From ef579b270b8dee028fed40d1c193688276ee2124 Mon Sep 17 00:00:00 2001
From: Gladwin Johnson <gljohns@microsoft.com>
Date: Tue, 27 May 2025 12:15:26 -0700
Subject: [PATCH 1/2] init

---
 Microsoft.Identity.Web.sln                    |   7 +
 docs/design/capab1.png                        | Bin 0 -> 82857 bytes
 .../managed_identity_capabilities_devex.md    | 117 +++++++
 .../IManagedIdentityTestHttpClientFactory.cs  |  15 +
 .../net462/InternalAPI.Unshipped.txt          |   4 +-
 .../net472/InternalAPI.Unshipped.txt          |   4 +-
 .../net6.0/InternalAPI.Unshipped.txt          |   4 +-
 .../net7.0/InternalAPI.Unshipped.txt          |   4 +-
 .../net8.0/InternalAPI.Unshipped.txt          |   4 +-
 .../net9.0/InternalAPI.Unshipped.txt          |   4 +-
 .../netstandard2.0/InternalAPI.Unshipped.txt  |   4 +-
 .../TokenAcquisition.ManagedIdentity.cs       |  28 +-
 .../TokenAcquisition.cs                       |  11 +-
 .../daemon-app/daemon-app-msi/Program.cs      |  50 +++
 .../daemon-app-msi/appsettings.json           |  29 ++
 .../daemon-app-msi/daemon-app-msi.csproj      |  29 ++
 .../daemon-app/daemon-app-msi/readme.md       |  48 +++
 .../Mocks/MockHttpCreator.cs                  |  28 ++
 tests/Microsoft.Identity.Web.Test/FmiTests.cs |   1 +
 .../ManagedIdentityCaeTests.cs                | 288 ++++++++++++++++++
 .../TestManagedIdentityHttpFactory.cs         |  15 +
 .../TokenAcquirerCollection.cs                |  23 ++
 22 files changed, 705 insertions(+), 12 deletions(-)
 create mode 100644 docs/design/capab1.png
 create mode 100644 docs/design/managed_identity_capabilities_devex.md
 create mode 100644 src/Microsoft.Identity.Web.TokenAcquisition/IManagedIdentityTestHttpClientFactory.cs
 create mode 100644 tests/DevApps/daemon-app/daemon-app-msi/Program.cs
 create mode 100644 tests/DevApps/daemon-app/daemon-app-msi/appsettings.json
 create mode 100644 tests/DevApps/daemon-app/daemon-app-msi/daemon-app-msi.csproj
 create mode 100644 tests/DevApps/daemon-app/daemon-app-msi/readme.md
 create mode 100644 tests/Microsoft.Identity.Web.Test/ManagedIdentityCaeTests.cs
 create mode 100644 tests/Microsoft.Identity.Web.Test/TestManagedIdentityHttpFactory.cs
 create mode 100644 tests/Microsoft.Identity.Web.Test/TokenAcquirerCollection.cs

