From 973c3102bb550929ca77c00bfc0bc88bc373eba8 Mon Sep 17 00:00:00 2001
From: Ryan Richard <richardry@vmware.com>
Date: Thu, 21 Apr 2022 14:50:48 -0700
Subject: [PATCH 1/7] add audit logging proposal

---
 proposals/1141_audit-logging/README.md | 323 +++++++++++++++++++++++++
 1 file changed, 323 insertions(+)
 create mode 100644 proposals/1141_audit-logging/README.md

diff --git a/proposals/1141_audit-logging/README.md b/proposals/1141_audit-logging/README.md
new file mode 100644
index 00000000..d6ae0341
--- /dev/null
+++ b/proposals/1141_audit-logging/README.md
@@ -0,0 +1,323 @@
+---
+title: "Audit Logging"
+authors: [ "@cfryanr" ]
+status: "in-review"
+sponsor: [ ]
+approval_date: ""
+---
+
+*Disclaimer*: Proposals are point-in-time designs and decisions. Once approved and implemented, they become historical
+documents. If you are reading an old proposal, please be aware that the features described herein might have continued
+to evolve since.
+
+# Audit Logging
+
+## Problem Statement
+
+Audit logging is a requirement from most compliance standards (e.g. FedRAMP, PCI-DSS). The Pinniped Supervisor and
+Concierge components should provide audit logs to help users meet these compliance requirements.
+
+The Kubernetes API server already supports
+rich [audit logging features](https://kubernetes.io/docs/tasks/debug-application-cluster/audit/) which are implemented
+by vendors of Kubernetes distributions. The Pinniped audit logs are meant to augment, not replace, the Kubernetes audit
+logs.
+
+### How Pinniped Works Today (as of version v0.16.0)
+
+The Pinniped Supervisor and Concierge components are Kubernetes Deployments. Today, each Pod has a single container,
+which is the Supervisor or Concierge app. Kubernetes captures the stdout of the app into the Pod logs.
+
+Today, the Pinniped Supervisor and Concierge log many interesting events to their Pod logs. These logs are meant
+primarily to help an admin user debug problems with their Pinniped configuration or with their cluster. The Supervisor
+and Concierge each offer an install-time configuration option to turn up the verbosity of these Pod logs.
+
+However, these logs are not meant to be audit logs. They generally focus on logging problems, not on logging successes.
+They try to avoid logging anything that might be confidential or PII (personally identifiable information). Since email
+addresses might be considered PII, these logs generally avoid including usernames at the default log level, since
+usernames could be email addresses in some configurations. Logging the identity of actors (usernames) are a key aspect
+of audit logs.
+
+## Terminology / Concepts
+
+None.
+
+## Proposal
+
+The goal of an audit log is to log events that could be helpful in a forensic investigation of past usage, including the
+actor (the username) and the actions that were taken on the system.
+
+### Goals and Non-goals
+
+Goals
+
+- Auditing events relating to upstream identity provider (IDP) authentication, refresh, and sessions.
+- Auditing events relating to minting and validating cluster credentials.
+- Enabling auditors to easily stitch together authentication events into an audit trail.
+- Provide consistent data across auditable events.
+- Provide the ability to enable and disable auditing.
+- Provide the ability to route audit logs to a separate destination from the rest of Pinniped’s logs.
+
+Non-goals
+
+- Enabling auditing in the impersonation proxy. If needed, this will be handled in a separate feature.
+- Providing the ability to filter or choose which audit events to capture.
+- Auditing the management of CRs (e.g. OIDCIdentityProvider). These events are captured by the API server audit logs.
+
+### Specification / How it Solves the Use Cases
+
+This proposal recommends following the recommendation of the Kubernetes docs to create a separate Pod container log.
+This new container log will contain the audit logs (and only the audit logs).
+
+#### API Changes
+
+##### Configuration Options
+
+There will be very few user-facing configuration options for audit logging in the first version of the feature. If later
+found to be needed, more configuration could be added in future versions.
+
+This proposal recommends adding a single on/off install-time configuration option for disabling audit logs. By default,
+audit logs will be enabled. An admin user who is concerned about logging identities, for example because usernames may
+be considered PII, may disable audit logging.
+
+Like other install-time configuration options, this option would appear in the values.yaml file of the Supervisor and
+Concierge deployment directories. The selected value would be rendered into the "static" ConfigMap, and read by the
+Supervisor or Concierge app's Golang code at Pod startup time.
+
+##### Event Data
+
+Deciding every specific audit event is an implementation detail beyond the scope of this proposal.
+
+Generally, the following data should be included with every audit event, whenever possible:
+
+- What type of event occurred (e.g. login)
+- Outcomes of event (succeed or fail)
+- When the event occurred
+- Where the event occurred (Kubernetes Pod logs automatically include the ID of the Pod, which should be sufficient)
+- Source of the event (e.g. requester IP address)
+- The identity of individuals or subjects associated with the event (who initiated, who participated. etc.)
+- Details involving any objects accessed
+
+The Supervisor's audit logs would include events such as:
+
+- Upstream logins for all IdP types (started, succeeded, failed)
+- Upstream refresh for all IdP types (succeeded, failed)
+- Upstream group refresh for all IdP types (succeeded, failed)
+- Downstream login (started, succeeded, failed)
+- Downstream token exchange (succeeded, failed)
+- Session expired
+- Maybe: The equivalent of access log events for all Supervisor endpoints, since there is no other component providing
+  access logs. This would include logging things like calls to the Supervisor's OIDC well-known discovery endpoint.
+  These logs could help an investigator determine more about the usage pattern of a suspicious client.
+- Maybe: Newly authenticated user is associated with “admin” RBAC. Note that the Supervisor is not directly aware of
+  RBAC, so determining this would require otherwise unnecessary calls to the Kubernetes API server, which would degrade
+  the performance of the Supervisor. It's also not clear what would constitute "admin" level access, since RBAC is
+  configurable at a very fine-grained level. On the other hand, the Supervisor is directly aware of the user's group
+  memberships, which could be logged.
+
+The Concierge's audit logs would include events such as:
+
+- Token credential request (succeeded, failed, maybe maps to admin RBAC). While already captured by the API server audit
+  logs, those should likely be set to metadata. Duplicating the event allows for more controlled capture & management of
+  data.
+- WhoAmI Request. While already captured by the API server audit logs, duplicating the event allows for more controlled
+  capture & management of data.
+
+Other events may be useful to auditors and may be included in the audit logs, such as:
+
+- Application startup with version information
+- Graceful application shutdown
+
+##### Audit Logs as Separate Log Files
+
+The Concierge and Supervisor apps could each send audit logs to separate files on disk in JSON format. The performance
+impact of logging to a file should be acceptable thanks to file buffering, but this assumption should be tested. Note
+that this approach would not guarantee that the log statement is flushed to the file before the action is performed,
+because then we would lose the benefit of buffering. It would be "best effort" to the file, e.g. the process crashing
+might lose a few lines of logs. A normal pod shutdown should be able to flush the file without any loss.
+
+[A new streaming sidecar container](https://kubernetes.io/docs/concepts/cluster-administration/logging/#sidecar-container-with-logging-agent)
+will be added to both the Concierge and Supervisor apps Deployments' Pods. These containers will tail those audit logs
+to stdout, thus effectively moving those log lines from files on the Pod to Kubernetes container logs. Those sidecar
+container images can be minimal with just enough in the image to support the unix `tail` command (or similar Go binary,
+such as [hpcloud/tail](https://github.com/hpcloud/tail)).
+
+Kubernetes will take care of concerns such as log rotation for the container logs. For the files on the Pod's disk
+output by the Supervisor and Concierge apps, we should research whether Pinniped should have code to avoid allowing
+those files from growing too large. Old lines can be discarded since the sidecar container should have already streamed
+them.
+
+Container logs in JSON format are easy for node-level logging agents, e.g. fluentbit, to ingest/annotate/parse/filter
+and send to numerous sink destinations. These containers could still run when audit logs are disabled by the admin, but
+would produce no log lines in that case.
+
+##### Parsing, Filtering, and Sending Audit Logs to an External Destination
+
+Many users will use the popular [fluentbit](https://fluentbit.io) project to filter and extract Pod logs from their
+cluster. This project implements
+a [node-level log agent](https://kubernetes.io/docs/concepts/cluster-administration/logging/#using-a-node-logging-agent)
+which understands the Kubernetes directory and file layout for Pod logs. It also has a feature to further enrich the
+logs
+by [automatically adding more information about the source Pod](https://docs.fluentbit.io/manual/pipeline/filters/kubernetes)
+to each event (line) in the log. It supports many configurable options
+for [parsing](https://docs.fluentbit.io/manual/pipeline/parsers),
+[filtering](https://docs.fluentbit.io/manual/pipeline/filters), and sending logs
+to [many destinations](https://docs.fluentbit.io/manual/pipeline/outputs).
+
+By putting the Supervisor and Concierge audit logs into their own Pod logs, Pinniped will be compatible with any
+existing node-level agent software which can extract logs from a Kubernetes cluster. This allows the Pinniped code to
+focus on generating the logs as JSON, without worrying about providing any configuration options for filtering or
+sending to various destinations.
+
+##### Audit Log JSON Format
+
+Each line of audit log will represent an event. Each line will be a complete JSON object,
+i.e. `{"key1":"value1","key2":"value2"}`.
+
+Some, but not all, events will be the result of a user making an API request to an endpoint. One API request from a user
+may cause more than one event to be logged. If possible, unique ID will be determined for each incoming request, and
+will be included in all events caused by that request.
+
+Where possible, the top-level keys of the JSON object will use standardized names. Other top-level keys specific to that
+action type may be added. All keys should be included in documentation for the audit log feature.
+
+Every event should include these keys:
+
+- `time`: the timestamp of the event
+- `event`: the event type, which is a brief description of what happened, with no string interpolation, so it will
+  always be the same for a given event type (e.g. `upstream refresh succeeded`)
+- `v`: a number specifying the format version of the event type, starting with `1`, to give us flexibility to make
+  breaking changes to the format of an event type in future releases (e.g. change the name of the JSON keys, or change
+  the data type of the value of an existing key)
+
+Depending on the event type, an event might include other keys, such as:
+
+- `msg`: a freeform warning or error message meant to be read by a human (e.g. the error message that was returned by an
+  upstream IDP during a failed login attempt)
+- `requestID`: a unique ID for the request, if the event is related to an API request
+- `requestPath`: the path of the endpoint, if the event is related to an API request
+- `requestorIP`: the client's IP, if the event is related to an API request
+- `user`: the username of the user performing the action, if there is one
+- `groups`: the group memberships of the user performing the action, if the action is related determining or changing
+  their group memberships
+
+The details of these additional keys will be worked out as the details of the specific events are being worked out,
+during implementation of this proposal.
+
+##### Audit Log Timestamps
+
+The date format used in the audit logs should be something which can be easily parsed by fluentbit, to make it easy for
+users to configure fluentbit. We could easily document this to provide instructions on how to configure a custom
+fluentbit parser for Pinniped audit logs. We should probably
+avoid [fluentbit's default json parser's](https://github.com/fluent/fluent-bit/blob/845b6ae8576077fd512dbe64fb8e16ff4b15abdb/conf/parsers.conf#L35-L39)
+date format, which assumes dates will be in an ugly format and also lacks sub-second precision
+(e.g. `08/Apr/2022:19:24:01 +0000`).
+
+fluentbit uses [strptime](https://linux.die.net/man/3/strptime)
+with [an extension for fractional seconds](https://docs.fluentbit.io/manual/pipeline/parsers/configuring-parser#time-resolution-and-fractional-seconds)
+to parse timestamps.
+
+It would be desirable for a timestamp to:
+
+1. Be human-readable (e.g. not seconds since an epoch)
+2. Be easily parsable by log parsers, especially fluentbit
+3. Be expressed in UTC time
+4. Use at least millisecond precision
+5. Use the consistent JSON key name `time`
+
+[Syslog's RFC 5424](https://datatracker.ietf.org/doc/html/rfc5424#section-6.2.3) defines a timestamp format which meets
+the above goals. An example timestamp in this format is `2003-10-11T22:14:15.003` which is represents UTC time on
+October 11, 2003 at 10:14:15 pm, 3 milliseconds into the next second.
+
+Given this timestamp format, the following fluentbit configuration could be used to parse Pinniped's audit logs.
+
+```
+    [PARSER]
+      Name   json
+      Format json
+      Time_Key time
+      Time_Format %Y-%m-%dT%H:%M:%S.%L
+```
+
+#### Upgrades
+
+Since audit logs will be output to a new location, there are not any backward compatibility concerns for them in the
+first release.
+
+Adding a second container to the Pods in generally not noticeable by a user, but may have some impact on existing
+installations in some rare cases, so it should be explained in the release notes. For example, a GKE Ingress will, by
+default, read the Pod's container definition to try to guess the health check endpoint for the backend Service of the
+Ingress. When there is only one container, it will try to guess, but where there is more than one container it will give
+up on guessing and instead expect the user to configure the health checks. So upgrading could break the health checks of
+a GKE Ingress, if no health checks were configured.
+
+#### Tests
+
+Audit logging will be a user-facing feature, and the format of the logs should be considered a kind of documented API.
+Unnecessary changes to the format should be avoided after the first release. Therefore, all audit log events should be
+covered by unit tests.
+
+This implies that it may be desirable for the implementation to involve passing around a pointer to some interface to
+all code which needs to add events to the audit log. Such an implementation would make the audit logs more testable. A
+production code implementation of the interface should take care of common concerns, such as adding the timestamp,
+deciding required key names, and formatting the output as JSON. A test implementation of the interface could handle
+those common concerns differently to make testing easier.
+
+#### New Dependencies
+
+- We might want to consider using a library like [zap](https://github.com/uber-go/zap) to aid in implementation, but
+  that is already an indirect dependency of Pinniped.
+- The new streaming sidecar container will need a container image. Using the existing pinniped-server container image
+  seems desirable. It is a distroless image, which is good for security. And it is the only image that we currently ship
+  in Pinniped releases. One option to make this happen would be to implement the tail command in Go, but any binary that
+  can work in a distroless image should be okay. We should avoid adding linux standard libraries to the container image,
+  so the binary should be statically linked with no external dependencies. The binary should support the same OS and
+  architecture that our existing Go binary supports.
+
+#### Performance Considerations
+
+By using buffered output to write to the audit log files, there should not be any meaningful performance impact. This
+assumption should be tested.
+
+#### Observability Considerations
+
+Auditing will improve operator observability, as described in the other sections of this document.
+
+#### Security Considerations
+
+The audit logs will be Pod container logs, so the contents of the logs will be protected by Kubernetes like any Pod
+container logs.
+
+#### Usability Considerations
+
+By using Pod container logs, the user will have many options to manage these logs.
+
+#### Documentation Considerations
+
+The supported audit event types, and they JSON keys output for each event type, should be documented. Users should be
+able to build their own parsers for these events based on the documentation.
+
+If the production code implementation of the audit interface used Golang constants for all allowed JSON key names and
+event type names, and otherwise enforced certain standards, then it may be possible to auto-generate (or nearly
+auto-generate) the documentation for the audit event types.
+
+### Other Approaches Considered
+
+None yet.
+
+## Open Questions
+
+- Should we output events that can function similar to access logs for the Supervisor endoints?
+- Should we try to somehow detect that a user is "root-like"?
+
+## Answered Questions
+
+None yet.
+
+## Implementation Plan
+
+The maintainers will implement these features. It might fit into one PR.
+
+## Implementation PRs
+
+*This section is a placeholder to list the PRs that implement this proposal. This section should be left empty until
+after the proposal is approved. After implementation, the proposal can be updated to list related implementation PRs.*

From dfbc33b933cdb5e43982c821fe5fbf65192b95be Mon Sep 17 00:00:00 2001
From: Ryan Richard <richardry@vmware.com>
Date: Mon, 2 May 2022 09:47:09 -0700
Subject: [PATCH 2/7] Apply suggestions from code review

Co-authored-by: Mo Khan <i@monis.app>
---
 proposals/1141_audit-logging/README.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/proposals/1141_audit-logging/README.md b/proposals/1141_audit-logging/README.md
index d6ae0341..bc64a476 100644
--- a/proposals/1141_audit-logging/README.md
+++ b/proposals/1141_audit-logging/README.md
@@ -25,7 +25,7 @@ logs.
 ### How Pinniped Works Today (as of version v0.16.0)
 
 The Pinniped Supervisor and Concierge components are Kubernetes Deployments. Today, each Pod has a single container,
-which is the Supervisor or Concierge app. Kubernetes captures the stdout of the app into the Pod logs.
+which is the Supervisor or Concierge app. Kubernetes captures the stdout and stderr of the app into the Pod logs.
 
 Today, the Pinniped Supervisor and Concierge log many interesting events to their Pod logs. These logs are meant
 primarily to help an admin user debug problems with their Pinniped configuration or with their cluster. The Supervisor
@@ -59,7 +59,7 @@ Goals
 
 Non-goals
 
-- Enabling auditing in the impersonation proxy. If needed, this will be handled in a separate feature.
+- Enabling Kubernetes API request auditing in the impersonation proxy. If needed, this will be handled in a separate feature.
 - Providing the ability to filter or choose which audit events to capture.
 - Auditing the management of CRs (e.g. OIDCIdentityProvider). These events are captured by the API server audit logs.
 
@@ -252,7 +252,7 @@ a GKE Ingress, if no health checks were configured.
 
 #### Tests
 
-Audit logging will be a user-facing feature, and the format of the logs should be considered a kind of documented API.
+Audit logging will be a user-facing feature, and the format of the logs should be considered a documented and versioned API.
 Unnecessary changes to the format should be avoided after the first release. Therefore, all audit log events should be
 covered by unit tests.
 

From 831abc315ee10fccf099fb68023e49342dbb2cf0 Mon Sep 17 00:00:00 2001
From: Ryan Richard <richardry@vmware.com>
Date: Mon, 9 May 2022 14:45:18 -0700
Subject: [PATCH 3/7] Update audit log proposal key names and timestamp format

---
 proposals/1141_audit-logging/README.md | 39 +++++++++++++++++---------
 1 file changed, 26 insertions(+), 13 deletions(-)

diff --git a/proposals/1141_audit-logging/README.md b/proposals/1141_audit-logging/README.md
index bc64a476..4ebe9cc9 100644
--- a/proposals/1141_audit-logging/README.md
+++ b/proposals/1141_audit-logging/README.md
@@ -59,7 +59,8 @@ Goals
 
 Non-goals
 
-- Enabling Kubernetes API request auditing in the impersonation proxy. If needed, this will be handled in a separate feature.
+- Enabling Kubernetes API request auditing in the impersonation proxy. If needed, this will be handled in a separate
+  feature.
 - Providing the ability to filter or choose which audit events to capture.
 - Auditing the management of CRs (e.g. OIDCIdentityProvider). These events are captured by the API server audit logs.
 
@@ -170,6 +171,12 @@ sending to various destinations.
 
 ##### Audit Log JSON Format
 
+The
+[format of Kubernetes audit logs](https://github.com/kubernetes/kubernetes/blob/d0832102a7017e83bf47a5137b690e52f19c267c/staging/src/k8s.io/apiserver/pkg/apis/audit/v1/types.go#L72-L142)
+is not a perfect fit for Pinniped. The Kubernetes audit logs are strongly oriented towards API requests for Kubernetes
+resources, with many of the fields representing the details of a request and response. The format of the Pinniped audit
+logs will draw inspiration from the Kubernetes audit events without trying to directly copy them.
+
 Each line of audit log will represent an event. Each line will be a complete JSON object,
 i.e. `{"key1":"value1","key2":"value2"}`.
 
@@ -194,11 +201,15 @@ Depending on the event type, an event might include other keys, such as:
 - `msg`: a freeform warning or error message meant to be read by a human (e.g. the error message that was returned by an
   upstream IDP during a failed login attempt)
 - `requestID`: a unique ID for the request, if the event is related to an API request
-- `requestPath`: the path of the endpoint, if the event is related to an API request
-- `requestorIP`: the client's IP, if the event is related to an API request
-- `user`: the username of the user performing the action, if there is one
-- `groups`: the group memberships of the user performing the action, if the action is related determining or changing
-  their group memberships
+- `requestURI`: the path of the endpoint, if the event is related to an API request
+- `verb`: the REST method called on the endpoint, if the event is related to an API request
+- `sourceIPs`: the client's IPs, if the event is related to an API request
+- `userAgent`: the user agent string reported by the client, if the event is related to an API request
+- `user`: a nested structure which can include the `username`, `groups`, and `uid` of the user performing the action, if
+  there is one
+
+The names of many of these keys are purposefully similar to the names of the keys used by Kubernetes audit events to
+make them feel familiar.
 
 The details of these additional keys will be worked out as the details of the specific events are being worked out,
 during implementation of this proposal.
@@ -224,9 +235,11 @@ It would be desirable for a timestamp to:
 4. Use at least millisecond precision
 5. Use the consistent JSON key name `time`
 
-[Syslog's RFC 5424](https://datatracker.ietf.org/doc/html/rfc5424#section-6.2.3) defines a timestamp format which meets
-the above goals. An example timestamp in this format is `2003-10-11T22:14:15.003` which is represents UTC time on
-October 11, 2003 at 10:14:15 pm, 3 milliseconds into the next second.
+Golang's standard library's [interpretation](https://pkg.go.dev/time#pkg-constants) of RFC 3339 with nanosecond
+precision defines a timestamp format which meets the above goals. An example timestamp in this format, printed
+by `fmt.Println(time.Now().UTC().Format(time.RFC3339Nano))`, is `2022-05-09T21:32:59.811913Z`, which represents UTC time
+on May 9, 2022, at 21:32:59 pm, 811913 nanoseconds into the next second. Note that trailing zeros on the nanoseconds are
+dropped, so the length of the nanoseconds field is variable in the output.
 
 Given this timestamp format, the following fluentbit configuration could be used to parse Pinniped's audit logs.
 
@@ -235,7 +248,7 @@ Given this timestamp format, the following fluentbit configuration could be used
       Name   json
       Format json
       Time_Key time
-      Time_Format %Y-%m-%dT%H:%M:%S.%L
+      Time_Format %Y-%m-%dT%H:%M:%S.%LZ
 ```
 
 #### Upgrades
@@ -252,9 +265,9 @@ a GKE Ingress, if no health checks were configured.
 
 #### Tests
 
-Audit logging will be a user-facing feature, and the format of the logs should be considered a documented and versioned API.
-Unnecessary changes to the format should be avoided after the first release. Therefore, all audit log events should be
-covered by unit tests.
+Audit logging will be a user-facing feature, and the format of the logs should be considered a documented and versioned
+API. Unnecessary changes to the format should be avoided after the first release. Therefore, all audit log events should
+be covered by unit tests.
 
 This implies that it may be desirable for the implementation to involve passing around a pointer to some interface to
 all code which needs to add events to the audit log. Such an implementation would make the audit logs more testable. A

From 3cf3b28c5b0a24b5f9adf08fb40cb0716e42034e Mon Sep 17 00:00:00 2001
From: Ryan Richard <richardry@vmware.com>
Date: Wed, 22 Jun 2022 15:12:28 -0700
Subject: [PATCH 4/7] Update audit log proposal

---
 proposals/1141_audit-logging/README.md | 41 +++++++++++++++-----------
 1 file changed, 23 insertions(+), 18 deletions(-)

diff --git a/proposals/1141_audit-logging/README.md b/proposals/1141_audit-logging/README.md
index 4ebe9cc9..994b996c 100644
--- a/proposals/1141_audit-logging/README.md
+++ b/proposals/1141_audit-logging/README.md
@@ -77,8 +77,7 @@ There will be very few user-facing configuration options for audit logging in th
 found to be needed, more configuration could be added in future versions.
 
 This proposal recommends adding a single on/off install-time configuration option for disabling audit logs. By default,
-audit logs will be enabled. An admin user who is concerned about logging identities, for example because usernames may
-be considered PII, may disable audit logging.
+audit logs will be disabled. Usernames may be considered PII, so disabled by default avoids potentially logging PII.
 
 Like other install-time configuration options, this option would appear in the values.yaml file of the Supervisor and
 Concierge deployment directories. The selected value would be rendered into the "static" ConfigMap, and read by the
@@ -106,20 +105,23 @@ The Supervisor's audit logs would include events such as:
 - Downstream login (started, succeeded, failed)
 - Downstream token exchange (succeeded, failed)
 - Session expired
-- Maybe: The equivalent of access log events for all Supervisor endpoints, since there is no other component providing
+- The equivalent of access log events for all Supervisor endpoints, since there is no other component providing
   access logs. This would include logging things like calls to the Supervisor's OIDC well-known discovery endpoint.
   These logs could help an investigator determine more about the usage pattern of a suspicious client.
-- Maybe: Newly authenticated user is associated with “admin” RBAC. Note that the Supervisor is not directly aware of
-  RBAC, so determining this would require otherwise unnecessary calls to the Kubernetes API server, which would degrade
-  the performance of the Supervisor. It's also not clear what would constitute "admin" level access, since RBAC is
-  configurable at a very fine-grained level. On the other hand, the Supervisor is directly aware of the user's group
-  memberships, which could be logged.
+- The identity (username, group memberships) of newly authenticated users
+- Newly authenticated user is associated with “admin-like” RBAC. Any user that is allowed to perform
+  `verbs=* groups=* resources=*` according to a subject access review API call shall be considered "admin-like".
+  This would only indicate that the user has "admin-like" permissions on the Supervisor cluster itself, not on other
+  workload clusters, since the Supervisor is not aware of the RBAC settings on the workload clusters.
 
 The Concierge's audit logs would include events such as:
 
-- Token credential request (succeeded, failed, maybe maps to admin RBAC). While already captured by the API server audit
+- Token credential request (succeeded, failed, maps to admin RBAC). While already captured by the API server audit
   logs, those should likely be set to metadata. Duplicating the event allows for more controlled capture & management of
   data.
+  - Similar to the Supervisor, the TCR endpoint could log when an authenticated user is associated with “admin-like”
+    RBAC. Any user that is allowed to perform `verbs=* groups=* resources=*` according to a subject access review API
+    call shall be considered "admin-like".
 - WhoAmI Request. While already captured by the API server audit logs, duplicating the event allows for more controlled
   capture & management of data.
 
@@ -140,7 +142,8 @@ might lose a few lines of logs. A normal pod shutdown should be able to flush th
 will be added to both the Concierge and Supervisor apps Deployments' Pods. These containers will tail those audit logs
 to stdout, thus effectively moving those log lines from files on the Pod to Kubernetes container logs. Those sidecar
 container images can be minimal with just enough in the image to support the unix `tail` command (or similar Go binary,
-such as [hpcloud/tail](https://github.com/hpcloud/tail)).
+such as [hpcloud/tail](https://github.com/hpcloud/tail), although that particular example library may not be maintained
+anymore).
 
 Kubernetes will take care of concerns such as log rotation for the container logs. For the files on the Pod's disk
 output by the Supervisor and Concierge apps, we should research whether Pinniped should have code to avoid allowing
@@ -189,7 +192,7 @@ action type may be added. All keys should be included in documentation for the a
 
 Every event should include these keys:
 
-- `time`: the timestamp of the event
+- `timestamp`: the timestamp of the event
 - `event`: the event type, which is a brief description of what happened, with no string interpolation, so it will
   always be the same for a given event type (e.g. `upstream refresh succeeded`)
 - `v`: a number specifying the format version of the event type, starting with `1`, to give us flexibility to make
@@ -198,7 +201,7 @@ Every event should include these keys:
 
 Depending on the event type, an event might include other keys, such as:
 
-- `msg`: a freeform warning or error message meant to be read by a human (e.g. the error message that was returned by an
+- `message`: a freeform warning or error message meant to be read by a human (e.g. the error message that was returned by an
   upstream IDP during a failed login attempt)
 - `requestID`: a unique ID for the request, if the event is related to an API request
 - `requestURI`: the path of the endpoint, if the event is related to an API request
@@ -209,7 +212,8 @@ Depending on the event type, an event might include other keys, such as:
   there is one
 
 The names of many of these keys are purposefully similar to the names of the keys used by Kubernetes audit events to
-make them feel familiar.
+make them feel familiar. Also, where it makes sense, the key names should be similar to
+[those used in the Pinniped Pod logs](https://github.com/vmware-tanzu/pinniped/blob/main/internal/plog/zap.go#L104-L120).
 
 The details of these additional keys will be worked out as the details of the specific events are being worked out,
 during implementation of this proposal.
@@ -233,7 +237,7 @@ It would be desirable for a timestamp to:
 2. Be easily parsable by log parsers, especially fluentbit
 3. Be expressed in UTC time
 4. Use at least millisecond precision
-5. Use the consistent JSON key name `time`
+5. Use the consistent JSON key name `timestamp`
 
 Golang's standard library's [interpretation](https://pkg.go.dev/time#pkg-constants) of RFC 3339 with nanosecond
 precision defines a timestamp format which meets the above goals. An example timestamp in this format, printed
@@ -247,7 +251,7 @@ Given this timestamp format, the following fluentbit configuration could be used
     [PARSER]
       Name   json
       Format json
-      Time_Key time
+      Time_Key timestamp
       Time_Format %Y-%m-%dT%H:%M:%S.%LZ
 ```
 
@@ -319,12 +323,13 @@ None yet.
 
 ## Open Questions
 
-- Should we output events that can function similar to access logs for the Supervisor endoints?
-- Should we try to somehow detect that a user is "root-like"?
+None.
 
 ## Answered Questions
 
-None yet.
+- Should we output events that can function similar to access logs for the Supervisor endpoints?
+  Yes (paragraphs above updated).
+- Should we try to somehow detect that a user is "root-like"? Yes (paragraphs above updated).
 
 ## Implementation Plan
 

From 5b0c165dc8297967bd323e793acf9d086bb25c20 Mon Sep 17 00:00:00 2001
From: Ryan Richard <richardry@vmware.com>
Date: Tue, 28 Jun 2022 12:44:41 -0700
Subject: [PATCH 5/7] fix usage of base64 in hack script

---
 hack/prepare-supervisor-on-kind.sh | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/hack/prepare-supervisor-on-kind.sh b/hack/prepare-supervisor-on-kind.sh
index 6a573b1c..a56e5970 100755
--- a/hack/prepare-supervisor-on-kind.sh
+++ b/hack/prepare-supervisor-on-kind.sh
@@ -254,6 +254,13 @@ EOF
     --dry-run=client --output yaml | kubectl apply -f -
 fi
 
+if [[ "$OSTYPE" == "darwin"* ]]; then
+  certificateAuthorityData=$(cat "$root_ca_crt_path" | base64)
+else
+  # Linux base64 requires an extra flag to keep the output on one line.
+  certificateAuthorityData=$(cat "$root_ca_crt_path" | base64 -w 0)
+fi
+
 # Make a JWTAuthenticator which respects JWTs from the Supervisor's issuer.
 # The issuer URL must be accessible from within the cluster for OIDC discovery.
 cat <<EOF | kubectl apply -f -
@@ -265,7 +272,7 @@ spec:
   issuer: $issuer
   audience: $audience
   tls:
-    certificateAuthorityData: $(cat "$root_ca_crt_path" | base64)
+    certificateAuthorityData: $certificateAuthorityData
 EOF
 
 echo "Waiting for JWTAuthenticator to initialize..."

