT`9DBwY@M$A&MZuq^I>`?DeiV
zHqY#(%r}*6#Vg6*a}PHT-pA$#cdBc;a&GzQW|DHQi?^uUvG(~+RWXP);L>(>ak=g}
z!x(153#x{REl{2ij3^MYCUjaBZw5YT2_r;+PH+SLsB~_6_1m2HdGq9q&sDb#-$kj2
z;>0`dIAM@&nXdwU)AUau3)Z6GT&SoJnv~cdc
zoD#0j$8zC5r?)9S#rpWOa(}%^$z?&2o!i!(O7vmdx2&nibg4_?H{D*BEVd+<&M#7~
zUqnb;Z}zygwtzXd+2jV5ElMbvdH)sFM=RVQz>2e5-d!Z
z-FN}VAilSqK>e(W+g0)PMcENux^#*6wZAW+h_F@x_+6w~$ToG?&`Q!%-Fkw5y=nV-
zFzCRK(Bh(?-yS-17E3DD1{>C4Os9F!y`0i|?w00e!D1%}vc|%v6!eQFqJ$Y&w=k(1
zg=EdZUj}Zffq?-?;@(-Nx$QR>nt4w1{_W|(x;vuU2Bk_!$akK@5KjcCP|sRIFz-)a
zfw4GtJ9Qj@8qiVYY#Bc7uz`WtBs@(Ie+gzN|$=9D=(pA<8amuCd(~}L87^#E#W525c3Yu~DBtJd_cuyKh#eJ#HOo_HKPe
z8lcD^@1dL_ad^0OTEanj@rB;+lggM9Z#L6QrHFZ~r#tBea5Biw6APGP^8p%P-qWo%Fja`%cnaz6xY#xZ$V&b2VZX!VBzS55#ou5DU*PI~
z1C`eBEAk2oLE2m={dMn>RbN7GRLIe5a^Q4+EwwZl8^X1eofqm_)#}V7##S3}(a8QLlG$pNzcXNM;y-mF-jR@)&Wx=U@#{
zdaJ7U9(*qPefcT_A5)*&-W8jMxY)^nn3*p*MAgqDbDXT33ovGUPfb)qR0#IhBsV8}
zB?H#^Eoz%761lx@7BtLrQ8Y
zhS=`YuHN4Et+{R(S0jJ_Hh-I&D}wTp3W4%0c@~WG_gsu;NZOAS9v1W7VeDtGQZm4u
zeogcy2gbnz*wuSQjHnqNy8}L7bTpyOY0vFZF~hw1#DJ5r%OStCE?)UAYwg*$iA6}ICD_?@n_c~>r9d(5&HqncO*}e{LLB(@+p2mT@g|@Z|1SF;>-^z>MrAN`wv~WaS)#3kNbxj>XC%9pbzPSH`%R&P8Ti*
z{KiswY4&(}lt=vTnv69b;)-@kbzS7mW8?l(Y2=IdQ*|x88M#1X13BynS=TT{Angne
zjK3;zNJ#CzVQtR$dWs57)yT*J@m4m&%_{_pt4KLDDJJ5jb%?oa?00zH(f6ckNF^2OfCQ0k#-Eh8UT;
zYKOBLj<{X-9k9GdxlO+9m%=;~A)2~y+mnf0ZdTHoyYi<~(^KNilJtGmlLxq#IukOA
zPK!T1t`cPvdx4I^Q;wD?Y;S>K6PI~ChMx`Z+>g~a4QjEji96MiAYgDdM(V!Vc$8aWSbIn>F<&!JkSjZT`Gz)Hl|C@;oTue8vBaVpf{};%wS+&wXauewF=v4*a07xknu@5Yy(
z!0S%A{ShkK?S)E#mqoSE(0Ww3w5kdVaQV^${c^=@%>M`3p?!TN
zyl#h-UCDj*R0$qU-~*Uf%J10@Rbp{{2DB$IXgc8DZkL3ZgGK-3AK|Ztl}jbnzx7=t
zWn|x`<}$w2GW5FEr^di53XR@3Sk*CMHyC&q_c`!-DZA2R+dxV9%V6q*BmADh5svR}
z2XCBi38J)ODM8>n??>Vaj|^Sw((i=u?KVFK&>DBhSE5gCfmi1%02HA|OP}h)l+m(4
zkze!vfUeB+gl3VB9ozTFbiX!EDDD#Ez$~9Yj0m)J#b1yWcBLYcsK$>Hlc>DGdG;Rj
zZrpiF(6itWNTq?CKZwTiT1GMhaa~Ke@Zs?SZ^0Cpy-}++*4AnMx9lbx{L*H*bjn))
zjDzYJK2N!r?qCmxYcorgePgA(7s-;A0@*Tzc47EkzfbZ<$E2NujV*lN1^(av36mqi
zsc8&R$PuxzbE{y7&r;_|PqN{GY;TCGgM-01?><^;dYz^{96y8I5Ez-(HN%a^s4ZWX
zlG(nvB_BsLoA|i8s{QBx-S2O^|Gicz@$SV4JYp(!eDzkPy8%{S3IL>LxXLvpaMiDN
zWKPtrjai%P4uyP3>bc-m81(#3$c(iJz0GbyMxjikCCIjd0LdJiZ8&3k3Jc=ahN?Lt
z>Q$7An1ngol!^KM9&bpzl%kj|Yf`IHTi4P4!%^4KX?I|TL9jG3ILa5IiM{XVYt
zTs$Z^eFt_P6q}H9f}CYfY(qh{iWKkdg#fvaTgMK9ag&;7{D1RC_|V?nZ3_g9|mIp??F?I#A%3
zf~Wz!jyo((Y(he>t3TG%P@!%7PEaw0#uij2ewayoYHIgbuQ}iD717e~%exSRiVS{i
z#t+rhe%Nfh<L$t>io8wB
zwBvQ%6nQb35h=vKy+66(CeQy_`=uV}u}utC!!}Vrd|L4l7ald4YlPvCA1P%T#C@g0
zH8){IEkAs`NEII#HTx}HoMAha|Ho65X4BVn5*STUK}$B^2tddXIgvY
zbKJl2JMkB+2P*>RM8%y>W5SuA2g>I3BgYq1CWsSf)Np`#9ib~a&4CtM-i4}zo4a~!
z+~AK)nc9M|2<3t_SQU(+*GSn&Z^)We4DLOM_m(WNh=aWTklWC-s@*1&tqPP52{a-7
zfgxyfDwr5T+hC909D*}Ek
zXpjXS6Yjz$bEo=i9{@tUvr5=Een^(uI7z%a=)rijbQ$UmuOtoCFF0?=0$TTzb5Q20?~@JVp;LLVSYI>eBdWv7bY0>NA
z;$k;wvQm%>Ej@9=-13m7g_I$6v4ZK*SZ7F+Iv;pa55M%veLQUN_tpfQi<1RiRh5+w
zD3{~WKQ)^!X(*&B{n8nW1=o(D;^Pu&$_uOm9@kc1tC9kUsmdmsHB&??a%J?P^`c|V
zDeUo%%sK12nq1VRL|LKLCmVFLPpwUyP8)0n?Z-8&7oTGLX%&Xm6jv*-t0QkdcJbqc
zfC&cp6odhz`WxuwqYy0iIxkESLbfb{%9;uXU|!)pcdmx^Vh*~=NlB(Khj3SJGZu}N`v@!*ooPQ;0pl(2^XG_z6?bO<^#T$iU}K$zoIclD
zi=OZA6d@uz8U`YWVm6+#6M%FDL*r({-r3d3#>{Ges7XM*m<8tz3?P^NH<9iia4Tl1
zH0$q8lcSA5cLm@+CJ<(uO^1e*Q=f{n1t9)^#Ahv`^3MTa93x4?E*(*lKDph(<`qdw
z6773=YvU!TIR_(2{k{udyLB%J4mkJMIS*Z9+mr(pxQePUw=O}F5Rm4EK3Ua8lQgQ+
z3Hbhb-li61+DC0RuLXy1g=~$x^!}7?h4u;nFy3lrg~a=FTFK-5z3_fmvNj~qPMprs
z=7*dyu(7=Q7sU(f_Cts{@Nh_%b((!x+&)+(AUQTMRqn-+!)p8^FE_sD?LpycukoF!
zvHx-fF}ooBM<|Ylh6a3SaIwJl3oP^~+croY+K?FyNM~q)LSlrVk^{OLr@lR8O?bG`
z+722^K`<~v85)>bK_X`e`*;=K68IN`ALXyOWx_QC00j|Iy(z)4qZ@MElD*{J9`~~XZP%u6vy2`3ekk6hDU`RNYE~+2G69NRQ
z%1Qz0lgd$Xn{sB^g2AoP)Dcb&4!n^Q><>%jlY;slbswxhtJ`)!1U*#17FxtK8GnYL
z_GpliG);BDr~|VUlF(ZmXUAZS`@2^s%XYK^7fGLKhYtc$r;5kNk;w4`Qz!>P!<3z)&+i#Ls(0E{OQmT<=ez*Ln2#_=f0msc#;g;n>ut~
zb3;{#g@uK7qrVtLLmj<+LA1g#9A^vCRHu5JhFk8Iu7Epz&b1WLIY=?hXZZ
z8a$IC`U28dP>l!hae{=1>37M7(lAXr)T?sc;=>>9Vkhb`UIrr_}`o$$i
zAHh(SAe~;4uD0mQ7-D}LO-N?gAb=E@bVknk_Fi(r^g`oLYdJ6Kqeh?I(_iXq86U*T
z>5qtm7zZ=RB$eb?D|*R77%eTF5McbMQ
z{m0bZWk{ck*D(Y=W1xZg3$xvV3fs9hZC{Qf(e(W6G;N6vGCEK
z;A%{4BX@FbX=o(%R_?m8?!)`&eD_JrdgITu`CNDLw+=9sH5uQ6w7bjCbf;laLP<0{
zNo@zv#B3jUT3maxvV-?_nVn3c7XhR^Zo*~6{B?m095JfIsgVF9_r>_(2GE|}QsNvm
z`_cZ$_DDO5xJdLuH*-M9+;fSUjv6=QcffFAvb?yE4UxNmFM;Fx;$rn*xiNwDe;(Mm
zRj3x>vOn3%fDh2ek6dskXG3!eq{IW%RTe4=#h=rTMo{p2Hdy6v;e82zh
z(KN)+5EUG2J8%HVW;jQd^~voSd|2Jx`O%$x-pWS>_9laQH~?S?Ek6$M3*SH2HQ{R+>oK5N)_pkM*Q4{^xHT{1%q(%R
zva*o=^Yen&6tkzHr^qzV%4ZsJ7h~U#9>QZ?|HZxi!7weY
zF;b^3sglO6N@8l_{^v~t<#PM!Ga}LWl&JW=K&R~v(qrEHDv!i{hPfbc+q0R1>l;j5b7&U#@z2K^k*32eFk%;?nK=i7wsI1Hv
z&w!GvW{WF9phN?;&$?fP>KH10vf5|YzswM=4aD(A?|2LYI9U=dNSzRtz9
z({yQ>MobTT_pLgIU7~5wYv`c*s#CsEpcN2obhb47O2nbTc#c&XCsTEdQp-Vq=Q5;9
z?Y{2?tTLUNhW?|xo==lH8BE44>X!x0B+*gakZztOtLoyaE2w)e3o
z2ph!6bL#Q3Y!zb>7Y6-0gf0J;Gw=|X9j=X(T(;!4bGW%8JzSe#QelL%GjJSpn+x+V
zHMotjVfEZZmG@-QZE~>s6JJFZU!bNi-aUf+)?Gax;Q7?Ycey@)SmwpA+D4dt+U&o@
zwb&IYOV%f=!HsnltB5~)d!c6sp5#UVwg#e__^V-fl
z5v|lEgdb>#RNU=R{=hrD%Mi=^_h1bZxNN!l{^LTaMK>j!l@ps>lnav$OLl%LfXRJH
zzv*Mx0<+xa=%pL_HGQk4IE)zKMKXfMHxi&S%O*j&X8cnn!HJ|zQ-WZ~`S?inG&K&Q
z%S$jVS#cLMM2$01y&wZo;fTPsp#pyNka&BztzbBToI@cY?#A$S8?J6sSfQ%gp&s${
zO`F|Sb#?WuhK7kf?LtkN+#lHxvsT5$&rhkNqf`IPqR4M(t`9dnpVT0EUi#$;k#v|C
z&7$Ir2Y}_3f0$`C$90AH&|z&A>ISR8!yQSAR;K+Au0qze+e?et_PxjdaQo{0?JDai
z5m=mR%*tvs2EmFXfBr*aQVNM76fc1g7_ivR42eT#5LjyIkmL)*lpzjQQ(R$q`7Bor
z(n9Z^+_@ZP5>yu({Wo9`w!P!kZx|2&@uY@_R@`YpuRPFQo;3RI=;N0H+l{p%BpB?^
zq%UEcX{m}i6m@}N2fpHx(jtwGd#Q=Q4;Ej$<>{p!GA6Kz^G8KHDHIBopxBd)oVmE)g+n=
zCq>oM#`q!;25(ByKTXI}{LqCFkA`%yd&Z+jw_c2gZ~+O;-xGR$ldPuYAx!DaZHO{_8$j*ZSctq%i$$I@_FyfPxww~8n}5A87l|CM
zc?a_8>J@+!ad#@9&PS6+^-wmC%Qt|PGSX3=6yM_GMr>-}NRZs3(07`P_Nl6WGgtdd
zzCMtgwY`qO8C3)9fT@Oo;`~V}c^nP(BX9|UY#UbrJ~;4!g_u}bb8{A?X7L}y3}Ccc
zuJWAvSvgyUgD)K4Or#*W&7H|CfOhU4-0SR#T~Dji2L8AL06v29x&^-oOf$N0rZF>R
zG$c0(77D^ezO+$k@dt&ac-k#4uN
z+!?!+QhZWAIA@30APc6B-UcE>%7yMS?&?ve_Z8+m{-sNoLP8#0w}e-!$pk3?YKNf!
z(jSmJjOFtO-NVVWbkP9`2Hg8C(yDxnDdk)`Sy6HZb;px2RoJT7idZi@W!g}hB6mLG
z!chT7(&YVXjPVLA_5q4%@n;`ERRuFmh+(luO)PXcLzow`S}4zvCUmwID4P}oKMH?o
z3tSxr{_D9v{vf%FV`i`egHjvo=n*_uFVudrh=};~Y4UHr1pTtldi~$V-=rHlWthNQ
zq3rywP+6T4z-dNHvFefL<+h^==DubfP3y(a+%6T}O{7D%q`t-F+@0H9SHYlQn{R30
zoe4w5>4l$baWImcKRke=tK;c*wn4F}%AE;RQFTZ#XZ&M6<
z<8F8Wk~4^;#C|8HiaBwpecXD$_W5&2ls?CwwY)+l2YuWu{W{Ap8Ik=`Ms&=~tT9?^
zXU{r!9k|G)kK%w$%7t|mLZ)EVQjUHJ#U~;Vv^?$s^(uLVg>Lz=zd^++6c-&8EDsm^{M!1Vh8^5gxNODuT3@&kW=x0*9kY=u7=-3b
zM?<}&9zDbAu~N(Y0P4pK8jni%m)Sm@Z;ZiipTBu7@AhW2u5dh}YG9I-ZF?&%qE!OfJzwrpRtmc*oI1{x*2~7HuAMbkvaD!?D
zbD^V*%YA(!7RjN5|0~2LX*c-Rwn*Z3m$7qjG$WWt_EpF-OoVpexn!exEK%<;{*?vD
zpG4FpW3zy=Lj0ky=pmToeRRL*Sy)XH`{vD5sOfCD|!uD;_n
z0eyFH-q^<}3LGz;J^-0sI1wXlI$OV!uyBA`oPds{ty
z3J(o>(BGXK8)`j3Q1jpHHaja9H*?UR
zbFlv))O9wEL|{N&YZi7I^s%AGdR36`sd1h8?PZKoTW^O8h-{bADm7Rf63nRu0Yinh
zs&0H6)X7$N+D4>dakWOZ=W=1S;MfOs4&_BD(C2{w3iyL63qZo_!&E++5ETp?`aIy>
zLClvx=-@m<@?xP#I#tcjPmC?kbdtZl|Hz@?FzmA9g*r}m@F|TQjzT{S6%%tU<5R$n
z;15Au{Zv75!%UjqzbNM>h1&pv*g%{7a&aS3p=Ni!ys1QWh70Kj$tQ%FBbmhj@oAJn
z*EoW_g9iQaSn-1I0-`2ZSaMru}_ro_MEWr;vS1)nh
zfxp>!#aY)4({bFHP43Ftp6G->FP=*ezf)2o1iEC~U9sFy@3wPN)XNur?ai-6N{-pMcD^{7Alak4|S^k?=Mb3j>SOP!iAh_*5K2M*gmCZ;oLxh%>d$S5HDm<56it8s13DPwgqFd%
zf|s;0!v30FT1pBZRgT1{@`kLe&y-BpA$Pp;r;y_m8Upq_
zdW8O3>9Jn!ptaM%hDmWxC+V`&YNh~uqH$@(_QzdN3x7QT1qCg@+6!*G!5y5sU1QnN
z{@wdK&w@ZaNU#Rp$2pEbzLz^338=YG_B&_iU&DmY)2-kvyK6*JeX(Vc?mAbR+Q
zY^4G}`>wCZ9W)=XW0gX?aL*P*)k73n__2_6`|)B%yk(JU9Tp_AYrqeHl_;k*Sv9)hKjnkUFE6BJz_mNHNEc6z!LWLr6w2kPGk?fvn2}
z(rD}Hd&RX~&rZC?ChtC+(9od%_)2wH`l_^@bH&F_t9LhoOBG8DW^OTud5Ri&dFC1K
zCS2yJc06m;^LlMW_>T8=py+tLX44yTfnP^v*IJTR}#nR2S$FrF;i&c_1piGP1pg&LPbL~#?o6~2>ujY|Suxj-TY1x*Vl8(7V1WxbXw2_;
zwK}a`x;Kz>1w%3IgFrvNpTGZaxo4xlS5D3{TKqyrw?H(HA~IjO!thP+{rXDTX+SP0
zMb)Q9K!jBP4BBEtc4Yq>O`>j#i$fT70k|gCFTzjf1B`*%*bZoUS;5dqO_dq{6nf%9
zWSO9cS{nOuq-^t{P+63UykrpmwRQ-a(K0j*>7IPFw*J;+=V8XJl+;zYPrb!@K=`&O
zoHuuU6N=V@LFj3S^9FJe!NH1JUFFolQZF`;f+4S8xV@2a8;Pg`ZrE+=|x
zUiuTaw7e`77fwhszik%5lt-2;0Z$YK>vjO8hcK=nUgez59S-yfQ|Zu!viDV&z|0Y=
zby(;RK?%gK_Eq4}IwHCg2kvdYtiMPgp8xRpz-{)Pg!n)fDb|*9A)&t|m~j?=EMJij
zi=`$6Q~&t`QNUP97MqX-{nxx;MN0Pa%33N`cOIJv`?rZqYGJVKuTkjd{!dZY&rG;~
z{bY(LxD+4k%AOK^#7Sv3Ul13cwyeN}{5muX5J4QQiufTWY{?);4AAt%V%bpeHcY
zKza$C=*P53OLc)7pybjvPF1tBD{Rcb9;>Ws?74scJ{lURCvlfR+3Gm&hm->N1BzMG
zGK-w3uz;gI9U9Wi%#s=6|vUR8l4`*uYi1~Bc
z&C(k~6%^#1RE~V+A^ySe4!In3Ty~>~p*c!J$=!dlr+_F)*DbnQ31kIn2Mqxd9Vs^`
zJpX@>R}TVa&0RLa^u7{8(#-r^K5rD4(Ga5Vlmf}6eX|-`V!l$HZGEMRR1{D9SK^wCvT+lY(9s2E7fWasD(Wr4^=w2>JCXl4fk}r$>
zIbMnUFbE-)s?aA*(|d&%x>UtL9b=1#N|~6M0l|*|mcs-X%5i>^#-^JP-}$0{JpwR
zxV_K|?gt2Mw*?v~vfMCVeY9t_UyfleL4a!IzRZX#LT!{>r59HX-y78weLw&c$o=8b6n331dH`(_S*#
z`-zfyuOGs08`4{R5$$Bnqp@Xkw%x1yd?#08Q&+uquJu8(0OGNEUnOE|{yMd9c@GxP
z_|VXeW;$>)_a2|$&6|4`M2a64D%KPdrMe@@!jpG>;KN#Q=S}*?0Oz?n9B8A+5_F*f
zD5K*6?NWjZM9P2P|C@zl{@DxS)E&>pg@D*Hj3p;0j|L{91|>G;MSSiuSF`Hmyd!TO
z>(cN0%95?@fT2>Sl*>AlJk4*$AmwZ_(TL6Msw?suB?maTuJ(3XIY>3?We!?syJC
zL%8v&!Y;J%vO@kQ5rYX85{;My`j0o^e8$B7
z>j@+fWX#S+x;eu<+->(g2_V|M`1f3`Mz*9!^#zH5{YKk34Px%*@@N92r
zF$A2HDw=WYRmE)kID?LCeSa3#ZV1{c9G;z@o7+U^k(MHq8}2fKLrwf(3Zv(;6!h;Z
zrwfPvEVsn>cQ<~g%I?|NQmkFtJS_yM*e1Gs1JWa(CJ``UQu!)l&?*ETQNsiCwQ;yS
zq+gsz6e+q~P|I0Ji1j95Y{}R?ytC-=Dt>LB5@6ZneI4#-65rlOgWs+2y+8qmhb^74
z@5Ct!UZMRja%P*gkHg1SQpuLXIiVxlyd(?JJH%hO4)+2$3Itt^8^?~JH=yHC>r&+x
z95Mhl!9Zj0cMJf6DL9u(w7L9Wt65mQ>s7=hmyQs#sm#rQ>hx8;+#)byVh2N!`}OOQ
zYToH2d>iVO?t7gN+&~Pj6oK<7a#_I2`<8YPn?_+e$|9eXLY&n3v>|}wnAV0L`)EKu
zegx+K3Gd|_{~BwM4m+V`4UR;;*xDAw7qmL9D=M
z>Q&iF0Y-0k3XCbAZsWEUbAyEi>C-$j6$z+&$-v6ivY&
zYXW6XM{N=?K41-O>gH+u>cjJumjE70q?|}^j(T|yuKTq8A2983XU3K9!t{b@slhG(
zX}!S)za~$e1B_6Y0uH;4RKbV1;l<6#IV)xRxB+3rP$i~
z_f~%Ft7rmNgVS>n4RoEEm4{Bl
z@VnvsyXqt8N3RGlUX1ty7MKi-zd`0D^fAg=bsFBDa4ig2h5*tG?;|U`3`|_Wk^o@9
z^M>u`9c({928Nb{0j9N(h8V5HVN%?%bEB@VPTcO{J)F(rmFbf%w#(Y(M$g_Y^D=`c
z$ntd%X$}a>d-(cs&yKf2zFI%ALB-WXE_ooNK-5Q=eO9zp6d=t6a2q6Az3L0xOkp}>
zPVO#+&pf;y8jkfm947DIz5DqEw0s~UY8cBl
z!Ia!&%RdZ+b?G~d&biCfVbiF|%CleQe6_S0l+kT4vR7B$E6dC&U$_d29XQ-7
zV$EP#U0e0_)^iYB12zSr4tgqkzkLHURne3<0JZR)FK~^OSwy$M493c6u5gEo@UVo+
zz1Ed3a7|MrID6*4N=Ar>*0Y$;Fzoe|&4jtz-j75l2l!@v%Mno8|L=~@X
zBsn~Y-5R^;1I}Y4q2x3Z-V3S!0{*cpAj$N^bdXcf<>)rI0V)E*sxhlmU%Y>6x}+{D
z=ePA9L!1j;bZ;@a&Z<=k06d=6&j
zU=NvEI6MLCnBp2kc5<0Q$Y6PymH0t7l9jzSLX-)y?0%AJvd4
z9I!;Z;bT-dxF&1DjP86R=o<(!k$PqRp-R&lLD`bIo^kDSznk1Q_y|Co$d;!6>g&O~
z?@=O)=a8^~>)*8B$p_!X%zM}p{>8?kqX8+})Hf2rI6X}Tg(mHj6ik8de*D3Nx}CYX
z?7X~)Z4*^p-IP_t{oZzWcLTch42r~Npx3zSMK{uXv3{rn01PBIdz$T>eExAnOQa5NJBY3D
z+gg8iy1j%4KmkZ}RW`hq9Dr)r0I`>op@^SOVav}(@**T@@@=t_X^6zxrrh1|w~WmK
zH5$<98s#l~s$~V5K2k
znGZ`PXe2}I#J_o{p}nUe)cgjuzLpkS%|ruwI5T+T)cm07>B}l2^pn4T|4-$WXv1PT
z;A32c)9rpjcdF;u&dNd`H7SyJTv-5aE(&?`U_4H8gG!2At%=ytTnvq&R8v8m&gX0v#;`W)g
zXb3@BT?C{#M$1jqG3m9lBt+?T6zJu0sizC!G$FIiZEYHPBM)Z|};0)vayLbuqQxb|!
zdgW=(TJ}L-~H)@Cp+fqf-EL
zEcg~oc}Ax3qSZFND)}ITjCyIQ>D$hD4HB
zzAg@8`}mV-WQ2tpE(}Sh`Kqzwx*zx0#76heb8&yZAj1N08@RV7i03iJ
zXx6+aR^V0s9`G;0OzM7Kdc^5P4yZfkJ_Qq*u){}ywLma{1VclZjijC)4S<4PuqC_i
zuM9r9T}A8xGn6GwqJo89ZvPWBv~XgEc@5E@0M~#DDG*A*-qh7y0qQkv7cldxzfP~;
z-{ulj#7j@>ElJuY1?b)di0+H`7uB`n2MvMloHM@Xn*pbJrx!@*+
z^6s=<>0``KaHR&@*^ujNt!JUfHG*ux@eJnV2fT}zXwcXZ*5U*}7*Lz{p3z2@l<-13
zI(S~eJPRwPAb}h7)zTqVrR^DrQdaHZLlZs3e*-%sQo4ik(<;)p8k1wE=y#cbE*>0w
z{FZ@yH6%==`ora$1Q;OVJ!sERVqJFAgR3(5BJt=vE2Mc0yDkmn1EpH7XF`##+)mwn
zG!95XU*T{x3H&x_8Zm1M!UEe*L|k0BJWDf}cT4<^-5bLmL#+~&<#g$tA-nwp?eKWX
zG6zNsv}1>3HeWt3_Vf310(Rr)G_=2-{w(y+KYeS7)~3}&F4z7NmQmf>0US*AlZSQ~
z{~uFt0ao?Cd=GCW1nH2F1`$O-LZll3K^o}>>Fx%RloC-8X^~L68$?n;LAtve>Hg35
z+~4!QJe+$y9NcWapO~4o)~vzzv*SF+FC>#ukGg$R>%+G2np(RoW#vn7vr4-uwOxDyKK;3@)m`
zN1d8(K%6vzf{-
z&?uDj^sJdV2JH({*bC#B!U3Gw)#rhcd-XFPxZk`0w9GzfW5Y)0NpfmK*XBX;FhqKr
zmyfK|pIA%*lntM-%|J9mP%m`|l3n{Lp&~IwXk~D&W<@kxKYY}LjDN5r0!1Q(U}_iz
zpzE&36Oe-=XGmq*mkkXJ7($8@`20QGL&$iEG=j?V^!l!)x!#@d94SNUiFw*7`W76c
z!F<46>q`d8?biJtCI4#H-HwhS3iicc6K~oIDK?SFfx`x9s>@@rTO_46$|xAYI7dBd
zt_tm|Eze&3Q(rQ-VooiV`t=(K=lec$?_gft|EjaJ$ehHLvostiOka)DP=~crOiw!3
z{*o)jAeBCgRT6!Vxoevqgh{aby}J>+{c%$6929WasQ1s~?eV-NT+cZ0bwQJ>>1{{t=ZyND@OY4^74%!SVH&7s=31^3+tloJWBBQ$_iVfU
zjemi6LT7-DkU
z=uw;xja|1q
zmIx?y=;4V0=HmDOc(~Bpko}tjgqdjAmEyWSbh0#e$OYr}2-4orR@=d(3gDs;7?nRt
z@NNTCqr(0zL+Ku62%!(v986US96uY;z`I`i0OuA7$zSFR%_{eS$GJtkUl%?PTIt#0
z-HH1_Df|#_dOI{vfUJ-c9d!zo?kQ<%-t$PVn)2#e9%kfYY@4kGXAfULL2>lk(%0fH
zz(?v_lN0kw6Kc5?{_6Jag?hlYNVD$90k!Me3rkt&7Tr|D
z@6n)1HlmIGcu!M9!(8WKLKk#Cpc*tGgSelcaHZYk>-Ki3-(C&+506jxt02mcpT|)0
z&FxTnW2M1$1~GpYiVP&Pq^Fl+_@S+FF`f$<+|fMX0l>kE0zonS?0M+8O+J7-)6n;P
zwj4y4^Lr-+uHYHJ=sNg796dttrTyy7isapRHNxw`qW3cYvhmadWQw}1X0CPT}chcVdu
z_hIqAO^7(5%8Ojww~HowsRI)a%--K*eb^K!5F-@QzFT;s7be6feY=%BFD*1?79h
zBUSb^Ij%t!tf5tR6;r#v_fy5g5`NOo5q7xocrJJBSz&x{pL#rHxmZG9^N#$-DzVIUqh9@8&7
z!Y141qmY3?D9CY*Fh3D1ZWKHG4*T?5!mpA}FkQR(^<725-5?-z#TXGt%?9tLS6^RW
zv1R{V{cr0K_6Tg&`$-!w4q>DOyzp`;w2
ze_?L!>?Z}P^2?o2k)1$eh?fvyT`jvCypR6ILpXIToJW!a+@TM`)+UL6(pBraay&krY&SeO5_YIp=iomrENMUanhuKu)oTq2$gWDGZ!w+U
zv9M&L2K)ZE{CLksdi9SAERJsnzndd;Pe&{GL1kp0_~3aAvhn04pTQd#M8#(v-_rqoNe%-`
zX3IxMKKh%p;k=kP*J^IP0WE^zFA@bqFeHa4mrRNaT6)9LO$XDH`!0@7_|3Qfj
zycXnJbvzqqexVd)8k0)Xs?2U2Y8w~k3^Rp5ADb?Q4VL)2hVs1qW8tv*J?^PQIuaPC
z-6(<<@)5GUuMX~QH(f@b2fJkFl@R=5zV+SzR8u1kabo}fYhc*kOKL`n
z524_EE}~UthEpUP#?|m#%H!`3CO&_67d;5J+jn>OSNlE3qo{>$t7bnVz~1A94j!w}
z<{QD{v&z9Y=4gO@LpB8F5dMM&GLLc0=SlbxZS}*hw3yFrR_!5YdTckb;>6ymiZloE
zf8ebyvlf-pWA5wg`|ax#XiT)mCq^`GkDmC}^|Ubc)3=}|Y!6lK**VydQ`{#*_1tyB
zvg(&UuCK)aL*BM7*1+|kuc-iVd|>uHcgch@SIOcZrbtJ>uiFyrN`va&G@4s*fZO505_#$=>Ia5nneX9wIFdZ9?Z=k#%2VK!GHR{AXL^6BZswt`;eIQ6|f^){%_Fue8bXV
zF=(WOq$Byo;d@CR7&4eyUrz~+oa?)LfB#a3$a<;geBdw%Y2g6SvrVTG;4J+LRK+4`
zXvVT<$pdzAaC0}z9~6#Y9;Gg4y$91NbbSMJo`XQsWX*8dMz^lIg8a?Ypm>a8!jy41LWC
zU7XU837q?4V$xA}#)j;DhgKFgpjYUBi5a#MMF+Cg+3mD2MSo3O5vVKv>lD#5zMWq`
zaUCcv`x8(D-*~PVq*M9K)aR^3yG<{1re3`hC`Fm#67|#;)%@FnjVW-temaM3?rK&m+H>rx9mf&%YBD`+uQ%nPk%H^tQ30&Xn!
zqi{k|Q67sP-KYl8+*iFI6I9+uWzV69Y7g&Ea3FmHngbZtd2$xXs@mAFY`Y=_8io1|
z{JHk%_USrF()@cL61#v!Rdae5$a#6e;M3sUZGLt!(zUXmEI`}_
z^1$pr!cfNL>3X-ADwc;F-d$W;G_kV1wH|he)Q-Ov^G$m
z9c_06VG@Bs)oY-NWU~77AF%w-!3hrFG03RcfgkNo5g;|`h(>E+C*!fB1OrOras3su
zQ)KhXIIqCn7Iq+JIsjIM0h3_r@M>&Kd!o^o0(w}$prb94oGV#925Dp!bTgSs1KhO0
zarrNJJmw4!8nTZBq9I{y$aIlRI<(~)LemRd%KGbD4?Jj6LHF78yn)u|kmgwvpxE_4
zZzJ^v;8VEF&0{Luj-PycOmZ65)leoUiY*`=tJG%=&m)
zTINtLK+8F=>
znWT39&u66V^V7KA-rfKtK~}ODh&xEZlrM$?
z#;ORkpFksM@q6tmW(do2(s$r)7ZynSaLyQlB%JXvp&RHe!0XWEMTW$!f^XSSInsm&)*~a
zS+l%7`sGf2SJGV^%$J~6xmD`Wd;nHO$wxRqoNyX{2PcxFo>3lKKu$M_u_q20|MQ=*
z==EogY<*p)vnj(!TnjP6P->e6*@3{B4w^Tl?9I&Vre9gdbLcY&q?vgNTWdV5x-=@&
zSNEc~7^aVI{H>Z4OiXeW$x!LWZmFiE=JP&eu}{pjV*6|lWFTgxtqSw|Uk9oGB7~4LO
zLN*gDtFJtG@Bm9T>n&HINE#2c0~FBw!U$o1tZ%z#c|cSmQ+*JfnJ%Yo`eEkqTg+8zcgAF3Sk|^s}+?xZvPko>)vw6^KJ%FCDnP
zF&zph_;2qrVA`6GoPlD4(c<&Ze*?=*{xvVpJ4F>Bvt^-dl`k%uyKt!`3we|LPb7n+
zy35NSjVEwYZaRb9=@AbPTx>U6Lh-7630gjPZo#-k7r(8iFhATle)g#j=4hP
z(!H_p2_=&Z+iHsZkt#OJ!;HcivqDx@iJJ8)n|}OZ*P{=q(WXtMg5D$QHVIG(eS8QHOerw|Pu4W97P(K1(V=HA?e
zl!F7i+3)20$L@JxTzM=(+`cPtc%F{A)1UisXl%$#FsE$1K&VbRQ)(3ZluVjsbF}P+
z^YZT}hK97z=FePR1Q8+Gy8nx0PJg1+Z9$LX)vFuY?yiGY6`h@(_$~o9yuP)Q%TJa*
z+u89FQ<=JYud|sYg`6b0K99iKk+jn6@{X(WtB-g=x?S!qujfnDSZDoh)e7Y&#m60o
zH%uXCG6jw9_rKUa@)a8CqEg}ES)oXB%rB+Broz*T=JCCEBC@YG?fb)_?;RmaX34`8
zO1V5U3n}QW$KJG$zx5XuJ3X~!*dqG~U#3-Bi~hs;oRaW!q;>QQJ;;fGCjElcE^VH-&yT7rDZ(q(O|cK0Pb_HY*KRvHI+|S#!8CwC+(gkX
z?`c3o#CnZa`?3Okk@YJy)vIFAiHOj|2pxV{^-To-NnZZ40w|)Ci_hT}9i8(7-A#+C
zq7b9Uv^jP+2y&p!UaSGGA%M3^PPT)99h|-BQa$D{^R|6K`f*>4h>+0Ok;cS5
z1`75%|KrcD()b9N1KV5p4tJfKkt>RsCG&WFsFkN;&W=Oq(&Z%y3VZG8U6v+~jyZ3N^el?*Q@Z$R`*t*T
z7dgp+{u=jlVoBsjB{?>F*;S-&scHDg3)jR42@mJ}AJ>O$j#tv3T^#LPHGGIxWl{*!
zBMFHA&4qo<&B*ch);EVld4>KWP_)O&K2?iIUl>qjtXz!isVFoCNfqN7l!3Kv@G
z+)jk3`CTv|y{yvW>HSOd9k4{UrbcdH_~1`)5t)qx^$G~F-2szXR0k6iQ
zG8H!B5`=dcvKs=%8ptl{{=7wDd=C-J>-|kQUOa>
ztf3T;W$hmT@7^7K|K2@z-^t4Lr|ZK;z%-aO$5kF>f?;5fSkW-j`_=5*8E7UDhC{ob
zge7-o}GJ_RQl#Qg9D&LU1ctPX4De00Tt_@jVAzow^>l9M+C((nlg
z2$XXKJa*DYYa5A$e_Tl8?hk&y(j9Gb$7`2-!uRO1l>m9Moc)lshLQ&up6*MD5fxjo
z+N}0EUZl)3YL#A-)z!SJlR!DOEOsRzS(KR>L)hMi$2+qMQJ<~yY~?o_8m%gB
z!zb`Qp}16>LMA41dw`^3>30lq|6Ft`djn=u9gwU)yDFh1Ab1HxU{b;FP2YHsPks6F
zMYG(30P1Q;u|h#p+3##qbgS;c#z-SoTY?`ut9jEEH4Jzxx$~YOAdK<_c5wNH1Ff`1
z#Nc2f8`Xm{zp%76Jh~-c)$pRbs7V*Cg&YB#(yEpvC^r!n`{+5s&p5P6=~}e2(grt2
zdA79cEA#4N7c>UT)-jbILjPemeKf^a!Kid;t-M`^~4m7mCeilUifZ2$e5tnlQ}g
z-&h4RBN7wZx=p^Q^{9EF@em1Zu1kRzZLe(}2TCu655n3LS$6yB?xeh@*z
zTIyAFkmh&Osi2bXZT(L#4+O6NWPZl<~
zV!IYebbd!!tyV~4{B3-nX(H!OIwlQ+X%$QseQpy!Nh+#Je)K>nzC
z{eZOV{p~vdU1X;-fLqLW0DJFy#592D?fB$k-+U8V#_YVduYh~NC=`MkrQch#LOTjX
zKS_bK1t`O|Eljp3g7NKrWaQF)&ysonY&5E>ssc5@BHRJN7~oyFpvr#V%an?`j<6Xm
zeNxC%u(D#IIlBVx>?g@a*e>Z!MlBSmi_}ac4%24s@AJVHybvas-XhINXd
zr%JKS{oDz+G@yIBiTRcD2BDpk(1yoN2M}Ifs8fuMje%1OgCZTuX%_u@&0_y`!;YWt
zAE1qcBLp<1&MYm3B#yGgYe&ctSoE;6eq^;jX73F*jrF#;Kn&DoD}ob00;@DzG*IsJ<&W$1L>+kblB
zH<=llnh7rv&Wz0P%bp33eKr@uSYYLK)vkCJvw!iWOcoaVu|b{~JX6C*Z~AnMIXrYV
zClP}hi<&2|4wNM%B?m4__Ap&P_ILqb3}w##r<;VF5DJu^fu@FljYocp2!-fqx*&4A`E
zkbo6B_yP9~d;R)5Fe_*sOG``Il=gtGk~fz+o=0-qcKkg)OS*AAhFXYO)2=8<)*4nr
zv&Jb)E0ok4P-UdE(c`b^h`#>**woZ$=nd-El-1BFHhgKgp$M|$bc!wzJMCT^O((Tq
zAz=ZKvJfTDhcl%jlMRN5h8{L>0RlkT?994C8w_d@2;@tysn6wBPU7hJ(|Ew#=dl>!
zwRg+o!(SwP({T^P;CB}OlG|ba97nybnzhd3#v+b|6Kuipfe@
z&yT99^?bR)!g81Am<9$cWw$3p7b-{D_=aE6oR6)V0Gf{C=k6jA!+&Uy5IqO~@VnaV
z_TNay#&BNKg!0HqNKsMo*+)V09ED{3{DhMeqn(*%;{@pe6KrZhGENbZ2$OuN^SVVo
z0zQSijuP!kB5-RToG?QUS(}d)%0F;}qHsubZyS#^vK&WV$=4H0gNDp-PuuZYYW3+i
zL~{LPfFko+Nt^64emY}oiD3XKHSXW?2QJ{y^IlDdQUVn*nt6SLKU4^geAuv>=0v5p
zO?p?Mgk*|h(QpgMCkL*zysb1LhOq>w&FBcExgy~D7LV=Ve2YV6T3|0wncctzC
z7|;r+PIs+xG&z?PekY9g;G)FJ{E*Udq!M8;_vw#q$L3@>|E=rX&l-D5pB*@&sPcyn()idvwf|1=dm
zO9YEc|4HF7lOtPuWYl+3CdE(r8|c}B$N24$R9NoepXZsF))*!j3A?>rgx&n>yNE?&
zPflhtzVy$mT29~Sk~B?(#f431M#H}Fe8}YDMZ+%+?&zPYXkrJ8tYy7nl^K{vK7RdX
zH;B_;5XbDcP@3pL;jogV?I)|gw6)|=MFPQ#B(=$w+oRMS)|CGn;@fGLR|L(Stl$&T
z)n7;Gl0q*bV*{hj*APXaEQN*~jP^XZoB@ea#mKbfU7X;X?G!cXg!ZUJG;-hycbAgv
z>EQ%|dJhRgpfVw5R&&xSwd}`fC80B7R5<=Rb9`+fF$u{>E3^P`V1A;s4*DqhqdM~*
z>WJAmU?0J`f)EM@332i3goK2EenLfWr`my+p0yXj01vmLF4~Gn*KWMx#Xzny6n5D!
zqNEtekbDNJ(VNQVl9o@q7ig0oHumx7}b;
zLsQ@5M@I44gu^Dm88uLp>DG^jF~0HAsqTmbE^0B~#-D47hlLSu=rWoTT^3%??sf
zP;Xo6toyS{f<-p!)%4ZulJ8N?LZa8z94Us!neA}Bs5%nYHk;2t%xwE#)zPvn6r1o+
zj!kOsNKTJn>q*4viS@y{qRz$*nK&Dt3n9+SS-s2GYl|wFy5%&_PU-v<&`cInx3YI7
zMlk{k8!>5CtmI8R;MVOd`bt_q9amdZ^JwRpq~x5#WQ;Ac9)%Crmpfq?69UGlub3p+
zKJUlVTAPYQi~~@Tk!SC;6FJm|<}n9|S;RQJ%m=6J>s=40LK;hIRJZw{@(uDSEW0iE
zG~T;zUjiQxJY?vu-b`oiolX06mwtDm*0sw6cnPhK1i}9FbE4zmD^zdymR-i
zHcl#n)x<6mUJ*H|1;~~%6JX%Xx8>%FN6T1aB6!e^5QeZIBuAD)P94WS{e6Aisd^wV
zfGo^xcT~&!H#ij#q3WqIzn`Si8ykZ@5<}0q*6_d=Pd#|g4ZI6ldisR!pkCIkvD)?2yOGwsaP1^p3xxxn
zpf?O?=&Qv8O+8&($Nebf(g_LysRQSk?#fk)B-Ut(>jCmD=Xyh0Az`)c{fZ*2WD%cK
zzR)II4ZOM!^@embB|#7di&m9gN?Qr1^>ASuq&G1+sa`+V_y9kA6B}#vxUb{mP>OIs
zJnjSAx-^jC)ARC<*kH?BgAEHo0YCrcNsoU!sC2ro6G6{7a(Ejnx?QUG7N05;zBLem
zs41qp1-1dL79cInE&^`HsEj}wxMbs;L|~|Z<0(Je(59&arATFJ@$UDYJJa?u2yptM7qA=i3I5|HL45AM;DUt)oMdE{0wVfG_vUieLdp}
zlcPk&l;NSi9AHq*`XU#}9?wMZ;9L67-gUhGT5S3z<_l3uNkr$+y1V>Yu7t0y`W4hh
z*|?1GN}UgD>7H&yeeh%5ey%WOCt6rIG*FYpYlbkry37a=s#=S6ntcox(*zc-|1Y#kY+jz_Gk|Cpa2xq9rp
zrV_ao?*A%mh`}0T9A9ao)rOLS@BC$6=a5!i?L)kV&`K~x7{TBX5Z@~YnX^od1BIoL
zu!r{SyqZkQKk)nRM(+G!yJO!BhFHw)OTKUi94E!!L&EKNZ3y
z8N9Y;h19t~H%E*X867wGEkJ8PkIUhDQVsJZ?Ivr3p*luIM>hsz>c=7$axyaCpn}fm
zUsY043IHFxxhe1Mw&UG-4xeL(2(jxr>iL><7->i_9J;#AxFICN(DB*xlf8T3e+Pe)
zfRZv2i7q{Pk~nFtrbdixvjqYi`5s_?8V{Nk5D%6^Mreq+xjBc!4dl2ZWKx7EhA^x;
z99zi{8HsENIJ^y*LBz84g|3OQara@#AzjvgE)Dgbdk(98jAiDe6cpA&&8^42Dp0w>
zPXIsd`Lpe&suLkjj~zoX`JpwfT9+?|C(sjJUY(Yt_WIj|E_7H;J1(CrQ+b8-{mCTQ
z|0C@{!~X3>k(^@ji8fCA+0$_g`x;30*f#Clxg0L_|xzEh*
ziEnc@o}e}tx)Sb_8+?vtU31q3l@9|ZtTga5hiH7@ht4%4@UZt{X=U#QH>n-ZwpG+h
z=@!~b)?|>^*$-(^<(d3|J@dp`^x#kdVQPw%QfmU`;kPi8NJgf(CI-xx
zdqcsU3L8FUv-Eo3-fE7xZZlMIls
zD%`7K{a0|nQL2OwjclIUW`21fvp1mBT-mITtP=5{ei+#(H2b{c&>{9bz0I(oPv`ot
zAj9rHwJ{%m_^Ncf(lDCY%lM-}NSO?GtEz0#We~Ki-O{}ki{VQ4#DiouQ~o~bOr_Fj
z9}0#cC4uzx+&n0t%w2Nx8JUhROfIU4}+lXdRyPh~=Knbvi-vHx%R
zI`3vxp>}kjX>G_LF}eiVuXwA%4YtR#y
zpMNfUHusT@Q&RG9q}DahkWvYv7ZTu2YDQhtf{v$|oYQNXl)k3ncLXV$L-8_KJ7|>s
z*NAU7p56r0bM|C`8`}ow*Qw*~irv12w%VKFTR0vr1WcS#=&2~x+N<-gUa&n{Q*~Ik
zuSL>Do7V71oyxLzOZRPQHbbhZ>uZR>jUS#DeM0qnl_FL{3-A52*Bp&1-J9E%yOci)
z+DAJlSknxaw(gGf*wnS+jAo+j=)T88ma)Mfr50AKGGMXxMHO4oJq+#q9|BkuI1k(#
zq=2M1^C-Y@6Cn#bvsr})Rd$j?`!2UY`-;*NDo8QzhS
zslN7Zx$^v`CvNp})3vItz1VGVcCxxDaQz!>M?FGe4mTp_5QQ9~bI;?ntCO_sq604>
zV-pkG=vVy~kHR7&C0$*)r4R5&dwnnOAd4R4$0s{Fwr@m8I?}JUs$##(OE=fDHCp*X
z_i>=~+EPeV%c)VDAvuY^_xR#0p>?DPM?UU>B0a8)KJkNKt&oUqls`|
zj+n%N=CFD}LX0p0g!(`d=L15cf8J~Vri-F3K636={A#VVprKIM#A&^F~xZyB-
zBBA^$^Gaj7zxX6mn!L^T{}=|@hM^Z{#Wr}am5Pm
z3d~njn*~%E`|&eMF8I+gSfwXKHB?z|pE~;J;ui|Di@uu)-+e_1aRyXF;C6_#-$r)+
znwri)CpA$Wi_=T+Gk|~npg#_}*U~(&vlN=lNW_oK!z*iT^tgbIF*7();B
z>%oQpHWc!eUMUa-ARblM)HL_>;KARQ_Va5rOzWWWrvy#}WE^hCNTIgXsdko%7S0lw
z4S+BK7B3yT)PZUX+yr8uBiJFVlkz{(hQPHH*geCmDWUAe%uqZAr%ojn-Ex_YzA!Ih
za0Gm)n9@p`qabFW7iGz1Hgoxu!^Tr?AUty3weMllm9(4w3n3&xyQ?`I6T@-&d2^`U
zZ^XBZ1nOq0tq?+*m2gj#dX~y?_gj!Zs~JoMR%ZN|J9H)BL{|)xaRKrNpe({VY$uK^
z70fK44apm*1-x8vYjOmBPfZ(aaJD+H)BL`n7>Ugj5D{~Y;jk`0A8OddsK3{>rN9;G
zHk2mFk?`3~sz{`v-=bVuZO6{22
zW376Rl2KvE@1Qt?;ZA`Eu%|(ll8sb$gA&3Go1rxD|1gAsfsuO{sbsedPOtHlYX>nC
z8z;yNFg)UZYz(wxuZBj_5S5S*nL#ptFqAzp4hb&5Z~Tx%%|CHJBC@{r&WOo=E}gkp
zRX8&C=>z~`9Ii}2`?vBnT)V-%mY#R@WnC81JOt{b%71rM;Jrj*z?u`HFiP(>eWi}M
z^?VdNm8?Y&xw$0~0q9gp=hnl?>%V8?Y2~gAT#wa2VM6kXsQ_4*?vLD9V4()RG{t0s
zCDP+FPp!cQfNE>b)OrE8m(Z%l>)>mfqquEd5zvWT9^$4bEyzS&QZi*FG=j9iPT+Di
zNAu0QJ8t2ULP$$_ATB-^6-rrJ-iPYBl`S@R_-$>?=tjUNTZ_Q8JSUsmOEClN(+UMo
zR#{*6=>!H{>IWW-V&HF{Ko~B$ECrl^V=k8pc^?gT6=Gg%bh$iUp4ah9ydQ;-ty{S(
zp6a}L^4cE+aq5N4VzD5gKU61oDG6
zfIe;ASfBsLU8w`Bj!^=_9q^fHF=lVo-;A0lQP%)6pW1taqq!Dz03{MV?{lk6j)N#w
zR9tb;L{dwv4fNz|MivjB);**Sncx{I^fkE=^@@}B*~Z)OurM#~hxYb)<32A^&aP1@
z+y8C*5%;)?!$*AJWQh3!e`7WpG##1~jT>`R8;x4S_f0%%AHeP&SkAMFMm63E0@&dQ
z@ND#$t_Hdz7t%W7HP)X~4i|jua@QVa^@mbmqlm1B_7m7Gd~*mbDgKSAk2OdWrv^AzamR(ocSJsUJxD~dL@;YIjAf{R5~
z2ocAkiWXbjJu{fVP(S=^Ye85Sq|a29Pm(yiH5X;=-o}>Y-kU~P7igE+5GzmsJxazS
z#YRA=!*y=FIaYz4ia+|YN$y|9!$0~N#IakAXFHykj$rdN^Kyh26&)>Hk3>0UjxBa(
zbXmpmykAkCN{K!cyKRHdd4??(`KHq{A-=4kpcL<%+d}%lx)le>5=c5q*u+ELA9Z@2
z-=p?5;Tj^I7Bdr|d7U5e#z;O0Tcs-1w+SA@ojcCcutir7lL`CZ{lzx3x{4$*_3VxPs_zn6)g!k^w5E@8P<)4aSq{k;uqA)+57+?=4gSdl}|=
zz}oA}LT(4u_HOlr&W4It$~~>Fj`s|{C$G@h=x|nhXXC$<6g8eQgIfX~+~^3X!Ng!t
z8l2H^=wgWQ?I0Nya59G~*=$k)0BJxqLM1|R6E{V`3c`+}nvRg7g=yhUm>){4pi{Ko
znfmZ_TN4}At-1x_ol6zz(bDYP|sGPJt*Y-6nI^V;neCi>3glG{H6*dYm_
zCw!u6!XSLMPu9rmdh>M6D&j0CD8%^ZD?B=8e(en>xP!vHa3He|{qzckxlyH_9zKTb
zQT>QJL}?C1sKmJVVK%y#TT(AzRmcL!xMlFR#eRs}k%mY0d^$6}vLCf^f&%gcW$s?Q
z!#Yt|*@21hgkVDx0&rf*cKiM4$O$_7VWVTXtirs4f4;tH<9$}7F2N-Ag2!$q6Yna#
z-@rf0AnWtD{y5t|$hV`*2+1wvLx}ZfBuUIL01z)AZo}eK}CzjcSfOJGnRhl4DI=w6`r&F23!z0p0Ke_55!z^nt}q=&6E2
zyK|3_d8P2<$Lhrsm2xtYlBjT16xi8sd(2nZmbfoO3oTnk=qZNf!!?e4&-MRHT5zdU
zeO7OnHeQ_PKIs7F?jye*=yMf0yhYa$pTY*kXuI~?UK9y34PVQnxvW!0zh8A{i@(IzxTZ0d{vx_=vbngkE8%Ulp}B#@RLh
z|K1b9wd4BqfLWroM`uS{&0mO^o^_3GH{D1~qq!_z^DL2rxJvlsUD}PuxO<{VwIr~H
zx_YcmU2BwEVROtk@!anOd;AC7QJ>Qyk0Z<5rxV5QHng~E1G^W25d{$|^Yb`oS2uUa
zv3wE`WOm^6CR9`vxlM=o25lw)yyo^8|2sGsqPtl%t!yv7zMP(ViS4w?Kw=MyKL$a1
z@eM+FWl07I2f6`FfWVYElBMU_eq
z=)4uL{}uSKpsLEfo@@Ex7h6fO=MDYCRj%hyq!znMHZ@WSa{Q&jk~FwpczHwVQ0naL
zED|kb6Se-Gv4(;qDm+VMS{Vm7*T49Se!!U!5m8`wHn;FJ=Q|VBeLL@e0Fie^X^OD0
zvT228&6HDNkl!H?iO-hQ8X#6Udvq&-;j-1fSI(O2A-U_q$KS#X^Xq*Ysj;D&`#yit`q76G6^&295T_b-92U^F&imdPNLaD`b
z#f|o=p?>x`T;-sIQU^i1x7V_f_Df97#ieezK4Wn1+vP>}mT0U*i1A@EpPSxZ*TY8q
z0Rh`~Y{BE+0XGy95Zk6v3mLDG5fR>geVkafaXad{$019!|Ka_gb`$J+dr(+zqKof)
z2{j73_HB?ykqcB#dW{P+Nb4sI^~fwOhla=99X*I-e!#r*BSQktwTYKhlgCEFralp(
z@#;`#fr{V4ODgWJV!K3tw!nELDDgNJn?pA)p+Bd^|6}25C)erh+!NJ?_U&Nc`}ima
z=su-BU0Xtj+g8>dbM86Y|0?n#cT@9^#v`(f1<>&TtCOkkdr*THBa}rxQDA1f0Zb+z3P}#zAGxWZ#KEDV1p5
z_~vsv3lf$tA#ca@5eZz>-VdA)#8yh`ZYXjp38R9Qt~;m}ks_CA-}xbZLX4LJl{`N
zzuY*QZlOsvu;rpv)>3{MBYd7S%Kb1wxBdH*2pjz}*WB;1=1>G%97b;V>LJI=G;=}R
znqQf1+1cG~gOu2oIw|g;ag@soeyHY!fwisMjhc)>qWmFW`3e+Z}mGbt-*6%9X=f_^{3qMT5B$JlC_hZF@RN694Rkgl>p6wyt
zW+m=9OsiXOf|O1^DoQ;DqD^UAI@H~M4olKy(RK`$-h2Nm|K!CLC
z(_op;iIXZT=>Bo3#!stY1?Id;%?Y<;-EuFm(Ya?lpGUNJdp&6he$
zSDimR!Rl432VVWTRAsh)qu^|g5Hyn=kAErw4(7JQ|E019-4p^-tlY@~IM5^4bvG1SWZ
zGjcA*Xbl`VaO>$7+)}(89DnlXZz>zKiM&UKTZAMoIkOw)zzqmCqm+uqT|s9|+LMo=
z5JVo2;rBy#5r2czs<4e7ztWco!6~b?h2(zJN2=dUlV+LA
zcmTcyz+FfH(gw{U9aC1V$hlQ0qNPJKY(!AruGkU
zl^*!+_m;1!S9yAQjrmAb7XB-fB~4>?{ZyJufvSaS-8kV1$@%4tSv&{Gb!8?eTG{eC
zVEkln<=O-oJOsm}c--U??~nYh%s>xYdP0|iLd>nVU5g&eDekE2)E+a}K+g%iT;03}+x)EAb^smfcl*8(Mv2K8<6c9-rbuHr%wC6GOD<%l=t&;;%}ycODHGYrHv3
z{ex2CNK%(JvKN{C>%;5-*KI3CCHOmITmJj4J;}jvt(8@$B6mbsZf5(5=Z6A0;2HPO
zJtXcL6=&3SHae1ezW=_JfQ9Z6uBRT802A*(iPK*yn-vI+tabSc;N|f@`tJDjlpj(O
zSs59m!XK!41OmPV(6xrc6N1qQ2%=$LYV-q{gq#1$J^HF&Bv7^H9Iv7%p$7pTL!g{+
ze3BXSsrvZs;GbKEuPHePW(n>|>iz2PC+hNVB1|J)m>&oyf+uBk*t1kl@fZQmML|+Y
z3I8uHmE>p?1u_=5e)!~am%Lub?5`hQ%=B`3ttC#+?VZmb&kfuUO;t8j
zdNbqtKkbx_TMvg9t=&x@AD`XTl1%tX0{f9;e%lJkk1&rEUt1o1lnBLnbsEkjKV1j!
zE-a0&%PRdpGO&{XVri+=p~O$LS>7S(rZ19*xrk07K2cGdGrPgW24P5p^TSs(Jpuwi
zp?@-C9BbW~i!X&W0Kkuyh{23LgD_$HK
z(FA2i-uN=eDY)>B^Iw2YS`!9hfDmp$DWJ8lp|!0oaZ^J@B@hhs)1glj!~@OHhrioO
zq-Y2V3bV{Gq!HxJG{iU1&9Vw(eQFGvzJN=3zyyw@@l@s>>!n&f1H`&;-v^RznAkVJ
zC%4vkcr3AmN<~-8-KlnO{ijCR_iB*1;!S`lDg3_Z)IJtpq08fDOqi&LBq|^?E4|!8
zLP7+$sG@RLEWnybz@;eTCK|lx>@r9zcetDmk*TVCI4YF8n$;GuEyMf!`>g}3T}Fe#UM2+~zPRwP
z(e{Ywoqh9A91ajjmmH6ecm5gtXe*F=bD=W@w+}i0$#0DxOr5*GlL2!9V0oY~v~i%C
zc)@TNq)_F55MK7o6Hp1wi~vg_cKmts5E^*$uH5(giitdnXx022mvQ=f5e
zaBh*|e^@}dw{+w;$U<17V~ay!ZwXA8#pdR@E}(drH%(Jvrc|$eq^cQ?7GyAw+3e&Z
z%$#a;l1Ek#^q&q*V{VFeF7uZigiou9gP>ydWh%0rpyb-Q`&08;_2DoOZ|-V6e>M7n
zDih>}lK+pcH-V>eZNJBNg9>FVX+V-R5vgP*qEdtgnIp*@*@#dgWNbp2ibR<+l}(bd
zh|Dq%NoF$7zx8lV=l%Xapa1hYuk*g=^xFG*p8LM;>sr@Z>$=PuDC;|o!Q-n-pz1ZB
z4642IG#zYOf)D^_)WEt15xYut_=Q4LPRt%5zi%wYN_qI~nbA#-(6YI54_K?LliTbF
zZteQ;bK!-0wh98*2G0
zU!T#Wm_fQk0EsqjFA_GP%i{fVK`*dke=7T}RU}OFN}H_*<14?gumj|KMr&#KZ9dEE
zywOig9@5QSxqjQx^&pjPb`^(;o{nA2!_{?lbh!?ubg+oQnnVpgMkHNuh+Jk<$D1IX
zc7YvK=GcO#J<~FHafw*Rui~e~7sf}5h+O<;tFY%y%f)<8wq6yfrJMvmvgJ`ner5NU
z0Y}cbZUd82ZLt&jvmRPc3
zt_Lh*AEO|oJ45nA)?Yg
zdX%(dFEz@*?=X)o;z-ObD%$+u?y3ssPbA-Z0%lpdyg<~3cGIGfR<>Y1Tf
z5=-^1iv81cPHMx#S}5{-axI_jOOiPGuQOs-0N80hzMlug|Jd{P#yIZ_-!
z_K5SX!UJ^aepA;s?fkvk5M2Y}NvP=HzH@P3{SJ>jT=e2!u|`sj|HFQqWIsti@1oUtH+;FDF6#a+2;}s`B_7Hoj^cJTo(WX
zfa{hysERS_?#mmK)C=d%?NAF7wKaDyiw4tk#S0f{8QCY;BP9y~}-xa`4lU)#Qi
z8?5nqEff3?a1KB}#h6(Oyh9UVFkp~GEVm&D!yNAmNKx^Wg(9Kmhh#|_ptZfrq0V3_@u4(>HewL
z!_gPNgGeqbN0&Ry$i;uPovt$*rxb>MO_L2Q6(g{JSuBP|qXpoa~E
z`Vuq4;m4p>LklvWZx8VYWF7MfKgPYPuY&?`X1k{tma8{A&y4jHmz9AML9CK9yYFf8
zWn|{4yvZ;0*_I47Fu}r#l=owC)xeO_f=-~ZR9b4wTs30GpR1eOkM+gSs%t=-n_fFh
z5VHVJ;7CJ?5F~u_b&Z221|R7Pqn~JSg*77VLC&h>*9zEq1zJ`aE%p7?$wX!CJK&sW
z5qQ9jBD-@U9%~&SA&(b&czsUqzzXuxI-?G=lA|&_W|)>_Q*Pu1au@2-Eh3iO&(5sD
zl%r95h&h%P>NZLwO3^{R&3~gOTZW)ehD=c)s`G<6Q^)%ocMwY^g0Iph|BRmAPH)+P_pS&lxG-qSqQBGcnYBuboS72mhXv%X{d|%9SgD62@FYWk8sG>&{_t^JiFk
z7VyPu9AaIMmN^U@UX#HnSnA*(jxfLbH~RFF2dU|cgxt0!m;8PxA#A;lw*Js_Ji^R}
z54q&^AWG8G!9k1}0a=g4n|MK|Z#yD2
z?_VBcgf@?VsFKL5h^*}|=l1Fm`*-)}ygc57oEz;cpq{)jk5NW}CPZdg8%8;2(*(%*l4`}TByW!%04
z2U54JHsS^O6~T{ACy!O+@&_yKRCP1TENsC!5swl0NOvI62Cb2kkFPADudBOTACmfu
zt3V_;yp>>9{QOBs%}$~odV!ms%tur{Z>v^NHGR8+-7JN=gzU)PS`&VgCEu+d$gfaI`E~mH2=w7)rRJB
zU4E(fi~3)mEdOKprC~@Zx+|d~Ej5@5#+wihi?aGCtO2#ZAx}B+CmNePEPPi<1=Ij^
znJKG@&%V23zy79pw{`hf`C0wL!ptWZP^e*_(S%_1U2*S`sRYDXmsF-
z#Z=w*UsTEtpvb!5*XE~g5zOa{Dq2Uqf!N{8duL@uMFmTpZ4pE6m&ZJ85`_;H_oA~Y
zudS^e*hFZjLI-UsnVZqfTKcW}r~da*eNfm%Uxd4%fmC?JAHp4trsYVx&|2x-Itt+BQ3}DbxhKFX8ccrC0-u-!;!j>i|wE2SD)7M?Xo}TMc
zD|fa$g$9-YCfOwXO3Uf#%R_2<#+h()!uxjZ%I}zg!ICb5yI!Cnyb|MWxQXLO&X3*a
zCCc9c12BBLuI>hw6c!Uxq!0lKA+O8gTEa
zB<6-?yvEEhZ0>vkL{aSu1!m(P&8t$Ag*1^0EK}T
zV)1=Xzv?v~gfAlAzqkER(CIK`1o>){U){Me6ke-ylC<6!`Kt=Isu
zz=mw(>E)G&p3Pa#Cxac3V6fCp4uJ_(iNoiBZ8GiBDS%ZT;Tt@kB8=i+*m16Y&!(jg
z*U}O3ZVx~I_l_A}}PU(gRt@@@-D%Z*^3jAWlckYj02pS->&V9|*iZ)?3Rj)Xr%)?@md|B6e&xQ^ra)B30t
zB%A*FE0)>EUrL=h<85?#_hU|IFFHQfibSUd1O(I$N+4bkSm>!!xrj|??mj^Q!UbjA
zuVl=5JF|)Aog@p`p#f2W3U$eE3w}Y^S$mW~@-!-sgG3G3@^z4kFJj
zFDvY>W=K;iFV3-V>gw79cp3447r?mm?#I#qY;*4o<%+kr|E^2qkRf6}_P5t
zr{1JbpQM1Nyo`uAp7as!et2FqZpTv_VAK7w#+cVU7~TLsGGT0ZS)6dnCYDreBiMa}
ziL>y{U&ppf2~=J`4D*Y8xW|+xq=6J4TsPPwF+Zm2)fev;jNY-tb_!&>|6SsrW$4AP
zTF&!?-`;7gg>#jqZvRG_soB}cSFdD;V{v--{$?{_JFouubks5H-wa^aqde)iZib=P
zwN49I6727I+^>l+cdeb9w2p@6I0V%7T{us!|2
zpT)B~bf~i9pox|O2JGM_2Qt%_+yAh;e6dUkMYZjo`N_0CNjeF}5m(5qSnq-2LK<~F
z2Wm6J)Mh^t&vm&N{CiX4pNk)IF>c&=HJx~fAa6!gTf?U{FuY2gXA=QN6N;{jv4qPK
zju^tP7o4Bqqh>CsLG9z@A|W0W;&pd(yWE_CIhv-S>hW^0*(%UME_Jcopid;!U~yrd
zr4D=)*=o!G?_KVAcrwn{EqSB&ZyF5#u$dOdmIsxgv=+2laPBmkY6H&fmH}f6>GKGH
zjLU4Jt4M}rAp(x^=l8`A20nVU5-pcWN5Z?d_bBdjJ)Z5wRi_c;`YRC{?YaIYUqqbr
zh$(`vTH1RjNY<{Kn&OYZNaOI(?ms+&0AY;;87
zLezUSP2H@H44QhJFPD0TxmL88pa%TmO)TfpuE4!yX0b!{dH-)r!sEt56+q`B-nV5M
zu9KOm0rV16FRIGsXZjK~nqSu#Kg2CaN=lZ72s7g&!Bk3aV2lD#NZ1I~jBenN&`iQy
z1i9E*4AQy+Mi^pKx}EsF+&f^!mj(-!_X@+Qy56Y#+aq`)XTj->CByP39pl4)C5QjM
zXYmJV6{0{}hAKq}j;dE5=F?O(HJR37K}li5_HVU(92iJ=>S5>r63SJ`Fc1pymxr(K
z{ovqjxCvrgu_vC}LrC)bpwolqC{DYI)oEmS_!H>EXX}9Q597ZhUd7qCo>EZg`}0t=
z_V_7~uh6oo_PKCmI`Zuo4k4558&OSn_IIse-5OlL=N0GwK#R1r?Em@kkPCD|UYmEI
z5z8qnGZuPpsp>fbHL3arYcXImHsOYloxv6_$ewZr_}kV}HZs2g@%Wv=pT!M(5HJ#EhLS^o{~f$B++nJT^jGfqaTj>9{P=-4
zGO*@ce|9bEOwOk^14WO+on|n+7L3W@BPJIEYf;K|9)wNLrY?gWWn$k6c8gwUbqe&dRLWThWr+|qGcnZ=yp1_IQ29dq}A8@j%?k4
zaT}0DQN7@fVdCHzdcif-K!O+OmG{4az
z$IP-Z)u^g%V4%6{2;(^S3CW|nN>_LnqCPafjXYIXe`_XTZx9n+%yj4N;orwBnm7ij
z-{ha|m#^ASgt%(A^=H>SY58#XW`>iLK{H$MtlZc(5B{8U>nG^lszaSMZCwHF#0Lv0
zU${(7LUw)P+ztMvip=NlEr)Ex`Bz+g62)P#+3e8bf(4GcsHy}th%Ey|g8W=sqMkr3WTo$yH@%n{k>B3MQJakmt|Q_E_vWZZx3%WVqFn!k#!W<_sP
zviS5j3n#AAXJxaSzxB%9ww~cT^yjTsWpndMDRce)K{_069M6|Voo
zKuOhh3%|z1NM?eYM7M?3=j6(R%EO&KbmR>xQxipF!>5Aq0`&+w@f}{1hAJoz$|c0_
zgIcfAEDs*T56R$rOGhd9Qj8*g@IY}$%(}bQ2k=1o{P}95PFt)oLxHiCz#A*uN8th+
z+x_^@e0g9>%zo
zqt}WU6WQM1tD|d@_Q(;{c6!C}%Ww3G(8kRK`d&=D>yWI3TrVn%okL%#14A!q+@uxW
zJVCqifKjKa|6#qOdTZX+Z;A2&B1SO9&=G2EQUd7+Bm*8r=lLUOYh0d_$D#SpMb^U
z@M1=CAN4~M1h?eAQY}+4&4Kg3uVT|RZQEJkzk(@W*8X!{)wcttm9^}CckCe
zoVwBV)
zH@1Q@!J8df0EY>60$V9(ciwz&en6q`tK+@?2ET?&F|%}yG`2fOtuF>@365H`98xlr
zZg1pJD4eIEm6!bNyNBe2yj|SBx+5Lw&?Ar{MT%KPZnZmGh#poq{NEU3EB1EB)AyWW
zYQ`dU2YIGelE%nqix*$AyXVB`B?#IMysfC;;KsSJo2Y>v-kLhj(zf4b%hfzxXR1}}
zwDv4E)Tuq61h+fK#J2V4!P
z+AXT^r%ncGj~}G}VyUEUk+RR-c9LCqZC~_ULb((D?Ztr%y0uE`jUUbSFAUEaFB2Y@
zwn48n7OMcPhrF)b6KcK9{CM|Sz4{mQZ{p(eF)N$boR)^>bE4Du{$zz+y%i6fOg|l5
zurC?>{>6ghN&6R89q%naD-4c&&1w=bNfo;0Gf`+Vy6Q$sCL>4aM=$TJUYow7_s_K`
zQXh7^Tr5FkLc%Z4O|pg6PiB4le(Ltr)dO2aIg;-c3U6HVaCS}JF-yVI5>2Ts->-g}
z)(E^2H>O}(bNl*8Lt%xOqkyXlSjWvAL%qYd&=1#Zk2t~i=9D@ucscdiISFxbRbll1
zu4HA4iT;#w^#SW-^JWp#maGq|g+u2iE9>h$;J~5Q{1H&A698IGHK)uf
zX4f&7FP3slx;q@-XUR;lUO)V}?b+J-;nI6fduEbXIMA4kG~5+E>URr^bQ}F8uGu%b
zf!0Pnv{O%Ty1lT7$?dq;Q~V*RwZo?7PP@1n5Y+k$>7*ZkLBESyaf6^Z$sxuW7=
zV0#Ar*Wo{0^O-07UyF9Wz)}%42ygYe()deleOSJ`QsIcsz^5NN&aTxX#(`^<4&e21
zk+Zhe1#Zv7zqw=l=|+kp*5M~{XGhlQx{oZgBjmRPk4-g(k+Obi;SoQWlmVz>{qdT^
zcXg8R3db%}#MnVX^Qh6pvT-Atyo0uc>ZkK}-}B+$0l@=nl)}OX{3tnBOpzQ-~0d$E2d
z;}7N~5B0?lrs!tTpVqmcTVv{6oMnG)>;-w9LEfCx#mW7YD%anECBx;3#`%078qw-s
z0a)i1DC~pNeR%|L|KohJ?LzReu@bW-YQt+!0oO-QbtS3}A=K^83S3P{YYZ}*YW82s
z=X+TKV*6*JHFN0SZ|srD4etxI@YS0?BD$?PXa5ZCBf_1%cY^q*10FK60on7HkG!7q
zE9*V>Twqnyv4yq5>Ec_e^#P@y;x@PYB`tY-QDqN{_hfQrtKj9Qb~D*DOBwBl#vZm-
zYUr7EAb0`$Zj5U@)iAYDbAEv5BjnN+
ziHZWc{jvmeKO^e7|E_PciJ#b?b%lN$7M2=t!o8TN?Sp(jxn$SoW8~f^-`c*Q02wak
z^7GKzt?YN@x@lpghPhr1UmshyQ0b6+WKN)d=??njl7Wq@=62OjTxFOz*k?iBSYB3T
zyR@e6a
z9}A&~|M1byM#r1Nt=GRut(=z>
zkJ2vU)sMqt`SHZj=^(*aj8omf>YJrwey>Rgw#eIGz7DY=uaYmjJ+WY6mP|7r;bxg0=g?1Sk7GEze)}Rpoy7`jf-J8AWx92mMBftn0LlR
zOwO1>dZuqV3#XKk&$I{IhutH!iL)S$s3B6?h;yJ{
zXE>m_S<(7P*LR_&fk*aTAEo_oO{G)95A9h0TxZC|e#m*p&{ri+pB5&m4?JR;{Y)ZH
zfnzEy%m_70*c}4B29ZU8*CbI#-cHuF-T>k8;mO|K-qj^UTjLS217iHpA4WNpBofet
zxM&9x`Xr2h1z!F@i|+?v&VzDX&eAfu#*tNw)9Q>v?&A#Al_Mq81I{cp!Shxw2laM}
z3*78Ho6>zAb%pAJy!(8~jK0;Y!1|~M4~PikoO0N>sG{xE%R$i?o4JS*P+43lD>MAIa?f)&4$jjOStY$TX-@Mqo?6GF2`*7-eX`y4hB5Y$D`%yG
zonJVQcWn+jeCypmHv`Th!-2_(Py9saCo2)D+7_ud81#if0)!JUN?77Ph!{$|zL@J(
z2FdVCK8fPwK`!%7(H}Hnu2YoG=GN8Y(^78Ac1as`5~-!XwtnUH-TgeJ=VCbh3j%#w
z{o+-xx;tbw{C#-^TIv}{C(aL*6^(Nj^*8AB@};p#JsWS=qsSa+eh92SS$UsyosVzO
zvAu5GuYVxddn_%ldt_pw@I~%D2idk)Y0zoV29#i)k--Tn`62A`
zab++I&nNYFc6R=JwiKg8u9XG}{ClE#HTtZ0av}EOl_gwS!Hk%sPI&zjqKTW5Hh4we
z9}~V@8{W0(XSII#=HTSxm&sd@U&+)o?~e8zI$>k#@oPk^07r
zxHacKI`6IS>8`CJN+!p!mtXFzedo4fg`o=^V_9Ft3frGmSV5ct`HQ1Qx5uw05;yc3ZaNf%tGW4He7a+;*H<~BB>
zZAkqI{kmbC;Enw@D@o}3=5Z`e$*)oJ=)Zd1R1Pmql-q9QC*xz0qI(@Lw4W!P*k_sN
zUOrZo^5ZE{BmS6pFWDn9H)sDgY?_*DeBHfy86tUh_wzzvHf=Wa%kj!xcwpmq7A5-v
zxhF=qS?6{9=d3G&4dOPF1$k4=6&tjiOncaP+2`8oT*#6fhc-MDyeK-?e_cl+zcBpHbqucMdK)o$=
zu7x=`I-2K~xCjUI7j-X351c&BG<(th@CEDC9k*4WB+AOsU(3R$zRSi4kF5Fx5_NBs
zZnU*$g9TQhHAD17h-azkz-32j1ByTxE5a@0?y1MSJ+-XDFTk4bq8CrE&w8J47xOqd7Y3*7&w8l7Tpx*8g`lyL6ztcVY@D8>T6CJ*oH!r`H$3b}
zTV=bt@#|o!^^>08H~T%|tD?w74m`ev;n$;^8zwH*lldf-Mvs1f+jD@A*b@v?}NI)pYHmvwibcvT;yX1vCknm0nOxhRPaO&iz;JwF!%n+j4G<
z^volIqYa`;blo0C%5`SjE}BoS3xl8(O#{!|b(?Qti{P!hx7~|Id#4Q~Opon{HbO#}
zC-2QbIfMJMdidv$20?c88p^)vyTBn))vCwyOux0RbD;d~
z2y%SAzC15yX^d{$w;l|p41Z2GIe*ZON!C}5Tr_`LN_t9O#B{E!hI004*FFo
zpgXnSg1>9$&~b2ZAg|oH=NRkKp8R1#urE*b9_p`O5P}|*(?*!sy#<5_H&I1p%E^m(
zQ<+CRWnGAA9iLsP)hIS-hHsPELqxT5=Y^Y?_#xM?@!Qha!~`x6NhWoCArg)aFZBu5
z$q6r(OX
zz%a=Z`a^J`K*yrJ?+7OwyJ0o+Sj(j#kK+406XFNeoD3%x*S>LRo##?UhUaax$jO=`
zIMiuyY_`uYpYPj|NuI}O191|%ER~s!z_+;Hl-%h0W6(cew|K}E%!KN-gl(mMp&UV+
zxDl9iVd;gAuSb#f8Ez0ufXFd)cqy|S;`STm{n$@{OpHc|7brT!G3~gm`J#aV_s7{m
z(c9<<4cI(O-gW2@6B;IP{nKkbouRCvvQv#+%#Qz+%4qqqf6bn-F|0ml_Wz;8qr}U#
z0vC2JUdp2O=_-=b?2Gj&a)RHxXprjKO$tc|rSt^oI{paVeV{!4b2^X1;>nJWv#0hm
zj$cMCcK_Ee+t*!y6=r_E4^1Z)czd4RwO2x{gpB9v>-G?Y!H)}DDR`~
zhmnj?Mu4vr*@az^|kep8vu`GK_)nsSal_+VIV`)3|kZ
z``?^rg7{bDxzi6-Mcx9fiC_bT2;W>oxY9ekQq+JV;^f)02JTyE8}5ffe)=ubhD69j
zbahN-h5s?;fZyI{%!Sgl(YDG4jvm)QZZw?_x~q~kcTzIBr0>FRdHZ(k1G|AwY`HU`
z(L+0pT$B>&XNaW6v8*yHkg5b=h+_YvOdp|6olj4k4;<#ru{YlTj(KsH&E;wZJ9~Rn
zODSFV_S(Gsm!=qDejOoZX_Lb2v11^kHGRM9%GA}$FxfZj?MDa6_4n`Va7^C{Bo|I1
z{v}=hV-a+B(U2ifzNh;yL7Ysut5ZaZQr%xN7j=Q!0rLT^hBsV-f>mQjbYcg22kxEr
z>XX#2JQ
z`<^Xbn)QC;s!m0Q#M!ufIU-MAVoraTp%>nMT;Od?48KpeQ3>lAfd`(RJ(aT*ux8%A
zeH$XtvS|gg0-*$l55mnX-^XARGi=*N8>P}SCJc(;jb+N#Wwx%WP%v{q|0Ufy{_=+L
zD}Ru`0s}8)UmrTHRMNc$kwback_g
zSuZWU?q*6o6$2wVs>yZ;4#D1~iPpe>J|5iqt2JInCETsi^R{jCfJX!Hmqs@SKW@-chIPAiM+#S+Ik^i(Y5rh5=%VD}4V`<1mwA
zq~k@6%z=5!KA#kq6-
z^#p
zHanb0Pa81V|AR}dh43sC781IYbi3`&@LErOef<@wt~#()^F-M3%4L2LwW<_Dpmh1w
z7BwSdV%E`%4U-OU^=U3Q0+8-PMngjps0>L;PWuRu{AcmyPW#mQD`#BMvf#h=;#Tp`
zsBGJOzWA!KvXdLeuS0ZKTKmOuz=3%ZgqBjaLuZrtY`!0(`1-INF6(d5vW#mID(Q3%u{tyXI*!A(q4wG0fxZ*PH&=bqtI=1pvCB4^{z=}@@p-VX+JqpsEMH_>
z>`e4#2*XE9O93!)Zp=+t23pJZ#Jjk-3}cI2!I{J=ar@ZHRjUg4-drL$#5?3bBM0pg
zo~jLl$rx24K&uN1JlDa4<*9LaoDgy0okybeoAA8B_t95yra(#{wa0|i*5R4HP8N>O
z+XEBA>ZiN#9M1(GLH8Im+>O?%MwDhou-93tL%^;F_1nFyq6WyY-N2n&#RTGJZ&v3s
zD2G!_N7aSD%h}pxTvVyGph0#~ds<}dqi6)XlK8%g9{tYGgEAqHeGWWXaYfNK_jhsf
zA^KLjX2Bmr6V1
zsypB4cB6&H+~f`xiJY7qPxkYKl%Zht6fzQgyXl9><7%S;O5dgGbW9o@)5@I*oM_3#
z5va447k%*N#KA^g3K48U(5YV}Co_Twiup2kFUA(Y1DZs_aleUjK9C?f
zSX&>y6Tr6_=k`Bm!^vHGfpy*Rkiu+id4@+pM@(1PgYzV}xnjse5k0er
zoXbs+>IPRYtWctFX{xf-EXgD3R6X;+HE
zzCC1c_&>Txbs)eae6nhtpFI1m)udr01*=F{T*{X(8`(60TKYZ5**Uo+qqwm#nCoU{
zGA4|)fr{~(-yM%n-%tD+c@f)#CIEvVO?^{^Z3jb)=6u9=D~9Y*YXO}Ttl}O1f67FM
zc0eU)?TC<%TwnG^h^4Eaz$b%LyAiz<6F&9SlQ-xC59-Ll1LB7h25nmi+39(nj27SZ!|^8KA74ivaEmg<+zOC^V4_6=2`o-~Ue%opTo&OVSAa(;EFV)&&X%Bc
z|C*0$#flX!jya194k;$-8>-(w2WuST$};F*sP)?anIiyXoF4Jz?`r3->Z?d4+H2XD
zhcYn!7{1(d>2>0!kMo?98wOKNzKGp^xqe;B>?ISc)*bG?193P4QW|KS#F~xjhy?DR
zE5a8Rxy4_X6@U4%rX3)0%tIN#=x#1+uStI`MK);^H)T=I*wGnesxe6fSEWcz=(9_|I=Q+(sv^fYINecCJeRtpanRztV+f2xi;9D>P-Jgjv(?
zXP*$%$QZeiR&VfOV@?S;&Q&!}Xal>o29lv@CpkWltX
zdF1eiDO)!a2rZuQp-`d3yB;yY--Xs0#+(@2wukt}NuO@yTJ?l(yVhy<-!k@ynZ+DTaym~nZcTO#T_bImY`6DH|INm
zK-l#s7nM#}5E&FTH8mf_Jtk&P$}AE0Fk`d#(H*bY+qa@xOtsM7Uh424M(5aPRd=r}
z#mSc1F3x*0@2yq_RbR`O#N4+(7V!0%n!9aRf$P6_YQ$Stxb$FZRYFwkUUz^^-)oz!
zdZ*xZ%(m5n8O@#9%~@1$9J=Q$*+s91=uS7qbNt6##4=)1zIZX9rw=@IuUW)b(5|K3
zebZ-8N2$bVQCL8S&G%&!B}O!E7q(iB$`hmjN~NS`or5|;j4YIW&cU)?#J
zJh0kmYcKbCFm2upN4JA|IHdOM*+bxXBocyv)wWofS)f(rcEjqyYoGYm>_A
z>NHU*MvJs{U((rxI6kBtYAN>={GeSy1|uhhvT(3)HpoqB;o=KJv?^kvxAwQ*YG)pA
zS-c@)*WsPDpNHSDJB8>7X<21|%@ozLvG}(Rz~8Sb#$Rkq(>Z_s$+rq2Ir!`W7#eu8
z^~q@i$_gI{0K8T#&8Aqkk2juNn5Z@};dpc2cv9Re_j|oJim2!Div@NZ$qIexYo;)^
zY!@986SRd~b||8_)Z8nC6t-JlD09J+iP1AICDWC}d&NJY_F3JN*)`!M5W}vr@TVIr;;g
zdR?286N1I8=zh^XtKHk(a;`@@T%33$I
zKTiK@5}P^q{C}RJ?A7Lv7RKLd&$12nhB$UhwQ`D;a#^9*OFMWpQWE|hYdPp|6OAi*sm#f){ta35bPE@
z+s(;`kAfV?osfzip-tGw{c5&RP2W3*;%DhKP-nkDo9C~S_wq(9?sAGVKCB@$uB}v@
z#Y*)%;hNvXAr0Gi?^`?t$p`0rxgxavnngmQWA|=e=IH+$LEm+_)ZR}0wn`=|R^$9Jr@+taZ+XB7ez9ljhH)!)4)@A=)y<*%MrFlFuYfdhG
zsPu|oiRF_9Yk114vzN+r--OpI-;uiWcz{wAqCz*dmHhT?=*5TWP^0PMr>fuQ>;v;w
zY}7g{jFyCZ`mcZ*M{vh8-Y1xTiB?>zeZcd#(07CG|2}T#PD=wr!{Cp;9v)Ii2I{%T
ze~T2{c>5~XG&HJgYqcYipLHX)@>t1LndN-75TX|iDfF-O@DS1He_`p;1s2tvLpw@)
zM$_s>^0xy2+nzZm47`L*Wbk`ex!D?}2GQDzzO;+Oom+CPf^=f4{`a#Z2H_4_Fh+(1
zC1V45>MWu5YXNAp{_<~(+g~l-J~T%
zufKkn*|xt-GUshB?V$|o0mxI^a~#jzulu#uW90go!3_d_#{X=7xnuU`U9z$^
z#-cXY%A+FLde>Ao;Os6|oO@g|fc%i*gIT)5P*LqTNh*8NkELk%Sm*I+?y5SP)&>8}
z(Zmh^^S0jcE)%6mcVH@BeDzSWLhsWt@~?K^H+Qp`Yk)mrD6o%dx1}>e9418+;nCJYlTQ2Qt6WGdx!t$NywH}Kuq0ZO~(;k*T*JN
zru)0Tn8^@i?e}vMBBQs<#8l;dQN@6fYWXF*r83xEDSyzuvO-x@%b;;&YqA3WP3gw*
z97!!tbo+Xle{Bf9GNTU6H1oL?zU##4w+Yn$BmsY)JrtRJGP3>GuQedWR#}3CdUO@6mZ#M|-WC=U6FV~-ThmL|TGW#5
zpscBBI+F$~Ja8+jsxXCE%Zekxjt>=xaazNe3CbpZ)L{6(t)biQ@y}2wVg^lh^K%R+
zRydeVz*SIe2Kf@G2T~;qn-Kg9KtN|_<>lm_YYzeS@JhVYw-r*4Hi!H6A1hXgm)2fr
zCeH^&B;-$113W&%b~{IRnsz{FsjUwo90CIKfg-xCJj)H_e{Nm8h4?r~47?f%XAhM(
zM83#!dU$j+#a_`z?jAampm{)Lkl`TiBe%*&uBzQ(3p6uOL>gUQP9BJ197dtYD!iL5