diff --git a/Microsoft.Identity.Web.sln b/Microsoft.Identity.Web.sln
index 05c15260d..2c07d42a0 100644
--- a/Microsoft.Identity.Web.sln
+++ b/Microsoft.Identity.Web.sln
@@ -164,6 +164,8 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Microsoft.Identity.Web.Oidc
 EndProject
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Microsoft.Identity.Web.UI.Test", "tests\Microsoft.Identity.Web.UI.Test\Microsoft.Identity.Web.UI.Test.csproj", "{CF31F33A-E5F5-DB57-4FEF-81BDAFD497C8}"
 EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "daemon-app-msi", "tests\DevApps\daemon-app\daemon-app-msi\daemon-app-msi.csproj", "{A8181404-23E0-D38B-454C-D16ECDB18B9F}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -387,6 +389,10 @@ Global
 		{CF31F33A-E5F5-DB57-4FEF-81BDAFD497C8}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{CF31F33A-E5F5-DB57-4FEF-81BDAFD497C8}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{CF31F33A-E5F5-DB57-4FEF-81BDAFD497C8}.Release|Any CPU.Build.0 = Release|Any CPU
+		{A8181404-23E0-D38B-454C-D16ECDB18B9F}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{A8181404-23E0-D38B-454C-D16ECDB18B9F}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{A8181404-23E0-D38B-454C-D16ECDB18B9F}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{A8181404-23E0-D38B-454C-D16ECDB18B9F}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
@@ -461,6 +467,7 @@ Global
 		{E927D215-A96C-626C-9A1A-CF99876FE7B4} = {45B20A78-91F8-4DD2-B9AD-F12D3A93536C}
 		{8DA7A2C6-00D4-4CF1-8145-448D7B7B4E5A} = {1DDE1AAC-5AE6-4725-94B6-A26C58D3423F}
 		{CF31F33A-E5F5-DB57-4FEF-81BDAFD497C8} = {B4E72F1C-603F-437C-AAA1-153A604CD34A}
+		{A8181404-23E0-D38B-454C-D16ECDB18B9F} = {E37CDBC1-18F6-4C06-A3EE-532C9106721F}
 	EndGlobalSection
 	GlobalSection(ExtensibilityGlobals) = postSolution
 		SolutionGuid = {104367F1-CE75-4F40-B32F-F14853973187}
diff --git a/docs/design/capab1.png b/docs/design/capab1.png
new file mode 100644
index 0000000000000000000000000000000000000000..7e6737ee9b7150f800abec53c1caeabb1f1ac5b2
GIT binary patch
literal 82857
zcmeEt2T)UA)MscSg7hLC0qI4$bQS3$MFi<89fZ&cH5BPhx>BWsH0eEb5Rl#^p(UaB
zPy>Xp{I`8OyWh-y`|a%P%+9{NGnqGeFLQqP-FwRKoO}ECb`?Obp`xw=z`?-*e7O4n
zZeai=03I&xKj+<ne|HkxCm_JbCwM?ec<(;R0}>MA2gJk=Nh!%6l2VWo6O+@DQ&3UU
z(9n>O(LJK2end%4L;cU6;NaaogHJ$2KtM$OkoY0>|MGF$1)#W(bBHgFhr<rQrNF_X
zz`5-MumS)$1b5p0qws$|aB%N*yhnJS=mGKF4GrV~TpT<+TztHLw7$DL;O=(-J_P~g
zW04p4sB}LPvb$1?1}Em-=XhDuO`|t?#3}a4ErjR+E!`t}h9_LyJiL735|UESq-B&|
zDXXZescXE|e`jF$-pJU}%G$=(&fdY@!_&(f<l`IqB`iE5GAcSLIVCkM{oD79{DQ)w
z;*!#`pS5-M4UJ9BEv-Ghef<N2zlVmWre|j7=Kn50;Rxi~`o`wg_73X!<n-+P0)2V)
z4=x-4-hYDiUy=QHxG3&$;o{@t;S>IY3kTQxPVgx32_B2wqkN%D_|cV$T{QSU^~=P(
znr<QvF})+2Pi~VBXgS5<Pf-6r`;W-}ZNNhQUC90`uz$e?1(4w3+`T+J3V<R2ofPeL
zjzwX%mRFV)vjLLPIa9=$*QHLC1!;&4+xLiQHlysQE*(NW^#T4Jd5d$Jb~N}1vN@ng
z;qPt@XXO$^YK6}%YfQ1W-2cdq_xRMT%gsGV4RC1??dmm7^7m@8qq7|>18}0=-@id#
z{{O3g|47h?iCl{^Wu<@2x)xOZKR2pZWbo=ZECB5X58DVuBs>JAo1*TOKa$GmGw|xs
zRAu@J71RFK!;0V#WjZ8Ki}SyCBUk`w*5oZ}t}}Y{LI8EY&|`e~Pw+Q>iV%G<0BC4e
z7YICL9gF+t^-tj0mHhv!|K~;``fgGitc3bAmV++(BwK}I9Oez@34<qfRSn%Sd@{+;
zSrV^Vp+$rH9IG~IQ<}|e9Vb~TEfjFZ&v9En*VVbFAp19siZ)u_$bp!m9dm{m>i`RN
z0xFf}tS1dUHJ91$JsR@b_$02ux#|8=@FlvQ9J-m)4sLx0a9G8WoGw!0QL@fg@JMz^
zKnpUyWoRtW?m%%hUy(w*Eha__mswg|ZQ_MhMxn5~JGBFV<QPb>h~#WM=(w67$c1{J
z`yN&AZ60y-K;Mqi7NPLo&C+fhU|9UW!N1D6@~*vNP`g~MSv!58@Vcr1A=S4+i7`S6
zv|dDe8hM&25A@si6si$D=6KP=!+Augr>&>O-7Abgj$$3WA`7qlTd-qjkEeFezkbZ@
z7O=|q2uq`zAf95VXEpOSdCRxfpW|o?&2H((OW0>PMHW3}DHdywaAi$h-*kTMllg2Z
zc%BA6XDpdlX1u&){C;uC#E30z$L^!88u{0}?4X_yHTq|3^K(<6I=Csg9vAf6Un|w=
z@yC*fbXbaoxaK<Yo2>3lpKq`_Maf00O_~8aMKYiqq2u*SkhZ0%cFDHuw{thEVCMo?
z?&*=o2}L&RexskK!CsI|H_QQMIa<(I*sl=lrHz8zOr0Jvl9BE}i!zrM?9<cJ%EY}!
z<!BGKY9ap3BRD~$p<z3&{k|5lVB2v@e+l6I9hvy=rHl4gaSfI0dv*3n$`50cGz|Bq
z>a2i|Ov9mppDpKZ0bc|U1;Ex|MhBi`lYwRS=~s08sU!KrZ|2U-hC$njW^{u<YDX#H
zk=tB=`IVzdCy9OX;)^FEwOZU+w*c9)XEv*DKC1>tQx$qxyK0Es%KYyh<LPAZ2=|4?
zpzQSvjNt4o0PX@h0Ft0zUSKIkWsb_#3%3)_Wpy|VKD>6U0T6PRn9hIQW)R9lFu&w~
zDAcp52T4K5IzBTtve^1bBypA=t-uA!ft_zRPUp>4vrV(l3+~bO@EQqX(*JV4eI)w^
z@kgD5GwaGw#77*9ht@)Uy6&FREZV6-|JiP8q9xUHbP}hRD<V;_Qu*q{Ns$F`pK7tc
zt}ozjfcW);_eW5R+c^zSXgY2Im)y62Mhqq)w_O$f(69SK1m+0kD#$lgYnu{OnbP$B
zxPup@RyN(Gz@0{9t4-=KP9o`8s?Pp*_?_T;%DUvH$lrvdfp0@cedmI!93cER=@@^1
zEpLS)+oBx?@cEO0yvK=oE#4o+UFxh(Scr672%l|A_??HK6A*$Ny|(}|IjLfYCSUVp
z#Zd8Wq1D>&`E=F@zE^E(%We9A%ETdLvhm20cE{8;V$GJ>_!M|xAJ{n?5AMw+bjFHc
zbSCSW>AJ7dg9U7AgAdj+WMgKdUVmP3_ykuo(!dlvc5`{?a~KI>1XcGWnrfG$ZH=b(
zKX}F+2zy+9R2Iw*O4Gsl%;dW|KWEHU;$wYnf)Q+LYRe(^t0uAEmD5!lP71bujMMe(
z1DV`>0)`HyyqVB&NCzV8lSv)R&k^|LXQB=)v43Fka==8XCI0y$y^BmbZd7s66PBzM
zS@r#0C%OOvLeR2_F)M%dbQxmqimSk<XxTx>{^ITS+~*i~A0~l`E>k#O^CP`Ja#5ds
z{qhBcCmjAVXnD9Wo~RE4q;#{-cbF+ct837n%9ny=lTX!<2I=8x?}5!ldc3RGx&@eZ
z5<kt4<{{TrrUv|P2o67ZumXJ8bZi`51Vo=D+?-=Ib#-u*ssB|WEcTZ<s*1TYI4q#H
z_tWv!LMeiuD=Hb_@VF<<LUJ3tAuvf?IyOq5Q4feb+SRklUlOf)3%K7DwlO2&ILdy2
zIJsuk79CfBCFQLh&(wYRVBPBRGlQ)u^V}Gvdajm4{M)mQqcStJS(~0R2Fw{EN#F!a
z4W(3j9Q3Fv6p<b;arn@m1TAJ=uru%bTFic4Z1}Uaow=$>8c|D1$jkLe`Yr)2nKVPQ
zEbwXgEkFv~;>)vq3*ZHBs|V(mZFUl2i5yp`1KIoGFYE(~+T9+V5tq~?Y42g~NvDFK
z>SjMg%-`@^cC*$A$H^J}+?_M@WogLI7S_tSG~QIpm7-+dct%aGU{8iuwz|q>2-!BC
zJ<V<C?190(#SIxQ!Yis8#HeHQkF{$xq||VF17>%(%`LCxK*&CCEC>3lv*(T8>L6TD
zPhWKTH_VLs^T)K+Dv*4eUh2H)P6`CQf{7sWsT#do99(i5Kma-i>i5_BXrr2XPPCt3
z258CS=);NN{7Q3abSxPf;y&P@ND1QZGk*x8>tncAl2^Z4&tGOV<ZOjkX0{_18=uo~
zpm^W^9YRe3$KQHxPx#P!Zq7_3SLcNOfaB#s6@2VHd0|}F8tE4U?{NPY6`;&>D|D>C
z7TCRP``i%fGr2ZnRwS}49=B2PdXVkXNC0QcJzhOueE@5Kal(S-Bbc2wJ#PX#(n^w*
zk9Par(E$xx7?Fyhyr1-pZ_O0mex~-c6k2M&7`549AT23`zF)GipZD@=n*8p>-5gw?
z`Gt_6;L}s2oRtkEVb1gP=0}C6-#7`Vz~rbY^7ID(rm08j$t|F+q$z|gsi>{sBb~$M
zNa8)C){E-g)01lSiQa_2OjEjVO3tVE+l_T&V_z@h0czdPlsVUegSEJMk5#Xhz!oBA
zJno9Q$+cdW7RNH>)%Uj*SkP3~)ee$5-jV)FW$nJE;i@dkMa_NV_2h;1u|K8oE=WaG
zzxZ<$zBmf)Uw%3-s4#=|mywJPSAA{PdB~akK*j4-2dRpw)w^maqjAHG0$WK$z4ytf
z1&MM0kH4u*L+h>_*J&xg-DK9@tt7<Daa+P!Bc6U$gfso3a$s|NQ{WzDi+?Ihm==07
ztp`mpEjZ6kF9By*a6c}b)(wyd?0{&&M!C56d4FtQamV<J0E_JB<|xMDm6G1kV+674
z{QYTe)FgE*C1q7)CTLg0_(S`s(j6?_oJXbnZ(?u1l2H<^oNrz_q=5}*zC9(#oODkh
z<#_d9j70R|tEdza$F=&K<yq;)E+E^7V?~M$#X70Dc5TFXbUK51M}-5!e1s<>ac@<3
z*<$<ABU(Z(b*UsA1EO%b_<Jf2C56Rl*purbK}E7ekvVc;y&+bU_2jayuU#6>>^(rI
z?f7G>HN454;Sl7pYb3;MIP(QR`0(ur+{vQ%!XSB<g=NOFLCR*a-yO(_YfqjaO5W#!
zWFwcRXELnXm4TG3jxU6ECxHx(ceNU4&rD7#&Hidw`q;#!eu!3in|1%V`wh-+{8=S(
z)S{2!u&X*WeVHR;W9Qh+=5V;R{Yg;<`6RxL<%kCx)q?5=K18*6x(DREb9|$L>&@i+
z&vZEWc%^tS0o~b~-kKYOd2y4lnyua2*k}RCRJP7RXi3WP-0Zf7<8k_r5iZlDBZTol
z$vqS%>eV3dyGf3gq2Mz{UctWR0k3r3w$klg3*#Mz(Uk~@WZ>jg>KBOeSylLPx8%fY
zX9ngfu|<{_d(S1-6<ASRl}O<QKg28FgCg(pI5GWc=Sqfio9}r^svd4dQ5<Z!f37k%
zV{R6$I@5#?(|PO6ueIAO+*%L}Z{kWF=gV!2-!JY+eXc+ds~H<TC>0oV2yp>$=5#T1
zmVsFNd=*k{e_Eiy`Zd$Q`?T}vl6tBnYq3G``uBcshMK2evo8{B$IDo4h^Hu92VzZv
z-qqOib`zFL%=#0c8xXK;endn6Mw54`I$6Z}%n!QS`VoRD%}4Qevr+eV+t^}1gq_k<
zRI*|SGY>kqV&|$i(pP{da(5Qz0g5aXJ9^XcW5<^ps$b6vm2@+?{9*aTJGj|R#&<5E
z@0s90-G@eVvbG}!bxS;A#<Jq?RgbDM{=A7VVB9){Ea4rBswmPj#NmSF;GpS@b3^#_
zS%-q7D&%{y9fS5$X}!M0X3wi!<FjCgT7Q>mVZr_U_W9Gp@CggM#^e5tLx|=FOK3KI
zkU*Djg0bGk+fJ3v(+FWSb8CoqLu<*!N$D-1`@lc967vjY8(#nSjM<{+YAm(n_sgQC
zgIsYDX}KWg6kP4Of{r7)sM8U%mm4R&84X2^S-Z@8(|?DfKJVeY`<mKAN$<i)|NE?D
z2P=<KjD#ZOP5Ky$3z+}(*dtoolU^lu!@sL{b2JtCUF;Jh_f?H<3Sd19#ntY%t6?(&
zY;Dt@vI`oML?8QbroO;|ab}PH?&^L-qZ^YPZD9{Pz6Cr@*42VU1aEgfY&Wa08!i6}
zGBJis>C;M`Lp`RR19tqoia=L$=21T!0-wxK_Nq-+otbRo@H$%KY4KZD(Y)a5XhM?p
z0V6Y{_NmH^?XMu!A3aNUa;>L4cGU~j3WA=Jt1>A)(EZB&sMj`YqjiM=bPMRUAi+NK
zH=MM&^Nz2lJl8^?PH%e!VmwR6a5dRp?-Lknb<gvu5l+)kBqhbBjVku6WMh?|H8;^s
zt>koiBm8HpK^8_wjfLVjj%tu8;o)%Frt@+9W_i*9!0HX(dD9WHAHpzAr8|oeuCzDy
z`$~Iop`Gz4Q~v4R52hQ(Z8BW6=$#T^+WeW!zG`G<nLnfVPqd<LtGe7a=Q|*;f0??q
zr-D7v3F#L<H^n-||Hd@!{CB45-hXSF?6&6hGp{qJ=e7I@bG7J}lRJ?muD1XJEX$6s
zVviy@XafdEqB~8J4wk1iLiHxsIvOR{q%%BX9wigJJY3^F9jcP;@2p#i@eq#4P>tP~
z^n5Ns*P3?FFaF)qOp<58Yls8<p!t)^^GD_-P0DaEjiU^3uK|%z<0upMs|m%N_4JW*
zwp=rmSN&Z#TzxILTf!Eh9dovzXaf%OJL^ym+q<flGHUyJx%DKLATaO)4jW$LsPrzc
z+bzITI79pD@{7W7fKT=D#w|dQjOFNVh{kC^jZ-EaWW6#2b&eD;&Z~egb@?pK0@2Sa
zZe)9*RW)S_*&mC|&3EoIXG}qt)>2>Mnx+5}>v6T2K5TT1pQoV`BHLM!H~eZx2X&=e
zSejo`6;>1Z(^ZAxR8%iZ#<afNvvKFLNdBq<s(w3J1nRW!By#X}QDTieXeR|qe1ozP
zn=?vl(!T}V<0Jp7>dTzuwpG2G4?Laq;F9t$@5o)Ax&^=z5*rk8LFvkqPG@mSy{(nu
ziLOmUoh`L#&z}4q-cL;7{k`^Kz6zcEVscMT_(*hJjwR=DvQAx#<C2)RK?qX+quX%l
z)T^QqO8|@ZM*}PwXr+%u=BR0apN!m5s<ppxnITu#uA1APTAL~I_YP6d*8sqlJb`Bp
z<1OH8^<EA3H23Pg10pkp{c2b-I^*WP^JG>VZy-~`nF27gCj-(@>hN~koPMUDKKf#B
z1Ip-Qb1e|Rriv%Ic!;zk#7~_12}<ZOJ`6oTHq6(XDZOe<l<SMoZAe;LaF6RY#Z@KD
zxZ>7AaTUQW!obXj^_eXK!U<7MaFcIu7B~#jKEN1%CKblUyJ%PHgkaFSt7N@H?M7e;
zi~&SS#=fonTic*Lr)zz*S*;f;_p_gY{&a>q*!wQHTgSA-IVc#wuoqa((aXOmVvC4C
z{*I$-$42a<IcM=#23|9W>2=2s<rh&YLW?9!St!%9fIJi#BK-@N#owjbWC+U*bI4Fe
z3_2FSUx5yme0#xSs?$Xt2v4^oUSv_{%(xUDXu1k4N6I^&ysk^unidi+PFo(+!F$0d
z&G&^A2Y|$ziiCJo)?quVdK;1<Tj{+kq?mVzJEvVQOtQ-`Td(RkTJl~~=JDwh>L7>W
z2)Mj^A2eqBN+GV)VSbCq(S*@3;~idTs*c*=R7cZ!1_~J2&Wx-Sdp_YQyF}IF>-^pB
ziplu%IFKY!?r|*Ap7DDY#Pp<_#=;17uM*z55ZYrH$TTCgH&9n$aSP~C^0OD?Og81U
z;F30F`f4fAt=_$c?0D;FIBAcDtz*4j@k8`4e6bHP<1};a(&Zqao{U#@(ek!$(14S$
z(=xq^uYWAg=C*Od(f9xb%t49_uI1`<icsFGEO|{i6Wkp2W|148HIs?qEZfgu#$WeZ
z0<Ec!lIUx?YG>i`)8ae799dMiUdLmP0DdnpdMfjkjLDK_1yq8th}^#gIPD6`zzkX&
zrlt)WeqqO>ZA`qQdWi5;o>n&3QL3$FotNu6JLDSdqm^#~`_QCyyOvXpTR@CO-th^D
zqt6lEjllci5c+}}PhZk4AYFPuZmG=|HD76gHd*~1$c}kA(JssQ*<?3W-HIFcS;Qy@
z_I?HU!Nn~g3?e;$r>hFOQ)R|eHtJM1Q_FbtH2Lv0dpDEbedPPPhIcPZ0i+@aj-yz5
za6jQu?f_N_ytKShdNh}$?VaM>>bgi12_UOT&9beZni{t7v*+H~zsS&#?YUa2?v})=
zudKOZ`6k}>K?LTjFjR2ZAzGyXaxMSUL|LLM$|$<0V$*dI{TqKRD_EZ!?THvM3uJx(
zByoJY>t6DmHj^utZ}E3KW`y3X&&3C?rur>f8KHR#APyW?qyc&iEl*um)&I6^iQG>T
z9OwBIH>+-1r9%2>uBrf~+Rt&WGxY=uYnQ4-(4Qhp>Ax)ne0!O6$!>b^*8;!F<?ij$
zu4w^BM$oV`JK?dzhC{R&HX?WjN?Y{9A!)lcC)cyYL4>^4*sN#r^_SQn-5|DOS?@}D
zclb&)Mx?mEbeHAPoJY2T9<6NKF44!RA$ou;4<W}gBz(4B9*9UC-@D|L>25&DZ)Cgd
zSDBV&=+jQimN)s((~#oq_?={Qz;nsB6nN3zD6f^*bL~KcTPsD*`EK9wfYa*{b|2@O
za4)jdC+g18Ao(c2nsm?6TR_svN!=|Vgy(uH!FJ>pkPNms8XV2A=*^{d%(cRf9zp6#
z18TW)V0*3pwU?-JCtIzb-aK-Y&j_PO(v@cNW?>r1+N}xtM*g9nCVpk9XMJ9XgVha)
zWLzXfvq;UiOB@NWE~O=un{7WGEm<7rtx3)Ep?7}IwV_8uob-GQ=ab_vR8B-0s07Ip
zg|PEia)polmLmWn9-6$biyZRMe{Px5_apZAaQBPf1MZ2@#T6@7(Ce1$Tfnj5<t1hI
z)WH-updO?By<L4(n-VSY!3lilWWwt<hh$Py8WFEOVI3;q2WI?TEZp<;QD<giy%~^#
zqVDFA0DDV;U#h{$EwdW2-b2-S68jcPD5<?cq>;GaIPK0HZR==kj5nesKbfk=WrO@X
z)T?PUO?pwrd+;W|-2zd452H0Du1M_Anv?j${>n3Q!l`~FBA%Bb@9hSgQiQGBrL+2$
zdeQ7%Fh9zDBUI!SsC6^8GVhdtJ9Da~s@!g(rK;WftIbNCmblbdim!|2Lj_JZKDl40
zaUdJo4^d6DpyX2pa(q8o$@QVe)Pa_=n=#Aw!PpO~cu;jU=QO<Y=9h5cTxF5dr|F(3
zPe(_a#3(GZ(LVUWFWwCy(^9q|eI{3PckTf&o)Y{PK)*fF)YnO_UA{eSGU|koe@R?!
zxAB`-wp2%n<0ocGRYKIu7+8LtX;F-fuk@Nmsbfn*(C%H3C#aA&S7Z?lW=?Fk0Ar|U
zN)xW)MI-MZ(rjfQ``(E1QF_ls<MfYTt*v*iKhtaSc}@FNOq728H$dG7oaAwuX@66c
zP}6F4gvA2^IpNZkt!0+xiMgA?=}kKW#7!YkJ}ZwgTTOT9($7+S92$T4envbY%-fvp
z1l-7VG_3A2UA4d*J4HT@ohG5w=1kHS-z<(Pti0d_f6ePydB1Y#DkuAfM}qk6lRERk
zjjCPiPsO^4Dfn(;(;RcHtn~Jx7HI5MuliBgMR-x#hp!-~Kl607Yr)r@*{@=?%~gCV
zEXcsW!LM%t)uo-MA{M5gMg&p?oqVml+xj?B&Zq<mi(!m>ma$A|W%AupUjNJBA8EiE
z#Tx^4shh*zbPU$yg4!9Td0l?!1UADWf44t8TE2L3B-}5I)@T=YEpd>93eeG7z!?0L
z#a}J4rziZ;G34OjKj8l(C$S2o1pOJ4Q-t3bnmx4~#g5h{AxFlwVARNG@{TYCT2M)U
zAP1TX73^uIq%-SbCm{I8ZAD}Heu?9kC%WH~q;Qf5O>zAUO{yHtNskn}SHhnzFM)Oj
zUqhx97B<i-SIf{jztPPx(X^N2qS*z>$E7+VW2yyh#};5QO#1lqnAX~ZyD;-E33l*r
zvxUc5>ddZBReEIZX6rFyty3h&PPn=>*8z)?LGFnIqz-c>cZ+MQRS;5B3i5vUYf4D+
zQtCodZxFwQp3%zsft$>S`RO}m6!LhRMfRrfRM1wnX7-aKn0WDp{9vS9ix4nJ*8b(_
zW8H|wV4P>0G=2W8sHR9cPk3&uBn#Ud&@)E8T}t7{#PXXdo*Ze4#2KnEwkw<o-v@8D
z6}F`=qyxP!9~w0*)I-i#hi?I5u_)HPL&P{KMr;CO!IfODmcFrmP^nnEVX=q)#NTLS
z!Neb;#)%W0l>-fAMk{)wVi3+TKeiyGGwsCI5-Gyo0+Wm80uH(f(7(;50!4wkUt3lg
zVCY1|zGtV6c38_?1J(J^nVqw{H}@gZNQX~RQS`1%dxTT1KPe$QA`ESVYjt!io*$W_
zZMtovdFc&w1lHJ|5|ZF-W)wFBR0A<-+NaohF{hv2yTdC>oSoHZ_jNJ~j0DQ!%hbjl
zrC>bv-4U+>=;~K8@__gA-jFrGxqGmRp9S`61}Hu<s<EQon){}Xr%B4SXOx;?j9fN2
zY*FQ&w!}V|Q0}cavXc_j)CGAwQ{{OdV`%xLs4#uHK3w+i`w<6kk>8A=LWFv&2Ee}e
zoM`W((4Iho<5=UlYF^a6Y8KM7rEmM6I7%N&iRj5Rm(7ig&0U_J)dCL=fSf6dhAM|!
zjbN#g<&S8o9$)3o9t&FZpjj<lm~DjGB+}lD5DL3UQuF%tTP;2B_eeYsdI+9P_`2aJ
zybZofB<`n3zWwrCOQOVnYWZC%;zRt3$lLX`dz`U3cifQtv!k@^J32|{D_KMZ{#7JX
za;fPj^<a6@$@L$%0FP-1Pe77lNG@>!giHZ4*Cc8(N;pK~#cG%Q*$prI*e7!gUQfVA
zKA7R=ZD_`sUKNjR@~vinyl|$4<y&!^p3RZ}FRZWm!ja_wgksVkugVTOSLX>I85!wI
z+SwSJ7?rsB`kGPSMbS&sDhc!$(tz;LA@oKmA+iS(N*ZeF8W^O)PAAv5p>l#Lk>1{l
zgB)&}tZxr<D66+*Xl?;fXKfETG#mYvG_E|Fnwnz$r_}lg@K6$GD}7{t=kF|RmtvS!
zHAW2;SmcS|E#S2;+H#^+mmd)2&=!@n(Z#%Zx#}MK^*-T1Llc~gewPJrPO-s*fBcsN
z%j>U1eQJAU?5P25!QFgni_-L~(fu4{07Oy(+k*qAKq>U{$bi8zU(@`0ghj}#fC1`p
zBwa8yUtvts=TLwx=<_O75`oLi+h*qZXowUVHUQPyNUwB^^C@0Zr>-?723bZK%flr3
z*eHTKqKJajhlWZM1}q*ahE&RNbJc9xNyb(Jfr9lys8280h<TOR%!WxP{vsdsyXxy1
zJMEsB;LW=ix1*C0vbO+MGKTTeL)6n&&B=f@6-EDMC=7QGX@_)vwr$WZhVt&mlA_)e
zAOsmrG6oH1%vIY{IaK0T+i0CoG(25NZyv0A^}C+x)T;{xowWtLX&bbl^*2KC$?~)-
zl{c(6d}W7D@mMxB#mH;)Q~tyaaLx4{LUG450O=I6t{PULus1a^ZyFSgxzmB<?BbVq
zp@Upj@?yqdevnN0O0)t`CrTj^LGS5vuc5G)pd)orx6p~iC06AJUy#eQHKvPEU&A0z
z&FW}#g<t4UWG9nd#w&)0Gh(KPc22-zwZFpz9qqaaA~BRwI9W;B8b_^sDH;AF9tRzM
zNr;T~?WU2MIm~->uscc<A=!b5`T83gH<a{jF?Nu=XCMpgNuvrkO{F$)jgHkfR8m(T
zYV3*T`N_$X9}W25k<?D)oZ<!SQczj13FAA6y#_xiEd|^aPyRK*n^s^3l`AK}(-Y)4
zDjc}g(%;cGH5xiOpQs$e(iJrEhs>_K9){pBA)5Dr1HOZirvX$NGeCvOkNG`E@0Hfs
zFM0Mm!u4?%EVF93YIyQ?4ltbrjyF*7YueoTv-!6_+t7K4m=$t6-?fbPm~y+cBjfE0
zU6sUo3MFi%$}9lMoi-%BDN!ah2xQViwt?xvPLckq_$v5qO?4q`ItNdTC7#C;d5x`0
zkINIdh`;UJMIT<Ak?kJ94iv(USO>BV2I1cQ%sv=ZU<qjK_(CHMHgxQ?p2blM`Atn=
zO%yat=S;?taXilAZ-D~$H49W?lq(wci_)|@3ZE)F;ai=3q}C{FTcNL#jD9n^GJT{T
z7*vmKKk!xQyjJ#CLMcSJ7CNx7+t#*xF?sX2t|`PQpSA0FkfE)*)JFO+qx0wj888rB
zX79bsmWF%_CfPQWgfKLP-(Ag9^4_148rCTLbSazp*fqXjn5UpK_fq0wr?>Vl%_6(7
zFPrlhMUlqA4<mgQS`a3F*{WK#Ep$n+uAhgp#YWTzA0*R>o0CA}ghiI1^gg;AeiUg@
z#maB%j?U(!4O?z$+fRc>8+AMdP3gP0020XR;pP>%x2|Lc!Uf8Ghayd_8ZZCT3Q5P8
zoHI<@`PDAcC-R5@u=Q+c?SiY7j0QW&O5W~RV76`C6q%vP*u$_R>!>D}v5AK_3Mw%8
z>L<e9j)-PyeQNyKFSo0$n%W3td<(!*fTNb_kH&Ld3{GC6#E%B4f~YHgH{D0o$c3mp
za$;6h#RQ-uXa*wS!leC(Zy4)p`?re@GR1AqM*Gkm1GAc!e*ji-96C=WkpRm_EL6&p
zF#D@O)>$n432+c~3kWX3P}Q`dI}osalRjwHRpa#vB`nj-z@qM@!Zbaf#wr)pK{XE!
zqE`Hn-jP8&TmnpHZ0=*MP;oTm=d}L##F$Hveo<w;oBJR!=d!|>?{g(EefKgou*8x3
z&U}p^%C#vKYO)=s2CpR<b8CB#O)hQZGrgP?IVh6E#@sV{C*&;3LFOw4p|9Jn#f=*Z
z-kS@jC2Vy4c~tU;bXni6S<bV<fwuz~*jagav2?R%Vlr|HJC@w@x2@QQ(9B?@oP5@|
zTC*m#z5h{$MQ%?va#19?i;d;7JR`ktoN8zJ@l?aYnNPam)M_|%_;|^HF8o<I2jB-Y
zA-!DA+PsLeY}?A!wD!mgBjc5M@Sj7BJ!*51mApQE+H?Pt?1=gkqqX;Yf<Nr7bi-^x
zNCP)TC|3)Z7Txp?H6H1FHtM#!-&(ZrRvc@r+Ws?)l@Cx5h8GO2<tb}AyYVGCBPN3a
z5zgNWVcQd+VqKd0dr+dah7iqfmK=<F@B-0lmRJ#J%PjyOV}i2iZOeWWK>UvO*x>{5
zcs)$Xqi!{cSm5_+R?Q~;+B~bWLK97D<;0F>ZZr%3JjMcuh*|PF&<cdvE*x5ZWPDC{
zQ1S8k{Q~ZF9YXGS$Gcj5y>_24!`8g7K_!AKY2YZlRr7zGZ3a_I4<JoDpH0wh1`S7*
zE8&PXSpL$Is*gl<T7-XT(Yq!~moCe$XPZTzw>s(kP3}A>!3s!Y!~h20?b$Hlt<3v|
zyW21<mS;D_JQ0m7Ek5hGigEN|NrYQKxe=_P;+k3<8Ym(yh0z$}eotGVhf~6hsJ*4l
zo05Y>)AK}>aNk`KO2}W^vHXwcZfYu5XEU)}5)pOz<{uJL{luK58q<DidCw2^e_=<P
zv1bWHO67N)T|kn&@zCk@<T}UYFKL404MJxZX;W6;$wqWJB2(I*UqGgK@CfqeYv4G=
zwWNj5PN(AN_;_oJ4DZsC!paeN^k&b%xat-#zXd@SBqLZOpG-C^@ivhBbxc?HD^*$>
zyuM70;kR`*B*+Y7bDt_7LJEGeAnb?Rw2y_-Y|l_m55M8&{RP1|U$<L6JFn2-`<&Et
zR=nbwzWDCyF8eyXteX)~wC{|{ut|0*d4c%;N^*kHjyq|NNa$m1tdnMV>~OoU6mxle
zBWk0~9&Yxw*VW?JWP|LNw)Q5w$=KSGrB7?LkIp&dcX6YEcP%zmo!`<jS>oVeC@X?2
zw4UFL@ihvE!6{GB>ETj#$Na+3Eg;89;PcxuxLU=^J&ZLfJ;-`yMQLuWQR{VDdx+hq
z=5Q~?zDbRWFULLujxqV!XU&yPq`3o~lo%}()%(!5DAG!yB5&tBw#CxKo`U>A20-Mq
ztsgd--YC{S!(}-O`hS86zQv-|j$;nij@M33!CtQQu1!oHRSwabni3PhcQzirbbWUu
zxMRPR0>`u`S)HR4yQ|=MGNbcJFr|M*k%|&aXe=rkiVjA?9(wnfKRlX?c{mFBp107_
zEX7wkPgmPwzur^B7`Ri${meYH$VFeTw$`jub9=k=upB(E72t6l7ehwp0JRNo(87ft
zj!a2Nv!@-bj3{l?zxp<YkRoxGzdz<PN(pK+$n0@JTOXX{D|yYMpqKW2dwIkM1Bb1E
z0oVQar*D_B;1Z1J^%qZFj2`MW>rw1C&nPEY?~8PG5Cw<dhtZZGYaJ8L+>RU~=4Vx*
z7B>YDc67$v)w~XhB5m#ps%er5s@R7|>$?#rMLlAS(mg?X-4lyGG3N2z!rTIwvDhE=
zu#qF!!Isl*pxB(8a)DijL7vZf%tKo4kRDcEx*=7kJ<%VuBTVa2l_QFA<`UBw&BEPt
z=-w{}=(}k9#=1cg4cY}9Vk)kss%FIjQop+-O!v(#VDki<dEIY)1-5XLU7_*!M2*LJ
zWG)FC%^UA(wI9beIy#Z)k_jYb(vaW3{PgCJGk4Z}4O-!3KnE?QTK@~Z31?R9)%;u-
z06BOvb2@9yV&z&sV5?&O?$u|Uu5Nnd`W4Tc5$)X>mWngs*joU#C5muBGl3GValSLP
z-1P!jyi#VjVI3k7XTAB=#9nT7^;l+Bkrq3#LhkRHzqBng7)dfm7hCDc+>zZ;XPUab
zQLkIBKH<`LO0y}hUsS?BQ@-nYV`ABP1RTs|M&rGd5sIqrfTXq$r`5rf+!CeN>H{65
z(%jsSkvYCIqUcr3tC@;U_(ybvVa8O?EWEL$wl;hR$@LN)aID<+WHH^wW=xTkA-ebw
zQn;Tl8>dGWaTSofxFvHDwK)stJD*&!Yn*)f{;8r^<#gfz_{)i|3C0SQU6N2G=LoDC
z1tJ`iUSIqgWFUG0pt0-OvzApIHe@2@kIheodb332fg+H%fQ0t9)}=-}#@AZb0l;&k
zeU63@9t|L=S3aBmr{Tidpg}y&U>y)QG9eDaVt2eP!_xR+YAxmU=c>w&ZDAJI!^s?B
z3OfWYDLVCkrDUI=dyy1K#{{~@7V%~F=6E$LNXE0ZC(I8-!>sx4-PPhqNWWDikb=gI
zj#7-<eYG|hs0``?6i$8Au%Ag^SX~CgvPcaHmuq;6fXA0!nD=0d`NjC&SLimx3K>ZB
zy2neVahz;9U35XqiKL6ptU@=NSVisNi#}Z^wVZA#C|PxWeYTKcAd!UjT*~z>6yzoE
z`#_*WO2`zNb6I5^UEa1*ed%=Z0BUkIbD@aqkPfDi^Rq-AGNX~Nrr0K&@7hRyPe4~*
zC)T9g7evJR#J*2#CRsa~su98p+2;t{<gpH7c^g{WraJ2tpaLIWd0WK>A~;$?kn6D`
zr-Y&A+R9G~-pH5$4IMkX7+URj18!skxvHZiuB+)l>AG_gMBZjQbi%IUamnFcoLD@G
z1^-Vd$*8hkxFGTKPABu;UZ_s3lll)k+6{v=b<=#QKh*TNaa~lQ{XYHF6)F0(Bbdso
z6quWvU+0PT=>wkpZz0h<KX9Y@%hB#fn{UynRhh)NX>-3yvi(X;nSUAeD4fPGHIEU3
z$Aa#%rN8G>9_VX$+y`hyt3jfenFHP1r)o~0{*G+4vD_oV_f53;q1XW2E4RE>wL6!(
z3OKgU;r*qRmY!56(LRwj6#raokTV=l`iwB)D^i=pj^!Tb_xka$bJ63#^^53gx?^@W
z)d`%x3F+f^F6VPXw9C?BRRluaU%pT@va-JXS%IAsyKb1;1uuUPAqQ)O2H<Q3Mg<=a
zz6IDGhF~eto_Uc~?ONWYLX}`J`z@ewEU{m}Z-v#9SmP!4bDGwyWK@wII<!xwB>F5S
z+t6r6$Wu#Wy=m0bn>R^SVeJG<Gl^k1;>HMcMlG`(?Ixu)d9y94kxD)fYOl=stL#u(
zWs@lCUsm_m@`yCD^L~2Qet~f=ix&I@an?!B+e-Lnu`v(Tc5jAmA<MSWaUhTt!*$25
zQ~AqDe0+$iUD&*wpF4+nAHWhMm6x(Br=JbVEBh^WGD64_;*f(quz_0u)O87v$5nUD
znnE@7mt&!G<QNTWdv=(y{`e+iEfbj@Ev{~`-Ol_&WTxs+AkW^)kBh}hq>pepP5Ci3
z>2-pvTABH2OXHivsinK>$6WeQ%5<!$Z@K?rLDTpxKtq+j5<7MmR?C*#$(UiI@C~o_
zikW5bX9YPO!|}45QdY?hnMl5hC7XgH{HZEIbtbuLQx%Ze(r)T$b+U}826nwEraFMj
zPi=G80mntm6U0MrgPT%0q6&2AtG1)6D3(0Z+`@%r6FG9IiI4#g`7inbc=FP>oHO8R
zLeB~f+8xOnE7YL%;6l58x_-%wtEDBZAhPZSU#SWQ=^Ho6O+KP6F&&tWTR<UpEu(X#
z8opTWw+L~)E0w?wrcrXhZVQ6Dh?91B?yxt5y0x-n6lsrY*Bj`Byzh%;bbt7Rm(cH{
z51url@aUqOj1g2~G<P~GrDR{_VZ^|!qAv6}n%LHW?_IGs#U|UT^ClsE)!0Lu6Rn&0
zwT6c5)$r>9AWfH2f(Su|<n)dd!LxIg)J615GxptclcSTtqZ`O$<r0Va2*diO8RyF7
zF<a=T@5rF_nE~9xk6{D%L>-OzrA>-DX;@D%v9r(wZ*XrWrW1ZH=hnMw7(>=CNY|Co
zm@O1n?%*~+QG~08Nn86<@ueb?T4Xp$K~F5v%%%pF(368RvpFe8@lVZ}p(??aJH^w2
zdi!o#(53ISix<`r#F^0F53)pc?F%XhmV60h_kSW&9mIw9{IPZD#;%zeweb~dMwz63
z4e$Jv=Edxu9DSV2gdNY3I_iw#uCG5jD5|orQ}5KC6)!hzZR`kZi9;qm)j!Z9m5Dtq
zYpdO_9=|e^+5KDXbvPN=bR)5SA`1>{Ju8ViJ&e1`j*qj4qlM&nMsIRInf#7w{~fwV
zqW(^Rm|$qY71}=CZGqqJgd)~Vemik0mHS#9-@>`IIehA#Khj}HEWggSHpy{PfgEJ}
z?kF$<RiZIhVKeQ?<IibqViMe_cA-vH`tk4n2Nxga%K{`}ghT=zMiPBzjV-l0X63{j
z^8}Nta`80Mph2mS2__y{v%h&mc;1i3#9k%65%khT<zAX>@GKR#!!VDr-j^(vu1CrJ
z=Ya}MNAJcW<eQ?Zm@UHxywv`D33*{?b6<ZI-eeiy@EyK_ziTcqw>c$VF5KYoR9SpV
zX(QiBEu}s}po@twc|OZE;|i>lp-qDBJpVk|t|`1Ar&S`}b4*;<==lCg<_)E^`*3y#
z^=c{G2SfQIRX8vjBaKQJpffHG^DBYcL!GOVO&5D6`;301>T^&;a7#0~r{bT|7YTc+
zpKsm*hP>`7RQdrM>E2|R?`?N%o19@6_&&xAB`LemE?v-Z*6@|pt~JSSe>FxPPm`Yy
zH$W`oG&dSTHH)D-BJ47jZ2QQSU1qYI@hyqS1;meoPp)Ro7V?PlzVy8~ix;yP!)rkh
zvz$oD;*MlSU}Y)TN$De_#)w-#iKtq%jF0I(d9m1&=o*yc%XvAe>u3G~)0h`bbMrMj
zGNDh3h7_FIwbn&Bc-Kiu_e-*#omGCSl=Wx_KkM8bIiQws1tT!jiQ34OUdA}!`BxNo
zcsqT*$*WJ{(#Yw(K7&d2C;94+bu>zm?jPK=%Ov_i$*Zgh?Hq7J6iX$1!O0`?JFWc}
zl-l_^s$P?!1r+t0RVH4ISu21?h_n8t-Ct8q$TCBa%Ujj_XYXr#3iNy|cHCQZ8SRba
zG^A`FQvBlV{De|OcFl+)b-WBeIoI8ESB)PmEVVRRGPWZ8G`_LZ<BnB7xx8em4!d&=
zE3D|j=b^?^^>{*=E>#nn@{6?l&t4yh6ejVj-6P{8)7WcQyygdm_JQ#Y2WY(p%*+ut
z1PwJaPL^R6uLVYV7gr;e>hU=x#g20dN{%cd5(YJe?}IG+u@tC#VLzevFXvTI;n|Eg
zDKPf$>{1jm`yz3D-zmDK@s?XUSYJZ!y3nnb9C|eyGYy&>P=(s;?^UKLSQqG(zW(@H
zxQYwfsPg576;<A`3wIrsWG82D7@94{ZUJawaLM|XE6YPP4swNcYwoHs>IY+-!iGvT
z)c#<#k&d(l|J4&uQSuk8JaQrY+%M4Y5O*28?_6f_mba8ld~8v51y(<UNsWWQCep@f
zkIo^)&DXHm?iTRy^cL{oFGhg^O>BmaDsyD;gcOmMdJ^rQUgI8&eSGoYh=bd`POX_U
z2dApexII?`-E{qW+*ZuwO)E*8by#C!OCElRyqnL(&+G!OHr^YQ#k{u4YanO)V&Jyo
zv4RU~zFU|9BRM7LX+gdfKCac8(#^bR_;gWq11CFnQkKA(>|tp4sf1$>xb7mM-6<co
zb7c@@@}}ie+6A4ri!pJCST4`&Evv1-17C)nK-QMrb5nE~NnyL>Ra&x~o%a2Gj`F7$