From 1e56968491f0fd2d2d532d2e98ac952e9faab381 Mon Sep 17 00:00:00 2001
From: Monis Khan <i@monis.app>
Date: Thu, 21 Jul 2022 17:51:26 -0400
Subject: [PATCH 6/7] =?UTF-8?q?Update=20current=20maintainers=20=E2=9C=8C?=
 =?UTF-8?q?=EF=B8=8F=F0=9F=91=8B=F0=9F=AB=A1?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Monis Khan <mok@vmware.com>
---
 MAINTAINERS.md                                |   7 +++--
 .../pinniped/layouts/partials/team.html       |  27 +++++++-----------
 .../pinniped/static/img/ben-petersen.png      | Bin 0 -> 17231 bytes
 .../pinniped/static/img/margo-crawford.png    | Bin 37975 -> 0 bytes
 site/themes/pinniped/static/img/mo-khan.png   | Bin 20615 -> 0 bytes
 .../pinniped/static/img/nanci-lancaster.png   | Bin 31548 -> 0 bytes
 .../pinniped/static/img/nigel-brown.png       | Bin 0 -> 9225 bytes
 7 files changed, 14 insertions(+), 20 deletions(-)
 create mode 100644 site/themes/pinniped/static/img/ben-petersen.png
 delete mode 100644 site/themes/pinniped/static/img/margo-crawford.png
 delete mode 100644 site/themes/pinniped/static/img/mo-khan.png
 delete mode 100644 site/themes/pinniped/static/img/nanci-lancaster.png
 create mode 100644 site/themes/pinniped/static/img/nigel-brown.png

diff --git a/MAINTAINERS.md b/MAINTAINERS.md
index 1c4a9697..2852926b 100644
--- a/MAINTAINERS.md
+++ b/MAINTAINERS.md
@@ -4,21 +4,22 @@ This is the current list of maintainers for the Pinniped project.
 
 | Maintainer | GitHub ID | Affiliation |
 | --------------- | --------- | ----------- |
-| Margo Crawford | [margocrawf](https://github.com/margocrawf) | [VMware](https://www.github.com/vmware/) |
-| Mo Khan | [enj](https://github.com/enj) | [VMware](https://www.github.com/vmware/) |
 | Anjali Telang | [anjaltelang](https://github.com/anjaltelang) | [VMware](https://www.github.com/vmware/) |
 | Ryan Richard | [cfryanr](https://github.com/cfryanr) | [VMware](https://www.github.com/vmware/) |
+| Ben Petersen | [benjaminapetersen](https://github.com/benjaminapetersen) | [VMware](https://www.github.com/vmware/) |
 
 ## Emeritus Maintainers
 
 * Andrew Keesler, [ankeesler](https://github.com/ankeesler)
 * Pablo Schuhmacher, [pabloschuhmacher](https://github.com/pabloschuhmacher)
 * Matt Moyer, [mattmoyer](https://github.com/mattmoyer)
+* Margo Crawford, [margocrawf](https://github.com/margocrawf)
+* Mo Khan, [enj](https://github.com/enj)
 
 ## Pinniped Contributors & Stakeholders
 
 | Feature Area | Lead |
 | ----------------------------- | :---------------------: |
-| Technical Lead | Mo Khan (enj) |
+| Technical Lead | Ryan Richard (cfryanr) |
 | Product Management | Anjali Telang (anjaltelang) |
 | Community Management | Nigel Brown (pnbrown) |
diff --git a/site/themes/pinniped/layouts/partials/team.html b/site/themes/pinniped/layouts/partials/team.html
index c8c16375..991bfc2d 100644
--- a/site/themes/pinniped/layouts/partials/team.html
+++ b/site/themes/pinniped/layouts/partials/team.html
@@ -3,23 +3,9 @@
         <h2>The Pinniped Project Team:</h2>
         <div class="grid three">
             <div class="bio">
-                <div class="image"><img src="/img/margo-crawford.png" /></div>
+                <div class="image"><img src="/img/nigel-brown.png" /></div>
                 <div class="info">
-                    <p class="name">Margo Crawford</p>
-                    <p class="position">Engineer</p>
-                </div>
-            </div>
-            <div class="bio">
-                <div class="image"><img src="/img/mo-khan.png" /></div>
-                <div class="info">
-                    <p class="name">Mo Khan</p>
-                    <p class="position">Engineer</p>
-                </div>
-            </div>
-            <div class="bio">
-                <div class="image"><img src="/img/nanci-lancaster.png" /></div>
-                <div class="info">
-                    <p class="name">Nanci Lancaster</p>
+                    <p class="name">Nigel Brown</p>
                     <p class="position">Community Manager</p>
                 </div>
             </div>
@@ -37,8 +23,15 @@
                     <p class="position">Engineer</p>
                 </div>
             </div>
+            <div class="bio">
+                <div class="image"><img src="/img/ben-petersen.png" /></div>
+                <div class="info">
+                    <p class="name">Ben Petersen</p>
+                    <p class="position">Engineer</p>
+                </div>
+            </div>
         </div>
         <h3>Contributing:</h3>
         <p>The Pinniped project team welcomes contributions from the community, please see the <a href="https://github.com/vmware-tanzu/pinniped/blob/main/CONTRIBUTING.md">contributor’s guide</a> for more information.</p>
     </div>
-</div>
\ No newline at end of file
+</div>
diff --git a/site/themes/pinniped/static/img/ben-petersen.png b/site/themes/pinniped/static/img/ben-petersen.png
new file mode 100644
index 0000000000000000000000000000000000000000..871000817e586ff7f8f37b3112e8164e10fd955f
GIT binary patch
literal 17231
zcmV)=K!m@EP)<h;3K|Lk000e1NJLTq004LZ004Lh1^@s6Ib=4{001BWNkl<ZcwW`r
z3G{t;S>OBLKM90+QUPTMgA*bV34<U6L1Yw>3j*2zQs$&sq?9fMTF9!ktM_)@dx5qJ
zx4J|wa2XYuN&-d@kXZ(qrwGa@i82WU(&x1~@8A9MZ$jn-&RS=kbN2r3@9=z{`T6dB
z4(xpozfM2>^us>!iBDYaHLrQiWncNqS6=3_m%Z#&e&ttw<wt(<Cx7y~haP(9bq+i1
zu<IUj$RXGL#y7rk+4<b_K5*c`{))f(&2N5b&VBf6U;EmJzVL-FeB|RF|M*A$?(hEY
z17G>dS3Y^#X{UYhVi&vE7q5BEYyQJ+ZgZQ{zE{cg|F8CYWCa82<^SoQ{^`j1{OJMa
z`k(&vr?2z&x4-=wC!BD?)d!GE-~H})-}~vG{^`B>zBeH6O}h=)-j?Z@*Vn)P^}PXk
z`~2b;zqmJj?S1M~pW6G!fBeTUP2ZoGK0fh%-}ikVnSS1N>Zzx`eSm+*10VRnFMN-X
zYMbWw1i(8`?>6(j?*MYE`8*s*BYk_H{p@G={_3y(YVQ@Vc*WiouXx41U;3qA+WWB|
z`?0;l4?lccpmu;xdi@4!0N2j|x;G&1ee#o^-22RDKC}1LuYPsA?oyY!)b=@`JO9<W
z?lsf*vxXU-|HLOg@r&Q>V1HKv{M_e0_s|c2_`^5+(I5TMn;m`h(RUnz-s<8Pzxd?`
zn9;BYHh_TZh42A<jcZ(E@2+>f>)w^GeB}+`Bz2Wu*Lnx6{(SfT@|VB7_cwp@H+vuZ
z*vB@2FL8-W>|OGbm)zO|f7JNi%wzA;m%g<2r_LN+GwojfxzBy>jjw+7tKW6fNhf{R
zsq*hCfZy_#w_I$b@D3wI51;Qp`9t%%^{sDx7$Q@-feKhe2i&O5y?4Ch9eXc*=}Y&n
zd)@195<IqeYahTs)HaD;L3X^~qxv^+-~ayi@BPC+{KE$16|QiF&2E4G^Pk^T`Q<Nv
z`R$mwV2D#rIpwrb>wh~E{oc9$sl!;WeA?5V_Vw=;$^NbYc$}Ln4H0iKg#LF!xT8kx
z9{7vD_=~-<e|xvR?QJ)}NKTR$C_YIV3I3Bm`IEhCU;Em7_qfMB_AYao%j`2msyQi6
zMXwSJI4b%}U;5Gp@JBxKkquDS0Mxj^B+;}44WT{l!9<K>w!KHnr|CD}IN%;X>v`j|
zp7pF#E^44JQh*28OAgWQHlRLmyw+O|(JwKdoAmtIpZ(be((P_{yS=Mk^{V>-BlZe5
zse9{N-?|U*FaPo{Z?-t84cP2(>Nqv89VP)FP^swg%r`r1E<h!%+Fa>MSK1p7eFNAz
z48b{Lw@*I#<n3Dh%)Gxkb3AG0@dxvM(b(#*T~t6{WB?BVe|U)foFV*C2#8?b2oJPZ
zz3Nrl=g<HA&+lF9TG!h5inRfJYL$w9;~U?&0X#N)?+$mk!zTF?B5e}rGmkoZo2oBl
z3Sf*CP=EjTf4>13gOFCz%tI%|j+1<I97f%we*A_#*RlT?L;IP_YX|Iq_V~v?{^J(~
z$QL@m1H_SI+wMQ+^`T?SE}d;fbnl#<aacB|24GaL7s3HJTdHjUzwBi%+xw9p`H{VG
z%J#nh`@etR=CY%%TOF-40vJ%F4@e*V=tnon1R%-BB%~Wd7z4xc3-seU;T08)Ieb#z
zt}{06Gw)N!%>0*W|ICLz^r7$P++SE=UuXco?|tvP>@4ax#^e0wL+m34;6vF~ga;a;
z<UEliHW-oba+ka89dX1F8!-cTRkN7jFaPo{_f9<V#J!*RiJ#cJ)va!|spy!66jA9(
z^vWFC01c3&n3R%4Z@^(bV*+cOsg2>Ta+Ry>P4Z)t&Kxb0jyYy+8*@<E&S8Qd{J|gG
z-own_m@z&)%<%MaAfNK`m%m)db%DPwaDWGl1EaQXJfHt<r0pm~^de={SOi8;FTb?`
z8iFOkjsq&-Qqi28*S+p_Tl*W|_{N(AlbqU#W6wxMm*6PuGQPe@FewB$a4&bc%k9s}
zyf7ue*kg==88Mu;uHmG8-~%7n&KVc8VG5s)QQ@NvPMYx_`IM(T<sBC^!WSsOv+zrf
zt-b$9>EmWWS4RNvyi-zzI3yT>eRs@vc9kSen6&rfKmOwzGh}=7gn`5v0`R-u^{&02
z`I(>D-o>s!P6}flV<9w&6WbPU`AyZ5K0wka7z!{XnDmlV48zG1Dp?Dra9%rOanOWW
z)?h95!7nhDerTqd$NT5pf0%2Zb3r;`7bw63(0>_%JZu(m2!eSdE^a4f2#`0M-EvGD
z0P~J-a+90v-Rx#J+u9>wp^-MgBIT2d-X!COH@xBIXdyPhNSBZaD8SC1`p%|)@Pi-R
zz|<!|%%M-;&BeH+94Nri*O-@01DQKOeg41?{J?e&lVD8!8qYlSk>iIc^u1%g(}o%U
z^O&H=-RoZW`c~%Ve12UJ03Ue7BOY<&QAZv1ABW&~q~ZWmtZ88uTr$G%z)woGebbxX
zwD<bgzkZY6>?$CVUI3CPjtz$l*laZih%M%Pz3pvp+lX(h%tH3uxa=hc$#E;bPQqPd
zPF?`RMCQ)vqjtThWSRgYkyZ?%Pi@U%7dCCGUYq<3OhePm+`c&s|AHCw3CA9LEC=j-
zeVy+Bk5hE3A;RyD<X!Kle(I+Vkfv;6c9wecCLst7C`3g7(hYFZ3t-u)TioIno6SQM
z?SaNlDh!ZP>e+8nMY=GBcH_)!&XGO=WK4Ylhj%M(C7C5N^lNNVwo{|~&Kc=79%kW5
zv%@45ld#*aF+XGZ1UjIN>o@5x0h75v7r<kTVcfS2qaAzPamT&+{6zSC1NcsNy3^qU
z=C6+G`vbsT?|RqUBndDULGl2M0EnAy11uttA^=z{BER#U@7!!Fdw27j-+b@tSHJou
zO+Y}*KmYST-#l&CI1b>#ACice`b20Ngd_nC_?U)DC4H_PZL`mWuF*e0^A`Ywk=SRd
zRv#Eizch$cDOGKKK-0H%{q5iW?Pdzh*}BaMZPFMqI`F;Zw`cvoHvOD9;new(?mXWB
z9`*9ChM12V)pSLRKt!s{f-RuL0KkPA0M4Ewf<@=30QkM{eeWj0qzl0M13p4~s~%wh
zl0<T80V)wF`Xi;rO3Fza2Dtw9ufJUb5H=W*f9~ggZf~^B_B{zUhCaPqt8WgSKCg3~
z>uewbjVgZkyWhPxVc@1MtlfMt1*Qw&3Kzxs`oy&6nSZfk(9aIz{Oj?=|7e`AZ<W2y
z!|Qwj_%V-p%<)6mCm?_Y1A?uyfSjqq7RL~%bRvRMWj<43z(#zb4=K6Pjc&9_3}SI$
zNCtoq4S`5b;g>d~kCupmNS^N)>!vro=_b`Q02K|SBab|CZ=9S>GF@Bg5Xj~YG>ij4
zOkfQFwl-r^(|`Tff4xb#Yx5Pf*9Wkzm(A6W@zIE?H>Xu|k#^$^0~|A(7yjS#fbDka
zc><VPp2Z$FcIkI!;up`kFnL6{+SRVM*{leSYm;n}Y2gThF%U{SL<6u;Lp+J&sra>I
zSBx3w>$i}HJq%1KM8rZsOhLW=@DKm+rka7WCNu7M$2;!LdbVo;L-Ku=`wnzWMM5!9
z^TJg6#4w~Dh}MAVm<IIFo+it?$5<F0o%H9o`B)pe%=O<GX1ni%Vb2>$KG$W)^91nS
z?sm8P4N(8r5b%mi5Wh(si36}j6$&8^0^`~e2vncY0x^8g@j@(w(^teTPIinmAP8^~
zi1heP!V#A@O+_L&DJMw?tv#@lG;=a{ww?o4%ne}k0(fCorUV$q%%qT%HVXjIJoSlj
z+5JMR0Cvn=(8t_p1M^rzDBow!pByH8!12c)|3A*HB%fP=51Ass?FWpPj7>V!LJ<rB
z5E20FoCQ>kDe2&tWPM&SP`j=zGcCp<Q(wTNKDG5qJt7(cAtu5~Jm|;q^2_E^0tIm^
z{prW?=16i#6_E9>tv+4vWo@nnp8l=dXR$ISwa%CtlVZFyn&agHN{-Mfn8mpYE~P+e
z#97NJ!#ub7z2E!2bCvZvR{-Dn&UZd~Ch><ukZV~aX+%sa%_8%ZEAv%&H*tWGZlEAs
zDZ&qZ=tCPgKt*&6fCz|FY0h~-(g@D^G<LaXKpCHXu6TigwDUsTLanM&#@cMvE*0vN
zFF@0fYICpj2yp$Gb2~doI5Sj?n@MmyQ(!Jk5=JQ5k~y+Y?>y;Jr!)^OVl6}0cMoG7
z^UP;H^BjYGjsccio|@|ihl}l4+yIN)0c>IbCc!||#-dWSR4Y&lZ%Cz3<IQh=^F}<G
ztHK@q0MtUOy{7JyK7>Kwyj0h6^hlW(AWM!Eq9oZlLlruVSKeBmq5#ffDN=JK!I_f6
zHf`G`qz`K}CR4ynU<{1g+O==L7aCzueO2Cct+8CokHFY7=a<jA?tV^-6z2%wU;p)A
zzrqau^cnn~1@<`8#4DKl1bAV}T8~YVaA{>iivS295n4fAAAquG3&c2pLf8n=r@k=E
z&hy*|=X&!i4~+>BzMUCmtO7dwZ+yf}a{x{Kml}0E4W;h@avWgA_WIV(ZadGWQK)vN
zh1BZ{puUrO06SLUB_G5!Xj3dbYd?MZ{ZA8JJYkYRXFEnd+W?Qte(0!@M-P$y{S1DX
z1*9T#9xTFf3pR18r-VC#cp++u1YF8q#w^-cbZI;wvta>_aM{zf1enxdEX>xc;~2m@
zZ(je#+Ig!RaHPbW-ScVQ*2QO#v;j(6bj;WIIbX(QcD(hQDWP=$*JeJ<Kywu``7Dmt
zU-Pog6=3tj+@qDgK8*gL=Rg1X&p5kI*VzX6e)qfI&4+k@JRM(|$4Kn}0GJkNF#xuB
z#Ke^rlZws`o2Y9^Yz_-`TD%EB%we$zRhEkcC;5S6+(IRq1i`#3FjVYEJpH=ft2ybX
z1dRD3B&m_O;1k5GyngChTXV7ojHLgvRDj~S8w*p?Jeb*WYZvlaH^7^>a~w|V-K8t{
zLq{|=7mk{Fp({Ggc<-5Y{L1s5_q_L<9gxo!z+-c-Fa&(nNW_gw+aXAae2X=C6EO+I
zUQ?77SPt35Q(FjDES#z<0a6@V6=<#Q01#str#Gf@%qJoq3~CJ4@y0fOz#GFl%u%62
zMa!Ci!0B==fD3($6~j>H5*NS=7!2Y#Mglmg^zvIfF)*g!Me93fuVe@Zi;6ZMOtst6
zWH-nN@$>I9pJ$orI$HqW^Pcy7>VSA0AWbft6~HFvSc!oEE*}h}q?F`ZXl27}9)>8z
zM|#+0W2JJnLljyeyH$lI8>W4>8L?awumJV$curb7J@T#tfT{-aYhU}?Z63gLz2gW@
z{Z|5Xt$C%&fdWvBQ2rTha<<UJy3!2RO~W)-l202Ji|4%qdC9l`^8xt}&Ps~U65!cq
zeDo0E*<){h$fPW$SW@RzfPiM<CJA7~FYYtpY_E2OEA6&GDBSEN!-P2cKu}z3QTihd
z7=Z&9xCjH()ycwmg*Uzz=A_yqO5o=F1#Z_OsC21nRb!Yt-$5I52^h3diw0KV4GDJK
zIF&bPK5Mde9y--;{pHHdC4gxQH0|1)$K5<XH0!$a3tsSo4}K?*&l2Fd*XOy@(LHB@
z2Xg-l6>^3wk^}>OjSF)yvbBXe+K>Q%kw#3ynIYAxNYzj+G<!!)dKY(-=Ij<?XICv2
zkpi~g#h*EQspi!4!M{szSd+3NTiAwxRBfSNaXEEsO|(z#&8w|O){i*=Z2poe-fgZg
zq${UD+qouhKf3S6J8fwAzYp_2VeIjlZWj2C0FP?E{SfFC^FC0>Vd04G?R&PPDhzHV
zeR;z;&^d%f7z^|rphAmMj!KKvn5vBH^Jqz`w$vG?gq_74g<k;7z5}V4*Rdow+ZGe7
z>iUe@Aaoi*f7CK5rh2Pp>BBtDrB{2kv?0X-*1Xu(Xoo)Tp#pFoewqZJn1r(yz^*IL
zomrc)Pnmh#bP^yRIx{IgQ-F^-=9nKGBE5DxyKc6jSS?Su$_HW=LjpX2eaCfi9;X4f
zmdZpBlh)35oA<ouJsY<QH%N`|73WF%Zg=9oN1RPHe#ErU_FehDg1UxBtCO_?o~kS!
z4IIfBcTfP?oSnyPl|s#ds<rk!^3swt)5>_X0>)Olq@vsP5=gEmz37Em&|6;#Q2_6@
zFuiIDGj}?(*!WBVp0Mb*2EgN|vqQ6KIWPfi;w24I&n6B;i}lu~TRS)og$2MeL2)on
z*0=D4iUTZF-99IF&2hlD10s8BZUBwJEIz`ns=EwTfE^5WfM<X8pN299qRX~n!t(9w
z)+6gIL+3ks1P%uG!pO#{!o+3+xSVz&8#<9*YMvxlz%XaDS=Y5&&ppQBdf^#K@fiX<
zNsX(`WL`20yJ0p;r|l62FjZ@?k_End0hmhVK$y6;N_ZTnwx|GC*a3LNuu!Vp!i=NX
zPn~s75?~7_^j{cMhy~CjI7umPF4pa{_2f{cq62vSEH+QwlVW?tRID%z=>=-rjEWve
zH-@mjc2OE9N39(l9Lu)<R9yq6>k5&IfzzVRWexA<`%8xg$Ncdh|M95@gM5YnkL`Wv
zEa0irc+1463M;n(t=KFgM_{%ESE|VPt}V~lge{090tsk<)Mu$iePISk0Yn3S1@_c)
zb}t|*v1Mm{79OpR*Xl_p{YgUSB3j3Do*d7+<yE&4p}4!bV(6Sk(u)z2;?!!i)StH5
zVIH{`x?&^(K~1*-;b2d{es(^{KMt+#`ob5!@HJ-%@NAE{<Ph_{L-->!&dydaz`3}S
z;{iO!0TI9eF=;y|5Px^$^!7;#3keXdeN@hodhO?K{f#L4ML0z8Moa`Od}?mH?9RSJ
zl?rx#b(FHRj(M+=yxQY6UmkO(I(^!?;l3&Bt%{VF%#>uBNFIPmBn^`tC4u@u$F?ug
zVAg1CD%o{tv)bPhK1BnoX5E>j=Zu>E)w2Y6?j(4?sGi?PTwI5MbxOrJo)cj5&h0WR
z`!TS)3x4)ze|GbP+b~XrmxBdTwbgboa;Dg0Ne%!QTff>OTq)6#Er?W`d<1jpo%F6?
z26CZNYI+TwQiT!9HO<F3Y@_WyyyPla?WF7u1|VZvZ7X#Gu6#h5EW!X}=E}ADM+4iH
ze3re6zUARtM~t~EZhU!|;HZg<-?xJNZ7Q1d4k1q%Tluram~ExW<`mnS0HE_avw3Wa
ztuH2xSZ#kX2_Sj5L!&~3iRugII>)xPpQ(LUKFtA9fZXB=kpfGb^3JPdrhX5$#YuTY
zNix=c^;bBEso7!XCC1NmF+l(`$MWs@D;Qm$KD}CpzJ-87M)cyP1DJ*ccuuVE6(m|~
z<xN7k3!$DqPe*vjnF2f;%x^uNJa-6u<+4`AyCza{p*YPVvU$}zZ+XjGZa0jT69yW)
z;srPoS&b8?Q%$5n{A)~a;96*Vuk;n+%poT$JCxML;cLcf^_ugXlYl@E)Xt~=GdpF=
z^lR<FwQoCb7~#!{398tE9&BhS%KQSfaITH=ju#5*pVaeN%9gbu!CVgZ9ncEM`rGa2
z`pC4q-6TFfy3epH+H+seznc#K?F@cMMd|XNNw5L4t!-&BNdw?YcOiIA22cu-%5>pE
zi{Wqy0em-Us$BTNc9URCQGGZkj8g{Wz>RwYIdDopuJ*Gv9_&;F<a#`H?O1u=2wQwh
z{c;4&d-bN*ZNjbvE<jxujjF_1S2b$u;)4K;DlgV93@uV=K1p!QuH9~<-&baw2T$T-
ze>dj0sptXtEkm%QDrcEQMFNB@ubSNq{01PMc4T;rf=Oq89mknvpn!`&K*Ja&P9;%s
zoETeON)F)kc83%;rP_;a10Zl$=PLWPCPQ+hR&^djM7$CUfFY^0j-8&sZ9kdywMzrD
zit(*6bzaJ`43ukgPSG>ljXtEGP!Jkzs;!rDZKr0Qy)nY6V$Ke$rw{#(o!fb~otXOo
z&%?fcY$o*X;g-YNNM-_EjEgJ=QA(Q?e_9Aa8q@~z``qU~`$>-WKJf}&tF2IoS_VY9
zTOj$)z5%%Lsxkq(GGUIBHi1-9q7<fcRk(_=yB)=vyxXt`oJ>;AW%XCrm^*NVFZy*|
z@AgMyLb1Q`TQd+#ZDNKt6|A*y{Q<V3gK<fIJ2ES_MC;WttR}6GvWe6F!!zd_j+)-=
z=RUx*OY%R@iAOmYA=_<ePy{ScFQ01g(t-ux(r@>@?|nCC%E0Z{LTvr8FYSyZ8ReZV
z5HSHv+Kp8OsSHpX2@to~6k}-HXKfLQv%(w{TT*|n17hAW2C`S11m*Yu$r=$kJIbka
zy|HK->%*+2EGsmigLRbUvPKf=U4Joed2DUFp^b!^ds~Ui$_4NmM_VgeWT(sO&D?K2
z4}jTX;tk-rb;H9?-Zuaop@RU%Apiu7iLaid0d*MX6sO54yGx+t0nWy``n5>v8DY8;
zAuhB?65@^PO*|(ef>hK`ljOL#wz{ji(hij!lUnPjI#s$4fn7&)uz^0i_t$m$C>zxt
zul3GCOi(tj-I3HJ2F3uKNObYr+S_A=cGl3|tV)Myg-!s*<Rz1g9R`Jma7$aQP9sca
zUjNUtpZ)9y?*lv=zHc(bI%y_zDHlcbB)B}UbLC|_mbyc1>e6i>!XyhX#IZOak*2n}
z0FrHLN1=1Yt`*9i2R0B8uv<>6Y{f*Yv%x{(k&^)JT$}%3!BnL_0iI7l`rGF$WT9%E
zSMV2?m*mmDWJde79mA~Nr6~39ywJxh+q-TAFt-vo=5Jh@L4O!x_gJP)8^lQY4%y*M