zCnVx5$8Ljs2O#IQBO&pIs7Wfe=6S7AnmQqBhXs1!OBwgo-K7{VjY?v7eXHFWSX&eG
zmYzN}pqT`Mg&JPtb_>$Q;*yd)h=@@Cu6UE$)j3O?-NqrJwtPUqMCR;04VI`}ye%HV
z3PRfm){ma#nibANEt_{@KW2vZkN)y3zLob{=2v^;U@{S_x*F@K`j(i7JK~!472YPi
zY%3Dfa*9I;h0iHtoY!w524Hp{`kyiJzg=X={nMv2kR*CL0@3qjNqF#5^qdlzozq@z
zKTTU^c>U0h$;MS6b)C480F;9!;IUlk{c5c#`Q#BblcM@e?Z%n@4`D~}t62^-j?QE9
z#^0+J%Hne4;a6!PA=@!`q^^B%7cmV8NBr56bQiva8$csd2(9nwBt8g`+eg#0{e0h%
zB{Vogmenb$c5;bz8tcRABQC}^ZkQqLT_K#qBv_UVQ6{l1ZFTea!wD*_j^g#jl$J6p
z98d$Fd9oSvc&Z0p^=lZUC%}2bpDJ~6ZRIvYEB~8Ua&)yWeqKY7ID8N}+mAF#hZ=0L
zek6b4>gK=Qp{HWI7u7ZwLK#V_5<(;tU2wz>7ViTt%b`1FD
z${0LA6ij6q);%g1{#={jkY;fFy*#CRNALRPgA-^(oVs{MZI7CS&3K88-TDf{m6{5AgT|nbl1b;+%i3;&+ftq_iDJ9D*l5
z{;EyTqJ4Ur``E9_D23OFXia&68L<@CoFK(==_IwG
ziV<>bw%5yTJFwXk&}4k^7g|eSVal>)svaP}ViM5fu+nm)XKdLA7`{
zH#Zg51Mt6eBTD3C1-nBzj+Sr6RHP4@<}}5SQkXVpZbG2BHk-B~4@gawN!9Z+y9LRy
z(_kpBCZ_jYOKCgYb}+-oTI}hK&84GR<`o{p+nJl
zw_2SKy`Nul;!-P<$f@gy*`rZJx}#C377c%3@`i_vrna1Woo4Q|h4l-+P6M||25hUU
zKbiI24Qy5afi>W2$)m3aW#%UD8%E^-+*g+n=6tubFx)VW^#P%Qkc(XLy^{B8Uu`@r
z=@pyh9m=_(!Lp7Yd>t2erk}|pbA8bu9(1M6?b7F+&Ww~-=7vTsB`#fVksOSaUH_f!
z5$qOYzbjn2pppz4NWr$seV3e42>TeSyFQTEKPyavRr=+u7GObCB@~+h2>N}v?u2}x
z*FdL*cU_qE*zI(vrPPw*u;yTvkshuXEl57KMev%pZX*uHWt>7r=3aC2*_iIxr0H7>&Dbex;x?iKlS%8*Fgj+!#W=}>HV?*u6GV+|zR
zeFJG)Cn+Q>jE-anv|$8GHps`-vJjh}-?W~;%Iemw50`hqfO-dfwR>ih3TnDjPV9Sn
z9DconX0XR1+&|FY@WXD?!(cc7L_lL)Ag>3*oGS88n0@cwEQmdVj#=&mcujbpVz0CV
zNzIQq;RU^tmikS@_m`VJZ2y=HJ3hg_TXV*Ln?3*z_@@YBM
zDDu;ZoYDMTf}-Xg-5Q%@7q-G_(9SwU2yHZS!_6#pbL}ee+((KO?Mp=YG86K*X_hFw
zu=y&_!m0junQnNB7nRfx{GXG*S=&MXsyEx&mRsFygqK5Y_s^f}K2ygVKvcN<@rvs`
zFDgXFh%s8OuCDdlg#=A%4@lQjU8jD*Dzhg+xBLUT`77U??;Ufj@8}&(BPOX5=ov5k
zNP^1`<0!&&=dX#ZF{Vm%Ho;h1tM_53Bd)libEx>imh`>u2+@1mE|CBp>xsH=dHbCA
ze~-Lww&xX-P+;{W2tYUbXYD~F2iX$!t$OnUWCry)an8|e&NaLnv!B>S=-(WDlV?4Z
zAr7gx?NO!p^1jL3Jw;Cb^B}M2$$705N^N>kC}muRQWQcNzn51;k^=X`C4uMdiabVc
z4)eO?zo#)u@K6ESNB;hIK*CLvr^jo0z5n&@w)89TYCNZxwt@I_Y43
zQK*4UEV-`8P}3nN-jQ4&w(DnK&vOP}wfbqiyjPRV+V_l$4xTAdVw*Zha5DWf8yEBi
ztQt+-6T3iO)3j(6BUD9bgG=h-t;dX$}uOZrtm^<6%BhO;f|&huMoUS=iX%SUwr^{QaQKX;+1*1oEM%vswp=Vqbp7cq&D~Ro*94SW~RshF@hrz*KNQZ*SUp)Q%iU8Q~
zW35$X0`rmH5FdU*Lv?8UFs;^dA!8`JA|XIX&+2MXxvFYw|DOgtQgVZ%M(;VnPl<-M
z5c2#8GK?Gie#?MeLd)skUF`)ni6St;0Y@F;jrLKx
zduT^o$(w*#6qSe+^1A)Qb&ab%ld67U=Q1-5e;2Gnn*-xueS2M@CF~kiF
z#Z9c_({gNWp1$pyv`H*E|7l{L>kax8a(9A|E{MN8Wxw9jhtUPr5)-Seoi%dZ}!bdnNB%%hv9oVqK^GTzUH6s
zpWn(w3y_ErGO=i1UZ)w7=*9X|AdkekZh#%l*VMt}MXeRz5^bdix2-4nXDSd~l7TgE
zuChzG=!0P3iWYsH`35tc{SJO+j^ZS>*-uOdw$GoW)R}BktgLww?9+3LAf-HWx8RYu
z_201x0+gGB%QyM7+vKPfIU(PV)N#D=w`pXQL^HYhUHT&ppKE;pe3&S4bbU@r&pl#j
z-^g>*i1=JLF_+GsluW|6c7oA7F0cl`rCqM=5#bHT2+
z8|yrbkA7DBX3hF#YSGsJvTsJlA74}q{h;!}5%oL&N6h~I+1ItE&5rHj&i!-*FRA-f
zbJUb(D6d+eZP#j+K^Km4BzA|2;
z<3wr$HJUKeCwIRrx(^mfghKhh>*2j?-ou}DB&%p^*%s32Qsf-Gw6>;=3~U(vLc4hI
z;;;N?nc*!XM*GJ1{P1)prX1XBXRdodOQCn@&hgCGQaIZOpvoQS7EtM$&Q*JAU3iL|
z(^jD*^weVi?_*%ckXu-<3VsB)Vg(|3qGWs(91Gn1J*oD8pTe$HrYoB%rR4tXlUBOq*AZ=ZubCdz}XKW#r7oC|v@r
zKPt|CJ^5zIQ>#_gLr)qnG=fy047`){iC{b&;VvE%Lt9%dOv9j|rDY^uT(Xe^BoNU#
z%@u7HRQ4%kWyLHx5QvxfAVR3@T(U=7H^!AvtX5)m5_qFtV0V&Zpu~yd0C$kF|7S<^
zMjh}mzcqB#C$GB#NBxM|gqvtX!>t*Re@u=+S#TwYbSQ(mHil)4#Q}ozgf_
zw_&P4$9X31K;L(geV&rkmZbSgbP#?Edu
z&_pis%hO0oROpJ2vOJj?nHXqKE6G(e2xzw#@R7y
z9iW>Hwas;>Y;ZG(2Nj_h@xYhmK=?xD>;mQAv5$UB8lM-{rt^W9whxINPcVdDLPt`N
z;{&r$wQ7H*rd-2_Dg)!Vw(_6$_fum|Vl$Ro|0IO)#|zm=pIX+D(Ge3A6sSnZfbwv_
zxv2Y87Dn&TZ{Xl0cXJRV;uc
zT(%@a+}?l&KmnoL`Ns|{iT59}gZ(;gES`U~bApYpftK1{TXZI%sy%5-dtsa#yhVa$
z3Uw8Kd}H#w#nix~s2hPN^ZERi1EGDgj`yShZTR-tkL;JeZdgZeBe6B<_I(Z~;oQ28
zqw;w?jbZEGy
zR!;w^O0+Z6i7zW_9_;gM@%C1{MjA&MALdIpyb+pzbWiS_Y1Yw&h(mpS*ef5U+=A%I
ze;1h>yNA!F1B5Hpq;0L4QvCJzy3V`94+z`JzF2p^@<=IW1EzM*Hf*+w>T@
zBYLu*(5@wfiV6tqUPGuW1OHhE+0~7Sy!^Vvd_lnCC^S=Uqc4A$={a&0gjs
z5N+VO!JWiJokG+8b>xFNqM5majwwt>`9s=XA;-8eQOEIPyY1s!BDBwSFVWH*J0r6~eASC@~V@WoX-K`J5ifC(f|LE<46xVo)pUV339Ox
z)ZQ~VFN8~CzL!~gHhIrKDPr+cz2L9@UOMY)Lo>OHL>KFQHecdpq-06teXlo7?)&o9
zE=Rj=d^KsAH6{d|Jw1+`T88~Nk_JNS`0O3+)X%S{`sW7y3o68X0lRzO%Dbl9+cqlzd^48IVQDX+gZ$+x
zd{P`Hxvv
znysG6mjBdnG_g^95G{Z|^Nd~mY6Xxm64!LT&%z3Uz6
zV`uiUzGhq-BJuq-yg~xM6AH$dltXgXK242^v#i=g?GLu
z*1c}&Ga4~5Jj2n>t;W7_2NdU{<8D(F{d0F#lWtg?ESj-yVm^@ke&HIK%W2+r)I1tO
zFI}rwmmH!8D*jJro%q7NZp8iR>2{8obs^omp053?%ePhH_uTcMOTVasJ~}NJE+~c*
zifMG4)`;Qj5-eVx@^xtW3zFGSh5hcd_BTMQc#vL*zLw~gjX7-EL#eu&K9DwDR@bb0
zqo3~YJuUqg<%7E*1C4B*D0;G3@yyKO|8e);QB9`Z+bC8n6cI*|5Ku%x1VN=4nn+iQ
z6alHCAiYZH#WH}RfFeb}5CKUj(wlS@1rY&5=v72Ip@$MkI6KbF?|o(qRQF6Z}@)al)H%@sYWF1iKu_k7dd8e~oB
z*QS9Jf)JiQc{w5*WeUI!DIY7dcqJJbcq!ZRL;dUqjsf*lP4&Q!QqoWKfK3
zv7~#J&Vw-@y2Nf>3sKtF9?vGHK-gJ@G)stH(MRak=x;xMg$M^3S
z8tS{RJ_cFHi}D5BCud%2se-jdpg=UidlpKX=|8mK6`DfDBbiqAAO+9Ijhf0QJT`@ZFXHovWJwC1JEV@@9;K3G&Ndpm+Oxo9BQ+cUCT?
zvn)uXFl3mDYGAya#XCfyW$6XhlBwGn{`h&v{3V#^JrTUs)K@+vxAMh?qSNDwKz_V1
zI`?=>6S<|0`_NS@5xBb9sqi{BShkj+`10CBz+dnF^F!Qr7_T=hO*UHuF~)@5v`pC%
ze#Hx^LnGCjPKX8-zk>ImYg8E-#^UtW5z)2lCD~}vK#Z#=oCb>@a&AkjpB1*oR2h%_
z`DuUrcDoT@E-%-cav?v4
zUL0qi|2eVF-Y&P`nf73tWRT~YWx0ja;JR$cTyOit(H;N&>F@KrjBa=sX@5JdTzwPhue!Gp@(P=t4WTMHw1UIF{I=AI7
z6u4m;)(7)fRC|A93sEI{TKw(3GLJZu6TC)5S!E#$EriLma
zSG6@aIVnZEw;_j0-ef^x|NgZM{qK?oefA@RrX***L-K;JIBuEXw#WlF(;i&NZrO}K
zN1d$Mj@g{Sz8%`?gS!*;rm?~2c>nRt=FO7?1G-KcO^*dF?JB7$EFdV>3|nLU9-FvS
zrxD)&?W^uyu&xUq!b|zPmc6tXqhHaw1rJo#??emYGlaYwh??u
zGCb@kn!|L?^8C~gKA60WhW3h!^bm1l;-nbs&NP_eY9rMa{ni-F!2X%A)_6Snkl
zhX>EJP4iOINPaJFHyru*oj+G_tbRoEa%GqESmia&)nB8OEgxPuUFq>?s{-qz-M#p{UPKddj+QJO0ldz!1NMoBMWpYiZSP^}+rL(UDr*
zc}v5$)0vp7G`^q^+M-$z1>4mhprxg|wE8I+w?$10em$I-I@*pBLW{>M)Q-ae^>2Yg
z_K$_lFIkKlC(3N0F1iM6M$xaabegu|ePwxWNJN(?GL*8FKA@AbLAy%>_2*pjJpIFK
zsg>uLPi(y}Br;8l2LHrw*^Z0+tli7r=yR_{;2)p={qyR8@ACL+zox0t*0$<}1%);p
zTJ6>inQ(RbB3o9IC8!;yme8~AxcAmJXES&99D8c@k;x}|l$Ej=+7^|a+8j)a8(drC
zMXE^?Hp&pLDankR6P|h}{&mI}x~jY`=~mMS3csFBX_d#bsJQ)0_9Nj*6P*fcEFy=4
zxs>k~RIO9brD
zQe`XMp413Ye$NO(<$c_~z>ccJkE63Y#oALiz4jOMCyZwZwmi
zGw~Gubjo?UXO|s*LNQ&jY7K9LmX&s*L|I
z0WJrI>^=YS(F_bXW-tBgtT1G7{mV2nTy~w}+FSvsL?WG!X^klf#i
z%d69;5eVc@g!W2iS;lCm3>T8=@1Orx@y5@8TC)FxulzrII)DFa17?iQ-~SH-!z+h>
zg;Wd-*M2>?zrXbVd(Wk(&f%TAG^Q
zy1O|W3;QR&U)*6J^czfJ5|@-zP0+*<-fv^b$c8qPP~8=yjfeKv;wWhb2C1F@IjeW4
zwfUaCf^Nq4!H<+v35pJH&Cb|9eC{UQKXJ5q(yax}s<0{M+*|y}&)*+D`r2>D`IgGSB3~GWd;%dsuP;e+c5WGdj72D2fyqRUZl70{-RJ70cM0jj@
zfLNq%5w5}>nx7KhSDY-b?z(loV-;Ew&BUsJFGWzqS20(!q1lyE{>DJ)nQ+rGxy!PzlU=H{f@RlMx|
z)7n*}_&nwBU6*oQV~k+=(=)!47y+jC^}>RCo$Z3p%Z-bX=2A(`o#|(Vo~d8;_VylF
z^_L?wuo5Dc-o?Z#kf2Qr7gP**=D)w!I-Yh_&|19@6jxFxW3i@W-?1Z8BvMD5H>uZV
zExB59K3B^L$rjZ>SbxppX1;O;R8NkM*`?h3LT(4N7ZntoRXU*
zenO=+c?Lr5Lqo0)y<>y6?jQXo8nm!K=lKp%Z0{pwK5&kY1QGVpjjL9rsYu}~9)O~YQYR-;S4eo(oSE#EmY
zAxK_bm7>HT_~M)BhZH#-86fY<<<1W)udn|+b7ZfhgF`r7mXuZ0&mI5JZf>x;cPsmd
zF5_5D`GCk@4(U6JT*pg$x>28qpbY2QT*pDpjlQWVVgTJ`9$L1ugAAIN+uby%?<9Psf79*afXuA4Gn@?EQSz&OEvEw)+Fl0vJG!8idT+>71%;wb$MCeS>qOz|a>
zN0yrfPG%~ctrtN{Nkh^shnxG`*{c~Z58aw6W>RhaRC
zqRSDzX$ABP+RBQTNrh+Tt%O^3>ek6)_o&HIRCS4lt}a&P*XC*%oC<7h7G8NxD4xUF
zG{xzHJ#8$UL1_(`!Kll$&}&%MxHINonx|bRR@Ib?pNh&`rtT!ff_+6fqpi+igV
z>JcV`Z%L(nPWU)a_A}IyU=NSB4vw>w#apq5eaICxEl#ekc!6Y}4@*@4>e&!-SB`UE
zX>+f-!LVERx!SNx$NCnpMi2^r6Wk-C5PgVO2SMc3{x%idk)xlcXcX
zg7=JQi=7Tn{W#)Yhg$IIm;4&d--BbXtU27{
zWXPsMSmajG6;Dr3TDDpW6NlidXlA+_yqVZe7S}tuNx&2$en0KGPP*d`BoY3&oll-T2z3hGVB96hQV?
zfZP?a`!`e938E}dRNq*z;sMR|Zqj-dnN3tdnk2=^hb0FQ>G1IkbGA
zgf-(G)<}z@Ndn|`!30gz*!fCNG`ni)6BCS5NyDlivSa*urQaZlTz9I9Qgv1MkaL%9
zQ!G24I=S?lsQGf=6!CrLOp(2z@S)fnVs;2tf?a!I)jX~0_lC)!yWX0L2ZWbGOe`nr
z-qoL<>rE3h${T-w&_+~36;+E8Cm=V5U
zlpv(}O#S0Ev#x0i<7j@DnnNnjlB6(io6`&@=}*N#$VS?$z_>k^K#?V##4gUJlRkW`
zTpj5+ohs--^gS7zCf#A=(sG4E#l`$n{WCx2@1F|f1HX)(lR`fJlzME=GrBWl6I#*X#+De`KoVxbzevmtagFpgjf9z(#i;<+LjxVDg?Y+GY
zGMXj)8uUN-$qd?0EJ7GXqWsX>j$yg9rU{
z-B$glWB17|e^ZK^W>3KDb0QE$FNZA5Ycn$&#b1^WLeE<>odz)kgndm^m{Qo^k-@^w
z&JOL4Pc{W4w2s?D7e$kbUE8;T7Yjx61TI50>gAY5YbJ8&(LKvemNY$6c{onawAS$@
z&xvm-SuJG{M9!9v^SA`L_0B=4CN(#<yz=z%`)8aoEX;WKL(jj&~QMf5GEr^MQ#lea`JZ*Xn
zt$+AY>V)r9U4Xm}tb9zCq&KC!b}RpAxArO#~)KPR2L&SeW*V7_gs#YYFM?>q9oR
z;Onjo8Oc)jP%5Yv
z`(aqjyvpYpPw=L@PJ^AjeF_NW5c0RwWD3tqNPNmM;@9|rThgSeX0BAciK_FF)yC^!
zC8=KEtsuf+!h#13efU{S?>9n+KRS@I79hVbtd4)reXDA4)y5ma;#}!a1nHsn!a7*L
zw5+VlGg+(*(&ZOtAG@v}jsZ-fwGS{^!g5b#6qV5=;PLmj&Ocp~)3(;uWkOqNL#(n|
zrg79O4bD-?TL?;R_0r}WSO3XrS?a`m?YV%JU~>vX1g%Lfc_ebeq3RD{<6Zx6`$Cvl
z>-_!wCutjV-ZR`V?8nL{Lnxfjd8h^hp6jw`)%^Vxb9pS@6QzYjB8xpnFPqRC7EE!V
z9eyLfAEtZwJw)(hCG+`9kFv3u#NYE-Wy)LzE-M>_Y1$&zAjXEe_TTAxeI=jzh6a0>
zuMMoSCQt%H8yGxDU@R+tlZK!
z_H03%Q0xP975T$cr$?^&%TuiCd#u`bDZY~PUuzZbPYyHn+VCHZHL|m|{^;({caHgd
za-((eCUvn%^bX=Q-?NAI4?R+|BkY|T9%5v?+vur+Yc)CU81qc%dG9{ohsZ&5*OR#D
zgDM1rL2&3!G9plKo(guMjUyODg5sYVL4t~xU_g6$>G2;V)WC^ah7KS^dY|9A8Vi4t
zMAIZQ6yAtf*1Q}HTs2ohv9PeTfzBF<=V#mbKIYKW`qGb^Fyo+9sU6w`#$h1z?Jd89
zA2CpMdXOU@RSoS&Ow2K@zpU8>23;JR_zrybTFZew1>!e~X?pIpck
zk6f{M`nlq(m$!GH_O{o_MShWf4m>44MlF2ce0PYSt#Z_tST(lDci)1Nl)l`#rFAo{
zXN?sB>xEY9rF|~hLRC&ZCn`+vS(8q&XP|YH)PSoWHDa+@YRC>#+*5IlT2)@&b8hC|
z#k(>j^K`wl=7&=W8HTI*NVKHu;MajI=s>`{%6a&V*|(PFDcWr(r>~x*mpPNk-?=&_
zQjBhM;S^r@J0x5_={Ym>qBH_4H|Ef{)^m%wCr(OEccQ!2Ui0UUi_LBWzi6a9AAQSw
z?B4tDkUVAzUr{n&&&iM@f&^W>*1Yic`@2txwVyiUqrZ6IyykhtZM2WAm(Oi4JG7Ue
zSKtfZy4SE1U}Bqz_TB>#s=sMOo3UPNO%)0aA7ggU;jO7K7EY|`V!a|7&gcDQr({lt
zv<-eAIJVG{3tFSYCxcPch0u;wKOXJj;$B{v{;CezvcB&8;_pEjZiC*GW1S~7^x(d|
z2Ayhb!jN68>u2`dca~M-V}oz(9n-B`cE4;XN}SCYHy1vnwJ_t!ZE?N*)`%uH?8|5&
z$>8Kn4aca%zy}=roHRw&8eKyfUi4iLlTxlWmz`?OflF)ALVg*{Ws+ug&KttZN0nw2J-nw?4d@vb>=+nnF9XW*OhYBzDN
zYmlW%ZMsY&<;sY&^Ix|4%enoy-HS008qKsA(W*=nB~~r#Ee&aIsTP=&nHcKF_Gpo9
z&?KASE8SYWHWFHxYZdK@0#>u{KK~Da()9wy2^<*=)gM|b^FN*(SQHtUR($B*#dq^3
zN5RKKbyS_$AU*LWXIt7^(ID5(OiQbqznwyB_VE(*@#=P1X_l$X+yjH?Mi3Z?OmM>k
zw+gyJB-D_6i~r!+stePr8(OZG5GsgZbg=ST;7FmU2_x$p4OxgroQ=MTWrgP>6BCmO
z==UWVPy_uJ8p_hAwK!BzFph7y*(`5-Sb4w_g~3J1Q`Gx-H|h&IXaE7>N8?LNB_Vj}
zFRSmFWZkLwDmV8`9b(4W**Wx1;Oc-kb03s9eG}uZ4wCk)e6};X(fXR}u2v4Rh$*&J
zEt;R6eos61lsQ9h7xOyPN+;R)%O`S}z_lhOCjQ`o5Zq(>0(u$7r>g;~WwKd>en@k+
z$X;UJxqZ3UG4F^f|F?0hoAg(tVqJI*%jyQTIB>(OPW=Klm{vX_-|aUF^BLlZKfl&5
zo5I2OcV1i%!1UOY?WPNl7lJIp(8WBB~5O%uLrv_hw08Ln;_R+sI44I
z3Xta|K`-M2jCgHK;geu0nclggpKanzzJBaXe>t)EO`cNExima)><_S@uc295C5xJf
zOU?RiqAh(Cb~AbdI#F{2@k-k;pNpzCgcufD51)&vhMe8O-adgmBv=A!$YQIy-9++q
zNtZ=YHJQnFTWQv$49{=>iBb$kL48ceu}GBGtRX`SJc
zx&yJ{`O4u25>K>=6{1jn{U^JUZ5Uug-=MysIP9%!Emd;By#W~-=+wVfnd#ND9paSjExH?
zo@)^4Q-iY6gYdZNS5JWeq-3r-IqbRLT&qxWH#N_+ti?U?kfdcLDdxMRX4m#S=1HfT
zWiA1yaj6b=9ohFF=A*UogsBdbt;zb-${w
zMs%_2c*2Yw8RmU|gJCOL?)5S>XiCmB{d39J$UO=2fF?uzBkh0&ofFR1Z^|G3W?2M4
zmk9pGO#}ji`}%#@e5gCrqs#{8k$!^!OH+TPJ)C5w=S+Rm)z)@t$BrH1VqzB|kNNqN
zAA>@N)60{TYHaZ@k5z!y#%t;b4-XFJH`^nHNVuKD;F;+-6mcA;cu1kE&}{_5drTZZ
zw$%|S4?d%_=U%m8Mb7hzii)?G)y4IyPPP*~QI76oC(Wv~uL_sG$=1hA6m;E?oHH&T
zjWd<~Bw;F5*v0PE;~aJx?;q>;V^pI||62ziPgGa``%yrMYOH*RKZGcII&Z4F>tz~D
zKrdIx_9bN_nX!`x_v&*(Lm_6Haj-{YUI(pYm=~vFA3fTuk9USd8q+#lAMzjCt?Lz>
zw(y3LTrNxc%sGlMe1(MUOkW5cL!y_j%~K&MENKzgSe=uS%Wt1M&dJ2ZGdm??ejtH&
z+28khj2eduVglFcOgu4Q7Y-6087yy&<3@AFpW#<
zjipd56K3UMuB5QbU{wNr61Br?`(kMR*Ob2r(GgMTlE`sG=Cirw18CYIyE5?Y+X3f+ifff)(=w?rHy*&zun9;%&zc!Qk3tc|
za+z~qef8kD$AwmmPJ2GDwA)=kn!Z#Uva+z~L9)1tVt@Q;0^++nvY}uVAfv9bKl!}z1rK-j@nfTf9-0}IQhJQBzBN#H*jorO>hXs14K0r!lr=DksLaX
zJw;(VeJ=+Np25LKJLR@EmvSSAh{QCc!of!`B3-W?%E?Xh9`qGpOUR3$XB(^sTH)CQfFOZ;jMIWcmJqS>Y)OQVB0i3-8;%*@QXC!e4F2$AX8
z2ZqTOx4w$340(CN>1r|mDEAzn&4mW$CIDxlJWwYvFpy4p8VKp0iBAJF
zN(U~&Q|%4J4IvcY1g8fijwgWHSyS7u$CZd1&JDd$O->*U30k}++Cxgcym9Q%V*+gb
z2{5Dp>=Y|V^iP#sIiYbd$FerLZL+v@2yXXCC)>_@v#`DSDteze!|XPY=)tKxkL)7Z
zDY{|wa_=m6on{VpBi$lCq4}jpS9>&el&0L;sxNlloH=XMSKrFx__?&_bi8I?Xe2eM
zURj=@o$0@^;n!4~KVf0W$n#lT2aJVpQ!EbbJaO=mV9M3cZrm%JbhMW#OP&7%vzj1B
zTPK^!vr27H6BcyS*Rp^cK>xZeI
zBk=0{sm^$vJBkNld}MR^pKHu|O|4&v{@A?3(5fAu)VDb~rc*oQ(DFblEuo)x&R+sr
zovz;yn?NzQ7hh{i^<$xoylo_sZ+mNIZ+_hvJjL4+OSTiw`u)-|5$f`W(4oh;&C?pu
zr)J5cp;~$HT~PGsf|?o`nhn4#M#cLWEV1O7K{Gj{hGL;{ZQmyinX_eCY6ERuke#SM
zY8bgJ&Lt62ZFa_VHqBVrFDuw*!PPr}uPw5*GBP|hV^n_--9E+TY_wW2EaBXKt8i3F
zj8nOZoJyucC4KnJg
zV2&Rs84&tfBJ-Q0?KoW95jafMq#L#*zUg!>pO|B<4XjXm1CQD`F;nHs07_6C93wu
zw~lMMc6Oy^XFsk~p!R*F&rR{>U|NY7xp?#)#_(ZaTI9r3UjR8#9+#dT0&uUDcnHLM
z9`(4P3vS;TfW`hG*0Do0Xs4o>Cbsa-xVCe~W`O*h10@|Y8sfKcucdFTF($2b+SRM$
z*3dqN9y{qLUf0_A*4e2FNVtLa)OD6|E>Rovx#2Kg$)7{U!m5z=&_Ua1pb~L`Qs9#S
zczWH^qTO5VUv?~4O-(JY{O$NC=7yNMYt1??o8;^JW)K}%tr4vp&F@YOfE1xriM&A#
zB692@%La*abwt+QYG5I@^G=l-Lc|WvDrs?5v#T1o9PwRR^4M{nRTv5oNjwI86P(iG
z>aI+}vQL*O-$o%Xko}W@M$r*w^rIq&=~TZ1JKuYS^9t0})t%>2H3Ucy$ZeO+oevaA
zHE#e1f*$Op+J!ROf*e00mv5ES2!`j*9?tpj^|S(Xti~2hDp$ok^BdgX`unqIY|%F5
zxkTQUofiF&{(y}l#39HC8ypEz7dm!kWY6(PIRor9K{52gKH}_OA_ub(NHGO@qGWPc
z$C6z2gbx*&3vev+1}&m=1k7p}5JewZm!x_KwSZ)9#01O7UT*$;
zAqyFVU
z?p$^LOZ10~uh%N`eS%rBE`@*U6N7_Yx9nsXL|ek%S<)8gDyf!4AuTyn>J|d!c>|$=
zLL{2qbgXVzOe5Ml0hE+jBWAo~kQnD{C&}q7EAaz+jFWc|Iu?&SQkET3fOx9gV*Jrp
z@^CBklqXUE?iPwog(k)NFMV?!zkwNs^nFhXGJv7=Em#Ft!I5bG3u8JG!V5lCW2eHZ
z9yW}Wj-LQOV1fty!8iB$%O5%%DxhN^#PI?~-r#vB(If2e?aC3`qMjqQhO5iVSI;H9
zB>NBh?ccdw{KAFFsa3i)8ck6>u=8FjL9pzOQCd*iSI8LD0NXF^VkTED+pxaN_6<)J
zj9~frB>DS1D^t_utvoIyzuP<95jNdFMPJ-y%mQ0;;z2EIaTlwWeD@8NG`jbF6wsJT
z_VMd1Yo?CvcL=me8!q~`7$#USIn;61aNCX2?-jp5aEr#mH_Z)N%JfdCO{$;4-5Qsg
z04WY)5fHTG1a|iKYeKdDSmbO4JYuj4a?Atd?0_u?fdA1@Q7;O6qZCHyV5ZB`-p?wP;`08u^I|$BxqaGJv
z|46>Brpdl+3pw0n(NfmCbYtm&=u2`x??$zG%?3c0CCiSEj%k&%6-|YZXv)DL4|+~2
z*<9VegM8ClQ?j;ba$177=Tjqu7WR-;gx<<;7*BsRfP#2O8-r4*h1ro40P+je4!I_^
zc#TiT1ke0%hdw@`R4~9fF7QJqa@~kMT1UR+LGv+fa`>0bGw$F!^rrc$fd_AOeVn~<
z{jJ+E$cY2tZp}KvI=HdkNN2b%$U1xL6#+1Z*n;cB=P@>^anfjoaML-EQGBsJr~FY=
z-y$E46wR#~V=lA7GB^DE`FeQG%YCx6-vGf=xdu^rXkg~T7%u4Rs0Ur7<2b42S;9R8
zS$S!fw_G;aXVu!JRj0aTs_Jgb1-BkaaE#K8DL*I(H00)2zGoHbYhDON66>YOzU-z5J1*aM3
zOpm=B7>v(;^Pw?0UcYA5&&*;lPeSKIKM0lGnia>{LFVh}baJnPjEpYbJJ>vpN&){fFj!!Wz0Hby3F$<~5{QC}(iN-VIw
z)%UJ>=)7~^X4vDbCvtxoxIccs+XKm|TeJIllZUa9GPD@fOGfo!5TvpgrDeDKn{I6;
zIihU;@fOv;X;AN?9yg5q(jvWM7C5knGxvRSb2F$x-!bp_n+io13w
z%2Dj%g8)3?AEgW+DJ|dsx3~TJ?!PM;C7#e|@f)+8Wn?G@^D-Ae#XPf`=^fTfwac
zXa-ST{fn9UCG={g5On|4y1-!3i(psNE*`xI9WGK}!vc=vE;|d&Y$xcX2n>0G^g2$|
zQX9JLrUCl%bZD-uUlOBjR5DPaE_YZI6iTDspf0Of`>|g?vACp!VD3F&laLI3ZMBnS
zuV0hD8W9=E6(=Ad;9Q3?g)Hyl(Qgwsz8(R*G;|dFi>{7N>l<#FXX!dMZ^>V^O%9onlA
zmzTxa%(aRt=W3ErC=_>8GtM96LLjFrx2P>Izb+Gb&6kkp-+=Uf+oA&>jmHLksSXl0
zukdU!w}fZ-N-<`dn@YZ1#|wK@^8@;qs%q@MNBJAjHK-ie8S?OL@cpBL5IU6UoO~YF
z$My_dQ|zUbt7Lcm%ozJV1EKVXsdoPTKC*)o8DxHreLcynb5Z!Kg3_~BAZF%?Iz8&q
z^OOff0`8UIUVP4g7$6^WZO~r1>b}2I|H79anooiFWmQchsH#0q2k&W$z1|UWr<$cG
zTZ-%Y3Mr<^1|sk7PH*^#t7=(*sNXU_6`l%yUG7toV0h_tk?-jQO@|@ha+mJW?3)D>
zoT3i>(ipfMhIg_mx-qKWcM~+0LW6G@8&ZNhCXQ}nc!&No-hZ(l$XcLxWpWSi3(<5n
zS|yVcRLj3ZegQHfxjNG>m#EWwwga21i#Q7dxj~UvmVM{+p~rW|n4QZOQX1sHBtZ@f
z#8mm9d{VQ6eW4wJ@5}g7WZ(Sawkt@vQJ5$F3R-jb)-)>+K|W}Uu)UF^J1H$LZq0>O
z$um1s$#u_G@KK7P36GV`?mrMis*-!KRAiToG+BoIdS={Z*k@
z`nKlR@GvvtP@w>?$h;nrqyI)4Qz_ik-rjD#Mjw=*W(K2mA@72zT;yiw7c(E|l21UK
z&}ih*M8rB><;*qRTXE|z`P|!klX$IT6)67NqkH;8A(@6S!?6i~FkI>thI$f}6W?j0-M3HkIH3R^MvC;YSX@lMs7f
zg1IseAIhZf_2*u>Q}P73{)2%4G4;xKP#1BTH;5K;rJ(QxAIHvCo|vj0X9G_R68H@G
zMi_+X+;{!5!f&A+zNVNWl*q$)`}4O^$ecDWIwd=8+`;H1mr)-fuW3l$BdYaCy~)-~
zKlP8LurOCwUIxy@5j_lUPWDq2GBAj*5bL0lGiLy*fbIA04&RZ|FMf$ae<>~c@csKy
zdKjC;>f@_!$wI;zx4CAAnk$Sx8)$cg(7E4pI6aPn*_O;R+Fyqp>qAH2|Vd)6oP5Dmj3yC{q+g_@vE)ZI8=z@M`t{d_m92}
zUxM`Rf_W&E0y}a2wr|(0!9^GRUaQsd+kOZ+uPj7hV#fN3q-LQ;YrXw=8Ye~E>kFgy
zxV85gC(ivL_fO64QoIU5rF|{1d8JMhOZW~H#%)DVo}4$*9lpIG_S$_{M55Z3w$H!q;PKaH_z(Vj9E>;2m5mQF#5}>
zmHwVPqgp9xIOZhWOev+J(ZTQRV7ow-Uw;H>NWzax)^wl4G~X^qhjiU48s~ZZNt67l
z!&9p&;A<1Uiqw<8)S>{q`_$~s0y~+IC)WaBwTej
z*r;t_w+~rYjMD&=TVAsvm)?twBK=*!nt7mPbvg2SPQ9Q%ma$(>@FMchCt^{+eBUq_
zY~?qGFOnvO5t?2Aj@zg)mJ;vve*fh7?iOO$r*9e&as1iC%xzkqBri=N@}Gk;>;Vsg
z{;snvBrazX7h6v~DqA%u`>j<++xqYEu5W%A>IQWk&1F5D_dG;jK4Z+R|D#0Sdn4vF
zqNL%1Rcx|TkNZ^n2N?w*L5KUbx|c^^o1N(!6Up9e#2uMyJr(7v(O|Mv+i|v|-W6Xp
zEGa@B?&wOfXfv?P12b(jK8@R!(Px8&;{fbY!5
zAHXPNA9<|9OIcsNjbIc;Qd8&Hp6wtWgk%!zvQ;Hr7CUtdk~Do^1QIEs+4v)*=H=pI
z1}(q`a97*UruUCtg|r-(s0V5&{dB!!soDB=`Syn*RLlE19-Gq?0@m`g1EG%|sHdd@
zykOGV^PxGZ*hVn0o!o;U(YjVb0zwxgP<-cfl5R;zaGCP7zPzBXzjjTucC*kvixb!l
zoBI!)@R85>8<%2EQx-LpA(#FPIUOz-9H#Shx$?E6Bp59v#D7JaT>Jnqb9EK<2xH^}6M@lC2be8C2%Ihn
zQs~!!!u7U9c%qyg4(KBeJ^G44(&cxvL3E>SoSc|gDCYvOBQ*cyNBZ8$^`nZsXm*);??_%x!S$>j^wK?CBtHC+bS&`=)i
zq%_OO8*l>^<-jFy9W?9k!-R$08mL`~Ia6NO9;Y~jE8Jh!N^ofro!nJ|nIbzQo;>*m
zTi{euGl+kV@uh+$OfNTb(Fv7IDX%#u&#@1LcYG?kb{-zlHJgi9!av;%C3S~-RRdI$
zX%G&lCbR!ZWTeBE0?^^7qO$q|LHoq7aS*<~u2P1d*
z_$V+*Kx>%3%BAK7#;{O^@v^B=O4*yiAbd00$e;RpQMnkVztwp|7tE?`F@QIP;+qW4
z#FuQQ_)*DSB4rV(X}zVNZW7w<$AR+Y=ewgOP)fW%m0LM`PPhoEn)S&m86c8n;LaRu
zE@2Pp>+44%rTL!i`2-RpS66S@m1H^px8t)w|1XTq^%HEKak}$iG2NI`_XN
z40Sty*BnL+ARvihpe)T%PBM;nv(DUYV(wq?St<45rt82LwrpO4bA0tYP3)JAsfgI!=d4eT%w`1b~Ii
z&L)G7luRZQK$*#eRZG(aP|&?3iY`RYf79BRpjq!pb(=EKP!4@o2!xo<{zJlI9dv4Q
zl|#S~78u+;zXpFeACxpiQ79BTJOcy?Qtcl2l)KZc|Ea|k-_w_03e8lBs2Ni-kmE4v
zzGrEIV`}19)g+2O6uyquUG^hKb>&9uBdJj}sEGnDkE;-YwUY2=1Ni)P+!!e
ze`Z->oC9tn%=&tJnVPhbRt99d_9)dfjwmoPGqj%i&miz~-ghVu5=H;n@`e~z0LmfV
zsfhIZaC5{o4>pEO2-M`X14RqRzYAsP6RXZ|M@Urx9r5LXfr0kEzG+m>buar?FRwNo
zflqZ_94`_RQ)g#g>Ug7oypiZU_ScI(O^V2)4_<
zu34OIW*y4?u7ZTfUU>)TJj14$kwvddMVPjy71;ErR9!-W&EG-2?LnNf)HF+dDBosFS+GomqF9
z8nca}T6|Sd86+HK+>iJU?0Laeyg{K9t9F3}eWd)M-K`Yd4QcC_eFEzb6l=HSU`Nq|
zkDw!EYI5@F8D-@0d4*d`J~bnLTG>b~Vq$vwy!e5*%O?N^EQaB_y~Xy=SG+1a+S#<%
zZ%9T&MCgJl4D=UtjW@(F(NNoEC+=W82TXtNYGYg`;NXWvEnX}0SvfG}GJ5fc0rbhK
z$_Z_ufsrh+_l9xCR=o{iC5!F7+iL-bCO{+dVtbMHzKb9<&xpG_MblyGKfo(Zw&I?X_LgB<&eqTGvDmL#$TfmWdv24O%%ryHavPrba#5
zdSVSkCYqSjQ@U}!`tRQkpNMeW>krBrw5D0Lp9EV%(<^=radGk2v2~DWgR#YFpO{(!
z>_|p0-o)F$U#kYBPFllU2t>BS7bG9NO<%1IXj5@u(I>il+S+b@sjIH8?jo
zE6sqg{TIkntN`5G9|U6ExH2pxn{yv99BXHIqAF1*D=|b%AUaEdeeOpq>xyH-DCI&)
z&3>p{N_SQ->CJqLB8Lhc>q!+%ta;9_(HE!19vAO6zcM~13cyGo@Sja&pUIS=nz(@P
zV`j_4p5ceHM=~}zRCFJGx_S9rf&stAIV2z}<=TuZRksRW=m~Pf&{MTw3uB*gTW?LE
z=NFCu?gW&p+@U0|R6!`3F`)C5vOGp$ElOGZEgYy&?HKDMnXR0r+jQ>2^T~;rtsWn?
zor=J~_A3O+Ug&t>&<}Z_i?4RNUg@YPu(?opV;Tg-Hl;b&s(<3n6gNe=Ou1XURZ2M^
z)eo50s7C_gHvU{r15Ob*6irb{CJHLXNC(0(A`LRY(reSZECPVpQd;Zrcx4&2S}u>Q
z>LgnH=$Klg_>}%2`_*|=lrAn7aEVf!Ax}FP)c`_UpnF|%GO*M73R4T@lRni?n^08t$KMi
zqBUJh*v$irs3x4-K3;}YMg`=8h%IG<4#8brLJ;3VoxtJ--A$5fz%RNQ&yq+b1Kv5k
zy}g2v^+%qSkgyR_%Nl8jLa4HWV!^cD=gkyr2h5oezcoJf>2zMzP2-@k1Y2RXr`>dt
zF)AuDvTc4of0V=A&>az>TJr4XoB1yX*&w_o4k;WWIv{0>}us6|0mjXwo#1rs`DF64$+ySz7G=E>dX~%wgHEHnr
zl{#AhJ?J_k{p!z60;z(XHdzQM`kdJ7tOwXY_JgjE9DuLPNiuNBJ7#DTI^mFzEwKg5
z`mX=Jy*I4$uOBXYd;}S|{l4EI-k#__AZ2<|KtN01*EpoC^VI#@UqCaYsb7|Vv%t7c
zX5%f$RxV{4e39JBfV|tjH`1{O06b(XY|&>!bKcdhfFFYvV7Xi{JaWCl1ZoprL4H!%
z0(zj5t+JAmXZ#vC`?Ee)ovtId1Mw|~i|%zL3>P%;6q#YAR6fHZ$RW>z)&X$6Ys2(I
z<%2kK#Qp2}sp6aDnU7)FGZ%6V
zgnW7Sp5SINs>UE3%m51u{{@iKq4BZ-M^Y0n$K}OeK?^2@u)?;)Zj81&=@blTI+vkpe
zH|nJ*8%>8oINx`z;kjRW+BNQpk@w9NGrk4(&(-;v(hh++sDLQ>uhLjQP{i2Rg);ZA
zF+Mlx29kdR{nB+Dv%fs(mD(dUtSt{uT{Dd;noP%eLrtiNc}0wW
zi&K?Mto;h71rTJrBzPfKZJjUY*D%4LH%Mhf2)9IJ%qGg1p*~{?yJgn5@>dmXF6vD_
znFbrs9+L0kAgbT&ip8{j*}_zDFrMmDJ=hJ1G97sZ60vhiAa!WqL4Fr&Ebx~XE@XZ>
zLFkC|guBSIDF?pu?lj_8EZokPEA!{^DSAK(00U+&^`Qu(Q`j>jA!9-$-zNq9NVmUK
z>kO1Ox`zJByY+R&f4$|;cQX7h8kJbJ{THG2;!a{x(kYI8N8$z`p_CHdpwd*aEodFA
zVTn@{?ibNxh8R0#ankVRgE8i3<|K}QieW6?0`~Tf5_|+=qf3EV^
zAO2tL6!FIg|G&}A<^Ly__(vZK7pGq>A==`oK?=}lLX~m<-)_(B1HEA3+f~R^>B8(<
zn0zVqC*}9o>%MPOl}}Loqrrnn?cCH9AJ%pDqO?^$komkB!8NKZGRDmqGT<;Aq_0U!54p!1=QEwT?Z!bICY
zI%K%6%eDT=n$uMPI+LfH&IN*K(i27*LNzic=E9v&!(1~B0L$?78t*?yxNF!O*XZEI
z@`P^F9C@LRZm1xYf-?9t48SPt)Co0(RCqaoLY{Wy8or79PzDn}O^R+u+**4X*-C_~
zf)M>0wusgZYKgOfVBzQ;G+=@#4AJ@8iW^1!`B|_K_QTaIlOnY+$!ujakISNy%|B#Dk)Yf7_$4#mM?FMij
zT?OaW0KMq!G$f7#Gw5Y{Jr0_jG>YsY(oKoZP?ukaB(T&{jz49jo(B{7`IIF0XC3Y
z0Zi1-rUc#%07*J;cd2FTgQ{DY(Qyg9
z><0DY$DRLId*}JqWZHInXLQt25eqgDP_dyRiWCV=MPZO8(xe3u5$PhmTfs7bl`5bh
zq4(ZZ1Qdiw385n*0-=|H1cAM7oO#~&`LO?heH?o}j8lvx_nrH?uJb(C`Yi#S^!J(-
z8%0!Lh8%F^2+(czJ#J(Q6)Eo4b_vII2Fk7I8Tee*nR0)DRO!+$?A@#_t)^`wYTk8ZDECndwodM5gOT2E2x-gsm
z7Qa)^hB&?Q@??*N-0K6he}94{v4A0dT1PhZhAD(K2whvi>@Vy{7jP86
z%BZWfcuirO4oTh2tLxF|#~Gk)4g%GB&wI%#QMGisJhD+DiH-@R#JITB>&tGyih(DR
zLWL|0UtsidF)?*&g%Z4_JaGR54qrK<|0x=Z>9)eH9YKwD$LjuQbyl{|`mMu!_j2;m
z+#M?$8XK>;ZC~siY@2sBQ?hqh#xXaBnK0ztWuk}CEPeh1`^qr(RMhZ!b?q`Z#kou$<|3+lhL@YG*)YtMPSb9A0rL@!Ojio
z8!=1hoSvT6mSTPM_xfo(+zYMCZiRG7N@&fc!F#e0dF@zt#C-~qA`9CJF4{eK7u1P)
zFF%jJdY(Q7Y*B
z?%46;S0$7mw(^T&dc<8~Du2GqclT!;!O5|l@SqK>Dp=4Y5KqR;b>
z&(3N3*zCnIJXG2ZA%tiumyN>xAGO$;JoV&tynNp^V<`M5o9k6&thPxz3O{$3?o5qK
zceZuIpg^5GIy=`U=>c{Twc^|Jw^$8=ACh&gy*1gm7=WdS-ndmCZBfV41)Bo<6pOvSAEt_n6K-F6APuq9H
zrSX;;8%qZBtt)dv?JjjIpe?fbp{=~^uJ%|B=AFljq_;0}@8%Dm_c}Hf?tj7eua>_G
z)yz|voxOI!nx1)$sUDiTcfs>vrqovbUkS5v9Ms
z`Gl^eMMKLRmS5a_@!M09gahN5+2sv$`?sQ;I%<`HikUu(@#VAXD++2H=Q-}e
zxM`O8+akxNWq99)`{zK?nA+%Hp*(=KHt?{)u3cZJtPOLoy&5{&bS;m&YY*mea_@KS
zas>)PzXFztBfdhi_97mWg!5guH`p}X)?@oY1S|=AWaH4XYnOlu6N9?!?CcQ#ge_}*
z%%B_0_F|TE8QkXHChzZ5!&-ld;Vb5P&)`RcaJ>X@4&AnBi^;{94X?N1;NI<2Zy=lWUp4MoM7qh9;aOs_hbueA28NKJfmh~lVbL4
z6AcU|D7Mzv(23{sjmQ~pfje_{5}fe2G_YsQ+r
zbw%OP*#GpSeg@y*jUoz#BDdnV|G-!Wdc-Y!yzB!hUySgl0&%*Nxe(sQ%riI19`;mX)M38y$
z?e8ICHaswM1h+^PeKU3ZelPDq^|Adi=h*w)&zlm1;r3_Hq
zo+$oPkazXL<9IB|Y5u26>)ar$l}8NZ!9YOkL08r4YOhG{1m|~Vlef8J3r{!@UpQkl
z+}I8!G3wFeuYY;@9dcxFcT9>|$IL%6X%_bNA!!JX=+o@G%X(n8`r6<2eHD4djv_tl
zyt2t{5>oY9-@z2nw1Nme4x2lVYu`?4>p01JjFc|!VMAO0{_v+`Mife0oa4$S&^T0K
znf&|3LE_rq(8h&DOfy7DFM{Vwp{z&C11C11#;_T3dsTdTh6x3DWzo3#^@@K&AcHy?
zkLulw4ndzcpF(jQ#SjedpJw0i*%@9`5suFW=uI{-`EG>YUWdBq?b6WV<
zWaQdhUE$ekYUFZZCwMwW(I(g)>KoV4cwLz4k}Li
z88!RuYNteSe!^G6y9DwvTfwWWwep3zlR~U&{jUvO_rxkcX3alJ0ZU+X0V~a1p6|vK
z_J=Mm<8T_|Bo*~@-Q!o?Aza6px5Kz?KPcv9luEz+{P6TH;xK^Wvrw?G!{3lK(UomX
zh}#j=x|W-CdA6wjuNcYaXQLS^2XS&^Jl>5<`0p$ljrD6k4PXG2ysIA2lW$+%KREar
zo*;`Z`zKXB<|J!@el>O+OmV{NwNElBXeO9%ZlBDl#*`^-wB
zH%>QP>6bX;+>@p5y{ThTiXqI2+#D25dcz6l<8s6IVp>cfYI3?Z
zT5}Ad0i3rWd}H+W5e`(w;NZ8lCLa@i(MqpC9&)tk#T&nHLIhx!^V~!yG~fickU0F{
zs3^^lgGwwqjDdk}=|0eTC|0yr@mmgEIDsx<%&S*Bsq7?LS13)UV+!>&3WLR+7cap0
z`KHmTO;g)_e(lD@c^KZ+I`5kALlI)irS~`PQ|dB8)GvmS_`bJ%ZfDqH0+icZRvve#
ziZXctn7QcsejT&Ic#Q+PZG^B9<^1B?!8!?pS^64Tz~I2z!+IEQL==CuO-(^PDEkP%
z9B~A1VG%H~h5SuxmP1fsj%ya|DTw6|tbpTUQqH|<)f{=`>5A`1J$}ZTB;p+Ic=;O+
z9Rlp4A|k{v6Ie{W;=Tabn+F6hq~0Kg+o&ffqiIZ^kZkkj7x&G=ohvSPYa8x^S5u${
zOAhf#gpVHW%G>A{5gcZ$fMceq3io^>&za_Am4oGRBb#U|$JpTZM>bgR|l~mIHw_GxNltGZQ
zy1s^+yJP-6v?4>tm*87>m3hbYZx|xoT!*y|Jl8jrNO~7fT|pk^YREl55T^U}Y?1#(
z9hv~keNZFkve33trbgJUsP&j^oy5>;bc?SX+W?ffx;Rm9tfiUG4E7FYSawVy^D}*o
zI$`JX@gUE>TP@fW9!QgVrn`?ZHf+;SXroZ_G&W6Q@|>*4mA}D%?A*q`?+7Z)p_?q`g=X^lhoez{BJLwLu*kaMgi;MkObyFaEhP|
zE6$L(B4Wn5>Td4rx1Fc^GLNh!E;^VxTR=EAX#cw~js$>{Cl5l?%4a&1n8@4%A^`x5_K&Uu?ri(5r6fN!*
z){SXrkBNFD+~*5#E?l%KyKcg|jWY7b>iy2%468#NAr(m~4H!=61d6XQA<=~;3iMwl{dC^i#3S5!`R3meZc
z2pJzw2<=o<>3`Qj$B^%#D_S^_6n@x*{Zd~>
zTt73X?j{QmAtX9&9_dn|v}-y=+aUEOkRDI=D8?2Pv}*o<-yZj0H_6q1AjtAgutLR=R&qL<-KZrV)cd`yKnrJX`Td_H(`YA8Ip
zii2xF=S0U=4XEttCLDLLKo1|gsT&s+)@ZSxg^N_dZ*o7`&(%WAodvdRj}uLr{dyD{
zhwNTIWLt&zzNBSRyO_>J9
zG{u?E&dzen?^Gny!X
z=ILRcuPe&q+eGQfnm4U1pzO1#YkwG;OkPb&sBW+_Yzmn<$E2EVTB
zg#vARXSIkaG=yZ&8565Kd<=0%H60?FAT9n?$#<7slYJUKfoKXTOpuVr)rShdNkRK(2Uc2Ax6x19^2(a
z`CS4|HPJ(E)ryV-8TCJ~m1vg)!cyjB7&Cw6_n`H@!*fFQR|eSZ$tiE(9QHl`cD9?j
zCfjY`#=IN#?S(@WrcwsOAhBZL?Pg5m;a9BubZ=zhA+36omKVJq6!DRwha8<{IC2Q>6x9FG*T|tQP3)lbUEOo`D$Uo_;?7C&G
z#=6lP-PT%no=ab~x{5Ir^vm{~RMUM|@5$?y)emm{D!*Tn3f*)Zo}HLdmhRwk930ul
zoOXbW09?L#X|<8&=1%p<{pM6*C=%Lb2K)`HKkS1taMJbhX|#(1Sy~c}rqo%ny*(UMt&(;q>4)qj
z3myv={_P$~RV2#`X>pW28)*=GMO*KkRJqwk_|K^ymO2e|P4f=z0TIzPwD1&N`dIi-
z6OK2nP?JxUi|NUWKfh@{5wwZSlNw(_BdqaBH4Q1H(mt2Ekt97rN^a!CwsX#KAfjMQ?yFiWJ30^i%7e+g)+u3yVhhlBIC@-85m4ddNu|m$
zZJ$?PQMN7X*wR1XN!HiYYn-HCNig*V+Ej0I*m2*hCeuz)zV7b|R+w~4Ze63>AvQq0
zS#4q7p#mV(Y^3Yo?(e)sHr&5zWK#8{IPrq7du+f-rf$M_H&9k9lQ&IWfTJDb_=8?r
zbc2McP-n@SxuGt{-LK8ZkLl4hkJX(O!M$lA4~}Qx2B0~KLNsT%HX=$hKbF2uu>W0n
zpk_FrHOb>^ZgAU6$2~RY**r>PLC38C)Z@?j-RIQcS-{DW)bQv^8#F6@F+{iSTNYytKvNvPf+|$Dz{8n#<#>jjijvwPgxi
z)?U7=o!ziyKTT+mVpPq)MyvOY+uAEm?j0iXyg8P7w?g(>-ago>^SAP`96EbJX4-&K
z&$FDu*UwvY>iClzYD5{ldWRE-o!S}&3f&DY$VFs{2q=O|S2vkg>=c~+rmX(1Lp8O6
z<}`)FWWcne<%K5Fn_-qsV7cR1O~ICWpXWobjk3aatkjL!C(>s5BSFC{yKuZ^Pt%cj
zx;R;0WK+u07`mf?U~g&FMsl^B=as4yn&NV6hFVVlr7hDmGT)NHi!EU!P^l=do?w0J
z*4RLd75k5MG>DNwVL%xdYsPzP$D`c}ZT**~hT9dP%d0O=Z?-gup^a8npG#ndvr6G1
zTnmeLfNXR#ytG}3-n7*vo#=GAkN|Ty1?-cEM@{I|-4BwP!SqpVRc_&>Vv>^jfj?YE
zil&uZfK;n@Mc0HvMb8N10XGsEP4vb;*(FDB^dBQ1haOk5w;n2dZe0gTOj~UQx6P`3
z2cfrtdR1ro8u2At;`~;H+xGjXZD?w>7`{4p#N9^h@4`(}PTs9?X0V3!PrrlDDPCIJ
z@xmZ>{p&vO8`^5oWnxP@DfNthr66}twJ9fP_d8=g6W%rn<7W13Uu&WZt
zxw??!<~NOrC}%(f5Y+V~=?GN``D`V{C$FDB#Xu5`qNIdT2(uw89(y5u?5=
z^>4K}=2nb@Ma03ViQq~|8pONAub_pPrT
zZZBY~f?VgzuwsOYbcBDn^Vj>^{?-{V-ngECl!}bhD|=>#RyMFX>K<@du*@HAF=?kL
z?&pYiJs?RqeigV2$14v~sLpH^hdPvlb}MAt+38}QwOiqQHMc6f1=E+3;kJPA@oW51
z(uVt=(P+uyedGIeVrILh+FWRL+%ZPW5fJ^=VZKV2uupqH9<+>eByZ9S{;2Ayt(^>~@*;>3}Lm`Q?)$-x*X9`09VgsgK`lJar}wWAfoH!yIdF0({j8p9!0wITWfSxPkg5
zF$qP4x|yZr-xv-vvSlPJ^X#re*07C@y$XVE($f9~&KV(HsUl{h9)*fYaL!RFKnGA@
zd_QdfRDqI9Q(S42WpA1;21sZZ^hoofDZfvRL&{LGh(~7g!)6}C&YLNmmYg-T>-!X*
znCN1Os&UqB76*ae$fdt7+CfH6l4oBJL+KAn$$$bH4kFpq%_&TSC=@OzXTD~0W9&<`
ze0_L5oweQxZDDwleavG>Q5pwm8Y%BDrG>Q0GxJ9nr;
z2uV0-KoaU3Y|bEj|MdjfpYVOdRzLvzhl(2}M&nyTdtsVt7PT)>5ET8y%zvycF$vIY
zJ=V9(Oesh^tUyEi$Ef-eUqi9Xo9=LjQ;w%T6w6xr2CCvd0Cr;#Cjic2B*u4P!$s3%
zI8^U;-)%1_yd8{WT9uuHd9tT*5IKJ;Pk)vhO21yXIHFQ
zWM{-N*HJGE*<+c2sw##Mv5f^4u8%A%z7Kul*SLMQxI|$xUg6LwfT)Nt0Z9*}S?J~`
zl8anx=64Vl;Tr=Fi(j=pL@YwSr}!(41Hqi9+NBSfjP%}qdr`SW6;d1PU->JDv!HlD
zGnaJpYmCfXT;p%2)-B@%`tO&;9tMd|9;I1YgR+Bs@_t*%thhZYrdSSy-d9)fdRZP{
zF{SLr-188+(5)W{ZYBnpnVo8ApdRCXIOjn$%b%Y$(F!+7<$JG!OQoucX7rw_35+r7
zuX3E$uGg1goq+c^V&P{m5knC_)%)${3Z5hOKVANzJ*PtT`wE0aH9Y=tC&BzAdhsF#-j~x)FbIm5=O%s=48pL%>IZ>`cfzmTP>m&2?RsY=pO!Uo}(Yo4k)Ql_f
z$?*Z2GdagvT@p8=YMd^fmLk;YgxMyheiEjGdKe|F_iJN5HYr?3MRzm1*dQv}^=EiE
z4*}fz6`bMS|AT$+_ku#~pv4%r55%C({T|tE^St?XE0_&!(
z3tU*|HEVO-MQeoz{0#01B|J0dWH{HauZ7F)T6M{GR{^-#2|yqWMGgh3n4~9(fC5C^8#NwAe<|YSa+jOb`BYo6E`xj=Bf(Z`wnAp9@
zzi{k0(LO!_6f|2EmHUl!x
z^U4K3_&L1SMkcV`Wv!@j^yP(U`6a#pL^Mzze57J*w$}6y&Tyd(ownAZ%)e##d^yL1t7`xKQ*eIFpS84dks@sP
zgc-~XdfrKR?miQJgdZJdcPd>8Afj^p+CC{Dc%cYT2oWk8?2*YDaWC~dl
zgwb8Q7P+|-KstoroCgm6XQ+mzg9rrYe;34K9}B7plZV*3l>|1@R{UW3!FK64`x
zsI)$qx32`hgSgYt=Rb(;kxrfpQ0s2#l;l}Q8=XIE!kF~jrWMN4JU;iU_z?pbd;(c9J7UOh@>HwzSf%4
zgJZN_fBcQVq{%OsVcSrHVgDk*!xe&x`}Z>4fubkL9!G}3qExI8V^4wv;@TVL#Nf#(
zRC#?`J7(Yq*4zFHnfbIXw-~jO2)AKzlI_=JQgAC0Zn%m}LIup$iqxih$OQYrdCc%l
zFi)FaYF-SDVkBB>AA|*{zMqnf&q$?(9TUUPN-3J+Od=PBScAbwL~kLHC4g`;j>
zLwRIPc2N1&Rf4NzR{da@Q-=a9bOcIv
z*RIl{xA;ovs`qYmSS32=Ahdn0#n?DH|3M@@>ia&KEIcm99P+i~A8{#@6m7qW{oBI`z>Z-vogV8UoZ=
zI58ZW*_WKig0iRKX7lG*L%;;*sm@~Os
z&dbxX5P*_aW0F+N*b_Nc_j4FoIL=Vbs=h1kI)Cf!4krnZ7p`nE^)7B7>8zhg;qo|w
zc+>kO6YDCf<|oaDpLJ-tAb3r$yg;+5JwRa2w#oVX^QW#E5)}2Bv;-$-=b2`H)$y;=
zzW^p0(|uKXA`Y4Y%)5cknX?Fw@y;*eVdjKVR>ZjXI(RwGyk~$d)I7W|SSeq+)BLNU
zm%CU`n3Nyg^+~lMjpD1>UNKwWX*ZhN4oB~U$lMgJqDBG7nU0~X1}n0Oze(U>a&lM}
z%wF5Ytwxxhl#nB%Q#yw>3k+x#NRC9$$43v>SLnSu7kePlx{=;F(ePxRocxq^gv3pa
z`y@W*DqYxlmR#p7I*w*~TA)2lHJW8y1<7>b-@nWdj`>e7U6lxBH!So;uGkS5{h^uq
z^pR=xBU^>tzdKa&oLu)8G(sK3mjaavL&&!hNmKgDV=u9Ziyl&ZavBTjvXeoz>*X=`
zG`M>#Sc&|U?=Wi-qAkSMUcF)2O?XS=qpeWV@RMmd2Zz2EATLd{_=>Up*11RDu$@rs
zv^yP>_8ww(L~L}ZyeK$3rJHTN3=0m&!!k*$3~V-~TxAfVfyx3}nk$~^H3LBPqnXba
zK{bspWjZ`p7q@(dHZ1`?8_1t?tu&6@Px4!3IlU&K(fOkPNLJxS0|eS1_M&PO5u&Dg
zsXsxX0RvaWxALV7yTj!{b4Ix?p-&xmKIS3#`xPh;h*SnDGhThpB&Vc;$L-U&L_zwx
zmCNE+C2(aaalP)HBE^wcr)c7Lq8u=8f4$*M+N=7~{;}jTa-9j5HDBpJmatL4WIj
zAlRW%MTobg8Z8Bi`7D=iggmdbsFGGhT9-SF3H>x}Lyz09{9Z5*ID925@?}puO
zKWy#XG$&rmE4XeYQE2tU=}jTzpx&O^6J_`wDEV$d8{GcKsF4*YAg76KUb!@0W{XHM
zoXJ-KM}dwaHad=^{8&2aMNR9-bb&Mx9A;6k-bZvNhz*f&n#0xt2to_TPOV;}Kxv|x
zv@~WiTcQF@0A9}@JGsTL-&qS3a^Jf3Q1o_}``Uwc6kK;gK+l}}rRoF{Lf)UFr;b@_
z?`4z?2dVT_BzL6MK~ab6w{>nZMkX3$){1j$8`6I^sH>W(SG>TYc5Thvq%lhK7LC>M
zTgc8giT8`6sy(q`FyaHruJ=I)kR{a1POg5sjMai>5HKg{=RMKO$>`}+oEzHfuVcH)
zO(0AH-%4ym_(*AlC5Um9XR#ww3joV2lIV?hhx{B%eqb*K
zz;ZdZnu9@y
zH8w6!@Nl%Z|BN}a89|r?IkBE&H=Z)bp_VhKg=(dZN7NhmRq<4tp{gO+_Er2kXmmiu
zOlbWARB7(nu#?D&8+S*Cq+$stPJ~0v85P&6cjfDrPpVJ$b;q|%B5?c_Zh1WppeI1a
zJ=!q9ayubdVRyhzC0;xNcNnxjOxI6>ns9)S=h}}HASQkvW
z;!UAJ8*<-1O^j#I{c^7_s-XWAcEs7HSRf;s9-i<T!bob^rZ50X$5SQq%#;DG^0w_M0jyzNbt>!Q>M32z=P_;h9d&;stLBo(
zh(0nj@U{fQGxpw+mqx$eJRxg6$oXo#^=#B_Vu@dJ#5B*tv9_-~e4uOEm)@&PD|d;i
zH>Z@=$4(^dW&hgzvRSF(V^+X|X$#(Nmb3-LW+KrRA{8m$o$*dx$-D{o6PhJQxRTtd
zo5&L<_(t&7aDo;~n0}en=tK`0=$a4fV<~RQmG%G!F39TY)@4g>1YhqTSTMh^cK&0;
zzmT@YH-o<&8_pkb-__<`U^LSZc>cK?$RDZGXKI^fb}xp#?*8}p5x?HpCiagDO+j{K
zDCTYdmaLu+?d`(jg3|;#Z^uX&lj
z=D%N$y8Q3-(z!VrJ_&+NLs
zmjo&7)ckj$`wK=1UB|}!hhKxUmsxvqaUcEnJukj|x$-==4|xD&l0!y(LHR?XP)cdWZ=pL)>`&(I|J*91Tgd(#WY;kNtk4oiu|
z0&PQ&=U4!wm<{UCr8oBNIJxPOAKq?_bx_T|=bc)8ujo$KxcF|{
z#K*cJj-1i;YD_kQVNT$vwTqHk`gm3@OP*C(`A-yVWI#Yb{M2KJ%31Iy4biC0KJ;K0I5GLieC^WEGbPyW
z^fJ`cnB7&Ok&R6(AvxpK(MNt+Y9re5McTKTHLFHeBIU3$FEYT*^9ENLo1Mv|M}@qN
z^th0~%rtulMGl`J*5_MeV60vLLQ~&G;uF2uu7PS6b_3|$RA<~fCX0TVQPj|o?U9C=
z1jc_m`>*f+ES1KglVGts4mKGz{{=z|VM#$3Hm?&)4iT8vZ5^mJm}Cnb!YNs9MSlnqbWx(Yv|J%_w3t_ZZ5NMgUWk__WdKuBZKb3!
zz(OM?h+&a1uxkL?bMGEBeNn4f$&v(OxtG+0ODPiYFm!K(Bl8(X6qIb@AM
zEro+pcs5dTiROtm{Q(GJtz9XjK`~UxqBr{wPz(F!yWd7Qim$Hj?8Ov
zpZRo{eGF=Jc$JQN3{Mq@uAIKNBymKTv?QZiX5k9wk1mx1BlAH|^b8}hl5*(IpIclN
z?e1Nh7{b4;+mlm#y6nS(0v3{0q;TS*o}j@>(z9}VA`}`}IlQUB#dI$<-W3Vg7g|Y~
zbNIeGd321Sxs))sK=irn8(bh-%Vq!I(n~_OTlszzHe6zW(28YOyYt>=yvjqsOp4(7
z{suZ$49w;Q5B!0w3JKVF|Gh}_qd%@m!GK`TnlwW~Czuqbgts
zTU$FS%1G-&x)QW`$)s@TU_FcM`=2C~YwQ}Zh=u007H$Xx_5yIkHsJhwmYD{rGTpM(
zh*rIlJwqT&MZ!^XC#${a35mILeJzeeT--lH5H8Iv?VekEQrNbB?9RP~#j7i^_$@s|
zHz_gBVP3Mgf3|n;-Zc?%bat`n_S4^7rEYL}|7ROv<9iT!>U4`CR0M!HMect9eHc&$
zmsn&?fcHD&yZ|deTmi+Spqcz+_Yex;i!Jh^p#bKoVcZW}EmRcNd461Fm((z6K1+}m
zpxY;g(Wp4g=1?!gp)w@6`5`}%RSN0>oG;c&92C1FoT>TX%l!NheJhV!PG1HTC1iK6*n_
zcdc}2?{G6pXziFxj5ZOdsv8a}AwGjhQVb>3(-4Ayb!#OCVVI8u(+!B5tNjUvJ~=W8
zBh9&}&(7xQH@=H*Twe&&gpcpWgr9Gbr|pdYp(_dQK~kF@Ed`&wYM;5d=7Q!zN~4(d
zxS0SmUHb6tw=b>q$5VS$4P|uZ(wG6R`cp)vD&YILloV31lY3SntW#&O&^o;5ClA%N
zDHrNIKPXa-j54^5UL9go`OF`;d;uuGfS5VCF{VVfy#2e`oP!#hzky^NGt!mEyxme$
z&^7M%q>(Q^y<}`}gwkH_s&XYt6t`%}*syG3vMlQej84`;ZRAqg?2@d*=ViLn3bfN%
zDiQ1r7Lo9OaHq9d9CS956d#`)2bo}fdzYfSL#8DCG^$*
z6E1&s-P9|=l=>T*e7TW9TzhW4ec69=@9a9Qg&R;~2J?t!Gz~G?!!!qFb#ua0ajRe1
zKAW!K@!!JBTJgrQ;tFr%1n0&?PKl=6uU1rxBbue96p@tQ-W^V&*?$q)0ays#SFO;_
z-hActvwYdLflfTEwL)5E@4t&UmRPa~K*hAB%V)7kOxIc`R-#GbY(hP0^(M{ywQYSY
zwTf4TO`vf3aZ&4`cS)kzebZFYm1$#%`ycQpPljbS)u^bL1W2tA6&OtIjZ`&e9#>&|
zrq!8Yi}b!j5{FV9`1E?4qn{QZ%IEK9jb7-{$?k@w&f!purRkxADlRq3MTsLEUpNA-
zs~&7Y%D0<7In40T=B&xf{x+J~&AHhH!%flRf*pxV|TrLfC>Uzl^r#&Z2
z#AM*kZn0#gmxQ(bwC?IT$t-l4o^_69@#Ln6WZ
zK*40j*P7j)lM=4KASEbd`zuS*8+GpO!rPW#J=JRto
zLPs+Hf<#6XY`o12PI}Qd@m`^f8q*$A8PvGMJSj^2g+scH>V_qN89+MyDLm&H8&1{U5%*#v3A~{Xjk$qOB*bevP+h~WI&vC0!^PdEI
z7UqYFJ$M-&TC=ZkF1EMJ!TumqpE=gkaP+g4=klP0N2QCyT3l*Qpy`HX&ysJinU#xd
z%}HsN`^zJ0=g7?h68AlWrMJo8S~g9n`~1<%Hj(5ts;Aid^itXf558wx=(l!koiY*I
z;}_l@yFn{zW3Gb5!9tG~-)o3Y&Xa9P7~}P?$Qp9#f9Xk`RbjIcFnb^VFl1PZ?X3BQ
z<{ExhVWr#C>~s6~LpJt|cd+JU7{gnP_RLc+!TxKsjc6#1;{UmVEoE#MR)6>>?Q&gg
zZRl}-TRE$B2es$0rgBM{g_^Py^{8-eF}ABJvl*<81IdYU0-x!jg*E#ak64B2mJUi{
zVXClSi%FV?WVl3xRaRKFzd7iY)mUZywNBY(tmR&XH*MhRMlEOcS{;McZLjlaF1pcq
zfKtk-pBvzCa1*g)XzaCYUVHbHZV@$Liv#O#jRR#vZQtzIYSruYNhGJvYF4f0(h_l}
zHJ%)_Z7>tWwib|M8aZ)4)IQVLq4Vv)nlD$rtrKY*jO9^rDB`4>dv+NtKuhlMQZuZS
z@@L9+mprZgm9+dv+CFhJ5z}GuJhqW
z8g^_>sTGFUJWk{6LplzD%|TS2POIFcuN}!xIYN`ogI+M!iw-q(k1+x-3&lZ0Sy5P7
z)j61VoVG^`lG#eFX}$d%N)C@&bIM%U7+MwfA&&CCydActw;dYY1XdVACY
zT3y9CR^|CAiW%9m?9STd_|7>xt3Mi}aM+Tz#PsX7m2>H-$i8|6RUw=DWpQPvcZxn&
zg)61@C9Jh5y#Cs=qM(C8jnEeCLkE2iV#;SeS#ZA&;O%JGMI=}Xz8L?Y6dkoGrhl@@
z?(1`_nCq7`{qyqXbqp5TI}WBz3l`Q?t8|&BO&bmtJu`SQo~&-}qbfG7F__lOsyBNb
zsQa}oPJd#!x8dios9#tm57!o2!}9|LHN2L`oz=lmiJO-@w{Sj=BPS|Wv)HbF>@R;Y
zA(#e493p?q4fpU_Tmj~KePJ#hYmZK=HL!-iAeAPp%F%3-
znQAijW)fgW48jczrJ*`A34-aE%?K1%VRxJ7UV9WG!36`baqOA)?YBD!=3S*c4fR$u
z?6W&gfODCgV`XDQp9eYjT;OP;PKMmW2uRRCDD|t@yNg9%U>U0KeY#U8K-nY{;gI9b
zmSN?MZwsl3jJN3dX>$i2>mpFQuB~Wb{e#fNS-hne8XACHFVG8fp}&zWB!*=H15gp+
zra}9>==X$}37u7RtK;KSfdu?4*6A(_mnK25NpjDiSD%l2-|h(|3$i5c^_fe}!2frh
zZalE!;7vtj4MD_&)N8#<%I(7j`KM2Rcb9=+0JM{JZ;6gZO#hv
z2ayyYRz^h@B0r$+klCOmSvfj4KQ}AI+dWpnD|RRXlx~_MjM_|QMA7mD>4l$m>Mv*y
z*p_n1bvT5w`5<2jRh<98K*J(_+ZxWOx&!#LKnd)cCHTShdBgw%vUy7?{Q-v5pbh-^
z6#r9eLgG|(<8v^qG_;3d-z2D&E7opLH3&3CoYx}oB+G(c_v1&dQ5axsa}h7WSFj*n~2d8jI{QTuO
zt_6|wmSy5$Ec)1CDc9^HW`LeG__V+l5HPu3xcx;#_w+EX=D{n>RT`0x~(#eoqchBku
z$#oLsHF1FsERv3M=zv?xC!l|U
ztAktqE&u38frMQ4Wxsou$D(4z6rPw|loE=_mIZ=@9C##-iI|WcIa}C?ZDnlC%#KD!
z?|*>TUXI;|s=%td6AiTO{uPZ?gQCY2iVly>Ul`1?MZ%%qY_CXpo
z5?W@^-CIKcEz1{U4iE#u)x={E?iVAibkh{&4-$duM&c1vb)ZA0knv>B>KI^lH|p6S;FB&aNQjY6
ze|P&M+c@^@&}i)Se9!#19k)}b_ZQmz^zr(!Vz{{QwGNzt4)Xv!KO$S|oKMNiI@jIC
zmM{<#+PVJu*|Kq`JMrNT(Jd|)qQ6^Z+a0oLH-}JznEeKz?PK->8iWX^HlJc+M3_gR
zRu3ipjO`_YB7qT&6`%Vp+2p?noU$i(Z+L|TV`!%pR7~6wj$1hcAxX>fc`;aexr3{`
zuzV#`;8J$fdtwsi5tB?L0G5(0Z~rAikQpyr>Abvq7bg8Lje@5GqPO7veZIiA@^|Ls
zNEI9jlQ3Mvu8Yzjbh_tAoZZrM<>|&R<26?i0^KR(3Y$RFvaZ$W=vR
z9(G_LZg$~&k!BLF@11*BAx{(GrT0#3tGj4!UinD1AU}UU0#7*CBc_9mZ3Cugwe!^P
zTq4DZ^OLQlS|{hOvS2b2L$EgT@$vlvWQK5h+`C6)C+-sJ%|ZN8&b5RlF>lpyNi*|x
z4Nl81aa|_9I6=q;9TZn$K2nL{y51(|3iWB;i~>mdS1~Efp1ml4F4))Ag#s7~4LQoyUZC3Ag}NNC%=OK6P@wftdm*A3-ka7MYhhTyBBgo8)}LUb|4qTtw32T#@^E+L3x
z^bg0(0TZx|RJiiiMLkhsvi@9o7qN@uiV<;+197&Mj-Lr`6J8hc4ghQ`E^CQFu2Nz)
z`>X(T)Ycsn84+`T-}`H|KZ(1Bh(v`7GNbW0Rg{rvP!NEA7Fz0`0kOHVXN~XoiJ3M1
zpu!M*7vQ@QqhhYHTXZ3w&DxQ9U5fM~udLCwP(~9t__#rvmQ01vuLp3gao=Df&hHI(
zBm7b4rl)?fnU&Zo7xB}y1s#WwAO!|92A3TKOM;IcXy|FiI1#5J)xBI|(+4OSbo5t(A2xL(LjXouHVxX@|CtB^uMDVK0P)GhI;x?iWeb}=a(ml
zOE_<|WIYYLwU=WRt*7Hj(TZ){+%ys!f!OEd6nbvvvG0L-T9|WU-NPcSX5ZMi5ACMr
zKOd;UV4Pw_1Sm(j#*QV$Go4Nw8b+8claEYr=)o=(pM211sKw+$M~PR7R!7o1YglDM
zNR+rJo~g;npk!Z5p1t|55pj)qtbq#L1|_;bI`YH~f%OkW{}>1b)%Tf+ge^(dTlMcj
zSeW3}-1{)P1=cH&0r2Hu0ny5p4H^u^A#r}$$#dvHW?O+}!o$b0%C_{(X&^!zBv*8h
z5}hT7Np0vvwjK_x4tdAeJQ4(qD$FrRujFEP#YJ=oav3|PsOu)4+$wzSfxIA*ug7>I
z2e&NF5#z_vokX4`46Xq#FHAJ$oXxBq)~djk?NaGxUTj=%5J69>d>MF6qRivSR(lT>
zIGsXOU5x5_4W`=KzagJaL#;4SF~_#dThB{H#epnRktq=#>fF#f0SOqSJYcCDz(RIz
zq!sFwsBxgjwVjBQl+G@oUS}DX_GS(0
zloc4vWPj}mZyF}`Jd=w@mDZBt8u1RzV~WG-yQivc$pdp|1xolBI@+YNO|zyB1_`19
z%)$=sK17nt@e~vnC;qN)b7cJ2@C|+QrD^po>kPPiE@FHzx%U;gPBfay4@-MxTF_->4DOdukC9gaAi7`I@e17ZK=v*Yv+lBGguk~
zf{UX?{qiEAyC<_X$md|tGIItY+nn|zEjb>KJ{SXKoH$^COVKTH1w1kGI%2A
zA!`5eIBjlWU}ZVWkiFPAG*8)#(n>h~FJf%Qf=5B@koGZ=OMsN#ym>SJ9T>98T>}ip
z_2A%&z9;U4A!Q~%n?5da
zi8A{2ERepRt{%tFA8?#IH!|JCgvRcOao38g!vCv3`cI0tAA1!rztgW$7S;QNgMPfr
z6lWML#Mik#(ByuP@y@v_d=|UEgVZ$AE?TcublZXvXW!0qWY%4p5MCO0!>mml;MjIy
z^+gG3;))I^h8JyezPk1K>v1R{Tn54@qKJ@zMyW*0+nkSW|T!DaIHlh?VmE3>@LrdSgc6xSBH#Z3;TpR{8D>5`I
z*vR{M7Gow*kYuxIf@ci8uc1Rw;jg2m^2|;U=`jj571-`eaH;Drjv`>94zfZ^I<96i
zqvzwtj~0=h*Eg*7S%h?7dJu`!4fmR!=eV+NWQ5e%ttf{mJ!p6ZkY)-`zQyfqd`L)~
zVRO$vx^)c(9Yjdl)d->ldv$J9V+8@Yo03L!^)`x?`EExBZ$kbBB6@ynKn#U)D5l-G
z`$7@jmht7_O2qs$SnM5P;c>96f8OUb6W^l3K_rk836%ldcWD+@MRjgCb9
zGNaABKV0MH>T2o#_TdC-`fZ(A^L|16j!e3xea%{*Qf!O-8}45yUp>M~!w!P$9^hig
zQD*U-hxa1olRC#4Gy5I?uA?_H^FD*>a{t~{q{C;zjDaf_U{{a(%7LvVCc$H1qRmo&#TDHwdWA*s{0j}{hXshvtHnAc6U@lUo)fw&
z`svfxU*r+31aA|d-+o@&0tk;EQB#^^+4<#LiP%y)CO$dl)yGU{y=csOFJ54UTI|~K
z#OM1`m~WXER2!G-(ev|G6g*~dEy2O*-@YiWSdcL;3m6`TdguTW8PM=f@Pl0ajb4;*^=*v$-NuJ5=p1te2UvslSDvdg;x>Mxc~eWWDJ3@k?Va_{}8_sUMT3L
zqliHqDg0jKJ->a#?>u7s8GqP+{<^rfCC!+?Uso_O&k&UYz#PM1r8ob@d9@2#MA<5w
zJ{>4%NCC;E9{3jG<`Nn*HA3>R?zfAZQCOB
+### Requirements
+
+| Name | Version |
+|------|---------|
+|  [terraform](#requirement\_terraform) | >= 1.0.0, < 2.0.0 |
+|  [aws](#requirement\_aws) | ~> 4.25 |
+|  [local](#requirement\_local) | ~> 2.4.0 |
+
+### Providers
+
+| Name | Version |
+|------|---------|
+|  [aws](#provider\_aws) | ~> 4.25 |
+
+### Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+|  [app\_lb](#module\_app\_lb) | ../../modules/nlb | n/a |
+|  [gwlb](#module\_gwlb) | ../../modules/gwlb | n/a |
+|  [gwlbe\_endpoint](#module\_gwlbe\_endpoint) | ../../modules/gwlb_endpoint_set | n/a |
+|  [natgw\_set](#module\_natgw\_set) | ../../modules/nat_gateway_set | n/a |
+|  [public\_alb](#module\_public\_alb) | ../../modules/alb | n/a |
+|  [public\_nlb](#module\_public\_nlb) | ../../modules/nlb | n/a |
+|  [subnet\_sets](#module\_subnet\_sets) | ../../modules/subnet_set | n/a |
+|  [transit\_gateway](#module\_transit\_gateway) | ../../modules/transit_gateway | n/a |
+|  [transit\_gateway\_attachment](#module\_transit\_gateway\_attachment) | ../../modules/transit_gateway_attachment | n/a |
+|  [vm\_series\_asg](#module\_vm\_series\_asg) | ../../modules/asg | n/a |
+|  [vpc](#module\_vpc) | ../../modules/vpc | n/a |
+|  [vpc\_routes](#module\_vpc\_routes) | ../../modules/vpc_route | n/a |
+
+### Resources
+
+| Name | Type |
+|------|------|
+| [aws_ec2_transit_gateway_route.from_security_to_panorama](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ec2_transit_gateway_route) | resource |
+| [aws_ec2_transit_gateway_route.from_spokes_to_security](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ec2_transit_gateway_route) | resource |
+| [aws_iam_instance_profile.vm_series_iam_instance_profile](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_instance_profile) | resource |
+| [aws_iam_role.vm_series_ec2_iam_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
+| [aws_iam_role_policy.vm_series_ec2_iam_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy) | resource |
+| [aws_instance.spoke_vms](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance) | resource |
+| [aws_ami.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ami) | data source |
+
+### Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+|  [global\_tags](#input\_global\_tags) | Global tags configured for all provisioned resources | `any` | n/a | yes |
+|  [gwlb\_endpoints](#input\_gwlb\_endpoints) | A map defining GWLB endpoints.