z{QaM?)5}yS;TSn^@lFP9YU!>ydE2xA@(9x!P^XRC^;mbUxa;LFm&-T#;TcZApO{a%
z7^%@qT<?Z9sS8<fH@3>hHWWgJ?i`#q&SGGRy|7sL5;Ihk!4DD~bB#z-(I=GdT1pO$
z9z}Hq`M)?q8e@l1T<JpT{+33GoO~mkwgm-cd^;{G>zq~;f9EF^Xw5`AZI}s6;A=VZ
z*x@;0L!+8#?9QACJ&eV)R+We#IL_<fV;C%6^sYZZ7L>oKHz7x#KXP;oj5wG1EJgVq
zwz#M*kgOySlza_u=kfd`Hu%T2|5d%0xkc(Npz@SYro2<J8+P><wZoHN`r^OT2L31C
z_;<64rREj@Ss8NR`xoN%IRUlqzbdS6Fl0yI&~~Gvdz%{b6`ut?v%!6O+r~DX0{olC
zrZMl=gGs(Et=EMVxhLeJs>oJ5Luuy+6ci>gs)a8vS}npGKF!Vlst6~JEPw~G!Bb8@
zPM3;{Cy?!Zx8?ji#12|oFnV*Jz2D_UwLLmOqN%@{_>P3v7afpOw}n4cRYeKV>r4#`
zCM5dAi*4}Hd<Ihn*w0SRByBT-*P_P{y#mYY9)OPzgeyAFZwwdfFE3R8nBPO|BF3Zm
zy}2Vi?17b)_nd{+64{y}7B&)7sjq2A#RkB{{_l>i-`7oHUKEU!m@V@-er}a}8}gih
zQ-!CO)9n#bZob4JL$V05vf$WV12P`o)D6{`t<E%W{1sOS+6*WrvR2*%raXw?z)Q?=
zHIyKJsMNDkw-VxEL8UAaU*n4C4Jg{aDAfb)wKo_B#0_(3{>CTCO3Z0+;2lpN6*hqZ
zAvYctUd~!dnZp)$=4fOD+?lAoV2eme2#kTN8#}Ti)RdQ663@x9`f_ZxpKpKbC0X-)
zR3+BUN{UfMF&YI3_qOUoQ}^tqhJPA}M-dt%E{450=p#W{JVy_{hk#+nP?gry9O1j5
zYd|x(RzRhV@JBZX%jR4ohMzQ5I0PbUp9Uel+inBBn(wc4_0D_Y=jz12z^_)*e5__q
z!<3u;Rjm1x=8M_(&xD_yOLy%OLl*0u?<!J@;S1G+nV8BGSl)?6JeC$+0xxXTM94qc
zqdX%?n<o-*?|#PYrO7BNLQfA^v$8F%((C9&R7WpCsO(#5s(V`63G&8&X1|2)APzQw
zGP<;b6qlIQkneo1$MI+I)7gXhvm0=4=z`*|OMW!p7iwK)!2b=Q+3h60>n^eEH7A&9
zmqM6H>9;ne>u9|aO6MC8mi(a$l;)&hc@9kHmab;MtIJeJc2YEGN6Gw!%*eI*fyk9?
zOJEOw8NZZKWjJRR_03p!1a_N~&-e!*mN<GdUORFXl`R%kJlJng5*c`Zj#s7-G{3+~
zkHzyRze&R~43b3(I?FjBVO#g>!W|c!detZXSVqlTX@J|`H$Ej=3nGi)J5R21kRcdZ
zwD%30%XC523knvFQq_Nc`dj0xMq)Sf!<Pci=EIt^O(_e5d_5;$6pY*M@rAYGzO2Ek
zqP}|P3*fK%h3-U-3VJPoV0{LTH5`2m^;?qp`^xYuo>kJ`VAD8ioX)%MDg|CtmX0!l
zjB@8{Pe%lltk;<ax3ui$V~!`AsxZUoqOz}H9rG~_u=J)lcv$gFu{*VMn;D&8Pwmn3
z)%b_*)Ot-X7Mne@pKs%7NX>I=Qe`GuZc2USg4GYz$$C2>y~N`A<|E|Hs?Z8Mn%RWL
zGaj1X=`2S}%+#ItAYbzE6C8%}bHBx0Eq9cm({+<|X3rQq46v_(tsU9Lsi>|I5ze{B
zFqGH;3*Gc+cpRbws8++7Tl;rM>;<j1Me2J}$Bg_S@gFFmY6obH($D1{Pfii@ZwJhQ
zGhfy!niZdMT7{2G0DH~lP*S0^)^{OxWP=lt4co9dY}={t+jg5J305LZ8K>pbEkLJr
zR@kP!qb1|uz*|()RW58TF~Pt_F8RPQ@DPy@d$_!G&~8?>*wGFo5tJ+v`&Qry-D+{B
zNe>~!cX9ldpIZORv!xE+NskWgt{at#I9t+G%CIKl%y3#u+gtS@(TPo{d{K%{H=Ny1
zy4w)*uA`$#y|Cqdl@QA-BhygMAj;=9Y}Tz=?nd=*@$AsBK2@`H6B%r&=Xae!u7dL+
zg^3-*k8ip5`)Dp*wBN|Q6O=NU@vu9j?A2+l(fn-;U3V(B>q9ZwNCD!8T|`Ub`BJHI
zCKI9*gv<bTO8qhullXx;(<*sV3n5_dk)<Y<zdv(WP-&fTDmM>7cfCoi;V-$@G6$Mq
z2^AN{kBkxAp}X%-b?%*&B(!UPgkMZlwyTz#Y$YT?tqi9s>#Wu`*kEt8<@xCSt*gg9
z%NB>K9P~_g5-$x;Bo@OCrW4ZMW;L(6EHFJ7%#WyAHEWtXW0V&<(F)aR4SmyY<(T<w
z!#dn8g2xP}mxePjanNCILV*+1)YC|2nGY&4p4`hyb98+8(vIVkZ&GQOp|mpKvmJ}b
zJcip(a3iY9!B}Fg_j5W!z~Wamq;$6xTkb%)qwjeM!c0X=$#BN`%;Zu8vUBd0VK|5<
z(3h<L57Y5)7a|j^yyYz*pfhRa-M{S23c4dr{#6lTw$+h&J{5O1G}U(tu%|V5_rW!5
z^B?^VYXdUYWVybzXL&M<QKZ>3HZS)p9t<FAYSomDh%|lWTNtdiSi&8eXjHFruPMU+
zpB1uwP|xhBGbv=|B?tAKNjn(X(jZqWZ2(g^K(Rle#bss74#vsk#>WTn^>2w2>7TTj
zTPk)YSXgICzuzkqht-vszH!QHJ7ye8(!miaM-u!}9VYcDDXnLfiaN`T^LMP>nV;JI
zq^o$Iyx7uma_=eD#@qSPBk6JKeZ_v?<-|%zon?i^g2TbyeyPcloHxlIx4z%^KdJAy
zkG`9&kGUb#&DEaSs}kQuGk$JtauwGb@P(%av7Idc)H4&1+HeFV^tW!t3Qg^r&v`y{
z-lqFBUb>|2vI7auN+N8qn*6_G>Ho#Mn631zgdL-?J3Hs+TXtBwX+ZMZ*&<c}%>{BW
zb=(Bc*%dAhG;oMk%2=^KfO}Aii(i-o?QE$~RJw$s<mce(M{azLfUC;Om!H}qoAxf@
zWYEwaTFMcRujcszQ0Gpoat;Bf5W`Y3MpD-tG7hFqgqgefgg-ajN$hU;R(^r>{?Hx`
zh8oof6>(#*W>;l$C-cwf$4B8Z;{)SNyT*{bQmJT96K;rNN65gj+GE%PE<a8^2|)4t
z53=G;XU0xk%u_TFZV?(tqISn77wFHBSX(7BTY_fBkQLP%ViYq3Oay%V2&jK;`*C}c
ztU5>1p98n|IfXeJZHGZQ_nXkcD2o?Uhe6mOb*+sbqdk@Nd{*h)zxWCRC3Mx>q^xfo
zUT3FH?kCz)l=Pyp_aiNxY`~<sl&jzh?CdzyfW_}7<?~g>5o^R<%EFG?hERg)dUNQm
zh5oRTo6E6y?XT>d4_po`yT>}y?73lQ6o`S*ssp`nE3L|yNtf2#^RvIn2`N(Pxxxn|
zP6Nw-`<?79YI}EX0Zekb-oV1e9W4G-$S&=K@z)YP^%PB@JtGr|q*opILD>*~bn2mk
zS4H;W`ux1DRhz0dU*OJ~_B&v%>bm1yp&7{HRDu2DJC=;lCfssG7xXfuUPMPa$-Q43
z+g)cu*m6-s4&md9zPanWPV5DV!N-b_xztNrl2p)MA19!@%c0v|O=>XxA})2-*9a!h
z0atU_y=)|q06PgGM~(M0i?mC8^eJao6_`>z_p?iJdOyKWo;XmX`T;Or>Fh6vra>e`
zfNAB_%N$Y0f9*FlXCb{}W-2St$CYc{!S7;3_hg5<04^?SG!LPq+Vv1E&M8cw^%EbS
z%fU^rY4F@&42W=*s{=*WQ;v|8S5=u7x9$v3K%5w~OHM**;!H>QQ=#OC?;bsgA(y-;
z27y<dOa7rs&F(fv`Ke8ak2KXPu+0Ety`<jqUZ?Gqj`DJBFzREPx#?+IFGTyV*_0os
zjZi}*1GdN>#?Wv`Y=em<%vAdo>&~N!K*GHWbSQA-De-PysU7qn_u=eNv;k>yS1m>2
zz`%g|W6-KWt@&xvHn3m$u2uc_s1vI!mT4tB9V5M=K!tYv>HiG9d9*AGi+QMVM`aq;
zG}qkmOo^`c-j7<|SuzHZz6;i?z`=KuroV8a8URzvX`&+fjHTi}wsxT3(kva#jI|X1
zeBWyot`*N^H}L4A2KfRfX+xL8)n+UsQn*K$6y5ad=rFu++B4H<|1=x-QNCo4<F^<h
zJuYh%r{Kmc7B^LiCkg#T?G`A@fm~8KaK+M&Io14s;O))h*?PRa->9N$DvFw0V{4w(
z+~KRJqH1c5ZB;eWNX<bcMa@M~)Le5_&0;1sPgOG&B@*+T7=zHezrS<tJ@<9*?>y)H
zp69vu-<<^6_Fj9f&w8)VQZ_7>G$>mJ$0T@)J%cLgR+^gQF9vZz_=rs6zIWuUDc*Kx
zg5CQYTI?Td$gU>{>#{-0pb!z&#<0!%cul>}CDkglNfD|Rs0_O_!wYvx_!6N~tP~Gj
z2r&zs<g-9=Py|VIAx*lutMaD__Uc1s`SvTd=a#U4K(bYbCf(O|@*kgLF&&y55#Srq
z)GeTh)e<d3@Ujf#tgcL!ao96}f%Z2JU7PC`rZY@)`Vif73l!JOd-FR-v=fQNo*34(
z9ct;os)S*J-x<_T@`>r!4ZV`ozA0gbSmjNOUBZ%YUVRZ~AhO88UwyQSYTnzd8WX|3
z&zoqVd;`YcTXqLGP%pMGtu;{8nPMX;`~d{&>ygX%YsTLvbB1Ls>9XQ$Sa&b<CvM5n
z^DQOh!y8zFGnF|T^7HK3E61fB$2KkoOC6psj~IUcVh*Zylw3>O>@ioiaWXG>?rcba
ze;jeE=GZ%qImepGbSwA8m?7=2a+>EOTy&Z&iS9Nao`q`1*r`bZsS8EO9wh@a?(t)d
zJ9hiEXNfe&8~f|O8fCnb^)RQ6Iy<ZR)mt9wCL8--f3K=L9iRy?2DlpfW|BXz$t9P2
z3=#OJ-i8&d2f|PBc~~a15tQ>E5SL39`!bO+iTD^Ebls_r!F|IqkxlWce5E9eF?aFm
z(*@5m6LK#xty71e@(eZ~dk(x#5M*&Vu#61FE?s>sqR$~fpZMuY-$%{bE5ZqOKJWIY
z8E{zHcE6VyU)sO+1Nxvr?u-j(slW|ap{iux=<eBvHm_XCI@U$6@^Hpbt;-o_drcWV
zF-<K9j6YbJjL~9Y1bhvgn_&h-WHEsO>eHS|Smo70D{Ts!?rwdf=C6<Q4!H_YH;RnQ
z<s!aNf2)n<-B*HKA9li8lV23Aejv@AaS*CA#!6<y$>?Jy2=9S6h5htS<n@C8YzX|n
zI{vRp00PN)owp5>QJSnU0={@9RWEFzDZbBUz;ZL&#z)sI`H0!amFmvcbB~=lHqkMZ
za~A6=?h-{6e=Q)-u9qNU;5lGDvYKCB7hM&`c7EoqdGOBi^m(4?$t$r_bnOfY)#S>J
zxJ>#JbyP&zE#g`8GkmebRIuf^>!XprSwp<?SRn&XK=CUn|LZe*)XIq3FF7?$Ryf|X
zm##);?(1Nk21~ucSw^x)5q!Q=)tctrL501|Z6IpD`H!ew_>ZWa%|b~N57gQ4%K8J+
z)w3IH+YYq9PWB~1I{Y%5IZ9$OJqK(y6wzbQ(;S}J2Uj>AS1}d(-UKl-)1Rw*g;|)=
zWcUMe1n!_?33c-q(~&#D$d+MLJin7G1nQf=+VcnWV;SSJeRLBAOg~Mo`~eMv?TzfK
zPOMP9?PS~;M(-@@{*KFXHs$)UY|lyw#lWvTCsNY!YR*6B-2NH+_P_mDnGqRAil1&3
zxKcN?FUyD}#|$~h6uQ*1R~vHl7^TFS3o6Ue^}Nwh-<7yd4e1h)A8+z4`@OC{K5g${
z?CaQ;6BAxMZ0>!o0`i6IIH!S$6ujgqc=1<Xx$Ro5fveaX{Rk7O1?EO`_E?t_n}gU9
zZPv5iEEXt2His-|G)Zy(I;}dj&*a|giWT`eQRm|&*{FsM2Mvl)wSy4Ux~~Q4A>wV(
z1dqZ84HuehSZXT?Vs$T^S&O#3bJ=6kow+&EoSn6^eV9tVvDpF-bH0adA+vhoR2F(7
z@ozx6Z?5GuG(+$@(G;~p!!ItgOeEUmXPlb-#WOPS=MT~utFBUK`7QoCWLQHnn;UR!
zHT!k<+tg`{;mLJ0uhZ@$BceXN-jPAq8~9D(I*tgv5C4$KUcKVt2`H$2rc&Z8dX~c1
zGpSNxxTsmNykr5xi#XGkkYTL?!lZ;BnSw*gMsC@lz6NM|GL7P>cjrxtOHx(#nmyl`
zX!&^cNr}v{?0!;hd9^~}_~UaoaEaNjDVqWU<OpIG-m+j;glL~en6c_0b_;=537j=C
z6F>Ftw19Uaz}$D=$bCNHW5vh!?e^{HcP_X;Nr^EKFDfuKgSuL@0m0$lFRP8$+DwRB
z<FBFHubY?%HvJmm6OUb`_oBjL%%3GXJ^gew_=7IUZOkIW(5Pv+Y)cBZ>0HrV>j9|#
z@}Cx>!z`SxUee3{I_COc#gu>c`o9`y{!N0kJSKD5!WbXJ-#z{V>c~9auU_}hQr7l=
zOLe2x8{f+Jfv#C8ZTfgcY~=U%95m$#-pK0vnNZ6Ry3wJ+rN(6Ox6M(6Sl9QPzuy(j
z#k`x)y$>$VNd-@ZTsD1h`@hge|Jj%L-*=2-RfqnJ=NCDK0mDX4UHyg-F1Rn8)~A+v
z;I2?J6uZs(KJ)w8RqEo?Pf95iZo;M_A*omcjN~11HF%=pnsoN)Tfr>NyxX;K@y`^}
zu^vgW^$&;{^$K;qAdPTi&fm$rDaK4<diL=GbtALtJ^i^*zC%7ng!nv)|2A=rfgfU1
zUSq<h2XbJ7YtcgY^jT&yy|%A)-O@~0jZI#XhS^|%S$MCaHJ?ZJxEZy0@S>Wt<JlX!
zTQ@IL?bmMhl2EOx0^G#Ow%D+O5j&PUS(~Z~;LSAng2fB{L`-yxFL#=F61T`!_kiF9
z%tA3-@vL11b*v>BUz&yYTHrx-VCZM;O!(2&Jm|dm0mXOvLl5$*<mW)N2FhrDiSBW3
zi;47R?){nMkQQ<BT>>r!VO2KcqMCWGHo-I=D#W|J$sTY%)1~_YIy&!{LZ3n0!>e>6
zjvTvIZDqmo6eHqtq*oE*HWa_EMYU;7FszH}x|W!(kwka(i}7ViE|Ke9kY7?w{CVWN
z^FSZGBW*ik_EPZenhEi7M27Gao8t9P@81(RLN()UFXgenXP;=A|BK|E>_g0&x15fG
zDg-z`94(cqo=CCOi`{(GC?V$FO3gTb^U8qx-I<_(M-I}Kr`tZ$uF3VII==mr$F<O=
z!<`$e7#dG4%fk+yJZ<&bDEwBml$>g$jM7xxmQ$R&Q0U}#Rd9OHEs(3o#eBl{J9TJQ
zkO&DCOtBD*s+N2*GHJ^4V#3N&LFc%cq^M%rKxZke={N6z&)ABa&kAmsY>%4pHzsx!
zpO$gf7TUY)e1ghc2=5e8FbujB(tg90zGuF~<V!&!F?bFaiBOac--~4>$98%=Nq~Kx
ziK>%=&UpunJiuJ@cB~dk2<+7)R3}B0PSj>jp87)%m-(%cwL7@Is$D;RRHshJp#vMj
zVQ%EG;#H>Ls3uds?HYCyn?UnkgYVp}u4Tuzd(4mb=GZio+XNXr2if^yR!t=J6??jo
zWzNk~`zMM<8ZGme-KK@(N8}!L`rvPg)Rr~DrwLZ?n*4Lg4)`Q=$rJ3#q`knXD0*_E
z(9%f5Oh58<Blg!T(oVUn<4-tW3~DYpdW*s}x6Osn7)AKxkySh8*T7#MLqd0MC{2&k
zSLz#eabLc~k=U5YEa$S+e4Ml`>3f1bozXspJr^e4In71M`j|9tAA%v7M)R1EBp#Mf
z&+W@_=Z+#m8Izrz^1EcC7Y82L85)+wUUts4LW#Z(KGg>vzsa=+FNP_+gnVM>atH4d
zgpn5t3@KcdUmfvHW_>^^O44KOrQ-b+^4ySyF1qat#f_8|UA8AJd7os}F(BOa+$I*y
zuc22LvnqW*=<ALV&-vdza#-%Vg##du!18v<VK(_o$gy|Ep!*l*8qsytP3V-D5vezG
zt`^_8`nErY#qlqxd;w@#S<d1gQ1H%ZfQ2!o0S4=~LD}v9!jNhS6ZP3-%tNBXJ2Wqb
z0j}4c%m%JWMJ8%YM?8R{mp&EI8t{LtkWP1AGtrm}Q2ZOn6J4<vn4swSXl*2oOt*fq
zztND$c5^Z1;o`>{ePPkMnH5m!WY;VWv9_BDx!Z+gCzXX#)Wp6lEk7L6G(kv-RoBDz
zgH)ZSB-oP}F9>^I`03^_x0RMnkvPrP)T|=+|1~Z>SKSCHdDQ2g^zi<~=+~|){mVM$
zN1?P1)FPH{MtX;7Q>O=hfC0p>dZp<Df6qO&{@5TDu34cGU`%X~2aG){Cz;4px6SHH
z?S(|#)gO5C`~F*)=m!)FcTbTQORzonxRSK{ZmWQ{1E<4E&1Qg4;b3n6^TF47^r9gt
zpR`B5Cql!xZ_Z!FRB?6q3j#(8Yzqxz`}9gtb|xluqs%32FbLNNri9Jb8FZq%j==Z|
z>Qa+0NzsUy)S!%tKI56#o63Qhmyf`*8#7N|@ZNtHquJGH_@ds{kuTjWW6ZVDVcDn9
zPGvN}2L_H#M{l)kohsvcZCuZu%w>gX(@!du$T(a=7=*PSC*@w#-;mx*fiX2~U+3{*
zj1suNOznoftpyoHG9WmKKNIH#BU0(2(Kc?yD}Kh=mul4=?K=5fqRujS*%W%1E#$5&
zUk$cCrVDo*MsUwfmr=t{+O#hY<&J(<r??*pKY@%pF4s&%7ko&^t6Zu(TUp9+xI*?m
zJjf=0VF~x_576oG(>+LbEH?7QJXh#HcV1SmFQhN7vB0IUDJR+BjNWE@71tZdvr{{(
z<KcHY<8NcL=6f%M2-BN%CefB^Iy1$-Rr1XVY%=gEykBYCE41hsImY(m=;ysT5O2h}
z&m^BVewD#iHaMpBOd_@u%kga$@+GViB3aBWcxq2hNxMEnUCf%P<u*x%7>(=;hS`gd
z4Zi@o(6N05?AzUv$1Wodw4*Z9Jv$5Uet(g;V0oTBu8y_ay6|5KTm{zR&e&NW^dFG@
zbif|k?+DkA8W|jXUK^oJwSr_K#$=U1X0>ZZ3&uUKdqHK5&j#Y3Y%ReLKN)ukDbcw^
z*nr}Zrqz?h6g?tcr^#hF3ZIV)DlNs2B)1;Fb}fet{fbo*X5Z25F`@D8p6`U$cAvU-
z+td?Te#vfbk4&~6JAK2wOnGss@5}W3Yj$*?X3>IA(H{^nZ(|Hpet27;`g6eIPLo@)
zUM1aAFP~_peAHgSfi-MjIGG5QqQKJi8_irg`-kkzu_u@;+5JOGIdG=b-<{ErRHOEx
zkMsazLsu=awF%Q@rOJkSXGNG=>-!ig0RDfAP#A14V<s1#7@plZ?!cN%X~yo`a4Igr
zW_F!_oYe8F@7g7|p*B$52!0YO&=qmF0PbOv_7FY(&1s^P23_(!+D<_6#*sz&5%>C0
zT=D#sJr)K8KanM@MAIT~y&)qu!qruoW#i=SaC`mpMT6E?#LvE;F6zH#qcwc@C@~+6
zhowa(pUtcuvWp$LVwzF$2@Zv2vyU53lbW=ik$9HBTj{WuJSREce_mdF)*F|T7#Ykn
zAkp)e)F03cFY&^lIMf$l99kHS2v?L(O*(iwG4GmGKmU;SVtTYBmho=k!?j4!r6=^~
z=PrR3;_MD1HBEDEk<$jHoyCv)b5L!15S@c~+w7X1)>zpkXV>B21VB-5DaLO{Sj%<@
zp3{j?DxrIr&^fw(Y*|=jEL_p_$X+G7kegu#|1p!<Z#T7zslhGFvgW9J4@zmdS7~7U
za3vF<EV$O<cUqR;lb7!je@1w{)KnxyAWWc2HcP&HlNE45oi{~3Ox<dXkWZy)-P*LM
zb2C^QgVGhh-wB;d6+_z-q-)E(c4N>P94K|k<-;ey`>o?YRObJ&%6%V4S{FRoq$K4O
z{YRg{{6DjgqgvPIB#Y;*WifoC_>_{nWSLhL)*h{nbWJe1U3b!T+DWwK=B^cx%f1tD
z^H~+p1f3sa@Q!4`JEI6Q&LUtGfvc+ujNS8o5axQn4$d9O_^nRZ$L*&(jh(aYXg=^i
zRLd*Kb~(<o7i*}C?|f;de(&imz5*W_kxR_-b}i8);r27miqi})hKzgkxkHQ1P-9*&
z=aUkSQn*Z{p=_TI=$<~`%hKL4!+b)Eu_`Je4Qd93fdkeo9Re3nEZW?Fv4sD;|27K>
z91ylKQJbs--q9SG{mb>ld+W+f755<bwtdJyN_N!$S+Y9-)@w9yXM9=50Lr$R9E-P^
z<}J}MGm?Jo#gSz2<AXL%HK)zHMy2AnZOB7k;gF~fp2w$|n%o5$_lI0m&SX=UASPOf
z6@vV|^Y2r7Y=d`MV{VuxG?{HO9G~c-T7`;5w{0LlXVX)W(kU3U4<%hE`VVM*54BQV
zCRS#ATHxi+<Ue2g-it}$0B2gBxuIlb8UL+9U*&pVW&DMCv~RS>@W{si)@BES;W$um
z*l_<_N%POiivQ1F1FTF~T9hFeW~H=f^|ooFmRkQnf6y4TX&(HB3zoqp%u-989z)0R
z-Sifha)AAz!`PM=|GhPv>Gfm<BR54(AIIORg?6>A4q;hD^qB<Nx$UKMZIoH#<APNA
zB>lIt*SNP>Z8#3CHr?h=P*aZhnl#|~XU}0r<Ml~^y`&RFf7vnAR9tjf3z*lX6Behr
zrK7r1+O><<iTI{{rImDUr?sR>%?sJ!h3@#R+z}%3yr+4{_W^@v@Asd~Y8k@!8z#{Z
zX_YQn?Sq{cwL#LYK0O;8_Y6QU;(BiuB)Ik%<(2k*v?_*RDknQxn8B*YiQAzJ*1xXB
zuWuwD)GGXyTO{8psZFOg|DJEJ>_$<;uVSx%W1H7B1Bi#FWG|mQn>91*pU0Ugu;M#V
zyH8SP=PYd8ORqS7P|zB1-}8c$dp`KbSYz2;qTa?SiH;x^cUqhccZEdD)r>dQXG%WK
zQ|n?a@MP)f?oVAtxDgLKP)uk*F-_B}AKtFne!Og2qkFa^*VnKtETP|{q~kReG->WJ
z_BYjFxgCaJEg_c~O>FN0tfBR*8r*A4!oXiU&wr{u`^33ixo~31A#m%z8#(^7_x)=T
z<=-QXS3hyk9CdD0Taq1%a(1!K1<Q3dH!UVw0E$>0LnvR63Ht96ys>tv18egKWI4H`
z#v_?S4xaP>0}7p097iY?^~1EzGGr5_lHL!n^HJ|4S%`T2zPRjS_Q*<CX|(D;81w&r
z=k;Id(*D=)m7LUOL}-r6R<9zS5qQB~Mk?6-*HTJ`PGUyJdtbc5Kis@^L42~X0<?m1
z#xMfqrNz*h805yA5~lBGt-~duGHBny{<m`aQA@3_Ju)?%_ZWcw1{acnyxTr$&r8~>
z$oYOwPkAZoo9$O4m>4xpUo8$u1gP03E6T!<A{65^e8%EH$L{o+4*M2<$M6odHQD`l
z%+(NI0aq4$=8;Cr%euOx9m134#HCD2S&?}8m)_zc@qY3CLv&++WInhli{Fl-&w(qp
zvX)VVta*<xuk;b0mOkEyK5x(^{FfBfRcE*FpmPX1JQpPqMvMCO5}>{H^4%?l5$fYm
zPr-0)?y<7`9jR~o8jy%Ztj!CsL=_*%;5*%0MH^GFc~rn~qWO%P=v0>ZiUSj_4JD}Q
zIM1Zo>Bkb`^~u%i#%qdr&YI-GNs-8|Rd1rx&Uc1JsY^ZGuIDl(JG9vllEAbXLU29<
z)v2C;5J4BZQ0c7l<=cHjktiYG*9s&2fo4k&8JsF<d~$a2;$bba_7nphHql8ezop&t
z$=joQ8lRj}?_P_)`J*yK7ZjJU0U7kfgf}=%wmU?5W8bZUOW;YzZ95|aLhfZX1Orj3
zx7h5vu}$~<U)Dc^xB3{!8d>2QF@-6ksslH?F*w|4A#ULnIE(2_aE%iwM5@Myg>N8v
zR}bHS4=i_dsn;eaWd)XEuO8`hF?NRQ$k5V%1@cr6JQE6ElRK{inuX9aM`_Br92++;
zY7Wy!u=ZcBkSM<P)I8{OOtX4fJ76H-_?Qg+hR`5|7ORH6b{-R+P&##yyw_mpA99yB
zucGL;X~GrB9$|4UiLP3L>;;4-`AI2UukCmj-fl(`nHX{5N&VFefkGG=?S!J8sAl@p
zlddv8rOI?!_?BvKNs&c$qmm7Qq8tW5pwSox#Np5$Ahj|=H7&l9?{*-?Taxb*W#Z-r
zL>ye?-@eQ=<Nb)PF>C+v2XyB$VxWs^H#Q`TrW&AII9slg?yk;WZy+XRc}hd~255gd
zxFjpwlq#wN+JK+AK9s6~WFA|25lmvWSx7E`j_G&WzScsW(2fnr?;Lx0vu@by%22WG
z-Fo+FICJrb{&eT;CBVe@usu_d*d5uz?*O0J)g5&nV>caXdX{_p&E@;W<q^-QoPMpw
z$bV?BYc0;|R%vWR%~|6XYwwjn8sh|m=nt#_(AksXvxc5}+)r*KYEQS>GmcQ~@>Vl%
z4DGFM8>e~YlN*NadR?AY{T7ZlH{b=eYuu(`u_cX>C+CveS!fXV!@lFDwXb1F97{!x
zG!3!B8%aa=Npv<5a@=_mKiZ$aRrtKH)U-?pEqq$T<CK`yQR2|OlcIT&rOg}uZSLx`
zJM`2380jSJXX?OAFirsB^^Aauv0jeUR7Os6y4&8?$|rP@GI}pNzOkYT<u)<JhAVU5
zJ8^K(?LWqmbd6N`Rcq(VR?lAGs%xXlD260|hsyM7o|h3`Vu=N->pPub7=y3Nmkh3J
zRN8r`k{<2W?^+a3lMztI;y%}~cV*vXsw14955f+@Ugd`vth~Dp&3(UXNip#uV&;(r
zXA<L@Ph{J(*k+%hZRo30%1Xquu7FEsg`V7X6y@_0Pj~kPCXJ@suypODIhJz+USA&%
z!e!B@OZL;J8T<5?SlRSA36Dh2r^|~}3|?8joDSYGv?|1TPGe?I0LW4M)e1%wiZRmi
zR@dR8D3Q&GKgdtXk$*s)e(xK8MmQItGe1o9O?2ssPUXeP-PV+#>A7ft)b+-lNAkkW
z@Y|cJ_$aWfGQVrTMOCaNaeU#<%`rfR%G%3&YP@*y)^zMA>h9ZS^Ufg@dV;~3U<Rsd
z1g>Km)@J=Q@#RQCQzZO76rC&Y&c_$@4WxEn)zo$|wmXY?3OO`OKRFk=B}+@TAK~X2
zU%chYGbIFg$>frw^naRr&zHOg>?*F89OX5YY|9#LlGC?m^Z$Tc3wJ94rDWmRFN6+J
zHpYR#{|6M7)?r!0LmPzsNMAHSeg9DC={LdWPrE~}P}6CxT|n}~dA}psh+9RZbK4zU
z)`j8Hx~Bz+Kzb}BTZK)Qs5F$y4wMbOW&!UOd09<SD<Mnb#~j$J*JZDC6Bq(u?Xgft
zAI=OnSJ66f`-Pf@MSTl8x3=B)qzBCt2qscgYYV#xE4jXjgW$ltx|&;GH~O-%rn%;x
zn7HLTPCbj~7oG(N21#&6xF1-ZETc|q7Y{So!9R@-y-#vslS|jh?4Ru^cge1)_Qj}x
zIT)`o=LF#|{j$#t;>k)T?P7Z{0;p)OL`!lG*ACRKu^sjohP`50`{#KtxXz9oI|ZMp
zFFmGKymRS#LQWz}Ts#Am?}njZls4<Iwh%&Wq<VS^*E&nzs9;nwW20c;z4JgM_1VQO
zrw4&(-`8GC<!6^DcL6Le1Sn_IZ~#gkHdU=AI+o(vlp-kfc#)M7nO`r}TsL?#$AQ80
z?6h&!)q%|46BDz2f&nmN!vn5%K?Xo{rHGGcy3LD{wDZAVXH8y5;NvdlM|M~kWExn6
z9*88`E6`c*@IQH-V9{i!ycBTr0b#227Tc#<{*dqU-txf6#lc{pfGA*g0xMiMB)KlP
z?V?)&S4>BPy1JM((dY6zOE(zAsgWx2zGY&-leYjK+=bmL%vqhkKO(d3lseJ_Ixnvn
zUmW=TdpC99kg066&GGcHgGP)FT^2=WF-PuIPUQ3d4B+}79T)w-{J72k?@;xBYK3ut
zVx%Y%r7^7m8r_)^W6ITFwC~=;=w2@8$=ixznYPt%Qj*k$&0COddbAIj32$dY&}+Z0
z1l6-jZbhmXk<e2Su#%J~@sIl@K8nckZFXw`&In!(+$)DVRY}2k__ivfrsZ0FOX_H!
zTMcK3g$+_A{lh(~L9|zcPgek4yNcksQheM#Zy9~B_i=u@TV<2WA=O*UryLOv;)3qM
zMJ%S&qtNq*?(5`~7TC+p=KRB5Fqu!U4HKpgi_sQZQ>UREnm(C+g8MBz-S92sbI1&p
zsD7)2V)ui24(wgPH?eol;e;P(!VjBHYzOb_ymMei1eC%<N4tHjfA~emWOGC}tSYu2
zsHAdTtg2#3r%cm+zh_J^XB1%5;a`CeW!sPfsyNck3esN<(Vevk;=Qhpw*<Xs3O~Tl
zXStZ$7_0tWrx{|}Q9{L%yY7b>&1y;%6l>Q1vrxNx`k7*t51*fxjYQ9|0R{sWn?v!l
z^ZoF{(oSydoZN!IXRAyrt;^##3#WL;!D9(_K*Ox$ebB#v0shws=D(QOHVo2IEC3IK
zb;)TH7KkFa=J1oEh)eV?RdjzHe@Tq03`?`S=R@kn#O1`rM63aSlwy4^fIs@D;)b;O
z;8mU83id0RTodT1o4YN9c9T^2B)@x49;4OW6K(j#egdj1mLBeCDgr({{A?Q%ke_2A
zv&Qng^#TR5<uJY6l_^7hMjX6PoD8mZ8b)yWb5}QyEA3ynW*_D9^|SB&b}}a1>7H5-
z-BRm$J^?0Czt{*MD`q3B&ef!lxNLPtU+>%9k<{R&4;4>RjeMfHqZ4A11mf3!O_a})
zS-(ZYv7RJYWm!|BQbmsKXyG6#caBJvgU>|AwFkXP<wv$1Up69rPfq--GRggIKFA9s
z{@LgN<@_H9Cni~r>VxOM_Hpy`!<{6)2XEgUo(dYbyHfpk31tPDM*-?CF$}KLs=j>?
zJFSBktxDbAIJ-Ak<?H_GVC%QfGWSm!H*+rtdUEEoYr=Nf>}6BCdw>OsDRDc9B1`a3
zDS1&&;sUTfz6V|AJ0d%{A2hePwd73r-Sj^3HFNxe@8UxXiL;}+>N5i$)iVoU%lwRq
zS=t&AI|=o=&cVQZXG@Cip=4}sv0ZSEv+4YHxOHrYO|#JaqtFSuQKkL>F;<uN**Whn
zeVb0H?ADA6+>lJpDX6N-de|5=0T>#%7J9{8e|Be3IN|MAy1#qYg%FJDag@`_U0r{n
zvmffsxuP|-^E&6@j!$6Cxh}`Q4C`VP&IfWN(w~2-$lOF|%C#PmLFjyQ04GNl`#5V%
z|M-F*Q?D=!<pa#c%yBj>`F-Z5x^n;TAXe<Lsyc!7s>xPP?6Bl|uu3!9(RL$6zDbxh
zR5I>^`iqxuCH|W`3;wnJ1pn4e<(MsO8vqPoJY~56D0cqD%qBo^<8OM$0?pAha8iHr
zYdUbW<WW@8tV5ImQYvW#H%PRi#I>5*!8%b?sJ3!)L@C^66Ng1jC4?g<7mn<m`<T65
zUwiE<_gcEe$3L=Bz`A)q)4gnQ;UD$;|Drw7|NPHro;>g;qxdIc-2iFThjgzD_C+Qm
zfAyNrUH;Zv1j5`w^zHeZ-2DD;nPP)ls2j+3MS!VgQ+dKe()e@)LIeN(ekE#j{HL4+
zsQ02<rUy>&B_yk+yNwDK@EP8+DB2XN9COyCA>L9QZyGe5yMaBiX{74e=OCGM;3DT+
zg)K&uw9Fy)@?))b{+;qQ-hNnY7XJ27dG`axr_iIFx7tysWq&{}*(Z0_j*%I;PX-F%
zX7^vh*_O}Qq?iam0zZ6~y;y&<pUw9>kPSJ_2z1+$59dyxy60=wJtxnJakGfHHN}-`
zEDr1XI)UM^4%JyU5^Y)uI3Xa*baabtY4(9LB=?+x#`~CzwYg1^ZP@7G!e5h0)_=7~
zPof3c$yw&(UcQU<W2IXHHW6YX70-S7_PTFrfaqM-kQd?ZENtW&LvRy!5qWcBCY4Ft
zxDMh4R=v)o^p#%!yL69mMy{~(<l3w(S$h6tN*Q-)B~zL>+vs@)-7gHy#M*Gb&}{5p
zzC?0W(?CA0|Nc`gxE06VM3dV+k72e2tDmLJ;aJ-te2-QS<p;mqn%Jy2-2N3K^4w4s
z<jF62Q$~OKtAp%%MZVskxajy<i=Gk5aZa~xNR!3C5dK7yr3|88KeXlPIj)VP_x|<#
zqsrk6aW|SP%WvJ*2g%1LcvO1{#DW--99Te7?n+yFJV@XL`qEgiO!6X_?eZx$r|z{R
zZ4b3r4oS6hn*oer0f4D(>L(CRRdtqd-Y20a7V?Tey=A5ZpS9I2c74BaF?Y!^!C>Bm
z3n5Gn4ERD$I%w}qm5orQ@sG;TFg{UAqTLLWir0XdzwEzc5&Po}*s!Dq(AN1Iwg;vu
z;d?L?Sr(aQbBwDZ#Wdnsm=Qc=RS$v*qXA((d1Nb|m#ZcI=Y?FZ2T%IDcdIf%+@Plk
zjaM(o=s5GUccA#c?L{-%O_Lv;+=}gFcv)45bqvg%Iq-^qbXgv8-RCA%pvc^066G&)
zNFluOJBoSF@TO~SBXRTHK`l)Ex}Ni=9>y2)B2RZesFlvbu(HOL<S=}I`=9|Jw(Fyb
zXiO+NTIKLH3KD*=S0PtYg{nsauIWzmYX4(i?NVa1pfX0ls^n~waeVAKrlD-D9!9nU
z!^Sq7Oo+7oW<*$|%u6y1O56&N>9V`iZCXou;rF3V{w=_>aNEZBH-+7*yXqFhVnpn3
zKj10+jtfnVZY}|$s*zaxlP2O>U_ggzLdh?nBeB`!qAF$Us<{AF-Yts)AOz;vFRG!^
zlxIH0#<$Q$&q}gutLe_iJ4%hj^-wSHEi7L?g%L&s!!V4V&8*wir>M3^_CF5aN__Ek
zJzr7%;7Y<<wI06X$jqc^SW^7txE(U)IO*8eVYy&7c5vr9T)f?{yW8ZwA2Q+Vnqp0H
z369k_z-?E*jwbIlpF4*!SKxO(tKmz?0jyQHOsVG$ZEo2R&x4SW$xf5`3o@>`aTf30
zjX;TU!Q~HoB2~6-YQAhrb0BZ#8qAknL>LTtrc{^lPa7_+*93|1cx|MICMoc`S4SG}
zPmfp9Urov;1USwWWQ!FQgHx^EUmJ6c%L~?xH+)f9n^D!B&Y(YBq{dJVa1f8iv-=wC
zz&q%sMx^kptJNlivW?8Z+)0jX;>ew)uo4HO_B2?*{@?(Ws4@vd;RqQyk)WsCF+;r{
z+yd*~NKQ7f&z*AN3u6l^M@u*m&Uo0lnYBr)i`&8~UrDqU7dyV}<bHH~#TT3&*DZb`
z?4nXLN*+hteF;PGIu&$(!<}pW%ZGDRDv2yk{<Lj`>9}%im9ipuMHx`GDUTAmD>PNr
zJ0=xvZS~yK@acwi2E1in5*?1US5~d0kIc}cKAWC|7TZZbsFQ0)NqtEbx^XT4=!x%4
zy4}E!+GMst%`(lM3SZH<D8&jjk%V56!!ir9+Z^y@T6JJT!@`j=qovC0yaD&MgiVH@
zHmDSNyy<!2ouo?>B=Hn4XK=HJ1G#NZrZ4`9{g|p3Qw@nQh&SRj$sDoK{{?tbc^HJz
z?>};h4MvKSjkUNsGB1%-qKmrcq92`lX()}jvTiH&CQIa7-{O4ua0B}5r-B?<T4)4!
zb`gX3M+W;<&*F%J>yTvSG8VWhLA))%r?chCkYFno6Ixhfc&a9w*I3gS>V3WP+Q;O3
zmVBl9-SzWdN%o1vVthfxTtC1do;M`WPE>1Y9~@!Ou2(rrB%Wo;eKS;3bHB3LHFVh>
z5(?NyIb3|@z#>cGo#Qonid|Q{>sGwhaQHD{V3Ex+^k$CKm%x~fBq@XL`~BoX5{ogZ
zJG@B|^^9rk;cBXKXokXXp<<;ESFI#N)gJk=2d~lC`uZljIvu(<Qc4Y*v;1{h)^HjQ
zi@REIgf{ufXNoIONgBw8DKkO0%4i};n%IPP52)1V%RBgo!V+m8`RBH-#Zoia7QSr}
zAZr*AxjLn7I#a#6s&qool7<jR@Ef91ed=E?e%}9DZ_&^3oYs48_em|_`m1D9h7FPp
zUxgr*l*jQHl}(<2!v0&IqZ<#lj!a07vyBd+0DB$gCHoG?yRYTlb-dnw99mY`L&ECE
z+5Hu7d*5PIBiV0(zc4sRK{2&Yb9TUB8;T^`>_T>>(LW~*%lfQNb?(NGE6LIz49Erq
z9d@{L+YVgSn%FVXwKl=KS|(ivUH0H9SBURf`|i^!=#caW^u8JwhN4!Ef?b3NTuA7`
zZg38n6g$j7*s&t+y;nRK={Z3cxslGl4F)*|;b{cfcS?d`s%K1O6r|*eS6aBMa)6or
zPCWQ8kx$t%H=`szJJ!W_By``Om;?%U1#-c$H+sI<0mx7bB!N!z;t)-B(jh_QS0!@)
zW5?p1;J5wV=Zc$a8Yq~-Guj|Pnsz=aMgrMZm^x5|G7?{B2`FXAn0kDH%i0kaGOt#}
z;D4FGcx`&tN*$ek4_6Az@qzp&n4@z6sWN*`kniqi@}2p1KV0Y@ZWCf;v~S>QzjI~A
zQa6Klf$^^M0>hv&ozxH@5@cv;%iktMok|e8Z<P;=4(-h-bbK4JX+7|X<d9nQ;j4Ml
z{FCmstwS3s+}bBl3CBN;Yxh!IZxO5;fkszKo==>*;M~tB+vk4I1bqYIS+nT9-&BwE
zUff@Q6O#n<FFv+bJ+eQ`kn$G~LOF+woC%VBtWaUYh&yBGX^Sxt2#!rRe|qZ95AS>7
zVtR2?_XypK+@N!}3w|L7XF1AGv#YmR*1U~d1jqL1(cYsxWZT}tzH1+<@4b407?jcP
zrPGn?^61sPtiz^BGmoPt`{<Jcoy)MmVw~U&6~EfB33}u(xY4~+%DwWfnH0yz!v&sV
z;x@r5xP^~mlVv-yH}hPUNhZs~>AYDl-(k$it>Fm4kGGRve`ul_)%tyy;4oYJd-K?L
z#;+#38g@E;x^_yTlpOM=szeia31M#$Zp^`WhFGR`B=0B+U81ZyE?V#3<LLE-(-ZbV
zo+;~ttkzAwy+0uKCObUcX$q3>9q}?NFK$!+HOoOs@7d497q@nqQSc|>(6SHmft|iA
z|DDqeQSFeuK#rP=iNhQDF}Y0J5%-cS!5-j#2JCNN@@tdkU>SZr2^Q`xxJY$vJZxf9
zr)?VP7}k-tf}80pAs<p=aD=S4!1jpUwrjv8&m|x{v{l`M9VMJs|F+F*t1e@k_o5^4
zg{WpNDBY_pU2;}QFfxnzjQ5qju)rk&`NpP+y?Ui1r4pyjNfXOB@9Nma3Wbec?8TzP
zr6z#{^7L5);C4bs32mV{^|Yp(p#ED8^?$AHMYWa552##kDH<m_tJ=zw6lK|P<rMUE
z)cIPQRVX3j{QdR;iQf{7F_&nc-?IS)59<<(0m7G@K=d&k^;Gi&JoVwjKzhfQT-kRm
zN&MBKd9sjE-saVW%%%eYt0Kgm(K7AxE3*vxuAxQFC4)r<ib6-Usu2%CKCUw#+*Rgh
z8#EkZCQ=2mh<-*YUB3IW=bL{doBj^bch&6e2s8~8PwWx-(yGN|ACm)vbZ;$Ak|+<b
z$yH$2v6eHa4z<SIBrtl;K`|Tm46y9qwD#mw|2W*f)BuHlj?2|Z44nI-<=d@Rnksmt
zVsZ{JY+Bbji;O8-5#&T(A`5r%42CO7b9FxY?K0t0?(2hd-q}0IRJjr^xpcd}X3JeJ
z<>+zdO(k+#ep%}_6Zv7Q&uMM}In>A+>@6EVtRNI()+kz87z8>j%KL5W+j!^fs}CyB