zRpDUy^P$@*V+OCH0I^B%BqjdET=ahqNOR3$+aSOR;9}e|HU?b*&V_g0t_IJx(xxOj
zt~N<T*EeD+zd4SXI;V67$fSjeH4Ym|8e)K)E1#}6u0Ajc&L;uDr~a)Wf><lY1Hf7w
zN!8V!ra*M#V?>0<Y?yi7@0EJaJn;T81aJXn-mYoaXq)lcu&7-LobGKlZhOOex}Nqq
zqigaha}=;X6TqRz&0g}7m%Qn~+&X!&>GUac;X{TfUi;fd5zs63Tk>NqG^D1rb6%pu
zqmR0#<K2##y-<1siuP>;Ku82EwZ|Frdv$`0p$}~^O8~QPs!`q86?5e*mD2PZp?lmB
z#)-(JGw+@BVMz02qj#!r(*VYz(#xS^O6%Z=$y3Y2+iqJVL4&1oD?R|s{7e2=JCOBR
zJ-PaMK2H%%47-MkdE4l&{b-Hj<_^sNdSLAD_m5=QwQ-v@agc{vJXmM~u+)a{0bGjE
z!f${3+i#02!Qs0>n-J+mWFT?M0PMG%te4|$QbTAURLLrFQJCNpBX&PA;4G3oBSnZC
z$gVZ_`Zh0PBCd6$QH%v3bN<sm{nJh3&@Nu2TCLhT%}am2i~o(~USVx*V4x95pS899
zw>{D&GD`kX*TP0pUA(=fd3TA7{hWVcmbIs%&5t%U=3M&+vq}De2L_C54~QoYK-VcP
zhCqNlIE$jQ;zEn}iUCp&h&D{KEt<;oyRD<74MBjASIK5~2S9g1=zH~Y9nbz}534Gr
zauNLvZ+OF|%DSBe@w#&{J8to9+0|D!$+-?ewR62E_V{GaWv(y_1|Ze0&t#Y@FqtL{
z&B1G*G%ZrPmK_G1>#eukbW#l1_MBnx+Gh?c=oB_ZpJM;8NrLCPSI&Cwb6_~{$Qk5K
zv)IG)(AEr2u6On?J68R-a78<B6ZNDUlO-v_2ShAZYoa}iiu6#eZGbPCLS42wpt~nB
z8RlR<h#RwTOc0};i`AZ+XOf;*tq%k@9<b6J?S*#Ne-0YvF;?LjBD)R{n1aMouNWFI
z#$KI5?Yz28$J%$dqwJeQ%+$>S`cIXwQ9$|e>dEER^<DnGb<Fke7|r#|2PVOBuQ~Yt
ztpHY?!5t+!oUfB?LMgsfLyisNkXjB3pn#~Y#g}%Iv9fUBaZI}J$2f>XB5rVl8*Id{
z81CADvbgpSlZYf4XzgayPhp<1*7=vb*H6U)%!gq}9;tL3kme?pYP>w|?t4y)X}9LY
z+ul^R$#tA3Yvo&@MRwCC<}qJm2XHESEyt!YyLRK89mB8dm}@^Z^S#r7afqHYjsL9+
zv!h8PVwcDOb_s>HaptzC+6`o)>?*F7k<xFr)r7UB#++-LZFOY;b~`1frLD1R{F{X9
z2dGqidzbR|&D9+JUSq@nh?%X&u{I6(M5J!+&Vi#wbCL?Lx}ze85A7;WpaI&DJ`N%c
z=2Zx1?J<k%*P;py=vuZqHH|qln*qG$rS%=7*56$FwV}^1u))uniQT(QRLP7cTjzPK
zr5j0#iPd>vXV*wT5A@`PQg_s-{v<nioZ14Ev?4|iIq@4)kZ$0c6V7f7i_{My#pQvS
z#?iL9rjfGW`4$naYK(q?Q(83pmSkiP^I|cGw)z1^<^ZkC%X+K>v+B#bIfH;s-DbM7
z#c3<F>IQ@A!f0LIVFkF{dn(&G3^MEbH2}Y54jh$UPmQ(sQe}Cq*`5;UEjFn)2$f8V
zyH|;trn2*5ad7*ZIAaJ~b;)J{1q+;y@NBbJw|7LCc50em%(jB-8brf{F=-)S4k5xN
zy{;wM#l-8zg36FNIH|`fLdNRW*}Pg>N<oF0;gM76d=g=obH-cuYo(<yn0dEp&!@Gv
z?)B5Sz>Q&BUko?v`>g}>Y>H3M#IKw*mK|9Qx^s?~60}f6t(ugZ9#?U&fYg2>ixe9o
z2=3)zl-04YOoRAY$uM=3$E|;=tISiSx73w!%+VXyS9s7*_3ShfB6tI~ghR~fc!{3E
zvQ&K1;k^E9>$qb~1*u8xV^|@R;)_Q^U{Kz-ElEs@`Ot7^Vf@m==;7U_i0*7yf$jUM
zmeatQ%N=7p6~L!EnFPlTCAU|}3}DCF6d^0S001BWNkl<Z?_3tkU<KkPYfly;0DGPY
zurUM&gG6eVw;LCddfR-cVtpf&YXD|`0B(bLz*eSA`tqb#pCC<?dN-c$sd(poU%hQ(
zlOzmT+?^>3;GE79FWpqvd28iJ+Swv(WQVQCG1{xxpBl$(G)AEuXUn{3h0I*4Idc=;
z(k`osER>x!J?FsWjrRdAxuG%6FCCfpnnxJG*@lw-sV<WxiR^13lYLA*Af-YDz}Q*W
z`P7!A1HT0o;J4>^C2$~_pYQ7?0oS$Y=2aM&<5=uV^0dK3<(P{gv?)!P6qh3?Nl^*4
zs++#V&(@2<X(mpmHHj<=lX|+mxm#Z)$nLPjG?fjbN7^H;m;KFwblhuaeoi<r(zOq8
zT&c5cY@Ca$0Sr9nyAdj>En8F}KwRh{qN+<4D+5H81}GKXZV2koqS$S!{oqWQNvFb!
zg^Po8rf_=Fp7)>aZ4Hh`DDwwwPnQ*g(jwg_<UEZ)g_0!KWtV+7pKbxIfRc1!2w|0i
z0pR53t<Cs7a)}?pM)y3Co>`K*MsM`0Y`B_{%tFPMK<#$`&-&kfVD26~-NmU|joQS8
z3o_gmhr<k9=`9CL`-=YUXrN|1dx}I>-7zqZMi9iMt`HDmWr`$4*ehdlM7mAWxaEu2
z#bK&4TqL9T*SyjK`bwSQ^43~HKYM6=cCyfm<P@e@Z}E5IVMxq?k$cWnJ2cp1D%uzr
zl4g<{$a!i<i%7!y%~5DpWy*Zf*&6iKhCPf`B#<^r>#h!@cGfZUIoShMPG4;n0yw!!
zQ892e+MJv`&;ZwQd!|g%A7n^Hl3t6&B)n#mAvqHBYObCM-L01%TUd(G;;Y$a57Q9&
z2oZ%uSO>{6R+|dq?mo>mb>7q2t*7lkuIr}jd=q1|i4b$94!c9Y+gVesJ&6x}&=Zr}
zj96~kTrs`zyPZ}a&YL?xi{<mq&AW&tM>x}y9S;0V=#2lx1M@Jm)8>Lh<L*j(0lZ4E
z#UXylf$VfP&GELkTHG)E!Y^z|cpM8X1VF5uCku3rjViIh>nyy{M_zC9%VW<evM8W<
z=fUnCJ@jplYRFkCtSTp5Y@VI9mU7{(v$}R=OOh=cMN82>ZFa}JUbIP%dqPhsS85tV
z7~i!#Z0&ZHpN%nTgyQ-VIpI(gP*?=SqL$+H)!{<p8SAtIvjg%=L!?V(Ka$2X0vMN*
z!kjQf$q~!=m!dN`skAWX*rU>L)nc=8)R(p<=(Dn9-f@fDs5dWTdY47Q<^87C0gO;y
zg*m<l7=XGhBqFtz5)aukb0JxX-`@~m4%=q60Um&XFQJnoWo@Npts5Pva}3GJ@^}bp
zJWW(+mq)*ba%qC%^fWH!Nky;WTw&~de)+)M;C;$;eucuM)GrW{l2mjzTIo0^YYnf8
zA!8PRsmhSbo<8Rs5cGu@z9Swl69Z9aNoy)-m15Tvvs)BSEumt*#!0P}4lIQk(bgRp
zZ9qVH*Qb7sjak=yT5W*n86L(G{_raRU2U6$RvtwsbScJ16Dpc{Y7<{(!~7B+b5EP(
z3%S-DauzXzSILzGAbjTf&$GcN57Dj}Cr5;`JO(tuoGcujnrna@AMGkz<-y`?TX>u^
zX)gp?A8`+m>bKIA5jmi<pKC1GZU&54nXVlW#lwYT#lj^%B6=J7sYkCEDs7a{v8q6Q
zq74t29R;qrSFks><9Xd>*_bNKj-gx&VCx20xqX0U?y~>w<|wg}k5dky<4Lf&o8vAQ
ze=-Sv>m0aIJ04OiWrhM+$7OdG4%xqbqZqL;rY$b|;~9G-u*p{e!Z4%*aY+thb^|q4
zSmGofAe$2iIU0yv65n^{NftsQQc{uB7uGet`Q{;Kr;UwJ>)y2JVqI0PL;-Di?Qs;w
z24LzmP1rxeSf_NQ+O_#%GV^Zt2Gdf83ey>{jq_y_&8x`8Jfr<8*}L@STMzu=FaF}o
zrtzH+K7wSgR>vj-UQ!`-R-m2ple);J`4r>1okbXgYby*;$32`IFs0|j&IlKC73w63
z#wgrDKwi3c8X`4qZrLkDwCHRWhF$M;j4|8DU@oprg-7fjNg=Ee!m!VFTDAe9e=kky
z0p>07Lrr5|J6eF8%B_ywzUc}NfNSGnAt8atRFup~2;h~v-{JG}19Law(`PXcN`fs!
z#}PGqTIR&@xJTQFnEr2Jx$1!eGz-j0G7%vZfJ=f@5GU=<S*TZ%mGs7`ev6mwxFE$X
z5WoOhiw#La1p<Ba%GQ;@@mT^zyHq(M8^<|e4@v5&eh6=#)?!Z1`3*ca-#R&3;%zoq
zA|zV1%d@SuXx)A<43|%lR<W*pk<6LC%qwhm{?mUyFoXV^Y5X4pB7l?PoTxb8;Cb4q
zhwN9LU=^t~nU4S#sPN#t1#nDU(@uU)htLTT?CT;GF`IVT#+)V#(jKvJzeQSL`>+wY
zqDV=L2vQ-#+$*S;SFR4te;{$~`p}0z%`{(Thh}QGNqedKYua{$?Dj`(rbxWcne1LH
z<62+Rscn^}Y69i$%iWi4w07@oZ(1!cd{+p1oK)pK=HT;lNK&;3k)dBhpg3i%B-Peu
z6`xdj^<2j#-rEd7U7H|VNph9aN?B5KBsgZsjuz+xIB64Vv{^n0CK1`IY;NkWXHS)R
z%LZdAfa!z7<ap1vMtGnDb{><kNu{}og8>}F0*75TrqBp2t67^5J1h)zzP|v-xh)G;
z1}+~cNo^NRA>*3l$O%n?Ge>jnuZn|jG~m8*-iI|<cB{_fdb&T=Q<#(r&BHBKnNwnc
z`r}-X2I>yC2VN#1iT3G_uJkwCi8ex&_|JAbr{59|Vr<`&#KOChE|_xnaP5s5fb9C7
zsbLKmPng5T`gERJ^%gVt^qd#J_{H0NNVk65y5kdL0?vBZD4|rNF+>Tj7fSUkl04zH
zn33eCQGpiddD=02kxO3qjv2l(zi)qFoS*9q!CpNVA8|0CI!~f?Rx#Z1!l>-nnmR02
zTeU*zzL<v%<EW6-9<7v<N6p#!fZN5;7LW;9r5EAYGiguXQ(F<EJyn<nakK$ePnO55
z;#j`{B9x)hfr+WRrKOGZ>@Vl2?3FncT>z~=w$v}_E;Otz&KU!+`RJ>CUfS(4PaBQB
zD~4nm(?m%r23!*$a7g1iJ~a5)w7rXB!&T<u7Y*TVo&+S7Yvv?-n<`lc$OFy>7o)Br
zP012t=mRkk(1QCHu}p#M+=Qkd4wrc(y`>b3e@Oy>@)gY8+_XcS7>foee$VkiRIl>E
z{qZw^fY76x^rwy3)jBXIrqo}KlJR@SW_8`tjm5$kTI9eK&=ft<z&tUjidddIu(~cM
zvxH9?EHjyZ67%m04R4%w_n@MsDgXPNyieJa04_6?j!#|WNteusxN9h7q9r~GLG)vC
zh(dDOuOx)1ecM)xHxV-Rp9day`xJBLK^HERtT8{|0fxAFwG~N9_2uYctiYvm{m$Vc
z#jk$#t2arfbx5dnBsHXz!)Hv_ns+w14S+q5gW5;494gn8m(Tl0v$Re*`GXTlX{rP%
zI_+xMFC2zBW~-%*6hCn~dBVI8$qpk%5}a48qdaC4%zoz0k&>99$&^G$I`wM|=W#Q8
zCxjwtYv|&<1;(9ap-dk5?R1cLj!<!Uj$nCmeP#a<rNlv@T(&K*c1>{PQ<w+!Uiz}9
z{ge+dpAsBB4QLH1tr_stG>5Jt$?7aJO&G=a?S120V35pZSh&vmqEU2B2nNgF9&_^e
z4dAIL-F-TF_FQmyKp=K%c~!Y37>X6Ot4w85Yr-RYg21c#?OLiz*g)m=2Un@m)p2mG
zeyP?Z8$kivBmZlooq4!Em1T|9l*^En5NKBlVzt4o)N5OJR>sv=&lahF>*VNhuzV-I
zoXJc}IR^7maOm07?Ii;shf9S?RDr3gyRStb<2AP;i)gvx0iyx<ZnOXE#Q}Vc8RT6<
zq{|0T9FcRCbmg|^kZEU87F7DMNyPmJClwH>puOjMkm58!ac*3jwjeDyx*dnWEkx>C
zz_#-w-#|a+)^n{=otPz$6tRK5vtOHJr1G<i`Zix$2Xj`;uzt=S2{cYcnS-Md^kAB7
zDJ}<HZd?9Zg^E8>@~C`6IsX;l1aK8N*zEEKU!QBPHUNKi{|^5t2%IzvxOMh2Z_Pyq
zgPt>%)VQWi;;D9%TywmudPne5n)>2MNo=(DIp(pjHPMmn?U4)|6OzL|re1UADqCho
z^i$2%cYWuD8m~HRiILQMAh!vx$1wVhA=<_RAk3C}FNJITA^^wu0{(bJyY@Y!qY%se
z$olBD&d+!40)NdkhLz9VxPLa~$lGqdRGm#u`T;|f->+z%!A^Q|yi#q2G-Xy+Y0Vb4
z$R@LXCe<cx(Npx;Jn9x@ybAASb@H4`TJ#4R0o=Hl$9%F^#qj~`oMRC`Nhz67Za68{
zzDF_$k-FE)T%GeNe4<`^*jw7Haq=Z{(nz`Xm{nUQhl=Kj=LZ!DSXa@*8PT!?PjT_I
z`DYV_JnP#49tpnO4F2(vy36GmHmSh$JBK9uoH|C#m7r^g)T9dJvmZ$ZNw@pM-ld4X
zvm^Uz(zPTQA-s!ayVticN}oA+Ic_bS)V1$88=uLsuGPDav0DfAUSgy|NQDUuMuPQ`
zca4EpHHz5AaxE{M)3^S^i$2(4-gJIJYg%o2%$iS=hFfg#XJ@D%pK8_i7jfVA7^Me4
z_`xrk3+|G4)+E#I>H9bvks2UrZ6Oh6wZDj;YS!KYx{lgXi~xd{F-o4e4p`cEw|x7a
zc(!Y4FsE;I@G8IgtW0Q}Oix5BwvTz6Yva>y^-<-^HJB{hS!V0t9D4ScCXl@0RGK$G
zLLVfV9p^aiN`0H1PLqWRx@LA-YvJe4oW5XU_Fo%^Z`%!UFu=!7<0lVs4?Wmp(@6jq
z_pTvOgQYGaTGE@nE>RL!Mtsi8n29a_yGm6hv7}ML0k}9FLE3PhI!k)jFb$Y~=ZIBu
zs}xw2fFLVlrVUmm)+V)#*?M4#dFB1CIe_}i!~vL-Wu30+Z{~rGSu00Y&NQF?0~sSE
zshOip<j%+OY^;Adf1LeaGrivi@IxN*kQ)sUFPz3l1kl0Bio8x8rj{d|LC*--><~gF
zIgXXejL@nrxI3>gi2`2ElVj_)({4L$pI2HXCoiHGss&Ka5Q!_bx|*5H#~RloW=>}g
zA7Fsg?hO4JE4p<}3=ZJ_H&`De7=YgT%CpCWY`yC^UL49cG^}dcdYboqethux#rdb0
zcb*}@B$}F@4(^;PNF}YYrHKI{PF>aTsx|_4?W>!p3t>w4A&AX)3Jj^BY*8E9D<2kf
za%@PEK4OZ1i6H_w&5`=`yUpvq=ai9VFY8FM^|{{sZGJgoK#}0^iAEJTRtK~7075_g
zhcYu{Ex<ka53t(FX&#uMzsg-z^xE%koiCm{NbVN6|BH%tU;w_;bo$cagad^h-BMw}
z2ghb{>l%(EMNKA;JZ6alfkHYXHh|p?q0j7Z+he+O9uW~2QT@d`?oJcr@HMBT7_q#Q
z;?+(YJ76kKWP2mj3U-cX`EK(9j?XnLTy1a~uKp!=WVG}}GTCn+_W1t7otU!cdbBZM
zr;hgp!F;Fh)8>8j>tFx+H+)BcM@?UBCijK`@~G5N1j-Iq*+_zOtXAiw&?dXR#&Jnm
zxom}hd1)%i;$2&~R9cdK+AU;r!2DK_;Js=S5d$|6S4mDHbFONWlvgeDX^v&8R&`w*
z>YO)i2Hb;V_K3Wue#`i&h0A7HPj?tfx%RJWdHp$??b!<8m@EO>)c{Tyjdq8*#y_L&
zzs~TH{>L7B>^-NGXH5qe%ZSI-g;06cEqL|plHhfb<!o!`I(-0Dc;p2r_tLiK2mt||
z8Z#G!>^WCrMirU$){cGKGXN#gK36rohA`T9J_ahB%k<=Ut^KtQpMhAv5x#TT-y9>k
zXnA-hhc=?#tpnI;hQc(zt*@MP0<*@xL(6}f_dRB>*UMIL&rn4>_@D<p=qjU@UpN!G
zMO>aYOnUNc4|XI<Tatjh*6eU0QSqjJ5nX7+gO<l74L0XhK>{Ywdwha%5u^K-x<#d&
z?!hJ@TN>d@#sJFO+%g}lSDJcFvIENTiVc{d>RVbP$*Qk}A);rRXep^#v2gbvwbe(P
zvT3f50jd|LRhrX|`A(YS_ny+}XU-PD8vW*P{^rAkOtX+pic`ZDmGcw$oy*2%@3Ixn
zn>eDBo$|@q@N8*n){}NHhCS5PWnI&QJi9%GYNpEiOMtegl)sL%^Y&vfjI}y|dACVl
zlF?eTyMe+^w+D-gwbq`a5ul}5i^27oY0{>#sAt=Eth0Ss)=x_H+in@x0GN$#(?I62
zaA~I<?mL?Yo_R31XDY!?Jo1r`yutwW=L5=-78}Qqq5y7Tox{mJ>MuLCs`P+H2&&ml
z;_UClZQGsi`kVi2+U#&nRyM8&nI^p!Y%XbpY;erxxOuMqB(1ANWsl1jN4P>a{Q`nY
zm8C-P9%SAvFag_V&K=^fwcIp}^;J{WAN$*rhR~qulYXo*4W_Sy0iHhJI&E$_Ie~Be
zuhBuT@A%htkA3W8Z$1ls%?x^2PDM7N^kr#Bi&+8AHfvW3u+$reN{JA`NTWSiis^{@
z_{Tqf|6!o1KtKVQ=e+*iTi{g_%}Xv(Lakwt-W3?M-?)31){F^DWttZdX(IL?vsOXU
z7u9MlJ;83>IFP-jt$cSbQ`R^=2~XM*z!Eq8)AuUzq}iN%q;dJ^#kPN8)^PNgx4$|g
zaKEDjcfpgM^rYV(@a{hoJ*4zughwC}0Nm1$R2iUFJ6D>`r)rGKkxUNNY#S=)!p&Gh
zhvSbwej{%7u^5+%W~UH*w_{-=a#CTwYqrf?fq{TM>?HFNL%23|YToA5KY8~c(UVR(
zY1<&zUkXT!*nwhx{r5!X#~hMk-y5e2U9r0BZ93GKIa-sxx*0wH#HT(gN?1qz&)mN;
z-=8`(d9-2AHNcO1+~aOM3wYslc8w%st@vc4a<EDmtPWVJ)MQnRZg;!eZ4zl?-78=D
z%59P2S$64Bk9yQ*n-Atz_71>hbXGqg28+OJ2$K|7I4@>Sl>?Y0^<=%C1=4-M{v*k4
zCWTF^MfQ`iqy4|HwPFyjwZvzvRZEmt0IrOkaog-qMN`$*ZBFH(%L8bK2C44>_-_V}
zyADnEvsUL=MR&nt9`l&vhiFeosv>BB*KSQTBpGXBz_B*0rEYo8z{RDK9QVHWy|;{3
zHc{Us4WM$*-5T2d;Z$wya+Z?d08TyU=p^xZ#Q^RJwcREQ8~~qq;)(lrO*m%zs|Us;
zStUzif|5b0=QVMI1_16+iPUeK_c4q<5)x}M|NM=dubmV>d>pgiJu}Je_;<9yHG1@;
zAARW=?4$wf#%m0jr<zSGX0`~NoD@@02+8)6QYxuO|GG~Hz&Mq3_qYRFTdGZ`im7r^
zj1c-yVpnEpPWcL}c}TsLxJVU}T6VXG%#?1_KNY<KtUu~oc&EQS-(vr~_8g+}2hj*k
z+J{DhX)^0qD(t55;&MI#ko(v1U2gvL>FX7v{q8!`JJbISK1Tp+JYMz9=i~W9lpiXT
zNTO3ctHb4*o<c)1N}LBemDCO3K*On|h;;B+IU?*euiS!-q0*u)DK2y5cxo#zInO#T
zy2Yk>Qk%^Mp-F9?Gf;fjpTBqqaC@r(iXkLqFfyqs?`)o~$!`FTe%2JJx!5#7imjL0
z&5H(PoAxmq@7)+Zjh7@3$RC(7?mbznGj*(1sXkj0?1Cpg@rj2_V&Pv6asC6ZItQy*
zuj~)vbT5y%vE%>%sUizj`?YA2h+xz;^$T#e4ZxV9KZfpUuo4^nuY>;doy11iek1Y<
za21!57(UA#_i&jtRcQ?*M!wq{!<nD?_Tci&PlXsX$+0V9XouvQo3=KN7A<Ao>m!DZ
zfk9=tFgQ8^c(-r*8)KS|oxiz#+F7aQb1cCwc*G+fak=@>`Mryc<5FA=2-|PGskyec
zS~w7?AdBm1=%kSf#KB1eNujE{cNiB-EacTv?-)hjdC*C5<;68#Oud%}&c5}#tXqYE
zHV>LV>Ehkn@NR9@YJ1{O**R<K4nzQJ=NzW$xhAU$H<pM2$Q4g|EV9BycUKq(lcL*v
zo<7X=)X{wZdfwl%PiNzGwk3G&>tPRj*gJ=_Zh*iN75$TSDMk~-=?H`os2-lE@1zoE
z0*(Eh$IkEnNftYZK(!%R00BCtaUEbtdsU<yn{2JIIbcbU^Levrmo=2jMg~USu<H<g
zsx#X>ou@vFy}MD36sO{SmTJUgZM*de)Y79q(G4San~XV=QnncFm?nLRwb5_r@Uo%z
z|29u?KilBK>|6nS+;PVpJ(Bf|;lLx<lJ2B4NgU{&8)^lS^G?}Z?Xs(`vzYm}%#DD~
z;c84_aRBwXsy}VK5zoSVE@kP-9II~W08)O!8mCttEEAUv#ZaqLWGyOI)TTDZ1G0J1
zEICdX8))s@(g$;rCUMR+`q+p*^TNb!-EpjfL;i?9^bg!IW$&Fnjv0U8ZD&Jhzpcr+
z0(kx*{Lm>1++|$-7mU;$1{4z2pF0B%_j^&t>=%G7ipoMHIcN6gMK5~Mwja182;w{5
zV+BctW2stwu356|V0)T#aPq8anO(kie^*F1jO8~J-W7l9i<)Itti_8a!L&3?WlccQ
z7=W~1*OP3vwSPhD$pg-Ll>pL*r~0WZc@<goXr;ovq3tQdXm=P*^5%02?zxuW2AWXk
z{xh*BPb_;m0G51c`-z2<N|J#yIZ*aM<4%taMzq3^vSSurCXD)8|0^jc24}C?GT)0m
zQ_*FOR)7PrFlbjt-7iA;jTv~W-Rq0+Oa}>M8mtjWfD!hUfbp4^ZoNIq5kq&oYH3KO
zii#EzGF7f?ydG|jk>>bkMi_qm8P9me%g+tC=NaH9Kl#arPrC6D;|2cq5cJ|b^P)el
zKnPMxVmU_CntfMn4+8W*LO`YtE6!tt@~!>tOqrcHJ4vooSNqbD<-bc8<~3I`Tx-8;
z_*5E{Ho}y~_w+ps<bkRrTN@x@R{bfI0KOWxxm8dRF?74BV<j#yjhq00^HXRH61;mp
z<=1CT4;mqQwm-PKNC0loscrt&eE)60^fWgF2QItCQK7<kjna@*6UU5q>b!G3nKkuH
zTG=tcB*}q^P$g2R?`-Ls#mckRwvevtQ}L<IHID8cV&Ia#ZVV@(?6Gmp5p(8fnY$Oi
zf#x8EfG=NQy-Zb`=e0F&;P%(<`U7zP{yh?WuRr>uKYHG|1-9$Xl?^_lL1!!IV@HDj
z&3s<of;d+IvRfbLBOG;&xQY!5`)n_@*Wa>QG*7Zj6~bcx*YvMs2$!l$Doa?9#0nzi
zqsx^i@u}tPFQ&)?rxx3*%wfcksdbV|3;Df1oSdXHPr#I+vKDHcM#2a^8iKQAF8#w9
za4~y-?cTqp4Lv?LV?Fk1PkY+$&z!$?JLh?Loo@h-8oK1D;QP(PuYcG72LplRis5i2
z2c;0iT?`L@_`~-f8rq|DsU`&oDvuhc(s4F|#r55FSN%6tTNqN}B^ABafJ>RKl3bpf
z>LjJK32@rKr7fT_oxj%s5+(x>)eSfd?2|fo9LPNxhm(kjoiAsA`Kj*0OY7h5&OCLh
zO7|Z|dd2)b?6)3ccOGBo8^F!u5C8BFZ#VYk_hzEk9yND>%I+qy9$$!aAMk(&Y$^)_
z^auua?1U3e*g&3bL)(*V07YFYN|4H)H=R?q#;-sLVA9A|=6zGsn4_EI%Bed~yR`iW
zp)r)Ujxjqns+*^pbqOBxIOdpRHjkPQLAtAeamW-^FoSBDYt6SBF<SL^LzrRrDCM`!
z93MQwagIZw@5BS=JHWH31EXGUI?loG%%X0CQ0l%2gS&Z{91PAD;>h)q3=UecAYw>Y
zdfs#n5GLqJJdRZz(r>oSSb%hWRiwhD9Jm!={a`9U1~4r`J(EV}L5L?_b$<TrasOdz
zK%8fcZFaY$i?P~TBudbSL{2sAd;xPdAHPR>zcCE-ykYt$O;P84=TTt)m&?z0fY%Xz
z<2QcezYX_3Wb)#Nl-47~Y#2Lj%Z_rK+a?P+k~pe))cxj!q=vJBNorXoz>+9L*A}6>
zS-kRKIq~+3l>q}HP<mDuRV<m(V-=}qOpxi&FFW5&WEfUu%s9o@r9HdTzhZu6KW%qT
z*w=;@$B(o5JLiYJJtOA0Kmk@}9MAB$c|U3->MHGQKwKdP70liOj)OwQRs2VIc8W7r
zB?$<KSB1v$3go1v8?Q?j0;VL#8YWfsL2%9!+sj7wHv?2MZBy2a+29b;3i$x$!2FnZ
z&%Eju7#hVoig%0cX%@^hHu>~n&JPYl{`+}9dsO_H?#MW=5`BRJyqnx1BL%mf1^?ee
z*c;$pVAwXwk)obSE4z%~R54;B5Gmr2QG@NqL^P61a`e@41g{97jpGQKx7?1(iVN*^
z0&x4H`g;Mzc<rfcnJiv%d39@I=kx42O6JRvEZ5vNCd`!=ZhhXEd_3k8$B}!?<mcah
zUI9F->n{v|w>gY7Tz)wFakIet4sotLQgR3h6-FUW9(EhNBNDaC38^U0Imw3kY$IFF
zR;kTu!qt8&*9A1dc2%0qbMEo}`~&mC9KgkJ6)uweY$@<KVUD{VQ+ibwZ>(Kn<Qv1N
zCl5nBbuw5_edt3UdajcfX9end{z3z|L5CneGoU<hZ0<25!Iu#K_4vQ?$`P;x1nKl*
zXQ{jXu#)5<UJpf~8hdsmDf7x(4xDU!ArT4YBvH>vDW=knNvK$_uY>1jp4saDJj1a<
zGh^=N@wvJ7Y4iP=g3-+900091Nkl<Z!!X}UZeK{R3mxFrH6G~o2aspYf{)~cWGj=(
zyyuehYjUINOtCJhrvBJYX+e^O$i=%cj6N|0TM7Zx0xSIx<MtqzZa+1@bqiAepGc+a
zv#ePf27s9h{Ts8i>23`#oogO6cK1^k5~kla%tZ#US&VJI>=5mkA@~D^2sfPfb{7Rg
zX6LlaZgzj{dM=^^LTJT#6I-r@gxctf8ZG(KQ)(T{%df;3Q*fNBP{nlm0VK^*Cd|2*
zaZZ1AnB+Ax?$bvzyl8%3U{2IoG0jB^@S?V_K7_jcNY|r>aM#O`%4q>se>u}lY^hEJ
zE`b0HPESvDt+u-sC{oG79=0F2snXPXQcC5s$vj^Y?iB;HZ!3>|ca49rdF{Oak7@d*
zi5@<8RsdYk=f5ieUVuJ)h<dN#{zne?Ut@@OrIFf05wk@8`drHF>beP#v<qJ(QrsT0
zKJx<zoFQ>5=dPR9N`mBZ1I?IXaPc`G0b}&iPX+loe%dhIXJ!uXo$LP7sQgz=yR+Qw
zctHcZKi3OupmQ?LY$&++ge<ohkdGc>-gXFo)PQywajCc&u`4X(xhB!1jwJf@$6V|(
zkhN17kX56iIacMfdGPJ#C`*?2P9xZtl?1nr8SiuB1H5h+=GEhjy>5I7A<ua(4xAG@
zot?JdRT6w=6P`WD-#5<FJ*MP#-;t1;4M-O&TLo<30gD9kvN>G+0kyj*fGn0(o+RPa
zypo<*UbgEwSMAEwuF8*0+b-1k%3SjDY4e<E|0g}k=IjvqqH6O!0q{zk+1dF6W7}>z
zl6I2;`N(<y&;WeZ0pO~mHV>EVkOt)#+3w1A%O_LKyk|C5Y}^0#w%ZZIw7+}C^RHT;
z8nf`J(Hb8gTm6=i;5QEFZy&}0^7qW^dk)~0vXgPT)DZoOBZXHOTYaSg{c0m!*P0sZ
z5u>87H6HA>#zDH~NcQ&6ZjvA*k?q~pi9bIk;N*FKZ2CQU+MGOnePqskdcL1J%y8<2
iV1Iu>rV=k`PWhks6?JUAx1U7-0000<MNUMnLSTZXjnH2J