Following properties are available:
- `name`: name of the GWLB endpoint
- `gwlb`: key of GWLB
- `vpc`: key of VPC
- `vpc_subnet`: key of the VPC and subnet connected by '-' character
- `act_as_next_hop`: set to `true` if endpoint is part of an IGW route table e.g. for inbound traffic
- `to_vpc_subnets`: subnets to which traffic from IGW is routed to the GWLB endpoint

Example:
gwlb\_endpoints = {
  security\_gwlb\_eastwest = {
    name            = "eastwest-gwlb-endpoint"
    gwlb            = "security\_gwlb"
    vpc             = "security\_vpc"
    vpc\_subnet      = "security\_vpc-gwlbe\_eastwest"
    act\_as\_next\_hop = false
    to\_vpc\_subnets  = null
  }
}
 | 
map(object({
    name            = string
    gwlb            = string
    vpc             = string
    vpc\_subnet      = string
    act\_as\_next\_hop = bool
    to\_vpc\_subnets  = string
  }))
 | `{}` | no |
+|  [gwlbs](#input\_gwlbs) | A map defining Gateway Load Balancers.

Following properties are available:
- `name`: name of the GWLB
- `vpc_subnet`: key of the VPC and subnet connected by '-' character

Example:
gwlbs = {
  security\_gwlb = {
    name       = "security-gwlb"
    vpc\_subnet = "security\_vpc-gwlb"
  }
}
 | 
map(object({
    name       = string
    vpc\_subnet = string
  }))
 | `{}` | no |
+|  [name\_prefix](#input\_name\_prefix) | Prefix used in names for the resources (VPCs, EC2 instances, autoscaling groups etc.) | `string` | n/a | yes |
+|  [natgws](#input\_natgws) | A map defining NAT Gateways.

Following properties are available:
- `name`: name of NAT Gateway
- `vpc_subnet`: key of the VPC and subnet connected by '-' character

Example:
natgws = {
  security\_nat\_gw = {
    name       = "natgw"
    vpc\_subnet = "security\_vpc-natgw"
  }
}
 | 
map(object({
    name       = string
    vpc\_subnet = string
  }))
 | `{}` | no |
+|  [panorama\_attachment](#input\_panorama\_attachment) | A object defining TGW attachment and CIDR for Panorama.

Following properties are available:
- `transit_gateway_attachment_id`: ID of attachment for Panorama
- `vpc_cidr`: CIDR of the VPC, where Panorama is deployed

Example:
panorama = {
  transit\_gateway\_attachment\_id = "tgw-attach-123456789"
  vpc\_cidr                      = "10.255.0.0/24"
}
 | 
object({
    transit\_gateway\_attachment\_id = string
    vpc\_cidr                      = string
  })
 | `null` | no |
+|  [region](#input\_region) | AWS region used to deploy whole infrastructure | `string` | n/a | yes |
+|  [spoke\_lbs](#input\_spoke\_lbs) | A map defining Network Load Balancers deployed in spoke VPCs.

Following properties are available:
- `vpc_subnet`: key of the VPC and subnet connected by '-' character
- `vms`: keys of spoke VMs

Example:
spoke\_lbs = {
  "app1-nlb" = {
    vpc\_subnet = "app1\_vpc-app1\_lb"
    vms        = ["app1\_vm01", "app1\_vm02"]
  }
}
 | 
map(object({
    vpc\_subnet = string
    vms        = list(string)
  }))
 | `{}` | no |
+|  [spoke\_vms](#input\_spoke\_vms) | A map defining VMs in spoke VPCs.

Following properties are available:
- `az`: name of the Availability Zone
- `vpc`: name of the VPC (needs to be one of the keys in map `vpcs`)
- `vpc_subnet`: key of the VPC and subnet connected by '-' character
- `security_group`: security group assigned to ENI used by VM
- `type`: EC2 type VM

Example:
spoke\_vms = {
  "app1\_vm01" = {
    az             = "eu-central-1a"
    vpc            = "app1\_vpc"
    vpc\_subnet     = "app1\_vpc-app1\_vm"
    security\_group = "app1\_vm"
    type           = "t2.micro"
  }
}
 | 
map(object({
    az             = string
    vpc            = string
    vpc\_subnet     = string
    security\_group = string
    type           = string
  }))
 | `{}` | no |
+|  [ssh\_key\_name](#input\_ssh\_key\_name) | Name of the SSH key pair existing in AWS key pairs and used to authenticate to VM-Series or test boxes | `string` | n/a | yes |
+|  [tgw](#input\_tgw) | A object defining Transit Gateway.

Following properties are available:
- `create`: set to false, if existing TGW needs to be reused
- `id`:  id of existing TGW or null
- `name`: name of TGW to create or use
- `asn`: ASN number
- `route_tables`: map of route tables
- `attachments`: map of TGW attachments

Example:
tgw = {
  create = true
  id     = null
  name   = "tgw"
  asn    = "64512"
  route\_tables = {
    "from\_security\_vpc" = {
      create = true
      name   = "from\_security"
    }
  }
  attachments = {
    security = {
      name                = "vmseries"
      vpc\_subnet          = "security\_vpc-tgw\_attach"
      route\_table         = "from\_security\_vpc"
      propagate\_routes\_to = "from\_spoke\_vpc"
    }
  }
}
 | 
object({
    create = bool
    id     = string
    name   = string
    asn    = string
    route\_tables = map(object({
      create = bool
      name   = string
    }))
    attachments = map(object({
      name                = string
      vpc\_subnet          = string
      route\_table         = string
      propagate\_routes\_to = string
    }))
  })
 | `null` | no |
+|  [vmseries\_asgs](#input\_vmseries\_asgs) | A map defining Autoscaling Groups with VM-Series instances.

Following properties are available:
- `bootstrap_options`: VM-Seriess bootstrap options used to connect to Panorama
- `panos_version`: PAN-OS version used for VM-Series
- `ebs_kms_id`: alias for AWS KMS used for EBS encryption in VM-Series
- `vpc`: key of VPC
- `gwlb`: key of GWLB
- `interfaces`: configuration of network interfaces for VM-Series used by Lamdba while provisioning new VM-Series in autoscaling group
- `subinterfaces`: configuration of network subinterfaces used to map with GWLB endpoints
- `asg`: the number of Amazon EC2 instances that should be running in the group (desired, minimum, maximum)
- `scaling_plan`: scaling plan with attributes
  - `enabled`: `true` if automatic dynamic scaling policy should be created
  - `metric_name`: name of the metric used in dynamic scaling policy
  - `target_value`: target value for the metric used in dynamic scaling policy
  - `statistic`: statistic of the metric. Valid values: Average, Maximum, Minimum, SampleCount, Sum
  - `cloudwatch_namespace`: name of CloudWatch namespace, where metrics are available (it should be the same as namespace configured in VM-Series plugin in PAN-OS)
  - `tags`: tags configured for dynamic scaling policy

Example:
vmseries\_asgs = {
  main\_asg = {
    bootstrap\_options = {
      mgmt-interface-swap         = "enable"
      plugin-op-commands          = "panorama-licensing-mode-on,aws-gwlb-inspect:enable,aws-gwlb-overlay-routing:enable" # TODO: update here
      panorama-server             = ""                                                                                   # TODO: update here
      auth-key                    = ""                                                                                   # TODO: update here
      dgname                      = ""                                                                                   # TODO: update here
      tplname                     = ""                                                                                   # TODO: update here
      dhcp-send-hostname          = "yes"                                                                                # TODO: update here
      dhcp-send-client-id         = "yes"                                                                                # TODO: update here
      dhcp-accept-server-hostname = "yes"                                                                                # TODO: update here
      dhcp-accept-server-domain   = "yes"                                                                                # TODO: update here
    }

    panos\_version = "10.2.3"        # TODO: update here
    ebs\_kms\_id    = "alias/aws/ebs" # TODO: update here

    vpc               = "security\_vpc"
    gwlb              = "security\_gwlb"

    interfaces = {
      private = {
        device\_index   = 0
        security\_group = "vmseries\_private"
        subnet = {
          "privatea" = "eu-central-1a",
          "privateb" = "eu-central-1b"
        }
        create\_public\_ip  = false
        source\_dest\_check = false
      }
      mgmt = {
        device\_index   = 1
        security\_group = "vmseries\_mgmt"
        subnet = {
          "mgmta" = "eu-central-1a",
          "mgmtb" = "eu-central-1b"
        }
        create\_public\_ip  = true
        source\_dest\_check = true
      }
      public = {
        device\_index   = 2
        security\_group = "vmseries\_public"
        subnet = {
          "publica" = "eu-central-1a",
          "publicb" = "eu-central-1b"
        }
        create\_public\_ip  = false
        source\_dest\_check = false
      }
    }

    subinterfaces = {
      inbound = {
        app1 = {
          gwlb\_endpoint = "app1\_inbound"
          subinterface  = "ethernet1/1.11"
        }
        app2 = {
          gwlb\_endpoint = "app2\_inbound"
          subinterface  = "ethernet1/1.12"
        }
      }
      outbound = {
        only\_1\_outbound = {
          gwlb\_endpoint = "security\_gwlb\_outbound"
          subinterface  = "ethernet1/1.20"
        }
      }
      eastwest = {
        only\_1\_eastwest = {
          gwlb\_endpoint = "security\_gwlb\_eastwest"
          subinterface  = "ethernet1/1.30"
        }
      }
    }

    asg = {
      desired\_cap = 2
      min\_size    = 2
      max\_size    = 4
    }

    scaling\_plan = {
      enabled              = true               # TODO: update here
      metric\_name          = "panSessionActive" # TODO: update here
      target\_value         = 75                 # TODO: update here
      statistic            = "Average"          # TODO: update here
      cloudwatch\_namespace = "example-vmseries" # TODO: update here
      tags = {
        ManagedBy = "terraform"
      }
    }

    application\_lb = null
    network\_lb     = null      
  }
}
 | 
map(object({
    bootstrap\_options = object({
      mgmt-interface-swap         = string
      plugin-op-commands          = string
      panorama-server             = string
      auth-key                    = string
      dgname                      = string
      tplname                     = string
      dhcp-send-hostname          = string
      dhcp-send-client-id         = string
      dhcp-accept-server-hostname = string
      dhcp-accept-server-domain   = string
    })

    panos\_version = string
    ebs\_kms\_id    = string

    vpc  = string
    gwlb = string

    interfaces = map(object({
      device\_index      = number
      security\_group    = string
      subnet            = map(string)
      create\_public\_ip  = bool
      source\_dest\_check = bool
    }))

    subinterfaces = map(map(object({
      gwlb\_endpoint = string
      subinterface  = string
    })))

    asg = object({
      desired\_cap = number
      min\_size    = number
      max\_size    = number
    })

    scaling\_plan = object({
      enabled              = bool
      metric\_name          = string
      target\_value         = number
      statistic            = string
      cloudwatch\_namespace = string
      tags                 = map(string)
    })

    application\_lb = object({
      name  = string
      rules = any
    })

    network\_lb = object({
      name  = string
      rules = any
    })
  }))
 | `{}` | no |
+|  [vpcs](#input\_vpcs) | A map defining VPCs with security groups and subnets.

Following properties are available:
- `name`: VPC name
- `cidr`: CIDR for VPC
- `security_groups`: map of security groups
- `subnets`: map of subnets with properties:
   - `az`: availability zone
   - `set`: internal identifier referenced by main.tf
- `routes`: map of routes with properties:
   - `vpc_subnet` - built from key of VPCs concatenate with `-` and key of subnet in format: `VPCKEY-SUBNETKEY`
   - `next_hop_key` - must match keys use to create TGW attachment, IGW, GWLB endpoint or other resources
   - `next_hop_type` - internet\_gateway, nat\_gateway, transit\_gateway\_attachment or gwlbe\_endpoint

Example:
vpcs = {
  example\_vpc = {
    name = "example-spoke-vpc"
    cidr = "10.104.0.0/16"
    nacls = {
      trusted\_path\_monitoring = {
        name               = "trusted-path-monitoring"
        rules = {
          allow\_inbound = {
            rule\_number = 300
            egress      = false
            protocol    = "-1"
            rule\_action = "allow"
            cidr\_block  = "0.0.0.0/0"
            from\_port   = null
            to\_port     = null
          }
        }
      }
    }
    security\_groups = {
      example\_vm = {
        name = "example\_vm"
        rules = {
          all\_outbound = {
            description = "Permit All traffic outbound"
            type        = "egress", from\_port = "0", to\_port = "0", protocol = "-1"
            cidr\_blocks = ["0.0.0.0/0"]
          }
        }
      }
    }
    subnets = {
      "10.104.0.0/24"   = { az = "eu-central-1a", set = "vm", nacl = null }
      "10.104.128.0/24" = { az = "eu-central-1b", set = "vm", nacl = null }
    }
    routes = {
      vm\_default = {
        vpc\_subnet    = "app1\_vpc-app1\_vm"
        to\_cidr       = "0.0.0.0/0"
        next\_hop\_key  = "app1"
        next\_hop\_type = "transit\_gateway\_attachment"
      }
    }
  }
}
 | 
map(object({
    name = string
    cidr = string
    nacls = map(object({
      name = string
      rules = map(object({
        rule\_number = number
        egress      = bool
        protocol    = string
        rule\_action = string
        cidr\_block  = string
        from\_port   = string
        to\_port     = string
      }))
    }))
    security\_groups = map(object({
      name = string
      rules = map(object({
        description = string
        type        = string,
        from\_port   = string
        to\_port     = string,
        protocol    = string
        cidr\_blocks = list(string)
      }))
    }))
    subnets = map(object({
      az   = string
      set  = string
      nacl = string
    }))
    routes = map(object({
      vpc\_subnet    = string
      to\_cidr       = string
      next\_hop\_key  = string
      next\_hop\_type = string
    }))
  }))
 | `{}` | no |
+
+### Outputs
+
+| Name | Description |
+|------|-------------|
+|  [app\_inspected\_dns\_name](#output\_app\_inspected\_dns\_name) | FQDN of App Internal Load Balancer.
Can be used in VM-Series configuration to balance traffic between the application instances. |
+|  [public\_alb\_dns\_name](#output\_public\_alb\_dns\_name) | FQDN of VM-Series External Application Load Balancer used in centralized design. |
+|  [public\_nlb\_dns\_name](#output\_public\_nlb\_dns\_name) | FQDN of VM-Series External Network Load Balancer used in centralized design. |
+
\ No newline at end of file
diff --git a/products/terraform/docs/swfw/azure/vmseries/modules/appgw.md b/products/terraform/docs/swfw/azure/vmseries/modules/appgw.md
index 711b733db..4dc434689 100644
--- a/products/terraform/docs/swfw/azure/vmseries/modules/appgw.md
+++ b/products/terraform/docs/swfw/azure/vmseries/modules/appgw.md
@@ -232,7 +232,7 @@ An example invocation (assuming usage of other Palo Alto's Azure modules) with a
 
 ```hcl
 module "Application Gateway" {
-  source = "../modules/Application Gateway"
+  source = "PaloAltoNetworks/vmseries-modules/azurerm//modules/appgw"
 
   name                = "Application Gateway"
   resource_group_name = azurerm_resource_group.this.name
@@ -516,9 +516,9 @@ No modules.
 |  [vmseries\_ips](#input\_vmseries\_ips) | IP addresses of VMSeries' interfaces that will serve as backends for the Application Gateway. | `list(string)` | `[]` | no |
 |  [rules](#input\_rules) | A map of rules for the Application Gateway. A rule combines listener, http settings and health check configuration. 
A key is an application name that is used to prefix all components inside Application Gateway that are created for this application. 

Details on configuration can be found [here](#rules-property-explained). | `any` | n/a | yes |
 |  [ssl\_policy\_type](#input\_ssl\_policy\_type) | Type of an SSL policy. Possible values are `Predefined` or `Custom`.
If the value is `Custom` the following values are mandatory: `ssl_policy_cipher_suites` and `ssl_policy_min_protocol_version`. | `string` | `"Predefined"` | no |
-|  [ssl\_policy\_name](#input\_ssl\_policy\_name) | Name of an SSL policy. Supported only for `ssl_policy_type` set to `Predefined`. Normally you can set it also for `Custom` policies but the name is discarded on Azure side causing an update to Application Gateway each time terraform code is run. Therefore this property is omitted in the code for `Custom` policies. 

For the `Predefined` polcies, check the [Microsoft documentation](https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-ssl-policy-overview) for possible values as they tend to change over time. The default value is currently (Q1 2022) a Microsoft's default. | `string` | `"AppGwSslPolicy20150501"` | no |
-|  [ssl\_policy\_min\_protocol\_version](#input\_ssl\_policy\_min\_protocol\_version) | Minimum version of the TLS protocol for SSL Policy. Required only for `ssl_policy_type` set to `Custom`. 

Possible values are: `TLSv1_0`, `TLSv1_1`, `TLSv1_2` or `null` (only to be used with a `Predefined` policy). | `string` | `null` | no |
-|  [ssl\_policy\_cipher\_suites](#input\_ssl\_policy\_cipher\_suites) | A list of accepted cipher suites. Required only for `ssl_policy_type` set to `Custom`. 
For possible values see [documentation](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/application_gateway#cipher_suites). | `list(string)` | `null` | no |
+|  [ssl\_policy\_name](#input\_ssl\_policy\_name) | Name of an SSL policy. Supported only for `ssl_policy_type` set to `Predefined`. Normally you can set it also for `Custom` policies but the name is discarded on Azure side causing an update to Application Gateway each time terraform code is run. Therefore this property is omitted in the code for `Custom` policies. 

For the `Predefined` polcies, check the [Microsoft documentation](https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-ssl-policy-overview) for possible values as they tend to change over time. The default value is currently (Q1 2022) a Microsoft's default. | `string` | `"AppGwSslPolicy20220101S"` | no |
+|  [ssl\_policy\_min\_protocol\_version](#input\_ssl\_policy\_min\_protocol\_version) | Minimum version of the TLS protocol for SSL Policy. Required only for `ssl_policy_type` set to `Custom`. 

Possible values are: `TLSv1_0`, `TLSv1_1`, `TLSv1_2` or `null` (only to be used with a `Predefined` policy). | `string` | `"TLSv1_2"` | no |
+|  [ssl\_policy\_cipher\_suites](#input\_ssl\_policy\_cipher\_suites) | A list of accepted cipher suites. Required only for `ssl_policy_type` set to `Custom`. 
For possible values see [documentation](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/application_gateway#cipher_suites). | `list(string)` | 
[
  "TLS\_ECDHE\_ECDSA\_WITH\_AES\_128\_GCM\_SHA256",
  "TLS\_ECDHE\_ECDSA\_WITH\_AES\_256\_GCM\_SHA384",
  "TLS\_ECDHE\_RSA\_WITH\_AES\_128\_GCM\_SHA256",
  "TLS\_ECDHE\_RSA\_WITH\_AES\_256\_GCM\_SHA384"
]
 | no |
 |  [ssl\_profiles](#input\_ssl\_profiles) | A map of SSL profiles that can be later on referenced in HTTPS listeners by providing a name of the profile in the `ssl_profile_name` property. 

The structure of the map is as follows:
{
  profile\_name = {
    ssl\_policy\_type                 = string
    ssl\_policy\_min\_protocol\_version = string
    ssl\_policy\_cipher\_suites        = list
  }
}
For possible values check the: `ssl_policy_type`, `ssl_policy_min_protocol_version` and `ssl_policy_cipher_suites` variables as SSL profile is a named SSL policy - same properties apply. The only difference is that you cannot name an SSL policy inside an SSL profile. | `map(any)` | `{}` | no |
 |  [tags](#input\_tags) | Azure tags to apply to the created resources. | `map(string)` | `{}` | no |
 
diff --git a/products/terraform/docs/swfw/azure/vmseries/modules/application_insights.md b/products/terraform/docs/swfw/azure/vmseries/modules/application_insights.md
index 3ec438f2a..b39af0a61 100644
--- a/products/terraform/docs/swfw/azure/vmseries/modules/application_insights.md
+++ b/products/terraform/docs/swfw/azure/vmseries/modules/application_insights.md
@@ -46,7 +46,7 @@ The following snippet deploys Application Insights in Workspace mode, setting th
 
 ```hcl
 module "ai" {
-  source = "../../modules/application_insights"
+  source = "PaloAltoNetworks/vmseries-modules/azurerm//modules/application_insights"
 
   name                      = "vmseries-ai
   metrics_retention_in_days = 365
diff --git a/products/terraform/docs/swfw/azure/vmseries/modules/bootstrap.md b/products/terraform/docs/swfw/azure/vmseries/modules/bootstrap.md
index cd3c85fdb..5a8f673f5 100644
--- a/products/terraform/docs/swfw/azure/vmseries/modules/bootstrap.md
+++ b/products/terraform/docs/swfw/azure/vmseries/modules/bootstrap.md
@@ -29,7 +29,7 @@ Simple example usage is shown below. For more *real life* code please check [exa
 
 ```hcl
 module "bootstrap" {
-  source = "../modules/bootstrap"
+  source = "PaloAltoNetworks/vmseries-modules/azurerm//modules/bootstrap"
 
   storage_account_name = "accountname"
   resource_group_name  = "rg-name"
@@ -107,6 +107,11 @@ No modules.
 |  [storage\_share\_quota](#input\_storage\_share\_quota) | Maximum size of a File Share. | `number` | `50` | no |
 |  [storage\_share\_access\_tier](#input\_storage\_share\_access\_tier) | Access tier for the File Share. | `string` | `"Cool"` | no |
 |  [tags](#input\_tags) | A map of tags to be associated with the resources created. | `map(string)` | `{}` | no |
+|  [retention\_policy\_days](#input\_retention\_policy\_days) | Log retention policy in days | `number` | `7` | no |
+|  [blob\_delete\_retention\_policy\_days](#input\_blob\_delete\_retention\_policy\_days) | Specifies the number of days that the blob should be retained | `number` | `7` | no |
+|  [storage\_allow\_inbound\_public\_ips](#input\_storage\_allow\_inbound\_public\_ips) | List of IP CIDR ranges (like `["23.23.23.23"]`) that are allowed to access the Storage Account.
Only public IPs are allowed - RFC1918 address space is not permitted. | `list(string)` | `[]` | no |
+|  [storage\_allow\_vnet\_subnet\_ids](#input\_storage\_allow\_vnet\_subnet\_ids) | List of the allowed VNet subnet ids.
Note that this option requires network service endpoint enabled for Microsoft Storage for the specified subnets.
If you are using [vnet module](../vnet/README.md) - set `storage_private_access` to true for the specific subnet.
Example:
[
  module.vnet.subnet\_ids["subnet-mgmt"],
  module.vnet.subnet\_ids["subnet-pub"],
  module.vnet.subnet\_ids["subnet-priv"]
]
 | `list(string)` | `[]` | no |
+|  [storage\_acl](#input\_storage\_acl) | If `true`, storage account network rules will be activated with `Deny` as the default action. In such case, at least one of `storage_allow_inbound_public_ips` or `storage_allow_vnet_subnet_ids` must be a non-empty list. | `bool` | `true` | no |
 
 ### Outputs
 
diff --git a/products/terraform/docs/swfw/azure/vmseries/modules/natgw.md b/products/terraform/docs/swfw/azure/vmseries/modules/natgw.md
index a2c953d35..829648ede 100644
--- a/products/terraform/docs/swfw/azure/vmseries/modules/natgw.md
+++ b/products/terraform/docs/swfw/azure/vmseries/modules/natgw.md
@@ -30,7 +30,7 @@ To deploy this resource in it's minimum configuration following code snippet can
 
 ```terraform
 module "natgw" {
-  source = "../modules/natgw"
+  source = "PaloAltoNetworks/vmseries-modules/azurerm//modules/natgw"
 
   name                = "NATGW_name"
   resource_group_name = "resource_group_name"
diff --git a/products/terraform/docs/swfw/azure/vmseries/modules/panorama.md b/products/terraform/docs/swfw/azure/vmseries/modules/panorama.md
index a4c9f0dc8..35b5af952 100644
--- a/products/terraform/docs/swfw/azure/vmseries/modules/panorama.md
+++ b/products/terraform/docs/swfw/azure/vmseries/modules/panorama.md
@@ -25,7 +25,6 @@ A terraform module for deploying a working Panorama instance in Azure.
 ```hcl
 module "panorama" {
   source  = "PaloAltoNetworks/vmseries-modules/azurerm//modules/panorama"
-  version = "0.1.0"
 
   panorama_name       = var.panorama_name
   resource_group_name = azurerm_resource_group.this.name
diff --git a/products/terraform/docs/swfw/azure/vmseries/modules/vmss.md b/products/terraform/docs/swfw/azure/vmseries/modules/vmss.md
index 0e05acb60..51598fb63 100644
--- a/products/terraform/docs/swfw/azure/vmseries/modules/vmss.md
+++ b/products/terraform/docs/swfw/azure/vmseries/modules/vmss.md
@@ -39,7 +39,7 @@ provider "azurerm" {
 
 ```hcl
 module "vmss" {
-  source = "github.com/PaloAltoNetworks/terraform-azurerm-vmseries-modules//modules/vmss"
+  source = "PaloAltoNetworks/vmseries-modules/azurerm//modules/vmss"
 
   location                  = "Australia Central"
   name_prefix               = "pan"
@@ -91,7 +91,8 @@ No modules.
 |  [interfaces](#input\_interfaces) | List of the network interface specifications.

NOTICE. The ORDER in which you specify the interfaces DOES MATTER.
Interfaces will be attached to VM in the order you define here, therefore:
* The first should be the management interface, which does not participate in data filtering.
* The remaining ones are the dataplane interfaces.

Options for an interface object:
- `name`                     - (required\|string) Interface name.
- `subnet_id`                - (required\|string) Identifier of an existing subnet to create interface in.
- `create_pip`               - (optional\|bool) If true, create a public IP for the interface
- `lb_backend_pool_ids`      - (optional\|list(string)) A list of identifiers of an existing Load Balancer backend pools to associate interface with.
- `appgw_backend_pool_ids`   - (optional\|list(String)) A list of identifier of the Application Gateway backend pools to associate interface with.
- `pip_domain_name_label`    - (optional\|string) The Prefix which should be used for the Domain Name Label for each Virtual Machine Instance.

Example:
[
  {
    name       = "management"
    subnet\_id  = azurerm\_subnet.my\_mgmt\_subnet.id
    create\_pip = true
  },
  {
    name      = "private"
    subnet\_id = azurerm\_subnet.my\_priv\_subnet.id
  },
  {
    name                = "public"
    subnet\_id           = azurerm\_subnet.my\_pub\_subnet.id
    lb\_backend\_pool\_ids = [azurerm\_lb\_backend\_address\_pool.lb\_backend.id]
  }
]
 | `list(any)` | n/a | yes |
 |  [username](#input\_username) | Initial administrative username to use for VM-Series. | `string` | `"panadmin"` | no |
 |  [password](#input\_password) | Initial administrative password to use for VM-Series. | `string` | n/a | yes |
-|  [disable\_password\_authentication](#input\_disable\_password\_authentication) | If true, disables password-based authentication on VM-Series instances. | `bool` | `false` | no |
+|  [ssh\_keys](#input\_ssh\_keys) | A list of initial administrative SSH public keys that allow key-pair authentication. If not defined the `password` variable must be specified.

This is a list of strings, so each item should be the actual public key value. If you would like to load them from files instead, following method is available:
[
  file("/path/to/public/keys/key\_1.pub"),
  file("/path/to/public/keys/key\_2.pub")
]
 | `list(string)` | `[]` | no |
+|  [disable\_password\_authentication](#input\_disable\_password\_authentication) | If true, disables password-based authentication on VM-Series instances. | `bool` | `true` | no |
 |  [encryption\_at\_host\_enabled](#input\_encryption\_at\_host\_enabled) | See the [provider documentation](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine_scale_set#encryption_at_host_enabled). | `bool` | `null` | no |
 |  [overprovision](#input\_overprovision) | See the [provider documentation](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine_scale_set). | `bool` | `false` | no |
 |  [platform\_fault\_domain\_count](#input\_platform\_fault\_domain\_count) | See the [provider documentation](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine_scale_set). | `number` | `null` | no |
diff --git a/products/terraform/docs/swfw/azure/vmseries/reference-architectures/common_vmseries.md b/products/terraform/docs/swfw/azure/vmseries/reference-architectures/common_vmseries.md
index 1643cd4cf..59806a405 100644
--- a/products/terraform/docs/swfw/azure/vmseries/reference-architectures/common_vmseries.md
+++ b/products/terraform/docs/swfw/azure/vmseries/reference-architectures/common_vmseries.md
@@ -163,6 +163,7 @@ terraform destroy
 | Name | Version |
 |------|---------|
 |  [random](#provider\_random) | n/a |
+|  [http](#provider\_http) | n/a |
 |  [azurerm](#provider\_azurerm) | n/a |
 |  [local](#provider\_local) | n/a |
 
@@ -188,6 +189,7 @@ terraform destroy
 | [local_file.bootstrap_xml](https://registry.terraform.io/providers/hashicorp/local/latest/docs/resources/file) | resource |
 | [random_password.this](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/password) | resource |
 | [azurerm_resource_group.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/resource_group) | data source |
+| [http_http.this](https://registry.terraform.io/providers/hashicorp/http/latest/docs/data-sources/http) | data source |
 
 ### Inputs
 
@@ -199,7 +201,7 @@ terraform destroy
 |  [create\_resource\_group](#input\_create\_resource\_group) | When set to `true` it will cause a Resource Group creation. Name of the newly specified RG is controlled by `resource_group_name`.
When set to `false` the `resource_group_name` parameter is used to specify a name of an existing Resource Group. | `bool` | `true` | no |
 |  [resource\_group\_name](#input\_resource\_group\_name) | Name of the Resource Group. | `string` | n/a | yes |
 |  [enable\_zones](#input\_enable\_zones) | If `true`, enable zone support for resources. | `bool` | `true` | no |
-|  [vnets](#input\_vnets) | A map defining VNETs.

For detailed documentation on each property refer to [module documentation](https://github.com/PaloAltoNetworks/terraform-azurerm-vmseries-modules/blob/v0.5.4/modules/vnet/README.md)

- `name` :  A name of a VNET.
- `create_virtual_network` : (default: `true`) when set to `true` will create a VNET, `false` will source an existing VNET, in both cases the name of the VNET is specified with `name`
- `address_space` : a list of CIDRs for VNET
- `resource_group_name` :  (default: current RG) a name of a Resource Group in which the VNET will reside

- `create_subnets` : (default: `true`) if true, create the Subnets inside the Virtual Network, otherwise use pre-existing subnets
- `subnets` : map of Subnets to create

- `network_security_groups` : map of Network Security Groups to create
- `route_tables` : map of Route Tables to create. | `any` | n/a | yes |
+|  [vnets](#input\_vnets) | A map defining VNETs.

For detailed documentation on each property refer to [module documentation](../../modules/vnet/README.md)

- `name` :  A name of a VNET.
- `create_virtual_network` : (default: `true`) when set to `true` will create a VNET, `false` will source an existing VNET, in both cases the name of the VNET is specified with `name`
- `address_space` : a list of CIDRs for VNET
- `resource_group_name` :  (default: current RG) a name of a Resource Group in which the VNET will reside

- `create_subnets` : (default: `true`) if true, create the Subnets inside the Virtual Network, otherwise use pre-existing subnets
- `subnets` : map of Subnets to create

- `network_security_groups` : map of Network Security Groups to create
- `route_tables` : map of Route Tables to create. | `any` | n/a | yes |
 |  [natgws](#input\_natgws) | A map defining Nat Gateways. 

Please note that a NatGW is a zonal resource, this means it's always placed in a zone (even when you do not specify one explicitly). Please refer to Microsoft documentation for notes on NatGW's zonal resiliency. 

Following properties are supported:

- `name` : a name of the newly created NatGW.
- `create_natgw` : (default: `true`) create or source (when `false`) an existing NatGW. Created or sourced: the NatGW will be assigned to a subnet created by the `vnet` module.
- `resource_group_name : name of a Resource Group hosting the NatGW (newly create or the existing one).
- `zone` : Availability Zone in which the NatGW will be placed, when skipped AzureRM will pick a zone.
- `idle\_timeout` : connection IDLE timeout in minutes, for newly created resources
- `vnet\_key` : a name (key value) of a VNET defined in `var.vnets` that hosts a subnet this NatGW will be assigned to.
- `subnet\_keys` : a list of subnets (key values) the NatGW will be assigned to, defined in `var.vnets` for a VNET described by `vnet\_name`.
- `create\_pip` : (default: `true`) create a Public IP that will be attached to a NatGW
- `existing\_pip\_name` : when `create\_pip` is set to `false`, source and attach and existing Public IP to the NatGW
- `existing\_pip\_resource\_group\_name` : when `create\_pip` is set to `false`, name of the Resource Group hosting the existing Public IP
- `create\_pip\_prefix` : (default: `false`) create a Public IP Prefix that will be attached to the NatGW.
- `pip\_prefix\_length` : length of the newly created Public IP Prefix, can bet between 0 and 31 but this actually supported value depends on the Subscription.
- `existing\_pip\_prefix\_name` : when `create\_pip\_prefix` is set to `false`, source and attach and existing Public IP Prefix to the NatGW
- `existing\_pip\_prefix\_resource\_group\_name` : when `create\_pip\_prefix` is set to `false`, name of the Resource Group hosting the existing Public IP Prefix.

Example:
`
natgws = {
  "natgw" = {
    name         = "public-natgw"
    vnet\_key     = "transit-vnet"
    subnet\_keys  = ["public"]
    zone         = 1
  }
}
 | `any` | `{}` | no |
 |  [load\_balancers](#input\_load\_balancers) | A map containing configuration for all (private and public) Load Balancer that will be created in this deployment.

Following properties are available (for details refer to module's documentation):

- `name`: name of the Load Balancer resource.
- `network_security_group_name`: (public LB) a name of a security group, an ingress rule will be created in that NSG for each listener. **NOTE** this is the FULL NAME of the NSG (including prefixes).
- `network_security_group_rg_name`: (public LB) a name of a resource group for the security group, to be used when the NSG is hosted in a different RG than the one described in `var.resource_group_name`.
- `network_security_allow_source_ips`: (public LB) a list of IP addresses that will used in the ingress rules.
- `avzones`: (both) for regional Load Balancers, a list of supported zones (this has different meaning for public and private LBs - please refer to module's documentation for details).
- `frontend_ips`: (both) a map configuring both a listener and a load balancing rule, key is the name that will be used as an application name inside LB config as well as to create a rule in NSG (for public LBs), value is an object with the following properties:
  - `create_public_ip`: (public LB) defaults to `false`, when set to `true` a Public IP will be created and associated with a listener
  - `public_ip_name`: (public LB) defaults to `null`, when `create_public_ip` is set to `false` this property is used to reference an existing Public IP object in Azure
  - `public_ip_resource_group`: (public LB) defaults to `null`, when using an existing Public IP created in a different Resource Group than the currently used use this property is to provide the name of that RG
  - `private_ip_address`: (private LB) defaults to `null`, specify a static IP address that will be used by a listener
  - `vnet_key`: (private LB) defaults to `null`, when `private_ip_address` is set specifies a vnet's key (as defined in `vnet` variable). This will be the VNET hosting this Load Balancer
  - `subnet_key`: (private LB) defaults to `null`, when `private_ip_address` is set specifies a subnet's key (as defined in `vnet` variable) to which the LB will be attached, in case of VMSeries this should be a internal/trust subnet
  - `rules` - a map configuring the actual rules load balancing rules, a key is a rule name, a value is an object with the following properties:
    - `protocol`: protocol used by the rule, can be one the following: `TCP`, `UDP` or `All` when creating an HA PORTS rule
    - `port`: port used by the rule, for HA PORTS rule set this to `0`

Example of a public Load Balancer:
"public\_lb" = {
  name                              = "https\_app\_lb"
  network\_security\_group\_name       = "untrust\_nsg"
  network\_security\_allow\_source\_ips = ["1.2.3.4"]
  avzones                           = ["1", "2", "3"]
  frontend\_ips = {
    "https\_app\_1" = {
      create\_public\_ip = true
      rules = {
        "balanceHttps" = {
          protocol = "Tcp"
          port     = 443
        }
      }
    }
  }
}
Example of a private Load Balancer with HA PORTS rule:
"private\_lb" = {
  name = "ha\_ports\_internal\_lb
  frontend\_ips = {
    "ha-ports" = {
      vnet\_key           = "trust\_vnet"
      subnet\_key         = "trust\_snet"
      private\_ip\_address = "10.0.0.1"
      rules = {
        HA\_PORTS = {
          port     = 0
          protocol = "All"
        }
      }
    }
  }
}
 | `map` | `{}` | no |
 |  [vmseries\_version](#input\_vmseries\_version) | VM-Series PAN-OS version - list available with `az vm image list -o table --all --publisher paloaltonetworks`. It's also possible to specify the Pan-OS version per firewall, see `var.vmseries` variable. | `string` | n/a | yes |
@@ -208,10 +210,10 @@ terraform destroy
 |  [vmseries\_username](#input\_vmseries\_username) | Initial administrative username to use for all systems. | `string` | `"panadmin"` | no |
 |  [vmseries\_password](#input\_vmseries\_password) | Initial administrative password to use for all systems. Set to null for an auto-generated password. | `string` | `null` | no |
 |  [availability\_set](#input\_availability\_set) | A map defining availability sets. Can be used to provide infrastructure high availability when zones cannot be used.