zBJn8Quij?3t)C==9LMdvIa3A9$A|xbaz>g`8v)C&o8{yLfRICqjSAHTwVT$lb@F4s
z_T{?7ev*`<i|LqTc|2mQM96vpH7!(A{tXmhV?X}qtFZqybK1XuucV;?Fhl&g-HS8j
z>+I^VolO6`>N<Fm)83mrSAnjoSD(){-)(oO67SgNBwJ7n3*p8KuM8M$)7E?O)$coK
z9|ZsO>YGo0|K1Gs5_S=cR3Y!rm2g?>FOJH<#s(NM?hhk>3TtOahIBUv08lT@<!W-Y
zPW#DaB4L|&^D5-hui}8uE!#6kZ@t0_smU#e#5w9+{r7y2tQrsxPLuXc-szm%gYm#K
z=YFjpw-j<zt6#hFO8SRFJy>V8z*O4-Pe+#!2;k#Y_P;w}F!n(=#qjw^WvQPXbJwZk
z4dyS8w1le&<uqra0_{17{v~0tXQEiRW5-R)Wc|^-A}>`mqhgKEJ##(&Ax_~~>s?vy
zSC&AFlYcg=5Tep@ts)k3x5!#j%0u}2Q}0@ddvDBlE(oKI_RIekY2+?S4z&m&v__kR
z=XApSX3{4g*^wjL{ELBsmK=o#j_2eqUy@Vn)tt;69xojztN*2HaA<IP9CF#JWCcaz
z$*aQv=2?!R0MwtEb@*>^&BN9BH7><FSBetHFNTlB?JUH%YXVYDsjnzU<GdXM(5H=%
z`Q{nz&B6u_XPq0{B)m#;a$@S!`SD&cs4$zhyh!@K3zk2$kmS*c?GBQnT=V!=Ph2dW
zNs_<IcYoU0>c@+RBTsi!6Jo}@hjq0}4mo>eT6O)nzL$kH_;hRwpq{%V*x6tMg0|KJ
z(!RE=WP>j|C5F<QW~u|))zF^z4u&wf!eD{YK+>OO{|%el`1!owj}~t`#)Ls(nk9mk
z@E6TBJ0Ffp*g4;C3A@iF9O@4uCPXj$f=q2{t?xx}1%LCp;`IllW1qB0s2kSqSYP;y
zu3t9Yc;Yu4ORM|LbfR?$;7SB|h%sgJ^kq528`%Ag*NbB^x4ax=E`+{te;gBBzHmSr
zD<{8FGA%9qS5_NOOs-qmX_{RSd>%cF?ASi|G>A+1N#_DRTjka&z8F)(^7oobP)>7{
zK3RG07gB)i*fA?X4$}z}nVeWG*}xCk@4gCk<aL^G+N1lRe%R?-7`b;Ue1CGQ#8cXC
ze^W-G#W-6u8x2N2G=47C`Nmy6eO_zDPur5g!b9jElIou9Mc@iR<APh%NiTNo#B#H3
zAL~LdyXJ7Q_w=2#J~99?K8;080w)maefkLX#kKUZRW<@b_Af-Jl4zqG3yi!pRU1T;
z@`ddhs_4aHJ*d!Di*%nCPEvQV>gXx-p$0ABpRa>?m=n2;6ooUG5Pia$=ul3|KdK;D
zxiMEu??*-AX+qEBav9$7@ue@P3PhfHQ+Q9QTs9X`y~skEe=-*EFV8M;tO+s#=gt{m
zal<vi^BT>jO8hbeh6@{eCfDt3Z4K*UQ*T*VSQu!sc}#OGc^ugzGL8R$#NDQr9KC;&
z(tSEv^kD0l1qKUub>NoaqyV=J>@)oM_!#mfe@IDhti*C=++u-E=<ShNV!Hq>OSA7L
z@CnH?Y2;h9)o$%v*4lrDfc*b?oI~W2frrwYc3wlJ_pHLYQa?K8Ky;5>)Q{N@pu}<%
z)7q@auwz97$*UQQ)m6z>5K-4^6tmt>Y$5$L7kHy*+(8Y)o3y84LK^ZvR0T0?NBXcv
zg(tmMt_{1|^<Y;Z)0G9ZH;8zPyZal}YS1M3dC;w3_SJD{quZ+>;UX}E$HuM?#N1bU
zWd75wA1RzlJ|Unw{SEnLcH6X>o068=77y38uO<u4KTadpYlc@Eb77E$+RC>C22UO!
zN3AC}c?lX%wxCw}L)CNrjs<$x0`g-AM54QvuTp&nQN2}9xO-q8^V0;&&>FOFG0$Z@
zESbqj5SRM{TDX<Cu<vX%R$3i!Z{n=W2i=TLbPj^Y@TfkzSgsX*mFG)!CT6lQ>$zBc
z&WJdPdbYRB#pp{4^XEy0w1gY|M~yM3vqwK6Eo7$bHJ(sRkqal1ZwTEZCG8<S8TpcR
zHPzSoVU<yRqRrdBF9yA@=Qc~GaWP0n5+e5zsjRJ7%cr9(*y}5}p$Y3UD<_D2Z2H8f
z*3xM@-o$vSg^xU)2ev{=SG5qOqX*w1bom<$KmVFFgdBL#9Rm=s_ituHPC7S{bkCxo
z1<Q3<^3gF8;$hI@jq^D^#Z3%44xfo3R7MewcvP4V@Lk)4nSteo?^d|1S}xwIc_bX(
z$Mx`Q=JPGJ>vFgG4*0S<FcE&Tfe52gxN5sS6|rvEvo_7}#ImfQWQMYZ5&k)vQ2)66
zdG-Z{xNeT%dBNy|hQT0D7$e!gjRb!*syB`^uZ*AFU-l9O@lH+3oP=&3QGdP&;_v_r
z6u2q8^GOZkO}B|ZC9^nZ+S-=QDkq$3YBSwG(_?>KqpDQ6Q+Gbz#5x7y51np_JN0cL
z#@;)mpi%iP>->Z7kymZt40DsM^`q@PGMFNx{23}SjEl@%<TcNZuYV!!e)v`NQr)tB
zkvdjSmdEQ{rubK9ynekG%WMZX*5R@R8!6gg?=4Aviu&?0Mw<LmLg8{bz&UUM<PVz;
zUY>{w@|4}!2E3Kpl%16ev6`oVxV<Z?;5uFXy36f->RQ2RuCgRbfNaxo{4$xTcm>Pf
z5~7tj)`CzS%2Ci4;k8<PgY!whq^6u(^)Y|E&vFkjLGg7!bqt8*BpX|xEc#JxYs+8Y
zSq8*X%pC5r9)aHq&s6>4SHD-DPSD}>Y`5pz%TZg`6ZvQ#@m2JnQ!7&=E_dK);md8-
zvhP|%R}YiA^~15N$Q#2wir6+AA+>BxL!NkFK{-CEc!O4wbB7?6i?wz(U04gZZnlfn
zJC>T?>t^=Sm4ItLxA{c_{>Lp;S1n5D2v+T%l%%z%?a4;WWnZx!6$W3dA(NbUmSLb?
zwqnLi1@j<Z<r~tlnyk{67C%lLOlQ=@L}nS9M-i$W*`)Xo*N9-hnj()pJ%R%xJZM5h
z)`!pW#|>WACi>?yJI<gk6D<=(+OPt+-rRD?$e{_kj>Pg_*{jh&Mmla0*uoR=R#NVF
z&=Ur}_pavMLg*HL$gB#vk#yL0CN`pks+a~JT254yd}OZS@%ng+nqBAGLtTtUtVZk?
zjy{ANIn0rOd9P}n6w4+X=9wZ?F#^qgeXpkcnVIwF=Kzs9=k>-#F)F|slV`U@!7f^Z
zbGQCV_$ZRBOGZQd#C>-4>ed?o-=sYZHhv!eLx)*Y>WrsloZX}W?766FQ(!@Z|KQkr
z@iFxA_qi8~F_1we)Wugi^qPY6vR7~`Ni8?Vq!0$;q19<drkedXQ>ZltrF;dRVL=z+
zy}fj`yv3APXXE5!4BH=21?8K|hc$;Ol*{06$sONDjm`C1%>CMIglFgkz-CM|Y==H2
zalNA$e9_K#%Ng(-YGO}*X&_X0yZ$jP*7&#FTx1vhSGO|=<gj~h>Hf4s_P1}#vWu8M
zAkpKUTHKFql(PwcSqxHbby78zIVv~5ChAM41RU8a^=|#Zm;R;2kq@x>m2RX6ZfG-f
zCP&dBN95a*CEFVqR;(2vJQfFWPK$PT7aD^3;+H*J6Uz<bJrX9bEC9=25&+XA(o6vc
zpGDnUVBJ}0`>WqsrSg!?c=ulKQVNe8?GVoEp))@uh3rNWKI1rzjoQRiwc!4M=xL)=
z;u;5cD6#S%k3M029APu_W!6P9kg_dI%MN7M$or%>der2kf2-PzlC|$Rp4E}bOLiox
z;xo~LL7F;$yA)Npm^NVtKBNjtyGCw#(ja=Z*NWve&ZT>O6}UE5T^6X#N;GQ8!t1cC
zW0%8~!uK0bO&lt?vMsG(G8Y^@D$afV&~dIKGnZotd4n7b{7JHJo4D|0<pF7DtR0Oe
zXy56U;pKs)W!K><m~o*NeAP}nnv`&-g&3Of8NS?VNWkabh%&;|j*FDnhn|~$FVo7W
z|8|+1`=K$DE!rJ|!Ix%5qEMfc(*A%<jF9VPYs<Od7C=OeIJ=5qCP6V_uRW(7xa^y(
zGeh`nHW0tWS?gm|dsyq#rh53bTqc9|O_&gO$hibmD0EJi`SB|cy)W%f0ZbowqML@k
z#l)ut?z)>Lg07zjoqI1Rhl;Hd3_oL@#1EBhc(Ty<WlbUZt22^r=2*>|_qC>E3`$=+
zpYT(|()le?7S+ZCfE7R>o6>>q<~5<p0RgQ$GhRk>AZ+U><)mr8#zpj-wF8a<?LYP8
z^Yj7qSG@mO@|GtQQn=z!6&BoNz!_Wcdu^Cp`DWM7S|pU96v6%MV_b5q*28r707%Uw
zQmFMaf;+&fL;D<2IXS%PL5L><M2Bg*Te`XYX8eKCcOr7bv7V;>TvMSQxvZddPLPRg
z_?S4qhJBe>YVge%xFvd2U3!Wa1ZOI4@9cb!zkL<tTUtfn>NW|(v7#kU%}mKQ-pY{h
zzvPWu#1r~!FQz%tUwV7p9Q5oSoxo9{nT4cRE&d8_+XaX6Y|BiqT}7SVnBKBJ;~yTT
zNDgl!bnt@A21RfWd}iD;Z{*0Nz3K}<#j^;>Xo1gb%-%e}TRmq?oJmOCXb~KAB9_ey
zb`3JD9COBMr##Dbu{u~f{$V2Vwd1{Xf328c8V$>AxAMH>d`sY$SF?Oj5Bxsxr^d2O
z=@w48loc8BH|o-#4yL^>4wF!%JXL+8clj6URRD%Z({Mh5qMoeo6JD}hi5V6k7Ww-+
zntMJOr!w0Ku9L+Z`}O7>8wDIJp4Hq5jZmGH-2&#Q><kYEpUs;DqS%{E+&;gm;rTMY
zSN(Q%g7tgS*Ve?OOSF!bSbET0Cc1<q*^z3p@dreJBRF!%!fn{z(M@RHn6m68aLzGg
zbs^-1J45Z({Lyy?0d;4$fj3+zj_Nv1mU)(oD=j<$vJWO<ueb1QYhw74^Poio`Cu`E
z!C?RUdD<G>JSv1@=A7R<j|qz+WcamR*wjInpi^F3Z(W&u4N;en^QNYTOLR~T$dqEG
zb@o1DbTG)b4Gwmqhr4!2LATXe4nTJ&V_uoC3<!j<!yy1fn$SU~TW^seZEXm?lH(hR
zTo*I{;1;(cnLsS4&p|vR2awqB*AY#^lx`?VbEBgrP7JDcN}ui6-HtJ+w0_$6OLWJe
zcduJA_iR`_y0+7qRGOQA+o#qz*|270Q{+U6Gij4Sm(Pt-5^`&*8|k~O`~&bRi34mf
z&$>Gga8o!K5aok))AVPSkC1ww`Vc>$8Wpu$z*@)~lC#t9jefI60khltZrz3sf2)!=
zC>dEt0*yrm#C>fLLIn8iEDO7lY~t5|k7T4je2k@rf7UrQI^obQ)~}a*&2g?jqD5*=
z{1(*X_NWrKtkQ`cq#qI@spRjYAE_e0Vy#tpel7+bm4|R5zQ(a2<ndV?2+gbx_g4(=
zHHRP82c7GT<l`!%82kczwKQH<?hQs+>x34Nep}OpI2esI8Rh}~+D>P&f>Ctx^#Sou
z!%Gi7io0_0Hjpe-w~b1_S{}`|-9IpCI7zUg0Mq$no|q^>U^!x>@@mtK&v29-@n`<a
zYYjuMIe(bYw7!t<`TAzz(gnvse!t~mBp3Wv>ld<FJMspxwq2Utq)}hmwYvGqgb{M(
z{#VVJcF&5Q#abaspgUEUqJtXQgJ1wiYwd!-$G~U4lgm|Un=MFO)e*A|uS&*rRZOnH
z{;J`L@hg^jsA4ylAXAAmshaJ!=tLg2y5+BdD;Iwzov3sznu8496lUbjjmubwPoYsj
zHUz|~h2sbH>7Fy<N2_FD9I}O9J7dn|T^8@e{DUYv^r&)x_7$n^C+{9L*xs*5x%1)4
zZK}v1Rmbylscnszkrp`$8!5Eb3vb8Ljy-(0RF%ZL%`zqZ(MN9ZT69j5^3mfURoe9~
zEst2B9Tb~{<R5MFEp*Xlt(^q)S5BO+mmAarKKxC;vhgF$WtHu$u=7v}W|sRuNU@zW
z3MZ{bcv(8Ksit7|@86;mxece=uCTlZN6!|WY=xGuoeRwLo8YNC!8YnGj6?%P;CfBh
zr0p@(=g@BT6xy;}2gzdI!-Qk_C>pfYLntRO@?6!pbIh7|5cgk}fOWD^P)}Nl;U$I3
zDr#S~#YYg5WpLF_R(O~N`8HHUMPUZaGS_@?STS>zM(89`RFCRon3VhX7)bvX=GDx7
z*$5uGsOkY3UaL`0{{S9;h7<%D_Dr8r&v_e-v=VFwMlWuD!*Bxrrkwe?YnR~u_>b0{
z`F^)fpg+;dglU=E&lsH^-VpJ6PCg%KZGM<uGMPq70G|#7OmmMO`of0whz81sxQS(_
zQefN7_bghnSYLY^l8?lRE(6Q2r^e(G7^wX2^bIVwvQ<o9v2gelW1w|UqHt3l<@9wW
z>tdPGsg_c)0Yyo~@cK-~H8Fx+Uw)-`aQcgc_b)QhaRmtQkg_1{s|K#<CI-PMv7vcL
zfa=3A^Q12Gw-qo6yRWm)gWxB5%v9Ttaa`Ims-1559ISFpq>|lDa6ePp5?jtar(bza
zmuW9jNg-{ML{cSO_Rb)b5=kVOnMd}-8>azWR|%R2{{#j57oFd<KN1Byj;aNx9G*B4
zCqrdh+DommRH(dexpYnU+7uZiC2IKb4jqSh+l<iR9b#5kKHxM-9Mmgs(s6-g@m@|k
zF%QXurC$Ge7^78Z@he!=BO#UK&l2wNjBHU1m)+n!!+pJ76wvsyJ9#m;U?9!+CuR9f
zmpad;UUvZX!(qft>~j0MopZ;TU}a=mzeT|P$Dd#2=+y5*6W=WQp2_jn2}ceqZ}MeX
z2{tA=kN}At6s4`pF#=fI&0wg9r77ZtWWg?nYGg!S=K{E<fw65?Dqi?r(*MEUdq*|Z
zeQTpp5G)`TdX=sqAkw4;3rz$B=`9K<ozQC_C{4O_rAzOT5<>4qM0%6ZL+=SSK#1Rd
z-*e9I{e9=Y=iW2!_`Y+;cgOjIkwIYWz2{nUtv%PA&wL)9t5=rZ*OSQ1Ys=A(e67J-
zFPz9Rc`CK0izl;)<=`lTi)~r@t5A|q;RNQ8J%7F%o$0=6UOR<nPgpcMA-CPKGfynL
z5-H7>&MU#@Jx`nEAiHv_FN91Rv^+T%!GVMe=P||Bkn1t9w|T7<vZiV_?@(UVH2cX@
zP-Eup>twcRyx+5agA#<2ozKP_$E!!jk5X*w3EFOZ-d=};J49-j%y0u38}J-wH0^my
zz{j+%Hdqqo-H&}tdY}3u``)DClgayiY1vjJamLVXx@^4ZEE~l}GEh$rdOP8ONtQJm
zX&o;ArliQKT@XQ@Xuxzyp5(4FbMkj=Qdf#9gxtjQRhKD4beGg^lg9G`y2!UKZygt}
z4?QpXrMvO6Or*~_T?WS!f{|66X^>s;l)0BT)wx_+VWQ%8KQc8bR<CPCu2r5Mq|>Vh
z*XSh>&yRV;!{FcnjrKhhLRf+N)&FvSmp?Om|4DwC+&*q<Q06Up60RczyyE;Lkptl`
z*kF!O$;N|~Q78#@v9tWJ*J%}@ObO;)G~YTt3CD%4fZwu6Xp8}szvc^u8!;v0_65bC
zCnd<-bgf!hQ`#n`;i%Qt-H&XyVfS)pJk>WAUkz6s&3G&nTb!&oJ64uSekyo`_NIs#
z9VB02pFbRE<n|T7jT{+N;V)q6+E1$+J>TJW5Jg=TM$b-y$ETn2%cw>-v^JCueD4P>
z#_d;!XU_s6Cl$j7n;!Mejb8+|=hZ6!#X`+Pu2(833!Y)Uw|x9lZbGCmcD$1>FflVO
z9kX0G%6ig9=+)9HclQcc&%n5gZ{Nz?x)?R{7;zt$P!?o~k**<#_<9sr!TF6ed@qN=
zXh@3-xE!>e$3A-WeSUPtb+lM6PvB2J5w~=1?4^nK7T7BEX10NC;*E{()k1YT)gEtK
zr$JPKyv$KbvbJS-%Xugn{upz9SXww1{lU)O!A+QQpTo3|;>H&llvS(F{dQ7>L+a4%
zxe%NmdhSIIl{V@>V^vk~kOSBuFO{vIcCMsk+W0Yy%~~m@<r~hN=e0fZ@5oc(=FwW(
z6K?5q91XU$20&G!zC6dO-^Sgpu{=B@%9WIs<wP+>%{9o&LpvCIvg*Jg>7=86Je~tD
zu>G+|xDCdDif6~_T4HU9+#g97uX>YcI2)<hmiKFFB#Ka!g^(8VIc>kl%u5EKbl!Ab
zR6q_K=)c52g;(a)rJPx|Cwez_qtlG+hJ&XIk%~87zh=&G(S(s<yS^-HM95JO9;QI6
ztvx1+DLYurc@FR3YL(yMZ)ztj_lzH%rG1RAHSa${0;RK58k#LQrHmLB)nUqAft~yK
z250BJOhg=A&K-8JPaGEWdZMTtEAA&Uz*7h_8zj=>wT|@%8-&@yjUXe?*`bxOG6B=E
zM2WY~q)x>a^X7*oyIDzaJX^w0cDR<)_8-N==zCdVTTM6d98(zbsFJG2Ctmihfl)?%
ziYvEBp4w8_bCp~nB|$2aet4)vR?7dWUp#DEP6*F2&>|;MGjdS7T0bOsC-^r=t+wV)
zk66i2NlYaT=yq^x3v*$aV6JpLkYN@6vzwEq9z%s!gjcwNw=}k)+hF!)WOJ1ag13KW
z?>xh@uad=MKe-Ly8(nwH0NEJQeUOpH6eppi-0KB?>VAxRk=gR2%-9@sYx;G1NWPzq
z|GHyVBPW2Ta?M~M2;h#s2|A2)q%%j&?p@P%-Ft_$7Jtz}GZX(^l7gHwz=Un<3`;h*
z$P=(Ay;)zMBI!D%mTcJegLdU0C-%O50(bDQ{wMSMsi)DZb6L&3ry~>chEsi0tLL_B
zp1Cw@bC;S}tkY#iVJdQsVl&l%j4Vp3wAVn2tK>T<>Op@A+3IU4w)Rr9G^Qsw=GoiB
zFyZt3^F}}2iI>Dt;cM`!hWD>}?(LJduEIsPcCt|L(up<xwW;+}BSOD=*by`kd}Yf)
z?$HL30;f}D7;F8>M)T)4H4ep*$JBujE4Ix@?s7gF03;*c<*lP<bcjb2YdYzuwQW4_
zX%Ni;Z#(z`j1C`QSqe*+LDdh5svyHFkLuZ(KisJw2hZH@aS)j*L~!Bu@%MI1;R{zn
zOoIn{!B&ifZz}9CT;&fPkoiRFNK)PQIZ#<)7xIFft`jW<6lj2#9xH(%8_%zUjgS({
z__f%K?F;_u++^F+<V6$S{8L>7Xc=Jf|GI`)g|;>i(w5EY5wy-V{-s><*QR<=7l;r6
zuA({U5|ZYx!t?(Ftt|fp2Uak6?jnH~bK4v!>4)!9tL7UUpCI<9J`M&>)mts4%ahL*
z2|G{q;;j90ems{xAzo=7+ykluz-|k^YHdo6@5Pi}dxkutO?d0di9+qOs)d)UOGw`L
z;w=<gO-QxKr{NwQ)^v&sUjrOell^b19RC8x1?p7)yZ@%=YR`DqA(dN}l85f`fxF#_
zqGva*EZ+hT&^&M4J@RWDJlG}MjP1tA^0yK1Ca%B9cr}_~H)!1{=VAj6)0!l`?i6h<
z&l26fOCr>s&@k*O@MM;aT7l{d222MeT$KhhHwNWrmghexNz&7|PR$y_TVL!RsD_7M
zW1~>QF!8(In6gPiDbD(Q$RxS{u@JQ)`H0E;XdUtp_7Y!8R-50s0J+*O_+`FVX_oU7
z5ny{xYB(l!<2o=6h<+UXFq29FKZl#^WMhMAB@cx1glf%D=(^Ju>0Z<C>A8A^E3QjF
zR-ODcX!tx~cUyE9P10I1Yj?A8<SCQN&^yl=4)8H9wjnExIhrE;56=4=KYlnqX1Oe;
zX)Wu{qna$hsnmg1I|{(aYN(H5JjIxdzOdIs$v-6rkTr6L+iVr%A=v^+Q4J=AbDeo6
zp6)-c+(#^rz^fGEV|%Nnulcq}-(j|7S9Q3vU1HU2-Dk5m{>wAGEu9LNp6w9MxG{TY
zSmvxthyLXrKjO>#bF9j4YVv9oG|G>6u))^{)2p#{P}dlUHnGP15GzlfveKxmx_a@%
zM@LZ#Hz70Hg)?r_fFvERY0pWo_>Q3ZcTateWc4tJ4(Jtp{enZ~n_`%9Ej|RJzY+|b
zCJ@(|7)sR%FVfvtxEYwFRa)-W6ocvf#PHz@P2uwbylum+IjX+%jSn{H+Q#o$);wjn
z!g{RB7yd!sn7LeX-BfxJ5*~|hS76jZ1<434_=u+rq?}z-7gmvW@gJ71-)4BE!|t^{
zT;5>6*!Q$M)(TPZ)c(q_YrQWARVBaR+8a_%@fAt)bmf*K>ZV@RIyhJI`OAZ*#*CGW
zHQy^|@&rSidpVH2QEnJt$xs`2rIgTYMp?-7*6jZ}2@Lu!sj&XO)16jMdZIz>Oc(Zg
z<e=}lk*cKY+2%y(#ZT{oM})zgMX|Ok^*|S9T^?e-j|sq$g@2t>&CYS0w0&iWItqM{
z^Fbj{nVHgm$#;4_Cf!9nWwESLq62=@bF5T!p=dJ^MVs{CW6s`9p736?0Ka+p^+cJ|
zgM1-m?*tmYG`@URy7w*n$g9p7zJzL?gQxZH^mclqqM9wCVd(LC*lBQ~Tgf`B+o=CV
z{A~6kkRymK$eLh|&&PoMi9+Emvlr?#DAtnIa?2kYv@^-&^0$>8-<H1j&_Ph1d>KS>
z6(`G&q0P?mBr(ATK0sHelo(IV7(ZX@dTZrU#ZCbtcj|vk;4cF-&aEP~t<Y})&1?8I
z&n~rx>`+TMhEg)GE{vxCS9nQyBOULBcC(b3DTVw6>SnU)Da14Gij@f^JfK^ibXbcf
z2#hr-%)>#gWwQYKrHR>k_D*B^%IwONiiCGm)=)+9dB+KdF8Ni1$M>giD0p{=5FWcM
z%uVsO3$J;kD@2DK_^9^1`cb9o*5qQ#c@jw{XYlUAck)6>o+jHtKd?=*Qqb2yAsLAU
z_>Es^4Y96tw=|J{TeA2aw?HzTU-~=f)?lZuM+IV#=vn@;CayI<DUYg<4#pQZj5@g<
ze2Oix(R+B$JhtVV-D_vZODsB7zd?e!r6*q2$2=(!Nv_1Ryo|%bO)xp^sYHhwq<ij0
z0~B+^ErZhf2=~io!q9N;JOsA<tZn9bh{Y=D(mmg9X`B2`$VWhX#G`HIUArzm#sx>!
zQQk*!Dtc_nEG}Z0hW{e7{qy-larZcXO(#=ZYuu*(P=h;>ckn=sq<veq*uZ36$~T75
zcj>;0TOzOfG?UEUBh3i20?!G|QqzMW#RU5Wjca(*zP$YvV%tcBmiqL(Xw=S`qB@PT
zskdthx&aVQmfeMC%nc>axcpEpZvFwt5vq6B+OXapk#WN1&kIJDbgx=h;-9K{WrFv9
zacO<$JQbF&IWF+KOdM<y!!>u$U0<s!HZrk#Wy5VYq!6J(>Hl(>f?Zqm-2<tB*b9`O
z)I8sz06k*He$;}j2`jL2u$@6=8TkVifj6p`KF<V*T%6t?WP83{3b)z4v7XKzU^*fr
zut3RcbSu;Wd5uLNJNdZ&e&mWH^WLm!+su_#j%s_!eb<#ZRB;`Ad`9YX)%1PTa@biy
z#^FTaPna-p3=hPj&LhU>PPLKirnd*HW?mh|<8uo(#BbPiKUTBVM~;+zlF<|C*e*Ar
z0$5nxrMC(EZB;@vGkBjafJ@XqJ7~8A5%)4mQu}j6=pDz)q%5_pnTw4!hA^#(gMrXj
z_*M0ES+Gg+k<sw$7afdGI!A18$FqNI<qa_C6uYeSE<P#S<{mgsPdr5{b-B(StesMK
zGJTZsVU7-_iL39norg1<bYnCqH)$vMxvP%K?^as8pW*Q@Ld0ulp4HIvesIzTx)^Sn
z;qNWln?Y_``O(+on9APg&u*gBpiJ@+6*KmH5$f}trsT)9Wg@!gUk{DagkDt*!Gsnd
z<O79WuN#`NN6D{i6M5)811i5oGLdjRsO@x?<HiRS;4|9N>9Jc_!zt@@)-bDWtx1L#
zk^H-{Dp$;txUMUbfiNlKrw*|MBX~&t{?<n$1TVZ@qZ^X+1)#%bkRi>Vw+s}s5<9=v
zDbd96<-qo=@8Vj2xIHI>fJdSNr}h2~rwE#rIs~;RN*^CNpQa8DN*5>(X{SZgs{#<x
zeIxG1z7qZ$258yux_(cUE%c@zO5-5Xo)BPfS<s-wXFNfD7~fRKQ8qZ5bh}1OQ9zp{
zZ&N(jaQWaYDWeDRIeTUkojW&W4Zw}^gAvee#;#4Bp{nuV4Q2f|6He|rf^s+=(&038
ztclyn6vA~DG4Z%H2Xkh<SLf|@U>Z{5N!4YD2!mZ)h^8X&;(SAbky8SaUq@v)eeGhz
zOC2Q`c%t4ZswB%ha=yFtB=xl(I}}5yG#}jpy}T($vv)9e6CZneE=Kv<D0@c!)5EUn
z?^{<Qn3JR(Rk~%1<FUuv*9txL)JI01V>1FvkSW)ol}7kr*#|(lYtr<_{*2=DqSK3U
zy$^Dt8$`;%-74uw31ysmkQW%8p@zFuSQE<IH6m*9uuhWsR*8t(%nvmn>Xe=uAu_$;
z=cXQ?Tbjt-g$}rk?o1HrfL2Bld`M?74UT$NIJ(_~aai$_iib4^|B6~BnFW{suk{ID
zu{fN^VskiwcM)>SQ@Y)y8wgdb<1}(wvkayb*&h@NC&oG7+L?E_KPhP*U<zH_4VM~-
zo>B|bw{uk!dO^O$s2B=8vQ^bmzQ0z>Rev+~rwVVQYcgV+t`Hy9(~N>~FR*wR_?X+B
zo)Z%dPr3%b&IAN{fG9-RIjM7t+^0;W*OFF%dKK!kk}AaS90}dChD9CgVONSVeN;!T
zBd)4G{H1DJ4!L0h$|N?h`n;Hk%)<!2TkWa-ij;0BIqq-_RXbIvp+hN-gYDz6fz=%P
z0lNLGSP3I+=)1qnt%^KyZucTkOI$bn!Z-Xj#-0y)alq{UHZK;Y)%u3xnMwlJJImW-
zX7o3HHe8xN-8Y>04XO%8h{qtT4WU5<{)HK7qe>s?DPJ~qt7j>nCBD>rH*%g2B8|V0
zaxE^|O?FwdZofIjKL5mP4*T-hm}%`R9(r!)Ez~g=DJNEQ{-uezB$=>Pw|bPDnEiPX
zXh;c`ym^zVx8<txB3V6xX0wj1)&8jlHZKNe2)Qu%YjR4JC&_k!ty*BQfp0)`gzo$V
zmQM8}`zm>F@=3G?zOw*Lkbqt?wL%M4=5>w8CX8p>47lZ2WnX{oI4`Ktw@<c8{;jlB
z;wWM)Yp^O(!U)?O1bglJF_2aw{mw|T&&M|mQ?$!5PqUU5j34A3+8=um4o>7wukhb3
z>p^s_pQEi2-**Wlm<)2YvsWALa!d(tu;2*xBqdiP^NUnfZGiNx?;vjrNhZsq!X%^G
z^Hfo)ASvxN`$LI|Jlyq?qD7}r3-N;Hr;L3QXWg?+J~g;^*-n@NyfWeY!q}z320c`$
z*|Sd%-lD@mFE7)BUYk`D1qk}%ej@nB28A*OOQ`$nsL40qB4eqa^<NBrC#%Ano-;)E
z{i{P_bC!qdE}!a`9=UpNq~&q;bQ2$5MeZ_CRmru!dO12wMvXSj9QjE6CIbEb)%o0P
zSHta8Z8S9O5PBK0HQ|(F+895fJ8bY`t;nOD8-G3I4psqZXK#))y@M|WSR&QN6Ng@7
z5A!Dlk|$XVHIdXk_ukp}KeLSmtq&L4%+ZLI>b=0eO&8c22wb!nDHDhZtbKS=5AbMw
znt1>^5`9(03@uUzJBLRvHa1L(G>q(woK0z9k%*<}Jb<@@$^@sk9f>g5L?MdSPuY&P
z8xu-0`8qF0JzoBh$$TSBBo#Mag8;$QCgg<wfW!m+a5Sn=c+UDPTb%BQKsGXrYh)#8
z<h4IvWO(q@`>Ci^8L@$F-jcq>&kaW8!32@~O;d$YiHDO0z4Q&%i<4Zj(Gp2r%A6$k
zRmjCU@qYwm^Qw@WQ@@_tKD4c~NY?48RWyr{)G~O`PPrFxJ7(M9?pZ1##}HVDjoW@l
zX?;e=CrSH|<(+lBs5jLX!0jTYMC|ZYJ?YeKVzjvh6USdG!=F73n<L)pp7=VnFv^2c
z$<PStd05%Oe4}i2dFF%Tqt=y%ftI-&$Ug)drhv-tAiD1ynX8dw>|4lC-7YxuGe!SR
z@X!Zm*+>(-3l5@(w>{6klv|coye<{X2eCTs`&L_3i*^o*yR-A^`|HOvRcS{=?WT2c
z;=%U5h@pVaAy7i&R>gV~qF-cmqLaEZ{7uEjWX#r!Hce@3zS&C{#&W4f#(f{^A*u5>
zag?B(ymP#6TDw>(MRghf>KQ&M&!7_nrnLf+4R@-)IhG|$iQ2)dEF$)KsD6CDr2V09
z(0ql88D=&nW0^T+^<do_91H`KHd{&QzPEWDY+W8LuJv<(bJ5=*id>$L0Iy;TD{XiS
z%-bz=inQtslWKsHK1U=Wyk5VR)p+fvM+iB^L-Hr$pD1~YtgYRfFIUa=5w><~>_)r+
zCU4PgJOumeknMftq&`6$2kB@u?{v0ey_;dEdI6*28dt1g$11`Z|D@ggyShw!?8SNK
zNov6T7u)<E4$3^p?uy0lc2#@-eB)+)z?uKT?z0PZWZa6q<JCk-CO{^$t(oZ%Lbhpm
z-k*|f6`(jFe6&kBZP<Xe@MkW#S)a(HuH3$48TF`0P7q)0g2^A&rK0kL1KBsbbXVPE
z?&#Q9m6-kSTYa4Apk+LZunt-LBENwkB%u^OVZSq>`yy^R)~LzeXZAN}yb-bFD~$n1
z%(4R^zTG_nlihf^r`DN4Sle%q%GrH;nvI_Y6*8UiN#^y1G9c>L6nZ^!vcs<jWn3@<
z4}Y1Vdo^pSKYH^${{en%<ek(-X{n8`Yrgrmy4=JL(p_+##_43g!ZS@-e{6rEsJL}D
zA%J0VfZy6YO-H!Kbh{K7_qy>txvb#f+;NvH)gsj*c{R{5LZ}YFL7oUSL!Meo|8So~
zLV*g**9-+}-JCyCYPV1X?{4B5oV%dtpVKV=p(>a!OO_|VNQL(}yXy&mIhf9`W~f1J
z(n*^+#NTVz^n_N}fs~*5LOlb?ottqc)d>Z?i$b9pmHClwG@*pYrB|{>1+zoVB?L%I
zLOFv#w0w^0($`z`etN)fAejb2Xj!j$+AAhm7N`^|J<Rr6QIZe5UGFe`;XO+3&<`F?
zykjrYN}Je6mcbi<)*BJrjtQJf*Su#r-DyPesD*_2hRsfz0`E{KAs(PExh+ArHBG0(
zef(n+E8RS~!pp{Vh}C?rCSouxd<-92W<GV%<p6?U3#`z26i}O8E7%C|8*Ac-)@~lP
zgNZGu@f>S?uo7d~5*?3HUErg67t_$@64!iHo3{0}BmW0TXk8YbP6eC!VdP9&ZH!Gf
z*d%gQw4^9kf2Y;>?mWnM<DO5H#9C(4`aZa&uIV>O#Kbsb?wU{sAh`1HIqXg7I@p*Y
z1QlF*F~(k<-&5$20XAt~rK=C91ILR9lSC~|NE-}?M{v>&aT-QGcTff(^Mn82;`M#b
z9!?Rx;EUY^Te7+^P}sy1)y)F?(rr_p&{QR6%^iSE>w-Ls3NJk(7YX^LO1z;FJRv85
z`wa>&Y2aU0Xt2gkiA|TXpM6_W_OCrKY4M)F^(bRfYElqv1-T?zU19Q=ay5B@PR{gZ
z_4nEL`h~pcCiFRwh_a-FF1knOZOE~Va{211Ub?NEZl5?(%xd7$_FY!vrEnLSJoth7
z7u$5s#q&j?XvSpX+<q^Rh6FD{^oYaY3o^oIVAw6}_~(740?*x7qluUeJS!|GOn#j)
z{n?wG==2gVS^tyfwpqp|Ty&`D43*kr?xU|#Ms4&99>QHJTjW~47ygwS?<dt(FZ2YU
z4UT5RW&brCQ-^AL3rg*MPfV^0UD3di`RMKKAdCBSZSUrOa>QKDTKmE*Ld&}zmeJzQ
zN`s?8b*9V+J>3)CgkMidVe(bA|5@$4`%zfs@&M^K%GNHC*}RRuQZ2RfAIpY)yp6+W
zGtpOwKdXO((jj<YG#SB_0?n&QL>YKjJsWkmT^)I_Db-cuwd+R%D>fo({CP#KxRp#t
znkVPe?3`kT$1QTaBd*WJ9SD-ehHE=Ty#;FKd`91(b<cv_Ke=?vjG!^I-9qPI?0<t~
znsLDR!QUCd2ZRW~ijQ>lh6KnwE_-S(nDW)eFi=mc>V|A-YHZ0c-;TwT%$?Vgcbv(^
z@`3$7n3Zz^=48E~JA`DC)ip3T$V~j9A&wS*O@UyQxb(6m)=_viS*=N@CPl><1OLbK
zNB=dN2$Q5E*u-`dKR94#cu}p=U`Kq@Fes&!1l=0P{UhKw{_X&U($8#}l`^$Op+G5?
zUh5<H^<9|i+uPK{U!!idrDYD}$K!Wfp0PMy=A|EyEL0Os-aLmx<bLKQ+slQ7|C3d0
ze>sTBGgIbToaIM^eFJy)Msg~vd1GVA1F_Dw_WI>nPV!H}v5)$6>#$|Ww`DxxPT6x)
zn}VB+>%-`}X%UGTO$Me=ATzp>JU(mYKHBp4Q&d-u-S1S(GqHKvF4a1+Z7`16(pO!6
z^77NdoC9?sDRa7T-^;-Uv0{847Hw6hvx9J_^ZL*>v+5}8UcgHY&7wpC=-|H{u;+O5
z1*34GNV(fXFoo<Mhk>FgC6{~~_gqy@DFT8i>M{9O<}k~sCRW=%41{LG5E|@udtuW=
z9j7pp8<=4cbjy-{wz&Ms`=}cFuWNC;@V2>?Yq}Hpi|{>}#ecZA)jwOc<@#$oqeZG6
z6(k6Ch+Sc6;#A4Ksb4s-^9A%vb$-5_Jc@rzj&sdWE)K`}7=^-05V&;rJ=KTZhpQTo
zI)08XC(obosqiVTd|zcw=H4m(4Kk8AH6oH_BHf87)k9)>$N=Q8xluZLiz4j(26ac{
zCyLgaK?KcWm>`rMZS9@gW4lxx+(s#`=anf;C&3<~-+ICM0)woQAGA|=O7Q(cQb1dh
z6iH*{Npi%<^Yx-{Fs}mUOD~%}E-Uv@DOolXuKfl<u=7YgA_{c~G$uRE{rz1vedgJ2
zuh((dO87C4mAZQ9ydC8!PZ0PeF~jksURiQ69mo@4l|D8YSBeK^+9VIRzh@sQSxV(S
zo1$LCWy<v1{{1jEIza_;_8!YXDTaiVq7?YPx6FT_x)XrT&UWPc4f<>K{ga>S7Gz#+
z{@aHfE4q6T@z+QV{k4$AY{EdrfBpK;>)J5O|NqoGA=YS}HW+u(Y#;D2?3jnPJd!r>
z2lx96H~;M#(VCEB!ut&vG`*KGu(yi&xhAlTia|fPa-u>KEA=jGgh;zy*SX~GE+<$~
zQ=i1~sHu-{=g#ej^t8Jqeb>_*w1txPJ}5IqpKO~51re{~Q@W0{W<7n{yqi$g)akDV
z^3kdf`R7@3<8P+kaN6Nd9d$@j3s&KxSk~w0W=!-jb1ceqR^b9k$C>WWXHetg76yV`
z=Pqq}hqR~hYNz84AHl#F>9YZ3;ulT@rNmkNaUPBb51yr_?hn@$ys<TdZe{zxnne<u
z_@WqR$90<r_8tl0-yuF`9H=*_0ix!;(L|n#1{JJcrynIyyAazY-!v2p#<8KHC3(TJ
z-I>!Z6se4-y9<gH06V6<$<@_`$f!`t_)z;|1-W`h%iyQix3Mb=uwSVW*?bxC^9%30
zggOq#CXQgZfusDOs%FY)q;-?Q2=bNpyYtOecgrM)N8K-$4!fE6BEIr6@Qb=WaZ1(B
z+WCUZ_<IKg!X7#pQ;s!}4XX!ewp-kHwf9l)sNUrN!O<90tzPS_ex;Q}wolc5LG89Y
zo<Gm_G%waoz{7MLRw_xl$4={L-hby_tKjN8<wqNmx%P%z+d$_kRpxG%?-)?x1_%xh
zWupIniER?z<RRyxpmtSr*GxT~Rd{c<E}T$Q4v^dsX6q*@=S^4iDnbvuhp8;|)~lKr
zwWG_DT->MZ7aA)P={_$}a8!Kg=DIGc@Z3Y?_}&_N%LV+mYj1qZk71m9Lj7a1&i*FH
zQ>r89Dao2yDMV7_B)yEejJB>fZEnFiYAe}yY~ojz^-jZQ1H#AAg*2?34(XmcD1U{M
z?e8DI5lV&TjS^UAJ-XKPG{`tT=ZIz}8NQ{8gXorjIO<g%*}cDWLxr+~v9vNLOz|l{
zc`K<0^@aW2zn_LJqU?DB0ET{u-9pcW+Etwksejy_<H@~XO@Hw0Wk)5OJe6NtL)d?~
zC75Q+vr$;>!6b3bfL0<&QBU4ATWM+CG|aO^=f!^e&jOWJ>@FWPB+JYdu~eZ1g?yC)
zYg6Vir1a(erj7nCgDhjWUcOJlPlu{b;q63uq$K>W*Zw~RQDdS5{(g7Ih;*n3d(lR%
zCFGvb(>G)({0)Qjy(ynsT<Grz%5(A-?0&ayBFC{-2wcy|v`K2)=1TlEWuU^F8k4Hr
z6D0j1{R#_}A!}sW9Cl$yZdL5>_dgG*{@ByJv;}E3p;o<9hp#Tz6a{tiQa2w$yYQdN
z$f$ae4@GtjMm)(oj?gl7RkO@vS;Jq=Vj;2-S){M0lm+#y*lSv4J-@Dz{|A8+)QXj6
zyurZv2+b1>FPY}pwQ@bPOdIo6mRF`u&JT8ryiSv(H4Lr7C+qpkj#YN#J?lE?y|6E+
zsH7Q_EKYLm@7>~XHxjKBA_HFh43o%RtFEKWt(X!$jdz|Nxc@=f-2Fa+U+9NH6!k@0
z)vhK|EK5i$4WO8pKZ-P3J3JiW851MjBh8ezfb!i?ALT;Kao21}y*yAm0#4%1FAb~e
zi-~mSR8;@`zW*!GY=pGey$dQM(BXWyk}p+B%?8^MN_F|eqs1Xo&ZUhM!E)5E-;l5B
zG*~WdU)Knly@^vyczvp~JbKJ%e^`^28)nU}KagHup^f_TW0ir~EF_muivKW{J9i+{
z{r9#a6+k+F|171N@-%-NLKbVkyaf3>*RmO-zM%KtxB2fu`?vG!{}k2!Z}c?4BgutK
z0~XjWZ=^q(D6R5k{WU$?@5w?#S6@z~Vd?Wa^rgcFbji^S5hzQo8M_cJ3upE9$k>&Y
z;n7~P!_P06EF8h^sur=Hch0Ry8nH+3vjP2d@5Gec4fq>uUmkg=jB)lYNDWXQRy93y
z>1J_BciDdkpW5w4+wG&*9DngdGk&xic@<hF$f*D#vzGYK?-W-r>vM>p2dDxb!kPQ*
z-&)&=MpIfZzRSqznB#hSwgV4)+H>F6uNGrPl8X<(F?B$w8x#alK$5~l<E2x%0rnPG
z5Bp7}tJ%E%(s857Yt5D#H_)DtMZF;CZmzO`-|+aZXvj6X6sBj)=`D2RvgM{u3fhJm
zCZVw_YD`2atY6_gm}Wytu-u*-xm{I~|5J-JJPtWArtf@t(=-~ZIP4>Im0%c!VYu@N
zuajX>puKHv#^>mB<1u-SSV*Sd(A-UeNcNPqyBtsaq@lmS@DBP~V&HX<QUXIf&`*kc
zAGT_QfroK5;4V$qbxhD1p4TEr^J;Vwb~w0LYG1oYCpe+#K^Hm|O6gd3lF!D%p~=rR
z>fkQ5yR!@<qJ8Gt=P9LPfnlmw1j<lK;^NYw(_J~N*NyMCZl=D>pa%*&bF3SP!i-RK
zSsqZ(uN)PPR6j+ldc_xWc3}hA_&z9;fL@#D!qyA%BZgxK=huI1oTSe^i_9JwyJ>Fg
zCe*MHe^GtMS%nke56$1E!`(I*E)zX#zNNw?@!*>Eijn>;jDB;?NYNE~))NP37j?fw
z!gTYV<vHZEq0?|S2I5RCaqGjRX|%&D(xXJfC#x2{Fh&Kri8DW*o8QQ`o0Yt(tR*kA
z&9H7l`xV2YbqbkWHBHg1vp2&c6Z&>j+YA<>PIPppB;N$zS=xty2Qb@)i*1RsjIq1!
z;r6b_<%TC#;y-`Tq_|5k`;%SiMuK1B@{on=h5#2Ytk3#u2%|FxpIFoJ?60>MLZ?My
z)uqi!RqhqaMF}lsTjFC!9G!MD7Wp$Cue0817za8vsX|Q|8^^f4#6F6p-F_hvml$=$