literal 0
HcmV?d00001

diff --git a/site/themes/pinniped/static/img/margo-crawford.png b/site/themes/pinniped/static/img/margo-crawford.png
deleted file mode 100644
index 6268f764a9a2e3125b471fb4fb37767bf9596c51..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 37975
zcmY(q19T?Avj_TxyD>KQ#<p$Swr$(y7u&X-jcsgf+fLs8@4fHd_j*oG)znn|s(a>4
zpQ-NZ2zgmCIA|<r0000dAug==kGlV-{)GH@<}hZR|3^Ta6vYGqHPbk!|1N?})Fn)1
zWB`=^_@4j>5M%(@e^mY*01zwy#DDPsfFua^|MH3;<o}}s3IK#z0Kor8NAn;3PZ9rD
z|5^VJ1<M2ZKg2xH|J8QS1N%SzKW6WL*)RVQD0^`YCjbEE*MBMqAR`OoADV`RvbwXn
zj5Mc_oeiylv7Mm_t-Fo=f2;u9?wtQv8xv;(0(Tp0TPIF;9>V|9;QYt`M@&aZ@Lwv<
zRy>62GV%mMc8(?lEVRtD^n|?71Ox=!j>e{(io&A*WB%`ohtS;F*`AY*&dtq@){TkQ
z&e4pHfrEpCj-HW@k&)(~291-4t+RnUjja>We}nwLIKn1QMvfNt&K7pI1pmP`Ftl@V
z<{>2fkE8!B|J_b!3)BDeWb5=l-TK!-y8qmvW1yv{`(NyTrriILa>_YcnEdnnAADX0
z?*G#K|H=Nx4>#R^od16s^WQ!FFX_Lo@<Mad{qJMrg_iCo(*OYY0TRLj%I+YO-9OR}
z%^Z%j$c}kSou&;+I!pf*vSS5!aY07ppV1&eA>CHijb632_+Be`I5oKwZ+o48qiDvA
z!PN!De?rKo<w?vREb?SK$(9a`-F}^IC$2m-u(Dz}9i5&!&wp3eR&05mSJ%qi-TN^`
zIco~jntD{0<KMc{n3%X6MhF+kGR~j4dYw<ANvW`A(=u@3w3{|^kRe4JWk{3O4jDF^
zHAvL2PDVJ7H<{L}r`V{zSFD;siT=99bmHVPZPpCUa&_`!%)~uA>tG){FaEx@!sB!v
zU0Yl<rlg{h!sl=#zK`?!zJKUGJwBcK_<WvUUA2fBGAya7sTth<_OR8--o}z{*04^=
zM(Z?6HEzsg8dG)=RfO-x=-ebytyE!5k5<26ozqE(9f>LJ`<o~^G<3CdtP!Pe@4%UT
z0h1uiNI{A>KsR{WAW4lBN2XXlx3SUJY)<}`GGyr6SvTvp|8l!OF`U$WzdeA!XN`}A
zHLly`&hYx|_jP~wIFlWKjfI5+2Ii~!=0~e;U?38-YRv(ZFuUpl?PO36Suz~>rIRR0
zMv@+_pK48-$x@mP-+JS<-!aLWDe;mjODsb=mQm#$RoV!3(N@e7rDm2*tHzonYxXOm
zEv?a_M>b;pvSm<-!YRdU4B<eM8tagVg2d!&tY7duUCPd_x8qrU<krr6KRv(=?)7Cq
zZk>{9|H$j=HRf^i;fn4no9`P3vuz<%fdvQacWp;UJ2Q^dh8auocBX9c({6GPGhXO#
zh(Z$@Q>lJSS8>kl24hAFDKs!cZwJn<z};w*X0FF)ObId#Ctu_Gw7;+t1AQ7y3fsnL
ztrJEc)W{Lx$=l~b+1#`_;bt_dR%^$1MTK*9oGqKXb?MZqjqL6hHf}iDUiXWuO1tVW
zud%~$+kSi4+iA<_ho9+my59W_HtS@5wA>jVPuHGC90(dK+X1`v=^OnOJ|QBHdJ<+b
zE7Yd<`+qNO8^;c$PHD0ui-|L(8zU{oINfpZNh?<;`x{RzKcqvqPe}XzlJXje_GoUi
zVYMu^vna1$s$Qj{ZEXET?4V%ONEwiJKSny+IxyeTT22_ls7;O$-5YCPO-@@ilpQiu
zVAX!RdRxmFnQ_tUeF_ufeLS2n%iWw9V7$h9{##F^x;61;tJOQ2`}+N@3wh)MH((gJ
z4{7iC9=VmNCGXO2TA$0DK8641Cj<s@5`)Pv3nkX#^B9I~>a?lgRB=k90}UMpmRJiO
z%5%4CcX~*rxD~FOT;D0QU8e0awsXJJroWRK+**DqM~#?tEf^d)=lAE#6#BSEB#oGj
zW0noCU9M*Ac=cUAyN;A?O&MvqdgJPs%b-z1Pjm9*-e+e+*I6e$Pa9s3CJ6Yv1=n0&
z7k?Sf6Nv7v8<xM}>DDau^zK{+Qh>}|Gr3w05szN74M$*k>dPtC6K7a>=~HVOR+Sl=
zIs$w*=G}3(%%1oIeIKFRQ!~pkuUBR)Ra;yCq;OBtq=~^!VSni>FlL56-5oc{-vpr-
zZ}j)C(6*9z<9ceg?(RTK#>XWI!-ja-Itg4eS$Npl6Y+2}5yKW7`YaoH-1f)sQ>Syk
zj_6K4|FtvgEr@T_G}renT=#wE;Yrs0BfYBx6JUakal*(SKBDAXIdS<Cy=u8`r3!8}
zkCD~Kfm?<Btu9SPRf87>7b9OWOl*D6!#A55;a{CAFsOkuXxM@s>b^ohT-!!BW9m-S
zIZU6yn`2LB$qu)oao2?TuKB<R>daZ3&r1Z)>feL#X-1~W1u&D6QlOxiOih7falG0v
zfdc0~((aW@IZ8deSVwO#Sqj0dT~BgRuf~OVh1hO)e&Q+>6NCKrhkJsQ%W;1_oZ*_z
z){^|H8n4Vv4gir)#KOSnYnxsxDCp<=eaBM~1$81}Ne+H(kDp}l^O2P$>uAK~dq1<+
zO$qGO2lkqHs2(C(CNI|m4=;6iqXP*AXc7!Qh2Q~)Hz0+$xzfvOq|exL%RPMU4%ZFi
z(o|%`U_@jg{Or+<u}y51&%!FKN|<-HGv0uLdMwF}moV?xoA$RTB&3}*+REWC|BI>?
zBMS8HC5KmP3TW;3ksZ%VwHIF3;qw*uOSyp$=3dKEu-SL_#2ee|of%>QDsB|vxV3=8
zK&cP!w+iS@VY)M;lx57W1gm@<P4Ya%5QZg)ZDd-^&<Fs9ZrBjJcZZMV<}D0MSg2x*
z-haXZJ@Z#>Q#ymDYQb%p`X#9b2t-(U$kKa#e7{8li0;%qu?H>~q`{~gNb1p<8ysF~
zRl{mk;`xjL)3Cr_QcR4j#GXG$V>9<s)GdUEDj*i-lu5DGHi-kKX}OsTG$Ss>Hc}H(
z_0p8dk4J|*8StgGx?Jzga_1yv4s_b?+ABxf4^MU$`ZD_5y#cZ3l9E>2P3u#+M%Qn7
zh<olfkn|xO^TC7QF#Rf2YY-P{^zij-_GA@W`)-yOD51+Uo=RY4$4a%5#K}N?cH)7;
z&4xOZ-Fnko4;;lrJ#yJ7Eln#nafv*CO*DBEqhEjh)z7D`i$HvOz;$hgK2g0-j~wjz
zm~veLRMl3DElpFp|IF~Ol3ulT;3Ov}tF-&tNWYXXs;Y`7!l4>5>GW*S=&*Sem$vGu
zs-<KjGNk7xD3m3Y$yFWA;QBn)%4&1HT4xv7=uUh*EXdW8dHE3W9j^CEgxlKKH1|&M
zC#SM~E81IJK`k!`0KrreITk38X?~+zEBGzRXAZ}^W?~^6WGD-%zh)6@-x2v*2V0?S
z6l_V-WB`Z*9E;fL@PpQjC$>z>tIHFx**pi~xKx00FM}**=x83gnaXNQ;@AAS!iEYC
zZ3LXm_+XQ`s+q!53}DKqUJSa?-;d4zhWn{=iiu+UH}3QH)!0;8<e$v+hZFYOK<kQa
zVjdr#hPFCtKKECd)efgdV?_lEyKRD9{mH$9EheI*@{WGaa*A?JL~ZS>E8q9dxO#=&
zlG@0G%Q)`4Q9k|4hhx6e%hIbqVeq()6%NhRWi^(biKwrX`73_{N$Qi6VH%7_BQlN`
zm7M>ej2#`a0~j%kJ!LQOx&{-GdeI9&ueJ5u@uCHm?vGN{NLEghV@pWe?{|K4)H!j*
z=Ju<jQBYCF|7>^kbQKN6NJR%WH?wrvt5{lE6_-@xtWYL2^kdz6K^K*kNova?)FvQP
zf&b_n2}jB^K&*G#yx|UmQ?7PtwB_Ff&yc-vEk#N3AV!gt;Lb|?Wv82B)^p!6IbAcB
zo`mipn*@s>Gj@3XxmVwDxL0gz#hleJEi*$pu!|Z-k@;~3Blmfl#GS7ZQwg{rV>#jT
z{g7J<y6$<m9igi2Lf#h{|6WhHJN^(UxpZw^`YAMKJPvtoOsz~kElM(39?<+W3D7=5
zKZ<^Cd7c%}&{QV@ufZ~r2I7>F#H{SIN~Rsk3%fGg0q^>eyC`klJ*m-B>+2nE-yDCg
z6D~O2H>5;ItREqgiH0YE?xc{UNbjgvllHrev{Z|R>p{^@938o0V&0C9E|wi6sxeuZ
zv~57jRflUU{n^_iyrv_9ATXD~{!>hVT>=WQ%kL>6mHTCiY>}R$neq_`nx3A0c<hRa
zla&l!{(FaQLj1c)yWLae>`cm<wv>yf7jY8O(UJFd5k0PHWqFae?RYs(x+1|Z!}(Z_
z?r8xB!~K40@cLs{to0amsrPiUo)r>Wr+(}f!iy1;>G=2%tDOoOR7Fl@U~dY8jw-*|
zW3|<*lKW-Hrb<CjHoJ{5Wau?`g@l`(2$duxZ>g<{nl3>OyQrf|TbuTWZcS0Jh^lI;
zNrX2BQM4!_)a?Mi7q_lN$$Uc~TT-`&wS3Bvsrrfc7~BD7On5<m|6>-6a&1jT;lWty
z+?)WB;z^0(bVlfp!^G?rCnTtFoB;pe0fTC{;wo;nf{6GR9NyK&!kDQf;H$nm7OV0^
z|6ODib@k}OWa5ht9tDNH)bTQWc?C65TxlavUsx{5!qb!2)=9mh8h)J)kN2<ZUIN0$
zR@(B!47ZcE(2$(>yG5{hOde}~=H0E{dtdj6p3iv|1vcG=lev=jz!7CBnVj_P3v_3T
zHYFvDv4@F5fq!1{4t1!ExQGis-e+HTgOyvRg0J`WDt`C~x<5>)OJw!faE4?#HC4ir
zvvf;y)7WxJj3o7rM2Mn>u0XbBiaD{RbxMAKK#oxivMG`f98yY<aKIzMp`#Zu85{cb
z_|T04w-tYl_Gxj`SnB*d0FUkWSC;nb;@X%~g!`s0KNym~X4*+my$;424HFX+2K%s&
zj-v8OQpdRB7y$MYgl<LM#Jy9n*^u?2q$Nf%{`yz#HU(<)kSK4BZJB>uV+M+9VuiG9
z?#QY0tD&)fL4QF%lO5jYTX!6{BXRx|4B<xS>ZzX1NiMT+Ccf7N!^AH+?gSu?hqI~Y
zS0)S-Vc~$<uhr;v2K21Nr&zc|O&KY_Z~w(5m0MA#BE}U`72Hk|@H1zxDMoGvY9$ye
z$EQV^*BiQC1Us40Ln)#8I-jWeSv9(6NiC0N<`ow4zT>3T9m1Ivx`etpkwhFxjJS20
z^e$>qo!{DV62Z>$ql99Fm7+f%_vS$SXlrv52oeYc&@EYTk|&44!L@Y>1B8Z0#8%lM
zta1G3)*|P^e@;UTg_2R-+#kPqP-CMMakCi_u7nZr37du^M>fHDQ1dIk*}{+NJYS|{
zoJp3~j^uq%(U=4Ygd59X)~rsDy4>qZ?~w`~9v*QRjV%R_m^J+P_(C6f+j`MgS*YGV
zyFg)S5ODjlqWMU2uRFaR*=DF26+^J*xS3+A-3HDj{2m_yepdg|VVvh8v#O*HT%k!y
zN@|dPS?jJ<^}STvCR<-)t0w><s?8Ai!*suY7lm-0@PX5cgx1=$T>sP6<NN{Q_V~4^
zp(*(01cF;;bYr8+p&L(7FIqlBKOt~pf{}+u#)s3|-BL*=yUAvQ{1RKMh@Fi<SFoZ%
z;Z{8m4wy(VV<1^A@$(uVD--#`%>886p6@p><oQS(t<b9*gf(tPzlj<x3_KjvP}azp
zKLyO%+D+V;X83*>>Xw$Htu|X3DPg#Ta;sOQf@;Ep_fkkH^p6Ks@zp*DY67-0MJ~(K
z0Yu~lubr==6#Lb~6nf74hgeL>&`=a#!mqDNIM^lA_XDzAaZhTKxSs3Xu$~JOwWEVh
zCE8R3`eal&_y;@~m%F7#WYd*xpA{O%&taC=!I7)fO)rG8p>re0=2E!^iXXcU8i9bk
zEbZC{H@I<_nI6iO8rQM@kAj0Ew8YY1!TpZ;@jwj!v9VAI5a$i*I>H-{aEJ~r(bpn8
zO);5{{1!C(UrFWV6azs`#1oYBq2LY#;B^LRvz8c%TDc>VpIw7QjTn@mJ7<L3$XmA?
z{ek^1U?5FdKOyeGd@U?2lW_n#5)KKADl6g&0zCmO%|gvaUX@LDwxAMpl4@!Q`VKKx
z?W9ik_lAEqS1R8gM=Lkl;lQwmemj@19PVmqNn$qQ^uABfbw9j{$*i}Kbav!?sX6`q
zuGn-q7#(nhtzud4#`nG0vYQ4F>-xSPDmy5&w_Nc9F*V?56Iz$)4wkjt#&_3Sq!eiK
zLN?yi^xP#oync+yK{#HVVCD={CW{<8KFm9eIlP!SNp(KJ%1M>;QL!AFINHCP@?&Nm
z-a%+U(@aQG5B94@O`QEUwsKBGrV^cBTOR)OCb$~f>C*0X*8vr27tL7?nItmi8mo@n
zGP*@90>4nDjDAi;c=ZX-slz2SGEG=f|0w}^a5*!>Rv_X}t{*Zxi&nHGDLQ@&vQeO@
zt!{nbP?;<ULq|g@ZMQy8s^bIJ0N_wmQI_bwOi`Kbg}Trm<F7}iX;Q166V_m|u`WYD
zw;VEJIG?wq7ZI+5?E12UckOM_+;)7I`lRc<Fz-6X3mReDnvHwi?!^%CJ5$Pa^nPm8
zll|Db_VHXVc?xB-w33=4fe0`rG-+AQzM^iQ0P44{H{}@rCQ4v|;uqa;7_p%?m(1aK
zE9tshu2jrcBTfS1{XnoQW*$q<?B==4*TGLDluP&i-lJ-0Z&C2jF5fBi5CY?{Th`C>
z)=hOMH;{~sjM4N=a1_}s`PEM-EV~RDm~<x|umXCrX3nke{D@YVfL|IpAX#}J7q>2<
z-oo!I><(!%Yfi5p+$^uYabP{wnJ<pRN@)zJ7UqU}(IVq!uC+{8)lo6|2_YHv=`UJ?
z3SMhGe%d;nr1&x4Q;uopHnuk(t-O*FiB3>Tq7{jd42PMIU9S)+gBG$9d#6j^!GR1<
z_UX$v6ndHPyy<pMmHph~hePJb{kW*~P3Zhdcem5Y=hC`Q_q9jojGinr`P8eetNQP!
z+9#rF!8jKKGpXRrQt5Yi>#=7p__$9f_wfE?>OyJFm`&?O-r`LZ-8NzGZ34o$@OFXq
zxD9Z;1JLfFkx_7XH`j@mFgqC;TvBj%n7IucVDW;D^{~f4WM!nK<(K?Tq7-?<#=;`x
zt7oEsyf-z)q>QH8cB0Z{k6CEt>m)B(UN8VZKg};)wapj$%znGW4j$&IkoC?lVOVAE
zsj>&u9U3YYt*+c%w06NHki!09b<0x!4+lV!x<KNDh?PpWWz2Eo?5wQ-&|xs(f^}zV
zEPulPYXejg3Gv0uqz~vz9o;ptjs`D^Mzu_O9xSnUrxxbIM&%D?aV+@F^x}Z6ObcC@
z)?L-`Ry^9@uj(f7hnP4Kx8!ETw9D5TAvC|C=j-8od@9|}!+rfc%njFCI}3hzrrTx8
z;cO5hJxzCy%{dH!V|ur?u?K1}LQ9gYZSN>yNo7e~OAz<5EM+5}KHnQSl6LTMc%Ild
zfxqUL351Be5iUJgbu>=T?t*<)&{Lv1L>*%6Z6nlSvyBXLG>i4t$Wk*WIOeDhDCdwF
z<iUs3+C8VvXN>YpEM+5%a1E?-w+F_TaW}Z4<Io#O#@+FQ(&aCJU*}5fg;>*X#SwZ`
z2VG*!KgiZ7tIDiWAC{}EC-2-&j4R1aOMahVn8;~jVObF6^pe`h1GUz$|3Ffl>677g
zi8~EYqZZ+)<dS2T<gZH?1x+*gmSigEQ6a-2;al%bIB4w6saI7MEpM;$)qRiA`CLYc
zh=@=e*5rB|VajZNUtEqn>MztAg`KqFr%tu5@NF&st@Cj(;qW~(O#R$wk5Ux+dhpEh
z$6vGb(B=-Up>(bcm)N@)uSR+CyDzSlG9d9;lvzTS%PeXm4#Tqqr=+9Boeisn?}9=?
zO89)#V#v~YvR$J!>zu)WotvL;NZ|Vnz`?}F4M~@j3e?o-6lnBE|ItCI)0mu`2YlsG
z4E;g5&mv`RGBh~+PH(X2eOD5PaCy&JW>wh5ri>*Dzudtk!P~M1@U~7=2bCjR?Bt)t
zl3ha7%~eA~GbOoH9+1Dh%j)p3_OIOPk)WWMO1;V?ay;E*;c#C!vMzb_ZDD1ntc)V=
zEraZ=S*WgnbY$la4GSZhK;*QR&&8jI6x$8`9U~L@CtEmEJ$9w>bI@wrCrj@WT5=kH
zqV0{FFD0PdCEq!YnD1fT&8LXGbm!MtvisThSHEAY3XnPd3Fj{b8{NYn(=_4?bR;@)
zrm&49>>W^805jQym4d})y$azf2}N~z(v74#vVE(y?dgUhh1~ZJi^s>xm$0PF5aTQl
zwOY!%v8bv+RRu#!5XADAjVO1XnMh}b6qy;Rv7rMh*jkwp(lmq+yQ!jNWyN8QP}rfS
zTP?fj(V&op2`QyIebEp9Lx)45)V*}da+4qoYb=vV=zN~0VbOjsC$PqN5_%(di>!>5
z0QAaME2zSye$cA4AEs10W4}@Jb_0XQsPqRK@@oP}F8sO2)rb`1g<@)>q#{=Vhd0Z=
zSrZ)BM_oLofsU8LSW`o9-GMBd>g1a4+$d#VK@+*T*>Y>RDRNy;cdc@FIlZpC{SfP{
zh%H#RxgDR4kiKuHVKo23RN=eFm0o!_gO|1a5FpK#a6;GJBI>=qn%?pv2HRmO+UU5U
zIN?H_l2YRy2}*6G6mb?k;t}XBMSWs2*i!5G{7aX!%tJ&b)&hw7ox&M-2BnF!rFNv1
zqzQXF!K(J?dpe8bGEiC7+yjLP1tZc`N@_ygo-3y*JV(;JB~?7$`|D3!_ehzZm>3xW
zJs~2h1Qv`+o+()-01Y}wo%tZJOJ?nEpc2Ku+>mJCIVY<rcoQopm46qn|F|ex25y3q
zVkD}*>R^wZVH-Y8sW`&%Z=~-OB3fi5uC^Gtuux$`$c|+a!6V;1o{hDWU72j>IOFd2
zz{k&nEK{YnaKbk{Mu)W|cPDNnh8(elfqCd@0O1dQ#G`%E0)LJ%qge;OxfQoBWu=9d
zd~38h|I=JFxDO|ezYh-!I;%6@M@)&%q&Z>AWpP!a$X1OE>zbUzTnIKSMd%UE8)Yy|
z?jg$+7X08;Bg3HG4Pb@H3CL3A8)|O3S)4wqwy@f$_gOk`7KlLLfuxpBH}}G0=mUbw
z0{2YuQYu}lo%1i*?t>|EesKSwFcnqhx;{<#a<<iIM2nHpPB*&(=2gPf8r_75Es&c!
zRulr!JIPu0_o2gE1M}$Nk_HQ~Kt!u!FPYzKOY^xF7|r{uw5d}7dG_YH9R%bjI1dEA
zSxwHMQi?#;*J`N28b&;mrpdhPy#k!oMQt)6p+e^pakz^<;%w5~l>sY5Q^EjN%_DQ+
zDlw$w3rf@C!q8za8l1sC*L}|=r%h`BS0+b8$yT)XA3_O99xmj<*za34y|?iMB0Z50
zk3sK`m)mcf(JwN%kMbG6afg{2FGarx^xUt9S1F#jDcMQls3_=5zqb)TBA4o9MO8&&
zOoA`3>ucdL{iK!YeTP@wzf}qtS&EX7xzTVk;jNQYQ!Sbl%_vf_mCAc~Nx|L%P`j&e
znU-+G7qP3vCNkm<vONlMmgUXislnwcE)qWS33&Ym&_P@T6!B8x@G#m6!omg#a=2Uq
zK?TxR?Z><p#j&)tRgC;P1S<#@c@zT(F6nf%XtT0>t7CzdbboCL!^_d{vCyiO7#d>U
zU;bjC-91yfJUb%pK-SFK=LDu6)rhK1hOCf|&1m{n-cn%39CJ!k&gSCB2Lu=h{~$s9
zy|_)=0`VK~kS4(*W%g>I4YFBKIA2&1{8Ax~H3%fIOD+y&?n7NGC{~6mTpY<}(0_)S
zqL)toJtEG>y}9i|$}HFWPJ$~Lj%!D3`>PdFm2toEdnFY$c7@%EX?u+7VKp=JT!v{O
zs)W{kujL4Cew&Th1Qnw1vxvH;iXRJ6lZoQ=Z@Wkp0J8EZk=ljKiV@|)BrH|x7e7&t
zxWpa{CXT&AkfI+ZhhI}Bgh@RG5{d|9c|!A1^jY9pWS~8gs5pES|8Efey9t^fwh5e$
z9SEux-}zc5&(k_L9j^y!j<jbmxYqPqjfjM%{rRC1=++6i0s!60(G11Vltr#~b(?`t
z5I!^}f23<PC&7MqGxn-O^}jdPkGhuzRQ<~>`K}F33q?P*C??xESc@xK+qYw|!5YfT
z)4Oa+0{WX1pwnsru(Ux`iVcALJ?Gj9=RXR<)Nu;SB4xWe@TvI_`-!XZyy=0VOK-Tm
zS-Vk9m<p3Qd>^&nBdwL^T4=!2w|?}T*96h81V~=TgYehU1iG8W#Lt=D`>)=dD~+q4
zTFZ%<=b6<lKpE(p3?}rBHu|3-OTpZqOZWiKe&#ufpkXqTACN6|onCKY>dGBFR1VBC
zuXozlFpTIpCTyJoeQ51}T{0er)V~Z*&rg5D?vtnj(ZI8&Xr>HF5Ab>Xrp@VJP(LXn
zK>k`*Y!m!Iz)R5->`WvtmQUjS84Qk>kk?(R8+tGSps8wdFp>n}fZ|iqBiX>paP>_x
z6|xLh<}Wmf-qIUr@oZ*=Bs^FWcNZD^(a#hbbR`U&8HUK;yHy~Jj-4Y&4*6ADEb%1<
zJq2lx=(vKKHuu7~6Squ^{o|3YSS3CNDKRGpi6Z~-#E|K9G&*U7e0Gl!k?6%8*Dw{L
z*nDmJNY~E?n-))3OX}eG$42xK%IE7bz8~5?q5D{dMDexu<r~ZSxAt6IhYQ8aIF7fv
zZ7o%W_jgLnB_k6S!*<&SS?bId5XIO>MkGRkZ>x<{)SMC>JBo7y0aIXq=aNls;-JsJ
zX;E1m4>wC*@wBhVn(7L8ucLFf@p^1*cu?|@i~prV;j%n|kmDyKDK&n}3pw(4x5KJ*
zH$RBr=%~wZb!{G$Oa{imL)X>yDn7{F$^moA6+()d7PYwkp2d$r4g4kGX(1k3QZ+ky
zxhGPxF%s@2YuJl1<2@W&9gZdZh&=~_2+YGBhtH^dL-vNBwmoY&DEoNQQE!tlk}CcJ
z^Nq@+f1W!o5_7S#I#``VRuE{xy0s3-^maGTN@bve8=EMC19q{8AtDY-D>P*Uq_X*z
zX4JwaP>p%10OQtj)b$etfs|O~d%_dV@}q%$1X7Xi&P~r7)!YGCPhx9|aIXlq=UY}c
zlXoy&-xJq%=2r0^^APM=5Mu8oK6h4n-!sEX7E@uQ*<HuUJy*ZSN(E}S5`@ymj13t%
zw#3+r)x%0EYbyAWkPcc&%PFgY^`{OI)PvC<UDvVMd!@-w{Z89#TVfhpq!}kocgy{W
za&0odu5hR|L9z=&TeysmpDrKNU|{o#b?}qYLx$FwyUqd!&4(+WEi{T#t0}Q3$DTDU
z4Yt9Lc8|Ts%<u}gPjp__f&*NHickqEo^PmL^!I(J#R3VQ(}G8nqstuqI)s2$l(4g1
z<#fYL7>BXQnD(vSF^UidA2~ct_#hD;?VMw2yB;YP7Sp4{DU_ONzWW`h0u~41gzEk!
z;7tWHU_^c2$f$}xG04%A0}2BK)58Op>YWMmlkmjc1KHZXQ1tF4wjaN{KItHBEiC4&
zR@UE<)0cdtqW&l|BR6ujl|6O9-I4X)YB?I-Ay>1Xt=?or!^(|+ILk-EQ~}ALf@&&j
zX_GLDhsW;Cikoed0>B5TkQlr~pegTQ!DdE*4{5aG7Q_UX1UsZJrZhgjFPrF4Dg=^_
zdIqCJ>+7uNXHu||bZouK){&tgRA~JaYtqpzU#={4mKZ8Qr*Y1I<`;*~mzDO<N%9B5
z5gpWc)h*$gt-V#OD3J=Pxi75#EnX14uE~^9(~{?7Gm|>_@lRq%hOIuZNV`)eMTrWJ
zh6Jh7YPrRFHcX3$Xv9rnpB1-tg~Rm_24o3h=HR5R#P!fHj1PCepSUH}EDIK)&bD(p
zVYrmFpf`KZKUWzBk*NPs#!&>vS`ezxOoJQftmQ;cAx+|P!(U64ss0QcJM((_x745E
z$a4I#dFjVMzeh);(R&;8{l#UGhTA%mo|A@XwS5!b^)YZ<loj|@U+p$}SYv<*)4y3@
zHa(S}3neG*9IO@sDoveerZW$Z2vaS3GpyqHGsDmg-h+}l3;{R(^1T%cTrjk({9+b4
zPx3xJ1(%}#myG>tgT*iNWRVrb%-uZ#W)y)+m@`nTFp8vn6a%Ei*$(oGKyAGp@O(wO
zklacEIIv&(8Z0{OOX5~5QfwiiBAXbYwAe!TMck4?ta^7@Ln6iU#U>5(vv$nCP~3k9
zu$(zj<w=`}ORt|0MIYDSc%OZpNuf>cC!}?G^hi;=y%-x>Dop2ICh2goR+1HnXzAZm
zV?NeGU%2d_$~Z*s1wWn>X`2C3ff}@IusD~(F{+ZOqO0~yjWE3<LODDiM8OZ=1h)7_
