From 5c01bc170cd5259a9241227e00fd6c036a73b430 Mon Sep 17 00:00:00 2001
From: stevenvegt <steven.vandervegt@nedap.com>
Date: Tue, 23 Sep 2025 16:19:42 +0200
Subject: [PATCH 01/17] Add authentication skeleton

---
 input/pagecontent/authentication.md | 123 ++++++++++++++++++++++++++++
 1 file changed, 123 insertions(+)

diff --git a/input/pagecontent/authentication.md b/input/pagecontent/authentication.md
index e69de29..e592a86 100644
--- a/input/pagecontent/authentication.md
+++ b/input/pagecontent/authentication.md
@@ -0,0 +1,123 @@
+### Introduction
+
+Why is authentication important?
+
+#### Requirements
+
+- Peer 2 peer authentication without the need of a central authority
+- Support of multiple identity claims from different issuers
+- Support for use-cases with and without a end-user (healthcare professional)
+- Support for authorizing vendors to act on behalf of an (care) organisation
+- Support for authorizing (care) organisations to act on behalf of a healthcare professional
+- User-friendly solution for healthcare professionals
+- Cost efficient solution for care organisations
+- Flexible solution that can be adapted to different use-cases
+- Privacy by design
+- Securty by design
+- Support for leveraging existing identity solutions
+
+#### Terminology
+
+- Identity: A set of claims about an entity (person or organisation)
+- Claim: A statement about an entity (e.g. name, role, affiliation)
+- Authentication: The process of verifying the identity of an entity
+- Authorization: The process of granting access to resources based on the identity of an entity
+- Use-case: A specific scenario in which authentication and authorization are required
+
+### Solution overview
+
+The solution is based on requesting identity tokens from a OpenID Connect (OIDC) authorization server based on identity claims presented in a verifiable presentation (VP).
+
+#### Identity claims repository
+
+Several identity claims are required to be presented. Which claims are required depends on the use-case. Each of the claims have different properties such as:
+
+- Who can issue the claim
+- How can the claim be verified
+- What is the level of assurance of the claim
+- Under which conditions can the claim be used
+- Lifecycle of the claim (expiration, revocation, renewal)
+
+In order for use-case writers to define which claims are required, a repository is needed that keeps track of the claims and its properties.
+
+#### Mechanics
+
+The following steps are required to establish the identity of a healthcare organisation and professional in a specific use-case.
+
+##### Setup for organisations
+
+- Choose a identity wallet provider
+- Acuire identity claims
+- Choose a vendor and authorize it to act on your behalf for a specific use-case
+- Issue relationship credentials to each healthcare professional
+
+##### Setup for healthcare professionals
+
+- Choose a wallet
+- Acquire identity claims from DEZI and your branch organization
+- Acquire relationship credentials from your care organisation
+- authorize the organisation to act on your behalf for a limited amount of time (e.g. 1 day)
+
+##### Asserting identity
+
+In the context of a use-case, several identity claims are required to be presented to the verifier.
+
+- Get a fresh nonce from the nonce endpoint of the verifier
+- Gather the required claims from your wallet or other sources
+- Create a verifiable presentation including the nonce
+- Present the verifiable presentation to the verifier
+
+##### Verifying identity
+
+- Verify the verifiable presentation
+  - Verify the nonce
+  - verify the signature
+  - verify the expiration date
+- verify the claims
+  - Verify the signatures
+  - Verify the revocation status
+  - verify the issuer
+  - verify the expiration date
+- Respond with a bearer token
+
+##### Interacting with the resource server
+
+- Present the bearer token to the resource server along side the request
+- Check the DPoP proof (or other token binding mechanism)
+- The resource server verifies the bearer token by introspecting it at the oauth-authorization server
+- The oauth-authorization server replies with the token status and the the provided identity claims
+- The resource server verifies the token status
+- The resource server verifies the identity claims and the relationships
+
+### The actors
+
+- Care organisation
+- Healthcare professional
+- Vendor
+- Verifier
+- Claim Issuer
+
+#### Relations between the actors
+
+Vendors get authorized by care organisations to act on their behalf.
+The care organisation's identity can be represented by one of the trusted Vendors.
+
+### Use-cases
+
+Different use-cases have different requirements for identity claims.
+
+Each use-case requires its own governance in which it defines the needed identity claims and the trust framework in which the actors operate.
+
+### Sercurity considerations
+
+#### Token binding
+
+#### No sharing of Private Keys of certificates
+
+#### use of TLS
+
+Use of TLS for the vendor
+
+#### replay attacks
+
+nonce and timestamps

From d7a6412bcb6b25b5242292b20b633ae23b7f092a Mon Sep 17 00:00:00 2001
From: stevenvegt <steven.vandervegt@nedap.com>
Date: Wed, 24 Sep 2025 18:18:57 +0200
Subject: [PATCH 02/17] Add layers with description

4 layers, loosely based on ToIP model describing it's responsibility and
choices.
---
 input/pagecontent/authentication.md | 96 +++++++++++++++++++++++------
 1 file changed, 76 insertions(+), 20 deletions(-)

diff --git a/input/pagecontent/authentication.md b/input/pagecontent/authentication.md
index e592a86..f235afa 100644
--- a/input/pagecontent/authentication.md
+++ b/input/pagecontent/authentication.md
@@ -26,7 +26,63 @@ Why is authentication important?
 
 ### Solution overview
 
-The solution is based on requesting identity tokens from a OpenID Connect (OIDC) authorization server based on identity claims presented in a verifiable presentation (VP).
+The solution is based on exchanging verifiable identity claims between the involved parties. The claims can be flexibily combined to form a complete identity for a specific use-case. The claims can be verified by the verifier without the need of a central authority using cryptographic techniques.
+
+#### Layered approach
+
+Autentication is vast and complex topic. To keep the information structured we will use a layered approach. The layers are:
+
+1. Trust layer
+2. Peer-to-peer layer
+3. Identity claims layer
+4. Application layer
+
+##### Trust layer
+
+The trust layer defines techniques and governance to establish trust between entities. Each entity needs an identity in in the form of an identifier.
+In order to establish trust into an entity, a party must be able to verify the identifier of the entity. Some identifiers are easier to verify than other. Identifiers that can be verified are called verifiable identifiers (VIDs).
+How a verifier can verify a VID depends on the type of identifier.
+Identifiers can either be externally verified by an authority (XVIDs), or self-certifying (SCIDs). Many identifiers we know are externally verified, such as your phone number or bank account. Self-certifying identifiers can be verified by a verifier without the need of a third party. An example of a self-certifying identifier is a DID (Decentralized Identifier).
+
+Self-certifying identifiers are very useful in peer-to-peer scenarios, because they do not require a central authority to verify the identifier. This makes them suitable for use-cases where entities need to interact with each other without the need of a central authority.
+
+Once an entity has a verifiable identifier, it can use this identifier to link non-verifiable identifiers to its identity. This will be explained in the identity claims layer.
+
+##### Peer-to-peer layer
+
+The peer-to-peer layer defines the protocols and mechanisms to establish a secure communication channel between two entities.
+
+Each entity needs a digital agent to act on its behalf. The digital agent is responsible for managing the SCID, establishing secure communication channels, issuing and presenting identity claims.
+
+This layer describes the protocols and data standards which can be used between the digital agents of the involved parties to aqcuire, present, and verify identity claims.
+
+The identity of the above trust layer itself is not that useful in the real world. But when it is combined with identity claims it becomes useful. Identity claims are statements about an entity that can be used to verify its identity in a specific context. By combining the SCID with identity claims, an entity can prove the ownership of the claims.
+
+##### Identity claims
+
+The identity claims layer defines the workings of specific identity claims. Identity claims contain inforarmation about the entity such as its name, role, and affiliation. Identity claims can also be XVIDs which can not be self-certified.
+These claims are usual managed by existing governance structures such as professional branches and governmental bodies. A chamber of commerce number is an result of such a governance structure.
+This layer describes the information in the specific claim, how the claim can be acquired, presented, and verified. It also describes the assurance levels and the lifecycle of the claim, and the trust framework in which the claim can be used.
+
+In order for use-case designers to choose from the available claims, a repository is needed that keeps track of the all available claims, their properties and governance bodies.
+
+##### Application layer
+
+The application layer defines the specific use-cases in which authentication and authorization are required. This includes the specific set of identity claims that are required to be presented, the trust framework in which the entities operate, and the protocols and mechanisms to establish a secure communication channel. It uses the lower layers of the stack to achieve this.
+
+#### Choice of technologies per layer
+
+| Layer              | Technology / Standard                                             | Description                                                                                                                          |
+| ------------------ | ----------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------ |
+| Trust layer        | DID (Decentralized Identifier)                                    | DID web, a domain name based identifier that hosts the DID document conaining the public key                                         |
+| Trust layer        | PKI (Public Key Infrastructure)                                   | X.509 certificates for the service providers of the digital agents                                                                   |
+| Peer-to-peer layer | OpenID Connect for Verifiable Credential Issuance (OIDC4VCI)      | Protocol to request and issue verifiable credentials between digital agents and authoritative registries                             |
+| Peer-to-peer layer | [RFC 7523](https://www.rfc-editor.org/rfc/rfc7523)                | JWT Profile for OAuth 2.0 Client Authentication and Authorization Grants to request Access tokens based on a Verifiable Presentation |
+| Peer-to-peer layer | DPoP (Demonstrating Proof-of-Possession at the Application Layer) | Mechanism to bind an access token to a public key to prevent token theft                                                             |
+| Peer-to-peer layer | StatusList 2021 (Revocation mechanism for VCs)                    | Standard for revoking verifiable credentials                                                                                         |
+| Identity claims    | Verifiable Credentials (VC)                                       | Standard for expressing identity claims in a cryptographically verifiable way                                                        |
+| Identity claims    | Verifiable Presentations (VP)                                     | Standard for presenting a set of verifiable credentials in a cryptographically verifiable way                                        |
+| Application layer  | Digital Credential Query Language (DCQL)                          | Standard for expressing the required identity claims in a specific use-case                                                          |
 
 #### Identity claims repository
 
@@ -42,6 +98,25 @@ In order for use-case writers to define which claims are required, a repository
 
 #### Mechanics
 
+### The actors
+
+- Care organisation
+- Healthcare professional
+- Vendor
+- Verifier
+- Claim Issuer
+
+#### Relations between the actors
+
+Vendors get authorized by care organisations to act on their behalf.
+The care organisation's identity can be represented by one of the trusted Vendors.
+
+### Use-cases
+
+Different use-cases have different requirements for identity claims.
+
+Each use-case requires its own governance in which it defines the needed identity claims and the trust framework in which the actors operate.
+
 The following steps are required to establish the identity of a healthcare organisation and professional in a specific use-case.
 
 ##### Setup for organisations
@@ -89,25 +164,6 @@ In the context of a use-case, several identity claims are required to be present
 - The resource server verifies the token status
 - The resource server verifies the identity claims and the relationships
 
-### The actors
-
-- Care organisation
-- Healthcare professional
-- Vendor
-- Verifier
-- Claim Issuer
-
-#### Relations between the actors
-
-Vendors get authorized by care organisations to act on their behalf.
-The care organisation's identity can be represented by one of the trusted Vendors.
-
-### Use-cases
-
-Different use-cases have different requirements for identity claims.
-
-Each use-case requires its own governance in which it defines the needed identity claims and the trust framework in which the actors operate.
-
 ### Sercurity considerations
 
 #### Token binding

From 941603b83dedd53b4fedd16d4d2f4e7c761c4439 Mon Sep 17 00:00:00 2001
From: stevenvegt <steven.vandervegt@nedap.com>
Date: Fri, 26 Sep 2025 14:35:08 +0200
Subject: [PATCH 03/17] More tekst

---
 input/pagecontent/authentication.md | 40 ++++++++++++++++++++++++++---
 1 file changed, 36 insertions(+), 4 deletions(-)

diff --git a/input/pagecontent/authentication.md b/input/pagecontent/authentication.md
index f235afa..2696abd 100644
--- a/input/pagecontent/authentication.md
+++ b/input/pagecontent/authentication.md
@@ -1,29 +1,61 @@
 ### Introduction
 
-Why is authentication important?
+Authentication is the process of verifying the identity of an entity. In the context of healthcare, authentication is used to verify the identity of healthcare professionals and care organisations. This is important to ensure that only authorized entities can access sensitive information and resources.
+
+The verified identity is often used downstream for authorization and accounting purposes. Authorization is the process of granting access to resources based on the identity of an entity. Accounting is the process of tracking the actions of an entity.
 
 #### Requirements
 
-- Peer 2 peer authentication without the need of a central authority
-- Support of multiple identity claims from different issuers
+There exists a multitude of authentication solutions, therefore it is important to define the requirements for a authentication in the context of healthcare. The requirements are:
+
+- Work with identity claims from the authoritative sources
+- Support combinations of identity claims from different trusted issuers
 - Support for use-cases with and without a end-user (healthcare professional)
 - Support for authorizing vendors to act on behalf of an (care) organisation
+- Support for limiting the scope of an authorization of a vendor
 - Support for authorizing (care) organisations to act on behalf of a healthcare professional
 - User-friendly solution for healthcare professionals
 - Cost efficient solution for care organisations
 - Flexible solution that can be adapted to different use-cases
+- No single point of failure
 - Privacy by design
 - Securty by design
 - Support for leveraging existing identity solutions
 
 #### Terminology
 
-- Identity: A set of claims about an entity (person or organisation)
+Throughout this document the following terminology is used:
+
+- Entity: An actor in the system (person or organisation)
+- Agent: A digital representation of an entity that acts on its behalf, also often called an identity wallet
+- Vendor: A party that offers Agents to its customers (care organisations and healthcare professionals)
+- Identity: A set of claims about an entity (person or organisation) which is relevant in a specific context
+- Verifiable Identifier (VID): An identifier that can be (cryptographically) verified
 - Claim: A statement about an entity (e.g. name, role, affiliation)
+- Verifiable Claim: A claim that can be cryptographically verified
+- Issuer: An entity that issues claims about another entity
+- Authoritative source: An issuer that is trusted to issue claims about a specific entity
+- Verifier: An entity that verifies the identity of another entity based on its claims
+- Holder: An entity that holds claims about itself or is authorized to present claims about another entity
 - Authentication: The process of verifying the identity of an entity
 - Authorization: The process of granting access to resources based on the identity of an entity
 - Use-case: A specific scenario in which authentication and authorization are required
 
+#### Problem overview
+
+A tipical scenario in healthcare is that a healthcare professional needs to access a resource (e.g. patient data) which is located at a different organisation (e.g. a hospital).
+In the Netherlands, the custodian of the patient data is by law forbidden to share the data with third parties. Several exceptions to that rule exists. One responsibility of the custodian is to ensure that the requesting party is authorized to access the data. In order to do so, the custodian needs to verify the identity of the requesting party.
+
+In practice, many of these data exchanges are not done directly between the healthcare professionals, but between computers and systems. Often these systems are operated by vendors on behalf of the care organisations.
+
+On top of that, use-cases are often described and governed by a governing body. The governing body certifies healthcare organisations and vendors to operate in a specific use-case. The governing body defines the trust framework in which the use-case operates. The custodian also needs to verify that the entities operate within the trust framework of the use-case.
+
+The custodian needs to verify the identity of the requesting healthcare professional, working for an organisation which is a customer of a vendor. The custodian needs to verify the following:
+
+- The identity of the healthcare professional, identifier, role, and affiliation with the care organisation
+- The identity of the care organisation, identifier, and its relationship with the healthcare professional
+- The identity of the vendor, identifier, and its relationship with the care organisation
+
 ### Solution overview
 
 The solution is based on exchanging verifiable identity claims between the involved parties. The claims can be flexibily combined to form a complete identity for a specific use-case. The claims can be verified by the verifier without the need of a central authority using cryptographic techniques.

From 87f36faf0922e89eb16537f4621db3c016c157ff Mon Sep 17 00:00:00 2001
From: stevenvegt <steven.vandervegt@nedap.com>
Date: Wed, 1 Oct 2025 14:08:06 +0200
Subject: [PATCH 04/17] Add standards and examples to layers

---
 input/pagecontent/authentication.md | 166 ++++++++++++++++++++++++++--
 1 file changed, 157 insertions(+), 9 deletions(-)

diff --git a/input/pagecontent/authentication.md b/input/pagecontent/authentication.md
index 2696abd..4b5beb0 100644
--- a/input/pagecontent/authentication.md
+++ b/input/pagecontent/authentication.md
@@ -17,6 +17,7 @@ There exists a multitude of authentication solutions, therefore it is important
 - User-friendly solution for healthcare professionals
 - Cost efficient solution for care organisations
 - Flexible solution that can be adapted to different use-cases
+- Peer-2-peer trust which allows direct interactions between the involved parties without involvement of a third party
 - No single point of failure
 - Privacy by design
 - Securty by design
@@ -58,37 +59,184 @@ The custodian needs to verify the identity of the requesting healthcare professi
 
 ### Solution overview
 
-The solution is based on exchanging verifiable identity claims between the involved parties. The claims can be flexibily combined to form a complete identity for a specific use-case. The claims can be verified by the verifier without the need of a central authority using cryptographic techniques.
+The solution is based on exchanging verifiable identity claims between the involved parties.
+The claims can be flexibily combined to form a complete identity for a specific use-case.
+The claims can be verified by the verifier without the need of a central authority, using cryptographic techniques.
 
 #### Layered approach
 
-Autentication is vast and complex topic. To keep the information structured we will use a layered approach. The layers are:
+Because authentication is a complex topic, this IG tries to structure the solution in a layered approach. Each layer has its own responsibilities and can be implemented using different technologies. The layers are:
 
 1. Trust layer
 2. Peer-to-peer layer
 3. Identity claims layer
 4. Application layer
 
-##### Trust layer
+#### Trust layer
 
-The trust layer defines techniques and governance to establish trust between entities. Each entity needs an identity in in the form of an identifier.
-In order to establish trust into an entity, a party must be able to verify the identifier of the entity. Some identifiers are easier to verify than other. Identifiers that can be verified are called verifiable identifiers (VIDs).
+##### Overview
+
+The trust layer defines techniques and governance to establish trust between entities. Each entity needs an to be referenced by an identifier.
+In order to establish trust into an entity, a verifier must be able to verify the ownership of the identifier by the entity. Some identifiers are easier to verify than other. Identifiers that can be verified are called verifiable identifiers (VIDs).
 How a verifier can verify a VID depends on the type of identifier.
-Identifiers can either be externally verified by an authority (XVIDs), or self-certifying (SCIDs). Many identifiers we know are externally verified, such as your phone number or bank account. Self-certifying identifiers can be verified by a verifier without the need of a third party. An example of a self-certifying identifier is a DID (Decentralized Identifier).
+Identifiers can either be externally verified by an authority (XVIDs), or self-certifying (SCIDs). Many identifiers we know are externally verified, such as your phone number or bank account.
+Self-certifying identifiers can be verified by a verifier without the need of a third party. An example category of a self-certifying identifiers are DIDs (Decentralized Identifiers).
 
 Self-certifying identifiers are very useful in peer-to-peer scenarios, because they do not require a central authority to verify the identifier. This makes them suitable for use-cases where entities need to interact with each other without the need of a central authority.
 
 Once an entity has a verifiable identifier, it can use this identifier to link non-verifiable identifiers to its identity. This will be explained in the identity claims layer.
 
-##### Peer-to-peer layer
+##### Choice of self-certifying identifier
+
+The chosen solotion for the trust layer is the [Decentralized Identifiers v1.0 standard](https://www.w3.org/TR/did-1.0/) with the [did:web method](https://w3c-ccg.github.io/did-method-web/). This method uses a domain name as the identifier. The domain name is owned by the entity and ownership can be verified by the verifier by resolving the public key hosted at the domain. This method is secured by DNSSEC and HTTPS which gearentees the domainname resolves to the correct webservice and the traffic is not altered.
+
+##### Examples
+
+Example did:web
+
+```
+did:web:example.com:user:alice
+```
+
+Which resolves to the DID document at:
+
+```
+https://example.com/user/alice/did.json
+```
+
+Which contains the following DID Document:
+
+```json
+{
+  "@context": "https://www.w3.org/ns/did/v1",
+  "id": "did:web:example.com:user:alice",
+  "verificationMethod": [
+    {
+      "id": "did:web:example.com:user:alice#key-1",
+      "type": "JsonWebKey2020",
+      "controller": "did:web:example.com:user:alice",
+      "publicKeyJwk": {
+        "kty": "EC",
+        "crv": "P-256",
+        "x": "...",
+        "y": "..."
+      }
+    }
+  ],
+  "authentication": ["did:web:example.com:user:alice#key-1"]
+}
+```
+
+#### Peer-to-peer layer
+
+##### Overview
 
 The peer-to-peer layer defines the protocols and mechanisms to establish a secure communication channel between two entities.
 
-Each entity needs a digital agent to act on its behalf. The digital agent is responsible for managing the SCID, establishing secure communication channels, issuing and presenting identity claims.
+Each entity needs a digital agent to act on its behalf. The digital agent is responsible for managing the SCID, establishing secure communication channels with other parties, receiving and presenting identity claims.
 
 This layer describes the protocols and data standards which can be used between the digital agents of the involved parties to aqcuire, present, and verify identity claims.
 
-The identity of the above trust layer itself is not that useful in the real world. But when it is combined with identity claims it becomes useful. Identity claims are statements about an entity that can be used to verify its identity in a specific context. By combining the SCID with identity claims, an entity can prove the ownership of the claims.
+The identifier of the underlaying trust layer is not that useful by itself. But when it is combined with identity claims it becomes useful. Identity claims are statements about an entity that can be used to verify its identity in a specific context. By combining the SCID with identity claims, an entity can prove the ownership of the claims.
+
+##### Choice of protocols and standards
+
+The dataformat to express identity claims is the [Verifiable Credentials Data Model 1.1](https://www.w3.org/TR/vc-data-model/). This standard defines how to express claims in a cryptographically verifiable way. The claims can be issued by an issuer and presented by a holder to a verifier.
+
+To prove the ownership of a set of claims, the holder can create a [Verifiable Presentation](https://www.w3.org/TR/vc-data-model/#presentations-0) which contains one or more verifiable credentials. The verifiable presentation is signed by the holder key (which can be resolved using the method defined by the trusr layer) and can be verified by the verifier.
+
+Verifiable credentials and presentations can be expressed in different formats. We here choose to use the JWT format, because it is widely used and supported by many libraries and tools and is comparetible with existing OAuth 2.0 and OpenID Connect implementations.
+
+The protocol to request and issue verifiable credentials is [OpenID Connect for Verifiable Credential Issuance (OIDC4VCI)](https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html). This protocol is based on OpenID Connect and OAuth 2.0 and defines how to request and issue verifiable credentials between a digital agent and an authoritative registry.
+
+The protocol to request access tokens is based on [RFC 7523](https://www.rfc-editor.org/rfc/rfc7523), an extension to the OAuth 2.x standard, which defines how to request access tokens using a JWT Authorization Grant combined with a Client Authentication assertion. The JWT Authorization Grant contains a Verifiable Presentation with the required identity claims. The Client Authentication assertion contains the identity of the client according, issued by an authoritative registry.
+
+In order to prevent token theft, the access token must be bound to the client. This can be done using [DPoP (Demonstrating Proof-of-Possession at the Application Layer)](https://datatracker.ietf.org/doc/html/draft-ietf-oauth-dpop). DPoP is a mechanism to bind an access token to a private key, which is used to sign an aditional DPoP access token which is uniquely created for each request to the resource server.
+
+Verifiable credentials have a long lifetime, often several years. In order to be able to revoke a verifiable credential, a revocation mechanism is needed. The chosen revocation mechanism is [StatusList 2021](https://w3c-ccg.github.io/vc-status-list/), which defines a standard for revoking verifiable credentials using a bitstring. The verifier periodically retrieves (and caches) the statuslist and verifies the existance of the credential in the statuslist.
+
+##### Examples
+
+Example Verifiable Credential (VC) in JWT format:
+
+```json
+{
+  "iss": "did:web:example.com:issuer",
+  "sub": "did:web:example.com:user:alice",
+  "iat": 1516239022,
+  "exp": 1672531199,
+  "jti": "http://example.edu/credentials/3732",
+  "vc": {
+    "@context": [
+      "https://www.w3.org/2018/credentials/v1",
+      "https://www.w3.org/2018/credentials/examples/v1"
+    ],
+    "type": ["VerifiableCredential", "AlumniCredential"],
+    "credentialSubject": {
+      "id": "did:web:example.com:user:alice",
+      "alumniOf": {
+        "id": "did:web:example.com:university:example",
+        "name": [
+          {
+            "value": "Example University",
+            "lang": "en"
+          },
+          {
+            "value": "Voorbeeld Universiteit",
+            "lang": "nl"
+          }
+        ]
+      }
+    },
+    "credentialStatus": {
+      "id": "https://example.com/status/24#94567",
+      "type": "StatusList2021Entry",
+      "statusPurpose": "revocation",
+      "statusListIndex": "94567",
+      "statusListCredential": "https://example.com/status/24"
+    }
+  }
+}
+```
+
+Example of a Verifiable Presentation (VP) in JWT format:
+
+```json
+{
+  "iss": "did:web:example.com:user:alice",
+  "aud": "https://verifier.example.com",
+  "iat": 1516239022,
+  "exp": 1516239322,
+  "jti": "http://example.edu/presentations/3732",
+  "vp": {
+    "@context": [
+      "https://www.w3.org/2018/credentials/v1",
+      "https://www.w3.org/2018/credentials/examples/v1"
+    ],
+    "type": ["VerifiablePresentation"],
+    "verifiableCredential": [
+      {
+        // verifiable credential 1
+      },
+      {
+        // verifiable credential 2
+      }
+    ]
+  }
+}
+```
+
+Example of an tokenn request using RFC 7523 with a VP in the JWT Authorization Grant:
+
+```
+POST /token HTTP/1.1
+Host: oauth.example.com
+Content-Type: application/x-www-form-urlencoded
+grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer&
+assertion=eyJhbGciOiJSUzI1NiIsImtpZCI6IjIyIn0...&
+client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer&
+client_assertion=eyJhbGciOiJSUzI1NiIsImtpZCI6IjIyIn0...
+```
 
 ##### Identity claims
 

From 7755d2fbba0c884d8d450312ad11089cbaefbd22 Mon Sep 17 00:00:00 2001
From: stevenvegt <steven.vandervegt@nedap.com>
Date: Thu, 2 Oct 2025 10:37:04 +0200
Subject: [PATCH 05/17] Add more tekst to the layers

---
 input/pagecontent/authentication.md | 36 +++++++++++++++++++++--------
 1 file changed, 26 insertions(+), 10 deletions(-)