z!c3FSsf}!}ZQlDmM0_Jz_9(Q-*cx>dXRvWY*(?!l!OsEyN}f7?93^)bpzx9HOzZxL
zWQRLhT@HI&9Y(k6pekyU8~vl9T7za3O&n#ry?y@;5<)Y;(UxxPGGI@Nx(eQ`?6MeW
z+8P&*zHe5~?<YV6x(oHjwN~PjCjpcRFoxBGc(-hDkR0o#H?bK5zTxTdBtu(`!&gN9
zqrgmGo8mwy!{if=5E<sB^wg^db2l`g1^BZgkI~nR*`=+K<{3sY77ej9^{fUl@gPq#
zrE=zU<a|0ceqa%NNj%TB)LDlyzR4Fe)6RnK6LeXj`C<$mz?t)o*HMuWw8nu#H>5?v
zRA9ny#5Q*$rfvrE@J<k;;~rfcNyO4}G|78^{;YK5YXXM2Y>6k5i43Qnv#k=9x9`KC
zi?v{z<q^#2AvYYaY&f{y`b%Cw2E#z{ba{`^5Z8TX;#I&tTs22Ag+K04!}wZ0#VQPh
zau2`xhOH1vbMIM^dfQu6@;thwr{CL=KOHx*ePz)J;hCX2LU_5Iqw3{C`l{tqRjI>U
zvm(?5Sl?$E5WbrvY!OC<v+c~dE`Shd02eb!8+GXcM1Y=U9PXx(6*_MzcgQ?x`ZVxP
zCP^zJ6Fd83DgA`KLjr;be}6#rkry=z^F5Q^ctEK+KHpV7Q2M>XRORYS^!@KYKr+Id
zzoIk@SN>CmA$Ujqgz)WpV+XRjXGV$pnnQ1`O9U;WBs^1lR&J?4GFDb8KS^DGR2rUv
zmcWS3rg>QMhOP?F@GIT#CFOVg-VyuZ^#}P{-mCN=Kz)>7duz0`5`al)9E|o9=hf#R
z)-q0xrArM3<fww!m^g<6&0lCx8<u_xd_!txUA^6HXU;k{`|CFdP#v`-b^yId!{msB
ztp<}~Ya+vFgDlizdF?c!T*J+N`RhKb%$D@WY2mmQPT9>ja)O=};G2e<#l_}2)!!J6
z_1NBpELY$Bd}KdaMaYSW$$*W+niivd;Oi*10jwbLGzmdW%suhr&9YAC8{cZSI7>o}
z3(b2r=+RW!(~J}<HvzgBq^xu@+v_Gt!LEHG`eWdCn`&=3V%t=0ONaU*qc9%Ah2#NA
zS08w<(#$tq!xv&QLdHFgyssA?sj8mmVP;i5^CN$pk56%YqYya`rfRgb@e>_K`huTU
z)HPY6hB&Pb4xj0xXH<6|y#>Y9r^YI88_vzG?1!IaO{^A)I5kMZlFydD92mmhV3R^%
zK1EG=e!MnyDd$-OFNejXH?0L$v`V6x+HSy#uH2!x@IES`n;?yAio-xIt+8IrFd1*S
zQaH77tM^UOx_={b>SsF?eUky=oN&3U{@ay)VdJR6GX=u4ao6HVx!sOf70RC%(O!w;
zq&0~`JE9vO6v>;6Qd7q?t`S^t%>klJzD!Evx)T~Gk62P$X)jh<Gga!CMZtWo^vj!?
zG`-D9iD*LeZ58pEi9<K&rg=K9KOAUB?DC%dQu0F3&B&<7tS-&CCQ-iIWk)78-Pvp9
z+lEnnEn+9Hw)V@8Adh>j!CSMRTk5K}ytv|0N42w(!(KRBR}X3`&^!wQDk*;gl>cu&
zX%FgCj8uOuH&oIcZKe$}Q25j=t}sWi!mn;NNS5LKAUD>nse);*7;bQ@_|5U#nJrQV
zw00ZoQR=$(u8fHBt9HEHh4Q^9nz^ENooZR0B|l1ZvsUJ9*+avhKcH{f11$pflbf+9
zjk=I-^wS>uhj(Hs`WQg4NPToj=NyeG#8`v1RJO!f((MD!i8<-{P|TptI{??#rFFg0
z<AZSfh4Z^4$<YSY*nzMEO6Sw5ZEyFa5~Ep@E;^^Z*cX+TT6-W3<Y!{xIP)VLeB`1=
zxKvYVmUSFHTWMmK?Pd9d{j^xsr{`1gm8(lv=_#0fXUT*OOZQhj`qFE6bp%S@mZNNq
z1YYTkY|+Oa(HaI0PL=cW3Kw5mO7}!O3G#j(mu)K0b*$^|F;(R4r<7(Iq^G0%l`Gd)
zy0{oRR0<c_1i!CiA8fX1zGh{Z_{9ma;cXcxx(VJElFZt-_^7cmBSiYsU%9~d8b#`&
zgxnoZCm6sr<+)1~7|)--Ej#;}#6~Yx<EVoB(}G9VB9v<p?1OH48P{=|Do2{qCLvC4
zR8@Vx8-k>*-79ldaryA|wBeG<iBxp`U}Pzv-w~;6kp9ALx+CIrC@M_~>5G)eL85e)
zS2ssJ>9uoJe~lV;s~-6InWj-$<1MXSa7y#dp#&;YxYbxyc!66VpYZXdL7>ECS$_*V
z@0G9kg`yU@du!>mBP+MoO{v2slmfq=7(To66My)Smh?BMg1;YV3hnb*=xRuw2oWP2
zapQ{2x_x<ABO&-Q-+UoKDfg{Pp>bcK_*br<$C1Kmd3Lvq(>kLU`<x05bKVXaH0xv$
zz_-ggYo5!R3?FzmcbtLpQmk<qi`586F^z2jxmn)#2NID`Oi<XBCI7llIf55nKcudH
zpl;hMqk@C9Nx&(@w#k)&Cd)<bbPQ&8V|KMe@6)t`xs;@w88s;TVbZJ3POoHwHqO{j
zDy2))R^%~8CAEk9;A%_~7wECV1?4*wWe<G$1|o>U_;w6g3Ts;F2GK8rInT)!YD-zA
z#!eL1k9jJ=o7l57epCHH*jDUW8o*yA@@^zGcLsHwJ%^N4fq{!Pa6d#ta{!*xoWxco
zHgw!==v{`LV(OoMS>OEbS-S&$oA+?Hbt@^EO~pq`<6ihh*v-)H8GB59;dlasnlx^U
zjo!zt)uz-LnqD&Cw~iAp4XBN|N>i)19Aq^}=Phu3LLXs12v3CKkZ7siOWR&bT3Xb%
zplpS`my4WtF3!37Vw}PXbNQ#1ms08>e(8ZgFY4+>LfpBpx?dye2!38f(7<viRVWZ=
zu+u4Ds#3l@|2X{{#H<nUZMC44JYD2Fj_=<4X_yhd2Lp|i<MuW0@W?Z%HL`tFQGHYZ
z4;I^=;#x{|R&zYilxMBYzRZ1|3{yEzWM!&BhCeM~=wFbrP+9Wgy7`UY((!di?B&;F
z{NJ!1q3rnDT)a|SvQj8A<08IY^_#f3?qHIX{Rva5u<)lL<%Osfz8~@|w*4|B7++R!
zh@1qry4cUPP)yj~%hGjFreLqd_(Y(R+hYeL{^0T|buT!2R(6B{hGwBRS7y7=Q(K>^
zbU)q4bw=13w0ZfPM=^$OEY$-51{KuF!HM0?;XW@!<J{@g=ys`$62h9TqVrU#cy3C=
z9y40`ie}_POt|jP*8y!yuFP8a6bxA-(BC<Eyx^7>R5-o1?O7LRZ2arT;Li=zGd`%+
z^|{ZnA^~0ASNDZ30q&&HJ|%soMy`Fvol6{Xf^s*!>RR>|pQQ1BlhN?Nca!%OPPeec
z%3Cqo!)?_Xt(;)@b#Dmvm2(&V8Du0d@DqqY<B`p2&6g*MQqj+1O@#13q3qS#09C9T
zeDZT#?2A+Yh_O%v<O>OZggQqNxa*OHHYhzQ1%h{O1ls4h-@sCd)|Nu_PJu}_J+sS(
zZF?z^*E4Y#O3_Q3TTT$m*vejd=GT`r3lCX6sXf`(sRFawHZkF})44_vO#`LM!<EJ-
z!qqRn24?WzGkq%IAkuZOceXhLOjJV=Zkg{)5dr_`@sO3)9zzOUCibOM#kG6rNx4du
z<$JrO6f?ZA=lZVmCQR{F>gByw4e~PS(K#BVnup<ex*U@!{)26JN-Y#YC{C$(QTasX
zTf|Q<htH%(B-MQRt+pAr(4Oz`cqj%OA|t)3uDh#%W5y{l`P11IRAzT|>|LRMQ{_gT
z!P;OCEd;;~ri{Sqjs?@(9Nn6p-KguUefNGfzToDQ4$AKz!!Ce?UYOHgQg3oU2lv7g
zw;YEMf`6a}il<h~BhOR-6Ch*YO>{5d5*(!$09}I5@GWQXsUpAh;&^T*KBKd{gOTl{
zy_^0n`v-}ts9DTC`=5@AAx^PkuVV9e%FB3(x3-OlH-+$uegN3)78sZ%E8nDEjl(l>
z=uG6CM}#HoC^%U2fWQdP9FGzL?qhGYO(6LV;!?$AOsE0@S8%b&d7{u{UiaAxnd4iV
z`@caJ*WhvAJ2ZVWf2uz%_S?1bzkDa{*NIJjh@0%SCwL*u**&o{Yh<J2<cXoS?lG&K
z>5JtQpU)kz!td=F{Y9Pw9a5rjiU!UFU;dZ&x|ngJ$mgd{Bnr%0Kg-`=+-Wt-5=rd3
zBJ(cPo_qZiJQNDk^lOfTq!43PtNtL$|1bV=No*1ODIf7+{)QiN{Nx_MAymr`!Jmel
z;|QDM4VSQ+uki2PobS)h4*%$TmgF(vOd3Wi*(y8mbYvvet@PeVnsvb|J-hx~WzB#z
zC5tH49*rF$a?O+le+kokb6pM265*~{L5m7Ih42|=U63|^)$@p<_cfd0=GHEZ9sBeB
z!r5btiJR0WW0)CzO4OTh?0mXXAx-}rKHq2pS%bV5ewLD^VoYzLD;-nWA}_Zq>yI#`
zH>8F~on%-w(hV3jtH}&-corQt``7Au2|#*Pg-l@4qBY-aRYUKj(*=8e&hEbRFO{$-
zluAqa$8bQP6*CYR{SihEP==V6+awEx3+M_vT}D$LD15jdO}|WUS;*F=ls9*=Oy(V}
z{`1sm?Xijc<hA~3)_Z2_`=yNTeoY!hoO`bT*%a32aF0WT3s5|7^}XUJxYkSwqk|S#
z*SiUnyn@&q52=!P4R-S^M?Jb3^UCLzs>HQnq@CYQ;7zlVTkQF?6<9Z+mbiojWJh%p
zI>&ucZOr2RHRTu%zdhLn{jcvF$YpTGLeJ(93-u@Pc9x;zWYdhOIj{ZZ*o>KTYep^|
zUg+aZ)51(Ve_Im=o)a^0qy2ihJqCIm`8j6xh_|w4fA!v82mAFJ&Do~|D4OMA->y?e
zsVWj!JaKnZ>5q%p02TH-<6;QvcJqaq%bsDxiML}vMJjT0Zd&ddD|he}wk}HEVI~PX
z2=@{bAUCaU#N`JzNM^0m6;$gcCq`Si*~{)+Bb0xOQgHp0e&J3)OTTUQ#$jVzS>_3y
zkw{dY2$j0uk5|Ssb?4pjUVr#jG&i{ZbYdg}8;1T38f>-&HV&Fy;5CO3!*gSMRq^G8
zo*7RPZNI}5lhrzRf@tcqI-Oi@%)W^+P?7#5{y>k^B^eW>udU^@mU5Qx8}!uB?W+Nr
zs$#PAV8aXghecL@&WjtEvf;K1jt)Z}LJ+pEeK#g#h7=?hE`9*us<1TEb3v}GawBrg
zR!Qj(N2*i^N-n;ZMb~_3y=G^&bE}_L>!k+i-dE-p2R%@<)yvXoUWe{0Zt6}zfy~2_
z7wWIus3?H`#ieBa7*Q=v`I~<(pnoy))q+rPIv;LH;uhYe{rGg+eT&xI{6bPMZ{C*c
zz=0S*?nAMO0}}%U;6OV!aPYed+K2x!IzxXt=_F1l$Ss;|BQkFjAXQE%;0v*}&AG=B
zFqj|{F}~V5KsE_*%M>m^C^jAr0DasAPpxGVON#lj#jj|!`1@s!DGEAknyAFbn=PF(
z>;3h_-iQvNpgO%kB7;>rM^#Nj?9rL==s^!>+F%z4%Hrmyivcw|l3Xz(AibnNv>EF5
z2wL#M?C>ZeJivDUncpAop8e+v=hk>*d$hUf1C`>3ODRP6r&V`-c{JT!5wVo<ysB*L
zqr;D_!aoi9b7)K#aOCrr!3|7ULolti-^1w6x~$FKY~!Ys+uVU_OQL1v^##_=0k=TK
zJ@m3Rt8LN#vuwE8Q0(j;abGJKfKn%~D%R5ucNH@WcQO?##Xo}8_DIrqQ**lyuS2`W
z34<zoIdet;M0;s~<WC1sD70R4mF^vj)n7)%a_K0xeLAbmI9oEumCEXl-FH*%wd$o`
z__C-qqf8+`u&jfmI-y2FPq*y}ONHTDDp|{Pw3t(7C^{d&#tg&f6r+(Ezd^D&zd=or
z3JMQZ{Kmk9qd4NJsBaPcWSjT=z=rScMaW<O!)B8~^Z{ONzKmgEprq|rzd-}m;N5Jc
ze_Sss%b)v9`!{GGt#P(CbX52ov|5#MJXBDSdF8+S+9Sq&M;3CnOZ5~xa^af)W|7rD
z<dR;JHvhvMxqmfWjE4Gx&_AsCpGF4|lKMAuvj1VZCV&k*|JSjy`iJ48+W#xAZITfr
zchz&G>r}S7IBP9$U#%ux)wNFIL01^Az!Erec3wzYu@lq>IXkHo!KiU%;fwWDWV35p
zM))uSdlk|vYwD5RwndUh;^S5Z%7_nAVdCx^{KXPOe?R@Uc#l@8iLk?-17ALXy*J{f
zn&_vKf)p)o0ru&i<QG&n`ycgrAAtAl(t)#A`8fQXhQ;_+hUr{HJQPp7n6k7!hgBnH
zgf2k-uVcFL@3oOi-UxaYdWfZZaV`G(doL>a@PDe;{r7YK|7QpJe?OOh><d63&^-#?
zjb4R3CUD_oR|91PF!s-Tw3Nb(9&<e`TS~b0=<S=e#~e*CBmj>rfX}h@Hv$0<UmZ3t
z)6)O`;PWPv&XR_18Ox$?L?xu#0>97IA0E}GM|DV|602Y|Dr+5mW<A?~bduicGCy}6
zpFRdt&9fCp)A}!k_xe;A8cBNch-&`)(yzx-%({sI#9l3IA(yOIu6#$MXHG-v;1B_T
z?CkKAvAT{YvIKv9!-Q8GRWV}Oq#Al@bKCX>J0$}V*F%5!{d9s;BBBa@m4q$0)Ncy*
zNUHJl;^V_Gk+yRUv0a_Qt<pzmIz4-vIlP`mLZfbXkYWb1f!k|xk~a&2@%8gK@JaT#
zVI$@7o}lJ~c#fN~=>-LB$G-FW@%<X}?fQHdQxjb`0j*vAdY|IWFM?%kyDI#&U?Re%
z)bx^fQL%CHv(mCN)M@(pRrOfd6v|h8QfTn(w%Ql=^X7wZ9ps5<db9gvGTp-$^NBJF
zUf``rs94hWy@mW*-9UX653vPT%%eqAd{4bB*#&YjiEVz-L^!P(E-wJFF5#$Nt?||^
zd*kT%cI$od!N{L6wVvNyAKfSCsDx>pX?TWrc&isf$=)x(sWuEd?5`J=StaXNH#bGr
z##qETft0;`!|Lm?%4G&}#cpmyNJ?`;RJaRQdY{tX1d%+g8wPfZn`i3^)~Fk{TJn_}
zKU{SFBTzlcAV;@m68qV1zHJygaIKkOQaihzo}61h3r=vIeYfejqR=9F67Mwd9A_=J
z=u63@g3#z;l=unIvyLu|Au}esySz05$KA&laChq_wgsFW97K--@874ksFI&&ehrIE
zKWRTtcV(l-!xt<&`}DNK_BF7!p3WFC)dULzvD>JvVZ|Iv=a}P=7twZhhRB_mlBXqB
zb!oF9C2hf?O%=W++K0O2e4BH&7av}7;Ozu|bT`bALQaJ4G-#RWhWWC+(jWeDG*jNh
z6G?s74AegV$v2dI?XDTNZzMsF`)-+ufWyS>xts393T%h-O6c<(>$^2Q`?k$W_N60A
zzH&-PPpIaIpp0~GudAz-gXuU=qI4w0<Y96ArGSJVJLHnx4C|(^u<hMR0F^Pf73)2u
z)^6@>Zo6V>^h2425#F=!25`o&<~Tj0kwgAs4f0LXyMqKaW=$rRhs5<oTi!cg?nIES
za6P)}?aq8b|Ap!;l^&T`+g9!DprR9&t+VR1Xx+$1&(nr&zu4`<JI=^fTN43EWS~7Y
z4#WNF@te11&DikiOY|Z(<_{XYHkZ4G{Vq22wm>Ad;&88c%aA!1870Ub&#A?^&<0=Z
zL>rNObiBtkn#x~b`GdH@Dms^QU%#BPTt%map1kqRI@>KVS*C@Fk1`CTw2`@+db$%H
zx0NF-l|tNG0w27*zL;8g)M@!6HlDUOK}dn?aDNUfEjSgiTwm{3CSbjcnjQGo00Bty
zNyG#s+88A|*PB=;^$iUB1mi5{=c-G$VxN@k4@kxxuc&ng>=m@V-&;Ca9|gJ*Sv8_e
zsjyo7c=w|&F!fsbWy*?9H=Ck~E7VE}6o>~`rSFi0?aK-seIDl+6tx#J#RA748&|8K
zrVJm9tZ<p&oj^-Fqr_*|!{dS++iIa#2#|>eHrx{-R)gI5<R2PbeWZ!40v6Xx5Da0m
zne4ipHj81^@wtNbX@`enzWoCgwol%8DvBE!Vdr-B^tKM=!f>ef+XPi?Z2N*@l0!2#
z4$ooFhgmdp@ZuSzFa34c;XL4we?HgS3AYAv9Y(<MiNP(!L`p+MX>eSCN`v9MzWqyu
z)}3qo)jm4~GE`^J@Q4<G$7z5?Kb)!5++d$LL9?We6^`lna+Udp&e-$)uA%XU9|opg
zrYiIeQK}-sJzR%8UuU(neBJ!&t=Ez;KO(bgeXJTKJoce`QfwgD(+MKIXY8CYcI7Ki
z2Aqx*agWbK$uuH=@Z9qb<7pg_*TKGQRMG`>Q2@XW{W>dO&66Zl#SQG#(F{nE3k6Aq
zHOe_4ah)_zct^#ql^UM<OihJ4><TjX+~2SDhzad^XWqj*o(Zt{&*6PDr#y?ho0x{6
zJZG|b*@Z@iYJ%JKw^VfWmkwHZlaDeYnycs{2rP?;+j!n~x|?{_Hb(7ZMj1xRgpwz>
zuf{QnrhNLs(lTvQ;oMEu<Q1kD{47?&YUv4siTc%;!2r|7V&VuRBDBQl4Bk3Ri6g5%
z>KY>`6s&V2mYAM|xEoxQ2?MoP+!B6<3^PTU?ArQ{!#$N$Aj1RI$7cs;(F!=rPRLD|
z5Rgy1qOlN~J&a^3mQ^#-Rld2SC04(3cjo=CoKHp$SJ1VO=*wOmeQbg=62$Qai`#~?
zXfUnq(edDhhc52E;(<{=XPAe=1&>e4_oe3DFV+oE6JBPtfGY=DRV@L@D~zwy&VW|T
zmds-d2TlXp{pFae6;k3?$SE$6fAZ`OfIY{jmBO?q*hk&q6;s`|7tsdRr?89HRPWMB
zn*|HE74#g+>{%6-EE9S6#tnUe=6S@+;26{J)hr@_!&Ct8S+o<ofd-?Tiw)v+&3FUG
z3<BT6yb#C88QU4;%y!_{oYj6q2EW7hl)F7c*Ys+$&GOyE%J}*zY#1c@QVvHw1Q!P{
z(Ar?zyJs_Zh@Lv>QBf^`f6pz3PuN0Nxj|0<*@V_#WGsb7L|K4k#kV<jRQq2=?y3L%
z=Y<`q#={P_@_~@j>~!VrRovU2L@_g3wQuakQFvalwWga*Vf+J=Hm65!iZdQ|mI>v1
z;c4Y%zGPcer7#3fZ9#8#XHL^s*HdGyl#g46?;dakzOH$(O(73TeHY&6qB(m1z8%mB
zU!1~!qu1JA^e1jASn>^HTwu@AB7>NRF=5sT?&|eo8hRbV({y5dDl(tcHb8@SSriK2
zL8@In)~Fh(+BV>+tqsclSoxT*K#}vhy0iEy-<35HV*&&?9bEdi(}CApfU1OHuCaa^
zUvE<5V>L_9X!87>u;M0i$a#*h0xLfsMQK5G!zSQGfEr`MuaVMKi3ez}?WOK}AO;!{
z|6e34Br@8sjv4nfA$W?~=35&+$NSE3n3smid2#d70s-jjgJk~(Ddc*I8I2)*&V4j9
zUXJcMh%uc^xuW!(t17;Gzx@)*g_|wXbzSVa#QJ^Mc_l8%F)NJ!$;H1R*88vej=TjU
zne8&9e>=L={b<ut=H_=dUqIECzMCtG!C8u#SJPO4`oe}O9X7t{A?|+=_nuKr^?kZ<
zC;|$I(mNIqrAqHjq=|q?uelYKW(d7QC<4+21a3iy^iD)d=%IrkAYE#J&})Ja0)%+>
zGjq;5&%9@5*34S(S?5DOWU<%UVefzYUB9bbhv#i`CglW_p?`d}=}1+zOC|!-C{B%B
z1`!!OuEy+g&XYLxOO*agQ%dn`ZnpV#Y!gNhWtgss*R5$DBMEP-Dl|!0`8#%dah!;1
zAHGkq;*b^RlYXamO<{W<T%g8-avY@zo#egoHN&Pb;^gL=37-oAD-MUZjBV=vzq}H#
z0qmQ%_%h>*wDFSm)g>?AVp3iNg}pwS`Xyl|y1vZF@}8#){v>kX+aJ)ErB8oAFaYjZ
z72Y<Qk3Q@`(E&_yi)C~qBZW-V)|3ndhZVn$<&un4<F4>oLXQub4%w5qGrtvvu<TV>
zPYy-5s;dUe<$%@3Q@13RD{C)uC2v~BIothu9$eO7e<Xt1k}HOxzpD}AT1p7McJ^Ge
zm2Ufp7vJ75*y*{|>VDPvAlGy=ry`ZgkXmMZSFN7<JyD|EsF)}#OQOM6Rp#1N<)jyi
zitMyrbxa@2(qs4Z^q6ljEa^hC+5;901a!5F#9V)f--@<#`*-qguEtaW@f!atHI2(4
zJwfu~)A-ccd!%*Gth$f(r}~G^yk2Wou%FPUe?X{I7>=1;<o&JPz&C2Ug>a&l6JbIf
z*Iu;(i<Ui)T2P#-E^y>m<(=5e=k+!|o2P@kpR8ru9tzQU(h_tb<C=lB?{;1_y0&wE
z`H^0wKgN6CVi=_!Ru{+Sq~lE%FQmlxahVgk*mf>QfS&s72~?%-Li^7rnj-(r4+vld
zA9GEp9j*cQx5L6a>|A?uX^=Q~fc(MNePplqT6Ckr_h(g0e%TN)MhOYZ^OI0GbHB=!
zrM9>0R}yT6Ma3v<RBheWo66vt4|&c7q$5YQ=$1dfO8#nKp_EcwrK7Xl*zJi5_zZkB
znaQ8OJ_gGHc=rGNT9o6(&*`_}r$<JlJ8jQ@;{&k(&wa+G7H&Qv!$<8bT)K0b<(3%4
zkCe^G=)W`fa+$?fB(_`PVqxt~lNHJp%J*wg+MWwg{}hKMgpTGpH-|LV$1-5QI(`3;
zGTETVpR4!};LgAY2tm_9L-pt5<DHKu&WWl(^D6y6`W;mSofXITp>jj3A+RT$2B~v)
zTB2)WfMg{4ru%`P_?74PyQE|-U+8db8`cmQ%6CHVPuC6E!MeSitrZLG2{}G|gpa*#
z8tQ`c87~cgmKUZna5I^eqhY(mp1G~(|9sbAR@qY%9XiE!xXAd!$BDe!Z(h2C$Q1ae
zpgctWNh1A=;vN0cZPmMDKGaT-69cNP1@$-2Xdlg*dAoBMP8)ylAC*5;mb;L1os)|_
z=5L=NO1ZAGG$NZ++0slXOeg}sYVs~dJSw@Pa*_O(5zDhD&-G4gq=IW8zD?g<tRIdc
z4n&|Qv`Sp_eiFkFuZ@2Gw~7@H5^m_^l`m;!UQ!*8UYrU30o??WYx!c%Q9aN(qy9PH
z)USf+WsA0U_V!P2H`GOeH!_?VXd>^zJIHlehWtmD8wys`uFIkv5l*}!WBECd>T04&
zpd)LltnXE`F%C@#q$;9>C(w~yKkH`pPTB=vTfe>IdVkI{VjI?x{BPHU`~Uo`b|&!V
zGpjA*kP{$%)#!1WMMK1<A!lwrjteEDNvU-d|LWBP{woXa>>oU8uqJrFdK^_7W>~8C
zbj~oR)JZYqSktJjJ@vthrpH`vHba!sG=}=G@Mo6h$@(RLb7=I2^U^dhM;u1~c|<1P
z86rgnI$jdf{(#<BeJ6^pA{dC`xT#$DY6zPN))!u8CHAG+>#Qt5DdMI7E2l^n+Z&;;
z*Sw|uUGeTyL=#AH5i(9$@H(>0CO%t*Jj8-+Lim=qU3nDCtnO{Q$=`E{hfwie@c9uR
z6u!LoEVBFCqO*l{p&WqYHdLo9*x&i_vupU&Y(XbVkQ$WhVcPmnv!#WBdVUCUAs%cT
zVL7KzFkM&Y|Ld;`st-3{oWF30L~*q@Ht~Ga{z9}6@gA&Iw`$Ak15r%wfz?K$Z6}lB
z*Cc+rg7r@RSGi3*X)xj7Rrv0i-xc4?5ZG1A->`rFw+sI5J9(fC#tHWEar@9S4q47t
z?|KYC_8p^#8Fw&0gji+o7lhKBc}mLh22@?3XDe)x5qK^mMt=*7nY}O02g*t%F71$W
z$}5G>S{^BVp|djnMJxf0&)NZ-@{E0FfiHOG<Y(tUzx0288P)#O%lF!F3|$qgN-8?q
z6Vk6yA*!pt&0A&1=2#MKhlJDTZXBAi3&h`$Jw<3m;#~l<xfNZs%OS>yI>%GR-KM%y
z#yK&+>uZhd@_X#7H)Q>To?n8yQw;4_A;(Az^f%4Lu)xeQ>WtU!pI1qipx#_g6!tKD
zcyW(W$F;mw(sDtXvC!{Y3zB_tOfxwrbX#WJ+F!1xT_|mZ9v&C0m#?*QG33mpYqN2b
zO6v`0pi8KE)$;YWr;P%|oi@2u^K8s~@|>DwOc(lwv@=4`;IYOlv0NX(i6Q><!*`~h
zA*OF)AoT$1l<C-uia#K7peGzeYO9)2k7)(!2|i*r@&u7-^r5u+cL$1ECYjsGulYB4
zJCq0DaztE}N%URobep)D!uY}}2RAZhl0+zjv|qPH`;Y9Z*W-+$N|5#SY-ziZrnDtG
zH-#i$y{2#RD&MDV5iC-&nm<20bK#$`(19D<XIBMNPf9Dnuj>iMw#s;Y+5M)+f&#+%
z>?-f1P}vDMuzSBq=`_Uf;HE>z;AC%u=`n=5!>izJzpf*F8+|Cluf-vcQV|4s>Olg^
z2hIN?8Ep?*7F%jK`vZC!aw&eK%o%qwgq}tGV~7a<V~CjlCqrZ=W!yj|1|kL=p8wUX
z^55Zt{dd*&%oariqh+!B)lo_tLZi$1y_A(RasF=^zs*{l%ooQ@*GZZ=^I^|g{{BpC
zq>T09o89aQ^y^WhC+LEm**yJY8SSLZ>zbY4irsy?(i1NC7t1YT6TXuwr*bk7kW8W0
zgew%h!NoC|(_vUrsrP`)?c&88#Z@l|J^I7a)6}r5iC}io2-Rm^!w`R|m60M$GV`Jn
zE7M$W0OZPWcU$+jK66S(cbey(k3M_MaP$Vg`!^uEDPvCSS?Hz!-|vgqY<E;T>4X)?
z7{Jln=%Rl5a2#J64q^;Z;SEEseoR^-j@2BN<P0i1MS-LHz*G}tz`)Kg`OZa!zgJxI
z+>FTdhR7d%@Ba#r?ehMwn<@ThW{q~}E_BopfwZ%O$8R~2*d{<}CR0UxBKos8V9bd>
z@1LAgbXgP=<p|#)%gJ=MPJx-xkYF7r@l2C?o7g#lxV3vf2Fe+-{-#)y=gR>FU2j4-
zsWM?3K9%pxL4PSfcth*&&{_E_^LZKxCU$9>8?gJCZgT^h<A`xg@~Hwpo8;<MtV%=k
zEp<8s@ZZ?q3ug(NqXO~$m}W>&cBt_G4Q`tDsc2|z|9sRRrNwj8BENL+%FCY=>*<^6
zYbkSj+!>BusXZtBr!uodR@?%ZUiE>$SC1dfk=5)%a$RL`P55MC<LR&A<iJ&@^7wVX
zd-|WGgEEj84+t&RlO>bNSLhK5L_we1sr{xChj}3F{@Vf;K2D1|bnJ9D0;(9IRN0!b
zZ!&Q$+HJYxK||ncl0T;9Xq8<ybYl&6o}?D;%kz`djI#XRXJM_gH6NBatzcbTD?I%N
z<^Ci(X0=VclMP%eTVEyFUu<J#f3?VGu!nQyrvm<YXL7Nyt4Z1_qI=)u+4NpJ4^ggW
z{CGWem5;^7+4qA6KmS9Eq!+jN8<&NM{k{^z!LC{gK{G&66@*&340vi**_z+J4(-9C
zZ#)^jxa03ANJg~r@71ADb2LQ9R>xbQkQ2&+7gFdYpct7S_28cv@YkJq_DD}P>`l9S
ze$|r+6M*tsFa$*YK2Mgm1;1%O_1dxX<!EOL9p@Ek!PVEzfg_3TJ~k|q4tJj6Yd=?R
z-AFZMeV<DZOh~Y};&*W;SXZj9**wRgdMiO+quSENw{Or1=pcUa{QzMn;pzR`SU$ci
zV6PrTi^1V1MRgxP7oz=OaPaQXG-+kIB7mrb6~-h+*lQ|j`V`K6_joP-iLS$T@Tv}9
zfT6rfua8=75<(1tjqF)s#*)%j7K8fq%6rRgwt4T?$9cDhJ$86O^C9fDX4*^vw~x$k
z85Td3%=tVPxr3@2a5bGVB0vYuZTeNEaPSCVJEE(_A>RS!kUShRyCF{7iZY*NXCwn2
zQ>E$_c$z&)ZTjo#eE*Z0Rdl%hgUNQqVT?@UH`tXO&bgfrghKmXyb0|O9^Vi1@kcjq
zamCY-fgg?;if23tF+r`9bf4Rfd2CIg)P6huBJs{ZFo5ePrrW(U-<A+>-2~mMfZgay
zon6$Y@APu(#I}5Pa5I#<uM*{<#&QCVRb?eWDx8<@U<D(I^hK_Wy%3Q=pQyH?#R=_;
z&c}&El4aml?FBjNth460@7g~Tg817p7Q!RX4-PLw`ddOL8087c%U(_2ayiEEzfWPl
z419@!MQe{v@lAxzf({4L*mST`z>60Yig}GqspE__fY>+b>e~5CU!8gCX*S9pMuZa+
zFb7BTCE_G~k|S!noo$lHb)gsx7#*}INbf(Hu^OkukKeGC)ciVfb+2Ql&R@Sn3gCFe
zyu)DoBZBXv7!rrm<_Yu04}5$AT5pSTC*SU=yhwj8eZ}Z5=vA<U7Qpd^SIsP^UW%Wg
zAK5~A!Qfux`LA=aW6UzDUs5rd)f%>SRz^}I1eB7-XEH(+uuL|tSyfXXZ|-LC%@xEQ
zjqJ#$^K|KU2OHF}ydDjemp|)^8<D7cOGMF>UXILMv~VH;<{V)t8>@m|LA?VqilB+P
zlvB!~8G)}Lz8f}1^;*i)r6w<jh3?AsE}U^FoN*-yPo5~K3K3POWa!<7R?yu+JmQ8{
zVz+T-4VliAjE^+0_-`<h>nD*Te)u_X0}sng#jFj+w|hSRGu5CSPZTFP)*1vny!<f6
z`Y2@-<0p9s%f<RcJ2bi>l+WM7l#qNO?wZSoT}0pkV};efeK_`Brm#M4kgd#hV^63)
zkVk;>V_k<gq1~B(Kq(KD<dMKR7>IQEan96-K6(&30zWwvBxPDyt?-?xz<FT{0KWQI
zA1pZbxNZ0BH^BY)19<kFG4c6`iy0Bqh(N54)D{=tH5V`^%<&J1#;Kj&bkYY!XNTs|
z*VLO5Ou6TdTgaE->Hy`<r!q_z6LheKr%xu89UUtD4M*(>QH9oX3)}XrlhrdrpX^4n
z?-qKB|84v*xUKupQ_*6S*(3;wKA$*0G9T})(*uGml>T8ZaC#2IOmgPH_s&)Ze5&p~
z!s1KVVyjsp!s^lTn0hrwTaj>%nCt|m3=y(t?%LG)7&QWb{<uJ|1wWsHOcE%b1u-{F
zr;qD$*MCU%qgJ~s%#`whP4yGuAdac7sda+L2n%UfpTZ2S%`6>+q?diinXKT;N?m=y
zKnU=!ZEMf(9t?3+buGHLQW@EW`yYN_v~_0*b!cJVXqWSoRFdekTwBf7dSouz0<hRk
zb&a+D58&<}KpvSetiKX=h&-~6EBfC&ga2qNrmo*j(AkSziTXYlY~`yvN_m;1)-wYn
zpV)uJP9gR>D_oEdoL@r)uvt4MQHiQkb*w5M-OkCf&Ys6rLxZwM#1E3iF-_OyVg%E`
zK}{#{uETKq`-A|TYfoTq8%tGEuJ^Fbo>cuL<T9Ug=_xylWi5S40HEc#ewDn@3AHw>
zO#27qQ27URE~JRH7IMBw47iUVQrV)DdQENr6>Ebn=hj|WzyJ*gnuO9J#XmW6xnKG&
z;7-A>anH?v0n>yAuHDZM`+xaSOpaEiXd&d`s5P)v2^CjHD!emR9Vy>`JQ`8ot=Evp
zBkEC3mv>kA_C8_pGhOH6;m3=xzQC&55csnhk&ONPr~9rke$QKKb4tVLj?}s3Mo_g>
zX=;(mcE!NZa)gL?2hx8RzBfFM9yI$n-_h#EFF|?Cm#d~ry63O9GP=*O{Ba^!OPS$q
zd1lJsYnz}U?l8X>eOuqTZ*=Ek!owH_C{{#Y5sX_6y|*(p*y3N{@wSg==n__CR7NIW
zdQ2o>?$qq=8O^7y0{#SU%2F$cC_V;*!e-tmwK=y}6Z5jTf%1VAVHj8Nk(8{Fh@{?P
za;_>RfpLD-q8C9=2qdJu@Nu`_q7t%ZA1h4J;Eph(!Axga_}(*0mwoB)w=xs2{K8dW
zByuIu(FU2=pgiXb7wr-bWQ<dn&H{HI-q@u@WJAQB&C%D|?HG>?(at}vWX`a-m3o!J
ziSok24l_DO-N!31Qy3y=-Hu&~by+gcF4#I1cZE1!OTB4!Bh2!8Wq{y3$OlcMY*0?<
z)+9`n?^;Z_Sbtn%6c(N8T;$Jw70X<6;9JU}oJ*Ws!g<;;!91J)fFjQ_W<)-Mz1#7b
zz!E^w<3mqvG7b@OL)7iIDA{cNXh>U7A1msjh#0G3_sEr$G8LYdIRspDrs|+k=F{hk
z==W~Q29P`3&9A#3CUsmL3~;g<xTd?HdyTpza12Sfxf0@gu=xl((^Fv=)c36GAnT>G
ziI%GmzsoTHvqje1@2}14X_;dv-(;UcLlY4#uoi@dD8#Ky4FyHztxj50`Gc1;(#wLy
zYjM+U81`1BBE2$$5`8X9nV!59mdqhD_g8Ng{BJ*s;zz0n(hDv_0YWjLQv2XyFB)%#
z^?Ps5wW#zw`KhP4(dSY~;kyP0fp3MW>XeR+%mo4W{gA7OGZ+2z{Pp=`U*ag^*s+~X
zk79y3r&-i=2}}&bQ}tO?1QBMrV#?@FCisi9Sc5X+p;m|&KoX}VSakgXH57g3<(R&L
zht_*|mFN_6$=6NacuINS@8+E(bs^^9HU-30LJ+o`fqlDq=Dp8iDBm@I6aADIjZ^m;
zf?`trMh0HQ>Pjkr(gr}DhQjhgpYAnRkVIj2=bU<;NVc)hpLuUiRkuFyTeYl`b85&m
zo;C2<xHT_T_S&v#!ISxOc#`6@N(fUm0j!NZ+-q9p08;NPgN=&p{8I;t1{#8_3Vb5$
zzKe+HJ(r}p_4O7uF#LDD(#5!46#*cc8QUxxwfzCfqSW)_9=!kmBThRVg_%}6oj((G
z+iIs%oR0M>qxaIPIigMeX20~lntv{@{c*p-2z6Oyj+$;8?p|JjQ<k$CYD#>3kb^Hh
zq3M}zLP8YBTfaVGa39}IRlv0n2ibgghu{UUXcLp*N>)3Hq@q&Y%!wZ*uMk(cwaNIz
z7QdwQNo5`6Md82t2+FW8&G=2>$J9P`gIV^9%N||#tlz83Kdb<YZS*3#Vw&rtVFdkF
zLAJlciA_GQEo>83qUG;4R)Sdw3a$4WdUma4t2Q&(#}QXLli4o_6da>`n)VkfqOQ-r
zPHD#$6C!)8`=V6SoU69dU{1~r5SDi<>37nrXCxKt+$68NQw6NyV0EUa6PjNxzd^L0
zafYCvQ_{OX+&|6ZC64eTq*jMKgjivT&JFAdWAonOIs4DPivTVDbmGZHWx&1KFFT>!
zt*luMIetZp%vO)tzDkQ3M+3q;YD!Orz<-$9hFBQoo)0}~Ypp@1%D-tsBK?x&yxy7r
z^^leqq?|V17P%Ui{9X-2q`-K5@)6~Mcbyl$OYONOX$=^Wg)vGUmj&CW5@?q<yHS+$
z3-!5(Rj#~Mh{h_v^piE6H&Xpt=E1(o=bT%{r=Nqz?fv|~XJRFV=;ore`J;wpfHnUU
zr}Cea!qepzwS?^DhLR9mS|6us?J8PzRQ*nfV{g{CCSkS#ijNBi2l_(g<oev6N^f>y
zG|GxgobVod795JmpCy~)L*HJr;VfyjFw0+QcJF5G*OaT2?#q#NH>6TNgC*k+q5Vb~
zZ9^G=ImQfnE5M9pF9Tj1wb<XEog5?SYTW5eUO%*3jFyNuX3MJGL;s8@;A%!%Z|=1-
z{J29%6e}y`krk&ZOEPD@AdPuC9yz>wo$0p9ey~YqM3pm@c94B0zI*snv???80#9mp
z%o%%b)9SJC_^5yLaV2eki`z=Bc97$A`}!pu<;XDm8z1>I`10N#P>-+T0uB8^yhmy8
zrg|VNcrh5aS&(e}fq}UvSX3)S^THT#JLST@S^#`^PC1uQnA=B#T+b4#-ZEUu2(ts)
ziam;c+|3R(@n=*GaKLugJZ{j2ht0Sx?%cP&J}AhFpN;AMm4bxu-w!Dn3k0)<Qsttx
zleF&dJo)yulhTLMq5_EF1c>1@V(H5*;(KaHSeHVzQRU$UI1`^NDPttgb^Qlq<iIO8
zJq0`338)rsC|i}f%ykAaTy+krS8>^Ub>{9i5M{)Xs(nYAM^B-jDyQubz~lwa(FZKY
zGcbZEEOW`@bcu87xPD^p;%RG*fwqK9_M-ZjXwR!<<=0_!C6gW|{w-aK$S|T-K%Q#@
z{KeGUS@R&61plum(R`AOCDGK8OKrROFE}0Iy${4Y(;4F`s={sjt>zyt2kx+m+)aQr
z=V^yjIN;wApv(KNn9cX2v8s1%{2h%a1!D&44J7q@VxLNsXUCeQzx>Y8u^4r$K}z3#
z@m2dq>RB=|?P7|A+2o@maP{O$%TaVM@lE+)pvV!@k8i1%!Nr`Gh6jD_9=VM&K{f;v
z43uvB+m2#?Wc{VEQ9SSKMSP~R#64XKu|d%HTRuB3{qHM*?u$w9`Dlz<z1VT$qiJK7
zZf7Kv^C@UhUPyagXg)efPGdNbuXmJXH<XQFypl}e!r7Ns>eBp8@V!i0fcH_|i~e)b
zngvhUFTXjAaEiHIY0mvws^FPLU+K03i_OarJXor$6!8LU(Fvm_^x1Lg@-aamM5~I&
z(e#Qc_naXGpC;LtQ#akoMjqvqb{cAXS*p>ia?*SCHYXGLwf2-{R)%L3Pk!?46ll+{
zl^yaYDA#d(7gR|!tK0*&?r_xNrJKPqz^L}U7*V|Fwr>BJ6@+%q%y>}Rcds_6lvAKF
z;WKr@SF(@iNkULIe;soy-+P3#sPDv{VpX=#D0G8A`|7jqjYp=~4s6g&Tj-?feSkeb
z&hXB9d`_pN*RL=$Zk(@)^3nP`kK|L+`=j-5Nk8HAM4qbPU>pZdu*Vfjx1;zDd&XK;
ztmj|zAX>)6L+D$j)m?e6uZ66A&aU&7nG54!iEV=5DPrKvZLn|Cq&0ecWXYzb?6VH@
zjoW@H$z*0a{BR9xRer25YI*nlmziS~ea&1mG`DqnVa6V2k{Xm^KfjEk*+ElyBN74=
zhjd(5N3Yw=ZD;s>$XU{B&U7`Rbr5>0zV8u1ftSfyK{2|(ZvZ}w@b`H8Ta#`wvC<rS
zG6t%yXV%VtISV`-EdQZ*ZE&d1BPGkA!d~THS|_dqdeOHR^XDglp@M1tC7sRv5gQY$
z({D-r0+%1HqrUz&CJyjZ77z<D^2*#d7q0anN=Y(+K%%*AG)%nJ0^?5<W^TVZaT^J|
zRQ)qF&3vJ^_OthrApTU{x8fWKIzkb4?r_B~wl7m<y}iuQ1In`>UE~Dw34q-C;aMHP
zv3B!U<fNx<+pPRq{iz&bHuPn38#6H0$B8oX=fWmkB+f}?hgDIf$Kziv3=3e2^PQ}Z
zB7V3_8iD)-zamWk=ZOpR2#fB?w)5*Ve)PXjT-LgI%_5pNSQ=8}s`_Y#8MOQ^Em^Dk
z<EPQlM6OEzW*&RHd!zdv+p<Qb_HY@d!EhS7KOhONnv|}!3yT-aqmlS#c;qV_EM8fM
z@13%=8|TQlgVT(kTy5!)$g>JDv!JHG$X46<mMx;{!29sHK%JOigX^`$qszNdcGmc*
zz2}mnyqG%@FY^MvQ?6Z?8qYR2YBnIzSKt}_T&Ki)?*-4>F~qd<5Gr~bJQueBhboy0
z%cNPsi9Law8yI<!ICYsNTOt4%)vu^PO|eEvt2pz5d=322rI?+VK8NZL8U|^Rz2M&G
z+8Wo?H#s`wRcUeX9*8H9H%Vf{_O(^T=6g_Omu$~Ge_Yx-l*&TGqxZ7^3-{-19=4;I
zh?C2Z^DPFg;h)PnoPw`>?(evpMboH8XWJt#jCbY$N>NJ>8|T}fwxvfeo0{s?TC&#f
zXnpDjaSw2%boK?!WLnLRmfCf?y3%FJNj3K~OFVE)`QBkhk*X&TGJSNUTPF5=8oqLA
zVqSx4tC@g`i|pOd^YegGeCPR=7B>EnU0rwivuQgIwivm3F<tw!F6h!_|JlIwxlhG{