Following properties are supported:
- `name` - name of the Application Insights.
- `update_domain_count` - specifies the number of update domains that are used, defaults to 5 (Azure defaults).
- `fault_domain_count` - specifies the number of fault domains that are used, defaults to 3 (Azure defaults).

Please keep in mind that Azure defaults are not working for each region (especially the small ones, w/o any Availability Zones). Please verify how many update and fault domain are supported in a region before deploying this resource. | `any` | `{}` | no |
-|  [application\_insights](#input\_application\_insights) | A map defining Azure Application Insights. There are three ways to use this variable:

* when the value is set to `null` (default) no AI is created
* when the value is a map containing `name` key (other keys are optional) a single AI instance will be created under the name that is the value of the `name` key
* when the value is an empty map or a map w/o the `name` key, an AI instance per each VMSeries VM will be created. All instances will share the same configuration. All instances will have names corresponding to their VM name.

Names for all AI instances are prefixed with `var.name_prefix`.

Properties supported (for details on each property see [modules documentation](../modules/application\_insights/README.md)):

- `name` : (optional, string) a name of a single AI instance
- `workspace_mode` : (optional, bool) defaults to `true`, use AI Workspace mode instead of the Classical (deprecated)
- `workspace_name` : (optional, string) defaults to AI name suffixed with `-wrkspc`, name of the Log Analytics Workspace created when AI is deployed in Workspace mode
- `workspace_sku` : (optional, string) defaults to PerGB2018, SKU used by WAL, see module documentation for details
- `metrics_retention_in_days` : (optional, number) defaults to current Azure default value, see module documentation for details

Example of an AIs created per VM, in Workspace mode, with metrics retention set to 1 year:
vmseries = {
  'vm-1' = {
    ....
  }
  'vm-2' = {
    ....
  }
}

application\_insights = {
  metrics\_retention\_in\_days = 365
}
 | `map(string)` | `null` | no |
-|  [bootstrap\_storage](#input\_bootstrap\_storage) | A map defining Azure Storage Accounts used to host file shares for bootstrapping NGFWs. This variable defines only Storage Accounts, file shares are defined per each VM. See `vmseries` variable, `bootstrap_storage` property.

Following properties are supported (except for name, all are optional):

- `name` : name of the Storage Account. Please keep in mind that storage account name has to be globally unique. This name will not be prefixed with the value of `var.name_prefix`.
- `create_storage_account` : (defaults to `true`) create or source (when `false`) an existing Storage Account.
- `resource_group_name` : (defaults to `var.resource_group_name`) name of the Resource Group hosting the Storage Account (existing or newly created). The RG has to exist.

The properties below do not directly change anything in the Storage Account settings. They can be used to control common parts of the `DAY0` configuration (used only when full bootstrap is used). These properties can also be specified per firewall, but when specified here they tak higher precedence:
- `public_snet_key` : required, name of the key in `var.vnets` map defining a public subnet, required to calculate the Azure router IP for the public subnet.
- `private_snet_key` : required, name of the key in `var.vnets` map defining a private subnet, required to calculate the Azure router IP for the private subnet.
- `intranet_cidr` : optional, CIDR of the private networks required to build a general static route to resources protected by this firewall, when skipped the 1st CIDR from `vnet_name` address space will be used.
- `ai_update_interval` : if Application Insights are used this property can override the default metrics update interval (in minutes). | `any` | `{}` | no |
+|  [application\_insights](#input\_application\_insights) | A map defining Azure Application Insights. There are three ways to use this variable:

* when the value is set to `null` (default) no AI is created
* when the value is a map containing `name` key (other keys are optional) a single AI instance will be created under the name that is the value of the `name` key
* when the value is an empty map or a map w/o the `name` key, an AI instance per each VMSeries VM will be created. All instances will share the same configuration. All instances will have names corresponding to their VM name.

Names for all AI instances are prefixed with `var.name_prefix`.

Properties supported (for details on each property see [modules documentation](../../modules/application\_insights/README.md)):

- `name` : (optional, string) a name of a single AI instance
- `workspace_mode` : (optional, bool) defaults to `true`, use AI Workspace mode instead of the Classical (deprecated)
- `workspace_name` : (optional, string) defaults to AI name suffixed with `-wrkspc`, name of the Log Analytics Workspace created when AI is deployed in Workspace mode
- `workspace_sku` : (optional, string) defaults to PerGB2018, SKU used by WAL, see module documentation for details
- `metrics_retention_in_days` : (optional, number) defaults to current Azure default value, see module documentation for details

Example of an AIs created per VM, in Workspace mode, with metrics retention set to 1 year:
vmseries = {
  'vm-1' = {
    ....
  }
  'vm-2' = {
    ....
  }
}

application\_insights = {
  metrics\_retention\_in\_days = 365
}
 | `map(string)` | `null` | no |
+|  [bootstrap\_storage](#input\_bootstrap\_storage) | A map defining Azure Storage Accounts used to host file shares for bootstrapping NGFWs. This variable defines only Storage Accounts, file shares are defined per each VM. See `vmseries` variable, `bootstrap_storage` property.

Following properties are supported (except for name, all are optional):

- `name` : name of the Storage Account. Please keep in mind that storage account name has to be globally unique. This name will not be prefixed with the value of `var.name_prefix`.
- `create_storage_account` : (defaults to `true`) create or source (when `false`) an existing Storage Account.
- `resource_group_name` : (defaults to `var.resource_group_name`) name of the Resource Group hosting the Storage Account (existing or newly created). The RG has to exist.
- `storage_acl` : (defaults to `false`) enables network ACLs on the Storage Account. If this is enabled - `storage_allow_vnet_subnets` and `storage_allow_inbound_public_ips` options become available. The ACL defaults to default `Deny`.
- `storage_allow_vnet_subnets` : (defaults to `[]`) whitelist containing the allowed vnet and associated subnets that are allowed to access the Storage Account. Note that the respective subnets require `enable_storage_service_endpoint` set to `true` to work properly.
- `storage_allow_inbound_public_ips` : (defaults to `[]`) whitelist containing the allowed public IP subnets that can access the Storage Account. Note that the code automatically tries to query [https://ifconfig.me/ip](https://ifconfig.me/ip) to obtain the public IP address of the machine executing the code so that the bootstrap files can be successfully uploaded to the Storage Account.

The properties below do not directly change anything in the Storage Account settings. They can be used to control common parts of the `DAY0` configuration (used only when full bootstrap is used). These properties can also be specified per firewall, but when specified here they tak higher precedence:
- `public_snet_key` : required, name of the key in `var.vnets` map defining a public subnet, required to calculate the Azure router IP for the public subnet.
- `private_snet_key` : required, name of the key in `var.vnets` map defining a private subnet, required to calculate the Azure router IP for the private subnet.
- `intranet_cidr` : optional, CIDR of the private networks required to build a general static route to resources protected by this firewall, when skipped the 1st CIDR from `vnet_name` address space will be used.
- `ai_update_interval` : if Application Insights are used this property can override the default metrics update interval (in minutes). | `any` | `{}` | no |
 |  [vmseries](#input\_vmseries) | Map of virtual machines to create to run VM-Series - inbound firewalls. Following properties are supported:

- `name` : name of the VMSeries virtual machine.
- `vm_size` : size of the VMSeries virtual machine, when specified overrides `var.vmseries_vm_size`.
- `version` : PanOS version, when specified overrides `var.vmseries_version`.
- `vnet_key` : a key of a VNET defined in the `var.vnets` map. This value will be used during network interfaces creation.
- `add_to_appgw_backend` : bool, `false` by default, set this to `true` to add this backend to an Application Gateway.
- `avzone`: the Azure Availability Zone identifier ("1", "2", "3"). Default is "1".
- `availability_set_name` : a name of an Availability Set as declared in `availability_set` property. Specify when HA is required but cannot go for zonal deployment.

- `bootstrap_options` : string, optional bootstrap options to pass to VM-Series instances, semicolon separated values. When defined this precedence over `bootstrap_storage`
- `bootstrap_storage` : a map containing definition of the bootstrap package content. When present triggers a creation of a File Share in an existing Storage Account, following properties supported:
  - `name` : a name of a key in `var.bootstrap_storage` variable defining a Storage Account
  - `static_files` : a map where key is a path to a file, value is the location of the file in the bootstrap package (file share). All files in this map are copied 1:1 to the bootstrap package
  - `template_bootstrap_xml` : path to the `bootstrap.xml` template. When defined it will trigger creation of the `bootstrap.xml` file and the file will be uploaded to the storage account. This is a simple `day 0` configuration file that should set up only basic networking. Specifying this property forces additional properties that are required to properly template the file. They can be defined per each VM or globally for all VMs (in this case place them in the bootstrap storage definition). The properties are listed below.
  - `public_snet_key` : required, name of the key in `var.vnets` map defining a public subnet, required to calculate the Azure router IP for the public subnet.
  - `private_snet_key` : required, name of the key in `var.vnets` map defining a private subnet, required to calculate the Azure router IP for the private subnet.
  - `intranet_cidr` : optional, CIDR of the private networks required to build a general static route to resources protected by this firewall, when skipped the 1st CIDR from `vnet_name` address space will be used.
  - `ai_update_interval` : if Application Insights are used this property can override the default metrics update interval (in minutes).

- `interfaces` : configuration of all NICs assigned to a VM. A list of maps, each map is a NIC definition. Notice that the order DOES matter. NICs are attached to VMs in Azure in the order they are defined in this list, therefore the management interface has to be defined first. Following properties are available:
  - `name`: string that will form the NIC name
  - `subnet_key` : (string) a key of a subnet as defined in `var.vnets`
  - `create_pip` : (boolean) flag to create Public IP for an interface, defaults to `false`
  - `public_ip_name` : (string) when `create_pip` is set to `false` a name of a Public IP resource that should be associated with this Network Interface
  - `public_ip_resource_group` : (string) when associating an existing Public IP resource, name of the Resource Group the IP is placed in, defaults to the `var.resource_group_name`
  - `load_balancer_key` : (string) key of a Load Balancer defined in the `var.loadbalancers`  variable, defaults to `null`
  - `private_ip_address` : (string) a static IP address that should be assigned to an interface, defaults to `null` (in that case DHCP is used)

Example:
{
  "fw01" = {
    name = "firewall01"
    bootstrap\_storage = {
      name                   = "storageaccountname"
      static\_files           = { "files/init-cfg.txt" = "config/init-cfg.txt" }
      template\_bootstrap\_xml = "templates/bootstrap\_common.tmpl"
      public\_snet\_key        = "public"
      private\_snet\_key       = "private"
    }
    avzone   = 1
    vnet\_key = "trust"
    interfaces = [
      {
        name               = "mgmt"
        subnet\_key         = "mgmt"
        create\_pip         = true
        private\_ip\_address = "10.0.0.1"
      },
      {
        name                 = "trust"
        subnet\_key           = "private"
        private\_ip\_address   = "10.0.1.1"
        load\_balancer\_key    = "private\_lb"
      },
      {
        name                 = "untrust"
        subnet\_key           = "public"
        private\_ip\_address   = "10.0.2.1"
        load\_balancer\_key    = "public\_lb"
        public\_ip\_name       = "existing\_public\_ip"
      }
    ]
  }
}
 | `any` | n/a | yes |
-|  [appgws](#input\_appgws) | A map defining all Application Gateways in the current deployment.

For detailed documentation on how to configure this resource, for available properties, especially for the defaults and the `rules` property refer to [module documentation](https://github.com/PaloAltoNetworks/terraform-azurerm-vmseries-modules/blob/main/modules/appgw/README.md).

Following properties are supported:
- `name` : name of the Application Gateway.
- `vnet_key` : a key of a VNET defined in the `var.vnets` map.
- `subnet_key` : a key of a subnet as defined in `var.vnets`. This has to be a subnet dedicated to Application Gateways v2.
- `zones` : for zonal deployment this is a list of all zones in a region - this property is used by both: the Application Gateway and the Public IP created in front of the AppGW.
- `capacity` : (optional) number of Application Gateway instances, not used when autoscalling is enabled (see `capacity_min`)
- `capacity_min` : (optional) when set enables autoscaling and becomes the minimum capacity
- `capacity_max` : (optional) maximum capacity for autoscaling
- `enable_http2` : enable HTTP2 support on the Application Gateway
- `waf_enabled` : (optional) enables WAF Application Gateway, defining WAF rules is not supported, defaults to `false`
- `vmseries_public_nic_name` : name of the public VMSeries interface as defined in `interfaces` property.
- `managed_identities` : (optional) a list of existing User-Assigned Managed Identities, which Application Gateway uses to retrieve certificates from Key Vault
- `ssl_policy_type` : (optional) type of an SSL policy, defaults to `Predefined`
- `ssl_policy_name` : (optional) name of an SSL policy, for `ssl_policy_type` set to `Predefined`
- `ssl_policy_min_protocol_version` : (optional) minimum version of the TLS protocol for SSL Policy, for `ssl_policy_type` set to `Custom`
- `ssl_policy_cipher_suites` : (optional) a list of accepted cipher suites, for `ssl_policy_type` set to `Custom`
- `ssl_profiles` : (optional) a map of SSL profiles that can be later on referenced in HTTPS listeners by providing a name of the profile in the `ssl_profile_name` property | `map` | `{}` | no |
+|  [appgws](#input\_appgws) | A map defining all Application Gateways in the current deployment.

For detailed documentation on how to configure this resource, for available properties, especially for the defaults and the `rules` property refer to [module documentation](../../modules/appgw/README.md).

Following properties are supported:
- `name` : name of the Application Gateway.
- `vnet_key` : a key of a VNET defined in the `var.vnets` map.
- `subnet_key` : a key of a subnet as defined in `var.vnets`. This has to be a subnet dedicated to Application Gateways v2.
- `zones` : for zonal deployment this is a list of all zones in a region - this property is used by both: the Application Gateway and the Public IP created in front of the AppGW.
- `capacity` : (optional) number of Application Gateway instances, not used when autoscalling is enabled (see `capacity_min`)
- `capacity_min` : (optional) when set enables autoscaling and becomes the minimum capacity
- `capacity_max` : (optional) maximum capacity for autoscaling
- `enable_http2` : enable HTTP2 support on the Application Gateway
- `waf_enabled` : (optional) enables WAF Application Gateway, defining WAF rules is not supported, defaults to `false`
- `vmseries_public_nic_name` : name of the public VMSeries interface as defined in `interfaces` property.
- `managed_identities` : (optional) a list of existing User-Assigned Managed Identities, which Application Gateway uses to retrieve certificates from Key Vault
- `ssl_policy_type` : (optional) type of an SSL policy, defaults to `Predefined`
- `ssl_policy_name` : (optional) name of an SSL policy, for `ssl_policy_type` set to `Predefined`
- `ssl_policy_min_protocol_version` : (optional) minimum version of the TLS protocol for SSL Policy, for `ssl_policy_type` set to `Custom`
- `ssl_policy_cipher_suites` : (optional) a list of accepted cipher suites, for `ssl_policy_type` set to `Custom`
- `ssl_profiles` : (optional) a map of SSL profiles that can be later on referenced in HTTPS listeners by providing a name of the profile in the `ssl_profile_name` property | `map` | `{}` | no |
 
 ### Outputs
 
diff --git a/products/terraform/docs/swfw/azure/vmseries/reference-architectures/dedicated_vmseries.md b/products/terraform/docs/swfw/azure/vmseries/reference-architectures/dedicated_vmseries.md
index f4e8f9b42..ba0c7d82e 100644
--- a/products/terraform/docs/swfw/azure/vmseries/reference-architectures/dedicated_vmseries.md
+++ b/products/terraform/docs/swfw/azure/vmseries/reference-architectures/dedicated_vmseries.md
@@ -165,6 +165,7 @@ terraform destroy
 | Name | Version |
 |------|---------|
 |  [random](#provider\_random) | n/a |
+|  [http](#provider\_http) | n/a |
 |  [azurerm](#provider\_azurerm) | n/a |
 |  [local](#provider\_local) | n/a |
 
@@ -190,6 +191,7 @@ terraform destroy
 | [local_file.bootstrap_xml](https://registry.terraform.io/providers/hashicorp/local/latest/docs/resources/file) | resource |
 | [random_password.this](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/password) | resource |
 | [azurerm_resource_group.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/resource_group) | data source |
+| [http_http.this](https://registry.terraform.io/providers/hashicorp/http/latest/docs/data-sources/http) | data source |
 
 ### Inputs
 
@@ -201,7 +203,7 @@ terraform destroy
 |  [create\_resource\_group](#input\_create\_resource\_group) | When set to `true` it will cause a Resource Group creation. Name of the newly specified RG is controlled by `resource_group_name`.
When set to `false` the `resource_group_name` parameter is used to specify a name of an existing Resource Group. | `bool` | `true` | no |
 |  [resource\_group\_name](#input\_resource\_group\_name) | Name of the Resource Group. | `string` | n/a | yes |
 |  [enable\_zones](#input\_enable\_zones) | If `true`, enable zone support for resources. | `bool` | `true` | no |
-|  [vnets](#input\_vnets) | A map defining VNETs.

For detailed documentation on each property refer to [module documentation](https://github.com/PaloAltoNetworks/terraform-azurerm-vmseries-modules/blob/v0.5.4/modules/vnet/README.md)

- `name` :  A name of a VNET.
- `create_virtual_network` : (default: `true`) when set to `true` will create a VNET, `false` will source an existing VNET, in both cases the name of the VNET is specified with `name`
- `address_space` : a list of CIDRs for VNET
- `resource_group_name` :  (default: current RG) a name of a Resource Group in which the VNET will reside

- `create_subnets` : (default: `true`) if true, create the Subnets inside the Virtual Network, otherwise use pre-existing subnets
- `subnets` : map of Subnets to create

- `network_security_groups` : map of Network Security Groups to create
- `route_tables` : map of Route Tables to create. | `any` | n/a | yes |
+|  [vnets](#input\_vnets) | A map defining VNETs.

For detailed documentation on each property refer to [module documentation](../../modules/vnet/README.md)

- `name` :  A name of a VNET.
- `create_virtual_network` : (default: `true`) when set to `true` will create a VNET, `false` will source an existing VNET, in both cases the name of the VNET is specified with `name`
- `address_space` : a list of CIDRs for VNET
- `resource_group_name` :  (default: current RG) a name of a Resource Group in which the VNET will reside

- `create_subnets` : (default: `true`) if true, create the Subnets inside the Virtual Network, otherwise use pre-existing subnets
- `subnets` : map of Subnets to create

- `network_security_groups` : map of Network Security Groups to create
- `route_tables` : map of Route Tables to create. | `any` | n/a | yes |
 |  [natgws](#input\_natgws) | A map defining Nat Gateways. 

Please note that a NatGW is a zonal resource, this means it's always placed in a zone (even when you do not specify one explicitly). Please refer to Microsoft documentation for notes on NatGW's zonal resiliency. 

Following properties are supported:

- `name` : a name of the newly created NatGW.
- `create_natgw` : (default: `true`) create or source (when `false`) an existing NatGW. Created or sourced: the NatGW will be assigned to a subnet created by the `vnet` module.
- `resource_group_name : name of a Resource Group hosting the NatGW (newly create or the existing one).
- `zone` : Availability Zone in which the NatGW will be placed, when skipped AzureRM will pick a zone.
- `idle\_timeout` : connection IDLE timeout in minutes, for newly created resources
- `vnet\_key` : a name (key value) of a VNET defined in `var.vnets` that hosts a subnet this NatGW will be assigned to.
- `subnet\_keys` : a list of subnets (key values) the NatGW will be assigned to, defined in `var.vnets` for a VNET described by `vnet\_name`.
- `create\_pip` : (default: `true`) create a Public IP that will be attached to a NatGW
- `existing\_pip\_name` : when `create\_pip` is set to `false`, source and attach and existing Public IP to the NatGW
- `existing\_pip\_resource\_group\_name` : when `create\_pip` is set to `false`, name of the Resource Group hosting the existing Public IP
- `create\_pip\_prefix` : (default: `false`) create a Public IP Prefix that will be attached to the NatGW.
- `pip\_prefix\_length` : length of the newly created Public IP Prefix, can bet between 0 and 31 but this actually supported value depends on the Subscription.
- `existing\_pip\_prefix\_name` : when `create\_pip\_prefix` is set to `false`, source and attach and existing Public IP Prefix to the NatGW
- `existing\_pip\_prefix\_resource\_group\_name` : when `create\_pip\_prefix` is set to `false`, name of the Resource Group hosting the existing Public IP Prefix.

Example:
`
natgws = {
  "natgw" = {
    name         = "public-natgw"
    vnet\_key     = "transit-vnet"
    subnet\_keys  = ["public"]
    zone         = 1
  }
}
 | `any` | `{}` | no |
 |  [load\_balancers](#input\_load\_balancers) | A map containing configuration for all (private and public) Load Balancer that will be created in this deployment.

Following properties are available (for details refer to module's documentation):

- `name`: name of the Load Balancer resource.
- `network_security_group_name`: (public LB) a name of a security group, an ingress rule will be created in that NSG for each listener. **NOTE** this is the FULL NAME of the NSG (including prefixes).
- `network_security_group_rg_name`: (public LB) a name of a resource group for the security group, to be used when the NSG is hosted in a different RG than the one described in `var.resource_group_name`.
- `network_security_allow_source_ips`: (public LB) a list of IP addresses that will used in the ingress rules.
- `avzones`: (both) for regional Load Balancers, a list of supported zones (this has different meaning for public and private LBs - please refer to module's documentation for details).
- `frontend_ips`: (both) a map configuring both a listener and a load balancing rule, key is the name that will be used as an application name inside LB config as well as to create a rule in NSG (for public LBs), value is an object with the following properties:
  - `create_public_ip`: (public LB) defaults to `false`, when set to `true` a Public IP will be created and associated with a listener
  - `public_ip_name`: (public LB) defaults to `null`, when `create_public_ip` is set to `false` this property is used to reference an existing Public IP object in Azure
  - `public_ip_resource_group`: (public LB) defaults to `null`, when using an existing Public IP created in a different Resource Group than the currently used use this property is to provide the name of that RG
  - `private_ip_address`: (private LB) defaults to `null`, specify a static IP address that will be used by a listener
  - `vnet_key`: (private LB) defaults to `null`, when `private_ip_address` is set specifies a vnet's key (as defined in `vnet` variable). This will be the VNET hosting this Load Balancer
  - `subnet_key`: (private LB) defaults to `null`, when `private_ip_address` is set specifies a subnet's key (as defined in `vnet` variable) to which the LB will be attached, in case of VMSeries this should be a internal/trust subnet
  - `rules` - a map configuring the actual rules load balancing rules, a key is a rule name, a value is an object with the following properties:
    - `protocol`: protocol used by the rule, can be one the following: `TCP`, `UDP` or `All` when creating an HA PORTS rule
    - `port`: port used by the rule, for HA PORTS rule set this to `0`

Example of a public Load Balancer:
"public\_lb" = {
  name                              = "https\_app\_lb"
  network\_security\_group\_name       = "untrust\_nsg"
  network\_security\_allow\_source\_ips = ["1.2.3.4"]
  avzones                           = ["1", "2", "3"]
  frontend\_ips = {
    "https\_app\_1" = {
      create\_public\_ip = true
      rules = {
        "balanceHttps" = {
          protocol = "Tcp"
          port     = 443
        }
      }
    }
  }
}
Example of a private Load Balancer with HA PORTS rule:
"private\_lb" = {
  name = "ha\_ports\_internal\_lb
  frontend\_ips = {
    "ha-ports" = {
      vnet\_key           = "trust\_vnet"
      subnet\_key         = "trust\_snet"
      private\_ip\_address = "10.0.0.1"
      rules = {
        HA\_PORTS = {
          port     = 0
          protocol = "All"
        }
      }
    }
  }
}
 | `map` | `{}` | no |
 |  [vmseries\_version](#input\_vmseries\_version) | VM-Series PAN-OS version - list available with `az vm image list -o table --all --publisher paloaltonetworks`. It's also possible to specify the Pan-OS version per firewall, see `var.vmseries` variable. | `string` | n/a | yes |
@@ -210,10 +212,10 @@ terraform destroy
 |  [vmseries\_username](#input\_vmseries\_username) | Initial administrative username to use for all systems. | `string` | `"panadmin"` | no |
 |  [vmseries\_password](#input\_vmseries\_password) | Initial administrative password to use for all systems. Set to null for an auto-generated password. | `string` | `null` | no |
 |  [availability\_set](#input\_availability\_set) | A map defining availability sets. Can be used to provide infrastructure high availability when zones cannot be used.

Following properties are supported:
- `name` - name of the Application Insights.
- `update_domain_count` - specifies the number of update domains that are used, defaults to 5 (Azure defaults).
- `fault_domain_count` - specifies the number of fault domains that are used, defaults to 3 (Azure defaults).

Please keep in mind that Azure defaults are not working for each region (especially the small ones, w/o any Availability Zones). Please verify how many update and fault domain are supported in a region before deploying this resource. | `any` | `{}` | no |
-|  [application\_insights](#input\_application\_insights) | A map defining Azure Application Insights. There are three ways to use this variable:

* when the value is set to `null` (default) no AI is created
* when the value is a map containing `name` key (other keys are optional) a single AI instance will be created under the name that is the value of the `name` key
* when the value is an empty map or a map w/o the `name` key, an AI instance per each VMSeries VM will be created. All instances will share the same configuration. All instances will have names corresponding to their VM name.

Names for all AI instances are prefixed with `var.name_prefix`.

Properties supported (for details on each property see [modules documentation](../modules/application\_insights/README.md)):

- `name` : (optional, string) a name of a single AI instance
- `workspace_mode` : (optional, bool) defaults to `true`, use AI Workspace mode instead of the Classical (deprecated)
- `workspace_name` : (optional, string) defaults to AI name suffixed with `-wrkspc`, name of the Log Analytics Workspace created when AI is deployed in Workspace mode
- `workspace_sku` : (optional, string) defaults to PerGB2018, SKU used by WAL, see module documentation for details
- `metrics_retention_in_days` : (optional, number) defaults to current Azure default value, see module documentation for details

Example of an AIs created per VM, in Workspace mode, with metrics retention set to 1 year:
vmseries = {
  'vm-1' = {
    ....
  }
  'vm-2' = {
    ....
  }
}

application\_insights = {
  metrics\_retention\_in\_days = 365
}
 | `map(string)` | `null` | no |
-|  [bootstrap\_storage](#input\_bootstrap\_storage) | A map defining Azure Storage Accounts used to host file shares for bootstrapping NGFWs. This variable defines only Storage Accounts, file shares are defined per each VM. See `vmseries` variable, `bootstrap_storage` property.

Following properties are supported (except for name, all are optional):

- `name` : name of the Storage Account. Please keep in mind that storage account name has to be globally unique. This name will not be prefixed with the value of `var.name_prefix`.
- `create_storage_account` : (defaults to `true`) create or source (when `false`) an existing Storage Account.
- `resource_group_name` : (defaults to `var.resource_group_name`) name of the Resource Group hosting the Storage Account (existing or newly created). The RG has to exist.

The properties below do not directly change anything in the Storage Account settings. They can be used to control common parts of the `DAY0` configuration (used only when full bootstrap is used). These properties can also be specified per firewall, but when specified here they tak higher precedence:
- `public_snet_key` : required, name of the key in `var.vnets` map defining a public subnet, required to calculate the Azure router IP for the public subnet.
- `private_snet_key` : required, name of the key in `var.vnets` map defining a private subnet, required to calculate the Azure router IP for the private subnet.
- `intranet_cidr` : optional, CIDR of the private networks required to build a general static route to resources protected by this firewall, when skipped the 1st CIDR from `vnet_name` address space will be used.
- `ai_update_interval` : if Application Insights are used this property can override the default metrics update interval (in minutes). | `any` | `{}` | no |
+|  [application\_insights](#input\_application\_insights) | A map defining Azure Application Insights. There are three ways to use this variable:

* when the value is set to `null` (default) no AI is created
* when the value is a map containing `name` key (other keys are optional) a single AI instance will be created under the name that is the value of the `name` key
* when the value is an empty map or a map w/o the `name` key, an AI instance per each VMSeries VM will be created. All instances will share the same configuration. All instances will have names corresponding to their VM name.

Names for all AI instances are prefixed with `var.name_prefix`.

Properties supported (for details on each property see [modules documentation](../../modules/application\_insights/README.md)):

- `name` : (optional, string) a name of a single AI instance
- `workspace_mode` : (optional, bool) defaults to `true`, use AI Workspace mode instead of the Classical (deprecated)
- `workspace_name` : (optional, string) defaults to AI name suffixed with `-wrkspc`, name of the Log Analytics Workspace created when AI is deployed in Workspace mode
- `workspace_sku` : (optional, string) defaults to PerGB2018, SKU used by WAL, see module documentation for details
- `metrics_retention_in_days` : (optional, number) defaults to current Azure default value, see module documentation for details

Example of an AIs created per VM, in Workspace mode, with metrics retention set to 1 year:
vmseries = {
  'vm-1' = {
    ....
  }
  'vm-2' = {
    ....
  }
}

application\_insights = {
  metrics\_retention\_in\_days = 365
}
 | `map(string)` | `null` | no |
+|  [bootstrap\_storage](#input\_bootstrap\_storage) | A map defining Azure Storage Accounts used to host file shares for bootstrapping NGFWs. This variable defines only Storage Accounts, file shares are defined per each VM. See `vmseries` variable, `bootstrap_storage` property.

Following properties are supported (except for name, all are optional):

- `name` : name of the Storage Account. Please keep in mind that storage account name has to be globally unique. This name will not be prefixed with the value of `var.name_prefix`.
- `create_storage_account` : (defaults to `true`) create or source (when `false`) an existing Storage Account.
- `resource_group_name` : (defaults to `var.resource_group_name`) name of the Resource Group hosting the Storage Account (existing or newly created). The RG has to exist.
- `storage_acl` : (defaults to `false`) enables network ACLs on the Storage Account. If this is enabled - `storage_allow_vnet_subnets` and `storage_allow_inbound_public_ips` options become available. The ACL defaults to default `Deny`.
- `storage_allow_vnet_subnets` : (defaults to `[]`) whitelist containing the allowed vnet and associated subnets that are allowed to access the Storage Account. Note that the respective subnets require `enable_storage_service_endpoint` set to `true` to work properly.
- `storage_allow_inbound_public_ips` : (defaults to `[]`) whitelist containing the allowed public IP subnets that can access the Storage Account. Note that the code automatically tried to query https://ifconfig.me/ip to obtain the public IP address of the machine executing the code so that the bootstrap files are succuessfuly uploaded to the Storage Account.


The properties below do not directly change anything in the Storage Account settings. They can be used to control common parts of the `DAY0` configuration (used only when full bootstrap is used). These properties can also be specified per firewall, but when specified here they tak higher precedence:
- `public_snet_key` : required, name of the key in `var.vnets` map defining a public subnet, required to calculate the Azure router IP for the public subnet.
- `private_snet_key` : required, name of the key in `var.vnets` map defining a private subnet, required to calculate the Azure router IP for the private subnet.
- `intranet_cidr` : optional, CIDR of the private networks required to build a general static route to resources protected by this firewall, when skipped the 1st CIDR from `vnet_name` address space will be used.
- `ai_update_interval` : if Application Insights are used this property can override the default metrics update interval (in minutes). | `any` | `{}` | no |
 |  [vmseries](#input\_vmseries) | Map of virtual machines to create to run VM-Series - inbound firewalls. Following properties are supported:

- `name` : name of the VMSeries virtual machine.
- `vm_size` : size of the VMSeries virtual machine, when specified overrides `var.vmseries_vm_size`.
- `version` : PanOS version, when specified overrides `var.vmseries_version`.
- `vnet_key` : a key of a VNET defined in the `var.vnets` map. This value will be used during network interfaces creation.
- `add_to_appgw_backend` : bool, `false` by default, set this to `true` to add this backend to an Application Gateway.
- `avzone`: the Azure Availability Zone identifier ("1", "2", "3"). Default is "1".
- `availability_set_name` : a name of an Availability Set as declared in `availability_set` property. Specify when HA is required but cannot go for zonal deployment.

- `bootstrap_options` : string, optional bootstrap options to pass to VM-Series instances, semicolon separated values. When defined this precedence over `bootstrap_storage`
- `bootstrap_storage` : a map containing definition of the bootstrap package content. When present triggers a creation of a File Share in an existing Storage Account, following properties supported:
  - `name` : a name of a key in `var.bootstrap_storage` variable defining a Storage Account
  - `static_files` : a map where key is a path to a file, value is the location of the file in the bootstrap package (file share). All files in this map are copied 1:1 to the bootstrap package
  - `template_bootstrap_xml` : path to the `bootstrap.xml` template. When defined it will trigger creation of the `bootstrap.xml` file and the file will be uploaded to the storage account. This is a simple `day 0` configuration file that should set up only basic networking. Specifying this property forces additional properties that are required to properly template the file. They can be defined per each VM or globally for all VMs (in this case place them in the bootstrap storage definition). The properties are listed below.
  - `public_snet_key` : required, name of the key in `var.vnets` map defining a public subnet, required to calculate the Azure router IP for the public subnet.
  - `private_snet_key` : required, name of the key in `var.vnets` map defining a private subnet, required to calculate the Azure router IP for the private subnet.
  - `intranet_cidr` : optional, CIDR of the private networks required to build a general static route to resources protected by this firewall, when skipped the 1st CIDR from `vnet_name` address space will be used.
  - `ai_update_interval` : if Application Insights are used this property can override the default metrics update interval (in minutes).

- `interfaces` : configuration of all NICs assigned to a VM. A list of maps, each map is a NIC definition. Notice that the order DOES matter. NICs are attached to VMs in Azure in the order they are defined in this list, therefore the management interface has to be defined first. Following properties are available:
  - `name`: string that will form the NIC name
  - `subnet_key` : (string) a key of a subnet as defined in `var.vnets`
  - `create_pip` : (boolean) flag to create Public IP for an interface, defaults to `false`
  - `public_ip_name` : (string) when `create_pip` is set to `false` a name of a Public IP resource that should be associated with this Network Interface
  - `public_ip_resource_group` : (string) when associating an existing Public IP resource, name of the Resource Group the IP is placed in, defaults to the `var.resource_group_name`
  - `load_balancer_key` : (string) key of a Load Balancer defined in the `var.loadbalancers`  variable, defaults to `null`
  - `private_ip_address` : (string) a static IP address that should be assigned to an interface, defaults to `null` (in that case DHCP is used)

Example:
{
  "fw01" = {
    name = "firewall01"
    bootstrap\_storage = {
      name                   = "storageaccountname"
      static\_files           = { "files/init-cfg.txt" = "config/init-cfg.txt" }
      template\_bootstrap\_xml = "templates/bootstrap\_common.tmpl"
      public\_snet\_key        = "public"
      private\_snet\_key       = "private"
    }
    avzone   = 1
    vnet\_key = "trust"
    interfaces = [
      {
        name               = "mgmt"
        subnet\_key         = "mgmt"
        create\_pip         = true
        private\_ip\_address = "10.0.0.1"
      },
      {
        name                 = "trust"
        subnet\_key           = "private"
        private\_ip\_address   = "10.0.1.1"
        load\_balancer\_key    = "private\_lb"
      },
      {
        name                 = "untrust"
        subnet\_key           = "public"
        private\_ip\_address   = "10.0.2.1"
        load\_balancer\_key    = "public\_lb"
        public\_ip\_name       = "existing\_public\_ip"
      }
    ]
  }
}
 | `any` | n/a | yes |
-|  [appgws](#input\_appgws) | A map defining all Application Gateways in the current deployment.

For detailed documentation on how to configure this resource, for available properties, especially for the defaults and the `rules` property refer to [module documentation](https://github.com/PaloAltoNetworks/terraform-azurerm-vmseries-modules/blob/main/modules/appgw/README.md).

Following properties are supported:
- `name` : name of the Application Gateway.
- `vnet_key` : a key of a VNET defined in the `var.vnets` map.
- `subnet_key` : a key of a subnet as defined in `var.vnets`. This has to be a subnet dedicated to Application Gateways v2.
- `zones` : for zonal deployment this is a list of all zones in a region - this property is used by both: the Application Gateway and the Public IP created in front of the AppGW.
- `capacity` : (optional) number of Application Gateway instances, not used when autoscalling is enabled (see `capacity_min`)
- `capacity_min` : (optional) when set enables autoscaling and becomes the minimum capacity
- `capacity_max` : (optional) maximum capacity for autoscaling
- `enable_http2` : enable HTTP2 support on the Application Gateway
- `waf_enabled` : (optional) enables WAF Application Gateway, defining WAF rules is not supported, defaults to `false`
- `vmseries_public_nic_name` : name of the public VMSeries interface as defined in `interfaces` property.
- `managed_identities` : (optional) a list of existing User-Assigned Managed Identities, which Application Gateway uses to retrieve certificates from Key Vault
- `ssl_policy_type` : (optional) type of an SSL policy, defaults to `Predefined`
- `ssl_policy_name` : (optional) name of an SSL policy, for `ssl_policy_type` set to `Predefined`
- `ssl_policy_min_protocol_version` : (optional) minimum version of the TLS protocol for SSL Policy, for `ssl_policy_type` set to `Custom`
- `ssl_policy_cipher_suites` : (optional) a list of accepted cipher suites, for `ssl_policy_type` set to `Custom`
- `ssl_profiles` : (optional) a map of SSL profiles that can be later on referenced in HTTPS listeners by providing a name of the profile in the `ssl_profile_name` property | `map` | `{}` | no |
+|  [appgws](#input\_appgws) | A map defining all Application Gateways in the current deployment.

For detailed documentation on how to configure this resource, for available properties, especially for the defaults and the `rules` property refer to [module documentation](../../modules/appgw/README.md).

Following properties are supported:
- `name` : name of the Application Gateway.
- `vnet_key` : a key of a VNET defined in the `var.vnets` map.
- `subnet_key` : a key of a subnet as defined in `var.vnets`. This has to be a subnet dedicated to Application Gateways v2.
- `zones` : for zonal deployment this is a list of all zones in a region - this property is used by both: the Application Gateway and the Public IP created in front of the AppGW.
- `capacity` : (optional) number of Application Gateway instances, not used when autoscalling is enabled (see `capacity_min`)
- `capacity_min` : (optional) when set enables autoscaling and becomes the minimum capacity
- `capacity_max` : (optional) maximum capacity for autoscaling
- `enable_http2` : enable HTTP2 support on the Application Gateway
- `waf_enabled` : (optional) enables WAF Application Gateway, defining WAF rules is not supported, defaults to `false`
- `vmseries_public_nic_name` : name of the public VMSeries interface as defined in `interfaces` property.
- `managed_identities` : (optional) a list of existing User-Assigned Managed Identities, which Application Gateway uses to retrieve certificates from Key Vault
- `ssl_policy_type` : (optional) type of an SSL policy, defaults to `Predefined`
- `ssl_policy_name` : (optional) name of an SSL policy, for `ssl_policy_type` set to `Predefined`
- `ssl_policy_min_protocol_version` : (optional) minimum version of the TLS protocol for SSL Policy, for `ssl_policy_type` set to `Custom`
- `ssl_policy_cipher_suites` : (optional) a list of accepted cipher suites, for `ssl_policy_type` set to `Custom`
- `ssl_profiles` : (optional) a map of SSL profiles that can be later on referenced in HTTPS listeners by providing a name of the profile in the `ssl_profile_name` property | `map` | `{}` | no |
 
 ### Outputs
 
diff --git a/products/terraform/docs/swfw/gcp/vmseries/modules/autoscale.md b/products/terraform/docs/swfw/gcp/vmseries/modules/autoscale.md
index a8d490421..325c26e03 100644
--- a/products/terraform/docs/swfw/gcp/vmseries/modules/autoscale.md
+++ b/products/terraform/docs/swfw/gcp/vmseries/modules/autoscale.md
@@ -32,7 +32,6 @@ title: Auto-Scaling for Palo Alto Networks VM-Series
 | Name | Version |
 |------|---------|
 |  [google](#provider\_google) | ~> 4.54 |
-|  [random](#provider\_random) | n/a |
 
 ### Modules
 
@@ -42,46 +41,52 @@ No modules.
 
 | Name | Type |
 |------|------|
-| [google_compute_autoscaler.this](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_autoscaler) | resource |
-| [google_compute_instance_group_manager.this](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance_group_manager) | resource |
-| [google_compute_instance_template.this](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance_template) | resource |
-| [google_pubsub_subscription.this](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/pubsub_subscription) | resource |
-| [google_pubsub_subscription_iam_member.this](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/pubsub_subscription_iam_member) | resource |
-| [google_pubsub_topic.this](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/pubsub_topic) | resource |
-| [random_id.autoscaler](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
-| [google_compute_default_service_account.this](https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/compute_default_service_account) | data source |
+| [google_compute_autoscaler.zonal](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_autoscaler) | resource |
+| [google_compute_instance_group_manager.zonal](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance_group_manager) | resource |
+| [google_compute_instance_template.main](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance_template) | resource |
+| [google_compute_region_autoscaler.regional](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_region_autoscaler) | resource |
+| [google_compute_region_instance_group_manager.regional](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_region_instance_group_manager) | resource |
+| [google_pubsub_subscription.main](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/pubsub_subscription) | resource |
+| [google_pubsub_subscription_iam_member.main](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/pubsub_subscription_iam_member) | resource |
+| [google_pubsub_topic.main](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/pubsub_topic) | resource |
+| [google_compute_default_service_account.main](https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/compute_default_service_account) | data source |
+| [google_compute_zones.main](https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/compute_zones) | data source |
 
 ### Inputs
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-|  [autoscaler\_metrics](#input\_autoscaler\_metrics) | The map with the keys being metrics identifiers (e.g. custom.googleapis.com/VMSeries/panSessionUtilization).
Each of the contained objects has attribute `target` which is a numerical threshold for a scale-out or a scale-in.
Each zonal group grows until it satisfies all the targets.

Additional optional attribute `type` defines the metric as either `GAUGE` (the default), `DELTA_PER_SECOND`, or `DELTA_PER_MINUTE`.
For full specification, see the `metric` inside the [provider doc](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_autoscaler). | `map` | 
{
  "custom.googleapis.com/VMSeries/panSessionThroughputKbps": {
    "target": 700000
  },
  "custom.googleapis.com/VMSeries/panSessionUtilization": {
    "target": 70
  }
}
 | no |
-|  [cooldown\_period](#input\_cooldown\_period) | How much tame does it take for a spawned PA-VM to become functional on the initialization boot | `number` | `480` | no |
-|  [deployment\_name](#input\_deployment\_name) | Deployment Name that matches what is specified in Panorama GCP Plugin | `string` | n/a | yes |
-|  [disk\_type](#input\_disk\_type) | n/a | `string` | `"pd-ssd"` | no |
-|  [image](#input\_image) | Link to VM-Series PAN-OS image. Can be either a full self\_link, or one of the shortened forms per the [provider doc](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance#image). | `string` | `"https://www.googleapis.com/compute/v1/projects/paloaltonetworksgcp-public/global/images/vmseries-byol-912"` | no |
-|  [machine\_type](#input\_machine\_type) | GCP instance type to use. | `string` | `"n1-standard-4"` | no |
-|  [max\_replicas\_per\_zone](#input\_max\_replicas\_per\_zone) | Maximum number of VM-series instances per *each* of the zones | `number` | `1` | no |
-|  [metadata](#input\_metadata) | Metadata for VM-Series firewall.  Commented examples below show two examples: 1. partial bootstrap to Panorama 2. Full configuration bootstrap from Google storage bucket. | `map(string)` | `{}` | no |
-|  [min\_cpu\_platform](#input\_min\_cpu\_platform) | n/a | `string` | `"Intel Broadwell"` | no |
-|  [min\_replicas\_per\_zone](#input\_min\_replicas\_per\_zone) | Minimum number of VM-series instances per *each* of the zones | `number` | `1` | no |
-|  [named\_ports](#input\_named\_ports) | (Optional) The list of named ports:
named\_ports = [
  {
    name = "http"
    port = "80"
  },
  {
    name = "app42"
    port = "4242"
  },
]
The name identifies the backend port to receive the traffic from the global load balancers. | `list` | `[]` | no |
-|  [network\_interfaces](#input\_network\_interfaces) | List of the network interface specifications.
Available options:
- `subnetwork`             - (Required\|string) Self-link of a subnetwork to create interface in.
- `create_public_ip`       - (Optional\|boolean) Whether to reserve public IP for the interface. Ignored if `public_ip` is provided. Defaults to 'false'. | `list(any)` | n/a | yes |
-|  [pool](#input\_pool) | The self\_link of google\_compute\_target\_pool where the auto-created instances will be placed for healtchecking of External Load Balancer | `string` | `null` | no |
-|  [prefix](#input\_prefix) | Prefix to various GCP resource names | `string` | n/a | yes |
-|  [region](#input\_region) | The Google Cloud region for the resources.  If null is provided, provider region will be used. | `string` | `null` | no |
-|  [scale\_in\_control\_replicas\_fixed](#input\_scale\_in\_control\_replicas\_fixed) | Fixed number of VM instances that can be killed in each zone within the scale-in time window.
See `scale_in_control` in the [provider doc](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_autoscaler). | `number` | `1` | no |
-|  [scale\_in\_control\_time\_window\_sec](#input\_scale\_in\_control\_time\_window\_sec) | How many seconds autoscaling should look into the past when scaling in (down).
Default 30 minutes corresponds to the default custom metrics period of 5 minutes
and also to the considerable init time of a fresh instance. | `number` | `1800` | no |
-|  [scopes](#input\_scopes) | n/a | `list(string)` | 
[
  "https://www.googleapis.com/auth/compute.readonly",
  "https://www.googleapis.com/auth/cloud.useraccounts.readonly",
  "https://www.googleapis.com/auth/devstorage.read\_only",
  "https://www.googleapis.com/auth/logging.write",
  "https://www.googleapis.com/auth/monitoring.write"
]
 | no |
-|  [service\_account\_email](#input\_service\_account\_email) | IAM Service Account for running firewall instance (just the email) | `string` | `null` | no |
-|  [tags](#input\_tags) | n/a | `list(string)` | `[]` | no |
-|  [update\_policy\_type](#input\_update\_policy\_type) | What to do when the underlying template changes (e.g. PAN-OS upgrade).
OPPORTUNISTIC is the only recommended value. Also PROACTIVE is allowed: it immediately
starts to re-create/delete instances and since this is not coordinated with
the instance group manager in other zone, it can easily lead to total outage.
It is thus feasible only in dev environments. Real environments should
perform a "Rolling Update" in GCP web interface. | `string` | `"OPPORTUNISTIC"` | no |
-|  [zones](#input\_zones) | Map of zone names for the zonal IGMs | `map(string)` | `{}` | no |
+|  [autoscaler\_metrics](#input\_autoscaler\_metrics) | A map with the keys being metrics identifiers (e.g. custom.googleapis.com/VMSeries/panSessionUtilization). Each of the contained objects has attribute `target` which is a numerical threshold for a scale-out or a scale-in. Each zonal group grows until it satisfies all the targets. Additional optional attribute `type` defines the metric as either `GAUGE`, `DELTA_PER_SECOND`, or `DELTA_PER_MINUTE`. For full specification, see the `metric` inside the [provider doc](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_autoscaler). | `map` | 
{
  "custom.googleapis.com/VMSeries/panSessionThroughputKbps": {
    "target": 700000
  },
  "custom.googleapis.com/VMSeries/panSessionUtilization": {
    "target": 70
  }
}
 | no |
+|  [cooldown\_period](#input\_cooldown\_period) | The number of seconds that the autoscaler should wait before it starts collecting information from a new VM-Series. This prevents the autoscaler from collecting information when the VM-Series is initializing, during which the collected usage would not be reliable. Virtual machine initialization times might vary because of numerous factors. | `number` | `480` | no |
+|  [create\_pubsub\_topic](#input\_create\_pubsub\_topic) | Set to `true` to create a Pub/Sub topic and subscription. The Panorama Google Cloud Plugin can use this Pub/Sub to trigger actions when the VM-Series Instance Group descales. Actions include, removal of VM-Series from Panorama and automatic delicensing (if VM-Series BYOL licensing is used). For more information, please see [Autoscaling the VM-Series on GCP](https://docs.paloaltonetworks.com/vm-series/9-1/vm-series-deployment/set-up-the-vm-series-firewall-on-google-cloud-platform/autoscaling-on-google-cloud-platform). | `bool` | `true` | no |
+|  [disk\_type](#input\_disk\_type) | The disk type that is attached to the instances of the VM-Series firewalls. | `string` | `"pd-ssd"` | no |
+|  [image](#input\_image) | Link to VM-Series PAN-OS image. Can be either a full self\_link, or one of the shortened forms per the [provider doc](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance#image). | `string` | `"https://www.googleapis.com/compute/v1/projects/paloaltonetworksgcp-public/global/images/vmseries-byol-1014"` | no |
+|  [machine\_type](#input\_machine\_type) | The instance type for the VM-Series firewalls. | `string` | `"n2-standard-4"` | no |
+|  [max\_vmseries\_replicas](#input\_max\_vmseries\_replicas) | The maximum number of VM-Series per region/zone that the autoscaler can scale up to. The maximum number of VM-Series should not be lower than `min_vmseries_replicas`. | `number` | n/a | yes |
+|  [metadata](#input\_metadata) | Metadata for VM-Series firewall. The metadata is used to perform mgmt-interface-swap and for bootstrapping the VM-Series.

Ex 1: Partial bootstrap to Panorama
metadata = {
    type                        = "dhcp-client"
    op-command-modes            = "mgmt-interface-swap"
    vm-auth-key                 = "012345601234560123456"
    panorama-server             = "1.1.1.1"
    dgname                      = "my-device-group"
    tplname                     = "my-template-stack"
    dhcp-send-hostname          = "yes"
    dhcp-send-client-id         = "yes"
    dhcp-accept-server-hostname = "yes"
    dhcp-accept-server-domain   = "yes"
  }
Ex 2: Full configuration bootstrap from Google storage bucket.
metadata = {
    mgmt-interface-swap                  = "enable"
    vmseries-bootstrap-gce-storagebucket = "your-bootstrap-bucket"
    ssh-keys                             = "admin:"
  }
 | `map(string)` | `{}` | no |
+|  [min\_cpu\_platform](#input\_min\_cpu\_platform) | The minimum CPU platform for the instance type of the VM-Series firewalls. | `string` | `"Intel Cascade Lake"` | no |
+|  [min\_vmseries\_replicas](#input\_min\_vmseries\_replicas) | The minimum number of VM-Series per region/zone that the autoscaler can scale down to. This cannot be less than 0. | `number` | n/a | yes |
+|  [name](#input\_name) | The name of the VM-Series deployed. This value will be used as the `base_instance_name` and will be used as a prepended prefix for other created resources. | `string` | n/a | yes |
+|  [named\_ports](#input\_named\_ports) | A list of named port configurations. The name identifies the backend port to receive the traffic 
from the global load balancers.
named\_ports = [
  {
    name = "http"
    port = "80"
  },
  {
    name = "app42"
    port = "4242"
  },
]
 | `list` | `[]` | no |
+|  [network\_interfaces](#input\_network\_interfaces) | List of the network interface specifications.