diff --git a/input/pagecontent/authentication.md b/input/pagecontent/authentication.md
index 4b5beb0..645a7ca 100644
--- a/input/pagecontent/authentication.md
+++ b/input/pagecontent/authentication.md
@@ -238,30 +238,46 @@ client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer&
 client_assertion=eyJhbGciOiJSUzI1NiIsImtpZCI6IjIyIn0...
 ```
 
-##### Identity claims
+#### Identity claims
 
-The identity claims layer defines the workings of specific identity claims. Identity claims contain inforarmation about the entity such as its name, role, and affiliation. Identity claims can also be XVIDs which can not be self-certified.
+The identity claims layer defines the workings of specific identity claims.
+Identity claims contain information about the entity such as its name, role, and affiliation.
+Identity claims can also be identifiers which can not be self-certified.
 These claims are usual managed by existing governance structures such as professional branches and governmental bodies. A chamber of commerce number is an result of such a governance structure.
-This layer describes the information in the specific claim, how the claim can be acquired, presented, and verified. It also describes the assurance levels and the lifecycle of the claim, and the trust framework in which the claim can be used.
+
+The identity claims layer can be seen as the "Identification" part of the Generic Funtion "Identification & Authentication".
+
+This layer describes the information in the specific claim such as its schema. The isuer or issuers that are authorized to issue the claim and the trust framework in which the claim can be used.
+It also describes the assurance levels and the lifecycle of the claim.
 
 In order for use-case designers to choose from the available claims, a repository is needed that keeps track of the all available claims, their properties and governance bodies.
 
-##### Application layer
+This IG will not define specific claims. Eventually a national repository of available claims should be established which can be used in healthcare.
+
+One of the challenges in architecture is crossing a gap between two technologies. Many existing identity claim technologies exist and are for example based on X.509 certificates or SAML assertions. These technologies are not directly compatible with the verifiable credentials technology. In order to bridge this gap, a mapping between the existing technologies and verifiable credentials is needed.
+
+This layer can specify techniques to solve interoperability such as introducing custom proof types, introducing a trusted party which can map the information, or define custom verification methods. None of these solutions are ideal. Each solution has its own trade-offs. This layer can be used to specify building blocks to solve these interoperability challenges.
+
+#### Application layer
+
+The application layer defines requirements for specific use-cases in which authentication and authorization are required. This includes the specific set of identity claims that are required to be presented, the trust framework in which the entities operate, and the protocols and mechanisms to establish a secure communication channel. It uses the lower layers of the stack to achieve this.
+
+To define the required identity claims, the [Digital Credential Query Language (DCQL)](https://identity.foundation/dcql/) can be used. This standard defines a way to express the required identity claims in a machine-readable way. The DCQL query can be used as a form of digital contract by the holder to gather the required claims from its wallet (or other sources) and by the verifier to verify the presented claims.
 
-The application layer defines the specific use-cases in which authentication and authorization are required. This includes the specific set of identity claims that are required to be presented, the trust framework in which the entities operate, and the protocols and mechanisms to establish a secure communication channel. It uses the lower layers of the stack to achieve this.
+The DCQL language does not have to be implented directly by holders or verifiers, but can be used by specifications to define the required claims in a machine-readable way.
 
-#### Choice of technologies per layer
+#### Summary of layers, technologies and standards
 
 | Layer              | Technology / Standard                                             | Description                                                                                                                          |
 | ------------------ | ----------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------ |
-| Trust layer        | DID (Decentralized Identifier)                                    | DID web, a domain name based identifier that hosts the DID document conaining the public key                                         |
+| Trust layer        | DID (Decentralized Identifier)                                    | DID method did:web, a domain name based identifier that hosts the DID document conaining the public key                              |
 | Trust layer        | PKI (Public Key Infrastructure)                                   | X.509 certificates for the service providers of the digital agents                                                                   |
 | Peer-to-peer layer | OpenID Connect for Verifiable Credential Issuance (OIDC4VCI)      | Protocol to request and issue verifiable credentials between digital agents and authoritative registries                             |
 | Peer-to-peer layer | [RFC 7523](https://www.rfc-editor.org/rfc/rfc7523)                | JWT Profile for OAuth 2.0 Client Authentication and Authorization Grants to request Access tokens based on a Verifiable Presentation |
 | Peer-to-peer layer | DPoP (Demonstrating Proof-of-Possession at the Application Layer) | Mechanism to bind an access token to a public key to prevent token theft                                                             |
-| Peer-to-peer layer | StatusList 2021 (Revocation mechanism for VCs)                    | Standard for revoking verifiable credentials                                                                                         |
-| Identity claims    | Verifiable Credentials (VC)                                       | Standard for expressing identity claims in a cryptographically verifiable way                                                        |
-| Identity claims    | Verifiable Presentations (VP)                                     | Standard for presenting a set of verifiable credentials in a cryptographically verifiable way                                        |
+| Peer-to-peer layer | StatusList2021 (Revocation mechanism for VCs)                     | Standard for revoking verifiable credentials                                                                                         |
+| Peer-to-peer layer | Verifiable Credentials (VC)                                       | Standard for expressing identity claims in a cryptographically verifiable way                                                        |
+| Peer-to-peer layer | Verifiable Presentations (VP)                                     | Standard for presenting a set of verifiable credentials in a cryptographically verifiable way                                        |
 | Application layer  | Digital Credential Query Language (DCQL)                          | Standard for expressing the required identity claims in a specific use-case                                                          |
 
 #### Identity claims repository

From ef64c9d5d85d0c636432a90f1e605aabaf443081 Mon Sep 17 00:00:00 2001
From: stevenvegt <steven.vandervegt@nedap.com>
Date: Fri, 3 Oct 2025 15:58:54 +0200
Subject: [PATCH 06/17] Add GFIs to authentication IG

A GF-Interaction describes a set of relevant interactions between
several actors.
This commit add GFI 1, 2 and 3.
---
 input/images-source/gfi-001.plantuml          |  16 +++
 input/images-source/gfi-003.plantuml          |  16 +++
 .../authentication-overview-transactions.png  | Bin 0 -> 59458 bytes
 input/pagecontent/GFI-001.md                  |  97 +++++++++++++
 input/pagecontent/GFI-002.md                  |  26 ++++
 input/pagecontent/GFI-003.md                  | 129 ++++++++++++++++++
 input/pagecontent/GFI-004.md                  |   0
 input/pagecontent/GFI-005.md                  |   0
 input/pagecontent/authentication.md           |  81 +++++------
 sushi-config.yaml                             |  19 ++-
 10 files changed, 334 insertions(+), 50 deletions(-)
 create mode 100644 input/images-source/gfi-001.plantuml
 create mode 100644 input/images-source/gfi-003.plantuml
 create mode 100644 input/images/authentication-overview-transactions.png
 create mode 100644 input/pagecontent/GFI-001.md
 create mode 100644 input/pagecontent/GFI-002.md
 create mode 100644 input/pagecontent/GFI-003.md
 create mode 100644 input/pagecontent/GFI-004.md
 create mode 100644 input/pagecontent/GFI-005.md

diff --git a/input/images-source/gfi-001.plantuml b/input/images-source/gfi-001.plantuml
new file mode 100644
index 0000000..f2ba58d
--- /dev/null
+++ b/input/images-source/gfi-001.plantuml
@@ -0,0 +1,16 @@
+@startuml GFI-001
+
+skinparam roundcorner 20
+skinparam defaultFontName Arial 
+hide footbox
+activate issuer
+
+!pragma teoz true
+
+participant  verifier as "Verifier"
+participant  issuer as "Issuer/Holder"
+
+verifier -> issuer: Resolve DID Document Request [GFI-001]
+issuer --> verifier: DID Document Response [GFI-001]
+
+@enduml
diff --git a/input/images-source/gfi-003.plantuml b/input/images-source/gfi-003.plantuml
new file mode 100644
index 0000000..1812249
--- /dev/null
+++ b/input/images-source/gfi-003.plantuml
@@ -0,0 +1,16 @@
+@startuml GFI-003
+
+skinparam roundcorner 20
+skinparam defaultFontName Arial 
+hide footbox
+activate issuer
+
+!pragma teoz true
+
+participant  verifier as "Verifier"
+participant  issuer as "Issuer"
+
+verifier -> issuer: Revocation Status Information Request [GFI-003]
+issuer --> verifier: Revocation Status Information Response [GFI-003]
+
+@enduml
diff --git a/input/images/authentication-overview-transactions.png b/input/images/authentication-overview-transactions.png
new file mode 100644
index 0000000000000000000000000000000000000000..060f8fd65fc5a3046ab9a2f0dce10d4f0933a73e
GIT binary patch
literal 59458
zcmeFZXH*p3wl)fg0-}->kPH$egG9+l&LFwTIfF=S5Rjk<G$>gzN|c;Iq9Q?ZrpXz}
zAWcrqU9IolXODBf?~eQP{x~ptbahv)s#UY*n&Fwx>@amzxx2T?Zlj^0-Bpm6evXEA
zQx**k;~w@c@QwQpd>6c-yFHhChE~!~u>n3LSm`NPtEix{fNg9vOms4|o2Wy;OAMX-
z-`le2kI`=Y`5preEz}MT^Pgi>!8_{j19+jv{C&rad5eYxJ`sXfNGAF}Bf<VmjDL;1
zDVurYU)vb>z;S4jno<f1;9b+=rInSlo2`pGbFcpZ_yXsJyuKS68ZiUvg|6_N{x`T5
z+)hi+T~9?>$il^m!_3mf+=|27=>_UMXd>Q1VAILU-HgWD$<f(O$Xk@|&k;gk8}&6O
z9nGIZ+#N*e^i<Soq+DKF(eQI{ad6Rz-KL?T5qW88E%aPk_MhS4lPI07yZZ|vPEIc`
zFAgsr4wsiUoZL^JKIP<k!ujM0J2-;f4eIP}=FRTx_UP|P{&gN{D>sXmb}!uRT%2i8
z=QT5T@o*QVqeETj-+zDSY2|JAUsrN=`{%a64RWIPaB_2SasK<<V5kV{TOoBjZ!1TA
zX*(w%GjI(tz9;-5e~$kjd;aT+|1nbUzeaNN@Nxa;(Er%=--l|uS-q5UaRS$L7yGa0
z_0Qn{-1*Ny5l+;t|A#34%K6W?K+s~hML7Tc(8O+=`Lv?cl)_G0O$)pOjYIvRqcrOA
z-*?nDG`AB{mVt&Qfu<lWspXBnorZO2DU);@k@+}A(nvq(aX6+V{ks>Zn8%M5BxLl7
zziSB6(3D{+Jdzwn<DsFzzx9@0QbK_+fkIk+$y=TWvx|pDArM_*=~!3o>t6La(#323
zUhReFyh++YMhZ*gQK7*spIVDHpFtm%+-o#U8Z>ll2{a7+|F)@4i&04n)5)*?!t#GR
z1Rt9QhM@aDjQxAY_(!j~AYU2tTL1g0|9!#M$9w<x>p#W7&Wd+<$#UoaI6ZI<aPfQp
zd+~n@^IuQtf5ra43im%3^#3lk|0xqp8ukA*GXFm}udf?U=6q-S1m?GQn=hPCe*eI0
zNaC@n*RQmeyoG^p8~g3mLEjp&fg^YAc12J9n6AleaqXOs^O&}-6A#H}sek;Mx+exK
zqi62fga8}nEm412QpyB@o5Hlfb{>BGM()zM$f%aS-7j|GDByQ~NVTTwiU0aFfu8f%
z)tNfi<r!7sot0l{Ud9c51pm0nK-x#&PN6@^?zn{}NQie1U}s5PB%2BX6CBu&qns)@
zMCsZ_5T?7n6v4U6KVf>K_IS#n;eoE<5c}7a80Wy7#OsY{&!1&}#x(Zb;XCQ&8K}de
z^8PmKIqkGN<xuLuW8I6*d+2bg=8qt%9T2<Fin}-V_OGYB!-?K8@MGFj&)69wm`eN+
zEaBqnn-EI3MH#p}HnnPdI2!7N_ZoRtSh=-~9aEg^?bLc`d9WoGOfXC8mckd(*rT<~
zBKgK&h+m%#%(4^~Axh;_CI2NSMIa}oNj6fxCCu}uC^_vXhHawua$&Swu5!+f8@Nz%
zB%1g`1<YD8F*SmJ5McPxWTMZV?k~?)*^NB2TTAmwzu5I^nGTI%#`u@CRI$1IcSFeR
zXa<Ebu1LY8k4u_<;()ypb~vdoyP3c9Xx-W^`*Ck~R8x(;xR~@-pa#?LAJoV}m82&O
zTAEvzyLHP^S;khISbt*yQXw$S(2_1L?+~2(f2O%e5?X+oCVt>);_i=o!o8F)zM;Pk
zM8mwLya05@3y9aW3}avjUEo&xKT7c&lT<wK^$VOpLj1?}moP3!P)9o^N{})HgURxR
zCH3|{sWhq{cdy_E_G7mNH~8)~CGyD$|Bz?-Ye^*3aKK$Lt3C+^Tlcwvuy*W-q93Ak
z;3dH+BC&;nA7Xy~>g&`^2O3jMN5}_$%lhRg;cb4oe_5hi(y#XqUVqbM!+c4&esucK
zjF-v#GwLo#`7wx?RNXIj8%jrHmGDFl2g{P)H{s{s34EZVN9*|0{cuRG!S8r7@5xc_
z=fBZaU<HBcrC|;6cPea4qV-kO$x^tzP#S)RFHm64`v-f?gt_y0k^U~ChtuZd?31$!
zjM@WZ%E_&=kKgT}Paq@ZsatM}*Bn%?se2Uf?~_wU$yo_bPl_4%7SjhMXs35cSf~rW
zO?-Vd)%5)qd7VSaS8H$9pjG^Q?7+JMGlNFHJJt6}hr)RU$3jpl8#s)bSUux+8f;#M
z!NPr>R$I+p5!5cOR7_q!|MSBQ?}&Rg2WB2OaVARVdf00XKkArBVro77I|nXxFbAyg
zj8@t~{y^i%3<B9{Sv3rl2v-?1XNz?WocL-_mm(T$GW=?0I?O3CX+GfVnTIjVz#j6<
zh@Q+W>lk^AtswK$M(z1db{qEI+V?$OOH~b!3Dq_68@t-OMwS|w2Hu>ZaO>4@cQsnQ
zp7Y(iX|R^;z#%a0Sm_b3t4|owG-Y}`Y2$^<QD>@DiQIo5P}g#OwMUD@5<mT(uwO{}
zNqH|UVdrei<T{x*c*=1|hD4=gIrd~eU|#fi!eSAN#_!&%Z3}8Q2vdp1s~l~zt5qE8
z({ETYV$QH7Unt_S62(yx+$2Dh+h+Ic+P%gY^3=mPwB@z*C3+t0!$=9v4q#yX95`+V
z0jUjAWANX#z1XSs(#%!fQ2P{zfsXC2Vj4>6`64gPbLyvB9vneM?o_3*P>np_3T42o
ze+#F(K|~rV>CSHuaD6e~zy~+1l<9lBybl&^&}q(*8^h=7+kdP<Ny9GL_;eppi?)B(
zX(Q^U&?a44t_XWG&PVfRh}1-)4Y#D})&sGq))`fjwY=szn$O2d>%op8_R8KTo~%zd
z59szPB$(3NW2T{NX;KgiUMRw{7N|Yr+3Hh`>xR_?gP;Z0MIAql8vXPQ5v}?8%U=TE
zrqgl7m06M9tfku(Ay*L`^*<FZUG6s{;!Eq)UM&%QqN<n;A~g!QI`Zr)?*!}ig!J*G
zWTqOX&lCUSmMNk?DU4|dwqx_zFTQJ0E#b9PH`#n0t(zEGY7%}re!70%aX)~QAlUp;
zzd3-5BU)HOV*D(<VY@=fC|xIkM0RTz4`E(hJ$}0ec@A$W;rZd%bagzvwM*hL^iH3%
z$9Mfx=rf}xu4L9}B2~dp#ix-^cI0Ns;%5slA~y&3PO|m=qJ%c{2aS#Ki@yZyHDBy{
z3|$}QiI3?Ry0+tYZXfd)*oV8og*LB%9TVOh-fX>o{hWkTHCF88vro)idfF>QS67n`
z)12nlnlT*%tAw?H7bVcWHEw-xNdX=tNy}+_^2vEo#Ga@G&vJ6HkPm@i_S37wksAYi
z<9d&>_gig^j13PHfXd7v=moG3BTy<+V$$*a-k+r4F!Z%a7T2B3y@tJJ<b8Q&V0YE9
z^9MG?+c$q?ks14+t#W_<HsF6;nXc_M?{{+dOzGRZ;IMmEgt83DKT8h!g*o}FJ&|W?
z@P47KqNxbZW<9T#{0P}zAN{$^kRkuk;>6SnguPa%e+!d-&7>%iEO6N_4e=CL_fM0X
zwtVK9ls~Hb0>==u=708K5Q{z>BJKw)PVAZxx7lIJ{H68IekZld`I;y!wkp9yxOE+Q
zv6nGH`$?JZ3V6iCnQ4d8rkG2Qmq%l|Oat`CKBYgV#4ffq50o%NF3!<cTmmi(Vt#=!
zcqiH>Eq3z1=10G1#-0l8JFLIq#m@53^YQ<F`gKjd3m?Oeb}#~EflQLapP`iI@I5Mi
zAh|VY$N2`SFQEV=!-P3%b3_e2TGY5p_*hFW?AEWRENT_TZ)E9WaOlgqSO&^IOC@+E
z#oL){KuD|CBBQ!BjcuS(g+Bb|2?Ez5`{DOxQ@A-Qoc&qce-zZ3r>mZJkh_f1(^$W8
z-lUN%F*2xdwDl-W;_~TuXcHn<D&~E*nkdlQjVaY0yH1WpB+H;)LsT@s_CWUfa!s76
zX1BbP%0niJq!MwsRm(I`MBP((03sa4UGSi06^uy?Ur4^ZuIS;wJ*frZ!-{bsQOJ-^
zh|fXlzMG3+3@+xmN+!v&4R}hmWUDCG^7!NHE4j=C^Pf~;`}Mc{6B8l=UeQyq@{~hv
zgwbs*z;lYar0ka?1ysdv!{^WXy;={js9%*as%f?Jak5i-_;oQPhSYV8m6GcT|N3ZQ
zzg1jo{Mfg=ofvn-+NM7>NxuVl0sI7hb$`U~81_!;fJ@Tyu2Oc=ZeifW?bSq&w017$
zul=8>=uuhhAI_z?G(T<QOA))69C+)XBA_#2o#ON?2~Yg;MVg9vHo{_{zK?&pD1lFS
zp?<3bH{F(4cV=~iQCLOZv0eF%(q(KueL}Yq1#h3;lB&+{E%{sTCHA#n<;2>0!i~Ic
z&ebO}eZ+pydEy}W_Oc_AoJ8a|J?Yd1y{pl)@oAS9%8CI^0h!+E=J33F3J|bW%TYn;
zQwy(DpRUGb3qe0JMPG$E#tr6q4bI(!QWQkqhm3t1^8I{GW6zA!r0d$Ok8w#GN<p~!
z+3R_LPez+zfDhccalgY<sW5;HC(DOAE^+&Vmt|ol;(=GJ3jddgDNeJ|(yJt{2vIdF
z*m=;H%$4Ed*;<C$l1+I9b->d3`hlFs;a0_45yWLMS90j{6W5{^_Y9(^z}H<d4mw@S
zknVUzXi%Y?Y7mb5MZ0<#)DjOJo0pcW`%2&#J9eF!peN*3i)#-l3n6#PepwYz34`AY
z6?OYVn0Fd%TE7@gYdBDz8&z*P3Z5<m$0FF%DH%rFjL!(gj+D*gCaqj|ytm6c-(IeY
zTAwUs%@aHosrB6_%PKdu7+AJo`>dE5mXWjbP~893V>x3NR}o<WYlL}Rrp3vKoXXRv
zCPoJOq}TCL4*csMnJjU#__bA`N)pP6pB#uXA!921RU^&7M|(bY*{O!Bwt2<dq`!kE
z8O$Cb1$;>2OQm~tJj%{H_rj#7y=PUIon0A5lejnxc=?P59PcVckWepQ_8||;qq$go
z*-8yun)uS#PO6)9Wqe`w$t~MX^h?Qu%+9yXEsi1*vC6^~1Z&qk2V5{7>~3`4tZwHS
z5FtV?d6w6CN|W*two{EbX*=4j+ym=BMxyqL#H=c@Skf33)+kD3PIJB`)IuksQP;=F
znhB`hP2XhV6vwUc%#i+k7&q@3qOr<krkVbdMQYByKA|%?$aPG^wQ4ao<c`xT%K>^Z
zy$_+8v*MS(e*l|x3{lylvS%rqJ!!~<94-*ppD@TOObqi{L!TzEXI~U#AuUsiZJ73@
z;fzlpVvO<|NjQdxwz!FG<_1C?WlWw=ve1tUH6yCR3{-K5caZ{d<#yBE4Fo*XhjLaX
zulCym;YyrM_eCW7I=s8x*mxBm>llXlE?Mr!>!uGXl4|=CdRw)KuomB|cbV(#+Z=bk
zNanIX`ruU{BCOrwnN*1URbEsx?2AMNJkfoa60Xn5`3i$4&G*6()rW{@53s_V2#Xjz
z4KCdVM0GW!xXiQ$=r?<an+$}egqa4mbv{LN`G7o&VYR!VV#M@_P{2ufbe*#)I%RAU
zb6aP%XT-p6B{KDa|M^J9+cgA+u3%5;&7#wN8%XMIZi=(wrpp$rq_SUVF}=;t!qIcH
zsT;z0!;Ci<GV`@s%9Y^*4@l4N2RdJHw%Tg2OEse&&n;=x<3UeSDF^u(6Ia2NZtMFn
zwEe1=D&jRld3m2}SYewt?W?G=;y-N+ZkRUwP(rIV{cPovCMnwTyA_uxWmWr&DODB=
z)6PRL5NOixSHJyqGv!u#`jTT!@<Pr=e?5~wA^EatP+Gcz{K#9C1mhqxiWP190rO~<
zh@=p$h!j32<IjcZO8L(}yl~ucNH2GtWW;1qMTuK<yX?niMf69TW5u@W5848v4z+%f
zmE9kC?P9E`qjsLa<2)+)u1aj5-t@IrqUS9LZm&F%hE6tt%p|j4)@Zx&pnvgen>#Ke
ztiXuAwd4DoFivjqvqxsU#Fise(S)}d>iN${gsr}ZXcU@cS!6ZG>5}rPSvqCLJ*a}c
z?dE@5qoMf-Pt)nMWsRb=ZW%SlcJoyofk|GwM#xan`1+NoL-5?1aujfILzwkDE!bHy
zwfJYKOlX}a(7A>5+>xUlxCeqjjh&W#pU?ZwTji!KF2#cPX<>>BidaOjD$kr}Z0>d=
zneJsW$T1xRwkDSuuab25L2PZ_o5t4suxI+|zK|%1k?kWJs#=68Oy)6;I*ZqU=!vp)
zvQF!IPNFf{k|I~c!ISCLa+|#Z=`L>;sE?d$PIO(tX%nIBNO~a4k2Y1OV+&d(E!gxU
zmy3>8+ur_eyU?%W3634l9LLgiI*Wwz4VPV7^H&|_VAd&=#VYarjU+0h@tsaWdarPx
zC~=LpjTLz&;yZZ!6zUMC)1y`w+Z2dIR!P00U^5|-9rLP=lQ~xto@IR;kn{9tRCC!e
z=AbK<DRiyF5;(GZa0BPBR)kDqL+72=!O|{AcN@lkDKW|x?oGW%_h|+pVdrESs~=_L
z5=W6!IBQ@kEn47bZ1?E^0@(=rhln?*q=p7#)}Q;%PsecZNdzTM;NhUp1)RzVul3VB
zU^3NoAsSGZ++Z9v!l(C9d2O2x4ugJxb>$AfQ)@m{y~9dAq~bIUJFDiY+V&9HT83ES
z#H%U0yqhllRbI)H1QEVE*LpDSXqEkxF_VE+qXLAxbGo}-ild+YYCO|N`TL#k;iP;7
zg8e-SY=R(0jGfl^*vj?;Qj#;%u?_vo&i>)3#Bw!F8>_vthSyAMC(pNGx86aAzj}gv
z4AYEAwsMZ$z?sH5xEFTSC)=8z0O1n0z*Aq%;vd!Wy|OhANO(UCtov*U_j#u{lDoWf
zd)T!*j`@@QxtSEarr){l;Z;^&?V(|cAM?BF5+|qW$M%9_=bb(!;$fKum2JbmyI+|O
zutHBeal>|qfB!MZ#l_+5Z)Sij>Hd+W?E}Q01X1FTEC=1g-%70Fz|6154qXa$3$t({
zeF&0qvLM2vh?rB;Px0^QCFv;HB5|_Hy$VCb!Wbfv_jSLA46y}f8<>r5emS~ha5IdV
zpK@Zjt3lPFq~o(DtC{;=(~0USe?h}+qD|H+JAnY}1TRvAE@iluP`0xBCo9ZzxS0`V
ze~{yDoA}kq){3fo<8l~&?BCH^y`+b-qr&wLP7_6$8%GJhK!k>?p-g%;IpELFsK6OA
z1j1}#<`I4pa!qx2sUDh-kuum>K6pD#k?$c6dfyXX*|xm^&f)fPSFpBZP{sCGL*fJF
zL9JB1_1^G8-<GQ#m)LW0@Z=PDdzc)UKhP6084;Cvm2Sa)qL!=hUz0eW0>eOM_xF`h
zCegh3kr%c^=EFdZ?G{F|0_S9(lIzR7YezEoMjaC#Gp*LB^37^4`?<*OYmnpFj~jOJ
z6j~6p=3`P!erCSj$h@1q;*lo~%}RRx`IOMtvAb$m;Tx}YamY}tst|LS1G!#KPgE&`
zt-&1sO%Z?Rl)*Sj(w%I-6r8M`Cjy*5Wap|8_By^(F+|WeL$hA<qE(VU3b!3Xf!pP=
zd&K@dQ@x6dOfB)f04q<*aOZ?Y1-2Qlk@5KyzsZwDo-4!F>^Zl|FQzG+8^$`~PZ2*K
zNxeGY@>_gEVozwZj3h~<jh;S_R;h%$`F7&VT0ok_1&*5rk|<DX59jaNbEZXvqEcfU
zl)fBJ8iog>VbWn_O$0F9&Nq(4B-a*CuXk#Nu$d;wTjnn@*EbQ%E_<L=%bE*`9Q5*p
z!IPZwpJ#IwRLit;D#?#jxr)Xv<o6{iug8Si3K_oaVhCF&#O2X%HE3kk8AsfhiZ%)=
z1`9Pka4MCBQuz*BFxQmA1wWDOv=voE|8WU9=RuKn%I1~sPkZWFU5cxu&itlebH~=a
zCH=B5$Myoa*1j6R3CWGj_l?_)<mwMuM7aj&UP@wTm3J1LLn%gWil}O8UR+uPpX&-u
z;E7H38Gq+@h#~RP5nRs<e)h2D?U#1RzYE7N;{VISfm}zz-;9pV$kG~LtB>SASlU2L
z-JNPh<@1g)bjIae_N`J=%RP0!k`zl{(zCHdw*AzTj>F1T(N9=6`!4;(Q$*IOyCL^e
z=XXcG?>)J^TmEd#y&t(BP2^qhvm21tuR}DamOTWkOFk8A7p#@jB(^KJCU2J1L8$qU
z-;Ufj@vZ5k^2Hos=uSo}@oArPE?;wLc{5a0-?iX5U7N%;#c==-#i!7K_5uFdWIhL-
ziBCqo46w;7Sr2uQt4UwN2zSWs@56=7$sNx7%Y1qlv@m<-yVVWda1FYQITG9o&AGmf
zqZe4Tu#O&MM-YJX6;l>wB2BN1ujJFGh#f5+PnOn0%2pY)T!=!JsVS;BTqvBIj>fYi
zhaH;fU>(`v!nI=04RKZg6n<YOa~c`J1<~sHz=?{p(FxX%Bg`bM0Y*o&fCGbESM#0G
zleIlF(y{1?P&}%&%L}*A)b%jgI@PCG&bDBKbx@gvyFB~cKEMi7yc5|@0d43$U?(Qo
z1MWSW3|RGFGR)H}P-a&>lq{7_l)nx06bIXy!%D33+RSf4UqXDs5`}lFG*uen3`Bex
zqdWC@&58F!I5~e%dd+ZShj+-ZnWOU>Q)}$7TmRazUuAJhA1vgPB_AuEJ$7P*dA81M
zGI99KkEC({bOTc}ONeyjR5Xdp?Ab7qFu!{GRcdW_xQwW8Y4{<jwhaBN<R;Hi->)FA
zr@vA@;ggxg90qDw!S}29L|feRqe{h)2=sxjBzb{;#-Q7g%0;vU9MbwNNbCkf-DWfL
z5Slv>f9j@s#czxuWk(<zX<9DlkZ7(%i?T)77_-MFAwzVKHzI#f$PW^=CU<V|rhTSW
zhhk)n2CU*(2L<NdsJ#tz!;y}3;ulwGBSH~hIx-@PkeQ=?{qst*2qC+CekI@22XN0s
ze&JlzG<%KMEa*y3UWWMDN^Dp@X(FeZM%Y`|vW+1^iV@o5XO%w8Q6XJ=w$*)hz2kMp
z2*U`t39m1`e-2!7>@dLBSuRYyK&{d8JHVUBm7Us@@mv64B&6{ZF#;(g3>lWxg!TDH
zuzu?FyrDb2io?ju%89$L<<LMvt%4TyCg0k_A<wT}@hJL3;)5xx5)n4F<?O7}Q~;TJ
z$bfjxHEN!SK?KAUomDM}xtBfc4la%RvPN@^$sJUa#ESq0xO28*$8!)BmuH_vvuLuX
zVrU`^e@|+Y>MAR5PgS>%c$mP^gsz=cvE95H(9N7TQEVuOv)BPg4EnwTAc0M8qRp$B
z#CX|_%7i8Ft0Q=@snc19oZqb`P+YL+mLR1J&i+6?PW;AFH5Y_=pHN|5WtUI}4*DM;
zRW{_CV`U$)eQW2%JKo1*`S;P!T|C_`Hahzw!kyEhzg&$^-KmkkLn|MhH~62}2)O;~
zePM{gQB&ReC%K#pv5aRtK=vMYAnYTY7J!J&aG&ex(HE{(oZtL<LgQwf=|+9_Q*Nf^
z`l6+__XI!`Fa05n2j+za_Fr;>MD=U(k;d}wZhd@-1|DPDvlzH+A3oA0_#nRy_;D;w
zz>-L;(nus{4>v|`1mqa_Y~;jV4m0^rxjvpQ9a`6c*yRiwR}P5z3PI*eQpSoCccwYq
z(0^-o&t|<B+q~rU{(}Ik1)PuU22)=ykn;C!axqr4EZ$UK%X4V}7{tt<x(g7Z7cP61
zy3T0&%t25CKme{%Nn~f+!iZ9SooyDD3biEId+!}lZBW{cXQWu`EJ#&Ho+nSq`Q=Xv
zyI6Y<IIRWz#&*>;hFS@9Qn*cIamyV^x&9v6lM+Yv+K4Ux$_PMm@4GJpEX5tvUA`Qo
z=j@(ul@7pu^zGtI*f1}z?dr$eKp`^INCT*u){VP&75Pki$le_`NM7jAnII8~T!Zk}
zuYl*f7tHOqVRKiNS8#A1OYC=Gt_h-VTVVVgPf_4n!A?h3V1W1ciDuzu#b7{w#jS($
z)<Xy1H|Vi~;Tg!_r6&2!;Z72r>r>;bgOAbW@Avo=bvrK3)lzTy5w~d?;<Te|+9$!D
zp8#REm3fVv4#yt=&a{HSR*sZCW#@+}UaRea4x-1q&SP9Z51LJ(c82Uj4||ONm>I+#
zE~{@e#I-xm_|j7|b{8%`uQ53NnoC}Vx4ra_MlL|3`zO^BUHw^7rtJ%hH!&q!kdX(P
zv8fq^OP5h$8<t;7u6TLY;6f}rrD*}DKd4hP-fHWTgk|{KE6<9GA9Y==%ZcA^>41y=
zCLxsN6TAdyY`Xsn0Gn3;0H48qQt5p9MWw&A^FEc|mcjf>|6=Cac4C7%ldDZ#{UP$X
z5l*=OPGK97Ssx$V{rqOb(0erh^QeOnqTtZLM&0}KY9kJ(xHadnIVSNdPVd;CtY%48
z39kNq1q)YnKP)RVnze1RM0mG<6z-yvh|-!mp0zhH33g#(_%TRa@31=G262Ut#J3O)
zafZ3GRr(;W&3nSzgTbkVX>S^(uAbcgPOyA=Fu=KU{pr@MBBAWnFYWKJU_7xp3%66`
z4k;xLE!PVSqZ5;B>NQ0ygG<A$Z!n+V=2|Ka*k`r;XCpp>5Im&_WamjWzBfhH>*jQu
z;&`G?2T$iM8N0y!CvUysTAa_u5A!_I*ldj$iwEwz4GURA=2@Hb+=}<&?)eW2G8zk|
z8989-;ex;eE~LH_0$e<Ir3m}sZXS1Jmtw?89$fSJ*ZM?bTjQ{5a_7dVl*y8;akGl*
zVN@dW?Rf;;fTAfPWC@#eZAp>F23YaO7>Dzpf5re`sD2;az+zOah4&u4yP8Bw-a}2w
zp7VhGU56>Zdvg}NW#=1e0gw?Brtf-QF$ui*ufLh1f-}}V?#=c`wbRZG+N~C&d%c^@
zAiTZs`jwF$iMRvH^S`)zFX&|Z4T&-7(&?Md*^}mzrWZ)ChQD1ck+iILTWD>qpWelo
z`5eKq*?e4G`sP*7;d?0TJdOUxl%CzR|K&0@mJ4Jy@g!HoltkY$8eb(n!5Gawl*-5U
zcjl-HXVtCuJ^0_Rv-lD(e-Wt~e`P7u|A1Aw#QbWReEx-hxfh9VG`~`zjlU*#?T{?_
z8(YMw7Noj#N_}K%^<kmOr?qt7UHs0y%ZDPO)r|2XmSc0&=Yyd^wRz*(v7+bgQ{%eN
zMVf>mYDxnu4>EHwE!R-cCqhdMlGxS#o6b$|r3BtS>D_m?FY>lbdT&?4U|^Z)V6L|m
zWA9S{_>~;J*s8$8mfe<p!C2X;=CZ(Nlq?TY2yc}WKi4?P;q>d`cq)sz!dJgrzs2a)
zC`i^ny-%}xA@IEu2lH)|1pLaYtbTVvX<(Uq6YgDPCom}TDXk8Q*wUt$EH!btA~!y0
zHBk}Hw!R4^?3PmBZ~PrE-L=eJP*1Xh^HJa$K>fA9;D^fF18(M2Sxd3^{C@<lkW2$_
z!g?k6bzC*3V>04RmtWe)&iqFAX`D1~SU0PdQ@)Yd6<LOYD;Vwd{5`0M(R?j6l73*~
zRB9x}{?kI|cylsJc-OYpp+@t|Zi-F5=;4jnY#6|>`kdjHkfN@u#+{G!zp~je>`AT&
zK!COQNaC8Zng56RpQ0$K2>Jn8^_~VLxY26&;8Gl7fPL-|uGd`aAOrd%Lo`}wHFsb<
z{n$&Hk_qZ{pg;=e%@Mk{(}t=I{ouuJskBd(5fleG#E(k7vI_Y*+|t~QvAGDYce<d;
z@A{FrwBi7>g~OUo@$6<}3ggqQqRN=MxdyH_CwiC<XIrv~8!y2Ph9bM}+PZTi!>#VG
z=bMF6luH|@{#QNfHnXTYko}ymz^I1#43+P;#({AzA5MuJg{$-vE2Gw&`Ll|Ik_PG7
z{pC)kXX#TaBQtzCBJc6x%A`jQ*0&f7=C?{)jCD&7Wf~179W7eG-2`e4`xA1FNGf5z
zi_EPtC}ZA7>S}|^36olS>ZnmrW$R)nwHV`j`ap4RGab#>Y&0;ku%-9MN!qUz;!x#_
zWVEYVxOCUwa&3XcLV|&_0us-1KF727(Fe#3OWEfrd{VwYk(dVO0?ud5Qo(Hy{CH3o
z`8by`(6v(~?zB~lpz3dRbuV@WL~dKjW5R;lSd<dQ6m9z;oKI9s-NImstlzoc%YRhO
zV1OweMg$~9Jp95IR;MO@<sPFwPL}04fI07eWmyVU&dq42g4yE{E#K#Kir98}0Fv~C
zd9zT;ah8;~0~ZW1`(kyAqkiE%SovC<rm8~v)~CiW_U3tcJLOk6<HwhvZiYMH)HEn7
zvht;Xw;ayax=vd4X145@r3mc_;6L03y25^k{o$Vi{<n8T@2*|!=kxZ<lO*i-Whn^8
zg1^b5RD}*^jh!{6)$y&{cestArNbQm;;?s*kjgmUbBQHzHAR;+J}*BfIx#)hzUAy!
z3SUct#Y=JG46>$Ga_2g;ccm6gv`PRiDRzvt&1asvZT{dI!nCJ=%NW#w8#*nzn#H^>
zF#pOee;z<u$)jomE403|9`HAIbITo(O6grGT9U>!9d?_eU(CpwFil%3eP3P!`^KgD
z<UP<|oPmT|lSDoqr}Pv?Sa_nzjjF|rke`Adxl+9j7!FS3)l(lh*Kg!zixI~0dCYC*
zov>2Q`Csg;e4UfK*%X{??Lw99N_Irlv$qnfrb<N%V|;vDoE!OuL>e80d;>Ux0lraj
zcTn-RL?#{P(sk(6iQPE25>2)D14$V^TCV4RvA>6{`O>U6F2Fg)o4BT&4Ch|>KT3Pi
zl2)f^diLvqET5l=-O7H_J^$Ej`j*2(q`RTP$&>V{)TohdAtlnW3XBSsEzR6uXv;1r
zJas)Hk|f8;nrafcXI&}cZh_v<xtl&Zoj^ZWpHU%Wx3sa<t=3vT#pVEk8X7+`({ixo
zcMxd#^juF&qSfl0^Y|OD*(k!^eFog6MJ3_;$;LnBKWYH!2Pp~GRAc~}1I^%+$0HYW
z-}LHUDaWEI^|_XCPM3M_N%WARk6Ptx<Hqd?&vwE669CgHqt2lA$CTvX4%9KuIu<Ro
zVEZt2Rq*0-IzB1G-<;%*8Sk8}oUs?e7<M!L^rk&i$*_L#DuFBtQ>XWzicp8Pr^65!
zj>L}1Uvsa#2rEJ~!ff|%$qAh_q+kuGhM5;Q7@KMBk4PGS-VkAnavhZwzYU7<3VL>T
z`+%n_R#mQc?~4LY8(I#50v5paM>be-d)RvtlUJ^U;>5D?xkDyCK0XPZ`G|P=hu2;H
zZ$P*#G=VCPGg@^r`G@voiy??b0R;4;T121xrh%fwT)w{KToz+oAu^mgqE!);hh$1V
z`X1jSjurm;3{X}G%aA?$87V)%qu*=1@%LY*<p!aAF^sNdxr-b)o40=|9lTPc@e53n
z0}E5Gpxj-clFa+%xQ$4SzIamAkfEXxft`hDt~@17u0U=>S=E}IY9<+1a#TVPn9$74
zf!qQcoUCrSxfH}t-T|G;&L{x)RKtyZVfr<T8a{p6GF6uVW_;na1)1WZWMEP3?Ww%y
z@W|{i$tGQ)d*s&h4H^O+a>(R7AVNjA4FI4`dci$?-y?yG3_jGqnp0S|RnqVlvD_EG
zbZJ?d6P?LSz9ST6vxfLqy|xkAaEMgW<6G3)Uzt3gaU0M_ti0n&&U}2?HdXjL=rIZz
zdy2l*LP3DxjrFhp^MiYB#<`-`=1fvxJ-om;)}OQk=`GNHQ^nsyKH-G-ErvQ@D_vF$
zsv0T*<5mKgW0J3*(5lnLwZrebsxZ48CK4C*@(WLKEOpBr^W*N5Me{d_Dv?IQpT?&p
zKP$FFBtx7%x>#Y>Vcv`|D(FhIMK2!*Ba9_zTtM_<yV9X1y`Y_Y+Fa6C`7KfwD1Ulc
z0^GHeGBLhtH@(rC-Cv_MzfommFDQXXy{skyEPnGv9gmCIJ^#cBau*hBI}6E?IV{oG
zeESrxFU_nab>_uMYcEsP3cUuqe@#3@_q`TUQUP=%(+@!NgR|8pQAH9Ou5C>7J+%u}
zC-*oSpNM&Y9xa97A^{ibZTR16S0EQz%T2=fRNf1LQvkd)sP#9e=<GLWufA2;7tWRz
zRl}c!la*ZKw7&;xu7dW{Yx|7SQ*HVB6Hc|WF)y8#zf^Itm?=H`xE=f2&cP4T4CrQV
z-s5U!qut{go;^Iz>592$oEvtQ9$WMS%MflmvdX}gLbCJm4suVHjg*7|#?NAKvP$dV
z5e2ud<|Rx%GTh0-cWJg9*=H|_>X5NRF%o{upLMhp6}V)>JtGeWpSId2%e%tIk?rvk
z{a~eQpjLV`gUR2Oj)8tb<>U#wsbOKhzmxn3NI>LYb`CgfDze7?3XumEE)9S*I5rhl
z2=69S-b(18O)mj}yC<^dG?e0{JcVc~Yb5lpJyDvqWcq8uqqupHzYynk*|aC>=0JaT
zIB4a*83OSJXSqr%MCd0+{1~U1mhop69*1Ct>5mFW&cw=Syx+N^0KC1%cq9s7#br5<
zHG3Wd6YV4F5Uv8d?c+HVl<0B1(V8GSSo(#ysEIy2FBoSPqS*S3t=Sl4#hwit1ZGvt
z>FHus$9s0UmbZY1e*-)`=SODDzd8H|309XOHpx-0-&YRwg3nA({{rSbAw!^ufn}zE
zk(i6y`5p5K)QhExNOzxa%rKIXQ|Uk?&X#$oi)<uBqrJ9TlEGf=`tqRuLD2BTR4idV
zA_P@VWtOsAiMH2FUfp29Q#yde3km@MfPNZ0Y4ow}czJ6{kMJhm)u;BKCQA-yRde8P
zl`7=6401(DR+$TI%qQ7+iDcUqwlX1Ud`7d4cI;|9#u>(I?)a_w+xj3h3of=FNHq58
zQZAzO7}Zdq%vDKAn0YVocG%ZcQggYuznsQ#FPQ)5b85Ro616@#Qoe$A>f*j|&M-m{
zA{rBAULPkvK10zLUQ1|WPk7m$PblN_@h5bYJO#$@htwa;E*X@nzHyf-;3)ZSm&@%e
z1mmfW_uW6lAz}=v%?7S5(|z0)F&xp(-$0F<MJUxrOvxaxupZGwIMNUx;OhrCD|^|m
z;`2mS73{1gnhqJI7(<fQ3PQ9}6iayteX7apaSHc`hVL`OI>>L^O<e%SqXXi8q|+!Q
zx$hZ(*f(<3GSWu}rWDVVLSWNUCXIx59@wb2=JU6QPiygau$f0|dW^^#lna)6Jv%D%
zi6R$J9g4w+!<Q^6y+C<~{%)&n(C6Po4iT-mpV5H1S_3LBDyR7N&yrS0$Izeq48_!t
z`f*Yky?_nEX21t1Zsf8zPm|6TY@3U{H5o-XYhK#sxzwHYvXjzF8I!5!AT#*hZS(Y!
z5zW&Kz%UXT>K^{Nb&%{(64ux6QNqh#Jcp>r!fYy{Z13B8u7suc;naGhg1t%5zDYsl
zpw@<P=)S7ZMz*?3m^<-ydZWpR86fT8?XUKIyr*N#=9zp_B3hZ{Sica2JFE};>dXLR
z`3{QS#33(xgvAus6Kadb=S2V!D`;mw1}BzL<@O1zlk^7JOqojl%7bau!IxNe=$dTG
z`KoISr2}lAjE(DDnvQe`Mdu7zN&?2Ajd2)2B4z(C5;?y5Vj&!q|Ec`Y6GhA=r2^i4
zeo{+21BW*F8(?d$UEbU2$9=uHL8!#G*f_C<+?hu@DQ|-yusp+jo67&xZ0*hS+TJHU
zbvFTxMmc@|u6X>kC;;&KT`*SNkzH#3!_WbF6brC@=w${gp1AhhnM&*oYiT2);|EGm
z6!+Q{xj%&478s3ycurc)u8EyI6#!O0R79&o3Qu$e;6eViD=|tn@h*AMCIMF-YXSwg
zJyHN+a^|@b`)Xrec8X0p6k>fADt`GLTH1v_&&e~$i$oDqCN^gEycge~=()occT=qO
z7NlCX0~<g-Iy0=qxuf$B1jWnV=Tf$ExqGl^qz9n2X@4d%tKB#7Z;As)&hF>C{M{KB
z*K`2I@V+J?>Zjpi11j}n`1u6R9~P|@?E<BE>ItcbF}{a?u8m-g1NnT*4&fs)%<jJn
z3X)#a7K2U%P$9~)FH-s<t+v<6#h}=P)K^3ir9kc>pc3Nn#{|EYaKix3+qp9+f3^2N
zG*pHZ<aV7)LD(O;HuF-1TMVB)ZdbcGu<8W)pztWVSR{+H<?`hkoZG`ca#o#5L^i@{
z3KXNmtD{iWKx;7FzV+XC{_;T8@1QpaL@X+n;ICu-ErE$c!k)YhdJW2c<$y5#!auG5
zlz7dF@N}%yf3;@jWly~pAb$zQM9d?PYbjN(6rP;6#DcRApSfPCVL)<!lsZswTy~hN
z1n}-VYznn>>A$<EF7@jxt{PUPv>06*M4=MHTb;>x0I2$k7{((6CZhDBm85y$GP&>T
zFuvVyFu`D#8*C`2ix#*^@c7`Qbe^Q$j=8poCXb4pGSTa-u1KWYQ>`cPtS|G2ppH`O
z<P$G4HHVGno!WUZwwrqV4H0E>N;j$8dbw#GTA1q$Y(Kqe{W?F=)&wZ6&VcXcWpdW7
z8~)fQAF+)}Z0>2hSvW>x8v7k-uL+nIur3vvTosH!azgrXM1V~<qlENGQbYV>IU80;
z2|jT7fSUGOVF>k?k-;4jsl3%FAE6e4R21&{j1L6X`Y6~`pr~S87YVp#)ae<3ioFYz
z(d<WEF%=LXJE}^8J7ny=c=H61UK_Pze!u#MXPP_>cv`8q)It_%K>i-(*{b+Ae`m+A
zLL&L5Aq4PiBS2htJPA{K^;vt=aNz1zBZ~EL+x3dE2}OYa8DEkjPl&<r%GiBKMx}D-
zBgnSzEnRN{s<H)sLG^WSp7_;9uBYe4po{&E*v3hs#vqa_<E+=F^$ZZ0_kgk8Jq9d8
z0oNr^Ozpnbquy|Te>Y@^rA2g<5=6U{=*7|Wfm$Yqx6`n*K~XRy=*;F0$QQWf>om{+
z@{O+EMfg{*27@G$S_1m`5AIbL*xs;(YIQ7HP+xp(Ky<SPGnu_=i9L{`_T%-oW!Xvd
zn%ihT%;EHiQQ74MSaZhAEpo?&bYNLO$nppXOxb2}T__09V|M$Fw}L9`rmEl~X2bTh
zhU#t3ro)&NKm@q}QZ%&vik)@#8$vBf+SeJOhcfSqDiWXb+ca?hPE~J`Vhe``Hh!>B
zKnl<|^ST(;KP*mEdG|@cb+VIw<?AZxq_#?6V@6RhnS23?zE=m-Rq*TXO7=Xc*=N)*
zz9kR(0vvm_@J4p*3?Mn`+MH(qN+Hd8f9g}7nU<w+))~eW$LAz@>k&_|v+NH*8H1^6
zpDu#!xqG})M#~XF$k4FBgImDA;{TNU)+oC?vGYfgZL2SloEV^@jp7og-SQ+G{E17$
zx{{`N{XXFGM;~`5g#s}&Z}@u0B>;Ei!!J-hpm!?#!-cjxBbapBGbrR08Ib$t?I~2&
zqkFsjU)_iAaN^D`;Ep|nvdcp96xEZ~D8@d%((>B=*AUH{VR;DwmxgOQAg{MQ0nH%p
z)Bq?p61GreJpc&17r<5g>n{7fnwR~rwoIn8xH|zcidSF!8jwqKM?6Y{>TF-lIX(?)
zY_&~y^-q}H|JWSeX{%Fz*aToKxZQj(Z~$B<R5ueskpY>W6m8FMT1yGb`GyKpiC={L
z=?TDpOn}ZAGImKK`747&-r?MVn9ZqDP{bkQn}!@^d{vl<MU~wxJh4+#LU<{+5aX`4
zu93EZQ}tMkpnav9-=-#?xM=<_na=uC6m&p1P|6KC>BaN5M@61aDBiK_<>8kp&}(Av
z6MA{ByqHcc4bK^B*HjbLK4@u!U*6Bb?~JJ6yLRy1DXQ!zBZ9juXdU35!<$drIma(K
zM*xPQVgBCa&`<f5v%4IC^eM%k|I_9mM63R5&!m#wL74<T<}#=?qBpp7aU`_dSq&si
z1H0b-N_ho2t_E!*MI0q06h9_LmuyoD_A@)`h<Q1V9Q?-PznuE-^i2VZuE~fXpG#SJ
z(Xd(yf3Z~s06V!xHII&rD`}Ac<RNyP0c>5K5#L2Yk$I3QY^JwdB6|2*$~9D$%?eBV
zwL2cY7l~;TMHTqZ1*1NmR$s;n3fbADy5Q^q^f`IHOwf#(ifsA950^0Ik}Qi@6m|gD
zw@HJXUq3W2xmJ61T$!OV+-2-K1s<Bi+%kWc6qA3Ad44Pc@yxl8RG;$bIvzOXS`L+m
zoV|0ZPHt(8^q?C6#gUMcFi|~5&+u?$`~bOJDk`+@2aF?BVxH@?MN(U8XX*gBYz5y-
zuC1EPjQQ)7@ILeDRoWbvw8`z+K@J>r^!KalE&;jzONmIx5T@pUY7x6n0`0>;0V#@i
z5c9``)Es`~D11&>!-fPLh%{*^$OMw3uH&o`D_sh&a6Tody^4FC_Z#&0+(hT~PY|0o
zk6@3vOiuI0>&j+pQE;iuSIJ1yd@bExR0f#5Z(h=SL)1lw>CEe?2=N|x&Oz7O`URur
zFMn1PRtxv*wxWphNoNHxz4fR!8es!I9HBRH3E!dm5(Ijc_O*5QWb73-yNNIAjQ7s~
z$uuLIc{yxy>WdS0R$9y>lw1NaaCiaOisw&RiTT{uI1?J*D?}`N#Ci%A!{Be1))1Vo
zZ*)io_?~&v%!zR5Ta&<}ts)cU<{A{6e}Ff?8Xq^dyffc_vZiMIo8}Ges{+4X?oRrX
zBM~a;EnRb^Ec89lX`p!!(FtF9K!%rn$;-yttV*g4xjV?aejq%Dg*Qx3#{{Y@J0r2Z
zKmR5;U{;2h-IrGmHSHGlvhfH9XGRNAaZ1s!+$2f<s1a|i^f&%f-a8;IRl?Nlqp$dV
zIHHC%AjfL3Y#hnM=PSPm6iKNYMeK6$XYuP(Ybm)xp0t#<-=j*-8D&9n7P?r8&mlQV
z;(OAhN92zgtTKSzt8PIal?L|h`JXhjS?Cylx=qFt5%`o8g_JHr?CuLaTvICJ@95T@
z%kw8Hm;zW0#K0nwFUBT(M3HpNdk!&t&ARd}^V;U8=7ft@yhwzo#K`9&5$UnF_5qXT
zXB*ddt?pUd<nhzNJQbtdQ3n4uBR(F>_K)TvZen?M)$hNwIWF`_`8uFcjId4k3l%wC
zva9Y3&}uctJ?hqy`}_&o(1H@cB*!E=yXQb!8pAA|U?%b*3~Pw7*?u7>P>(_j`76bR
z3K4($B{1%pVe>7SazXOEwMGHVA|u~e@~;3y|C2_12>q+5-pcTN)pEhy^1>hy9QOAX
z??pY8pF>5a4!qBsq$L{mymCsF^7ix6t)SkUojyulAP|A)^wfXAw%zBu+c+{9#$|6D
zLx?#d`RvQ&gZI;Y5t^S1-l%q-CC@oq$$x_dORrC)RL64(S#`&KNbERcG&S%iEKwO8
zLtqh`n`tSrOq|ZAcOEC9ISzEY^S(`+3gMb!{z{-`!%5t^?LoDOkyz0Tu&cfrg6of)
zzDL8Y`L{?Skwtgi0aVDDo?aDsi$i}gMu|gV$@W7&&_YJVZiA8T!Aw3%-u&_-DJOhN
zyztKV)ETOTB_O^;(9eU2M|38lC$SdolOD!+$zQk-6||vaxBXSO$&Va0!hT2;6lU@D
zQIsGZw8%B5!`=U&cO_kwe%;Q{)~anum&fc7)n;&J1r1TWQ+-(#qFMN2L`8sMpR@6I
ztIiO)7|^P*sY~m^4tO~l3qRrgBa%=yv#Jr-=CJt4spIX+0o82>0E6RUR_{|^pLR~n
zyg&jFmT?4e0;-!UP&U}qwSLL292(kFYt(N6h{l8>rHwl~<o0y*gC{4x_@Ndr`M&$H
zxvMnV3MFZY7tQe#%Ki6WnsqseWrZhSDQpqx2ZUqsyUOr-bS$O%pKmN`uqgw&TFab0
z*VyBaCtvPXEqxJ6?kJUfaXuiTXcb({a6j?-bospiOVouZo$1be*7i@(Sot@krTCX{
zO7uNYMFLB<q&Y23@znVjKkk}M<`{WSGB|Qrif0=<guc<Jlzg`J&?Z#_)vaMaRi-e~
z&(2AC07y;w`ON2OZ&gDy*ctGr3(KoJ1|cqdN{8`I`mMH1%dd)E?5!N01{KkuPc5}w
z2mFLsj1D`LqT!@tQM`~)NpIR<K8p+)0!^O~;x3Jm&B|^yy111#$L&#ykRjEsNbh=Q
zlOlpnsUw;}5{&YbyrV8zIh@b6r)fVQu&LH9WTX?U>yVBuj7~9L^;ACmQk}#W<=L$D
z?u`PGtjghNX1+#Qb%-NAJDz%v@PI~3GOK0$e7^Fom)f_f+>6wof4LLDEH(a@DAG__
zv1KFE&_Gb*6BXsk%L)L5YCvf^#Pd6$NhI0307?eF<*M!1Vbs2L!1-g^=N3j+lL*b?
z5RDWhwM%pMD+W6LDM!T~)5*7*)=~*vQ(b~4nro5MR*6Q|lW@xAD|84>7T~5>?|`OA
zr4WN2VLwND7>l0}4J<e8g%LBxIFv=(js-U`hM>%UVw)8AvvqTOtwU53?O-v0n%2kp
z`Cls;<jzX5M~(A6|4GQ`l$C9b`)PV%;MP#Gjs<ipX`I&Sm}zfJb~P01QWG29A?w)_
zCe6R892(}6zp+>)w~_Tt<X&#EO(}1UaX$Z9m5BQ&-Zo@YA?2o>Y&8FJ)fzNpsCM4J
zLDh2XS}scLe4Qppu`!n9%W9$=Y5c}7yMl5jpR}H$b9+%`Rw;4?<|;zjNEHZh0V*kp
zwZ)s|ph1lZT6hPiY2UFNtdm$*e-X{1p_kgI_78I<z|sWShWwJf({rZ;pZ#`{&@V?2
zH?6Jw0x^KCKef%i0Z>6~cs!jc^^^Dl-uO2XVc1m&;yyy@zE|g^(d#?q27o;+%J=i<
zZODtcsevUxTZQm+FYzJ7s=sI4{k*&(1kidXoqaPBRh<0uO1^}O?g8cAzI6OD&m9G8
zOVC*N$8bt;{7q^cfz^Dr|9&BP+<EbX)IEicNW$x3$&tEZm`Lk72zV0O29nRkoTjQ)
zpvGpr$6`+OgvqnznWQdA%hvpkZyWff)quOaJ6R{de%t;PJNi)F&!lh9{(1Uy?AL%P
zFi}w|9G=l`#|TrTsPVS<g)VkTww6K>fTd=Mg!XHlmn+vT<LKpK+yWpcDaJU~NT+pB
zzP`QPcCv*FwmU1#KGV*r5`+&{WYvHd5h6%dH&J@2-)h;Y@O)fWb?WJ8cR1EiO;j90
z4ez7nhg-D?{hq}GEaD^H&c`9I_xJt}cfG`IRR0`8{UrUKbBZlX`mjC~;m;)+*FjHf
z-BbVxG}3+;|E3&j5%rXjnX{DZ9Pl5QTGKiTLDQ<b(DVyYhw-B1@$TAl&<OWHp-~S_
z)i<rfAuO4Tg$b>vbNpEC$pI6hqG}DayDC#z;bf&n9rS7HKouXWU`^Wd15mLV?{&NI
zejCxq<S3|um#jPmH9--+kfHw&#9+Wb;8<lG(t+N`cUy-vo)3iqBF>VjUZ+8SC3W%K
z-Db1Ii6z^f6w)Aky8L}_L`~di<nW;{-jbwyBXUR*i}HT%UHzw1lB50#bC$6x+n&F)
zkSnxIqD-bc;|DO%I`)rAeEZi9*qzsT-m4XlBme~WnPjJKyM0dp;??_f1TD&t7{!T<
z#Ccumxoo&s9c@2gp1ZG5napNuazm*SAjnM13OHd*8LwU<lwCQR4xcNHBl7F@nuY9}
ze4(L=y<@#hV{mKfjjsuB!=<*3zD#N>GRdJ86WCiA<^Y({&dKL1rlQ;JG7+nW$t)`@
zwvSogf$w*&Z7q*=ZJzqkt?uWjk7o6ldpvz(LYXvD#+bVz$;6z-+4XA7ns~`*W5l>J
z{D+p$qxSL`%%U4Q6$mXdj2n!mS8AP}m>N9O!_$17bNK6TxXwYE4QGE>VsgwUSc#r6
zr5a>&>EM^ZRX{dNcvmrA)qEX9vT1iR9ntRNW|2{Bq*ZuHx2P7rBGUIT*;q1SCXb&d
zFIb6TG<Aw?9^m_%!J=Wb{{cxR6V@JU@b0ibRCCg$B0Fiv$bzzOCiO2zzFy)k=y;dx
z!-39ztUBiXgesUNGE(Y@4f(xA8y7&P91rvO3rlk&I+v|hFF<oW<0?zBBbV?}BM2*^
z(2tc}S1HPl#tq<+eQ=0Fu~4oZx4!TMtNWAw#7^gJbXIa+9f4iXxX8W`jra^}CR)*w
zfNjC@N$V75g$eKO&G%enAAaLuB4xe_b++ujK*8_9ub~m1bnlY=4ow~nO<P<RI<Zk$
z#}nd7jA+jC*^a#KonjWVXKBjCZkKFuhNK?ms+`|6yrJsr+`0T-yxIC$3BP@Kuz%k?
zfLuDVH6V9$M_LjDSjGDj59aX8__tM@SN?5fs8CiWvYow>M@;eeFy3N~80cK(1iu#`
z6x}=AGp+T^zOf^(Bbpe%3L*8}Sv!MB0CA6Bl{ud&yoi<X2JM9Ot4Y{4&>A7dBG?<<
z9s{}Zckm14wVbrM5eti)p_dv&jLO&^VQ>cRbMMIOI<_<i$C9+g<xGY`^NS_B<DIC3
z_|lGF+yRx67&XWNGk6Vm!SKhA#mAL2c&6nwr=D7dI8({0)VRfpc{$i@>ChyIzfeKb
z4%E<}BJa+cwMAY{Z*GVf5eDWab}#?5<6<&A>mDu%{^QhdVBv0EE=~92W>F@}T<?$?
z%@b}`j_o;bT%IfR<JHVO>0w(=06!{FJNOK@+9^2W<?`jZYJWue?nnl*>VOIj#ZR<L
z8bC4RKJ0ceWw=MMRlGB>%ZWz;sbfzl3BmzCi#>t!>pwYf1-91W1svC=AJ@`sd!zly
z+8Y4@fJ8G2ru%F%uLXp7u@;pDUHp_2i<vpuniIbM@$~>B>!3B6N5@~K_d|xs{1X`M
zADZ9Ej2qL2R{FfQC`?TpG=4Lk9He@yDXz&#t~Jr8Weo2nfSQi!9-t>BGks0rwvc`7
z3$U#hAenY7Ytnx<HiR3x8^)CWg2iCf?-x%7j>Tb-yMK7IFX-Q&HFWEHu;jmRgIfNx
zhfqI>Ma$EKgJ)k*?8qAe7HO90%WV<kyU}t~IM>vAen(@ot+<@2*$BG26d@0L(hC47
z4R>9ciF2!_ZR%oY{XpKjZy8X_sUv9}%??`Ng8?{;MgLhMGaF!(3{IrIsMc|`z-Y#A
zCwuY&oblwYe@o#60g^(+#$a6DYRo-QLrn+eCf~O!Xn~Rhj|;B5D<uOWgG4AnpJ$Zp
z`>*r20zV#wiXDF9e;(zp1uZzOj+!pWZ*(m(sZzAv2EFij^&pIG(mo6ng~QOH^!mR?
z#I_oXwwpyvR*vZRsG(;)TXN}F2!#FpI9VPX1SU5j>rD%$z4D1*HZ?J;caPGS$grRZ
z`d3RAsZul%ul@SnH(e9rnNGmWk@$a@9mjcTZ%g7p#P_L?>y{K~`5p|A%jf>0xQcy$
zEa3V;{CeaHPzIg5-B7=9alLnaCB6pF^guQ4kNiJ`eRn+9-xojc-i3;cLW%4ZQL<%c
z&rn8IG;Ff7cXqO}h0M&1LRq1Zy?3%QvUm8M7xnq}dpv%R$L~MAy6^jX-E+^q_uO-y
z=Xu@>n9Auzs@=s=Idh>de`~rICZHkg>gJ@-!4EKL+jDa@uYQV(`AUQkcGv@?;{#+m
z_wS5&uF+nUx;#H~7r7XZgJW5?;;dv9|GT}8P}j*(habV^d*$G2MJO5a-S+1V5_d|L
zhNFQk13@c3(R{1h$0xAcTlQ({x9`=~{EQjbjU3&Fw=EnLRTTGI8}zdmVIQLyb(GIC
zqm|hmd6O{aKVY<*n?9c%x}ETP1kTeW4d2iDJ@XKsvPEn{e7{KgUs|!A*-W3Tk`L=|
z@>txi-leO3a`ldYpYYCcK(M(l{Y^pU5J}GY$ZBkC)d-l?6kNp;Nl#(reeO_pV~l-z
zyk8IqvT`-RtWe8J^`<6zLi;7HKI##BvH9{0kO9y(0f2l$L15+cWceHeA<w?Axtad^
zpXqV&V;bD|E<v7hxy#<rSZm}X{IIu4d-6AGcWn;$#|{&oI};w1j=4J71B{hEJxg&e
zp?lEUiU+RbBLJ4fA3KeD0N@E6dGu}r_owgI!2iFMu;iRE70PJk;o3!524RGTvf2;5
z6?cb>T&j4a-ma73hY&c^bs{(zg?WmG?|(gh&R2Q2$THCc_Y(&+o7*jP2oncFg|Sm{
zm=&Jl7q}X^P)ib~fB{EGb(A{GDlHcEEeJHHs0Yi5Qi%>+tIQ=_w&a|s+Z&J>M)&y$
z$lZUlWano_lAY`0JNE4&SU!)3%*qn@0f{j`p*AHtYC3)W>a{_4DvK9oxdJ;ZQVS~;
zYo}J4f2r+ceq-(Is#N4(ylG#JiG^ly<sQ54P|Tz~nl(~K9|ZmdH~CS{oNe%t8rUN_
zwz7^Ei8h_m`r&6s+ADtAW7{E^MSNjfHr9iBiqzFoZGc{%XXSXF^KlHa26izYrUrAJ
zc5MEkk}?MYs0r7VKwWR#`@NbbtPJ{HTn2^TPEDQ6xpLWc+3O0Af9$H#2EVl5H|65%
zL1x$~!6&Pheb~HzPton^9&YG<*M6~_>u?%)I--#b?%EHKu!WA)jSapvgYChBy6tlK
zD6;+*gdoe%<-e*9NC;5q2K?oGBY8J)g+j==-OVrmTLCFbB02M5{$$kh$6r2Yt}?I9
zp6tMH3nY$dlbo7{3-?F?^XM82yONfJezAV#`iUxji*ILMQ!N6dGG_9725Cm>Bb_QZ
zt2x;&Jra~1Gi5O6Gs~HOWZG#o<R7PC(l`2pUH{?MCGz_B8Zo2q*e9oa-brYz|Nf*q
zRJ16No8+Wld~Ffn;zYzc%Q;TOx(*)2)3?gS?k`=xB$Vy={pQyna8A5+>RqTkd_ve+
zvK#b#ZCU3vRj{saYPx-AE#jf;ACJZ<7%KU=HOfDHPiP0unuuW%ESKr$fm^$Bzpg++
z`1eE-ZIe-e*yIx}1(PQ}bh+!8-?iLwCe_yHy}K|6s+TRU{yQ+fC@CPjX+-|h()sG#
zxy|}Z4ky_$P#5Th4|6SlsBFAuP*Oeob~Pvw;wvIbFUTPoM1fop=i=Dm!Ip`urp0rb
z>xRF#S2&lZ?vb=zqYaTVTp?>lcZiAldIzM2@MUj8M61LOoG@D5v1ry2Fl`%OI@vv)
z43qSITv+{}&HVj$-&kGQ8xd56^@_Q<<Zi!LIIF&f-j)t2a?8mrJ#D2XRKKNCY|>Qc
z*_j9UPMi}x%8t`G_q1)*UMfsv`*RfKE5Aq>-OHc;`2A%uVI=@K-(N@R@ms0s<PWHm
zuUZzrcMO5cYZa5yHz#zjoVUu*PjUgsAfNxt6WJq08mXSSCF{n_hUdsDJ%0CD$v5y@
zU)c5Z4<F@tD)-6i;!o@O8KYyS2ZwX(=FgS}ZHmfGKITLz{{FNjOX>pD65*?mEYZL>
zWTT(N8)sT1z1kwk-);Ak-Enm??bqfBkCKeJSiDg(E+!$?D6KIuQhAjh<rgvM6~9d&
z@j*t0<A@;dknK3&XCB~IqDV13P6KY>?)#Oj-F6~4%VMQEn#kltGfZFj-MySwx!NS|
z%}%z+7@7+ySoIw+4X$<Dgf0=iiam;*>N>8t^^=JSQZ3!qj-mA;69I2zuh3;m#TQf7
z^fajrZ{P2GoM3zRIkQEHjZS$h(dWAm*5aeuO_L6PS@}C;!k}o`M7r0%;OEnQzHsSS
zh&U?~m_}IWgapKK!=2`Ev#g5l!Q<G_Ji6kYtRZP-`ZQScgpDk@;^pe%CVt@qSvR_t
zLZ_B8su@ae@)vF!0YnbTFOH?N*nO*8o2h&5=J(hGg4?GWgo<W0M?c-Q5E{`foAcC7
z;&yZeVhEqdu8W<6V1sc?uiZYUD7Z6;ubX0X>^(^EbN`s+I6;U7Vj}^uS$qo9`7js6
z=|b7Q7}$eFgs?U}5rz-~#@R9|b~HL*t_qoYyhq<G)L&u~K~zqWNE57&JJe|D-%fza
z_mZ3jz73)!WyjWmhzE}4G1WBZ_^S+TmtDi(8*iz#nF9`P=VDIXIibq*ta`$8`_tFI
z?mGk&;v}x}t&=hPluJ`~**u)036(!7kJY<w(5!`$zuI=|4H1p3L1KZGpewoj?VK}3
zL!H~?U%d811y-fZLT_zK{fZOrRv1p{|FT_qd7gQ2q82S#D23%nLPk?%@XTR}wqPe=
zCVWrxphi@a^y6ab&`XEahM<#`cD(g=bGJ54HhO7?=k}u>7cO+~_d9hh$Xv-)C}h9H
z_8tFB#n0m0JOll8z!_)m*a~wTf?s&7=V8w;)o1&!lAmQNK0H~qa;H`&e$vQv<F1=L
z)`p~0Ug_7<0jaLGAP)ws{pm*rDbztBBDKMn(F^;{1d)soFaL@h&5a?#GIvE<E}r#(
zlc+{rJ_{1rVMBF1N6B7^h#D^b@58vC{C?b}m1`;=9ldQ><IRUdY1AP}o%)93^}~tJ
z{@)YR+hy_n#RNtw$@II^6PrtImMa_?xOU`qY7K~FO5yfjK3k+n@tClb7Vqk3l-ek#
z#QrJX*K#Yt12KA0o5q37QchR_g}G&n*YgtI7gb4dEm}sfI*PLJG_24i4ph)BRoguG
zarWOhUC6#WG<Lux%_bsbPEv0ctztR@-tTOdmzGHO{KFkw-<NyA3U48U@EPRO(mNVD
zDj*y)`bMXF==MpR^cre2Bg1Xw^1lt_v6mkn>|r_W<E_Q?bf06mn>Q$l%GDkUW&G*A
zDPS@XwC#5)kilZrrh-|~NijwyiN3{_1GTBc8Cb^wCsF({o@>gq&qJ$cF_3flv>pbU
zS<d}H>w81SoR}h<L?)0HKDGdmHmqKMTzX0)W7E4YzGVMyX;u~W&*PNmC8yoh7)Uss
zs@c`O+P*#nBNTVcW$L$ae!~x0m9>x^IUyG>n9puJuWQ`(hUfExLAb#s3Ix<&t%ALF
zOo5j9t4aG(lXh8*LeBf!?~MFXd*1Y1e{{Yv_~Jvy#Rl6F&T9aE#4ula-Ww)=X4h)4
za_PlD))m4|s#Zmvs$9<j;xnl$u`$M5HU;)Aoehm(T=Mu+Scm7zL~oGf?`M71sLd2G
zr@PbOwmPiV50U#523ma7!$Aj*%QaZxTrbKpcPmVLL$QKA6PZF-%?KKSuj^5fpyhr0
z650Q)?0f&LY#>hfF!=6fug%_r$aHE_l*eg8*boakvR1#~BO4-nIpqCy7c<@Y&7i1=
zLqPcAt+V3~rq813iPG<-4mB<f$q#a+b*wMH)e|+&sC~lnJI$=n<lR?+Hd@!8F(YN=
zPcD`AiUs?;vxE4PdQ`r+A&%VUW7{5UdA~AC*wPsQ`#Z8JAXrLN_5?I6Xuf@67%h1{
zz$-m_UMC9QXk{|;Ef4)*9DBCYW`><&{>mT@!#kCITJlLp(<xi#AVI*;NmG<w7P}uJ
zF2gFR@3zAC3H*MJ8q>HSDzj4$ZM&2OE)*YR<aMEPB1zZ`C^6N!GzEzn1RIh#vkg*{
zOV3|<ch6DAAsGCGa$akd=vdhJ)+m8L1zcwU71|~EqBkd;MMn!8pIR-mJ|UV}3^Xbx
zJw1g+>R6-F$GJ`u&YGSs^N%OI*+P#)O_+6Q|7(|O%|sky%r(WXrV9+9F`l_*pJ+Qi
zH@(0f`a&@hdXiW^vM)BWP~B+f3B$8ow(NG$e!z|}Y^u9zG&+#qT{O+(A>7pTv6~?N
zCQ&*))t{}i38Gnf?zLE+H-%l~Dc~x<fDB(OLY=gy!hG?Cj_7M5g-4I0@cYl`uS4WO
z@<IM!rCNK0OOCE`?JQX8H`3iSochbl>=H`3iOtox_c07M)1&*9G;tC)@7LPqByUK_
zlinNpj0prAHI6!{&4a06MFCh@M@Y#Hnis3xXJk*wB@dC9R8Ol2pqb@C5<jOiR>c%R
z5^<8G7x;47n8_wJjB7q;fU~c`ob%RT_g=r)4F$a&@Y}5#%3~1;fxqe2O$0P*vwpvi
z(3x(Sl%!`s;QkQ!!-1_xJU;w+nk{RW+r*<qV^75e@SIt<1s7_lOqWp1gDE#Ju&7zj
z8Y@58{^)X-6`6M2IHQEs`}I!Q6J-(;D-fiLvh2BOa}rn_hzS)G!3#pGQ2APsA-<(G
z#ans60#K$YRj|pF_ppB^3%&p-Q<h<&7ttR+_RV4av_y=h8A7HD6W^kXdJnp9H7iay
zRXVCHbdX1<ejAB+1cYj#7VjFKkmFukB`nxtvv8h(@a`0HcgVfs5s{&zenSs6@=5&!
zSJDKPk`de<WVnSQuRJ}vJz&H+2AxjeatOm+%`Vm>!~U9cgPc}fD*lCidhV?!T^5`@
zoa7IzXd$bBl-SSVSs}pXT}FAxpMIgTTDQ!*Iej}@UYEA0zr?$e=S%pv&x~gDsqG=`
zmz?U~WUOiOu8MOyaqg>A5l@>ApaR*#z6#ivWU2651sZl;lgv>BK7^15=l$M~x<NM7
z56SPt>4R4ja2n`?2J?PB6Z+<)BxlBvXUCf*{O+BUzUoBf$E(vP`O_y3d>6{>#aAF}
zI^e^=Gaz*ey58kVSy<wCL1bUa2qO7q*H>&6+e}l7w%<|b?Dv#5P%i45m?hFxhcLY&
z!`~J{Z3>=%s4c1BpS85yb0zQ$HL{joXc(Ts#GV9X(BHJdlwAuQ{q=USbGQ@U0=+C!
z$=54dekiw1hA|X&Cf)+%5|wl%{UerL>1B>EHKPam-2zp#*|8b%i=-AiutA8Hf{*UA
z!qt0Qkqx~R5$vh>iXVE{7kC&y;qV~ovko`G&77u?>wSU9L%zj-Eu^gx$evas%HHyP
zq1U=2EE$<aS@^g!O<H<~&<_y60s#*|bOSFLUX5qkg^00eHhb}ox=VNE<&G5NyznVz
z&)!>QF13FGc1A&_nbjTYBhdwIobVpFnm@mOsd(_C;4jGler$bJxuCMjXS&aR(v6%J
zk-e*qAX^`mnE+(S=Bcj93(e;r#pLnt>bB3kSS1MGmc+e201F|!va^<{HZyFh9}m;%
z@sPCGeOQQ>ks}Tk;?r)Ns|XDdNe)`A8jY<Q1$Xx%dBu83Kt1ns=L3<#t=>z%rwKFV
zK8L%k@{It^-hA&|(5=$WiI7g_VENZ&d=0g;-Z(^rVPZND3waDz4D?kWWKLzIMq#u|
z$V`i*--M9&<5h{zs61~K$5`f1@?Cw(6k)_I@8q`-^i_qneULqM(v62QBk$II((AQu
znU1IoJl;|bvD@NuvJoO)8T8kpjkDuT=QV^in#q?TR(b8s;9ZsUp56v&vnv*MhN20M
zL7J|ynig;6hb^MR2Q<=vwyDI~v!~58sy(B;eyQy9gO70m9E|#^3%OUC@CKfwq~*y^
z7TdjOH2<wZ-DcBMH<xt<e}Ym`)hYeyXPtf8>10mVt{T%P8+8(V<b6H#dP|xmOiE7J
zXA#SPsh{AB<<sgp3ZmJ~`nf`0L!b#Q76B9X6ibR|vLRwu5fVj|p*tUmbbbHk>rkG9
z#x?t5*tWn}IPq9$Ph;6QXf4t{$y+k;v7~$tcLxWt#1vg@<RL@_RLOwt>Wicaaf1lI
zc_VdTB$Z+<066JGE>+&7%hrhBW+b?+<6!l?Pf>OFt>s)+2K~-QK#plBzjRu)<iM1s
zNFav1^;n1cdakU|pSEN}{#xhB2D<Sia~{7#Zm98=Edln(-a~M@US@F<0<nE`0}x#m
z)A^Y-vdVR{utUH<vVdGcvsZZP5i0>zn}LZ?uFD{^`f&f58wzU(m_&bgqF&N}b57DY
z(7KhEA%cuegdlJh$<B&5>#|;RHQ%@x);bBfRXIe=4|7I0-afn*ao4uA&HcU3?#gE_
z;lSn>vnDPKA^A?mM2=DE$3Znm?Ebw-hHF;fd3#C#p10QYxotUY{7f2lfW!Kj=!EjI
z+!xkkM0^1$G3<n>7<AL9n=SwaXSh#2)fu(~3dc+>#A}JT3tP%()9Vkx-8uo8+;rS+
z0&DMW`?ULZa04LyI)OxSzVn&K*IU4u)q3WQIg*fz`0Ga2)_t}Vkd$-P0_mBg-;)dp
zx*XjX8*QAcuBEJz3GfPC7-B7M7p3|Hv9A!`PUQp=d$0X7Y?TFChGDlG1eSVmgG+vE
zX8!7sykd*M#YPb1Y~^ftjLXs1iPzW?Q0%w{xBoNFzl%+|VH2tVc2xl4*7z<CD{L-4
zHD*|nuv*+#6*Aro*-Pk4Akj?NYO#5C?w-cO$n+Jm$iC1$MS&G>1eII6hu{StZ)Wx5
zExlf>+{%lCJb)2!uw4vUS=$~ylinIQ-pa;GFzB51ChDmUrQPoRuczm_cH>tmQmK~S
z@(g<k$GUIG9vsHe*Kwko6pu+L4!9_u`ygk|^;l8B!@{MkIS?`?>6Cm9hU7@eN2BVV
zVox&Y?N>&!#|lY4Xg~u!%BA=jI=y{D{hMspCq#}<ckI+Dqvksrov<@!H|d>4GfTkP
zUU({_oaT1&X<$FINz>6_?!v^JpFtw-%g@%k)<z()Ye+<a_Bv{nO9-NGb#HXv_3umx
z0bdW#WormJ`?JTMAqk^YVm@{w-{E}h81!?qo>@`80FCN_JiT0<IF%nARPd>R?0kGn
zS2=$Mxo=p@y40K`;i<wa(0;n$?jB{|zIxh9kJ$yRv%BcGy3|3X)b-Zb5uwLvD$Zt_
zrvuAf3T2dWg4~5~Lvq{I!DUq^T5Q$VhYE=Tyl+WnxgD)^cRQmcQbsb-=s~JwA#ec?
zc3hQCv9&6B#P-@6<;uZqUx&-x{cxQ7@zurHx3<1dl~1G8whvfOK7md#kM9*HZ#FR+
z4#2(Q^x4c4Xx~VTeS38+yb7xEm){H@bfB*t$Nmtq9rqRMLg%mKkZ^V6jwT-96N|Sm
zW9!AgN8Uxnz7EcIu`zGe<XZUSg1K`xP|Se`@&pZd-K*PG*wN*GX#C1?Bsjd_2H24%
znoG%k8CutMD5&Fr_icTQg?Sj#%#UzuvhGV`4|ZPiqXTG<eV9eIzC26tJE}asbTPeI
z5Q*O>oGf7<L^i|Qs(^e2;KnHl_?gG+3_ak5JyN7WTcV&xr$CWXrF}F-^mvd}o0?ES
zh|+);YpA~e!>Y^}g)vrDze;D1eO~%l0S)KRT8+Z*#O~Y5`Bk@rKLyW)=+1wR6~3dd
zJR1Z*J0Yf6gFhR4JaO~%q~FfM#7TsoF7d3k#D||r^6S%~i{QoYGA;j-3$q}A?kU+{
z_>6y8_`dXBoT#jDDfE3m_X^MBH3J}vcj?o>kEXX@R*Rj<hxSbr&b>>v%cq2its3m^
za@gsX)4SSjfBx9%E%}|5F&Pg&_v9<_D7bJdfH32epP%v|gzPvi(Jppioc<z>p-;!a
zm?Dxaj$YV{KF~^$s5y^4c`V*<IOWD2@ZH%BfxDu~av+?C#<->)!cOql;tDkvx=9>X
zPI_-OF?KNmvZP>pAO_8j=+qt>e<K_~mRL%*-f1*5{I?cT`ho_2!7mytt@i(VaxCNz
z_vm$fVAQLTqAXwsV58RBgsS2=O`@E@<A)GsD2WqH0%ZTZ@HiyfS;O9#43uI!!$>l*
zFpeSeKhmI<VK$KFS5F9B%PhK2{UAf?8A3_Tnr-VVpnJ+rY}Eagt`Vx4t*SCk(4`zM
z>3hR6S94X3h*c?2b>iayYqHnft|dWG-!ovtaLJ_`0PJ`iD6XeD-K&?OUx7+9zo{Pj
zV*=HZvDdyOkM;WSanDgIJwqW7`w_b6`xC9aGndPNu`^;+=PXco9Y~LZjc+@)H@Y<p
zQR-jUK5aiJfE6Jo0nFDgI7z2PDXFWsc|B{G(7w-)d5*=p$M<hWdT0w7sSu-|$?Ac}
z!yIl8w%}6!7zaj)1qTB+h>0D=zfj->OgUY{u)!}P>=3n0R0i-rq`(*bCr<#V()W|)
zF5=JL^3Vwa=4hv}YcydrCo008NH8laqYykl0@58uXxbAY(KO&r@*rZ+%CZ!CLp0C#
zDB&VICy&qhLiGb|)p#J-4XDCUb;|^?P|Qu&ZJ#EZtp}>@;#xMPci9{TCK7&+@fn3M
zwHSUv^xPgHU*ExP5QSe>L(b!O#39#9lDq9Byx|uIeSJ3<dh3Vr<MAkvbdwx&Tl?jV
z>^)*VQSs?@Iwkgb(dzUQW(75;kWdX%+SwaGDfdiL5B4(~$hu_hnsxGvh^K6~hXL<}
z#G|O%Rp2kDfbbSdC7$E%&RArBXL0u!u`DIKD^`sSE><#gplY>#_vqVGhu}*WLcn#3
zxmV%@G&t5Ak6Uek>(_!8w;oaolbJwx@+-^us5cDN+aK2Dy*==yu-BggQF^T26fJ#q
z^|kaGUbJtx`~F<6kqE+3Zh04#Lj{>iNN_cd%k0u<%7rH;**t^5*BolMcc;P_ACxoL
zE<LJFF*zFHr2X!8<#ZP2i3-tzmrUqgh4E(HgQ5!fgao^Jeux+C=?I<#`1v=S-^+eN
zHjrRzW%9Prw*ug&v69nF;B_~K;mVE(kYafZ!#idqZi{1|^%l-Y==e_<HLQ{}Rp<RS
z^Y+32BBlrF*k6D30-Wd-|G4{!RazQgMsCMK`CV~+&%a!KLQHxP*B)YnKgF`nW5R;E
z4GT)y@GA*wpAH6JRmp^lTEu630D~V?IHSsV?L@_CPA)Za$N!Py&-wH4t$vd~>E|sh
zkO>KqYs2<cdm~hZmpS0%mVnRWrml0rK6?dW@9%r0F0hLZxCBJ_AqN#*%D5N%ZM}oV
z@fle?R1|pYL8ldJ1k-z>OJmsIQlm|GL$mq+uxQ^+n^q-4rOLzVc~Zt!l0yOA^_W;2
z-`7Fi4gm#k9{P2nB*<e#ctwQ=eVPjYa5Wb<hF<Q~IM;|xmuM3;K)m!=Fc%YfU4L&E
zbi7QQVB(7+u%~2ife$=qJ+IG?E&|nVovzhJNTh`j-tm3oZ&X+PJVuUJD+6Y3OfiJF
zy>VkA483r<uoKg;(|9onaZ%*>?d}SRuR$@*q;i9!To2Zg-ladmVv$C9+#rI9pYE;U
z!nRQW!Okp5;dm(EtXm`EG`bq>z<0`yX0%#0e-%xy5I-BjGl9(w_qpl^0Qovc{S$25
zMc~oCjigeQpCndKUX91V@UX+F1lprtkXmeYPGH%+0zAB)q<jVqK`*``6(L-Kpy)lq
zkUwJT4-~m)F+osb?NYC>J+2|O2v8K#RPEl?$%v}RU&?3-CGA)Hu#x4YcC<ul0v7?Q
zY1fsZm@iY3#Q>_Q_hBl^8uI(kj1C}6WUM(u7?y|-NNvlH;|-F33-Ws@`0$?paWx3F
zXYU3xub!yj(j&Nlq7fcPVz+?&e^&wcpAqncFFXRKWQXt&;f+ibdRIbN=XD@!=_@TH
ziwt;(egX9NR@q#3&StJN!uftm66SlnU*!h+lnDGqnW-|(NJzR48;{NTv22QNe-G_*
zlrK*noyNzAwTCdsJUJB=Wti_T*vmTthPb_ttqCOd&N{0H{O~eR*F1ex{o<%K2D(WY
zrsbk0CK+ON1kqK`tf|uv?~p*gj9cM23w1S?B-#s9=MRb)+7wg5vN%aef#5Aj@i7IH
zu+Xkj0g&zW(s!;b#@TW`j^~JN`Upk};^#ore)t*Ocd>(RKy%3twiWqgwNJLrO5VT{
z<dG=S$U6Ve=Zk<iNzhTI2$6w}w0qmkHOvr)r`{a|7UK#zjaZTylTv?d7UTs=w_zX1
z>7VO9t{C8(fKfYJP^Krc$x(0>n`HpWVEOYMLA3B4Gy`u{Pai#!h=-QXxh*q#4D|Y#
zcsu{%`QfdqVX!|lm-5*jmEG{rXK-idTVPdxv43{qG)lJgZ-*cf8aRB{q`0m|9wRIW
zkd_m;!$upV{kDJL-iTD8r5Y^=Eg)AR;fS9>uOE_p@SM&N8w#DM@T`6bsEy-hK%FCn
z9JepO$-Fswr1u$GhB%zC*SvMg?hknXs6()EF2Hildyu07Ts?ZE$V8vby~#sHAc58R
zshe)CMtN?!hUb412Y69fiAASsE+fwlCEeQ|>-ao^YeQT|)-s165A%OE<k5?h%|Nh2
z5)wz%7F?*RXRLME&zVs{v6CU2`b(`?l1HZSf3nak2CbvW-Av<xA<W{BuQ}Qb7Cn!p
z3?de>MXyeJ8K5tPG5@1P>%k!7qk|3}nh}hzePF#G83=_qKG3(_(--7fwW22epHMK+
zP%VRF2@{@pJSBw2@r!qebMPgaI|=FDd7TS+$%#GvPv;S_(D@zia}9qc^#;iB(Sz^w
zC-~vC{iod|oNl~AS0DV*k|t3M{bCkY<s1B@{gH1)*da>xM|XsiyFn|X%N^MPCxbkD
z0jA_lqBGnV`&a(2GGvrOpkzB51VqQpl!&2@*+V1$mjgA`d4{;2y#IBGfqFv^8qxjD
z%j)=<ha5DGQGfrnI>i2eN(&#mgKWxe0k8fvE5a8hWtEkUXu&&WM`wcH0;&Cfb%&7?
zUjD|MA_%S!5FcrqInC`Fl1&pd?XFtS=xnK4*pmgk%6}D2I0J@c|3^y$VBN#z#_yKB
zcZa@3jpxFQS1M%z;>r6fF7}tuJk;>r9VXB=G@@;&V0FC<_!4Kl`CByBYOc5B`Yrx5
zynSSNW1pE2gI`z><t#Y!L$ya8J5|kWhj?S!EA`I?@>jtBnSwCGgorwb2P=!J;7iE%
zGd^VZKNoVN7{&GXQ(y#V&mf!1aXPDNFh)|Fn#s!MTp;@(MSjy~=>3Mg{OzNab}Y(g
z$R78<Z8EtH)c$BYG|=N_Vf9J)=er*wyW81Zcicbn-h@(frHwf^3NQAnrDtU^{v*J1
z$Z3KpUi4=S>oFL$Pm(;&$y%LV@O|^9;ExU<@=iXBsL$&Q1%Dvr?G&)RZaS#ZbDgMY
zy2*I~ArJmDFSE#Lb<16f_|N+ViG)cPIhOUALOezaiqG5qv!g|LfSUg!m_ewycO-yE
zdiRh(#y_LFg^UUd|0`0J2QI$b&et&Jupj!f^N9uzG-of@bjZd|p8RLB=a9*Mc1A@A
zCR-f`Ci^XG-<1kDL+Tu7WxjhE%*LMe`bWN}q+lP!_^xsjhT%aE-J7HQB=PhkqA9~M
zu3QGKKF&J+GbB0KSvU$U5&2YCBb_hPGnQatr@k>ythv~T)p&H;{gnsYKVaVya5nR;
zhfn7O#RD_)S8>#zYzSw|Acqqw09g6EW;_yM{~T6{M+g*zlOMyk{JPi_)`G2XLmOAJ
zC$m!1aZBv!U#){5W#WOndyGtsPah3GRSZMl2DYvYPJO+;KfV0vntcKh%71Som4*ci
z=gG*u01xf0vtR#a3m~uMgO>L)a<jltg=r1KgW2vdYEJC+_Rv<edWn<?`Xg%~GJ?TP
z;L2?rJ<_8^c6-BjcDhWb>_#|fvHls?9AZHyl%@l}BWMddAE>Zo2CI`M(J8xI_0o_2
znQR&`wAP+;v-cdi5<J3a;Z%D0ZP4WnoJwskF8}v(40N^_tP9)0*jUi2y4$d0d^gT_
z)q-VYF(Gz`;>u;QPNi4>Or6qc#OUrgOA2PPu-;iX%Nr@bONhf(=vni#3VXR`g^l>X
za#BZne*uJhOn3&IaLA@X`m62^GaS*ys!5BJUa4)>On-J%q`BVTyOjg{?Tu(gZSas+
zHdW9j#suS|8mvafQfAwuqxM*Qi~+C!jv4AOJbpp<!{k-UioxuBbF9Pq``hEQ_?N%_
zGg@Zks!SJ`AOn_*m@tf%>PZ@A>~nTL;q8alVquRd!z=yA42VFEsG<_=%|E)O2`ka;
zTjtB_U@sO8WFfkK{2A`TelXwm*dd0;li-0#2!x!Jzi*IytIli5^)mZsZXQDIun(rJ
zp11xq?S*O7;>b2Ud&(}-)Q%bVPmeIe?NlH;a!;B++M?$UEwQkxT5f}7V?D1&_Rs4F
zU?aMw6{vUa_*pV1=v!|P^F=QY?LWi)`vo?zP_6yOrI5t|YE4QBEir4^tUJywG!66h
z|9Olkm=YJvb#pIu{|RV1o&@V?TK<Uy9FP|iP7D3;O05l6?D=O07(}*vGecVBr;v-|
zEVy-Yt)1ADov&E_-rMiamgk$JA+7(v(Mbe?Y&(n<jiGl~9$*w^um)!0)IK3lm84Vz
zqcE8u3-!+k$B?a-%=own5;3$t6xy@%8sa+Zg=r%xs}ME$h<7j@g&EW$f8kz$(JF5L
zIZX}XD_9=eFFw_)nHTC6-*4VKZD+O4t8v>M0~3YD#-|ic#(9;rFGMNqE-Z(+W!>^g
zoHtVMrVN8;LR~$<TdEMTzYXy<tAAfEzl8@u7=38?ecC?a8tI~N_WRHE%7ydB^um7{
z_A~3bjxx{i9`#<3<gRBU1PSb1{XXWQbp-I5qxYhT*oCl6p8tUNyJL9ZVb(msx>HYg
zsv<!99><^Wa<9INxwdwfx9#Xh9{Xr?>fV5#>${q3HcppA{(e2>EB75<b+OBSM-ObU
zu_gFlFkidgueMMgi*wXFbXR)%RZ>}#<MEFc7$`|c+633*aP3|X{jfZe0rF8b=$5vc
zOA|cDLJ<>YAM{YQ@~_Ez(AOjPR|W-Y)xRs%TCJhYtE=O#iSthDBPUZOm&Vi9DtPE?
z2BZG_tT*sk54A4bb{9s0usrD%SVY+Q2)4dxRq%ui-+IjOS6bV}?mIhO6QfXt)<Y0l
zCaLtOd3Izc9KJRuX*?(VN&fGvh4rZPTy^xe8DKmpocBp5IBCX}(W#hmgx{sEg<xx2
zo;sdR=qDBXRZ?gt(+sU}a;*E_2hGN@oO|rMiT7f9u7%vlz03HYfH6S87~)zWCOuF0
zJx7#r3hT*K|5)Cl^CXQ@@=pKFmLUnd(Bq|oT|`|dQ{DA$8r;L`HY^}>e{$x(m)<~4
z&;0G2mJmOP-gx@UowIf{oQwad+6(RK-|-*o=4g;P4?=l%1Zk5ih1Zy4q_84AAC0sL
zd%dM?Yj3~#hYeq(mGbeoK4+mM4IWM)Z|mjgUvv=2|4-K_mz6!%c7A7^jE!!7xbZQ6
zdWQJ<sCij*TfX^R;PK2>t76v7s*e6JKQJ!fH&;_o_@6-IgwJqm@eI0Z=l30=I!ktT
z2%ZZHGL>%*mv%V>9M2>v6(uS8>sOYcB{kRdV`QlRP8(%AYrAKM<d*>o%~J`@J3GAi
zE;>W|qGu458}CCk@9p%(4NxY4sI+Ap&reQ}{&+(2pQr>-tjo^M#x@#iXQYOfHgoph
z@81yE-<_xu8r-VdyZ*cJk{c0-quK#;r@^61j{md-hpn|9>$MP%SEc`bffUX1@2rl*
zTJMxwGQG$QhPXQ$gqTEWpG?)@<9&}u(x|62^xq7o;cx#^NzD%+3i{N!atpqs<-!Y#
zmW^AxzuYh}Fb)qTD3zfy^Ktd%#RQyU+S@UuCnB|DZ+|AxIFCMgVY&b}<u^4RN-`{!
z(hJ+m%ZrA>vf4*Jt>QMmW+@G04j+pb9(K|5Wa<$b_M$7jr_PJa-i^3@mjpjkXzX)Y
zP#kxT`Q4GX*)4AwT0d~-+@PWP<nZZ!%II(Er(t(rqHs_bQIO6cRqk6ybHX?O?=B5n
zvw`9`FoD^>;<nJC!UK=pY4FgoL`2ISHBl18Tn}E2;mZ1a8?JAYt*e8zKB)px5$ON+
zSITx46ya^U5MpU4_Q4p2++?c9v6C&%hL{n_KqWs<60G)9*DjxMmkImlrNLB6w8rNF
zIQ%P}>gaL164*GnwhK0KKJ0wjo(tej`D<vk8=`KfNDxTGIiuUTj-Eb2!C^x0V1;1@
zryquD08+)_&yN2DYPl$<K2HgL${BogVe#;VBhoC>AY+KdyW=OJq1%7`VtAwz%@T74
zun*cSbqW4|JHG5unW-$^(eNSW)X~u`ECv=7S9f8T8FB5b4Nj5Jf8XF<&4d3X@Dlhb
zu-dvL{=Xg5dhj5k2)mZ940dNQPO?RJzoQsCxxNkdi+S~vBq4myaO3_x(L^Xikj{Ou
zG7-a8_%UjhEMcI44(+WR;&~r+pXX^I1YQ0S_6PKN&T=GA53*aQ%^%YpeQ1y`#%{xt
z_kC}AU!P7z0`l)6v{<*%r+WoSfGe>4Ub_rsGJAY3*oh|JKtF1EMQ|4ak_CX}@|Ncs
zpfv?ol|F#Qvx8hn|I01nMb8RF*M;2yNJfkS2I_|_Sh&tEx@l7<NF<UVOW3kgn!$&o
zm4~J!NvP_%{3J}!E@c6{&liBww-zAofDk4BOhw!M6d#8~;4^IC$p7_d#E?YGv~WDm
z%$)wN9UaD4o<sWZHe@Vd?Xv=b`}Zj}x1ER`tc02a7UR%0_{oGAZzzTHat+SR8U!EC
zM`;>o-Dd%ih5CCatx|_%PmEvbCNnJ%aj3tl6Bbw1W9$PZqqyv~?53J^HjCB=UvEIB
zwdgh!TD&x2JMdfW@BqOleu-89pR;IF%b3O{#5S!hD!<@*xI#?qSM=pQkz^h8Z!LKj
zPC|4M`V@0eYYYd&W!LTRi<#{}(!mLw=v+s<R!AK)B+sS}A|TNv{!6f0&Z83@Cj7xY
ze9jvZMOp7dYR-4?>z_MA%p$eb8M?*h{QZpn;r>=q%6TplI?D9jut6s2=dLsSV;4su
z;^B+<9|<Q^8MJcVQ+(=LYXV#~X{*rT@8!sRXS&M(RqVR@*8AgP8#sOGpvqy=t0HlG
z)%*|Bu>}Bkk&kgJzj!~X87i=SA_Dq{$8Pe`mj+fX4mT}6oU@@zgK~XIxCo;Q1I`D;
z>FNO47=o|gD(KpbEN8|b#Lpk?KF{+lMr-Hq)c{C@<QIgx3jj@(aTb*7M*)<}ee^DU
zj4nkN2zb6ja7N)I6p;A_$puf%T_X?Ik`4tJjg@I!x}%+jhDM1;ftpz!|9KxI%~(P>
zrldKuX{DblQ{u|3P~R7gSDIH*>q#b4*MfY6v(UqbVx+7WOsr4K;stf8bUK=w0j257
ziLNT~vu1P&%boMD!FxKsgtiI!d4J6@!&+&E+GrO|SeWvy$C;lM$s;N~*lrY3sOpT3
zT28&P&-kzee7z**n9hN(=RV(Uj1Osq6#W!+krS;C-4OmAALG>zHV`c%X-fLG9%5ff
zV|EBi8aEQLH?m<?wZEB*aCbyv7ZI(J14koK>y|jS*$2F(oT)~^&BD8cRJ{6Q;==I-
z7V$z$@9Yl-`#weeVzB#2d!1wHy>o5_Bq=al*Z}ZS$;;Wy`(yxLXp!Ctmm0Wx!%WuP
zHQ@(R7<XuI0TQ8^j_NUfOTtcFG;?M|RPnmPB=8F%t4}(-2-ym|!-W}#z`HD1G2-Fc
ztTpOMsmZ0+<ORCcUDNep=E_$-2I(#uz3<;=Q$x+^!cvJ2C|uS%RMo?(A4~)0ymy`X
z?aC-3qC0qmDgpG{#56trW;g8Z=V2k(<>B9bJNeXlAnCSG2Z9ADIozr`bkX&t6&va@
z$eS%`o%xAS{7Y|W1Jmi^8qdXnP8r{hvNc+<$u4Vc&&=j80d7#@u!>eWp8SxOk8gt}
zh+eF3C?&JCj14kQat$LCWbK*-cc_T3h5r<$7bph5_D3yXo4aoUcrmlG8OTv9mi~Ey
zA~1z{-u(pLlLX6J9HP}gmm9dkPFGx{QjEG*i%jVaCz@$NT^OkJPojNg+z-~2tW=Kb
z=E@K-s*%c16PnrQg@3n>G-hlN)*Hs2y}TZ3pAeUJfTKRU14%<2g)a<UtD|V%2tr1l
zeM_G=t{Vg!__<QU9r~>N48;<*>BW*NI3IR$;r#sCJ|#WBc6XL^E^1eQe)ar7|2K=)
zXl)s}dCns#Wi>@p##|ViaA_ixsBfGppcY5!cGmY43k6EwSQq^GiP^1%kys*Je`?Vs
zeYZW7J@)LBq8a{@I!5HUiO5=b(r?3xIoWF;(p(g`foWt+hi#AC_U$GQT~~2&a}{{|
zKk{ia^Yv{-oAMJ#FeEdt`y5zP$r*Z9D?u!r;`AeC<S0~PLcPIBT?t1D7r(s|{FxLx
z=qhGH;K7RK%~<368nz~7K8fbFnVa_Avq+`uEFK(^fSX;*Dm&sT<d<PP%~eo-8jykz
z?%(N9BG3af!BpB^iCi<OWh1)R3JPzgkA?3X(D!6rKxV&d(P}cTSN6#rr~7`sXO;lz
zk*m(GEST}ZdZx7d+7(4Y9o5Zz*Nv->jp*0_BrJFDVe_x7&Vp?j^$7W0l{5=3I<`S0
z3&rVIrWT(dS?kVssi1Dx0c4ewO$aQueD#y0a7?4K8lH&Ql%BRSt?zJXWjp-&-g1C2
zy*Qs*7?=p9AI~>&#e^1=z<7&aI!X-fY>0TiO^Ii{+=NH&wkmyhJ=|;}1-o`{sY<AX
zi5MrGmz^PEWHE4GLzQ#{67BEo)ermxJ|e}oP!_S<ESk?%#nVkUuV<D1bYdYauXOnN
zd*HcpNypI3528P`>0LfS*4m(>1tiIAZt9;-{S-BsU_d-Lc?PFhCIDY;k9PM_c-}el
ziVVG#2vqD-$~ed}ttwt?K4&FL8f+xDA9JwQ9rOj$Lm%J|0;Ut)NaR7U7%f8}(c^FD
zcS+f%81Ic8wjs{v1pdSEZ`0qM>`}ze(xG;$>rYL_8V&`kw5a?@9hvPg9%6>YrNx!b
ziI`qqPuVpZKE?aKLPK`9-FTS-tRR48vNW^*Q2@Z`^y0Hd4l!j$7l&T2-im(hQ_Pb;
z7sEWzAhH%Y{&=XB=SPtABk7>^O<)hCA4xQ;Fth#iR*zA)!8yLIc^mV#z<JG~cYAbf
z%%;2n#bjENd-c{q#)(?~WqI5c5t+n+b;Ku21cxM+oPe%J?m<*p?H<Vm3GGiaq>+n-
zujW_d6-A5gtahdiZ_3*ySo3P=+dwHz`Q~P)g0Q~UO4~X@i3^wuc9Z_^?T4)-o%UGE
zhF``S6YKyJ-5hP#M)K!)7rACP!rXVB6?O_bzx%EU5ighE>Z_g)pxbS$=LtK5N(C##
z@qBmIk@N2fb_8|M?rqt#Nmqi2vM!)h2$l;d6LQi<an#voX@{ANS7mi~?`Sb@LwSM0
zyh-3gH$Q_HPykwwrBWzM@Hk}q<?IyWd-d7wcvr%F*R{B@;t(jhY_~%wo=y{Fd`&d+
zwVlh7)0hd<uB;uOsNB%`!Z|}_bEv;%%=A)Gn$2ne&ik&X>zx<qa5>7<>B1CiRl-P=
zal`Xdb=Ig&SugMCL{)w)UF4rSL}+<SRXo#g-z?m%XLAk9>l5No-kXxeQ78P(awj{N
zLX)jSdT+i`HAZHFY)`Y%{|<MlW9^d#+1r@1dXcQI9^rGr8O{al*&9X5s66KkgP|>l
z+%l!OOFiF{_6PFW=M1DuGxrG>ZCpRsl}())NHJ((Bf8_VJ8IVdQSR=C-R9G&#0D2M
z1}p-6IxJwMxe$kC*;)bw<A68wGjf^yO!YFcMk6jGO$>`eV6S{>Ub=h$Rn*zzZtedf
zkt2UL`})Js1;=b`dvdW)^t1iV^iU%$taZ%Ad?&VxmqCjX!$TRcIs&KXx)Fz;-Zna&
zHHZTET8(D3*qo@qw(g-DC%N%6o^C^;S~S%A<ZYh@H)1jtQNwylf8Rm+4!Wz%tm*~H
ztUBt9D}hR@Xe^vJc^SI;s$$F95~Br<{z-$^JQSrp<JTUKY39D3+||$jzOS&~;>9cX
z$=GX%=!^m3vyY=;fg!|Uq3_nLWekfcXB;ncru9Gkja2ClOKVpD@)Vu4bx+(X-X?zg
zJs(8b2jln(znxAcY%-Nhe0Aka5aC?p1O1yO73s>BjuSW4iiF<Hh-U2HFa4mU9=;uQ
z>+w2`TH`QaF*>fbdOo@wJT&@ht!AVCAo|tZ24VU;X*Sg^ui(lm3n(tKxKPMGx4Ie?
za6VKeA1bBYi=OvmwsPEESR{=7v8K*7O@|xPCn%Ws&T+yBH$w58-MTPc+=7tKrwBTZ
z75@Dhe}U~&9@&s_abK-Xj|BaUX53ZT!YRz@KDL}JshXryL(oMdNzFQ3gi6yE$3d!~
zRU@GyZ34}*zU@0`#?-;2KwQP=FHYeq1hMd&FWVnB)`m6*-i~(l=|HM3e0-E6@8~JR
z^8N{h%#_t$N%yc%fZk#RpTB*=s>#P@`=JWfjJkWaM*aECp*}ZvB<Fw3YD+rW1tbpv
zds>%^z~fXOyb=aB|6Ff{HKHM&a%Jk|QPn&tv7vroLAb&&px;^~tL%1dtT6_%JG2MR
z&um#me<N}$6XGXdv(j-XWhIsXXlC~&pZ~AeQ?+Y`kG6WYZg_X_)UJYYzME#e2@E);
z@}+&vh!LD1^oT90h;@mLzg|3%J=;#UJLvE?`wt-RQe6CL^Y$y{o`{P07mHGEep|ob
zt;=5%v#aMn+K6X0cif>i=3>4KRUP@*ehS$?sv`#A7smcfwj<gJDxqU;>Fy52eT-Gm