zShBevcUFF{{8CCzWW@08o2TlsHR5Xx1ht#qA`MGYjL5_YLWihe)+Iqqin@B#nXWF8
zQuoG;lJ4cf4|4kU`g}i^uV;dShTh9qNQ_E(r;?)V^7%jBobH-yxk(zC1bkH?7nF$K
zueb>m9PJ?d;biKirKKDAv1*(wHjWpR3CMOipxuFDEvwD3I%G6W5w-^ctRdOCTDQ){
zDAn$y>3`{KJi}}un_E5G6Hz<VEuG=&Dcjf}r|Emr;R<+di3)(pDgxsKt%tF%uR~oW
zArPt}V{h!ynoQHAb0wk3s0{YwS2{o8<1b;K<HiwUbAbD1TPf!{pZ+3j^Z5Wqe0&q7
zNyG;@1O#kB-p#hiaooi-R^BXfUYAej#<Oc@{Y?Tf_uK&fK2|=yT*F3JXFXmc*e(-;
zw#Crvt*?N9e{14~*11MxbUtrUdS9X5pY1EgzP!fFTWWz#CtcXaZC;p<c_NY(AB-HV
za_A&-w%vAQ9#phswYtT`1a^BWT}09GDXZlk14K@3Y3vMTWp%JJw-sHtYfyKQS{WHw
zY0nz`LM+za*QQAKqh44ALe5dl=+)HyXFy=V#m_nedV0BDJndUV=~9w-WPHmmH@>zY
zgGCo49=zDFQ=g?-OX=>@K#MEo8I^eB#l{cCUe)-*t)fhUQ><LA5N{3wqcYL0pv@x&
z$0|_-kv?|pIH8g5uOsIU87!-W3+CnVm@ANfG3e<v=FVE_AcR?-hgLvd&oz6wDe7&&
z@~7nRUz@c{!9M-jEN0O>zv`-}qg&K*1yoS1VjxUW_IMgl8?@?lFxdNO2tDR!mEQT~
zwcvwM9FM6NsLc|Y-}&-pYUl`js8PPP*Ey*cI5@YzX+;gFAc*dB$njRn)T4=FXTC;@
ztF!pgk;iE_<8LxgTS+S!ntW>sQn652Lqiu1NO5F;f#7U7&mw1NMZ#dT0qKd<f`!he
zFWRlwZ&dqbI=>I3)wWKd4m!Q0tPV{SB&vgBQlaZ2&O<l1TC4&36f6+A#rVpDaL+<4
z(J?Qfp+9C*VP_3H)M%gx3-QxdlqOIRCh=&|3>YUmF?RVLd56%=B?ituv`#7ec!-;)
z5`Z_X@lXbpq4&8A_3PSNxDn}7;LaBWvncXIB3Wrk!k0QlMCifQIv;VdiO9c?qQ~$j
zBr_<5ie)~EBw+kvvBxyNRg@ee{(>vZ3aY`#<+H;>#|R8NPZk1H8OJ?oTEQXU2c&J*
z_IjPg`{|eOAV|#lo`3JXezeua@h>}RA4gLxpM+j^9bHwL0V5+rtwzBruEDc$$&oJ^
zM-!K{7TubcYL5r?75_)m*-O*%5+g$s^p(XWaTIV&klQ6@U;_ZY-PeMD?{|MIOnT)}
zb~#Dcrrh}y70csNXawI)y;pHXvHCch@;E@J01<lZC}y#Pz#OI#gi?Mb(=)lA9z#`w
zOx8%>0N7{d&}Lp8&^YSAk?@B;eq2Ka$c{<eZfxOr=XqJ_pX6IP=?@}GHd5qQCspIB
z13dRxDYmmlITT-X=Yc!qRIT7x=mP^P$dX6{5{KUnoa*O0#L9-05(h*d?zr%&*HD@c
zxPwEt#&_m2vCfOTh;v7{B%CN06ll3bGBWnDP~`|D=5y#X$zn$+EgMc<&VH<vifg&7
zv=>nuy(NSI@`_oIscGnZ1@(?k=58N_r&mIMxD{-5x+?&iDSdak-8T6aSLmv$Uk}P@
z(~8N@B4eUWHh{ezU!9I#_parmGyr9e@?X`C56M&wHf&{f=^uk3MfMs=V+O$qny@v}
zDaeR1Q!;rLDiX#5$wQ1{WfJ%I8=$q(u(6W+p;+zjTkFQo-odsg<5F(vIBUInjsjDg
zYBd7hO_;A@ATi6a8BtB5iw!0*2($6vP!5#-g-W&$MKN^~K1?TV!2I#L)4c=LNBz&%
zCiXatZgjd#f1ka(TVnj$>O1_Y0SfZ|&=Q&1nr3&h6O8NeVzebYXQL`9OAm{wP5>U6
z&9pEzMZ0_>%@oUlE#jLb7P2`sV+oM=C3<m1t$;RUYTz7&p3<R!-AG^GpB^_5F>v`{
z4d`F5&s?e`)b>=;y!B&vH+0;Gs%MTujCL{{Pn-1Fp~tM~UC=^iqQzorsN$Frc4PTT
zVPYssPoibB`Mo>jRiyoDYHPB;KkJk(_an#qg=gKEmy=E{?5%icg`l?ESJt-Mq>};k
zZeT_3Bs5=|Ff0dGC=N)6yS{#KmW++8WeVbBkntEYXzso!tlZ`7cqFjov$+}iOj_p9
zy*LF5^ZX~SHx7p-wtj>JVan<K3eB++F1WidWDNxOfXDw==2{s-s)7O~efqzE0JlqZ
zpR!<)v!$hA?WEK)wiWbl5ljUf5pE>rH&gQB<aEXOF9RO_@}?qTYaqRC^zpHfP(AB5
zI{J}`V{8Nzp-k+!mpdL`?}9zPaZp7*OU6kFQ(?ZVm3t`D)4X<Bb)~4A&maA~$UO6f
zzk7R!*bN@{q`udQsKF3eaPC_1ENGayIb?iv5<)s)kYFdfe`){~3U`&siz$SbX|EnX
zHR^N`UdMK(Iidqwk=Pc1V=qpi5Nx*an_&_;C$0j%PE7a#DIeo%Jp}^VypAhgc+o-X
zpB}N&^C>K-5Y`R#E{zYc595Ew1B+G@mM;2iF1Zde>AJ}M9v^E5L{jIS!<2>!eMYrb
zR12c*sCPDLEj#Ljalxv@#6^FUD9Cj1kGBWEa}#-Uoo;}muRIhd)Yptr(e(u63*NoX
z@WO9P(+)*7B@JR>MOEZ(7Dd)aAbEVoto*FLe+YLfZfOxXtF$r!i&D}o*m%Lx<p{nd
zgOxA%smvt^ttc42M?`O!jzL1OBf^&SR7PcGIp>j#HLOw`(E<@AMRhyq8pw%49=DQ`
z2enKY;zltmiHxbrAPGJ*Ks*eo9Dg#8q)I;mYoLajmC34{klF}jLRyAwr}gkcftp_&
zWS%1z!4mweZyypT!?Judi$rMZQrsy4)*UH!LuOm(ihV{hEpPwOhoes4-H2zmN@1RD
z8ux6=U5y+T>t=WOzKUae=-TWpZ7P;0eJefCs_mj|z1o5-y-2!kFLI{_a_2;E_?@U8
z*`ywxn&qa#H4P`Gx1nT~uU@n}`x=HHdxBuJiz<D{kFcJWZBg)Lc_yXi%}hkc7U)e)
zN$y*$)5+fVB7$rle_uGP_WGqZxwTBx_;?kA8j=iwZ(l5CA$=_$QcHqYA^o0~lCsJK
z?v*2<!XsWOYHv`3nKdpHBAe7mIOT)l>*PH`DEKEcTH4qck}odSRqndD8ptv>It_zT
zIXft-LLe?2qnKZ(*C0QZyVi3bsK6yKnAFqPJr!3X9q0D?$|QdDl#%0KJO9ft*CA<!
z7`2$7K)Ao{FC_Cqn%6SHoK4Hk6;m&9lV#QtGR{jl+VZ*r7f-=L5(vl`1Gj{1B)3<N
zhsOJbUX>@>)l5<oS9clgBtMHOWP%k%G8L(?Gx&`A{^uDBe*3Wx&^B&3g*$%8C~;77
zL$jZxpm)C&`mkm>*x=|S7-`!+(q>NOU6~C-a|7Cvc7BT6OW4X+rxIElN^GE$5)*@M
zoE-YyzMI)lkM)NQ?g`?pO!MBA^@^Z3TFPz4<+R72O$m#bk-24x8qI@A$jQLhR%g`r
z=>Sg1(rE>^a|kYo<!{_*%tkpOi^y)IwF**wd2<j}gK%Q_%)sL0zO!aZkiglPM}$0A
zr-BIiuxx%iEiEk)J}fW=^*1*m=xzZKgJvL!xHi+zhiN_h1Sr-#w0IX1RK@fpGFn!d
z&k|RP@+|^YJG@H~b5Txp&h@5Hc&+qOM|Xd&H8%;4>LGXE&=Lv$Gt0F;Gz`ew_or$2
zwX$}{)8TatJo-^nO`*;Cu6h~U?q=b&wX?&E(^g_!O@jg3B4Xh^82yEqlPLlBnO^7M
zSk#pxF!Qxbj-A-YHJ&6B`s_P-xvK?8NRHM1Q1N``TN>&q{5?g;jEsziWindc{HiQ&
zucP%=p9?j<=tO;170twR_nrKAjKefjGfVNvUy)!0X02Hs=M@jp+40r>)!FaobA%ds
z+ec7hF#Y_H;?Byf3xw-+?YgQ^65~>23zSlaZ{oNbq2d#uER3jlAUA#3WLbB!?|8%y
z=z(qN0*u1jAY;WV)-JKL2N;L$0G_h|&SaRCO<n(yLWcN1IoNjtW;sdquPmoR6pU0!
zCza<#S<3RVC<>-!)!i{ofL|dsRus@gC{S~O(b(+@$@o&cRTsT3eEHoNk&9-Fs~W7~
z%Qy8q+|(O^2m2J94rM=Eg5j8;7-bt)wXM6vpH(PEoaO-|n0KBoG7+!{@MF#AI*#G7
zsb_=L-S8GwmCW3V_f?dPQBn6>0t2vJGK7c(B<8?*Bn_4-LgyIX-^Tn{EiBMOeT*5T
z558!F;GDTE@M{PPnM^(gkydzP#?`uU-|#8#cED9e{^eud=k~7B-tP-qlRz{tr4pF^
z;J#^54T;$_*U}<JWeRNazrP61uDwsa_NG_K?Xo(^4_zc~O)^*O;VA$uGt#pC^LYfq
zwoIaB8#*mf?~wfQL!kl92o+IV8t&?xl5XR-Un_%3mV)=(2oPlR4aIoHAuW?tj4kve
z2EW3y=6|F0pSSfrf=&6O4vs}c2+Tfe%{Q5KDueKzStM45mAux~0Z60Ow-*V05%~;%
z!j90V6NTyY3NGG6CcTnV^}l8HS1~WDVi)uv!o?EDO##jl4^{)aNEM;PQ&(i^V=YPO
z&b$-XZIaISnH<Xuuy?aec@9^=ckB%<kO#S`f{2pV_EL(MJl@)riZIBvRo7(9b<;$9
zihkly#Ks&`85nIA362p8D-W8039Pp_y2dwcs0>u{%VVe&_WJjWh#4c|L`H%#aPydF
zmrjeBU^RqI781eE9Ufg__IPv1ug}#-%S8a0m94|bU#9FnZ-5s<SMB%u+3f{wisM!U
zY-xF&!#8S?J$4TDa=eQ#P-AlFWAz6N9^b=qkw085++q2dSR>Sk%R{IDrZNpKE3Wk^
zh-Vv6h1O{yjXBv7V__M1C_i+{a9}(l<DH4-!T2px*6}Xl6;H<J0z}eFNLA8C>whqg
zkxNl{RCO08L(Kfp0p<T&CaGsjIAUkMMy{gLJTD(}Ja5t<e|6Az^YYqJ)fD(Vc@nXU
z`=HUhBpSz>Bj^Z5kuSzrCM`yW(VusN7%7Tfru7FsclpmIS8g(u!kS9AWkeQkVeH0w
zebP8!W`9#RCo9F_j{SE8<Rl7;vAF4R2}i^+;Rqji%$<diQDH)-3rb5vMPioDsHyB&
zAL1taoeRKhcBM|q$SX~6{>uT&A|CCpXI4QZrpjF<5<p$#{!f&&dpco=hB@=`fxc4s
z*vS0e9*%6F$LYP^%Q?e9kdE)OYj&Z}!&5huT>0u1CG(j1Ge#fON$z=4H6VgnC*Uur
zgf8^Z!D(tti6TdvNw4>A2;DfbfwR>+8WCRw)-7qIDATU@b@mVA93jb?9v=x;cFn`o
zr)?sE670~;B*wpPcoFamAomLG=U*~=zekSSqjtSDFp9XH8t>f+qt2FEFb!a4<~uYx
z*(zFTe>{qkdzFxm<xsoRw~<cdJ*#x9cU7V6s}g|ALlhp_f>~S01lqah@u|cWk1)&o
zA-Xz2&4q}*C<O{C{h9p0SpsQKahY?e<7h(a`*dK&mq}ubwRfz)QT4SghEx?Ll=8i}
z%<f-bU}X3e;A`UjgYF!woe*Kewew=N`_}{a?`^+buZHg(U8DWOBgK0)Weg8B3Z?2^
zmC-_-VtS=?=mKTuGVjhGn(7*zO~|YO283!+8wpZ%C6lf^)+zZ^hY~6r9PP%WC>|3G
z44-Rw8VhJ>M@ASYs)pg%8UqmAy+Rpumb=Zqjk*mLXZ#T|>9M)j74!b<V(W3qm|nr*
zu3-JW2(<TmYRQ(oa1s3Ejz5eR-G{CR4N#{Kwn%>US|tE;yIkIXyFz@&sArSBPk1K5
z0-O`*m8QnsdOmqDIY%BobO9oXO9vjCi+Rwzz`ts&l5(302s3r@|Hk6Hqvu13mM&<p
zon#;>$ImBcBlB>^dJcWRKge(Ha9#xZ{YJ=N8~d#Tm@A+;-q+UPm;3$ByA<OvPW+i5
z)+nFneVLYRS@EzU{!<v%nPdnDQo7Qh(9{^($1y<H#S*{h__Knem^s!(4a%u)ws%PR
z?&yYyCL;)Vl5SvXDmKNaxyv0Vrg6U&&;jdTHY~7o3kPbh{k)rz+J=j~l=|muxUYjS
zglpE|4+5z{K-S3!p+0POr{R?A?E^cX7}(S1iB0AiX0l^BV`_b-<+)X~H$4Xn#lC!`
z4$m(|99ke)_4=TKe@7nZEtanR-XIjX$*8knV|c%+K@j2KH=xh>FuS}jTG~}kVqn*k
zBh^V3&*!7?&T)ncC=m}%75;~c@-(k%Z14m$$}|Ci_akag{6JF0g(5091^&(oBaUTy
zMBnUOfLwE(JWwT0HCY5?!7l{oSbnr*o;EpCHd--KGV<idbe||d`xe7y@LVC}oS951
zlv`H|is5YkU+BnQ9Lp$u_NR*dIYeUbRXM|Gc?%y~`g9Ofx3t?Sb&}yBh2W7q6GeEf
zkkI{7)P#VfX;I-?D?hgPvd@;nHDz?ksoU}4F9jxcsZT{Q)=H5FzsOa`srgE!Of+*5
zHvgZL3MFr5j;80$y8Pe_brAsNzQMq*JXSVJFhyfAEQUf~0WqRn7v{Pqbyk3O#PC^f
z%F%&_7S=gQLJ|v|LgwQp#vja!yH~c{)aRDVWST=<#vgUz^WN^a^9mlHcc>KPE#oaZ
zxWg}^&&}uaT^5C~aPZi6-V33u2crb0X6-1+^H+|8=?b1wpa&T!$cixWYY00X_J@fV
zYc3e{$tj*CuTm3K2Uat_Do<OEfC0^eVzVAPt$)e*V1cgqnPL=Tg}q=fMdFI+3L&?Y
znhWGbLfV{~i6)VHCW329F$!Gg()Kt4dXXW5&;hd1x~yyehQu3f_^VV%afbsWywQ6D
zz*C|D{ja=f!Ll$<gI)P*azbJITz^-UIiIvy9=suQ>muUt@rk3AnncIR%HR?nxNJqU
z%0u;HhkD>zadRP_(UJfpN6a5Kn*t1LjFrlMw_<u3dLwvArf$_oNh&K-BXHC1&St#v
zr2$j{D|0ol%E7dSAJXo%5frd?q<CKyLszbDb)>mv<&-lol3AvWGX|Q%rVaEkF=0Qt
zN?Vj#m}DJo+Vs9oytV-s$_d-hhd4@so{NE=v810;I%*V|PZD^26$J&-tah8yy25qC
zLuNXN@b(qS7-Jy{PWS1h5T;L0kM=i(qjq0+wNBd}{l*}ri(Te8qmJLWZc_G~q+wQE
z1dtfD#uifJl&~s6M=X~u1pNDVs4sQvuj<d7(0=BF0q1Hl0``~s24)at!=qAZPPs8Z
zquEOG<j~{M%J<y?)TED;zL+EOk~#K(as%ZCFjJNj(0xCaMo9~30zs7K(hd1=abF?C
zUuzVH_KK{(_G!DsAVMn=Y^zI3NM};7%hb)j%Zjsw!~45Hx8&yCd33~L&}2I#X&v9m
zjYqL6WU6yrK$V1EI#$lprXvNq>Hwm~N+>mfP|E|sO&l>!e`UK}jv%Z=bVPi@>H8VL
z%V(YYZRLHaD8@>)7B$zY@gR$IdH&4~W+&*-G&`E!1l|s>xm|%{a2yiG_|x1}E;T<&
zkH`HM+zvXHH?(IJ(XoIFGL$B8rw0v{7ubNNR)S{E4EVdUj{ZHde-IlCJ1eVYy4CW2
z<np?sg8*hYZd~T4V%y#<l98s&?RG^24xl=~UQBi`JECpQpu|*Bt1@Im1*w{zk-T0<
zAJjcyb6ls)SIfMmAe4iK0PEDGb~lHQ%Bg=dap0al*AAjE%&90CMr^DMGoz=s!-VbY
zVtQp4;#IqzYbm0Xb)H`7cbbihUme6EnFIAnPjhzLq_3GESv*(96#`7(Hxnl3ke+Vz
zsFZ|x!ZjPy%D~}9&`?nt+}Clwb#?hY>ig_Yn0cNOJ&$i9T#yv><^PIRnasmi(A67Y
zO#k<yr3*a7wPw$cqkcQ?#B(GaUNV(p*E<!^`eRrdI})xh{v{sSVyC;Trb)cJGkyOt
zC^#vHMpmTHEk=4&dMG=NpAG0*mKljC%DD#VXk>qPy9EB*otOy@C+rH>%*ez*VhXQ8
z(Vv+*a%>zPD}$m+3SL3$iY}2{EXwP8qu?;;bXa`8ophMsvEMb|W!w3qI8%oGrv#dX
zBen6kv7c_YGNU}2C|z}wz5w>ruJj~)!u6sPh!$r$AA)I`0Z8f1IH(`?_>@4wAMS7s
z3qE;@OsRA2?0pq*8$+C-R5kE)MDW`uOuSS%XN6Fyd;GjKE1~0%pE@y7*-&8z+?oj%
zIWx)^zz}2c94-&R4}bvQ<sZG*>XD+77HF13Ky8$GAlh#GFX2wOhkhTby~z%YeGQ>(
zMPjm8+@yqhsMW4=5z28%cW%QM=F1i0z2|g9*+N1v67FzT?N;<^4}e^(lV*Gg2v4@$
zVN<BPKU?W_dMMZmq}ERaz>Kb$2K+D|D<f}DdwD%;((z1Vv{BmC79K?<RSG2*%pVA>
zm!PEik))EFJcK51aOLsEJfqMVlr?Hws_}`l3`&p3ORL3@o2KC2#0Kw(yGKT#KFIi&
zBRnyMiF4u{dW7P@p=ftQr%z^d;V3ufUB$*%4p$L${~sI@I-21Vc^N71#KOolaqH^6
zy$SMzv3lPV{@S=*TG%2RW|2zCaXKYc8rV3%nyCrxu$RB?#$tnj>dPzPuKZXWVv})}
zH_o0o)MaZ%n(geE(4!;|C?T>2DHi`pA*{F}n(1rSm|!{ufKUwkSnDo>wC0Z(1sd6u
zb`Ey@f_p}6&(&5drb1p4xA?C>8Rw@Bj~q6N=7&xy><SX@PQpxVEE819M)-gEMVh@1
z4>TS29*JPNd3S}$hegqFve;zEDoYE8hVJ}vb@GsMaoIalig=;XIrXkX&cUHft>Ko^
ze08VFjfYQdjdLd%>Dt_;9uGosA3xG^Iy&CQVaZ0-kB-n_(|Y>bLXVn^>~K;uSM2PA
zZDYIe<D_cS4o?tb4Y`MzI7SK@s-hcn$74W!%KXxjoXV6uer2|{Dv>GHzCjz~&?yQj
zuPlvYH5KsvLevuwg-3+bMq-r!(C;_WQ!o&Kb<f81Fm_Q=Pb*T5$LjtJ5k>Qdgq+7i
zFbR`=DJB;~QKvZ5fnbT<uU7b%soJ9lDXr3Ko%nQ#tEj65#s$eF@{*OCNd`@9KHz`@
z){eyAM-qr&uS}IGo1B?(?EEDm&`2rTged@A_Nx0$@J2KV_WWChP{nyBdfY=8l$U7`
zETE`ukc?=P?GRhfBXplA4QZ=Mz_QX@9Wd`{2QS5pQQB1>)TU-U0vXF`ER$%BO!}%p
zlx?n^A{_4Yr($9#L8vr_MV@*m1V$d-Gef3#kaTIZpcESOI$<%taT@9pc-xiHPhiy$
zp*$FUWwoWaxpAYV{8IdHZuU2JRwmnZK~Rw(O9jfQ39!*a30vL|b<Xn#Y?RX1&0wzh
z8fsA!|Gso3y>K>;cDjg+L~ZI;HFg}mLKx+7g;9a$VnTBH{{u=uwZA$Yvg#k4fZbUT
zU)m|Zbm$=f*s>g(zak5%F!G&iwDFLcw$-r<GtxglDD@jl#Z?4ShEU&7PUncOiUqLd
zVNO>Krln1ks4_P?fDCAf@E?%{erBeAZQs$!AX}v*)PQ(mgx61ytFwgbwEi&<oie~H
z&9p#O+GAn0__Yzn6?G|+RWcz-$)i&mSulf@pN%d}%ePM-W%hVRUcPaWbB@qY;bGO3
zb~QvA8@=ONBFC@%$6uD#Et?c<GZ&R3b>0f92BtlNgW|I=Nr(_YMFxc>1+o+YFu{n`
zz`C`z)NsO&k335ghJN+v#Dr1)Oixd;{tnbK)o9d$I1$wWc*4!kBCw21I{-;I5s=N#
zOcfp+GSjtMX4cB}y#2NS06+jqL_t*Y+l4+$UU8l$Ti4KF<{U-iEXV>pQ~SG$@V0Jg
zF)s2d(+ImZH8XTp0g<svh)zqzMo4`c(}e|)=@@`<3fZ)=*`U^R;_jt$SI}yeNI5ws
zOlZ@(GPekcE#7cu;F^qOVT;Ha+G5P7cpn`fhKX_*c~Ggj%94OoHqoJqnT#Q`7z?i6
zoFY_ep+8S8IyXi`f*m}u$Z$5LMF7>~jy*egUrP5`2w7Y-`7lsW%#lvoL??$*HbMJ<
z8SqWeu5#Ua3^9LiNmc=4IlLb`!{iEpENlo>d*~r5<8u>oZX7K*X`p}zphqr5crSV+
z)CSJPB5TQk+YbN;!}9%Se<*Ko$`BPQ9_Ny*H;V{Q=cAF)o_$+3v{uQ+jSWV-(n&?I
zeM>tzHjhJPkPwYd5*4(bw#(4)AiP2j>KBB2!$S-eOp_98AYQ_>Q)lG->3#<76erN6
zP`NGF%=us@Z;m&DDkS~;x81qd?PD>a226U;*i&Epw&e1LRWcG`XXF);*ck%#_!+>a
z^jTO4N*)Qnbyp)h#)WcWl>YA`XHnTn@{DT2<%VfY=qN}z{YxDt%g-&QxlecjC9V?Y
zo_zJM#7vvbO=Cfo7)oZWvO&TK)l?-|!UkI+a?I)}0AovX?$S9)5Q?dIkl<E;pjB7J
zc~^^bGS7mKlWWa*SU!DNC)a>pL6Y+eGTlEY;{&4-CZbH;=$4-I7i3{<5?vS@i~2IN
z8kPlwal?oJ#%4Kk38pG1!0`~|L}QSfRnc0T9YXihDkF<ypx*__BNFJ*i5k-N46fy1
zgb5J8v~AlY=gwS^&;I_O$$`7}$a^2U6|THY*0OZ2xE`HGR7p@0fE0!Oit-+oxQ2ex
zo3>&#U5p_F01Oz|z(-D3-4=m}LsU5)nOr+KIZP)G5CsmHosLL(aXDVknVf7iE&25C
zLWRQ-Q#g{yTIw3>|7dM3W|>ELPVzN*sJ~*kx*p;+0ne*KF9id|m3bt29=MW_H(q>|
zv#z$05A$S^`Byz6a7X(lL#@I5gmDqt)>5Kk6yS6A!bRf{GF2;{Cr32{raBthXmyRF
z9>Hse*EPXj!i^FXZ@&4a%$rvYs&bNAaDI74tnA>6!%Kj^AhW>DEGlPb;9p8hQal>6
zQ-A;*cdxwm@(U0nO|pMmrxfGG`H1LCD~dSynfY6;E2pA_ni#s0aBAiC!#v0J$uXIk
zUZGYk!_)H&Moz~=b)mIQXi*S@$6xHdEPbOhi2XUWj(;g?XFae@m6UEad-t_|dFHFn
z%4h%jk7V0{?G#H?9G5TQQBebU<q>}4q>-udDVi@!a^GEd;HA{`2pm+{|F_RP&mn3J
zqJJo8VtPh8+FFexDL7otAX3W83#7HV*<jg1!6b*-EQl*lXPRkxu<7*_1PB?^0`}w&
zg;*`c6@`Cv`sg6d=TazDa*xdqAwDX0-fRQNm~(IC6l0LK5L;*ggWZ@EORjd7O37_{
z3?BngT3_N&I{FdjLW3|w5d;95cf(v*Dg9fOw+s_bx3@L}D%eEi4-GHc;?o0Cv_>A8
z8<RptMeeM*L)zUNCBFiu3xs;xExY8vz8!3^v^@FsugjzN-Ul*gx09zF++X#|dUWtS
za-YKLCMl_Dlr8t(DQ-qv!}PLk?C6XSB?je{3-6D^?Ir;}Q4BjcGbwY*BQHkf@csh^
zO4t16A(yEZS&gdzM{8njVP5DPmNH&DN;k^}@2zx~mTFGUC<#)Aojq|{e)T_nk|QhH
zWR{a=drx-B#fcGV+So`h8jwY*$RV^(VLX-(ik9{uo5#ZQ==jUt9ee4j(@7g0F)&BR
zhE_vyd5%8(!9)8H3~*o@Ywfi7rTY{mVgIDG?F5;J=rfc4idgFiYkR%>GKZzs&?U{~
zMD*4G&Eq_d;a!lgzw{kB07%d#rj77Jpa9yJOEqJTp0rOUi)i&l^9gYf=`dLfbDSGF
zIKa%zwD`>hM$U+(n8vU1qyB@}9Rs-#Hs)65(F9jR0dZgnUOYCBye62CQXi+!0-7A5
zthAb|#1H5Fp#zUXBxL2LtxK{G>9l^ay!zVf)Zr8Incx0xj!EJGu_{6x5kZA(TI#rY
z4n5lNmwuBLChz&mh0Aj7^cfIrM&=RLxyYxpoCLH&idk6&QPbL6Bs?eSK&c+9;ow06
z0B3E%DZ4Q|*%)ZA8Yp-GLa`pnR8(5bF-ZJ<2GFlRptL8<7b!-^Je4QcnsnE}-LlA8
znE&sed_hVvWZIe`&o*)R>JqXiND9^@0#Q*y6v>B29~>HxjWu-`gGR*AkTlgnSJELm
zv~#bK_9$TiaZs+beqwA8H@ribGIAw2BbCi%vhB83QX-B8P*W~iM}PEarn&h=HUcWl
zEjzaV?&MI9rM0Ckn^#n1YN@N2LZqA8f*Kkhm5O?fF=9$RKUpe+!BI#C$aek+1)H3(
zI49jV`f0V5A(J6YxUF*SMi1V}VJPJ}lE;+$8qNA_!YX^}J7twFhlPedgC-CpF1dei
z2a;FnzF8zG4oG(f(`vj`<YuSzCi|r?ep7sfE|eux^4)L0Aotz<9u}fZ{>K-;CAaL^