Available options:
- `subnetwork`       - (Required\|string) Self-link of a subnetwork to create interface in.
- `create_public_ip` - (Optional\|boolean) Whether to reserve public IP for the interface. | `list(any)` | n/a | yes |
+|  [region](#input\_region) | The Google Cloud region for the resources. If null, provider region will be used. | `string` | `null` | no |
+|  [regional\_mig](#input\_regional\_mig) | Sets the managed instance group type to either a regional (if `true`) or a zonal (if `false`).
For more information please see [About regional MIGs](https://cloud.google.com/compute/docs/instance-groups/regional-migs#why_choose_regional_managed_instance_groups). | `bool` | n/a | yes |
+|  [scale\_in\_control\_replicas\_fixed](#input\_scale\_in\_control\_replicas\_fixed) | Fixed number of VM-Series instances that can be killed within the scale-in time window. See `scale_in_control` in the [provider doc](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_autoscaler). | `number` | `1` | no |
+|  [scale\_in\_control\_time\_window\_sec](#input\_scale\_in\_control\_time\_window\_sec) | How far (in seconds) autoscaling should look into the past when scaling down. | `number` | `1800` | no |
+|  [scopes](#input\_scopes) | A list of service scopes. Both OAuth2 URLs and gcloud short names are supported. See a complete list of scopes [here](https://cloud.google.com/sdk/gcloud/reference/alpha/compute/instances/set-scopes#--scopes). | `list(string)` | 
[
  "https://www.googleapis.com/auth/compute.readonly",
  "https://www.googleapis.com/auth/cloud.useraccounts.readonly",
  "https://www.googleapis.com/auth/devstorage.read\_only",
  "https://www.googleapis.com/auth/logging.write",
  "https://www.googleapis.com/auth/monitoring.write"
]
 | no |
+|  [service\_account\_email](#input\_service\_account\_email) | IAM Service Account applied to the VM-Series instances. | `string` | `null` | no |
+|  [tags](#input\_tags) | Tags to attach to the instance | `list(string)` | `[]` | no |
+|  [target\_pools](#input\_target\_pools) | A list of target pool URLs to which the instance groups are added. Updating the target pools attribute does not affect existing VM-Series instances. | `list(string)` | `null` | no |
+|  [update\_policy\_type](#input\_update\_policy\_type) | What to do when the underlying template changes (e.g. PAN-OS upgrade). OPPORTUNISTIC is the only recommended value. Also PROACTIVE is allowed. | `string` | `"OPPORTUNISTIC"` | no |
+|  [zones](#input\_zones) | A map of the zone names for zonal managed instance groups. A managed instance group will be created for every zone entered.
Required if `regional_mig` is set to `false`. | `map(string)` | `{}` | no |
 
 ### Outputs
 
 | Name | Description |
 |------|-------------|
-|  [backends](#output\_backends) | Map of instance group (IG) identifiers, suitable for use in module lb\_internal as input `backends`. |
-|  [instance\_group\_manager](#output\_instance\_group\_manager) | n/a |
+|  [pubsub\_subscription\_iam\_member\_etag](#output\_pubsub\_subscription\_iam\_member\_etag) | The etag of the Pub/Sub IAM Member. |
+|  [pubsub\_subscription\_id](#output\_pubsub\_subscription\_id) | The resource ID of the Pub/Sub Subscription. |
+|  [pubsub\_topic\_id](#output\_pubsub\_topic\_id) | The resource ID of the Pub/Sub Topic. |
+|  [regional\_instance\_group\_id](#output\_regional\_instance\_group\_id) | The resource ID of the regional VM-Series managed instance group. This output should only be used when `regional_mig` is set to `true`. |
+|  [zonal\_instance\_group\_ids](#output\_zonal\_instance\_group\_ids) | The resource IDs of the zonal VM-Series managed instance groups. This output should only be used when `regional_mig` is set to `false`. |
 
\ No newline at end of file
diff --git a/products/terraform/docs/swfw/gcp/vmseries/modules/bootstrap.md b/products/terraform/docs/swfw/gcp/vmseries/modules/bootstrap.md
index 4022a2fd3..962897ecd 100644
--- a/products/terraform/docs/swfw/gcp/vmseries/modules/bootstrap.md
+++ b/products/terraform/docs/swfw/gcp/vmseries/modules/bootstrap.md
@@ -56,6 +56,7 @@ No modules.
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
+|  [bootstrap\_files\_dir](#input\_bootstrap\_files\_dir) | Bootstrap file directory. If the variable has a value of `null` (default) - then it will not upload any other files other than the ones specified in the `files` variable.
More information can be found at https://docs.paloaltonetworks.com/vm-series/9-1/vm-series-deployment/bootstrap-the-vm-series-firewall/bootstrap-package. | `string` | `null` | no |
 |  [files](#input\_files) | Map of all files to copy to bucket. The keys are local paths, the values are remote paths. For example `{"dir/my.txt" = "config/init-cfg.txt"}` | `map(string)` | `{}` | no |
 |  [folders](#input\_folders) | List of folder paths that will be used to create dedicated boostrap package folder sets per firewall or firewall group (for example to distinguish configuration per region, per inbound/obew role, etc) within the created storage bucket.

A default value (empty list) will result in the creation of a single bootstrap package folder set in the bucket top-level directory. | `list(any)` | `[]` | no |
 |  [location](#input\_location) | Location in which the GCS Bucket will be deployed. Available locations can be found under https://cloud.google.com/storage/docs/locations. | `string` | n/a | yes |
diff --git a/products/terraform/docs/swfw/gcp/vmseries/modules/lb_external.md b/products/terraform/docs/swfw/gcp/vmseries/modules/lb_external.md
index d58a010ef..db0dd546d 100644
--- a/products/terraform/docs/swfw/gcp/vmseries/modules/lb_external.md
+++ b/products/terraform/docs/swfw/gcp/vmseries/modules/lb_external.md
@@ -63,8 +63,7 @@ No modules.
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 |  [backend\_instance\_groups](#input\_backend\_instance\_groups) | List of backend instance groups | `list` | `[]` | no |
-|  [connection\_persistence\_on\_unhealthy\_backends](#input\_connection\_persistence\_on\_unhealthy\_backends) | Specifies connection persistence when backends are unhealthy. If set to DEFAULT\_FOR\_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER\_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP. If set to NEVER\_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy). If set to ALWAYS\_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default. | `string` | `"DEFAULT_FOR_PROTOCOL"` | no |
-|  [connection\_tracking\_mode](#input\_connection\_tracking\_mode) | There are two options: PER\_CONNECTION: The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol. PER\_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity. | `string` | `"PER_CONNECTION"` | no |
+|  [connection\_tracking\_policy](#input\_connection\_tracking\_policy) | Connection tracking policy settings, only available for backend service based rules. Following options are available:
- `mode`                              - (Optional\|string) `PER_CONNECTION` (default) or `PER_SESSION`
- `persistence_on_unhealthy_backends` - (Optional\|string) `DEFAULT_FOR_PROTOCOL` (default), `ALWAYS_PERSIST` or `NEVER_PERSIST`

More information about supported configurations in conjunction with `session_affinity` is available in [Backend service-based external Network Load Balancing](https://cloud.google.com/load-balancing/docs/network/networklb-backend-service#connection-tracking) documentation. | `map(any)` | `null` | no |
 |  [create\_health\_check](#input\_create\_health\_check) | Whether to create a health check on the target pool. | `bool` | `true` | no |
 |  [health\_check\_healthy\_threshold](#input\_health\_check\_healthy\_threshold) | Health check parameter, see [provider doc](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_http_health_check) | `number` | `null` | no |
 |  [health\_check\_http\_host](#input\_health\_check\_http\_host) | Health check http request host header, with the default adjusted to localhost to be able to check the health of the PAN-OS webui. | `string` | `"localhost"` | no |
@@ -73,14 +72,13 @@ No modules.
 |  [health\_check\_interval\_sec](#input\_health\_check\_interval\_sec) | Health check parameter, see [provider doc](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_http_health_check) | `number` | `null` | no |
 |  [health\_check\_timeout\_sec](#input\_health\_check\_timeout\_sec) | Health check parameter, see [provider doc](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_http_health_check) | `number` | `null` | no |
 |  [health\_check\_unhealthy\_threshold](#input\_health\_check\_unhealthy\_threshold) | Health check parameter, see [provider doc](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_http_health_check) | `number` | `null` | no |
-|  [idle\_timeout\_sec](#input\_idle\_timeout\_sec) | Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds). For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours. For NLB the minimum(default) is 60 seconds and the maximum is 16 hours. | `number` | `null` | no |
 |  [instances](#input\_instances) | List of links to the instances. Expected to be empty when using an autoscaler, as the autoscaler inserts entries to the target pool dynamically. The nic0 of each instance gets the traffic. Even when this list is shifted or re-ordered, it doesn't re-create any resources and such modifications often proceed without any noticeable downtime. | `list(string)` | `null` | no |
 |  [name](#input\_name) | Name of the backend\_service, target\_pool and of the associated health check. | `string` | n/a | yes |
 |  [network\_tier](#input\_network\_tier) | The networking tier used for configuring this address. If this field is not specified, it is assumed to be PREMIUM. Possible values are PREMIUM and STANDARD. | `string` | `"PREMIUM"` | no |
 |  [project](#input\_project) | The project to deploy to. If unset the default provider project is used. | `string` | `""` | no |
 |  [region](#input\_region) | GCP region to deploy to. If unset the default provider region is used. | `string` | `null` | no |
 |  [rules](#input\_rules) | Map of objects, the keys are names of the external forwarding rules, each of the objects has the following attributes:

- `port_range`: (Required) The port your service is listening on. Can be a number (80) or a range (8080-8089, or even 1-65535).
- `ip_address`: (Optional) A public IP address on which to listen, must be in the same region as the LB and must be IPv4. If empty, automatically generates a new non-ephemeral IP on a PREMIUM tier.
- `ip_protocol`: (Optional) The IP protocol for the frontend forwarding rule: TCP, UDP, ESP, ICMP, or L3\_DEFAULT. Default is TCP.
- `all_ports`: (Optional) Allows all ports to be forwarded to the Backend Service | `any` | n/a | yes |
-|  [session\_affinity](#input\_session\_affinity) | How to distribute load. Options are `NONE`, `CLIENT_IP` and `CLIENT_IP_PROTO`. | `string` | `"NONE"` | no |
+|  [session\_affinity](#input\_session\_affinity) | Controls distribution of new connections (or fragmented UDP packets) from clients to the backends, can influence available connection tracking configurations.
Valid values are: NONE (default), CLIENT\_IP, CLIENT\_IP\_PROTO, CLIENT\_IP\_PORT\_PROTO (only available for backend service based rules). | `string` | `"NONE"` | no |
 
 ### Outputs
 
diff --git a/products/terraform/docs/swfw/gcp/vmseries/modules/lb_internal.md b/products/terraform/docs/swfw/gcp/vmseries/modules/lb_internal.md
index 6ed921e0e..7080b7c69 100644
--- a/products/terraform/docs/swfw/gcp/vmseries/modules/lb_internal.md
+++ b/products/terraform/docs/swfw/gcp/vmseries/modules/lb_internal.md
@@ -32,6 +32,7 @@ title: Internally-Facing Regional TCP/UDP Load Balancer on GCP
 | Name | Version |
 |------|---------|
 |  [google](#provider\_google) | ~> 4.54 |
+|  [google-beta](#provider\_google-beta) | n/a |
 
 ### Modules
 
@@ -41,9 +42,9 @@ No modules.
 
 | Name | Type |
 |------|------|
+| [google-beta_google_compute_region_backend_service.this](https://registry.terraform.io/providers/hashicorp/google-beta/latest/docs/resources/google_compute_region_backend_service) | resource |
 | [google_compute_forwarding_rule.this](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_forwarding_rule) | resource |
 | [google_compute_health_check.this](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_health_check) | resource |
-| [google_compute_region_backend_service.this](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_region_backend_service) | resource |
 | [google_client_config.this](https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/client_config) | data source |
 
 ### Inputs
@@ -54,6 +55,7 @@ No modules.
 |  [allow\_global\_access](#input\_allow\_global\_access) | (Optional) If true, clients can access ILB from all regions. By default false, only allow from the ILB's local region; useful if the ILB is a next hop of a route. | `bool` | `false` | no |
 |  [backends](#input\_backends) | Names of primary backend groups (IGs or IGMs). Typically use `module.vmseries.instance_group_self_links` here. | `map(string)` | n/a | yes |
 |  [connection\_draining\_timeout\_sec](#input\_connection\_draining\_timeout\_sec) | (Optional) Time for which instance will be drained (not accept new connections, but still work to finish started). | `number` | `null` | no |
+|  [connection\_tracking\_policy](#input\_connection\_tracking\_policy) | Connection tracking policy settings. Following options are available:
- `mode`                              - (Optional\|string) `PER_CONNECTION` (default) or `PER_SESSION`
- `idle_timeout_sec`                  - (Optional\|number) Defaults to 600 seconds, can only be modified in specific conditions (see link below)
- `persistence_on_unhealthy_backends` - (Optional\|string) `DEFAULT_FOR_PROTOCOL` (default), `ALWAYS_PERSIST` or `NEVER_PERSIST`

More information about supported configurations in conjunction with `session_affinity` is available in [Internal TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/internal#connection-tracking) documentation. | `map(any)` | `null` | no |
 |  [disable\_connection\_drain\_on\_failover](#input\_disable\_connection\_drain\_on\_failover) | (Optional) On failover or failback, this field indicates whether connection drain will be honored. Setting this to true has the following effect: connections to the old active pool are not drained. Connections to the new active pool use the timeout of 10 min (currently fixed). Setting to false has the following effect: both old and new connections will have a drain timeout of 10 min. This can be set to true only if the protocol is TCP. The default is false. | `bool` | `null` | no |
 |  [drop\_traffic\_if\_unhealthy](#input\_drop\_traffic\_if\_unhealthy) | (Optional) Used only when no healthy VMs are detected in the primary and backup instance groups. When set to true, traffic is dropped. When set to false, new connections are sent across all VMs in the primary group. The default is false. | `bool` | `null` | no |
 |  [failover\_backends](#input\_failover\_backends) | (Optional) Names of failover backend groups (IGs or IGMs). Failover groups are ignored unless the primary groups do not meet collective health threshold. | `map(string)` | `{}` | no |
@@ -65,8 +67,9 @@ No modules.
 |  [name](#input\_name) | Name of the load balancer (that is, both the forwarding rule and the backend service) | `string` | n/a | yes |
 |  [network](#input\_network) | n/a | `any` | `null` | no |
 |  [ports](#input\_ports) | Which port numbers are forwarded to the backends (up to 5 ports). Conflicts with all\_ports. | `list(number)` | `[]` | no |
+|  [project](#input\_project) | The project to deploy to. If unset the default provider project is used. | `string` | `null` | no |
 |  [region](#input\_region) | Region to create ILB in. | `string` | `null` | no |
-|  [session\_affinity](#input\_session\_affinity) | (Optional, TCP only) Try to direct sessions to the same backend, can be: CLIENT\_IP, CLIENT\_IP\_PORT\_PROTO, CLIENT\_IP\_PROTO, NONE (default is NONE). | `string` | `null` | no |
+|  [session\_affinity](#input\_session\_affinity) | Controls distribution of new connections (or fragmented UDP packets) from clients to the backends, can influence available connection tracking configurations.
Valid values are: NONE (default), CLIENT\_IP\_NO\_DESTINATION, CLIENT\_IP, CLIENT\_IP\_PROTO, CLIENT\_IP\_PORT\_PROTO. | `string` | `null` | no |
 |  [subnetwork](#input\_subnetwork) | n/a | `string` | n/a | yes |
 |  [timeout\_sec](#input\_timeout\_sec) | (Optional) How many seconds to wait for the backend before dropping the connection. Default is 30 seconds. Valid range is [1, 86400]. | `number` | `null` | no |
 
diff --git a/products/terraform/docs/swfw/gcp/vmseries/modules/vpc.md b/products/terraform/docs/swfw/gcp/vmseries/modules/vpc.md
index c6468e5ce..534afc46a 100644
--- a/products/terraform/docs/swfw/gcp/vmseries/modules/vpc.md
+++ b/products/terraform/docs/swfw/gcp/vmseries/modules/vpc.md
@@ -64,7 +64,7 @@ No modules.
 |------|-------------|------|---------|:--------:|
 |  [allowed\_ports](#input\_allowed\_ports) | A list of ports to pass for the `networks` entries that do not have their own `allowed_ports` attribute. For example ["22", "443"]. Can also include ranges, for example ["80", "8080-8999"]. Empty list means to allow all. | `list(string)` | `[]` | no |
 |  [allowed\_protocol](#input\_allowed\_protocol) | A protocol (TCP or UDP) to pass for the `networks` entries that do not have their own `allowed_protocol` attribute. | `string` | `"all"` | no |
-|  [networks](#input\_networks) | Map of networks, a minimal example:
{
  "my-vpc" = {
    name            = "my-vpc"
    subnetwork\_name = "my-subnet"
    ip\_cidr\_range   = "192.168.1.0/24"
  }
}
An advanced example:
{
  "my-vpc" = {
    name            = "my-vpc"
    subnetwork\_name = "my-subnet"
    ip\_cidr\_range   = "192.168.1.0/24"
    allowed\_sources = ["209.85.152.0/22"]
    log\_metadata    = "INCLUDE\_ALL\_METADATA"
    mtu             = 1500
  }
}
Full example:
{
  "my-vpc" = {
    name             = "my-vpc"
    subnetwork\_name  = "my-subnet"
    ip\_cidr\_range    = "192.168.1.0/24"
    allowed\_sources  = ["10.0.0.0/8", "98.98.98.0/28"]
    allowed\_protocol = "UDP"
    allowed\_ports    = ["53", "123-125"]
    log\_metadata     = "EXCLUDE\_ALL\_METADATA"

    delete\_default\_routes\_on\_create = true
  }
  "imported-from-hostproject" = {
    name              = "existing-core-vpc"
    subnetwork\_name   = "existing-subnet"
    create\_network    = false
    create\_subnetwork = false
    host\_project\_id   = "my-core-project-id"
  }
}
Terraform 0.12.x and 0.13.x limitation: the existing networks/subnetworks names should be static strings and not come from other `resource` objects.
It is allowed from Terraform 0.14 onwards. | `any` | n/a | yes |
+|  [networks](#input\_networks) | Map of networks, a minimal example:
{
  "my-vpc" = {
    name            = "my-vpc"
    subnetwork\_name = "my-subnet"
    ip\_cidr\_range   = "192.168.1.0/24"
  }
}
An advanced example:
{
  "my-vpc" = {
    name            = "my-vpc"
    subnetwork\_name = "my-subnet"
    ip\_cidr\_range   = "192.168.1.0/24"
    allowed\_sources = ["209.85.152.0/22"]
    log\_metadata    = "INCLUDE\_ALL\_METADATA"
    mtu             = 1500
    routing\_mode    = "REGIONAL"
  }
}
Full example:
{
  "my-vpc" = {
    name             = "my-vpc"
    subnetwork\_name  = "my-subnet"
    ip\_cidr\_range    = "192.168.1.0/24"
    allowed\_sources  = ["10.0.0.0/8", "98.98.98.0/28"]
    allowed\_protocol = "UDP"
    allowed\_ports    = ["53", "123-125"]
    log\_metadata     = "EXCLUDE\_ALL\_METADATA"
    routing\_mode     = "GLOBAL"

    delete\_default\_routes\_on\_create = true
  }
  "imported-from-hostproject" = {
    name              = "existing-core-vpc"
    subnetwork\_name   = "existing-subnet"
    create\_network    = false
    create\_subnetwork = false
    host\_project\_id   = "my-core-project-id"
  }
}
Terraform 0.12.x and 0.13.x limitation: the existing networks/subnetworks names should be static strings and not come from other `resource` objects.
It is allowed from Terraform 0.14 onwards. | `any` | n/a | yes |
 |  [project\_id](#input\_project\_id) | Project in which to create or look for VPCs and subnets | `string` | `null` | no |
 |  [region](#input\_region) | GCP region for all the created subnetworks and for all the imported subnetworks. Set to null to use a default provider's region.

To add subnetworks with another region use a separate instance of this module (and specify `create_network=false` to avoid creating a duplicate network). | `string` | `null` | no |
 