z)2z*OLz{ywFFzx`N7;^z;=5<7LTOygZLg`<e$Mr_bc5TabY?2Lko2Nuy4TIz`mAaS
zn{7jM?4JqJV$X5JJy32#sR^tL#_5ikRm_lX*g7#g6_2nv?EbQ^;(tvJ$~^<u0Mm!5
zZLq80#pdq-Aug?q*>hdy)E$8m1+n&o1r>Sj7tsO?S)^ATza*rZt!;kI>sm>DuGmLM
zHc{mY)c>EDX%r`I_Cusf9E|jDw%Ot6mVRwaX#T3T`^tL2(Q(4|+E8s~i1oSan_R3@
zY}dDJ@UEqv)mMEufECcvn!d9(Q+9rU?C|HCCq+5o?6EFdPNgl|PKoSuQsb{YLOIF9
zb*@DJXj>_f<Z2}7NSM~!xQYL4$R#7qkFI?BbI1IubUXqN-AQsGPd|)r^DDv6yo9;i
zrnUyo?PPn@$gcdy=mrXT8g^Fw?l2|sK(57t<XiG|;~ArT_R{rWdVM8}TDU_SzwMiY
z%|?gYv%wch^*XyNX?njBiYN^2u;!IJv(m}D7dWFj;;nppfVT=1heD_CD{+3PnbMx%
zT1;E<46)5c%?8m<8}AO0HBMRouu@&>c;E273cskU`F)Nd5=%>O7St%9;)Lt#Nbf#s
zCNdw!UxbG@(F3&)g=%Nv$WI!iv%1b!uUt)W%3S{@+1Jc{Kh~gZg>OzdB!-U0ID55~
zoLgBckRLQ1rncjF_Wr%fh^h!Tpkbco+xRg1#w9z8yM>mlkcsRHWYKQg-Ku=<)2Yz-
z&Sx~`T&rEbzF#pO>kn`COI=?M<qmn1&X`assez@MGk0;pQ`idii~GWuSNsq0WDEUu
zUovwk{?9pi<#RkMDY^KWw=fglm0zE|On-q!Nt{$on)uyK?l<9Ew{~Y!KW6{9K~c28
zEBT`ZE(uOr3yjo3b8m!yq18#%Y;yW+$r3O3#qG1KD5XSZU@AF=gpftBGn1t^_btAV
znk+hxYeJ<gHuJ-9g?b5hvuP%pfoV`x8Wp4dgvV8<^M1kvjZh<j^Sj4w3Vro^+f!Wo
z*r|!vM9hE$(CW3La%47rP=lQ;ZO;msBvS)h2s5zP`^;57U+hoczE2(j)ceu<m)kUQ
z{AdQw3$erPNV4;r;Pj8oCrc!OV}uwJO9PpfOV*zWB-0uzsLhUK^XfO4M27TlJ%q`@
zh|TkgE+9Z9;B0Rx&RjOV_!#AKCY9n;F@T~&ID`iAJO&Bcd2`6bIx>?7IV~|xX$>zB
zcVrr~wj+kC*;N7B{s|2yu~iXN!l-xN6ZSUp*|^fr<)*9cW>b(=2$%9w9|eC-tIoJ7
z?L?oB?c7PixuTzN&5&Cx{Mf{{x0*8hz)ErLF*EKRQdY10p{rN?gLTpkJnm5&#a|{M
zIrky7%xSh{>;V*Jv?|Ws`~U{);HMXDEaKDt(a(OA@Ao3R9Z`U2EB(2Wd*r2Eo0B`d
z#9y6<A2tV7?K%InXZ)BVZrkE`(DmLl(0nx}JT%auRo$XlE7t7yD&3UIP^J8uX~SC8
zqvip)Vh=e=QUx_pTz~m7>0mwM-SnIJ;%{qX%w9fDw|(aZi82si=Lkich#8ey-S4%R
zSI!!SUfg>g%{HZM@@7kC$M?Wm@Jg>}ayDES@AYu>pY(Wu9&WrE6?gxK1ZZ5h5a~M$
zCJJu%ViJ@s&3M_<$9_V+x#V@leWGouwaCpNEa1$FRsyH$0QUsXs!SbHMSXd*6v1X1
zg$pRYnNwAL6|U1{z^|HkGTY(3GfTR0rd2%9#p>Mn@kE^bgjILu+;S;+V%T!|LhgJ7
ztJzecJSer-G*ovqtvm^MlyG+VT?!NG#!bkOdQn_XD-pN@R9|D`IzEN#UC!7(DMENF
z@_fup>GLG#x3sUNQE!`G_NQ$Ko-4Vw`R+5H|5P5g>wqdlX=30V0%sY*br#~eS3$bf
zX;i%--oUq^-SvBy8(V)JG5F>^uqbA?ACH>nz-BD#{+Z?KIMW@~9l9o7jsDg^Z<|Di
zpSwl1nX9vOPe!lhg$nLIsWf4xbqdj(A&X?6!|E=on<)!|RAsk8bFU1U_Gj8|rq(Q)
z%&6fRmzJKlwk@NO;KZDga8vtvb7vtD0~8Wzm~4Y9DTh8TdQP}{%WSvJcA1z9iL}oK
z3xkZ@)JMQj{MaL94wg|G+NO05E4Nku&UF-VMLOZH^BRn$gl`hv4t9zy{Z&_n;^{V>
z=Twr6C7GBHq25Cu*OB2GXfl}Ycy4W4qZmJn+<;1+Ae*?pxa#o1_s^)fQl>dM(L6Lk
znM&9T;$Yf|`YBnK4pq!u{qf&}<^=2^)M^9By{;^`3oDxA?59H9>kK=zZ1raM4C7PQ
zz!$dvn~=Ov%`ow#@?K3?%}Qmu@gY<w3fmprX%Xjo);g$Q`mQ!}kf2S3$&I=5w(^S*
zl<LmP^_$rG-DW?FBi_HATqKsTefun7Fn?CZ-z@Qj%Fsj>{bii2jR2bvpXp-H7NO`x
z1A$SN!d~UkRt8r-tdXUTXI9;X$!)2GM=nI1K4P5Dt~@jqtJCG+G;|p<rSr|!7VNe8
z)Ij~rIVf8oGIw5l0jnqGLOy}S4;tgu$5$jl;O{`-*^tO<9r^J%NSZDQx^9D5M>BkT
zcKttN>PEp8my9zT-xGR2p)TzKn&q+_=S_8G&j&d|xbn6y-KkbOhALG*Aax|QRBc>w
z_%*B~_C70X7G}Q5EH!n-;lAX%xG~^}%~_Uq`^He}8}FCzO$UngYCLgJa`Cz-BRgz2
zmQ#=X2Fin1p7uLy+Y7Ak1LkmJ4o4Q}A)(L@uD!K*UTgXt1^y(chZnvYXls|bRZpTj
zO#J44x;W3r%aU%>gl!oyjlJ_l1mT32)|^@N5wezqc7=Ce;<$v*nkG#%Brp${FLfC?
z?*7ckxXtV49E6a6Eb{%>kL(jITx^dIo|tw{7%l(xyEU32h&hzPc=mpoc5D6{2c*P~
z(PU;yQHjEX)bJ3RnR{rv4nuuS+s&8VryxStB}-29Ohb$7r$}(RtEC_to#ix6Q*2a?
zXyV$lEW4TO;-ug1ByA@gtcg=NdkJeJ8+KsE5iUh|2~FH_O`4%>ruYkWVA|gL2dB1;
z!V}<*pulV$TUFn@bLWP=p_Ff$uecmG;uh=&UbI@^(ht+}&dc>*CVZ(ss1HuJb5KM}
zA=Uz5#j?@<4i`t))4ApQxi2=66Mko|T#d{>E4_YC9V%Zin6|khoVcD%(xW^{zt*O?
zt9UC{f-PDe$yPN}47|jqqatXkHPPK0EDkB@)x64GH5iLsYs3$ABYqAGJj`G4vB<Y&
zn6QxY9rL42;hws7SC+LzwebO=6)RxOZ&Ah6anQ1vVncS;qk^T01jKdwLj1Ki?Hx8#
zxcXBOY!Ai}>0f0PJJ8klxiC2Iq<{5Fa|j@HIar`l>i1j=7ZXjte9T4BtJ@-SK;K=C
zc-jkqAl;9<@;fdSfo+!or-?aX3F%7`_mku%`A#GAqGg+oajkVz(Yk_Ks(TgA4&V#U
zXmp`wOh3>7Soz>k&br8q>kU=GTl7d3fxO1_h2BD2sN9*+mm;o?3r?0Cey+yLHf9~J
ze2KOR>Ohfay|ptuBS;d$JN@d#*}iiK3ATBnmCnx}p$BU`S56jx%tQ0I&Cl^JAh^VK
zKsr9L7c}(|rom}1%*oKAJ5ayhOe8Ts!2H&?+7f4bmm5e}@8`s-0Myc6cXwNibg|VR
zY!zylVCH8h;}D0WToQmF*Du~dp^YVzgF;3s9oK3X2HuISK3W?rsmeP=6V%&d-LFlD
z`gDLKtQvV6-Ea}+r>>B(>-`o5b=_EL*|tuTXxk`DrJtvKQ0#TW<u_H39mZ#4Y}Hp7
zGZsDxUPeg7BV7bS4wshuFQ9Dc*b_n$PAap8bMyF3PVw2+EAa!Y$Ykcm**r>2-9uB&
z8;_0p;W*uoe3*p3sqLN4VfldZqqN+8WB>_Yd@S%YPrv~99B{~}UMRY+af6+vOYP3y
z6o%n(owmI#n2K0DIOvKU{q^`a)4Yg7#WO0lB7dmTy{_=NCZ&=P3REgfM__<Uz;Vrm
zkHp;R<dt3OWT($iuexirY$(2dQO;odb<*Av>4TK7_?fiuGMVy|sgz33VL()J25~t0
zHm2H&b&WB?Y}~#ABB~3|iOFYZo|hicj|mH*pM5yoR1w^RIGGns^$tHzX~bC%5u)+m
z<Tt-Riw<Siv^dnih2EuBnrvv7#<%sc`W)F;_%~FR%;7=3HP-6%?j&F{=-}1Lof+oX
za-kSAOY7U5E*9P$=}xaUMJWA*%gE|fJu?GnG;d-t=llt?so>Ar9VR@u#|584Ll5tM
zfTeT`gzvs)e`&cv?;bGVTi%fO7LF1g4SxNca_;GKVosc><B*ic1bX#XRs9w{17M3}
zQ1Ml%X^JEGuaMo~=ZeYhC_tsR*cZKo@jSL0+5;)GQ=Sul!)$_F0R$W+jEP#=FB7&a
zf`470uHMn2dJK6m;8GxjU|bY-cnYNw3F=qB8Eg|GwTzI7gP=qpnT<eivVK`zg$Uh5
zJ$}G3W1%6=ghVO<<wY5Ex9*%erpIeS%SMHcq+Oc7xEyu?6!z6R19^FT#z6PIw)m=t
z1aFQ2tv!_P?3%bjdWct<@>l=2#9REi6`8`>j9uW{#Ou*v{*zaA(?i(#&`i|n$q96W
zKggBGF|HI&`X7K|vWc&h*P>eHMmdsK=%DZ5q!LQO1^qaRd7j~g{UPfoZeBq2D-*(O
z(z(nb%aEN1BBWjhvY;v~9_Hi~)F>w9)JR)a-{WYc4~|X6;oW{yIe0rENcHk5q{CQ1
zj~2(czEQ)Ul}VOrG-vjR$n3~_K7f53UVSB={AJ(1Q{gQ%Wro=+BQyshul3vT7n`ZU
zJEGdz{`axIq7X!R_Tjn>p_KoneSSs3KN1SSpPf3;N)uRxxu`=FP@uOP?NNkdc@QOE
ztT9Cu#MPWsd<x}*y>4yrg$RDj>K%6+RmSj$5Ek0fZAW}PlrV`$!rY~*-WfVqvNC`L
zK|^PGS*mt=_5?C9mKTJagAz@D@M+Z%=ydDDgd)ou@X`}>@KUA9^LQQ}h@2Ql2T4NM
zHJwO0F|gMal7q;+PIlUVoYxjXG5x0qztBzZ5AE_ja*@Lx+wuS}fMrTlZy9zwthV>9
zoKO#8z^Nb4Ll7sz(EuXi6acey)q_MJ1i{3HdN}IV7<f6?r+O9!88V8cjsfvM%Y#i>
zbAe4UQu1>`T{75ml-0rdD7;U|Pe7`^qV9W3O6)2)=u@JwIw;kd&cpNSF9`Z>_$1H=
zeJ4sb;C7zw{xc)v2hG<pJa%C`x%o>4P`=Y$m>cGOWVQeog-a*gnD;v5jmD9x06W02
z+to$D;0oV^`PN>6`w_G@gPwbPZAtMw4q&&QPa=0htV{TkUApT1GTo;OSRNh79`W&9
z0rI?>5>^17C-Xzm<O%d_zuK_Kt7FW2FfB9>Gk>FOfPA;yWqBmSq!4hQe0J9|YVff=
zLdYc%l=QI+@BJZO5-+D{G7Egk!?3jDbpo5ECaaqsE+T}Gks~1-w?|?Asv@#nK8Y$p
zmhe@3eHJu5{`l_%cQ3Y!FxZQf&OQ)AA8%mC(@76L9xNveHfNe(!2|Bc@m2L2VMHi3
z&^ay6P}OD%?+)Xg6DE}G=TXC?zMe5Me|9M%Y|BHWPyEaau(@b{IAcJ??g0xCecAad
zV4J^Te7}lr@W9~qwOYPmcC;~iWD|@ZK%anb3jiUpw*H^?zB``l_xro#6H*xol|3Sa
zijvG^ME1_k$Q~JGr>taTXN&BzS7xD<JrhEbO|m!lxzOjM@9+D)@4tTc?~nWb{PTG~
z^nSm_b)D;6=Q`*4d>)@@l)q>iNVk7^dkI`cJ*CPaw-@Nqh#D03>fX-<V2a_IZUV2t
zqCVGYkm9=GfJHHU`zGNDTjybHEo%1Tn8g=-ABP)3+b|e1$Sy6zH6gns6AjMZO6iBY
zKqvfIsgbrb7fUDq_SSRlMx=A+fmq-gML;3*0^ZxbD!U4ScrAF#HTqhYoq++#LLAHO
z={OC$W;plpe}#~Ee8P2m*%c2+cutq=-Dj@!*~p{Xe!DGFp05@;W5%K5cuK1Y>WjbD
z2e$c4b3dIO)R=KlF8v6d11}i%!V!stm_-GD3Ak{-VwcMpG*ULA%nDT>)L!dvZEE&1
zM#h<}<!RIj^~E!{Un>nV**361+1+D47&S;bhA^m>YzmX%(8h!v`g?I?aZ574&X;?!
z`4Q7C4Z9^L$_Kx95701t0tTF-9mpy?WN6=aL+8k9R4~o-m;r{;Aat~sm{*62`5^+D
zfw{0EcgRqAHA5**2Re+HIr1&PY4!kOcJgN568H8CXv1dE9NX951W(C0v=IZKmWfGl
z%Sw5HDxHCEVTdS+HEde_d#{<T01xaDR}aqdNopAau)330H)2m=C)z8hC?9sa$Ze<p
zMex+#5L?l}THvu5fHI^Gw9yd9{R$}q6p;1j{7Q*);YN!8eHC>~8SbdrMcI@-+vM}g
zfn&tnc~xV;>pM-%s!kfFY7p@&P1>1hs<78w&_0GzCtvG(b)N<IXch!1cN-%+kGq^Q
z$4xck##}oo0tI(|FZwW*JKT!P<uf4XHxxfP1jhw(q>o-vuOo`hfub@GUf?n4jCOp@
zAGet@?zd_1+TBBZeZju&wN}o@%$Q1FTl`gx=cQb^*7@cnqnrXkqPR~(2>w-Xx_64L
zI#~{#8C5>ana`DG8!k1!e3V)d4HCnG)mt&qTJ{BaX+4;0S6y`lJ6=!fGZrrEs2;-r
zX{?VgUo7}2RYGmQN=eP^WE0=|6prV_^Kl!E$Y)jpS|B&v_6y3C{9|s<l4q&F%dY~W
zbpDOP9Ww$Q1#99>$adnQs9MGR&2VylY1f84@fZ5X+@2+;7PzzO08~H#X@;D9Ne!R7
z?Ht$(?Kx2*wo|*PY4C91Q7zthy#xJ3iX{li^JSb-89!D{kjHn6q;f_0S{p|bPpZo#
zl7|Ze@%a37l*x7i$wJ?Z^9!p;8?h(O1)v|YjFlJ9l}w`&-(R;W?|a-otIK-OnuW%6
z1Sf$h#IRL8zd-X1@Bj}t+LuAT!V9tfWz?LGu0ChVm-o6=VrT0kcAm-CjyX}N;FYI9
z9yT3=zSg-H@v2_yJ>fAv1Y)s<DZcNoM(Em9Nueqh^P82zB4+7}SVqj_WQ7P(fMdUy
z6utp`K@}6|fn+ibZ4!g)T77P0OBSKdKe73|<HZFi$8A#@5U6)?)rQin{%m(f2`bKg
z2DnV`ZBP(xzdQ{@+wNCRY=IA*<?jR%{f5^=wZC{<>R@VZBLcsavPIu88U7iA9X!ng
zl+kf_9{pvt&a6J@4{{snMBkR4o9hT$d$+WH+T>NB`8Mc|hM3>q(raqPu^X@7Tpk$c
z0neaz^QCf$>&2s$1t0)cFgJ&kNsU|`fTL$fk0Hu@s%{|j()yV@a>B0|Z@qPyDipeS
z-*7^Aw2`%Ry1vkX5OSa7ZS#_qjq`05uIs&FnbLLPm<N(7yKMOw@J!pLKFKWGIL@^g
zwEaXKsoKm20GD#sw4UN_iIfxcaW{ts?3Ko&y`XN=Tlw0Stj_btCjIm@f<~yp@k%0{
z+OX8L2QnyX{Hvd&d+b*ZxLHxR6y=UT-6(!|TKL*EoJ6EbQktjBUn5~#f-nz-pUOv+
z86=0(Xv4#UQf9}Opz>>1WuVb;-t@!LN*;IOO`Az~=gR|5^ZBpzGLvx3u9L<*Oj}@E
zx;g%rJk{<7cmRVOIbrYQnPY^98WzC|MJhDGLhbE$sXLdFUxb%1FyWHzelyAMN`J9N
zky%IE_vCp7q4i$7@oGHK(o}fqz5ImV6|gymNUdnv83_m4@q%=w@_OEqAgP&d<Pz38
zRaX2fnc=e8i%*CfdqZtG8Q4LPp}{LUHkgoN0B|z}&C(jBAx^$uLD(Z$Osu$L>4(1c
zv>7@yIZ~R*TZYujkVETHlSt*rhh2_oUd-YpTj#R6YU2u;x>7l;g|^<jK4x^hkr9zg
zJ_*#bWCpWO;HI-aLIRG=5iM^*Z!ryU!zsLnqzIN)fth&L>N<3@g$8msG5oeXuBa&b
z69hm$BUe+Xp_<cKmCB~z&}O$WTU&&Pnnly2LaUe!r5i!#P^f}jm75fps2xrF_8JJ4
z756p!dPs+p;-(xYBUPyEyq@CGibd&^jn1+~(-I@3lItIQ?kL{dQXvg3o*cSSC35k;
z4s!&5K~idq9&7bdA=ex;u}DFd3oV&Vi{Sar6l^)UtC&;a#rZUk4EtTIPB~>>aZ9L5
z4LI~9*yljO!|_F74_Vw;2kf9*;el1{wnDA3OeTQik?0!dPISnZ>T>7b7{ogt@C{T!
z_#-lvL+mdu8%AnHR-sy`O?jrIq{PVAe7n}zdk{l~Ra;Rd*$|3s-asXsXoW0cNe$8%
zhsK$Uxirc3^-oC`g_TL75i+8wM>7@xE91gSy`#->1Den$vX;#HmLo6aVTt%pS3D6G
z%~>Tr%5h1W|9FtS9TslUVA4~au#C!W(04umdU2w79BT^YeyjBB{HO5Vmf3pXP6f5r
zM!2Zo7w7)maMnaQ#aU&5^5D8I_vn2#eLA*VH@)5%r)F$z2+=k>kk_saz8ZU~cRcqq
z(np!F%dDyO3y71F=$;B`V0cbpG0Sa{Q7tzbWbdHbRcJHR_ha3n$PVvbRA$!CNn=vS
z=<hlUpT5RUOFo_`x;+LeMn^c`hi=A_CroVQup7U-ZYK9kFxn<o#XYcP(BvkIuQ<mi
z{}!M6Z`RwGQ=*~qlO_IFvZ9P{<{NH*&8SFe{v;(dPJSU>_r^hq?h2oP7@8_WC&_Cd
zOU4l2Dn#nnvViYwrm*m)u1jW}%ZTaP>t?B#lr3M51EIlXhD`lQOL2{FmX5tRc!(N8
zQ~X!ML_Ig5?kUDl7&d|Zp1*<fl}KyiY(T!|{4%YtLxudYQ*{z0*=u)fpw^I|r$VX$
zi%e}zR`m4ogX?#=3XT;KZ*$!{lP6);#eolqBeGg`%FIu54K7`8UQxQcJn9oYInEjx
zE~#%KHAHjMnyH)k={X0&8QWRgTrqq3;aMv?kS6$H&>5g;drPB|yYb~a0`^ge;gV;>
zow7Ot`qF|X=jCW5F5f&*FgEC<nVt#4tHx~sw4pBuPBdNVl&gIaOeyeTvdk<!sY%(7
zqm^uM!cnZOmB%nfE^Bq@9vwcV<=cZNk~dnHJa9>*K;>`aRF`T}^O8}hsqv%p&=pd8
zedWpfng^uLb8;be@>rb~i&qD-*qPqd)P8)2MftVx$`(FeVmb7iZ<owrkG#+8vpkCC
zB}x-hc4kOFrKg;?lx|xBGgp1XS;6VMgCl{+;zN$8uVFM*shI>n9~;{Pgj3StAz}Ey
zP0~et=g!wymm(e5n7@1&{_<h!V$%uNrjhw&F6oW#-n@GF-_@w*fgzsRyB1wRm~K26
z&XlM4isz2#Yh1<T#z{nN$x7Sl_{Xrq61X}E+GL_kCpcaCt5Sv53KT?HXPRq$M}+U?
zvZucgd^t#v&E}~*^vn3(-FIeFg$fH|8~8d8l#~*axqRMN8z$$zI@A0hD)yGiN2$s*
zWgQNe(=%fYYUXc}oL`fLuseWogS7D-B_gC_#nABA6(g_1SuMCCHtJ&RlzMYHcLU?&
zO2AUJpEJGTd%{fkHV>m8G|{{HmO_;EnK7!@?b95!c%<VeriDoruS!Aku&Zs(@ubLm
zmYI??TZ)lU?))iE*Rrh4qD<!XARG<0nu{*+&xTKjD|R(6IcrR3rT00wrF6Rtof$BU
z8rNCi{^?}V@<DJ>Err=vyu<d|LPAK{Rz9tGXfxg@^cYwcYSYI4a>ZwBVN^3bhGkOW
z_^K9-3@2ZXmIHwZub)U+Wv>#n0CE|CNQ!~nb>glOhmjq3i4@dW8m88BCcEw%9f^#s
zX&ozUx6hTZXlBh@-Qb0pfXQ80nz{&|;17Mh1$2T`0RjV}o_LvM*Hx8|yTJuqzPYZ}
zYsK1J$dm5C>FAw_c4*{>QU}8=m(?KF=*-fOa_iSrNgExj%jdIM;vQ})xO_@vYrV3X
z7{JHv7psI>u+8yOkw1TkvOhBFzIt#%g%isLNTsv7zgy)Dh<amuu5iNF-kfH*{j2C^
z@<k|DpZAfvHspJ0jWcn`g|8{M%20`@^Ne6#OufIyWlN!y<M!Q>p<Gm2(xddWP;#{Y
z?#ct2AnARe(mg%G6sg)3{~%VN-0Cu@sxsvW(TJv0u9QuSk}7JwtIee_a0316TUx)q
zQQP$-7k%blj2u`uO2aDp$v?LC?4-z0Stcb26;_R!V-k()<;XirBt7_;_Vb+7<EbJk
zWzx>aSOa&TvT%B(%CY!f^zDyjbv24h)q9dyj{UORh@!5@pHNgdo&;=7K-bY(eHbS(
z_6i3K(^7kf4Qe6T(*>xiBoTcs+et5@8z~e&M#|}=x>_}p^X@sbP|GNzGsluTgHFd;
zlco#D?zjJ#h~&CjK{ercnXJNaE6rWDOJ7G}vDkd`d8-pc-`00ZZtTRR5zFwUE=v<~
zDYLCWN>N`ulg|M(+Yj4<ThB7YEXSadxA~)78ai9wCsvi`q)8R^G?q$6=H_Wc%3t@&
z=`Wq&oEl;w7RgIUO&H4H5f)<zi}^fi6)nCn{h7L%IV;?@T;!m%zR9Vo)TS$1YDCmM
z<Dwp<wWBv1c!))i=4zGL8i5GsSLIP-C4eR}zfkBUiW%uJahXo3@LfMvv1|xEyV6<e
zX{ZL@);>=*@b+r0l~v##h|ZdFnY8g}1x1-RW>FM$Hj~mOQIzViYuXaoveni~MrV+?
z<$qK-Z`JLTiRG5-F55^DDfu%>&!d$qPIE4q>Y>Uvo9!2d{I`~!dB4y<pgUVXYK77Z
zIu@fii4JS8rGh=Z4T3!fR?>pZzeZYTb!{-UgE4>9lm8k4I~31WYa*rGEMD0ISK-Ew
zOAly37UX%$FTPRRDNp5fZIfK>PEb|-t73MP_gxp>F<~1c6(1ENjC;rKP7?Vg`}@)q
zblSIGrIMA#JFq~cBsBP)B*+W`_VE%PS%E;^y0|O+&nX_I4kdASh)DLkK)f?5LR;su
z8GrAt_^K_yH`d~vowwfjF<Gbo&`klQ!Bw@G<~t#t%c*8av*xTKHD3=g{~&bOoBhSE
zS2PS~#z+|{fUp>HUkJ9y?V{h*wu{JB9R3M20L8&PF*%p%yE+`qKE@TL=2aR5uEtHG
zR)L%LH>*1eG+gZou=_=qF@{^SXP{Wcax$InaOyFrG?=Uxa{-p=HaA}<D|sy-0o8t9
z$g)qhaamaj!cWCI>hq;z;i!~PSb<plMg8iAh)d;HHHZh}ed|&-7puR)y`}gw8iJ+y
zuAUbytm}e<hw@tAc8%CF)4IemlQ5@A=DVp2gG*xIL(|MR^=U;wwX9|-C+kIdUz_BW
zzK*6dqEC*>lP+?yPLg!Lwy*CH$(b)Jhv55a%*glp(!)%ZganCfR^MDLFu$)qY!cSE
zW_xt<bSUot+Qc}s2Cj;57G-6zb%!TB_iPefOj#WDV#7{MzVs!@IapbOz>OoTIYOCu
zazZ$sMQ7m=F6;9a%kr_-+Gr2iMH3sg&r#EPH=R{R(V?}i(H?B$X~xk_{q+kIrE6=c
z-<Sz8KX~jMsACv>o1(5{IlpTUs5T8E9l}khiPW6WC@a={dOA~-L^mA5wKdtPMK~oy
z<rRe^=7eLZi_<mL=Q@n#PmbO-(mIw>IQaR_K|Lm&4rxXD2Oq|vhnx{*#>kJP8k#59
zt$e&1x#PkMhXIykG4tIl2miYtg~3EqK$k@RFPH8lcNSq6?wh8T<#lIVKi_|%EIv!7
zZxu2Afpt5&D2kmaxsKt*r%#W1;iNdJIGyB)!BknJ#(<lsx~@?fhMG0T@RA!(nGxe$
zYrJq8Z+V$db3)WC5L>R79@)zTmerEzgWi@OLb9%!PzN%r9OXTlSIqV<Tg~UHise1W
z@+li0#!A-*8U7C#3ziC=kKMD8Tz0Mw4DL_X{~E|vC%DK&czr!%qgX0#G?O+~mt!Pl
zdMRSwpxHV68o7?b^}M>crhow*oJ60n%TIX-l;;ENOZ{JH&evOrueByonyfutXT(lq
zn;mq0gSqjxo~FWIN0L7jMUvofLt`dPKALOf&54lL;8AWSoO5q|<%Koh*HvSlBu$U<
zz<!#%MUu*-iu_WwVg1hEtTmlwwVLxAD~}Nw{uq+MQyF^s7TY3Eipou4(uNn11b5q}
zCK5}eUkW_oO4HP;{qABH?bVELNCO$FBaWQJjO1y=c+QF(QarbmNZMAgDp^g-M@WwI
ztIi3lNc$@ky1ZJYNjJ-3Pk)-lR^!9{big3Ptm3Wlwu%k#jv5adYWXEEz56_&+wtgT
z;br0Gami7GU#OQ%jIi}LdspE|Lqne%6t+AYw9NiIvNqB48S;rxVEvxnl@U9Ro#+#i
z_j=7L#ae<qYUOqQEN&x<<+xFnR_e=1_pD>wB%yS6M$i4~!+sHnt{1$}<KuD#hhVMN
z8rMWS*pvo%NBy+(4#f$R&oUW^3*M^`JQKHiDRV_<0ZC2v@?B_EH+8s|`BA9%wOC?W
z&?fVXZj7WQWgDxaj;H*#Q>w4p@m_O{lV+FOS9s5ZfcDZV^bQGKyFIB<@p<ygvjb_^
z9xGn=dGaL!Bg|7qb3Z$aJSv*D64jt3CYsJzOc%w7$l5Nqlu={xE%8TK4!^aItLZ-$
zp}IeCua~3i^-Sn#%}Ff$o?3nZ1<!eDQBvCw5BE(Mc^2OZ(I+k)KQ_lz{N=NR#)l|n
zW_f${eInk}X_b%Mzd9?|B^LgK{WJjcRWWTU7cYz?{lx3$NOj3rFWnUJt&{3gHZAQZ
zCJ*3i;r+ZEw<36=%J6gb<5lxYqI2cJ0^BiJcZDbDn}6ZlQYPj7?oHb>TIOQ0vYZoe
z<@|XFwep{(FFJg*hBQP{qJfiHiyeP_K%$spA%!?|8c%o@fp8nSLfHEC+aD5n+GAF*
z+zta1`*pVUyt`~f26bA+v+=ZCmypRvBTruxrqK?=#`h%KN_CCQ^?n~%Ny#0@P_0%i
zLY!zV3E}7upGaJ2M0A-RZ=1#)tw<j1`lhRR#RkW4HqK(nywYp1NBqh8p0iffvKIYk
z16$WspFO{HSE@v6`1UWWt(Ak-Htw?9AA`)gi7G?o*aYP6-O#qfj-6@`z8e$#bF2nW
z>U(&x-sF?YD7UFLA^h!C^(DLWi`DH$+*PUEwpK_5y|)6ii%+yk!Wp+WO-gq|SKedA
zgUjI#zv7$~aZy*?P}+&y;e`olNw)ZVoe_TR(7koQfIT#x95<2MU`UTz!?xzT8>Ubk
z8=+i`X=Tke*Lxas9;UaWZa)>R?p+lQm{cJ}*_hKLp)QvlaT7}d>|+A%&%7L5>Nl`b
z?)}>D;vq{e&3c9H;%$sVisB!e?|pT3I);bO=iP$9nOry_ck@u4Z<$RwVX-3|lE2ee
zjSUEIJjaczr;W#A=QA(paL$rHeWS9os}R;oNmz}%%vjG$zM^`iQX9Os#}o|ivcaTN
zZM8~l1wU|JT8}nOCt=SiML$fL9_w)RJw(96DfyLd@y++G=K+^CW0x6UtqA+ANfL?%
zb618D8j;HkbDPE$uDkh6{aUb}-CBD!KzKxqN>Do*6$HQZS}CY)R7+uaC06E=Ty*YI
z)93urnAWw?BV9eXN!x0hdLo&ThQG5eDnO=Md>-?V?MN>FOT~a|F82KX1u-0?7)#^Y
z;*@4-_O)@nQ5wdvpSV^<MU~iXDMXpL9i;gc6q4gAxZ}bIebluoLGt{kp^C}n_f^TX
zT0@3hwy7KomBC{KGXojy6NSU)PbxB7F-UD5NwnfHRgd*DGGUcYf-~||aGCcVTMqh(
zbKK_XA-qis2kIvC8yuM}`L{aA?ir9t%YP?X{x~3?q(Zu=x6wZey_Ig(Hy_FB`8lMv
zOv6AfkrU67%xy>1ZFnt(P-Gn%5+vq4H!4*x@{oNU9y6Ph<@ln;q5OU4>QJsz^Q1DV
zA1w>&U)!6%bPw<c7G0BT<qKA?8W4|XOi;2v&h=~YBOb`^&WZ!-wgUPCr<8K#O4XXA
z{LsBk0B*IJ`GgLU4#!L}qoW4dd&&XV`H6F-0~21sv(eoSmgCkM@=i6MR{OGkUG{VG
zK6Iw6GR)`EGQPuTKuS~F7zsKL;cbRc;J&=!w<MIkx^BqvEV)OHpX%E3-NMC*fz$w3
zIC$rC(1%joxPRu!3#vnA%a#t|DOfC#y$bqcFG@u=YZ8s31L!d$rJy4Ef#Ng%bz$v^
zzsO6TkJma~&Sf&!%vvqTT7Cm$#5R(v?}u&IUQx!?Wl_rc7`C%FtkfE%Y^w0{V6=~a
zIo4daWju#x&&$)2L$W<i7N|YAT3YjtpY=}btw{v;{kou_{OP-T%8LeKxgkme*2Irw
zi8%s61@8wmV%_oRaZ-Cm7H?0Kde$29DHQCi*o3mhY}&08TEf;Jsv;&Qz;jKcCaTxC
z52x@grsey&2*}?c^<&7n-!bEU-EoER65nu$d>ii&qf~cj`On26>60v0w_NfC(o9}$
zX88Y7I0pfK;1Qo<Mb+7jOjb5&($34Ps<H&L_Ii%_(c+}jUXMLwW902WE!I}0Qs7VY
zrxvO%*zmE{6N%`DN7N*EPsi}PZn@73kNOJ-O2L8bqn)aKJ<P4kJ+<<VoQ#(wFYGlm
z?Pob<3zs7Kvu?S|y0?}M-RYQ2|7rmVRZ%sEUuh;06vhkpBuP2D&VC-4j#SMrCq@Ne
zabG8t_d6^NCGcOqX$LVvX=OxeGw=DWMF|qWnxnxm%fmc!DLbANuTuULVIueDIVQDp
zYM%AWZPn^NfWNm?NFF5!A|2$WtFp@#oeb@|NiYIDAU#J`DL86Dn+SdGb^?)WPu>+$
zmrkAaHU6mp2^wpcRk?nNOA3YVbkjpR62k7SEA*C;Y*yT#YE?h;;njwlb-xi`Urb3c
zeHItGpr<ul@A;}FqAOX2w9&kXJw5HOTsTNIityH*l^jl>)+DCfSuff;3boJ-3U5=D
zG?Z%w>qLKYszhU8x^?wr9kB?#cgB<{$KBY*+YBys{GdNQ8aUy-&4XvoGmz>2!nAFp
ze1z@-)IGZA7RYrLW|sYU_+CNXK3(!{SIxy&HvnTwqmK&6j9w6vUL`w+Dy1?8wVB4p
zigr#ajl@<QI&Xf%eka?6X7av2zkkmjcpw|s&x{sH5{p>C`J|Bj1>=-U5T=%}&j%sg
z^Tz(yNjqDnP3Lf(=iFt@>Lm<j?7#Y8C(dFnbQ=*VcqMq9bW0nom8V}<s%9U08UBUK
zSY}j}XQN!p)i|}JS@l@doDGifr~xa0dsmIjE2hYl{NrPhK?wnM!QcK;aF*_%w98Uq
zu1Bj1m(qew5s~ycc1E3iwawZ3kcGk(Q=b8<EU)w648l@ouoK}pU;Ec2LTpsr?|82{
zwOfL{1GS>3Rx~7-r-kD`kzd1Al80!L;slnY@y{RO9>c;(Mk;9u6GZmISJ!xMDH2$B
z6FtR-cs^n4I}zS|A^Yh{d-dxImyIYz9~t%FJ|WqPjfoN?urZ$pne7l_&RaSi7E`E7
z%D^F{uAk==$lxn(S}!8}A<#53S18S!J>7|qkAsLm$_}8S9mgf*_!aK~IZ0vteV{F&
z<@vhBiRLedn`>DHRyUx<k;xDXIe$34FB686t;E~rvyExSfYStT+5*1Y`jWItKnf3|
z8mZra&FitjG9&tiruiD5UPkvWZ^5qz4lrk<?#r^>gVt=)dR^Sz#Fb^qT^r^Z;b>_1
zh*hq~`(rxAWh732Il2Sah=J0+9U>=igb4&+vm<^5w>r;ZUm<f<&BF8YnPcR(ZR&x9
z%;k-De9rPLmvCXoUXK-4G7A8Ne8z2t!4JVv5?u4yj%Io6>1*VY=iFKrjmwt;sWLVQ
z2SW5xdZC|FZOY_^^eVZ28p$vt&@SZ7*5_$Hlv$K1IImfE7?r*5y<3?t*%}ggN%Cfb
zESU~~2-8{1qZ{XKjn7#rPIf9i^@nJq{8`<)c+EYzkkrqU&37`2hR-)%g-pcOO46yE
zvCgObLk>f_@|VTqnIeG=iD<5u6CW^PJo&|!sjue5x*|F9{iO8D0JE2-M=MaQXbTi;
z)p)XgP8SXEQ73d+AAOocTe$AL8npRhb;yZjoM(CV=XARDa^HQ6QQ7_#(kG+Z)B1ex
z%C3rN+)YUu`Bm`R>Sg{2$ASa7qg46GvWq5-FEGJWv~k?H34ht<_!sK#DwWxs1xc%j
zV`@|_Dj1SKzo=$Mijx+krZS4-h7eBNagz&t?8D+a%ESYZ<eplO8{ER-kts`^e1-2O
zA*{i8QF!yK&+>g#nIN5*%U2+Z)O<;V*X2)(rF&4>OyOnPoZ3RGTws!v|ABUg%8ws=
z=fVnelwrH%chD*jqDk!?UW|by8SYFNVVd<>^;>8RaBCl=mQE-~xE%Da3&~o%{4FiW
zY=+J^-M3i1k}gfzwa5R#arN#rd(o%KkS`IY&oJLi+a#pqO-b%DO0%xBUj9%$Gh7Ok
z|73&Zx);hi3jk*~?M?SO;_x)D*=${^aDr_1X^WFT1j?Z*l>DT!yxdxxcQYuZ3}Ys&
z6-H9sWy{a^s_O;&yYh3i-Nz}mg4}Fb79TAPpFsdlg;2Z{rj14i<u0@)QaFBw`Pvmv
z19I$qgEDN6)s2ENtGQ1M_ifV?@EZk%Okx(QwPauRk0jN>oa*)lK5g2DmgLD*iSzbp
zMRIBjzF?%;_QT9Uvejz^m701d7=-=afA^St_A$Y`jO*NOTj+ortyj4eD3d~h|Ndrc
zAggqJTF|^5A!g}x+-nK_n_^+!$<4F44_QcW9$1igs9qFC+^-%-YG3NrUu&)UK`4^5
zNSADIY?I^uT{6M3-1#s_HrmzLpNtvH4b_q-VO;#)T+EYm&t7=CW9x!fF^}`ouLtF1
z%uy^3AFRiWe@Yeg6^bpiM@=k_nh_4g+$kLjCtR!&yk0gDY#1J{Zb7#C$_t~gRU$?-
z{ffU+{>K@wWAh`8^%-}nxWmI^a;qY2Vkb}QmBPsYCxP!X3(*JpTVsM=^Cm9c37;wy
zV#?_X-gPl`Wh8BkkQBThUX0}LU*6K|SL`AXC9kz#=*ByF$JJoIW3jYXOL;x#493tc
z0OdrNO9PC;?d%Da8-5b3bG#|S#Hw_CDb0P3nE~WbTblz!iB#joh)Wmf*qU&jVB;%k
z+7D-cIveE<$by6+|E5ad>3f0X1OE<y7QsV=XmZ_ekRE#?!=W=km(KDP3PjWdGF4Fk
zx6R&|tC#)~yBTyN#q)-Om|5Fs7X*aVPa1HS^e?;8M0@=BOPV?&;L@w?sv|}&-HSkP
z<%!~?`)>Yh^Eb$V%g8Z;IY_6G`cxG~kj_S$B!agdIT`2eLrvgY#lKO_?_N}~_*$n`
znB;uER?)3b_@mFf!*!5AE5h48Xf)AmKkt~<>#&%@wB2x*??jOI@Ut6lJoWs0<fg}y
zvgsx+)5)feTjdRUp7FdPV>%OyZ8Qj-0C6(1DjXcX+CTQs`td@@fpwhBYQpRB^7&l#
zVoMz{_rZ?ZGiLd+2#wHFN*~xR*ozV=2yl~IUhxqt?tTfM&9(csE|X=QZ(_aY1<L^R
zP(Y)2lsDi3UG+*eG>1J2n#*}M-HqOw^Y@vVOC`IQG+a;Ua1_v&mILu|3eeDbBstFN
z2sM^5YIFrKwKkCb-NQK^<hHvib2vLaik<u61Y_<yOgb)cqOjrz?@ubbFPDw-9y2#v
zj2bZ+Q>ZdrRFjj$B@oFNCwcYgZSjd;1#wtshFs`cTtErV2=>jW5!s$YZWsXMI{8rH
zI<b2zA(g*9flrX4joC##{*5lzO=U4p(v;RnKCfD`=8usUTc`#jgK2tE*+>O={~`v`
zCzzCoHgOoDpIxSpczV?tTcF191dqfSsunVgiX~d#%e5)_(2fP#iBb99BLitR0GXZf
zhoH-=`pu^TI<{e)PhSJ4&z`le^E4~$PTq{cOQim0l4=reSq_r6>&*3h*oJEX4{jem
z>BioJC1wZ2^ur==yIkB`-Kdkb5zvkn74itD6ppyH5&|@iY>OerMoz3hi~_a3{w2M=
zAYGjna{IKfz$3M}d)e8bU+anIJSIeKe^V;4N4e{Ry2E&qgS=|5Q{!^R8}FN&C&V-(
ziGxTUNHS8{t15L}RcFx4{6zAzlGBRF;5wBTz^{%IDIrLs;Q>es9p(x=D-f@YVKe1G
zF9O55gOOW+>V6ELkod#5sj#H{eRviTrjC>azW;76$p%{?=m2@?4t5v8;o=9OrhWPA
zJC3YYK!Kf^);tY}I^PTM<qLLvl9XC-?GIhc`3T#008>O1z++=y<S$_+OTdyY!R)4l
zzYB1}R<G2~rt%j+8yORIuUPb#u{$nJvETps)vZT-aIbitjL$f<)k{R2e+Z~L0EW8~
zpu>iW>ia?{ZEgsm5^gs|axynWU(J&>H9WeDS<se2NJ{b$$q<m<BtpOTJ@E!%(>nYh
z=IrC~EXQYb6W}K=RlzU7nN^D@_utixfe~57Tzj)U5?*r~I4WP@6}=>**U&GILbN(&
z$t91A$s`;f?ynI`mHq+${Oxn$cXsdD@lb$mdEhh$)(L8MCHP%!T^|QAj3X_q1>GN}
zkw*@mU~J2or1LI0njkFsXzzaUqzI{ehaM>1_@tKsi>GrUg%3?kH8K>krVb1@ae}eW
zIZ@*HibCGRuS2d~IJ`5o#@FL}H;c|nzP*L*dmet5W6OIC@KLAH0dVkmvOWGs+Gkxk
z%rxF5Ec<WA<yN+CF<br#$jQDzfEHvNmxl#=!0jCYB>l+L#61P{acU53SC-S;u(ht_
zWc3c*5a5&F*Dc;lzURRfpb`SO_#yWlm8H{2>Xq96CCI~jJiKNHxF+Fe?Bc(r1+^bw
zlG<O`1<qm@Z#S%}5zE%?h&3F8LFxQ;NC~70F~8=>FQjaV?an%kbHIVBy8jcJ+54Iu
zBI`}EGCgCev-$b;jZi^&-OiI9z>uWEA8?Ioq38j43?MMCN%bcqKr9z}Lk5d>CF~79
z0nOS>5;p~4B+C)*8Vqz*$NACc`gBH83g$fo=1=ryTnU2l9rcHK|Mo@hA|{hWyjpFh
zw}5zup}xjbot+1k(ZT5ZS$XpEnRXaN_XDGBUOVEt21u4ES<C1oW(gt8dXzX7y>UMC
zoy&V@)w2YQ_qJp5PcXxe!~q-n+Widsj-==~xH$<?aX0)_J~vHnyBJKl1d)uHyDYnh
z2V(++Nj_hn119ioW0(|yOj?lMZQ}y->qh{T-L#pSLq93KW3UUw6wt<Sa{)N&k#D$w
zvAzi4Qd%Kt5C8?gBo3$4_y_06FgodgOQ3;}$hRf8@0{Ej4~5{jHa{ynO$n3)wVjYx
z2*@%55l(hZc)r^DfqY_&a|lI9EH<#1dH*k*mvp<n<N#*L3AAX-4;R9lK1QR@n2VMm
z5_<rh&HA_=YG`z$Z#Om4807_ykWFq^+Oxw?AYyr-q=4L!TIN1HrR_4+5+VY81SROm
zW{(1VLk`$T{Os8LcC|Qt2mx3rTdPfsc?3q{{DCJd=$(wk5bdd3Kl~WbsudnU#E*oC
zl&h0<FJgWOev6=Y&>?-59Td)gL44-VfO&gQC=!%7*P3Y`N`-=30BSTLl^iBo6+VPx
zYNXDfFhe-f97hQ|Xjt~v+N5&6{c}K}>ER%t<RIntEM+x_N}c%$V9qIniXHv}Obj~}
zkY2Gc!|qVCYokv`pMOW@<ogVmaAUt!j4UCG?+I8lGk3{&V{on{7_d(%t-w~+l?}ok
z?lT~}P(CHD`FnVi1wrYB<690hrid7P!XA|8M9+Ef1UzR9WLUXCn7;~Qf>Tm(z&RLo
za~8a<Dkk6T6KQuuGa&;Z0wlJ?mZ7q<4&iwOw2#2kr5va+*lBS+>cf3F4=tn+0YuRK
zaK_^38H+M26_9PJevHSb^5`7W_CNagEeNF$BOER2o15J#a^_f~_yn>?bV({|kjSb&
zfU!s?u>B_1r5fJs0ERI30<erNn}b0riNpiX>DwXU30hFvWWSC9$Xu&0Q1gz^vT^4_
z<AC-b3wW&B-tGJf7oc)>HQ!Z1$3z&Qc0v(eGDCpu;)HA1sj@8wk-(P^x&g55vbxLa
z@X<udgO2HYL=f)-n|J*WVRt-*IdxbCCNezTf;bS}$J(X&$&ut2k^%cGLBvs5+6DV)
z_`^86W<a~Ls28)d<TYHZ=6u+*=Tz{q7vipBQ^`=mQ%w#rvmmA67B)8{oW%4F>2gjM
zG^1l($Cto758wKRh)~545j-I#XTR&S2V1=*3^S(S4gh>(P>4|9p#{L)2@*apWM>-c
z2V}69NmlvgF*E0s=zDck(@CcAzIYg5UfTp{I<tXH>WRdvoI~FJ-AyOtCeZ#OIL_f>
z41=_aI-k5adUa59Pr^<_*y#0X)UZK?>&G*p^e;-LkKU>fu0ZTcR<ZJ)E!nKA*YXMg
z>T-SvB<>-W6=`6~#QUK;%Pp8Zdm6loo#5f3o1DAs!8MSOn8^nEZ}KaA(I}^nErr|!
z-q&ma(q*?YCdz-CVLs>N&gMkbVhH1ef&*oF_+T=@)v&|0VsLA7m+f?gqmvip7nnIc
zbQYZ*-213x2oK_I%UYpWXa&${s&b!*kX$MXPr!UZ_(?eE9u>PYTq>pc86lbya2RP-
zsi!IVS3l!MK(_<$Uv79#@#gB;Bp3zs@kMu$LfZJ#unue*VUtO5*t^j(xd3))kHG%S
z5-@7|8jp8;_+hDd8yy8=lctxbi?uU#aD@eEAQ;h|!$>oHhT2?Cw4A%R0Gege%q>sD
zpqu-R5hC)V=Hh!|(;*<fWSz!!?kI3UT3lJ(pX{(ePD^T2Ri!>@+!IP0OiPIsSAJbG
zk)9@20#tu5Q2JqeRk1dqgPJ1P0eMJ35CcleH&E}@DzIf@;KZjZ9M#Cy7A#rzJ$0#y
zq~e!HHWWTcSo}<puS0{N;DKZu9$;LHL^4_JJmQY%uOUL(@l~m}oPZ|T&RF<ckd7<^
z@@)9eZ)ij2=NMGl9Z$!UH(ad0)zft3w{w{Q=VHyf;U2mOU4!0i@xA;D-6&Z?`&*Tv
z={G=kk|N}$CEyjkpy197t0bFT^7QBsq!?Oa9wuBzJ-z;mgx*BO3AH`j!cQd!FI!-J
z>acPMJos-<<NN%rj7KX$QRsvt)lL|Q!a)cHDVAuUdk(zNjvX989-QVWOVH)APGdiY
z1HV0YDm8?jr@75q&Pou)aGEIH_H%DNU-;!ti=rIg{$CqQLZtHfXEjJ7Bkv-QqOyq<
z^G1LrJW06WXP5YXSAB7BXx)JdC%bp=R7$wT+Nx<hacx2>GmUWvoyy)mzVmccK>jo2
zBl*1dxAa?Zqq_c6Zf5pXjIxQemY9nBzTM#iUw-}7BWHIG-9ipjF=Abh5{PA-@Vns`
zi7D~>ZTG!6SngS1bb#2Tgt5>S9pE?xQOWNGx@d{)8pG~tp+^;-s$+>)5~3K5C%sSq
zO-%cH822u03p?xW`*>k`t^_+*)cy}w{7vRbyb|xtXw3ZNe{)61G2Om96RPLPhF+Xr
zFopErzf2&Kbw0P%s@(sS(b(j_T=Bt^oq2XKEVxaDf<-h7@n<1?F!`P;7||WTF5WQ~
zUnclw-;3MQ!>yH@bx<e^TkIut8d-8-kX5J}1uCZ8MI`*WR)01@B=5$`ZacA^AG0^1
zaHe}bf4Aq?1cXHSnX%08e!gO760{j<h!Ctdtz~7)s*(LWO5FJ!{@KMioxgP<7tv{E
zK=e=!J25wK2}1QfWU~U6X^lG+_M3_CH8-ivQLEAG>%ToM8ZP~rqb-+lqEEBVV7Hno
z%G*wr@yjNv-gDa9GImT=6hnS7t~L<IY^RL|ta`+a=;Y-%u+HO}N+W!Y9^%B0*%W^o
z!tZgzfj5l$_Wof0K^>a|GUxtK&is1-<1fOun1_xW{XN|OVpTx&5{76|<z?EwRt|rD
zC-o?dd0jDv&>wcY&*<EAQ2b47H1Qwr!32`=`4=<a;{Rba@tK$p?2R;dz54#$l>NRN
zBZ9Y_BRz)>@9^sE3b4F|-fP6wjeY5?RaW`Uu0a3f0K16j%psP&WwU@LUHOh~P@I3?
zbFN5(eQP!3I{3r?xr_ee`KVg1!RYo!_`Rn9uQh0JdY_j3Ki~Qg1_zZdC9$5rBhY{T
zX=j+Uoxo82vu2F0?)QtoM-YbNzv}|}1mA{}e)HzwB=!q@)bRjLP83=E<GhZ+8t##)
zZDZM)eu($oTSZEXwm-D)r}?3$^`(SeWN6g-_HNx^5jiqf%HuEpvY9&kDD?X8%?7S~
z8g0!&<Ptjptw4M$SoxXh{;e~jwVAGVQ~L&y9mSXdam_{-c7~<{dGt+Zu4lxM{=rr{
zvahX#AtT)Um@P}=Zl@X%q-CG)xNbp4Ub@wt1Ek-78FciD0(%~UHU}TNCwxgm9Lc@)
zxo-rt#o+P0Fe8os-6hc1-6miYc<s*y%_0BY@8MFUgfM8-Zpo+rSV8;l0Sy)KMKXqP
zS^nc9^hEq!vG}yzB*X7VF=RccsoA4G&~|Zma#-O$BWqz{f6kx~U>3RQS`_v|H^x91
z#V71h3Pj|kXYGRv_qK6#&7+a9{|lZ-cG`VV0mPuHzuV(YIR1sR%8vsbh4%&sMrDj2
z4~L_3@7LncgyA+#!`YL<wV5~jU!MQ_i*VdL3(;MR`#F?if?tEUvwJIuJ15+LgQF#_
z-|s8#j?-GR5QZe@?yvXg)p<9CTXRf;t{A~l`QObVEHA?_>;V)xkYVq;@4k<csLY}_
z)AmOwvG2VFsKVhQti($Dyv+W8hUCS6(-pKC!Htgp!%~e$9y00sOZGoZMVkz{h{P_V
z-KtRs+G+ZDxv16w7=X?4e&17b1i=i7l!S`xn1Dbv{0@?Wo0kLpH7b96+3QY;MiDLv
zBAudH?FKt{N=2Tm#L-e<sXgZmzKYNOr9}rz%g=_{Z+B^VqNP>*c-@SGywv4W4&^_S
z@|Ft};duNtQyO<C`aZmh?ee#WQz^PvsIrOnHQU)YjWRg!tx!v$MPFD%vC`St|Jd06
z1p>7A#NnKO@)`eX344JEW5eDF^Uv8s&r=61;@cDwe<#8AU48eXG0K^p^{=}1$I$Ql
zTKvC#2<=-qzvkL5*zz>)!~t%ojmGPOb@o3u{!}C$&h%in3mH6IIqbUAeqCRFB<o(e
zoSFP$pRv-TQz*s_pS^`~6qr$C&)m9_xVi0YXa8uBqkwWE|AQC(`=Pa2kbNfgrkHb7
zjUhqNeF4TlA7!*)5*HWA!~VlYcmTs0BGBm*WTk)lufJ~tnF|z9Y7OZ8r>&Bzg#pHy
z?_JKm_91_|^#AY>C#m1oOE7=OZrB_31pzPyEET<d>j3@BGf`*;6L4g5&-^-3tZ26F
z+W>R(JAt?NPn;;n;we?Fw_{DDj_~TbuGl{g#p{NnyxHDukePmjj>1>}Z(mcu51R*w
zJ1;toPZp|leFn*&GE0|>`y9#60s>8a2nqbnUQ3AlwrNrfx6wFPJ{HhG=j~buuiW^{
zD*vwW)V>vsKE^wt^?E7k#_ro6!T=;05;Cp^iJc3C*ZD!*xEdM(l7H58oVJ7_t8dL=
zrhge~nUin{#aT?dohK2P#s&s3ZLnvX>y$1fE=n<dfmBx&v_|E9A?fqMbumMWSErA?
z5*1<wH)mX3RrEs@s~-J@>#53V`!DvCN(M$!_XhLv&RoSeVcLDQs<qr&9rZ%>es$m$
zdPIJ=7w7f6`67l}uT5rCiXaUt<L3G{sbQV_rw(S(7%U>+j<tHHiiDqf(Jjrr)r-P`
zaSAwzI-vA47&WkAumZ$t%8K>A8BdfB+i2e2kp5y2WmX0BL(&Ssw|RjkkjZs<L~^zq
z4psI<2!ts}TTYunITsf)>c?+0ougTpws3Wn+2Z`HLaUJ?_W6u?F?B;6KmTT?_h;xz
z%hCYVmQ9zL@?}pbzk4!g7Sr%R+i|3AkAqT$T%Z+Gg?dP**stu0E&Tl^@i$?gkNP3m
zvwL=;MI6sH(7a_r5=OT?YPXlSx3px4Qrf(LnrI1R@WY~h;x%6l6aCKSkAjA|A=hZM
zbrs0hQXJ=7`DW7#))Xz0!aW2!_#sE4)>y6Pq4DGK9T9r#M$T&B(T<vq-vcfHZqGJY
zkp36oj#fkFFDA3gW$V>RM8<#YuDE-)vpM^1vPkrxP17gh-+nnAIclcZx5sz>V2Fv>
zm1mf(?txL@KoZQHNqf!9R#vCu(I{BgNtA@jhSt9xh_@t2lb#^43=#vDQ#rNC*HdnM
z32^#BEBJjJRK3WFwVY<NJLDw(ns!8)uw$3MP^m*w)Tk!Svz-!T0tOM9(F`?lHM_W*
z5BNy^ZSqQ$;c>E^QXW_X6FRjd_@63JwV4u`J~#pA#R+j>>nuRNSgRPCeD=sD80TeG
z3Ile+)>y2f4SIZ@f;4l{Lf)3qwlvVMbqYF_B)rB<G*YgLbZNP6TEagj2`zAz4S?X=
zn*0Nh`#qxx7TVE-lwPBDkFo-u53>e9!h+ptZxMk!5%Bb5E{V5)&3S4z*72#nK4bIa
zHX-jyS&iF}+t46AMk60ZM~NojEnbcbQLf4OCNltFtP>QuqC_4WudIVCSQQrEFSl$E
zagb(g*8=7oMM9Pnn6}|cxa(>-N+{)<&2DwmcNK+uTRJ;FIaGV7R>;YZbad!NJ16x>
zHMDKq-8|Dl9x4B{OKS8<`<QO2n6k1mWBgUEd(2Ln-`~!@o&81VW<ZH&tie__1`OZO
zrbDOmW;qkZYEqZlaihMITrlbb34)j-nJ{b4Uu@bX3z#GUwQ?-Ds~#4qFn#_{5NsIV
zNOHK)!K^uZgrr@w=kt<JrSmr@R~*dWw<wYjDk1e6dLe&C_qfyEd0im>G>W<hv0m*s
zV>eIyF=5h9p4iCIOH#z`bMCFE3_f1=Vzxd!e@5ee-$^O{%>~Or4-zSdcWno;$evZi
zXs*Jr^elm#{o!MY%0w9x{_W6gfWl=Vk<tSS`4=@C{~m<BZJ_||7$(a)JUd~Nf}enD
z)fj4jaTzG>IE{{gH3+V-;$!yx5P_2TBTX@9AhB6f_%^MmwQ}&7#Tb+C2YsHcm7($8
zsb&yBK#MUs3Z~)}O8<W7UfDf+{j;)B|1FbgKHuF$YdQg=1ZnxVN4Qm3AhT~bkFv4Z
zK+8-SIPZ((42~l%=Y#gBej;dQ{oPK}xg}~G(GHU*S%K)D4PNHQkwhONXVByb94Q4P
zS~a9!<6J&hA`Op|ccF9lh-Hf)R+2@zg~bn0Tid@YxJ9DC=*^)EyXSy(VeOKt)P9U@
zkeR1DDclTVWxo)3V`cgm^kI<fQNc|_>IDy=KSNk%DWuq|4xce?@w7tz4JoK?x&Zhp
z<@-43VNh^rrH()~{)Jann*>`-6V@~d7dha{29dYx)lbzFe%%CqlH8yYm`V9Xv->*P
zAp;fYgW%<J-{UX4-Csg!*fn$(n6*~LxmLbCZofQEFMgWOwNp`9(l8NVX5Vzdk4bqb
z=&!(dQD|<jb$J2dlb$hBfla;#cBHmdLC*U|WWwpW{BwZ;?y7kPNrCaG`*<7oLe*KE
zS3WZ3;0D@WtRrob7Tiea{`(%s4peFWp0k~2La4hPRiK^lDU>$;${Xf3`RZ?+WPDLS
zE4R0@Kb$ssnGpv9#Mxi&JeB-72RJKtlqZh{frk^HDM1f=5U};q!ndBJAfdGq=fNtE
zakX(s4A11F3YLY_&>6w1<lyP{WoR$VO8#gYR4tNhV*&5b^jR|#DEotI18YjiHTO=g
z?4L-qz3-;4gnM@X?nnEpmVfJlb8lIVOe6K_=FJGRS2UuF25V{-<(!86jpx(7W$==k
zN0dS9@1`=qfo!<Si?%@{565A=T{nQ2SV=|4gJaDGGT72y^VjhHHQ6dj4aYYk>9$>m
zzb|z9{V|>$HuS30k9%@PzyG}JevlP%pgfd3&&_LpnB+g9=>fMYSSYxOG<)UQe}1{=
z!>C$_ARLjLrJMe*7vKBJ5wP#`zCONxOys`cQ$QYqsmt$!0XOj<zQTx7)a*?EB@Fxf
mBL9CN_U7;Zoq_naeP~-l^FDvW%gqDu-%Vku8=2R&AN?<N_FFIj

literal 0
HcmV?d00001

diff --git a/input/pagecontent/GFI-001.md b/input/pagecontent/GFI-001.md
new file mode 100644
index 0000000..8992704
--- /dev/null
+++ b/input/pagecontent/GFI-001.md
@@ -0,0 +1,97 @@
+### Scope
+
+The Request key material transaction returns a document containing the public key material for a given entity.
+
+### Actor Roles
+
+| Actor         | Role                                                                               |
+| ------------- | ---------------------------------------------------------------------------------- |
+| Verifier      | Requests key material for a given entity based on a Decentralized Identifier (DID) |
+| Issuer/Holder | Responds to the request with the public key material associated with the DID       |
+
+### Referenced standards
+
+- [DID Core](https://www.w3.org/TR/did-core/)
+- [DID Resolution](https://www.w3.org/TR/did-resolution/)
+- [DID Web Method](https://w3c-ccg.github.io/did-method-web/)
+
+### Messages
+
+1. Resolve DID Document Request
+2. DID Document Response
+
+<div>
+{% include GFI-001.svg %}
+</div>
+
+#### Resolve DID Document Request
+
+##### Trigger events
+
+A verifier needs to verify the authenticity of a signature on a verifiable credential or presentation.
+
+##### Message semantics
+
+A verifier initiates a resolve DID document request using a HTTP GET request to the DID web url. No further parameters are required.
+The DID web url is constructed followint the rules as defined in the [DID Web Method](https://w3c-ccg.github.io/did-method-web/).
+
+##### Example
+
+Example did:web
+
+```
+did:web:example.com:user:alice
+```
+
+Which resolves to the DID document at:
+
+```
+GET https://example.com/user/alice/did.json
+```
+
+#### DID Document Response
+
+##### Trigger events
+
+The requested party responds to the resolve DID document request.
+
+##### Message semantics
+
+The requested party responds with a HTTP 200 OK response containing the DID document in the body of the response. The DID document is a JSON-LD document conforming to the [DID Core](https://www.w3.org/TR/did-core/) specification.
+
+##### Example
+
+```json
+{
+  "@context": "https://www.w3.org/ns/did/v1",
+  "id": "did:web:example.com:user:alice",
+  "verificationMethod": [
+    {
+      "id": "did:web:example.com:user:alice#key-1",
+      "type": "JsonWebKey2020",
+      "controller": "did:web:example.com:user:alice",
+      "publicKeyJwk": {
+        "kty": "EC",
+        "crv": "P-256",
+        "x": "...",
+        "y": "..."
+      }
+    }
+  ],
+  "authentication": ["did:web:example.com:user:alice#key-1"]
+}
+```
+
+##### Expected actions
+
+**Case 1**: The DID document is found on the server.
+
+`HTTP 200` (OK) is returned as the HTTP status code.
+
+A DID document is returned in the body of the response.
+
+**Case 2**: The DID document is not found on the server.
+
+`HTTP 404` (Not Found) is returned as the HTTP status code.
+
+No body is returned in the response.
diff --git a/input/pagecontent/GFI-002.md b/input/pagecontent/GFI-002.md
new file mode 100644
index 0000000..e666f80
--- /dev/null
+++ b/input/pagecontent/GFI-002.md
@@ -0,0 +1,26 @@
+### Scope
+
+The Issue Claims transaction describes the process of issuing verifiable claims from an authoritative issuer to a holder. The claims are typically encapsulated within a verifiable credential, which the holder can later present to verifiers as proof of certain attributes or qualifications.
+The Issue Claims transaction can be initiated by the holder or the issuer, depending on the use case and the relationship between the parties involved.
+
+#### Optionality
+
+This transaction is optional and provides a standardized way requesting and transferring verifiable claims between an issuer and a holder. It is possible to request, issue and transfer these claims using other protocols such as email or other messaging systems.
+
+### Actor Roles
+
+| Actor  | Role                                                                        |
+| ------ | --------------------------------------------------------------------------- |
+| Issuer | Issues verifiable claims to a holder in the form of a verifiable credential |
+| Holder | Receives verifiable claims from the issuer and stores them securely         |
+
+### Referenced standards
+
+- [Verifiable Credentials Data Model 1.0](https://www.w3.org/TR/vc-data-model/)
+- [OpenID4VCI](https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html)
+
+### Messages
+
+1. Credential Offer
+2. Credential Request
+3. Credential Response
diff --git a/input/pagecontent/GFI-003.md b/input/pagecontent/GFI-003.md
new file mode 100644
index 0000000..9357920
--- /dev/null
+++ b/input/pagecontent/GFI-003.md
@@ -0,0 +1,129 @@
+### Scope
+
+The transaction Request Revocation Status is used by a verifier to determine the revocation status of a verifiable credential presented by a holder. The verifier sends a request to the revocation registry or authority specified in the credential to determine if the credential is still valid or has been revoked.
+
+### Actor Roles
+
+| Actor    | Role                                                                                   |
+| -------- | -------------------------------------------------------------------------------------- |
+| Verifier | Requests the revocation information of a verifiable credential                         |
+| Issuer   | Provides the revocation information which the verifier can use to determine the status |
+
+### Referenced standards
+
+- [Verifiable Credentials Data Model 2.0](https://www.w3.org/TR/vc-data-model/)
+- [Bitstring Status List v1.0](https://www.w3.org/TR/vc-bitstring-status-list/)
+
+### Messages
+
+1. Revocation Status Information Request
+1. Revocation Status Information Response
+
+<div>
+{% include GFI-003.svg %}
+</div>
+
+#### Revocation Status Information Request
+
+##### Trigger events
+
+- A Holder presents a verifiable credential to a verifier and the verifier needs to check the revocation status of the credential.
+- A timer based event to refresh the revocation status information based on the `ValidUntil` field in the status list credential.
+
+##### Message semantics
+
+The verifier initiates a revocation status information request using a HTTP GET request to the revocation URL specified in the verifiable credential under the `credentialStatus` property. Such as specified in the [Bitstring Status List v1.0](https://www.w3.org/TR/vc-bitstring-status-list/) specification.
+
+##### Example
+
+Note: these examples are non normative, for implementation the actual specifications should be followed.
+
+Example of a revocable Verifiable Credential:
+
+```json
+{
+  "@context": [
+    "https://www.w3.org/2018/credentials/v1",
+    "https://www.w3.org/2018/credentials/examples/v1",
+    "https://w3id.org/vc/status-list/2021/v1"
+  ],
+  "id": "http://example.edu/credentials/3732",
+  "type": ["VerifiableCredential", "UniversityDegreeCredential"],
+  "issuer": "https://example.edu/issuers/14",
+  "issuanceDate": "2020-03-10T04:24:12.164Z",
+  "credentialSubject": {
+    "id": "did:example:ebfeb1f712ebc6f1c276e12ec21",
+    "degree": {
+      "type": "BachelorDegree",
+      "name": "Bachelor of Science and Arts"
+    }
+  },
+  "credentialStatus": {
+    "id": "https://example.edu/status/24#94567",
+    "type": "BitstringStatusListEntry",
+    "statusPurpose": "revocation",
+    "statusListIndex": "94567",
+    "statusListCredential": "https://example.edu/status/24"
+  },
+  "proof": {
+    "type": "RsaSignature2018",
+    "created": "2020-03-10T04:24:12Z",
+    "proofPurpose": "assertionMethod",
+    "verificationMethod": "https://example.edu/issuers/keys/1",
+    "jws": "..."
+  }
+}
+```
+
+This results in the following request:
+
+```
+GET https://example.edu/status/24
+```
+
+#### Revocation Status Information Response
+
+##### Trigger events
+
+The requested party responds to the revocation status information request.
+
+##### Message semantics
+
+The Issuer should respond with the latest version of the status list credential, signed with the Issuer's proofing method.
+
+##### Example
+
+Note: these examples are non normative, for implementation the actual specifications should be followed.
+
+Example of a Status List Credential response:
+
+```json
+{
+  "@context": [
+    "https://www.w3.org/2018/credentials/v1",
+    "https://w3id.org/vc/status-list/2021/v1"
+  ],
+  "id": "https://example.edu/status/24",
+  "type": ["VerifiableCredential", "StatusList2021Credential"],
+  "issuer": "https://example.edu/issuers/14",
+  "validFrom": "2025-03-10T04:24:12Z",
+  "ValidUntil": "2025-03-10T08:24:12Z",
+  "credentialSubject": {
+    "id": "https://example.edu/status/24#list",
+    "type": "BitstringStatusList",
+    "statusPurpose": "revocation",
+    "encodedList": "H4sIAAAAAAAAA-3BMQEAAADCoPVPbQwfoAAAAAAAAAAAAAAAAPgG6AAB"
+  },
+  "proof": {
+    "type": "RsaSignature2018",
+    "created": "2020-03-10T04:24:12Z",
+    "proofPurpose": "assertionMethod",
+    "verificationMethod": "https://example.edu/issuers/keys/1",
+    "jws": "..."
+  }
+}
+```
+
+##### Expected actions
+
+The verifier processes the status list credential as specified by the [Validate Algorithm section of the specification](https://www.w3.org/TR/vc-bitstring-status-list/#validate-algorithm) to determine the revocation status of the verifiable credential presented by the holder. The verifier decodes the `encodedList` field to obtain the bitstring representing the revocation status of credentials. The verifier checks the bit at the index specified in the `statusListIndex` field of the verifiable credential's `credentialStatus` property. If the bit is set to `1`, the credential is revoked; if it is set to `0`, the credential is valid.
diff --git a/input/pagecontent/GFI-004.md b/input/pagecontent/GFI-004.md
new file mode 100644
index 0000000..e69de29
diff --git a/input/pagecontent/GFI-005.md b/input/pagecontent/GFI-005.md
new file mode 100644
index 0000000..e69de29
diff --git a/input/pagecontent/authentication.md b/input/pagecontent/authentication.md
index 645a7ca..5933c0c 100644
--- a/input/pagecontent/authentication.md
+++ b/input/pagecontent/authentication.md
@@ -63,6 +63,27 @@ The solution is based on exchanging verifiable identity claims between the invol
 The claims can be flexibily combined to form a complete identity for a specific use-case.
 The claims can be verified by the verifier without the need of a central authority, using cryptographic techniques.
 
+#### Actors and Transactions
+
+<img src="authentication-overview-transactions.png" width="100%" style="float: none" alt="Overview of transactions in the authentication function."/>
+
+**Table 7.2-1: GF Authentication - Actors and Transactions**
+
+| Actor     | Transaction                         | Initiator or Responder | Optionality | Reference                   |
+| --------- | ----------------------------------- | ---------------------- | ----------- | --------------------------- |
+| Verifier  | Request key material [GFI-001]      | Initiator              | R           | [\[GFI-001\]](GFI-001.html) |
+|           | Request Revocation status [GFI-003] | Initiator              | R           | [\[GFI-003\]](GFI-003.html) |
+|           | Request Access Token [GFI-004]      | Responder              | R           | [GFI-004]                   |
+| Holder    | Issue Claims \[GFI-002\]            | Responder              | O           | [\[GFI-002\]](GFI-002.html) |
+|           | Request Access Token [GFI-004]      | Initiator              | R           | [GFI-004]                   |
+|           | Authenticated Interaction [GFI-005] | Initiator              | R           | [GFI-005]                   |
+| Issuer    | Issue Claims [GFI-002]              | Initiator              | O           | [GFI-002]                   |
+|           | Request key material [GFI-001]      | Responder              | R           | [\[GFI-001\]](GFI-001.html) |
+|           | Request Revocation status [GFI-003] | Responder              | R           | [\[GFI-003\]](GFI-003.html) |
+| Custodian | Authenticated Interaction [GFI-005] | Responder              | R           | [GFI-005]                   |
+
+{: .grid .table-striped}
+
 #### Layered approach
 
 Because authentication is a complex topic, this IG tries to structure the solution in a layered approach. Each layer has its own responsibilities and can be implemented using different technologies. The layers are:
@@ -90,43 +111,6 @@ Once an entity has a verifiable identifier, it can use this identifier to link n
 
 The chosen solotion for the trust layer is the [Decentralized Identifiers v1.0 standard](https://www.w3.org/TR/did-1.0/) with the [did:web method](https://w3c-ccg.github.io/did-method-web/). This method uses a domain name as the identifier. The domain name is owned by the entity and ownership can be verified by the verifier by resolving the public key hosted at the domain. This method is secured by DNSSEC and HTTPS which gearentees the domainname resolves to the correct webservice and the traffic is not altered.
 
-##### Examples
-
-Example did:web
-
-```
-did:web:example.com:user:alice
-```
-
-Which resolves to the DID document at:
-
-```
-https://example.com/user/alice/did.json
-```
-
-Which contains the following DID Document:
-
-```json
-{
-  "@context": "https://www.w3.org/ns/did/v1",
-  "id": "did:web:example.com:user:alice",
-  "verificationMethod": [
-    {
-      "id": "did:web:example.com:user:alice#key-1",
-      "type": "JsonWebKey2020",
-      "controller": "did:web:example.com:user:alice",
-      "publicKeyJwk": {
-        "kty": "EC",
-        "crv": "P-256",
-        "x": "...",
-        "y": "..."
-      }
-    }
-  ],
-  "authentication": ["did:web:example.com:user:alice#key-1"]
-}
-```
-
 #### Peer-to-peer layer
 
 ##### Overview
@@ -268,17 +252,18 @@ The DCQL language does not have to be implented directly by holders or verifiers
 
 #### Summary of layers, technologies and standards
 
-| Layer              | Technology / Standard                                             | Description                                                                                                                          |
-| ------------------ | ----------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------ |
-| Trust layer        | DID (Decentralized Identifier)                                    | DID method did:web, a domain name based identifier that hosts the DID document conaining the public key                              |
-| Trust layer        | PKI (Public Key Infrastructure)                                   | X.509 certificates for the service providers of the digital agents                                                                   |
-| Peer-to-peer layer | OpenID Connect for Verifiable Credential Issuance (OIDC4VCI)      | Protocol to request and issue verifiable credentials between digital agents and authoritative registries                             |
-| Peer-to-peer layer | [RFC 7523](https://www.rfc-editor.org/rfc/rfc7523)                | JWT Profile for OAuth 2.0 Client Authentication and Authorization Grants to request Access tokens based on a Verifiable Presentation |
-| Peer-to-peer layer | DPoP (Demonstrating Proof-of-Possession at the Application Layer) | Mechanism to bind an access token to a public key to prevent token theft                                                             |
-| Peer-to-peer layer | StatusList2021 (Revocation mechanism for VCs)                     | Standard for revoking verifiable credentials                                                                                         |
-| Peer-to-peer layer | Verifiable Credentials (VC)                                       | Standard for expressing identity claims in a cryptographically verifiable way                                                        |
-| Peer-to-peer layer | Verifiable Presentations (VP)                                     | Standard for presenting a set of verifiable credentials in a cryptographically verifiable way                                        |
-| Application layer  | Digital Credential Query Language (DCQL)                          | Standard for expressing the required identity claims in a specific use-case                                                          |
+| Layer              | Transaction | Technology / Standard                                             | Description                                                                                                                          |
+| ------------------ | ----------- | ----------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------ | ----------------------------------------------------------------------------- |
+| Trust layer        | GFI-001     | DID (Decentralized Identifier)                                    | DID method did:web, a domain name based identifier that hosts the DID document conaining the public key                              |
+| Peer-to-peer layer | GFI-001     | OpenID Connect for Verifiable Credential Issuance (OIDC4VCI)      | Protocol to request and issue verifiable credentials between digital agents and authoritative registries                             |
+| Peer-to-peer layer | GFI-003     | [RFC 7523](https://www.rfc-editor.org/rfc/rfc7523)                | JWT Profile for OAuth 2.0 Client Authentication and Authorization Grants to request Access tokens based on a Verifiable Presentation |
+| Peer-to-peer layer | GFI-005     | DPoP (Demonstrating Proof-of-Possession at the Application Layer) | Mechanism to bind an access token to a public key to prevent token theft                                                             |
+| Peer-to-peer layer | GFI-003     | StatusList2021 (Revocation mechanism for VCs)                     | Standard for revoking verifiable credentials                                                                                         |
+| Peer-to-peer layer | GFI-[002    | 003]                                                              | Verifiable Credentials (VC)                                                                                                          | Standard for expressing identity claims in a cryptographically verifiable way |
+| Peer-to-peer layer | GFI-003     | Verifiable Presentations (VP)                                     | Standard for presenting a set of verifiable credentials in a cryptographically verifiable way                                        |
+| Application layer  | None        | Digital Credential Query Language (DCQL)                          | Standard for expressing the required identity claims in a specific use-case                                                          |
+
+{: .grid .table-striped}
 
 #### Identity claims repository
 
diff --git a/sushi-config.yaml b/sushi-config.yaml
index 1cdebb9..55a70a2 100644
--- a/sushi-config.yaml
+++ b/sushi-config.yaml
@@ -58,6 +58,21 @@ publisher:
 pages:
   index.md:
     title: Home
+  GFI-001.md:
+    title: 7:2.1 Request key material [GFI-001]
+    generation: markdown
+  GFI-002.md:
+    title: 7:2.2 Issue Claims [GFI-002]
+    generation: markdown
+  GFI-003.md:
+    title: 7:2.3 Request Revocation status [GFI-003]
+    generation: markdown
+  GFI-004.md:
+    title: 7:2.4 Request Access Token [GFI-004]
+    generation: markdown
+  GFI-005.md:
+    title: 7:2.5 Authenticated Interaction [GFI-005]
+    generation: markdown
 
   care-services.md:
     title: Care Services Directory
@@ -125,7 +140,6 @@ menu:
   Authorization: authorization.html
   Artifacts: artifacts.html
 
-
 # ╭───────────────────────────Less Common Implementation Guide Properties──────────────────────────╮
 # │  Uncomment the properties below to configure additional properties on the ImplementationGuide  │
 # │  resource. These properties are less commonly needed than those above.                         │
@@ -258,4 +272,5 @@ instanceOptions:
   # Determines for which types of Instances SUSHI will automatically set id
   # if InstanceOf references a profile:
   #
-  # setId: always # always | standalone-only
\ No newline at end of file
+  # setId: always # always | standalone-only
+

From 50d5ef224bd204d8c7d000b038259710fa059b87 Mon Sep 17 00:00:00 2001
From: stevenvegt <steven.vandervegt@nedap.com>
Date: Fri, 3 Oct 2025 17:32:21 +0200
Subject: [PATCH 07/17] Add GFI-004 AT request

Adds detailed description about requesting an access token using RFC7523
and VPs.
---
 input/images-source/gfi-004.plantuml          |  19 ++
 .../authentication-overview-transactions.png  | Bin 59458 -> 63182 bytes
 input/pagecontent/GFI-004.md                  | 197 ++++++++++++++++++
 input/pagecontent/authentication.md           |  91 +-------
 4 files changed, 221 insertions(+), 86 deletions(-)
 create mode 100644 input/images-source/gfi-004.plantuml

diff --git a/input/images-source/gfi-004.plantuml b/input/images-source/gfi-004.plantuml
new file mode 100644
index 0000000..66345ee
--- /dev/null
+++ b/input/images-source/gfi-004.plantuml
@@ -0,0 +1,19 @@
+@startuml GFI-004
+
+skinparam roundcorner 20
+skinparam defaultFontName Arial 
+hide footbox
+autoactivate on
+
+!pragma teoz true
+
+participant  holder as "Holder"
+participant  verifier as "Verifier"
+
+holder -> verifier: Nonce Request
+verifier --> holder: Nonce Response
+
+holder -> verifier: Access Token Request
+verifier --> holder: Access Token Response
+
+@enduml
diff --git a/input/images/authentication-overview-transactions.png b/input/images/authentication-overview-transactions.png
index 060f8fd65fc5a3046ab9a2f0dce10d4f0933a73e..f520a829c9af324d5eb7bb0c9fc0a90a2f0a0df6 100644
GIT binary patch
literal 63182
zcma&O1z1#F*FFw7B8Wi<sECAwbax9#ha$+3(%lULf}$cN4MU4`$<U3Yba%;6($Y1|
z{Py@f&-;D<?|t9v`g2|5#5w!yv)5UB?R(wp-Uh3y%H6zv|2h^H)=dR@ndewoS9!6p
zun~B;;Foa;X%6s)?ebji3086cgLUvF&P-duTtx+o8GOdWf?(grx{5gkyu`67{`L7O
z_G7Foe}2co!unu^1^N3NRq&4a`wU)~Hh;ZCqTXX&1K)_j>s>nb-z~xMbew-$Ugb@{
z^3P{%1UL^%N<&&f0laINIGdT-yI4B7-hBD<0{npQC=YeP!Xl%`ys#CX)BOg0O<29q
zcGXr<7B+FPV>dE&Fg9cNv~$E<2TRmb7<{xdb2Xy&w6nE$5%v_L{d0ye_>B3PgO>Ww
zDXunRwAw1_)Y1;lX4L%boa~&m;@7FEsYRVl&4r)KJpH>l_$Eec>FVkz%)#N|;lb{~
z!|vd0!NDaYB*ekV&B4vh2F_q}@v?U{@?^7jdGyys{<)5fnTv_Dm7}YbgFQ9ox<<wh
zZmwdqw3v?m_4n6(nt59NPfzwPe-8@`kOOmsgNvP$<6qYXO+_)k3aeXrn%P2Stn7fz
zKp*0~g508i&i}U~|I_3DYN`D{ExCAj{y$Cs*P;L0RMW-GS=zx4^yw=8KhNv$e*gEu
zzZ;5jV21v`O!1eU|NIIJEq+~;<6jR={Q4Cv`H$c^KCqHedjZ~o$Nl-+1OGk-FU&i5
zg?bE7F4JIPNn$C;NWJjH-b%SP$|{?39Fk7W4As{U#Fh=D4gC16@Qs`T4s*Bj9ht>9
zZ<?>m$52C~93`tw>F^#)VaGp^QHOtU<@jRCp8FApoGwqqP^<!VQLtWRQOkI!taeh;
zpID{QZm4-QdePgIZ*JqY=1BMk3qp;BjVFnP^M5`vylJ+@gOR8!nG*fqL;p0ugAnps
z;r*X>{~UbN+(sxln4FMLoB7|)zzSrr`?r4oX`gTx2XwEYX?o|sbuT&i_2$3d_uuVF
zq_L!2jPpN*KKXAw;K9oO)42b%e`SnEZK<lP8Tsr#Smv)Dq@wx%qunq^m2Y4}`hxSA
zxv&4X9;hvcasR&4f3r?NFwL8EAudhXr!@bq2Z+iv=D7vjC#gQ@7nwVnFx<6ox^zEj
zzH+-dk;kGIT4p|0-FD|D&I)0I$Gq1ZZ3rtOPRE+5YFLq_hHpY|q^KJ4X@%}-;Xj>+
zhG8wOm1Zz5!iXOGAVbrkWw_E#m>aA=MTFQ-ms{=h@(j50nD=7gL8#S<1G3@`rtKQf
zR_$l(s@xoWH+7X1gDn5K-N#AbVsLyC2?#2pnX_{MSehAQM?PA|)5Q;UZ*PkWmbU1*
z4$00<+mvi;>Duv~EZ+8?WNSP{*rU$YN}dHXU57lC{&}{R<`E%*s;)bk_nA`>m|HHc
z-&Z_Yj#hi$cC>lm(Re^vHDg~F#=!Fx=WjbV58`q9J-n|-8z@N;0LS!fS6zc~an3}@
zPVFXp)#dR_ovuRz-yKQX?7|NI$yaZ?SP5(1H$w=k4~LcB@|Cx#)Wp6tn7aIVO~R3-
z@LLOHIhFNq7lNt0*>fq|OdF2)@Ykr8@}!>!VJ^;#BXK?yF`J!ae;=W1o@h2p^Wj0@
zXCdBN8A!luocjse6%z*b=ZEXx4}{i|mm2qDOO~&-UHfO^nb0(!da+I_+`+*QFbYj0
z;w4E=#`txDC=O$)r}4M87yVW9-Zmb?3XCcSG(Wf?)=z#?ES$a<Ia`jFwki+b=AW_E
zh>m)8<1b&8^aVC3R?~kT)y2s9<Mf`C%l>8>F}UDOdO|e(_0NE7wGAipbs2Pz`62nz
zKhxjda=zFqQ~N;}2OG;HcmCUygxDPe<yY`tL`XI*SwQ+W#^{9t!B9UdN!p+af%AN)
zGB#&t7nOYV6@rkOO7WQQg25hTsTu#}Pyx0$p=o6`j^sF+)Pn=y9?Gus$vwpQ)1mxN
zlC)EqNvw}nt73tzB9Nyt&DjH%nd!RrHD)q-Q8)gvN(vaoj?DWD!d%<{1I&{g%N20O
z2G2R2Gobah#O!wC#f~Zk)|@~3GN^SC#HhP$0cP>~{I+*oCyhST%(>6ll?O-P|L1b}
zU_AKORjJjja2hZ+X3>u|y#*qRq(}g{;p-tb_zzn9@j~cMloGp<z=6A{o>cmCNV(6_
zdkXtst0^7^0xqk{C*xI(70=He@%%kV2Etd!*>^hGp>8yTJ(xkVSEvesS^1Rkn_>Kf
zfsdU>JLyZ_FTHn&aiW!9rMQhdy)^L3YE^WJvWcvh#>Ay&I+9mN(XI-)`6T)DUzke-
z7ro^Mhe(tpM|v%K69U{;+s3KyIo!v-i1k{}ioZ27kfi0;P4Jh$-xUC(S}MjK{vhc9
z`4kR@<+Jq30pkWHkJ9I&B#uiXYGldvN5%HqNKAUJ;e!h|5NX?%w$DbZiLdWeFWss_
zd}28!^9+1lrNedtW@FHU0pOylY4ACh0kJjIi9dRxPXdj!4;NZ}EK(DI@V`8okTzI@
z*{}=D*p}VA^HLKhq+#RL@sx!J0qZwO`%2W=fPZZh`f~R>8u)039$Mv4J<I*eiXG~F
zqKRQFUD#)$Za!A8lM#K|DKWe2cT)GeHEjNhga5@$%DB|#vY`>_(=^(hn+~4R!<}Kz
zUYE!}(A>)uKWHJ~pqomxNcF-gS;l3QrUz3dS1|Yn&Z9@_rXXGk!8fRBFav)}^lhD6
z*RCQKGdr$@gbo5D|G=|tI2zxH(NN91EO%jhTM9w}Zm~^Kg;s*KA-^dJE~6A{Wj$)+
zWs`G3AzX3F@+mR;aDC*hW!8}qz28a=74qjb`wx`vc$-~hduil`lxZ*XQY`aA#f~Q*
zeMiopG){;if46p3sL~nilnsdQe0&scS?55WhC0ldbLymAi_>#fsEd7Y)cCmeb^l%`
z)ovvSTZH3xRg(Do?8^H16<*7#j-u_W7vEElDmrQ!zL;n2cYVOTJK%TBb26%-7DN@Z
z;(xXh?*R=&UM1K2NjL4`oQ7OxoD*3%>sP<EGM9W;-}h+Dz02tb<gUc+dyj{tUdceN
zhoxPXtPB1L3JF*^6n5p$di?#%`-L|P@qe&E-(f*Q-<%ho7oR((%ym#WJm}7YZ!BGX
zlR-K`z(CW#UA552rmECK0JA&k^eWxRFL+;%T4t26>UqC%w3_5#UuQTj%V^%Jyo<Wn
zy=`_BXr5si0SuCg^!Vg@$80m^_}h*Lb8GI5Le>83U7rPlqm`iExbu^$#-k$sU5tb1
zQlWl-cuUn&m8LKp<zF}cY<nqA*WQYtfB@Ypm((Pvd_EhpsNm`2-h$6ace1ZqZ|1n!
zV~BD#_eOm{#8vU95(kkR^IZBLW>VRCvGnkx=Mmf^B`cb89P{rvb5gynf7a}GvwYw*
z7_<!u30Wit6HPC*4L9H!(PM5u_ss4a>zE+>ruh{FdH=Q1PoI-HkK1HK88lb{k;Lk0
zV-jT>t!{4qsDrc|BoDY<e}BvNIp32xX(aJOV+&)cScpn6W%mS_EhH8dZaXz=mHmQC
zq2ri`UU^}r?`q87d)Ps58UDq#bvcIgWe#^}ZHnni-%etB&1P}kbkXv!oKIDSMFkC1
z&Od01UK;xHdF{kc;rU7$XCIBk8+bE$6_b$gN}$gMsvdg($|$CC7)p9qaq3OPdot@X
zKu1MfO;_wtvl7?Upzl6KA8g1NZ|LW>uS{E1wQsWx9E?pOR(y8iHaVDB3sIb)jaqfd
z{&^oOw}i)>+e?HYqhDAxA+A)}&7MIH;53v>L{DDPK|Wz(qug^+I?OWg$`J>k3x~U>
z*+n?G5s7y}XyeAu9oV39JX)+3#wTFTL`?}OsX*;-_P7!ID^GsBssc5R-G&#|u&R)F
z4F_h6?Yh25hVL_P>~~KELx)a7PFXYtw>qkO;b%;(lp(2|qLjbe$qj84PJ5i+#z;NU
zDe>y+mY#304_vj%Ng+G0KmSP|uQ$xaOme=gW^A{mJQ(wBGNjDU@Wmjql?wHF*)1o<
z-CC);@I7gcVVbCy`K7j23`Y~v*%^I2<DiBR-mO1~x{$bBS8KgwtDK~*iT4OhPn5G1
z9JnWO`@^GB$ycL)k654O>ov^UqK3o&W|v3sI~Xb#ajp-#!XL#Kb`0-fS3)huCq%mY