zE?WzWx}gI1%;fo%wwSPX+F)Zskkf6r#l*2p+svVZQh0m72U;K14<&=T@?xXg_KxMQ
z&B@)c*@=$rmEE)BYy>kH4BnBGeJ*YC^s8bw-Rl|Zm&ARf{Lq_hXE{h^)yBN*!C3ub
zV5}V?8>r6{Nl$S(M*3}I(2bf&QNgcm;SKr_FD4y+$FcOVTbHgD0Q+h+ky<Cle3B?v
zu{~#c5nQp`!tpZVX+mQ4AoH4cC!#o*&!>bi4@d!tCabfzTicp4F7%sQS{39N=TYak
z)03BO=Srk~J}n}s<PmLfg1y5qE!=|Yt<3J`#H#g%y5`0Yb1za_YkB{G77rNTKB#T*
zB{t<-=$%>|PXMq8ZB<`Z;PC{mnaCO1t}`%cQ9#gKG0!gbcLOsLYI^~qmU>W3-M5st
zb4MHaSDhZ*LPJNTFEZbN7^(TE7-C`cFR{|rszpV+#{OyD){{nJ@bX?a{Q98m_q(Zr
z>pV84-`Q_Pj$UnnUi#45{{hWp{#e-!R09!m!Pj#_locve-;p_#izXCLg4~U=kx+ZZ
zX_?BDUN5F0z8uCzabAx`$CTVzM02J#t`5Z`8th7c*#o14)v{upNY2-#SD<xsFvpPJ
zBY`@#1f*ZN%NPogKYo5rN*)_NK@yd=OHSrT&>RG>6;yn%gQLJw_zJ|;wk}DNX|#Cz
zx2<+H;G=!#!*v?@Q)d6<e_X@&CNuCfs=kVGT<0h?M8_y=Nj8|NPO6l0nJL*p-vPtp
z+eKQP2i$kc3auAyYkOb3@Drk|=}LIOmCdCc`1u+h8mD?MX|!(%1Sm2^tudx!!3sWa
z=Pr8}hn@(wq)%1ry$s!RTCzNzBNe|dQ8le=(FgY*Ts~Vn3uvAL8fZZ4fABJy8Awfp
zt%k3lfs8eR_6clHv;|eK+ATio@!4^B9?5~J`paVWj(7s?g~i`<JkCV%d!-H%%}wK6
zdZI{nfIP5%rp$n^A)2kQp{@rDGxRWU{n}L(i|=aIPAoHUeT#Y-G?e{W@0MATfY3v7
z&mV(S7Snl3v&Sx^KpR+FsDO-X^)wMm(#aUJL-!g*KMPicT>t%a<}OY!=A^}_!O}&~
zZF+B6LPsYy_Woc;gk+GHt$<RhO~W_>h%r9c-#ZYjuQhZ1v>N;A7TvsQ3t1H92dcod
zxH9k)CqBk{FgIx!%<|Ul%f#`elzy_FjXu5DuxMUFedqPH`$I~Q=RbN<wF1PuQPJ-H
zEk=_*ZC>_~T}!MJcDI|R?uA$L6uUpsWERrY-E@{80Fmpl80qPGn-iY{%PaWt`DamY
z3%={hHjZEDJz=!F&zzz(6Q3BUzHSimr~V;~q@Ix(BVbn2lcR&>O8k*sOZSYJ3BIlc
zuTBkK;=Se;g<_7@V&myp6zJF^BPY1eb@n!K)P1D;gc7k91R>L;6<ZC5%8b5$Jt?-h
zH$B<c?T|MZ+)wuGdO>(Ut@l2F0SNyA*;`jcj*k`)eUL;3`~DF-m+6us`z<8IwbW|C
z(oU%2Z?Tt73slbreSw1HhED0N8Ixs1tOfe|Nt-sXzT&gI{rspQ^^1%7wg#`{7&*z8
z-vx8K^?7XDA@`&Ez;kzd)|0HF%J|POvxH<$A%M=U<SgA)wuM*pxy}5LpR&6K*RXWL
z&AW*JMN}R{HVJ=%x072oifYxvUjk2+vC0R<YCWs(E4@`$=1|}0^sz3b*K_#yLo<G!
zFgb^%a?&uG(FaTo<kTLd6={@o%oW!=vh?NSoduSoip>0<n^WdLRF3LYt#^<6IH@#`
z^OgEo#TyF8iUpXS+wC_Lo_kNH^_KD%Q`Px@dTk|@7)3Mi7MI{CGl3>@;z;QZD*K1w
zt$L1*<Q#7r;ku2w7<Eajzl%W>pR=}FUkFsH)h$&C9Dj$r$`wv2$<mC{?VT0r0T9CD
z<OEeFTuFRA1DAgqfEV192I7MKVWW+0aGf!kvo~4O!+(EnrDJ}3P5rhX*>NQ^;)#qB
zi3<i_ev5HQje+*Vj)+E|gkK(ZDb^=P0f)SsM$Wa`s9YOYSGWYjCw~8>7L5goMo)EW
zWedk;#JfP>lI3X}G``gY*r3%!hpcAhYl4R2XFtB~@emdtXyWkfpy;<g2o)k2qMs11
zVs{OGo;U>?JNs4bPz@f8-%BiESifSz6g+V8?ON{TRZ6CU=80-}Jh<SFV*Nb0Q*Da(
z%4<j2f`BVU%>kKA12x*8D7+*(IFzp&1tM3CuJ7>PoIxBztkHW}=?TMEdbp<Wil1*b
z=~3@oW!blO>_F2IZ2IQ3V@rv;H8FiyyUvZR-I6EMHKT1tvvXLUyt6*vefrK9)3xmn
z2vA*|_&yJgoX4-H0hma)CdJ-l;Qe`5<{7VC<<=W&68-#&j$Dtupz`@HtZOk8ioH^o
z4M_DaRdsPsc6|VgB;m1OCdbv?%iDX$w0&mCrYxta^~IdZJE9v9d3i{SQI$7I0N6Gz
z`JQ4&-+Ke@)Hx=d&GndH3p?;xBbMHGWf3d;r#Wb0DlTwtpdTI`r$!(A00U1ZQH~Yh
zq|eibd#oXqb82|ku8Nl#okOw6n;B*o+5YI6xC;BBs_{$Ti>meN0gL*1fUvd+{Y`9!
zKLj|{z%;LLO0N7x09&_?-?W;4hMd?)T{H{DNnV))9eDMcOc3u@?~GaLJLK=krPz-^
zAofesdaMCqlzs0QK84*%=TM#*YgfS{dKox(tk*|!Fje<~+$}L>+I-haq`7(Q2gvl&
z!@EjM(ONGTH7IfR&dUr*z#1K~ZBJjL$TtsL;hwoS?RSY7y3i&}DYw2=@<1vz?T+V3
z6B~#pMDgF|+-Y$KCq%Zh`L%<9r!~rw(w=v9?l4wXKGfjRV4kZjvxhmk$XVDZqg2h)
z-gqJTKRe>eCxz>(O)Ik-I)T(${{IL|5*`m_BFfa@xY<Gla558?1f8cJb>u#JsqC%2
zhUD=r-Q`dTC+cKdz_1q>^A;>duW_PMv~GUauaWI5z4rWwY$loS*_h|U3wMQqWe;`U
zSqzLv1G_`Z<7)G@!H7`@1g7^_p@JOiGA!o$9Nz9zS5Dhb&fE}%+Msavs(i|J{GQvR
z7Zp;S*A*NcNbc0?^3021i?*2)r5qjO<_!G#`j0f*r@cA9PVbfdB(pQ>I^-V0&a7UK
zTy@I3(82qR5Ak#KXY(zlNX>h)a-3FM$Cb95f0DHQUL2H!#A<e{KAbF>Zsow;?UD_o
z--~wI3)U$GYLBH^x3ymWw<YdR_ZQwB^r>%W5)~lS9e6Oiclc_e)N{R7$>|1U3M!3f
zZ9_L+hbE1VpcK||7O_UhiES1V`S`D`XExutw59FKk<AH3quxY@j#|=a;KY(fXckY-
zWMFz*;Sm3Hm)@e`I%WD_h{gwf9*1_~ajLh8I^%HDNg!XqNt}L>;L9Jd&#Tn<sx9Zb
zuMXbq{Q$o*ISt5BVYOW&|8v_ex&nIWM^t2D8G=4;KioB$sUHq9YP`%0Rwx3>VFPP5
zro{#QSNBX5wSV5a{ynEtZ-AP880wNMH3rO{YoViF4FynzpPP+v<A^1*RGZgq1Ajn@
z6zKvQx42(<BPjCAo{VqWO<WWV3i3J~wGW3JY)%E<aav-${0bpjcmS|Fz1@~#??G7z
z%X)4FcPyo+#sdunewx2Okw>}dQHJ=7$4EKzst}YAMAar7>!+0}JDJjxp{pmcq)}&Y
z<pSoEy22NhbS$H`%YKNP`L)JRlygKf7Y-7+v(w-JNrMW$F&aE`JWSomSDVzd(t~qL
zuJ%s_->|kbf)p)^)a28=0%<P<G>-llxJEuGY3SOqm7ja$c?j(kIH%1|hE5^RftJ%#
zjsJ{q@n8HKC2k4rEV-SPn<+PYqN0d{ioQ~q<4>pnb@-Sh++1L?V?`AZnSmHZN1T0A
z84%w%mvanvo(z_AEat$ZdU^?_NhaoTuN`^)_N|8eFVt1bu1>-*!Is-J|D^U1t(_!9
zFtdK*Vkl{C=eu9-*t`?i7a36gi)b*`4kOnr=v>(rnbAhJ!@D<_nqFqjna@WUo&WS7
z^?5tPhO_8x7L3JAP$jE<ej&-BwyNP;?4acFgKqwuuWbTpV($-kLK-|$ve|86_hHwn
zKb9T;sNWbqpvP7Kg7NBZ8OVdafF4qVjN=h>k1xy3p`kNJM@L)iPnfzjXXU&b4xwsl
zswK$K;lQNGDxK9)5TVwh{^v2@jk#V)F#2hY)|IK&@Sg`SK?}uNyQAbyqj5{BNZe`P
z?ywvAhwTSJENvea-z7~m*7PTJK-AH(2<iML(<=E<Bxdu}dCNzBi7^J&eU6^IV4T6Q
zW)=|x37xNt{o5zhRqx%T7w&yHP;1?-tYM|uNY`$&{t+c#O@U!ZB;8IXU$g{#`!*t1
z<6XBi`1T;IN5V7dX2^gfoHnb>71J<FiR0y&QB!jv*#w7Kfm2TOlIOuei0Eo^tRfSU
zre<cZUdaQ~rvIc4TQyZ_!cf<JrLKBkiSB^>vA)mZo|Yy6*7eV^=3zHRLKsZzTc?7d
zK2$Z;8W5q{xmMP({&n3isV&9MwiNquXYFxKL8mASSl@o2g3Hs8d7FIXitBmN7qd$S
z@FY>9thaRQJZd_#R0}S)Gx8?Rbl}#?#|X)*e2LHU!?+K|m6U269a4XI>YWsiX@OXF
zN%Vxpl|_n`&!KeFp}h0{5fl56Amu-xxfxc7m*8!>2oblr5)h;M4v2r|gR$Ycw6M#k
zV_3h@dwUujTX-mkwNn;Vj&l%8+`}M<y-oD^GsE7h9DVMz(^|nFs_A98mX-b()q6ze
z=~lgxU;}JOd!&bmL4d$WalXH=7CTJrAp`t_WU-`%+Jjq>U@>E@y|au{=pphfxNA;e
zEpzcQH0GN>vL~01FnaM+fQY=Y9m?81SyeT+aWc(fqnmzLZ0{Fs6O;1sh;Ra-4Z}b%
z0vs08>=xUXcFv9NLN&;9YRHbYjBR~bBy7ut>q&k9+Ud7yb`t7)W)1LG2z<~jd+}QA
zW)B1XlE3RJ&{LGcR*cj=D4JEixkGoY)Vt9x*XfPBUuzQc1OD9pem9a50sM4A=J1+}
zDtRqVHCwF3r?hP?u(ua6&pt@9kxSLamaE&QDut&S__HuCp^{f8h@AI?(`_cO2BC73
z=V}<h27%H)z5`BIC2c@qSl1TUYpK$J5bfT+fA1yazxL>y{=G+Mhz}kLLY~eOf$TZP
zBmDysN^{!=6}QAmD8l>!#aYYr9$R0JS=|kCk{&kv1A0IwWevGd8V-9R5^l-bDctDT
zR1LO{F(4>lGke-Oz)VggejG!bo9N?;FLsyJbK~PwjzfbWu*5>?HL0*B`2hrDe*V&-
zIIyOm&|_y#&wc$!85u;y0JuT0IaWI!_lm%Is7;7mp;gLOqjSbv;O833Gf0|3a<{)~
z-c02nTPmbO+-V$*L$i*gVcM>=QdAo;hjNUG9<%#YJnfkYBKyt%Ea2LY9y&bl35MD1
zJM!L)IeHjPoPA)$e<5&W4%p}fo^~J3QQI~Ux>xvE2%{FLnf>F~!HmWaExpWfW`ma$
zZvDX)U;PVK1$!W(CkEQ1_z3LcOw1jf+_CWkwtsK4OPf}1M<t(}B?em@6B)cGOmqpo
zSjX;MZZM-0i5n*ubpYkotX_!M6<==jxVQGH9V}r9nd^Dwl`Cwt+#a7tU;`79f$)$U
z{uA9lJ406V_DxK`wXv}-y-nnxNdQSc+%cozy)Fe-Ha0l<-9~ajV?#9U#PEJZw;+HQ
zeQYPVtP`#Lx_n1f49GY4fjH{IA5VA>lN0T0e#gb+J}<agUOGVkU67s9d?RM%%0xSp
z)3p6H96J1%N7J_Ecd!NwhUkWt%HsL05{P4u%h@~=*xp7Du&YTL>+Mt$Grxn4+R!AB
zsO-tvHe%&cstJ{BN8rKGz#rr6b7YG}PsNH>a<tqW%z`6wU*d8VcvqXnsYA!+Na>h)
z24+IlYuwZb94aDfykqe;dKS)+!cMM9_L;Y5?XNJ`@Ava$kyI%sM%~Z^HF~}-I3uqS
z$azjAlhgW>sF<>z_mNA_kHVf}oy8V4S(6RScw>%`3KvGaE0M3;8R68<2!!dvd;}^L
zPflm|t3|5WRVP1%bB*=M)~o@ZrNZ6!i(Zk|+BabY-pqqe+4c((E2-TsWe>(!ecW;Z
z1_eux5j9HeHS$Di7I&*8^r>1JGrbeO-ArQy6@)Ii8%o6OzpdZbU*SpYs|U<<fuy=g
z(YGZHSW-;kZmLTxOHT@W@a9_KllS}KQ_a_@)uhHWTjGtX4u6yCt`r#6qY!YD9iw+B
zmJ=I9grZ-xvM}aSt;1gM=fMHLzfaKn{rwZ+07I;~6?1vBtoFFJ#)xYep&Q57hi~V{
zUhIGwD~UFh&KlK!wf<aZ)N;6s5vmmuYI$Ly<VpSX1i_hK)-sfhI7T5P1YQsA5&*i5
z#})(t7D;z;3^CQg4wY!Y(scZU25OMFm;3Uo`IRv0B-5LOnHs&7L{1DQlPJnhs9O1m
z-Nctpho>3C_BC#}lXPZ%50}{1`k#iH9ZfM$th?y@AV<(^;T6TXqa=p2+SyRf-CWKY
znA0}Vq_n;vab-)q`eb1L;FWIX8d~IG!UtMb8uFyJD*@&;<qL#NaN8tQfZh-0`FmLS
zGx<SJDvZhM*i`F&X?3j4`N_n=1EioJ5MltXxEL)W3P63ZRdvHAy)d@AHm|O8{#ZZ9
zl|<SeMsRi$MrkEMUDa~JpR$%Lxoj2D#do8>oS@XxoSVGLca7k+3Yo5RE1py~{43cf
zEl;H3Q1KhpZ(3H6Tc5%<Si#s}7nm#7C4^bQ^*mWpI{-25Bc!$vbJVLU-M@%plXYlr
zja6}`ZF3~pd8%$(-KpgF$iqguiX=9nCLpU&X3bubP=n!nZ|-hQNbB)CpK4{;(BfGr
z>XMa6IgDE?ErLuOpqCEJ&a0<YyjH4_C6>X|gr<@O^xQleO)tFH@a;#1Xx~tb_<ETF
z<V%G6b!zK9n4?<k?`<$WQD=Eyu+O}m949g}wi6gyR;t+V>Ph}KbxDsyH#v-*QQ<Dj
z?{pS}#i0>&6lx$FvUYgRdx5j*v6sLphjL*z6WWEhas`kmRN`8sVRPIn7g<h(v*TkL
zn(Kc+_Z`9{J$k*-Ozpe|tCYN)*wG%o7;Ck#w*sOL#r>=PH><fy=G=^|?){}$qZBAc
z4bHq@_N~74@GKNO^Qig|whKVnlIxerc=IZcHxr$nkWHrq{P@*7X|4{Q4_7{7Zk@91
zp?PHv>2}fe%s?5t-(Im|(ehQ!k5%ewK`I&ZooAKrHbD=UH}6ij%EmRe$Rn#z%diwt
z``z}Kg<L*d1;MMoIjjZf_Qo55hM_^cY57}BHrgC?VlVU_-T50IA+^!29|n4hJ2L80
z+J(ri_D3Sb4(`;~MOxKmIB&YA^u<fEzH#UPU@)11u_y3@jgmQZBoy4r-;|G80vs3|
zeg^wc<pA|S($ekti#Ov#`jbBMVa>I2pWNR6mYvlXH(ldST9_&HXX<WN+dK2CB$Qa<
zP|-3MdBwJ~&T~dFGGw8rUQeSXHXtA!cFGzN4NQ10!^otmwsPHN);=`7(k4^-3>`!~
z^jfTow-X2M)X6~a?*{0zbGdO0QHSDOd(9`Sv)z7BCE*x7ONbad%bcOR)V6h~;51PM
zySp;lHDo8=qv#iV!oWa?-Z;M$c}<rc*+o$Q<-j*or|^tD`tDt-cHjKE4d>rt+n3X@
z#QHmf)1k0`p#tjkkjSv@2pohM2nR?GOH8OK3o{`oZ1qj}`t_Hxg>DRu=|eBn&;Aa#
z;S5EtEb6SD_6hIH*<yQ3;v8F;{GnDe_8cPQXFWf@-;ItBFle!iMDy&fy9hDr-LFb@
z1x{7WXer3S9(wQ(C}*^gr0m~r;J6$eQ?x@;9B*}4b+rq9)5Q5|V62nx19{~OGtFD1
z^Xl>5FhP!TRY^ioF+m@nhAoNTb6c76zEm82%GCC5=$@%{{?o7s?PXfJzyxlKQByOm
zqoM3!wI<691h2&`qHW>aq062Ji|*o!t-{?WKK?0_b8YxQ{H@6G#qWD%{^NJw=cm%Q
z6!14*2ZOwJ!7>Z_`1n|XyIj8-R3u##g_t3)XDyNU4wiu7dw9_mcfb5UL=pZMy0G7V
zjR>4zqYyZYZdE2Jl~(JVxnAk9gl~_@0%%6v<9;EUQLf2+^Q0j@`Z_cvQ4w3dC0yBo
z&2hUA(k<YYj8za<*lkKuSKyErKHA(nU5Rby-f8CR8GbFslGn)hOHt-)?=%7s=TTj~
z8T?B$$*cb@Dcm2ude{l$^$*<b4po_!wgl;Jw2t}2r|VU%b^O(2ez6N*ei?|DCOdNo
zz`}c``RM*4ga`aJy~N#&vQwN}b>m!plq&JceoMLdO7p8_M`~`L5Q~eqq;V22;cJ#)
zr1DM9KcFswJXALRUCj3+=SP44eEj*P^rH?&DnD)zNU&ecQSGWTNschJ0ueNOoM{*o
zo$GJ=`n6?&bMQB%=vgH1iJslgQ@GGu*gHU62bjO{%8q@RszcB{_1=x3WMj*`F(-1y
zL8Yefvr)Ao#Z)x(8X-#`!9Hg{-&+XwH}663ux9=ky4NxIFxxDWsZDo{Tw(YXQ3rQ`
z0D3g1=Nt9jr)*NXkDZLZQ>y2rXt%L2yMxY8_-BfOsahLR*yKJ1H^<af;}uqeqoy}=
z-+Ia=gFqmPujKis2}Sk!=!I;p`XK?fMe(-6Q4t(<gba#yTamY<Y&ImT-zL2JtpLzm
z-Rg#jM!mGi{XteKgjZ0dsIG-#Q)kq3{icY{l%pQ_VtP8dH0Fgo(;IorH6xhLYCOZN
z-(wv8)JS+CfYcvfzIXwvb)8#ExIKPwPwUO?w7>j~2UjdxZdktZEfM$KKZarhFVV?b
zKmTr-A5&|C+2<H#ZXukoo85dARz!{oqR;BErcIKbPwa8uL|rZG8NRPFk2dcnM#SnD
z5(H{e;1Ns5&Ub_|5lXNqD<s^0vXy5Qc5l-#34F`0+dGq%BgqTt@Wrh~ou8Y*#6>PE
z#y4}R8b$WRJU-KvbbS=3tkfBLZ94QeA!D?g#8*rDIdv#UBTAf%51kT2OMNJ~R(KR-
zM(?WCj@>{66z%wqTkWuV*0Hf3B}luKQ1bOyOmjZXWd+Z_NRGKXeS7lxg*9mcqOF^C
zS1m<N_JaAwr^VB6fk88$f=w*jC4v=e2sv+<NR0GKgX2UKC_9IEV#8@+pf1(4+LCpD
z7A|4NH2bUpu(Jd#avP6^JAt%J5{lMGCyh`G5Ie$8nxqrmCibioJo<$-H~9ayx@mX)
zS<2wI+_tlgn%$*#)n8k4$@_OjQSZeNBFE7+U#0X))CC*gT0S<r`$%2n2YG}c)n4uu
z4IJ%qag-yr`misQcOv-3mqb;Pl774z>wNxYzJk;@OS_w7x57BwJsQ1sp^Fx<>4w{`
zuNMUgw%9@8EfwgBQ5S-I$DXMcCswu^`x-};@;a32?`gs}DZw8{Y(}5_HfaiOTL{F;
zR~Qqi2!4e`Lp3@X=*?YZu6QGS@2g9*_l@ctsBl78s`hLOLAbF(j25sO*eT8mZgZO%
zcH^IFYPM2Kn}sVF+mB&U%M^q-aYmQs^;}fxwj#^+1aE&=hV~BrU~^-z*tGmk)Q}Rz
zlse_tV&Y$f+mICo%I$XXap_TJr@-Ku5`(63qMg(2<~T_9^kesO{=~2sIbR}Ts{M!S
zQbPfA#XLRPg%BA1C`W#r(7XStbHTrN-G9%`0Ay@Gx&n_5y@Di&m-zqgwT^B`ltrj!
z&4qq^iFRj|dHu^yf>*LPC*B=Io0d}j2SnB?Tt?I-yrxPl-8mwN_kC}dZIKW?sTG#g
z=Xm}6T{J~b<7NqmXoa56uy~tYDCKW43$YoPS1r+qthy<bV<&mpPO$f7kkQ`0zA5A$
zI}-W%TX_ZR3nZC)_Xj<ERdN*Ux;L6TSZmUo_Us_PwxJf)sDt#eqSc^nCV!F=Vd|Ll
zsZY2rhGdY|fx;_}{sH9|l$SWyZw`_SpQvpJWkwO3GKaNLN6PS3hVVlYm;b04cBDkK
z_4M4k-SnHal=M?~hCwUSlu>u#9E8>X;Z*SAiQ%&ZxM|{!07oNW1|qEaFhA}-=>OFR
zVM~y}{(jm%QG|<m4=I|Go_C%4`gKh7<0l!V@x19f>MNjIaQoc;f!#_hv=_`mRQ=Xg
zhsD>*W<vuaCACY@57`%5!smWrJeMziQa2Ly2sv`yN<-PPo5;yf!Nu;ijCWM^*!3oE
zjcZ5B3w+%wM}EP>9v-6WJ+-64!^)NRdi?+Jir3=@v{r=~7P%G~7S8;>A|smuu{(MP
zt}t~15DL!n>w8eXKiGO&1T%6GPp|5X0n)MVe2`G*-ghIg^|7HChz<pWWWzbA^w7tq
zL_Q_3^EwyL->>*yy3$2lXP`>`Y!h$b&GbYMfXnMw4kJTVC*REMD+l>3O9kD|!l+M5
z>m3@@B@VqWez))aT}cxn-{&!hh-kG~Mgi-Gg~8Wpv5konBZeF`{l@mXSE&afxQsIs
z_XNgjZA?d>p=%#-4A$#)%5pt47uv5EtoWB`6g-@}4o<@teqNj{h|k%K5_P*fxkp4k
ziqOlx&k;uX_pcA8AFfN85a9OMZ>nYG+iE<@#xmJ=hhOK3)^D|5pPi>29Jxd0DY=rQ
zE^mFd5$AbYO`N}2L=zbZo-dmqTbYYBJDjLQ=^)hXs0OyjFZ*N{dSd}?;JU6hMB7!4
zXiY5PzZvGWZ=+b!b9rqZ*kgL@yX}|!pIdECRx!$HC(FePmA)af{8n~R7>;IHoiuwO
zBlfy&;vzkBS&$hscp-Dz0@s`OAL>x$x-8DeEtUWa_E^2%iPHRM=gfy~;aOKHJ-!O*
zr;bAg$yIGXJ0^<~1aX`UF}dPub002|UFUV8#k=M@{Q9nfbRDn&)$`LqOu`J@*qFKC
z^_XyQ{RFPY%MF4A>MPaFNedXeG9A3GB=%%TB`^rW@a*TzlX0Q}&&Oo39JSfJ1Y4TH
zigjPbb#*ma9qwttc+xF@7xBnYaqJ2qw%q@;Copk8vBwWNeJacZSP<*}n1yC4yu9#g
zyh2S0&%K{lQK7ao@(1*{prg;FGj!mDApz(ev|6mfui86Xz+I4Ee|pag#~kIz8ZiH*
z+xXYj&I3t?m#(Fg?e_>S7(6Pz54U5}`mlL{E&5{MW9arHH%PW0UKui4@2|q*VqjoY
z4!PWyJG-&^SwYcCyvg#MtrNzktmgFsgSzSxdT%oL?u+tWXq9s)|HR$&gy(Lrg{7Sy
zCvxR+lYI!d(`XbIm>z?F19y0h6Slw+D>q!>s$B0Ymv6mzbag%mC7Ln!g(5uHb=awL
z^0{7MD5rSmUHwJmF5y3uq5OY6W&XYI|4pe%sY|=m*a6H@l)4MI<Te8d*7ORIDfx(b
zD|)TGfe2B!l|TV^+4Vk5IA@4{t9r$*`|ggMJyYubiM~AMwg1!s1*oz^nDNtH$^@(~
zf;_+CQ<+yl$*FMY<HizRi~6jKMWCwZD<cB5Ys|h^k8G||^R&a{TOXQA$c$btUrpW5
zMzfs1gEu#R$&yR@F@E_An?g9$1c!$*VR671itSB~6PR=pZT+OG@5KqaXxLYd?BKt!
zNEtI>@F;G!f-OsKfZuN(E?v5jPJsG^0uYotsj+O^%M*rHtNb1}U$~_QdGjM1kCs$+
zYqWhE=@h6-SvEf!o3NK^X?cr1_e@LM0d_;<+yBK*3)%mr>!|Zcqq*eY2yk3Mmp%KW
z9%snq7TayGvs1c$bL6kDkJLCXGVy0X=f9mjSZcggW_h2(8+>J{4<hbkpz?^uB7d&D
zl=t~plK3izagx_>!A>yQVzAicF(31irCzE3&VCQT1zQ%dQrq6yWETp16(v8aaF|>x
zGdl0E0z$U`R0eydE@^W1!yI_h(AIkQJDtYxkdUgyu(iNA5b+czzIVC`rXsRVsNUIq
z-wesEDAjUwc=533s1K(vn5%;=JL;e)qtB(1T3>YCLIETmd^um87@}l*PUiERUzBvQ
zW4M^RK+{LuMkB{Ha%@FfLXF_(>wI{-u|1#B<WPo&$!GfiqrK}6YPws~Q3RwbNKuri
zG^L6(krEpqARt|c0hJn%-XRbK=}kb16hWkefKmklLFphM9U~ADn)HMc0))6fzuDQl
zcW1xZ`R?wW`_E2h^2eKVW^$7AJLf#_`#jHasnd14`1r-9CV%&t*=E=&6Lpat5&cxj
z)Ta=;GUunx_9SpLLVU(4HqZRgFjc1{C~Ix@@n(Ir!S_>JyX5T>3uH@Uy%ZwQDX0{y
z4hi?FSc8#;U1pjLjUH)nhcNe^e>4Hn##5mcj%uPLU~yjF>h&y!O{&y!-qU*0wyCs~
z5aI)3A6-UPEmEViPeWFXQ+|OoHO;3<FKc&!EFzZHK$de#byPm+4!#UoA*uAX32@U|
zhP(is+giM+0d3@2;ekT7_d=h2L`QFU%jV<`U6wd=6Pe=~)+#n-CIXe$ewcwI^g<&?
zDpWdN)S+aL;>~MA1&u;J9gEp6g4nHzxAB@?Kb6gj`qB`1YsraFNP5nzXwX&Cp(GNb
z-Sv6ml8rjQ?^yv^li$F@g9_epnN#0_{sB88JGq5U=y<ERwf;TxB?a5md6T#pLX{!1
zXp^#|ROA7Aak2Nx8ztwleW+iddh`STxUw(h5AYy6A=?kfRaH|XXA;>ET9liFL%}ak
z<@C9udK{{jjjnt^CoDa=DpWtcT*%73$)Pm+>_5;5$E)s?`G3bFR1O9ru65v~UsVSa
z-Wj6vre;{MgY20ooO6i@DI2Wd3|jP&iCIxGCtgIdP<((3slqy@SxCGSJ{hr+TxMJA
z2Iisb#|>^@k~ku!Cu^B9n;n;RjwrfzfuPfiq|a|E#MY>a!ZziZEMeM8nYlfU{TJOs
zTcjAT&4ymn=R@!fRv@H<fE-Muzy&oC;$bTI{&2;`O>b2hzM0e3OBe0KF1oLU-2JT8
z!yI&m)@)ka9K@Ds?05}WZID#(icwclMKPM|Kt&2g1c*otja0Q*0#AN9wme7Bl9DVb
zHQmEwT`70-s!BqSA`j$J7l@P1)(Kga5D6zee=s@Vnd@gL&5_NuZ2DrdGtkqT^Qdr*
zxslka5WmR)@rB;qMYHwVY#ka?-C}<B)Ivo%qGyFBuqM1$2B<m#>Fzf8G^MkpVf{7P
z5=`;Q;;-KtX)TJkBP`tJn|U8Kmm^wkEG0f1tl+1NACEu;6(f|0b>SkYHsA5oB<S*%
zV{(+&LQ3yp&mGT&qx`8pT~h8}VmMv8C8tn$T2NpBtTwfR#=pObSwPI1u6bpw94PlT
zI*G@|Lgmfsvo572)7vrUPq1E+xN&Spl$*?Vn6@1+Z57*kl`3;RAt5;^d9j0&(r{c_
zOO(wc^$RSfwEJYG><I?{K0s8%W=9+dQRAjQ{k8*P`r#K{Egl;fxRO+?&$%2WZ7vAD
za5!;`?&zC<vm;YZyEO5|@ru285$te@6%v2wqh|2#{jx95ZosQaa_YN|F>@Hc#+)_u
zl+Y{PzTQWVY&P9ZiY(qf2IwFs{zRhr-|dC}Iri7~#Utv0g^>uz41}FFu&*EQ4Gd3*
zz-H&{L-;KD$76Go^TU>Q9do_)^CPd5Qd`b%8z97h8?b3Y)N><VQ|vIvmuWeT1Jg+1
z)ygQ_XsnWna90Xk`L57ng=$zGI(GrpS6b1MVB52Bpt!3HY1=Dk9HE$F@Co6-%w1DK
zIy$-L9wx5-0xj3Rt4qW9LIU~Su6vgu!z`Hw5oRQPlffORbPfF5gJmO4j`XD(La0XE
zx+!Dm+nvR;3k?p)zY~F$_@tPv06@nPvcN6PvgawC9*dmwN3|o5AisQ|M3?(P*Kk<m
z_mrsM@wq)q`yO^5m#5x4^4(_dX`{GJH<}`FJIx?~n1;~l^-EeknKrv{{t<0ixGx|N
zt&#m#YDAfLt-f#IslFDfopIKKxb`zm&2JlgP<i1~tiJSgv9V!TdB(UI8}D@$vFhq<
z&gFepMFV(x+4>vqq18`1I+4+KR+`Kj_*DnG$zTzxnE=z7@}!*QTnkb{0rSfA<@l<q
zv9S?=jKUrsas81so$J6$vm(Ga$cFNUfMdo)du=dH#xq@TN(u5;QAm0n(*44}zy6_T
zQc?_PbAJe^#krz|32cfM!y*T2xrLL$edyQy;~K|od{3WK9&_irmRFDw+rXt&D*I!{
zl^3w2I9yHNi1O0sp}4{tkP7?5t@_TAag_qF*{vwQy0dRES02vTpPdIP&aTg?0LPN$
z;<(O`x3Z+H)gU{npjD{Y{i52>fi&6VPg5UXuQAepV4(Mx<W?|+KOMFT_-Hn&*qpfT
ztNIcVn0PxDe{MS5`PwLg_t@ZM8TL|y$CfO&AzyMnU$M|p+4kFnAnTce9FgKuc)D5K
zg%OveyfF1-9h=I!H&vaPEO!Tsl~_J-#c^5QR9D=vJOmKT1gg==M`wLvTT+L>^TwYj
zs!p`H?Io`x=@O)^mB!m8gVqkAYxG$SORDAw7#X2mc>rW4m52$`9sT$n4hAi`@ryHJ
z?XvPiU!U>G2t9VwqGK#@>TxJBbbQzwSh%I#OB8)|ZL_JyDzH&CyF*QiqD8<&k7u3#
z^pS+vx2)V%w1^Wf%gGw@KMm8Zr++m9zVhS-pvLRt1)m5$OW|l$6Re^H*%F|AR#uhH
zQh^(s@@Tk|<LZ0DHN0q`!Z$@3zGcRWI0FNl+^*UmfP8aXvUdLKE^Z-E1;VL9KZ~QI
z_}-;Fv#-Fe2nd9&Dg@L;jxhxf!W%u>B|Iuaj3l^U?#`X*29mUZ$R2T>lHyzB7kCHV
zKn$A7OouI`l}s^wLf0hS>VkcvHxpt2u^t62mic>g>zm>Nas3B}bJ(6KjBfLK<Xg%x
zjr(bUHRQPv36Y+0FJEvhx90A}SjsbpiK^OwvzLm4C8+w5?Et^92Fy<ha(Ozq{<fi-
z*WsP9U-A_eu__L9+Ol7T(!1waczHGv(&ajBYF|&O>Vz<=onILj5FhhO<XOV5{Z!=L
z*Lz9EJ;|DTma3JBiicG~=bk8@HB%*K6Qm>1%DH~H)?kt9Q9)oEj4s39R!E%h_Iyh0
zUC?}X!NgXT{jQ3;B~)Eo%ON#;d}od~5C;QK9U}HqYh>)?#WAb1O2gE}1DOV9VHp=?
z#qe1lnN0W0QHx7C4!{xG=pW6D90lt4iNMUkxz5#a|1D$n_RmZnIc|+KUx1HiAN6vj
z&r`f@Ts5{hl9!f*2;*-n0x8$IbSd!z%(inCold$O`V>`>3~QBrRH)^GPSN_UJVgN;
z!i}Pql%6?G<40K$XvdgxyZpYfCF)QmmC0RCrNY^4di@uO>*pIf!oU~sF~3%G5<~bq
zN(nUHqMytmb+Aga%o^@!JxPz~QdF4g*WiMPb9FLgb9vQJRPh*QKB-@zYA@W0?owT;
z_Du_sJNHX`ZEB5)Hw1PTjEy@d;pM4To(opdhPxZVbySn=8DB6z!u>Hxlu!{x)h$qW
zr;o^W6OK`?F?ppi3ch0ch~r#zxj>AVH8)>TdAL@+qUZ=v+<15EUucSXG)4?CURZFz
zM<}Gi`7Ub2n5RXzfY|fCG3Ez<ojx^0btbKRwveh$>MeMPD^5QhJeR|rsS$LWn<X*e
zAdJR*8BRKbj3i&ix8r8qZj4>{XnJrn2-mm;TH(-RBn55YJNv=R!DpwalA{vgnJ26e
zMxWvy-l=+AhE`&@YX5qB%gv9mAaIUhUtpHTtUGha5E!qpr8y%1Blgb8b2>T?hOq1R
zK|UtFJq4Z#P}13NjNKS6h;5S*o};CSzavZZlfrdcMRB_`dz8i*7Eji43;ligOMMjO
z=I6N?zwom6<8?C7A8lKc_XyVr0M-2CHD=IUvR`{3@0!eku9H=@Yt)*3eGN?T)^M0)
zLfYAIaw<eFS&=_8gb@T{04?isd^c29f;dPsu#B3;!IbZm`^iRSwgO%sM@`gW-+$X@
zXl2aD+V0Wl{meeE*9t%=C^$ax1l|HBs6UiHGCgvo|NGQwgR{Oj9wev&*F80#aJZg9
z)iNeAlBen-w)NL^A@_#{P~5#di4NZ05+L^5(#Ng{s+grwo^9BS*NBYVi@fiYrrZ5;
zo;uYTyn$GhU$Ocx=%=ucN&lcS02y8l7w(nk*bx2&N)hr$Maji;=>gCuUe<~>-rV>s
z4^wr(^_k2>_eirTLAYztgY>{;yY>w+Tb=ZSHjpm*-FbU{Tw*=ju%RZ}IvsEQW+K(?
zYTrlZP|vuS)pvs`yzgOC4*TR>qLm);<%jNL_IJ`vMxBqFZstKF;w?1UKGc$1ACdaS
z^4D?Qy+q_FhIb^Y*(pH%aAhAegK#zV>Qh)WA1RZN$Z?A8EjB#<#Ik(#R!Q7`GJW7!
zG!kIgkevn*T7bH>AiA6qp?`A9yw$hF{C(HQsQdHdV05RlNwmSIOs+VuR>Prf+&Kg%
zX$*ze=a_itSEgP=PETciI-9Os6E(nkhoIPTTrlVKO0tU#dPHUDVEn3xp?et01~<9t
zw-H8TnWkiz0XFpBK3)T-{Cs){OL95KGpD-go;chtow;&akiRNyryTM{?Mwp+72_4p
z&}O$`*cdY;b(Kz;{@4NQ+@bh1+MCp%&l)^hR@$Arbltlya%ZJ6Fj}sZJJhMy=Ve}j
z4|wHa!MeUjkdw|Wq6FkvvlwuF96Vm2^$SmhTFhFH%5Jt~5_tNEjVO&SYxI?prA)DK
zeg;w!xoI<G=`iLF@5!{RtK3_ns6w~Yf&jKvsWbziuKHGeXmsE>u2&yu0wltdWQ-y%
zC@L__+?ZQDz434-NSRpGV&M``OuR=zj0YbRxIp5b8j|cxoSF;ed-5pnCP!+|5RXt*
zvztPQk~~KYRd!}&ASRnhN}`Y$kyGp#kf(qpXW&h*F2&a_T#38rrob3a><-B*ZkZeX
z!nqKyu;XL4g&fE2CS4ZEzg8yiG=~^8nrLU;ttCCwCqsRcOtr|on<H6Jhq)QgXJgHg
zV+d>FrfVFT#y&z7%=sBiKSaGP(=dXsc?@{+Cu#SJWu2GOTpzt*0%CuqPoSX)$IWig
zhKa7B!0O;$QaFK7pINyZ+~@W7)s-}BQMXQIn<JHl<!q;L5J4+=#W1zgz~geoywxJj
zf?Q9?k{I?X69kH70V06@or&QU%UazCt%r<rc*v2_<6-XK^?Cb!%zkcr7Cqp(+I$)D
zl%zrv_|P=0a^CqDsA~HNIK^(bzbmOKFVOSM*^f6vzJC_PNaD-vwJ2+ND}Fe(@HqmK
z<A{|?RI4v^%sMwb*8VIS<#n|LQ69$+N=iz|OYgthBrh#aEkibAQNkOa_I@lD;!9MH
z#_TJ%1q%(T@lr)72E`BjL|X&O>r3F{9Nxa~;oWWt(Qd7;DXfbju*zFSEOF@ozJMdy
z;b*{!UMo{vdXaZOjC(;PZQ$hDlTh^F{2-(4WM0U%)3bB{W3;TiuOc0@cU5ph=pc_~
zflOCP{a<V*On-C9Hu;;M&YyeCi2poCXD|qu!pk{i39E4q%41IS62wdIme)Y#(oP<`
zq_@+#A=5wl#F$6)*z7r5R0LXyun}!_6md^QHV^)dQf#BEuUTDVU@i3F?qKSP%pz8q
z&F$H7q0y#!uw3(whf*1%;&)8_#GZE3RY*htlqx_RkNLWb#9l{5*$mmm2JDG*zPn<}
z@4+wOFO=vwM&Sa?YcU;cPk=<Deoa$VqTVP>a{auyps9|(_KCa`%rB0sM)8$J{k;Q^
zS2_T`x@dd(G^C#i+CO>eYx7S<nr0T&nW!4s>KfB5NbFCOY$KoXZi%@p_1(gh-<aBN
za#MwT^i#l2Hnx$b2k!U<+S!L}TbQMosfx_&Ns={oIE|8FUt%tm-2>kK^z`#*r=tI}
zc=Pka41@%@HJ~n9?!l@H8s_R#o1|NGFPc5kr8~9B))npfiZS!#@W;J%l-!ZkY%ZEO
z_Q8^G)=8rGT%7{1G{&5Cte*Ew8?L>3PCePJ>0n2RR053W{ZhlLvBV-QZla%DS6lg>
zsDH9mWBH~j<HuukCPf7qdOvkV-VZo6Q5I(gczfif&rrpx#sOb>MT>%r(!PSS*(1C2
z;oPV|Z#!7M(DqtbKGmjXaDlWqftG|9ey3z;(|RI$I(+V~-apk!{hWUL`Jxbygr27M
zmYA4x!-n_n&(6gqieuuvddh53s}pfzi3jsN02TT!>3riB`m<Y~Op35VeD1O0hnb=N
zWzw8f7*PO?&C2Ka5~~9_X_d=Uf4yzM_Eg`S&HN&h&vP&Gd%_af#k(8|cABU-T<O7Q
zcwO>AtuhoiSc9D@xAXn@50vdEyx}$ab$ffb1&!jW-X9$bi^_>Z70XCI7b!1}2*9^F
z01Kl?<|p$PqP{{={%t+l&ipsdv)U|T(d#k3@Gb8Kq}+SV5pyW202A9t)!PCd^fopY
zf_@b4;SgG4`V0o03Vn0ujn?|mg8li_`(4cs`e*C1o5r8P7~7<=JiDDZW~$Q6;!tV_
zOzAOnO;<`$?cIgjXZgn+I@(1`74%hpXWeakyN5M*pPJwlAu!~*0X?Ewhd7&b%MeAe
zy_q+$opufyfv&t6Fy^Zud!>~x-^BG*!%MN7Dx;T!g?{>gPpZfhz#M+p+30k?t-q~@
z$xG*DK~ocMUbw0^Gygiy<`T%7#WG0UBE`@MTJbGblvf~o!8@$uy6tXTBaU<B`qAZm
z*!)iW<i0Yj8aig`S=E34xY&coA<Iq5W<~_*IIIrE;zz66DdG!ae}w#<(e>PH!@%$5
zA~$OoUw7r4I_k%gl_rXLWnct$7ZymR%3CEF?q+zbAUi!LTp$i<F2R7)W80Qr!1Tr~
zlJ;wFeRkNStfs_+heyQ1#g@%HK7oo$(lH&X9Qpv?>K%pavlITv`@*DRtA~yrR+GK1
zjlM79x<chdHy&}eux5$(I20Rbi;3HmZLTUe)_XV6f`B}VRHxG{G8#;LO@VyA&P(>4
z04xX3RHYBE2?PUZU@tjM(HW~?eXT<me5zRp`K71%n-sDNQ-!IlhQb70vlsT7wUZX?
z9oMF^8~ast-HlCDeK(L<n1#0Lnnvh+;okXo|9IW`uc9mVu>*qUk6?gZ&p_+{PCjSh
zY_vuT_T7j#vPad$Irsa5^Pg69>Kw2s<I~|jO!h^77YdX4i-orgm-1d~ZHWw4yI03|
zp5NhKkTYu3&nO$-%eSR4_e?g)Q(-tl;8fz;1$+=)TR?f;TdGXWPz{^q*z)wg>1bX?
z+KbRfYyuM+v!CK*&O6g<c(xR_t72HIrH>=+><^@&LDp;8fWsuTo*U7W;ny*_-n}yP
zN$j%bl&_^#SOZm4IuHqIH>WW|NmiX0VioP8Q`Y4J4zfKtli*tEKkbUzd=`ITrm9Ns
zVf?#Pl+Rts@1nN~psAey>7Mg{=I88K2pVFckhsAymZ1((cAyat9sUS8p8~Dr9<=V{
z{tm&b@6*-(ZWI4IR4{ns|GWK_pXA78vB$=fSNXCITY$u$-QXd9f7szIqceCKT*j}t
z8@ZzUF63M_(l5CBkB~wP$me&P!9POSOGkeEZlm#+y4CF9TCFITc*^ju;k)UYQF2R&
z+l10<Z5Dd@;=$|g--6!H$y^@ynCrU2S8AuRXWecoHi~v7@E`iZFet;(io7lR`q$L2
q0U!|G7zDZxyg(p&knP$(@heyVV<Y|lZomJNzdmP-9Nu#L`u=a30QEuu