diff --git a/products/terraform/docs/swfw/gcp/vmseries/reference-architectures/7690846b-2aad-4045-913c-8a5cdb80b16b.png b/products/terraform/docs/swfw/gcp/vmseries/reference-architectures/7690846b-2aad-4045-913c-8a5cdb80b16b.png
new file mode 100644
index 0000000000000000000000000000000000000000..279cfbc58e21286cc688921f7a3efd52446fa100
GIT binary patch
literal 71886
zcmdqJXH-;O*DZJe2@(_(0m-6Bjv^pIP)d@L5fCH?$w5hylL8_jB1t5JPJjpRknN;>gTEM!WmOdr#O*4A_yi!xKD^~KhagV82(n;+AR@5{LTUf5
zN<|EQfM;}927{cS|0UOEM#4L%?PVW4K@h5V^nWZlC;vC_CcdMb!X5lsd=hdYmh7YW
zbT}d+hqkA)vQjkejFmh$RL`AN
zY$L@RuzlMje9blNl9ZB#@6MOZ6uDuH*UY)Gp0_L!_V8=#z2_c#UWtMDR{B5m+}p=`_Ls}NIJjuf1g>jZ{mAp}x5Op;
z_aO1Gt)PjEi%YN-;@od3(5+V0wPX7CSYU3C=8|G1UvRAcFqep9S*Bh7xc9vRD=Vw)
z)<@ERA6GfYNpZI$$j8L(tRoezZ21A!e~z1>$4cIqE*ELi{@P;rEYAP@HbTN@sX7OI
z!jhQ34}s?Y^OsI`yx3%9Dz6XoE4uA7NGPQ$)O0VTQmM(1v`+7&XI4?er`cL35Hhl@
zxc4*_Yp*z7Em)E|nP|YyF-?7<_Qv^S*}He0%7Oxvg3zy5B49X%ScKaMUb;j@W#S5@86OPVhKx$8PdwpzD%
zshW$8TkW@(9+*6OG#w#B?|VC9-xAONme|SRhP_CFy)f-}%d%RH^7fg=q0&dD?eFi!
zVJ9dKaLm#ZK2ug#?_+Ud`Fp%nU!JY}mHHR99u=A@D!%=>nwcNGm?w
zg0vDNBXN?t@GFKxJ32aSqiRjtDF&CfV`r#C@!Df}R@XmrkP~uhe;`13ofi7^s;~M=
zB11z%ywsst1qCZ*kAs8I$K1+-P!r*p$A$tK6`UC>8ynf8VuHwpQcqqgjHjpg?G)uk
zejHz9VR4a+7|*o5M$ay=-LD~escc{o7a_lJ!EodEH-t%Px>k?J<0b<#@vAM8;1qUh
zo+KlwTFiEM#Cn%!uy7Hpb%+`^T1#FuV$Zj}lb7k9Ac={4!FH!RwO
z&u-g)e8^{7HvYb@PVXW9{2+tJ+O3{h>3@^%NVER*nb>b;h>u=jVAJHM&!IGvI|q~Y
z!fTtoN+HWNdOY%X??yyLJ)4>`>PQf!yng+938QcOj9;6{ZD(h}7a<|&4|8(ZkxxI%
ztWtXCi`;i?i#-oat6f%~D`qxrFAo=+eWRXp6hV9xGyUP6k56VNoU2t}aPn)1~OupJjJ7x`f6(&Szv~
zXjMCNA)lt#zZA%6Xi)sfdvMvRLuNoXNA3Ro3%@%PLK+)y!(>VO@Il}zQUoV(@2$Y;
zmX?<9^NwHI+HNtDqGzk}@F6h*^M`NX&EH`Q!VB{{Pn(sMg^*g9QxoImJt)Q7+S-a0
zabo|ovC-lT5#YS;TB!787!!65jypIaRK%%8MWl+EYMYYZ%>^9X864l2l$_JZy+9p$
z)oc`2yg{*+$(DYx5iSMyLjuMggP3zj)u=5Jk%-k6wv)tbc)QW&n^~zfRpYfTF`Vkr
zGx-`JFJ2Iu3s7t2YrKhxVd3;%9joPy|F*X0k(%i@YTH_3+TJW^HBfM2R$oO0D_?^s
zsVflvnUb6=S@TFcpMoL;_v6QpwHxjK2`Vo4VSM38QiTIJK>~UC8o927wxvS|Ceh?B
z$;!{4+IhOw6w+yApAztPVXUwaW@hG8{Koa^))uwx0=THG+}x(graz)l8n;?{xP%rZ?|n6gWvLWWSP2A@v?7iK
zxtfK~ns#?Vp?tfud#d0e?Ab{{0wqQI-iZTI2aK+5?
zPEJm1u3}mhwsg^)511A$d7La_mVTBI(FoZ#m)i^@&4O9gz4i$b-Z%gJ`BPOhUQxHj
z1-BfY>zi~)G`H^0NiXMW@vD3((rLljQVtHqTH7ntt1qhL-^eq6(B^{cab6wcA~HfE
z7(?ES-=aQ8x||k%^ERBSkL)UOhAP{SZ1o&&{j*G|$Eok%NgLCViw2$1kiu7C|P;2J|95%MqV%W=)CW?yutGL!vk|U+l2|
z+??+%c3q#U6kqgfV1#cE6?fkbGKICSRcUY7Q4CX*>>{U)tN7
zV(Je~$tfvAhLDod(w1!)U{($e9OPlG+Xc;nhgb+X1x4fZx&h4YR4h8eXZ9;2H-=)O
zU}}&_&aqz9cad$vhs#a$_#=lDhc00bzP-C~Ub0o+CzVUDhRUq;;=%Uvc{F;>IWdwv
z33{)ZjX8pW_BuHjH(nYnMwo&xWGW`G>kThE55))<4urgXN$l0ll!}#|l5*>mAtk34
zBTYF4G2Z&0cAgMS>FB(}kN9-SJE@Y=-qTxdcZ!BqcUtq3M4WOex0NK0J}mtVynSgs
zj+;a!#H%nh?wc7b7MLrt9uyxRa_4Ck->z{v2MZ}w+JCw=JahjKOp-14BQq`EQCpb@
z4=%zjh=369-@xdG51)isGZgEY+y4T_;*(MFCj;JzrJ+*9hf>e=)*F@??pOhfbAr}`
z2*UIcVq3FN-8u
zdiNzhB;pcIF!g$_Mm{#O>v2@6><=7k$
z3}-3CN>6YKUf{-mqqufOf%?zYZ@(|k;J!%gf7BXASF$`jpp>otBE_fshP#ib6prtp
zp0lbRO-KvV%@|nJXJ~~P%d@kxNLO|5+`(N~SZF4#$E>nJQg7RePsBmv$w6(`?0JUY
zkVAFKt$lBkWiRO1)jrcd*&is<&M#phRC|99i}WeGZL!wcXBxXNudx-AZqgyVc4K0E
z3dyb0zTM`{!RJ|~yyO;xafv8`lBP*W<`lXIFmJa~($lZ}CNll-jEFKdH5FT@!uEpN
zRcuoI8pHrnXpt7DQP3&Uz1MDVb8MTV^-VKccD+Wgu<~sABe;)hHgcw>
z%y8eQ20o
zpNM;u7!g(2Z@KF@UkwDPjc*=ko`bxY&eI6QuOhD_x24f)A>4XhNa{Gs!Y|}AULT1*`F(HK
z*3!y~Cxlqt1XMuX^hwc+uR)HpU;^ZBCr4o>Mery|Pv_%uruFtP8huWlyix
zt*mKhb9a4u5)S6#mOre2cK*n+{#_6&fNk$5$J$ihA`G9CIs;?q>th!d0-7f6cZbK1
zowYJlpKZC-R`Tp0c@;n0m)Q3LkkDDAkxLT)?e|(|f@sS=+!la&d$g~jJr9P*&*hl_KeKRYR^qkmla|LF;`{lCukmu!Hud>sqpwS($drqZmMeNklzXwR#L=AD?6{?U$96J%gL!3cp!mMY&p<
zlAq7@dv`thPLkc`_05B$shW&Mo&>c`XPl!QKo41&RlVh_LgM&7vZ}Y)cqAX`E?gkI
zlc_X)pZ$KLiE8&u#kh2~`sd{^2A&4hR7_xlfwI`Mi02}X>Rl#|d11==`{a_la!*L;067vj0l@|t~M;wHWZ+~qpOrCb~>{+7+^1skLy%nxB2()-x&|`
zERqTz!R-Fh(Gk#KK>E}t-3AudrSiL*L&?gl7^Mb=lik)YU0pFGY_URidL1_*_DES+
zWbZzx;vV1sQGp-_JFEEinSqQDA)J)z3C|E;g*l0?aY%4#Z}t>bts++Mv;bpDB!zbTs4cWh5ogJ
zBbY{fYSib*NKAn^{=<%WJo)}`!>U0GKg~1ZjyD{Mx5|)aJi^&4dGK39D
zSIOKxy*pwnHvD(b5`BGlmTG`3lP^
zri&-cfa)4x{;hS(Fkl5aw#N8T0@&?XO6#4kx{w!C?z#>D=(Cfd;iboqAH#P5OPIPD
zpCBy~Gp9$=BM`JKclxx#)$0E(D;}Dz1F?i3Fpa5UF0h%Dae&%()64JASocbqT%JNygZnI0F!VK
zz_+dUx*rKpN4{mRxC|)xOd!sM3m2G@{PYT2-z&twiiqfD8K}+5lHIO?G$GS82DD;Y
zPpwujysE0|<_&yc#|>9eMIeI`W%fPG&etYsVS3(Oo*h^p36|}t&R9^%>K}_-VBeAj
z5x`+A8e`hm*Oy#UqAFN6`S!Y1bL7_V-)2KzwJI@nVqNNs@`=6;+wSrh%qho08;K%`
zBVdLrugA=JS=gnhh3o|5@A%!6tI1sO9CBrt^Tk5$Ny-A7Cc!zO0UqCtusAK-!AyW@
zaQ7||At52az;=2Mn1YU)yr^E#choMa#&P>cv5R#`q*dBhRkt#bFcWtKYk{7GYg{J6&A6$Jy;!M~5PQ
z6^*0Z<7TC|@-;5Au;8aC%a#}9*Z<8+>|t
zRR8f?a{6$YnnVGM*X9EF{ty0Q&oD
z=SS)%A0nN8Ad+ELV<|Kqi)Z{6}v
zqJoipWuF%(R2m0C$vXg4hz6T(wbt=~xP%iF-@JJvSvb%%yD`}+aa?R2uUqYG*!G$k
zVX7sAFzNF}Z3(iN5d;MU$?QEH-s&&O$mqt}*WZ5&G?3}_Pm5bjK*#g)hye$~;s?eI
z*BU9#97Bx)Pv>enU_?lAzab!&?*5h?_KwjWSfKVZvXq8((xHlTZqtE@-sd_Y)
z-;@vlAA$firUvPDb-{0b~Fm5s!eFiwok`n$?*jPYJu;EaMGRRIBI5ZshT>K#PWf`KOZ$A`NyQ&LR
zuin{Jhk74YE*=!>*V983gLCc@+aUH44OMOf1?Znpf@#vUd?yoA3V^Zi#}90zGf|v~
zvFCgWTsS57LsH+M&!0b^S^VI6;EY5(Kgm|h#9Tgv4;#^>bq6ghSRNkl)W_6DCnf`<
zB1DR8h6Rxb>B_!uV<4qGr?1%=a|dW#W}coT?oI*xk(Het8zCnr|KcWw_}or`Xe$LE
zAL!jXMHY}iA`%itGm4K<_Wm`Bqs7UJApr8>V5P%l;K+ZKtL2LEXkCW+DzC%!Rv@EN
zw{F28WMvV+v2~9V(D`EdZ@yfDz|&S7BF;S<+Ep+;*I&-P%5pu~^CpA5y!@-UI5wSC
zKqercxj1DP(|5hRcx~mKChIAf+d!gV5*YsOh%-u%&+uz8^6i?Hf{X-TFKF{Kprhm7
z!%F*G8u0UL0Baof{>;Qqhti2^Y*!trxm#2QY}R+12LSqL2`L_MpK1=4(=RpPB>-9F
z&!5M%5?-{Sp`la3o}1rahW(+%&`5ZRAqL&4cN_*}^sBcA9vvUXE
z8+(x1d@Xw4PuA{?N!i-k#uT>xnQ1o^j3)y^r>yLwbaU?%aH3_^ffLs-I??B#iXo&V
zPkKd5gsKIySCRM0apepU5FA)vO;t{d$#6r~o`-oX>WupVw)}WA@~Xl@
z_YHt-B=?EWkdl$`rr1+;3F&=yJ{h&LJ}c0DjmELXs<8Gs4*nTQ0J?bxFwf4y_vH4!
zEsCJ&f*F|7ZH`&>*;cCXK3der3A%E~0ij4Ew*}-F7~f!pctJyel|Tp)Cf&K#mlyrv
z-Z;(I=($ef!T@4v8l@EWGg`_|bz0E5Ugo;A7f3zc=<25f0ub^jch%0fV+
zA*aaW;^ENolwXdCgb&i5yHqN`l!Fuu`qLENDNsYv5Sds662v=EmotF)K$fj^UZ&>1
zcFp)}M0p7J0E8j9ua{-Q$QMzK29`f8QzQ7;VCkdq*y2x<_Cap4qko16q;hm1A1%<=
zj>FBlgYz(_`U7X&lVFy8w`Lt7w@q`_sIQe<@)-F#)~L8Ss`and-g?1(Ui5M2&Lhz|
zGASDFO5xr+kTF&BMQz;i@PmTz2)q|ND>{q
zq~DB+o3EUt)it2S0ut#_i{U3)Sb#Q)o4oyfeYq>C7ET7_bNf>PqymP7iT|au^D{)g
z*Xk8+AfTs?HQO-&!3-$dbIZx)P41{>5%0e*3vAO*K4Zat8wdTJy3g6f!9jRF6Z!V_
zNfF8Qas00t98f&cHYLOYs?S7Iu1$79qYuAKwht2*SARdm048c);XI!pb42*bv_|0K
zDgz(!$)5LU{DS4zCBl(U?F{<3h{v_dbawX`#wWK2Y@bDJ%tq_oaBfTQ&c5l1ek;~9
z$jPa<3>pG96*HHshx;zCI4aVJT5G9p9enFpXL{n{@=b+ZSun1_x1rIj)bQ&YHi$-d
zo$kX8#Jhfm1BE_myLH{JMz_1ponCo+-S9gx8=Ck|uzh{B&@zI){@H(N*HtVrz!XCI
zgB#tT!-2?Rz)J<<$uk4q*rIok+*O{p&%DmxaI4iSH6tO$!?6~mxt-FvVSJ@Dymk5(
zK#MSXaduI=$Tl>1y?smlAYpNF5!J|l{rdIEguf*ZY89!?J&lw0T5jD5A4!9QvR3bO
zwa_bhze}pE-e^70u`}*W(y6*`Gi_%UCbRD8pEe)~vs6PP+Lg=mDn2$A6)_$NO`vYU
zpNJ1EJ5WRK-2f#U6nBb3V6`JN=R#VrBiqPJYd(A+2c6R_er~3lnuaDtHG3*ir{n-&
z1k@BlW|r$S{{|*O+Yy4o0TfIy^501(=aqBRy)t?v&J0Mc3yANdE)=tA_RTk~%@3$+
zZAtzKJ-i{0t2mpDr(l2}AekO|NxYO!v;NpL>C-ja1d!Z*cg;}X`gKrD8f`0DJ>?TY
z(7?v-1`y)&B?h;C{A|TA3F0~(Dm3*Yv#Ltl`toT!f5_5MO)peZ
z-j*leQ)X)MH0p-OPZ-y{&FG#
zAK3=qM~P4I1mhL1EccoVq=L|?9}ZHIv#^)}Y^ssqGU2(GD6+$z>8vKz}MDW8CYoP*BXg<5TwJblrV4u~bG*OE
z#FzX=K>6(rwCo318ALp})$?|;w~UR`c86v+f<*gn$J
zaHCSf)GmTlfk;`fOT8xgm%6ShCDQgvx_o@-3R7lU(5qIjaOv8^g{tx6C*tIU4a?3_
znY}G<7@#n)K6OXM3o6-gM*(+S`g001urVDjA+4vUH&WG{>z(QeDnPPocJoWX73O|#
zI8ti2XNSIj_hD0eZvZ7azAfwU`b<=VaLTmlNMIN6wprkTe!V(4-fXHBKe!%*ja+
z5%_h1Vy+eRljC=RA$Z#OF%}P!
zT1}TLwK6gGRT#@P>G%J<15Ji-kNQ|jq)A%m#V-72y%_lZxJ$&?BPSOY_8Zm1&oG@m
zuUhrl(;my?SxVH0RZ(nHCm(0>UZ&evk&}UipItx*4h8vtUsnKml(o*zF(>yHdRtH1
zqw4^Dbd&ydDf~ZrnJMdpi}#KL-$%nP$Lf}VFmXM;vKKB@ilUQ3R`_zg8{s4EdReFI
zK}PqeZc=|VE=i{61tCwSSr#5R+
zJ9263UH4hWM}5E4HA7_A0t+UNI9L#5m`7luTJr=iJUk)szl;`bl}_`WUDI`E#QxYx
zQuENMga=6Zu$-;*;{5aTgu)-kzoSKGpruRcWqj~X-3P)KA7Df%B1j3x{R$j#!XBOw
zBWpzCNq>pfrI04VD$9TuzF4Vauihgo`Uwl#-*r^Ji`&3?0VOb3
zQ^0vcHPyd$I(VoqcOWzfCUizv_3x0SQ-S04fQJw$GmxCF#S2y(|HUHY*>L8Ufp9Q
z_ZwKe!$=C=1+D6b+yS>Q6)P~3`t;5R03C)G@IzMe+q_gShbV&t3Nmc2tVd({KsJMu
zbQcS6y&T38#T6%Hm$Qb=#+KfLAs4x}+xmP6N3_3$rMyp%uz^C%%>sM?9MyNP6{fHlw
zn0N1J0U5&+ydZL75j(99lrXFc<
zFQ7%u$JrhLNr96ipm4ww{gIm5d6+ftm68${DqaRXCy0_~UeWBX#YtT?=Flu4-*Bjht)+!%Yqre^e2
ztHdN&xNcK`gNpdY&0DQquJS~L8yjvMSRpU6|oSwc(gi%
zklw&gZH=-Npaz1S3Z|F#R&j@^Q@|~rgS#Y{J8L~GCMJfm)NWI2WO=xv{dfQzI;{&{
zf7)15bMxCw&efhmwFQLK*lziUbqlE?F~W+Hq!0RSv3o3fNYB!5C6Fj7#$Fo
zy3ISH0JKLu%{t$)Re4fexZpJJ3c*Fj%ggH?<#8Bzul_MLK!-4~?{2EgM&C{$^(D?0
z&D}hK`7r&X6{uK2dG}M?bb~;0@}L+bBq&QF9=t0MuVT#Z?{$ZJU7_9vF%!gE*X6Q-
zDvu>lZ?TYa+fnwf*i22;Q~fOadbA0ek~tv))-Rvx0Z!UKm
zu^1)|NLembC>h`)AorjiAQeqbmIEVdyRQvl7?(#*A0JK~rq3+jVQI*LdjC`0pZcPu
zL&P!d%+U}F(Q-&mPEJ=L4VjAFtLF-GJ5$Q6D2i6d#Q6jgWz50ZCIy*BF
zoAlyq4SoIb`LzPqohh{VywwAi8{OzDLLlRURqfXu0C}k^)9TNqB+bmO{xjV;iqLJk
zi32A$7iMvL-K+Cb`ZCC`P-5o>B}gdu16a(Y(;7e~gP6*?;0z@?ZaSDlFX#z+9JRZZ
zl73oA*ciHZkLnW<5rH7Z3oB&(j*y6sAeoAHxyRmP7!7#Rin)@qD83_=%D&RGmJ6Eh
zuiw8vCz$bGR4t$iZ#^H`%$wM`($e!Nz|qdmn+Fm~YNBzM@1?2yim}&D5i!)`Znbso
zr*o?;TV7n4dIZ;8bu0s3D3GLqQKcSacbnfE%vue4!=|IEr#H4-#StZ6IcmG!{B3rl
zt?nfSIr-*%*=42$u5PJj&{?B-^y#03hpuojGDr6>Zk?vtqI-&33ko^d*{cLbIN#n*
z`Q*M@%d#+htVg^0Re#%}BP!L)-s7074&ImlsWJsQ{l)`t%t9IH6@EAh|JeyVx80VakPdtb=FAtI1p
zJT|*!c9%-Knw`53SlFw@v+G{Z8Ox?mKQb}7GHTVhxCM*yA_(e`;ICDE;9=$sIxgSW
z{#Q|JKRv*6Km2z7cA~nbn%*qWnaPj6^)LJEjJPc`^Y1xD;YDF~io;f7Am6y}tX$X`
zlw|ZlRpt>EaeAc@cZbcRveH%j<<*w;mAIbu>L)xm-M2X*_qcoT{6@Ve{}HzuNYm8W
zr_ExbS;=3->c4eu2Y}HLQ|#KFIxsUk8#1u&#dm@58E3mwi7CsIGs{jab5U_|Z3Y*~
zwrGM^WavhDGO|yu1pDO&ue7v{=vSB6JZc!j%qGOe4NX3}24lZ0nL
ze^A-s73RgjJV=HD15`q`TTt7Uz}rZRLGVXIiK14CdI+*EI6M78dT%p%@jzc&n-GjE
zdUqvu?&wzCCKS7pBSfa66crW4{BYp7ZcL31R}F9u>Wu<{s<^|l40|pf&s$SANh!Mk
zA83MPiy`h6HLxy0x(EFAFKN4q(Ib*zRsxeERIzw?0>OjYK64xDPoT;Ixx@jO_w^M7
zq2?MvDq`?oksZKip)!nvjJZye3~fvP3VuaS3^nvSVA2C|CuLxo%*gds<=A0>J{IY*Ta%JX4VmuVFKu7~!VWc^WD}|%HcoKOtX^Ji!
z*0>0eskXsoXLy2x4?DKT
z^OdvJK?a#>(@Nd&+M9{N!X&;iee|fwT2LxO74$+73NDcnOhBO}+p9guoB%8$7>L|p
z55YpU0qA?9{~s}KPs*WJ^@R2}#^5=w21kHbG`
zahjW(e^OHt#|>=4n&^Dw=Q!fJh4@reiGY0tE*&NZ$Z^H_L)M?6Y=KD__d2jaB0fn%
z0SFRRkk5;(_sA!Wb!HxyaH?+i|mH;KOjwA^Nr0D5}*{_+I;AJpl
zfn#RSV&DfrI0S(z65zYA&!43^A;awL?V-kM#NZz`j9$)EW-Ws14WKNvf(f>X(>GWk<%H;;FX^B#UY2R5H`TY4WK
zo92v*Fi|%GsDyJA8C`*Sh4`FjQAEEF2tqSd3cwA`wPLZnx`Ea*i!FMuqN*pDg#kT?
zii*CE(Rc(lhTWG~K2V7XasrSCc9YK_OClqu@7=v|2C^rrQ8J!OCwO+dq$?BBa;)2V
zSm(1qiHy>@vtNU&6hY83hfaYyI|#zfG5MWvbmpj+>^wY59>oIj-_WuE#3s>E9&*B4
znY|5@_FtZp!&)X&pL+q$Ni4)@ArC&Q%-Y;5Fwse=3dJ<2gYfFJn}0pL9jDfj?FwEP-l;#
zQluDlzn7s3;%T$MTE>_K%y5V-Mo;;-&^+A92hj>ORA#OK16Xsb&C1RO=Vzcsu0oDs
z66d@e>URX&eT%R%VnjO!x1zb%-NM6422Ff&kyled4+pIn;7ClU)VD8R5Yl-+ZGHVD
z`=t{|dl0URotL!{(i0aGC{0h*qJ1jKPqH_&6>8Xqb6y2)-7F_I0;fSY7D+`k-y2+V(J`
zik+z-z6mtbTYf@T2SMfV&KkKrCb35-dZ@rL_$-qIk_
zEPN6stM52GONKTeu(SKAW(R=7AIuF74h|g-%;1Henl-6c|2;E4{A!E!#G25o-@gFnR3E^x5SfA}5v0g|@^*x%B>&StzZAQ4M0f(5
zd{Gkt7p7~TOV{5OX3&B{kLP134wcL-uNoq2ff9$eM$T{i`2+Ey*{i?5A9XH(dyLoX
z(6u98NQqb`$VERUPp_65D7vuA%EJ*);DAs_fm%K4+y(})G*+uK!Z17@h!wJnfDX)a%uD1@M%W%aM{lcJGp%AqFi?NQ(TM`vPlT*j+z=Yhe`
za`k~AbNh*LjUH5nn^nA$*l!GNK9*%W=~Zw4h^C_%(_g=T-Uioy0(rKdgbfKU5B$LA$!Wt96GnJjM-vxXP?kCvJc=(c4rb7`eh_9E_(RA3cg!|Fm$>@)zRA;f+T-EAM(}=1g9qKg^M0_(Tg2z
z_PPQJHifSZ$|7o1K^M+ATy`TGM24FtpKpGt53i3}`03bQQGaB!UIzhAjk7{K-!NZ;
z!+pH|XxT1s_~%cfujW=(AqNKzTMPFe?18TYSf*)furt_Khst3pd4T*BYZ|;X^6{E&
zLZMzQ`*5da*>kX#?xJ2>5F-SsL;32bRq2KqB*w~8Z}Jixm#;*RzpJMJvn|VE#pZ5{
zx+Y(FCszUQ@!>N1|5{IYes)2pPtlWE#UW3H$M6M3dWA8gNt_o0NXb^U-8y0-MZAZ~Q*C6pS}6k6h`sv9U3%A7^;d*}b#5oy6Qz55Ma?|8@hl
z!{Vi_d|1AbXAm@4WQYSk8WZRbUkXjH{QATFT#Nm_QcTut
z*=Dc^3rxQyrl3(ccZJt^JI^HYY~3CPuQsq(aJ&E#0Gkg@1u@vBfc5_M4vL`mBM6_?
zg6+>eVHW?##+0Hw0qsQ)1i=sL10~OH^Ha#-{y;q*vL2@a4xsn%uY%hNGJ^Hc>xGI4
zSVodY_69+KkzxgH-de}?#d7oT$mr?OgRNjajp2v@G0{C_h6)^%&iHf%GyYyUv5#UM-Kh~SaE==E{bRVw$hydkZk6f9(5VVCADatotZ%!hYIWV
z*^vn--I5K$+55t6OGIQY#sz&pj%Z+96Y
zmrwJ=C(^6e--9EvnSY+G8uY;`T8rU1o)4vuy6{M!YLCaK|4B_Uk!uYtDBU!51lh?b
zZWFg0axyGugwgL3+(2|pAa6Z*5GNc){)>@GJ_`J2h>Ks`>%EOx90XNr)o=88DpX0}
ztgj{|sIW(Yi~+(jnnXb_)hkqr#X-w%h!5a}U{lozU}m>CBi;Ur!4b*D(EkELE5Hnx
z?{Lr12#7?C2ms6n$rnxoMuJHavLZ&e6|Sb-paC2C1X5}df+
zP6gDK}nLGG&>9*P3PGkQn-AnD3P=y2Ajxsc`frl5sX|dkIb`A_su~xG~dZr}?
zll?j(0*kSylmT#`i0(W}cHi+}eB9-+RNM-o4_3gXyAKD)AY0x?
zB%!db<^1QD970-)_46#-D_JZ83$4Z!sXz>q6jVE5>cg}H*%3e|gwno&f$`7^G!1+=
zv^OA#7qX-Gk;NIDdE5Y`2rvz@;<)&Rx{po)e;2w5ae`htfXg35;ZzkaaV#)}fDN?#v=>a2B?%{Zh%%kzWZ4SCLVe#0ck(1c2@AV*e
z+__USk3T%VnnC{%WHY@&&1jCvznYY2I`Rsi5su=unZ}R;7Ev%BM|+zMm6)O!WNv;7
znv^p4xh?~hcqJS)N%~%$9mU{a)r3YsWlkaL&{UOrs{w96O<%7*g
z3mROSV}78bux$lE5+@M_LxK5S@WVr}oh#~8osgtfW%Qgs1)ve45)J}Wr36|sBp`yq
zNEvrFmm(
zUN|^RowVz{JafjmQ9U-e!S~V?At6do0UW1K`9N2i(R@$FV6D5*&Anfdu{R1co_lQe
zz5{zBnwlM*?z2ZtS^OBbs}BW-8fxV%DM+c`ZQ%i98Y2;Lb9)I_)M)oQw4epgw8t0&
z*W3l3h8DuV)Dhg3B20~un@yC3APC_XP4U21?t!5;l+W%Rk~zuBG~V5IpH`uAKk%e}rx%>~NoayUpK_umK1=
zUIdO^l0pJOb+Wg#_D*>DC^ZmQ*EPbo0i=WpVD8C2I%!V|5eQma%+HJmUFt0#bAuunt*myP#0Wp)9bo;gglm3P=p3|
zJYw%T!m;|t*htaQZJavyExWbd!FedTZb|(U0afaq)_*vyZ=9bto2uo>_hYhg&B?tZ
zU=Yw)k!&^Mb9q1l2RUrqVZp;^RiPt^+bWlFZ5=hI26`mqa^-;qzKQ4f9m
zchLUsKNf#E^QwzM4}N%AewxUShYIqS=c`iAS^o79QVlsm)XhrHfW!RAvmK`RvhP6y72dJ3%<|9$-Ly%dhR
z^!J=qL@ic&^oCbZWjAh&H__z1{FMccziuIP@cys1JKzJNLP9kLjY|`cTR6RWubmI~
z+{)!^KT9VTq*OZ=FtZhNWLQ9VdqWRz?tpeUM$o!4*QYe)iwH$TCqumgn17(!hg+dPNCm2*nQbvXy8nw?$#zycV8W00cDnU8EFf5_fX>Sxh=+!VGjIIxwH@~nw4=s6P8j;r~OWd*0D
zg@{swn0S*i0T&N1ccMSn{@B9qKb8q`UVDbi=Tv&Ub_P}^!X=Jj^7L?Z>uyCEw@%qn
za=*^6f7BRIc`);PW-{X9wR6$K!v`0Wyxuo$%(ZzPOmS9xV<(mHwizL)+58k+t=(1n
zNTMahA0G?zT%A+Ox3^jw1Y<0K
zN@z|%z{{9XC4vz+MY5!UP3FYzCJfsKP#4wWXPto604RbaBjh<>kee96FiS+i`3V}R
z38QjcTAx<@lba=X{BZyPSPhI_OsX?#Aq3FcRt`SEe}*))SqPYk>7qFOSv~I~Cqxn|
zwU7t^R70OD91^vwDQ1Q|odYUSiaTe=
zs)Au;E9=@tV7u6&^mcemH3Jdyb{6|((`8!TlTB2
zl$b(C7y{U9fAswE*_*qP8smO`ez6likcpsg75211ZQ7wULSKK>gM$mTF)o6J37GZs
zL;tx&Ad?s$5KiHSK||@6@~CZS{aM;dmRIUm)QPhnb#|F;z=D92D0}BKFCC;mO+tOQ)fL;PZU$D-Syo
zMTK5-zS_qH7ie#3*9&h9#=p%Emk5(q3k4J?t3nr)q=Eto5+q%Z$xuZl4Zu^J!)Se9
z*2O)0vIgKJ$||811|~ydjSTqr>41BJd<^FR=70)2N?$BcMQioW!lgpHz{k6@07LJr
z`axkKct&*;6l{@u2DD(Lx
zYQBI*iJFa0QD{zDiQ>3C-I|-53ymQppcUR_BKY!z&U(09L7=a~W*84iHLN%9W&)ZF
zYB6X?+}G>CRsz`8wADofc0_<(BbrAuL4!pwo!AJI{iWsHeoOqm4%wEZzVs?W@to#$1`*=SB{Tn*&K8--n0S;r&fu!Xt(FDbAsu*+=l9jap
zOllwrt*|`;l}tR+`P1Kz+q`Ssup$^+dNS@}Av`r}*npLRbigJq_qqt#DsFib(O$WB
z`BsjTdTZ!eG2H7=au{m>i=Dr^OdCG_)OT#i_SJ1rVS)BJkcxp1#fm-UhdpbU+=zgO
z-!88uM?eNM5^mVvT0}+k$X#eBhvE-*Wp9FhZvSV2bZEz(qhl1$*F>u-(6ctY{Cs>>
z=3iZ_nw$zo!jY{wxy6XAmIO{au?UNY`AQyCzQC|zEf_zS4<=0v9f;poUo*Rj(Zgyo
z1Yru*FLTBMHS#VyV|li^knvZl{|(G
zD$AfS-Emom$PaI@si~>?LqC?$Sj|%$L8)3OhV9|`e2F~))Ap66$Mw*}AA9e8Krj|4
z$gn#=Fz~C-qgSDF|9ie3%BrX7Vcmj)qI8des_-UA(Wf^qVbtLAK#C3=ZqAjGfd~PE
zTWOY{kQ-|W07SNOCB@jPT3OX{L73UoC?{9Op8!o_-(mBG{&_*c_)saLpddF^5k{cb
zEswz@ypWTjE+yqJ`z3Q=5#1cezv25T%?moY@|CtzQf`+GddANkv|J+{Tg{8eyBv{z
zGJZcO>n^l2yZ}FoOVwz^Wf@T5LAqAcH3dM+tRm?%71EgpnhV~^i!D_0*2(Q}*6P}htI%F-tSbAG#
zLEEl7RB0fC!4t}6x+*uHTk%Z(klJyqzL#3ZZ>c5nJN!TuU}hf&+HnKyu!aU#jqj+X
zJ~S>V0c}Y%0MfIt0}wFe?>wgN>!iv!_c=334otOft*p3x;a!;Jl9M5hQnC?noxm0w
zC8oiN?`OdwV@;zZEiE0sjou3R$0OT6&vIlPO_7#ENur|tGE?fWzc&5R*NKUp$s{E5
zpl3oA3EiOv;#~CwR%P}m-ne^mHt}GuNV~Ul1orFMNjteB=eDk*1PBkADH1RV
zz4z{_^mQh#{`*&`H>p_XZs46_0*wd)?>V7cCOI${pa@Yt-X9XQLXUnb75c&6)jp-c
z=Pqk>${;!ZVV{$G#lyzKtjEj{PSm0SRx0oD{wQqEn-=^>MN3Pevs5jrbe;>DrjoD`ER~{`_|H{BoPWXa%)Jung_IMsGJXh
zEfUqTLB@AEz|2C+L)8Ux0N7MF9$z6ReCA4mz~&A9U9%ygW$ECxFf>eYUEbJ(blnZ6
z{)L4CCxz9#vEU!j4L1T+%inIBrW3wFZus@5&#BbAloXQ{)^DG$IsU0sbTI02@Qdnz
zr)=tyrok6nJY?c1B>($iCIh_XY*8OV$vqKx@+W6k2IGQ_+jjLbZ5|o{4-XHqE>a;r
z=$2my?CQ`BmPcr^2XqA6zMPW$#a8*Zo%}ZHsVpf$_qqW}!Pp~N@L&DZuxSP~ZZYg=
zLGzPxZa)(hpkQ=2FcVW#G~+>Wn5-f2p9Mg|u(kr2L#_+tNN|U!C@aIEHYD>knijXd
zc1pRCVEoR4sDp0yMnw!`T4DpkW4f4;deU#{~d(Xwt&b^a0KkK0!eCafg7mvR?
zf0S@5Be_0XI1TNvA*M3GCYBYp}XXvg*1TCF7tu)OkOJ78?*IS)W2Z<)QD#({MhVHP6jF9WWke;iD%l)TW=JYZC@G{!DSKrlg^Z9*
z$;ciD$8mm-ch~3p|KDzPU0u2y=e*zV*X#8hkH`JlYqK@s+8>>tE_BXYpJuthb$N&hS}FazYZ6Qx)})
z40ARJSByAM{2{SLnRyE>sS`DPn5NKOgyW8+ySjM@Nt=tp)+Z{N;Ct%aP2JYOaXeGdfX>_`L9CPTl16iF%zS-V5Vd(nC4
z>9=C39>6m&5D6LT;}De*eUKkvLi>0cll9n01f>hRLn$;xmS2cPhJym)Ry^)+QOwp&
zm`O9<{(ZlAURT3p&}9n?R09IC_9!?6C+yf$<(x+oJ>!r#H$5_u-DRULTKF^IXI+Mb
z+YX`kaWj0Xe5;@1ujUWc9M3#naIy4k7s=@BlWDElG-ud;dDLh_dJLrh;HaO7EL(QxQ?x>u
z*WH73k+9W4dI6~lB72CW@YI8S8Po$$LK*CB{it<qa>a1kiF^b#>|8CeLic}Zdx&l=QU4;M|Bj;PLo|SUG76?vLbZn8jAi!G?R&_HMx4R`yA6^_|ESf@8d#J|wpxKUrcaY($*!
z6fa}%5w?QkZ*fz|%akr24W`3epZx4@PmcFksh-3jqB5W?z=187(f9SL?DBC+**N7n
z%%RTw5LqN%Ex;~L@;#Y$*wi#G#;4XYQ$4NO<%~3BWyReQ2qnJ1X-AReWz+TCa|k^N
z*dJ)8R`Csxv&)W}%`~~+8yp%(QnghA00!(8Jnh;l0{<~l4`(k8_PZ;K5F8gmElO-3g#2sTr_{XJox2kV7HBrLPX-c;b
zGQ2QsvoZNj1!FUWwfNw(pnVa8Q|)X4efByUv{fk6AfBqb#U8WQb2X`_)WPS#Nc!d~
zDMs}`y-w=>!$0GcS4uDcUPhW#eV!%bRp`)@ElsQBgW(fX32I9b-UyQf%y_0OIM%Fx!1L8K~84{sizz#`>E7!Si
zdlnBp=zoSM2$#!M?_p^Z&ClFilOLDQWnJdR=76|1@J4XaYE%TUW}sq4F@tDU_DnBe
zPbNwaViIj4t7wNE9Hjn}+f2yP&ZxNU#%qq^}Pf$HaTD
zdug3eVMYEn@0A^6EHSzKBv?f{C82eu{`9XqLvhkQ&{I`W%oj8#BT}T}xJ)aB>OAB+
z|57Jsf}yiq>AO^2Tw%#Tg66`xHRr*-EQZJ<9uTGy)RrHTD|c?%|NAT&>eF><(q=HF
z=*t(LLkD!VsOnA+eyys9gmDCgNBl|*BK!>I=gz5sYZtUGBMcIXI;X!Ix$H8iT4I7sHO36{C#ZywkB5MK?ytCOYvs4psfI?7q|N=JmI;?q(6ur9_ZbN$ADy-uzc9(|mKX
zYUd7VX`EQl?OL{>ppxJGTgglxXE+L-Ujo!1tu?XCr%@?PIlLV>LuD`Sm6Q9tp?JKI
z67SY&z<9uhV;Sm>3fZ$~&P;rkhzRQ9M^(Eo2L#(8yCvk~u0$JXgJoji`Zb&y(|RX+
zt+|$k%^Es7VRZkWrm!4Ra01UvicB7Bxa%8^3vGdZZz6Ykvu#DxbauDTS@|*5e`aE<
zj-0F7zeTVIaHH~vK&2q3Dx6>IE+fx>KDQWwwG*+sFCNV>Q-dEUyUPPv_yOh8
zf~b8_+Me|quH@*-I%%_loc7E#`xz8Wo8c3nN7DsxIYMZ4NgKvxj
z9Y!$Aon&h$G!RJrCl(Avc5ksbGX%-g2EYtsWHvrCE|UA>B@S~W(YnEdj>n29(?V&<
zMJS3|k35cDF7ac6~MfF)(D6SNmD
zysNj+3CFN;pwEc=L8#schSz}?1ZM$I+>qQY4Y>q!i6p+qjHr)2X}Ft`aCBAR_{=W*
z1i30;=vM6@Wi72!q){Rh#=Y0YeB9N%SA6(hR&ls2@lNSSwPJpC|M*@Oc)okVlT`A$
z?Yf1>T$@?i!T*8lm?+Niw)!lLd5J@nyOe*0T=1gg&!i7;`>JNrykoY|T(;<}
zk?<5{W(-jPCsHbehVed&Hg`nTLiN)=%GlfO}skmfo
zkeyxdV~efpf_Y-soc{p1Y&k7CuOOj#bY=W<4keyX$4J;ES<2b9VCu^b7%`F0TL!^!5eU=;
zYP1iAhpPdgQa)c71PdCHx##Ip_on;)>FFLtVuMcv8S>k=Z;2b%J3g*NbiutQ=p&w3
zY)(kHiT@wYNhIboKkqU!p&_W~H7|pEM6v+X_i7yiCCTQ{-&Jbi%&xeiDBQx%vSWYz
z1qg9SV)x8o9YUv%8IdJ8KzMURUJvnBey6yM(_sCxm|52vNac_z;Md`Z1l#~b3n<=~
zIb=Tv109chN=63T8uqOk849uAP&2tYBD{iGV*y(eegbb5DF;AaJjLBwd+3L
zJ&HZ$T}yxEVUJXzxZv`mZ8
z3F~*CO%fjm`bO_QTN4zKrRh4b?)jkOI`VuneePH~8eTR|ItTFlMj)_{oHxoVLMJEy
zp)jI11Rxq~jtn!bIS${>I3?766EeX7c!!TXCpaQ2W}tau{AZgY5#|HHdytZl%2_WY
z)=4~4uR{~#DH;U8-QlGtvv0iW9W>1!kaHsN5BJrnw{8Wn551c;JX9<}RQ$Y*50;6~
zrsT92k~7!h3tLWfQTg|GOL1@8*lTh0omQ%=s`GlirOgZFzJjscWzP#)VfWL18B;Olx)P&E_b0fqci+>q()<4mTU
zsF@sWG2x4?qf`T$
z-V>e>H?+hjaX0#rW{Jy)voH{@4?(GSD7=cqwL^!;8v88(hqg&)a;;C2=I@4jLgQn=
zSZ8~r7rZVF5ysyWa<4slYEOGznV!|HnKv~i^#-#K=_gATjiSIR-Op((VVPzgZT?zA+26*U*M
z$Jjv&-X!e>S}gou@;bSzQ4APd-7Rc*?Ta^cuKJ-)Ax~1J9d#p%dXhrv|0hyq%5LAK
z)3tS1#+x^{p-DtX9<>+^|Gg&&5cc!$D_|hU{sF2(=#v%1%DNST8Yfr>s3;1DPdnE2
zPm+R;Nq9gJkLEG_ZXwrOhMduDL_{ktgM-AgBkka;{Fafm`$X}q%FK0n8hU)QvFOP@
zB%a93XJg~G`%pY>sVzm4j!7m$g+CuU(J`e&K{cOOeQUz*mu3BNs1|lF@KBD-$BhTP
z=0E6KH#Bi-_fw&Gms9Dz7E^&bnzAkLMXc1$-QE{JOKA2caaLMlo46dl#M{vE;xswk
zK}$iadxFMI&bgm6@(R2Bx`ajdgqHrmsG{JXHak4!LKzJ_fn61pw}Y{4uFbkHHRt~4
zx(mCXVZ&74Buy0S;TzM4fJo@}lP6DB3swTY90;*8>dWV(qTNDv?oD}tx|*bJIS}#{
zQI6ZJLH;803z^dpxeyibSFf~o>toU2#K1X#Spc7YUkhgT#Ov@AKqYuiC&L`Q4sF_m
zkZvEGEaiXsziYD*5iV>pOhGdq^F97thBTKx{^EHSP<2+E(@Lt$h1U|5C76eBQ=+XK
z@4j4NZ)*#TE3XQBl87X+c|aKrj3RPHn2f6WL8(6;QHP2l;ST#V{p{n%k2(joZ}^E+
zVp!UN#qUa$`1+-@KC8~{BV{dknn}%SQ41K|`!zqC(XaGe`s7XV+Bm-4?Q{B|a$Q`G
zkb?k8J2)k?a!=5#5MWJ05C55#_0Fr>v+^*7wBMU&dyJCFswu
z8*uwUS(qeG*Q+^u&M_y3KLODap&&F2;$nm~4*)h&V()5oJK_Y|{S`fbTrfh%z#cIP
z5h^MLA-|llp+I1QV+WLMa6)k~e$}q(__%9#dmVZ;r~>a7iuIWuI8Lw}3Hba1Gpq~c
zQO?^8E`aCwk1sG8$OkEKP;$R|Qfz^9Ego)yu@LhDRkAhcPKrxHezMAN(TtUmf!oc!
z$B&IbMUmFDWWz9ej*go0GvG2IQD%05rWt^xo@=>0B8T!$;wkd2>gV3alH?nDKaGG6
zB7@p<=_|>}`t$*+n65aq1t@AD`9^dpsa5sy^v)PrD^^r5czFyBS!>m$6HABtJWH%I
z7+WGXcU_t)CPgg^-mO$?%OB#}rI0z_dU(F*<+?Hkte*K^Z%j}m*Ia_vhVs1EneXgY;G4|)9WaRYI
zLPSUd-V-dVl|7_Axi*z{yRckW9?8G2sQ2Y@cht6J*1U|kdC__2TDpYiwc^Z$LNh(}
z)~=%UX_JJ$Qq_CICS(dLu$5d|iH}BTxl<{~xwi|xkKbBTkVQu#dr_O-H~Ji2FegQ#
zPVb~xp5=NEb-BI=r_5j-^YX<~u!21Z){=*AkEM_EZslAXq#A+37E_S({^i9LmBwSZv9bqpSl2bk&vpF0E#EP4EH)ZI(%f0FGALB$wP-2
z>b1EjyT#F27I8m;RL!7&_`SVd?tg@dq_OSY=3ae&90tKcYYoRk27g7OYlFEIkL(Jw
zgb43JAokGnM8kpbJqn-qpG61I4FS%YGf$mUAF5FX?4vduZ_*!hsRqR#Ew2V
zd!Xmo`iY8hrS7?o2vRqFmGTsu#n<}$_i8bZ*!vsnNTjhxG8>zlOUWm~_)7hz?X!FH
zIs&T3BPlCabgiu6VN;D2<9_z5Wlxn=ICT}NgsYZ$a*6i*aJoOxwB?f|iCo%
z9hy74T?Da%B8xq=ufWc`)G-p&tD*3g_)p*LrEpyet<9et=(#r2{N{^=-2Pm1
zSrN^wk$?22=rC697l!K_#f(yofwYUr_ud`WHOE=4L4^hQyTrz>JdGQqHG8HHB~EKO
z*N#RAI%+XENoHQqOoZ*%@Sj64G-jI^{LF}C#XsMJqn>dCz^9rA4jeePkD%qPsWy@E
zoU?1AZX1b;>=E{aYN%8{clBsD+b|v5+|k?eYEI|aZmH_|B-H=$)#M*KEVIyToKR}I_k5oQ
zYCMzaq7>9T-Om(y1Pa{#Ds(TSX7i&zJm_s#$&Iyv_%c-Cf-499Kn~5%E%t8i-RuD6xRL*wM)@$MHJbcaWNf6+sSpmb$iovMc)Jjnvg@PiBrcsTtOmKm=|eO=v3fQ@?R}o#~psb})e{;Upt(
zbk!eNeMAEm+(dr)2J6;^|(JbSFq9nx=kAGgQ6y0y_z=hzRbn?~OIz5ZzRNs}?&?Kgwv#j)Bj{KI}LUx6l$Q
zx;n4NSKMAP{Bp~I>%S6|I_E%Adz-nSBJ1goFE3voQ0s>hYI1BQ8c?@poAo@kTJR4v
zDa^M94Lan_IE+8I5qiCg@&QP^zG1K9pCte47*9zqpgr`KZkVQJyn-aXX(
z=LNj^rmsZSMoqlUCy04qu#P{tb?bgXTK4#*=(v1M6-%M6xMf4b_T{Gw-EUDZnN+%x
zv=Vx(k|@eoU0XWt?^QSuSXptc7FQGt^K>4M7A`y+Z)y0d?sEOeyTdyqEJTJ!}0Zd>@K`YtGA9Xu$Dh*QxxCy
z5hdE{DK6(1RVCb`c~bUz(C?X+^^m@IHg&FF$+P~dd0oxZTL*h(mg^fPdAsTHHzfTm
zsLBk#jVhg~tr6W(;TUy*^ZsJSA6A?Vl<#YwYg`J8@0dQgn3-_QU1>|Tg}C0*#XSdm
z&zh>TCU4&a!RT2+On<>f!qC+Jz^H4H;AyYF;*T9RIeh*Vrne-**U|p|8R^IR{>&}5
zb2qzs91FuTsb1)fj=7(|pXIoz%}FGM&!)_PT7R@7W6H$--2YVnz|h&bU*pF*jJM#;k?A
z?xK3`anlXYGK%J}ZK4OU-@eHEiHkpT3RkD|_?L`X`yZ-kJNGN5;VQ-3-7@;+DWMP%(fz{zuznd&2CteFC!Bmd+?acX
z_$skGEa4Hu;|_;Kx$^I)N
zR|fn`)90SWQ=I2<;wq#>4c`8gt-qwrc{6+L*T89oT$!OICiDH1YWHf@h;pDMEjQ0N
zVK*!&Pb(mLc5TdYFUiSZIy+RbpF+_l5nB-az!@A@8b6huB3b`N^Ys?BBwrJxVb4s^G=zg$ReApTw>b59Usy~TkltT&-Lu>
ze7L|&ED_DSxv2T2V#-y-hr2PNFl72!c=9)QK&CjqL
z-r!jbz3@ME*w{y#V#d{aLniCF9L5e>h#hX=i)*=hYq7Sj>;ZeWqfY)UofZl2!HnBY
zuA?0z(jDdh7aS=p=__*7t7TGflr`hJSnO3_ME(TiGifP
z&ui2F?OgkJCDV$k?TQDb9iPrUd+?+b%DohRlv|v$!}OWBXylTi;_X@Tcdq{VUTCN0LS^c)~>k7gZo}n0<`ZKY(MX{_{i*yIoa52-0HJvbXZ^G-nap=
z9E54bUp++hy7ugEZXPotTvUtwwr%gmy%*0aD-9e_R&`NAS0QQpP(1%AW%MhmI~L*A
zD%h!I)rl=w=U=FFr#N(}yO~r9E|t-)$mFS}KR`*tA{R9)&9}N=RIO+wsdbO_&C59%
zH5)>opK9;PXnZ
zCnaG&_rvQgSMgP|1XW%6*A|#>vefr}1ZmN_EKw2SIb2+&V9?UA60-#_DK4kkCMmvD
z@)k(1ZE;rQJ@^jJ79*Z4ZI;=fs|ZzU$zUeSD_?1*2g{h_`r#yw{~$P8duNnw^&l})r%ijX7lS)
z6-(O?^LA_VhnK}ae-#FVHCBeCFTAe`4|4y~4NYLt9J#1u;p6^b@ocK2MYthD_Lv!l
zt`e8#Bh|44cf9K6#>_WaUj12_`VtL;
z>Beb?0`L9TQQ#vQhn+*xoQqu>4z)GScvjSDrjrBy=oN>3V!v((CM`oh`APS#d^Y;1
zoBgXa4H_Thys2^rIlsDb<+yO<_;BRRNIA7J+)|C0;nDZmwY#h|CO1-c!THp}S;u~A
za(d6Hw*F^YI{r8eil4}eghrT_LmFjA=_ZksG07IkTZzm@(;pMd%?qEMm{J+INEKnx
z69DMuNM%>YFBYRXiH_IbM|(Cpn7Yh6230QSzu$sy5msA}3le?8ZW%~tHS@6GaA6Uj
zHF+g++x%h#8wuar>q>r;e2blZ+j@8u%1ygWqu_x&Nj*|tXq=oX^jL!4
zG$c!O$t0HRLQT_0`i#`7xFo%egrZoZtEzOX8iI5CTpi&=O7eKV#=r~cTEKpXld(RA
zxhlVgEJXzf>KE&idtbVFNYAbzNZWJX?&3awiv1Lpe-_fAr^J4fBuI9Sre)V2{-Kt(
zK6r6eWNKH|mtHrz_{4rXrwNny|3ohABbN5z_h-v*IiKU`tV}QA?AUJ^bDGk?WL18b
zcm@=GcHO$C{e1EhZR!~tj^FCxZTDwQSGe
zbg1wp8F1~2iwPzEe4ge08r;FA@edH`pOINX5{Qgn{bFitCh>EEB2Su#z%CuF6{P=8
zKkX{Sc!ALDgzMP1I&BF;dO8`U=YKkS?>cOo!5bMP#Xj9IS&u!+bREZM!Dz+Fr^T}$
z2luWK4!SGE9zZPMs&VZquH^05&ORSo*}eY;3-Oyslg5}a9LsUbmQ5jZ%w!r
zF7A-Bd!5}tG}=)TWgceC+~4baP}W=!H7n^*%kCj2@?g62<-Dt_$d_}2Pc18jmbz}y
zd?{<3^rAP==mBvM(B~)DqC6UaOklbG8gIASjrAWA%*PutTXe%_9&X*|z8)R-(ryny
zqO?yXRquC7giBp<{tIR$tq*bMJ#SB
zdL|eFaK6563!!h|CAZyybv3nU69OeBRtR0VHxsuL+qRoyEi-nkr$P_cX-mzwNKr>S
z)hq>y_PF11qoFi$epN>~Qb+y;_D#i)_9Zs%rGVDDZOVILVspTH*Gy5O`8{e|K8c^w%75tL%%+J7b&)Bg(bv-}QySWJqZ)A9)K
z1C>;EYn0r`#Oz%91znhW_
zzon!yr9tjei4-esa;au`@!QaW1fi3`kJWTep`4}wcgh|0^OahWr{4mUO{@k{Q?6eB
zw2j9E_X_3q9|^KzAl`64^3i-bqmq8B?ayE%|m58=}|w@8XI}%IP@ce
zeo0##JUF}yPgZ|iV7@A?N9Qq1>y61Wvu|n>SS)Tx@D$I2-EE*iSTxqW#Y`b$Y7&$o
z%_r9DCmr$DyT?AK043`D%$4mXj*N-%t<#@tI(?4PYs;kP&MfMm{>7TsnIyJt{J
z?EL86tt?<~!61TP24~J}Kl|reE{fJGKb#2zc^~xuEju-T>Oyi24&QI|%%R#wjSnop
zp)6Iy^_a{iBrPc^dC3HgSbZTK{D1!(lSzv_Mr?~ZZzUEfQfI{05RgEWNueA?r4&{1
zzK0lr$FsZ(8mP8zL(Sr7fPR9h*}o>;h>@rG(P&MhhrjuCs4)fOI3_9eZQV{}n8X8g
z=?eo(dS6B2F7Q8AykDl7=H}Gr}7q
zA1jMy7G4?+lEjpht>;aSJeR#>f(ydI>i^fV8k%Hu>>Snuk`ub%P4Oti)rF26ZyaqD
z`~l>pQ=jrs_aZvDP<*4HjEXr#T-yqNbUr}pJXE|abD{_JSObKCFx?YO7GMYs2u~p~
zR#mpf6=M;AB*BkCw+KQQl5d4&@Yz~?OoG|_&u{?O;?9Q^w@4&klD5VHV{|HrF-rg@
z{X_i1`ci%$*f|Wd3gD?*P(HLKJzp&He`vQ>HP=fLBX`;O3O$*JFm=@
zIiatQRoJ*LU7DN9k8J&JvEom=Ls_>AHC_09MjUJ$#2C4@*i@BdjbhjFBB~UL7_11e
zF!*=@|B=xE$KEChMon{brrv{Wht8FxKF3r706fv~wAk=#t-u|6?b2i7V_u$d)K)=5}6>d-BKWt20&qI_(u4834>1iko
zzbN-ZUjfKrxjXl?w{G2=PK>F3SP1$Bq3b`rlNjC6>;cr%nWb}>JOfV;e#lodyK-x&
zM!u#Rd4A}sMz*n%m#>WV#7XjO5K-(=S4sSn*^53-KQ&{?D&vQqZPN%bcO87##KWOz
zR$T2V@k{a{WAgkzncnmHSWH+*wAOh?)`3Kk7~AFhdEyc9E~FB4=Xk~>SeQvYnBc{_
zhFxYWU#4g_{Pb1DEf~^96$&k0ASeHF^?I83U#WKSa2+w5p!6nedyBz4PKi%9=si(1
z_;~Jx;f>TMtH|Cw`y4vrq`$$?$GXNwZuT}50}#kVF#vP#=Sn-S3n5u@klg0HJY8JBJ@!*>_q+)?tfk
z+%#QAhS*$dh?q+L3h*ksBJscRASTj$v
zqvs1nU}`!9+vxJy+rN38e5}9&d^HT2#-vSNya*b7nt^1lp`oGES&H|x>hKZXjxVX0
zrS0yoFZI7{Z-0C;|2zG4gIAo*$qA&3FEtfCykhJq&LGr_@@}xR8Pdm#f3p`A=NCqW`za(F@40xf+z;>1X}@`
zRfMr0B-y~QY`+T)3~IJ&<3FPYmhJu<82NMh=3)?E$8G@*V%Q@_Dt0}sr1r!HidD>+aAy4{eu~KtFpESAXf0%=VNb0!zM#BWqyOR_R!)MMIcy$jN
zpL%f$HXg=-t!s&sxA{b{4ybk5X7EfB`|M>onDR?7(X{o&HB27}CAc`)HHp8n{cyV2
zr*MVp9ig@br%0GEf)n1HO#3^&t*ibfz{kM};2t-SxrhbWE#<*87gro%LP=Iz<|Z%p
zi^^j2^O8_2ZV7PY(0K9+b5K$oiTP#&?`_puvf4+-nv*PVf>-E=H4lVX!jTZ+|hm
zD;At+DC)~;rXyd*Gg?MQC%X;BJ8Anv{=7+`a}?F7jXT8#zErtWys+5vsNgOC?99LE
z&1%EC?eW;S?m0v3NHmI*)fNQev61=&p9&XVg)o0^s|-nF!;au(xBP~?Ln+@II$4ir
zFtg+h8fBbPJ`uOqv)0sJU|V2vFzfR7H2awTWk!q9{g-*Yv&U7AY$?Vq@Vra#;E?X0lw
zSw+vkE1uLEotJCq>52}J2xJfw4vkz*y3A1Dz<8%(>(ZL%G9JeS`~pc2R=QdLVE(S7
zey!)br`5x_FGlDGpKUr6r^->3ky=p)B2~$d@`Kl!CH<77(2IsL{pgn|#w7#r6KA#}
zSSZKY`W%&+rSW?b1Owd>Ch!0B0LT*OFhX6r-n8r?NPHZiSqhC$!Ppwa%7BeAv7_k5
zD$xX`+Y*6XlCvx-XC|{B_7+jc^=7x}^M5A{`V*`l5|6qj4}t2a$d
z-AXstDRaEyx9_^&0)6wYEfZ^o9@H$1zm2+Bd%HJ7JUYggvcksG@EV^2YeoBjP8s`!H>?wQku@59w)6zj&PXv7jP;X6J$g7a0b6^+5B+UQGPwLCg9uKhi|)Oo#5c4I4v5*1k0>sk~`q@idr
z6C3FmCIMba-fj@XU0pFrURL33NuRab=|iKlKFz%yNwYXvZXQ=0jw*8WtN=#$DSg>O
z@&CekRrt953X*MDz9_SSGm)mc8`feq9fBlYZ;_Qr`?*!^Mee`;M4DXO~Z
zg?FKuG$b)NBii4jYQbp*q^Te!2Z;#eiNhxg7xx@KvmxATGn1ZBuCGMt=NT6)&wfwT
zp77h^j1%)0wW91(;UDG-W8bPcz4*g2`%ZF8(sOxgye=<)*KznE(17k-H2nw>a2~~T
zJB4?>z}1;IbFzI;4nBBV%Yu`h1z~3VptO{3+!n&tFbTgg`*|SD^@)r24n0
z9(w>=t$!&&)jSWhZkz+As&QfHgIP4F&`W~XFcpH5hk*YQ4Y)@AlP3cZ{2h2=A+rMT
z2mexB*<1M8z{Xy*kx4hgchfRr74Lx`7vl>N
zk~*RtLPBbBct#cMT1=IAod!YVzK;m9+}-z)Ea1h0ERf_29WRl&&=zNr`tU=#0}>p)
zyNgz}*S(9{Pu|9Tduzz8t+tV8{zS}QQAw>Z;S$QX{NQnf-&UnzSW`tNWz=qTOSkmT
z+`5ie-Mng;gm|UD)I@L8DgB<2D%+Lhk#pBxN4>MF5IwM;9BJ}lBVWi7W~PPZ$S(d|
zZN>xs3{xJeBFZyG*SlN1I~CY-GbrAs<5!kd9_39I{krg7e}j_U>1<)m?-`YvE
zN2(HE=B`cHo2T!c#-gw+NBZV!Uhr0O^J*H~jq$xBU*%pf_FM8<{w&)sE2gx;DEavK
z!$ksX`Y(Su@a!`6)wNt@mHh=R4C*c}@))IIXk_I5#kLqjoKyc^$82he_AUz;w*G-6
z1o2N2VSl#$06S|a&CGLjFET?bU>#KxlJkG7eCVb1i>NPlXkN@nYnI6S{gY_cT^QaM
z5gg>1>?V{KbPwNXdBxP$F8|+6O#5ln^T4i;6NZGGdC;{X=O53J?WdV0}o+er&1FHW_T?
zBW@k32LoS6e{=_4IPInU@>`6b&7Mmg?=yb{f2U1;uD^UCBIv;TU0GL~9JzuH%mqy>
z9}`sWNoQp8m3;5>qfsw3K|hl50*2B!w*W&!2yOs4^-D_HL@0X^{316E4h|-fU@Isu
z*Fa)xa8g@4xK(p_6uQn!urn7|xj?E2F#5M|YfG7t|6&yqwkQmX@|ARAB_UU-A99A4
zQT*<@qtj54;?kA8uZgA>&Ot`)WMOlb_vhJBn)uIfeQG2U5T&RIFb4Qn3w&DY;~gWy=gw{)ga^IF#=vrpLO-xGz1
zhmk}~AMlmD3`Zw}+lJqOkwKsdQ*^xKpgC9ZBlrUGlwL^ag*Vs=;;jF)`tQtGmfg6v
zO$<0IVQ%~F#6mv#ezpHY&<-;Y0wnrsl(k
z)pB0Vz8LFy@aPv>;`#2M4L4o8-8Fx$c3TJ>VU%B_Y92m6w5JYi+1~g&8IBo9B1le9
zEE9_Zw*=4XCY_P5z>E3+)O~y#+)#DvEF>4
zzg5PjAxRfLFhN6-n@879vjPDq@mW|{Ks0}&SL^RIBD$94?2Wx$T_(4d{+O2pMM{*J
zV!kU_{T@F$Ill|PDstnlyhkIZ5R6{xZn~Nfrvj6ttd_1wDDf$#yr*owD~)i<>{Jyg
z>+8>_DJQ-Ds~I7(b_5J#WO~dH_(Jx!QA%nx&;*)>hK8TRM^ODUHs))(%UIGF^saq0
zk^hi+^fmI}O{UDu5?_X1)#vf{faPG>AZ=2=c5OGtIiT(Xs|k>xFxNN%RLiZn>cQNh
zl_b50$A?3e4~63IE5ii;?1@X3+Y>~Q33AdB*}rbb^=q=0zqGPGW|0P$90l>fMdE?8
z-LoXc8`8Nb*z>Aznr0gp4PJYzqqzZ?~y6tj_Hl=y<1Dry6;R-G|b9AjhG5Y^n(RM6p-@4Q0yGDghq;
zmeCudA%x=&wFY8TI|Qtdh|4>6-GK-dDsi!G+t{nC?NvmH@gW$O;vuY6V`%u%;Q5j2
zhYWfa2Oe)qf$I*hw-)6cI~H%Qb1nec!8g
zKYg@&bH@o{xU!6;lds2%;ZXjo6aGwzBd@dl{FQk>S5;J;M}6!qd6MNZZD#xB0(V~e
z^5PY@fwqeRo^)ET>gEI3|5LwX9({SE_U(hcuB%;N7;d|=>4W)6*k&ylNp1BEHd+VH
zoO#?G&o^4rj&d5z+#IZjB1YW5#|`=rkB`Z*>VJzq4
zba`;}x9gw|mExv3?p{K<-U}UL59X+2f0=C1k!HwoZS-)d^jMTrogb&KN^V@=G>3SS
zSdi38o+s45dv-3?x+?Pd;np9-tuL&d4Pafmg*H7R#S*>uVhDUCO;a
zUs)b}+1}>BgJ!UsYM;IO5^^>y%rc?<+qe1Ie9yb|4qFZ`%h$BRcOZ{>%KPNPNdzC}
zg>&OU2q96JMp^hksMhylwTU=Mziz(nw&m^^Qc}__>P`=?2S-^D^WhjdmwT-uIaAaY
z6DJV#slMlPPWt$99f8G#_$a%Ru)gSyCA`nf=cn{EE0
zIcZ8=wuNEE9a)_x*0YC{KFhU0mx!44TX^*P^*ufd
zduxNGF_D7#DK26oGQu$X`!jvu>1?`gN@&@%sy#fH%WdguovH@q3u2Cb`XGIDBwm&4{Fqh5MkS>U;{`N%ODn6$
zq6q_1e5!f3bXx@8cJ*9FT3VSOeYx0e(fnZm)i~(FlU>K>7x)7w`_t&cW3SfCD(UnC
zSM+x1v&gbjPTD~g0e_~ZG_OT|cgwd7-@nhd6nNnr$E@x>Utg+OUNAHa?7u~@&3^yt
z`)0n(xJ!zkq&M!@=h}TZwC48U;N^0!xNKi>BOKN+;ZI^NvK68R0=(j#7pC`QaKYv>
zsc4DkEt#PskL8ZQ(4$U^35z;?=0wjoWMjT~^J#Hb4gs;);GVYMHJDO{C<3>G$GxuD
zmrgaO-$qI8iw8HZmIyptPpW-A?(|8km2xdFi=^jn_++{^(agrtlx6P62@AU!C*|F4
zUO8!pRQMcCQ(NFdxoq3QGAG*DIQd8K%Xy_KHVsY9{@W9n7q6epFu*uoZ{JHG>R!h=1j)BAg_Wp{WVXp+qQLz>+{UYxgT%epNqD?86N
zdT4%H^0&ZVTR9SQa|*p*blKNRRCIRzl~ryIDb`-ovAwD%R`McW!$FO-h?r?Yv|_+?
zLnp0V9`QP2!2gPv1b>y^MdJ6a%Bu*?w5B*@9>;p(P4Ec`6dB;$G%G}`(*Bggz3Hq5
z8TVigdNH{tGdrD;q<@lpvy@>9^MF%YHYho_3h(_T>M?(Qr^(|m1a|Lc|L(1y<_wJ(
z|0vlD_&5WJ7@Nw>`V$UVQIcMNCu~c&$t3vkF1DXIdGa6o;L%)R^r%a|UC<}MCG`yr