z&9%p|MvVgqahU0NnZ@DDB-*swc%cJF#u%1;8h$oGuJ8Knw~gLqt!L4r2vK;&D$M46
zIXToclC!~ewKp-*O3$T_&j=r@oiT)YWhKERJdu|8tm5E_w;YwP>*kOgm7VXljiFNZ
zNcR(#R9qhrZm%`P<=lS#^U9*mi1P|q>dQW_Ub!tg7{|!<{JfNY1}spM-SCbkFhc`Z
z;?GDupm9uT3|OmN8VKTTI^5ta1o1VM&e+G%D@fts?>K6&R}2^F+%d~zK-CVZ6T`!H
z)aCskn#MkX1ySvKg<oaIbkFo~Mp;VgiNA0>=l5dOY1+?$KY0E7d(i^wxN1@F$O93~
z$k5KzBD%Mw79)r6YW;Sc%ycnFII4$5I>-Hs|5o{O;I!rghd9SZH0t65JXd8S^O$b+
zJhw>SXS;%i!^>Y7A7*{~lhWB|KI2r4^Zh#1`DT?DWo-KTM5S^<dt7RF=y_nQ?4{n$
zdQO@u(xMbjWrx`Rb(zV1?j|SwKo&)9NtVG|O|{AKwo~Q?n8LaE%SVQgzGoA7>r!A&
z|B9BJCukV3#K*<P3w<M*a^YYbKwtVC5seS=la6F^r5AT!GBR?gUC(~SW#+e(iGSOD
z0HRh`nK{0HP{&)fV$^hbtTZg(?;g`ktovQ*+bB=4d>qGtO=o7fFmoG+4O<;K)#a_a
z#hSU0iNVkyGM|T3CVLt!ib&R!w1(qpmamUk$|loND0rYZ6+f0<tY>Dgc4&PfexvNE
zcu^txOS{bsAI6`h?4)$6l#^jY629M^EqeI82`p~r@(vYaT1ql5Sr&2rvWdD=V<?dd
z*>;vau96#CsOl7X+pvi&-ksH#I7#@^-67eIn~6n3mMDbDgQgV;-z_>zW(l&1FoF4m
zTUw{n)0$IcFxagUq&u;pO8OlEq0-X*_K{yjuZZinYvvA;NP>LMpGmsyoi0UuP}AdB
zoe0N+J^eCkQd``u5;h6qpb_zp%_clp>sJ*$4B}Cw`+V|*gUjm6dn^bpo%$N8z-{G)
zICLzrtYV#R=W9;KF|8%DIDQmdS>rz3V5EYzZ8@|cd_ObnBb}tB^g|zpq2^@P{VkN#
zHOf(Mfb(^ACe$>{w;LBUN9wN;DA#ciDFnu3Uv%dWw$aYLym$0$-nM~1_+c%-(;$M2
zMqxlXA!;R4hE~Ncmf9E*i_iM0^&Q-<YL35DJLal&{ZO!qgVt<H!jw6$;srnpH|kTp
zRuf-2S$T!#;CA9<Kn%`eA2X`18ak0Wc?D)8qB#qYJyAp5=@;hPGex!y<0beoty|Ey
z-BHh1He+kL9mrbpSt<@D4E@DEnlQ`;M{nfn-ect$SG`jb6hD?DC{GtX$Qn6~O!GaS
z+P|NS5A$Z=GVppfGdwh%%$jka$0&8MCV}>fDlWWt;ikpzH1b|3MST5cM`166=vo#>
zk9APwkwe_Yjz<$kYR`tw&W)z=B4p=ox!|nZgnoR?!uXILSkqg@g7-Tn_w(FiE0Q6B
z=E@cIE(IU<pHrKISjCFtbxAH&#=75zfrGDpK=uuONvnqc0<nvRIM)Up`^p4e-#Jpk
zr!vu<oC=>RNYAtWRX(4dm0{ItWl<NVRLyH)Y~oERCI%4RL9}Skr)T}Fys@g&#M>aK
z$RlmS#9jFHg~doG_pP7AW?$V*JyoC!O~JSGX24daz=wL``<6zN=7@!~XR(?SOZGX8
zA36tTd9w#7s0Nmdl|a9ASS7t-l#ta+P4@y>N2Tl|qW*oBy)iwlsl&pFbH0AXC4iK^
z{c0_JxeA-M^HQlIWfOTdV9OMsYR2gg3>`m*$^2&ab3?#_#x5F<XWtJ|84GC}nS|Cw
z4<@dGFjD#%Rw)_N%vf4JB4^hPo`P1RYNx7iUT(ToT+{R<V~<r0ewN)0yDJ&0WGU0L
zo%_sty8V8R-!6_bWnQO{@e%QsS(}`m6yADI#lr>iJTsC%E^ju0wTA)dcZmb)$<IGW
z(cB02hTynuH|=>R?(NK#4l-@#PR7z$Dkdn3ka(B#XX>%4Tk#~7m$k2HzJxbN@ksF~
zA%mBq-Lh)F1ZD>dLF1fZl_l%H&J%(PSaD7E<Xa+#=e*WZNSx@^1~EDITSI((C%rfi
z=ntrFY{Ff&8r5C(B2Hr26@TqO^J!u=s|5Kx70X_;-~cDzJ4FlHgP~JU;Reo$>EJo-
zk3}0J-3gkwSvE+O!E(<&@4<a@xdM$K9vdkVUb97*`>G+1Ug{>DCG0UwbC+1X=mxY?
z8(Afu?m6lp>|4I%xy5Qg!aL?su`GR_nKH6+r>P~`by&fPx9hCjYNW-*1iqe~^nO!?
ze~NC8B+b&-u;*=?_0i3`@oY&3+Jar!$C5RGxHTW#tV^yMdc51RkzIf1<2@Y0$03pi
zXxTy55YatM3VoORk1?Yk2?KBa2-%qS7nrupT&D7}LlXHH_6m0xYu^jZE~Fpnhdc@<
zaju$mR*HIw{{TwWQ?_kj8<-7c?XZ#;<wjrP!78nkZKdvarisVPzwTzrfoyh_^Chf2
zB3mg$mVPuwBp^Llno@gU8tdz`tP{gt@FNY<mqZo_)h!7F>5;Y>LH49+|BbvHhN`me
zakWcWIuk)7>jZ&IQefJc797#f{1yq-ho$G8k2FxaPtvf!v}`Y}o)qK5pmsgkE1hni
z@0B)9DGZKALE;7`5zqH>Z}HLVOSn&VBAz9%O1TX3@%kSmEzq5nzFzm-?_&J$W&Iky
z{){ku(fm*@>B)Kxe?}CEjsDDZQRIYU{*mvI9#wEWbD2!P$WHa6gAakHa@T^FSHBJN
z60bZg0>L;46O6g>{;YA_xg?Aj=7$(>xnWRAKI$<zL_?Hof*#|wVtF|~1bMQ!#b9Y|
zryQd6C7?!hPwvT+Y3N-NUK5+=_^!l4!oJHd`yqX-MkeY~Bi(sN=ljVrgh~81i>7_q
ze6l8`kJSb-@rR@_rQ80*Ou^Dg>2;qo|6IdI!R+5&f#zEGWv}-6ZA?H^?5@YSH*i;l
z#r4t(QW~C5Pg}4G_C$<<AX+J1Jucqo40~^H1hTt@s~ilLe&~yZG-A`cfvX^`Nd0P+
zWT2w(xHe-2hc&_s4`%&g+<qx@d^ol&i%6Jj79{acP^MhWj5OM3nlnAl3^Ltntm@`x
zV-1E#1i8W)mCsgbTT**;h3Qj7aC88^_6&s}EiG7|o~lxpplL0`>lNh*F`2zTCLmt6
zD?SG9b_cRC>94Y-F~uvZi!RTR;MW&42q{iVXOimBzNtINYxAVtA5dAO`R*(xzzN@x
zugGdFji^#kbaksxLH!ed)1Zm1Y^_UM6g+v&y#iN37MFHf5f(da)j2`@h0Q*RnNp&v
z?^!;z<*`Q79Hh@6F-g;q(MAhOR3L6=_5MrXDkkw!zqX!5QTR|*;_~ooc=?L}y{SNR
z(IU}#nV$U^@eZ<2z!>X?!xNQEpYh|?*NE?o^~b6S&D@bcfuDC}e0X>tnIyYL1rp~t
znXzhgyOn%$rJw1@(9!JlU9dFRoUV2FopO;p0t6j@Ks_oX9qN9QPy*vDG(<mqGHx^7
z`w{?FaccEWRDu7hX0hs%5Y7&bWEH}YAVw088(yNZZj*uL_5CU1Sju&sRQ{r+`|vRF
z?mN5{?%Ahi_^)6FMHa-@E5OaYfd5dg3t_K)Or&HiMX$seB4E=E%Pyg8q%ViH8`}ow
zs6-F<%hWUD!7fJ~1f<Gdu9j-s+Rb?;(id#J*fwM@@N+fvJLDozv3YB38<>SmEMr>F
z7jTI?frIrYJUdv|AV)3DUO`Q$<5C~hNn_bT_GM$OR3oj_d2+gDF9Nb*Xk{TWYU$xB
zG$SLgH3GF?@IAR{HF-Z}^_tX(e2h=|Ihz2f@dqqOH}&TUe<I$Vbk*cP2!<MiU}zM+
zfaLeROuGH0fWe8nhPFtJr>}&HKwL;ptc{0}%WVmyBi!qQXM12aKCTr3%aV?1cg=7l
zbuK3{k;$GKSp<K@OXDCRl4$SJ!ScLCSTUtYPXWFr|Iy16lcD7<#<Uw}Bfd$Eg<(%!
zi}Dusgrjw;2F4Mi2io#I#tc%*X7Pqa{`Ym$te6YM%JhHIXTuzeoZH9EO0%|eul5zf
zgWXDwW>f~ZVr$&f$gh=>O3b)g0cOgm(_t<?-RwjpRtj}k>P{SDqr=_YQcw@uu|qBK
zJ(Z)ewC=)ZDG4WD8#U-<N`o_~mYfLRlHxIVXbi{?8!NjPLPys&Pd4P>q5KvUWK3x0
z0wLY^QnM;Q!u%f()|Qoqc;u;-Sba*r7tOpodoJ(AM92d?iR>>=BJ)E0VLDB5yf_YN
z80B06>L$b=EkaMjT+S^d$R^>RyQ~#fs@4<tO*BN^3^zv;sg}N)u!2XYweNtFe#XIU
zsn`}OdlwqtJ<LjW)dAeo*SjE+n^)x4cMU)LQk=Xp_KtauXHj9Gygx1Yajlj({eE|s
z^Kgrj>nuoCbf=G|kyAXuJRM(1$~+lephp<yL<*0W-I$0Ve(&5r-+_x~^SRPXqmXK&
zqKv6Lfaox;N42UY?)1z@&1Jaw_o{I0_k@n^<<HW$6gCW7;O-m|OIkXmcP+N_l?ha0
zr3158Cc>@b3rZTjhX-5@HEL8QAACs9tM8~EGdOw_w4&g}+XFp|9eHXv&UmQjJJRN>
zZ<F67)NqA9W}{KuJ8ivzxM^+FVJVCD4w=*lUYt+4H`D(gKUBSZ8TaxyqA|N~wFZ-7
zoXIWlvv~nd?d@kPJ=d6O$M09k=}yeBEmd)niiDV&Ds@X&mWu0kxJ$Z*Sbq+Wlv8;v
zN6Op?9f>!~Zfl&J;x)z(vLe^@h1M*~1sbz{p3Y{9o2b@<-wBx@FGtFkE0!GOS?wRs
zh7(7;NcFTvPg$f<!l#219~uC9&(1i!J*Pr-iE>6-1{INw&_VT;K<>}z>$tsaOO!0E
z?rqnI+BSI2yU0)Wxi+>a{+yI0Rt`rm4q#@)H^H#zaD+?0&{{eDP~MFWA$!K_o*3FX
z&%eE)iy^7p;Pqa6WwpvyC|i18D<H)w5KPZ4%)=h{463RIHcYGN8Hh|o+y+U#4xTkx
z$sRWe8G8fQ^PKXn#&&;@bxs#Ok;9+tm_VqDG%iOeakusmi|zDW&-@Kl(yIU6LLg;X
z>A93SFSS1RGnP8goZ&cQp}h94cbg0zHeL*7b?DE2;HmZ(C6+4~FlC;^w)}a*y`AOL
zmK60{tV@9_pPE*3)`dB6Ypd#4*!l_Lc2pd^H7e!&Cw3XO%=?q?g@>?JCM1Coik$cP
z{FH^B{K||FZjvq^IjdW^v|lUAPae}SIIUlsH}3H=>T5Xbb8ttacG0O6yFDCDTgXGF
zHQDDUsVDV}%Zw}>%uVE2bAS(6(b9906#y8V5lW;ah6bgF1jnt8-jKZhka+u!(0c(*
zEo`N2#0sz1NhHJszHU!YyY{eE>E)Jy2Pd{|XF4(0&EI>z9b1ESnm4iY{Th|4Uv0H6
zroM79e<FU;A<*b_J;~lI0Wr1kyCv&jBzaEyw%9V6;cKU=UhbZ1Kq+$eY^v{gWz24u
zc0TMUfbINly}f&X4MPDVbuu#M3Mli!TsH^wAF=FZY&`W<Im#3tE$Y+dug@w!kaz)U
z0%NOBG6@&j8j8t0&k#Jd+Q^{7P<$Q-fK|BTU+Xkw7GHCdf3n$2N!8<M?4`x|;_6Sx
zmVWoCmt$NTR=_h1>aHN=<&zwI_54avA$D6Xi*d~Q<qC&C{uS4oU&(bWGdMpE$GeTE
zKQY`muV1|B@aueKmJQvZgVw&WKOkGhi|dt*U6&R(N*077>c0POGo-&npA=UZ@!0RY
zvqjggJSc*r5V_Z&y2ka$glb{)PVuLcqk(u_o7FZAJ*O4S`WPS2%>^+3TjF%|Eyd5j
z|IiAD08R)yxXIs^D)V7GUtyo!C@7hq(+J3UjV62ZjvVhr3_!R=Md|A~<$_J`BM(M!
zk_|)azKrqA+Me;HB^!#0YYTrhIUZ3=PTOB;M6PgD;d}Y{lCS0b7L;&nIioxs{(fEm
zVqLqxWJP1jklg=r(@;c0Kd*?DnC<dTRHcvKr_UFw0!{b)F717Oa?n{?tDj5_`0-!<
zpmb^@vagzRPjZ&ne4mE1jP#aX93pT0eRXZ(xif`Bed)zsgn#l%!;;wL^Q{SYMZYsc
zvsle!Kdv3R`3o!dezhfnre8feGN?<}%J8PU1p~QaXI9SNy`{CVl-O&&9@ubSwIMN6
z_BtL(p5A{Pg6FedF80&-F(j0&iSzbV#z;)v=U3CCb`@jHLV%Y5ED$czwDsg0?wt2#
z(Fa18vdqtX*@ne5ch!@9c4}fTsjO!!=%hv*^6$V)7yK@cQYah!FP_Rt;)SM2+M|!q
zcPECYzRc>ZeckB~k!LH4T+-FuAM)nV*;NP`>O85CblWQbR+nl~bd}^{)7^fP#%ghs
zxz>|hmE&RM;ZUvYYWdFRajH*3Rw?X7hNKH4HRBwLA`+8H2oB2r;)={%p|OY^o0Lq0
zS-{7~C#I57pN#ls%Vf!}jBH+I(w|e}cvIXwt<PtW)4N}sIergb(QFU6)#m3R`AJk2
zvU*;SP?vueMC@}1sA(`cCcSx6lwq~Y5q8DtEy-ZELC1^EeAI0|Plam{-*qi<wH7XS
zJao?wmqOhnjPS1jDk}buvjk<6`_6`o>`dYjs5Fh_Tp-Aser=wkS@F$+$<-o{33jj9
zj2#R}NSy8w7}u5f9ThAhHx1FX7obEc_&F$hJa~^_qRyjXQ-6mi?M(S&m7;&|laXEJ
zyW@U}YuhsmDEDs$W4=(OZiMS%5c#cn)2UxUA|B1y*B~LXbB8!q-yCl|L{b$oEepsx
z!UHvR=8{?8uc+;~q+KK*gnX`>v@X-t7CT5Htp;g;fM;}2R!hF0<_8#xP3gtuhRA^E
z0Yt)&vFjByk1yUdGXFdkJl(f$S>rb~{0<39i>T=QtwnS=6bBAj>a%BA(kAp=R6c6#
zS<cZYwT84BSvNj3&bUVyd(3!3o<IDY!5Bbub)3TmDSYCGAVK8AE*i^o)9SM-nlVzw
zt~`Z#kKRw!2^pWAnLp+~0UkZeF7y;)npM+r--gbkKKEX~PwC|Hg~0btd<a80@FU8S
zc^!idSytZ5`|sJd*`aMmh${Klt^1kC&57p=+`0zeY^*x_SQ&f7pvzrp<b}i>;9SjP
zINR>04m2o#RUl!p3aF6egrMxxuPKIj5@$iK@%rux5~{@&JQ+^Mw1&=xjOH0k1(ODP
z5@axV%L_{D3Hhe?W>K@4%qC{3{-9rJ$L6Kt*~>W_azz)ox~AWeZIWGO=?vS<+4GY=
z;*p2v*s@U_OgYKMRl0sfL(6_c-pV*G!z9>aA>v?VdbN)?=+9Wv56Zlla%pJV8>rRv
zNp5(9wyjR}Ui`ZUplH#6;pHkW2dbmf*9ERyr?^jBNsaOd5}$$;!=ZxrNYK6ER3DVL
zT3oT4G%Oy-3Q8OfO1GA2TXL(-Zxm%&{g}7r_^7&BRArDLUR)j`*tBCp%WxKyRfj9I
z6v{)~G!NrA-KMkjE@+A~)Zii7qx)!OU0!{zFEuk<gWT_tzK5{d^z-dhH=nBm1h4MA
z4u8xu+G$mh?a_U$6gK><YgDftxhr%7GZz#}W7+H4CNZQa(a#qSuv^7>6S9zU`@n2N
z5^m0CX9k{&L6y!~90;pRr-yR%mgiw%QRmUW6Wn2n9Q-gG`~K|k3q!7LE$3u@JDun5
z`0dWuC|w6*1f#G}Z4gbBSgsH0R&?DG(;@}P7<p{qLHyX~yWfI|ss0#`H=y~Z!0cz_
zZPSG;cUD?k*aE}1FQJ6F6adrC2uiuErFhu;(7?vNNGc$M*&g`p*`)7QFNHJN{cva_
z8IJKJ7YSA-WA}}bgjGB=eqgXhe2rA=i4l<#2c@{uV2n07nwX5|xel=*CL^WGFXZFh
zPQ|ZS-)Cwv&q(ki)4h=|t}GMX<Z2Lu7M%dZ%;_!B-_7-w!s1l1>3J2LVPgPj3e!tq
zYW(|px6K-CP?xw88b~F}$~BJ#Uk^|FO(S;%O^<p|aM24Q-kfx{?e}9Zt?&tfXQ<x?
zQOL?N_%6tEu^`r})To8gMztjq0izM**aM>Ww~}mt5?^?V51Za<d-FqQNQS2A{VT%t
z!`@wC%KJ|^{79P-Y|NJ3+#@YNm{m1khTiL0afSt)HB=!_Q*_oqiI4=jIT_JI%xm^N
zzg}T$<b}CV=_h~6=!!2wBpgdui?&k{Loc>BOPa)Eb`c>Qs@*vjaQOyMgJ^NJY?Aib
zR~}DthFkNgVroqZ_Uwz}yLVD&(MwclOK6v<J25Z)UENu~xuM=~vi5*|G4KoP38%vU
zSjr<+^($M_+=wMWphq9HRq&#N*nFyqRoiCSHt<@BU9OqVOrB29&P-}IfAI9O4I#4l
zjwDJB4~G9~SS{3l9X}Ey$8ZG^CF2qOlRu?TOT2(nwEBg3pRhT8(rO7!?qddswJgAb
z{ECAylctgn0d}tZG`=$i7eAn=e|OPvs)-d+m7AVtwR8OuK~MQX(h1#OR?hdF%jw$i
zy*oe4)9fdpf!Wy$EDk#UT-&|Vt{2-?Y7Y}VF@%u)WNDdb4=q1gKl00xLXF)<<9Njj
zgF6hVt3{`Dr}_QxY{SlVH)7t3r>0fj2Naj@td5BvjHFE>h9D{-1tU%cMU|h*VzqP0
zNdHv%J};;uDj<eR7r~6FcrE$*9`N~!HE0h_TcRdq_p}zuOrJt+KyENpA=bzKNYkFV
z?H0hfQg2YYxS9x%;)2XSoA5{3aQQBj(!^+FM<9q~<(*^-Ad)biv4_hEcaE-j#oF6O
zx)5R*#4{)h>BH2@g3;w;sfbT(*Ua1|`leiMRU&pfLB)c&2@&Suy5rGvD=vn(?8P|X
zHIX?fh1?@f2~<nDH!YV{#m|=C#g2ch2W;WAj5@)@_N2mK%vf%g$AH+0a&XHeEbSD`
zcX9@liIj$su<!6lbr~x!X-QlAX(qDA4wPePnv!hc3Q_K_5gy9Q-H$eVHPpoT^m?4j
zqsy31;HX|__&9HX?n*pbyI1orV6mK6X3O}sRkzxJ&MHQs`JAH@Ju`dbmSg(OL0ro#
z<pJ=SH}6!GGJAJD5uj$#O#{dP3VKV$+-O1z^{r~)t(D<|h>znyPLe!|nG`<|%(Rx>
z(|t%K>hAN&1JRzEKK>cjwyZw8PlC|b8zvgHWe}D2M>YyjNf>?JN@qA=!^VJqNwL!Q
zQR*S=%f96vpp?E(joX!52rJ%*!Fy?%GNc-~x)dRi`ZXskY*-bM$FBn)0O~2&=>Rcr
zS=)?j@}65<`n~v}elt>*s@7W~?+%w#{1K-yh6Imjo_m#Vf<jUcVk|XBAm;f+JhgRT
z4zeriFfS(+{<Dinibv|%dGOfFfBF5mztH||QM)(%k`x#lJRQL`F6htjFD0P?F+&*J
z=cT)1?z6ybYWdtD?*L*PlhO`Jg>vqR5JQ4AdduRPRhX0@H?|rg@@(RTwMxUzp#p(Q
zoPfx5@#rVHv+Y#`AEDiSPjI&-OL?!Y^Gma%ZLU|wX62?Q(l;ii=glpQ^j9aO=dI~9
z9RRhM?UZ-MYUe%~!O;4t>m2ZemArPh!y!3~t9EsaESd*~ap_E({jR!$<vv0MHu&{W
zb}~K9N<-9syn^3SUoopKtBj7%AWv{crO@Z@g1NOi==ILM<q9dKBolu~;pGuIOdViP
zLHt4gPKC7cKiacb!}x9EamOjs>yK#;aGOMGlh5$Uk%07K_ynMrU2^)piBy?1pWTKk
zx6x;E6-Br2UX&h)HsMb550yF!Pfx!E%&B+TSraHX7?+5pbtWxYx}@0KcT##N4_Dlb
z1Ql%v6TWtL+B-Sjo?*nCecg6T*|Y1gxXSSEDpn%;;`^;^RkPg3+$;6b=}Zy)MS6kX
zphc>|KMe(pGpbmn$~2~HIYM5rxYQr#21QC1uH{SAcxq55RoeTx@v>jX)Qf~fpV#kk
zByLcwS12tBx`wAGGCZHJ81w%(@Cm{`OtQIAu8z`#W+WlOzit)exXQOME8AnKgEv=h
z;f*^$;{r<EW(uKYIv}XIa1QFk^SJMoo0ITXM3<i}0O6F$?xLPiucBH~ovRDHKKgFX
zsW^}f1+6bbQD*IyWO;k{L#?C^cItLj_Zg&Ew_`Z6_?V?Mv=SA0Y?i2IIOSJ%R+X!H
zGB}QX09nDfB6fK=vLt7>md~Rr@nVGvP$%p2<M!;ezrIu=*IVMQ4VJ{O7B<qE=cM4z
z>NtPbV}+rRYZ6s6`Vn|A{k<DU8DnVmNA%nP1kquVi|@*`e}q=*(l}n@iO?t6Mn5km
z<Q?BNFB1X$6GqINqmo1hp~2UHX;FxfRGO+V0Y^TYh_U@1r<n;oSFnxIHjRA+qSVZE
zJn^G6zjLd(>#9b!cCz>{WM?r&(ytkuaIA{FCOB)XY$h~VaWq-T#hlnqXE5fs)mdz{
znX1{RB3iRNtKu2<wYRE56Hg_(BgP$+b+31GYYeo(lQtPFKSht9m2=zZR6$F0lBaKq
zHH5DTLR3~PiYmshdujTLgNYE=K7P`8((v`hNRFD?PA3If9%aJF9cLC7)@9(|9V#1-
zQpES}xI<Jjbx=bah5r%A1ikV7kR37iPT9o7XbT1yUQQv%{<%XYL<OJ2JnONPB}NAU
z5U5{Q?dL$ZA2c7{O>eiC;5<$SrqE-Jn!3~;jQMEgHT3LB6r^_YI%h+YYn6Ew(4jD_
zvxv1b^~fr<?qmrxabfqc%F@4?j&T9*Suj_jLKqf7maQzsGym)9NGnDk7RSo7Bx+ss
z!ya(wd5+UV^WA1{S*P?5JB~6qlxH%0^#Zf`Z9Z+j@Ct>tA-;BJ-%K}trf>IT<(soT
zP>b%zRae)qGHzCb3C3VV$V+l3D@|KJCY2B$pjv50Ni?PKbK1WaE?mMN@P1ZW)BE=u
z{lg$~c*+lfYwPMtjmYo^OO%Ebk=_iaq>pRYded+kdvyuOBBJqR$<}}-kU~aKKPRVF
zV*ke@JLBk}$k-LqmwH4Nb%Ql6lZP%LJ>kR%xO*-?i=0ZS0OL?^HixdK)2R0+*e!<v
zI=?PTf8<`qEb&C|lo&KAd+sTP-5q3)H|I8MgZ5Wm8>o-D+zOKexo3MCqh<F1$kM1F
z_8}tTis^A~`Q!1Tn}uah=9jXrVpbK$0nf*cwEg^YQKZ%!sy#SggXBs%1B58!3t7t`
z?$CxtfTV*@JV!FCk<hihs4D=&v<#~ivMZ{6#4OwyB!Gs%h;lF*CCMvzlP5Xh4S0#~
zJ6dM=<iHGZ#;oE~FYfH-J=+2DUk|@dhqa(O^__My-CnQA{>z!B%b7d3z`TDYK{_G!
zyZK5#L9%@peY`7>={3g)E>ZY(m-&EboU)MoV;woS>sNIU_tCy`$~>fjRQ%-wKgF7Z
zq_b*^G++K@sj~ziO}O4k6JaoUGxW~Hb0xMF@zd|OYccdwTL$k=6WUK;;q^fckn+^$
zcwQVKLHS*<Dd73z84S5Ke~@}2=#cnpem|~i`RN(RWv9JZ+J7#nb?$DUfz}p(Ym}c%
z$C9S1<vPpqxX}cj((7OG*Bm`&oj&Lq2h-2)_i*g40-;QC-dUJ`@<N|zd61?SG;582
zh{>5F0awerxN^v0X8VrB30eZ%WTtuI82zF79)uwV>(b*1OSmnjj{By063_GP%{4aO
z6mssAH0ZtX2J`p33kJc9R5)XQU;&e*R*v_NuE%&7%7<3MP3el1iz^@O<O!9&sysf>
zl*D3PR=qSn1w{o6tRm4i3FA8_;|`--XnGp>2*MEYr_`BTFHGMlM$9QSqSoW?2Mr*c
zR!d|zotrXw9=6Y}v<#?~wlg>36hmqL7)pXZ=Om0yWp*@}5@as#!0i%xzr(QX7@4fx
zo81LeHPLk-p#4+AC{R~g&Uk^tVA&BY3Y3lgCDQj65cP665~#h1Iff+LVY2H$%O&T$
z7h;I~Qo_Wo06`0P`DEl=y6A_#i7WfPd5k;Y*IH04;eN_zlCtoc<@B=GLL8&Gt1%8X
zJstM>g*+Izt#<gRCu#mL`-Y*0!}^DJBD?h?zRQoOocvS}c@L{K6acVR)FMd4D1os8
zU?jQwCnXCftyW!Stc)fP*h;lr6DtY@^WD{Y%+FLlwF+t}<xDv{-dD2;t}CjXW@b%%
zS@AkPl8P<QV>wdpeeR|Cm_4AjZ>;$Z+&amTxa=w_A6DFnPD7gBQ&4-6j8QkZe94dQ
zJ(m7ivzF@OXOdo-j?vepj3e5P)P4eS(5=lvog3a$r+qnFQ6@5yfvX^_-`%miO!LzR
zmR;~ndf4xvzIr@q67gmcU}#5Bv$B+<(~&rpraD*m^aGS~t;6dj3d+k>F`&Mrn1$IC
z->bg_M1$+DXQ#-1;JY=T^r{e9iP4xfPqJI({q<c17i5^Gqa-zdg(+_$j15-UBC1gy
zVj$T6kz|UN1f^bt8O;F(g&cX_XEFy&YxsDUI+gCH!ngXLfdsWrGr4NURVX{r8yJ}|
zVM0YyH=t@8i_ab$W-QoFHO%a$(dJyL&7)B#9}djopdEb)T&>%+o5dJr_Vx)3*?BIX
zBSuHan=~u@SOhEw+&DT{<Xf^E(^t-k_zw(z(HNr+m9eDCEKDK40I^+l+Y$m`5XQ4^
z$ftKNG{p&&b(DXxHZg{BcI<3B_}A5K!FvK%3|=>-9f0(mQ(K04tEg&zLmar*35m)g
zCx*`bBiF~|ON38(=qEsa#yKM|K=-ptXKePC$kxwrv19GJ2UE{Ft^$@QR0Q$y(QH-I
z<@WOtAOUzkagG;g&Sh|laUJ#R*uja!e0@icY*!lw+3dp`h$IKM!pIvh9!a9NBPcR3
z_X$>nw}gKg*JeB{Za?am8z8Z&F``lYKoFP4*~$l>bh$||W|Hw%D35?m4J2@oLL}7!
zusz=gJl7721{y)awrQ{-;{63sROab|^2Q7@#`oD(DGfIipmN^}V+e>IcITC)D)GQ{
z=vhAPTM%vM@DpOq_4*Co_0^MmKj2tv$B&`0L;(q?$NkS%)L#te%Jhbq*3baE%sp`F
zjg)!j+I@!6#&POffYOI@%W4V|WV((z+0ti~$8qHE*V^&!4yay%8<+kh0I}%L<T1c|
zadt7WA4hN5VHT5XRaOTOR2sE2kaN4>r#cghv7t_D`hAFaE3mheI2xAck1MNc3_4=s
zR>xi%ZjbBO6gi#&^<mc~kmQ!iX@mm}yAxa-+!5L<XVXZ?Y3Q_mru_0tpn0T|pH|}%
zmoFnhU!mi=Pf5cuY@`;2(P}U9owD7!^iTJG&>7>`Bh4Xa(@NPnfWpS8;z2Q8vY9}e
z4UIE^^fW5VQWLN+sykbR?m_^P*`;?wObl+_{|?l!@ux>Nma2Of2WjZ~qtXap*1b$&
zA0YRg*&nggF<`YlzzD_}QONr+y8)zRRt4aTs<iao#(s9H@mOOvkg!$IG@;b1*RD0$
z8M*F(YDy)NV*zMa8Bh0&t$Wb5bHad<%04}!AgDk-IVg(oJIrK5D>?R*j72YZay%7p
zmk_`OUPBp51(dsgyyo&BuTdtCA9HvxI;=g2yf}Ki)L8_8zd$H@tA_GYXS)a!NbLL?
z)bDm=ugWdG2)oAD!I$HdXV?R0Q#m`aQK|%z_k_5PJlT{mGg3dWd86k0IMgCVT{U(>
zHxCzm?V;zZA4_DqwvqSd2^tsAFof<ga=;(u(&JD)GVD3oUEq?n2k2P-J)d70AKw2i
zrQ+JN8DsQw9qtiaz?paMVPk8Gv~PJX%G+_WxzFgeZ(|8N;p{gAqA%TbG*6ozS`COk
zspMOjnh@m|J9Sm{K{mu6RFPZF>J05GS104R;M`#S1bXv2Hf2%{)~1yGRbjE8;(tx@
zv^R|}w%U{3wis+-=*6}CDXv>egFrVdRyST`=-QBlomZn8n2no<ir)%%no4ICI~}9$
zNrmbLN6f>^Rwhj0%eqeIejX>4hXAE1ON*4&-qm?01NmcMFhke_nElZ@^TQ^!g-;Yd
zbE5(B^g*nEtaL*drIBDYl1-1If2AY3_pBvp7K4)B^_)V_UoV9Ts3JDq5p2ZK<;d02
zxq5eBbBR@@8@<k$%^&h|PqKt!AF-jbdT55!KyFp3w14knFKJ)fwaB3J?D}b0+9fNG
zK^76gXlXjrkoJI?<tx>eor%Wdig2f{rtXa*el~gCX=AE*7I6uncaG-N6fLcH@1_Ve
zXXKv6tlR210rpz3<CbwQrOEO&deefTXB~mres1DGCM@iCOKADCsU#uVdBa0idFLYK
zacfEOIo~LU^ZYc3{ZSV8Lt!CT+b5rBG|}nm+cf85XZy*D1C$wk;r;M7py>;Ph9r+Z
zu@qaL$@b~OTSBi%`qf6!FECg#7vgH&FFd0hecNu1h>Xr4{C0j%(NyN2Jxh`_IGQL_
zMSZ(Tt!mJ|jUt1In1r3kUUs4&fB1;!i@4W*-fo-u1;vW*RQqPRPQY4rRY_V&cgY}(
zhfh~-2TU2&VWIV}(K>$JUOj3W_LpEEgLV7+doa?Nwba-9U3A6T={*GTe)AE4Ek0Hl
z7GFzt(ZN)jt|VcS?ckvNLe3RlbFwQuHzt81t+k@%#}Q9|{Ge?pX-T2j<*IxUrk+#*
zwDgPv%ZzG+qn`7KVKgbX=pgzYy!VLWG5vsXNKbhJbBOX-#)hF+>FJ@rbZp8>nZ`pR
zUXjQ}j7J7U;kCWR_EGQ<?r6zAV`9<`3*#r_4Reaj#D|?9K}RY{pEl)V5V0NW(QL`R
zm>UmxEu#SY$R}A^-UP~Kj2d>VEuL7!xBXOj$KEJh$(>}n4C9}E+{QBW{0eoApzlp{
z<7a%g2F@Juv>R?Q@*DrX*h!}2{pG0$F8v(t_AhZA#m?~AGQn`+ja()vGb77^C94hM
z-L1xjm3p@1jx_H$vuAl!Q*5&<@rLtc?3+&zDQ6R|>wfwYKz>HA_(MqqKRK?%bJkuf
znpnE;NTh#)*HKBj#bk@_Vdr=z&;<eY#{<N$;KDnL5VgQE{8Al;W<6F*>ve1j^vr>v
zKf~;F88c;=QI05$r8}+0$i+Cdpm~W29(nbPiktG2<@IBSN4%BBSyxqVUKjQ)yyeO(
zHNvrxG8%^a0J`%fgk2G7>BvY<@QHz;TX=YQ@D<NC@7>ZPF1z0px6Lu>nd@gqUjXvy
z_U2z7^eq}BH~OV?#ws;$RLs8k2tejvOHYDiY?D8m1AlhNL5jFP*pU}qItz-%$)e-c
z&rO7z@=To77>N<Q?B%@1L-|SRUVy!OcM50aq&L=it+VlX07J|MqcJ6_0iVt_pyAN*
zncvUfb7R%}6!uQi*EpWu@>rx_AhJ|r4kN);K<z_RiuOu`QGE`6Bo+e6nAEK6@CZoI
z*}NVSz>b^b_6O5`bWfb-+G&nKABwDiYAZ=1Y`zNjJJDh|KPS|Vx^km%ebdUe{S#21
z@n0Q27a31OU@PcRt8j5iV77XA-T^kToG!__4{>ug-?qB))l)GfyUyk}43%&-XaAMW
zO4~Z72$B-Dg!+u9eR-Qn7^8*ygEP{x{&Epp<%uFekafs$$0<7;=Tg;|06y%S=n&XR
zK*irsO4ZC31}M)JDV%k%H(`7l$kcSE<>g1p*w`sU@L;8PbMv+?YyBW9Dm4)Y1*H`o
zgF0%wN`;#9a7dqD$C*yk$nbdiB`f3NB(e=HVG1gTixp&z@47L2@#vMN4@ZvxQP`Wv
z!}e)8cYO`I&iIho+1P6<h7!`JYHIB*Q6e>3K6!@#Czh5_S63%(%Qfb+*V~0Doqpsy
z0@RJL=5!FwW3>d<4ZYc-b$osxEg5BNwAF$Cv?<;+7Z%cG>BMb<SC?0ZJUC*h(9=3k
z8D2*HgcRE2Mg)V69e)M($BKVpLy8eMmJy7^E%bzLJTaQ|Yw#;F!|~GGbf%D|(+|G|
z*~^4S8)ySpG06wrz&hm*HuQQXL?+DbsMHJwo^}!gmBaO~p7bcUX^29P?9@~FxDSB-
zN^@$=PN1kdWIu@0sz>>zrk@Qfaa5F#)U6C4RH;PpVb{~#@nBZ8dTJ1Cn?sUFC^vop
zjQE@1<n~>H#P{EkGkl$kgm+&Ij=I_vP*8Ygxn$2h?u!`Tj_e`6V|OLZp1^e`y$`nu
z=4b4*nK(YRbsSk?nRD2B1r_t8c_TOGNAN#ei361X3b|7W>}6Q!TC2?pme8UPd3}s*
zw<wQVtK(#b8Tet}GgWA}y@;d^K#pofB6o!TVf2BLtW7D{9zI=u`Uwx#T?=)$woNkV
z<SMAw*&P}l#FcXf%JNbL0@(F}^%c0irVs|G(b;Fw1n{S(m<1Zuzc-gyLVB8O<(Q>B
z^!yn>#{ohH*i4dgIyRj&-G<rZc0*&ZB0GB=U(*Yyo4E_+MIe2=M8%AOZyFvj(3Y7J
z<M7dawn#~&H@%O0UJ`kC$4Om^hm3_!@Q1Sw-rU9j(i9)2L(+wGgCCbmCEfH}vSQP<
zEtS>UH+m_DpLRZZ{|R*60(W&)9TO+%xoQ732?+l+3GyWOA|_xcJA3ryiCRY(@%FIl
zND5mRc-&wMZp`Tbj8@$D{BYUpnG{du@fO_<w9$lyb3Wz=L?tX>gxx@C9-=Z==H#H$
zJ94VilI9di^rq(TXa8Oo32G&2vJ38aBo0PY24iw<P%lp4-eD;a-Lhoa!O$*810|gC
zd)83F>sJHtsbBeW`ff3p>XfpE>bpF+6(9w|B4Lqz<*aj0ud-eJUdQ(c+y}=6-f`)7
z9p<AezJGTAQeKYuUQ!hO^>pM4rJ4NO=L8mY=@waOiC*@%g5K;={pV%ZHKQD5Bx*O!
z?-3&rR3=Dg+phX0b^DM_0u)3%Gw&DeCAiBy^fHYycqVm#*^vSf2zv>(u%TSb7rlWp
zkFDsc!%7X<K1||Y>X=lyA3D*^E2SYZuPa*V?n|5~5viFeHlg}^6%z<L&&(6^1?e5L
zQ}(UBegV2U#peLToX)IFE6kRhE*D52lV>$Cj<3i+{};eB0br30E%xp!0SeTg%~GH;
zKg!`l{$Xv75pS=<y8A%cHRcAx@RghqH3=~wf=L9{e)g7E_nHF2RMgUUtF%)GW^TMq
z{Seu)d9hWu+i2t+mX%4#v>iVKc%ub-3so<*htAxtI9d+U5eazz?BV|PcbceDHm*8)
zJal(&t8Bo2$~<z_0mx+SSS(l%^?@v{i$~?=M8p=Es+?|#ek!8Rn>XY~^7wWY=fe4T
zRn*>BNHdA5AdMG;1jtWHul9)LvyzpB>kR0RClDL)jmWQ5+>`e%rjIcu*X6P1k8WAN
z_PQv*%0w@S2Na0x?pMB(z2I6vyqIT`fTcS0-+=H>TRy5I4ZjRM(4>lc-)%CoMw%h>
z!YA8A089dl_8;at!2#9nD=$+LLp+4kbo07zYxIZR=?tcQMQQPcTg9A4odjnb?YbrV
zqa2~@S+^?q0H>9Z7n8_Uv5giP4)f*010pw6pO_&xL75|uc#iNU1F0(Qs&zq8+>O_^
zKZyxo_eXP8pcF$T-xU|yp3S|i_Ka^;UBCT-x%4Z(_T1N9mz)1UWG_fQ^3ukO#W^M+
zu~IcO=MBrPunS|O!9vK9^4cCQ-`-tK6B(7ExZk9@Z>>e|MM#l$bYyswq1Dq~zD;sy
z^x{_C)-q5j2=DCqbfV^et`Sw-!hAa}La<nSaP;>1v9jM$CJJmgpXTQ`bQ{y0NywIc
zwf&KOVnEQ43|`uvx1U~G>r|DwKdCbK;@rxexOr*66ZbZSeRW3QyPJ`PNIV!ezW;_~
z^L;nU?kD%CITawi!evx6Bi#yUKH^rfj;5%NKtnC&y=E>kdcC)7H@_C9A~Lg+ZJ1TI
z%0n{G6dV}78Yc6pm#?{t0&)((9P29?lj{=)U<;^;;@zMzYQf7**Q&!MPa&#X*afYN
zZBJSMf*;s;cWBgCb{Di`;IBL6@HNk|XT}W&n0GPzlo{-yo=^`(tgwl1qk_Y;K#VrS
zZ(dH>v<uv}lB$hO9N&!i7&v@6ofydgYkz&FOoujSMYY?V5KpllSG{Q=Q89k4yKDun
z7zP~PwrS7&y8gXya$G+j|AgvN>Bz9E6AH2Zt0DY=w4`H|%fILCJB!N!qlrqRoR$Q<
zqH`X`5ZzLKw0n#p{t(RlA;H({IZPL;1BJqD;*^>T$D*nd#~MK{JtjHzz1i31Ns4J8
zATy{`f1ck!L#oQfBK<0iZ`{%EndREmzQzL?^ftxZ51fs;4G$$(KVRy#YYKk|*dErh
zP+c&0eEQ#}!4SxE+5V8+9p7D_w1cK<kmaqg)$9Sp>yN((m=>ZcplYmJiPP<GSQFdr
zy7}RQGpKj<tSD{$jpbNzR8CPxf$;||T6cZCBYV8Q_x6D;srcbwJK^XV)xaFsy0|%y
zToqtExvbskNB`We=loSqy&4*8c)-=RHsNr?<Oc@p_VEmeDhOt+d92@B8u6%KqU^e)
zWt?{&^5PosDv(*rX{-a}uITcK{;v1S$e%kHk+anRW@C6>R@`;3T{3mE!@x8jfF)Cg
zwY+!z(HE_E#aNQlx_2JF{w*Z{R6tjo96Vboh#fA&585XkrkCrR*MaJ>y}3`DF_K(x
z&$#RYuuv2zDs8K**x4rpY%%Zl5fycyLeVnmA50%7zoT{@?6mRKkj7Hg`{qdkx*m7P
z#MKjIbx-BrphTWb(p?Rp!BFOy&CeLZ7YlNo@aIJp7G1q$`WH|u;RrOBWhpMSUE%u(
zAEq||47wvAGr!*>z5?lxO)o^TDB<`D3qi?xxjG-DJalQghQqZ9NXNPlpN~$MdkCB2
z9MrDH9)%o*)W7LKg*m*=OalA94(cPeYgiA>uuc2bB5cd7;TLe;$k@n2J5x;#77FNa
zPkw&1#$D(Rxsx%SmUD;dxK3%iR-|YCPdU+cK6m*4Bk!$)vh2S1QAJchkrF{bX^;|8
zT0j~B0qGEFNohgp5LCK51(EJ<L_!+r2I-IvY0kR!^S&R?eE<2*oHKKNGv_ZE=Xvhu
z-g~dT_S$P**R^H~wi<tNz30Di-l6MN!A2{_S6-kQ5&d~vwq+x|@^2>Clx=9}Fd|+U
z+@7!RIqbBnZUu+yE+>O7<p>A-c^krVt~@*LI(y~pr&wBta^=--+t*H1B^7PYdlzN+
zj_vi$!W5O3ewJ&?@a?9{aMgZSkx2=6VQQ9Z$Od4}8eA={2sGY&+^+1pfqwtSqk%4_
zO`!dDnHIFr*xvMaF4g=6fqQQ?kd#b+*^mot=Y73qopAEgAeCp^q_SMbaT-s4&0xHH
zN4D0?`pu3fv*VWoKmJ%v=FStK_;+qiY{q{!JdCsY8rlbYoVCbKig%TY=5X9QZgP0g
zC_3YFaYn#?+`DnOu?({K?Ym9d4IS*Bi<^A>^}r_SE2UI_pTf}4_cI-$*ae(CXD{II
zdM{w7A>|-oI8<{pu!-4WCiOLVkw6mt10>PO98urZsi24UyFgg3WKmo0S_vWtv6>qb
zW^BuM+?qY`Rhv^pg3ay~-CcXnxAU=~4I=z?$lsLBRxHut(wvCu@@kiXL_q9hdht`B
z&QOOtK~|mdx;{yKR>DySas8pm*~#Qt9NHvv^-l0891dfkRFa@4<s@e+XOh{t_9;Z#
z3i8G_j%~ZZh)ne2NH`i>7y~Brbj?l*^W5n^4(%dGuf@Zkc|wj1u_n9*{c!`iK5@dL
zwJa0YKPpWx18VkXQH~}DEsny<NK501q{;4q6kEO1(dH$A2UAlr0w@E_*)rF!zT*IU
zLHT1Z7wL^cRl#18+pidby;S3Xy)<2!#7@HndjVPw?o-H3#+Fc+U~K3H@XjAgNBm|@
zbU`#F`5L%TB?l(0o>|T9f{N-zEc~*xD@v-JQ6Z0KUOQkWg^inR$;RCMlq!^9)k<f!
zUj6Hu%JEvB{Dxs+QIdQjtyDJxQH(BPW7vm`ujy+ju6s(VO5TQIn)ddk@u#CZ4?8O^
zT;n7|i>QdWv8p2=Kah<8sjFUaTNdw)2PCGG@(sYX61$X<k@_7U$dRnQe{`%pq@vfa
zsB8n=c$@oi6YO6?`qQ27?1PTPS`p)0M!}QL2JPN!rYb!~$rz^mTcl^3q+WT%SE4P?
z7q`SsOBQ;aSX^^sbt|ZG>0PpbbNOllf;6pFm?9Fc<6v1eo=n7*S3v7~59x6}8*%Yy
zF>nJbo<SScYZu?=JgpAAd2E;eF|$_OWxtgn_Z6di=?=zK1p<xkpNq^Vbv{f?%v$gA
zAkS=#`#!-tW-r?A1S(afRYMU6j826FwM%(+gX2S=zV1zP+#1NK_SCFzU9;i#wk%~G
zgi8T-L}~ZW>y6#(N5#Yr{=J9g1gxX=osle*+WBpFD~ou2n5*)Jw{G-($t~^nB`vO+
zifY*WMj24VyJGvp<tN&YtqB}Uk_n6l9-D27MSV0K<IYE`;<t}q*;kH_K-uA|({9Kl
z6c1XQEW00ysaJ))uzKV)?Q-w&beJZy;pb`(6Z1J3p1^}`E)McQk-Ebd0}s}~YWiuQ
z*d$w$@!UnI>$%2TLVI@vI)Bv<ww2)>FEkWN+NVlq033^dGwtQ2wE-#gk}ypa56#@1
zxzyTAk8oM`kQ#AmhRL=80WKSr|30RSy9)WH0LoXS1Rkz=lw$)r7BPe29(Tr%py(Je
zRu}?UbXFc8PaFr^4z|IfV>K^wOfM<~oVWr-Kcj;VgLX+Pg;OL8bh&n#@ywatTGBF7
zeh6?kOxlU}={qUbkgPYZbW)lZeXAyIs-wM0Ww<6D3p&HcWk`<2Q;h9SD=%Tj_=SB$
z6We|^8%b+;*kP=OMD%S95BlRqreN*{X_Dx&AtNfxSIq1bs`1m?D)?UZMn()AqpUj@
z@$jpur$gV&u=XqrboIK=!w(*GU+ZJ9W;5Yd87&^kXv8c1C5s*{^XTMN@G0;bM#DLt
z4?Q%1+_y~paHWt<gl+F<DaqD&>YoglVan@xKEwhKq=Hri&{SNAsIJvRk#`2ELgKJC
z%QNdrvgHc+GU-xXJ&!gEVDx#4`U|M^l3<)BDE#reVW<*wUt~y4bzcFfo_gAI?z?|M
zRy3cJeT>T^r|M)EFE)&o)FN7K#=EtmT2@`sRD#O~kllG%S}&XQ!Bdiy`lYx6EA7X=
zp0LS%^+AJJOVJJbmAqH#6?dl_l$=lI?|wPL5hDp|n0uWD3LBaX`BFSmsVjrBPwIE3
zmEBsklHd4Pg-#|x{r>>=Iuj0Euj4Bww{{sz>EKqt^(8%1@iNKxG+>TpOptgm?#$@?
zNRg*SvJ`JS;RY+y1Sl8eJ=@6X5(TX1?p?f`CDKQsU-p}Ep0`yDw63N$t|-N9uXNFL
zfu_P*i2>A+o@@zupf28eJ;t&x(*5#lL!&EdmeVyt%rC%uWWfd;NTaBg?l(^Ha3Qi>
zfzS~8e3;9xWKa;eBr@$<_XZ7)fo)W&+D_dz^G`u&7zidC?;I}P6T=|GUk!LNs8_yK
zu2nGP4}_*fOI3%xh&qT6iJ3glr4l24z4(ZJfecInQ`e?j;BqnRMdhS~$v&!bQkh1!
zk8(=R&dCW++0max4`ja4Bd1F>DvbVYVkxQ8QWz@F$x?7n-;StxX3#6Nls(n)8DVX*
z&9^f|<z@i6u#ItOrxMh@$d{e>v3kj1*y)MxsS{*dFwZ9He0i;Vjmq~Ru07;PjpmEG
zS~mix!*wZe_Vp~);A%Wjc(`Zsy@aYP!>KJ;`JnG)NUdipj882}2dG}lT7h)i`H6NT
zMybWe+!0X;NP^dNc-f}4+!^&LS6^yD>?HObZD#3$pT$<0wV&e-lX;cLBYPbhw?3zk
z%wn_pU2E3H&D-N>=k$U~6(J@ZvJY)MSfU++S|ibB**>tm@X>>bM*(=wMY10kQShn3
zAFv6?yZdA@&jd(aC@x~lR!<7z!W*Je|I|q2_4Y<5YB0d-c*c7Bo}%B(_ep($MPWE{
z-E@v=^?0pYJpOo|@<+bZ*@TV{(?}JAOY~hv0g0p>bw)<~=R&>aW4JxnCnMv~pG#2M
zS`rzV@UWEZqEaWpel`ki`Apz%X;&H7EU5icCMlvg8@XvZU+>gCuR&1>IoHGSzK{*v
z=^6W=No3j}TR@C2GL4ArP%+hRN?FzRdWA9EV1?9wCzU^=<lOk{NnXYui3Oh?<u?Lv
zO^sW%d5624hKPQR!VEH?R}Xd{h8x%qV%-kUSr!8<=4b%vlItFihK8U`?okGFVU9@m
zlaLvELV%`WQr?|LN@$XQ_^2g(P4Q~rOdT$@K+3T@2+kWyqTBq5Td1wewKRrm$K(Ep
z09VYuZhgS#Kz%N+WN)}~P+Kgj_1g7H>%^su=O(7JJ!HBjB`;N}axOG1GFIxDGG}dw
zLnOtdxPsSL0(@3eC$U1ZLY_v7A#kU9rK9X-o0TlIzgC5H0<(5NoF+d0IJ^U9Oewrd
zxBbo@@fB-Tr2<P;Q%o_4Z`7X=f9Fm&BImpItO!$;Z}$TKNaJQpD|?sfgpNS(`s4Un
z)!lg8fhNY6jtI*NZ=Ho>PVq+p-{wd-Ml7{qYrW#M&T&vm)^7o{EfYybkC^WXP_kmC
z3&?uVKN)7=bs85N-x9!d{$q{yobM4jRAk)8NIhJOiv_017@>T9`?r*VHP7z-5`}G|
zhN1hS^+=ToK+bn5c=!_w{>)TP&EYbW=>VRKo+{mWf%<?H<`s@|71zE8=+~A4JoCrB
zOp~umC3jlUxb86+Hn~f2GuxWl-IrwcQnJ_omCYEPleNpI`z2FZKz=#|G&Pj#1D&$6
z>~oA}<~w<RjZr<}!5oQiZr1oSQ<gU?;$oiO5zX%nH5+fk#qLPRa-C~#u*GAw>Eg@y
zwL|pz#G=44BjHmVqZ3oL^TiH?G3)g;oasYvP+8gw;-7fA@}uJ2B(EZ@M?ZaQ{ha)!
zbrm9K@>(P9zAX}&UlA6WJZe1iw0uqLL}9W|R+~d1EMwnm4c%rZQoriMU%JPY#rokg
z&`jPV*hNz9(2&bI+1PGXmt;R?1>>XflZm*V#-P+wqtblfS3Ma-?J(;Vr_LHyFu<dw
z7FLO;(tE7Fyc6^yHTHmmg~d-3q>)lV6+tl56oV@NYfs>t5xPee%(e5ZDe5Non<$bS
zljAyyoj<GRy3Yf(FnYFmx{bSO#n(9X<v|cx#De|iGj`&+;ycY%R>RhK7>$&+B|fE}
zR}HvShoT=l9WJF_X3kGcFEQH<)G$sYl@9M>JZ}zsZ$!U{sy1VrCpCRlsipvU;}s!m
zno6W4IhoH>w~4Rh(8oA)<{x`2kBGl2S-_2@ULGm-=zkMkU7h->?__75zl7DD-J@P0
z@y>Y@bCHu7EEMdt-ylc6`ZVd97IAUZEh1s@7F;GUB2>80k@Hhwp!s^igp__rOs6n8
zc`_#u9y|Ypl^co<t4f2(s)~&_ye!Z8Fav^r&Tu3OKORIRL}o!pBz#X}QB5!#m0%|6
zevF6_v-`YBZguzvV_d}|Gu=Z<Go@Ty<5?Y(Vx-<65zkhwwBiQ=TQY6!i$ZaOBI4$v
zN$EkF>)x_I?}CnDU3SP~=B+`$%+Drm0FA8(oT6*v+r~3z?Zu*PGXVVfmU(Y0wKIZ<
z@6PtWJ8>=(a-_P`r*2sle%XftBey{E=|_2k2;f5#89%a2_-Q2BAx<gIe;OZB!jYF2
zM9@`^=$A=dV4v6^Sg<`DQJXC(X$gwJK{5%6a1dj3Bgcjd@p%eaeyu0JH_(_(VYfn1
z@#cpuG6qrWl6=1`!d~fK;o^|;tg@G;yfL3Mj0TMee2C!ngtLYkdo82@(LUc~1c~5)
z>i5>3ESdLBMJX&Ba;WPXrNeb;D2zhz$~90shA^aFv{@A#7abc%gYQlo-f_OdVEK))
zyJ+|+vvZqXFM}9^%*1yOK^E`l>T8pbjo3`KFq7}W?-bU?V>OMiD3-x1ZRlh7S`G`r
zEpiN}Gn7y$Ezwa*mB&~!zjHPqI_pB>{yFlQ1~WiO>4u9)*<YGIw|n|XfiT-G%C_Y0
zXVb(KsgFg&vIAl(w)D5Fb$8TFscn@ORO^j?23Vstpl0zl|KfyP0nOV#Tj_~t)VH~F
zU^)%wWbvRVa3>0UvR<7qmK*Nxdm~2lWfBX1Yz!SAT6BhR=E8f|QB>>1^@<FT0FMkW
z_khsH26y=hiDD$+D(_@CKrQgTRIi+=eMLMhwlE^nM3oSpv&P^neC;42k%B-*YJhcq
zsHGO28R53RVKo`Z`t-!k{exF2O?`u9^8%9a`yfA%KAp&;I{Zo@+6s3H!4Oh8d3^#1
zAIXdSrLg2JxrV5xY1}@~8QI%(I41}n_l9Io6mj{L7bT`26-+CR9sVrpm7XuAmB!FJ
zV3hB^u6tskbr2S2ZSSYJ`tJ5G%7a_)6X|H0o+%X}_#Cr~sVTRz5KwCAXg1)^8Ow9o
z*gK52?`}^@ePcV@`zmRlQO+v{A`~PJ<XWbA5%=~1o0cH}XIe?Xy^J6OD_IJ}8R_&0
zBX=t#3q!{5E~Mp)m>S^X-+1Q?EQW;S=}pIM(K2)a;xosTsr5}qZPA_NJPcj=j%;6u
zR3K4D<^C?KOh>l)xEajuiI0q!RM_C9NBRBHjHT_3^_i$Ls<y4QQU-&vH$Kd_2S52W
z_{^NQa@^MUbqVkdLPq0Lm|301TD4c~>0NAPmcA{wZzUh)?+^G)-XGp+W$7Sa8SxMd
z<651zAy6zuWJ=OZW<FH}aQt9#>tJMsl%i(Si12|1mnvV|b=ELVrUzPcg*=jp^25`6
zOhL+~^3EXQ=3TujG$&-o$|5^xWGQ!}V6##<e2V^kn0&np&ih1F4_s$^YOU40K??*P
z*dzl}Bz;TU_fgkuqA&_1CmKF^5kWK+2)8JHSJd})gou%udVlulFq7_WV#3-idWw!S
za_3w8u&hqgFF;ypi4Zn3m~f-NoA2_+rFfF%3&LtI^cxYSu@dBlg&i<3>l0^d;opcO
zDHQIY4D{ijY$_rWS06multuB)n$RK0#ky0giew@rrV(&<VHMRcy%z@c0gQJ#5L_CQ
z>er@&@8zv=8WDNF1JQW<ABJ;3ZFvwr&6dGI<-vSRDw?CtCwm0FGUA?9*vU<vvvb{$
ziA{^*qv{&H7IQ4?iRO|%Qwo`+W~NZ~YScozxjj1SmDHsH+@cOm$Izi1=T8-!0Eu-^
zc$5B4<=7cY5sa;4$*RN))s#Irh?btIVCGgvNqjMhM}0>7-n9>HDWtqFb#q=3Ev+Eh
zilL+77LOls$g*|SbKmk`(Z|c%8+wTmdK)D~9HzMQvyPoi**ok=(~@C9@$|iS3Y?8u
z_z*H=XN1(V`ttW5t%FvE*aAnErADa5y8U3~m;^)i>^v|Q{fqTZ5jXTFvpUCQZfTO0
z|8ARjfs@&go7uj^bGJUw0VIoJ2{^|=5OnE=ik4f+!qOFU%;nooJKqCo<7(mdYU?cZ
z#DJvt^rXV2)0}7aIP^s+VEZnewGJYvu)XD~J1e1Qo;TFKF+tQMACI;2u1U=~Tjtl)
zTda!G>Qz%S$ZJ|?V7L0#zzP&BdFtv5*jF7KuH;_kb3QBpmvAtKWN)jAb(-zhs1G%`
zc5z?R)(-IX2UHYqf|6*Xom-!s<hSl?%8=^IIenPI;e7<!6?v62{tpF@o;x4RJvdT`
z#WKfPtt!rn0SNCHeP$M}|K_$pXMgH${Fb}^2Zz8iv{4esCLNrWa@k0WufQz|Bvb}c
zbFPF@<qBN)MwJ2VtO`&Po89At$-xgwEh6$JANi?p(G+4`cei;23a1;>UhZMDGCX4o
z>x|r$MD37J#*2E(PxCuN7v+^*!?8^y>?A4OLU!)}E)F4@??V&IQKP%zx*IcELw9fn
zX}uZ{dU~kJd}Q<!$ta_AokP_dcY?Z@C*g5)RVQ<Zo9FyFo*2TuLuz+@Jd=d`GTgtP
z&b7ogrh5vH5BUBA0nw5JI1^1f<T~oRCyD3?eDs^&yG0s**InzjeZaOX9CMf2w&Y`>
zs9h3h!*1}WTVTQL+(uKW74B}QY_vwyZV|zvERDFZ=w$G1#?!*UsJbc)z73lXMMx_P
zd23)D%pdFD?KJ0`M$nM~VH{pUS|q5a3ofT(52dKZO~#e8#eG&1Tqmhoo`cw*DbBvs
zSNh6%!)K!9X{c^Aj%P|JtWmD~=zsEd=-rtlFErk!SxvMMqee@+o{sL^;6I>+6X|uZ
zNx*+(Vn5+d9le$_@plxeqmDssdUT^n9h+5`2$OTcbHY{P^M_(;{<Cb;e!09$aOATm
z2Gdde#x^MUpPQ@=%f!8p>Q?{f*R(@-HzEhgmSrU*&b!$|c444UgHG`QEO3l$S19i9
z#Ce7YV2_RaFPFRVGynM(GporI2LKQfKU_bL^8bV1$~zr(O_CEv>kH@4?9VVAzC(z*
zEKyhEvQ%r6t=+0<@JD#9vp7Mvr0P--j>j_y!bD&W8RT&EE}%GJ!}rCWx&wk0pWKy9
zF36jV7<<vp)#<Fq#liKRGMa+NA2WL_;zv(xhpD4*Kz0ifxvwF9oruCgK~W@!)s&D5
z#6sIa?BU@9LH<N~*g1;n=v(LACjN*WPDDw+`cQR=<+~^4Hg*~p_`ME>$m#xQh-3!(
zC4U&hH=k`|e120*0}r#=l`D(>BW=cJer{<Rsvt!!IS?W)V@D!>1~@_pIB;P;!R2&W
z&li!OevZxqiWFvU7jIZVH6Ygkh<g=>a|n-&7qp!-m1$?uP(;x0Ip3AQaKTQy;YNYT
zL>u?3E|qKZD{<@Ky7C*LhO6q|<j`%p`Wm!V5nr2A^y&jpRtfLA0c*VZH?kbStwk{a
zD6pWUWrsO<1<#fgdjcUDB1qoTjmv^6LH%3dSJfC_f!XSkUVkQ@6{=ejYR!Hla|PhJ
zzk#l@su^g(Fc4jZV7M+4Jr*i6YnhrS8KZ{Deq){l8l3ZEfjn^YW&pM1YTU1nK=vAx
zyls}<WBC&aP(+$QT)G-N+fDP59$T8Qcee`4ds64JQ8=H*f!jBS&>EYp5~r{uSyBE)
zg98*~9_sa_;%$5fp8PW~4`z;d=ju=qIp;57VgtldiHP)ep|+IAdDXA<vC{+Ibs&<x
zgz&5Wm1HiaC-!vXk3(lH8PY*YYOj8C9xNO2SJV|+FS)6KWUYFeamrIn5C|_P$CqL;
z5&QF0+y04a{;S_Awtvu}W=Pi!oUZ^il(9?1FQ4xI41R>h8eazt!)5j{3!#ComyVL>
z{wp(0K1DKPpmrXW#)tp=<^%V6z5bQD@)!K<_XH`x&!Z0&MIqVC=kN}?9ap@7I&pvs
zsMlMs=faflkMoe?^N~GOg(U)CuXh#26C}FtdZ5c7HK`<I`CAo+4e!^xzGRIRzlibz
z=gnp#!Efn#{f_9lydFlM`<sGVoTxts=fD>acEob^Rs&)EmUKe{U?F`&VZno@X;{#%
z#=&2|`MaT_i4pLY`bPavJ3ibDR4ml^hL37bu2p;A<goqZ*W{$+(__f@QBvgrdc9()
zH&r)|OK=`af%lO&drNOAs8s}t$N}LT=>mzGe}un}Qg}Z8APkf;Yz#6*`-BG7s{{*>
zSI_KSGpCJvCAUl$0Y+4Y4y=Gl3)%$7f@eTG9!F?>Yd-_|;Ffs~jOaog<sDRdVK5?3
z`nOs9WN-O%k>OwcU{llRn$=k>IUFrK1-EDkTS-2k-i%K;tdD=1mRCYkh^_<m%UJ~L
z9VoV%QvsA01@2lzh<s5Rp7xrL$FuGesEYH@v5D}3BzOWc`mbsj7Yg1fayDkOxsjeM
zikbCFabUg>?#r@KlrKZ4z{YBV$_~k|uw2I%?p88Nu&Wtii3-y!upm%!-Q3n2ATH10
zaC1gP)OXDY<RzM2Ut-{z@oOca$3h+-k?_ZSp>=p5tV|u1d;WY3O>)wc|0q+l-N6@u
zOcvpz-b-Xpnc=A`iV30m1?X4rJBxP5{;XK%`gQf2y{PCpG=+HnW645x3~o?Y`fZ5^
zjv)eQeV(qix?^yUuD`@jj~5<gldjr&-tCOCZa*sgoZBG|7<esrig1XC79lc$Eg9Qx
z)@`mYwLFB+xk=!5NAr)G*E$W|d3;kHlw;q{(bVfxX9CRB!}XF*K|>W3K83uB&Ua%u
zZ(JB?&k{e8yNX5#%YzVdmPKGbtCvH1o?LR%MwHQMlRMvsOJ33w5)v22PNVv*A%6>0
zZ4uRXau<Xcg3Y1)KUxv!O|)D`&3N)ZS`l0qZU^JIuV*)5w_pP*+^@#~u&gvk5r|ae
zWMHC>P{r<{Jwb!F!IP8Kvz|r^<wd5fjD|(!-OWJErhsnjNK_Q&nth!-qK61^#P{X{
z8uGST927ipEf9LQMXrQ-@0?ejO>zglAnSz_h7TTg;Jb0&O`I0g&wES)k7Y3aGq#k0
z_n|T{HWYDI>_}`BX!($ei0Y05C2$RZX6He@zP-WTTF{%Ho%|^}N<qE4UXaKbLgZ3X
zGomg9k>Uzq$>rnPQR2Z5mBWHZv_%Y&KV^fFWGYe48pxsldH=rf?*=tD19#E=wf=!~
zz**r(1r92xU-~2YJtdT?*G=BF>|TS_x5y0#KBwPccsx%0iUs30^W#4_Lsxzlc(9LU
zJppVe9{9$)=7JWMe&ieMSvG^!0vuV~ba(&2Gk^2nT97xo8o3CzO^5ns{fR)mA0JvD
z^7*~*cWAia7j~!yG3^kL_kVsO?KaHTpR=L@Z>n1U7tw90gXIZ-Y*w*efBFy!c&8Wq
zAvnJ!0{*~a)nMPL`xt-1#*VxLuSAnkK_4?*QA!DJjlJ6HzS6Ht&#$rR{D+?fgT^+b
zho6wjwrj<7+r*iwe!#c)iH8eXqR^)1ybG4s@D=*<nCh=d`qzt-KP89f(<|K6ODTYl
zgD;)a^Ci&bQuo6D4@4I*M2Yb*<Ut6|@WK3Ce@Ta#ysuL9Jm;>jXsjcAFxALO(M<)K
zGRS)%umAK4OsI*h-*preJQ3Glox+L)QMd4*3ki!Gsd7OTVY5j5tAC(f@OhdbaIxZ9
zY+F~|T4?GV3<_2P#sc1*bDuZlRHnh#@C{4Hxc?769iD#gJiLqyKXs4@TA%N^^|)xo
zJB@V6%h0K064Nm^Ee~LFz5V}q?rkK>*H+O43Z=7)`Bj%E60eZeUHR7<V8|G7G^-Qh
z-$wFc$ZAmqVg`Kv{S9r*sx{0C?S65~zh+2+222`B2?48`9A*d{=8iz(@6QK_va|@m
zFVL2oeFN^*zc#&#^xe>i3#3Hri-Sq37~C*yRsLn`k;oNos}Q9C-(a{9?fcJ)!PolS
zVHMOAC_P>4gppU0?HAE+7KXkxPo|o~7@3<agJ_@syTa$(#9^1&;hOmI2x%3dZ%jn}
zJf!@UjI@d&>I@V2B+z}4;r{p2pCBg{-cxbt-@`^(=a8z8FJUPGA6LZ~SQc&d$*-^x
z>iqZRA+sX}4s&<eg9JtiTdc489o^(T=z??Y?KEoR7avP^dY>#fYyUB5U*wR^S3ZB!
zm460pW5P&1On!<FKE8L}H2Cd?PVDRm<@!ILg&`-yblUYbh(rE%s#=H`ab~C;j-tg|
zUwrbF`o*>XdXfKcW?pf)eE{(%N+nBSA^8;?i&kkk41X=IJQCs=cgUNe`3At^ZszC8
zx7wJ4@`#Ob_Qh5?a1Q6rYy33|vZs+SLG@`HNd4RkzCrHx@(t_nZ(y2C*_d}@W=ebi
zr;W$&4SXL~i~0hMJs^`X&QCm)541?eLizo9CsuFqYw!!aEjB_Ef0^k2$t#8o0-&sq
zmz~}c=vJ>p^!x{uh0M^^2$-24TT~G5lO@2+IEwDOf-m_xa*nwP33L8(u>k0qS#aCH
zflC9>7}w+Y5^+9Rg3lyYnyVrtR{C)rWVn#oL-wE+8Mwg9^<rA!Jh8yR9=eJK(xLu#
z`Kbza)#iQG0)v%%cW(W6Q9(Bzx&^UW_JHqtv)+B_-JcC^O_;6cKAq<9Ha;<fEc4&z
zLsJ%hh^9~#a8*6{JHY1CRXzRFIe#yauCdCDM9CVay}G*iU$68(ow$M3meOyRz-4NA
zhb!CR?QIOIe?i#D?y9Q=FY=l0&z5m8=xbPs(ik7bao6V^HEovbuNHXC$cgp0opoOZ
z!*SxLguYDou)%OH{Gi;Z{c|?5XQltI&QeTpao|QSidUO&=w!V<kpqF|e|Eatzl}2h
zjQ|H}NEaF@^!0kFLOj(tl!uX8_SgJefOw7vNtB#}JMdI>?`2kZR)1t=GhzvJkxS5D
z{sWRKo7?>RXaI895rFfJv>UC56FPojW?E_ZVrE+Wy*FT75Oe>aya#u<%P>S3?c*8n
zHSAffb}Z~!^?!#7b^LHtVR;19K^#L0tGaXEkIawKHE}qPe&K)f!cWMb{$8Jy))l8@
zI2I;~#g_h>Zc*p~wVmb_avPPb&fz`#y{mt==vPB(yz62Rg`g^4RQ=0-q3?=s0&QaO
zHwsi^Q5a<h{i`R9=?)JCyGi7~5-AseADEezsQ7CRcacykepe!$?CA?I;tchNAt9x|
zqmULOAE6c__>HGzIOzX1;&Z5{5b8dVLe#I=U~-aaG`e<vTm8zg*~9P*7=!K?yMGQT
zWUsjKfr+hMAQFH--N24-qLI3tiTpX+v_bXde{&Z8AF{ujfH?e8C2U*grHZG#`d?P-
z21C3J<AT$k4~Dn|qa_jpKD4%Cr%%2%zVzQm{Ur)Gn-J9CIn+Z~)l}e08<BwbdZ)<s
zzi~)<7;eAUhfYyrofsB$H-}dO=_T@?9dyqaOh8O3b_c9z;$e}SHg?+Y^%rG`O5{YM
zh&1|d^#5H>=tKsa=zN&)4f3ZCzyOSuKI+m-BOYKrl4zhT7;zZ{$~}MCSQ;(tj@>L}
ziHmOZNTfSA5*1tZJC>G~enui8y)u#b9>weNUq(!}fn4Q`Fu>cSK_GFHZPWhq??6Sh
z%XTzh0mg9aO6P@tM*y}1TXfSJwkX7euyKEN!p1#j{$u)>Cd>b;)9eC@JknE7KyID5
zig4w5ZRj7K@$c8tDnmAH1Z_T?5(ltpXCKsGM!fvMr8oa?@9+O39FqJW|16!pWj_h$
zOwQ|7*}q+`ERsbso<=&-Y)pK_y!w{^_xj&cYe8+4g*ZS!Q2=iF|C$($D;$#OX;cMh
zZqX1%$`@kXlDGWr0h;^rn!;X!%P1=g{`)$`3+G;rLA4w`nnDzus`P`Mv$NSqY-?>b
zGX2y_4SwVL<9`XNzkP-a`1U9AaMpqc{MDJ}HTa<Vx7FL1jQXc!IJ{j`vAF$@$s?}@
zM=)H1T}82fAIw#+FV%}px#0XZ{g*28xejm5RBYt_-m$^(PIqtK`woYPJPbR^-GdlA
zQV@b+j9~l8sYaFc!xRvm{`Zpc73lz0#^Z&Fg8hxQ&Ve=ohmQ>L^6Yj05BE2J(B?L?
z^QKQ=6QCRUo~j{kfs71AWa43<JAW@aa_U^%_#gfz2X#P27n7FU3R=gs?F^b8Gm=|F
z*?gUd?}3~da_lV%CXPC!O5VFIkSL3ow&M74PjBAx=fBTSE>tQBiM~*zC&)vQp?2IG
zPrk9XwP#sywQM0mfBa%7s_Sw7@pk9j-r*vCuknBSJ#`dZR;k#~1(ihK<}M@h2df+$
z<UGi_+~Fs4UcbKKPk^QeeU0D%YR}p`oX7&>Gw+ZE$)*2zt8;DzXphra89F#I(PIw3
z8L8Pb+P{lA4Tygoonz+A`FkXu=gvxh30|p<`(wqn83)l5u%J0c#j=clJt!FcQ#Pv)
z)%!@KJ_<*T2Kt7JLvF)H!k?q&LFRyoV=f#vO^RaQ|8h<eRNXBSh0lV~qQ@6EuKo`1
zn#2>=4zb+lIiC#@_T+#AydW3+TYlru7Dz*P)5v1Qd0-;9bo~M{Pg3Z8&(8$9vy8s3
zDr7+@FFiL8nY;gPm@Tv&ofHH}9<uP;qV7qf*bKU0vo;S`GzHqib|DN5ruy#}`2EnX
z=l2M=XUTe=W!?d9!{j&uYl+8T2VMi$(HT8+;<OSGXhIw8&mNF2AT49YPu9;)a~-}C
zPfQ`wHJ17*K}NNQ%b6dar#tzLB0?c+z`BqwU_oSaF5XZfEBBWHs9tRupr*PI3XK_(
zSMp&j_;9o+_GqNIx)#d5IsL|s-(T@0K<@nOg9Bwwu1bQtG>cup`&#YmYG*2&a(9b*
zZp|nP#~fkm$bJFySQ4|}$n{vH5b^KMNj&F9p%jf4eUV=}GD5~_S$+))j_Y)TTg>OH
zK0JgrcH<!TwPrh{efc%iYk?5J{%G&f4733m160F<5=T~+A0VSJ2nkWEkBhipK!{^6
zUq=P9bK{E2&%<T~Rs~imY(Wm7@(96c>$gYZOkP_+aF646D}PSgLhbp<=Gj^P>(9AX
z*C&bBm1}TLE}-HoTpyeGFy&4rsBR%7jBe>gh<_a)KZwlOLVUVLL}aF>(TU(9n>TTe
zr2uu3tSlw{TGO0g_vGRA+EizQWu>m2_G)W${WZF>(n=F9#a)HLouyQnxSneEk6Pr@
z06)yKg;L@&B#Z-u=~T&{!s{Igu37Z~hfjkSSi$|#Y$h3?6q+{zFrW-b)0exaF?oVi
zMXo(4#AHBelG%BKY#kE1Y6vMJ<tNJ;WarYAvQ%(Zrry@U#K^A#jrZ0n5EGd)q5s(Z
z7L|%uM#UCC>R+wWGU1>#gujP7LmAWlF^iA=&*wI%B<IEIa4i1$=TJxs5Qe_og|7@8
zuIlN#)bsp$OxA7MzPdlU9mb$svNj6j8<O>OXxdnA6BX5(#y4T{74rhe4``11*m@Ci
zq_<Q$ISIy~VnHd2#ka4uJP#T!ffiRh^t}_(L!cZ&TVen*w&_qE-Z+HjeQSo^YbN6l
z-0HIWnHwz;0@t!u(2#8Sm6+5)J2F<?1OB_8t=!JVlNHiULp>l9>C>X1w2MPKT=MhR
zq>H9Gh%?}A$*;kT6sYzdz^o~?%S6q!MWi~WCOF$SSOd8K!@-4*Q9Z|>cu~wg-dxKX
zzP@vjYK)>VeRM+k@3F&7B(kB5XR(fR7qa<MhOuB<7~RYyy8SI?Io7(<E8@}VesWT8
z(2FESa&x@9<+H(tZun>&#=`|KOugGxZdX6JBv{A|?JX}GUk<lWi*CoA1@eR=8P|+D
zqKW1m?t*l_vuVH)YsfhTp2v3z?6&sg06zPsO6Dsa0OiWyo^rjwJt8y)dHL%zd9hWn
z+9CK9ZRyZbV%(eSRr9Ua4LsBg!s90G0RXKm5^{FV2i<rP4zvM5Jf8uiJxmw(5AMK_
z?{Ze-6*iW1JU3Dpm0bWlK(B`?_rSjqN=W!^^$}XtfT%EUGMQ&m3WLQ~-vvHpQyE|e
ztGM^4-pW4*Dv2CSwL>F<d`RYo-kcdAn4VYxsoCIIU|Lnl-O}R$zmdt1Q<g-p9fEo!
z{s3jQT&9cb8k)yLa_94e?`z(W{@?A2#7&$0X~B^7O1t*QYUkE!;IvFv;;lceMj0>w
z>o(VAS1piA_0->ZJ3JI`hHh^V>+7jcHjiuT*8NlI`FIEJChU-$x9i_?=1g@;S@I5E
zO$59QGjc$6VN{F}++e=Rg5jYrAKtVNM6g1ZY&z}0BY_*yZdE_AuXGmNZJ>CtKm7CY
z;6<CxxQ85jA;)&auW}L82Yt^r=Lb)Hm95*Ou59{b`0}@EPY+FQIXX2J<;C(f_G%U*
zGW3$0MQ2E(h7)o0AE*pUt*)vYZ=-|jF10E4gfprJPjjKSZR%D%GqkPiIZXP+Y;7VN
zZ+RWN`xA+0i9PYH|J(i|af=cpQyFa_kXq^@iR+F{{~j4-?|>8irB=fU=m>)ppUcEb
zChS-2zbA>{p~ce(K2UKMb=T{R<=S<>c!irAW3yiFxgG^^{VXh64xR2-V6)1~JD(mO
zu%T*g^hb?cXIwB2FWnQ`S&A?9m<KWt=?a>&kjbh03pMqcD*{C@*@Mhg8-m6?px*QR
z@|9v%7efv^G+0*0(84#H(}&>0{TBLOgFwpXt-z1iwaXk!UtVjE3m>y6uU<w&%K&^<
z)+GXBfQ}b&tDGPBvaX}fEfo`pIgDznoqQvPH?H*7WqhrJ`vqS_Ron^MTF|GO-_ZFv
zTS@T-))ocrEzC|X_h-&jQ&?R+2sHTeJ|#n1Y*|QusE<~M!Ld$%qRK8mKD4||9Pgvi
zf@q%3Pl}H@%GqjRhliaH*I&)zU;0YJYQxOJv5oEM-n8dtF!b^cjrG}g_HQFR7H4VW
zUohBcfa%jrCq47BEnhh9zzKwvM+|9MA9gRE)uVTuvJfxfM!%sPM>nscoI>M7@pt{_
zpL>{SA5i(<+upY(I;Yu{k@rbzg7t$?5U+i6ff!mS6r;KD8E~Ta7xBKk?~cH^8n^ZA
z3JXJo_2YCIz5}YcVrK&K)2(B5QsC0lx#Z%7m3n;6>e2K3%(M3)KoBL|j9p{llfa?{
z<_|g@f0O=;Ep%;<rkUuzu{o14eJ5alxs=w{`YCJI&oEz9=~T@5u@Ld$&C9Kxm<BZ8
zig(G*fP=s=??zInYs93y?L1#*kvo#ey=opg&1r=-*HFfkYdt<w?l~VMcKha$>v0Qe
zu~DQ4%|LHPs&GyCx5qf0;BtpO)>!V=YnIJC3+3J~`{)`rujz7<(l%{5bR&BCb^aF1
zhgX8uS1;u!-1R-e9LKs5KltBc;rC`<eCJx+^GdLgSZ*e2z_0tdK+6%nq?~HSRZCo3
z59wL2;xYwiCayC$w7H=tkL5Kb8;U1+eOD@J#12#{ROO@_;;FwFVkyNkrkntEJt-x5
z;yhFNplL&>CKaWfh+(iOG1BzI(6jY>NmvzQKITJCS`x#Aa1Ebsg<C2Cmoz={148lL
zF8vU7SfXsp%&l0?py~?Nq<Hi;w~MGv8b#Q0;|1Y1rKZ4;EJxY9=jF*FCL3Onhk0<q
z(m52F6*;Z2UDL`r?!)4`a$}6tn3mHjH&B_lQ!B2OO*rb7B<w*_qhO!81vr_oM?Z+9
ze-Js`f#PUN$rVliz+sh4!JJ_!lN|65p|wlGGeLOK1rh@%V+u9ORU<8&EZ3x52I|Wu
zsTWjgGH&O!UnmIkzsMrcun%O`5QBihk^MzL_xlV|Y$Ba$55J3%`rT*@ZW($2aB8YP
zbSZL{q3`G&Uo41+<)RfRN6(v={bQH^vC?~fXj*Qwdh@I(HMbS}g$)J07pq%?osGFG
zl^AZ}`f8zf6q^jvxL*mzwCcU|?N+N0(H!4xaz5%Kkc{wZWJI?G(1e<7&{O$S1W`bl
zy(D;GIth;%5~vxjvwGFqP2fpG8Xex<o;|4naIL=5p0$3Y2>s+e83q5VjO>G)UPg`a
z0p@e(t}=)V3n+YTioWh6eGw-*Foi-T>=HV)YDVRxCH6HfR65hQhf+j27-$q1SLN&<
zhEuTKlpnd&5+0%xxJV(IjrDl<q7ECD)nyClmNqMnmm}#xvl@I1O+KvzZ=xBX&Ge9Z
zWMBsOt{9%=?MWI6220fNp$xHG<h;r<SasTk_Q12MGi;KFbd>E&nR=|ZfCYN+(?cI;
zVjxIf&~W-P`A-RaC*FHe>=SQh;@=Lle!KnX`_4E^6mR6c*O5Z|QrgmUe4=VyFS{21
zyZu+#P;wr1-9G8GIr!nfdvAAvMi4JpXeJs@_jn^ORC#HOiB1sj3cu=#fLY5(=c$%g
zVu3TYX+?OLk6|g5inPC+^p;umt`fuNO?6XdoM>tvo**}DGYnI-jxhu3^+$crx1N1a
z?-#lqek>&IMm|Wg>8Y|@J3=LhN1ANsYA9EWG|h=*92@a}`|Z)UY#x5$0+P5#L29Px
zQY~R@T6c*j6S>Tmugu!t4n0dt_HPZLQO`6p`DnyMB&if{5ND%QFSpvwLMw~kRej;M
zl#9wZeJGk#mOMG-_M>ktpl3xrP8l3TYD0=J^S&1-trq0mdU^AM)z;KZIGK;ubeXxz
z$hFNY2VFd2JZqN3vE4<6J1%_pKDPLM(J~A+aXsc7yIeB!@Mz<OKg(dG_3h6$&d2g?
z^WQ!BvHfZ3%0yp@j$;Z}O$hO`(C2GXPK^n%MJ*8nZ%Rx9wqyo*>eq*WG#PgK=DQKb
zKC1)WOETA<R>?L%uY_sbm3XlzwDdaZx>zlKoi`7=v{ACvY-9Jdn!P1ySWOnz>Z=pG
zy(P<>%C7cEnXuC_VMD;?4ypMx9CL_DDv7-F>TX|0KZsMXlgtVtNTNOqxvKhJRZw0p
zYSuDzQu0F_yTF#D$2`LH6+mr!)vrXoN5M+|V%q`^2r(|Mr4&corF+g;=nzJ_Q26wj
zHNE&z?`dQ9oK~>VYY6|#H&L0lz8At1iavS-9cl$+<VJXYo@G}ZO6r>3zj8%&bHpBk
zr?JR{x#em>ukKI2BMKDnRa>#n8=noudb7{zX4<N8pj5;EvPLjHyD=vj?_YFr?A7yN
z)8=S)p?LaQ_LG)2uR6V7uiSI!nw_FAJ9*S`4_u;UWg<FBz=EBbqr%V*GABjz&6gjT
zJ3pDLOgfu?gD$3JOIbIjeT^j|Qofz(B=Y{k7BhDtadyiu4b5o}OJ}OM+{OK$Mv~J{
zY7}QEzih^hspzD4@Rq+?>S;lbPU<1*iZQE54-@X7bu^I@d+Nl!<;jPI9U(=kW4AfW
zQ6gNYCP~s_&g~xJ9%@3ITBIQsf4MD!IXB-*3!RwRhq_iK`0aiFdjCmQjk}!d`YG;?
z$AXCZ#x6Q-?9;+nOj7*=pS-LOeUrO$&I+|+&}DM_j$e4GO(-_uXJi2jd^l=-usu`i
z3Wd9*nDUD~XlCEViv_-PJeI3VlB_NNMpnIqrQ@vymY?68PQ@xI>3f-+)mrEMp7G7x
z!xu+&T#{cr{dNh^jcl538c?+<&;2k&=fH`Ua>glkyQa(bjWbOHt%?03(?`1Ut@X&Z
zcW-C{iUSp+dc14X$ykep97j7odz|E<Nuho3;ra6V&ZnG>J5C#?a08a(=1!pIjJZc3
zkon8n(LnC9t{R390ki*7x%8rkK6>_^r4vqcUhg4`Ufv!Mw4%pLcp!YJ+rZX>U9m&i
zPV(|lj<rh3H&u@=y1rx-r&b{4^3)rO2l>iY76D1!?3^{LfyVVpH5m{x_DFXJS{w1a
zFzU(V?noWm`lQU2(l%^wlpeY@l)OCi;=>Dmt{`JgsurJ~TyBMMO3C*dVlRXqdC=Uy
zo&!Ajq^*pd&y<nq=A-P>62#nE;)w*hF$vpasf0Gu?<K<V?I1uXW~_4|eB(U?=e1E^
z^vrV?v!*6_BnrQ$cxa9HF+HU#oWH=y?Pc%!iVt%QVaN`Nd%Jq6+4H`IFk0G;ovU?n
zc~XP~g7T6di+wrPE62N=g6r5x`6M@$>3lfv>A$6Lf6QiLXWX_te8=RAbF;wK=5Eww
zB^N|@dsBuKYZN!yzNt4?PHTztq=+hiEn6EW+E$f|fve);io3Rohkof{_6zeIQaOLl
zAC01FsPpWW?V~&!(rL%jUuPc`w>%dNk>-3U_`v+A?D<*kz<9F3{Y--?=q3J;_P)c^
zT#J950%ctQwYAKncw3`-g+aDwv#Qh=8+%UkslwjJ94EV0hQ<uL2dvU!5E3RX7GwIG
zKl~J(H+S&^^D#9_X54IgN6O|)Ny8kKe2NlMYTLl4a$A)x-_3PvWY51ql<IayTL^Xo
z_zv%Q>2Psc$3@V#d=q~tX?XuG&?StH3#C_LLI)M>exSPO)JGpQN#51meSr=_{3Q7(
z1*9>XrjV~6m|MmQkHEO|!(LnHMmU2?@W`=Nt{<90C%zf^_sQ?O3#S`fW5_V>sh*U3
zb<YlGO{#>~&VT82Qf>3;F5<f*GDUtxPEMe9B|K4%NN)%P!6~?!*M>bT$yq%)x>9kq
z)2WvZ>pI1>J0+FeZHMp0)ME>ChNH<>`l_ND*3KmQX%`vEX6>Avsy^~pJ5cPg`Khw3
znx**Av54s+@8D{6%8|8-2hGE>%xfD8&m>o49=<kfeTe5lW7;#6V85J>7yX#TDPNCj
zmFn7wBx(`Hbk1X^h-aKim*{dn`LrHJl$*R=QNH1K+Vu=4nscy!Dvz<{EyOJCBq;3y
z9b)sJ-+#fuHtOC9yV1f^rx#VE^~L=Q1F>5$b)#&D8O3<02Dd+Mjhv{&$(=?4XUUsP
zDWhfT=mkcxSnk<+TH-^dW1-BC!ow98K#bDQ;F;h9<^)Y4DqDGHNeSn>Uo}=<vnW%1
z5wj)~*@ehFzp;la^6?Lv+Qx5Sb}ix;D`T%hDB$B&<6266cPT<cW%hwz#^&y)nw7@z
zHzUjpnnyajkW!^NsPY}sdOg>1w1iPAk}+Ps(zR-_rS4z%itJw6DWkjJq$=?n=OwO-
zvf3wC3LO=1*bInidv!O2ePH|o!22(16kAv2rb?enDjS8c_vceZZjB^=C{N$`IBeU(
zRS_01Ge9q0=@juz?VD!U4?DwzMwLnisgtP-Dbq^XYA-5D5<W`wZcBf<vAL*;!J}Jj
z{FVpf#Q$yh1f?eN6>^`rr4*m`gh!gwA^7RVC`Gz-ye)hyt6~zUKjKAC)T`}ng0stD
zS1IUmR0=HAku_Xu3OUVSA~Epp)-x&_al88|&uXsqI`c2=Ppacx&WlYbD!N7-ih{X{
z$5nRQ+&fZA6KQK>{7t(Iehpg9otpFRSC4Ga&m?X`tgkhXqjh&#>^l?NWl}60)^Rkc
zPi+!-o@`jy*Brw_-973*U{%s&vStnJ-xnKq+<aDKD64)+=vG7S^GbH5FaGxGGYOxs
z@1s1aC}yQ3^~O4py>+LBM}g_P_FO)TcMYMHj6ftAvC9LDI}~#5EpK0rj59nTsJZj0
z$g5U8D9Nu%<<1G9#iTn#mxK;_d{9>#H_JOh?!U(iPvkfDQ9!v8{$S3V`UT;mwJR;6
zUp_M4h}cU>B`yJ3U84>HyG(3KVu~<oL;IklTVpQ1;?e`(*$@32CzQ3huuX#tJf}N-
z)J7AL&7U;;-8oZzX2JI$NcV$hqJ~<Y>!*$#NvD~SV22cT1{Z0=kqBAa*q=Av+zci;
zLeUBviCtWwF~<hkP3jab8h79PZc!l>-EMso#YFaD0^V}^?^kSETHnrDEZ2rVmI!AU
z6HFS1jc&_ncUMe{8;4NXrKBscDtmyLw2Lk4@@iqiq%n?BX#aX{aS~<xb7-}hNj<-4
zO)>OXh(q^g;d9ZB!slOtwY&?PqsUm(HM>}M$d`&>En26H#olylZUoO!ZZ3B5<f1KJ
zQ!?Nm)QSE6=u>In-CIJdL5}xCWx{Jjc}`344{u#=UDBl}7`h`Gvuq(1ljYCEz~4jm
z<~#TU?{49oRoWZrD)=L1j!_Tq9~2&5wL+8sA%w@3b=X~<au|6f>o9Nq+7tuBw<ro$
z7STLwZ-=&;3m-!kzNkG-e$>l6t~@5Gl$x5QF6(-c)55%E@Q$T#{w?{|GUtmJZ{MGt
zKX>lz?BKQ6m476}R^zVp-R`YED|LA`=q)LPWn)Aq0o}J7Wc`&gqg9B)=`sDjdM97L
zBC-<9+L1#4n7CLiqKq^s+1pT<ZLNh)dRzxxT-Y;II9)QRjDzQF;o*|`PlE}&c!T-!
z&i3tLlj`;M2ZhYFC&Lc<dyWR0>gn$gB_PSp@~L&-2c2m@LgXPSpNhU1U9=)UNPm~t
z4G2gaT1YFHfvY@kHm2$(7r!Sn93u)a+Ba2HhinlvH<L<UVtsA>sGUnCP`BSV6ELY=
z_b3MjRJ|^K(DC;BVP}X0JyMmkRAh<RU#bvx$_O1Li~7+!ZG5@>@eGN#>T}KCPbYAg
zYfQa{zB(Bjsb!(kyawzgG3&w9l7dG$aF^xNe-7~89|w>!e85TCQ8{ef-U-PpZ;)N(
zBi%L_1tnY0(=*6qhac}J{XlfYdl1dTIv1uAgdwQ)tHBHJYuO~Uyz2=h7pgy2IV?eB
z+$3|Wwj>rc54yQ-{W86OHX<F*!?mMn(p)bSbw4G%bR#y!5;RmUHR~PKxm^$%W#Zd@
z4H-(*Q)lQJ?cw}0wq$qBdj1#4C^;CuwH5Ux#Azs9h<8vTk=dR>q`(Y&kqa*8BGMd=
zEOslpp&AlQ+T2J;oj|s|(1q3Y=x{Ol%K_x1A9C&?(#!!a&)1uVmy250fr88+mB3dW
zaMpa=fzkI21k=+v5uxmRoUZ}ttw^#UrioINaCH9%8ft+cndy<LDWOA6!<;}@*`l?^
z>E)}0Pt~g4Sc(LShtOQKjI*dm$8X-%g(?7guWHFlRSS*P3P`VV^O)H#);I(4Je&_|
z3ioao5C3$0(>*#2>A$zzz*qBpU38e!IQM89i+eGV%pYMG$kc(D$^%Z?8#UXbTHf+&
za8_J99<aZw2|YvINDIG~e0`6_?B%l_e)qXr!Ew~1QA9y81q8;;KfW%0|7y+P(UB_M
z$fb}~gqtN;TN3h_<hp3r7Lqg%II&NF4_{^+(K_lD!V25z)Y@A<_z{sZX{P*e8CDhZ
zM2*l?vGn*b@!RUbqt|O=-mJU2V`Y{CJjPgk)&pyO4l=RN%B^0A?>6*ouj2M1ncy8z
zb&rU5K3pQ}z?0$0ry$y1FHK?KX*hmL{H;FSG_)_>FU_{hvp9Ph^3Jv6v_zYaAgg=0
zuM7<PK6$6(l{!$o!FP~(%42ENUE|#txj&UrDS^KZdK4y4-yrHOnfp@+<V6alg58F4
zpx9edrtWrCKPm_B8<)f0gm+jhyov4ApgZ{E?K7+|U?6v~)B6nbnu3WW2Ff-rw)RRt
zWWtWyu~2^7cl+}QJEh?%h=rq1%hezv2t6RF_AEFK>NmELO(34GtBOW!)l6djWC^m+
zSNv;%=bw@bD#31NA=2D*oF$G2TftsWj3d)n5=9kx2gPfQulr0wf^4*z5zq0b>K;^)
z-oKzdLjcX#qJp2iG`&|4F>JyJ7THt9aO13H>Lwz))=Z*TR>masRXLK4bhI_js?TN$
zZa^otUS>(Q3Tofh@KLi$CdL`c0G|7g<<FjUhw>K4`iX?aEtl}l*o>hL+|z3J4@*6>
z!kb~@`NX<w;QqOv{FeM_|Kq-0OQ<Y)mSi&O`795C7(F(Lvi;#I$MRR<s#}sW&Q1mt
z8AQQ;+?w50ATlgjsNdmzas=FKl^|g?0eL^&w)e|Mebr!vKMs%{?3~%$>Gxdrzmg_R
zyq(+&=CJ)aG_(ynR%4?em0OSbb%uki*xQE^pAO9{OMb@7kJB1JebWrv(B??>m#h<Z
zkG1qKonrLtlR@v}bkolcMbl@KpcoY#f6>m$K0e*)2!w)C?>{r8;&q{RT|R)iV6GA-
z^TgqPmhBo4H`ES6YF_iZf1&GuD2Ju=DtU2Km~?fC>4?=+$3xEaUzeS(W-HP5`QwqI
z7xo`Vo{VH<Q=M0}Q*_9PA9o%S-OJ84Y0qf<xEC|hxy)(-Ipy$pC;=I3R647#ixtS5
zrc)iy8tnZX{?e@FnZ3|34MMM2oN3$QMW)N|Q=R5|AJ=LscJqKrwELwkg4+GYoqSvr
zC}0zwf1Yd~)z9W5DOQI{gpP99Gk+HKSZi8Pp&@7})f!haNhgqq3Iso{9c|sFz5aNL
z^~?_=`Y_tu68a>E8>VmL&d>HeW<8TnmCingkRUJV41zEX$!+DYPfvI8xzbmtH0Qo-
z&2SL)?HA3^WT~!S4YS-y;rElk>*-?<T!R$nwV7@ok9EiMt@iDz`-Wd-b{m%aLBx_&
zRNl`NWMQwk%~4Bx{PGm2e$sN_uHR?N*3QUhnX!<?lRPL`Y;mL1vh-4naN#0ba)hK8
zzj0#B1M>Sz1P+p2%r0Juw(9OyeM{8hq*T+V#~O?^iAI}^rpbe1U>}0%jn7t7nmSh+
z2WtIa=*Et^oSnSo%;pn2+2<9yUaGM-O|+uqywmNAn{_O8R33b}mMl;aoM@ri{ncUy
zdczWqVx5L~g>FVsvxf;jwxzjQ<3k6rHZ+YY0`i!%&L@W#F}3Ihq4^_OCF;w?tQ^(n
zm1VQ2PZINqowBnVC?=x}6{W_4I5YN}0!T@B#tO@vzBEm5HwKGdlyX8>Bx;q9#h$)G
zO|(Y#DBQ&q;mB)oei*(!u7o$9bb35_qjs)(pyXzag#1@sCTGoa@&}7$lg|c-^!x3z
zjPCf>ry0b=qF-;7iN$+{9=dGFKwIK$F6i~z<)BSdVtLqrot*-tdZ@TbRF;e%hc%k-
zwxde1O(l2!GT*(s+<ay_r<&b)<XmiC5}9ZR($gNzRN*T=#rDMt*4fysC%63w)GY)O
zK1uWL_I1+~4wgX0%W-kifH}N?X^oj1Unn*)-BHqa=j<nC11Kur7?RJ<X(3~{j5#A;
z9##FF?r!^={BTm@9`j~X6JAcH+osgcq7IBjm0wKvX6+=8xVlo_uU3n??pf!C?PnZQ
z7=C7cZNg!)SjK0ZG45j$?>f>rZIsMCvioId<aNih*bYLSi&74D#N4k8*|VGI0jA>a
znxi<LwV0ynma>M0cWEanN5kth;T_rIbDIv#QCie)t+%g@(8n((#6{ej`Zc6ppeIgR
z>B!RQLGALvKH=Ql1^vp7k4C>%?e`X|Iyzph77r@T3N7??KZHB^+m9U16&+~NtMewd
zx1INY2srmqcEomsB!3*4&w9evaHn(FQAUT+K&UtCwTXJ<B1=E%ZeCGQ7T-__4p?1w
zm@F&rktr{~6v%)-=(I&w(hul==tFB}V$(V8zdb`*SO(&ryrrTsalJ}&)bs4CZjIkD
z1mrDMZ>G_{>SIzb%li~xbeb^F8}hs#wL^cQyC}Yt??R?YMu;tsai;UpuiL{vfAQzA
zH>XKOAc^4yk((sFV%Ns4k0++-@g~U)4_T*wt@1rN;)=%-BM)RlOj?Ozwe+&U172M`
z)@;zbYY;n(ba?0?wXLg;!%CcqmGAy}mnZ49zV1`>i*C|*dAaQsww5jEk^FcZj)OWu
zQ`%TWyJ^9_fl3cQbM|p&?4{Z<A$i#DTCb!VwI#TCjC^?E#^}+@{rab%53HiyoH4A^
z>_i;;NJ{;-QyTqU&2z@0-7h&bb?I=v6F%nY%`-VN70QFQ?JX{`A=O)ymQOoxs0C|9
zH;6c#cvT8NWK(!z@lv?EkLtKUGD$0T+hKgf!U&HwnfEe&O|Sdsp1!IawX&AaT6qQc
zCZgL~)iY70Izlq`X9!i)PGL^ZRzZV4BK5gXN%8&u>-hf{Z*Lxr<@fy$N4Fx$6bhNA
z45`dhZV8bw^N^v;V<LqRMM=smV|NLeWgaqQ$joh?6Pc&VnEBZk^?CRHJm2qHzxAy3
zd;Sww=Q`Iu`|PvN-mm@IpIHW^uM1l5o)^n9Oen9^&A1eUj#+sWNvWzzJ+OH~sxz6i
zLItEn2-5mv0CKOjUCwt;3$(U0YTO9aU4FPp?<ru!o#~1jz1c9OXBYg&Ts_C-R_;$z
zfd}+b>RfhbJCV{KExXU>z##ZNM65xHpJM|)3n@QEsK08odwZ<!PA#ve$&*z3oi}BI
z$w}XJLuCi6+59mn1cfaXAU!4PI%}eDtDS+1*H%LNOsgj-Ua!j9L}Jd;L{Hdk1Qp$K
zOj%DMc(|D}FGhZ5OzTRdq<)uNnb-u2t-tS;5#i(`{=eSG?$9}rvnjsU(N#B561KmB
z&9lM_s}r8;C2ZL`8z~^wS*SmjG@CWTg*C#y*Yru^JzuvPv}U)I)$KwM?djI;;iatQ
z(e+exPx=W@rt#e`-+gUIAGGW7F77%Iymho6tMQle&~DS(*RsvUPS3@r$IK-4hj9kl
zTsc^60p3H+YW)34pkJF?(IuZGqDYb1_X#=nVru{qq{F$9TVlex;QI}4q5lRstIaCI
zNm_C(*_U)@a&q3}vbp)PH;R$<<mD8&8TAj{UppUMPkC3cM%Pmj8w=L~4pjxypK)3O
zdA}5~E84{om6Uh+%$xD&FSt(_t<|pTEz5|+uqVg)m~;Ko^VF2RnIL1R_$s_;Mr_V|
zl2~cIZIHxFpJI?IVCPH5v1Q;8du;aRA|K8LW#_KcFfIE){AkZO)vS^Cxr{Rk)${!B
zV~zb(h3Q{pzO8r-u69fZIjuHo#N}>C>=Y?+t4BrUx{bE^TThJ@eC{zid385TNG#cv
zWoJVv;pcJsOX4eoL{jQ&PlM+rfSBR!Bwn3!>*T%gqvS)~<m&5mBjCwPG{0>5V2k^H
za{ajz+qB%=^Ki9Nzbm!<A<4J$UN39t^&RtmiI4T%eTwJa&tz;DX{+li;L5DJ;?^aH
z&7&%tPAzoh5}x-(XOU)W#wS#x+ykYfx1-VOD*Nq14y#qZ=986nTfiAzckaj@fr|&9
z_<C=}uE6<*NfV9e-5^{Z%3CfRux+<ZCd%<s8H>xkpuylT|J7afGe6v|IEloPyZa}$
z4c|CTwGzGPm#m0<)qgAC*x3cRb9H{~8H$dJ`)cC{F&9Zw-uN6wQD^OHvGjSCmCaV8
zBH5dXv2InmhBYc?-0a?0t5U{7uD<)`a%T3GQ7c(L%N_laU8bwueFFvovlrOe8C$Ph
z>X!F1VIYzzh)-sgeU1;Tlt7k)bb3hyN4H@1_0NKj1GLcv!hx@3e1%q<!@T^hCKZET
z%(+^6Zf7I{kJf}-fK$J#qX*QxZezR;**axMSJ)FovpsJ(QCe;`k9h2ppOQ{u9lbs=
z8QE&Qv?*Qm$o#B#S5VYevC~>-SM%P3CzzSe=~9)gVqWqWXa-``e6iA&2ytS!zTm)e
zQQ;jWd&Zy_XnLtm!>0(Bg!6?_8gQ;SL8aY(%us)3Wj1Egl=!41u~DOSv!gMb>rp-H
zxs9~L*WQW1^|RX0dugx9X!j!jI5>*OWG=*Ye)M!)#*cpZ{$cr{B)T_j=4U_dZ1_AO
zxFwowXh>$vYN~Uodl_3p=kMUTO(w$s&XCA$Icu5i%SM?X#d?wBx2lhtgCFjTe(Ej!
zH1+PHzmw;eZgQov(d}F9w+r<0`%>9s38J)4^pN+yE>z#37rA4q+B4bqs$MoGG@p79
zy5v6i<;0yT-kp1;>_kRy+}Qe@su)VC=~{lq6%!FL2cM+bRK!7#(PD~f`T5>yH|%)N
zvT9v-ZXeatM<}K}Zu_)vyH@_`J!u2m{;xBoY}TiXgj3I1R_OaoKBM5`T;w5hSx9&`
z|173y6?WS3euWy1^7PCZx7AvQiWi)hYBRPT8=X+#;}m7K+!RRtUf#_-(B{#98-=UO
zhTalsO6(jgm^qyxNedNnap>1v?~E!uKlzg1u*-8h84KL^IcRimI-T3TeeEOkDr3x>
z4Yvq9Ml{OLJ}UM0O<Zoq7^It=q%UB%uLb!(<2?3l{n=72$0}36X5`nmqm3@&qHXb$
z%KVN^^X*ztHeP7kF*{ezF}D?&efrGoV!-|O(f1K@UV~QU5e1T049KJEL<kJXcy`1G
zci+i}ZidB;6@mA^^^0n5I%pc{Q*|?>_Uuo^fP(3^qF>80pFiZ^YNvZfhX1Wm$ERzo
zHh?R~hI`DfH^93;c|&MUBzLe%W6;p0-%LtlawIE(>V~u0t0a0uPo=K{V!-iO6jfoJ
zc0a~znF_iUzPuzmttV94Tv0IQ3Y0EKBm}w%_3Bv2qSYlX?#=#;?TW&r^LGkQNHJw5
zTIqKa@Gw!{-K>0jmaO@;9joGJf=|)ql_=q58~q8f7mPmUVQv!+18w2rzwo?2l3;dX
zBSU5-#1@K&+(p>yNUkay3%K$aalZk+oo=6<`q3ZaVh{pyA-KKcl5E@P#9Xq3Rnn%!
zK?vh!Vfs`^1?p$&1a}+V^Ntgv&Gt<^h0aLn?^lP_Zf)WMv-Wntn7L4xG)c$b(7k<U
zpZK`AFkBy+oO8Cyd3}WVhw{%b?eoM{4@L=%ZodXf_k=G#BRO&fVR$FBDT{`nLmt_?
z575oGW>ed+>9T!L8?Xkj_o$>1CymAkF63CwHCA`sC_ZXec_Y2Y(0w7bJxu1p`go{H
z$r5dN=EtCigAn713y-6pMw%^77}94B@wF0B^Vf&_7XNV84LUZay5RuV>d~M4wwj-F
z5<V&<L$-Bw2xx^*y)#*Vc)sKK;?o9Tzx*1(qd$pYh1ZMQJX*tR`!JcZEj;UF&J(^V
zv9kjfmzGa!b9uQa_l`n2KS?0xcE&}-=T!aPblF(-64J}z{-tYTC2LL6jgLf&;lA9R
z9+RVgcMfh+#}{SHq`K_#+GRC!Z_zqCs0nvl46|>pf2XIJl#|>HjuCgw;Uc!Vhd}hw
zUmISsTz$Fb#M_Iz6t9hIP~pl`d~;B#jN4@+q_hXA@F9}B>5XQ?|M9iy%7u4=m){2Z
z-*ogbpT#FQ<W0w7yk6nvV@~|mN<M;=-{w}{CeR?okXrzkEDWW~O=0`i@cK~()z?t{
z;{oMeXnTBU%phdZN-Jbih0-=WD<-tjTKWb*+Lc#oz6}?rbT1IfpQqb(>CEZZ9=7^;
zxaN;SZ;-naGRZ@bjva55{yy_YH<2M@7b^5{YE1A=Umfao@FPrqqLg5`c6&5*wFW@d
z<Ox;Gs2mkc)X~=jQ3Da$D3=Ktqny{HJ~~e^x<NiHG&fj{*CqMhinAxvTzXKnV>-xy
zqm+g**_%9d$DW0=P-_pWaf^Qt;<_?auEspMJ}W_!5?Q7_xlr%eJ_jXOV%9{Cmoe8+
z)Ws$nmy@De2&00ho3)mI1yTz%TBQ}wShu+Mo({N*hr7Xi8#LJRO*Qt%lEUmKgRD^;
z7iuPqMGbg%r~NVn*d3-*j^3ko-Cbi~%Q^0?NM>2PYO`P^D{PkY)X7SNYu4->--~u0
zRyd^}WBNO0FPoA~pY!Gy;<mYOH7Dj~vB}@}yVSXhJ!o=6UsCV^V0`0Pu+6J;g~?XZ
z_j0<Pz1HGe&H3eAZ*m=1CJX8m<!x|x8G;Vu%G>LBR&$-Z=1H7fv`qV_Y8MlN4w-T=
z!}kRDN|zB^ze>{^pF|WFPR8SRCa|mN=6I|@UI=<$3S2gXj#8K=l=X1-7`36A(?$+0
zYn8(R@Eh%cn;&1XD*X*`*wbv@{JjqOYy5W8_7TPxI+fLV1LPkX<oo;{#+twp&A^Nr
zv)AdSHgsfLHWPVqtnN2TJD;FN!pr8#SKx*WqQI5U9C2H)8o=tFZ5iteerHI@UO4{l
z2I`sNOA`J;O{b?+xHlNSj%3dYe0)3k(@aF+@yG$(+1nJgJ>`%?f|Q=;T*maQ#=MhI
zq7mg{)#Vnm?ryp{5jKRzI6~1`U@kKY>Y`jF-2=c@C#xSm{-=HiJ%x|GmgbZ$Pk@`j
zWV~Rpx2eQrs<-JWEcTfaw}tF!T4c*-`TO`M13}N*6~eYx_;K8S%v}4hd;1UI+WEzy
zD%mNWP%@OBOyxjZiDxH%l!DR1g5$T(`Hd&XywO)Hvm!^OTp)mS3}!+h{0qnX0r?O5
z2jF|-Ukugg)5vP=&$XDMIn=Y?$n+4Z1YPO1>%!=YK;WYpjC*;RW1}Bl#TJl$mDU}^
zk~!i)nGGd|qyZQ8{GmYo_E95h6Lp^?YA1*<9N@r1$e+6JvJnTW!1Xr<HNUCJ{_x!y
zoDwTut9448y|T>0JIeNqe{Wr#N8F2_BCqtli!`@?MlHQxdcq)$vX=1TGi6JHQ7@pj
z=Y-_l`(OGL<f=UKKwcEb3e_08U)~+@E+G3sW7<uY+N+unX)bVw_P6HNkY8Qe4kT_+
zgINrs#*ig88!;bfy+pKzFj$a2Ev+zXC^xs0!rDeKj4}o>;#wh^V*S9XRn`0Ev3+>{
zxDPsd%HiC_$H64ijJWxkBi0LM^u%@+ua9iOaT9^xRRUwQ$|7Tg(T*|%N#O<#fzl#l
z7?0j0+aJR;0?phu(rkXDngM$Y6=G1~2xE}{8AA)7rMSYZwnugzEaGEo6NVr)+?Jv2
zZ9i(GXg<BlS9tp+2vM-}mW4u3S3&z&643gr5yLgoc9%7)Y$zW$^+iW->1)|4-#Y4J
zPObOL7yX$aZ_Lk(C?AR6D+ls{b8=9dkPpA#&=<pNg))l;CfI~F3ua!L&Tdu(X^%n4
zNi4(A%<F}+owKsS!1k%iu7scGkLGgF0dfcULUj>RV8MiuP6nX4URTsIN!v37dEmAf
zRFr4S^R~=K3Q%6g^y2e7c{Ls8LbZs8kqKUAVDx@Fl1+BAlICCzm;}`QU6+$W{!*Ak
zl%C^Gban%Nas(w&Fqj3B_wrC#z(%KhnZXF9*Ur$S{o(`VL16*b16SOu)aZ!LA#YiN
zyroUE$La}*=zWEofr^<V3t4=8kTVyJX;ce~A2Jpc@?4aCIOXv97|Mwu$Onx1F`fHJ
zQ5&o?e)MV1<BHzsT$E*yz_p+szc=#=OzmJKUwB+g0apz9*mqFd8TEpyoH57>m%skv
z4e?V4dl!$ja=8$Lcdft;8C>NgUleSYV^`q|9{MUoxJ4c!%K5_Meh28iKv{>G;bHfA
z`O~nczi!$g`UXQgKY?9+uPBrgHE{Xi5ncUkva`RX#D)`JA@K7y8EzCC927HSpWst5
z1h_I46+mF2CW3#=JDrqclZeaa;|CycMT(XfKtL%+N$PoVGDo%}&P2do&L=pzv+IY^
zE!`F&^fuUkUfb9E!~Ww~KKR%*MYYg&T$m7#@tY7<2nH~yu58ixuu+`B#bZ)kq0#bw
z_AGsWPotrXbDKxiBqThZxpH;TNk-X^5r%l?=_QSwk4jaPb@xWMJLr_D`T@TP@`5Ef
zko|7s@c>3+RFP*ON+0HLdGI{9ULdQagc4?2C_Vn1!9`GDctsRQQz%#F5fm?8dpK8!
zkn$eF6@l{!=3`F9If?W`D2Cb<-m4o$-(EO@Tc$;o&d|U_22x0SY9<@Mui*@P@Kptw
z$CFiFFCv}c7^?Q$R?ygHOSRNbwZ_dYLPDXk4LUjs6hbV%cV(o$Aw@m81j+H(1DMv)
z2znb<b3jH(I@yU>{KrH666X{#Xni;Y9vcO1=pN+WS{7i8H(o9|@(<^PVkUevk<Xol
zGSPIo_e4`j-lPOfFW!Z;54n(5EM%m3J1+x@<MyGefp33xonsEQjr4?9Mp?wqe13kK
z{K|c}3zjgy5PoYu4pkM|2(QXvNvINV&_~rEg<|#qU|S4RS9T0#Q#!V=(f-nNoJ}R3
zc3057Wv}nUt>MQ6<W<Y_rlFvQf=zg7h$Ol|X?0(!(zG&L7T|EI9RWpGBi$Df7*2N3
z#k<W^yoU48jXQ>+ic#9H2;rTw9_P|ZzrC}$O4#ZEe^~^W?A^WZdpi}WyEGCexMmvI
zAxNMO=a@AOL8IU~q#N(OK9eUR8v=W9!jXNq70w)KU1AeJ)-!_%tTSiG*)b`sA`W3z
z3O<(MnlEA7zV03Jjv)EEF-Z2@gk^8{`yQQg8>E<ci;;GV;#1$>TO_$zHm0z@L)Ewl
z6C^@DHgl^h`O*a9X0rT*5{Dy~lRORFW)hXFzqLepZD^h{C;+$Ly!1gfQt*iufbHE~
zpZD`VnUuQI(nn}2Vh=G>m$|G8&l@%!n^`m_M8wwEnNJm;scpJ`bgy^8Ulz5XD=LGE
zN86ou6d<a6A123rwLgUFApN=#^Fmu<1hgYc3?f9h4g*Mg!CQ}hRkt90ot{XDd9*E9
z7oIaJAA)|yZc^8UzT8g`gPM<RQ}Tt1)gFB*_f1Fy-Dlcc%DXe6fHYCWt4i%It?~YO
z>RP36ghFE9GVOk`nfG%tj*%iRgMP)~2Cf%B6Y^1wMnQ)^j~T>E=Q1sAEKfzQjd<<-
z__!T5)yEx9b2kxrQ&pDdyPsZwnhQGunNw=GKfk{3jN#5ZGNmFs`uNgR6H#Udv`wXs
zEfl>TKQ4}+;H1Xx9^M1BRGKAlskw&q2nkAt{Njb#@DUysW3$dG4*z2ZHsz4FDD0;m
zoUo;pw5)RK0$)(d?|oP^sS7K)&^Slym(|@;&4mHDz~=IsHHI<7ExnCr&3}|JR5)Or
z_H`R>RFttodlMo8T=N|-S+7NeL8e)alQ@{TD)LEMq#qHD*0bd;=r?_IVaEIL(TK(>
z+Z6F}2}Qom6YcDbCs^2wCte930zMV65Des~O^(PR?4Z#(h&1C7Qa%nm$#v8#?Q;h}
zjLE29^;A%6KT{#f7S`U~JQF(t!5B{E$cp<<eBL>{Tu39;T~yK|H3yJ3{upN)t41(8
zs^yp>&z^}{$I?@Ol0RRY3SX-w)A_^y(FsuwTj_F0QF@FOLs3iBGSdF|e)*XNt*!IC
zQfl@;zJ4+p&{`Xa=CImrlKv`Pnzy_)vRBT6(@FddX-))<TR^xbua;&P-i+LOA;LDK
zeG1h=qTVT{bwo+-3JTc=7iBTi>q4lOa~eg~K9gWnX!td{n3sV)^emDnOk6UZN(8Zs
z+EyCeX<&U*YqcZ9Wa$au1ByUFfl~mG+UR&I6QF=p3QCv0WlAB4cEL&ModM=EZ7@Q+
zCkNV;=Lk-H@2OLKez5Iu@Bv-7Tu2@D`DI(I2%oLRrcYw+G-3SOr-~a3TI3u`*awhL
zS3v5!ER9@Gv|#Mg4HNE6j!^NlHtI>JvHR-gnuj+oKZ@ug%>5YRe%~I+U(;?*A>9b?
zJyuJQ4G)WVvmMiuu53&c_&|z~<9N@LaBS`nN#zpW&4|WW8QB8A@yaEws8buOSzZ$2
zkv$c)q!jc#RYi2s6&o!MRY!X0cYhpRrnX1g$3B^&I%jZ-ZXK_sA(Z_|UB4BtH`7Qq
zs9+g-JQ7R4qn=PM{?gWclv3Q~!t*=%BYV&dNH4;j=x|rS6x{9Ogq8bAJsbnXB801`
z=`!MH5{shMZ}17Km8SZR-oJ%P7mqG3@2pWXtY<!TB9-yYW<bpK+B<LE#NF5CF>*aC
zGo9Dq2tcRw<d5~zq)B!c<n$Z3mVd;QZ`92j&=r(KJWsY;j*is(7_hya5&qpJzH_I0
zpoDsHLCmYj)pfD)heqi@2AgU$CIuxx5f;7$Ehb0@FlUy(6GlVR59hB&uGgmyjm(IO
z0D;@1Wip-x!!g2WGN}aSx7)&f4zUlzZ+*K!f)Hk+1rHALeqT3j$j2O(rBK!vFy5xJ
zCX!ThP}-Z|%-EBKmY8ko(l%p5O}rJff|G2@v8UWFNI3!X8qbW`@!r$8GUX=y*8(Rl
zlyti)MgD*YUx;Wg`fk9|^WC2ObgJT|%P69nT{V&xv7{ma3kS0Gl}?o>>!--2CR<{t
z=$5~S%8#W@)y?)JUC`$=d7~y|II31wai7`H<D@+S@<pR+|GwPoW49zMX8N_pu6D^6
z@qeh=?$@%4gR<2R^g8^PKW%pprqV^{5<l6!Ag1k*HmAuf#(%V6fR5}&BjJiBQAAG#
zeX!p^yvu+Uh5EPYZ8&B&$4jG@RyvzI%EPT9Y&m^+kldb**8@^4z5S(IpP!#k1H(HY
zFal9RVrnfpBs@Pb_kGB@Q|ZlXq!qXD1oY}zXO<M-3M9|Yu@XOW87VKWX9JgXgoM9T
z^?NEoGz>#Pb20V4+lA{{@&d;EEUdE~n+}lB={4?un?Y^t=;ab@`GwvIIw|54WjdkK
zxkV#yPF=tFreR6PChZG#`L7WXuH4{|5gXH)jzs_GskNPw$uh@xch@V}pYgS->q$BN
z9IGAmXm^vo1elr850JcoRxNY4JT;nWFFm+lYhdAld-B&q%5rE3gdJA4xZ7s9NF(2b
zQX)9K8k@+jcBSgB#(gp9-%wq`Uh!<u=u}PBT>n(tqh#k!{OD(OL;Dz=mOP*@uN@Y;
zt4NRc_FRUS<j2Lrh=@tvmAFN!n=@YcPw%Ym0F7MZrK~lJZhIbXD_f`*tHLVM*k`&~
zv>l1F)h^A~l~TW%J|P`ITbrMpaWr|mUrxXX+qF#6ONXl^xZoeBv+uILM7Mu;pwEA`
z*HAQldeKmGlVif#C&{qcYc2P+FE5@JWr60m1;BOKoKn-<TSc`X&37zq``@D7TnqC;
zZ7IIQ5=1+4CB@JeWUw1gbZx#WrB5j1-W#K;z<1+HtIOH3noc$h+MzOUkr+%<E=x~8
zw++4O<R5?9wu!&^Ej6Q0;pxUGvDc~3DZT{McOe7J8uVVM5010$_op?hbtM9hMXOy{
zhC_w;2}&z4y^=jI+jsUkYSBfstSc=&MtA!ysT7}b-ul!s&3R+=3<6Ea&HPeba&%+)
zD?;=+>bmd?Xu^;AlXvfK&mn12JG`_e&IBYPn201Nba-?plAKf|Ry8b*^!7|DmtI^d
z(%X`9l*3aR$tr3f_DNFl-O)pJ<+fi@$mf~Z9-VYcdSzp=FJJoO8tb9ERxcDqjIgFf
z#o^9#g<9t_UPhhT7i}aWTKwo6?~S@qN_;X-)>b;N*mmfIZyU>eldDK@@@HK&Qo-is
zK~m{S-88G|Y*&iF-Zs@qloD4<t9`(O>YPZYiYKyRnTF=`wQ^-K0rSqo+D?!j&VOvY
zdR5~L`8U}ckPVNwZQqKnrSFyQZ0#Q4Y?XDJ(UVxlYkB`F<;%2gyg~wXlXcxUVa~RE
z12MdoyfXW_{sGAO_QnkBcQNM<&_eZ|5&I=4BkY68C=2V+4B_6Vm=u!_C0YqpiI4RN
zVnvg`7*BR=Y76I^r4Jjo(b<vm2XYQ-kp`V|xT~ms3f!i<H=;UM&3E;N?d`O%55|M#