zhIo&1N$V3fLl6XS!!tK*+-OYKmlYLCg}(%>P$U6@j}xOhQE&K?OimEqeJDJ=5FHyR
zSIUW0I*Y8LHk~lkMe@*-)$S0|boM7Zln{98>Lq#UrB}F42!{X$XQFZnMJWu4ai5{S
z5xL`m!$c&roOt7u?73|pDwPJF%Ozvr04L)4Y1AMiOY`JUbmb5zE;#1`CN)<uN+GGF
zp`k{;`pn+~It!5dc;x99o|j6>&>&^h(UT|XB$=rWN~H>?(?)-Yx?V*Asy;0Rw<umv
zpjuQ^21{1S42sM3>GwbQ3$C=uo(*Txrd4+Mz~~@=As}zOd>jH|pKLB|k&<wYOwu)~
z?WE6p%T~ewBC`_84UD%mz047Wgc=WE16gMt?Yo(2MqXwY$yr^pt*%wJlx&k@7ml$o
zK6&e04=2Z#N+-Ga%3IfDlw49-lPCAzd$*XP7I}U4HMwx(nsG#gKc5{55OD$4S~s>J
zDO#3ipMRFeHzEycFgRb$fe};^+T+ayc<33GDUh*)Fsmh-f<^tSW_nhK7p6x~08q5=
zBrP}qC-|WeX0^+tof;>h860G=R$4+Sd9gtI?$lV1Y{1(GdPa;Pc&+XE!&r>t6j0X0
zC@C9d27Q^H!BIson*D*wWd`pi8Y218<Cq3VhT*3f`i?R@&tLK@stw@HjQfz<YO2dP
z|EoYY)-{p3(0{XcZ`r#KLlselAbJ30YddxxKpP@OsHWQE*27yk2?3y*Llo2AG4y5D
zYSW=wS+>+Q)jo!7B#*PFGB<DbgDA2rb{QAx#AtaONH!^3Dmy@;Gjbz*m6Pd;K#`M#
z8*(7w>HOPJe0U%6i6fMJob$M798sXKUWdLGQ~lCm-ztUa5;;D58m+TKnwzTSt!rJ<
zneUNh&}8R<ZBhzx@1`8NG1Dij6N~cexBaS&U7nXY#|R3Aa#)%;=V~p;SHAfa1VW3P
z>boYl?%2fuoSrQWAI;9y7M&VR4X#HdXax|4tk<zr6(Xo$T+h{-Av`Yubo5B!I62z*
zLmTvml@C_7NP(D{a!g4M_K756n63f@y?AUX`Yx3o4Gm8ip}VuQjc8^fa&VLcY2ekf
zZ?VWGqf<6E%K0P^8_Ns?och7*;?=*>5{=W0DU#AurFe%a7q_Aw;iS8!Mt~JqK(*Hj
zY;$S6)T2^SJ-MbKD;uv6$xi_Tc+HI)-WfYxF%+rVf7U3YG-@hMM~hR|xn2`TFHKtx
z?A!g3t5>g-zVOTonYB>T>?U+hA;SK_Gsk2R5Oee9HEC~P43uO3ZZ7n2$aNjFM|${}
zmp*Qg^3Ws~PrfDhG`)vY=v;DP^n#S(!8b0PMcL6WkG=on(%^4k)O1ETBpjlH+=twy
zkW!|MiGFu=J=}GJoH=`5F86eaImamv9K4%yr&xabOMfXL(=t@!8vHj$C(*dD6P7pB
z*W;PccBGNEhI)gjP_Uyn9|kuj1Mse_w*Hh5fznf{kJh{q0AZL9N^d|K2BdDr#aUEU
zZ7}<U$D@k?&9iCn0sb<g^r3Hl@$^NR9h)$SliJ!EjL)LdI@0GeljkQUW;mk+ZTWle
zr(Oq9)7lF#2*5#gpu3bj@X!OWSZ>Y?<2VQce@$*R6y^pg1^@I+U6<1*FVjt9S`+DS
zgbl0O^2Lc&xi)a!5FPe`b3%*>>Bx$iwQ!;fTY&~v5j<WA7SeOAIYEfObHNBp29bcd
zvbuKEa(LIyhfzM%?YU)Fx~MS6^7@O%f#4?j<YSL;Y%b?ap)?$Xl8e|G7e%2z3u9zn
zV48o;Cd;N3WUh<y{yh)jeL3>%`IoskWGmgva`=uN^2uNOIQ6Jk&UKxW%fSoe!vYzk
z>5yQ&MK{t2C%OjlvQf&hT<E&4n~ciP_A0In$c?FMvT;)#Ej+XF2dD}Vr;QQv)tl9r
zZZ77@H(r!Gw`^tB2b4~j(wmE#QA4n@PC8?25EzP3$<Io%<bb$~@(UpbiYSFR6iv^$
z!gHOJC|VLJWvLT$D!e7NGe}7*w67mE=`krMuk{dl^nA=B0FsW}sKCI^=6L(e6{7)Q
z=JD0_Ja>LBr^=5()G#(nojePTTFhg_mXZMS*Yuc4wr=i_`OJ)*ym6B9ZUiCxl05y?
zX*vJ;HR;^EflwQhH!dBA^A@m5RC<^$DMkHJLQ05(lvf!lcN3zuQc*#DKF2(yVf})^
z#SF3?Gi=;VYucWfnHZmt{derk_Vo0zMC^213{>rtS}(my9*{PNWPFHO8p8K?FT5(h
zzVqYMp&q$3a7i{+)=9`2kylT@BDLfbJzlqI!?K~SaFLVGy#1z3$7rQ3$K`Kde?wXu
z>g3Q4T8eno5K6=ZZ(Pf=En7Qe+m5Zq;P?4!-FQ)kL%_>ngcu=Z9LQn@>C^C^o>^q0
zaRfhQhG(3US)u!~8b{fb{Ow4%TOBk9l|#CyUN{#}7J$S7G#Cv9ZTv?Nra2Jb*&$S1
zs73>XbUh0*g<jf>#8(H^bb4`(Mu7!Uf0%ryHytMl0E85$OpY%}O&KK#t=1K$Ga4GJ
z*{n<Q!?)&S<8--!q<gOP$<BS9#s;#niJtH6mtX(rhr}DB-cQ17vo5{S8}jDq9=U7Z
zHo0ZTK6&sK7j-+DvZ?~<8Xqu#Q<62(<A?*0OMm+3pOgD<y;XJrGQCisdaAFUu$x;@
z06?o}jAsDm*_&0a8ZrKi<=%(x+UCpk?OzQqrv`=wtndHu{m54v<?XYVDK`Q#H8wA!
z^CRRnF9(>NkO#KiD+f9{Aqe!C-31w$Kpa3Xw1nNMWf2a-i*F}n&B+(P^|U<t&^_pv
z^lvq+NHdcNdhlm1v&FOQxM!dG4s*sujEI!U$Oxngp;8^FysRAM;*uOcc@zKw3eG7a
zx6cq(lhRt*K+l(*OBu7HuvTgttE8@0$4r-bj~Ez`p{{4c*jmP@vH}KA)@YuD)*=Sm
zqpd>KdxtQvs#Vnkv{Pl_aJMY<pN^R7m`j2KWz2-_YXg*ZljERVjxdJ19v<wI4}RbQ
z1Pmqe+H0p_?>y49xt82oDk+431)Th+M+Vo_m&zDI2|ahCxw%EoG8mwfA@fXY%+D>0
zr8dQ28-JmNwK%+YH@Y&v?Apl@RA8C`DA6F?`f`{VCbZ;BG<Ny`zb%y;p<?socR%;X
z;)3o)BFi8DfLUY{^S2*i6|W*(EXx2CE#%;rtmV~JL%GETh_*ufg=`9c8Ui|!`O5Pr
zWy^osZcvY}UJ3!UQqqZve_!(sF-06Q5S$_>G5}5qrMYf`5HrT#U1;yz2``Oup)xGX
zuaHY7f}qN2kfiF23*_zdm&I9uW|-C)ZbwcIav;g90mue>I64qz$DQxJ)8L0!?Z{oq
zc8ZVlC9k`#$VPH+Xoi{F#H4Iz;$ZYlw~WtB8)bs#AFcm%HwVepX+&r`v}Pp-^9O2~
zmIPE`Pz54}YJ=RU-v{vy{X0uatEMw3G7tzxDcy9)#zu$-dy;3F98(Xb&MkxrZEU+w
z4&J?AZc-BNI@k$aOUZ;#U(do^T%H51TM4D;tcXG#EnAHd(z(Ssd2sImIeOxxct~60
zpzBS=??q7OVB)ZWGrl@yq;Hyu5D1{91z4<k8JQj@Yh>skaWEuEzP*j9iKP_jEFjw&
zJLKHOOZ-iYEfCBmO43||DeEIjY}vBes4mcJ4Ou#OZS^z%^HC0uHO<Zkr8-b$%6A3i
z>U1xP3?w#?2M+qWTiRiu+|+&Oe=iJQmN(8_f_b4&%M6cB_FcPp75=zDYAGW$OzPhv
ztShgOzxnI05=!y_5IKZ5{tOLE*L9TxN6%j5k4lv)_LKKKaECOu)Emd}-*fk!a`er&
zXz(MX<8L7B@E(96V#2VDvWFSrKY#N7liRoMkWx;Df9>S+(%QL=jn_^{hBw!qE=XBR
z2L0n4YScL1so$%FM$gdF&w6^mGJLpB_=N!~CeU;OO_d=HCLHq@Ma0Y+DDaBI#+_nH
zaG6Glc9>$pm{c?rQyK;2()mj;P7_?0SDydY3q}K=2}#q1ix)XzcRS(T#-@w2>070y
zvDP@;EDY|@L&o*b8Eo0w#Px%?O)k~~@gm6l5>)4&?VU1+6nS`VN}8)0Io}H+g*8?B
zWr_{`$A9=|oJm%UEDEhS`B-PX6in*8QZeAv=|m#P*}yqDd7rZ;m!rcsuXo2Ps(c6=
zlj%HHy=4aCePxj5!2>=+Y~5beVoVo|aNg4-D6bKi-r3s1&W<4~>86~b+rmv{I(nLn
z4P>f)%TeC&Ew>*czwumvszq3$aftNoP-|P->*e~@L0Q8q^k;Dz?0PXla@uHbugqED
zxG5JB8^dz8_aeX~E{$6{<lFzxf0O>x14IQ#7G6_Zbt>O6YGCS1Tu$ag3*^Qy8fyFy
zlEdxP9w}Tcp;^l()f_MLUQ`95WQL;JB;^I8A3PWRVD0>XPWhA2)VC=XbzMJ|){sv)
z{_eM4lf)9BQwIZl({S@w<k3ezD9)UOp_ST!;_||UUTNXa?6~Q3FNH`C(@_bSpjE*x
zGpm!bc}G3zgcQM4NJC3C8|eRU?mXb*uFw1b+?Gyz@6#TZY}uA9PrR@h27`fMnvj%0
zLV%`$X0=VyBq(iGlLiPhX-o}H0%4gE2sXw9Y;0j;TVAqdYg>DsPUB9}Nw@y*=N$4+
z8qyLn+VjhnbUxkqeZSvle4fwqc|7FSP>AsF+K|=-Y<mr2H5%!^b@&jKrYhO}#y-lW
z2KoBGep$YJ@7Lj{Yp?JW2cuNti^)j1#uJkhA+EP^+~t|I+w2|Y>#r~AuRnF9(>?7k
zE6G{_-oY}**yOgmZ{^B>vC<Z*?IS}&9k31HOr30!veGhuhe#Rf?U54DlS4<2>iUAX
zWDq2gY!mp5(TKftMGff&n$8DD!VO?5x7z|4ZsjF8;^AVtyUz;}(P%}tN)_44z!Gw3
zBI?!i$|#B0Wm&}n1jhSh?S^WK{_u*Ev*9>7Wuz5}V$vsNb*Y$`R&*3Ujs&VBkKlWg
z^oIt*a){IPB#q8t#ua*FBPi^6QIHJE4v+I{dc|Kq3mrDg3R6;13gNqh1a3~?%sKd6
zaiCWUU7GOAxycTB`PDu0$-8ft%Qh|sa9Kc(nkt7*@8Kl~+Tt^$xfA_p@?LElJ$&N4
z#JWV5EL$Q|aKP2)+oR&89SN$*I3yZ?cC|Zkei?mK1a58pZO9vsg~|6lJdZL&n1n9b
zj!e1G*)0bS*2yRDxFt-od+7d0<i78HGdx;AXF5%cj|M6W7MaH;+q<s0>6SjTj&AwV
zw?Ex5C+4#FsElBMfWSNMr4WtG06w`7P-C3LK8>GsGFUpkCIOhOt)pGC362!Sd1cq@
zw0tg=19b=F+8eJ&L#tGppJ|dKZ$nGP+|jry)A+@<y`&nXL-prTu*)xy8~^6B2!+NH
z>T~hPi+z~K3_$xRf`tUiZx(XFyvwhUP>N5S$6k;rsJ7>io`o4PA-)8tFqo_<{G)QE
zG#}LARk*h>2`!yP(~}**9FC6n(6>Ah2Jsaz&_X`5ZDE<PL-;*EAcx8rs{9cZm~h~w
zd}LL?ak++d@9G`^S%S*LiPry{Us5GMd}zCT>E64c!KPxCPvaw(L%yRiy{TKST)9l@
zdmH6S!$w)@SSBw<y(s4?^XcXbK;5MuQ0kvPBSow8(bbOSI=2yQW)ajG!)iQ(_}#A`
zenOmmqf%X%Cl5ZlU6xc;(aDMB<B$!4C+HNm&DU&}H|r0<mdS$ZgO*B3K2ZaivN@uG
zw;j;jU-Bv(xvqhp%YzrZ!H78KmXNWZIej+Fs5esZFNLqHjm@V>UzCG9!;b3d9+rlN
zGqiD-rFz*y_`q76jwUZeI+w!vBF4)ofIdxOd?pHh6y|l+M?Wf;-1<=_g|3xs_*k}i
z3&dGgDcyx7;v_HisgF*fH3qY7?mHtBG0Z|Jbx42v2`Wn+(u4$2)2o=Z6nrV}!81rc
zT9hg4FIg4#kGcp<6%Vh5>T{?jC2DZ6KQPyvTm>$a%Bqkg--Iob>QTbo<Akt5a5Z5S
zA2xyZLMT4mMczJyDv+`r)m+*Ec(mI=dxcWb*nIKjWB7j^9!*q?R*3SihKTaD?(KJ(
z<*y31$TVr^p@{~GAi!7cEek}(c!qdfluM${j2Z7HsM1B#4Xc2QgN&mSqI?B#t_~O}
z$S;CKhjrrpUubWaMN3F2aY<Gz&q4a7rzoh@a3ASiptZR}ckrVx{QTv^;RS9u(r8(=
ze9>*?i{_cmcXtLRX2#S?NjKV)age>H$r&|Tbs~wBP5-YA1S(tQ8W<m=oZl46XW7}=
z^z(MeX=ft^_!0Vot0gtBQVL0H7G8aoIEsrUg&<%WjM;p;MZER(Vm@;Qz#Y>=J+sm^
zAW;Wj7YmT65jFRTX~2&p2bg#kP@XbN@ac^<xLT+Ic!xOwCYeNGFSE=cYgVre!;=~z
zU+l(%jzi9>(Xv{QNq$Ks4#SHFG8JY=vV{B>0TmdrB3ZZut@$c*L-|*8Y*-h5ybBV5
zilJyZL0d?}6&rwR-6JZ@LUbb|=bhpiqEn-UoSWiEklyFF&hM5x({GoYlw5hP<2j&G
z5GwNT*zm$e$O&r1$|;M$Z%(rb73J!JnbNNfY%~G1G&RHcC;`GOhVd~JRts!zZj<_>
zr-4h;z#MYI8+DQaCi4>)p;1P>67&X-ojgfqlw&9?EBu$AZ2ws|%NV|$nO8o)2g+qm
zDAF7l?in*h>rUk&Y6-Ea@f4?Sy`=M`Iw2(npdp>8udAa=diii&rU6OHN|E#uhiu8a
zQmQCvMJ3gcg2afYV?XrOR+;D?5Nmgbgos2voElg&65s=0Sp(ql`YwiM#Y0d-=!{;W
zNID`S?F;3Nzx}c#J-AWIR(?c!hqo|YrAa16ekMLT<yj{#`Ncmx6$cWZ88*wjYy77Y
z)${_+L`{>v#K2wd!N-z15l`rE;<mLQ2;Z5-!Za&bqCQzWhO|3E`>dw$iy8>&j3Xmd
z)^H(~Us7oaeLWp<r%E>wahP`8f4rqoW)F5qVoSGtcKuzlV*XM&SXU=!M}96TrfM0Z
zA6k2tY*>mk(#tV|sZkFap6HoaQ7~c{79m8U6gnK?T6roljdn|9Q-s*FYoCnKkf65}
zfE+3;-rChh9h;_n;uxcio+=xP(%w1C1ONV`-sWR;+;a<`V7_{{Y+AFz7nrF?Ott$j
zbacafrMf{B=%tF13m8H3IQ_smusjCD=<y-0!g!c|keyKoWrg`t9+^ObT_9I4!Tgfs
z&qM-VxTt}?wM$azxC0-MVRq{{E2BEnj9HQ?e3^L$Jq&WfP?k+H3d?1N>XQ|}9Fv?U
z&bV<YH4aKl&IcsDqJq;hA$x!LeX-@`Q7`5s4@^p&BT?3_Sryg<QU0)Y2Ix&&P_z?|
zf5Md-7aLUvW2$KmGch!f;^ea8;fUG9LTMkdHg+rDT8Cu0h_nZ(?dtQYHBdcEZFbY$
z5tfG_XV#;P6oyO=Lb-*RQR*lYBmUk8y=FF}L=Jme#h(EAZ+Zm1EI8VvoSKq(pfRb0
zlv*536?3Q$YhC-ynI-@gOfMjYGCszDIK#s&_`tb&xzqwG#fGe7aYYe2phXmgjB?;S
z!&1tj2z#b{Y-aOh=lH9=1O1Qdbuis=M>P^k1Hqi4P-1+heY0!WV{ACt2_HGpketkE
zb54M{_LDc#ScZR1!w={vH&rs%BXF?(j9gh&D9gA%sj>=k9H)i^eLT59TxPG7dC9GF
zvc-;%D+e2kBJk;D=jzTRAeHf*XC!IE8XDBr$n+R}KQy74NPvbW(|OZX_$qL3m>T_W
z{|M=XNonsvjEurZfQ9oBC@D&%Ooup1Wfuzy_*g!e216P#hd-p2014uB)~~jAXq%_{
zT<HHeM8FU>oU&20gMqaSo6K?8pu@nV+DJFU_u<ibY?yEd1-3m*w^duuMF>!Mh=VxM
z+T10M^_R(ov?zIW-(%7|1fUVhM&^RH*u*R;NUD;t=^}aiY)~#;o)21gQcfHu%_OIu
zAX*=xT_`^<U!HnwCn;9~sUQc0sJ@Q_Fb<NH$AYTs={`CrJ)?a<m!NFKC90X7>&OZb
zQ5$0Iu||YlA2@l6;x)d;^pF2|r+Mej{egQQ{NiMD^U$qt>~D;ir7)b6mu*z7CY8RA
zNJ^xihR!y2FWyQHk;tp?w<0Ycx}r)pmQW>X?UG?MIbujHY`}dXK#^FgA3{OGMK5iL
z;Kv3wUE-$}%dS1c!WX*cBxmIUIR&u(8Z~80Pd`zh$g$V9%V6`6q>^t3jlEEEAn#Rw
zT)NJWNfQ8zADLp!f0gDFIy)g%S1+Roks3a!L>b|)8c?ZEo@QfeDy3B&%?3t+KouAO
zwgVC*1!RFa*5L(K{))=%dw8tsc#ZP@C+T`nN~$7cDn=GwQWjXBU-Ra$Bge4wp~S}T
zzUl0iQT$;Fz=Zd_PB2db8*s~-6_v7b!6Ldkkd*+@%E-#6yP-tpFI-7gj3ACp9g~oa
zYeCA1ir5^wODfsibiRec31jHVZkotk&LPEg`=@RS58V9j1JAH&$qZq?j!sSnV&dY=
zpmy%6`ITSXUsvZ^w{D%$3{F9jOXQm6ceP&q*EbwWNJ+UOBOQl5tB~I;AjJ^%*COCI
zOd?YJ{XKA>6H=I5PiC`z9dwjp@f-zj1yYNHtgY0RkhX(5tkMmJnywM3rb1jujZH`B
zw(EsIWI}DmvWU)x^-JXKv0*Ap{n9~aK~zVIB;<Td=0(j>;9m%nu|$aDWDwH$>#rOX
zOA?eBHjIxVNEZ55hVe*taU*={a;!1FRogDH61up0(@0g(EA8NmhGLYFo5yJc^<i-o
zhE#r&kw{d>;IKa24^tD+VH953)YLc&%%}qO(`*V|<nZ(I+!s~j)!b`TjwvFp@Xw8-
zS^%$^4KUu-A;rtqi-RE0N*}T#3b-=@dN6@g3h~V>*Pyqh2?4koDO|jsQeX@D{c+j8
z^I=)Le51@kiE6`gYM++}Umwf#wDsjH<kZPVg3nk<A>PT(a!Y$N1E`5xn2;XS9_VTB
zY+dcQzul&vegFRbK@<Ok*4?@;qVrUzKQB8sDnCDIGy53J1!LZBF(koJPGnGq4sGna
z&@Gc(fOtTEflX0#)fS23L`CritXwF2em;&KI%!{*_|r;d0Ewggp?0<8;TmTz<+bC3
zozjC}yCTLRqiYw+SI8}sDM7|yPWvZkWp@L_I}~Y_gQo@&HJNgQdAHWfPd|K*v_lPA
zcIiqPBM$Ho>>1291}|sH$=$z{1?1t{$)|9nE`t6IgBmQZHg4%6E1gB7VD)>dHL09q
zRf$)^xGwA*zIOr`vmg44@~WJ$C$#XO+-LQ_;Xsbfql>FI*8HLm)(yqyV3Yy@Sp+ko
zCgHQ8uVpV{Qwc0cT2}x)#({!Ev6T8SxBK@z8SeW{Dyf9aXq6%>%uf)+>YQ9@uWOJk
zw_eAAz%{^_NvBfO?;H%XJ?7}lc;wM1K(HpHIA;mui3*uB%+k0&YD9$GFgNG>H|RUZ
z(aExgm1y;iCYh29v_%9vTHAUzU3>Y*XoR*iJ0V2lv>}Z*W@X5g#SV35Yz8E%kpe@k
zIBxv}(9@_??s!I0^0UQ+8JspJ$t)Mm!l{?+5*ai3Wa7v^8R`R8<i3Ym4oWG|-0}?a
zYBZ(Fol}y7$$UK)AIYh)`@D#eMWX*fD<<W^gcR6^dtR1X?tei}ne(Y!osw0RknpjL
z108+TSuNoPbngT+fJtYT)ldjg03)0pU0h@>5a>h`HPw1@75vast@8M3Fc9P5J*l7d
z(BU{skzp8Wt+FoEa5s0g!i$1`#>rN9tCcAYxPBe66I|&kYbrLy>*P?!*11wc0}$fl
z7I93>l8^X7Ap=MN<i!fw6~y%Je|ZP*Ax`G4+amqblj5M^Oy2yt1oyovDQupI(rW3k
z=fa#Bk#ze6mMUBJA3H7Q8M)it-HSzKs*E*P*4JEy_)3zT?P;L-(PA3uA9oIow10-P
z;$d-h7a~-}O&6DOY1VV+&P^7V=9edDBrHP4HxQVaGb$l11pr&6fQNw^CwCo`s!#u&
z_}OU%&papPl=4Qwk-hwh)Se<g!Hlbw-zlVlY+Uv}_iZ^uPH9A?d`(87WX>y;V*JcV
z1T|MmW|hv_FfROhxM?jYot&5j?DB)89VHBK-n?)<SnXm795^Xuw|)u+2bx!u>pbXJ
z+;H_;W+YCCnMz9oXqqiI9THtBCy5=vi3%(8@V(ZBFIsHPV`<K!NUpqXn-bRXuS4`K
zX|Aujms%(>@E-I8mu5LAPv&#-4Mfx)f+=K<OhoCpg0LI}Y)b9QALP2E`9`FqqDBg;
zua*(|w>k*eONz{L_0?-6o=fcpQL|AwI(~3BWlW<izicyw{At+$H8}O`Q8B#!91UvO
zGDRlxw6Q?;G+X7`%descffD`z2pGUgc6t`=R3@p&S}56hX>zLln4CICktZ!Vw6wa~
zNCVo=Gv}HgzXRpq<HwJOBg}X5VA;4aA+&R+5QaOp4Udk0G~f@JbXMRD=FJ3>5{*e?
zSIENkD9jaANIlWp=7t`bUc7*5WgaPoy2<1{ly#6cY~vzvq9Z9o=JA1(d;26hKU0R$
z+Io{+K4*%SH7zbW{g5=GIB-=nAOvzoP8KD4az@6}+;Rm(vs+k|q^(zqv8`WjlrnKH
zzfuyS&hb9b_b_G3-lNAzKS<|jRmlQP`@vVg6z&PGURX($i2PDbCuUS5Wc{mtSjlZ+
zjuU2Dd!2Mto=ywZ9$al@i6^3N8&I&pAo+|Cz)O?P(6+)sP<aNGIAmGF3#^Jby=ajv
ztJ)+BN(-g2`7N<rI3jj0mvu6p5-aULSg~p9;R%@euCs?^_m93SpMLNONiK+%t8x>>
z-gH)m_dh44HC5uxPLt<7#SkPS<R5QHmDSbrWwaB$%??1Jyew&;X6_~~nn|P|3%GN_
zG$y@cy`k|rm#Mj}8H{3PyB^p#-gx7p58?Y?f1}g9_2<vr^{vCM(eVS60S(hLZr|zp
zlTuG<PxBF*XAl<P5|)vVO}^SYOrV50OT$$8P`QC!1GyYAZx(6JM^yxLXbdu4eYRb8
zq?+aVX!?jjxpGj^GmpC^2EVN`2UbdpE6<P0>eIclxNTTgoamBuds^s1q+>zx<#BqN
zqy>E1DW`<`^RjE{B%#W5s0n5v7n}DMZg(kKC{OHoTKd_DR=^D(r&rBq5DTN}ae(TP
z`bzc1nx=)zh@?Oqc{pFteu-8mcwgtKf+Z3NDd}zsT%19i6b*QvoZgG_h#Ec5vbao5
z{lMp?1Q*qPZXZx$4wF;oBtF6;mu+%LaTWymHaO#4X7_NX9D3<F`Md9KlgeeKQj!B0
zM4sLM;CDg4(#4b<A$u(;@~}HfRufg;a2b8r!3pVk>2b-ZuaiY&C~<*V_|7N_@n?io
zGd(RI{JA^0gf7iX)~`FjwDY=9sMd&bEj_OnZ@*q({js*THvDt>e8+t{6soVk2l|UK
zthzqp9FtVY*YO3})LH2eJl!O%Q2~_VJgCIB%Tb)ZA3y7-tz#-Z4<_LZ*eeyIOj;x9
zfG+@6ysOhK*Yesm!{}H*L>p#O>0m6}UYv%P@}Qp&=HvB@v3A1d3*vWVOCRO4apptB
z<T|CQjb^oTlqPeolSM19m9<OCWs=1iqGF`INXn>Wa2LF$r@)5Y6d!0}qr|5RrDj{v
zAKYp9^o0j;;O{P$5E%r`DW0G)dziGygk)n9Qc3(Kx>{4*ujDq~mp-1zTYH6vVY4hG
zz)4L-Xq4lva|Pp6o{`ra^9@TWrZ>5uTq5#Iq&N>$(Ago=^}Ui)>>&4M<|3wj<i(v5
zi|I~q#LGTwseHO4Q!b73$_GDCEfLhA-2`QM1w`f3{mf=wAvfJpD;uv^$7Jzi(s8Oy
zj>3~(eMwD7k-N;yjQe#B@4T}=>~{5gz5Uh?8dmF_dtQ92Ij<n|nz3PLc2Y{r?4pH>
z%mc_3&UN)mX<8ne*C!WVtK)=*<TPq-C*kS(s1}uRN}|##30fv0m6M9(5lQz@;dtRm
zag0YvIsE6sRFvmHk<O>t<cXSGIi40H1EgT;`(pd(ZYR3&0p{mGR8RQ8wc@fv#{2PO
zjN^%w<%xFjH1^7CJwup5U_uK4N)EGzVeyX>iDrWH#>7WRE6s46Psz{A3r9yPVxo0k
zWrC_&tLChl)3$eXNHaof!}KK0Pzs%86Eq<ojAAQth!oN>(;Z;&qqv)J7X^k|Pw+H;
ze?FxC(wdc!5}_9lHy~tQ20F)Qh(N^v^?|4<GpJS~BXug+QEq7lIjs5Mjbf!5S4N+g
z@qD9rYd<GBYt~8^GZ`MRmNWA(BzLXOkfjy*5Z$@nlo}0`6$SmvP)>#TVsa6HT|;+e
z8Z`iq<frHQF5j@$^7v1mIQinw_k2dz4&NJIL;YTFzqP=6hfW*ax$|7e**4|MEzG=0
z3~p&ScHZEf^c#|`(URRy(to;5yg+1re2_8{6>J*-WA$+gvX-qC7hK~EpgCQwp~eo0