literal 0
HcmV?d00001

diff --git a/docs/design/managed_identity_capabilities_devex.md b/docs/design/managed_identity_capabilities_devex.md
new file mode 100644
index 000000000..cc9931f2f
--- /dev/null
+++ b/docs/design/managed_identity_capabilities_devex.md
@@ -0,0 +1,117 @@
+# Microsoft.Identity.Web – Continuous Access Evaluation (CAE) for Managed Identity
+
+## Why Continuous Access Evaluation?
+
+Continuous Access Evaluation (CAE) lets Microsoft Entra ID revoke tokens or demand extra claims almost immediately when risk changes (user disabled, password reset, network change, policy update, etc.).
+
+A workload opts-in by sending the client-capability **`cp1`** when acquiring tokens. Entra then includes an **`xms_cc`** claim in the token so downstream Microsoft services know the caller can handle claims challenges.
+
+## What this spec adds to **Microsoft.Identity.Web**
+
+* **Declarative opt-in** – one configuration knob (`ClientCapabilities: [ "cp1" ]`).
+* **Transparent 401 recovery** – when a downstream Microsoft API responds with a 401+claims challenge, Id.Web automatically:
+  1. extracts the claims body;
+  2. bypasses its token cache;
+  3. requests a fresh token that satisfies the claims;
+  4. retries the HTTP call **once**.
+
+The goal is **zero-touch** for most developers.
+
+## Typical Flow (Managed Identity → Downstream API)
+
+```text
+1. Id.Web → MSI endpoint   : GET /token?resource=...&xms_cc=cp1    ──▶
+2. MSI  → ESTS             : request includes cp1              ──▶
+3. ESTS → Id.Web           : access_token (xms_cc claim present)    ◀──
+4. Id.Web → Downstream API : GET /resource  ⟶  200 OK               │
+5. Policy change occurs                                             │
+6. Id.Web → Downstream API : GET /resource  ⟶  401 + claims payload │
+7. Id.Web handles challenge (steps 1-4 again, bypassing msal cache)      ──▶
+```
+
+## Design Goals
+
+| #   | Goal                                                         | Success Metric                                           |
+|-----|--------------------------------------------------------------|----------------------------------------------------------|
+| G1  | Transparent CAE retry with cache-bypass on 401 claims challenge. | Downstream API call recovers without developer code.    |
+| G2  | Declarative client capabilities via configuration.           | Single place to add `cp1`; all MI calls include it.      |
+
+## Public API Impact
+
+no changes to the public api.
+
+## Configuration Example
+
+```
+{
+  "AzureAd": {
+    "ClientCapabilities": [ "cp1" ]
+  },
+
+  // Example downstream API definition (Contoso Storage API)
+  "ContosoStorage": {
+    "BaseUrl": "https://storage.contoso.com/",
+    "RelativePath": "data/records?api-version=1.0",
+    "RequestAppToken": true,
+    "Scopes": [ "https://storage.contoso.com/.default" ],
+    "AcquireTokenOptions": {
+      "ManagedIdentity": {
+        // optional – omit for system-assigned MI
+        "UserAssignedClientId": "<client-id>"
+      }
+    }
+  }
+}
+```
+
+> **Note** : The same configuration block works in *appsettings.json* or can be supplied programmatically.
+
+
+## Code Snippets
+
+### Registering & Calling a Downstream API
+
+```csharp
+// 1 – set up the TokenAcquirerFactory (test-helper shown for brevity)
+var factory = TokenAcquirerFactory.GetDefaultInstance();
+
+// 2 – register the downstream API using section "ContosoStorage"
+factory.Services.AddDownstreamApi("ContosoStorage",
+    factory.Configuration.GetSection("ContosoStorage"));
+
+IServiceProvider sp = factory.Build();
+IDownstreamApi api   = sp.GetRequiredService<IDownstreamApi>();
+
+// 3 – call the API (Id.Web handles CAE automatically)
+HttpResponseMessage resp = await api.CallApiForAppAsync("ContosoStorage");
+```
+
+### Using **IAuthorizationHeaderProvider** (advanced)
+
+`IAuthorizationHeaderProvider` is fully supported with Managed Identity. Claims challenges propagate the same way:
+
+```csharp
+var headerProvider = sp.GetRequiredService<IAuthorizationHeaderProvider>();
+string header = await headerProvider.CreateAuthorizationHeaderForAppAsync(
+    scope: "https://storage.contoso.com/.default",
+    options: new AuthorizationHeaderProviderOptions
+    {
+        AcquireTokenOptions = new AcquireTokenOptions
+        {
+            ManagedIdentity = new ManagedIdentityOptions(), // system-assigned MI
+            Claims = claimsChallengeJson // when retrying after 401
+        }
+    });
+```
+
+## Telemetry
+
+We rely on server side telemetry for the token revocation features.
+
+Server dashboards add MI success‑rate with/without cp1.
+
+## Options as seen in MSAL 
+
+![alt text](capab1.png)
+
+### reference - [How to use Continuous Access Evaluation enabled APIs in your applications](https://learn.microsoft.com/en-us/entra/identity-platform/app-resilience-continuous-access-evaluation?tabs=dotnet)
diff --git a/src/Microsoft.Identity.Web.TokenAcquisition/IManagedIdentityTestHttpClientFactory.cs b/src/Microsoft.Identity.Web.TokenAcquisition/IManagedIdentityTestHttpClientFactory.cs
new file mode 100644
index 000000000..14c4a0968
--- /dev/null
+++ b/src/Microsoft.Identity.Web.TokenAcquisition/IManagedIdentityTestHttpClientFactory.cs
@@ -0,0 +1,15 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+using Microsoft.Identity.Client;
+
+namespace Microsoft.Identity.Web
+{
+    /// <summary>
+    /// **TEST-ONLY.** Allows unit tests to supply a custom <see cref="IMsalHttpClientFactory"/>.
+    /// </summary>
+    internal interface IManagedIdentityTestHttpClientFactory
+    {
+        IMsalHttpClientFactory Create();
+    }
+}
diff --git a/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net462/InternalAPI.Unshipped.txt b/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net462/InternalAPI.Unshipped.txt
index 5dfd019d9..6770452ef 100644
--- a/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net462/InternalAPI.Unshipped.txt
+++ b/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net462/InternalAPI.Unshipped.txt
@@ -1 +1,3 @@
-const Microsoft.Identity.Web.IDWebErrorMessage.ExceptionAcquiringTokenForConfidentialClient = "IDW10501: Exception acquiring token for a confidential client: " -> string!
\ No newline at end of file
+const Microsoft.Identity.Web.IDWebErrorMessage.ExceptionAcquiringTokenForConfidentialClient = "IDW10501: Exception acquiring token for a confidential client: " -> string!
+Microsoft.Identity.Web.IManagedIdentityTestHttpClientFactory
+Microsoft.Identity.Web.IManagedIdentityTestHttpClientFactory.Create() -> Microsoft.Identity.Client.IMsalHttpClientFactory!
diff --git a/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net472/InternalAPI.Unshipped.txt b/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net472/InternalAPI.Unshipped.txt
index 5dfd019d9..6770452ef 100644
--- a/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net472/InternalAPI.Unshipped.txt
+++ b/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net472/InternalAPI.Unshipped.txt
@@ -1 +1,3 @@
-const Microsoft.Identity.Web.IDWebErrorMessage.ExceptionAcquiringTokenForConfidentialClient = "IDW10501: Exception acquiring token for a confidential client: " -> string!
\ No newline at end of file
+const Microsoft.Identity.Web.IDWebErrorMessage.ExceptionAcquiringTokenForConfidentialClient = "IDW10501: Exception acquiring token for a confidential client: " -> string!
+Microsoft.Identity.Web.IManagedIdentityTestHttpClientFactory
+Microsoft.Identity.Web.IManagedIdentityTestHttpClientFactory.Create() -> Microsoft.Identity.Client.IMsalHttpClientFactory!
diff --git a/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net6.0/InternalAPI.Unshipped.txt b/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net6.0/InternalAPI.Unshipped.txt
index 2c5e8d3a5..19d67d4ec 100644
--- a/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net6.0/InternalAPI.Unshipped.txt
+++ b/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net6.0/InternalAPI.Unshipped.txt
@@ -1,2 +1,4 @@
 const Microsoft.Identity.Web.IDWebErrorMessage.ExceptionAcquiringTokenForConfidentialClient = "IDW10501: Exception acquiring token for a confidential client: " -> string!
-Microsoft.Identity.Web.ClientInfoJsonContext
\ No newline at end of file
+Microsoft.Identity.Web.ClientInfoJsonContext
+Microsoft.Identity.Web.IManagedIdentityTestHttpClientFactory
+Microsoft.Identity.Web.IManagedIdentityTestHttpClientFactory.Create() -> Microsoft.Identity.Client.IMsalHttpClientFactory!
diff --git a/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net7.0/InternalAPI.Unshipped.txt b/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net7.0/InternalAPI.Unshipped.txt
index 2c5e8d3a5..19d67d4ec 100644
--- a/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net7.0/InternalAPI.Unshipped.txt
+++ b/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net7.0/InternalAPI.Unshipped.txt
@@ -1,2 +1,4 @@
 const Microsoft.Identity.Web.IDWebErrorMessage.ExceptionAcquiringTokenForConfidentialClient = "IDW10501: Exception acquiring token for a confidential client: " -> string!
-Microsoft.Identity.Web.ClientInfoJsonContext
\ No newline at end of file
+Microsoft.Identity.Web.ClientInfoJsonContext
+Microsoft.Identity.Web.IManagedIdentityTestHttpClientFactory
+Microsoft.Identity.Web.IManagedIdentityTestHttpClientFactory.Create() -> Microsoft.Identity.Client.IMsalHttpClientFactory!
diff --git a/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net8.0/InternalAPI.Unshipped.txt b/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net8.0/InternalAPI.Unshipped.txt
index 2c5e8d3a5..19d67d4ec 100644
--- a/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net8.0/InternalAPI.Unshipped.txt
+++ b/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net8.0/InternalAPI.Unshipped.txt
@@ -1,2 +1,4 @@
 const Microsoft.Identity.Web.IDWebErrorMessage.ExceptionAcquiringTokenForConfidentialClient = "IDW10501: Exception acquiring token for a confidential client: " -> string!
-Microsoft.Identity.Web.ClientInfoJsonContext
\ No newline at end of file
+Microsoft.Identity.Web.ClientInfoJsonContext
+Microsoft.Identity.Web.IManagedIdentityTestHttpClientFactory
+Microsoft.Identity.Web.IManagedIdentityTestHttpClientFactory.Create() -> Microsoft.Identity.Client.IMsalHttpClientFactory!
diff --git a/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net9.0/InternalAPI.Unshipped.txt b/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net9.0/InternalAPI.Unshipped.txt
index 2c5e8d3a5..19d67d4ec 100644
--- a/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net9.0/InternalAPI.Unshipped.txt
+++ b/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net9.0/InternalAPI.Unshipped.txt
@@ -1,2 +1,4 @@
 const Microsoft.Identity.Web.IDWebErrorMessage.ExceptionAcquiringTokenForConfidentialClient = "IDW10501: Exception acquiring token for a confidential client: " -> string!
-Microsoft.Identity.Web.ClientInfoJsonContext
\ No newline at end of file
+Microsoft.Identity.Web.ClientInfoJsonContext
+Microsoft.Identity.Web.IManagedIdentityTestHttpClientFactory
+Microsoft.Identity.Web.IManagedIdentityTestHttpClientFactory.Create() -> Microsoft.Identity.Client.IMsalHttpClientFactory!
diff --git a/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/netstandard2.0/InternalAPI.Unshipped.txt b/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/netstandard2.0/InternalAPI.Unshipped.txt
index 5dfd019d9..6770452ef 100644
--- a/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/netstandard2.0/InternalAPI.Unshipped.txt
+++ b/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/netstandard2.0/InternalAPI.Unshipped.txt
@@ -1 +1,3 @@
-const Microsoft.Identity.Web.IDWebErrorMessage.ExceptionAcquiringTokenForConfidentialClient = "IDW10501: Exception acquiring token for a confidential client: " -> string!
\ No newline at end of file
+const Microsoft.Identity.Web.IDWebErrorMessage.ExceptionAcquiringTokenForConfidentialClient = "IDW10501: Exception acquiring token for a confidential client: " -> string!
+Microsoft.Identity.Web.IManagedIdentityTestHttpClientFactory
+Microsoft.Identity.Web.IManagedIdentityTestHttpClientFactory.Create() -> Microsoft.Identity.Client.IMsalHttpClientFactory!
diff --git a/src/Microsoft.Identity.Web.TokenAcquisition/TokenAcquisition.ManagedIdentity.cs b/src/Microsoft.Identity.Web.TokenAcquisition/TokenAcquisition.ManagedIdentity.cs
index e22e7589c..7b07452dc 100644
--- a/src/Microsoft.Identity.Web.TokenAcquisition/TokenAcquisition.ManagedIdentity.cs
+++ b/src/Microsoft.Identity.Web.TokenAcquisition/TokenAcquisition.ManagedIdentity.cs
@@ -2,6 +2,8 @@
 // Licensed under the MIT License.
 
 using System.Collections.Concurrent;
+using System.Collections.Generic;
+using System.Linq;
 using System.Threading;
 using System.Threading.Tasks;
 using Microsoft.Identity.Abstractions;
@@ -19,6 +21,7 @@ internal partial class TokenAcquisition
         private readonly ConcurrentDictionary<string, IManagedIdentityApplication> _managedIdentityApplicationsByClientId = new();
         private readonly SemaphoreSlim _managedIdSemaphore = new(1, 1);
         private const string SystemAssignedManagedIdentityKey = "SYSTEM";
+        private readonly IManagedIdentityTestHttpClientFactory? _miHttpFactory;
 
         /// <summary>
         /// Gets a cached ManagedIdentityApplication object or builds a new one if not found.
@@ -62,6 +65,7 @@ internal async Task<IManagedIdentityApplication> GetOrBuildManagedIdentityApplic
                 // Build the application
                 application = BuildManagedIdentityApplication(
                     managedIdentityId,
+                    mergedOptions.ClientCapabilities,
                     mergedOptions.ConfidentialClientApplicationOptions.EnablePiiLogging
                 );
 
@@ -80,17 +84,33 @@ internal async Task<IManagedIdentityApplication> GetOrBuildManagedIdentityApplic
         /// Creates a managed identity client application.
         /// </summary>
         /// <param name="managedIdentityId">Indicates if system-assigned or user-assigned managed identity is used.</param>
+        /// <param name="capabilities">Indicates the capabilities of the managed identity application.</param>
         /// <param name="enablePiiLogging">Indicates if logging that may contain personally identifiable information is enabled.</param>
         /// <returns>A managed identity application.</returns>
-        private IManagedIdentityApplication BuildManagedIdentityApplication(ManagedIdentityId managedIdentityId, bool enablePiiLogging)
+        private IManagedIdentityApplication BuildManagedIdentityApplication(
+            ManagedIdentityId managedIdentityId,
+            IEnumerable<string>? capabilities,
+            bool enablePiiLogging)
         {
-            return ManagedIdentityApplicationBuilder
+            ManagedIdentityApplicationBuilder miBuilder = ManagedIdentityApplicationBuilder
                 .Create(managedIdentityId)
                 .WithLogging(
                     Log,
                     ConvertMicrosoftExtensionsLogLevelToMsal(_logger),
-                    enablePiiLogging: enablePiiLogging)
-                .Build();
+                    enablePiiLogging: enablePiiLogging);
+
+            if (capabilities?.Any() == true)
+            {
+                miBuilder.WithClientCapabilities(capabilities);
+            }
+
+            if (_miHttpFactory != null)
+            {
+                miBuilder.WithHttpClientFactory(_miHttpFactory.Create());
+            }
+
+            return miBuilder.Build();
+
         }
 
         /// <summary>
diff --git a/src/Microsoft.Identity.Web.TokenAcquisition/TokenAcquisition.cs b/src/Microsoft.Identity.Web.TokenAcquisition/TokenAcquisition.cs
index 9b45a442f..e66a1d296 100644
--- a/src/Microsoft.Identity.Web.TokenAcquisition/TokenAcquisition.cs
+++ b/src/Microsoft.Identity.Web.TokenAcquisition/TokenAcquisition.cs
@@ -108,6 +108,7 @@ public TokenAcquisition(
             _credentialsLoader = credentialsLoader;
             _certificatesObserver = serviceProvider.GetService<ICertificatesObserver>();
             tokenAcquisitionExtensionOptionsMonitor = serviceProvider.GetService<IOptionsMonitor<TokenAcquisitionExtensionOptions>>();
+            _miHttpFactory = serviceProvider.GetService<IManagedIdentityTestHttpClientFactory>();
         }
 
 #if NET6_0_OR_GREATER
@@ -499,7 +500,15 @@ public async Task<AuthenticationResult> GetAuthenticationResultForAppAsync(
                         mergedOptions,
                         tokenAcquisitionOptions.ManagedIdentity
                     );
-                    return await managedIdApp.AcquireTokenForManagedIdentity(scope).ExecuteAsync().ConfigureAwait(false);
+
+                    var miBuilder = managedIdApp.AcquireTokenForManagedIdentity(scope);
+
+                    if (!string.IsNullOrEmpty(tokenAcquisitionOptions.Claims))
+                    {
+                        miBuilder.WithClaims(tokenAcquisitionOptions.Claims);
+                    }
+
+                    return await miBuilder.ExecuteAsync().ConfigureAwait(false);
                 }
                 catch (Exception ex)
                 {
diff --git a/tests/DevApps/daemon-app/daemon-app-msi/Program.cs b/tests/DevApps/daemon-app/daemon-app-msi/Program.cs
new file mode 100644
index 000000000..0733e48c4
--- /dev/null
+++ b/tests/DevApps/daemon-app/daemon-app-msi/Program.cs
@@ -0,0 +1,50 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.Logging;
+using Microsoft.Identity.Abstractions;
+using Microsoft.Identity.Web;
+using System.Net;
+using System.Text.Json;
+
+// ── 1. bootstrap factory (reads appsettings.json automatically) ─────────
+var factory = TokenAcquirerFactory.GetDefaultInstance();
+
+// optional console logging
+factory.Services.AddLogging(b => b.AddConsole().SetMinimumLevel(LogLevel.Warning));
+
+// ── 2. register the downstream API using the "AzureKeyVault" section ────
+factory.Services.AddDownstreamApi("AzureKeyVault",
+    factory.Configuration.GetSection("AzureKeyVault"));
+IServiceProvider sp = factory.Build();
+IDownstreamApi api = sp.GetRequiredService<IDownstreamApi>();
+
+// ── 3. call the vault (app-token path) ──────────────────────────────────
+HttpResponseMessage response = await api.CallApiForAppAsync("AzureKeyVault");
+
+if (response.StatusCode != HttpStatusCode.OK)
+{
+    Console.WriteLine($"Vault returned {(int)response.StatusCode} {response.ReasonPhrase}");
+    return;
+}
+
+//Get the secret value from the response
+using var doc = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
+
+// Check if the "value" property exists and is a string
+if (doc.RootElement.TryGetProperty("value", out var valueElement) && valueElement.ValueKind == JsonValueKind.String)
+{
+    // Retrieve the secret value but do not print it
+    string secret = valueElement.GetString()!;
+
+    // Optionally, you can check if the secret is not null or empty
+    if (!string.IsNullOrEmpty(secret))
+    {
+        Console.WriteLine("Secret retrieved successfully (non-null).");
+    }
+    else
+    {
+        Console.WriteLine("Secret value was empty.");
+    }
+}
diff --git a/tests/DevApps/daemon-app/daemon-app-msi/appsettings.json b/tests/DevApps/daemon-app/daemon-app-msi/appsettings.json
new file mode 100644
index 000000000..8b9a0c86a
--- /dev/null
+++ b/tests/DevApps/daemon-app/daemon-app-msi/appsettings.json
@@ -0,0 +1,29 @@
+{
+    // authentication settings (apply to the whole app)
+    "AzureAd": {
+        // Continuous Access Evaluation capability at app-level
+        "ClientCapabilities": [ "cp1" ]
+    },
+
+    // downstream API settings (per-resource)
+    "AzureKeyVault": {
+        "BaseUrl": "https://msidlabs.vault.azure.net/",
+        "RelativePath": "secrets/msidlab4?api-version=7.4",
+        "RequestAppToken": true,
+        "Scopes": [ "https://vault.azure.net/.default" ],
+        // per request settings
+        "AcquireTokenOptions": {
+            "ManagedIdentity": {
+                // user-assigned MI; omit for system-assigned
+                "UserAssignedClientId": "4b7a4b0b-ecb2-409e-879a-1e21a15ddaf6"
+            }
+        }
+    },
+
+    "Logging": {
+        "LogLevel": {
+            "Default": "Warning",
+            "Microsoft": "Information"
+        }
+    }
+}
diff --git a/tests/DevApps/daemon-app/daemon-app-msi/daemon-app-msi.csproj b/tests/DevApps/daemon-app/daemon-app-msi/daemon-app-msi.csproj
new file mode 100644
index 000000000..36e7e2b3f
--- /dev/null
+++ b/tests/DevApps/daemon-app/daemon-app-msi/daemon-app-msi.csproj
@@ -0,0 +1,29 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <OutputType>Exe</OutputType>
+    <TargetFrameworks>net8.0</TargetFrameworks>
+    <RootNamespace>Daemon_app</RootNamespace>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <Nullable>enable</Nullable>
+    <LangVersion>13</LangVersion>
+    <IsPackable>false</IsPackable>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <PackageReference Include="Newtonsoft.Json" Version="13.0.1" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <ProjectReference Include="..\..\..\..\src\Microsoft.Identity.Web.DownstreamApi\Microsoft.Identity.Web.DownstreamApi.csproj" />
+    <ProjectReference Include="..\..\..\..\src\Microsoft.Identity.Web.GraphServiceClient\Microsoft.Identity.Web.GraphServiceClient.csproj" />
+    <ProjectReference Include="..\..\..\..\src\Microsoft.Identity.Web.TokenAcquisition\Microsoft.Identity.Web.TokenAcquisition.csproj" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <None Update="appsettings.json">
+      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+    </None>
+  </ItemGroup>
+
+</Project>
diff --git a/tests/DevApps/daemon-app/daemon-app-msi/readme.md b/tests/DevApps/daemon-app/daemon-app-msi/readme.md
new file mode 100644
index 000000000..592c12d45
--- /dev/null
+++ b/tests/DevApps/daemon-app/daemon-app-msi/readme.md
@@ -0,0 +1,48 @@
+# VM-Hosted Key Vault Secret Retriever
+
+Tiny console app that runs **inside an Azure VM** configured with a **User-Assigned Managed Identity (UAMI)**.  
+Its only job is to fetch **Secret** from an Azure Key Vault section in *appsettings.json*.
+
+---
+
+## 1. Prerequisites
+
+| Requirement | Notes |
+|-------------|-------|
+| Azure VM     | Any OS; the UAMI must be **assigned** to the VM. |
+| User-Assigned Managed Identity | Needs ** `Get`** permission on the Key Vault’s **Secrets**. |
+| Key Vault    | Secret named `secret` (or whatever your *AzureKeyVault* section points to). |
+| .NET 8 SDK   | Build / run the app locally or on the VM. |
+| *appsettings.json* | Contains an `AzureKeyVault` block with `BaseUrl`, `RelativePath`, etc. |
+
+> 💡 **Least privilege**: grant the UAMI only the `secrets/get` permission.
+
+---
+
+## 2. How the Code Works
+
+```txt
+┌─────────────┐    1. TokenAcquirerFactory auto-binds
+│ appsettings │─── to Azure credentials (UAMI) on the VM.
+└─────────────┘
+        │
+        ▼
+┌────────────────────┐   2. Register “AzureKeyVault” downstream API
+│  DI Service graph  │── using the config section.
+└────────────────────┘
+        │
+        ▼
+┌───────────────────────┐
+│  IDownstreamApi.Call  │ 3. GET {vault-url}/secrets/secret?api-version=7.4
+└───────────────────────┘
+        │
+        ▼
+┌───────────────────────┐
+│  HttpResponseMessage  │ 4. Parse JSON; extract `value`.
+└───────────────────────┘
+        │
+        ▼
+┌───────────────────────┐
+│  Console logging      │ 5. Log *success*.
+└───────────────────────┘
+```
diff --git a/tests/Microsoft.Identity.Web.Test.Common/Mocks/MockHttpCreator.cs b/tests/Microsoft.Identity.Web.Test.Common/Mocks/MockHttpCreator.cs
index 19918c8d3..38ee3ebc9 100644
--- a/tests/Microsoft.Identity.Web.Test.Common/Mocks/MockHttpCreator.cs
+++ b/tests/Microsoft.Identity.Web.Test.Common/Mocks/MockHttpCreator.cs
@@ -1,7 +1,9 @@
 // Copyright (c) Microsoft Corporation. All rights reserved.
 // Licensed under the MIT License.
 