zE)TBYU<_jhE(tSO>dh3~vsq0lOCdR6KFf=SJ5riI+f!a;*puc0F8pB^XZaOn0&x1P
zwVWCgSF?nni2&i%E@%ly&OcFSsI`JSUh!&UwELP&fz2f)C;VvHx4HUh%yCNjd?`^_
z4QR{2+H;Ms<l)2C89XV8_xy@l=}6VMai4bn7bCq-8WIVtPp7GaPO*;~Rx1mbHXCu+
z)CVzs`cM?<y4n@8SG19}^7HcYc}}7UM=0Utfog8o4`q9%6^4%$F~MHLG~2cKCwnp_
zn-a#-r_vX@Aipb_vcX3xAMom|gAg#LzGkVBo8r%k2OT&`Op|Hj3e8j8n{BcK$@#n8
zm6|mK+qXgtoq3e|Q}3&Y|Evkoic}gKHyTyMK7SS!-IfvYHR7GPK=PZS`d#7V(IL?+
zNiPnwuB>>xrG(M;tny83hVwJ5hOVbB+`OX0ixjqn%qA}-x;+3-y>{)sLAJ5fZ4aHD
zkcY{{hi4g6td2LQ+)FJR;!^HEZ$Bg~cE&dJc97hL`h5b*07{-?YZOyqXVrb~o2E5x
z`m@L5dk#uo=*Vqsyw=9K%G6`v)-GzY5qw^??X2C7jJst#_#`I7y(E2l_KQQsZ$_Tb
zxpAxv$V+uDI=0^lzJO#8j9>Tlf6TMm;i4P96&P6&SbDUvf>wfG+wrTHDDJKky7%p3
zT&h!voJ`ibOTPX>eD5@EbaZJ?W@s?8+-F?u>if04-T4IQ@4}rLL7$gn<ywRE4+Cf2
z4haWoef$|*M-UC+3IZBYx0C=;e~z{6@cNLRim~NRfeTd~A2zUIe!P|gjZ>n#fXa(n
zzm52xPh4ga`(p_>kBbN~#r5l*nNhTkQ>uL&;O3J=nN9X&`rQ_!5}kCk14Hdtm##Md
zjFbG>wcX!iTMVSIRSYhzROjd45!HoReiQR2qC8g;ekd_MVv>bSr(|jF`&{7_b`h@=
z=OkOdng)7J7DiysCM~gh*T)i=!LnzbIaWx0k$sQsMoSdtbpA+3?;1e2guZ_YG7z&E
zGt3v^-!b_~`MJRDv{J{d&iN3`X$rnoCK?ad6GS}US$NtIKqL2h(Muh+#%t4Q6Aw<X
zoz(TT)6ck6Ur~0Ri^!|~Lsc}s<<IGO`!=Gv6w9f+Gk|2Zw7!1g7{==GNyDF8Rs(nK
zt$sOKZf-k&X>8t>&GHB+JT0Y;`(f<mmMWR~$5!QJl+voQAf@Bj-1f$D^>V7T)sDU(
z>*lPq_wKgfF`p#Tn}Z6tYi}BB?sYpVb)LKnN3tN7WutPwfN9~Pu4CEu&P%_7Lu5YY
zd5;H|2N$FMoFr(>4Tz`@$`r_cEYG%-sNQCLJG(PR%&wVG=cU$r%~fyjVx1rU>>C~v
znX>1Afy&vYx@?3EE3zhbU0qtzmg^R=`Fi#vFC~Lz&-+7m;$~*upIJ&M^Sjl^Mc?|p
zFO1e|6+8lc<h7?|oIdK_U!A`XzAdh!tVGKEL_Ng%zgSKhy$u=bx#0iS#bAb?*)r84
zx<57Y;thSEt2S>in&>jJY<hfl_0k7lPv_U!z&;`);;%v7YVCL}`-gk4uPT$+q$HT6
z{EROVlX5;W#ekKnP5d~W@N`kS<n^mlJfCMBIi}W|Q&=ql&+B!3ft<WWAj$CC?2Ls=
znuUsl#RQjk-(wkHZHF&<=agI(PVooZZU6d7(VlwZRhgsNsQVh8l5a8emGsH!aSSl3
z(-dN%Mfw)9?)mD{*EPfac%pOCy2nZOa(;ipoQyIvs;gA1F8sw~p3=SKQB08{HjiIf
zbmko<GBHz4M9khNDPBK9sAa;sO@T-{pZMspZvl9d6{n>--8|%j9J)5(%-aJ0zIHd|
z+}61Tzz~cJ+VAoWj-BKa%UV*H8yWjqSR$tviywXI^qRg5x=larRzdeN<Lp4Ueg2w#
zf&{-=ay*y$7Q`dC+_vUU+qBW|9fpj?{-QS~N_-$c;5y6;0CQei-}6*R85?$wXgKd^
zYWdi#nVvL3hIfLK^`WS1b4Ft+^pR^jBM}9>mYh5zh8x-rTxCNsUUuEpo%i7VfvpSr
zQO@UTTN6$1YK}dA%)8fyB5bN4(iWIw37L+)LNI4$KE-lEPnevHO)2^$t@=l{u2)`r
z)o4DSq%zuug7>9Bbs`;;cm8GUYGuF)%}|fo;<q*(Ngh8W@Ba!2xYGI4i{@~D;!CPE
zi{6~LUM=3|lhLI73DuR6+`43wTL4YC8+7HmROfuyp)+U5><RN}Z&%`&yL4xC^GQ||
zd{?<Z63AfZYJIAFEF7~~3Y^hTj?WUbmt#^y=fub>!~OO;c;B>TQW0P#n?3#4%9m@k
zE2zqE9Cg#$XdRQ+%kq#~hVFmG^qScY^Kh~`HNVjHC`407*iR{jb&E7PBtXhLw3eoq
zT(>IsQdrH-#&Zv;&ar?&*{CE6e%3I(kKJx32VDs|t#)V}yaF&A!M_%rOe*f8Rz_=P
zGYZ@mHJuhL3kS+FV3)6xd8Hm1j_H~#C<^D5c(mgE8M@#ETYm4E)pA#7bV1B2iKPG#
zm1&VHk-Q!WX!c?ZJ#SK$G5=}SAzvZI&ktFxQGVMY!$od;f%q;P3j}m?>w<l`1X0Cv
z_jYY&?oHfu=k!mM>(|qki`Gc8FWRZh4+jcl?&^9b=(i+Hi@EDQJr*}v=XONTL8Q!>
zLzyTpP?SJC!Vtcax6$&K1t{jbRsL1?*E7|Ae)ZbqT-!ga@RXYLhqTIcSQ~$3szLiO
zkJ&nl>L>y2L<2Ga`i2(KeI(0Z{hT7CCqb2Av3c9HE-z5utRQ%)i`MFM-|N<D$}lz8
zUZ--*=^LizOXCev+iIUQ9QAg3a_eJfLwHdEDYGx!$fD!Gd6g9gUy%25^o@uDf@slm
zVml>S7H_Vs0peREulr?Fyer^OJzst%JXchyNLYyUZF-g2Z=;`9w=_=}%}M29?7y|_
zZgJKCyslz%R@qH21UWt~F)fn0qG^;SlGZtU!CYb_Wb<VJxfHn+U#4N+=Bp8#FJ8N!
z6FX;J(mXU)rXKekl`HKLpz!<NT#?T;A1h1!>kJw9$Aa0r_R=ja6_T}KvN2x=;L82x
zzxS9RX_ntWN?iiw3+NH%M(}dYbSXh)&d7wP8M4GA$LUwTr4?jF%5L-$2Dt@U6}{cN
zuFFGPCk71gL>Jw0BB!%TruJs2gR#cT>i&<)PX4+X`GN~zijL}8f+FPIsYDwBI9*<E
za)d*g-^>uwsOira*0O)PtX!4c+V5z$s=w@ORjxA8X#l%!vaDO~*q+LRZubtVkK7ru
zcr9=#tb6;ukIsGmgB0CDwF1QIq*DR|R&z3*^4Ai-23mI`+Q%#IN{yM*9$CRl8a0B$
z-UI<9b$XY&4(G%#<0<J6)mFWKk~X$9#hdTs=#$i%65AcnUGbus&Tft%I`H;+@K`ls
zb5}g1)aln&Y&E_prt^Ch*d=1lmOl6AHGfq`NOdl~$k2J=)hjh6?DJz-O6?&*WvqsX
zuAyC830E>+$-IuigIx)=f}~Y?Ds~?>A9I7U>9r5sh5ANN&=GP;XVx(3C8^aS!SJMB
z%?fbc1iUg@LIIK8iG$mvd-A!^PC5qFaheDMB}a)L>6WbArw)_j?wD9VlV-Y}FS+Uy
z5%AgM=U@*d`&CX$h5Kr;1sp+FP}ii#tOVSh4Ln;?<O;QPgrvI1uv*fYcEOS6(EWfZ
zv!7(R2V6>__qNM20{SO8>@OUx<-xgXVtXF~o}EUqipw~H-_qk{7IIDIa(G0kED|QH
z)M?(wPS`_(LWb`-jGU^UCmN{u6Q<y^^>sLuvCr2ohABlajY9{XV=~o{bZ4ej#A@sW
zI*nyWLhrs*xw#5A5$hAGH)tj+x_y!!+t!|0kT`9T`@;YAcHuQ_*WGvg+mbO;-LF-&
ze3ZMaJoUb@kcwvPSw7ed#B8)XF~1;&q^q|rdA9q_f{dDd8oHT-fJRigG6^n({ttwd
zk5Zy|zS<}H?Kxl7ot$jIh4WV3%6GAS>ZZ|^bDq*D7Bj<}cXPLejhuf9f)dA$&8`kT
z4OLBxkJ=>>Cuc5Yw6uQe)YX5P4^f9&ky{SSVXUP5-H(Q6J)KK%65o6&nf>|Rq+~TV
zJj0J`Q#l|_hgTwTf|%SPPh8;L;C#<XT)~WoZVhaX8D#t(p3&~g(sdpd5)u3Abd}38
zwUvf1JfF8OC3e9e4NuAFho-}XUMs!Z$T_K8t<7B~Nj(qo*=>r3)nJz2AMcMjt<5WZ
z1mG*#7IKF3waSP=mH++ed2C;aaYcUX$13<(J!DVX6Xc$-ng{6AuHtt7xVCyzU4=d7
zQLCR*>Jz=L4c<NYF1P-TR{9fmK1mfJ`KWjA)lbd2CeARji1s-UM3t+*6lhw0ua@AW
z9(R%-LRXa!*TH9>j-fd29ofPeAS|WMq?<?ecEm|hUB4bgGtoBt#4lZL_$etfu2`Ps
zH3^HKSHS65cF&Q&FK~g!&UI6;??E-ESg9wl^mvY3>)z1<=%-_99_vTBxXI%JrL)LR
z1JMlRpJso$rG7Y158#f<S`NcSGgQyxS{`xQ50mhlJ-OlTI9BwcLC{MrJa3mLt3U<|
zSkID5N?cbK<F;b)ffp@Ee9{^cR7j*yYsTpWt_bsiPJm#@pW0qhq<Eu6EhtER(@NQi
zQNc9NiOt6V8sCgwsHl655+;|U_zW@1XS1(RR2eKh?4O$alII}IAZk%Y#X7HBLMeMW
zb^98BXlPu-9t2i-h0XWE{8p{IaL?U=B6#A3mve8-Om;FlI$y6Yt+aIy6xP;sxvM$(
zG|12YbkD0Lh*r23;Me~kY(U{;x8p>2P1QTN7bxUp?{d!1hNpbn<O|Nz@_g<DM*jBh
z%@gH1;Ys2<D?24;X;`^g?}9QVE5}h^TzWEpO}x;JXK>r*lh$WSUV^B}jyoW`7qlW5
zvo%*+UJI>3EFx=K%EoEB@!TBa@bp`Bgb>f7$zA#0;_iE5S^NmM7WU=#=G~gtxA<Eg
zxH>vn>P2@KL?`svuDY|?v|bWh%&Ls<@#4RMQbM&@#(fn+EnTTx3~<dkt&hYPSQrno
zX(4(K>G8)Oqk|oE*!a82`IU}qWXX_IvSx2oy@d*4_SceBBfJ34&kkeFOc6@{siEV0
zfo8sl*D^XAiZBwlf9ywuZ|Xf5NbQZJ{PpvRz?Q`7gHcUajW*>Cp%1e9tK<9@5}D3J
zlzktZ9QA>>2~IyEp7bTgpB+nPb!o6Lyjv_MqRK?gtJ3EcIW0G(tHR62@_cnqCO7J(
zHT5`|yF<rU$6r4O#w4toI_G~(-4Bn8*5*sG3CE-uRx0RwHC9}aj^XQgVU=dnIGMEi
zBqeSBb07`XtGEbhh_^vf?M=q!DU7D~!azYzXhw;wt@pW7*=TT&a<=IC!(L=+x5!)5
zQ#dQm=<?PB_)^cKzo?$A+iR;YVT8=k1ESLOT3h(QVb?DD$pL@d|KVc5W;K#j=AcH5
z`{qz_K>X-iP1U8tIIq#cSw`esNs3Wp7R7DlZab%s5=jXpQ@N}T<T({+euO)oeV;mZ
zy8?27-o}=@wrQF#l+su5l>Cz&f2K`g{3^IUQtJGSbF<ob`zVpo@ruOP2gzUF$ep>X
zLBB;IiyK4v8UDx&!tQaJEQ}7)=6b--Q_G5@GX^fQua)9-@NJ8LPMv{)Xk+sk|KPYn
z#@Stiz+J3S%Z=%Ej=bB^F&*DOSUA?%Wx$c}V<%MzQ_HhQJ;oaeI{K@oaqOCPa@7{?
z_OCpL>iT?3^{yzLnKsh2;<G&8%>!ygGah70im{Up$2t^N=qOX4Aj5{o*Axg_%xp>o
zvQEYX7Ifcz=e!f|$JRP1=Of}YS;MO4*gO`XykH#f95+X2>JsH;$7-r~gU`F|^)o4Y
zj^>I<6{Xp9?r?MJWbwYT#*S{S33I}y8$T0QzdyNgJzl%3<A?jkre~f5{o(DU=bH_4
z4ozN$3w8GRD;FWJZFtUO3G(UVQI*yg%O8*v4_l{YP|nMpcrw+GKrNBPv1fnS6v}x5
z?}ov~#IRk-OwxW@*Cw;ry!+v#7X<hmf#E823+mKn%GdI<igSd=8hw(u2*m;VS5`Cx
zd9cyOswaSYTiEY0;&^E@VTh(Hy!K%w+X52eygLzpyS4G+Yz6oI;-xC-O!1L-g9ugL
zUe4St`YoNVG_HUg<u$Ka_1AZHw${Hpm4_c~toFL$`o55h_#UzCX0yemP>#)<Q`3!?
zUv5QuZBP|LFSQaCXcFUJ)xD%acWl1#ZG!%-K!KqieTRihJ2NW1OJ6#iteVvQUju<b
z=8$w>xO+HY2Ge=+*_BKu3^Ox_=J?(VJvu^k$Bgm(aYM?=A#hJ;3V<mP^QE7lJ8P-V
z=c`_az|Bn36O@7tF2HM-$vu6<40wygN&#vpd0cBTW!`z0(CC*Bf_AL>Chsy|(z)}d
zCqHdYzc(XuHRt_ejScYaT@ATXxARoawWw4dVPgalQQF#^4({>FD0(~PoYk>Y$ZdI~
z;7Z%nMq&3E0NJ0DvHh+IV7)TErEx$Y*NeeL;$tMknsg;I`cd<v_Rqt5KISx`th2ae
zL8=@VwBLS(P}&UAeGqr@qNHw)yQPE_pQK1*L?V84KPPcIEU^}8w!0)f%X?Dfz*v$w
zB*kYm;hPV*5kOBUiSvm0WBM<KNzeqlC8i45xLTHO0ZFEVHr+Ftl^1z7MHZi&MZSIZ
zYJPP=SwgwV$*}~=(aW2(Cd6D<Ayl2^b;k6qc<*h7FP+kSBWBN5VYlOyt}|OwW|%e*
z1H9K663a5YCQH5QkRraDR7A=zR$W}55=Ir^I8jVm%^fkNcvt$#2_moD&NH|!#Q9yU
z!o>8KhCFlZ9zINJ_>s)3dJ@>jAF=?CI#v+Z<+~i#mgXiCLjH=SgrV&|DZC?@K7m7R
z8aL|ME(0l<*}+99VsqJBbJ**Nx+0&bied>1r^>hk7{B7JwZe*p#(=_;oL;Ui%|Mp<
zmLl)+vcT(%$$?q{Wz5G{kzBmonxs;$q{-1vVOsZF8;Ij8M9y+FKSm#iopg$W79eW~
zS`R;3go8!#G5R`S6hcC(=zjxH?jk^n7pxbgFr9$k5CeAU4l-<=)ZQbTvLC6PdbH$6
z58T|8ZzLQf@MHEd4GmMg{Y2`qD**lQJ{Fq3LhG$%PyxX>M}V5$&b4S;6!A1IDnn^y
z8q8e!>96umc^oKLWV#fUGVbH(IeIl+q(HTBN1iB<VqisvygpX>yZZ%(8K&cc;`2vi
zcu>*Bo=WvyE)Xn15|DNug0H$qq7!^3Ar|(n2i$_phow7fgTqiRJp{}ma|rK8W*_=(
z+5s?0`X6AD)=+l3$!Ds`$Jn1o_G5?=Dj15kk@zS0hwz>K(agPB`H}eok>*#keN70x
zSx^Xr)+OoIm%?NC$ug`6KtsrGAn%!_MlwQQ`RrEQ_8XCg3TQZm7l3>2MoC_%e5lrA
z1W<MLWYjLO!S2I&-Z5jFiJBZ<{qz+%bML`E;tuUVZaKLzI5=J}fhtj9XaR_2q(_sL
z*cN}^ca-<{2UB97a6`AgS5(AYxF!3RMaj8P^fiYng$i|tVa8F*>)<lcYKBbQR>0Nj
z(ONtE$l{BbkNIQ({$a+TSTwUxdXb;5n#27D`7!c?JU8;&wvq7<-{9Yt?A|QB4hHW1
zh5iVzZbzBqJ-a26_g;js=skdfI7J$H7K=@UsSiQb?i{q0qF)~z+3g`ZBiiKwCHRXz
zgy(J#+U6X8Fn#C{yA47imaF93fYd^i0$OLdKA3s<$7pr6Q~R7T)Z9BE?c(FM9rC-i
zyd_s@Jpd*?ROL(fXk=EZ1Z*yz`o-x=0HHrhIlcICS$Q2ng+L{LFA<%19|D2(fR<VK
zRX?)sqC$p7^dj}9Ze7OCi#uI^j2^^)S8O6ff7Se?(W`y15rP0iU&OVFuV}bg15JRi
zXMdyjMg;c}fMPP3c+3VQIZL64c-h<d7c{r3P3e7yuyl?C>!_&3s^Qo-U?(&%Sz9k(
zm$=s=&|3uQpUyx!2~lC_cBGj61v81Tk)eaS9Q;E-8?qpww2$H*hUad5@ma_=sgA9Z
zgi>sKEJn({_8G+|N8enJGeyu<Dh{PaiwXgbWksa9T|Ewt`}yuo1%oUTEiT&=B*q8L
z715Y)s1R{4G5eDQkhk>5uenjNI?&`<lNaYfJ%8^R8i_##zrPPcEJ0X8N$4`Zuv73W
zy+`O)hk!R=7$M#@eDG6-{ik}Fh>GY8%RPvJ9>Gnl>6AVpQX{`&01O}51DjxR7f!k~
zhMl$lTIszAi1}laeO=kh7jAtng2emL0w7ALR5T~_E`fOM98=X{)RJ^1ouVUA8VeC$
z`T42j^bgSC7z}cbG^S@+NKES{G!Gz=tE})0&5PU-w%pfa7H|H2jKiFL`Nm|ncG7&F
z+v_V>4PFJJ8<8=hcT)j|QtjihqyCFrS@@IPhg!-{sxD{J1fNU-Bjq>}CNSnG_4^d#
zzO_&|EL5?fv<`4|l*`)pkrCw&zGx*dWBYKq4JKn^HY2QJ=lSL839c!f-~CUf>AZ`k
z9M;nr%>YS4gj4E?aJDA9I8j^JSp+as_q58r{N_bL`YU}bsNfQZ2DOya=E}?>DEeAz
z&F;oXha!_@YAhVcWtjCuKYx{I{suTYJdrkO8BaSsHK4^bN9lIp8L=LZ_0o~MNL>L(
zrrxjV9@{{=<lS_pkO-BqTk&4ZmXpOR*=KM`ab5U2TO<O5QY?Q}(Rw!kOm<&gFXQem
z3z?971W)rcqj7K6K-K28Z{}_B3oMWIXxp>#&!s)Bw4ivR)qS)!LKbUK{=oHo+XN?<
z)=uF?c_vHF$CPACRQMeq0Cpotq99O+bXiZ8_D+M$wQw;d>C#k77}^csBS)8=tUtYd
z>9zfhQmIHlzxwdrkQGInVSr@gg|-S({$&HVz7yW~IHjkBmV8CXC?xmsH!#7g@|b}p
z%|^=~;DR{^J<NZ7cSrfvdB&?EDcLE4g;$hlQKCu=ftVCm&R(5cfyc-*zCbDlJO%CZ
zyh#-tLAa7YqPqzFW}ToGZaVizn^kfgWxC5buWpo5oI60^d^CHzZ8WU5>;a~88;UVv
z5O-v|dR`jC37$i$r7({7Hfi?JP-+u-nwuL<tdzgu$~k}<<=Y41y+;7hyQ?v>eR+n_
z`5j+rQF=-kO`pj}#FwUz5Yri$d`XtvnK8y&evg@P*8>7&2BaP3#+&mg-7S((F429G
ze@7UQe)-0CSAduUk1K0#s9W1;0bom`?ziZ1H34d>B~wj+KmPLJ2*b5b5_RQ`s@RI9
z&o}p1u>J_n-bM^jKsFS!Usd=I8vLx)c76yt4b?*9@Ui_2#ERco0kKHzAW%6!8ey~i
z0`z^0zrMY^2Uv}`7!fD)X>BpRnFpatf&?#Gq6M13)beX#HQJittd#h14>;dTfwz~T
zueSm&gy%^#p}Lh+$hzyjF~#Z+7BQ0dQh-1`LaQvr;D8#VHkGHo8KF{so`#?R*`W}J
z8ApwQO_WBAKj7!V_?P|0&pRXyr(;qyYrg}&65ad}Y3^2cY3+hVTHwgN5f2<t@~O7h
z-^*7LdGYEd0ZMt~1nsHIMj!8g7&MQu^BF<1g;&~Oi*#FEQfzs-QANmG1nKm;l%sh(
z+|EEYUQECJ^{5H0f_B*z1lDt04ypCJ|KbdO7eEDd15Qja1o7eKQ=6_*-)!VGdgY|`
z_0_@djbc!p+lV1Jd;!GzUIC6r{R{xvmv9;?12{R?XHwT9ZUTXR=p@&A@HcM*ekvuq
z2c_g6EbVuk0Hx|G3~;?+gu7#XI^m`0>X$AiNdSl3JHMBh$zIW$G<FFZ3i`}o0Wve~
zx&4j)sFfunBSFF}soQdk&{63j0NLG2_I(8KLnD);k_@T{5?|mV?Gy9~0v4+vO`E5>
zE*n+0EPV*H1VkJ{3aE1>O7e1$wKBQo_-3GuN~hnVbHl2Oo8D;y2`&KxgX+%-_6;Gd
z_COkQ>_i0|9rjR!l=Wi?Y#In(tW^m}T*iJO&`zX0&t!y50)b6^MIbRgnyne@N%Yf|
zhl!o34DY`QWw2_U@BD63?T07b4d}ofh8Ade+V#<Q5a;lbBA{}vf*K+Y@y{oILsXwG
zlhl)X^AqJ1`Mt_%q?)9q5Kh{kITYf&bKNzsGJXypaTx)1d%8ypIzJ7Iqb0pRmr>}`
z-Nbs+`h}vGeUqhNm%2JvTw9D#+u7L3Rt;iBnmcr>S@F@cWyLc|F-NLf7l64$@_XK?
zcEGP8T|%odg;QY2Paby{lC)(EdJG~YQ~2eLR>tS=U|6QP8KLyIif*EyaHZ!Z1w9<$
z>`>OTnZLH8U9s7XaYD1tvk@VCtxOrTyw~Q?2JcC4b86Eb5*kTQ@iKlwO|JUm`yOmw
z44SWP#AQ%+8wRn%&G_g!)g1K*qe~-Xf!MRW=P-pPRWed=xG)q%7s&-Ts)lx!YH$xW
z@=<Rsaj)fI_4LQ+pZK?TD6<qBNWq7ofdkMzA-2KnC5ffkqvyQM64$Nj+4kSZuY?J2
z8%YWTa5<WR0z7Puq94$C2+hC;|A$Zg<SAV5Ndhc`O+4d;ePa*EQZhi6Mx5GZ3_1gs
zr2eyn+;G8R2=ar<O{cQe9w!J*-ODOli`EDB+|C+bBLGkbpb#ouW6cs^bSOr^p8*j;
z{J$OcLMXvq%vfS8tYt)R6$_imD}w@lVaCc~w*gx-O?l2>8md9n3W2j_m5%hzaqn2N
zS3(Z)TfJU8+J(UWTm+cPaek^-MEjmFNj*K(NpEoRar-@lfs^(-Z`AX8U-Fr}SH65k
z$Yax4=<cir0{@*5vd}r<O~-s2bhvcy*UP=zN9pckN=N-@+_=|GfA^}wN<e9UX<d96
zBlb89+=69>!ka_hi)7QxmdbFP#sTVU5lB$)L>k<Yzn8&$7bJJV8$nVoB2`*I74kw1
z94YcA)yxOqdkD9M6tgo#D|uNOqmQzbycZxogXpnkJjic(^a;Joqoc$~i_2mtxS5Jp
z@jeBwdqL87Gk|BPBk|fWz>>yYz$(3XC(m?X8FBE1<+h^q4tYNygKERJJJr^RE---r
zyQE@{PJ>%?2b_=BCq`kQ<K(YIoRSchjwngKYO}{y`$MSO!bb+&C?C(f4>O|rtu*>5
zV1%F%<a3@@6#|;UFHD!AK35tSQn@cn0UdnWKE67q+H_y<IF5j9YB}WYw2Q$2>&m*J
z>agmsV1O11F0CRcE^Oujm~s2H+*f!ina`vv%g?RP^|tZo7c^%8sZVVKtq7t+px@(<
z4=qf^o;+!O8Kd}cjjwy(zt|<HITqa*;bGSEBMQ*OQ<BN!hj8&&vylh{tUgvO7c+6K
z-~dQ32@?R%E<3M~0Q72MiG3aR(FJ@B3jXjiBsjRZyY>B^-p;~U0Pi{37Y%r*V^_Xb
z?9NpTu|^soO&GM-;iyePi!gKjK6m~|b@mIQpZ6N0V_~^!*;LiBu|QE+q_=e1B6bua
zcj~s(;}HL4`jPv3r+EkBGz8o|v#Ai?XbfI`b?iVnIoJ?6ackevJdQ|Q?Zr484G$mU
zcb(*)81;fa=|d3G&YL3<IDCBj5xSS)SKtRY&Wpc$e0RT5NO1T!4xU6u21Fx(gWJyx
zmAvj|J~GHuqZw7Tu^Qv*Ns5jLSy9l5>b96qN;>%bDwTc>97#w&=rd4N-6E%O{Eyz`
zg@Ldm##k=m^TUWv>ia#%&<vp{GJ@!wp}mfDUmxUfK}ebu&5tE8s9wR<3v^tWZvTXf
zZlsss3(#pCC)htco?U_eAFL4iaXc7?6px@5M0}j9vJ4+EDbxJySjW0ERNN=ujUZtL
zH+v@AXGc!pE-+&JUb)=_cKHk`T)jinV0tZDo7cXwY3=LOL-aLRLHo1HOpnk^AT4r}
zDsp7&8IWIPwbWB)SBf5Q6<<~?1p1|~SU}g)J&gfx`^o-Y20Rqx4&m^nAJ&S10PzX-
zivqwwdsPaNO<YnZz&uJ#Bj$)6(6@_S>MBa7XukXraQ!h@C*89I^AJfHXp`YmgMcY)
z?9<+UC?%P)o3+m{y$Et|0*uouZh;5j_ofiQJ>Ud#`6PCe&H|lIsU|--S7FMwNEvY8
zoyuop<d_|U?Tc(rkQJb&<o9p}S15b`!il(g@%P6F3T^vyve%Qozl2&bj3CZx)sSs&
z%MdKVccdD49ilzM3lIX!KkWFs!sw9q5Ezu$Ql{#!&k+OA?(=EC*Nhz-mP`t+u4EpB
z1d6ZDe`<;1t80muDE0k7M)AiKA=7v!Zw$9u!i!p*;m@L^?i`eDk<>GS>q<+hm%w(d
znO4&C0f~XnBseJjmKu-$6h`iEO%<qzo%g@V7P_xf;0QrjhAZ2=c@+Z1Q7av`erzUx
z+;Di8n>U<ZykQqz56T8ULh(tnzQ2HF7O%P9$(0U%GTXl%W*|`k{}^EmL2&d?io^my
zDW%Obiek!GsJA;x`0(AI^@5@AAkK7TtzY~8L{x9XMDTcx&3KiY^K3h>bwViQz`*=I
z#QywGpw&R)D%V2=Avp<PDi#Bu-`@G3Ctz&kN9Qn@x}4*^OCR)ZCh1D^Dlvchvj7Ks
z`}cEbhB-Jma}6&m4Mbi+<{279a8OFMKe2;P+5ZuH0p@r{dU)e;$kQluiZcHH-2eY;
zrrzA-Ag4Ps{8swZQlW;?N>yyaf3M(wW{Q@B0!J5=(-gTpvw8I0|Cd0spH=P$p2HMa
zgZ{`Nh!kdV`s`D!nD(a_D2CID#Qlk641RykcpQB8mun<j`-^~i3g1SkliFRQNDzU5
z)$WLUZr@L?cn|f9VfYn)EuLExveJ>44jK=8r$fY`*}8$>L|X$J79;|Iy=1#QDatAB
zw`_kkJA>EW_84e8|NAUJW47RRP&~(zUrEK`!PrUWe=OQ%h**wSDWU2w;bVFUG;Ac-
zMX8n!O0wX70E=qh;UGOg#wL(H<Yp=x`o5PT_s2@d^N?>s|A-FFOZL9kb5VwE{Pe*G
zW9>i~!{@vylN^?BrCOK^$URD@KK<f<)`)RLnduZ#e1Qh4fP_u$FRA?zE}}QF@KjxJ
zD8oOm{rB=>IbgD~4W$2;!yjz|kxUE21234_r4G#EzyCL)PZ%|rbzlhdf2t+_EZ(1K
zU>y-nlT-Hj*B{V^_}TBx4Hb@w9jt96D9_q;t5EHKy$5_kRLgIl5Sa`<G8yAmWhVam
z9Cb>azgi&&d4QG9HImgiz%`a3O$F;3V~^;*q!8}^Yxh|`gCinozjG<_mA_-i(Zg4*
zg3JnSvkw|u?dvpyI~?W~S&G^C2g?Kd|JGfInE!ts@E^TKV~{qxo6nC;9G1#et(7<b
z&nEgyzUVeEQ1iu1?A8Ag+&@o1(ITqlchTbi^ay4Ok*Ps&sL8)%`p-1RBSAYnn@%+S
zwRQfU3DyaAfO}?r1F#+bWjcbw4h2}VvHD6L3=6f`u<u_8oc*^7iXa7`xwzE_z2v3|
zKnWz&n(56#j`YiM_x;O^BVO(t>6rMzTQJM;R<X8^X=gha<~Tjc{%Rgxe;N)%5w7#i
z`wQwFk93wJuiaK-vkLO4@sarZGrPb$DW+p={k?lc!J6kTH<v~;5#?l#u{-|rsCO)K
zfc+m$^e@rVBcc!2Ri|XO6!b-!n*Q^*e}25d2J@T1WpMrHZU1GhMPQim^dAKO{`EgA
z<ct`yNWzEX|H}#?fe8}+(A+Baf3478i-k1<!QVJ{DC93O!VDqnCnJ!nFQ{`6!Y{i9
z;<?upANy}(a~D>&2dBpB_d-)43ytF@6#7o8M``oj?>i6jy+J~-gv(kt`wn6cWoQ_V
zN}<1rndl<%k<!1V^IjT!wKM2gB!Pn%D8!6WVeawCQ=1OIQyKW{QCGyjbYS%>+y5Pw
z5YfdqVP)cQ^)=4^t3xwVZf7ak`+qXczvaRWqBkd)<QDfaZ#{P0>3<e5Cw#Hi*RMza
zH|Yi;($zh8#`bT0{+BBJ-x>kPqq5&m{<D)zk+$!Dim(5e-b3Eah?8RwY)o?S1(l4J
zYdWkLsh(SS$}WF>ax@d{mb3e<R*_Z7Lk82&HWvb}^?n{2?!UgSo({HPKNmSSk_dxG
z!NTaA`Tt?S{}>?jCwM1iI(p9Rs8sGh8~i_iKbV#&vT-7=9Uc6y-~S_-KdcV_+t&NP
zHG+30nXy{SKQ;)BD54JcK`rY)lle;P!<PTs5Clnpmi2Rm7U*4hl%8?lpY}fv5*lL+
zx=)pkZaA^O8Yg|=vl*XVaAmU$Vzu!79U?yv3B)5#{QmqLI34-i%{sIKplX+bH~6nz
zfATq;k3JL}2s8jL50}Bi=Du=)tqnz#^WTPQpsnloe9>#LCgxd+1J<NOIR#^^cm79%
z=Pd}Hq%GgqbeWf!sC=?dbpP{H{IJnGu~obW8vBne{IhgeO~j(rs*L?*EB^H(ni?Lk
zvK;-Z;rG8s0ah>6Un_7Ro<GAQHUg3zs22XbAAegJz$l)?q3oVd8Dq=ce_aqcyk<W)
z{I3CipEU9Z1^o=FFJVO_F5`)*JW4mlQvg1Z|E%$V0+>SmpJXBjUy4B(7Klum92lrg
zH+aOj|1#Lq;;`xBER>%ee5bb?h-i+Kv(J^<6pu?a2e}^p{z9x47~;Wak@defHxcZA
zTYP=b!@vvS&~NhlRmj8WDI`RJqyZ16|GW16Q)?#!myUPH8Sw0QP*620q0JdiR+r&E
zM{ScH+$VWZSNxYee-pJdnO#M-7*Nv4f-aq50k(aGb$^uyOn09_CHlFy=GNAzf6m1N
z@x_B++{_>E|Joau+)@Mk0Q!>+McZWdQ(QzkRnlBEeL4uN-NS&)=%=8$dXO&rj{woh
zpmZ+J_-FRN9hi&|3SkewSbE1AQv05CU3(w~c7d9~wE6(I3I||cqNo$y_!gmW?>MsA
zQ#b_S_er3v9%y(cPx#M%+LufnBrIHLMUeC%$cc^sQpqEZoyjWq{*z7S?h}s{9F}{F
z))cq8>Yh)Bk;iM%bJUQJ_-|kBBC^w*WPGF!zF7tr;L#9({&WUtM>B!+Y!T{K?j^_G
zd4{0thoMs8o9EWxNXZ-NCnaz>$0FTi>|^W-QtHQmR$u{m80>}aj9(Rc@axBqA!vdz
z1SAHr1$Sn>H=x?DzhMt)YDlZz)(#~^^}sWF{#ORwJLm}+199F5Kir|B63P89BHiPl
zuVIKj6nYGQ{q$%U(2qkx<v#-}iTC~^-UF=|_lH%AS0LPn!l5xXC;%@)R6TDCYWV5#
z{fssmwPW3s8qYXmrJ&$D)2Zj0`a%9T_$3lIT7=bfw1{_2qLFZOzHL9*93|zTy8QpN
zccnp1T~Syh0wTyJ5eOx?)GA0x1sj1HLJ=JWkts+OL_@Jv(Xt2xNwY{;v?wmvszlO0
zlz<2#iUI*aA_BIuWQtORM1i3}B8{nGQHY`EB?ggB|Mh42`DVED-n}R1oO{l9zONEc
zUHa@irtc4^s-yU@j;<QE1Jo1N3haR+#yH6W6%5}WMA13GtzdA%G3U?cb)elfxb$eB
z`UMepooZI-wFxQ7O>6u!%%NoNQcG8-Gv<~iYlj2SN-gH@r5e-!sL@M16xsRu{3j8j
z{$I}Mc4Jp=qbw`aq@-4}sgvu4$CK+9X?~Jq^j<@qORvb{d389w%ma_o&m}{r6lUNO
z(DA5F$H1hDiD*D_*DPNh9~K4Ei883=%o`oq(hF1sn2H8$D8~D7LNV|oq8KcwGBvSt
zhivqsWzbBeK2=JHVxYe;?R<QP#qwy-Tuc{ZhE$n|wNAaZN4gNTXfq};t6VSpXX>rS
z?K!*B>L(p&^6d@D<7CD*AEa}{i|@N+Z{%MHDhf;D1hMl=ilETy{ESf;-Uk#K>N0LO
z3<*2--NZxl5%=rItca!)2~Xe162(v<!gqbudnr^FU34^t6{=oU{=%$g2mXrKf=(LJ
zMi`+rI5}=_PIgeAP3|L`J+aIm&6L+1{Go?TW+0^E#Q{U(h=^zAdd_*5U31)E+4b+%
zXW4NK3(``RbJ+0*pxbAh`o-0owLqjG4d{VMWE=kypHyX%%ZI1z=yHKTnG;g_42UBt
zeJr9{I^=bpiIq>jOg`M^F#n;xwB9q?SdhO^>V508aa%1_7a2jD4IcH`L2A>oAHe)(
zz~K}e%v{}Z`Tq6qDY0w`N@LP|Y|z;-uMTDlQ>$TsO?2GaWqhSFu4`YxoFeXnT>!lt
z*a;AK%A<r4o2^~7-4Q3(ilC<~=?K~HG)Vy7qxYi3s?FdR+8a`0HGaWzHUM7nbh#H1
zWEV0HFo20*elX#rA*Z&0=X<USh^DHcHRQQq*{!PA1EeuNhn<ga+JCJETYQ29U>eFF
z3EXNREJQKM^ysP0ej94;yFxVcTWHd#zMzqV4Q_4{0;(M+*3q{${pLB$QO1ET+Sl@K
zObgUn#UFrXB%svF<6QQ%8oi0!;K+>zab3Z67<1x-UurbuNV8E+8GV%u@XZwhJsf6Y
zd<=RAdKaa@5Z|{x)5fy+qTNrs-%{*o10K*TL6UI$Fu_FaZf|%YFgjh7@f51F$>)>a
zjQn1Gk}(v~8jQOGA%pG5LEKm>`WVldv0}}qiLxEUn4UV*y8v?$gRZZIawmW=>}hEE
z)?X1G$!tcQ>eaGVcLBYryi^Em4g*Yi3O+S<dDw_~SY=E&!Isf~|8%e0^Z<;W_inVr
z)ZuF|p*egD4B%bc+@G%`(uSYeJBNri)HlC?9m=?!jTEMRlx}2gZh*Xuf$7_-Hs)xV
z473Xqq&0;;%uxuH6qRpF%ivg7km!i*!K0|p6)Ijfd8%ShrDM&r2v_WK(O*2_9s{`F
zsUd4FvnExRR5>b*J<T@AXVGoq$CrYFIy_(HO?FHv+QUmfw!ibxL#ORG?g4dUu%H(l
zXWP}<ajE4_(yJcbM9@*@uL#T!vc-E)i%~@cd(x(1z*D!UC?1@3niuR=@#F#%fe992
z80dTWv-8}_w%h?vi#6H`?U=C?S5)U#fsFzkiJp?mK11SOAtJZ(c<;>sI|%nW7ZYA;
zruun+)oh?r3@)Yd*ZH-a9&G#8x+RYm8Oc*5DI{)b?V@aH@;>j@OR7hKfi*;;IKG|I
z$>#!aV1SEVLW8!KI2{*dH9RT;L<2kgh2)5aB}<#h%z^;`xV!jn4FA`=ZI7vIp_&s!
zeRk7w5_Q~;0?#YSzf72sHoV(vvM^7Z5dU)l{vs$}T)22QU@EoJ+Oc*4uQTp5A5EQP
ze>zxIRED93lWoSEsTaU(mTDK8`Y-LLpTdEY<gairnpU@(ZX&b5Ulr=kIGd?YfK2HB
g4}X8Vw0rYvveBa4xGJJCZ5I4(^zmO;@;Qb5H&jBSSpWb4

literal 59458
zcmeFZXH*p3wl)fg0-}->kPH$egG9+l&LFwTIfF=S5Rjk<G$>gzN|c;Iq9Q?ZrpXz}
zAWcrqU9IolXODBf?~eQP{x~ptbahv)s#UY*n&Fwx>@amzxx2T?Zlj^0-Bpm6evXEA
zQx**k;~w@c@QwQpd>6c-yFHhChE~!~u>n3LSm`NPtEix{fNg9vOms4|o2Wy;OAMX-
z-`le2kI`=Y`5preEz}MT^Pgi>!8_{j19+jv{C&rad5eYxJ`sXfNGAF}Bf<VmjDL;1
zDVurYU)vb>z;S4jno<f1;9b+=rInSlo2`pGbFcpZ_yXsJyuKS68ZiUvg|6_N{x`T5
z+)hi+T~9?>$il^m!_3mf+=|27=>_UMXd>Q1VAILU-HgWD$<f(O$Xk@|&k;gk8}&6O
z9nGIZ+#N*e^i<Soq+DKF(eQI{ad6Rz-KL?T5qW88E%aPk_MhS4lPI07yZZ|vPEIc`
zFAgsr4wsiUoZL^JKIP<k!ujM0J2-;f4eIP}=FRTx_UP|P{&gN{D>sXmb}!uRT%2i8
z=QT5T@o*QVqeETj-+zDSY2|JAUsrN=`{%a64RWIPaB_2SasK<<V5kV{TOoBjZ!1TA
zX*(w%GjI(tz9;-5e~$kjd;aT+|1nbUzeaNN@Nxa;(Er%=--l|uS-q5UaRS$L7yGa0
z_0Qn{-1*Ny5l+;t|A#34%K6W?K+s~hML7Tc(8O+=`Lv?cl)_G0O$)pOjYIvRqcrOA
z-*?nDG`AB{mVt&Qfu<lWspXBnorZO2DU);@k@+}A(nvq(aX6+V{ks>Zn8%M5BxLl7
zziSB6(3D{+Jdzwn<DsFzzx9@0QbK_+fkIk+$y=TWvx|pDArM_*=~!3o>t6La(#323
zUhReFyh++YMhZ*gQK7*spIVDHpFtm%+-o#U8Z>ll2{a7+|F)@4i&04n)5)*?!t#GR
z1Rt9QhM@aDjQxAY_(!j~AYU2tTL1g0|9!#M$9w<x>p#W7&Wd+<$#UoaI6ZI<aPfQp
zd+~n@^IuQtf5ra43im%3^#3lk|0xqp8ukA*GXFm}udf?U=6q-S1m?GQn=hPCe*eI0
zNaC@n*RQmeyoG^p8~g3mLEjp&fg^YAc12J9n6AleaqXOs^O&}-6A#H}sek;Mx+exK
zqi62fga8}nEm412QpyB@o5Hlfb{>BGM()zM$f%aS-7j|GDByQ~NVTTwiU0aFfu8f%
z)tNfi<r!7sot0l{Ud9c51pm0nK-x#&PN6@^?zn{}NQie1U}s5PB%2BX6CBu&qns)@
zMCsZ_5T?7n6v4U6KVf>K_IS#n;eoE<5c}7a80Wy7#OsY{&!1&}#x(Zb;XCQ&8K}de
z^8PmKIqkGN<xuLuW8I6*d+2bg=8qt%9T2<Fin}-V_OGYB!-?K8@MGFj&)69wm`eN+
zEaBqnn-EI3MH#p}HnnPdI2!7N_ZoRtSh=-~9aEg^?bLc`d9WoGOfXC8mckd(*rT<~
zBKgK&h+m%#%(4^~Axh;_CI2NSMIa}oNj6fxCCu}uC^_vXhHawua$&Swu5!+f8@Nz%
zB%1g`1<YD8F*SmJ5McPxWTMZV?k~?)*^NB2TTAmwzu5I^nGTI%#`u@CRI$1IcSFeR
zXa<Ebu1LY8k4u_<;()ypb~vdoyP3c9Xx-W^`*Ck~R8x(;xR~@-pa#?LAJoV}m82&O
zTAEvzyLHP^S;khISbt*yQXw$S(2_1L?+~2(f2O%e5?X+oCVt>);_i=o!o8F)zM;Pk
zM8mwLya05@3y9aW3}avjUEo&xKT7c&lT<wK^$VOpLj1?}moP3!P)9o^N{})HgURxR
zCH3|{sWhq{cdy_E_G7mNH~8)~CGyD$|Bz?-Ye^*3aKK$Lt3C+^Tlcwvuy*W-q93Ak
z;3dH+BC&;nA7Xy~>g&`^2O3jMN5}_$%lhRg;cb4oe_5hi(y#XqUVqbM!+c4&esucK
zjF-v#GwLo#`7wx?RNXIj8%jrHmGDFl2g{P)H{s{s34EZVN9*|0{cuRG!S8r7@5xc_
z=fBZaU<HBcrC|;6cPea4qV-kO$x^tzP#S)RFHm64`v-f?gt_y0k^U~ChtuZd?31$!
zjM@WZ%E_&=kKgT}Paq@ZsatM}*Bn%?se2Uf?~_wU$yo_bPl_4%7SjhMXs35cSf~rW
zO?-Vd)%5)qd7VSaS8H$9pjG^Q?7+JMGlNFHJJt6}hr)RU$3jpl8#s)bSUux+8f;#M
z!NPr>R$I+p5!5cOR7_q!|MSBQ?}&Rg2WB2OaVARVdf00XKkArBVro77I|nXxFbAyg
zj8@t~{y^i%3<B9{Sv3rl2v-?1XNz?WocL-_mm(T$GW=?0I?O3CX+GfVnTIjVz#j6<
zh@Q+W>lk^AtswK$M(z1db{qEI+V?$OOH~b!3Dq_68@t-OMwS|w2Hu>ZaO>4@cQsnQ
zp7Y(iX|R^;z#%a0Sm_b3t4|owG-Y}`Y2$^<QD>@DiQIo5P}g#OwMUD@5<mT(uwO{}
zNqH|UVdrei<T{x*c*=1|hD4=gIrd~eU|#fi!eSAN#_!&%Z3}8Q2vdp1s~l~zt5qE8
z({ETYV$QH7Unt_S62(yx+$2Dh+h+Ic+P%gY^3=mPwB@z*C3+t0!$=9v4q#yX95`+V
z0jUjAWANX#z1XSs(#%!fQ2P{zfsXC2Vj4>6`64gPbLyvB9vneM?o_3*P>np_3T42o
ze+#F(K|~rV>CSHuaD6e~zy~+1l<9lBybl&^&}q(*8^h=7+kdP<Ny9GL_;eppi?)B(
zX(Q^U&?a44t_XWG&PVfRh}1-)4Y#D})&sGq))`fjwY=szn$O2d>%op8_R8KTo~%zd
z59szPB$(3NW2T{NX;KgiUMRw{7N|Yr+3Hh`>xR_?gP;Z0MIAql8vXPQ5v}?8%U=TE
zrqgl7m06M9tfku(Ay*L`^*<FZUG6s{;!Eq)UM&%QqN<n;A~g!QI`Zr)?*!}ig!J*G
zWTqOX&lCUSmMNk?DU4|dwqx_zFTQJ0E#b9PH`#n0t(zEGY7%}re!70%aX)~QAlUp;
zzd3-5BU)HOV*D(<VY@=fC|xIkM0RTz4`E(hJ$}0ec@A$W;rZd%bagzvwM*hL^iH3%
z$9Mfx=rf}xu4L9}B2~dp#ix-^cI0Ns;%5slA~y&3PO|m=qJ%c{2aS#Ki@yZyHDBy{
z3|$}QiI3?Ry0+tYZXfd)*oV8og*LB%9TVOh-fX>o{hWkTHCF88vro)idfF>QS67n`
z)12nlnlT*%tAw?H7bVcWHEw-xNdX=tNy}+_^2vEo#Ga@G&vJ6HkPm@i_S37wksAYi
z<9d&>_gig^j13PHfXd7v=moG3BTy<+V$$*a-k+r4F!Z%a7T2B3y@tJJ<b8Q&V0YE9
z^9MG?+c$q?ks14+t#W_<HsF6;nXc_M?{{+dOzGRZ;IMmEgt83DKT8h!g*o}FJ&|W?
z@P47KqNxbZW<9T#{0P}zAN{$^kRkuk;>6SnguPa%e+!d-&7>%iEO6N_4e=CL_fM0X
zwtVK9ls~Hb0>==u=708K5Q{z>BJKw)PVAZxx7lIJ{H68IekZld`I;y!wkp9yxOE+Q
zv6nGH`$?JZ3V6iCnQ4d8rkG2Qmq%l|Oat`CKBYgV#4ffq50o%NF3!<cTmmi(Vt#=!
zcqiH>Eq3z1=10G1#-0l8JFLIq#m@53^YQ<F`gKjd3m?Oeb}#~EflQLapP`iI@I5Mi
zAh|VY$N2`SFQEV=!-P3%b3_e2TGY5p_*hFW?AEWRENT_TZ)E9WaOlgqSO&^IOC@+E
z#oL){KuD|CBBQ!BjcuS(g+Bb|2?Ez5`{DOxQ@A-Qoc&qce-zZ3r>mZJkh_f1(^$W8
z-lUN%F*2xdwDl-W;_~TuXcHn<D&~E*nkdlQjVaY0yH1WpB+H;)LsT@s_CWUfa!s76
zX1BbP%0niJq!MwsRm(I`MBP((03sa4UGSi06^uy?Ur4^ZuIS;wJ*frZ!-{bsQOJ-^
zh|fXlzMG3+3@+xmN+!v&4R}hmWUDCG^7!NHE4j=C^Pf~;`}Mc{6B8l=UeQyq@{~hv
zgwbs*z;lYar0ka?1ysdv!{^WXy;={js9%*as%f?Jak5i-_;oQPhSYV8m6GcT|N3ZQ
zzg1jo{Mfg=ofvn-+NM7>NxuVl0sI7hb$`U~81_!;fJ@Tyu2Oc=ZeifW?bSq&w017$
zul=8>=uuhhAI_z?G(T<QOA))69C+)XBA_#2o#ON?2~Yg;MVg9vHo{_{zK?&pD1lFS
zp?<3bH{F(4cV=~iQCLOZv0eF%(q(KueL}Yq1#h3;lB&+{E%{sTCHA#n<;2>0!i~Ic
z&ebO}eZ+pydEy}W_Oc_AoJ8a|J?Yd1y{pl)@oAS9%8CI^0h!+E=J33F3J|bW%TYn;
zQwy(DpRUGb3qe0JMPG$E#tr6q4bI(!QWQkqhm3t1^8I{GW6zA!r0d$Ok8w#GN<p~!
z+3R_LPez+zfDhccalgY<sW5;HC(DOAE^+&Vmt|ol;(=GJ3jddgDNeJ|(yJt{2vIdF
z*m=;H%$4Ed*;<C$l1+I9b->d3`hlFs;a0_45yWLMS90j{6W5{^_Y9(^z}H<d4mw@S
zknVUzXi%Y?Y7mb5MZ0<#)DjOJo0pcW`%2&#J9eF!peN*3i)#-l3n6#PepwYz34`AY
z6?OYVn0Fd%TE7@gYdBDz8&z*P3Z5<m$0FF%DH%rFjL!(gj+D*gCaqj|ytm6c-(IeY
zTAwUs%@aHosrB6_%PKdu7+AJo`>dE5mXWjbP~893V>x3NR}o<WYlL}Rrp3vKoXXRv
zCPoJOq}TCL4*csMnJjU#__bA`N)pP6pB#uXA!921RU^&7M|(bY*{O!Bwt2<dq`!kE
z8O$Cb1$;>2OQm~tJj%{H_rj#7y=PUIon0A5lejnxc=?P59PcVckWepQ_8||;qq$go
z*-8yun)uS#PO6)9Wqe`w$t~MX^h?Qu%+9yXEsi1*vC6^~1Z&qk2V5{7>~3`4tZwHS
z5FtV?d6w6CN|W*two{EbX*=4j+ym=BMxyqL#H=c@Skf33)+kD3PIJB`)IuksQP;=F
znhB`hP2XhV6vwUc%#i+k7&q@3qOr<krkVbdMQYByKA|%?$aPG^wQ4ao<c`xT%K>^Z
zy$_+8v*MS(e*l|x3{lylvS%rqJ!!~<94-*ppD@TOObqi{L!TzEXI~U#AuUsiZJ73@
z;fzlpVvO<|NjQdxwz!FG<_1C?WlWw=ve1tUH6yCR3{-K5caZ{d<#yBE4Fo*XhjLaX
zulCym;YyrM_eCW7I=s8x*mxBm>llXlE?Mr!>!uGXl4|=CdRw)KuomB|cbV(#+Z=bk
zNanIX`ruU{BCOrwnN*1URbEsx?2AMNJkfoa60Xn5`3i$4&G*6()rW{@53s_V2#Xjz
z4KCdVM0GW!xXiQ$=r?<an+$}egqa4mbv{LN`G7o&VYR!VV#M@_P{2ufbe*#)I%RAU
zb6aP%XT-p6B{KDa|M^J9+cgA+u3%5;&7#wN8%XMIZi=(wrpp$rq_SUVF}=;t!qIcH
zsT;z0!;Ci<GV`@s%9Y^*4@l4N2RdJHw%Tg2OEse&&n;=x<3UeSDF^u(6Ia2NZtMFn
zwEe1=D&jRld3m2}SYewt?W?G=;y-N+ZkRUwP(rIV{cPovCMnwTyA_uxWmWr&DODB=
z)6PRL5NOixSHJyqGv!u#`jTT!@<Pr=e?5~wA^EatP+Gcz{K#9C1mhqxiWP190rO~<
zh@=p$h!j32<IjcZO8L(}yl~ucNH2GtWW;1qMTuK<yX?niMf69TW5u@W5848v4z+%f
zmE9kC?P9E`qjsLa<2)+)u1aj5-t@IrqUS9LZm&F%hE6tt%p|j4)@Zx&pnvgen>#Ke
ztiXuAwd4DoFivjqvqxsU#Fise(S)}d>iN${gsr}ZXcU@cS!6ZG>5}rPSvqCLJ*a}c
z?dE@5qoMf-Pt)nMWsRb=ZW%SlcJoyofk|GwM#xan`1+NoL-5?1aujfILzwkDE!bHy
zwfJYKOlX}a(7A>5+>xUlxCeqjjh&W#pU?ZwTji!KF2#cPX<>>BidaOjD$kr}Z0>d=
zneJsW$T1xRwkDSuuab25L2PZ_o5t4suxI+|zK|%1k?kWJs#=68Oy)6;I*ZqU=!vp)
zvQF!IPNFf{k|I~c!ISCLa+|#Z=`L>;sE?d$PIO(tX%nIBNO~a4k2Y1OV+&d(E!gxU
zmy3>8+ur_eyU?%W3634l9LLgiI*Wwz4VPV7^H&|_VAd&=#VYarjU+0h@tsaWdarPx
zC~=LpjTLz&;yZZ!6zUMC)1y`w+Z2dIR!P00U^5|-9rLP=lQ~xto@IR;kn{9tRCC!e
z=AbK<DRiyF5;(GZa0BPBR)kDqL+72=!O|{AcN@lkDKW|x?oGW%_h|+pVdrESs~=_L
z5=W6!IBQ@kEn47bZ1?E^0@(=rhln?*q=p7#)}Q;%PsecZNdzTM;NhUp1)RzVul3VB
zU^3NoAsSGZ++Z9v!l(C9d2O2x4ugJxb>$AfQ)@m{y~9dAq~bIUJFDiY+V&9HT83ES
z#H%U0yqhllRbI)H1QEVE*LpDSXqEkxF_VE+qXLAxbGo}-ild+YYCO|N`TL#k;iP;7
zg8e-SY=R(0jGfl^*vj?;Qj#;%u?_vo&i>)3#Bw!F8>_vthSyAMC(pNGx86aAzj}gv
z4AYEAwsMZ$z?sH5xEFTSC)=8z0O1n0z*Aq%;vd!Wy|OhANO(UCtov*U_j#u{lDoWf
zd)T!*j`@@QxtSEarr){l;Z;^&?V(|cAM?BF5+|qW$M%9_=bb(!;$fKum2JbmyI+|O
zutHBeal>|qfB!MZ#l_+5Z)Sij>Hd+W?E}Q01X1FTEC=1g-%70Fz|6154qXa$3$t({
zeF&0qvLM2vh?rB;Px0^QCFv;HB5|_Hy$VCb!Wbfv_jSLA46y}f8<>r5emS~ha5IdV
zpK@Zjt3lPFq~o(DtC{;=(~0USe?h}+qD|H+JAnY}1TRvAE@iluP`0xBCo9ZzxS0`V
ze~{yDoA}kq){3fo<8l~&?BCH^y`+b-qr&wLP7_6$8%GJhK!k>?p-g%;IpELFsK6OA
z1j1}#<`I4pa!qx2sUDh-kuum>K6pD#k?$c6dfyXX*|xm^&f)fPSFpBZP{sCGL*fJF
zL9JB1_1^G8-<GQ#m)LW0@Z=PDdzc)UKhP6084;Cvm2Sa)qL!=hUz0eW0>eOM_xF`h
zCegh3kr%c^=EFdZ?G{F|0_S9(lIzR7YezEoMjaC#Gp*LB^37^4`?<*OYmnpFj~jOJ
z6j~6p=3`P!erCSj$h@1q;*lo~%}RRx`IOMtvAb$m;Tx}YamY}tst|LS1G!#KPgE&`
zt-&1sO%Z?Rl)*Sj(w%I-6r8M`Cjy*5Wap|8_By^(F+|WeL$hA<qE(VU3b!3Xf!pP=
zd&K@dQ@x6dOfB)f04q<*aOZ?Y1-2Qlk@5KyzsZwDo-4!F>^Zl|FQzG+8^$`~PZ2*K
zNxeGY@>_gEVozwZj3h~<jh;S_R;h%$`F7&VT0ok_1&*5rk|<DX59jaNbEZXvqEcfU
zl)fBJ8iog>VbWn_O$0F9&Nq(4B-a*CuXk#Nu$d;wTjnn@*EbQ%E_<L=%bE*`9Q5*p
z!IPZwpJ#IwRLit;D#?#jxr)Xv<o6{iug8Si3K_oaVhCF&#O2X%HE3kk8AsfhiZ%)=
z1`9Pka4MCBQuz*BFxQmA1wWDOv=voE|8WU9=RuKn%I1~sPkZWFU5cxu&itlebH~=a
zCH=B5$Myoa*1j6R3CWGj_l?_)<mwMuM7aj&UP@wTm3J1LLn%gWil}O8UR+uPpX&-u
z;E7H38Gq+@h#~RP5nRs<e)h2D?U#1RzYE7N;{VISfm}zz-;9pV$kG~LtB>SASlU2L
z-JNPh<@1g)bjIae_N`J=%RP0!k`zl{(zCHdw*AzTj>F1T(N9=6`!4;(Q$*IOyCL^e
z=XXcG?>)J^TmEd#y&t(BP2^qhvm21tuR}DamOTWkOFk8A7p#@jB(^KJCU2J1L8$qU
z-;Ufj@vZ5k^2Hos=uSo}@oArPE?;wLc{5a0-?iX5U7N%;#c==-#i!7K_5uFdWIhL-
ziBCqo46w;7Sr2uQt4UwN2zSWs@56=7$sNx7%Y1qlv@m<-yVVWda1FYQITG9o&AGmf
zqZe4Tu#O&MM-YJX6;l>wB2BN1ujJFGh#f5+PnOn0%2pY)T!=!JsVS;BTqvBIj>fYi
zhaH;fU>(`v!nI=04RKZg6n<YOa~c`J1<~sHz=?{p(FxX%Bg`bM0Y*o&fCGbESM#0G
zleIlF(y{1?P&}%&%L}*A)b%jgI@PCG&bDBKbx@gvyFB~cKEMi7yc5|@0d43$U?(Qo
z1MWSW3|RGFGR)H}P-a&>lq{7_l)nx06bIXy!%D33+RSf4UqXDs5`}lFG*uen3`Bex
zqdWC@&58F!I5~e%dd+ZShj+-ZnWOU>Q)}$7TmRazUuAJhA1vgPB_AuEJ$7P*dA81M
zGI99KkEC({bOTc}ONeyjR5Xdp?Ab7qFu!{GRcdW_xQwW8Y4{<jwhaBN<R;Hi->)FA
zr@vA@;ggxg90qDw!S}29L|feRqe{h)2=sxjBzb{;#-Q7g%0;vU9MbwNNbCkf-DWfL
z5Slv>f9j@s#czxuWk(<zX<9DlkZ7(%i?T)77_-MFAwzVKHzI#f$PW^=CU<V|rhTSW
zhhk)n2CU*(2L<NdsJ#tz!;y}3;ulwGBSH~hIx-@PkeQ=?{qst*2qC+CekI@22XN0s
ze&JlzG<%KMEa*y3UWWMDN^Dp@X(FeZM%Y`|vW+1^iV@o5XO%w8Q6XJ=w$*)hz2kMp
z2*U`t39m1`e-2!7>@dLBSuRYyK&{d8JHVUBm7Us@@mv64B&6{ZF#;(g3>lWxg!TDH
zuzu?FyrDb2io?ju%89$L<<LMvt%4TyCg0k_A<wT}@hJL3;)5xx5)n4F<?O7}Q~;TJ
z$bfjxHEN!SK?KAUomDM}xtBfc4la%RvPN@^$sJUa#ESq0xO28*$8!)BmuH_vvuLuX
zVrU`^e@|+Y>MAR5PgS>%c$mP^gsz=cvE95H(9N7TQEVuOv)BPg4EnwTAc0M8qRp$B
z#CX|_%7i8Ft0Q=@snc19oZqb`P+YL+mLR1J&i+6?PW;AFH5Y_=pHN|5WtUI}4*DM;
zRW{_CV`U$)eQW2%JKo1*`S;P!T|C_`Hahzw!kyEhzg&$^-KmkkLn|MhH~62}2)O;~
zePM{gQB&ReC%K#pv5aRtK=vMYAnYTY7J!J&aG&ex(HE{(oZtL<LgQwf=|+9_Q*Nf^
z`l6+__XI!`Fa05n2j+za_Fr;>MD=U(k;d}wZhd@-1|DPDvlzH+A3oA0_#nRy_;D;w
zz>-L;(nus{4>v|`1mqa_Y~;jV4m0^rxjvpQ9a`6c*yRiwR}P5z3PI*eQpSoCccwYq
z(0^-o&t|<B+q~rU{(}Ik1)PuU22)=ykn;C!axqr4EZ$UK%X4V}7{tt<x(g7Z7cP61
zy3T0&%t25CKme{%Nn~f+!iZ9SooyDD3biEId+!}lZBW{cXQWu`EJ#&Ho+nSq`Q=Xv
zyI6Y<IIRWz#&*>;hFS@9Qn*cIamyV^x&9v6lM+Yv+K4Ux$_PMm@4GJpEX5tvUA`Qo
z=j@(ul@7pu^zGtI*f1}z?dr$eKp`^INCT*u){VP&75Pki$le_`NM7jAnII8~T!Zk}
zuYl*f7tHOqVRKiNS8#A1OYC=Gt_h-VTVVVgPf_4n!A?h3V1W1ciDuzu#b7{w#jS($
z)<Xy1H|Vi~;Tg!_r6&2!;Z72r>r>;bgOAbW@Avo=bvrK3)lzTy5w~d?;<Te|+9$!D
zp8#REm3fVv4#yt=&a{HSR*sZCW#@+}UaRea4x-1q&SP9Z51LJ(c82Uj4||ONm>I+#
zE~{@e#I-xm_|j7|b{8%`uQ53NnoC}Vx4ra_MlL|3`zO^BUHw^7rtJ%hH!&q!kdX(P
zv8fq^OP5h$8<t;7u6TLY;6f}rrD*}DKd4hP-fHWTgk|{KE6<9GA9Y==%ZcA^>41y=
zCLxsN6TAdyY`Xsn0Gn3;0H48qQt5p9MWw&A^FEc|mcjf>|6=Cac4C7%ldDZ#{UP$X
z5l*=OPGK97Ssx$V{rqOb(0erh^QeOnqTtZLM&0}KY9kJ(xHadnIVSNdPVd;CtY%48
z39kNq1q)YnKP)RVnze1RM0mG<6z-yvh|-!mp0zhH33g#(_%TRa@31=G262Ut#J3O)
zafZ3GRr(;W&3nSzgTbkVX>S^(uAbcgPOyA=Fu=KU{pr@MBBAWnFYWKJU_7xp3%66`
z4k;xLE!PVSqZ5;B>NQ0ygG<A$Z!n+V=2|Ka*k`r;XCpp>5Im&_WamjWzBfhH>*jQu
z;&`G?2T$iM8N0y!CvUysTAa_u5A!_I*ldj$iwEwz4GURA=2@Hb+=}<&?)eW2G8zk|
z8989-;ex;eE~LH_0$e<Ir3m}sZXS1Jmtw?89$fSJ*ZM?bTjQ{5a_7dVl*y8;akGl*
zVN@dW?Rf;;fTAfPWC@#eZAp>F23YaO7>Dzpf5re`sD2;az+zOah4&u4yP8Bw-a}2w
zp7VhGU56>Zdvg}NW#=1e0gw?Brtf-QF$ui*ufLh1f-}}V?#=c`wbRZG+N~C&d%c^@
zAiTZs`jwF$iMRvH^S`)zFX&|Z4T&-7(&?Md*^}mzrWZ)ChQD1ck+iILTWD>qpWelo
z`5eKq*?e4G`sP*7;d?0TJdOUxl%CzR|K&0@mJ4Jy@g!HoltkY$8eb(n!5Gawl*-5U
zcjl-HXVtCuJ^0_Rv-lD(e-Wt~e`P7u|A1Aw#QbWReEx-hxfh9VG`~`zjlU*#?T{?_
z8(YMw7Noj#N_}K%^<kmOr?qt7UHs0y%ZDPO)r|2XmSc0&=Yyd^wRz*(v7+bgQ{%eN
zMVf>mYDxnu4>EHwE!R-cCqhdMlGxS#o6b$|r3BtS>D_m?FY>lbdT&?4U|^Z)V6L|m
zWA9S{_>~;J*s8$8mfe<p!C2X;=CZ(Nlq?TY2yc}WKi4?P;q>d`cq)sz!dJgrzs2a)
zC`i^ny-%}xA@IEu2lH)|1pLaYtbTVvX<(Uq6YgDPCom}TDXk8Q*wUt$EH!btA~!y0
zHBk}Hw!R4^?3PmBZ~PrE-L=eJP*1Xh^HJa$K>fA9;D^fF18(M2Sxd3^{C@<lkW2$_
z!g?k6bzC*3V>04RmtWe)&iqFAX`D1~SU0PdQ@)Yd6<LOYD;Vwd{5`0M(R?j6l73*~
zRB9x}{?kI|cylsJc-OYpp+@t|Zi-F5=;4jnY#6|>`kdjHkfN@u#+{G!zp~je>`AT&
zK!COQNaC8Zng56RpQ0$K2>Jn8^_~VLxY26&;8Gl7fPL-|uGd`aAOrd%Lo`}wHFsb<
z{n$&Hk_qZ{pg;=e%@Mk{(}t=I{ouuJskBd(5fleG#E(k7vI_Y*+|t~QvAGDYce<d;
z@A{FrwBi7>g~OUo@$6<}3ggqQqRN=MxdyH_CwiC<XIrv~8!y2Ph9bM}+PZTi!>#VG
z=bMF6luH|@{#QNfHnXTYko}ymz^I1#43+P;#({AzA5MuJg{$-vE2Gw&`Ll|Ik_PG7
z{pC)kXX#TaBQtzCBJc6x%A`jQ*0&f7=C?{)jCD&7Wf~179W7eG-2`e4`xA1FNGf5z
zi_EPtC}ZA7>S}|^36olS>ZnmrW$R)nwHV`j`ap4RGab#>Y&0;ku%-9MN!qUz;!x#_
zWVEYVxOCUwa&3XcLV|&_0us-1KF727(Fe#3OWEfrd{VwYk(dVO0?ud5Qo(Hy{CH3o
z`8by`(6v(~?zB~lpz3dRbuV@WL~dKjW5R;lSd<dQ6m9z;oKI9s-NImstlzoc%YRhO
zV1OweMg$~9Jp95IR;MO@<sPFwPL}04fI07eWmyVU&dq42g4yE{E#K#Kir98}0Fv~C
zd9zT;ah8;~0~ZW1`(kyAqkiE%SovC<rm8~v)~CiW_U3tcJLOk6<HwhvZiYMH)HEn7
zvht;Xw;ayax=vd4X145@r3mc_;6L03y25^k{o$Vi{<n8T@2*|!=kxZ<lO*i-Whn^8
zg1^b5RD}*^jh!{6)$y&{cestArNbQm;;?s*kjgmUbBQHzHAR;+J}*BfIx#)hzUAy!
z3SUct#Y=JG46>$Ga_2g;ccm6gv`PRiDRzvt&1asvZT{dI!nCJ=%NW#w8#*nzn#H^>
zF#pOee;z<u$)jomE403|9`HAIbITo(O6grGT9U>!9d?_eU(CpwFil%3eP3P!`^KgD
z<UP<|oPmT|lSDoqr}Pv?Sa_nzjjF|rke`Adxl+9j7!FS3)l(lh*Kg!zixI~0dCYC*
zov>2Q`Csg;e4UfK*%X{??Lw99N_Irlv$qnfrb<N%V|;vDoE!OuL>e80d;>Ux0lraj
zcTn-RL?#{P(sk(6iQPE25>2)D14$V^TCV4RvA>6{`O>U6F2Fg)o4BT&4Ch|>KT3Pi
zl2)f^diLvqET5l=-O7H_J^$Ej`j*2(q`RTP$&>V{)TohdAtlnW3XBSsEzR6uXv;1r
zJas)Hk|f8;nrafcXI&}cZh_v<xtl&Zoj^ZWpHU%Wx3sa<t=3vT#pVEk8X7+`({ixo
zcMxd#^juF&qSfl0^Y|OD*(k!^eFog6MJ3_;$;LnBKWYH!2Pp~GRAc~}1I^%+$0HYW
z-}LHUDaWEI^|_XCPM3M_N%WARk6Ptx<Hqd?&vwE669CgHqt2lA$CTvX4%9KuIu<Ro
zVEZt2Rq*0-IzB1G-<;%*8Sk8}oUs?e7<M!L^rk&i$*_L#DuFBtQ>XWzicp8Pr^65!
zj>L}1Uvsa#2rEJ~!ff|%$qAh_q+kuGhM5;Q7@KMBk4PGS-VkAnavhZwzYU7<3VL>T
z`+%n_R#mQc?~4LY8(I#50v5paM>be-d)RvtlUJ^U;>5D?xkDyCK0XPZ`G|P=hu2;H
zZ$P*#G=VCPGg@^r`G@voiy??b0R;4;T121xrh%fwT)w{KToz+oAu^mgqE!);hh$1V
z`X1jSjurm;3{X}G%aA?$87V)%qu*=1@%LY*<p!aAF^sNdxr-b)o40=|9lTPc@e53n
z0}E5Gpxj-clFa+%xQ$4SzIamAkfEXxft`hDt~@17u0U=>S=E}IY9<+1a#TVPn9$74
zf!qQcoUCrSxfH}t-T|G;&L{x)RKtyZVfr<T8a{p6GF6uVW_;na1)1WZWMEP3?Ww%y
z@W|{i$tGQ)d*s&h4H^O+a>(R7AVNjA4FI4`dci$?-y?yG3_jGqnp0S|RnqVlvD_EG
zbZJ?d6P?LSz9ST6vxfLqy|xkAaEMgW<6G3)Uzt3gaU0M_ti0n&&U}2?HdXjL=rIZz
zdy2l*LP3DxjrFhp^MiYB#<`-`=1fvxJ-om;)}OQk=`GNHQ^nsyKH-G-ErvQ@D_vF$
zsv0T*<5mKgW0J3*(5lnLwZrebsxZ48CK4C*@(WLKEOpBr^W*N5Me{d_Dv?IQpT?&p
zKP$FFBtx7%x>#Y>Vcv`|D(FhIMK2!*Ba9_zTtM_<yV9X1y`Y_Y+Fa6C`7KfwD1Ulc
z0^GHeGBLhtH@(rC-Cv_MzfommFDQXXy{skyEPnGv9gmCIJ^#cBau*hBI}6E?IV{oG
zeESrxFU_nab>_uMYcEsP3cUuqe@#3@_q`TUQUP=%(+@!NgR|8pQAH9Ou5C>7J+%u}
zC-*oSpNM&Y9xa97A^{ibZTR16S0EQz%T2=fRNf1LQvkd)sP#9e=<GLWufA2;7tWRz
zRl}c!la*ZKw7&;xu7dW{Yx|7SQ*HVB6Hc|WF)y8#zf^Itm?=H`xE=f2&cP4T4CrQV
z-s5U!qut{go;^Iz>592$oEvtQ9$WMS%MflmvdX}gLbCJm4suVHjg*7|#?NAKvP$dV
z5e2ud<|Rx%GTh0-cWJg9*=H|_>X5NRF%o{upLMhp6}V)>JtGeWpSId2%e%tIk?rvk
z{a~eQpjLV`gUR2Oj)8tb<>U#wsbOKhzmxn3NI>LYb`CgfDze7?3XumEE)9S*I5rhl
z2=69S-b(18O)mj}yC<^dG?e0{JcVc~Yb5lpJyDvqWcq8uqqupHzYynk*|aC>=0JaT
zIB4a*83OSJXSqr%MCd0+{1~U1mhop69*1Ct>5mFW&cw=Syx+N^0KC1%cq9s7#br5<
zHG3Wd6YV4F5Uv8d?c+HVl<0B1(V8GSSo(#ysEIy2FBoSPqS*S3t=Sl4#hwit1ZGvt
z>FHus$9s0UmbZY1e*-)`=SODDzd8H|309XOHpx-0-&YRwg3nA({{rSbAw!^ufn}zE
zk(i6y`5p5K)QhExNOzxa%rKIXQ|Uk?&X#$oi)<uBqrJ9TlEGf=`tqRuLD2BTR4idV
zA_P@VWtOsAiMH2FUfp29Q#yde3km@MfPNZ0Y4ow}czJ6{kMJhm)u;BKCQA-yRde8P
zl`7=6401(DR+$TI%qQ7+iDcUqwlX1Ud`7d4cI;|9#u>(I?)a_w+xj3h3of=FNHq58
zQZAzO7}Zdq%vDKAn0YVocG%ZcQggYuznsQ#FPQ)5b85Ro616@#Qoe$A>f*j|&M-m{
zA{rBAULPkvK10zLUQ1|WPk7m$PblN_@h5bYJO#$@htwa;E*X@nzHyf-;3)ZSm&@%e
z1mmfW_uW6lAz}=v%?7S5(|z0)F&xp(-$0F<MJUxrOvxaxupZGwIMNUx;OhrCD|^|m
z;`2mS73{1gnhqJI7(<fQ3PQ9}6iayteX7apaSHc`hVL`OI>>L^O<e%SqXXi8q|+!Q
zx$hZ(*f(<3GSWu}rWDVVLSWNUCXIx59@wb2=JU6QPiygau$f0|dW^^#lna)6Jv%D%
zi6R$J9g4w+!<Q^6y+C<~{%)&n(C6Po4iT-mpV5H1S_3LBDyR7N&yrS0$Izeq48_!t
z`f*Yky?_nEX21t1Zsf8zPm|6TY@3U{H5o-XYhK#sxzwHYvXjzF8I!5!AT#*hZS(Y!
z5zW&Kz%UXT>K^{Nb&%{(64ux6QNqh#Jcp>r!fYy{Z13B8u7suc;naGhg1t%5zDYsl
zpw@<P=)S7ZMz*?3m^<-ydZWpR86fT8?XUKIyr*N#=9zp_B3hZ{Sica2JFE};>dXLR
z`3{QS#33(xgvAus6Kadb=S2V!D`;mw1}BzL<@O1zlk^7JOqojl%7bau!IxNe=$dTG
z`KoISr2}lAjE(DDnvQe`Mdu7zN&?2Ajd2)2B4z(C5;?y5Vj&!q|Ec`Y6GhA=r2^i4
zeo{+21BW*F8(?d$UEbU2$9=uHL8!#G*f_C<+?hu@DQ|-yusp+jo67&xZ0*hS+TJHU
zbvFTxMmc@|u6X>kC;;&KT`*SNkzH#3!_WbF6brC@=w${gp1AhhnM&*oYiT2);|EGm
z6!+Q{xj%&478s3ycurc)u8EyI6#!O0R79&o3Qu$e;6eViD=|tn@h*AMCIMF-YXSwg
zJyHN+a^|@b`)Xrec8X0p6k>fADt`GLTH1v_&&e~$i$oDqCN^gEycge~=()occT=qO
z7NlCX0~<g-Iy0=qxuf$B1jWnV=Tf$ExqGl^qz9n2X@4d%tKB#7Z;As)&hF>C{M{KB
z*K`2I@V+J?>Zjpi11j}n`1u6R9~P|@?E<BE>ItcbF}{a?u8m-g1NnT*4&fs)%<jJn
z3X)#a7K2U%P$9~)FH-s<t+v<6#h}=P)K^3ir9kc>pc3Nn#{|EYaKix3+qp9+f3^2N
zG*pHZ<aV7)LD(O;HuF-1TMVB)ZdbcGu<8W)pztWVSR{+H<?`hkoZG`ca#o#5L^i@{
z3KXNmtD{iWKx;7FzV+XC{_;T8@1QpaL@X+n;ICu-ErE$c!k)YhdJW2c<$y5#!auG5
zlz7dF@N}%yf3;@jWly~pAb$zQM9d?PYbjN(6rP;6#DcRApSfPCVL)<!lsZswTy~hN
z1n}-VYznn>>A$<EF7@jxt{PUPv>06*M4=MHTb;>x0I2$k7{((6CZhDBm85y$GP&>T
zFuvVyFu`D#8*C`2ix#*^@c7`Qbe^Q$j=8poCXb4pGSTa-u1KWYQ>`cPtS|G2ppH`O
z<P$G4HHVGno!WUZwwrqV4H0E>N;j$8dbw#GTA1q$Y(Kqe{W?F=)&wZ6&VcXcWpdW7
z8~)fQAF+)}Z0>2hSvW>x8v7k-uL+nIur3vvTosH!azgrXM1V~<qlENGQbYV>IU80;
z2|jT7fSUGOVF>k?k-;4jsl3%FAE6e4R21&{j1L6X`Y6~`pr~S87YVp#)ae<3ioFYz
z(d<WEF%=LXJE}^8J7ny=c=H61UK_Pze!u#MXPP_>cv`8q)It_%K>i-(*{b+Ae`m+A
zLL&L5Aq4PiBS2htJPA{K^;vt=aNz1zBZ~EL+x3dE2}OYa8DEkjPl&<r%GiBKMx}D-
zBgnSzEnRN{s<H)sLG^WSp7_;9uBYe4po{&E*v3hs#vqa_<E+=F^$ZZ0_kgk8Jq9d8
z0oNr^Ozpnbquy|Te>Y@^rA2g<5=6U{=*7|Wfm$Yqx6`n*K~XRy=*;F0$QQWf>om{+
z@{O+EMfg{*27@G$S_1m`5AIbL*xs;(YIQ7HP+xp(Ky<SPGnu_=i9L{`_T%-oW!Xvd
zn%ihT%;EHiQQ74MSaZhAEpo?&bYNLO$nppXOxb2}T__09V|M$Fw}L9`rmEl~X2bTh
zhU#t3ro)&NKm@q}QZ%&vik)@#8$vBf+SeJOhcfSqDiWXb+ca?hPE~J`Vhe``Hh!>B
zKnl<|^ST(;KP*mEdG|@cb+VIw<?AZxq_#?6V@6RhnS23?zE=m-Rq*TXO7=Xc*=N)*
zz9kR(0vvm_@J4p*3?Mn`+MH(qN+Hd8f9g}7nU<w+))~eW$LAz@>k&_|v+NH*8H1^6
zpDu#!xqG})M#~XF$k4FBgImDA;{TNU)+oC?vGYfgZL2SloEV^@jp7og-SQ+G{E17$
zx{{`N{XXFGM;~`5g#s}&Z}@u0B>;Ei!!J-hpm!?#!-cjxBbapBGbrR08Ib$t?I~2&
zqkFsjU)_iAaN^D`;Ep|nvdcp96xEZ~D8@d%((>B=*AUH{VR;DwmxgOQAg{MQ0nH%p
z)Bq?p61GreJpc&17r<5g>n{7fnwR~rwoIn8xH|zcidSF!8jwqKM?6Y{>TF-lIX(?)
zY_&~y^-q}H|JWSeX{%Fz*aToKxZQj(Z~$B<R5ueskpY>W6m8FMT1yGb`GyKpiC={L
z=?TDpOn}ZAGImKK`747&-r?MVn9ZqDP{bkQn}!@^d{vl<MU~wxJh4+#LU<{+5aX`4
zu93EZQ}tMkpnav9-=-#?xM=<_na=uC6m&p1P|6KC>BaN5M@61aDBiK_<>8kp&}(Av
z6MA{ByqHcc4bK^B*HjbLK4@u!U*6Bb?~JJ6yLRy1DXQ!zBZ9juXdU35!<$drIma(K
zM*xPQVgBCa&`<f5v%4IC^eM%k|I_9mM63R5&!m#wL74<T<}#=?qBpp7aU`_dSq&si
z1H0b-N_ho2t_E!*MI0q06h9_LmuyoD_A@)`h<Q1V9Q?-PznuE-^i2VZuE~fXpG#SJ
z(Xd(yf3Z~s06V!xHII&rD`}Ac<RNyP0c>5K5#L2Yk$I3QY^JwdB6|2*$~9D$%?eBV
zwL2cY7l~;TMHTqZ1*1NmR$s;n3fbADy5Q^q^f`IHOwf#(ifsA950^0Ik}Qi@6m|gD
zw@HJXUq3W2xmJ61T$!OV+-2-K1s<Bi+%kWc6qA3Ad44Pc@yxl8RG;$bIvzOXS`L+m
zoV|0ZPHt(8^q?C6#gUMcFi|~5&+u?$`~bOJDk`+@2aF?BVxH@?MN(U8XX*gBYz5y-
zuC1EPjQQ)7@ILeDRoWbvw8`z+K@J>r^!KalE&;jzONmIx5T@pUY7x6n0`0>;0V#@i
z5c9``)Es`~D11&>!-fPLh%{*^$OMw3uH&o`D_sh&a6Tody^4FC_Z#&0+(hT~PY|0o
zk6@3vOiuI0>&j+pQE;iuSIJ1yd@bExR0f#5Z(h=SL)1lw>CEe?2=N|x&Oz7O`URur
zFMn1PRtxv*wxWphNoNHxz4fR!8es!I9HBRH3E!dm5(Ijc_O*5QWb73-yNNIAjQ7s~
z$uuLIc{yxy>WdS0R$9y>lw1NaaCiaOisw&RiTT{uI1?J*D?}`N#Ci%A!{Be1))1Vo
zZ*)io_?~&v%!zR5Ta&<}ts)cU<{A{6e}Ff?8Xq^dyffc_vZiMIo8}Ges{+4X?oRrX
zBM~a;EnRb^Ec89lX`p!!(FtF9K!%rn$;-yttV*g4xjV?aejq%Dg*Qx3#{{Y@J0r2Z
zKmR5;U{;2h-IrGmHSHGlvhfH9XGRNAaZ1s!+$2f<s1a|i^f&%f-a8;IRl?Nlqp$dV
zIHHC%AjfL3Y#hnM=PSPm6iKNYMeK6$XYuP(Ybm)xp0t#<-=j*-8D&9n7P?r8&mlQV
z;(OAhN92zgtTKSzt8PIal?L|h`JXhjS?Cylx=qFt5%`o8g_JHr?CuLaTvICJ@95T@
z%kw8Hm;zW0#K0nwFUBT(M3HpNdk!&t&ARd}^V;U8=7ft@yhwzo#K`9&5$UnF_5qXT
zXB*ddt?pUd<nhzNJQbtdQ3n4uBR(F>_K)TvZen?M)$hNwIWF`_`8uFcjId4k3l%wC
zva9Y3&}uctJ?hqy`}_&o(1H@cB*!E=yXQb!8pAA|U?%b*3~Pw7*?u7>P>(_j`76bR
z3K4($B{1%pVe>7SazXOEwMGHVA|u~e@~;3y|C2_12>q+5-pcTN)pEhy^1>hy9QOAX
z??pY8pF>5a4!qBsq$L{mymCsF^7ix6t)SkUojyulAP|A)^wfXAw%zBu+c+{9#$|6D
zLx?#d`RvQ&gZI;Y5t^S1-l%q-CC@oq$$x_dORrC)RL64(S#`&KNbERcG&S%iEKwO8
zLtqh`n`tSrOq|ZAcOEC9ISzEY^S(`+3gMb!{z{-`!%5t^?LoDOkyz0Tu&cfrg6of)
zzDL8Y`L{?Skwtgi0aVDDo?aDsi$i}gMu|gV$@W7&&_YJVZiA8T!Aw3%-u&_-DJOhN
zyztKV)ETOTB_O^;(9eU2M|38lC$SdolOD!+$zQk-6||vaxBXSO$&Va0!hT2;6lU@D
zQIsGZw8%B5!`=U&cO_kwe%;Q{)~anum&fc7)n;&J1r1TWQ+-(#qFMN2L`8sMpR@6I
ztIiO)7|^P*sY~m^4tO~l3qRrgBa%=yv#Jr-=CJt4spIX+0o82>0E6RUR_{|^pLR~n
zyg&jFmT?4e0;-!UP&U}qwSLL292(kFYt(N6h{l8>rHwl~<o0y*gC{4x_@Ndr`M&$H
zxvMnV3MFZY7tQe#%Ki6WnsqseWrZhSDQpqx2ZUqsyUOr-bS$O%pKmN`uqgw&TFab0
z*VyBaCtvPXEqxJ6?kJUfaXuiTXcb({a6j?-bospiOVouZo$1be*7i@(Sot@krTCX{
zO7uNYMFLB<q&Y23@znVjKkk}M<`{WSGB|Qrif0=<guc<Jlzg`J&?Z#_)vaMaRi-e~
z&(2AC07y;w`ON2OZ&gDy*ctGr3(KoJ1|cqdN{8`I`mMH1%dd)E?5!N01{KkuPc5}w
z2mFLsj1D`LqT!@tQM`~)NpIR<K8p+)0!^O~;x3Jm&B|^yy111#$L&#ykRjEsNbh=Q
zlOlpnsUw;}5{&YbyrV8zIh@b6r)fVQu&LH9WTX?U>yVBuj7~9L^;ACmQk}#W<=L$D
z?u`PGtjghNX1+#Qb%-NAJDz%v@PI~3GOK0$e7^Fom)f_f+>6wof4LLDEH(a@DAG__
zv1KFE&_Gb*6BXsk%L)L5YCvf^#Pd6$NhI0307?eF<*M!1Vbs2L!1-g^=N3j+lL*b?
z5RDWhwM%pMD+W6LDM!T~)5*7*)=~*vQ(b~4nro5MR*6Q|lW@xAD|84>7T~5>?|`OA
zr4WN2VLwND7>l0}4J<e8g%LBxIFv=(js-U`hM>%UVw)8AvvqTOtwU53?O-v0n%2kp
z`Cls;<jzX5M~(A6|4GQ`l$C9b`)PV%;MP#Gjs<ipX`I&Sm}zfJb~P01QWG29A?w)_
zCe6R892(}6zp+>)w~_Tt<X&#EO(}1UaX$Z9m5BQ&-Zo@YA?2o>Y&8FJ)fzNpsCM4J
zLDh2XS}scLe4Qppu`!n9%W9$=Y5c}7yMl5jpR}H$b9+%`Rw;4?<|;zjNEHZh0V*kp
zwZ)s|ph1lZT6hPiY2UFNtdm$*e-X{1p_kgI_78I<z|sWShWwJf({rZ;pZ#`{&@V?2
zH?6Jw0x^KCKef%i0Z>6~cs!jc^^^Dl-uO2XVc1m&;yyy@zE|g^(d#?q27o;+%J=i<
zZODtcsevUxTZQm+FYzJ7s=sI4{k*&(1kidXoqaPBRh<0uO1^}O?g8cAzI6OD&m9G8
zOVC*N$8bt;{7q^cfz^Dr|9&BP+<EbX)IEicNW$x3$&tEZm`Lk72zV0O29nRkoTjQ)
zpvGpr$6`+OgvqnznWQdA%hvpkZyWff)quOaJ6R{de%t;PJNi)F&!lh9{(1Uy?AL%P
zFi}w|9G=l`#|TrTsPVS<g)VkTww6K>fTd=Mg!XHlmn+vT<LKpK+yWpcDaJU~NT+pB
zzP`QPcCv*FwmU1#KGV*r5`+&{WYvHd5h6%dH&J@2-)h;Y@O)fWb?WJ8cR1EiO;j90
z4ez7nhg-D?{hq}GEaD^H&c`9I_xJt}cfG`IRR0`8{UrUKbBZlX`mjC~;m;)+*FjHf
z-BbVxG}3+;|E3&j5%rXjnX{DZ9Pl5QTGKiTLDQ<b(DVyYhw-B1@$TAl&<OWHp-~S_
z)i<rfAuO4Tg$b>vbNpEC$pI6hqG}DayDC#z;bf&n9rS7HKouXWU`^Wd15mLV?{&NI
zejCxq<S3|um#jPmH9--+kfHw&#9+Wb;8<lG(t+N`cUy-vo)3iqBF>VjUZ+8SC3W%K
z-Db1Ii6z^f6w)Aky8L}_L`~di<nW;{-jbwyBXUR*i}HT%UHzw1lB50#bC$6x+n&F)
zkSnxIqD-bc;|DO%I`)rAeEZi9*qzsT-m4XlBme~WnPjJKyM0dp;??_f1TD&t7{!T<
z#Ccumxoo&s9c@2gp1ZG5napNuazm*SAjnM13OHd*8LwU<lwCQR4xcNHBl7F@nuY9}
ze4(L=y<@#hV{mKfjjsuB!=<*3zD#N>GRdJ86WCiA<^Y({&dKL1rlQ;JG7+nW$t)`@
zwvSogf$w*&Z7q*=ZJzqkt?uWjk7o6ldpvz(LYXvD#+bVz$;6z-+4XA7ns~`*W5l>J
z{D+p$qxSL`%%U4Q6$mXdj2n!mS8AP}m>N9O!_$17bNK6TxXwYE4QGE>VsgwUSc#r6
zr5a>&>EM^ZRX{dNcvmrA)qEX9vT1iR9ntRNW|2{Bq*ZuHx2P7rBGUIT*;q1SCXb&d
zFIb6TG<Aw?9^m_%!J=Wb{{cxR6V@JU@b0ibRCCg$B0Fiv$bzzOCiO2zzFy)k=y;dx
z!-39ztUBiXgesUNGE(Y@4f(xA8y7&P91rvO3rlk&I+v|hFF<oW<0?zBBbV?}BM2*^
z(2tc}S1HPl#tq<+eQ=0Fu~4oZx4!TMtNWAw#7^gJbXIa+9f4iXxX8W`jra^}CR)*w
zfNjC@N$V75g$eKO&G%enAAaLuB4xe_b++ujK*8_9ub~m1bnlY=4ow~nO<P<RI<Zk$
z#}nd7jA+jC*^a#KonjWVXKBjCZkKFuhNK?ms+`|6yrJsr+`0T-yxIC$3BP@Kuz%k?
zfLuDVH6V9$M_LjDSjGDj59aX8__tM@SN?5fs8CiWvYow>M@;eeFy3N~80cK(1iu#`
z6x}=AGp+T^zOf^(Bbpe%3L*8}Sv!MB0CA6Bl{ud&yoi<X2JM9Ot4Y{4&>A7dBG?<<
z9s{}Zckm14wVbrM5eti)p_dv&jLO&^VQ>cRbMMIOI<_<i$C9+g<xGY`^NS_B<DIC3
z_|lGF+yRx67&XWNGk6Vm!SKhA#mAL2c&6nwr=D7dI8({0)VRfpc{$i@>ChyIzfeKb
z4%E<}BJa+cwMAY{Z*GVf5eDWab}#?5<6<&A>mDu%{^QhdVBv0EE=~92W>F@}T<?$?
z%@b}`j_o;bT%IfR<JHVO>0w(=06!{FJNOK@+9^2W<?`jZYJWue?nnl*>VOIj#ZR<L
z8bC4RKJ0ceWw=MMRlGB>%ZWz;sbfzl3BmzCi#>t!>pwYf1-91W1svC=AJ@`sd!zly
z+8Y4@fJ8G2ru%F%uLXp7u@;pDUHp_2i<vpuniIbM@$~>B>!3B6N5@~K_d|xs{1X`M
zADZ9Ej2qL2R{FfQC`?TpG=4Lk9He@yDXz&#t~Jr8Weo2nfSQi!9-t>BGks0rwvc`7
z3$U#hAenY7Ytnx<HiR3x8^)CWg2iCf?-x%7j>Tb-yMK7IFX-Q&HFWEHu;jmRgIfNx
zhfqI>Ma$EKgJ)k*?8qAe7HO90%WV<kyU}t~IM>vAen(@ot+<@2*$BG26d@0L(hC47
z4R>9ciF2!_ZR%oY{XpKjZy8X_sUv9}%??`Ng8?{;MgLhMGaF!(3{IrIsMc|`z-Y#A
zCwuY&oblwYe@o#60g^(+#$a6DYRo-QLrn+eCf~O!Xn~Rhj|;B5D<uOWgG4AnpJ$Zp
z`>*r20zV#wiXDF9e;(zp1uZzOj+!pWZ*(m(sZzAv2EFij^&pIG(mo6ng~QOH^!mR?
z#I_oXwwpyvR*vZRsG(;)TXN}F2!#FpI9VPX1SU5j>rD%$z4D1*HZ?J;caPGS$grRZ
z`d3RAsZul%ul@SnH(e9rnNGmWk@$a@9mjcTZ%g7p#P_L?>y{K~`5p|A%jf>0xQcy$
zEa3V;{CeaHPzIg5-B7=9alLnaCB6pF^guQ4kNiJ`eRn+9-xojc-i3;cLW%4ZQL<%c
z&rn8IG;Ff7cXqO}h0M&1LRq1Zy?3%QvUm8M7xnq}dpv%R$L~MAy6^jX-E+^q_uO-y
z=Xu@>n9Auzs@=s=Idh>de`~rICZHkg>gJ@-!4EKL+jDa@uYQV(`AUQkcGv@?;{#+m
z_wS5&uF+nUx;#H~7r7XZgJW5?;;dv9|GT}8P}j*(habV^d*$G2MJO5a-S+1V5_d|L
zhNFQk13@c3(R{1h$0xAcTlQ({x9`=~{EQjbjU3&Fw=EnLRTTGI8}zdmVIQLyb(GIC
zqm|hmd6O{aKVY<*n?9c%x}ETP1kTeW4d2iDJ@XKsvPEn{e7{KgUs|!A*-W3Tk`L=|
z@>txi-leO3a`ldYpYYCcK(M(l{Y^pU5J}GY$ZBkC)d-l?6kNp;Nl#(reeO_pV~l-z
zyk8IqvT`-RtWe8J^`<6zLi;7HKI##BvH9{0kO9y(0f2l$L15+cWceHeA<w?Axtad^
zpXqV&V;bD|E<v7hxy#<rSZm}X{IIu4d-6AGcWn;$#|{&oI};w1j=4J71B{hEJxg&e
zp?lEUiU+RbBLJ4fA3KeD0N@E6dGu}r_owgI!2iFMu;iRE70PJk;o3!524RGTvf2;5
z6?cb>T&j4a-ma73hY&c^bs{(zg?WmG?|(gh&R2Q2$THCc_Y(&+o7*jP2oncFg|Sm{
zm=&Jl7q}X^P)ib~fB{EGb(A{GDlHcEEeJHHs0Yi5Qi%>+tIQ=_w&a|s+Z&J>M)&y$
z$lZUlWano_lAY`0JNE4&SU!)3%*qn@0f{j`p*AHtYC3)W>a{_4DvK9oxdJ;ZQVS~;
zYo}J4f2r+ceq-(Is#N4(ylG#JiG^ly<sQ54P|Tz~nl(~K9|ZmdH~CS{oNe%t8rUN_
zwz7^Ei8h_m`r&6s+ADtAW7{E^MSNjfHr9iBiqzFoZGc{%XXSXF^KlHa26izYrUrAJ
zc5MEkk}?MYs0r7VKwWR#`@NbbtPJ{HTn2^TPEDQ6xpLWc+3O0Af9$H#2EVl5H|65%
zL1x$~!6&Pheb~HzPton^9&YG<*M6~_>u?%)I--#b?%EHKu!WA)jSapvgYChBy6tlK
zD6;+*gdoe%<-e*9NC;5q2K?oGBY8J)g+j==-OVrmTLCFbB02M5{$$kh$6r2Yt}?I9
zp6tMH3nY$dlbo7{3-?F?^XM82yONfJezAV#`iUxji*ILMQ!N6dGG_9725Cm>Bb_QZ
zt2x;&Jra~1Gi5O6Gs~HOWZG#o<R7PC(l`2pUH{?MCGz_B8Zo2q*e9oa-brYz|Nf*q
zRJ16No8+Wld~Ffn;zYzc%Q;TOx(*)2)3?gS?k`=xB$Vy={pQyna8A5+>RqTkd_ve+
zvK#b#ZCU3vRj{saYPx-AE#jf;ACJZ<7%KU=HOfDHPiP0unuuW%ESKr$fm^$Bzpg++
z`1eE-ZIe-e*yIx}1(PQ}bh+!8-?iLwCe_yHy}K|6s+TRU{yQ+fC@CPjX+-|h()sG#
zxy|}Z4ky_$P#5Th4|6SlsBFAuP*Oeob~Pvw;wvIbFUTPoM1fop=i=Dm!Ip`urp0rb
z>xRF#S2&lZ?vb=zqYaTVTp?>lcZiAldIzM2@MUj8M61LOoG@D5v1ry2Fl`%OI@vv)
z43qSITv+{}&HVj$-&kGQ8xd56^@_Q<<Zi!LIIF&f-j)t2a?8mrJ#D2XRKKNCY|>Qc
z*_j9UPMi}x%8t`G_q1)*UMfsv`*RfKE5Aq>-OHc;`2A%uVI=@K-(N@R@ms0s<PWHm
zuUZzrcMO5cYZa5yHz#zjoVUu*PjUgsAfNxt6WJq08mXSSCF{n_hUdsDJ%0CD$v5y@
zU)c5Z4<F@tD)-6i;!o@O8KYyS2ZwX(=FgS}ZHmfGKITLz{{FNjOX>pD65*?mEYZL>
zWTT(N8)sT1z1kwk-);Ak-Enm??bqfBkCKeJSiDg(E+!$?D6KIuQhAjh<rgvM6~9d&
z@j*t0<A@;dknK3&XCB~IqDV13P6KY>?)#Oj-F6~4%VMQEn#kltGfZFj-MySwx!NS|
z%}%z+7@7+ySoIw+4X$<Dgf0=iiam;*>N>8t^^=JSQZ3!qj-mA;69I2zuh3;m#TQf7
z^fajrZ{P2GoM3zRIkQEHjZS$h(dWAm*5aeuO_L6PS@}C;!k}o`M7r0%;OEnQzHsSS
zh&U?~m_}IWgapKK!=2`Ev#g5l!Q<G_Ji6kYtRZP-`ZQScgpDk@;^pe%CVt@qSvR_t
zLZ_B8su@ae@)vF!0YnbTFOH?N*nO*8o2h&5=J(hGg4?GWgo<W0M?c-Q5E{`foAcC7
z;&yZeVhEqdu8W<6V1sc?uiZYUD7Z6;ubX0X>^(^EbN`s+I6;U7Vj}^uS$qo9`7js6
z=|b7Q7}$eFgs?U}5rz-~#@R9|b~HL*t_qoYyhq<G)L&u~K~zqWNE57&JJe|D-%fza
z_mZ3jz73)!WyjWmhzE}4G1WBZ_^S+TmtDi(8*iz#nF9`P=VDIXIibq*ta`$8`_tFI
z?mGk&;v}x}t&=hPluJ`~**u)036(!7kJY<w(5!`$zuI=|4H1p3L1KZGpewoj?VK}3
zL!H~?U%d811y-fZLT_zK{fZOrRv1p{|FT_qd7gQ2q82S#D23%nLPk?%@XTR}wqPe=
zCVWrxphi@a^y6ab&`XEahM<#`cD(g=bGJ54HhO7?=k}u>7cO+~_d9hh$Xv-)C}h9H
z_8tFB#n0m0JOll8z!_)m*a~wTf?s&7=V8w;)o1&!lAmQNK0H~qa;H`&e$vQv<F1=L
z)`p~0Ug_7<0jaLGAP)ws{pm*rDbztBBDKMn(F^;{1d)soFaL@h&5a?#GIvE<E}r#(
zlc+{rJ_{1rVMBF1N6B7^h#D^b@58vC{C?b}m1`;=9ldQ><IRUdY1AP}o%)93^}~tJ
z{@)YR+hy_n#RNtw$@II^6PrtImMa_?xOU`qY7K~FO5yfjK3k+n@tClb7Vqk3l-ek#
z#QrJX*K#Yt12KA0o5q37QchR_g}G&n*YgtI7gb4dEm}sfI*PLJG_24i4ph)BRoguG
zarWOhUC6#WG<Lux%_bsbPEv0ctztR@-tTOdmzGHO{KFkw-<NyA3U48U@EPRO(mNVD
zDj*y)`bMXF==MpR^cre2Bg1Xw^1lt_v6mkn>|r_W<E_Q?bf06mn>Q$l%GDkUW&G*A
zDPS@XwC#5)kilZrrh-|~NijwyiN3{_1GTBc8Cb^wCsF({o@>gq&qJ$cF_3flv>pbU
zS<d}H>w81SoR}h<L?)0HKDGdmHmqKMTzX0)W7E4YzGVMyX;u~W&*PNmC8yoh7)Uss
zs@c`O+P*#nBNTVcW$L$ae!~x0m9>x^IUyG>n9puJuWQ`(hUfExLAb#s3Ix<&t%ALF
zOo5j9t4aG(lXh8*LeBf!?~MFXd*1Y1e{{Yv_~Jvy#Rl6F&T9aE#4ula-Ww)=X4h)4
za_PlD))m4|s#Zmvs$9<j;xnl$u`$M5HU;)Aoehm(T=Mu+Scm7zL~oGf?`M71sLd2G
zr@PbOwmPiV50U#523ma7!$Aj*%QaZxTrbKpcPmVLL$QKA6PZF-%?KKSuj^5fpyhr0
z650Q)?0f&LY#>hfF!=6fug%_r$aHE_l*eg8*boakvR1#~BO4-nIpqCy7c<@Y&7i1=
zLqPcAt+V3~rq813iPG<-4mB<f$q#a+b*wMH)e|+&sC~lnJI$=n<lR?+Hd@!8F(YN=
zPcD`AiUs?;vxE4PdQ`r+A&%VUW7{5UdA~AC*wPsQ`#Z8JAXrLN_5?I6Xuf@67%h1{
zz$-m_UMC9QXk{|;Ef4)*9DBCYW`><&{>mT@!#kCITJlLp(<xi#AVI*;NmG<w7P}uJ
zF2gFR@3zAC3H*MJ8q>HSDzj4$ZM&2OE)*YR<aMEPB1zZ`C^6N!GzEzn1RIh#vkg*{
zOV3|<ch6DAAsGCGa$akd=vdhJ)+m8L1zcwU71|~EqBkd;MMn!8pIR-mJ|UV}3^Xbx
zJw1g+>R6-F$GJ`u&YGSs^N%OI*+P#)O_+6Q|7(|O%|sky%r(WXrV9+9F`l_*pJ+Qi
zH@(0f`a&@hdXiW^vM)BWP~B+f3B$8ow(NG$e!z|}Y^u9zG&+#qT{O+(A>7pTv6~?N
zCQ&*))t{}i38Gnf?zLE+H-%l~Dc~x<fDB(OLY=gy!hG?Cj_7M5g-4I0@cYl`uS4WO
z@<IM!rCNK0OOCE`?JQX8H`3iSochbl>=H`3iOtox_c07M)1&*9G;tC)@7LPqByUK_
zlinNpj0prAHI6!{&4a06MFCh@M@Y#Hnis3xXJk*wB@dC9R8Ol2pqb@C5<jOiR>c%R
z5^<8G7x;47n8_wJjB7q;fU~c`ob%RT_g=r)4F$a&@Y}5#%3~1;fxqe2O$0P*vwpvi
z(3x(Sl%!`s;QkQ!!-1_xJU;w+nk{RW+r*<qV^75e@SIt<1s7_lOqWp1gDE#Ju&7zj
z8Y@58{^)X-6`6M2IHQEs`}I!Q6J-(;D-fiLvh2BOa}rn_hzS)G!3#pGQ2APsA-<(G
z#ans60#K$YRj|pF_ppB^3%&p-Q<h<&7ttR+_RV4av_y=h8A7HD6W^kXdJnp9H7iay
zRXVCHbdX1<ejAB+1cYj#7VjFKkmFukB`nxtvv8h(@a`0HcgVfs5s{&zenSs6@=5&!
zSJDKPk`de<WVnSQuRJ}vJz&H+2AxjeatOm+%`Vm>!~U9cgPc}fD*lCidhV?!T^5`@
zoa7IzXd$bBl-SSVSs}pXT}FAxpMIgTTDQ!*Iej}@UYEA0zr?$e=S%pv&x~gDsqG=`
zmz?U~WUOiOu8MOyaqg>A5l@>ApaR*#z6#ivWU2651sZl;lgv>BK7^15=l$M~x<NM7
z56SPt>4R4ja2n`?2J?PB6Z+<)BxlBvXUCf*{O+BUzUoBf$E(vP`O_y3d>6{>#aAF}
zI^e^=Gaz*ey58kVSy<wCL1bUa2qO7q*H>&6+e}l7w%<|b?Dv#5P%i45m?hFxhcLY&
z!`~J{Z3>=%s4c1BpS85yb0zQ$HL{joXc(Ts#GV9X(BHJdlwAuQ{q=USbGQ@U0=+C!
z$=54dekiw1hA|X&Cf)+%5|wl%{UerL>1B>EHKPam-2zp#*|8b%i=-AiutA8Hf{*UA
z!qt0Qkqx~R5$vh>iXVE{7kC&y;qV~ovko`G&77u?>wSU9L%zj-Eu^gx$evas%HHyP
zq1U=2EE$<aS@^g!O<H<~&<_y60s#*|bOSFLUX5qkg^00eHhb}ox=VNE<&G5NyznVz
z&)!>QF13FGc1A&_nbjTYBhdwIobVpFnm@mOsd(_C;4jGler$bJxuCMjXS&aR(v6%J
zk-e*qAX^`mnE+(S=Bcj93(e;r#pLnt>bB3kSS1MGmc+e201F|!va^<{HZyFh9}m;%
z@sPCGeOQQ>ks}Tk;?r)Ns|XDdNe)`A8jY<Q1$Xx%dBu83Kt1ns=L3<#t=>z%rwKFV
zK8L%k@{It^-hA&|(5=$WiI7g_VENZ&d=0g;-Z(^rVPZND3waDz4D?kWWKLzIMq#u|
z$V`i*--M9&<5h{zs61~K$5`f1@?Cw(6k)_I@8q`-^i_qneULqM(v62QBk$II((AQu
znU1IoJl;|bvD@NuvJoO)8T8kpjkDuT=QV^in#q?TR(b8s;9ZsUp56v&vnv*MhN20M
zL7J|ynig;6hb^MR2Q<=vwyDI~v!~58sy(B;eyQy9gO70m9E|#^3%OUC@CKfwq~*y^
z7TdjOH2<wZ-DcBMH<xt<e}Ym`)hYeyXPtf8>10mVt{T%P8+8(V<b6H#dP|xmOiE7J
zXA#SPsh{AB<<sgp3ZmJ~`nf`0L!b#Q76B9X6ibR|vLRwu5fVj|p*tUmbbbHk>rkG9
z#x?t5*tWn}IPq9$Ph;6QXf4t{$y+k;v7~$tcLxWt#1vg@<RL@_RLOwt>Wicaaf1lI
zc_VdTB$Z+<066JGE>+&7%hrhBW+b?+<6!l?Pf>OFt>s)+2K~-QK#plBzjRu)<iM1s
zNFav1^;n1cdakU|pSEN}{#xhB2D<Sia~{7#Zm98=Edln(-a~M@US@F<0<nE`0}x#m
z)A^Y-vdVR{utUH<vVdGcvsZZP5i0>zn}LZ?uFD{^`f&f58wzU(m_&bgqF&N}b57DY
z(7KhEA%cuegdlJh$<B&5>#|;RHQ%@x);bBfRXIe=4|7I0-afn*ao4uA&HcU3?#gE_
z;lSn>vnDPKA^A?mM2=DE$3Znm?Ebw-hHF;fd3#C#p10QYxotUY{7f2lfW!Kj=!EjI
z+!xkkM0^1$G3<n>7<AL9n=SwaXSh#2)fu(~3dc+>#A}JT3tP%()9Vkx-8uo8+;rS+
z0&DMW`?ULZa04LyI)OxSzVn&K*IU4u)q3WQIg*fz`0Ga2)_t}Vkd$-P0_mBg-;)dp
zx*XjX8*QAcuBEJz3GfPC7-B7M7p3|Hv9A!`PUQp=d$0X7Y?TFChGDlG1eSVmgG+vE
zX8!7sykd*M#YPb1Y~^ftjLXs1iPzW?Q0%w{xBoNFzl%+|VH2tVc2xl4*7z<CD{L-4
zHD*|nuv*+#6*Aro*-Pk4Akj?NYO#5C?w-cO$n+Jm$iC1$MS&G>1eII6hu{StZ)Wx5
zExlf>+{%lCJb)2!uw4vUS=$~ylinIQ-pa;GFzB51ChDmUrQPoRuczm_cH>tmQmK~S
z@(g<k$GUIG9vsHe*Kwko6pu+L4!9_u`ygk|^;l8B!@{MkIS?`?>6Cm9hU7@eN2BVV
zVox&Y?N>&!#|lY4Xg~u!%BA=jI=y{D{hMspCq#}<ckI+Dqvksrov<@!H|d>4GfTkP
zUU({_oaT1&X<$FINz>6_?!v^JpFtw-%g@%k)<z()Ye+<a_Bv{nO9-NGb#HXv_3umx
z0bdW#WormJ`?JTMAqk^YVm@{w-{E}h81!?qo>@`80FCN_JiT0<IF%nARPd>R?0kGn
zS2=$Mxo=p@y40K`;i<wa(0;n$?jB{|zIxh9kJ$yRv%BcGy3|3X)b-Zb5uwLvD$Zt_
zrvuAf3T2dWg4~5~Lvq{I!DUq^T5Q$VhYE=Tyl+WnxgD)^cRQmcQbsb-=s~JwA#ec?
zc3hQCv9&6B#P-@6<;uZqUx&-x{cxQ7@zurHx3<1dl~1G8whvfOK7md#kM9*HZ#FR+
z4#2(Q^x4c4Xx~VTeS38+yb7xEm){H@bfB*t$Nmtq9rqRMLg%mKkZ^V6jwT-96N|Sm
zW9!AgN8Uxnz7EcIu`zGe<XZUSg1K`xP|Se`@&pZd-K*PG*wN*GX#C1?Bsjd_2H24%
znoG%k8CutMD5&Fr_icTQg?Sj#%#UzuvhGV`4|ZPiqXTG<eV9eIzC26tJE}asbTPeI
z5Q*O>oGf7<L^i|Qs(^e2;KnHl_?gG+3_ak5JyN7WTcV&xr$CWXrF}F-^mvd}o0?ES
zh|+);YpA~e!>Y^}g)vrDze;D1eO~%l0S)KRT8+Z*#O~Y5`Bk@rKLyW)=+1wR6~3dd
zJR1Z*J0Yf6gFhR4JaO~%q~FfM#7TsoF7d3k#D||r^6S%~i{QoYGA;j-3$q}A?kU+{
z_>6y8_`dXBoT#jDDfE3m_X^MBH3J}vcj?o>kEXX@R*Rj<hxSbr&b>>v%cq2its3m^
za@gsX)4SSjfBx9%E%}|5F&Pg&_v9<_D7bJdfH32epP%v|gzPvi(Jppioc<z>p-;!a
zm?Dxaj$YV{KF~^$s5y^4c`V*<IOWD2@ZH%BfxDu~av+?C#<->)!cOql;tDkvx=9>X
zPI_-OF?KNmvZP>pAO_8j=+qt>e<K_~mRL%*-f1*5{I?cT`ho_2!7mytt@i(VaxCNz
z_vm$fVAQLTqAXwsV58RBgsS2=O`@E@<A)GsD2WqH0%ZTZ@HiyfS;O9#43uI!!$>l*
zFpeSeKhmI<VK$KFS5F9B%PhK2{UAf?8A3_Tnr-VVpnJ+rY}Eagt`Vx4t*SCk(4`zM
z>3hR6S94X3h*c?2b>iayYqHnft|dWG-!ovtaLJ_`0PJ`iD6XeD-K&?OUx7+9zo{Pj
zV*=HZvDdyOkM;WSanDgIJwqW7`w_b6`xC9aGndPNu`^;+=PXco9Y~LZjc+@)H@Y<p
zQR-jUK5aiJfE6Jo0nFDgI7z2PDXFWsc|B{G(7w-)d5*=p$M<hWdT0w7sSu-|$?Ac}
z!yIl8w%}6!7zaj)1qTB+h>0D=zfj->OgUY{u)!}P>=3n0R0i-rq`(*bCr<#V()W|)
zF5=JL^3Vwa=4hv}YcydrCo008NH8laqYykl0@58uXxbAY(KO&r@*rZ+%CZ!CLp0C#
zDB&VICy&qhLiGb|)p#J-4XDCUb;|^?P|Qu&ZJ#EZtp}>@;#xMPci9{TCK7&+@fn3M
zwHSUv^xPgHU*ExP5QSe>L(b!O#39#9lDq9Byx|uIeSJ3<dh3Vr<MAkvbdwx&Tl?jV
z>^)*VQSs?@Iwkgb(dzUQW(75;kWdX%+SwaGDfdiL5B4(~$hu_hnsxGvh^K6~hXL<}
z#G|O%Rp2kDfbbSdC7$E%&RArBXL0u!u`DIKD^`sSE><#gplY>#_vqVGhu}*WLcn#3
zxmV%@G&t5Ak6Uek>(_!8w;oaolbJwx@+-^us5cDN+aK2Dy*==yu-BggQF^T26fJ#q
z^|kaGUbJtx`~F<6kqE+3Zh04#Lj{>iNN_cd%k0u<%7rH;**t^5*BolMcc;P_ACxoL
zE<LJFF*zFHr2X!8<#ZP2i3-tzmrUqgh4E(HgQ5!fgao^Jeux+C=?I<#`1v=S-^+eN
zHjrRzW%9Prw*ug&v69nF;B_~K;mVE(kYafZ!#idqZi{1|^%l-Y==e_<HLQ{}Rp<RS
z^Y+32BBlrF*k6D30-Wd-|G4{!RazQgMsCMK`CV~+&%a!KLQHxP*B)YnKgF`nW5R;E
z4GT)y@GA*wpAH6JRmp^lTEu630D~V?IHSsV?L@_CPA)Za$N!Py&-wH4t$vd~>E|sh
zkO>KqYs2<cdm~hZmpS0%mVnRWrml0rK6?dW@9%r0F0hLZxCBJ_AqN#*%D5N%ZM}oV
z@fle?R1|pYL8ldJ1k-z>OJmsIQlm|GL$mq+uxQ^+n^q-4rOLzVc~Zt!l0yOA^_W;2
z-`7Fi4gm#k9{P2nB*<e#ctwQ=eVPjYa5Wb<hF<Q~IM;|xmuM3;K)m!=Fc%YfU4L&E
zbi7QQVB(7+u%~2ife$=qJ+IG?E&|nVovzhJNTh`j-tm3oZ&X+PJVuUJD+6Y3OfiJF
zy>VkA483r<uoKg;(|9onaZ%*>?d}SRuR$@*q;i9!To2Zg-ladmVv$C9+#rI9pYE;U
z!nRQW!Okp5;dm(EtXm`EG`bq>z<0`yX0%#0e-%xy5I-BjGl9(w_qpl^0Qovc{S$25
zMc~oCjigeQpCndKUX91V@UX+F1lprtkXmeYPGH%+0zAB)q<jVqK`*``6(L-Kpy)lq
zkUwJT4-~m)F+osb?NYC>J+2|O2v8K#RPEl?$%v}RU&?3-CGA)Hu#x4YcC<ul0v7?Q
zY1fsZm@iY3#Q>_Q_hBl^8uI(kj1C}6WUM(u7?y|-NNvlH;|-F33-Ws@`0$?paWx3F
zXYU3xub!yj(j&Nlq7fcPVz+?&e^&wcpAqncFFXRKWQXt&;f+ibdRIbN=XD@!=_@TH
ziwt;(egX9NR@q#3&StJN!uftm66SlnU*!h+lnDGqnW-|(NJzR48;{NTv22QNe-G_*
zlrK*noyNzAwTCdsJUJB=Wti_T*vmTthPb_ttqCOd&N{0H{O~eR*F1ex{o<%K2D(WY
zrsbk0CK+ON1kqK`tf|uv?~p*gj9cM23w1S?B-#s9=MRb)+7wg5vN%aef#5Aj@i7IH
zu+Xkj0g&zW(s!;b#@TW`j^~JN`Upk};^#ore)t*Ocd>(RKy%3twiWqgwNJLrO5VT{
z<dG=S$U6Ve=Zk<iNzhTI2$6w}w0qmkHOvr)r`{a|7UK#zjaZTylTv?d7UTs=w_zX1
z>7VO9t{C8(fKfYJP^Krc$x(0>n`HpWVEOYMLA3B4Gy`u{Pai#!h=-QXxh*q#4D|Y#
zcsu{%`QfdqVX!|lm-5*jmEG{rXK-idTVPdxv43{qG)lJgZ-*cf8aRB{q`0m|9wRIW
zkd_m;!$upV{kDJL-iTD8r5Y^=Eg)AR;fS9>uOE_p@SM&N8w#DM@T`6bsEy-hK%FCn
z9JepO$-Fswr1u$GhB%zC*SvMg?hknXs6()EF2Hildyu07Ts?ZE$V8vby~#sHAc58R
zshe)CMtN?!hUb412Y69fiAASsE+fwlCEeQ|>-ao^YeQT|)-s165A%OE<k5?h%|Nh2
z5)wz%7F?*RXRLME&zVs{v6CU2`b(`?l1HZSf3nak2CbvW-Av<xA<W{BuQ}Qb7Cn!p
z3?de>MXyeJ8K5tPG5@1P>%k!7qk|3}nh}hzePF#G83=_qKG3(_(--7fwW22epHMK+
zP%VRF2@{@pJSBw2@r!qebMPgaI|=FDd7TS+$%#GvPv;S_(D@zia}9qc^#;iB(Sz^w
zC-~vC{iod|oNl~AS0DV*k|t3M{bCkY<s1B@{gH1)*da>xM|XsiyFn|X%N^MPCxbkD
z0jA_lqBGnV`&a(2GGvrOpkzB51VqQpl!&2@*+V1$mjgA`d4{;2y#IBGfqFv^8qxjD
z%j)=<ha5DGQGfrnI>i2eN(&#mgKWxe0k8fvE5a8hWtEkUXu&&WM`wcH0;&Cfb%&7?
zUjD|MA_%S!5FcrqInC`Fl1&pd?XFtS=xnK4*pmgk%6}D2I0J@c|3^y$VBN#z#_yKB
zcZa@3jpxFQS1M%z;>r6fF7}tuJk;>r9VXB=G@@;&V0FC<_!4Kl`CByBYOc5B`Yrx5
zynSSNW1pE2gI`z><t#Y!L$ya8J5|kWhj?S!EA`I?@>jtBnSwCGgorwb2P=!J;7iE%
zGd^VZKNoVN7{&GXQ(y#V&mf!1aXPDNFh)|Fn#s!MTp;@(MSjy~=>3Mg{OzNab}Y(g
z$R78<Z8EtH)c$BYG|=N_Vf9J)=er*wyW81Zcicbn-h@(frHwf^3NQAnrDtU^{v*J1
z$Z3KpUi4=S>oFL$Pm(;&$y%LV@O|^9;ExU<@=iXBsL$&Q1%Dvr?G&)RZaS#ZbDgMY
zy2*I~ArJmDFSE#Lb<16f_|N+ViG)cPIhOUALOezaiqG5qv!g|LfSUg!m_ewycO-yE
zdiRh(#y_LFg^UUd|0`0J2QI$b&et&Jupj!f^N9uzG-of@bjZd|p8RLB=a9*Mc1A@A
zCR-f`Ci^XG-<1kDL+Tu7WxjhE%*LMe`bWN}q+lP!_^xsjhT%aE-J7HQB=PhkqA9~M
zu3QGKKF&J+GbB0KSvU$U5&2YCBb_hPGnQatr@k>ythv~T)p&H;{gnsYKVaVya5nR;
zhfn7O#RD_)S8>#zYzSw|Acqqw09g6EW;_yM{~T6{M+g*zlOMyk{JPi_)`G2XLmOAJ
zC$m!1aZBv!U#){5W#WOndyGtsPah3GRSZMl2DYvYPJO+;KfV0vntcKh%71Som4*ci
z=gG*u01xf0vtR#a3m~uMgO>L)a<jltg=r1KgW2vdYEJC+_Rv<edWn<?`Xg%~GJ?TP
z;L2?rJ<_8^c6-BjcDhWb>_#|fvHls?9AZHyl%@l}BWMddAE>Zo2CI`M(J8xI_0o_2
znQR&`wAP+;v-cdi5<J3a;Z%D0ZP4WnoJwskF8}v(40N^_tP9)0*jUi2y4$d0d^gT_
z)q-VYF(Gz`;>u;QPNi4>Or6qc#OUrgOA2PPu-;iX%Nr@bONhf(=vni#3VXR`g^l>X
za#BZne*uJhOn3&IaLA@X`m62^GaS*ys!5BJUa4)>On-J%q`BVTyOjg{?Tu(gZSas+