zZ)B<&{9ssnl1~8Dwje`(R+%F$Q8YtiqK{B)AK_%A;V<I}a4Zaw%I5^w)~u6OI{Bu5
z@l#2Jk6e}k%EgC18A)F<n<@FiQQ1t8mj{_X0nnd=A^p@=Jp^&19sC{uf~u@5nO!xm
z^aQHL6>*j{9zQC-e5sB!gs2#ZF&i#;AH3_gyPCy;&rF0CGlO65q6<;$!gv8JfnT~Q
zrIykB7H2$<g~Ly7s*#NwY5*nTCDPLpZgw-p<&wkClgqDI4jC?9o`3XF*|q1el&-!M
zQye1;$y+bnf1l)L<ROm{Bah5f%HusD`FxE<ZroS{uM2Pn&e$yA#t{A2zSKPN0IRAP
z+axVM)9}-#CcBj-6GU#=w0Ga3d-&+*_{&uZ8!5hAy#1Dm*1K-H>EdMRZddoS14H9=
zm^`Wzd2`963t9ds+27j%A&j9;QSfsykFzw7Ioa{HDWYsNs4bChDNcnSb)iRQxi}s#
zg!7y<%o;G@1?DVe+U3<Mhcv_>$^!RTH%AgFN++eZJ(*GB0*}q2^Up{c<-vy=sIMyH
z!p2FN^_#?D56KnoL2<D#@g}<rvoHf-<XIk@Txv*^t<kBn4jM-a7x8F)gFN-ZOSqA#
zaNlh_DW3tKeyX)u>JGgjrg$#c(1<wZ<x6g9zKqhl6iq-Cr-cems&?IL*Fad!2NbV+
ztWU1IVikg?$OdPum%D2LWFm(p)ZYy9ggEI8qUp=7k;Ti`qH#htfthb=ZUIs?$jATw
z??vgM3o>G4`1mn#Kk<Y_r$@=j_!4=@m?bO5eR3&*qK#l-2D7acoiXA84eT^hEG5XA
zadygm-~CTHR5vINYpypkFm2g?xc)7c?b(aVN&NR;Zojj@{C`lBWPKdHM*r+}o8(y2
zDO-#w5Ll3u9F7pp$nYaSO*;or9;YvL!Y9c{@Sa2G@=XGno;jQJ5X886gY|@NUM^N7
z9qniHZSq_dlg|Ltv#<s!T<j&#PgnGeNhyA<5#QSfrzwiVA6G)h9O>0y^Le&_f~pke
z`RbDaStsqXY#hC13Km{A#27S~IxxFuM!=4H=)^$i<Vt2NZcU)9Hsq1Fp56s36Zr>P
zJ{w!l%GophyeH_d5b)z*LMD<no#l1LF#Fmmp=~XL6eiqL5bkMk8|7pN{O$7Lo9_f-
zER?>1cDd(^{{oFS8FKnpNU5Hs|5&>i3TcoVlT*jumS60C6%@>kTFwD^blWe&+~y>d
z{!+OX#~;})F{@U}fGt&?7|VqFJtUv|<N|zkI!y<RI>1Wl@2Uu#c2QPU<VsIVvwZ2x
z&w=a5$%#=f&LqJW9hEH&r_bK2Yqf6OIz7GEncu#>+X4$Yv0h8#>wAy9#)Rvq$7g{a
zjh0|Ei?soY&T>mUcr!Ya00T9qSjjEUlLn-KTiI;^hyWI9fnH495DbktPMVwVTjEW!
zcV4zM!)cl$Iu1s%n_*mLKXOQHM23aHa%EiDlV!OwaCx$r^YgF<R+(*Y4f_!rB!V!1
ziqzdt0ex$<TjFORz&Ccvsy3&T#f0Q3{O-TdQgi>5MfUXdNKf-Q$t8tb#n8*a$6uC4
zg0+b$)b~z6qQkE$c$%I_D=QJ{6w}0G<LTywN$DlPQ3Bg6%uJF5W>Qp1HROaT*d5cP
zC%0U&N#a9P$O5C1QuME64@s2kCS?pa@zPTd%J&{RC|6&$9u^4`%D_Kw|NFm@ex9p@
za^S%JeKNj#k66kJ<TZPVJpH&^zK|6ui@*o8{_cjqri4M~q#vSuJp4BVTA|+Fd+#pE
zM_pm8w@Zrh3jLOfYYegZYoBDDUgv}xSm59Cz3(jZ@AzQ-4}z@_)j5VPNg&lWQE!e-
z_{1d(S4PD2PX?#QoQ4<z8aKXjl6q_0%7t<W-c}O~iv^g#`MnIW!kqf(M4XJuk^$Hu
zr~L!cn@RvgIu$|bF_{*PC^kX9b5zV&fwR<q2alk`g$zUxb)S?JvpCW#=(^_uJ@=my
zLfWV_3zR5MQy&-@q$n;MxHlbwM_OCtH1yp85TfYFbcv=g>v462=Qs_8W@H#Ly2}Ng
z?DELj);4MA=?zQ$h9_>bh)MWF{r@2+s;$HWfIIkWROB(aN)AcRVGeN`L$ScgV=Znd
zGf8qu`UJS~SHwy*pQY)T*Dk%&QSzy8Jtm7U{jhxU6F13*wJW6yK;~PYx=k{x*U}%%
z$N;QD>p#^>4rrVcnDO?pNZGo`ARoD54cN3>4!p1@JZ{HB3__0%&EI*9I&jM7JD!Ci
zWEE#GYCa3r2db-UEWQ21?z0!Bw|1R-VO*XySoiO&)kFC^H$B$xdTVTyxd#~#ea}4)
zb$<14H+;pCmT(_FH0Yc18QV<LjJ+9@f;3Jk>;@MpPvR`{NSN8KIRvZ$MzoQ;7@qN~
zfE-R<C7sB*1D~5rptJl`gCtQ^Izv}oJ|-xVoZ4KoTq3%L<O;Cme9|W)Oh{i>J3X-o
zfH4(Z`;>8Im}(>w;B_4uX9fadpUYYNUwDnOgW=Ox5^+b8J4V95T+4_7e{PDrkd`DV
zScu4$RvBm-q}EK)0dAR}_c+99iAe&R#xe~9nR-aobg+iH6z%t2S)3+mg?2FIvoe3n
zt#Hy(>5F!e`WPjC2%@<mR$5N(lie@=K;Df0nAEKLklb7WQiq%IQ+&~u)^*o?6mvf;
zOWaU$P9Bm}QmDA9OXP_e7@&uz<od5)0x)Kh`dzzZ`hm~O*w?m;b>3nr&rd=aZbW|Y
zz@st`)M|#}L?&*lpb+9=N5Aab-*m4GeDOljrUz|puiW$Ny!XE@=DV8ccOJyz&VjTV
z{`u}5_Xh&DgXkEWUFdkd?HZK5w2~Szk(ai)q#De$Ga4-pr2Gcxy{TY9Y(RiM<QQ`B
zt9o*sphm?YW0&<gCGC8-#C7+GpWM2S$K<h?1^CCAqEs<9($6zOc@K{}JJby|O}p6{
zb3;H!1{&sjdGW_nq$0zI8YRPLmQULg<UjlqVrx49vNIaSaSw4(6(FHtCYK>qyfik8
zk+gLD(*fwFP(MQ69*0FxN#btMtYK~B(hp8kmu3g53UIcIt`3O#iP2dSbKz~Vx`t%M
zWm{<Uq7MH2Pv!ZipO+hI?~}TeZ%AUnU&-Iy{c$N<wld7r^n<HwQ}#3iGE?a~NMe)O
zkH0OcwC%j<&Xk`qUiMQrrib~>eW%Yz&p&@oGFEP&QkTv~qHmar*+UQhQl9Gq1Q|Ui
z5s6V0{O9?a8~aVJo`!=g?)?;03~jHt6rlROx8Hk$fAt%ouhp(MORe}LU+cN`&4Jc)
zr)MT@Q=Vymv^~z;PD6KboI@O)V^W0Nk%9(el+H%Y1ST`oT_q9JOWBDm4pDS942%>{
zm$(URLZkvYT>OEeTq(ytxq?VOP<!?uGc@N|Av3^=&J$FsQmN$dM^hZVfmxs}1zd;^
zod#vP0FQbV(e_53zXB56$<cl}9hoAHmKYgnI4K)@hoy(0<&=>;7jtT|5g4%ve5#j)
z^>L5WcSTQcYAz&v3mXTTj+sqhAs3$kJbCFTihFx|r9t||v|&=x_MQ;S^Sk8q?YGF(
zC5z>9&94*If@6bSBXQ)Th!NsF87OD!?8PTuctXDTxqlLCH>!Xh#sF1S%afA@G9Uka
z1(h)`z)Iue+XMtx60X=P#*CD3kJO`&ydnGQh)c3ynbMz~nVlPGY96$t$4t*wEe_p!
zx{laj$(^iU7=irNa{ca?clE))`LO-_JA(>de|7s0M(MlljtI#0vt&HUkeDihW`io+
zSpoaa2z?y^u`09EeGc7b8l=ZFW2O{_Qk&l?*~kVb5OA5G-<r69S#$~*L8=ZW!epcp
z6oTNX%>9a}DM?**9Sjn`Ozil+m}qWODd1eBmlEM(8(HCAaPb~M6MttPgR02Qfk#yY
zC63sjI4V|(@zYCy9n+%_HYZLPg!MQ=)IW>j+F%butl2P8<h~);jUi$J2MeS9&~6@^
znUe?kPOD9cG7HG?VU%;WfKsJ=`U|pT)mpi%{;aG^D;C$MZWbqjQDW-_DNJ$5swGH1
zd1$8V?iOQwB8V1(Fl`-ZNh6QUb5{(ua(}t}M_`c*#2V!b*DsZHEZR5<Kf!ZHBx~Ju
zj6GjXz&0nxkDizB|I#FdF+<2wF#R;QGSu2V9w^Q7n(}iDAHVOr|Fr*(JGNO~e)((v
z?djEZ{GU#6c&#6P_+h`onEd_e^%aX&N1JW8-(ZTKEeM!wRw8L%EEkzM2(g`1JrXM<
z3ZER!)De%Pl5&?-CUsu!2*NDDbkRiG$vD#heZGSr6Hap0Bq*~1=qaN!<Kn1XA;H8H
zaqfSUl!%)Vi31B}4tfd|bznYxF$D%MykYGaQc|3ss*ar^L0Bl<WR!HHRq~+zWGpC?
zLf*?D<iJA+k)_13aHH)+zN_RI0o+)yUow|27Gvk2w4FUKTduzjF}E=}bgU^%70Ly?
zxj_M)^=l>N()E(s1u8ceDaZ3oas*w;IXWD%^^!B+1R0*(odF}vsG{<7k-0fM&<9ZB
zl<SBCY$2DtHSbz^q9H=IUz&m#O%4pn^8|c|ds8-avzh#CI#*A(?EU#!na5@}m}4c`
zQ3LUDX0|jt5Rnk=+5XUdwLb+^Ha`6Do&V$FhA*G~^B!)Y{VcFP?uEuvcW#P|KUQh6
z+ajrx+d+09Du|VuZY3snh#ffup)3x%YXOUA1{<F3LVqfej(<$$VgQmD#7uht+FhL;
z<jfG)9VsZ!Sfq+hiiCwrWt_x*?gZ(RBQ4yrnU=`VEljqS{fwO6An8;J&xJ5QDmviI
z+;0bhjKVkTKq?zwLr6c2W1lRvt;Uj{U%hFgEQH!pkXJ@)h+oDz$KGWN5Mo1qzoT20
zu3s;u^Q)u~&5reJRwIAR$t}s3Wc>JW1+#u3Kt%4`E0c9i@&-uOFh%0%hT{^9*dW_?
z_Yo&huqY@KQ(-~)^!fmRCIM;eurbqUsOwL?T0S$CDBrm$Q!ZauB_24?L2|IkX=Xq~
zL13gYFM{~xnSIQ0GQbn_bRaUflyov>w%FkXX74|?{Rg#o>Kbg_+NjXLd%9h8Z13Tr
z`#C?)RBTlMBzQ|w#&vTc!$?%5-D)16@nLj1g$a@qKrg~QEJc}oD5bYJQDmdvb~)nU
zs_+`k$<u+2llZ3yIu~rPHgoffq>jKOWfeoCvuH2PE`W-AUZxK36GL>O&<G>hFd9Of
zTr(G0%YGy5-5zrgsbe%K$un8&@Tt*36{@;!W@Gh3t)0V<ns60^IVEfiBK)Jfq}3IY
z7K-o5Wzn*pCbskm+H=@&MdkB=U9I%vqJ>d2Uv9tgN?A%CI!++wxMT$|ByFVxV9xJ+
zMCPxBXup4#M4SeYu;epq33()@oy|3!=0s9S^MetD;YL4lP^5LVlfIR_LTZTIuUlTK
zbw?Tn*nH&n)4YEJ5M%~2h6i6ggltp?)@mBdawC!tMRSP}oi@L*d-#~se!X7%ty^oY
zJ9qB<9mMMQE#Z4!V10s{8h6g^F4|;^dhMxxvmtcV9OJF+zL3R6M4@wjRdu|JhFb$s
zErQFWP4wY7au_{hmb`&pDTNc|!Q}ZU4x}!skRI^b<V@(X_$+4%<+{boQDWs3o;e}(
zX=xP?4M${@IK4VhODnNc`1?uxTRf<h4fAj2^y;)14Zbca((x$Fw2>B=30_whdZ=Si
z>fSsm3~-Z@yh3O(g($D5$XjhK5(3~@3o$<-CN3OBYxy$B<}85gZ0tNMK2Ecp&5M4r
z1h-rzS)aNK3&A|$2fr@SNtM8<7D<YQfCnMK+|`Ku6y1$bm{j=m+|iSghHgni`Z_sc
z56CzEdcMR*qZT;q3I}1+FeDXz&2z*c`_w2uJY<zZ!}(A=N(u?-g+8;t*%}Bm2RcJB
zn_G5%xo_RAwGlga*5aq$`|S@}V13%F+FqG$<Rn*}e68MWjl5P1;!)#XOCknaXXegB
zW}(|jbc>*x6VRb|bV@pb{50K(E=U(QyEc`j@-8fq392a3MBJ%<kCac3N(k`1wc(7+
z9DGI0*+pTkE(ZjAE9JW|3dbf=fs^QAkR}VqmeXp(T<gsSWElzMs4X-B*qak9dKM?C
zm-i5Xxy5(LvZ8r{_^Mb#lSm|#%Mv;#3bGwEnP*WiM!<#Ch{F{YDog0<rZt9~8c1=f
zvs;q(9F)-0ugWVl0epjQ0p=1J?Z?>4O{m%u?6E-%&~CDd3nb#w>tqgjhB*+twvG#u
zYeep%Y^@v}&yg)@bBw$%lExEFG7ASy=|jU5?=!QLsqqfU_ehD#0?i>?TCO3XXpPV0
z@3RCAE#k6RwjBH6=Z|f=`)=F*AJ=-rANCLU=MP?BeeMcQa(#8RrTpmgy8?rgH$z^f
zA<b?{h>7wgQj~6KJTHR~?Ccbza~$Y21}E7Dm?W5ieomtuvYZ{PT7Pd2U||uQr~(_O
z8}hurwN(j4m|8?ks0}+Pnk&6EMEVt?-W$QjN$G=SNiS~@000s1Nkl<Z0%l7XK)%SL
z;E^K1wUx#?OZsCVAoD==^<bX4lB82?0*e0GmCMCRpHy2U%D3(zItnJ?bfv;bq@RlS
zrD7^kK$rQ+@UU1^!&RFYpoMRI^`ImN5jUB2%l)bjZ^dfRyBvWcz{+d{Mk#oxShu#i
zcnQqLLB_h<IwdX@G4uuKj%7~BCG*L_Nt;^s?-l31SIIEoQX|m}z$g1(zkqsRI{S6n
zkXgQl=1!l*XlSNJZoT=J58S)!j&0j4uRQe7?*%jdyY+rw3#?DL1kO)AFI+fO_vB1s
z>}{$mfg7@jBhk0_{0Y(+Cmj&|vIsL<<zrEjvLzXGOPjQ9AVo2pHY&Q53j?xz%87t?
zHdC^@#L#d=VhL120RLrx?`qO!Fq>Fvk{he^K$tt`AoT*^h*K&J?U<@ZiDd`$A4l#X
zn$?CrL`{04tx0k>Tp_E95~UIvE^Gzq=5*PSR`9XOCV@(`9LzREwo$3G(Ms%3qp6+u
z=mYt(SIrlK2TAK5Ld9T?+!}5bZ6_)j?1mXxQ8*_zUzG-YnI}X0_KWBEAxQMZ2t>{v
z_|c|<%Vc0WlhhHG2W8DJ=s5%5xmVK5OXwT6Ad{3NhwDzu&mMhKvTU7_l)us!6BUgb
z)HzgZ1GoMByPtnjQ`Cp=d~Xr+yDjwlUSNH)>O1c6*Gsh}|IvqjJZSXZTnhWI&>Ce)
zin01;h)g5tHOj6jq2n%3vJz9nsSF6b*mIcgN5`U*ld~8Mxs>XU5M0d;w2AxpVVULP
zJJRE%Fdg5=+1EyH3qg{f`=c*FN$nm$GJ(@hq>>M=ooYjH1fWBSaIr+ngGtd6k(|NA
zH6TeWgPRSK1m!j|2?alJ$rv`xqKE|9R8vJNqC1C^i_cC;jh9q@-$;<B&E5gDBZF*|
z;L%<LV*o?${1AQ2MDb915==|v=unQ-9f2YYjo8Ymx8OpQXss&u?!gAJR@N}uz$2M<
zxFMu?$DY|K>03W6k;TXlqK(yX{J4DWYv)mlr}iBgKNpjfg2QQMBM;yF#5e!p$9Gh-
zxZAe9E5`h8i}`N%{ZR`HyFXMNs`qch`mVh98&6J{0-FajV}jEYvzCUQmN^@Mz)6@H
zPjnoW5S@1>0xXLMaT8<)+o=@6B$kzQ<44oSbU{T)PS*o|&?3pg6_X-Gph6dRIz&*a
z<?Q6tx6_U2I?*ZfvY_6=igZ95h2aZjNAY>0cnyyD0h+V)QM^cGjGncVB7Rvp^=pIV
z0%qtS%1DNds1kt{vY-y$QjIEG3>%FUFWAr|zKm?DS)6RxAkKTP6#K64%i>kYCk`OY
z{qk<Hq%D)_h!olV`gt&8m*gy8E?#_k`voU)f*&=yI0+Oai6afwo#J9?K7CS}f4p7t
zF5O5FXOa4o9rF3lKQA>^10gGzf-OD|VS(|$l&5a<j&I!iWHmrW<~5nh5ag4+|Jxt6
z!1}Vf$RuaJZS1xyfAa9I_PoqxlYyC$1y_978cfQb^~_BNyJkkjkjjbU)#lLrusTO1
zg(5scgfbtX#Lx6FS5vdNcfCLZcN$!$418lOCxg$X(J`VXfV5&CV3FZ`#i!e)gvgt~
z4w49|6Z_sos-t2ky=l=ho|q}2_H#0Y?xhC@ofJvcE2Tu**eDm$jPi@oF^QlWrgN2&
zIMu2%Vj(iuu0qp=0r7)@2i9EzNspGBV<*K=?=CVnm}R$kL8oHc(8@Bx*@CK+63O^F
zEXdUO7=;KlKd6$qUHuZVeltq+5mL!}ibOlCt^T-VUIm#QX3F9E3$kO+xKz|+1!EJF
zxI*!^P+)At>^ZjlrAHp$rK!;IhwoHyNkf-E>h?!3@H?-5Cu3?gPkw9LWA$xKCl*y#
zl^;uwOSAR04F(!#NBs%PlAv*111tl+ZWMyRLOKZ&;<Lod#q}IJB2!qn%v7Mp!Yp!9
z>b{!JV|uk6W-1ARaC9hp8ZJN-V8V%wz=(oFkW|PDNH799F93QqYk)!72V6*QzHs#l
z#sd)vXDt#Jn`jJ@pq<vtYA8J>=r=a<Y86aX<jF%MJO@oCbb)cLXS-z<F1Ytxo5bu!
z!0mf)O3z#M@;d3y%hih{lwE;UpFyAGtdtZcU<oj{k3K3^y7ZHfXYB8zr`SPGpThiw
zWHdSWd6KS&$V;}!q26?P`ejnC&fWf4<7Ck7OSbt<6UQ>sor|7&Y+L=sJU5&Q{ZS|P
zopt$>EwDbJ=E-*x&hu^mt>5%5pFMtd`$9L8c*#byF~T~hBU{rzZoG(up2g%=!p=0s
zGTV26dAzSZCq^i?rI~5r9-vuGZ0TIk+*W5M1Ucyg6a_qJb}S%|)!L!Xw2#NPdpJEa
z@SthFLIaw1lpzE`bBo0UPMzo*B%omfXuB%7H{H2XMu29fFp>dZO9jQ1mZK54s_mF(
zoZ?$v9Ucu}?j;h&f7_SEBbnSHjckHKfR9#Og$}!n_fJy!Nhh`lh-1|XNnue{_j!Wg
z&*w&rv<Fru@2v^F?dI-DIn!&BI!tp<&xtvkEx~L{USyv3d$(^{_ixLedi3A>H*LDx
z_J`)V?=0l+`}!wcV11E?2<M-vtwp-2Hn{9_n?5mM8@;t6e%WkfLZa0=J>!onEealA
zR4iFspdu|O07G>htRol-aKZ7Jq#rsDNK1o^4k3ER1XC`I8JH8}u`XG{!p%#`l#?xu
zEH1Dor`bb;m@4e~36`S4xII}};!Dnw3B<Bzv}#0^DRG=B+i9`TbW|_INsz_}S~yu3
zMOm0n%zje!R)#f-g^WO@5kmxXM#`XGrnq#F%lA$qx{XVmC6?%e3KRr^3Q<gn!+a-H
z&;S59u2NKyMA?($06tDmGHj7!Z|#+dgvER&OYrm~f90QFzSx>tv2HdPpLXlnx4!v_
z+FA+f;=c0A`%8s>-{R{1fAR&^C%vh*c5Yv7ty#dYKl`0;{3K(=@^a#-gQ>)<gJs3W
zZ{_CsD#u-cluU%pxTc=hUZFuM6V(95w-H1skzKp_w1FF#Oaer`E!0B?3^P)d1(b;}
zOpqc&G5jc{!D>5bkkdX69o2^du6bmblZq%AcrP@&FmJ0L(P*^NWici_hlp1PLMoM3
z+cI_5fog6T6)ofUy=(^hK(HJLp%G+F@x2Sav(7?dZmSqcqgH1R$z3-%pvf{riK{r+
z)CTWsA{^O=09|61%pgDEM)smxPCAiNk4o@$wRRal^p&U0<x5u|_{CIy`GKE(<R`iY
z>(<qp{~U{}Yw>4UV145CwYC0G?Y*IG<Z-|J_Wd0<fAy<trXwRhdm<rjYL(S!Su*7^
zg<?{??v|!dBus~RbSTr|J%<=6Yfx|*Q)j{q>*O^F#nHAp1muYi1z+|;%dIJ2pgb{7
zJAF?;q_c^1E5OV&!R8zT{wyqoX5*uqFBc(lh~YD^M7r_m+QFde1lnUX3v-cfyzp1$
zWd~-6>ybjR@m{pka1P%Zs2`QCQMgO#Ij}epHbddh{ni0V&dq{=mqrARINAwd(5H4t
zIqfSdDjp8b`Y77ZSVH}SUEV%#jA`0uvn*b-WGX2=^|RmjJaxzCR(Dhrm~yE?`}e;)
z-A1qDAA9?=EwH{ZmMV1T!w>svYuBNd5HhU!=C|+v^8Cf~Yg(J0cBB-*Nj65bKlOaT
zI<IgxHwBc61q$LDb>1(f3aT=ysR6>&!#tpdVTt0RM^p3F088^%FZ3YoG>G8DjDv4D
zA@Z3Z7j$zv{ovpUW5_asaLrL!VjL$U17I~$FbJsv4gu916(4OY)iJHw+HD4OvG&n~
z);)p%8Ve5eI&d#!^{?C|o7XOuL{4t+?&s;Z`iLBH*T`odZ6<PdO2LMW61Ra=3iqJ1
z6howG<AY9^x5hwJOj^Wr(>9a~CZ1ludBgmF`rAvi1HrKMnP*JL2~7F^PZCV&^?tY8
zpLK!XdBNJ+{RmtbWcPy)BFUc6`NfSN_@Fgw-sPQ*r|a@96Xv44JX>;t)yIfApK4GA
zFwsGRALUHXkmt6ceB0dDB?;uMs-qbqeF@MOV<k_;K~h{$Whl@wD7&rT(3&#!ok6G^
zjffb8*_?=<`~nJ1J5mtH7GV0R@e;(%aoX_ofDoiiWaZJ|*9Hm!BS=F<5bZ~}5hw#r
zOkYwh3#tER6E#OZ_Bvvt%b3iPfev;wvPVpEL6>q6Ytq=!3DySxKj86YtxdGqQlrc<
zu^Dw-hs%HZz=uD0{bEDs-FNRM2o1^3n{Il~6`^;o<NNtag83J_g|52ip4r;QXRNj5
zTmA6{!)v_qYmK*k@Wz10^@X&A*lKO}bZH`KG9bZmafGISI%F8d_f1UEv=&tW6iA_h
zB14eW$-v`Bp|VDyap7T#r;SA?Y{k?v0cD7(ZS%@doHxVe_RDSgc`P0%8bUDP=5T^M
zbx_)EsNIEDEwDq<pEN<VpT9=D02=n=XC<z6RNjVb=G(GPI+rbz^v$cORAsRVX%@%4
zqsJT?KG_hOJbx}|O)fA6ZHO_`oo{XT9v^W|etXA5pL<rXFgY!+R&K7Xz3P2o%K9Ad
z=k^yl!N2*&YAbG<tNq&7r16<&!sPmj9Zx-5xpVK5$r;~uZZRC76laKyMBhE+L$1vl
zitL>BI}Wt@)9m(OJi;W}fX%@Mt)c;JcpzN=wJ;#Vz-b)q>lJfxnPfVWCB2u54^$dI
zr?68z$OAG617B=3gLDxnA=b&sB_f7&H^W~Y=w+n%;5|nZ98qv2U`P}ybFnZ#N8Uau
z-|6p?!6KAwmMo?3UVj@Sz~qwHXmcoZ=7e!xex5lu*I}4&&mNfUJ9pi#dp9rH@z6)Z
zi(3IcP|HQAt-a|FD)s&5b$h?x|0PfGuiqoPIamv*6=GNKY-}{#L;*Yf2hYC9177U>
z*ya_}CexjiSg)~1CnUP9sm60?faE7+2BOTi+0KDp1Cz7iz=upa&mbwDDh+`cy{=*=
zm2oHKQuzT}&LIy*%BT-^q8qtIJO0~3HAGeJRE<Z2D^=o|q5|aO6i1M|8eyMkmB@)a
zL_Xy67<)WpaVX?NP#AZ60@*=BU^K!Snwg!&AsEad29sz{Q`*{PV=X7oy<{}mwte9%
zcO8D`gQ}mcICqYZ32@Q4^PRi@qF?`47Wkb{X!s2%ZXbczI$0OwKD|JPL$_~8LxAbJ
zGj`+k?S`3^S7j8$%uTpVtdT_F@5p#qGX5n|o{Nn%dCW1!UekbKlDUAE!7)k6D1-AA
zP0^o`u2h>M@xR*pYbBk+(_#fE`LW0<?V$39svu+tB0D@kiOrD_vepj-&Gekk`euU8
zNV731Hpyy&3lyLsEyv1?qUj!Yg4KO!+G}_rE;H-rOS8zExMBX;L+i1O`~B)?|96)4
zoh$qvNq7JM;eWpG)@vXp`=y?=DspVhVA#Hs3-&s74B2*Q#kECr8f+MubZtmXNL)rt
z<*=Fz)?6q(eyTDaD5#+!cd*T9_GKqWhm4&)hKSTkLoYek=?H^iWMs&2<M@mrg0VqK
zsmzooai(EBMDD8!3?ZhOhRCZ!zK($q>gtA=*jTeQE8S%Fx0~kBjh<MP52ykIa(JM}
zGCBKp*4*h|F03qg<46DS>9&2(iG1v19}ByjnSuhI4<d9JLI3kzt3TwK|5s1&yS>pR
zq*Z#qE_71noGHKd$KI8PUuxqn{ktu6_1`26xJMTR0+yxZu{A>mW94v6R$lCIOGHum
zDyxs;eu^-ZIwxOdMga7ylB8LS2+9i3k|LEJ?U4w<)YB0Hs<oxF7nAY9Q6A)vT%c&w
zerKX1y#u!3h5lH}nV=)%XoS&!tg)r}Y~#QE!1cDi!Jj;+|H_UXJ0cb=xHV9*1Q7iH
z;O+n10>5*Oeznl#(6z?$ojc82SFH*eSbW2-{}|&j2Y&Tesv#XbIO5B^(DQ7*TylM3
z#BhH>$mMkO_zdaYK~G|uH8n1JER-<Z)fXL~5oc9s(qJ|-3uM|2k~Plw+zHI8Ysxz{
zI1}aT9x}{!xTj~@BVz3rGV31empUx^&)#`g7r!beIWsfCP%G#Bx7~Id70ugz`vL!l
ae)@lEabVCZ@Y!Sl0000<MNUMnLSTY>=GnXe