+using System;
 using System.Collections.Generic;
+using System.Globalization;
 using System.Net;
 using System.Net.Http;
 using Microsoft.Identity.Web.Util;
@@ -71,5 +73,31 @@ public static MockHttpMessageHandler CreateHandlerToValidatePostData(
                 ResponseMessage = CreateSuccessfulClientCredentialTokenResponseMessage(),
             };
         }
+
+        public static MockHttpMessageHandler CreateMsiTokenHandler(
+            string accessToken,
+            string resource = "https://management.azure.com/",
+            int expiresIn = 3599)
+        {
+            string expiresOn = DateTimeOffset.UtcNow
+                               .AddSeconds(expiresIn)
+                               .ToUnixTimeSeconds()
+                               .ToString(CultureInfo.InvariantCulture);
+
+            string json = $@"{{
+              ""access_token"": ""{accessToken}"",
+              ""expires_in""  : ""{expiresIn}"",
+              ""expires_on""  : ""{expiresOn}"",
+              ""resource""    : ""{resource}"",
+              ""token_type""  : ""Bearer"",
+              ""client_id""   : ""client_id""
+            }}";
+
+            return new MockHttpMessageHandler
+            {
+                ExpectedMethod = HttpMethod.Get,
+                ResponseMessage = CreateSuccessResponseMessage(json)
+            };
+        }
     }
 }
diff --git a/tests/Microsoft.Identity.Web.Test/FmiTests.cs b/tests/Microsoft.Identity.Web.Test/FmiTests.cs
index f40a20ec9..b79083566 100644
--- a/tests/Microsoft.Identity.Web.Test/FmiTests.cs
+++ b/tests/Microsoft.Identity.Web.Test/FmiTests.cs
@@ -13,6 +13,7 @@
 
 namespace Microsoft.Identity.Web.Test
 {
+    [Collection("Run tests - serial")]
     public class FmiTests
     {
         [Fact]
diff --git a/tests/Microsoft.Identity.Web.Test/ManagedIdentityCaeTests.cs b/tests/Microsoft.Identity.Web.Test/ManagedIdentityCaeTests.cs
new file mode 100644
index 000000000..6ea9ee5b5
--- /dev/null
+++ b/tests/Microsoft.Identity.Web.Test/ManagedIdentityCaeTests.cs
@@ -0,0 +1,288 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+using System.Threading.Tasks;
+using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Identity.Abstractions;
+using Microsoft.Identity.Client;
+using Microsoft.Identity.Web.Test.Common.Mocks;
+using Microsoft.Identity.Web.TestOnly;
+using Xunit;
+using Microsoft.Identity.Web.Test;
+using NSubstitute;
+using System.Collections.Generic;
+using System.Net.Http;
+using System.Net;
+using System.Text;
+using System.Security.Claims;
+using System.Threading;
+using Microsoft.IdentityModel.Tokens;
+
+namespace Microsoft.Identity.Web.Tests.Certificateless
+{
+    [Collection("Run tests - serial")]
+    public class ManagedIdentityTests
+    {
+        private const string Scope = "https://management.azure.com/.default";
+        private const string UamiClientId = "04ca4d6a-c720-4ba1-aa06-f6634b73fe7a";
+        private const string MockToken = "mocked.access.token";
+        private const string CaeClaims =
+            @"{""access_token"":{""nbf"":{""essential"":true,""value"":""1702682181""}}}";
+
+        private const string Downstream401Service = "Downstream401";
+        private const string FirstToken = "mocked.access.token-1";
+        private const string SecondToken = "mocked.access.token-2";
+        private const string VaultBaseUrl = "https://my-vault.vault.azure.net/";
+        private const string SecretPath = "secrets/mySecret";
+
+        private sealed record VaultSecret(string Value);
+
+        [Fact]
+        public async Task ManagedIdentity_ReturnsBearerHeader()
+        {
+            TokenAcquirerFactoryTesting.ResetTokenAcquirerFactoryInTest();
+            var factory = TokenAcquirerFactory.GetDefaultInstance();
+
+            var mockHttp = new MockHttpClientFactory();
+
+            mockHttp.AddMockHandler(
+                MockHttpCreator.CreateMsiTokenHandler(accessToken: MockToken));
+
+            // Add the mock handler to the DI container
+            factory.Services.AddSingleton<IManagedIdentityTestHttpClientFactory>(
+                _ => new TestManagedIdentityHttpFactory(mockHttp));
+
+            IAuthorizationHeaderProvider headerProvider = factory.Build()
+                                        .GetRequiredService<IAuthorizationHeaderProvider>();
+
+            // basic mi flow where we get a token
+            string header = await headerProvider.CreateAuthorizationHeaderForAppAsync(
+                                Scope,
+                                new AuthorizationHeaderProviderOptions
+                                {
+                                    AcquireTokenOptions = new AcquireTokenOptions
+                                    {
+                                        ManagedIdentity = new ManagedIdentityOptions { UserAssignedClientId = UamiClientId },
+                                    }
+                                });
+
+            Assert.Equal($"Bearer {MockToken}", header);
+        }
+
+        [Fact]
+        public async Task ManagedIdentity_WithClaims_HeaderBypassesCache()
+        {
+            // Arrange
+            TokenAcquirerFactoryTesting.ResetTokenAcquirerFactoryInTest();
+            var tokenAcquirerFactory = TokenAcquirerFactory.GetDefaultInstance();
+            var mockedHttp = new MockHttpClientFactory();
+
+            // token-1 will be cached, token-2 should be returned when claims force a bypass
+            mockedHttp.AddMockHandler(MockHttpCreator.CreateMsiTokenHandler("token1"));
+            mockedHttp.AddMockHandler(MockHttpCreator.CreateMsiTokenHandler("token2"));
+
+            tokenAcquirerFactory.Services.AddSingleton<IManagedIdentityTestHttpClientFactory>(
+                _ => new TestManagedIdentityHttpFactory(mockedHttp));
+
+            var headerProvider = tokenAcquirerFactory.Build()
+                                        .GetRequiredService<IAuthorizationHeaderProvider>();
+
+            // Initial call � no claims, token cached
+            string header1 = await headerProvider.CreateAuthorizationHeaderForAppAsync(
+                Scope,
+                new AuthorizationHeaderProviderOptions
+                {
+                    AcquireTokenOptions = new AcquireTokenOptions
+                    {
+                        ManagedIdentity = new ManagedIdentityOptions
+                        {
+                            UserAssignedClientId = "UamiClientId2"
+                        }
+                    }
+                });
+            Assert.Equal("Bearer token1", header1);
+
+            // Same UAMI with CAE claims � should bypass cache
+            string header2 = await headerProvider.CreateAuthorizationHeaderForAppAsync(
+                Scope,
+                new AuthorizationHeaderProviderOptions
+                {
+                    AcquireTokenOptions = new AcquireTokenOptions
+                    {
+                        ManagedIdentity = new ManagedIdentityOptions
+                        {
+                            UserAssignedClientId = "UamiClientId2"
+                        },
+                        Claims = CaeClaims
+                    }
+                });
+            Assert.Equal("Bearer token2", header2);
+        }
+
+        [Fact]
+        public async Task UserAssigned_MI_Caching_and_Claims()
+        {
+            // Arrange
+            TokenAcquirerFactoryTesting.ResetTokenAcquirerFactoryInTest();
+            var factory = TokenAcquirerFactory.GetDefaultInstance();
+            var mockHttp = new MockHttpClientFactory();
+
+            // a = token-1        b = cached token (i.e. token-1)
+            // c = token-2        d = token-3
+            mockHttp.AddMockHandler(MockHttpCreator.CreateMsiTokenHandler("token-1")); // a
+            mockHttp.AddMockHandler(MockHttpCreator.CreateMsiTokenHandler("token-2")); // c
+            mockHttp.AddMockHandler(MockHttpCreator.CreateMsiTokenHandler("token-3")); // d
+
+            factory.Services.AddSingleton<IManagedIdentityTestHttpClientFactory>(
+                _ => new TestManagedIdentityHttpFactory(mockHttp));
+
+            var provider = factory.Build();
+            var tokens = provider.GetRequiredService<ITokenAcquisition>();
+
+            // helper
+            static TokenAcquisitionOptions Uami(string id, string? claims = null) => new()
+            {
+                ManagedIdentity = new ManagedIdentityOptions { UserAssignedClientId = id },
+                Claims = claims
+            };
+
+            // scenario a : first call directed to IdP for uamiA
+            var r1 = await tokens.GetAuthenticationResultForAppAsync(
+                         Scope, tokenAcquisitionOptions: Uami("uamiA"));
+            Assert.Equal(TokenSource.IdentityProvider, r1.AuthenticationResultMetadata.TokenSource);
+            Assert.Equal("token-1", r1.AccessToken);
+
+            // scenario b : same uamiA and no claims gets a cached token
+            var r2 = await tokens.GetAuthenticationResultForAppAsync(
+                         Scope, tokenAcquisitionOptions: Uami("uamiA"));
+            Assert.Equal(TokenSource.Cache, r2.AuthenticationResultMetadata.TokenSource);
+            Assert.Equal("token-1", r2.AccessToken);
+
+            // scenario c : same uamiA + CAE claims gets a token from IdP (bypasses cache)
+            var r3 = await tokens.GetAuthenticationResultForAppAsync(
+                         Scope, tokenAcquisitionOptions: Uami("uamiA", CaeClaims));
+            Assert.Equal(TokenSource.IdentityProvider, r3.AuthenticationResultMetadata.TokenSource);
+            Assert.Equal("token-2", r3.AccessToken);
+
+            // scenario d : different UAMI (say uamiB) gets a token from IdP
+            var r4 = await tokens.GetAuthenticationResultForAppAsync(
+                         Scope, tokenAcquisitionOptions: Uami("uamiB"));
+            Assert.Equal(TokenSource.IdentityProvider, r4.AuthenticationResultMetadata.TokenSource);
+            Assert.Equal("token-3", r4.AccessToken);
+        }
+
+        [Fact]
+        public async Task SystemAssigned_MSI_Forwards_ClientCapabilities_InQuery()
+        {
+            // Arrange
+            TokenAcquirerFactoryTesting.ResetTokenAcquirerFactoryInTest();
+            var factory = TokenAcquirerFactory.GetDefaultInstance();
+
+            // Mock IMDS/MSI: returns a 200 with "access_token" and records the request
+            var captureHandler = MockHttpCreator.CreateMsiTokenHandler(MockToken);
+
+            var mockHttp = new MockHttpClientFactory();
+            mockHttp.AddMockHandler(captureHandler);
+            factory.Services.AddSingleton<IManagedIdentityTestHttpClientFactory>(
+                _ => new TestManagedIdentityHttpFactory(mockHttp));
+
+            // Enable capabilities cp1,cp2
+            factory.Services.Configure<MicrosoftIdentityApplicationOptions>(opts =>
+                opts.ClientCapabilities = ["cp1", "cp2"]);
+
+            var tokenAcquirer = factory.Build()
+                                       .GetRequiredService<ITokenAcquisition>();
+
+            // Act 
+            var result = await tokenAcquirer.GetAuthenticationResultForAppAsync(
+                             Scope,
+                             tokenAcquisitionOptions: new TokenAcquisitionOptions
+                             {
+                                 ManagedIdentity = new ManagedIdentityOptions(), // system-assigned
+                                 Claims = CaeClaims
+                             });
+
+            // Assert
+            Assert.Equal(MockToken, result.AccessToken);
+
+            // Assert - outbound GET includes xms_cc=cp1%2Ccp2
+            // This check can be enabled when MSAL enables cae
+            //string query = captureHandler.ActualRequestMessage!.RequestUri!.Query;
+            //Assert.Contains("xms_cc=cp1%2Ccp2", query, StringComparison.OrdinalIgnoreCase);
+        }
+
+        [Fact]
+        public async Task DownstreamApi_401Claims_TriggersSingleRetry_AndSucceeds()
+        {
+            // challenge JSON 
+            string challengeB64 = Base64UrlEncoder.Encode(
+                                      Encoding.UTF8.GetBytes(CaeClaims));
+
+            // authProvider mock 
+            var authProvider = Substitute.For<IAuthorizationHeaderProvider>();
+            DownstreamApiOptions? capturedOpts = null;
+
+            authProvider.CreateAuthorizationHeaderAsync(
+                    Arg.Any<IEnumerable<string>>(),
+                    Arg.Do<DownstreamApiOptions>(o => capturedOpts = o),
+                    Arg.Any<ClaimsPrincipal?>(),
+                    Arg.Any<CancellationToken>())
+                .Returns(ci => $"Bearer {FirstToken}",
+                         ci => $"Bearer {SecondToken}");
+
+            // queue handler: 401 w/ claims - 200 OK
+            // Id Web will single retry the request on 401
+            var queue = new QueueHttpMessageHandler();
+
+            // 401 response with claims
+            var r401 = new HttpResponseMessage(HttpStatusCode.Unauthorized);
+
+            // add the claims challenge with error in the header
+            r401.Headers.WwwAuthenticate.ParseAdd(
+                $"Bearer realm=\"\", error=\"insufficient_claims\", " +
+                $"error_description=\"token requires claims\", " +
+                $"claims=\"{challengeB64}\"");
+            queue.AddHttpResponseMessage(r401);
+
+            queue.AddHttpResponseMessage(new HttpResponseMessage(HttpStatusCode.OK)
+            {
+                Content = new StringContent("{ \"value\": \"MockSecretValue\" }",
+                                            Encoding.UTF8, "application/json")
+            });
+
+            // DI container
+            var services = new ServiceCollection();
+            services.AddHttpClient(Downstream401Service)
+                    .ConfigurePrimaryHttpMessageHandler(() => queue);
+            services.AddLogging();
+            services.AddTokenAcquisition();
+            services.AddSingleton(authProvider);
+
+            services.AddDownstreamApi(Downstream401Service, opts =>
+            {
+                opts.BaseUrl = VaultBaseUrl;
+                opts.RelativePath = SecretPath;
+                opts.RequestAppToken = true;
+                opts.Scopes = [Scope];
+            });
+
+            var sp = services.BuildServiceProvider();
+            var api = sp.GetRequiredService<IDownstreamApi>();
+
+            //  ACT 
+            VaultSecret? secret = await api.GetForAppAsync<VaultSecret>(Downstream401Service);
+
+            // ASSERT
+            Assert.NotNull(secret);
+            Assert.Equal("MockSecretValue", secret!.Value);             // retry succeeded
+
+            await authProvider.Received(2).CreateAuthorizationHeaderAsync(
+                Arg.Any<IEnumerable<string>>(),
+                Arg.Any<DownstreamApiOptions>(),
+                Arg.Any<ClaimsPrincipal?>(),
+                Arg.Any<CancellationToken>());                           // called twice
+
+            Assert.Equal(challengeB64, capturedOpts!.AcquireTokenOptions.Claims);
+        }
+    }
+}
diff --git a/tests/Microsoft.Identity.Web.Test/TestManagedIdentityHttpFactory.cs b/tests/Microsoft.Identity.Web.Test/TestManagedIdentityHttpFactory.cs
new file mode 100644
index 000000000..c6ce6a0f2
--- /dev/null
+++ b/tests/Microsoft.Identity.Web.Test/TestManagedIdentityHttpFactory.cs
@@ -0,0 +1,15 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+using Microsoft.Identity.Client;
+
+namespace Microsoft.Identity.Web.Test
+{
+    internal sealed class TestManagedIdentityHttpFactory : IManagedIdentityTestHttpClientFactory
+    {
+        private readonly IMsalHttpClientFactory _msalHttpClientFactory;
+        public TestManagedIdentityHttpFactory(IMsalHttpClientFactory msalHttpClientFactory)
+            => _msalHttpClientFactory = msalHttpClientFactory;
+        public IMsalHttpClientFactory Create() => _msalHttpClientFactory;
+    }
+}
diff --git a/tests/Microsoft.Identity.Web.Test/TokenAcquirerCollection.cs b/tests/Microsoft.Identity.Web.Test/TokenAcquirerCollection.cs
new file mode 100644
index 000000000..3cdc7b182
--- /dev/null
+++ b/tests/Microsoft.Identity.Web.Test/TokenAcquirerCollection.cs
@@ -0,0 +1,23 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+using Xunit;
+
+namespace Microsoft.Identity.Web.Tests
+{
+    /// <summary>
+    /// Disables parallel execution for every test-class that
+    /// is decorated with [Collection("Run tests - serial")].
+    /// NOTE: tests that rely on TokenAcquirerFactory / TokenAcquisition (and the
+    /// IMsalHttpClientFactory mocks they spin-up) share several static / singleton
+    /// caches.  If xUnit runs them in parallel those shared objects collide and the
+    /// mocks return the wrong handler, producing flaky failures.  Putting them all
+    /// in this “serial” collection forces xUnit to execute them one-by-one.
+    /// Be cautious: only include tests that really need this, as this will impact
+    /// the overall test suite running time
+    /// </summary>
+    [CollectionDefinition("Run tests - serial", DisableParallelization = true)]
+    public sealed class TokenAcquirerCollection : ICollectionFixture<object>
+    {
+    }
+}

From c3562a388a95b054c3c091dd45dd6711fbfe7594 Mon Sep 17 00:00:00 2001
From: Gladwin Johnson <gljohns@microsoft.com>
Date: Wed, 4 Jun 2025 14:33:42 -0700
Subject: [PATCH 2/2] pr comments

---
 .../IManagedIdentityTestHttpClientFactory.cs  |  2 +-
 .../net462/InternalAPI.Unshipped.txt          |  4 +--
 .../net472/InternalAPI.Unshipped.txt          |  4 +--
 .../net6.0/InternalAPI.Unshipped.txt          |  4 +--
 .../net7.0/InternalAPI.Unshipped.txt          |  4 +--
 .../net8.0/InternalAPI.Unshipped.txt          |  4 +--
 .../net9.0/InternalAPI.Unshipped.txt          |  4 +--
 .../netstandard2.0/InternalAPI.Unshipped.txt  |  4 +--
 .../TokenAcquisition.ManagedIdentity.cs       |  1 +
 .../TokenAcquisition.cs                       |  1 +
 .../daemon-app/daemon-app-msi/readme.md       | 32 ++++---------------
 .../TestManagedIdentityHttpFactory.cs         |  1 +
 12 files changed, 25 insertions(+), 40 deletions(-)

diff --git a/src/Microsoft.Identity.Web.TokenAcquisition/IManagedIdentityTestHttpClientFactory.cs b/src/Microsoft.Identity.Web.TokenAcquisition/IManagedIdentityTestHttpClientFactory.cs
index 14c4a0968..33b6f4f04 100644
--- a/src/Microsoft.Identity.Web.TokenAcquisition/IManagedIdentityTestHttpClientFactory.cs
+++ b/src/Microsoft.Identity.Web.TokenAcquisition/IManagedIdentityTestHttpClientFactory.cs
@@ -3,7 +3,7 @@
 
 using Microsoft.Identity.Client;
 
-namespace Microsoft.Identity.Web
+namespace Microsoft.Identity.Web.TestOnly
 {
     /// <summary>
     /// **TEST-ONLY.** Allows unit tests to supply a custom <see cref="IMsalHttpClientFactory"/>.
diff --git a/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net462/InternalAPI.Unshipped.txt b/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net462/InternalAPI.Unshipped.txt
index 6770452ef..d83645276 100644
--- a/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net462/InternalAPI.Unshipped.txt
+++ b/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net462/InternalAPI.Unshipped.txt
@@ -1,3 +1,3 @@
 const Microsoft.Identity.Web.IDWebErrorMessage.ExceptionAcquiringTokenForConfidentialClient = "IDW10501: Exception acquiring token for a confidential client: " -> string!
-Microsoft.Identity.Web.IManagedIdentityTestHttpClientFactory
-Microsoft.Identity.Web.IManagedIdentityTestHttpClientFactory.Create() -> Microsoft.Identity.Client.IMsalHttpClientFactory!
+Microsoft.Identity.Web.TestOnly.IManagedIdentityTestHttpClientFactory
+Microsoft.Identity.Web.TestOnly.IManagedIdentityTestHttpClientFactory.Create() -> Microsoft.Identity.Client.IMsalHttpClientFactory!
diff --git a/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net472/InternalAPI.Unshipped.txt b/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net472/InternalAPI.Unshipped.txt
index 6770452ef..d83645276 100644
--- a/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net472/InternalAPI.Unshipped.txt
+++ b/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net472/InternalAPI.Unshipped.txt
@@ -1,3 +1,3 @@
 const Microsoft.Identity.Web.IDWebErrorMessage.ExceptionAcquiringTokenForConfidentialClient = "IDW10501: Exception acquiring token for a confidential client: " -> string!
-Microsoft.Identity.Web.IManagedIdentityTestHttpClientFactory
-Microsoft.Identity.Web.IManagedIdentityTestHttpClientFactory.Create() -> Microsoft.Identity.Client.IMsalHttpClientFactory!
+Microsoft.Identity.Web.TestOnly.IManagedIdentityTestHttpClientFactory
+Microsoft.Identity.Web.TestOnly.IManagedIdentityTestHttpClientFactory.Create() -> Microsoft.Identity.Client.IMsalHttpClientFactory!
diff --git a/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net6.0/InternalAPI.Unshipped.txt b/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net6.0/InternalAPI.Unshipped.txt
index 19d67d4ec..25f816d66 100644
--- a/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net6.0/InternalAPI.Unshipped.txt
+++ b/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net6.0/InternalAPI.Unshipped.txt
@@ -1,4 +1,4 @@
 const Microsoft.Identity.Web.IDWebErrorMessage.ExceptionAcquiringTokenForConfidentialClient = "IDW10501: Exception acquiring token for a confidential client: " -> string!
 Microsoft.Identity.Web.ClientInfoJsonContext
-Microsoft.Identity.Web.IManagedIdentityTestHttpClientFactory
-Microsoft.Identity.Web.IManagedIdentityTestHttpClientFactory.Create() -> Microsoft.Identity.Client.IMsalHttpClientFactory!
+Microsoft.Identity.Web.TestOnly.IManagedIdentityTestHttpClientFactory
+Microsoft.Identity.Web.TestOnly.IManagedIdentityTestHttpClientFactory.Create() -> Microsoft.Identity.Client.IMsalHttpClientFactory!
diff --git a/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net7.0/InternalAPI.Unshipped.txt b/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net7.0/InternalAPI.Unshipped.txt
index 19d67d4ec..25f816d66 100644
--- a/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net7.0/InternalAPI.Unshipped.txt
+++ b/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net7.0/InternalAPI.Unshipped.txt
@@ -1,4 +1,4 @@
 const Microsoft.Identity.Web.IDWebErrorMessage.ExceptionAcquiringTokenForConfidentialClient = "IDW10501: Exception acquiring token for a confidential client: " -> string!
 Microsoft.Identity.Web.ClientInfoJsonContext
-Microsoft.Identity.Web.IManagedIdentityTestHttpClientFactory
-Microsoft.Identity.Web.IManagedIdentityTestHttpClientFactory.Create() -> Microsoft.Identity.Client.IMsalHttpClientFactory!
+Microsoft.Identity.Web.TestOnly.IManagedIdentityTestHttpClientFactory
+Microsoft.Identity.Web.TestOnly.IManagedIdentityTestHttpClientFactory.Create() -> Microsoft.Identity.Client.IMsalHttpClientFactory!
diff --git a/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net8.0/InternalAPI.Unshipped.txt b/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net8.0/InternalAPI.Unshipped.txt
index 19d67d4ec..25f816d66 100644
--- a/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net8.0/InternalAPI.Unshipped.txt
+++ b/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net8.0/InternalAPI.Unshipped.txt
@@ -1,4 +1,4 @@
 const Microsoft.Identity.Web.IDWebErrorMessage.ExceptionAcquiringTokenForConfidentialClient = "IDW10501: Exception acquiring token for a confidential client: " -> string!
 Microsoft.Identity.Web.ClientInfoJsonContext
-Microsoft.Identity.Web.IManagedIdentityTestHttpClientFactory
-Microsoft.Identity.Web.IManagedIdentityTestHttpClientFactory.Create() -> Microsoft.Identity.Client.IMsalHttpClientFactory!
+Microsoft.Identity.Web.TestOnly.IManagedIdentityTestHttpClientFactory
+Microsoft.Identity.Web.TestOnly.IManagedIdentityTestHttpClientFactory.Create() -> Microsoft.Identity.Client.IMsalHttpClientFactory!
diff --git a/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net9.0/InternalAPI.Unshipped.txt b/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net9.0/InternalAPI.Unshipped.txt
index 19d67d4ec..25f816d66 100644
--- a/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net9.0/InternalAPI.Unshipped.txt
+++ b/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/net9.0/InternalAPI.Unshipped.txt
@@ -1,4 +1,4 @@
 const Microsoft.Identity.Web.IDWebErrorMessage.ExceptionAcquiringTokenForConfidentialClient = "IDW10501: Exception acquiring token for a confidential client: " -> string!
 Microsoft.Identity.Web.ClientInfoJsonContext
-Microsoft.Identity.Web.IManagedIdentityTestHttpClientFactory
-Microsoft.Identity.Web.IManagedIdentityTestHttpClientFactory.Create() -> Microsoft.Identity.Client.IMsalHttpClientFactory!
+Microsoft.Identity.Web.TestOnly.IManagedIdentityTestHttpClientFactory
+Microsoft.Identity.Web.TestOnly.IManagedIdentityTestHttpClientFactory.Create() -> Microsoft.Identity.Client.IMsalHttpClientFactory!
diff --git a/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/netstandard2.0/InternalAPI.Unshipped.txt b/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/netstandard2.0/InternalAPI.Unshipped.txt
index 6770452ef..d83645276 100644
--- a/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/netstandard2.0/InternalAPI.Unshipped.txt
+++ b/src/Microsoft.Identity.Web.TokenAcquisition/PublicAPI/netstandard2.0/InternalAPI.Unshipped.txt
@@ -1,3 +1,3 @@
 const Microsoft.Identity.Web.IDWebErrorMessage.ExceptionAcquiringTokenForConfidentialClient = "IDW10501: Exception acquiring token for a confidential client: " -> string!
-Microsoft.Identity.Web.IManagedIdentityTestHttpClientFactory
-Microsoft.Identity.Web.IManagedIdentityTestHttpClientFactory.Create() -> Microsoft.Identity.Client.IMsalHttpClientFactory!
+Microsoft.Identity.Web.TestOnly.IManagedIdentityTestHttpClientFactory
+Microsoft.Identity.Web.TestOnly.IManagedIdentityTestHttpClientFactory.Create() -> Microsoft.Identity.Client.IMsalHttpClientFactory!
diff --git a/src/Microsoft.Identity.Web.TokenAcquisition/TokenAcquisition.ManagedIdentity.cs b/src/Microsoft.Identity.Web.TokenAcquisition/TokenAcquisition.ManagedIdentity.cs
index 7b07452dc..02192cf8d 100644
--- a/src/Microsoft.Identity.Web.TokenAcquisition/TokenAcquisition.ManagedIdentity.cs
+++ b/src/Microsoft.Identity.Web.TokenAcquisition/TokenAcquisition.ManagedIdentity.cs
@@ -9,6 +9,7 @@
 using Microsoft.Identity.Abstractions;
 using Microsoft.Identity.Client;
 using Microsoft.Identity.Client.AppConfig;
+using Microsoft.Identity.Web.TestOnly;
 using Microsoft.IdentityModel.Tokens;
 
 namespace Microsoft.Identity.Web
diff --git a/src/Microsoft.Identity.Web.TokenAcquisition/TokenAcquisition.cs b/src/Microsoft.Identity.Web.TokenAcquisition/TokenAcquisition.cs
index e66a1d296..dfe17bcc5 100644
--- a/src/Microsoft.Identity.Web.TokenAcquisition/TokenAcquisition.cs
+++ b/src/Microsoft.Identity.Web.TokenAcquisition/TokenAcquisition.cs
@@ -21,6 +21,7 @@
 using Microsoft.Identity.Client.Advanced;
 using Microsoft.Identity.Client.Extensibility;
 using Microsoft.Identity.Web.Experimental;
+using Microsoft.Identity.Web.TestOnly;
 using Microsoft.Identity.Web.TokenCacheProviders;
 using Microsoft.Identity.Web.TokenCacheProviders.InMemory;
 using Microsoft.IdentityModel.JsonWebTokens;
diff --git a/tests/DevApps/daemon-app/daemon-app-msi/readme.md b/tests/DevApps/daemon-app/daemon-app-msi/readme.md
index 592c12d45..ffeb4469b 100644
--- a/tests/DevApps/daemon-app/daemon-app-msi/readme.md
+++ b/tests/DevApps/daemon-app/daemon-app-msi/readme.md
@@ -1,7 +1,7 @@
 # VM-Hosted Key Vault Secret Retriever
 
 Tiny console app that runs **inside an Azure VM** configured with a **User-Assigned Managed Identity (UAMI)**.  
-Its only job is to fetch **Secret** from an Azure Key Vault section in *appsettings.json*.
+Its only job is to fetch **Secret** from an Azure Key Vault section specified in the *appsettings.json*.
 
 ---
 
@@ -21,28 +21,10 @@ Its only job is to fetch **Secret** from an Azure Key Vault section in *appsetti
 
 ## 2. How the Code Works
 
-```txt
-┌─────────────┐    1. TokenAcquirerFactory auto-binds
-│ appsettings │─── to Azure credentials (UAMI) on the VM.
-└─────────────┘
-        │
-        ▼
-┌────────────────────┐   2. Register “AzureKeyVault” downstream API
-│  DI Service graph  │── using the config section.
-└────────────────────┘
-        │
-        ▼
-┌───────────────────────┐
-│  IDownstreamApi.Call  │ 3. GET {vault-url}/secrets/secret?api-version=7.4
-└───────────────────────┘
-        │
-        ▼
-┌───────────────────────┐
-│  HttpResponseMessage  │ 4. Parse JSON; extract `value`.
-└───────────────────────┘
-        │
-        ▼
-┌───────────────────────┐
-│  Console logging      │ 5. Log *success*.
-└───────────────────────┘
+```mermaid
+flowchart TD
+    A["1️⃣ **appsettings.json**<br/>(TokenAcquirerFactory auto-binds UAMI creds)"] --> B["2️⃣ **DI Container**<br/>(register “AzureKeyVault” downstream API)"]
+    B --> C["3️⃣ **IDownstreamApi.Call**<br/>GET {vault-url}/secrets/secret?api-version=7.4"]
+    C --> D["4️⃣ **HttpResponseMessage**<br/>Parse JSON → extract `value`"]
+    D --> E["5️⃣ **Console logging**<br/>Log *success*"]
 ```
diff --git a/tests/Microsoft.Identity.Web.Test/TestManagedIdentityHttpFactory.cs b/tests/Microsoft.Identity.Web.Test/TestManagedIdentityHttpFactory.cs
index c6ce6a0f2..ddad6546c 100644
--- a/tests/Microsoft.Identity.Web.Test/TestManagedIdentityHttpFactory.cs
+++ b/tests/Microsoft.Identity.Web.Test/TestManagedIdentityHttpFactory.cs
@@ -2,6 +2,7 @@
 // Licensed under the MIT License.
 
 using Microsoft.Identity.Client;
+using Microsoft.Identity.Web.TestOnly;
 
 namespace Microsoft.Identity.Web.Test
 {