zHdW9j#suS|8mvafQfAwuqxM*Qi~+C!jv4AOJbpp<!{k-UioxuBbF9Pq``hEQ_?N%_
zGg@Zks!SJ`AOn_*m@tf%>PZ@A>~nTL;q8alVquRd!z=yA42VFEsG<_=%|E)O2`ka;
zTjtB_U@sO8WFfkK{2A`TelXwm*dd0;li-0#2!x!Jzi*IytIli5^)mZsZXQDIun(rJ
zp11xq?S*O7;>b2Ud&(}-)Q%bVPmeIe?NlH;a!;B++M?$UEwQkxT5f}7V?D1&_Rs4F
zU?aMw6{vUa_*pV1=v!|P^F=QY?LWi)`vo?zP_6yOrI5t|YE4QBEir4^tUJywG!66h
z|9Olkm=YJvb#pIu{|RV1o&@V?TK<Uy9FP|iP7D3;O05l6?D=O07(}*vGecVBr;v-|
zEVy-Yt)1ADov&E_-rMiamgk$JA+7(v(Mbe?Y&(n<jiGl~9$*w^um)!0)IK3lm84Vz
zqcE8u3-!+k$B?a-%=own5;3$t6xy@%8sa+Zg=r%xs}ME$h<7j@g&EW$f8kz$(JF5L
zIZX}XD_9=eFFw_)nHTC6-*4VKZD+O4t8v>M0~3YD#-|ic#(9;rFGMNqE-Z(+W!>^g
zoHtVMrVN8;LR~$<TdEMTzYXy<tAAfEzl8@u7=38?ecC?a8tI~N_WRHE%7ydB^um7{
z_A~3bjxx{i9`#<3<gRBU1PSb1{XXWQbp-I5qxYhT*oCl6p8tUNyJL9ZVb(msx>HYg
zsv<!99><^Wa<9INxwdwfx9#Xh9{Xr?>fV5#>${q3HcppA{(e2>EB75<b+OBSM-ObU
zu_gFlFkidgueMMgi*wXFbXR)%RZ>}#<MEFc7$`|c+633*aP3|X{jfZe0rF8b=$5vc
zOA|cDLJ<>YAM{YQ@~_Ez(AOjPR|W-Y)xRs%TCJhYtE=O#iSthDBPUZOm&Vi9DtPE?
z2BZG_tT*sk54A4bb{9s0usrD%SVY+Q2)4dxRq%ui-+IjOS6bV}?mIhO6QfXt)<Y0l
zCaLtOd3Izc9KJRuX*?(VN&fGvh4rZPTy^xe8DKmpocBp5IBCX}(W#hmgx{sEg<xx2
zo;sdR=qDBXRZ?gt(+sU}a;*E_2hGN@oO|rMiT7f9u7%vlz03HYfH6S87~)zWCOuF0
zJx7#r3hT*K|5)Cl^CXQ@@=pKFmLUnd(Bq|oT|`|dQ{DA$8r;L`HY^}>e{$x(m)<~4
z&;0G2mJmOP-gx@UowIf{oQwad+6(RK-|-*o=4g;P4?=l%1Zk5ih1Zy4q_84AAC0sL
zd%dM?Yj3~#hYeq(mGbeoK4+mM4IWM)Z|mjgUvv=2|4-K_mz6!%c7A7^jE!!7xbZQ6
zdWQJ<sCij*TfX^R;PK2>t76v7s*e6JKQJ!fH&;_o_@6-IgwJqm@eI0Z=l30=I!ktT
z2%ZZHGL>%*mv%V>9M2>v6(uS8>sOYcB{kRdV`QlRP8(%AYrAKM<d*>o%~J`@J3GAi
zE;>W|qGu458}CCk@9p%(4NxY4sI+Ap&reQ}{&+(2pQr>-tjo^M#x@#iXQYOfHgoph
z@81yE-<_xu8r-VdyZ*cJk{c0-quK#;r@^61j{md-hpn|9>$MP%SEc`bffUX1@2rl*
zTJMxwGQG$QhPXQ$gqTEWpG?)@<9&}u(x|62^xq7o;cx#^NzD%+3i{N!atpqs<-!Y#
zmW^AxzuYh}Fb)qTD3zfy^Ktd%#RQyU+S@UuCnB|DZ+|AxIFCMgVY&b}<u^4RN-`{!
z(hJ+m%ZrA>vf4*Jt>QMmW+@G04j+pb9(K|5Wa<$b_M$7jr_PJa-i^3@mjpjkXzX)Y
zP#kxT`Q4GX*)4AwT0d~-+@PWP<nZZ!%II(Er(t(rqHs_bQIO6cRqk6ybHX?O?=B5n
zvw`9`FoD^>;<nJC!UK=pY4FgoL`2ISHBl18Tn}E2;mZ1a8?JAYt*e8zKB)px5$ON+
zSITx46ya^U5MpU4_Q4p2++?c9v6C&%hL{n_KqWs<60G)9*DjxMmkImlrNLB6w8rNF
zIQ%P}>gaL164*GnwhK0KKJ0wjo(tej`D<vk8=`KfNDxTGIiuUTj-Eb2!C^x0V1;1@
zryquD08+)_&yN2DYPl$<K2HgL${BogVe#;VBhoC>AY+KdyW=OJq1%7`VtAwz%@T74
zun*cSbqW4|JHG5unW-$^(eNSW)X~u`ECv=7S9f8T8FB5b4Nj5Jf8XF<&4d3X@Dlhb
zu-dvL{=Xg5dhj5k2)mZ940dNQPO?RJzoQsCxxNkdi+S~vBq4myaO3_x(L^Xikj{Ou
zG7-a8_%UjhEMcI44(+WR;&~r+pXX^I1YQ0S_6PKN&T=GA53*aQ%^%YpeQ1y`#%{xt
z_kC}AU!P7z0`l)6v{<*%r+WoSfGe>4Ub_rsGJAY3*oh|JKtF1EMQ|4ak_CX}@|Ncs
zpfv?ol|F#Qvx8hn|I01nMb8RF*M;2yNJfkS2I_|_Sh&tEx@l7<NF<UVOW3kgn!$&o
zm4~J!NvP_%{3J}!E@c6{&liBww-zAofDk4BOhw!M6d#8~;4^IC$p7_d#E?YGv~WDm
z%$)wN9UaD4o<sWZHe@Vd?Xv=b`}Zj}x1ER`tc02a7UR%0_{oGAZzzTHat+SR8U!EC
zM`;>o-Dd%ih5CCatx|_%PmEvbCNnJ%aj3tl6Bbw1W9$PZqqyv~?53J^HjCB=UvEIB
zwdgh!TD&x2JMdfW@BqOleu-89pR;IF%b3O{#5S!hD!<@*xI#?qSM=pQkz^h8Z!LKj
zPC|4M`V@0eYYYd&W!LTRi<#{}(!mLw=v+s<R!AK)B+sS}A|TNv{!6f0&Z83@Cj7xY
ze9jvZMOp7dYR-4?>z_MA%p$eb8M?*h{QZpn;r>=q%6TplI?D9jut6s2=dLsSV;4su
z;^B+<9|<Q^8MJcVQ+(=LYXV#~X{*rT@8!sRXS&M(RqVR@*8AgP8#sOGpvqy=t0HlG
z)%*|Bu>}Bkk&kgJzj!~X87i=SA_Dq{$8Pe`mj+fX4mT}6oU@@zgK~XIxCo;Q1I`D;
z>FNO47=o|gD(KpbEN8|b#Lpk?KF{+lMr-Hq)c{C@<QIgx3jj@(aTb*7M*)<}ee^DU
zj4nkN2zb6ja7N)I6p;A_$puf%T_X?Ik`4tJjg@I!x}%+jhDM1;ftpz!|9KxI%~(P>
zrldKuX{DblQ{u|3P~R7gSDIH*>q#b4*MfY6v(UqbVx+7WOsr4K;stf8bUK=w0j257
ziLNT~vu1P&%boMD!FxKsgtiI!d4J6@!&+&E+GrO|SeWvy$C;lM$s;N~*lrY3sOpT3
zT28&P&-kzee7z**n9hN(=RV(Uj1Osq6#W!+krS;C-4OmAALG>zHV`c%X-fLG9%5ff
zV|EBi8aEQLH?m<?wZEB*aCbyv7ZI(J14koK>y|jS*$2F(oT)~^&BD8cRJ{6Q;==I-
z7V$z$@9Yl-`#weeVzB#2d!1wHy>o5_Bq=al*Z}ZS$;;Wy`(yxLXp!Ctmm0Wx!%WuP
zHQ@(R7<XuI0TQ8^j_NUfOTtcFG;?M|RPnmPB=8F%t4}(-2-ym|!-W}#z`HD1G2-Fc
ztTpOMsmZ0+<ORCcUDNep=E_$-2I(#uz3<;=Q$x+^!cvJ2C|uS%RMo?(A4~)0ymy`X
z?aC-3qC0qmDgpG{#56trW;g8Z=V2k(<>B9bJNeXlAnCSG2Z9ADIozr`bkX&t6&va@
z$eS%`o%xAS{7Y|W1Jmi^8qdXnP8r{hvNc+<$u4Vc&&=j80d7#@u!>eWp8SxOk8gt}
zh+eF3C?&JCj14kQat$LCWbK*-cc_T3h5r<$7bph5_D3yXo4aoUcrmlG8OTv9mi~Ey
zA~1z{-u(pLlLX6J9HP}gmm9dkPFGx{QjEG*i%jVaCz@$NT^OkJPojNg+z-~2tW=Kb
z=E@K-s*%c16PnrQg@3n>G-hlN)*Hs2y}TZ3pAeUJfTKRU14%<2g)a<UtD|V%2tr1l
zeM_G=t{Vg!__<QU9r~>N48;<*>BW*NI3IR$;r#sCJ|#WBc6XL^E^1eQe)ar7|2K=)
zXl)s}dCns#Wi>@p##|ViaA_ixsBfGppcY5!cGmY43k6EwSQq^GiP^1%kys*Je`?Vs
zeYZW7J@)LBq8a{@I!5HUiO5=b(r?3xIoWF;(p(g`foWt+hi#AC_U$GQT~~2&a}{{|
zKk{ia^Yv{-oAMJ#FeEdt`y5zP$r*Z9D?u!r;`AeC<S0~PLcPIBT?t1D7r(s|{FxLx
z=qhGH;K7RK%~<368nz~7K8fbFnVa_Avq+`uEFK(^fSX;*Dm&sT<d<PP%~eo-8jykz
z?%(N9BG3af!BpB^iCi<OWh1)R3JPzgkA?3X(D!6rKxV&d(P}cTSN6#rr~7`sXO;lz
zk*m(GEST}ZdZx7d+7(4Y9o5Zz*Nv->jp*0_BrJFDVe_x7&Vp?j^$7W0l{5=3I<`S0
z3&rVIrWT(dS?kVssi1Dx0c4ewO$aQueD#y0a7?4K8lH&Ql%BRSt?zJXWjp-&-g1C2
zy*Qs*7?=p9AI~>&#e^1=z<7&aI!X-fY>0TiO^Ii{+=NH&wkmyhJ=|;}1-o`{sY<AX
zi5MrGmz^PEWHE4GLzQ#{67BEo)ermxJ|e}oP!_S<ESk?%#nVkUuV<D1bYdYauXOnN
zd*HcpNypI3528P`>0LfS*4m(>1tiIAZt9;-{S-BsU_d-Lc?PFhCIDY;k9PM_c-}el
ziVVG#2vqD-$~ed}ttwt?K4&FL8f+xDA9JwQ9rOj$Lm%J|0;Ut)NaR7U7%f8}(c^FD
zcS+f%81Ic8wjs{v1pdSEZ`0qM>`}ze(xG;$>rYL_8V&`kw5a?@9hvPg9%6>YrNx!b
ziI`qqPuVpZKE?aKLPK`9-FTS-tRR48vNW^*Q2@Z`^y0Hd4l!j$7l&T2-im(hQ_Pb;
z7sEWzAhH%Y{&=XB=SPtABk7>^O<)hCA4xQ;Fth#iR*zA)!8yLIc^mV#z<JG~cYAbf
z%%;2n#bjENd-c{q#)(?~WqI5c5t+n+b;Ku21cxM+oPe%J?m<*p?H<Vm3GGiaq>+n-
zujW_d6-A5gtahdiZ_3*ySo3P=+dwHz`Q~P)g0Q~UO4~X@i3^wuc9Z_^?T4)-o%UGE
zhF``S6YKyJ-5hP#M)K!)7rACP!rXVB6?O_bzx%EU5ighE>Z_g)pxbS$=LtK5N(C##
z@qBmIk@N2fb_8|M?rqt#Nmqi2vM!)h2$l;d6LQi<an#voX@{ANS7mi~?`Sb@LwSM0
zyh-3gH$Q_HPykwwrBWzM@Hk}q<?IyWd-d7wcvr%F*R{B@;t(jhY_~%wo=y{Fd`&d+
zwVlh7)0hd<uB;uOsNB%`!Z|}_bEv;%%=A)Gn$2ne&ik&X>zx<qa5>7<>B1CiRl-P=
zal`Xdb=Ig&SugMCL{)w)UF4rSL}+<SRXo#g-z?m%XLAk9>l5No-kXxeQ78P(awj{N
zLX)jSdT+i`HAZHFY)`Y%{|<MlW9^d#+1r@1dXcQI9^rGr8O{al*&9X5s66KkgP|>l
z+%l!OOFiF{_6PFW=M1DuGxrG>ZCpRsl}())NHJ((Bf8_VJ8IVdQSR=C-R9G&#0D2M
z1}p-6IxJwMxe$kC*;)bw<A68wGjf^yO!YFcMk6jGO$>`eV6S{>Ub=h$Rn*zzZtedf
zkt2UL`})Js1;=b`dvdW)^t1iV^iU%$taZ%Ad?&VxmqCjX!$TRcIs&KXx)Fz;-Zna&
zHHZTET8(D3*qo@qw(g-DC%N%6o^C^;S~S%A<ZYh@H)1jtQNwylf8Rm+4!Wz%tm*~H
ztUBt9D}hR@Xe^vJc^SI;s$$F95~Br<{z-$^JQSrp<JTUKY39D3+||$jzOS&~;>9cX
z$=GX%=!^m3vyY=;fg!|Uq3_nLWekfcXB;ncru9Gkja2ClOKVpD@)Vu4bx+(X-X?zg
zJs(8b2jln(znxAcY%-Nhe0Aka5aC?p1O1yO73s>BjuSW4iiF<Hh-U2HFa4mU9=;uQ
z>+w2`TH`QaF*>fbdOo@wJT&@ht!AVCAo|tZ24VU;X*Sg^ui(lm3n(tKxKPMGx4Ie?
za6VKeA1bBYi=OvmwsPEESR{=7v8K*7O@|xPCn%Ws&T+yBH$w58-MTPc+=7tKrwBTZ
z75@Dhe}U~&9@&s_abK-Xj|BaUX53ZT!YRz@KDL}JshXryL(oMdNzFQ3gi6yE$3d!~
zRU@GyZ34}*zU@0`#?-;2KwQP=FHYeq1hMd&FWVnB)`m6*-i~(l=|HM3e0-E6@8~JR
z^8N{h%#_t$N%yc%fZk#RpTB*=s>#P@`=JWfjJkWaM*aECp*}ZvB<Fw3YD+rW1tbpv
zds>%^z~fXOyb=aB|6Ff{HKHM&a%Jk|QPn&tv7vroLAb&&px;^~tL%1dtT6_%JG2MR
z&um#me<N}$6XGXdv(j-XWhIsXXlC~&pZ~AeQ?+Y`kG6WYZg_X_)UJYYzME#e2@E);
z@}+&vh!LD1^oT90h;@mLzg|3%J=;#UJLvE?`wt-RQe6CL^Y$y{o`{P07mHGEep|ob
zt;=5%v#aMn+K6X0cif>i=3>4KRUP@*ehS$?sv`#A7smcfwj<gJDxqU;>Fy52eT-Gm
z)2z*OLz{ywFFzx`N7;^z;=5<7LTOygZLg`<e$Mr_bc5TabY?2Lko2Nuy4TIz`mAaS
zn{7jM?4JqJV$X5JJy32#sR^tL#_5ikRm_lX*g7#g6_2nv?EbQ^;(tvJ$~^<u0Mm!5
zZLq80#pdq-Aug?q*>hdy)E$8m1+n&o1r>Sj7tsO?S)^ATza*rZt!;kI>sm>DuGmLM
zHc{mY)c>EDX%r`I_Cusf9E|jDw%Ot6mVRwaX#T3T`^tL2(Q(4|+E8s~i1oSan_R3@
zY}dDJ@UEqv)mMEufECcvn!d9(Q+9rU?C|HCCq+5o?6EFdPNgl|PKoSuQsb{YLOIF9
zb*@DJXj>_f<Z2}7NSM~!xQYL4$R#7qkFI?BbI1IubUXqN-AQsGPd|)r^DDv6yo9;i
zrnUyo?PPn@$gcdy=mrXT8g^Fw?l2|sK(57t<XiG|;~ArT_R{rWdVM8}TDU_SzwMiY
z%|?gYv%wch^*XyNX?njBiYN^2u;!IJv(m}D7dWFj;;nppfVT=1heD_CD{+3PnbMx%
zT1;E<46)5c%?8m<8}AO0HBMRouu@&>c;E273cskU`F)Nd5=%>O7St%9;)Lt#Nbf#s
zCNdw!UxbG@(F3&)g=%Nv$WI!iv%1b!uUt)W%3S{@+1Jc{Kh~gZg>OzdB!-U0ID55~
zoLgBckRLQ1rncjF_Wr%fh^h!Tpkbco+xRg1#w9z8yM>mlkcsRHWYKQg-Ku=<)2Yz-
z&Sx~`T&rEbzF#pO>kn`COI=?M<qmn1&X`assez@MGk0;pQ`idii~GWuSNsq0WDEUu
zUovwk{?9pi<#RkMDY^KWw=fglm0zE|On-q!Nt{$on)uyK?l<9Ew{~Y!KW6{9K~c28
zEBT`ZE(uOr3yjo3b8m!yq18#%Y;yW+$r3O3#qG1KD5XSZU@AF=gpftBGn1t^_btAV
znk+hxYeJ<gHuJ-9g?b5hvuP%pfoV`x8Wp4dgvV8<^M1kvjZh<j^Sj4w3Vro^+f!Wo
z*r|!vM9hE$(CW3La%47rP=lQ;ZO;msBvS)h2s5zP`^;57U+hoczE2(j)ceu<m)kUQ
z{AdQw3$erPNV4;r;Pj8oCrc!OV}uwJO9PpfOV*zWB-0uzsLhUK^XfO4M27TlJ%q`@
zh|TkgE+9Z9;B0Rx&RjOV_!#AKCY9n;F@T~&ID`iAJO&Bcd2`6bIx>?7IV~|xX$>zB
zcVrr~wj+kC*;N7B{s|2yu~iXN!l-xN6ZSUp*|^fr<)*9cW>b(=2$%9w9|eC-tIoJ7
z?L?oB?c7PixuTzN&5&Cx{Mf{{x0*8hz)ErLF*EKRQdY10p{rN?gLTpkJnm5&#a|{M
zIrky7%xSh{>;V*Jv?|Ws`~U{);HMXDEaKDt(a(OA@Ao3R9Z`U2EB(2Wd*r2Eo0B`d
z#9y6<A2tV7?K%InXZ)BVZrkE`(DmLl(0nx}JT%auRo$XlE7t7yD&3UIP^J8uX~SC8
zqvip)Vh=e=QUx_pTz~m7>0mwM-SnIJ;%{qX%w9fDw|(aZi82si=Lkich#8ey-S4%R
zSI!!SUfg>g%{HZM@@7kC$M?Wm@Jg>}ayDES@AYu>pY(Wu9&WrE6?gxK1ZZ5h5a~M$
zCJJu%ViJ@s&3M_<$9_V+x#V@leWGouwaCpNEa1$FRsyH$0QUsXs!SbHMSXd*6v1X1
zg$pRYnNwAL6|U1{z^|HkGTY(3GfTR0rd2%9#p>Mn@kE^bgjILu+;S;+V%T!|LhgJ7
ztJzecJSer-G*ovqtvm^MlyG+VT?!NG#!bkOdQn_XD-pN@R9|D`IzEN#UC!7(DMENF
z@_fup>GLG#x3sUNQE!`G_NQ$Ko-4Vw`R+5H|5P5g>wqdlX=30V0%sY*br#~eS3$bf
zX;i%--oUq^-SvBy8(V)JG5F>^uqbA?ACH>nz-BD#{+Z?KIMW@~9l9o7jsDg^Z<|Di
zpSwl1nX9vOPe!lhg$nLIsWf4xbqdj(A&X?6!|E=on<)!|RAsk8bFU1U_Gj8|rq(Q)
z%&6fRmzJKlwk@NO;KZDga8vtvb7vtD0~8Wzm~4Y9DTh8TdQP}{%WSvJcA1z9iL}oK
z3xkZ@)JMQj{MaL94wg|G+NO05E4Nku&UF-VMLOZH^BRn$gl`hv4t9zy{Z&_n;^{V>
z=Twr6C7GBHq25Cu*OB2GXfl}Ycy4W4qZmJn+<;1+Ae*?pxa#o1_s^)fQl>dM(L6Lk
znM&9T;$Yf|`YBnK4pq!u{qf&}<^=2^)M^9By{;^`3oDxA?59H9>kK=zZ1raM4C7PQ
zz!$dvn~=Ov%`ow#@?K3?%}Qmu@gY<w3fmprX%Xjo);g$Q`mQ!}kf2S3$&I=5w(^S*
zl<LmP^_$rG-DW?FBi_HATqKsTefun7Fn?CZ-z@Qj%Fsj>{bii2jR2bvpXp-H7NO`x
z1A$SN!d~UkRt8r-tdXUTXI9;X$!)2GM=nI1K4P5Dt~@jqtJCG+G;|p<rSr|!7VNe8
z)Ij~rIVf8oGIw5l0jnqGLOy}S4;tgu$5$jl;O{`-*^tO<9r^J%NSZDQx^9D5M>BkT
zcKttN>PEp8my9zT-xGR2p)TzKn&q+_=S_8G&j&d|xbn6y-KkbOhALG*Aax|QRBc>w
z_%*B~_C70X7G}Q5EH!n-;lAX%xG~^}%~_Uq`^He}8}FCzO$UngYCLgJa`Cz-BRgz2
zmQ#=X2Fin1p7uLy+Y7Ak1LkmJ4o4Q}A)(L@uD!K*UTgXt1^y(chZnvYXls|bRZpTj
zO#J44x;W3r%aU%>gl!oyjlJ_l1mT32)|^@N5wezqc7=Ce;<$v*nkG#%Brp${FLfC?
z?*7ckxXtV49E6a6Eb{%>kL(jITx^dIo|tw{7%l(xyEU32h&hzPc=mpoc5D6{2c*P~
z(PU;yQHjEX)bJ3RnR{rv4nuuS+s&8VryxStB}-29Ohb$7r$}(RtEC_to#ix6Q*2a?
zXyV$lEW4TO;-ug1ByA@gtcg=NdkJeJ8+KsE5iUh|2~FH_O`4%>ruYkWVA|gL2dB1;
z!V}<*pulV$TUFn@bLWP=p_Ff$uecmG;uh=&UbI@^(ht+}&dc>*CVZ(ss1HuJb5KM}
zA=Uz5#j?@<4i`t))4ApQxi2=66Mko|T#d{>E4_YC9V%Zin6|khoVcD%(xW^{zt*O?
zt9UC{f-PDe$yPN}47|jqqatXkHPPK0EDkB@)x64GH5iLsYs3$ABYqAGJj`G4vB<Y&
zn6QxY9rL42;hws7SC+LzwebO=6)RxOZ&Ah6anQ1vVncS;qk^T01jKdwLj1Ki?Hx8#
zxcXBOY!Ai}>0f0PJJ8klxiC2Iq<{5Fa|j@HIar`l>i1j=7ZXjte9T4BtJ@-SK;K=C
zc-jkqAl;9<@;fdSfo+!or-?aX3F%7`_mku%`A#GAqGg+oajkVz(Yk_Ks(TgA4&V#U
zXmp`wOh3>7Soz>k&br8q>kU=GTl7d3fxO1_h2BD2sN9*+mm;o?3r?0Cey+yLHf9~J
ze2KOR>Ohfay|ptuBS;d$JN@d#*}iiK3ATBnmCnx}p$BU`S56jx%tQ0I&Cl^JAh^VK
zKsr9L7c}(|rom}1%*oKAJ5ayhOe8Ts!2H&?+7f4bmm5e}@8`s-0Myc6cXwNibg|VR
zY!zylVCH8h;}D0WToQmF*Du~dp^YVzgF;3s9oK3X2HuISK3W?rsmeP=6V%&d-LFlD
z`gDLKtQvV6-Ea}+r>>B(>-`o5b=_EL*|tuTXxk`DrJtvKQ0#TW<u_H39mZ#4Y}Hp7
zGZsDxUPeg7BV7bS4wshuFQ9Dc*b_n$PAap8bMyF3PVw2+EAa!Y$Ykcm**r>2-9uB&
z8;_0p;W*uoe3*p3sqLN4VfldZqqN+8WB>_Yd@S%YPrv~99B{~}UMRY+af6+vOYP3y
z6o%n(owmI#n2K0DIOvKU{q^`a)4Yg7#WO0lB7dmTy{_=NCZ&=P3REgfM__<Uz;Vrm
zkHp;R<dt3OWT($iuexirY$(2dQO;odb<*Av>4TK7_?fiuGMVy|sgz33VL()J25~t0
zHm2H&b&WB?Y}~#ABB~3|iOFYZo|hicj|mH*pM5yoR1w^RIGGns^$tHzX~bC%5u)+m
z<Tt-Riw<Siv^dnih2EuBnrvv7#<%sc`W)F;_%~FR%;7=3HP-6%?j&F{=-}1Lof+oX
za-kSAOY7U5E*9P$=}xaUMJWA*%gE|fJu?GnG;d-t=llt?so>Ar9VR@u#|584Ll5tM
zfTeT`gzvs)e`&cv?;bGVTi%fO7LF1g4SxNca_;GKVosc><B*ic1bX#XRs9w{17M3}
zQ1Ml%X^JEGuaMo~=ZeYhC_tsR*cZKo@jSL0+5;)GQ=Sul!)$_F0R$W+jEP#=FB7&a
zf`470uHMn2dJK6m;8GxjU|bY-cnYNw3F=qB8Eg|GwTzI7gP=qpnT<eivVK`zg$Uh5
zJ$}G3W1%6=ghVO<<wY5Ex9*%erpIeS%SMHcq+Oc7xEyu?6!z6R19^FT#z6PIw)m=t
z1aFQ2tv!_P?3%bjdWct<@>l=2#9REi6`8`>j9uW{#Ou*v{*zaA(?i(#&`i|n$q96W
zKggBGF|HI&`X7K|vWc&h*P>eHMmdsK=%DZ5q!LQO1^qaRd7j~g{UPfoZeBq2D-*(O
z(z(nb%aEN1BBWjhvY;v~9_Hi~)F>w9)JR)a-{WYc4~|X6;oW{yIe0rENcHk5q{CQ1
zj~2(czEQ)Ul}VOrG-vjR$n3~_K7f53UVSB={AJ(1Q{gQ%Wro=+BQyshul3vT7n`ZU
zJEGdz{`axIq7X!R_Tjn>p_KoneSSs3KN1SSpPf3;N)uRxxu`=FP@uOP?NNkdc@QOE
ztT9Cu#MPWsd<x}*y>4yrg$RDj>K%6+RmSj$5Ek0fZAW}PlrV`$!rY~*-WfVqvNC`L
zK|^PGS*mt=_5?C9mKTJagAz@D@M+Z%=ydDDgd)ou@X`}>@KUA9^LQQ}h@2Ql2T4NM
zHJwO0F|gMal7q;+PIlUVoYxjXG5x0qztBzZ5AE_ja*@Lx+wuS}fMrTlZy9zwthV>9
zoKO#8z^Nb4Ll7sz(EuXi6acey)q_MJ1i{3HdN}IV7<f6?r+O9!88V8cjsfvM%Y#i>
zbAe4UQu1>`T{75ml-0rdD7;U|Pe7`^qV9W3O6)2)=u@JwIw;kd&cpNSF9`Z>_$1H=
zeJ4sb;C7zw{xc)v2hG<pJa%C`x%o>4P`=Y$m>cGOWVQeog-a*gnD;v5jmD9x06W02
z+to$D;0oV^`PN>6`w_G@gPwbPZAtMw4q&&QPa=0htV{TkUApT1GTo;OSRNh79`W&9
z0rI?>5>^17C-Xzm<O%d_zuK_Kt7FW2FfB9>Gk>FOfPA;yWqBmSq!4hQe0J9|YVff=
zLdYc%l=QI+@BJZO5-+D{G7Egk!?3jDbpo5ECaaqsE+T}Gks~1-w?|?Asv@#nK8Y$p
zmhe@3eHJu5{`l_%cQ3Y!FxZQf&OQ)AA8%mC(@76L9xNveHfNe(!2|Bc@m2L2VMHi3
z&^ay6P}OD%?+)Xg6DE}G=TXC?zMe5Me|9M%Y|BHWPyEaau(@b{IAcJ??g0xCecAad
zV4J^Te7}lr@W9~qwOYPmcC;~iWD|@ZK%anb3jiUpw*H^?zB``l_xro#6H*xol|3Sa
zijvG^ME1_k$Q~JGr>taTXN&BzS7xD<JrhEbO|m!lxzOjM@9+D)@4tTc?~nWb{PTG~
z^nSm_b)D;6=Q`*4d>)@@l)q>iNVk7^dkI`cJ*CPaw-@Nqh#D03>fX-<V2a_IZUV2t
zqCVGYkm9=GfJHHU`zGNDTjybHEo%1Tn8g=-ABP)3+b|e1$Sy6zH6gns6AjMZO6iBY
zKqvfIsgbrb7fUDq_SSRlMx=A+fmq-gML;3*0^ZxbD!U4ScrAF#HTqhYoq++#LLAHO
z={OC$W;plpe}#~Ee8P2m*%c2+cutq=-Dj@!*~p{Xe!DGFp05@;W5%K5cuK1Y>WjbD
z2e$c4b3dIO)R=KlF8v6d11}i%!V!stm_-GD3Ak{-VwcMpG*ULA%nDT>)L!dvZEE&1
zM#h<}<!RIj^~E!{Un>nV**361+1+D47&S;bhA^m>YzmX%(8h!v`g?I?aZ574&X;?!
z`4Q7C4Z9^L$_Kx95701t0tTF-9mpy?WN6=aL+8k9R4~o-m;r{;Aat~sm{*62`5^+D
zfw{0EcgRqAHA5**2Re+HIr1&PY4!kOcJgN568H8CXv1dE9NX951W(C0v=IZKmWfGl
z%Sw5HDxHCEVTdS+HEde_d#{<T01xaDR}aqdNopAau)330H)2m=C)z8hC?9sa$Ze<p
zMex+#5L?l}THvu5fHI^Gw9yd9{R$}q6p;1j{7Q*);YN!8eHC>~8SbdrMcI@-+vM}g
zfn&tnc~xV;>pM-%s!kfFY7p@&P1>1hs<78w&_0GzCtvG(b)N<IXch!1cN-%+kGq^Q
z$4xck##}oo0tI(|FZwW*JKT!P<uf4XHxxfP1jhw(q>o-vuOo`hfub@GUf?n4jCOp@
zAGet@?zd_1+TBBZeZju&wN}o@%$Q1FTl`gx=cQb^*7@cnqnrXkqPR~(2>w-Xx_64L
zI#~{#8C5>ana`DG8!k1!e3V)d4HCnG)mt&qTJ{BaX+4;0S6y`lJ6=!fGZrrEs2;-r
zX{?VgUo7}2RYGmQN=eP^WE0=|6prV_^Kl!E$Y)jpS|B&v_6y3C{9|s<l4q&F%dY~W
zbpDOP9Ww$Q1#99>$adnQs9MGR&2VylY1f84@fZ5X+@2+;7PzzO08~H#X@;D9Ne!R7
z?Ht$(?Kx2*wo|*PY4C91Q7zthy#xJ3iX{li^JSb-89!D{kjHn6q;f_0S{p|bPpZo#
zl7|Ze@%a37l*x7i$wJ?Z^9!p;8?h(O1)v|YjFlJ9l}w`&-(R;W?|a-otIK-OnuW%6
z1Sf$h#IRL8zd-X1@Bj}t+LuAT!V9tfWz?LGu0ChVm-o6=VrT0kcAm-CjyX}N;FYI9
z9yT3=zSg-H@v2_yJ>fAv1Y)s<DZcNoM(Em9Nueqh^P82zB4+7}SVqj_WQ7P(fMdUy
z6utp`K@}6|fn+ibZ4!g)T77P0OBSKdKe73|<HZFi$8A#@5U6)?)rQin{%m(f2`bKg
z2DnV`ZBP(xzdQ{@+wNCRY=IA*<?jR%{f5^=wZC{<>R@VZBLcsavPIu88U7iA9X!ng
zl+kf_9{pvt&a6J@4{{snMBkR4o9hT$d$+WH+T>NB`8Mc|hM3>q(raqPu^X@7Tpk$c
z0neaz^QCf$>&2s$1t0)cFgJ&kNsU|`fTL$fk0Hu@s%{|j()yV@a>B0|Z@qPyDipeS
z-*7^Aw2`%Ry1vkX5OSa7ZS#_qjq`05uIs&FnbLLPm<N(7yKMOw@J!pLKFKWGIL@^g
zwEaXKsoKm20GD#sw4UN_iIfxcaW{ts?3Ko&y`XN=Tlw0Stj_btCjIm@f<~yp@k%0{
z+OX8L2QnyX{Hvd&d+b*ZxLHxR6y=UT-6(!|TKL*EoJ6EbQktjBUn5~#f-nz-pUOv+
z86=0(Xv4#UQf9}Opz>>1WuVb;-t@!LN*;IOO`Az~=gR|5^ZBpzGLvx3u9L<*Oj}@E
zx;g%rJk{<7cmRVOIbrYQnPY^98WzC|MJhDGLhbE$sXLdFUxb%1FyWHzelyAMN`J9N
zky%IE_vCp7q4i$7@oGHK(o}fqz5ImV6|gymNUdnv83_m4@q%=w@_OEqAgP&d<Pz38
zRaX2fnc=e8i%*CfdqZtG8Q4LPp}{LUHkgoN0B|z}&C(jBAx^$uLD(Z$Osu$L>4(1c
zv>7@yIZ~R*TZYujkVETHlSt*rhh2_oUd-YpTj#R6YU2u;x>7l;g|^<jK4x^hkr9zg
zJ_*#bWCpWO;HI-aLIRG=5iM^*Z!ryU!zsLnqzIN)fth&L>N<3@g$8msG5oeXuBa&b
z69hm$BUe+Xp_<cKmCB~z&}O$WTU&&Pnnly2LaUe!r5i!#P^f}jm75fps2xrF_8JJ4
z756p!dPs+p;-(xYBUPyEyq@CGibd&^jn1+~(-I@3lItIQ?kL{dQXvg3o*cSSC35k;
z4s!&5K~idq9&7bdA=ex;u}DFd3oV&Vi{Sar6l^)UtC&;a#rZUk4EtTIPB~>>aZ9L5
z4LI~9*yljO!|_F74_Vw;2kf9*;el1{wnDA3OeTQik?0!dPISnZ>T>7b7{ogt@C{T!
z_#-lvL+mdu8%AnHR-sy`O?jrIq{PVAe7n}zdk{l~Ra;Rd*$|3s-asXsXoW0cNe$8%
zhsK$Uxirc3^-oC`g_TL75i+8wM>7@xE91gSy`#->1Den$vX;#HmLo6aVTt%pS3D6G
z%~>Tr%5h1W|9FtS9TslUVA4~au#C!W(04umdU2w79BT^YeyjBB{HO5Vmf3pXP6f5r
zM!2Zo7w7)maMnaQ#aU&5^5D8I_vn2#eLA*VH@)5%r)F$z2+=k>kk_saz8ZU~cRcqq
z(np!F%dDyO3y71F=$;B`V0cbpG0Sa{Q7tzbWbdHbRcJHR_ha3n$PVvbRA$!CNn=vS
z=<hlUpT5RUOFo_`x;+LeMn^c`hi=A_CroVQup7U-ZYK9kFxn<o#XYcP(BvkIuQ<mi
z{}!M6Z`RwGQ=*~qlO_IFvZ9P{<{NH*&8SFe{v;(dPJSU>_r^hq?h2oP7@8_WC&_Cd
zOU4l2Dn#nnvViYwrm*m)u1jW}%ZTaP>t?B#lr3M51EIlXhD`lQOL2{FmX5tRc!(N8
zQ~X!ML_Ig5?kUDl7&d|Zp1*<fl}KyiY(T!|{4%YtLxudYQ*{z0*=u)fpw^I|r$VX$
zi%e}zR`m4ogX?#=3XT;KZ*$!{lP6);#eolqBeGg`%FIu54K7`8UQxQcJn9oYInEjx
zE~#%KHAHjMnyH)k={X0&8QWRgTrqq3;aMv?kS6$H&>5g;drPB|yYb~a0`^ge;gV;>
zow7Ot`qF|X=jCW5F5f&*FgEC<nVt#4tHx~sw4pBuPBdNVl&gIaOeyeTvdk<!sY%(7
zqm^uM!cnZOmB%nfE^Bq@9vwcV<=cZNk~dnHJa9>*K;>`aRF`T}^O8}hsqv%p&=pd8
zedWpfng^uLb8;be@>rb~i&qD-*qPqd)P8)2MftVx$`(FeVmb7iZ<owrkG#+8vpkCC
zB}x-hc4kOFrKg;?lx|xBGgp1XS;6VMgCl{+;zN$8uVFM*shI>n9~;{Pgj3StAz}Ey
zP0~et=g!wymm(e5n7@1&{_<h!V$%uNrjhw&F6oW#-n@GF-_@w*fgzsRyB1wRm~K26
z&XlM4isz2#Yh1<T#z{nN$x7Sl_{Xrq61X}E+GL_kCpcaCt5Sv53KT?HXPRq$M}+U?
zvZucgd^t#v&E}~*^vn3(-FIeFg$fH|8~8d8l#~*axqRMN8z$$zI@A0hD)yGiN2$s*
zWgQNe(=%fYYUXc}oL`fLuseWogS7D-B_gC_#nABA6(g_1SuMCCHtJ&RlzMYHcLU?&
zO2AUJpEJGTd%{fkHV>m8G|{{HmO_;EnK7!@?b95!c%<VeriDoruS!Aku&Zs(@ubLm
zmYI??TZ)lU?))iE*Rrh4qD<!XARG<0nu{*+&xTKjD|R(6IcrR3rT00wrF6Rtof$BU
z8rNCi{^?}V@<DJ>Err=vyu<d|LPAK{Rz9tGXfxg@^cYwcYSYI4a>ZwBVN^3bhGkOW
z_^K9-3@2ZXmIHwZub)U+Wv>#n0CE|CNQ!~nb>glOhmjq3i4@dW8m88BCcEw%9f^#s
zX&ozUx6hTZXlBh@-Qb0pfXQ80nz{&|;17Mh1$2T`0RjV}o_LvM*Hx8|yTJuqzPYZ}
zYsK1J$dm5C>FAw_c4*{>QU}8=m(?KF=*-fOa_iSrNgExj%jdIM;vQ})xO_@vYrV3X
z7{JHv7psI>u+8yOkw1TkvOhBFzIt#%g%isLNTsv7zgy)Dh<amuu5iNF-kfH*{j2C^
z@<k|DpZAfvHspJ0jWcn`g|8{M%20`@^Ne6#OufIyWlN!y<M!Q>p<Gm2(xddWP;#{Y
z?#ct2AnARe(mg%G6sg)3{~%VN-0Cu@sxsvW(TJv0u9QuSk}7JwtIee_a0316TUx)q
zQQP$-7k%blj2u`uO2aDp$v?LC?4-z0Stcb26;_R!V-k()<;XirBt7_;_Vb+7<EbJk
zWzx>aSOa&TvT%B(%CY!f^zDyjbv24h)q9dyj{UORh@!5@pHNgdo&;=7K-bY(eHbS(
z_6i3K(^7kf4Qe6T(*>xiBoTcs+et5@8z~e&M#|}=x>_}p^X@sbP|GNzGsluTgHFd;
zlco#D?zjJ#h~&CjK{ercnXJNaE6rWDOJ7G}vDkd`d8-pc-`00ZZtTRR5zFwUE=v<~
zDYLCWN>N`ulg|M(+Yj4<ThB7YEXSadxA~)78ai9wCsvi`q)8R^G?q$6=H_Wc%3t@&
z=`Wq&oEl;w7RgIUO&H4H5f)<zi}^fi6)nCn{h7L%IV;?@T;!m%zR9Vo)TS$1YDCmM
z<Dwp<wWBv1c!))i=4zGL8i5GsSLIP-C4eR}zfkBUiW%uJahXo3@LfMvv1|xEyV6<e
zX{ZL@);>=*@b+r0l~v##h|ZdFnY8g}1x1-RW>FM$Hj~mOQIzViYuXaoveni~MrV+?
z<$qK-Z`JLTiRG5-F55^DDfu%>&!d$qPIE4q>Y>Uvo9!2d{I`~!dB4y<pgUVXYK77Z
zIu@fii4JS8rGh=Z4T3!fR?>pZzeZYTb!{-UgE4>9lm8k4I~31WYa*rGEMD0ISK-Ew
zOAly37UX%$FTPRRDNp5fZIfK>PEb|-t73MP_gxp>F<~1c6(1ENjC;rKP7?Vg`}@)q
zblSIGrIMA#JFq~cBsBP)B*+W`_VE%PS%E;^y0|O+&nX_I4kdASh)DLkK)f?5LR;su
z8GrAt_^K_yH`d~vowwfjF<Gbo&`klQ!Bw@G<~t#t%c*8av*xTKHD3=g{~&bOoBhSE
zS2PS~#z+|{fUp>HUkJ9y?V{h*wu{JB9R3M20L8&PF*%p%yE+`qKE@TL=2aR5uEtHG
zR)L%LH>*1eG+gZou=_=qF@{^SXP{Wcax$InaOyFrG?=Uxa{-p=HaA}<D|sy-0o8t9
z$g)qhaamaj!cWCI>hq;z;i!~PSb<plMg8iAh)d;HHHZh}ed|&-7puR)y`}gw8iJ+y
zuAUbytm}e<hw@tAc8%CF)4IemlQ5@A=DVp2gG*xIL(|MR^=U;wwX9|-C+kIdUz_BW
zzK*6dqEC*>lP+?yPLg!Lwy*CH$(b)Jhv55a%*glp(!)%ZganCfR^MDLFu$)qY!cSE
zW_xt<bSUot+Qc}s2Cj;57G-6zb%!TB_iPefOj#WDV#7{MzVs!@IapbOz>OoTIYOCu
zazZ$sMQ7m=F6;9a%kr_-+Gr2iMH3sg&r#EPH=R{R(V?}i(H?B$X~xk_{q+kIrE6=c
z-<Sz8KX~jMsACv>o1(5{IlpTUs5T8E9l}khiPW6WC@a={dOA~-L^mA5wKdtPMK~oy
z<rRe^=7eLZi_<mL=Q@n#PmbO-(mIw>IQaR_K|Lm&4rxXD2Oq|vhnx{*#>kJP8k#59
zt$e&1x#PkMhXIykG4tIl2miYtg~3EqK$k@RFPH8lcNSq6?wh8T<#lIVKi_|%EIv!7
zZxu2Afpt5&D2kmaxsKt*r%#W1;iNdJIGyB)!BknJ#(<lsx~@?fhMG0T@RA!(nGxe$
zYrJq8Z+V$db3)WC5L>R79@)zTmerEzgWi@OLb9%!PzN%r9OXTlSIqV<Tg~UHise1W
z@+li0#!A-*8U7C#3ziC=kKMD8Tz0Mw4DL_X{~E|vC%DK&czr!%qgX0#G?O+~mt!Pl
zdMRSwpxHV68o7?b^}M>crhow*oJ60n%TIX-l;;ENOZ{JH&evOrueByonyfutXT(lq
zn;mq0gSqjxo~FWIN0L7jMUvofLt`dPKALOf&54lL;8AWSoO5q|<%Koh*HvSlBu$U<
zz<!#%MUu*-iu_WwVg1hEtTmlwwVLxAD~}Nw{uq+MQyF^s7TY3Eipou4(uNn11b5q}
zCK5}eUkW_oO4HP;{qABH?bVELNCO$FBaWQJjO1y=c+QF(QarbmNZMAgDp^g-M@WwI
ztIi3lNc$@ky1ZJYNjJ-3Pk)-lR^!9{big3Ptm3Wlwu%k#jv5adYWXEEz56_&+wtgT
z;br0Gami7GU#OQ%jIi}LdspE|Lqne%6t+AYw9NiIvNqB48S;rxVEvxnl@U9Ro#+#i
z_j=7L#ae<qYUOqQEN&x<<+xFnR_e=1_pD>wB%yS6M$i4~!+sHnt{1$}<KuD#hhVMN
z8rMWS*pvo%NBy+(4#f$R&oUW^3*M^`JQKHiDRV_<0ZC2v@?B_EH+8s|`BA9%wOC?W
z&?fVXZj7WQWgDxaj;H*#Q>w4p@m_O{lV+FOS9s5ZfcDZV^bQGKyFIB<@p<ygvjb_^
z9xGn=dGaL!Bg|7qb3Z$aJSv*D64jt3CYsJzOc%w7$l5Nqlu={xE%8TK4!^aItLZ-$
zp}IeCua~3i^-Sn#%}Ff$o?3nZ1<!eDQBvCw5BE(Mc^2OZ(I+k)KQ_lz{N=NR#)l|n
zW_f${eInk}X_b%Mzd9?|B^LgK{WJjcRWWTU7cYz?{lx3$NOj3rFWnUJt&{3gHZAQZ
zCJ*3i;r+ZEw<36=%J6gb<5lxYqI2cJ0^BiJcZDbDn}6ZlQYPj7?oHb>TIOQ0vYZoe
z<@|XFwep{(FFJg*hBQP{qJfiHiyeP_K%$spA%!?|8c%o@fp8nSLfHEC+aD5n+GAF*
z+zta1`*pVUyt`~f26bA+v+=ZCmypRvBTruxrqK?=#`h%KN_CCQ^?n~%Ny#0@P_0%i
zLY!zV3E}7upGaJ2M0A-RZ=1#)tw<j1`lhRR#RkW4HqK(nywYp1NBqh8p0iffvKIYk
z16$WspFO{HSE@v6`1UWWt(Ak-Htw?9AA`)gi7G?o*aYP6-O#qfj-6@`z8e$#bF2nW
z>U(&x-sF?YD7UFLA^h!C^(DLWi`DH$+*PUEwpK_5y|)6ii%+yk!Wp+WO-gq|SKedA
zgUjI#zv7$~aZy*?P}+&y;e`olNw)ZVoe_TR(7koQfIT#x95<2MU`UTz!?xzT8>Ubk
z8=+i`X=Tke*Lxas9;UaWZa)>R?p+lQm{cJ}*_hKLp)QvlaT7}d>|+A%&%7L5>Nl`b
z?)}>D;vq{e&3c9H;%$sVisB!e?|pT3I);bO=iP$9nOry_ck@u4Z<$RwVX-3|lE2ee
zjSUEIJjaczr;W#A=QA(paL$rHeWS9os}R;oNmz}%%vjG$zM^`iQX9Os#}o|ivcaTN
zZM8~l1wU|JT8}nOCt=SiML$fL9_w)RJw(96DfyLd@y++G=K+^CW0x6UtqA+ANfL?%
zb618D8j;HkbDPE$uDkh6{aUb}-CBD!KzKxqN>Do*6$HQZS}CY)R7+uaC06E=Ty*YI
z)93urnAWw?BV9eXN!x0hdLo&ThQG5eDnO=Md>-?V?MN>FOT~a|F82KX1u-0?7)#^Y
z;*@4-_O)@nQ5wdvpSV^<MU~iXDMXpL9i;gc6q4gAxZ}bIebluoLGt{kp^C}n_f^TX
zT0@3hwy7KomBC{KGXojy6NSU)PbxB7F-UD5NwnfHRgd*DGGUcYf-~||aGCcVTMqh(
zbKK_XA-qis2kIvC8yuM}`L{aA?ir9t%YP?X{x~3?q(Zu=x6wZey_Ig(Hy_FB`8lMv
zOv6AfkrU67%xy>1ZFnt(P-Gn%5+vq4H!4*x@{oNU9y6Ph<@ln;q5OU4>QJsz^Q1DV
zA1w>&U)!6%bPw<c7G0BT<qKA?8W4|XOi;2v&h=~YBOb`^&WZ!-wgUPCr<8K#O4XXA
z{LsBk0B*IJ`GgLU4#!L}qoW4dd&&XV`H6F-0~21sv(eoSmgCkM@=i6MR{OGkUG{VG
zK6Iw6GR)`EGQPuTKuS~F7zsKL;cbRc;J&=!w<MIkx^BqvEV)OHpX%E3-NMC*fz$w3
zIC$rC(1%joxPRu!3#vnA%a#t|DOfC#y$bqcFG@u=YZ8s31L!d$rJy4Ef#Ng%bz$v^
zzsO6TkJma~&Sf&!%vvqTT7Cm$#5R(v?}u&IUQx!?Wl_rc7`C%FtkfE%Y^w0{V6=~a
zIo4daWju#x&&$)2L$W<i7N|YAT3YjtpY=}btw{v;{kou_{OP-T%8LeKxgkme*2Irw
zi8%s61@8wmV%_oRaZ-Cm7H?0Kde$29DHQCi*o3mhY}&08TEf;Jsv;&Qz;jKcCaTxC
z52x@grsey&2*}?c^<&7n-!bEU-EoER65nu$d>ii&qf~cj`On26>60v0w_NfC(o9}$
zX88Y7I0pfK;1Qo<Mb+7jOjb5&($34Ps<H&L_Ii%_(c+}jUXMLwW902WE!I}0Qs7VY
zrxvO%*zmE{6N%`DN7N*EPsi}PZn@73kNOJ-O2L8bqn)aKJ<P4kJ+<<VoQ#(wFYGlm
z?Pob<3zs7Kvu?S|y0?}M-RYQ2|7rmVRZ%sEUuh;06vhkpBuP2D&VC-4j#SMrCq@Ne
zabG8t_d6^NCGcOqX$LVvX=OxeGw=DWMF|qWnxnxm%fmc!DLbANuTuULVIueDIVQDp
zYM%AWZPn^NfWNm?NFF5!A|2$WtFp@#oeb@|NiYIDAU#J`DL86Dn+SdGb^?)WPu>+$
zmrkAaHU6mp2^wpcRk?nNOA3YVbkjpR62k7SEA*C;Y*yT#YE?h;;njwlb-xi`Urb3c
zeHItGpr<ul@A;}FqAOX2w9&kXJw5HOTsTNIityH*l^jl>)+DCfSuff;3boJ-3U5=D
zG?Z%w>qLKYszhU8x^?wr9kB?#cgB<{$KBY*+YBys{GdNQ8aUy-&4XvoGmz>2!nAFp
ze1z@-)IGZA7RYrLW|sYU_+CNXK3(!{SIxy&HvnTwqmK&6j9w6vUL`w+Dy1?8wVB4p
zigr#ajl@<QI&Xf%eka?6X7av2zkkmjcpw|s&x{sH5{p>C`J|Bj1>=-U5T=%}&j%sg
z^Tz(yNjqDnP3Lf(=iFt@>Lm<j?7#Y8C(dFnbQ=*VcqMq9bW0nom8V}<s%9U08UBUK
zSY}j}XQN!p)i|}JS@l@doDGifr~xa0dsmIjE2hYl{NrPhK?wnM!QcK;aF*_%w98Uq
zu1Bj1m(qew5s~ycc1E3iwawZ3kcGk(Q=b8<EU)w648l@ouoK}pU;Ec2LTpsr?|82{
zwOfL{1GS>3Rx~7-r-kD`kzd1Al80!L;slnY@y{RO9>c;(Mk;9u6GZmISJ!xMDH2$B
z6FtR-cs^n4I}zS|A^Yh{d-dxImyIYz9~t%FJ|WqPjfoN?urZ$pne7l_&RaSi7E`E7
z%D^F{uAk==$lxn(S}!8}A<#53S18S!J>7|qkAsLm$_}8S9mgf*_!aK~IZ0vteV{F&
z<@vhBiRLedn`>DHRyUx<k;xDXIe$34FB686t;E~rvyExSfYStT+5*1Y`jWItKnf3|
z8mZra&FitjG9&tiruiD5UPkvWZ^5qz4lrk<?#r^>gVt=)dR^Sz#Fb^qT^r^Z;b>_1
zh*hq~`(rxAWh732Il2Sah=J0+9U>=igb4&+vm<^5w>r;ZUm<f<&BF8YnPcR(ZR&x9
z%;k-De9rPLmvCXoUXK-4G7A8Ne8z2t!4JVv5?u4yj%Io6>1*VY=iFKrjmwt;sWLVQ
z2SW5xdZC|FZOY_^^eVZ28p$vt&@SZ7*5_$Hlv$K1IImfE7?r*5y<3?t*%}ggN%Cfb
zESU~~2-8{1qZ{XKjn7#rPIf9i^@nJq{8`<)c+EYzkkrqU&37`2hR-)%g-pcOO46yE
zvCgObLk>f_@|VTqnIeG=iD<5u6CW^PJo&|!sjue5x*|F9{iO8D0JE2-M=MaQXbTi;
z)p)XgP8SXEQ73d+AAOocTe$AL8npRhb;yZjoM(CV=XARDa^HQ6QQ7_#(kG+Z)B1ex
z%C3rN+)YUu`Bm`R>Sg{2$ASa7qg46GvWq5-FEGJWv~k?H34ht<_!sK#DwWxs1xc%j
zV`@|_Dj1SKzo=$Mijx+krZS4-h7eBNagz&t?8D+a%ESYZ<eplO8{ER-kts`^e1-2O
zA*{i8QF!yK&+>g#nIN5*%U2+Z)O<;V*X2)(rF&4>OyOnPoZ3RGTws!v|ABUg%8ws=
z=fVnelwrH%chD*jqDk!?UW|by8SYFNVVd<>^;>8RaBCl=mQE-~xE%Da3&~o%{4FiW
zY=+J^-M3i1k}gfzwa5R#arN#rd(o%KkS`IY&oJLi+a#pqO-b%DO0%xBUj9%$Gh7Ok
z|73&Zx);hi3jk*~?M?SO;_x)D*=${^aDr_1X^WFT1j?Z*l>DT!yxdxxcQYuZ3}Ys&
z6-H9sWy{a^s_O;&yYh3i-Nz}mg4}Fb79TAPpFsdlg;2Z{rj14i<u0@)QaFBw`Pvmv
z19I$qgEDN6)s2ENtGQ1M_ifV?@EZk%Okx(QwPauRk0jN>oa*)lK5g2DmgLD*iSzbp
zMRIBjzF?%;_QT9Uvejz^m701d7=-=afA^St_A$Y`jO*NOTj+ortyj4eD3d~h|Ndrc
zAggqJTF|^5A!g}x+-nK_n_^+!$<4F44_QcW9$1igs9qFC+^-%-YG3NrUu&)UK`4^5
zNSADIY?I^uT{6M3-1#s_HrmzLpNtvH4b_q-VO;#)T+EYm&t7=CW9x!fF^}`ouLtF1
z%uy^3AFRiWe@Yeg6^bpiM@=k_nh_4g+$kLjCtR!&yk0gDY#1J{Zb7#C$_t~gRU$?-
z{ffU+{>K@wWAh`8^%-}nxWmI^a;qY2Vkb}QmBPsYCxP!X3(*JpTVsM=^Cm9c37;wy
zV#?_X-gPl`Wh8BkkQBThUX0}LU*6K|SL`AXC9kz#=*ByF$JJoIW3jYXOL;x#493tc
z0OdrNO9PC;?d%Da8-5b3bG#|S#Hw_CDb0P3nE~WbTblz!iB#joh)Wmf*qU&jVB;%k
z+7D-cIveE<$by6+|E5ad>3f0X1OE<y7QsV=XmZ_ekRE#?!=W=km(KDP3PjWdGF4Fk
zx6R&|tC#)~yBTyN#q)-Om|5Fs7X*aVPa1HS^e?;8M0@=BOPV?&;L@w?sv|}&-HSkP
z<%!~?`)>Yh^Eb$V%g8Z;IY_6G`cxG~kj_S$B!agdIT`2eLrvgY#lKO_?_N}~_*$n`
znB;uER?)3b_@mFf!*!5AE5h48Xf)AmKkt~<>#&%@wB2x*??jOI@Ut6lJoWs0<fg}y
zvgsx+)5)feTjdRUp7FdPV>%OyZ8Qj-0C6(1DjXcX+CTQs`td@@fpwhBYQpRB^7&l#
zVoMz{_rZ?ZGiLd+2#wHFN*~xR*ozV=2yl~IUhxqt?tTfM&9(csE|X=QZ(_aY1<L^R
zP(Y)2lsDi3UG+*eG>1J2n#*}M-HqOw^Y@vVOC`IQG+a;Ua1_v&mILu|3eeDbBstFN
z2sM^5YIFrKwKkCb-NQK^<hHvib2vLaik<u61Y_<yOgb)cqOjrz?@ubbFPDw-9y2#v
zj2bZ+Q>ZdrRFjj$B@oFNCwcYgZSjd;1#wtshFs`cTtErV2=>jW5!s$YZWsXMI{8rH
zI<b2zA(g*9flrX4joC##{*5lzO=U4p(v;RnKCfD`=8usUTc`#jgK2tE*+>O={~`v`
zCzzCoHgOoDpIxSpczV?tTcF191dqfSsunVgiX~d#%e5)_(2fP#iBb99BLitR0GXZf
zhoH-=`pu^TI<{e)PhSJ4&z`le^E4~$PTq{cOQim0l4=reSq_r6>&*3h*oJEX4{jem
z>BioJC1wZ2^ur==yIkB`-Kdkb5zvkn74itD6ppyH5&|@iY>OerMoz3hi~_a3{w2M=
zAYGjna{IKfz$3M}d)e8bU+anIJSIeKe^V;4N4e{Ry2E&qgS=|5Q{!^R8}FN&C&V-(
ziGxTUNHS8{t15L}RcFx4{6zAzlGBRF;5wBTz^{%IDIrLs;Q>es9p(x=D-f@YVKe1G
zF9O55gOOW+>V6ELkod#5sj#H{eRviTrjC>azW;76$p%{?=m2@?4t5v8;o=9OrhWPA
zJC3YYK!Kf^);tY}I^PTM<qLLvl9XC-?GIhc`3T#008>O1z++=y<S$_+OTdyY!R)4l
zzYB1}R<G2~rt%j+8yORIuUPb#u{$nJvETps)vZT-aIbitjL$f<)k{R2e+Z~L0EW8~
zpu>iW>ia?{ZEgsm5^gs|axynWU(J&>H9WeDS<se2NJ{b$$q<m<BtpOTJ@E!%(>nYh
z=IrC~EXQYb6W}K=RlzU7nN^D@_utixfe~57Tzj)U5?*r~I4WP@6}=>**U&GILbN(&
z$t91A$s`;f?ynI`mHq+${Oxn$cXsdD@lb$mdEhh$)(L8MCHP%!T^|QAj3X_q1>GN}
zkw*@mU~J2or1LI0njkFsXzzaUqzI{ehaM>1_@tKsi>GrUg%3?kH8K>krVb1@ae}eW
zIZ@*HibCGRuS2d~IJ`5o#@FL}H;c|nzP*L*dmet5W6OIC@KLAH0dVkmvOWGs+Gkxk
z%rxF5Ec<WA<yN+CF<br#$jQDzfEHvNmxl#=!0jCYB>l+L#61P{acU53SC-S;u(ht_
zWc3c*5a5&F*Dc;lzURRfpb`SO_#yWlm8H{2>Xq96CCI~jJiKNHxF+Fe?Bc(r1+^bw
zlG<O`1<qm@Z#S%}5zE%?h&3F8LFxQ;NC~70F~8=>FQjaV?an%kbHIVBy8jcJ+54Iu
zBI`}EGCgCev-$b;jZi^&-OiI9z>uWEA8?Ioq38j43?MMCN%bcqKr9z}Lk5d>CF~79
z0nOS>5;p~4B+C)*8Vqz*$NACc`gBH83g$fo=1=ryTnU2l9rcHK|Mo@hA|{hWyjpFh
zw}5zup}xjbot+1k(ZT5ZS$XpEnRXaN_XDGBUOVEt21u4ES<C1oW(gt8dXzX7y>UMC
zoy&V@)w2YQ_qJp5PcXxe!~q-n+Widsj-==~xH$<?aX0)_J~vHnyBJKl1d)uHyDYnh
z2V(++Nj_hn119ioW0(|yOj?lMZQ}y->qh{T-L#pSLq93KW3UUw6wt<Sa{)N&k#D$w
zvAzi4Qd%Kt5C8?gBo3$4_y_06FgodgOQ3;}$hRf8@0{Ej4~5{jHa{ynO$n3)wVjYx
z2*@%55l(hZc)r^DfqY_&a|lI9EH<#1dH*k*mvp<n<N#*L3AAX-4;R9lK1QR@n2VMm
z5_<rh&HA_=YG`z$Z#Om4807_ykWFq^+Oxw?AYyr-q=4L!TIN1HrR_4+5+VY81SROm
zW{(1VLk`$T{Os8LcC|Qt2mx3rTdPfsc?3q{{DCJd=$(wk5bdd3Kl~WbsudnU#E*oC
zl&h0<FJgWOev6=Y&>?-59Td)gL44-VfO&gQC=!%7*P3Y`N`-=30BSTLl^iBo6+VPx
zYNXDfFhe-f97hQ|Xjt~v+N5&6{c}K}>ER%t<RIntEM+x_N}c%$V9qIniXHv}Obj~}
zkY2Gc!|qVCYokv`pMOW@<ogVmaAUt!j4UCG?+I8lGk3{&V{on{7_d(%t-w~+l?}ok
z?lT~}P(CHD`FnVi1wrYB<690hrid7P!XA|8M9+Ef1UzR9WLUXCn7;~Qf>Tm(z&RLo
za~8a<Dkk6T6KQuuGa&;Z0wlJ?mZ7q<4&iwOw2#2kr5va+*lBS+>cf3F4=tn+0YuRK
zaK_^38H+M26_9PJevHSb^5`7W_CNagEeNF$BOER2o15J#a^_f~_yn>?bV({|kjSb&
zfU!s?u>B_1r5fJs0ERI30<erNn}b0riNpiX>DwXU30hFvWWSC9$Xu&0Q1gz^vT^4_
z<AC-b3wW&B-tGJf7oc)>HQ!Z1$3z&Qc0v(eGDCpu;)HA1sj@8wk-(P^x&g55vbxLa
z@X<udgO2HYL=f)-n|J*WVRt-*IdxbCCNezTf;bS}$J(X&$&ut2k^%cGLBvs5+6DV)
z_`^86W<a~Ls28)d<TYHZ=6u+*=Tz{q7vipBQ^`=mQ%w#rvmmA67B)8{oW%4F>2gjM
zG^1l($Cto758wKRh)~545j-I#XTR&S2V1=*3^S(S4gh>(P>4|9p#{L)2@*apWM>-c
z2V}69NmlvgF*E0s=zDck(@CcAzIYg5UfTp{I<tXH>WRdvoI~FJ-AyOtCeZ#OIL_f>
z41=_aI-k5adUa59Pr^<_*y#0X)UZK?>&G*p^e;-LkKU>fu0ZTcR<ZJ)E!nKA*YXMg
z>T-SvB<>-W6=`6~#QUK;%Pp8Zdm6loo#5f3o1DAs!8MSOn8^nEZ}KaA(I}^nErr|!
z-q&ma(q*?YCdz-CVLs>N&gMkbVhH1ef&*oF_+T=@)v&|0VsLA7m+f?gqmvip7nnIc
zbQYZ*-213x2oK_I%UYpWXa&${s&b!*kX$MXPr!UZ_(?eE9u>PYTq>pc86lbya2RP-
zsi!IVS3l!MK(_<$Uv79#@#gB;Bp3zs@kMu$LfZJ#unue*VUtO5*t^j(xd3))kHG%S
z5-@7|8jp8;_+hDd8yy8=lctxbi?uU#aD@eEAQ;h|!$>oHhT2?Cw4A%R0Gege%q>sD
zpqu-R5hC)V=Hh!|(;*<fWSz!!?kI3UT3lJ(pX{(ePD^T2Ri!>@+!IP0OiPIsSAJbG
zk)9@20#tu5Q2JqeRk1dqgPJ1P0eMJ35CcleH&E}@DzIf@;KZjZ9M#Cy7A#rzJ$0#y
zq~e!HHWWTcSo}<puS0{N;DKZu9$;LHL^4_JJmQY%uOUL(@l~m}oPZ|T&RF<ckd7<^
z@@)9eZ)ij2=NMGl9Z$!UH(ad0)zft3w{w{Q=VHyf;U2mOU4!0i@xA;D-6&Z?`&*Tv
z={G=kk|N}$CEyjkpy197t0bFT^7QBsq!?Oa9wuBzJ-z;mgx*BO3AH`j!cQd!FI!-J
z>acPMJos-<<NN%rj7KX$QRsvt)lL|Q!a)cHDVAuUdk(zNjvX989-QVWOVH)APGdiY
z1HV0YDm8?jr@75q&Pou)aGEIH_H%DNU-;!ti=rIg{$CqQLZtHfXEjJ7Bkv-QqOyq<
z^G1LrJW06WXP5YXSAB7BXx)JdC%bp=R7$wT+Nx<hacx2>GmUWvoyy)mzVmccK>jo2
zBl*1dxAa?Zqq_c6Zf5pXjIxQemY9nBzTM#iUw-}7BWHIG-9ipjF=Abh5{PA-@Vns`
zi7D~>ZTG!6SngS1bb#2Tgt5>S9pE?xQOWNGx@d{)8pG~tp+^;-s$+>)5~3K5C%sSq
zO-%cH822u03p?xW`*>k`t^_+*)cy}w{7vRbyb|xtXw3ZNe{)61G2Om96RPLPhF+Xr
zFopErzf2&Kbw0P%s@(sS(b(j_T=Bt^oq2XKEVxaDf<-h7@n<1?F!`P;7||WTF5WQ~
zUnclw-;3MQ!>yH@bx<e^TkIut8d-8-kX5J}1uCZ8MI`*WR)01@B=5$`ZacA^AG0^1
zaHe}bf4Aq?1cXHSnX%08e!gO760{j<h!Ctdtz~7)s*(LWO5FJ!{@KMioxgP<7tv{E
zK=e=!J25wK2}1QfWU~U6X^lG+_M3_CH8-ivQLEAG>%ToM8ZP~rqb-+lqEEBVV7Hno
z%G*wr@yjNv-gDa9GImT=6hnS7t~L<IY^RL|ta`+a=;Y-%u+HO}N+W!Y9^%B0*%W^o
z!tZgzfj5l$_Wof0K^>a|GUxtK&is1-<1fOun1_xW{XN|OVpTx&5{76|<z?EwRt|rD
zC-o?dd0jDv&>wcY&*<EAQ2b47H1Qwr!32`=`4=<a;{Rba@tK$p?2R;dz54#$l>NRN
zBZ9Y_BRz)>@9^sE3b4F|-fP6wjeY5?RaW`Uu0a3f0K16j%psP&WwU@LUHOh~P@I3?
zbFN5(eQP!3I{3r?xr_ee`KVg1!RYo!_`Rn9uQh0JdY_j3Ki~Qg1_zZdC9$5rBhY{T
zX=j+Uoxo82vu2F0?)QtoM-YbNzv}|}1mA{}e)HzwB=!q@)bRjLP83=E<GhZ+8t##)
zZDZM)eu($oTSZEXwm-D)r}?3$^`(SeWN6g-_HNx^5jiqf%HuEpvY9&kDD?X8%?7S~
z8g0!&<Ptjptw4M$SoxXh{;e~jwVAGVQ~L&y9mSXdam_{-c7~<{dGt+Zu4lxM{=rr{
zvahX#AtT)Um@P}=Zl@X%q-CG)xNbp4Ub@wt1Ek-78FciD0(%~UHU}TNCwxgm9Lc@)
zxo-rt#o+P0Fe8os-6hc1-6miYc<s*y%_0BY@8MFUgfM8-Zpo+rSV8;l0Sy)KMKXqP
zS^nc9^hEq!vG}yzB*X7VF=RccsoA4G&~|Zma#-O$BWqz{f6kx~U>3RQS`_v|H^x91
z#V71h3Pj|kXYGRv_qK6#&7+a9{|lZ-cG`VV0mPuHzuV(YIR1sR%8vsbh4%&sMrDj2
z4~L_3@7LncgyA+#!`YL<wV5~jU!MQ_i*VdL3(;MR`#F?if?tEUvwJIuJ15+LgQF#_
z-|s8#j?-GR5QZe@?yvXg)p<9CTXRf;t{A~l`QObVEHA?_>;V)xkYVq;@4k<csLY}_
z)AmOwvG2VFsKVhQti($Dyv+W8hUCS6(-pKC!Htgp!%~e$9y00sOZGoZMVkz{h{P_V
z-KtRs+G+ZDxv16w7=X?4e&17b1i=i7l!S`xn1Dbv{0@?Wo0kLpH7b96+3QY;MiDLv
zBAudH?FKt{N=2Tm#L-e<sXgZmzKYNOr9}rz%g=_{Z+B^VqNP>*c-@SGywv4W4&^_S
z@|Ft};duNtQyO<C`aZmh?ee#WQz^PvsIrOnHQU)YjWRg!tx!v$MPFD%vC`St|Jd06
z1p>7A#NnKO@)`eX344JEW5eDF^Uv8s&r=61;@cDwe<#8AU48eXG0K^p^{=}1$I$Ql
zTKvC#2<=-qzvkL5*zz>)!~t%ojmGPOb@o3u{!}C$&h%in3mH6IIqbUAeqCRFB<o(e
zoSFP$pRv-TQz*s_pS^`~6qr$C&)m9_xVi0YXa8uBqkwWE|AQC(`=Pa2kbNfgrkHb7
zjUhqNeF4TlA7!*)5*HWA!~VlYcmTs0BGBm*WTk)lufJ~tnF|z9Y7OZ8r>&Bzg#pHy
z?_JKm_91_|^#AY>C#m1oOE7=OZrB_31pzPyEET<d>j3@BGf`*;6L4g5&-^-3tZ26F
z+W>R(JAt?NPn;;n;we?Fw_{DDj_~TbuGl{g#p{NnyxHDukePmjj>1>}Z(mcu51R*w
zJ1;toPZp|leFn*&GE0|>`y9#60s>8a2nqbnUQ3AlwrNrfx6wFPJ{HhG=j~buuiW^{
zD*vwW)V>vsKE^wt^?E7k#_ro6!T=;05;Cp^iJc3C*ZD!*xEdM(l7H58oVJ7_t8dL=
zrhge~nUin{#aT?dohK2P#s&s3ZLnvX>y$1fE=n<dfmBx&v_|E9A?fqMbumMWSErA?
z5*1<wH)mX3RrEs@s~-J@>#53V`!DvCN(M$!_XhLv&RoSeVcLDQs<qr&9rZ%>es$m$
zdPIJ=7w7f6`67l}uT5rCiXaUt<L3G{sbQV_rw(S(7%U>+j<tHHiiDqf(Jjrr)r-P`
zaSAwzI-vA47&WkAumZ$t%8K>A8BdfB+i2e2kp5y2WmX0BL(&Ssw|RjkkjZs<L~^zq
z4psI<2!ts}TTYunITsf)>c?+0ougTpws3Wn+2Z`HLaUJ?_W6u?F?B;6KmTT?_h;xz
z%hCYVmQ9zL@?}pbzk4!g7Sr%R+i|3AkAqT$T%Z+Gg?dP**stu0E&Tl^@i$?gkNP3m
zvwL=;MI6sH(7a_r5=OT?YPXlSx3px4Qrf(LnrI1R@WY~h;x%6l6aCKSkAjA|A=hZM
zbrs0hQXJ=7`DW7#))Xz0!aW2!_#sE4)>y6Pq4DGK9T9r#M$T&B(T<vq-vcfHZqGJY
zkp36oj#fkFFDA3gW$V>RM8<#YuDE-)vpM^1vPkrxP17gh-+nnAIclcZx5sz>V2Fv>
zm1mf(?txL@KoZQHNqf!9R#vCu(I{BgNtA@jhSt9xh_@t2lb#^43=#vDQ#rNC*HdnM
z32^#BEBJjJRK3WFwVY<NJLDw(ns!8)uw$3MP^m*w)Tk!Svz-!T0tOM9(F`?lHM_W*
z5BNy^ZSqQ$;c>E^QXW_X6FRjd_@63JwV4u`J~#pA#R+j>>nuRNSgRPCeD=sD80TeG
z3Ile+)>y2f4SIZ@f;4l{Lf)3qwlvVMbqYF_B)rB<G*YgLbZNP6TEagj2`zAz4S?X=
zn*0Nh`#qxx7TVE-lwPBDkFo-u53>e9!h+ptZxMk!5%Bb5E{V5)&3S4z*72#nK4bIa
zHX-jyS&iF}+t46AMk60ZM~NojEnbcbQLf4OCNltFtP>QuqC_4WudIVCSQQrEFSl$E
zagb(g*8=7oMM9Pnn6}|cxa(>-N+{)<&2DwmcNK+uTRJ;FIaGV7R>;YZbad!NJ16x>
zHMDKq-8|Dl9x4B{OKS8<`<QO2n6k1mWBgUEd(2Ln-`~!@o&81VW<ZH&tie__1`OZO
zrbDOmW;qkZYEqZlaihMITrlbb34)j-nJ{b4Uu@bX3z#GUwQ?-Ds~#4qFn#_{5NsIV
zNOHK)!K^uZgrr@w=kt<JrSmr@R~*dWw<wYjDk1e6dLe&C_qfyEd0im>G>W<hv0m*s
zV>eIyF=5h9p4iCIOH#z`bMCFE3_f1=Vzxd!e@5ee-$^O{%>~Or4-zSdcWno;$evZi
zXs*Jr^elm#{o!MY%0w9x{_W6gfWl=Vk<tSS`4=@C{~m<BZJ_||7$(a)JUd~Nf}enD
z)fj4jaTzG>IE{{gH3+V-;$!yx5P_2TBTX@9AhB6f_%^MmwQ}&7#Tb+C2YsHcm7($8
zsb&yBK#MUs3Z~)}O8<W7UfDf+{j;)B|1FbgKHuF$YdQg=1ZnxVN4Qm3AhT~bkFv4Z
zK+8-SIPZ((42~l%=Y#gBej;dQ{oPK}xg}~G(GHU*S%K)D4PNHQkwhONXVByb94Q4P
zS~a9!<6J&hA`Op|ccF9lh-Hf)R+2@zg~bn0Tid@YxJ9DC=*^)EyXSy(VeOKt)P9U@
zkeR1DDclTVWxo)3V`cgm^kI<fQNc|_>IDy=KSNk%DWuq|4xce?@w7tz4JoK?x&Zhp
z<@-43VNh^rrH()~{)Jann*>`-6V@~d7dha{29dYx)lbzFe%%CqlH8yYm`V9Xv->*P
zAp;fYgW%<J-{UX4-Csg!*fn$(n6*~LxmLbCZofQEFMgWOwNp`9(l8NVX5Vzdk4bqb
z=&!(dQD|<jb$J2dlb$hBfla;#cBHmdLC*U|WWwpW{BwZ;?y7kPNrCaG`*<7oLe*KE
zS3WZ3;0D@WtRrob7Tiea{`(%s4peFWp0k~2La4hPRiK^lDU>$;${Xf3`RZ?+WPDLS
zE4R0@Kb$ssnGpv9#Mxi&JeB-72RJKtlqZh{frk^HDM1f=5U};q!ndBJAfdGq=fNtE
zakX(s4A11F3YLY_&>6w1<lyP{WoR$VO8#gYR4tNhV*&5b^jR|#DEotI18YjiHTO=g
z?4L-qz3-;4gnM@X?nnEpmVfJlb8lIVOe6K_=FJGRS2UuF25V{-<(!86jpx(7W$==k
zN0dS9@1`=qfo!<Si?%@{565A=T{nQ2SV=|4gJaDGGT72y^VjhHHQ6dj4aYYk>9$>m
zzb|z9{V|>$HuS30k9%@PzyG}JevlP%pgfd3&&_LpnB+g9=>fMYSSYxOG<)UQe}1{=
z!>C$_ARLjLrJMe*7vKBJ5wP#`zCONxOys`cQ$QYqsmt$!0XOj<zQTx7)a*?EB@Fxf
mBL9CN_U7;Zoq_naeP~-l^FDvW%gqDu-%Vku8=2R&AN?<N_FFIj

diff --git a/input/pagecontent/GFI-004.md b/input/pagecontent/GFI-004.md
index e69de29..957e43f 100644
--- a/input/pagecontent/GFI-004.md
+++ b/input/pagecontent/GFI-004.md
@@ -0,0 +1,197 @@
+# Scope
+
+The transaction Request Access Token is used by a client to obtain an access token from an authorization server. The client offers credentials from an holder to the authorization server which then verifies the credentials and answers with an access token that can be used to access a protected resource.
+
+In order to proof possession of the credentials, the holder uses its private key to sign a challenge provided by the verifier. This process is known as Demonstration of Proof-of-Possession (DPoP).
+
+This interaction is scoped on the interaction between two computers with not necessarily a human in the loop. Therefore the interaction is a back-channel interaction without a user-agent such as a web browser. For this reason the OAuth 2.0 Extension [RFC 7523](https://datatracker.ietf.org/doc/html/rfc7523) is used to offer the credentials in the form of a JWT assertion directly to the token endpoint without the use of a authorization request.
+
+### Actor Roles
+
+| Actor                           | Role                                                                                      |
+| ------------------------------- | ----------------------------------------------------------------------------------------- |
+| Holder (Client)                 | Requests an access token from the authorization server by offering verifiable credentials |
+| Verifier (Authorization Server) | Verifies the offered credentials and issues an access token                               |
+
+### Referenced standards
+
+- [OAuth 2.0 Authorization Framework](https://datatracker.ietf.org/doc/html/rfc6749)
+- [RFC 7523: JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants](https://datatracker.ietf.org/doc/html/rfc7523)
+- [Verifiable Credentials Data Model 1.1](https://www.w3.org/TR/2022/REC-vc-data-model-20220303/)
+- [OAuth 2.0 Demonstration of Proof-of-Possession (DPoP)](https://datatracker.ietf.org/doc/html/draft-ietf-oauth-dpop-04)
+
+### Messages
+
+1. Nonce Request
+2. Nonce Response
+3. Access Token Request
+4. Access Token Response
+
+<div>
+{% include GFI-004.svg %}
+</div>
+
+#### Nonce Request
+
+##### Trigger events
+
+- A client needs to obtain an access token from an authorization server and needs a nonce to include in the access token request.
+
+##### Message semantics
+
+The client initiates a nonce request using a HTTP POST request to the authorization server's nonce endpoint. No further parameters are required.
+
+##### Example
+
+Below is a non-normative example of a Nonce Request:
+
+```
+POST /nonce HTTP/1.1
+Host: example.com
+Content-Length: 0
+```
+
+#### Nonce Response
+
+##### Trigger events
+
+- The authorization server responds to the nonce request with a nonce that the client can use in the access token request.
+
+##### Message semantics
+
+The authorization server responds with a HTTP 200 OK response containing the nonce in the body of the response. The nonce is a random value that is used to prevent replay attacks.
+
+The nonce must be an opaque and non predictable value. Authorization server should implement a mechanism to ensure the nonce is only used once and has a limited lifetime.
+
+Due to the temporal nature of the nonce, the response should include a `Cache-Control: no-store` header to prevent caching of the nonce.
+
+##### Example
+
+Below is a non-normative example of a Nonce Response:
+
+```
+HTTP/1.1 200 OK
+Content-Type: application/json
+Cache-Control: no-store
+{
+  "nonce": "n-0S6_WzA2Mj"
+}
+```
+
+##### Expected Actions
+
+- The client extracts the nonce from the response and includes it in the access token request.
+- The authorization server stores the nonce and ensures it is only used once and has a limited lifetime.
+
+#### Access Token Request
+
+##### Trigger events
+
+- A client needs to obtain an access token from an authorization server and has obtained a nonce from the authorization server.
+
+##### Message semantics
+
+The client requests an access token from the authorization server using the OAuth 2.0 JWT bearer token flow as defined in [RFC 7523](https://datatracker.ietf.org/doc/html/rfc7523).
+
+If the client wants to bind the access token to a specific key, it can include a DPoP header in the request as defined in [OAuth 2.0 Demonstration of Proof-of-Possession (DPoP)](https://datatracker.ietf.org/doc/html/draft-ietf-oauth-dpop-04).
+
+Verifiable Credentials and Verifiable Presentations must be encoded as JWTs as defined in [Section 6.3.1 of the Verifiable Credentials Data Model 1.1](https://www.w3.org/TR/2022/REC-vc-data-model-20220303/#json-web-token).
+
+###### Request parameters
+
+The reqest must include the following information:
+
+- `grant_type`: Must be set to `urn:ietf:params:oauth:grant-type:jwt-bearer`
+- `assertion`: A JWT assertion in the form of a verifiable presentation containing the verifiable credentials offered by the holder. The JWT must be signed by the holder and the proof must contain the nonce obtained from the authorization server.
+- client_assertion: A JWT signed by the client to authenticate itself to the authorization server. The JWT is in the form of a Verifiable Presentation containing a verifiable credentials which contain the identifier of the client and its certifications/affiliations which authorizes the client to request the scopes it is requesting. Just like the `assertion` the `client_assertion` must also contain the nonce obtained from the authorization server to proof the ownership of the credentials.
+- `scope`: (Optional) A space-separated list of scopes that the client is requesting.
+
+###### Assertions
+
+**The assertion** and **the client_assertion** must include the following claims:
+
+- `iss`: The issuer of the JWT. For the `assertion` this is the identifier of the holder. For the `client_assertion` this is the identifier of the client.
+- `aud`: The audience of the JWT. This must be the identifier of the authorization server.
+- `jti`: A unique identifier for the JWT.
+- `nbf`: (Optional) The time before which the JWT must not be accepted for processing.
+- `iat`: The time at which the JWT was issued.
+- `exp`: The expiration time on or after which the JWT must not be accepted for processing.
+- `nonce`: The nonce obtained from the authorization server.
+- `vp`: The verifiable presentation containing the verifiable credentials. The `vp` claim must conform to the [Verifiable Credentials Data Model 1.0](https://www.w3.org/TR/vc-data-model/) specification.
+
+The request must be sent as a HTTP POST request to the authorization server's token endpoint with the `Content-Type` header set to `application/x-www-form-urlencoded`.
+
+##### Example
+
+Below is a non-normative example of an Access Token Request:
+
+```
+POST /token HTTP/1.1
+Host: example.com
+Content-Type: application/x-www-form-urlencoded
+grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer&
+assertion=eyJhbGciOiJFUzI1NiIsInR5c&
+client-assertion-type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer&
+client_assertion=eyJhbGciOiJFUzI1NiIsInR5c&
+scope=use-case1 use-case2
+```
+
+Below is a non-normative example of a JWT assertion in the form of a verifiable presentation:
+
+```json
+{
+  "iss": "did:example:ebfeb1f712ebc6f1c276e12ec21",
+  "jti": "urn:uuid:3978344f-8596-4c3a-a978-8fcaba3903c5",
+  "aud": "did:example:4a57546973436f6f6c4a4a57573",
+  "nbf": 1541493724,
+  "iat": 1541493724,
+  "exp": 1573029723,
+  "nonce": "n-0S6_WzA2Mj",
+  "vp": {
+    "@context": [
+      "https://www.w3.org/2018/credentials/v1",
+      "https://www.w3.org/2018/credentials/examples/v1"
+    ],
+    "type": ["VerifiablePresentation"],
+    "verifiableCredential": ["... verifiable credential ..."]
+  }
+}
+```
+
+#### Access Token Response
+
+##### Trigger events
+
+- The authorization server responds to the access token request with an access token that the client can use to access a protected resource.
+
+##### Message semantics
+
+The authorization server responds with a HTTP 200 OK response containing the access token in the body of the response. The response must include the following information:
+
+The access token is opaque to the client and the format is determined by the authorization server.
+
+If the client provided a DPoP header in the access token request, the authorization server must issue a DPoP-bound access token.
+
+- `access_token`: The access token issued by the authorization server.
+- `token_type`: The type of the token issued. Must be set to `Bearer` or `DPoP`.
+- `expires_in`: (Optional) The lifetime in seconds of the access token.
+- `scope`: (Optional) The scope of the access token.
+
+##### Example
+
+Below is a non-normative example of an Access Token Response:
+
+```
+HTTP/1.1 200 OK
+Content-Type: application/json
+{
+    "access_token": "SlAV32hkKG",
+    "token_type": "Bearer",
+    "expires_in": 3600,
+    "scope": "use-case1 use-case2"
+}
+```
+
+##### Expected Actions
+
+- The client extracts the access token from the response and uses it to access the protected resource.
diff --git a/input/pagecontent/authentication.md b/input/pagecontent/authentication.md
index 5933c0c..6464e32 100644
--- a/input/pagecontent/authentication.md
+++ b/input/pagecontent/authentication.md
@@ -73,14 +73,16 @@ The claims can be verified by the verifier without the need of a central authori
 | --------- | ----------------------------------- | ---------------------- | ----------- | --------------------------- |
 | Verifier  | Request key material [GFI-001]      | Initiator              | R           | [\[GFI-001\]](GFI-001.html) |
 |           | Request Revocation status [GFI-003] | Initiator              | R           | [\[GFI-003\]](GFI-003.html) |
-|           | Request Access Token [GFI-004]      | Responder              | R           | [GFI-004]                   |
+|           | Request Access Token [GFI-004]      | Responder              | R           | [\[GFI-004\]](GFI-004.html) |
+|           | Introspect Access Token [GFI-006]   | Responder              | O           | [GFI-006]                   |
 | Holder    | Issue Claims \[GFI-002\]            | Responder              | O           | [\[GFI-002\]](GFI-002.html) |
-|           | Request Access Token [GFI-004]      | Initiator              | R           | [GFI-004]                   |
+|           | Request Access Token [GFI-004]      | Initiator              | R           | [\[GFI-004\]](GFI-004.html) |
 |           | Authenticated Interaction [GFI-005] | Initiator              | R           | [GFI-005]                   |
 | Issuer    | Issue Claims [GFI-002]              | Initiator              | O           | [GFI-002]                   |
 |           | Request key material [GFI-001]      | Responder              | R           | [\[GFI-001\]](GFI-001.html) |
 |           | Request Revocation status [GFI-003] | Responder              | R           | [\[GFI-003\]](GFI-003.html) |
-| Custodian | Authenticated Interaction [GFI-005] | Responder              | R           | [GFI-005]                   |
+| Custodian | Authenticated Interaction [GFI-005] | Responder              | R           | [\[GFI-005\]](GFI-005.html) |
+|           | Introspect Access Token [GFI-006]   | Initiator              | O           | [GFI-006]                   |
 
 {: .grid .table-striped}
 
@@ -139,89 +141,6 @@ In order to prevent token theft, the access token must be bound to the client. T
 
 Verifiable credentials have a long lifetime, often several years. In order to be able to revoke a verifiable credential, a revocation mechanism is needed. The chosen revocation mechanism is [StatusList 2021](https://w3c-ccg.github.io/vc-status-list/), which defines a standard for revoking verifiable credentials using a bitstring. The verifier periodically retrieves (and caches) the statuslist and verifies the existance of the credential in the statuslist.
 
-##### Examples
-
-Example Verifiable Credential (VC) in JWT format:
-
-```json
-{
-  "iss": "did:web:example.com:issuer",
-  "sub": "did:web:example.com:user:alice",
-  "iat": 1516239022,
-  "exp": 1672531199,
-  "jti": "http://example.edu/credentials/3732",
-  "vc": {
-    "@context": [
-      "https://www.w3.org/2018/credentials/v1",
-      "https://www.w3.org/2018/credentials/examples/v1"
-    ],
-    "type": ["VerifiableCredential", "AlumniCredential"],
-    "credentialSubject": {
-      "id": "did:web:example.com:user:alice",
-      "alumniOf": {
-        "id": "did:web:example.com:university:example",
-        "name": [
-          {
-            "value": "Example University",
-            "lang": "en"
-          },
-          {
-            "value": "Voorbeeld Universiteit",
-            "lang": "nl"
-          }
-        ]
-      }
-    },
-    "credentialStatus": {
-      "id": "https://example.com/status/24#94567",
-      "type": "StatusList2021Entry",
-      "statusPurpose": "revocation",
-      "statusListIndex": "94567",
-      "statusListCredential": "https://example.com/status/24"
-    }
-  }
-}
-```
-
-Example of a Verifiable Presentation (VP) in JWT format:
-
-```json
-{
-  "iss": "did:web:example.com:user:alice",
-  "aud": "https://verifier.example.com",
-  "iat": 1516239022,
-  "exp": 1516239322,
-  "jti": "http://example.edu/presentations/3732",
-  "vp": {
-    "@context": [
-      "https://www.w3.org/2018/credentials/v1",
-      "https://www.w3.org/2018/credentials/examples/v1"
-    ],
-    "type": ["VerifiablePresentation"],
-    "verifiableCredential": [
-      {
-        // verifiable credential 1
-      },
-      {
-        // verifiable credential 2
-      }
-    ]
-  }
-}
-```
-
-Example of an tokenn request using RFC 7523 with a VP in the JWT Authorization Grant:
-
-```
-POST /token HTTP/1.1
-Host: oauth.example.com
-Content-Type: application/x-www-form-urlencoded
-grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer&
-assertion=eyJhbGciOiJSUzI1NiIsImtpZCI6IjIyIn0...&
-client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer&
-client_assertion=eyJhbGciOiJSUzI1NiIsImtpZCI6IjIyIn0...
-```
-
 #### Identity claims
 
 The identity claims layer defines the workings of specific identity claims.

From ede08a6a55492351b90e2d612faa8c32c6df8544 Mon Sep 17 00:00:00 2001
From: stevenvegt <steven.vandervegt@nedap.com>
Date: Fri, 3 Oct 2025 17:45:16 +0200
Subject: [PATCH 08/17] Small fixes

---
 input/pagecontent/GFI-004.md | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/input/pagecontent/GFI-004.md b/input/pagecontent/GFI-004.md
index 957e43f..0976565 100644
--- a/input/pagecontent/GFI-004.md
+++ b/input/pagecontent/GFI-004.md
@@ -2,7 +2,7 @@
 
 The transaction Request Access Token is used by a client to obtain an access token from an authorization server. The client offers credentials from an holder to the authorization server which then verifies the credentials and answers with an access token that can be used to access a protected resource.
 
-In order to proof possession of the credentials, the holder uses its private key to sign a challenge provided by the verifier. This process is known as Demonstration of Proof-of-Possession (DPoP).
+In order to proof possession of the credentials, the holder uses its private key to sign a challenge provided by the verifier in the form of a nonce.
 
 This interaction is scoped on the interaction between two computers with not necessarily a human in the loop. Therefore the interaction is a back-channel interaction without a user-agent such as a web browser. For this reason the OAuth 2.0 Extension [RFC 7523](https://datatracker.ietf.org/doc/html/rfc7523) is used to offer the credentials in the form of a JWT assertion directly to the token endpoint without the use of a authorization request.
 
@@ -108,7 +108,7 @@ The reqest must include the following information:
 
 ###### Assertions
 
-**The assertion** and **the client_assertion** must include the following claims:
+The **assertion** and the **client_assertion** must include the following properties:
 
 - `iss`: The issuer of the JWT. For the `assertion` this is the identifier of the holder. For the `client_assertion` this is the identifier of the client.
 - `aud`: The audience of the JWT. This must be the identifier of the authorization server.
@@ -166,12 +166,14 @@ Below is a non-normative example of a JWT assertion in the form of a verifiable
 
 ##### Message semantics
 
-The authorization server responds with a HTTP 200 OK response containing the access token in the body of the response. The response must include the following information:
+The verifier responds with a HTTP 200 OK response containing the access token in the body of the response.
 
 The access token is opaque to the client and the format is determined by the authorization server.
 
 If the client provided a DPoP header in the access token request, the authorization server must issue a DPoP-bound access token.
 
+The response must include the following information:
+
 - `access_token`: The access token issued by the authorization server.
 - `token_type`: The type of the token issued. Must be set to `Bearer` or `DPoP`.
 - `expires_in`: (Optional) The lifetime in seconds of the access token.

From 785359be2f0da4569ddc131f3a32a7c7c6d65f45 Mon Sep 17 00:00:00 2001
From: stevenvegt <steven.vandervegt@nedap.com>
Date: Mon, 6 Oct 2025 08:55:44 +0200
Subject: [PATCH 09/17] Add note about multitenancy to GFI-004

---
 input/pagecontent/GFI-004.md | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/input/pagecontent/GFI-004.md b/input/pagecontent/GFI-004.md
index 0976565..d8f568f 100644
--- a/input/pagecontent/GFI-004.md
+++ b/input/pagecontent/GFI-004.md
@@ -93,7 +93,9 @@ Cache-Control: no-store
 
 The client requests an access token from the authorization server using the OAuth 2.0 JWT bearer token flow as defined in [RFC 7523](https://datatracker.ietf.org/doc/html/rfc7523).
 
-If the client wants to bind the access token to a specific key, it can include a DPoP header in the request as defined in [OAuth 2.0 Demonstration of Proof-of-Possession (DPoP)](https://datatracker.ietf.org/doc/html/draft-ietf-oauth-dpop-04).
+If an authorization server is shared between multiple (care) organizations (e.t. a multi-tenant setup), the authentication server must have a path parameter or a different endpoint to identify the organization the client is requesting the access token for. The client should not have to know the internal identifier of the organization. The access token must be bound to the requested organization.
+
+If the client wants to bind the access token to a private key, it can include a DPoP header in the request as defined in [OAuth 2.0 Demonstration of Proof-of-Possession (DPoP)](https://datatracker.ietf.org/doc/html/draft-ietf-oauth-dpop-04).
 
 Verifiable Credentials and Verifiable Presentations must be encoded as JWTs as defined in [Section 6.3.1 of the Verifiable Credentials Data Model 1.1](https://www.w3.org/TR/2022/REC-vc-data-model-20220303/#json-web-token).
 
@@ -126,7 +128,7 @@ The request must be sent as a HTTP POST request to the authorization server's to
 Below is a non-normative example of an Access Token Request:
 