z#XTgoYAPzA`2!J;13XAHB}j^H6Jj{x!LUIj2lJSoNkb6|ac-wWcenvK5_zi#5E31FCj*
zcFa9PZ)9wnwi-MHY72cRS+|KEU#emE4}i+Lmj@IETQWq~Nt@if%H_PP`u_dr6?neO
znAi}Igi!X8o}|9B{PDM~SM|7fqDa4CRGGEu7j<`$9o9O$w&z+dj_|BK^z_b#RvQzm
z#QtZ4RaAqOT*R}ANKNvrh^jIJGRHUOT-<}UWj=ptlzyso(XDKsg;fLX?G7_wCf-#QQa
z)5s@Nnr*TEzK{5c*F|>I&5n&Pj;MIP?FqiUQJ8hjC~h<0s1NP9*Dv{(d>I1rd2qr)!rV
zm>@{QU30%~yn5Abh)t~=16$j!_`U^bhd2*Gp?mj?;EW>Y)Y8>G0&oaOQ5qIRNZwkHw^9eu!YcJ-`TF-(0N8#~#8ePL%deo+0ms>Yi#zp4Z`@xg0$&CNM3
zv)kXr`)nv)j1WFBu8G*fd)4@MiSMInz3HXG2CE-(i8^)V`00JAnVi4LBA{5`czi^6
z;CFa<_$B!U@VFEMbIu+{-G#>BA)drLslxdTv051M!}
zDxM!-OA+Hw{n(bMlxSDRa&>BDWo5uD
zI!b5{2>sb)+(6}}8X>*ZEp-L~{DzuC2GUi3XXJ?3FJ
z_Si&(>_|Wq3SRDJ_SFk$>5a-8J8rlBD5NbQ`GR*SZa^pL@dipUC+5v-e5__wjBs@{
zG5qj6QRa_m<3zr{Xx8Ypk#%#$l(Who=501@+0vIF;>|}CYQzS{G0N-8((DG3Z)@x6
z*RRFZ+^``{@r(
zPz8JXCdYQw)Tk-XtXX#Z#q}<>?^R>+`ILptQ>WA-@F5sU$26CHhjp4y7hQW{N0$~}
zEw@)eVrb;fxQ0gI@hdv3h?~Z`dc&=C(K_;-7FJdgQcu+QoqpVmdhkF%!AJSX9iiZ8
za*i&ueuh~tV@<+u73RLaK9ZNnSR?1pOu;{8rbJWS>O_Y)+Ow6sa
zi7<{+QqPzevPy~YBwRN8r?O62qa!h;ioXdCQ
zOd*@V?Jv}=?2qV2`?92B)l{-Zn1bV{`7Y0(;NSzV4TEE11ai)H&M!^Z=yM2=T1MMR
zzU?HUn$Rrml~A@iD5WJByL;o>)u&Qr;DBm7CY6oFSxX+Pj8YPQc|4)Fdb1NviMSqn
zub4mFZ1D#52CC2dQ}Rzpq`v-s*^6I{dm5b*c5xfb&%FP2+b-W)YWa(`$072~N82M)
z@`(sq7cuir^IV={Y7f)to#eUPRC_x+4Xb=f3quQa!x5(vyWQ0u{J@PL(Hnk;WQ-g|
z+hvC&$i!ybG0kv`nHbp|kKZeaJBw%({Dl7DKM7^0--#m2QY9a={YIIIEAH$d$(?3ty7^N
z%s$Tl?-Av{zFI#+-hPoonf{3~*`s!uyRrJo7&`g_I1thj$PDzwLS+s|g>M~&#^8~m
zT8VWbF0HrB{2D_7iK^X~mr*|>5B!$kosdvi8h9O({T3sYFRPU~7HyeKFrc&e(?;DWV>IqH!Q
zGQlz?elGeIFvULDOq#ibpXVcz7YibO&B)5TYkJ1dU@a6az7hdXT2w|x1_f*SJ2}Ba
zeSLX_MOchY({B;MdX$~m?)4|XyTWzC^jzUJmjB1tdq88^$N%HE-7pemB+3XaDI%GX
zMA;Bfe1HgNZTF$Dgslih&
zED0V%TgMwgBZO7kzb%zdb2HQo{{tj_xBv!P$m7S9BtUvVQ$f3-BV8(RhIRAG)xP%j
z4Uy`;Agq*H&tH;AXc|pFxCKV7YvckqOTm&C$?Q^=>~Gco%*d4YIw0zjy{YH9iL*B_XkQjjb%mZB~-t!Zg37=KvXww|#rv$9I|nCDR6rt-|$p`yZ6D=W&2
zDK2Xsrbp`KlnW^?sHk>aS
z$xCw7H+rlbRO(o`+`}kx8V}o<7t+W2Su$OaTfX^-SuHHjwvEHw2k#pw4k1{@gwUY5
z_rQVKF7}SptG*v8s7UB@Nk{;~Hc9$Vqz&+O9NpUkD-yV1wE@HVU2wP-yZ%%)zAjh(
z&aWx{ufm9HgR=Zzr`LOX@3%?Z{nh@7*6vGDcD5uj=TDj&dytQlz+|BzF>kpo73nnS
zF9=wXaN}I0&ccc#6}-g`vyCLQ3}~*WzY0dnLnmpGLEN6eBIkE-A#*dm&TQk9YcOb7
z#L$7HJr=Y?6mpLmk5NR`arJLJqcT4Ez;XSygqY6TUE`wy3r$r#Lrp~&>YKZNNoW?o
zCNYPuQ+w{rk(@mjNB^tPMaARTIjQ$o9ou|)H+xgL8P*sShZiweckPk8t#nE-i-vA8
zbN}lk1&?VDhXF1r;c-T3>6_b0#pex!yIOiiT3%(bS>Mn6w?jq;3
zP*6n(!uYa#oqLnV=LT}$k$7!?{dBXwhH3wiUU;Aqo-P;=od0p#$b2%Y*X5@=D`js_
z%UPWM%T+S
zu&4-GnO#^xPz9;DJLh)Aoycb_eodq0xO8y*S1QJ|M|bSlG4zdeXxk|BdbnqFdZWsR
z@08ibGxy0k%5x**a^2a;Y{(u-5iV}z$0p|X*!9JZU^ULJ2wF)+;
z`AEl4uEVMwHygzx4m<2^=2QN}M$(eNjYOozBNEmVrb~lR)zgoDI`-9vVFx}w7_?t2
z2+RFOj5F9zl0i}Cem*r7i
zU0uJZP>jkrjC$-={e+O$yld0rq+CuL^8V6quez-_Zb7FFH&;w1aR~`maa$9dG?K==
zd2!R0(;6C8Fw3O86BNd&iL7SA`rk9N+`RFo_CarXe@3d%U^y7a5M~WToEC6Q^@K7E
zbg6`)?8F^hlW5U?8N;);_i-QB@?}wP>tSmRyp-1yU{)*EKXEflQ~IvZ*4VP+{%7G1
zw?L0zLQ2?4q$w9v50_%`g#FBO&zu9;6l^$5yg0yD?Q64Q?%L{Jb7WJGXaRDZ4|tZ@
z@R|oVXTP;id|l{MINtmr{CX{s&L(eQQlGrk)sZgg0K2#T!3Td9zAxMo!f|U|qYPPz5W?}aa`bFA<
z;>YfBGj;3hD;eU{{{*_5eyQ##xuj=?c1#`QSLHi*GA$#)fCZc}+LYjynRQ`5k#(pX
zi{!Y+1)1wktg>%2TclIwbrGSxwe!K^V~gFH&*`fOqodf
zFkWUrMrzIcMiYa-tx=I1p2etuY~Rq<_)~UM|G4?07uACG
z`LK~nuvMq$)a$}KZ9LN1MAmH$v%U+Vp(r6TG7AfnO0&iv+ROE(IEnO|UAh2CvrbeX4FtXXnvg$f3mejj&+gl$6qS<$}clH7Ksdao|O=hAWocX>DOxrUjQlDBFEkm!ZQvh
z5J12au?_thZAMRKqeefL9As#qke0~kW$;EvLYOzE?cS1_nu(|;E77WZpA;7(QY9FpGhLoU{i=I)OlOAL9_!=3vFfNirhOSW1L^ut$1T;^xU*od
z3oHr{74SaUs()abt);~bjOHU7D=GA9{Oi}nKbO0~5is9;5D(11@4STKhD`rPF5+Pz
zDIE-hy~ccEzx;IeE6F0f(SV0_~2j3#G@2+oHc>)a|B$IWzV+qzK}aXJ*xQK
z6Tw3coiibHbndomx#s*DdV8mSNcij$x0bID`rd1P_1oo-JRg+qmRWsV>vDKyn>)3<
zbe%m}Z16!t$yvn?@NE8{S=Uacv#1K2GIVpud7?mzj6Cnf?ucZAEJi?~+sTS}^l_X(
zXFyyeR32uD)~#rF9?34LaIs9S?q6I!^I0Tz^=Aq648wK<*mFCI-&rW?^WafWXfj)k
za$I9U7h3Y|71x=UqC>&o_QcelrjR8YQR0X&$>!D;W?Ld84wytK>XX(An`s2zWl%fRvo
z+769io~qjQc8Z@tJJPIVkGXRhU&?E>asUm0Vn>JJ4NIh?d3N>Ph!v=J$LCvM$Mq(?
z0-Q4&)@rhPKpCH6?6Uo3`IwP5rbqNal`s3)d0S`WTsQB1_P&h!utH?)i2)Y&DfbC$
zm+XZPzV`ndUwwF&Nzgo{Vz_jotH#`F^rin{f9C+$c9Ev2H*RHNA=dJd#~lY@HSPZ7
z@q699`lXF%ElP)f)9bi^&Hy8^|6JSwP2+w>XAo$W-(h)_*`6Q^WBrQ^Nc1C2z{Ed)
z7Gq^)B~3{O71_aR7eSTFum_#BMt;>=$NPH30AA7-EK_^UF
zpjX8ES2=rjLaTt*PX%`FF^sPgS6KCm)*7vB>O3ZYFgWwrzDb>^w9M7^y5UWCKTmbO
z8`nbAPQI(HBwkiZQPHN~MpD5=FXd7R26gty_giOgATnKELBWe%>e|tlS{E*CfZeq7
zKX<{SR!~YM+VdMc3mrmrX!J|nTRfW|5C6q7CjtG5&2|CI1=hwXEbON3-
zd5Pq$%P?n+vDR+9;*SFjzW66=!TZ{B=z{PpJyzN=936lVfDnR9c^65H8rcrAo6-jYV?_>ZS`uT#^Qyh?oDPN
zc3h>MV=LJF>VS1~xAn
zFjES3z_7rMx`vj3BDx$BqQLu!h_;VOMP)N(n1O#~iRIBD;>x_C=~ZOP|HE(^2~kMs
z`dnn~huP=toc7Q1ZfRCX{E^!GV|J%BfrzCyE{ePSdLC#uq=%
zC$8&yFIVquztq#}`Es>QR?gk_{dv^Iyi3e!Hu-#gL0f|@rAI(tkM~k;uC3n7M2#0f1OAKm0z^qHY(4uJkq4m6?!
zjp*%VOsH6xr71`s&L^F~hVXCTD=eBH&dk^s$%vFGUcTR34Pi_(HEM
zz-aWsXTO4d{?06L*|zxERJ2kdh`aF>PGFCJ-oDOC=oOf^qw2}SUzUa@_8!uqhcuffQdu0n$aIm$
z^zZFdhlLYmZo>B1sZ%>bXJ?w&MeVL-e^750yer5y^R~hK+Sg@%@H54hZr{Fb8no8(
zK@Z6pAcYXOSJL@dY?$bnXlr-!)`Y;TITdO3fD~{Gh0-a!h|zp;ecBpZis;+V-aaZ|
z!TJoQU}^7+1h6T<0O5Gfn0HJTxMg!~S^D)W-#*`vbo#WQFk_yElTtgN_8_C-y&q);<$x_x#tFUzWLnEeIUUq;rq(
z=HKtn5iQjwPvst#n4oT=S|Uv1c+VOhb-%zs7LD<^`}%9WvG`&CayBnxUNW(^`I>sQidYY0
z;3rv?+>_{aqQaV#2n5CYDkLOi*AK1~;!^ME3-)0l-t5~mkv`Y~=M8hRX#JFW!I)8S
zIdk(lszvpC>jU-AkW9#yP{=uzv8-XW!Esh9X((c(UOIx8l8|*ZgV#oIDP50W`^bjE#k@}x8kvRTH}%ISkoa{r`Nxd(|zT@
zMI(J@m`AcB23bA<0h+&XFJ1pA%`TbUEfyJRMihWMTq(gSi;MX00&(k4PQ;#m68HsO|`CDf_O%uMrpkjA{ceV^mcD
z;~V!H5nA`!ihJteLwcyj@DX;fUMmUlVS#r{F~*9ivh}Pj)q2V0c;|$%85?eO*)j@*
z;2oLc8X2#gm|mIroW?!2^J)~8*4}3-(aS=_hzeSydbE_V&(7|eDM}FEf9wg%<;GwY
zIw65Lbjbd&cg(gQeH_vG1zZS}EKpK0-@te8xn0!Z;7F1#ILB{OxVQ(&MHpj|
zGDQtb-`rd&OAxy;t)ZpC$OxNv2B1^r?qC*_|4pJmrctH3Zz&P!A>TD)f_6JCHTzUB
z7sal+?=rv}aB-k|ripaHJWB(k_Aef5G<&we%_)Z43%vVD?ceRG7e3iC0}j)A7`T4B
zBC;lEpMcDZBWA%D=I6R>s7M5?4l-m|7;W*9Dm!ImA9MKw`e{n7@tvS|z+-yww3(t}
z6~|b0bv2%mdB|*NR
zUt65B>MWx&FlwS;P$3_%;8k_c)-X5!Tq?K>JWv65Zliw+nSJ#UGL0_#pZy=E{Tk`P_
ztM<(713LNY)&3v-IOG6*B8{#X9mUE1{kok@!X#-Ki?}N?pyObo{PVn4=S4%A3%iod
zk)zI%VU=`I`wA)@c6#KQGM(1Xx@a>bB5{1OB=j{qJxOzpr~QgP$@W*};_Gi?2YV?f
zZtP(rF-IpRBLkP_2nktFGj8&ifNzuwZE8TTC&;hg^GdFB8|
zR#US=&Gkb=bs3TaGuQrE|9U~-=v(?Z;hQxh?D?{?2NRtOoRTSQTziGWJY<9!fvDb-
zO?gygQHeQ>ytMScbk)l^WFMf7imK}48V>2dyn%*s`HNwX(}Fm~RWs?G
zC^t9i-jeSMxd+kwa&v;)T^J3cS*9fEbGS7OVn#P-dLZnwwkl!46I=J_b
zC;4Y-A9(5WtK=GhukqnVl=brovk!IYH`t4Kc-@0j^O1UGnHRIIE#My|c45iUOa&Nf
zA}Yw(8rH~|T{zl~58CCRLLw9Bc;wb(5tWCNQ(R5DP0*-|NLwX=CbuY
z{FO2O11{_Kv!|)F9Hs6K9eo_!Qrt1Pef+7`>QscD=j#!R{^|9iS?6zZhVSG}KCjE=
zG(Fq&kgNah#QmlReVuMDbStgyYV>C8$6gnGWHcPG%S#Le`SjM
zN>okh2^k!6@~Xnr7F*AM*7oqPnoE^%_thK
zdb+P<_udqYJV>lfUUVgCDrX3gm-~cOSJs-YlcFkD;tdYSeqFs}owff~f7mjWM#52n
z^Iq#e3(ZAcN|qUfC(-A>DLLPSVYfswDOS4(;U;*3#8XPR@*#!8XTxx
zeYdfCEN+~;w9>LO+)>cTebKZ-CIGAD2J@L^F~b*zU!sGJ#?LIfAwRvmAPP&UboqxI
zM=BFeeL*}R*aL23eJw60V9oya?ORV7E-B}pQTwHjFtk7E?k-DDOXVW4WmewOYDPi(
z`UK3Np_&^ClISInBjT9H{U&-{lap^GQbjF51=7hYSPxx5>P(;9g0`*v(qTKP$ORDf
zAl9_$4?V?Ql3pjf!``tUUNL80Niq{btk}^snA1xpr`Fxd^DJT`%^5EhwmNMphU-0_
z=SChrrKAXYv
zHVXfm7Im#3KP(d1qYmNzob!t~&dA8mIK_YN3|DdRRmXAdCkY8n5hG4QOQQ9S;VK(1
zBg4AljHn?4tG(%$)*eQ!QU7H%9aq{9f&%>Zl3cupE+2l5uz<_y9mojTEn0ROJ^X)N
zD{dp`;`EH}(g1HpSIal+EQ7d@4R?@C*ZT8K01!u9ZLDsw&p8BI2dwJ@z87JVhtK(z
zHa+Z@^)CU9+Jx>GgO$E*F_zoK#W+5pTciT!J`c3~YUM-bSvo@MN|Hx3^h4#?3$&h?
zCl${#jrN}DJc@3e$hLAAEeXbEcs!+u5w8k-K~M#D!yX!c#+yy7pYe!vOgqQKPZv^T
z6gX^)w03-#v)#kaC?sh)%#KSthDGYYc(kv2RsY&f!Q*?z4$?EuC^WKtIZn>^e)^OZ
zjBgM}vC72o67YtqkzIlOh8pPOU!dj`&OSzN>5;7J7c=oW$frY|L0nuMX-X+A5b2i&
z20Lb&h_;g#B02lr2Ak1>{m?r}QL9X(FNk^ZE8g(Y6=Zts%Df4pcAjST*yhXzTa
zNR;}vY!Ve|CA-uAr*cKWx|(VNEupfT#`BzZlGBQO0V#sE4AA{h=aaQRJq
zxDl9LMxO1WVcITYM2{HldvqwB049hPFp>BBZ`O}v-ByvlputsIR**c7MbicBceQV(J3TayvxSj_z~;?M)$$2V128KZ++1aO
z)bRyfKepi1{Tt~K<#;LAej`*)CiSyD;825T^$Bz!+%1T%?MN?kn}N84tdH8_;g8TI|RLHB~2Ti5R<1%6&?&r?3i
zSKqZ|ibUlFv(;q??7s9uGVv4x&Hoar@8?PNjCrT1o2OIf(Vih8W>|~>Y03b5B;y!s73jz?>K~TCeF#-ueHU;-K_7KFp
zy~eZ)T077s(A^0**Yacj%x71$d$I9$@
zS!!m;b~*8(80hS1!1wu+&0-!vW+-!PpyKVfbYK
zWu6~n!?WZE-jH7%q*W3CN6;9``15C6WX@igY0?ON_39yl@<>zsRS##VtCVDzLBx!3Sg0xRPnv(a4uR?{g-Q
zCHtx4PpC<#G?!o6MxRuY#F0O_{6sMZ0V`_TnkzC~)Mc+eawOjy3#Ev>UzX#(C85gC9Ys${PFvs7Q
zx7O0q60-)(0m=58NekU9v`;SI8q=){Q4Ufbl4yH6&-y9aV=YIrP0^PTi5^5M1~!B9
z3t1{kj`vEuWWOMY7Qe0?CSD$I%zlBbumZx;Na*0fxsEn$46dh_;1_}k6Pg^P7`4W>
zhoRO2V!Dvj>e+F7Rai&}`L%?0ANSr^(=a;UTC(#auepP3A{tv2$Ika|+_-wzTGxQ=
zMXU@9=+`F55~f|Bqr*P&0kWTZl3G}jYOE2k`77&v?GvT)Kb7p{vh(}M5%sl~Zi`>;
zHA_jQQ@B6HCN#oe_%^SJc<7PejD<0gCJuZ{Mrv1o65bb1euM&)5V_DceX`S}vb<22
znGr3bk0NsEFuBd2*{7FG-G6t1AUgitqq$e*-73JEAI}S@WhR)7amH;V)vdPcXvjPO
z86cqiJ`oUdbLZVoo>c#R*2+GrAX5674B%tZp{Ao=-9*2%3)!zFz(tBX=kFoS-6F13SbL6+o{MEN
zo&IA9tK^~I!#0YJR#Lw;r-CvPTD%XPX^^|Dw>Hdo_1Yqd(XHd*b46M|VLFQby!Xk1
z+m=e)RP}Q(Yq5Q0Cbvd-ol#-`_{5lLTec4F>n};YLyrIKoi*$|wux8YhH<8}R>qkJ#nR4b433H!E19F<(yO|#WhS8l~w`&C4z?fTO<
zhGTB^9mgK*-F?M)z%Hxb?sjBd?%n8uJ8h=qqz}dE#_@yxZ<{s^=n26=88kZ6nIdz8mc}0&iCITUE=iBIe2txe-a?|Hg5gfcCoaAXk#h8Wv+AxR
zj~rJih_xU}k;ySE0*Oss2`%}i1SByR_J@7Ro#z`n$<8&RDCMF}Cg1RJWX+ECvt7Os
z(8;qeLQr7B_|X@^eYJ89HjB(h14{}to4NzaM~XE%Za*=ZT1|OE8)ch&t$^0G~zspCW?yRd0+^!4`w9O7q%@c{QgrNH64W8vM94zI#@|ie-D$dtWRIDX6IT
zoyw%4>onNtGgLtPYo)>z@kwerV*w+lq%?qm^cOIsJ}z
zyrW_;kiu1lvVU~)_k>QkLJTiYuR%2({8b
zTeUpH(LEpwp2_yE!b7>^3Q@3E30TcL{Oj^R#cK<|2P^5nN3RFFb}r0^gqamMh<7J^
z*8@YQu6vyH$z|S}wB`AavwK)Pi*u~Nr}st4`O*sJ2v{UIVB!5Sh(j=jt|awpVUAYZ
ztwyBHg(hjJsDQIUanLZA=zFnVqS;^e5=Y+Ivq1|vU6tL$2ZsGp{&}D_f9dlD@dum490HSyXjmtL}1pw
zI_6Ep7rq;llpyB(H{7Do2PM;JIsL|p0MyR@fC1?kkey@X2u8WV+g
zx`SXZ#e^%Gb=3X&^M}|~!`THdn%a;oA1C}HuGn9KY_#3W=Zs3*QIzPTEFrKzJpW<#
zD=QOWph!%>-pR2DnZ9!6O0m4kp|)M^<8WQTT=~hSuh8=+m(Zu(JF7sF8V)DY3@ZxV
zmhZ`Gz@~zmNLf%*WP|oEaRE296jmwKJ#2P##O5imPVvc>N4b-4+UxI(MkR5vP3mmw
zoE?wi;_UsCLuK_Rwymv=?p!TM)i8NE^=SLJiHY=SDf0KPb3j}wbn`G^P~@emHDQR6
zBGTB=?_zXtcTusgc%mV@vABseAEnnjY9HYFp!rDY%jVl}-oIC+PXUc`Ymn_bt&a`n
zgf9}vV1u~Dp@ny6$;~iJy`Tw71b#EXXd6)EOIHCcpc}eoYPuT@9UvQ7jZr+-1b9Gv
zu22xP=iE;CcqJMa6?X;-Kd!6aVZ^jQgjG#yWV1KgtKHCK{N2ih@2tZk29gdy;}hE2
zk0VsUws&xxUEa+blgFk{Ri1dtHs_MLg~iy^sA{yh)A^BaoWC`S`%irzznDzr?QF}(
zFU8@<-I94}zOQ(g$9YZ8es@TI4cXcZj*bI#JS5T{^%wVPHY>7U8|*UUQ?B(`qSU4t5YG#9hqIqv+x7~Oq9(P
zW=CI)`(^SKa_@M}^}#y`LTzdi$gP{8!4q)a3EijGTX=LfeRY_b>3Inn(SLJ22|4Ic
zGlym0@su|6ekw;K>$&k`-UP#<9K;3FqCRk_{NC{HoG!##U>ijA+X^HwYwrK8iJ^k|
zi{JO}K5oyjtAf#IL|Ukyv#h%|*$cYSSQLKPE3~%M{bfy;gAfhinEaKe79TVzN|0k9
z4T4PK&Wm>a{Z(f37JTyPaCji5_zMhGVK}??JcsP>CG5F$w|K2OZ{I0V%ItMLd0i2v
zPxLC5%N|b~Z@aBz_mKCwwn(y)Y@433+vd3p45hpf{n;edA$4O@8IRua>G9LIcHj7C
z-Q8JwuBCg^jmsp`t0e1bn?b{{mhec+e6F;#w^a{)V%TcE?`-Qw!nV@^NFJ5Z6z7N&bGm!OhjCIrKTpnO5N
zT?~=CQX~e+4X+Puum#SI+o$oLZ4x%LlO5L%u@g#J=uv?xLn>Sbu@ti5P!~M~onVLL
z4TKm@I)=>&f*5s7MttY@bN}6Ul&!5UhoX}-i*`HTny2_e|0;;fDk>@j-(M8!`66s~`6`Z>=
zvZ8`o#%2BT66qI{P^V5nb(B4w3RBvKNACQ&yH(+@bD}q?7L|7KXY?t|8YuBxlhwOx
z|G>P%y+|caq#R2j(ZtE8jwYal5-fbIbf&*Q(dcc+FL4}}m6;lLFP^Q43=d6i3LJ5yNd1K_PO(!;rSjd_qRvuZSe4KSANSyqQ{vy6Z~uYDG~=vL?wH4=ob(C?
z9k(MsdzW^LTYFmOuU8q1$1a`Ue4Qys8FWEc&93``TWJT=l{Hc*%mNMWxMH86Xnd54
z^n>Bi+{@#y!M_3*E4H^~@3&`h^Z}(Qf)#K^SM!y77+=Oy2^bm#xh96iw)yp&nhO4q
z_2(B({4`mtl3RWLYnJeaKu0-zOnv1H>!ZA?lI&eQ7FLzfku7NsK}j_i+;2$0Hexb&
zW!>!iifyz>cmaYVo&MBF5GpgUF*7b6;BG9PUPAV`Hv!qAzRG$nE$d7%(g)r&O;jS{11UR@_6y3m9@T-eIGy
z+57ToQL)RHlWuOSJKcB|H}6Hm0UA)p6y1%=jbE#HJoYE^^>Z9-DEtV_S%2tPe~GtA
zPAv7k#?@K^2@}0}^QI^O)`sO1n+~2X*dSHC`JYJ|z&K}+
z&^At0JI6dC9T&Cd=*zRzkMgT;t{0yiv*M?z$v2aq)?*s&RQZzKXN15VB61YJc2a12(oInt9?#=(
zfOi|B;Ry?hQ`~o{;WRvPDB_13x2Iq~o4Ch`@D#q2+_ZGL9gqZ3d|4Md?a>a>S?KfU
z8&ShR&KSajndSx%ve#|i5VG@SrMm^OxghjBso8PhWacBTWB1a{>IgGDIr)jZ;VkBi
z<|r?9vdi>8E|;A#6lIH
z@R^816!0I1^#QR|f?qPUGMLjp1~-b57L<~~)WSyqJ7y)5{l&M-mcSF*EhA&d|2{Wi
zNtl59&rd{7$gSMC+3~rn;<`tR;@>
zRaaAb5`RuNFZ|}=7+rW5L(;IC)+zE;qsX3C`Hkmn?*AvoEB)=VFD~1r1AZN8IeJBMGC@lOfBzH(H
zs7>?Ejq`h-#pnTm6h3G?H*-kqLyN-MCqiyywIEyJ2DF(~kd_>{*?(GMUeSksqtt~c
z@J9eO{}UzCMNVC%*%~+g_WTEe-qkVx2Z!Z3Y&He6+mQ-%Qu8Df9mo|O)#|B@
zpAT`oT!lWp7;OTf#haS2@i3U-&4F+XL^y&Fh8jJ+1zsubHn#o5bf6bo4zFqA>j|+9
zSo`3nlRgh8pvzns7V+2^SkX8d^4!OV77sY4z)c|9&TuWFLtbqi2c`Wl?~j+^mGi{cow{jYXWyhQ_QT5tjP
zoQc?F#Pr`2n9CIIoKA|GcZESDUNzV@45TzJPEWyIcLz#oikRB*vqXXiWX`>J+*N+u
zkB@=nH{+B_ReQSGqmgYbM$4o}GyPg)2Zl8uYI<37!FHIVzxUy{xZZyzPR470b$|ci
zL(g}-Mwgz+0Q0)KMKkZ-q}<%jB<*+IeapS`<+*?sbI$F3W&p!=tGH<5{}4#sZJpJ%
zT0nNI`#HaR;`UG_Lv&ldhjC*ej!W5;)7AJ>LmizV9q`*P7XO*j3&+TlM|>0b$_G0v
z&slXyk;iwnq_}lxyTwo74Up%hZMw4u?&S4M0#}Z1BhJibal5>p822ojKE}G`_Z^dW
zqM!H8^=|r6l`0|aFmcdvp<`3Lv2osLB~MDubk)ttz@UR25Dgjh&~atK?ZR$4x841F
z)t&jqrrAm2>k0=fW`&pgM2=Tv78TxUS|x`^PKNSy^(+jD&-;(p;5APeIp-Q#ddnHz
zUjIJm(Bb?}{nYr&@}p`RZFx+R);S4!lHK@XttzTu1M8LP7t5&{MfS#)_BoGQC2~CQ
z^IY)b^b1y6W=&$%&bNhJ>gu$USX+@H{+Vz5b8=u|wl_mOv(N8#_7fhL+lmmLOEt92
zznhVnTXOpY)#cxpl9;G6x0>m(?q0M^b33JVEpGv|_etU^Zr;4P!ZB$^
z=Aau>w5(gFp|0-t)=_)e`E9*bza4|uYIEFV;$0q*-N-J3QG(4yv6|C`g2zBnUD$a}
zPcIK2UAe
zy?l)>#V#JBM*HeB$iJjldXAs&dL`?2@#B+VJ}beVybL*}cifFR3Gwk?C$Ey{xNDYW
zgnM>ah;iO3656TvK2JIJ7P+se&kX?VYuT#CqmAU^<=!Q{pTX?LW#gq~=smjeA>V0h
zZuYy$Jd&P|x1EKC%^@r~%W*kIhWsa_HxGi7HV;9aw(iqiQ5}i74QRk9oGL$@cAq<<
zk<~@)6Fej8E@1XPetZYklL*FU4gG>;iKx0ACKpUqyqq7v)J(mgbY~EaFf={>ZgLC#
zRH-RN!uNVT*4@z3Ghn8Kg(q|svR@y8K?636?P#Nbz9Gr)%Q`507#LyybN~K*YS^fq
zwBIHMEFC!8$9RcRe|L1TvI|lJuNusswp_s+M6eGf>%dabJQ|z^IKNr#{UfpShrkZk
zOEH=~-m3dTZ5ea873w|Q)RXIVwOKoV3mqCd95N*`@b2dQrKHvE0JXwvE_?!?
z_olK-RK77b_}E-b{qvlbUe@AN=IlQGI*J<+B@H%}d@f4#geC2&j&u&oTJ`Q|ww2T?
z4WB&rG4If!T~4ZAFZ{lEX64$)traicI01Zdm+Sd+-)7l#vAs`6o$Z^&%R{@By@G_j
zO$%r-o{KId?u5*DpfJCnw602;Feu8)?^8L+6|8>Ax12(;)NK>1NpDYId~(ZXGVkdz
z%+M9{FU7XKnOUXn?rCxXEQ<}U|M0J0mT*5+Iqwdb#xl$sV+qEIC3-jdXFx8grd-=J
zutI`I0i5>T>iyZuP`$CR@Ec%*599WE1MKj^9MtNnt63CP!w(vA&WOfw$6;?v9N_@)
zVIgpm=@fVnQRQrq@Xtrj+lJ4@IRo>NUYRN*#MQoYpZj`;?VyHNdsT%Jtn}zikTT!+
z=45jxi+wCK;
zli<=OoH_;i0BAN}Ha6%}s@r(1jvH6p3PvaL@#Fse#)X$=?tlC8h0x%jRUowM`0ZN<
zD2MeR7dQcnT6SmN43U){J+=J0*!SO#OgMC=k?+r3)b4A(y<|J9z`zid`o7n2hM0gc
zcA&e#)>;4I>~YKrP$}b#5#(IQng`t-^h+oIuA-AKRCU{YLYTl-3tXZQ-83uhjjbZMZ6}$UGAD@~!S=tmIU<>bIXd
zhrM@ORn@>xCVB-3{9JY09&SCw0!R~dtIdI1V?t$kX>mKoxOgm6`;ewupDF9_x;*?v
zfx?Ule68taXN@Q?o@I`Ugd`BcoCpbNPLO&Cjo|9-wrTt$YWS`=Y?*Gz|GrmLT13bv
zHP+P_P3ePlb?(msJPKyiHIHowtE^LMXgAeVW}tVReYXP>!qaEZ{CCrkTys|i`T70G
z^R;N{G3CGhkGMoE@7!0M9`2A(KYHzx%sW@|6|OY`Dgti-C;*yHb_r{)>vd5<8(BIl
zc@R?b#fKjdG8>cZ!fW&FB(x7iC%dz{@7U6DGqSVlX$~x+@CnmlxOgPD#*U#HETU&M
zhZ|UMkqMtxPqPb91AG7_qe5{Pd3r&+Z9Q4cI(~U8c{gy5{qkVFKu7TCYE>|iP>)4F
z(H1dsNn(%w2*W4c8Tw7~M_m=Z?W|`e{~?@_ze*IC{hEr}9S1cQsoZw^=zz|$G*|EJ
z)Z|vOU5*l^7EH!PuT~O{#RQ~+rMP04w<;h-OfU$@NOQSJO6wLl7_Qd+@_mcNbg?jd
zV?mL9^nM!ED37(f(`#XqW?er|jz0Wfxt6_@p>KMu%Fh9rrfQfL(p09*`2zLtLy&2Y
zO2C|p;Kj$hv4n9QU?R)`{&>mx2vb^$acTj91r!@_%Nkv4DVlhaQ{hLeqdVMZ
zVtFXctIPA@txk%%b-z)^#e>=8hLpgKl~+KBP@9RxOBWW`R5o@uoMs)B3|V&mCkJ-?_(@3f`~EQD}~3*3I-#I0MYzl2Zix>`^f{S*5{lhoI^
zVu-EsLdzUFz;`MbMtMtT?+Bc{FR1>C-N(_FhYE$5TDf5Gd85dHvGh1Q`-YcLFZGlA
zwEgp`4rUq5&=Yi6f+YZDtFG)*Ph*YW-G|ot^UW;Hf3+W(A=dt8FpwM>p
zb(`@ROXq-l^$ry5gm1oEZAH%!6GDKzmm}F1iXh3Q8Ylh7C&s#26cYxzo1+H=Pp?0$
z@>$q3@RIuo=gsCvgCpe*LfqkH#qvDiFJA1ej9=ctl%%_ts<2i6`SCly2x(rqPLX`v
zZ|~EsZ-FF1x{LiipP*pX&#x)EKhe%w_U3~r#F4g4`_B5mcB3ON3Kx|n=q<(#&;|nH
z!W!K)HNt?0qDg+pEyL+tU^EkQMqS;f#e%RXCAwr^u!W|Zjh(j^0iX69R!etU8961l
zRYzV`W9*q~yo!69tjCiMOJ%_2q&la06j0F?b0edu?DfV`dvkMhd6dyFUw6-L2mWHB
zF9q;{3WPvH+tIE4BK6wh@8Lo2bIy|d1#*}>ho1PB<#7WsC+Po)AU}i(NS;wu-TG5V
zrh(}hj75M0G<2P_c&a9I4?`|0HYFYw%z{`LEOjfYwYBmHKOX{?_X(ykt}_j%(BltA
z^#axf*!P!wixeKT4Hq&jo-OQLIIfH}A0`p-9tekvU+t-ia~#%11@_$9b&s%Opy!qq
zi)(wlv?o(4w}FaDnnaRBJ9Z)b)hqf)bvl@WbN+k`v&U)Q=Dwp4lp-l=ONsZ~^9S+8
z-i{KBo7oQTLLGqVnykc@MjknwSdU{#Q>QKX+!ncHoOPA%2;dml+EWx)z86dLjEs!5
zekxDTP~&%@?vvfeP^%cD-RATYv`lbnCIh$%9pM$0d2=Dvgl5LMK*Pt#M!VqHS@k-z
z56Q|W?;e{}Q?L9I7w7WgRlUnm&+4;D3$4b5<+o!^K0$C-N&k!Kq?`tC@$I0f%K0V>
zjaW^N7N$oGftBR(m$!a>xE@Na`65R?mVT`+1)GeI96P;161WdQ`U}rCzF>o1+Z`aW
z5~SLNaR#<9e#TNPf)=p0ekkJD-#KyqLgYc_El$_W?NyRt+ZE`fN=YiqcRoFP@>`-;
zyX5-`o8R$!>Vmo>Miz|3&+XRA&R_XmO{6Dn?BpldEu$J9oReb?@7)UGefN=++N?;j
zOiEar5>uGJUr=aTnB@Mmm{!hfS60a5>lbo!6MoYM0ZZJ@U(%eP6*IhEf
zQKqvm3+3CNd*cKT{{xdSW}D-VlS+n$I|~r=%Xq^+__FnV8wCb^ogE
z>m8u-hqkm^WCYNrJk8O6QPtcLW`c3*4U>Q~*8|_;Gr!wsb#(M9B4h
zA@?|YkFlfLSBOayZQXxFaxf0B|HF<{
z2{leX&QL`iYua^>hBO7F9lFYuj}*uFWZ`FMCS
zb>2*Y?dz^1M|8T!o#l!fQSBU|^8|rG&NiuQ?HU;fq3N
z6>kH>2$h~P;wt(OcTgLvcA{qjEd;7ss@lz5n;N+aaRL)7mYp@xYP+|7HygiZD)2v6
zh&%N)yF%Fj>8y}ORXC%nZgflQ&l!b~RJE;RtMvR7*KmQyeC(eiX2&w2$`MeZ!
zEzOhRquJd_=LB{cgaoT$d=u!!G>wf#D0#JCR~s`K3X{W&dOvCJ#Mk5-hX;?^O4|PU
zaW?ueX4VS#-Yz<+M~zFWA9E(Yk}K-8u4O;TbgQ!vo>S0nEJ5EtfDKFJ9s*6bu<;EvU(ZXEr?5E&;
z{(v8>@zz)jSR5*5Nw~NvlO$L`e{QSHznsDW>
zF|7H-Y_Z090+WV&+rDSt)XAIU%OCbudvO}I
zqBm~z_e(UGS_?>Y9I~WQQexhtOZ*n1*vOY{J^h3{q3_RkN>(^y+^**e?S1wKdAMUK
z$43=fNI}jgIH=J^T{suKfE={)$~_uhRb3
z5I~Fp^Q;vTC6#1)|1W9oo$m6HH77UMOW7K7-+$U)4d(oon5Pje`8O1XXbduM~ENY?1etk>5Bb+Qh#I8_L(DYUU66d*T~>a^yubmx~=|h?$e8Bqa8S&IgFSs
zQ5G$%T=yM^#^N>p7z-fkVldtDpTu8&alP(o0Cv!f*|o+!*H?13AIvf{99G;2_~CN4
z$UfpN&mMC7d5fKSR{uYzFVf|)&!atI)a2X`+vIhN+p6e)JpzBQ?9fS%&}I?03u5k&
zf;Bz0@=%9#rPTJMTt_bPXrE5l%rQ-M{8E<3H%;9>i<10-29oqwDyB0#A%uiU@tN~`
zm1I_u{^&`ZEDCIV#CGd9did|K}%`J@x%k{pZ;9r
zGvblk)t?#Qz8WIKtDLFMF`P$;?dx*?dkP|xU9Opf`?OcidRcH)TLw2r30=n7M8^!1
zxq5TyByRrAlnWmWcC9Zz)>-kGs~>qimjgz^YX(>?5ub@oCH{T#^G2gZ>fVKX=9gri
zt!eMpa?8H%$V#oa!{Tz&deO}d4kX=i?B5>+jDF7Y{Ep9MrLfS7)?1Y7*x*Ba?m~@I
zj3Iu!7YU{R(T@|S7ncItDk4@1W3sDF@jD`{7Y|>?${4fs!dlLF{l!9hi%rU?Yh5B)
zvz!-RND7U-ru_Gl*h#$g@_kX=t&i3re-}PWMVqUsLEVZ)n}K5qaLWTY?Qm-RV>h3
z#NkAZmN+-Tw~hr0_YU4=U63=cjKu3t
zUfQ_o&H*ZFz@l@!LZUrx?<1Ghu`Bicm|`-AVp}3Mnwhy37#*N(>E^~r6EN{|v+_46
zs6|Gy-S^Fo(r4M+P=r#ca`(V@5^P#Uo;c|HeHB&C=@Vl;=YI~Y{v7kHNBr{-0@I4)
z;`JGe(nW4|$(`Kt!U80K9gubE?S==yv^aH2Ov5UWG@(unt~(S@c17jPcJiYr4ZVA@
z0U{fx*|z@qnzJO$wLBY)RTrx$cdI@(GB;~D9ozcTWSnD`^kT*F-`1{MYQl?(iX53${&767y4O(SoZg8fhSwK?7szrlOL}(0|<2P1}vKgOBEHQ9<&-~
zg)O3takevi=xE_YN9xqq6i41%Kb(^8dIgC7Dkk0|0qtH)a|bXSmAfDA6f$pP*U$dFV{#Kux6iM09FAGA%p%J}
zXjxsI#Q@iGi>2C=g|bIC(PHXj%{yvMXJFgjsLnZv+-W#tIwZT9nBcjACGm)>>8zia
zI?*ND^aTnV9v{xmy%X4T@#CoU*T~oWnI4vo^_wM3L&}Dn!$*Y?XxGhIB5L+2I~0{F
zgL1D~FR%2!Y_Cs?zg!=Ee0_^n{-Ku0%Ivql0^raN;koue&MC?3@5usoDpZ3!+WIip
ziC}12#Qs&601kf+zR$z-1?SLm?}$2>*Kz;-nUeG8MJajzX8NTE&*Yo?1r@XIZ44Qo
zBQvS}AcLrG_3zb#a&vV=2zk>k4c_|WOeosJ(6W8WEOq6!pYhwXG)HD~tPQoZE6rS0
zp~(j_)T=l73)5M>1@8_#tTs1VuS`zQ3L*<)s33L;oz5dhNO{7Y&)6)Fc#r)tamaY(
zcJ*Oz(181DBcl)glO`eSqL_o1CXkM3BFF=>$Z6d8<($35=ZOJ@wVXZ#FDn
z-sNM+)O;W5o7nhvcplVBl7`9HOHWDQxe1a7Zmy5}F?}e{Cj*stNJ80(Ja4>KgbYUB
zL3TPYKPQJ;HB4EiUnj9E!ha`eq+
z8+ZTrg5-nW9txB=wdDy~_cgW)z2^qV2ZU)y(2~$<4>lps&1AqDLIrBLGLcD&s&Zi2$J;%wV=;tWe-9*VyL4vbw
z*hkpQkxIYRmNz5t_=}qNXS*N#HN!%XrDmg^%
z2a)zNGiy%2K^tN2_j%^g%kS=9?X)6&O{$B~;ZQ+=iUR&+%i8i}@z8=vu3^^P-usQEu#$yT8fy1zEDqHClef%kR%yA4{iohl~viPqp1B{#aLs
z!GXsX9(>#4KemGJI#EjWu^S>#j`Sb>=1D9lQK#5g39bAc*4B$I1M!T4+{9%Ud;9ng
zAMDBB(V>mCxH-`D5^OrC=B?cN+cTh&NQLz>^RGR7C_oQTls*ZBm5+})1c8W4)AQ?w
zjlSiW0G8+2m+^rSf1oHkEz}&Y@NPjl*p1pCp%$*x{jdZ;2mk<2c+Vp~J;14>jr`Nk
zazMEP6Ga(2I?jj2Y3-qDWsw-5rwIKTAKv{b5&Tf$h2d1j&KVRsTy|x_tKhilT{?}(
zMvc;dRVjoAs+d?a6L-?G4nQf3C?ZH{oZtAYI6F7@Bw98=K|OROa47p+A&Lkhqp(?A
z4l0u8Tv4H>LvzlUul|ba+~%f3J4b<+{_1-VJFGue6}~viSif|LfnG8Y!>FcHBLZYw
z_;>>^PqXx5S46-rmJSdvKLtt7`QmYZsDl3lZp^}nK}nS9!CCJ|Es`d}QqojYlki-7
zeS2XAs^#;ofLa>*?*B9%xF#&|&
zNaf(4Z0OGcnA1?Wn8V@dAN?dsxe`_5Xkde3sBO0c`Y3I)@Hl1Qx`rPrkR}`8E;5Y;
z%d!pf0W|7sOF6U82#i^RE(DL*A(osL#fOrU5gr
z(;ie6ga>9(;KSiwCF`zWC7naIy@!{^s`1H-3PD-@apW!k(U!8Kvmg!z|LXXq*LC=@)GtAPBqd-ff6^ZTQ$-aRgJ=)ATe7^=pV370pHq)|v?)#j*
z{7QbU)nOx~J|I}vL`I27^!^{Co4kdn)T)PQ%|dIf5S4gngjBcr5uX6>KHpfrD8k?c
z*aj+WKFl?%irmmWj=bLp-7tz2^&uA2bp9mZ-~9aol91HtN4Lbi`os)iX)sd=_5gdU
z>WBlFAEE1b!$ri{VLJ^{1t1kac3y!#2izPmUC6tmdnYLm_hG)Wqe8gfsh=g6kggd(
zOzWkn5F003U6j@fZ39M*c|atQp4l~TND`6`nO_}71GUnKW=2c^=XtTY(dA(6eNFZ_2lP;r
z8~x>hXbPhnb|(-ZUU0?H@SS0&iidsAjX~DE3knL+5n=S7Caacy^r6$JtX#qEyZPdx
zgue#Q(hpn1y4T|bEDs+Ag{^4BK19G5UKf3K!5stcnP>@vC{3e?d>pe5ZL%t38yi`I
z$OK{o8pleAU_ez5s-7=$5hC7Qiy+en>JQLO7{jF!ykS5rTK{kj+;44Twfqk!%b
z0mBd)`pRh#Y>2kGZF_RO5xGD^2XAk^{^{v0Ro>lWkx5+fuj)gh=4l{#Tnql-0?vfh
zhDjMB84&SJfH1iM`GO0@CLk@WhQkpN(X>*APlM<(BB_YmQ@Z+n6sR>s2?0z9GpDkv
zKd2IbE&3RUbyPo8vibW(J@tcne-YV9`cvq6UeWVag!pr9*cCyH0bWJwwbMaw(IBz0
zbFs08vqUWqw+Nh@vMOOHmjUIDz*CzzDB#rIY)aV5?i>;sRlz=gifRUWim5~J>N=~62FZ@V;~BJzx){w
zG^YN<2{W^x&zK@sx5sr@p?mBd==|J>;g5L4t9M0f3?59B$8ug8)F;#$qOc*j-<7Ju
z(*b;648R1mbHm4(>^bGLY;)}BWK7!FjH=89tV@PK#?b2nq?zEKuT7ysOZF};7wfN;BTdEMqg6u-3zD9HRKc$EOM*>
z`rr{1V{6(Z=rrS&M{HNE$1(hXbIf)K_snca;5|D*92(fw{pe#%Sb
zM=OBRpk{$vVd3U>L;n~A<4ZJk5QOs^81OXAAgW7EXXc#A*!mWsnPXEKyqKliHEwZs
z@COI^<(fG&hUYdrAb~>20?X(8N1^YoAz+n3F-WzNS;X!I1~W3T&3D7;)l7QjxDaG(
zV4DS?7r1=T))M-;pdjMv&IQbcH7-}*a6s7J9rrNy?*8>N)M>5rq@(LQ+1J=|xT2s3
z7mL?J#!ynQZJxA2)VFOxnZK_s`l!2_^7n5ux*fI&>}H>mFug0XGtH~&%7>2yeREB_
z8PQwxb%-f6Q*C60&MOYt0&w+BE}v2pSvDM3Diq<;oODCI@0mmral&gzA`?pHgntJm
z?%C^egaD&29&d9h
zrUt3FwH&8!_N`mNk;FH-!ve3;aVnwaPlj$8zcfxS8Z2&f)M)**EiG!p=mV~ULb8X|
zRfXQWnL9o|ZHU811$2@M+k;t?FhZMX|rE4ln65nwxn4#oDM$DXHje
zR3nFOwE5`+uP;V|iLlbJvJm?w30U!)A3lfsl4!}T>I(cBV
zhaNB;mdcOZA0jJn_0vbZBa^Do1;8Fmq+@+832?k`&CX2e?hnV!$r7tnN29U+ioRsl
z9lj)PWT)rKiOve0Tdlx40dD5Lcc!>yg4gLL?^vWI30*_bSjw4y;2N?r_ys*H=BKcF
z0Em=&q!>{5(q?grL@ne{{t%4Y+a&clFp5lGL+emr6;tMV6O#n(6rxvn~4+6aV#XZd9WW;
zV5E|eu0YBO+|}{rH3#oOMP)I7nApA{(@Ni188+Oj@eV9yH?Z`k$#n`C0dfT^xWG^F
zn5)OPWWYeN3ITxzg=@vZY&I+#Y99cz1yCnw)P!V6nHjrty5EsYR!AW0CZRYQ3rLb-
z;6c(Y>%_N}l}qVumHUF$1@1G6*$q(q{T%eCsFcjVh)|+11y4T4@#UFdBo{BF
zfHZ}B4p{2?*I%Z62>{t~l?ue~7lU!U=Gu$C;?&5oWt8iOqT*VKoeU~lv?|DwzIy}a
z1fi)G6iDEiXjV>WQ?SsAZ;eG*tyu`rX>)m{1fqix{A7{#6v9dSNgtnP&cL9k-QWVo
zEBeP3(eE^=t*HZpT3svF3dNMFE}!=B*~{-7+O6pAVfS=z>tqoa)WnxdU0vPvh-uWV
zw%HgYJTaP9V0k#DJ#fCFQ5hLNyLMU91+wL+Rzv7!30RbcsUca4ZzRHPp%e&oe=}>lgw{=-m>1#^43%rJ+*`H`C}txAKMv*^P)x;k$t<`AmTWg%)#L
zTU%%`2Ay{Ubs9`kt(4&Q859A#QVc&j;DJb~bX}b=Ni>HxfN1(SjNo#q6roA5_jfou
zV?rU@p%||SjlUiFR(trZrCemiMy4}wshq{c!7U`-z}S62fsbk>+=O6?IL}tSop&QU
zdl{=z8~0K%k=JkFXj>VLs(>1Z)P=0dRTocLh1vt6;fK&e2*I!u88G~dqRKe$9fBu0
zjf5mUz3YZug)0IRwXQ}G`Rn4RgGrl+-i*af>owy<^by1>8U-OwY!2g`^EcsQAP)jU
zP)b1P~4NAyhVa_A-c1N|_2`S1;m9rLbmA!`B9{K7k8x+SYO<3`%92
z4WPALo&)C%PfelZr(~S!>}Me1?HuLmsZxoI*+B`Rn%T^V@xFZ+QUJ2L0yJqP=8FHo
z+~su-(DQAW5~mUpehz#myv~Zrh3=U~8E3SPAsM;L6O14tuPx0?OFvft&{AQnof<
zF7l6|?2D^ErVpQwF|OwXyN{IXE~@Wd6L8(+UsyWIxBOtCBy_ogVb@ys^dt7D9fSt5pAy(t*{VP
zQR_}^#o0k(Ut{d!J>l#8*b&iNWP6iIS#f$BlRGv%
z9MI^Mtw%{~!$S9*2Aac-fub&b)iU!v;Sb@B*H9o!c*4xhoM?OAH
zEB;w*1x1E3v|?c|AaksAJ*yKN7~bJT$hM?p1oOA@L@U3lYoN6Q6.bootstrap_options`
+ - `linux_vms..linux_disk_size`
+
+1. Apply the terraform code:
+
+```
+terraform init
+terraform apply 
+```
+
+4. Check the output plan and confirm the apply.
+
+5. Check the successful application and outputs of the resulting infrastructure:
+
+```
+Apply complete! Resources: 96 added, 0 changed, 0 destroyed. (Number of resources can vary based on how many instances you push through tfvars)
+
+Outputs:
+
+lbs_internal_ips = {
+  "external-lb" = ""
+}
+lbs_internal_ips = {
+  "internal-lb" = "10.10.12.5"
+}
+linux_vm_ips = {
+  "spoke1-vm" = "192.168.1.2"
+  "spoke2-vm" = "192.168.2.2"
+}
+vmseries_private_ips = {
+  "fw-vmseries-01" = {
+    "0" = "10.10.11.2"
+    "1" = "10.10.10.2"
+    "2" = "10.10.12.2"
+    "3" = "10.10.13.2"
+  }
+  "fw-vmseries-02" = {
+    "0" = "10.10.11.3"
+    "1" = "10.10.10.3"
+    "2" = "10.10.12.3"
+    "3" = "10.10.13.3"
+  }
+}
+vmseries_public_ips = {
+  "fw-vmseries-01" = {
+    "0" = ""
+    "1" = ""
+  }
+  "fw-vmseries-02" = {
+    "0" = ""
+    "1" = ""
+  }
+}
+```
+
+
+## Post build
+
+Connect to the VM-Series instance(s) via SSH using your associated private key and check if the bootstrap process if finished successfuly and then set a password :
+  - Please allow for up to 10-15 minutes for the bootstrap process to finish
+  - The key output you should check for is "Auto-commit Successful"
+
+```
+ssh admin@x.x.x.x -i /PATH/TO/YOUR/KEY/id_rsa
+Welcome admin.
+admin@PA-VM(active)> show system bootstrap status
+
+Bootstrap Phase               Status         Details
+===============               ======         =======
+Media Detection               Success        Media detected successfully
+Media Sanity Check            Success        Media sanity check successful
+Parsing of Initial Config     Successful     
+Auto-commit                   Successful
+
+admin@PA-VM(active)> configure
+Entering configuration mode
+[edit]                                                                                                                                                                                  
+admin@PA-VM(active)# set mgt-config users admin password
+Enter password   : 
+Confirm password : 
+
+[edit]                                                                                                                                                                                  
+admin@PA-VM(active)# commit
+Configuration committed successfully
+```
+
+## Check access via web UI
+
+Use a web browser to access `https://` and login with admin and your previously configured password.
+
+## Change the public Loopback public IP Address
+
+For the VM-Series that are backend instance group members of the public-facing loadbalancer - go to Network -> Interfaces -> Loopback and change the value of `1.1.1.1` with the value of object `external-lb` from the `lbs_external_ips` in Terraform outputs.
+
+In order to successfuly access the web server hosted on `spoke-1-vm` - also reconfigure the two NAT policies that contain the destination address of `1.1.1.1` with the IP address from `lbs_external_ips ` from Terraform outputs in Policies -> NAT -> `no-nat-lb-healthchecks` + `inbound-app1`
+
+## Check traffic from spoke VMs
+
+The firewalls are bootstrapped with a generic `allow any` policy just for demo purposes along with an outboud SNAT policy to allow Inernet access from spoke VMs.
+
+SSH to one of the spoke VMs using GCP IAP and gcloud command and test connectivity :
+
+
+```
+gcloud compute ssh spoke1-vm --zone=
+No zone specified. Using zone [us-east1-b] for instance: [spoke1-vm].
+External IP address was not found; defaulting to using IAP tunneling.
+WARNING: 
+
+To increase the performance of the tunnel, consider installing NumPy. For instructions,
+please see https://cloud.google.com/iap/docs/using-tcp-forwarding#increasing_the_tcp_upload_bandwidth
+
+@spoke1-vm:~$ping 8.8.8.8
+@spoke1-vm:~$ping 192.168.2.2
+```
+
+## Check traffic towards the test HTTP web server
+
+From any browser access `http://`
+
+## Test fail-over
+
+Connect to the spoke VM via gcloud CLI and continously ping a destination on the internet :
+
+```
+gcloud compute ssh spoke1-vm --zone=
+No zone specified. Using zone [us-east1-b] for instance: [spoke1-vm].
+External IP address was not found; defaulting to using IAP tunneling.
+WARNING: 
+
+To increase the performance of the tunnel, consider installing NumPy. For instructions,
+please see https://cloud.google.com/iap/docs/using-tcp-forwarding#increasing_the_tcp_upload_bandwidth
+
+@spoke1-vm:~$ping 8.8.8.8
+```
+
+Continously try to access the test HTTP web server - below is an example bash script that will continously try to access the web server :
+
+```
+while true; do curl -vvvv --connect-timeout 2 http:///; sleep 2; done
+```
+
+From the active VM-Series go to Device -> High Availability -> Operational Commands -> Suspend local device for high availability .
+
+Check the succesful inbound and outbound traffic fail-over to and from the spoke VM.
+
+## Reference
+
+### Requirements
+
+| Name | Version |
+|------|---------|
+|  [terraform](#requirement\_terraform) | >= 1.2, < 2.0 |
+
+### Providers
+
+| Name | Version |
+|------|---------|
+|  [google](#provider\_google) | n/a |
+|  [local](#provider\_local) | n/a |
+
+### Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+|  [bootstrap](#module\_bootstrap) | ../../modules/bootstrap | n/a |
+|  [iam\_service\_account](#module\_iam\_service\_account) | ../../modules/iam_service_account | n/a |
+|  [lb\_external](#module\_lb\_external) | ../../modules/lb_external | n/a |
+|  [lb\_internal](#module\_lb\_internal) | ../../modules/lb_internal | n/a |
+|  [vmseries](#module\_vmseries) | ../../modules/vmseries | n/a |
+|  [vpc](#module\_vpc) | ../../modules/vpc | n/a |
+|  [vpc\_peering](#module\_vpc\_peering) | ../../modules/vpc-peering | n/a |
+
+### Resources
+
+| Name | Type |
+|------|------|
+| [google_compute_instance.linux_vm](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance) | resource |
+| [google_compute_route.this](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_route) | resource |
+| [local_file.bootstrap_xml](https://registry.terraform.io/providers/hashicorp/local/latest/docs/resources/file) | resource |
+| [local_file.init_cfg](https://registry.terraform.io/providers/hashicorp/local/latest/docs/resources/file) | resource |
+| [google_compute_image.my_image](https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/compute_image) | data source |
+
+### Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+|  [bootstrap\_buckets](#input\_bootstrap\_buckets) | A map containing each bootstrap bucket setting.

Example of variable deployment:
bootstrap\_buckets = {
  vmseries-bootstrap-bucket-01 = {
    bucket\_name\_prefix  = "bucket-01-"
    location            = "us"
    service\_account\_key = "sa-vmseries-01"
  }
}
For a full list of available configuration items - please refer to [module documentation](https://github.com/PaloAltoNetworks/terraform-google-vmseries-modules/tree/main/modules/bootstrap#Inputs)

Multiple keys can be added and will be deployed by the code. | `map(any)` | `{}` | no |
+|  [lbs\_external](#input\_lbs\_external) | A map containing each external loadbalancer setting.

Example of variable deployment :
lbs\_external = {
  "external-lb" = {
    name     = "external-lb"
    backends = ["fw-vmseries-01", "fw-vmseries-02"]
    rules = {
      "all-ports" = {
        ip\_protocol = "L3\_DEFAULT"
      }
    }
    http\_health\_check\_port         = "80"
    http\_health\_check\_request\_path = "/php/login.php"
  }
}
For a full list of available configuration items - please refer to [module documentation](https://github.com/PaloAltoNetworks/terraform-google-vmseries-modules/tree/main/modules/lb_external#inputs)

Multiple keys can be added and will be deployed by the code. | `map(any)` | `{}` | no |
+|  [lbs\_internal](#input\_lbs\_internal) | A map containing each internal loadbalancer setting.

Example of variable deployment :
lbs\_internal = {
  "internal-lb" = {
    name              = "internal-lb"
    health\_check\_port = "80"
    backends          = ["fw-vmseries-01", "fw-vmseries-02"]
    ip\_address        = "10.10.12.5"
    subnetwork        = "fw-trust-sub"
    network           = "fw-trust-vpc"
  }
}
For a full list of available configuration items - please refer to [module documentation](https://github.com/PaloAltoNetworks/terraform-google-vmseries-modules/tree/main/modules/lb_internal#inputs)

Multiple keys can be added and will be deployed by the code. | `map(any)` | `{}` | no |
+|  [linux\_vms](#input\_linux\_vms) | A map containing each Linux VM configuration that will be placed in SPOKE VPCs for testing purposes.

Example of varaible deployment:
linux\_vms = {
  spoke1-vm = {
    linux\_machine\_type = "n2-standard-4"
    zone               = "us-east1-b"
    linux\_disk\_size    = "50" # Modify this value as per deployment requirements
    subnetwork         = "spoke1-sub"
    private\_ip         = "192.168.1.2"
    scopes = [
      "https://www.googleapis.com/auth/compute.readonly",
      "https://www.googleapis.com/auth/cloud.useraccounts.readonly",
      "https://www.googleapis.com/auth/devstorage.read\_only",
      "https://www.googleapis.com/auth/logging.write",
      "https://www.googleapis.com/auth/monitoring.write",
    ]
    service\_account\_key = "sa-linux-01"
  }
}
 | `any` | `{}` | no |
+|  [name\_prefix](#input\_name\_prefix) | A string to prefix resource namings. | `string` | `"example-"` | no |
+|  [networks](#input\_networks) | A map containing each network setting.

Example of variable deployment :
networks = {
  "mgmt-network" = {
    create\_network                  = true
    create\_subnetwork               = true
    name                            = "fw-mgmt-vpc"
    subnetwork\_name                 = "fw-mgmt-sub"
    ip\_cidr\_range                   = "10.10.10.0/28"
    allowed\_sources                 = ["1.1.1.1/32"]
    delete\_default\_routes\_on\_create = false
    allowed\_protocol                = "all"
    allowed\_ports                   = []
  }
}
For a full list of available configuration items - please refer to [module documentation](https://github.com/PaloAltoNetworks/terraform-google-vmseries-modules/tree/main/modules/vpc#input_networks)

Multiple keys can be added and will be deployed by the code. | `any` | n/a | yes |
+|  [project](#input\_project) | The project name to deploy the infrastructure in to. | `string` | `null` | no |
+|  [region](#input\_region) | The region into which to deploy the infrastructure in to. | `string` | `"us-central1"` | no |
+|  [routes](#input\_routes) | A map containing each route setting. Note that you can only add routes using a next-hop type of internal load-balance rule.

Example of variable deployment :
routes = {
  "default-route-trust" = {
    name = "fw-default-trust"
    destination\_range = "0.0.0.0/0"
    network = "fw-trust-vpc"
    lb\_internal\_name = "internal-lb"
  }
}
Multiple keys can be added and will be deployed by the code. | `map(any)` | `{}` | no |
+|  [service\_accounts](#input\_service\_accounts) | A map containing each service account setting.

Example of variable deployment :
service\_accounts = {
  "sa-vmseries-01" = {
    service\_account\_id = "sa-vmseries-01"
    display\_name       = "VM-Series SA"
    roles = [
      "roles/compute.networkViewer",
      "roles/logging.logWriter",
      "roles/monitoring.metricWriter",
      "roles/monitoring.viewer",
      "roles/viewer"
    ]
  }
}
For a full list of available configuration items - please refer to [module documentation](https://github.com/PaloAltoNetworks/terraform-google-vmseries-modules/tree/main/modules/iam_service_account#Inputs)

Multiple keys can be added and will be deployed by the code. | `map(any)` | `{}` | no |
+|  [vmseries](#input\_vmseries) | A map containing each individual vmseries setting.

Example of variable deployment :
vmseries = {
  "fw-vmseries-01" = {
    name             = "fw-vmseries-01"
    zone             = "us-east1-b"
    machine\_type     = "n2-standard-4"
    min\_cpu\_platform = "Intel Cascade Lake"
    tags                 = ["vmseries"]
    service\_account\_key  = "sa-vmseries-01"
    scopes = [
      "https://www.googleapis.com/auth/compute.readonly",
      "https://www.googleapis.com/auth/cloud.useraccounts.readonly",
      "https://www.googleapis.com/auth/devstorage.read\_only",
      "https://www.googleapis.com/auth/logging.write",
      "https://www.googleapis.com/auth/monitoring.write",
    ]
    bootstrap\_bucket\_key = "vmseries-bootstrap-bucket-01"
    bootstrap\_options = {
      panorama-server = "1.1.1.1"
      dns-primary     = "8.8.8.8"
      dns-secondary   = "8.8.4.4"
    }
    bootstrap\_template\_map = {
      trust\_gcp\_router\_ip   = "10.10.12.1"
      untrust\_gcp\_router\_ip = "10.10.11.1"
      private\_network\_cidr  = "192.168.0.0/16"
      untrust\_loopback\_ip   = "1.1.1.1/32" #This is placeholder IP - you must replace it on the vmseries config with the LB public IP address after the infrastructure is deployed
      trust\_loopback\_ip     = "10.10.12.5/32"
    }
    named\_ports = [
      {
        name = "http"
        port = 80
      },
      {
        name = "https"
        port = 443
      }
    ]
    network\_interfaces = [
      {
        subnetwork       = "fw-untrust-sub"
        private\_ip       = "10.10.11.2"
        create\_public\_ip = true
      },
      {
        subnetwork       = "fw-mgmt-sub"
        private\_ip       = "10.10.10.2"
        create\_public\_ip = true
      },
      {
        subnetwork = "fw-trust-sub"
        private\_ip = "10.10.12.2"
      }
    ]
  }
}
For a full list of available configuration items - please refer to [module documentation](https://github.com/PaloAltoNetworks/terraform-google-vmseries-modules/tree/main/modules/vmseries#inputs)

The bootstrap\_template\_map contains variables that will be applied to the bootstrap template. Each firewall Day 0 bootstrap will be parametrised based on these inputs.
Multiple keys can be added and will be deployed by the code. | `any` | n/a | yes |
+|  [vmseries\_common](#input\_vmseries\_common) | A map containing common vmseries setting.

Example of variable deployment :
vmseries\_common = {
  ssh\_keys            = "admin:AAAABBBB..."
  vmseries\_image      = "vmseries-flex-byol-1022h2"
  machine\_type        = "n2-standard-4"
  min\_cpu\_platform    = "Intel Cascade Lake"
  service\_account\_key = "sa-vmseries-01"
  bootstrap\_options = {
    type                = "dhcp-client"
    mgmt-interface-swap = "enable"
  }
}
Bootstrap options can be moved between vmseries individual instance variable (`vmseries`) and this common vmserie variable (`vmseries_common`). | `any` | n/a | yes |
+|  [vpc\_peerings](#input\_vpc\_peerings) | A map containing each VPC peering setting.

Example of variable deployment :
vpc\_peerings = {
  "trust-to-spoke1" = {
    local\_network = "fw-trust-vpc"
    peer\_network  = "spoke1-vpc"

    local\_export\_custom\_routes                = true
    local\_import\_custom\_routes                = true
    local\_export\_subnet\_routes\_with\_public\_ip = true
    local\_import\_subnet\_routes\_with\_public\_ip = true

    peer\_export\_custom\_routes                = true
    peer\_import\_custom\_routes                = true
    peer\_export\_subnet\_routes\_with\_public\_ip = true
    peer\_import\_subnet\_routes\_with\_public\_ip = true
  }
}
For a full list of available configuration items - please refer to [module documentation](https://github.com/PaloAltoNetworks/terraform-google-vmseries-modules/tree/main/modules/vpc-peering#inputs)

Multiple keys can be added and will be deployed by the code. | `map(any)` | `{}` | no |
+
+### Outputs
+
+| Name | Description |
+|------|-------------|
+|  [lbs\_external\_ips](#output\_lbs\_external\_ips) | Public IP addresses of external network loadbalancers. |
+|  [lbs\_internal\_ips](#output\_lbs\_internal\_ips) | Private IP addresses of internal network loadbalancers. |
+|  [linux\_vm\_ips](#output\_linux\_vm\_ips) | Private IP addresses of Linux VMs. |
+|  [vmseries\_private\_ips](#output\_vmseries\_private\_ips) | Private IP addresses of the vmseries instances. |
+|  [vmseries\_public\_ips](#output\_vmseries\_public\_ips) | Public IP addresses of the vmseries instances. |
+
\ No newline at end of file