 ```
-POST /token HTTP/1.1
+POST /oauth/{tenant-id}/token HTTP/1.1
 Host: example.com
 Content-Type: application/x-www-form-urlencoded
 grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer&

From b7a635368827af780d61a6ebcee3590a4469f5b5 Mon Sep 17 00:00:00 2001
From: stevenvegt <steven.vandervegt@nedap.com>
Date: Mon, 6 Oct 2025 16:29:47 +0200
Subject: [PATCH 10/17] Add GFI-005 Authenticated Request

---
 input/images-source/gfi-005.plantuml |  18 +++++
 input/pagecontent/GFI-004.md         |   2 +-
 input/pagecontent/GFI-005.md         | 103 +++++++++++++++++++++++++++
 input/pagecontent/authentication.md  |  28 ++++----
 4 files changed, 136 insertions(+), 15 deletions(-)
 create mode 100644 input/images-source/gfi-005.plantuml

diff --git a/input/images-source/gfi-005.plantuml b/input/images-source/gfi-005.plantuml
new file mode 100644
index 0000000..dd06e11
--- /dev/null
+++ b/input/images-source/gfi-005.plantuml
@@ -0,0 +1,18 @@
+@startuml GFI-005
+
+skinparam roundcorner 20
+skinparam defaultFontName Arial 
+hide footbox
+
+!pragma teoz true
+
+participant  client as "Client"
+participant  RS as "Resource Server"
+
+client -> client: Create DPoP Proof
+client -> RS: Authenticated API Request
+activate RS
+RS --> client: Authenticated API Response
+deactivate RS
+
+@enduml
diff --git a/input/pagecontent/GFI-004.md b/input/pagecontent/GFI-004.md
index d8f568f..7a9b4f5 100644
--- a/input/pagecontent/GFI-004.md
+++ b/input/pagecontent/GFI-004.md
@@ -1,4 +1,4 @@
-# Scope
+### Scope
 
 The transaction Request Access Token is used by a client to obtain an access token from an authorization server. The client offers credentials from an holder to the authorization server which then verifies the credentials and answers with an access token that can be used to access a protected resource.
 
diff --git a/input/pagecontent/GFI-005.md b/input/pagecontent/GFI-005.md
index e69de29..8a1aa57 100644
--- a/input/pagecontent/GFI-005.md
+++ b/input/pagecontent/GFI-005.md
@@ -0,0 +1,103 @@
+### Scope
+
+The transaction Authenticated Interaction describes a secure and authenticated communication channel between two parties, typically a client representing a holder and a data custodian protected by the verifier. This channel is created on the application layer using a token based authentication mechanism.
+
+This interaction describes how a client can use the access token in an HTTP request to interact with a RESTful API provided by a resource server at the Custodian. To prevent token theft and replay attacks, the client uses the OAuth 2.0 Demonstration of Proof-of-Possession (DPoP) mechanism to bind the access token to a public/private key pair held by the client.
+
+### Actor Roles
+
+| Actor     | Role                                                                                                  |
+| --------- | ----------------------------------------------------------------------------------------------------- |
+| Holder    | Uses an access token to interact with a resource server at the custodian                              |
+| Custodian | Provides a RESTful API to access and manage data, protected by an access token issued by the verifier |
+
+### Referenced standards
+
+- [OAuth 2.0 Authorization Framework](https://datatracker.ietf.org/doc/html/rfc6749)
+- [OAuth 2.0 Demonstration of Proof-of-Possession (DPoP)](https://datatracker.ietf.org/doc/html/rfc9449)
+
+### Messages
+
+1. Create DPoP Proof
+2. Authenticated API Request
+3. Authenticated API Response
+
+<div>
+{% include GFI-005.svg %}
+</div>
+
+#### Create DPoP Proof
+
+##### Trigger events
+
+- A client needs to access or manage data at a custodian using a RESTful API and has obtained an access token from a verifier.
+
+##### Message semantics
+
+The client creates a DPoP proof JWT as specified in the [OAuth 2.0 Demonstration of Proof-of-Possession (DPoP)](https://datatracker.ietf.org/doc/html/rfc9449) specification. The DPoP proof JWT includes claims such as `htm` (HTTP method), `htu` (HTTP URI), `jti` (JWT ID), and `iat` (issued at time).
+
+##### Example
+
+Below is a non-normative example of a DPoP proof JWT:
+
+Header:
+
+```json
+{
+  "typ": "dpop+jwt",
+  "alg": "RS256",
+  "jwk": {
+    "kty": "RSA",
+    "e": "AQAB",
+    "n": "0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2aiAFbWhM78LhWx4cbbfAAtVT86..."
+  }
+}
+```
+
+Payload:
+
+```json
+{
+  "htm": "GET",
+  "htu": "https://custodian.example.com/fhir/Patient/123",
+  "jti": "a-123",
+  "iat": 1618884473
+}
+```
+
+#### Authenticated API Request
+
+##### Trigger events
+
+- A client needs to access or manage data at a custodian using a RESTful API and has obtained an access token from a verifier.
+
+##### Message semantics
+
+The client creates a DPoP proof JWT as specified in the [OAuth 2.0 Demonstration of Proof-of-Possession (DPoP)](https://datatracker.ietf.org/doc/html/draft-ietf-oauth-dpop-04) specification. The DPoP proof JWT includes claims such as `htm` (HTTP method), `htu` (HTTP URI), `jti` (JWT ID), and `iat` (issued at time).
+
+The Access Token must be included in the `Authorization` header as a DPoP token, and the DPoP proof JWT must be included in the `DPoP` header of the HTTP request.
+
+##### Example
+
+Below is a non-normative example of an Authenticated API Request:
+
+```
+GET /fhir/Patient/123 HTTP/1.1
+Host: custodian.example.com
+Authorization: DPoP eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...
+DPoP: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...
+```
+
+#### Authenticated API Response
+
+##### Trigger events
+
+- The custodian processes the authenticated API request and responds with the requested data or an appropriate status
+
+##### Message semantics
+
+The resource server verifies the DPoP proof and the access token included in the request. If the verification is successful and the access token is valid, the custodian processes the request accordingly and responds with the requested data or a status message.
+
+##### Expected Actions
+
+The resource server should store the `jti` claim from the DPoP proof until it expires, to prevent replay attacks.
diff --git a/input/pagecontent/authentication.md b/input/pagecontent/authentication.md
index 6464e32..5091ed5 100644
--- a/input/pagecontent/authentication.md
+++ b/input/pagecontent/authentication.md
@@ -69,20 +69,20 @@ The claims can be verified by the verifier without the need of a central authori
 
 **Table 7.2-1: GF Authentication - Actors and Transactions**
 
-| Actor     | Transaction                         | Initiator or Responder | Optionality | Reference                   |
-| --------- | ----------------------------------- | ---------------------- | ----------- | --------------------------- |
-| Verifier  | Request key material [GFI-001]      | Initiator              | R           | [\[GFI-001\]](GFI-001.html) |
-|           | Request Revocation status [GFI-003] | Initiator              | R           | [\[GFI-003\]](GFI-003.html) |
-|           | Request Access Token [GFI-004]      | Responder              | R           | [\[GFI-004\]](GFI-004.html) |
-|           | Introspect Access Token [GFI-006]   | Responder              | O           | [GFI-006]                   |
-| Holder    | Issue Claims \[GFI-002\]            | Responder              | O           | [\[GFI-002\]](GFI-002.html) |
-|           | Request Access Token [GFI-004]      | Initiator              | R           | [\[GFI-004\]](GFI-004.html) |
-|           | Authenticated Interaction [GFI-005] | Initiator              | R           | [GFI-005]                   |
-| Issuer    | Issue Claims [GFI-002]              | Initiator              | O           | [GFI-002]                   |
-|           | Request key material [GFI-001]      | Responder              | R           | [\[GFI-001\]](GFI-001.html) |
-|           | Request Revocation status [GFI-003] | Responder              | R           | [\[GFI-003\]](GFI-003.html) |
-| Custodian | Authenticated Interaction [GFI-005] | Responder              | R           | [\[GFI-005\]](GFI-005.html) |
-|           | Introspect Access Token [GFI-006]   | Initiator              | O           | [GFI-006]                   |
+| Actor     | Transaction                                           | Initiator or Responder | Optionality | Reference                   |
+| --------- | ----------------------------------------------------- | ---------------------- | ----------- | --------------------------- |
+| Verifier  | Request key material [GFI-001]                        | Initiator              | R           | [\[GFI-001\]](GFI-001.html) |
+|           | Request Revocation status [GFI-003]                   | Initiator              | R           | [\[GFI-003\]](GFI-003.html) |
+|           | Request Access Token [GFI-004]                        | Responder              | R           | [\[GFI-004\]](GFI-004.html) |
+|           | Introspect Access Token [GFI-006]                     | Responder              | O           | [GFI-006]                   |
+| Holder    | Issue Claims \[GFI-002\]                              | Responder              | O           | [\[GFI-002\]](GFI-002.html) |
+|           | Request Access Token [GFI-004]                        | Initiator              | R           | [\[GFI-004\]](GFI-004.html) |
+|           | Authenticated Interaction [\[GFI-005\]](GFI-005.html) | Initiator              | R           | [GFI-005]                   |
+| Issuer    | Issue Claims [GFI-002]                                | Initiator              | O           | [GFI-002]                   |
+|           | Request key material [GFI-001]                        | Responder              | R           | [\[GFI-001\]](GFI-001.html) |
+|           | Request Revocation status [GFI-003]                   | Responder              | R           | [\[GFI-003\]](GFI-003.html) |
+| Custodian | Authenticated Interaction [GFI-005]                   | Responder              | R           | [\[GFI-005\]](GFI-005.html) |
+|           | Introspect Access Token [GFI-006]                     | Initiator              | O           | [GFI-006]                   |
 
 {: .grid .table-striped}
 

From 534bd68e8fab92029cb8a198906c9689cde8fca8 Mon Sep 17 00:00:00 2001
From: stevenvegt <steven.vandervegt@nedap.com>
Date: Tue, 7 Oct 2025 10:58:52 +0200
Subject: [PATCH 11/17] Add GFI-006 Token introspection

---
 input/images-source/gfi-006.plantuml |  16 +++
 input/pagecontent/GFI-006.md         | 164 +++++++++++++++++++++++++++
 input/pagecontent/authentication.md  |  28 ++---
 sushi-config.yaml                    |  13 ++-
 4 files changed, 202 insertions(+), 19 deletions(-)
 create mode 100644 input/images-source/gfi-006.plantuml
 create mode 100644 input/pagecontent/GFI-006.md

diff --git a/input/images-source/gfi-006.plantuml b/input/images-source/gfi-006.plantuml
new file mode 100644
index 0000000..3e94515
--- /dev/null
+++ b/input/images-source/gfi-006.plantuml
@@ -0,0 +1,16 @@
+@startuml GFI-006
+
+skinparam roundcorner 20
+skinparam defaultFontName Arial 
+hide footbox
+autoactivate on
+
+!pragma teoz true
+
+participant RS as "Resource Server"
+participant AS as "Verifier"
+
+RS -> AS: Introspect Access Token Request
+AS --> RS: Introspect Access Token Response
+
+@enduml
diff --git a/input/pagecontent/GFI-006.md b/input/pagecontent/GFI-006.md
new file mode 100644
index 0000000..0546f93
--- /dev/null
+++ b/input/pagecontent/GFI-006.md
@@ -0,0 +1,164 @@
+### Scope
+
+The transaction Introspect Access Token allows a resource server (Custodian) to validate and obtain metadata about an access token issued by an authorization server (Verifier).
+
+The introspection returns the active state of the token along with additional the identity claims associated with the token. This information can be used by the resource server down stream during the authorization decision.
+
+The introspection transaction is added so the access token format can be opaque to the resource server. This allows the authorization server to use any token format, including self-contained tokens such as JWTs, without requiring the resource server to understand the token format.
+
+In case the access token is a self-contained token such as a JWT, the resource server can validate the token locally without needing to call the introspection endpoint. However, the resource server needs to be able to validate the token signature and parse the token claims which adds complexity and duplicates logic that is already present in the authorization server.
+
+### Actor Roles
+
+| Actor     | Role                                                                                            |
+| --------- | ----------------------------------------------------------------------------------------------- |
+| Custodian | Validates the access token and retrieves metadata about the token from the authorization server |
+| Verifier  | Provides an introspection endpoint to validate access tokens and return associated metadata     |
+
+### Referenced standards
+
+- [OAuth 2.0 Authorization Framework](https://datatracker.ietf.org/doc/html/rfc6749)
+- [OAuth 2.0 Token Introspection](https://datatracker.ietf.org/doc/html/rfc7662)
+- [OAuth 2.0 Demonstration of Proof-of-Possession (DPoP)](https://datatracker.ietf.org/doc/html/rfc9449)
+
+### Messages
+
+1. Introspect Access Token Request
+2. Introspect Access Token Response
+
+<div>
+{% include GFI-006.svg %}
+</div>
+
+#### Introspect Access Token Request
+
+##### Trigger events
+
+- A resource server (Custodian) needs to validate an access token presented by a client (Holder) and obtain metadata about the token and identity claims of the holder.
+
+##### Message semantics
+
+The resource server initiates an introspect access token request using a HTTP POST request to the authorization server's introspection endpoint. The request includes the access token to be introspected.
+
+##### Example
+
+Below is a non-normative example of an Introspect Access Token Request:
+
+```
+POST /introspect HTTP/1.1
+Host: example.com
+Content-Type: application/x-www-form-urlencoded
+
+token=Kz~8mXK1EalYznwH-LC-1fBAo.4Ljp~zsPE_NeO.gxU
+```
+
+#### Introspect Access Token Response
+
+##### Trigger events
+
+- The authorization server responds to the introspect access token request with the active state of the token and associated metadata.
+
+##### Message semantics
+
+The authorization server responds with a HTTP 200 OK response containing a JSON object in the body of the response. The JSON object includes an `active` boolean field indicating whether the token is valid.
+
+The `iss` must be the decentralized identifier (DID) of the authorization server.
+The `aud` must be the decentralized identifier (DID) of the custodian.
+
+For a DPoP bound access token, the response also includes a `cnf` claim containing the public key information that can be used to verify the DPoP proof presented by the client as defined in [Section 6.2 of RFC 9449](https://datatracker.ietf.org/doc/html/rfc9449#section-6.2).
+
+The response may also include the identity claims associated with the token in the `assertions` a `client_assertions` properties. Claims are grouped by subject and each claim has an array of objects with the metadata of the claim, such as the issuer, validity period and the actual claim value.
+
+##### Example
+
+Below is a non-normative example of an Introspect Access Token Response:
+
+```
+HTTP/1.1 200 OK
+Content-Type: application/json
+Cache-Control: no-store
+Pragma: no-cache
+{
+  "active": true,
+  "scope": "read write",
+  "token_type": "DPoP",
+  "exp": 1419356238,
+  "iat": 1419350238,
+  "nbf": 1419350238,
+  "aud": "did:web:custodian.example.com",
+  "iss": "did:web:verifier.example.com",
+  "jti": "123e4567-e89b-12d3-a456-426614174000",
+  "cnf": {
+    "jkt": "0ZcOCORZNYy-DWpqq30jZyJGHTN0d2HglBV3uiguA4I"
+  },
+  "assertions": {
+    "did:web:example.com:users:john": {
+      "name": [{
+        "value": "John Doe",
+        "iss": "https://issuer.example.com",
+        "iat": 1618884473,
+        "exp": 1672531199
+      }],
+      "email": [{
+        "value": "john@example.com",
+        "iss": "https://issuer.example.com",
+        "iat": 1618884473,
+        "exp": 1672531199
+      },{
+        "value": "john.doe@other.example.com",
+        "iss": "https://other-issuer.example.com",
+        "iat": 1618884473,
+        "exp": 1672531199
+      }]
+    },
+    "did:web:org.example.com": {
+      "identifier": [{
+        "value": {
+            "type": "Organization",
+            "name": "Example Org",
+            "registrationNumber": "123456789"
+        },
+        "iss": "https://issuer.example.com",
+        "iat": 1618884473,
+        "exp": 1672531199
+      }]
+    }
+  },
+  "client_assertions": {
+    "did:web:example.com:apps:myapp": {
+      "app_id": [{
+         "value": "myapp",
+         "iss": "https://auth.example.com",
+         "iat": 1618884473,
+         "exp": 1672531199
+      }],
+      "certification": [{
+        "value": "UseCase1,UseCase2",
+        "iss": "https://auth.example.com",
+        "iat": 1618884473,
+        "exp": 1672531199
+      }]
+    }
+  }
+}
+```
+
+##### Expected actions
+
+###### Response Handling
+
+**Case 1**: The access token is valid.
+`HTTP 200` (OK) is returned as the HTTP status code.
+The response body contains a JSON object with the `active` field set to `true` and additional metadata about the token and identity claims.
+
+**Case 2**: The access token is invalid or expired.
+`HTTP 200` (OK) is returned as the HTTP status code.
+The response body contains a JSON object with the `active` field set to `false`. Other
+fields may be omitted or set to `null`.
+**Case 3**: The introspection request is malformed or missing required parameters.
+`HTTP 400` (Bad Request) is returned as the HTTP status code.
+The response body contains an error message indicating the issue with the request.
+
+###### DPoP Proof Validation
+
+The authorization server does not check the validity of the DPoP proof. The resource server must validate the DPoP proof seperately by checking the `cnf.jkt` claim in the introspection response against the DPoP proof presented by the client. This claim contains the JWK thumbprint of the public key used to sign the DPoP proof. The resource server must ensure that the `jkt` value matches the thumbprint of the public key in the DPoP proof to confirm that the client possesses the private key corresponding to the public key.
diff --git a/input/pagecontent/authentication.md b/input/pagecontent/authentication.md
index 5091ed5..2a56fec 100644
--- a/input/pagecontent/authentication.md
+++ b/input/pagecontent/authentication.md
@@ -69,20 +69,20 @@ The claims can be verified by the verifier without the need of a central authori
 
 **Table 7.2-1: GF Authentication - Actors and Transactions**
 
-| Actor     | Transaction                                           | Initiator or Responder | Optionality | Reference                   |
-| --------- | ----------------------------------------------------- | ---------------------- | ----------- | --------------------------- |
-| Verifier  | Request key material [GFI-001]                        | Initiator              | R           | [\[GFI-001\]](GFI-001.html) |
-|           | Request Revocation status [GFI-003]                   | Initiator              | R           | [\[GFI-003\]](GFI-003.html) |
-|           | Request Access Token [GFI-004]                        | Responder              | R           | [\[GFI-004\]](GFI-004.html) |
-|           | Introspect Access Token [GFI-006]                     | Responder              | O           | [GFI-006]                   |
-| Holder    | Issue Claims \[GFI-002\]                              | Responder              | O           | [\[GFI-002\]](GFI-002.html) |
-|           | Request Access Token [GFI-004]                        | Initiator              | R           | [\[GFI-004\]](GFI-004.html) |
-|           | Authenticated Interaction [\[GFI-005\]](GFI-005.html) | Initiator              | R           | [GFI-005]                   |
-| Issuer    | Issue Claims [GFI-002]                                | Initiator              | O           | [GFI-002]                   |
-|           | Request key material [GFI-001]                        | Responder              | R           | [\[GFI-001\]](GFI-001.html) |
-|           | Request Revocation status [GFI-003]                   | Responder              | R           | [\[GFI-003\]](GFI-003.html) |
-| Custodian | Authenticated Interaction [GFI-005]                   | Responder              | R           | [\[GFI-005\]](GFI-005.html) |
-|           | Introspect Access Token [GFI-006]                     | Initiator              | O           | [GFI-006]                   |
+| Actor     | Transaction                             | Initiator or Responder | Optionality | Reference                   |
+| --------- | --------------------------------------- | ---------------------- | ----------- | --------------------------- |
+| Verifier  | Request key material [GFI-001]          | Initiator              | R           | [\[GFI-001\]](GFI-001.html) |
+|           | Request Revocation status [GFI-003]     | Initiator              | R           | [\[GFI-003\]](GFI-003.html) |
+|           | Request Access Token [GFI-004]          | Responder              | R           | [\[GFI-004\]](GFI-004.html) |
+|           | Introspect Access Token [GFI-006]       | Responder              | O           | [\[GFI-006\]](GFI-006.html) |
+| Holder    | Issue Claims \[GFI-002\]                | Responder              | O           | [\[GFI-002\]](GFI-002.html) |
+|           | Request Access Token [GFI-004]          | Initiator              | R           | [\[GFI-004\]](GFI-004.html) |
+|           | Authenticated Interaction [\[GFI-005\]] | Initiator              | R           | [\[GFI-005\]](GFI-005.html) |
+| Issuer    | Issue Claims [GFI-002]                  | Initiator              | O           | [\[GFI-002\]](GFI-002.html) |
+|           | Request key material [GFI-001]          | Responder              | R           | [\[GFI-001\]](GFI-001.html) |
+|           | Request Revocation status [GFI-003]     | Responder              | R           | [\[GFI-003\]](GFI-003.html) |
+| Custodian | Authenticated Interaction [GFI-005]     | Responder              | R           | [\[GFI-005\]](GFI-005.html) |
+|           | Introspect Access Token [GFI-006]       | Initiator              | O           | [\[GFI-006\]](GFI-006.html) |
 
 {: .grid .table-striped}
 
diff --git a/sushi-config.yaml b/sushi-config.yaml
index 55a70a2..296749f 100644
--- a/sushi-config.yaml
+++ b/sushi-config.yaml
@@ -59,19 +59,22 @@ pages:
   index.md:
     title: Home
   GFI-001.md:
-    title: 7:2.1 Request key material [GFI-001]
+    title: Request key material [GFI-001]
     generation: markdown
   GFI-002.md:
-    title: 7:2.2 Issue Claims [GFI-002]
+    title: Issue Claims [GFI-002]
     generation: markdown
   GFI-003.md:
-    title: 7:2.3 Request Revocation status [GFI-003]
+    title: Request Revocation status [GFI-003]
     generation: markdown
   GFI-004.md:
-    title: 7:2.4 Request Access Token [GFI-004]
+    title: Request Access Token [GFI-004]
     generation: markdown
   GFI-005.md:
-    title: 7:2.5 Authenticated Interaction [GFI-005]
+    title: Authenticated Interaction [GFI-005]
+    generation: markdown
+  GFI-006.md:
+    title: Token introspection [GFI-006]
     generation: markdown
 
   care-services.md:

From 6c58b77e8588a185d343e40604248b39a04b6a61 Mon Sep 17 00:00:00 2001
From: stevenvegt <steven.vandervegt@nedap.com>
Date: Tue, 7 Oct 2025 11:13:39 +0200
Subject: [PATCH 12/17] Fix TOC with subpages of Authz

---
 sushi-config.yaml | 36 ++++++++++++++++++------------------
 1 file changed, 18 insertions(+), 18 deletions(-)

diff --git a/sushi-config.yaml b/sushi-config.yaml
index 296749f..922fd43 100644
--- a/sushi-config.yaml
+++ b/sushi-config.yaml
@@ -58,24 +58,6 @@ publisher:
 pages:
   index.md:
     title: Home
-  GFI-001.md:
-    title: Request key material [GFI-001]
-    generation: markdown
-  GFI-002.md:
-    title: Issue Claims [GFI-002]
-    generation: markdown
-  GFI-003.md:
-    title: Request Revocation status [GFI-003]
-    generation: markdown
-  GFI-004.md:
-    title: Request Access Token [GFI-004]
-    generation: markdown
-  GFI-005.md:
-    title: Authenticated Interaction [GFI-005]
-    generation: markdown
-  GFI-006.md:
-    title: Token introspection [GFI-006]
-    generation: markdown
 
   care-services.md:
     title: Care Services Directory
@@ -94,6 +76,24 @@ pages:
 
   authentication.md:
     title: Authentication
+    GFI-001.md:
+      title: Request key material [GFI-001]
+      generation: markdown
+    GFI-002.md:
+      title: Issue Claims [GFI-002]
+      generation: markdown
+    GFI-003.md:
+      title: Request Revocation status [GFI-003]
+      generation: markdown
+    GFI-004.md:
+      title: Request Access Token [GFI-004]
+      generation: markdown
+    GFI-005.md:
+      title: Authenticated Interaction [GFI-005]
+      generation: markdown
+    GFI-006.md:
+      title: Token introspection [GFI-006]
+      generation: markdown
 
   authorization.md:
     title: Authorization

From 0db84f29d4f0201f5b2a605eed02516293859e35 Mon Sep 17 00:00:00 2001
From: Roland Groen <roland@headease.nl>
Date: Tue, 7 Oct 2025 11:50:27 +0200
Subject: [PATCH 13/17] Fix typo in authorization documentation: corrected
 "General Practioner" to "General Practitioner" and aligned diagram text
 accordingly.

---
 input/pagecontent/authorization.md | 52 +++++++++++++++---------------
 1 file changed, 26 insertions(+), 26 deletions(-)

diff --git a/input/pagecontent/authorization.md b/input/pagecontent/authorization.md
index 7a00835..5d4eb98 100644
--- a/input/pagecontent/authorization.md
+++ b/input/pagecontent/authorization.md
@@ -16,13 +16,13 @@ A Care Plan is created by the Care Plan Service as the owner of a CarePlan. As t
          │                              
          │                              
      ┌───┴────┐                         
-     │CarePlan┼───────────┬────────┐    
-     └───┬────┘           │        │    
-         │CPS             │CPC     │CPC 
-         │                │        │    
-┌────────┴─────────┐ ┌────┴───┐ ┌──┴───┐
-│General Practioner│ │Hospital│ │Physio│
-└──────────────────┘ └────────┘ └──────┘
+     │CarePlan┼─────────────┬────────┐    
+     └───┬────┘             │        │    
+         │CPS               │CPC     │CPC 
+         │                  │        │    
+┌────────┴───────────┐ ┌────┴───┐ ┌──┴───┐
+│General Practitioner│ │Hospital│ │Physio│
+└────────────────────┘ └────────┘ └──────┘
 ```
 ### A single context of care
 A Care Plan is bound to one single context, in the sense that, CSP assumes that all members of the CT are always allowed to access all relevant data. In the case they are not allowed to access all relevant data, they should not be part of the CT. This that case, a different CP should be created. If a patient is referred to another organization that should not have access to all relevant data of the patient, another (nested) CP should be created.
@@ -34,25 +34,25 @@ A Care Plan is bound to one single context, in the sense that, CSP assumes that
 │           │                              
 │           │                              
 │       ┌───┴────┐                         
-│       │CarePlan┼───────────┬────────┐    
-│       └───┬────┘           │        │    
-│           │CPS             │CPC     │CPC 
-│           │                │        │    
-│  ┌────────┴─────────┐ ┌────┴───┐ ┌──┴───┐
-│  │General Practioner│ │Hospital│ │Physio│
-│  └──────────────────┘ └────┬───┘ └──────┘
-│                            │             
-│                            │CPS          
-│                            │             
-│                    ┌───────┴───────┐     
-└────────────────────┼Nested CarePlan│     
-                     └───────┬───────┘     
-                             │             
-                             │CPC          
-                      ┌──────┴──────┐      
-                      │Mental health│      
-                      │care provider│      
-                      └─────────────┘      
+│       │CarePlan┼─────────────┬────────┐    
+│       └───┬────┘             │        │    
+│           │CPS               │CPC     │CPC 
+│           │                  │        │    
+│  ┌────────┴───────────┐ ┌────┴───┐ ┌──┴───┐
+│  │General Practitioner│ │Hospital│ │Physio│
+│  └────────────────────┘ └────┬───┘ └──────┘
+│                              │             
+│                              │CPS          
+│                              │             
+│                      ┌───────┴───────┐     
+└──────────────────────┼Nested CarePlan│     
+                       └───────┬───────┘     
+                               │             
+                               │CPC          
+                        ┌──────┴──────┐      
+                        │Mental health│      
+                        │care provider│      
+                        └─────────────┘      
 ```
 
 ### Model of Patients' consent

From 79203ce93ddddb7f6c9d35400cf0744d8695153a Mon Sep 17 00:00:00 2001
From: stevenvegt <steven.vandervegt@nedap.com>
Date: Fri, 10 Oct 2025 10:46:31 +0200
Subject: [PATCH 14/17] Fix typos

---
 input/pagecontent/GFI-006.md        |  2 +-
 input/pagecontent/authentication.md | 24 ++++++++++++------------
 2 files changed, 13 insertions(+), 13 deletions(-)

diff --git a/input/pagecontent/GFI-006.md b/input/pagecontent/GFI-006.md
index 0546f93..7b8b192 100644
--- a/input/pagecontent/GFI-006.md
+++ b/input/pagecontent/GFI-006.md
@@ -161,4 +161,4 @@ The response body contains an error message indicating the issue with the reques
 
 ###### DPoP Proof Validation
 
-The authorization server does not check the validity of the DPoP proof. The resource server must validate the DPoP proof seperately by checking the `cnf.jkt` claim in the introspection response against the DPoP proof presented by the client. This claim contains the JWK thumbprint of the public key used to sign the DPoP proof. The resource server must ensure that the `jkt` value matches the thumbprint of the public key in the DPoP proof to confirm that the client possesses the private key corresponding to the public key.
+The authorization server does not check the validity of the DPoP proof. The resource server must validate the DPoP proof separately by checking the `cnf.jkt` claim in the introspection response against the DPoP proof presented by the client. This claim contains the JWK thumbprint of the public key used to sign the DPoP proof. The resource server must ensure that the `jkt` value matches the thumbprint of the public key in the DPoP proof to confirm that the client possesses the private key corresponding to the public key.
diff --git a/input/pagecontent/authentication.md b/input/pagecontent/authentication.md
index 2a56fec..82cdf07 100644
--- a/input/pagecontent/authentication.md
+++ b/input/pagecontent/authentication.md
@@ -20,7 +20,7 @@ There exists a multitude of authentication solutions, therefore it is important
 - Peer-2-peer trust which allows direct interactions between the involved parties without involvement of a third party
 - No single point of failure
 - Privacy by design
-- Securty by design
+- Security by design
 - Support for leveraging existing identity solutions
 
 #### Terminology
@@ -44,7 +44,7 @@ Throughout this document the following terminology is used:
 
 #### Problem overview
 
-A tipical scenario in healthcare is that a healthcare professional needs to access a resource (e.g. patient data) which is located at a different organisation (e.g. a hospital).
+A typical scenario in healthcare is that a healthcare professional needs to access a resource (e.g. patient data) which is located at a different organisation (e.g. a hospital).
 In the Netherlands, the custodian of the patient data is by law forbidden to share the data with third parties. Several exceptions to that rule exists. One responsibility of the custodian is to ensure that the requesting party is authorized to access the data. In order to do so, the custodian needs to verify the identity of the requesting party.
 
 In practice, many of these data exchanges are not done directly between the healthcare professionals, but between computers and systems. Often these systems are operated by vendors on behalf of the care organisations.
@@ -60,7 +60,7 @@ The custodian needs to verify the identity of the requesting healthcare professi
 ### Solution overview
 
 The solution is based on exchanging verifiable identity claims between the involved parties.
-The claims can be flexibily combined to form a complete identity for a specific use-case.
+The claims can be flexibly combined to form a complete identity for a specific use-case.
 The claims can be verified by the verifier without the need of a central authority, using cryptographic techniques.
 
 #### Actors and Transactions
@@ -111,7 +111,7 @@ Once an entity has a verifiable identifier, it can use this identifier to link n
 
 ##### Choice of self-certifying identifier
 
-The chosen solotion for the trust layer is the [Decentralized Identifiers v1.0 standard](https://www.w3.org/TR/did-1.0/) with the [did:web method](https://w3c-ccg.github.io/did-method-web/). This method uses a domain name as the identifier. The domain name is owned by the entity and ownership can be verified by the verifier by resolving the public key hosted at the domain. This method is secured by DNSSEC and HTTPS which gearentees the domainname resolves to the correct webservice and the traffic is not altered.
+The chosen solution for the trust layer is the [Decentralized Identifiers v1.0 standard](https://www.w3.org/TR/did-1.0/) with the [did:web method](https://w3c-ccg.github.io/did-method-web/). This method uses a domain name as the identifier. The domain name is owned by the entity and ownership can be verified by the verifier by resolving the public key hosted at the domain. This method is secured by DNSSEC and HTTPS which guarantees the domainname resolves to the correct webservice and the traffic is not altered.
 
 #### Peer-to-peer layer
 
@@ -121,7 +121,7 @@ The peer-to-peer layer defines the protocols and mechanisms to establish a secur
 
 Each entity needs a digital agent to act on its behalf. The digital agent is responsible for managing the SCID, establishing secure communication channels with other parties, receiving and presenting identity claims.
 
-This layer describes the protocols and data standards which can be used between the digital agents of the involved parties to aqcuire, present, and verify identity claims.
+This layer describes the protocols and data standards which can be used between the digital agents of the involved parties to acquire, present, and verify identity claims.
 
 The identifier of the underlaying trust layer is not that useful by itself. But when it is combined with identity claims it becomes useful. Identity claims are statements about an entity that can be used to verify its identity in a specific context. By combining the SCID with identity claims, an entity can prove the ownership of the claims.
 
@@ -129,17 +129,17 @@ The identifier of the underlaying trust layer is not that useful by itself. But
 
 The dataformat to express identity claims is the [Verifiable Credentials Data Model 1.1](https://www.w3.org/TR/vc-data-model/). This standard defines how to express claims in a cryptographically verifiable way. The claims can be issued by an issuer and presented by a holder to a verifier.
 
-To prove the ownership of a set of claims, the holder can create a [Verifiable Presentation](https://www.w3.org/TR/vc-data-model/#presentations-0) which contains one or more verifiable credentials. The verifiable presentation is signed by the holder key (which can be resolved using the method defined by the trusr layer) and can be verified by the verifier.
+To prove the ownership of a set of claims, the holder can create a [Verifiable Presentation](https://www.w3.org/TR/vc-data-model/#presentations-0) which contains one or more verifiable credentials. The verifiable presentation is signed by the holder key (which can be resolved using the method defined by the trust layer) and can be verified by the verifier.
 
-Verifiable credentials and presentations can be expressed in different formats. We here choose to use the JWT format, because it is widely used and supported by many libraries and tools and is comparetible with existing OAuth 2.0 and OpenID Connect implementations.
+Verifiable credentials and presentations can be expressed in different formats. We here choose to use the JWT format, because it is widely used and supported by many libraries and tools and is compatible with existing OAuth 2.0 and OpenID Connect implementations.
 
 The protocol to request and issue verifiable credentials is [OpenID Connect for Verifiable Credential Issuance (OIDC4VCI)](https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html). This protocol is based on OpenID Connect and OAuth 2.0 and defines how to request and issue verifiable credentials between a digital agent and an authoritative registry.
 
 The protocol to request access tokens is based on [RFC 7523](https://www.rfc-editor.org/rfc/rfc7523), an extension to the OAuth 2.x standard, which defines how to request access tokens using a JWT Authorization Grant combined with a Client Authentication assertion. The JWT Authorization Grant contains a Verifiable Presentation with the required identity claims. The Client Authentication assertion contains the identity of the client according, issued by an authoritative registry.
 
-In order to prevent token theft, the access token must be bound to the client. This can be done using [DPoP (Demonstrating Proof-of-Possession at the Application Layer)](https://datatracker.ietf.org/doc/html/draft-ietf-oauth-dpop). DPoP is a mechanism to bind an access token to a private key, which is used to sign an aditional DPoP access token which is uniquely created for each request to the resource server.
+In order to prevent token theft, the access token must be bound to the client. This can be done using [DPoP (Demonstrating Proof-of-Possession at the Application Layer)](https://datatracker.ietf.org/doc/html/draft-ietf-oauth-dpop). DPoP is a mechanism to bind an access token to a private key, which is used to sign an additional DPoP access token which is uniquely created for each request to the resource server.
 
-Verifiable credentials have a long lifetime, often several years. In order to be able to revoke a verifiable credential, a revocation mechanism is needed. The chosen revocation mechanism is [StatusList 2021](https://w3c-ccg.github.io/vc-status-list/), which defines a standard for revoking verifiable credentials using a bitstring. The verifier periodically retrieves (and caches) the statuslist and verifies the existance of the credential in the statuslist.
+Verifiable credentials have a long lifetime, often several years. In order to be able to revoke a verifiable credential, a revocation mechanism is needed. The chosen revocation mechanism is [StatusList 2021](https://w3c-ccg.github.io/vc-status-list/), which defines a standard for revoking verifiable credentials using a bitstring. The verifier periodically retrieves (and caches) the statuslist and verifies the existence of the credential in the statuslist.
 
 #### Identity claims
 
@@ -150,7 +150,7 @@ These claims are usual managed by existing governance structures such as profess
 
 The identity claims layer can be seen as the "Identification" part of the Generic Funtion "Identification & Authentication".
 
-This layer describes the information in the specific claim such as its schema. The isuer or issuers that are authorized to issue the claim and the trust framework in which the claim can be used.
+This layer describes the information in the specific claim such as its schema. The issuer or issuers that are authorized to issue the claim and the trust framework in which the claim can be used.
 It also describes the assurance levels and the lifecycle of the claim.
 
 In order for use-case designers to choose from the available claims, a repository is needed that keeps track of the all available claims, their properties and governance bodies.
@@ -222,7 +222,7 @@ The following steps are required to establish the identity of a healthcare organ
 ##### Setup for organisations
 
 - Choose a identity wallet provider
-- Acuire identity claims
+- Acquire identity claims
 - Choose a vendor and authorize it to act on your behalf for a specific use-case
 - Issue relationship credentials to each healthcare professional
 
@@ -264,7 +264,7 @@ In the context of a use-case, several identity claims are required to be present
 - The resource server verifies the token status
 - The resource server verifies the identity claims and the relationships
 
-### Sercurity considerations
+### Security considerations
 
 #### Token binding
 

From a51715440af18f276b8819f9aa8ee474f892f2f4 Mon Sep 17 00:00:00 2001
From: stevenvegt <steven.vandervegt@nedap.com>
Date: Fri, 10 Oct 2025 10:48:17 +0200
Subject: [PATCH 15/17] Fix typo

---
 input/pagecontent/GFI-001.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/input/pagecontent/GFI-001.md b/input/pagecontent/GFI-001.md
index 8992704..de12c1b 100644
--- a/input/pagecontent/GFI-001.md
+++ b/input/pagecontent/GFI-001.md
@@ -33,7 +33,7 @@ A verifier needs to verify the authenticity of a signature on a verifiable crede
 ##### Message semantics
 
 A verifier initiates a resolve DID document request using a HTTP GET request to the DID web url. No further parameters are required.
-The DID web url is constructed followint the rules as defined in the [DID Web Method](https://w3c-ccg.github.io/did-method-web/).
+The DID web url is constructed following the rules as defined in the [DID Web Method](https://w3c-ccg.github.io/did-method-web/).
 
 ##### Example
 

From 6e3dced0a6e341f7c7d66f4a0902d68cff46f97a Mon Sep 17 00:00:00 2001
From: stevenvegt <steven.vandervegt@nedap.com>
Date: Fri, 10 Oct 2025 10:58:15 +0200
Subject: [PATCH 16/17] Fix typos

---
 input/pagecontent/GFI-004.md        | 2 +-
 input/pagecontent/authentication.md | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/input/pagecontent/GFI-004.md b/input/pagecontent/GFI-004.md
index 7a9b4f5..6232418 100644
--- a/input/pagecontent/GFI-004.md
+++ b/input/pagecontent/GFI-004.md
@@ -101,7 +101,7 @@ Verifiable Credentials and Verifiable Presentations must be encoded as JWTs as d
 
 ###### Request parameters
 
-The reqest must include the following information:
+The request must include the following information:
 
 - `grant_type`: Must be set to `urn:ietf:params:oauth:grant-type:jwt-bearer`
 - `assertion`: A JWT assertion in the form of a verifiable presentation containing the verifiable credentials offered by the holder. The JWT must be signed by the holder and the proof must contain the nonce obtained from the authorization server.
diff --git a/input/pagecontent/authentication.md b/input/pagecontent/authentication.md
index 82cdf07..484f5f1 100644
--- a/input/pagecontent/authentication.md
+++ b/input/pagecontent/authentication.md
@@ -6,7 +6,7 @@ The verified identity is often used downstream for authorization and accounting
 
 #### Requirements
 
-There exists a multitude of authentication solutions, therefore it is important to define the requirements for a authentication in the context of healthcare. The requirements are:
+There exists a multitude of authentication solutions, therefore it is important to define the requirements for authentication in the context of healthcare. The requirements are:
 
 - Work with identity claims from the authoritative sources
 - Support combinations of identity claims from different trusted issuers
@@ -99,7 +99,7 @@ Because authentication is a complex topic, this IG tries to structure the soluti
 
 ##### Overview
 
-The trust layer defines techniques and governance to establish trust between entities. Each entity needs an to be referenced by an identifier.
+The trust layer defines techniques and governance to establish trust between entities. Each entity needs to be referenced by an identifier.
 In order to establish trust into an entity, a verifier must be able to verify the ownership of the identifier by the entity. Some identifiers are easier to verify than other. Identifiers that can be verified are called verifiable identifiers (VIDs).
 How a verifier can verify a VID depends on the type of identifier.
 Identifiers can either be externally verified by an authority (XVIDs), or self-certifying (SCIDs). Many identifiers we know are externally verified, such as your phone number or bank account.
@@ -148,7 +148,7 @@ Identity claims contain information about the entity such as its name, role, and
 Identity claims can also be identifiers which can not be self-certified.
 These claims are usual managed by existing governance structures such as professional branches and governmental bodies. A chamber of commerce number is an result of such a governance structure.
 
-The identity claims layer can be seen as the "Identification" part of the Generic Funtion "Identification & Authentication".
+The identity claims layer can be seen as the "Identification" part of the Generic Function "Identification & Authentication".
 
 This layer describes the information in the specific claim such as its schema. The issuer or issuers that are authorized to issue the claim and the trust framework in which the claim can be used.
 It also describes the assurance levels and the lifecycle of the claim.
@@ -167,7 +167,7 @@ The application layer defines requirements for specific use-cases in which authe
 
 To define the required identity claims, the [Digital Credential Query Language (DCQL)](https://identity.foundation/dcql/) can be used. This standard defines a way to express the required identity claims in a machine-readable way. The DCQL query can be used as a form of digital contract by the holder to gather the required claims from its wallet (or other sources) and by the verifier to verify the presented claims.
 
-The DCQL language does not have to be implented directly by holders or verifiers, but can be used by specifications to define the required claims in a machine-readable way.
+The DCQL language does not have to be implemented directly by holders or verifiers, but can be used by specifications to define the required claims in a machine-readable way.
 
 #### Summary of layers, technologies and standards
 

From 7c47c9eb1883ac14d30317f5766f19f13222f091 Mon Sep 17 00:00:00 2001
From: Roland Groen <roland@headease.nl>
Date: Fri, 10 Oct 2025 12:15:59 +0200
Subject: [PATCH 17/17] Correct grammar and spelling inconsistencies in
 authentication documentation; standardize "organization", align terminology,
 and improve readability. Use of American English like the other md files in
 this IG.

---
 input/pagecontent/authentication.md | 114 ++++++++++++++--------------
 1 file changed, 57 insertions(+), 57 deletions(-)

diff --git a/input/pagecontent/authentication.md b/input/pagecontent/authentication.md
index 484f5f1..8b2d329 100644
--- a/input/pagecontent/authentication.md
+++ b/input/pagecontent/authentication.md
@@ -1,8 +1,8 @@
 ### Introduction
 
-Authentication is the process of verifying the identity of an entity. In the context of healthcare, authentication is used to verify the identity of healthcare professionals and care organisations. This is important to ensure that only authorized entities can access sensitive information and resources.
+Authentication is the process of verifying the identity of an entity. In the context of healthcare, authentication is used to verify the identity of healthcare professionals and care organizations. This is important to ensure that only authorized entities can access sensitive information and resources.
 
-The verified identity is often used downstream for authorization and accounting purposes. Authorization is the process of granting access to resources based on the identity of an entity. Accounting is the process of tracking the actions of an entity.
+The verified identity is often used downstream for authorization and accounting. Authorization is the process of granting access to resources based on the identity of an entity. Accounting is the process of tracking the actions of an entity.
 
 #### Requirements
 
@@ -10,12 +10,12 @@ There exists a multitude of authentication solutions, therefore it is important
 
 - Work with identity claims from the authoritative sources
 - Support combinations of identity claims from different trusted issuers
-- Support for use-cases with and without a end-user (healthcare professional)
-- Support for authorizing vendors to act on behalf of an (care) organisation
-- Support for limiting the scope of an authorization of a vendor
-- Support for authorizing (care) organisations to act on behalf of a healthcare professional
+- Support for use-cases with and without an end-user (healthcare professional)
+- Support for authorizing vendors to act on behalf of a (care) organization
+- Support for limiting the scope of a vendor's authorization
+- Support for authorizing (care) organizations to act on behalf of a healthcare professional
 - User-friendly solution for healthcare professionals
-- Cost efficient solution for care organisations
+- Cost-efficient solution for care organizations
 - Flexible solution that can be adapted to different use-cases
 - Peer-2-peer trust which allows direct interactions between the involved parties without involvement of a third party
 - No single point of failure
@@ -27,10 +27,10 @@ There exists a multitude of authentication solutions, therefore it is important
 
 Throughout this document the following terminology is used:
 
-- Entity: An actor in the system (person or organisation)
+- Entity: An actor in the system (person or organization)
 - Agent: A digital representation of an entity that acts on its behalf, also often called an identity wallet
-- Vendor: A party that offers Agents to its customers (care organisations and healthcare professionals)
-- Identity: A set of claims about an entity (person or organisation) which is relevant in a specific context
+- Vendor: A party that offers Agents to its customers (care organizations and healthcare professionals)
+- Identity: A set of claims about an entity (person or organization) which is relevant in a specific context
 - Verifiable Identifier (VID): An identifier that can be (cryptographically) verified
 - Claim: A statement about an entity (e.g. name, role, affiliation)
 - Verifiable Claim: A claim that can be cryptographically verified
@@ -44,23 +44,23 @@ Throughout this document the following terminology is used:
 
 #### Problem overview
 
-A typical scenario in healthcare is that a healthcare professional needs to access a resource (e.g. patient data) which is located at a different organisation (e.g. a hospital).
+A typical scenario in healthcare is that a healthcare professional needs to access a resource (e.g. patient data) which is located at a different organization (e.g. a hospital).
 In the Netherlands, the custodian of the patient data is by law forbidden to share the data with third parties. Several exceptions to that rule exists. One responsibility of the custodian is to ensure that the requesting party is authorized to access the data. In order to do so, the custodian needs to verify the identity of the requesting party.
 
-In practice, many of these data exchanges are not done directly between the healthcare professionals, but between computers and systems. Often these systems are operated by vendors on behalf of the care organisations.
+In practice, many of these data exchanges are not done directly between the healthcare professionals, but between computers and systems. Often vendors operate these systems on behalf of the care organizations.
 
-On top of that, use-cases are often described and governed by a governing body. The governing body certifies healthcare organisations and vendors to operate in a specific use-case. The governing body defines the trust framework in which the use-case operates. The custodian also needs to verify that the entities operate within the trust framework of the use-case.
+On top of that, use-cases are often described and governed by a governing body. The governing body certifies healthcare organizations and vendors to operate in a specific use-case. The governing body defines the trust framework in which the use-case operates. The custodian also needs to verify that the entities operate within the trust framework of the use-case.
 
-The custodian needs to verify the identity of the requesting healthcare professional, working for an organisation which is a customer of a vendor. The custodian needs to verify the following:
+The custodian needs to verify the identity of the requesting healthcare professional, working for an organization which is a customer of a vendor. The custodian needs to verify the following:
 
-- The identity of the healthcare professional, identifier, role, and affiliation with the care organisation
-- The identity of the care organisation, identifier, and its relationship with the healthcare professional
-- The identity of the vendor, identifier, and its relationship with the care organisation
+- The identity of the healthcare professional: identifier, role, and affiliation with the care organization
+- The identity of the care organization: identifier and its relationship with the healthcare professional
+- The identity of the vendor: identifier and its relationship with the care organization
 
 ### Solution overview
 
 The solution is based on exchanging verifiable identity claims between the involved parties.
-The claims can be flexibly combined to form a complete identity for a specific use-case.
+The claims can be flexible combined to form a complete identity for a specific use-case.
 The claims can be verified by the verifier without the need of a central authority, using cryptographic techniques.
 
 #### Actors and Transactions
@@ -70,7 +70,7 @@ The claims can be verified by the verifier without the need of a central authori
 **Table 7.2-1: GF Authentication - Actors and Transactions**
 
 | Actor     | Transaction                             | Initiator or Responder | Optionality | Reference                   |
-| --------- | --------------------------------------- | ---------------------- | ----------- | --------------------------- |
+|-----------|-----------------------------------------|------------------------|-------------|-----------------------------|
 | Verifier  | Request key material [GFI-001]          | Initiator              | R           | [\[GFI-001\]](GFI-001.html) |
 |           | Request Revocation status [GFI-003]     | Initiator              | R           | [\[GFI-003\]](GFI-003.html) |
 |           | Request Access Token [GFI-004]          | Responder              | R           | [\[GFI-004\]](GFI-004.html) |
@@ -100,12 +100,12 @@ Because authentication is a complex topic, this IG tries to structure the soluti
 ##### Overview
 
 The trust layer defines techniques and governance to establish trust between entities. Each entity needs to be referenced by an identifier.
-In order to establish trust into an entity, a verifier must be able to verify the ownership of the identifier by the entity. Some identifiers are easier to verify than other. Identifiers that can be verified are called verifiable identifiers (VIDs).
+To establish trust into an entity, a verifier must be able to verify the ownership of the identifier by the entity. Some identifiers are easier to verify than others. Identifiers that can be verified are called verifiable identifiers (VIDs).
 How a verifier can verify a VID depends on the type of identifier.
 Identifiers can either be externally verified by an authority (XVIDs), or self-certifying (SCIDs). Many identifiers we know are externally verified, such as your phone number or bank account.
-Self-certifying identifiers can be verified by a verifier without the need of a third party. An example category of a self-certifying identifiers are DIDs (Decentralized Identifiers).
+Self-certifying identifiers can be verified by a verifier without the need of a third party. An example category of a self-certifying identifier is DIDs (Decentralized Identifiers).
 
-Self-certifying identifiers are very useful in peer-to-peer scenarios, because they do not require a central authority to verify the identifier. This makes them suitable for use-cases where entities need to interact with each other without the need of a central authority.
+Self-certifying identifiers are instrumental in peer-to-peer scenarios because they do not require a central authority to verify the identifier. This makes them suitable for use-cases where entities need to interact with each other without the need of a central authority.
 
 Once an entity has a verifiable identifier, it can use this identifier to link non-verifiable identifiers to its identity. This will be explained in the identity claims layer.
 
@@ -123,7 +123,7 @@ Each entity needs a digital agent to act on its behalf. The digital agent is res
 
 This layer describes the protocols and data standards which can be used between the digital agents of the involved parties to acquire, present, and verify identity claims.
 
-The identifier of the underlaying trust layer is not that useful by itself. But when it is combined with identity claims it becomes useful. Identity claims are statements about an entity that can be used to verify its identity in a specific context. By combining the SCID with identity claims, an entity can prove the ownership of the claims.
+The identifier of the underlying trust layer is not that useful by itself. But when it is combined with identity claims, it becomes useful. Identity claims are statements about an entity that can be used to verify its identity in a specific context. By combining the SCID with identity claims, an entity can prove the ownership of the claims.
 
 ##### Choice of protocols and standards
 
@@ -139,37 +139,37 @@ The protocol to request access tokens is based on [RFC 7523](https://www.rfc-edi
 
 In order to prevent token theft, the access token must be bound to the client. This can be done using [DPoP (Demonstrating Proof-of-Possession at the Application Layer)](https://datatracker.ietf.org/doc/html/draft-ietf-oauth-dpop). DPoP is a mechanism to bind an access token to a private key, which is used to sign an additional DPoP access token which is uniquely created for each request to the resource server.
 
-Verifiable credentials have a long lifetime, often several years. In order to be able to revoke a verifiable credential, a revocation mechanism is needed. The chosen revocation mechanism is [StatusList 2021](https://w3c-ccg.github.io/vc-status-list/), which defines a standard for revoking verifiable credentials using a bitstring. The verifier periodically retrieves (and caches) the statuslist and verifies the existence of the credential in the statuslist.
+Verifiable credentials have a long lifetime, often several years. To be able to revoke a verifiable credential, a revocation mechanism is needed. The chosen revocation mechanism is [StatusList 2021](https://w3c-ccg.github.io/vc-status-list/), which defines a standard for revoking verifiable credentials using a bitstring. The verifier periodically retrieves (and caches) the status list and verifies the existence of the credential in the status list.
 
 #### Identity claims
 
 The identity claims layer defines the workings of specific identity claims.
 Identity claims contain information about the entity such as its name, role, and affiliation.
-Identity claims can also be identifiers which can not be self-certified.
-These claims are usual managed by existing governance structures such as professional branches and governmental bodies. A chamber of commerce number is an result of such a governance structure.
+Identity claims can also be identifiers that cannot be self-certified.
+These claims are usually managed by existing governance structures such as professional branches and governmental bodies. A chamber of commerce number is a result of such a governance structure.
 
-The identity claims layer can be seen as the "Identification" part of the Generic Function "Identification & Authentication".
+The identity claims layer can be seen as the "Identification" part of the Generic Function "Identification & Authentication."
 
 This layer describes the information in the specific claim such as its schema. The issuer or issuers that are authorized to issue the claim and the trust framework in which the claim can be used.
 It also describes the assurance levels and the lifecycle of the claim.
 
-In order for use-case designers to choose from the available claims, a repository is needed that keeps track of the all available claims, their properties and governance bodies.
+In order for use-case designers to choose from the available claims, a repository is needed that keeps track of all available claims, their properties, and governance bodies.
 
 This IG will not define specific claims. Eventually a national repository of available claims should be established which can be used in healthcare.
 
-One of the challenges in architecture is crossing a gap between two technologies. Many existing identity claim technologies exist and are for example based on X.509 certificates or SAML assertions. These technologies are not directly compatible with the verifiable credentials technology. In order to bridge this gap, a mapping between the existing technologies and verifiable credentials is needed.
+One of the challenges in architecture is crossing a gap between two technologies. Many existing identity claim technologies exist and are, for example, based on X.509 certificates or SAML assertions. These technologies are not directly compatible with the verifiable credentials technology. To bridge this gap, a mapping between the existing technologies and verifiable credentials is needed.
 
-This layer can specify techniques to solve interoperability such as introducing custom proof types, introducing a trusted party which can map the information, or define custom verification methods. None of these solutions are ideal. Each solution has its own trade-offs. This layer can be used to specify building blocks to solve these interoperability challenges.
+This layer can specify techniques to solve interoperability, such as introducing custom proof types, introducing a trusted party which can map the information, or define custom verification methods. None of these solutions are ideal. Each solution has its own trade-offs. This layer can be used to specify building blocks to solve these interoperability challenges.
 
 #### Application layer
 
 The application layer defines requirements for specific use-cases in which authentication and authorization are required. This includes the specific set of identity claims that are required to be presented, the trust framework in which the entities operate, and the protocols and mechanisms to establish a secure communication channel. It uses the lower layers of the stack to achieve this.
 
-To define the required identity claims, the [Digital Credential Query Language (DCQL)](https://identity.foundation/dcql/) can be used. This standard defines a way to express the required identity claims in a machine-readable way. The DCQL query can be used as a form of digital contract by the holder to gather the required claims from its wallet (or other sources) and by the verifier to verify the presented claims.
+To define the required identity claims, the [Digital Credential Query Language (DCQL)](https://identity.foundation/dcql/) can be used. This standard defines a way to express the required identity claims in a machine-readable way. The holder can use the DCQL query as a form of digital contract to gather the required claims from its wallet (or other sources) and by the verifier to verify the presented claims.
 
 The DCQL language does not have to be implemented directly by holders or verifiers, but can be used by specifications to define the required claims in a machine-readable way.
 
-#### Summary of layers, technologies and standards
+#### Summary of layers, technologies, and standards
 
 | Layer              | Transaction | Technology / Standard                                             | Description                                                                                                                          |
 | ------------------ | ----------- | ----------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------ | ----------------------------------------------------------------------------- |
@@ -188,19 +188,19 @@ The DCQL language does not have to be implemented directly by holders or verifie
 
 Several identity claims are required to be presented. Which claims are required depends on the use-case. Each of the claims have different properties such as:
 
-- Who can issue the claim
-- How can the claim be verified
-- What is the level of assurance of the claim
-- Under which conditions can the claim be used
+- Who can issue the claim?
+- How can the claim be verified?
+- What is the level of assurance of the claim?
+- Under which conditions can the claim be used?
 - Lifecycle of the claim (expiration, revocation, renewal)
 
-In order for use-case writers to define which claims are required, a repository is needed that keeps track of the claims and its properties.
+In order for use-case writers to define which claims are required, a repository is needed that keeps track of the claims and their properties.
 
 #### Mechanics
 
 ### The actors
 
-- Care organisation
+- Care organization
 - Healthcare professional
 - Vendor
 - Verifier
@@ -208,20 +208,20 @@ In order for use-case writers to define which claims are required, a repository
 
 #### Relations between the actors
 
-Vendors get authorized by care organisations to act on their behalf.
-The care organisation's identity can be represented by one of the trusted Vendors.
+Vendors get authorized by care organizations to act on their behalf.
+The care organization's identity can be represented by one of the trusted Vendors.
 
 ### Use-cases
 
 Different use-cases have different requirements for identity claims.
 
-Each use-case requires its own governance in which it defines the needed identity claims and the trust framework in which the actors operate.
+Each use-case requires its own governance in which it defines the necessary identity claims and the trust framework in which the actors operate.
 
-The following steps are required to establish the identity of a healthcare organisation and professional in a specific use-case.
+The following steps are required to establish the identity of a healthcare organization and professional in a specific use-case.
 
-##### Setup for organisations
+##### Setup for organizations
 
-- Choose a identity wallet provider
+- Choose an identity wallet provider
 - Acquire identity claims
 - Choose a vendor and authorize it to act on your behalf for a specific use-case
 - Issue relationship credentials to each healthcare professional
@@ -230,8 +230,8 @@ The following steps are required to establish the identity of a healthcare organ
 
 - Choose a wallet
 - Acquire identity claims from DEZI and your branch organization
-- Acquire relationship credentials from your care organisation
-- authorize the organisation to act on your behalf for a limited amount of time (e.g. 1 day)
+- Acquire relationship credentials from your care organization
+- Authorize the organization to act on your behalf for a limited amount of time (e.g. 1 day)
 
 ##### Asserting identity
 
@@ -246,21 +246,21 @@ In the context of a use-case, several identity claims are required to be present
 
 - Verify the verifiable presentation
   - Verify the nonce
-  - verify the signature
-  - verify the expiration date
-- verify the claims
+  - Verify the signature
+  - Verify the expiration date
+- Verify the claims
   - Verify the signatures
   - Verify the revocation status
-  - verify the issuer
-  - verify the expiration date
+  - Verify the issuer
+  - Verify the expiration date
 - Respond with a bearer token
 
 ##### Interacting with the resource server
 
-- Present the bearer token to the resource server along side the request
-- Check the DPoP proof (or other token binding mechanism)
+- Present the bearer token to the resource server alongside the request
+- Check the DPoP proof (or other token-binding mechanism)
 - The resource server verifies the bearer token by introspecting it at the oauth-authorization server
-- The oauth-authorization server replies with the token status and the the provided identity claims
+- The oauth-authorization server replies with the token status and the provided identity claims
 - The resource server verifies the token status
 - The resource server verifies the identity claims and the relationships
 
@@ -268,12 +268,12 @@ In the context of a use-case, several identity claims are required to be present
 
 #### Token binding
 
-#### No sharing of Private Keys of certificates
+#### No sharing of private keys or certificates
 
-#### use of TLS
+#### Use of TLS
 
 Use of TLS for the vendor
 
-#### replay attacks
+#### Replay attacks
 
 nonce and timestamps