diff --git a/site/themes/pinniped/static/img/mo-khan.png b/site/themes/pinniped/static/img/mo-khan.png
deleted file mode 100644
index 8c4d47f94dbc7d2d6dbb5b403fd9a6eebdea4220..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 20615
zcmV)fK&8KlP)<h;3K|Lk000e1NJLTq004LZ004Lh1^@s6Ib=4{00001b5ch_0Itp)
z=>Px#L}ge>W=%~1DgXcg2mk?xX#fNO00031000^Q000001E2u_0{{R30RRC20H6W@
z1ONa40RR91c%TCS1ONa40RR91cmMzZ00`n$?f?Kl07*naRCod1y=jnT$90&Qul85_
z($)Kh2D%#{NQxAR5J(It5TZm<)@rR`$5>%m!3a-G%r8%v4*SRakRs$5D`F;QJXXw*
z@>mlS9!U<H5=SCw(OgWLAjlR0f*^qg8bG7Bs_NSJ{ndP5-gl~Rzpm;9=mx>b?prr+
z?s-n0lP6D}%vVYOKXAv7AMdzw<;qFAa=P^F-P+pfsZ=WY(O;|8^xNZk-t)c*5C2uZ
z&&G4`;K7&ApFh9C_m8y8z5P+^L0enfLm=o$kn>@l_tE~NJWV_GqmIxV1%j_jQjWVW
zqWGv0e*y2`@cuIOd}(cM?S&oEy{&_OBoN%w)3axNef<|f(33#(N#6SdIRHL2HSLJo
z8vt+G$ag~|0mk1f4S7dN_9fDMsiULg&*$goCw405?G*O5MeqX;JkWmO!iAp)sDBTD
zehi?s3OK2-j3oWLAtmDO1mKo+n{J)*KTp~}K6>=%XV0BGw|blT-qK`mI|O%jc0K~N
z{sW-!8$A7GWD1#^Av2I~nxN`PZ#l;6?iBIme7S%d|I85dC#|impI%y8`u2^{KfI8)
z4T4)*TAl##{}fPsqzsNm1V>zBcp%dFn;|&znPxZF7}xl{TfTbu7n_@#e{W@F<tw*H
z_m)Ke&=K6;-u`hY<e%|;FsLqi9>|Dq-+?^i^hcWTm%{@wkw!`kf4n12yd&JSjbYIa
z!+j!c*&k_me}n$~?&|95=SpF3x%Y>LVA$DD(A)nN;Jn{n3#3K_`)zomgF?0eoa5<5
zg@1rOzfCXjqs*FR^KF=AnqLG0{QPYg93=ZUHa2o~<~7ac=H@nQk9HX6a|;AV@-vkE
z-!3mNKOF&Y<@+s1aBpw#Af5ev0Q5U_bh~~5)`;K$pa3byi68;roTcXik=sC{#P+tf
zj1&>uS*<3PRjIwbBQdw<M<klRsmbaqX|o10Mda3IMqD5@kZwN1!rdW)&E_cmRJB_D
z<lNlcRFv~pyte^-uPXy66#)I)y#G0M4K>ym2reTv!c2Pug4Z`dT6?BO5#|F|$i)VG
zjr<I%OrZ-43pt%-IY@kZd;3#IM>Vajt*4o}$+Wn*xJ~^*&8F9HdA2XgkG4j5W1n{T
zo+Ruav!4DV^4`drcF6E%gWeJZGjfkW1^+jVef(w(7GME1(+Sw}w_zfMHE3F0Sxr^m
z0v>>6;7f5LJ;Gv8SO#s#X%K$$Krqa7)oK?=?gMFCX?1NWEiNtQIz*b38)aE<Al5ja
zaCd;<$nrJX`gh@E7bD<az3(}K0r=knF#m>Us1aGwsR;M&695YYnXa5hWNkokIuRh?
zQHJDvBE|1;`kiZox<!=b8}5K;YwO6*^72ZmG{g3ZH{AMKVeRV-p4r*i%%TmGRr@x7
z8Oc#!<2%ws`%CeY^zXN5+h3N#?z;E(R6uW_+9#fPq6L=xKLU`?lKlpjyi<_^!)Kdv
zB@!Ni)7;dYsZ&IWTmhYd%{)3VH~<y)kS^7!4$9kvZS&M>1=3<36)`bz43nZ)R+dv=
zUr*}l?94*J7S!y(arBFD=Wy%Sf2Yp6qP~W_L$u|y!bn&(#ND;edqTlb*dYM)XSDJI
z(NY21IEv#tMtLCCaG3LU`uq)``uh6v0GOGXN$Vg_*WKNn1_uYz^wb2D>fXS$E=8Rp
zrU?YCt*&QEc3{Znb*71d6@C#Ph%L9RxwU0mP>X57wwWgSVwsUge}tFA3~z8x!8Lvj
zmVLP){7rw}`H;Ltm5j)T0Mu9L(8JL=vor$1uyVZLG1@_GMw65yyA&bj7wA5+TqR`V
z6`&NJR+g7?e$(qL+sE{qP;pZQN~$zNnd>>+bk>*SDc|p|uCDDiM7@?F;&YjBi|sPW
zlf#H_bmf8C7`My!5$gCg>ij%?y{r1|yNX~a_fZ=9MLLl;1IkDhFgrPcp$p_Tfsi)X
zuuGkYlcFMCgh+ku9qj<SDJ_Fo5zYvplwxj;v{7zbYg^g^M@q_Ddg?CbW!q++kjniw
zF4}B;&he4newkjx2l6A#Jo?M742N=fgTIgO-=q!y8SZzfA?^)--Zcc%u#YqP6c}vi
zwhJI_2Q+w$kEaFXiNFA)^P`kxm`=aI61h6(&drTN5dmt`R-MwNZv9bi&cix55F&Cc
zvy7zGwN+U7T9(dh3<BFwMvP^(wY6_c)|TZu+%&qVD}U_p$N1ZDos|1`sQVdUdG0pS
z-!jQvK`^ZHH|eNzZUOmvwYzny42<kIJ#Z3%vQjD5N7k&cBM?P~Y4y*~&%u`GiFY0*
zBM6c5Ns#ko1QR0?WaA=JYHw*N*2$J50)4DQrx4|UVzVQED><*h&MmjQr<*CEMw`~)
zE^YZ~X)aj2lgT=q!FE@&;v{F^{u2YhxAoqJYbEV(0E?Gt+w-@P{-#OZG=imE8YFUW
zTM{gHw5i#-v5+)_LbC)5FhouuHV`EeL<(8*fDmLNP-Kb>(=!Tkr;YPlM8@FpTVVTb
zxOM3)({Jlhh=T`YmMwdBu$iv5DUyr9m!}2t6@#Z(Q}2YoX#X7`*yc2m{+DRa8QS%x
zDEUn-lj?KszoS97ja*xAXLY&rP(T1dAZ7syWSK^w8z)scKPtHzwh5qhxg4M>kbV3X
zai)zh2Sgq))FT3YOc#i?9M{!`87JlHM6C5joyJEya{~S#_2zi%b6^CA@f}a3jc?1j
z9Y^{W2JOES#<!Dxw={2<g6WXb@)s%ix;b~ZiW<Z1a3H}Yj8rTzGbNU&PM`}s<5VLW
zpB<V$0j?8SQg2YD$dP&jDN<vwRP&fl<XE=tP<pm44j#j;&!yKIEZH!fVO!Mg0E}|Y
zV|u?$U#)i1CZuk@8xiTZb;Uaudh0)}^!Jx(?`LVp8<MWy5Ct=;4$-zR@Z6RHBl;1Y
z4odKy{j_4Ewg%e;5v@(BquQRO*76_-#75q&8f<ZW6KT7eI@&u^GfSXE*vissT3<y4
ziGEoM6fvzJ)WM;)%E4rq<w;DIr(a~{d7mX!|G+>-J_S;S>*X4Qs2F^vb+BQslLwY%
z$t4WyfRekr3x!D)p)Pi??1%N}^xvTq#$Twz{0_6yzdOzG1X>p;=FdRZkvq+6=Nda`
z$EA`O*+GR;ifIG*0@3e?mr6yJ@fnFOg}|89Xx<j6(=;NkmADQh@7gA6Oa(IprWWRY
zzt>QX%+Jl@XI`g69a1X(MT9up<}%DWY@=mam*vWqSIBFfhD}dTCw7XE>Wje@oX0ks
z=FK?r9}(ul{!YueV-|hs(j|9;e#6e&c%R)|#5cZ8Z+_=KoyrGQiXu-S3XfJKUXdmH
z6=70{ah4@O1F(Jv(q)&fS4GCU5-@d`-}E(vqZ)oC?`GL3eudsG>aAEINY`J4DNt>)
z`2agcZK;&(x?C1)c@8!ar~oh3TaV7R*iPGH`{FU&K@w@Qr}W2krYSqabfvf>*r>UT
z`s;GKTlwz@!Hilr4*nM!qq|kvH#9mjm^XkTfGnvMHDDl0;B|F&=kJ(z?Wj~E_2@*R
zPNZ9wgFwGXb~&^TOLgExzIBk&)?#-Nrby=+*7;JUiaU2AwjF=oBL>;f9ey?)@;~Na
z%4~=2+a3puE|6<~q8+x&wm5hLM$y*X(E@KdfB8?OEr;n3IN1-L4^X#~^~;UvcKg0H
zmg+faux#QPK5u*8-Ko)rWrPASg%K&GwXHP+T*L?{Hwn7B*rP@9prEtPT)P1Uh?Fko
zL>4+}X;Ic$uub!<t+780E3VaClTrgh8#Kw>EZe0n%IRz`mR+W=c6X#LcaK;AtSqg;
zG1^dR7Sj9bda)GS+Jc)vcna;Sw6%qKejN%1>S=yyfqodT2v<n&&iNu&Di^8h$>k_B
zNal-+3mKAuUlFFOBW`;z<iPqL<3w<zt*4)a0N%?$zF1DXoBy^DOa*S%f0aTW->smX
z!goWk2#^KaaMMHwlyp@nxHbj{StycXg~c-azakbH44|TEf?ZZjOPG&TC|+B^C}1Z)
z%N8<rGWWK(L*)#Hp6;%?Fw}t#yBh>)@xg$hoVodhG`r^d8pQ?3K`Ka7)5{DDSTrTh
zxr2p}Ci0Nwc&MWZPJ!Wp14ix>dU4rwQ0)K$n{IM)vXHJRR~LQu9dO7Ir9X!6fM8+v
zHR||D-Z5TExvux#)}#$`f17NN@755J<Q(I>>~>3U9|a^#GIuUI;-)||NN$0ZuB{aU
zjKFd(ZU=zts3sx#dfpn8$r>4qx3^SMhi@pgt)(fm;*MtKNZQoV#-1;6EdZ+<1k2_{
zMhlc-n*RPS@;0YwsO;+Ea++UWO{<$*X+btie>T=CX}JdF&d!5WD3tcB!VOyTl+s3i
ztwGjux20a4a0u3_wCy0xu#p{<oc-37;Z_baJia4aJ?-OloP0XMcY9xtksVUiZKz%%
zYRJmUjfv!j?Sx?C8`JwO1$VHFkQ)5<kqSZrRzO-`FIb&%&Xc_$CQ~jH+TsKLy4#vl
ze`iY?=wf+-p16aj9fY<rc-k`pL_Vy5LD3EpyJ7DDrd}s=Is>H2hCk$*Hkk&Nkct=9
zYH5aL*7U++nnQwK-)QE0E1kV^HO($;rZ(nbDR>iPX$_(-+_~8Hi{PMM!vZ-DD(CJz
z1(YZ_;scJpBg}s9<c#+rev&ES)U9m1Zb`v3`uC|Q&%3)-YD0``Y+St|IW8JoltEhN
zE}a8I;FuPp@yyz`n1e;oMy-%$p-bjcmP74O9W7Q^>TYjI-F);A=6e8E+y%Q8ky5*B
z>Q>UVFc(+05RjnkD#&#jkbB6UEr-}VB{;8E88AaEz4mX^(&BPwnx30a<MS-fYRhR~
z2b8>o5y1*}T};X=u<ZGnS^9=5lyV392iT}s$^CKQMxXSH^a2(l@OmT~9&id6`7XoS
z_;3-<d#H|^Pej~K@12K9JtczGPtd@p_`GSls8nR>;#+^PD*Za+)LN;0h=vOc!~GT@
zO0%-)S`$bG;C-;To=((^5Myr#%M}n&C6BDN+Ez*ZJ)Nl+_AGL%yk);+%Z+Y_4LcQd
zFknP@)TPwk)?RErSg+yHR@bsFr?$45($wNgnpjv#uUsBYXGdn!<lJIfN4lOvCYYT^
z(4*{DxKV|$4d!lPke5*ORf@J>_Q^Tfcm=ZPxA4&K6EKUoXp7+iSJO8*G5-O$#jYl~
zfMIt>;h!P)kd<0tG$h`UGa47)z72~f(nq?yCri`pbfj^V2XJzS98#6d)CJ}3AM8s*
zJzc32f0xJwQJvM6EEV@5xpu=g^BgP^MI7mrxYcg8La}O?GSZ>kVkrhCGZ+-+6!xOM
zB02lXD=W904dz=1(!T!QbYN&8ZLTgtv2X_JnVO!>X1N>8*&AC$*)Fr}ul=zM>vP?l
z;a6wRQD49#SK9EW99Q;RcI4+Rl->ip{*N5E!=GId%)H?)(SIL#tRxT>?{ZxD<8AtK
z!><1>=3x=J!5k*SrD{jFVVkf>*=R>cYwD}E0o)!~achBC=FLpGu;wa2?qMEmgL>MU
znNvZ8Y&X9NlM|>ibZ!>$%^=kIP{23kx%}GRvxv~;0U(Q)qFHviN6mzr2D^LH@L*RO
z-ZOyIjkHexHh5&!Oy8;ET%O@wXtsg^wKmb^K})^@JvnImPZ>@TxKmif`7XsD#Q!aD
zvg5APt_Y@q|AumolnW~rTCTt(*Et73I6G=S!@{qSC55Sou*={U0fhA><53Dw`fnyp
z2f!UffZ99I1?!cn2t$Z!hk^?B46;C)5^|Rm%{=TfNy?LQTVc<#WrZ|Vmu;|m*V>sn
zLArj|zf?%oEZt1sN;ppw;Y}^30m-y!6UE7j90$KbTwka9@+!!!r6mM2^kP}q0+ri@
zprGXwoXUC}#5*}*6mTlXmth{^0pG~O`#1yWk0QSO-ciUxtbc+=eXyLc?BA)<a{R6Q
znR)>HMoqR4ilJKickKb;u4OxzNUJC(AWQ(y!=Pvdc~WU76w^syGZJzq0+;h%E66s^
zcMB9;Z1NMwyzD4y0_k~hL7~b3@R3Z_YOLIXY$IK>2q&GV9V!TRsTIkYGFMla<MRjv
zxflR!Q15}+Wz?9pG%<%xoAKG&+F9tL>sl<=zL`ZMojYAPILLNeP9)v|oFAi}Cz$KM
z(pdP82nM<Tv@ziu{f>r~8=E)Ix76<z1|X(!lounjp!Qa^PEfFx7E*aD0CEWgfkMR~
z9fXQN*?268@`gXil^ttf=bG9%*18MHxlnD|7t_Lr3&g{7w|LOzq>6~I4~{K1BQ`)_
z3xi4Sv$<Jp6}Gol(<&6bzO<S4_4FebOs2_|Man2xu|k!P$n{<HL7C(Fb@1)Lw1COA
zl({c*0x9EqC(gcdeb5dY^{lNtpZk$=!YHhaq;h<ON4khBf1Aed+(1ThNVBFDc+OGA
ztA1?D2m+J!J{T@bS5+tlw}A9Q8z$uzb1OyWax5!Lu|PWphuooA#4#YOSHM>+0~SnF
zZj)>neFlY~1Zl?rz<FcCbcDlZosTQjZIje=$<muT*f~Oiud=<_!n%14$(z!)mqqr;
zwm5i|sP*4~7IKuG@G)N_Ov~^yeSGT|K0F_xd~tW(`DA)=y(7WzTpv;tCg5)6qES(~
z73<<%<S#m)eUs9qaRR`RuHU?#6#}vV*@mO5h7z5VMU?(RA_iF*QL=gJ5mU^6LeO=p
z0#yrhYK1}Jqu=dC<FiVXq^d=?EZ4qKUsDt7?L7a=SzN|BXkgoQZc)RZTA^n4pqrXG
zT_N&Yne#!gEMEam7Xvm1tqL3m)o$}|&a}%P%kl}>mXjIg6Y<n{1MaTF+5=phKmosQ
zAp))ZM8O%D@zL;(3Jos%<J-Jas0j5ekR#f3hR2dZKs3WvHwY6SA{HFeAQ3In>`?KL
zIgj?Dd@z=gY+Bcz2tKe_=iN$$&4yft`Iuif=o?hxfY{nXJW?zM{7n_oiddp#@6le<
zW~!oI!=zq@OloB_qP9|OL)zxB8o4&z6iYz|uYGlJnLk|FA7PDfi|}}xC-Rv#Tpf<T
zUdLesBW09a{Z5R0Z9;kElnW{)-_;v=BZ1%1C;{ah9HY+gSbs*ERg@eORenII{m5m)
zUS+cd5Ztgw(^Y3@0v+__DlI44AZr)0hDG`6yj_~rSl?`^YGl`HQ)w6VsPk?O>3##j
zNEhw&?FjO1do%Sr5@?%ka>@{~Za#?27`&NssoQqCOBQ8j&)xsi|JrM>{d~FD0wVPg
z0QdLw1~393Wdt|+%ipH=JMxz+3V#8pg4m+`81Zf&n%^{1mK4^)yeEYjo>53#7MT35
zBinKmnnYSIlW(a`S`n~1-^Rszi$Uh5zX;xBEvvr*;%f*`a*HjOZMf*4ZSpDdgZRwS
z3o{?nR6AkWl%bV}YhTleWZyn2K5~O7Gx{B6=ZflojPuzkF2W*zyv=G{{mD3tGPe=T
zzU3Y=d@LgF)!Rncaryv23RbONTJ@mYds&4kP@o2IhUCl~D8k8ShXht$a%AKdtrU?W
zSHw$QvP%a;a|{6T6zl7PrCWycvFu-<n@@#?yI9t*z@_jeuU2I#bru5?!1K?xWt(gU
zLMLl$T@7VOJCZ*Q%qJ3+FI)rLX6NQ?08k&CWyIvnxA7<Xej7<YCN3l0HiBu)FA~T^
zaouRRVI-9sC!lWT$|Ek)8kRYmOBCly*(3;tF0*tj@|yTozU@YP)hW;sZrp#}6499r
zGygFkXQaWxnF?(*13~047c%FzAq=UwfT`!Sq{@hKWa(EPt8IcTyt!P;t0*Zu_&`3x
z1;iFC+HV%qlwXv`XhfT}kviChLjOWaBx~mU74+6^_KQNLW~o*rD?zXEc3?O?>2^a{
zoeFcB@}J$p8`A*iRtA^2%#LANI3k`5|Gj$KNGZW3N@k$|TkwE7@l&Th*q&Mg!a7-(
zy2fpGX#_Rqv`|`2VGHQDp#c%MqP?Y}B+GUnNNz`2;gY5aWM!d^^efm`0o`1d?bt-m
z4K~?uz%Y+=ZUeTW_LNi5z^tBZVsK^oiy(!<3Ul*Tjk&o3YiDrVu3l8BEm(xAUDJuk
z3WLt+Mklut(WbX8ZZ+O(SI6b2t!Ep-blR%{^T;YwX?f)6za3|~av71wusq+=S#1#t
zWrIu)nDIwos8(F!lzkOlb05HG6;dD{#JRh(4xlq@McL2<g@d~S!Dx|GQb^#Nz&bCX
zV3~$VGi_3zJYPpUDmf#<P)8^Airmh$B|?#&$(-9%+tjYB*s{zV1nktB7#K~M_)@9^
zYoNP5?d$DGuT4*a<U)6?!XxT(Kx@k5x5ffX>@n+hgHetw{RueUF6`@BpNt|hf?1+G
zL_zxvw4f+VwrU0O9hu(jyHGe3=CXFYD8G=Vox3)XWV<@pJpzH5DZ4ac3FG>94gsba
zrNV0OKpNoasEQAwGrQiD+@R_v_@=t&8kER155AaR)iF1DBGEo-uLYaM(xXspNVzPZ
zh*P@-Kgg=c8kpK*U@fr}a?q_~veSw6NRMSRa5mvY9n^n#-(XrldyzbBY_KOSw~&5?
zpVVvr9K7M~1x%yt`g^}PrS2Cpf@wge-f|)v<>-qMWMd0K<60`y81J)NT%<Ow&bI=J
zU#@+n5Eb^aFQKx^2yY{PkWGAKC4!(o!dD>q`6c#dr#N&*?n@I(;Btg~uwu&UW}{(n
zpf~Ls=t+mMgX--rwia6$ES8_uneCKD#Z4dyeHU$3AD+?zYDU@g21fH!a|>yaDPom8
zD@z5tMZC_^@$xD{6-?m%eFLcrs^4lsR%lvJNB8vdT}xB5i<F7#6u~PamUcGDL4c2D
zKF-JXKj0QH5ia2Z-sSJcbdkn)IWGK$^GL-7g7IvVbQF9q->MKD5VC6<RY=v>1d}ee
z{oEh`4N~DMq%}XYlvV)JrUL||Oia$C1<YWils5N!YY1dr6KQy;GaVfoOs9|TPlGI7
zIstGyn-LZHCW$*>myRyAR|0+pqxUt~{wkOrot#P+$0pOr^jw-jVA4XQ0|Nu4>pg4}
zb~@l;7q47gPJ8?NQa65ux<RZbj}7ffua945dQg&QaAE&dgMBP&r2=s{kn^a%L%;^o
z%Gq`bE63{x!5`-JFEa(>`Ediw&QTCfzlHh^f5iEYxSLfhLWAYI6v^9#AXv&Zp8(L%
z+%#&0R7YmT0Bm&)NqaG$8NxP;Z91vH4+DVNh0ZiJGoO~Rh7{{lGmDuTmqCuoi^1M%
zHWWCrryrvq)t#_axd#YPXwn92f)fdovvX+{Gu#U!6Y0|UM5bVM&&$i01%c!N@Bdiu
z!YqfUr#GJ=o}ODuTb)>!Fly9|pE!IledFvE2F4QoA&fr6Jgk6an;S8FGg#*2{3)jq
zhUM=vybbr!8BW^w>2EoHJYS}L)Q`8q*$Ay66tX&@JR9S@tCOO$v<fst#43neV>z;d
z^r|gZmz(`Q<aZx<y{|pZvR6F2xSAH{7qN(h9YZzCu*ypye0GuRme%^9JhmP|aEqG@
ztD5R?)e;i*k_X6nFJQAg$GpyTn~v@uU?6Pfb!(sVJP7T_M%yW%gZ*d)!;NYWESvdt
z3w`<qgOf?ase)M-t^gZnyKolH;5APUSf?Uqc9%<mgxukK_=kFqirZ!k-8?1u-;_r~
zx!#?^8^ioAhsAev#&0|72+VOTT$@3(0!kC?cx4@7j(EHb*$tEjB2bVJ4{KFTU(M{$
z)v~ruYanEm<tWDG2x9yCu(aT=t8M@*8=nV|E`zc#N8P=x7z99VX4Ve671rGb+peu(
zHR&`#`L29x8!HS5RF*Zi8@EWe<xv%`g=g-chBD`ACswrxQA{UL=mPc6EiI?luS}<B
zo_{5c&#k652E;n^zD5UX$vTwK8O$3j{#QZ113O$9W)bGQ9G>AtA9TX79A{YhJJJew
z{1r56e=3VUZNj_hY{<=Awtq%&@lcq{4;UtM;5yrMtSe!M)vDWSSTVwy{U@U4R-lk3
z5La7;;um4x9Q$NGt%Bfe)xkQrS@WE}y=i&jGG?mm$ueLnZER%BqY>*{Plr2DIzX|l
z0DFeh3?nlO>B8l!%&DVkggJc?DS4BD<-FS6j`3e7xAH*!94rMfC@wIj*NCr;X=Mv8
z!b%ux9?ml%pj8gtpN48I-3b5w3*XQ4u$sB17PMg)Hf%B|no#UyLEvV<xw~<vGlI*b
z;7-cFRlbP#?GqGDmsyrz=Y*iLsIfWhSPF6})YCu6v6O|hBvmhPb52@8aZ&8lsMv6M
z(}F^y1xlQU`ljaA@(GA4M@Tz6Q4>Nvt<~;)U~Fa{sd#oNegCzw^wsBHLKv#1-mc!%
z#u3jckU4$zYTA$G=Ai?_uu}}{F|S<*2P>-xbXZRgwDzZAjP3S8l@&O{Ec102Y`&Ft
z&Mz#d(d9}So#zlZEV#ltdQD{8Zra5N#nQ8a;Fr>+X^ym_%H-HS?Y})Iyvl?k_w#9_
z;(%$C8Zh^pv;~4A@?O8U5luJk>K0V1@miM(3BI**bfbL(3erZpi{W?r_(23K)}2t$
z;v(!9Gnpmk+_lPTI(FX!S;(56UV>V;Fp3*YPk!jJ^wlqYF^#@{Aq`?$vkBq9bY(J)
z&9A5P6EjfzbZY0kPz{#<@ZN#+>mU5_w6VO9o<DyfRao!#96Xqw`p$D{Y<xBiu5#jk
z4eIO|N-uuz#njH6+s2fkZrXv+-n^0az%j0@FrRBqizMzjC<o*K1L=u(-H$PUOZq>*
ze1`s#4*&-O8WD3ZU{4*Vt#hA+->kwwOuVBpjo%U8_>Qt8J&Pn*nCuQ4Dp<8=hPqge
zxNEe`ya+a-f=b#q*q@FMYx4{+VQ+BTJReKP16>{I@K9emd0;5*BffKUF|}_jr`74H
zR9R-t$^6&0wZL+w$^~j{xWhG$^>wDx14zaRdu9Z?Q~SEpfo`acwEG74GeGvIlZWq5
z?>KQP?H?LS$jj-;_q;3p*zqIOzmcv^&7?WZW@}q3X^3_9`yM!)o_z29^n+y`Lfyj$
z5YQNC9dL@h1D)ycU~d{=zHf2jrBD3IM<ZyqzlBl2X*&>4z%0W2-pv^oWz^sMFi70$
z*)7AZ!h?m}tkRvzu!$RVc!P!iU^h!0j*2X;!hZM$ZfK$qyr4Lbm2|`7*3@nx{Is_q
zRIyCbq{q2;YHS3-tT~-LdI${`ES56A^dG-~bi9Veqna@4fG2wO;e8<YSE1I2PaH|l
zogYd6`mev4E?k{V%T4#EJ^TC9*44SRIzN@Jo_#hQM*w^9{qIbN4j;{ieOIqsOb;H|
zgWg%{Y)Xgr^ra*FhSI5H$5JbUv-9a6q>n%Gfz;2&(jWeZ|Com9)6YNtXnOR-@$}-z
z6<9NfqR&pjWg)8!n>&SJIqyyUJuMX6eUk*&ML8;bqA~iN7aCnT-nbjmkVRn!e54Zx
z_ooVL&#TiD>>{OfY<MU=aQHxa`h~Md+AKLVkwI#%aYC>KGZ|MSi)fsb!aWt}d?;mX
za82PVYh@3pxzuU}nk`7MBPdALVE0Fl!3_@gu?*@@rye|+Mv=n5^vrYVBJ=cvd)m_i
z){~w|USi&NH)^o62jvNe-8Q%_poM|Br<2nao~md`2WaCy*4F)8tvI=|k%q8?`QXU|
zX>{T$%8|Bob#f#vaxHX)OAyY!asjTy+8b4=6SFWYyD|*Rap4!1KJi`7tG^6u(?ojX
zAi!=B+_PI|6Wt4^fW?fP=d5OyCLI6~G=eDBx*g51wXO8d6Nl1Euc3-$aoUNr?I3A~
z96jUP*Ml$xLJ>~^qWi-j7}h9xbTa>Sk*BYxxSL~+bG%Z}eMb(mDbMMDRFqY0s($lh
zKb@ZW{>$kHFJDOSJ@n)0@Gyc_+d9e<RF!am%_g`C=Y-Km=3T7=tpllL5N#Rj;eK@B
zRo2q&$O@+KLz88@x*3eU9X)Ar^-5ZFS%`pk=JoSw9pR8EKMPrTpR57NH-m8?>~?Tu
znldr*-IH0g5it^Ws?4~ZD!7x%EjP+g;BeWYvHCi5ZVio+2g6k9wPObB;j=!~gs{pr
z+SU#`ZU&(l$p|^!Ro2F^K_yk$Z$9*e<mx6tUw0ou5ashd14o!&nokD?yVH@q`?7%K
zJT7%Vc=TZUnMdE3zV@B(r0Ms)J3ZiywOuGZuz#LI1-gL(1D*jjv(~C{zXu3vX6oo<
zTd@lSH-X^RuC_G#z3-<3`}d*3<cJJ|s~2f{h_;<Ne267lQ@Y3{shh|eEpQ`tE`T!)
zD8Zu9pCjvk0w;l=fL}SyPGKc{^>`Okrr=Pkl{4Qfe+2;NWf8-Ai9=j!uslDM&)ov3
zO%7dmHA^Wyskz#V5QC7_Izt|n`v_YA%<TdV_}127(VMO5$Qs8{DR+Uj^VrN>S|n`J
zBb#uChmIXbm;+BNq1*!8+(IR~xsv|YPd<vo{7m}R_s^%}AAS@HM9G4ds+V~{%bkTy
zG+o$lyQAcE!UY+rOD+LLwj;Q`!W{nUs~6HQ{M^Sez*h;unwbrVWBuLf$C!HB5#IV4
z5F>10xJuY`u-pOl3jdIE9Nar0^A<SjaUHx(y)jaD%TyW}yCvBUzgc6n*w~=6(=2;V
z4)&xC)}v~cJh`y0#UqHSK*f8}POY$X=^YqiKbP~k%)eEn?soj@l?yW*Iu39*(PK|B
zH_vb&Yyrx>#DVQgBctj5LwnJ5A!d+9p-!ucEm*zj4-NOF-}<#*NdM2D{dsBz`468y
z1P2)4G$Zv@nJV&NC<HY%UUR6i#uwMq^8A%_<@q0^OBY7dPdxHyI)30_+E|=sfVuBn
zNk4J=fmB7C*36(CWWY4l(6rF@f_Aq-bVr_>!SiMXIR{gFakx7Q3Dyu9%i-m?MueBs
z>5sJKaLcSX+R+G&qe*H#bu>MA>i+cl<YJm;ox0)@2i-3u!Lo(XKYl5l`@!>>o$ndw
z=S)x)VF%qX1ERP<1uno|?byOxx;#FaUh|+f>O+m@9zM1w-M4>FHmz}<W^6c33+ud3
zyoFZmv3K2<_ICVY`Y%sCoxc9fr@0OZjapl0>SJS}6RFwzK~P_?QSaGbbkqn-hYlV|
z2k$?TKJt@4m4+Ay8_RQY-@Gf;#6Z}`{T~}^^K4pF(zNG^K`s0S49DJgL7BoQU=*-!
ze3#?(2Q16!%4r(n=QDx{+&;ZuPFybJcKngoO2WTWJ_s}q=QW1B2f7}*|2UeZS2Bfp
zB%}r=WM?&moRdd})3JSfm`j&XK`y0<iHS4<Rcp3t9V$oEO}mZf8KQ>{9bj-^CR1BN
z4~!-Wz`MBtxdUWoY366`v^JclwcuEvPp1zJrTc&JXY!`Q7)p~#v{P;%w7JG|Cg!9=
zwW~XIbFar<lqo}fLzrkGc_(kDouyRSxYm=%ee`|*fqiM<_~CTswJYf=n;^Ea34xGa
zk=D*%<C^(nhd;N1VL8i9($34GrQn+*ghrR=01GTjYvszyWjTKYqJ8_AcLQKMscA{+
zKI}5=(p@6=falj(np701V8PD12v>vb${g+A!y1%b8S*tVLfk_ZaVqg;pDQ4FV|_VI
zaTD!D_H(D<(@f=Ql?lAVIh#%XT7D?i!(m9h-d+b9Su0})4R!Vp?@dF8kOkzm)Luc*
z%7*jWc(El|L5R{6$YY~xa0qqks$MoF-wl>y^g}k@hBeAo&j143ICao3;iY9Dl6eii
zG}*V|B0O&90)FK*<vih!bn#tJKd%&>5nL|djrybTs4U)%<$-2;2#x{bA}nwN5q005
zp)@!#pLcFBoPg3`jqp<?V}aVjQpwGUDvt{PPJoWMj9`X24OSp%d(%AY%`sGl)A`CG
z&kB>q0YPP9YqieOW&>)J%9XS|2dsKj%9@#F%4nk`+T_WG_G&-vgvxm;<g2*d<$4FF
zv4FczOy)cy+wDo#;0(ASEK6ijTeMGZB~=THGAf1DZt$^u<8BsjnnsuFxPHLQv#;Ld
zk0fvN_C_RGNMzjUU9P0DLGc}BZl`6*kmYCqJ32X+mJjX8J3LCu6N~6|*?DR4Bp=pu
zo)Oj<!0Qh*>dgnmX>UI0#lVpIr`dZQou6T|ekx7F5<597G&nevrvXnZcnG{53Upw!
zuvTS#!)ArQ+`|1El-0tzSevb8(k^i;&L&gC*c3YJY9IGjB5+}tS7oi+gz<sO?QEk>
zn<}K+<fnLwD<8Jf1b24yu=d@93RSC4&2ar~i5iHOn~7|xH{dONc7+kZigdy)(&;xm
zzT<6}T-EQ$hd)!WzkHn|LL~QF7nzH%H~-g)3ugn}aA-=GuTG`$+2M4kyM-Hbuuhzs
z&D(?>vOn0`(lSdU=E{7q8zezT01RmxK&^rFX%I4j{`n$SjniyGSZ0?B2Lv&%@R#Dc
z*;ecUNxew49lSNLlZ{qDtcnMbtc6MICe|Y?+nV7V9jv`CU3eu;O^v6$!~0VIQa_s%
zecZ=USd_RVa{cZg(elK7=n0lX-j!AD!io}&*9^<FRgSVKQ0AVC-8*z;99)CntqU<9
z&sEpKXX_t%1O)bXDk3WIeX}{ZF>kq%MH~W@LK5AcUa6(;T^dOTAHI)G1uio|7+Hck
zdYLzuwI^mBssdm8%4{3W+^6#18|Nm_B8_ta=$xiHtU29_^*pdM<0_K0BC~63Einht
zO;^y8X(-o(9rG$T=%@`_U&Tt3^i54zf3UmdndJ(|mBQx`=AM7$l{ChZ>w)3Js4ExQ
zNZ`r{Pe0OjPe`t5G(el?kpZR=1W(_0lI=<?E4h*9*%w|U4tasW>~OBIfzs##raOf<
z!Y#giN4|KAkIW^&jq!D2Ju8bo8<cBAB#gouE4~}w(J1TSe|q8k)zpJxWAC0l%$3Zm
zEO|ECxgm~WzYG<+J=fm6n%YrnsOH=RXjietx`^&q%4zdfJLX4?;Z3`U@HBgMB`<9>
z@YBk19gfh)&QcG%LCaUKWGbGWndF98mS$LNcoF!KqsOoeL9v1WhS-~q-1kr#V=M5R
zfAgJmk*VbUr;errH7qJO_;nVkpMkOj1+N3t71!?!m?5s5aGn2!uYW6j`RQlTpCf>k
zoPCe}m;Ltw-V$#!*EOKG-};B;3iL-KY+E@l+8Sxf=^Pw}#}jF9_I6CW-9I)yohFcg
z*Fazgi1Mz=TnC7ey?Ius6-rhzzBsj*{>%4X<~@sWg|!5{04rzMp_U<A+*r4eCKmuc
zQt%>D`ZSX5By%&eQ@;OF%Z)j%3!Y&h_3t?dWpj}?yH;~ZcjHrYu<nkuOq=GM;~h*0
zZf9P6Db27(@57L<OS4=0sSGalx};NS^ZdEXsS|1c`Bz_0|NEbOhITMz(7`~Y?|@Cb
zg^m73S58}w3wUSPP@b-_tVqL3<9AzzhlgLja^;E(zUzlt&iYpTv5~Gzo6{)9ay{Ir
zvjQt~-P`TSd7`z1aDP`ur)u-*=g+3s#^zK1-a#%VgFOOx#9UaQFU)(8Zr7HXT|u_<
zqini`dH2fbOuFwN(mKC#c9b2fe%SWKx!2(a({KvbzYLtc><|sI%<3Y|<*Q??bJ2Ap
z$#)J6r*EGhL!z&wJ&(Q%)oDBO7K0fIts!_V(1vL!_)~xW1q8IIyq0(Mq*g8fz7rzv
z7KE)M>ZzAmJ9zNm%Pr^6pI_nh+XW(zmn$nbCNh^tied3Bi<f$%f^yz+nLGQDr<rFR
zVG2K6SW+sOEHZ~_8&!2_B9+1pmp7~FyXP*YmqzALVsx=3$6SgwO1rLh5Ue4)QntdC
zR}H$ns=36;Hr5EhC@iM2-Fo%><@Dm{blRdGmol<%Da~8rM=+tSynYeG`5rW4g@o);
zQxkY`+IKIGrAJPmfRZt#<)3X^rT=5(TVr4@V6y85i36^nm}_(5oxo+cv=JWgFT+$E
z=<0D7#BJ6^6ZSVe$9aB8&e4})SO_lbNY7A%ZVheJCY0=4+QHV{RRC#Bg(Z#p#%%Nk
zRe@3@Ur!XsK9RLq#})_%d6eySgPTa@qgSWXIJQ-(X%-IAo!8YG!+FmJ#i9Gw4h%$b
zyB%g!8CaUiI*2z>VJh^^V=@bu$6CzW_$p}xwtfXQX>n&369#x^%;ksI55<9GaSHD#
z+?RR%O5K0Mt2}CqbcDoc@!NRA!bSRcN4ReR72)-fR?jOn;3!Aira3kaJd3o+;@G!m
zY*j}JHG!-^>Va*SH15kP{dOSv`ul_$oqPKnt;*_1>+`oD+Tr272wc@ojqa8*chDra
z7s=RVk0wK&_wD9R4KGid6ln-?i&$~0D4AnURRN>rh$_}OCUqt6%M2RTo6AV{YiwHR
zDx|STa)vu~0V81?{(x`5F5VFyb;LLE;<P|8fnSOQKh$?dt_JS_2^Qy)M}4(x=2a{m
zTS3Apbi9-7=uBgYq3KR9Yv&DiZk92Vou8ddhmPz+8s3*yv8MFAu4j+Ey_WHj?%z9{
z9vIpOg>y^=_B)1d+oLOOY%26J_Z~WQI9qAF@cj4F<x7`SjX|b{t+{g$h0J)GnOaWW
zef|gtHqq+~>B<D#lFYs1Xu#$;$FvN~cR8e^sTsk=pEnLw5h>CFp|@KS=`&6<1$zn&
z>-$j(%D*|dQz2GRuB2S4;eLlxs4=We<;IosL|VgYG0d4aQ42r`0EgSym(Wsq6CL<S
zGb~qDmN(Oh1N%9EHkH1=IsuDCq0xn%GFExhlO97stHql5#KYa`I0M0r{VJ3=dhs&r
zSF}s4RhMbo;UmY>5Xz5JP;7Nick1vqz5NGL?><ayp8an69!3EBq3WY2kEaUM{Oag9
zQat<9TxIyKqx(_FRMS<oW>?1Nu=+r1=NQX8hVe5jxiT0SRGJa-f7=C&$}luCzRU27
zu<gvdq$|gV-@H)$C<onMFf3TKelh-c^!%`#0MW=@mMqn+u`F6;J~m9@Wfa@3PP9b(
z_U=vRuFSDHfrTUp*vBQI_wV0IW22L40%{t2{^eA~<mb@ggX!prqiOHa1L^4T2lA}}
zOS4mHKM3v~9M0@-XsAC;j$j%@9hY7{m!AIYU!{|56r6hJds6$}DmKkC>4gigF^5;u
zBd3n1M;^K#dBDA4ehQwse-0(cB7<*vjZ4fycD~%DJ`E{^?S!nm0bd8iP6T7w)Va-(
zw-HR@Z3N5r>j^Uz#_00hNR>HZQE09((i$G=Bdk8Uwma>2#6|iX#)ms~p3hZq$@gb~
zfN=z@J`@sOz2Kb}o`Uc<94HW}misIbB9Cwiuo+3Y2{uq0nM|)te4C|LA5!jWI`z<L
z4CBVrASSU3aEB%~2gY7z>E!`7t_EI&GkgH#x5Baq5AWls$|44LZ2Yqiy^b34*zf>q
z&o&OLv8;m2tk6i;z>9E(8H6&=QrZ6Km+!J`{Ej{ggK}Ja`;K|ITu%7Qc?=V8b^P3j
zU=$vI&LOaWMY?=a*~~sM$w#60`faDQigd~3+L!ea3Jz|TZRyN{&Dg{wY!`JQOCP5K
ze-yd{Td5i5V9jh>Iep*Cm30G9w&pUuuvRqCSZ*$1VKI`9vR&7HZUprv%bG<t()ey-
z`BYOAmhHrtkM|FybuIv}adKgUjgKXi7;D`6-hzf}Y<4D%j7{;~%2JM#6*Jr$&B3*~
zr8(x`LV~{6FuFzg>*CV0$hvI`=C=hVkW@bpfPcPBrH!NHW`&!tKv2N}BJG_F6!WW&
z6uI6|hxnRS&?c?9t_9iCP|6hqu36T}9qsPWu>5J}cZ}Gf^1cjhl3llA>6KOp8)Ocy
zx?$hWd0m9FO)Mryv2<)9d<$(^FUAC&>=dnl>=oiV_wbW;G<;%gJPS>e=&Tn|cDTOY
zWDqQ1nwyRCFvOceLpH*aYY`3FQeJyQarI6If%wjSs#9rvmtkXAIMeC^2NGC0f24~%
zkv`spe_mWhx@`m-K%zh9b=^f;k?>C5(TP%}x1HUNZ4VSWtAV`8b_t>drN=f`Q9&+4
zSu1Y$HFxKw$QmXx%WGBEu3MZ5F3ech87T9s%Y_mI<acwgBs+Kv1};rO$m-zaL@O+p
zgP^Isn~2`M>GI4}wr}?MiAI2<{#pvH2frLTXZ_6jdy9cLg*omh8ZU1Gm}g_dE1@!;
z>bMF7l&3rWyBRk|y4wa+L&B)9j>GNP>kxeO=+V!<{`%`PBxa}kMi+>?F{TLF389T)
zjb#`gX#%m9meYY;xBJ%AY^`Fl3aj?^SB?Q^>e56<;VWN_00OkSSmu=e7>b8MPBO@*
z`&!o0WtKx#^v>1kaa4?4yn?j|`}(OJ4&AhjaKzxz5@d|6N4Nj9#2f(m%Pf-?SXZwQ
z@3GcJ>hc!6DOmC}g4HZbqy<i8c#0o7B~5O428MmI4?em;VDvY_b0mM_JMu+%z$VIy
z?}%@B&xpfw=gw^hUx#2KR#8y@DY2i}PH~q!HqbdUSWja|q6637GCMXN>RWRQ?$fgV
zWbu`EZk(Q(p!22N-nk**wWw_4<e_&_PH51_JnbcCZn|g1Ap^$E|9lHPYDep`M0cMy
zDWl2&I(Yz_F4`%zP9uc*8x5NCxJ9{wWTnux&hl%V!LSGy@m>yQ4@!w?N!99&&bo9W
zI{Y`Lx-lfu#{0$;*M<CvI4p-;hhQT>@TZ`NPuymKxh#<th$|N!qs_7cq474X9B#gH
zoeEa&2YVLx$Z$`3@xllj4eSf&dzBDpFqQGrH1*Ej-(1CrexVS(nS&9G6f&UvtY&1O
zY%ou{6k2AU-AbP3N0lknJKr+^dYHS1h6hPg5Tb^1j-eIGS%3w1p;1$VHUs;(%F)rW
zNq=L>d$aOLqfGllUSOf~9scNRj%fH3X&QpJ^OnN{UgfZ|AKZO9gsTX@0l^&G{5JPy
ze38OF5{d5gZKKPLiEqPn@h+F^0Es-#Q=Z<hAzU3q0WsXgt?C$>U*&+9X`0w#a{JIV
z=L%XZ*<&*&`n)n>6}IX1hn^#H-t;2z_}zsg2lj%f7Np*lG%_&-ckuoXZl{BqJ*#{_
znye+H<QDQTGygiDYp><zhd0lU%!$;+V(w*Yah;`B(WPswIQm!aV<0iY;yd~u@QH8V
zJB5|wckq8v+%<;ZfM64V;NOFte#8d(M1y>n=gBB6(nJT!;W76Z*GT2j3F9I!qY#9_
zhFM$o@LNPx4uoxO&81<C*H_rXo#kml0<JL#G?h~|*bK5Y%BzyMxoH_>c%KIIH3E@W
zDQNQJ`Jwxd4x{<%NRzC4hlkwQXUmV1i!CTjR+(d0Fb2>n#Dj6py(%u6VfiboQ)#hf
zBTd5MYf$r%;bDGKXGARIDZu_ZD5I}_M}O>N^waQghVA4cZNQ|QKl1n%mgV}W|MwcH
z*Ycg{Zg8xJze3<QZiu)=Ks3g8R2~g&%o^cAxqgdWuORa3d*`)-2M$vXIhj)jkb)0!
zK}sLO(;9+}CaanPc<Go5fA6L8M?Sp%p{?EZJBQ0bmev_nRGKpgMwdBiGKs=s7B<a|
zRm|Hgqd2JTvDF2ZNn7NpqBv>ie9<gc9!u;sPot^ww8ixFe40c_q9Ofz?!Pau&w=uG
zw*vUv0eI}w8+DC&1E%qADEAw6oHYdRf?!ht_}{%D^(_Ld+()Fv)7a2@*}3z^MZDK3
znMWmuoAg~=o3IBH9`CJO)r^(-uM<k^<(E!W_WM(G-qV4t4v1nM%AFfa2tf*8YiN|z
zf>ki(se(W(;Mj?3OLNT4mpM*4jWoOjtM$j9TbNs2+qQS`bGDe_)R3@Ol-?;<LF)>G
zVhSmI4oUeCM@T>TE>xaQ5AZ&En;{bYh`tyo9PXBja^oH4$M?-}b!`YXw1z8xK1a}*
zof^7RnAt^;l{P-*q66`UMY@7=3+dCcJwLRUO@&tGMmO`h9-P!#QDe%(yxD^VX1hud
zEGd{Oxk70fO5VtG>-5|TODfH3-7en3N`q7RNW$&p^A4-ale2l=US%EI3L9VIRsfdO
zu;MCKk;|C(xc!IuEqTV#cFnUttnT>`Ed8<foJt4SO{$`+?(7{T{91qQPq}Y?>!Odv
z*R}6*xPJS+8(bqU^7t;fGj&{*g06XYmg(#9>@Yn?;s1co?GmFg4VB~^f#7S!7oCo8
z=PC1<PPY?4@=g@-$Bvx<=$e~)X*W_VEmcT%*#pk;yERt;46zwD?FNNL^xnA6+zJa{
zg_XN;;j_w|dKJNH4%WNKSth0AJO@*jdSoAufKJ20U%7BGT^jYrC|6S-J549|_om0+
zbuvA~R-|^?^IN^?<x4Y2<O?9B&@|bfM%e5GBh%f=nQy1O5hlXx{w+A)uV6QRdABle
zieNKRz#%ff&jQL7l)v?di!||FM!IqF9e&f58l06D?hqX~a3tG2VMB>&>H^0$o%WoY
zIc$RRqYeG@5)!nUE`hAM%o+&xmK|?(RR+kveT4D@{N{PvpN?HXcyle}T<-}6kG)K>
z(J+rXat(^Va&<gix;nvH*Q<i7>G-~$^xg*!rW4G){jl&YwlA-2bfinHvnMCGLV~Hq
zK^e}zgp0n$cf9R;z$yIZi@fDH%ZPCE+poyO`%}!le;DQN^xjd5E+=G^f09D}Heo{%
z9u4q2D$^egu~Fe7-Z;bKv7w$=i0{a6x;CU_i|{lbO5kisDa$pi8A??z+|RZl1j-H*
zXMzxdy!kaFTAqz2+LI7n2uogH<auO&YstGiyx&U8%PID7y^MTHTPl`g8t%EKUQsDR
z{aSSF#g6(tY!RM5$_Yiv7nw6GuRWgH)sH16?a?SfoUU+ngnhL?_Q5CMR1S-N`ZnHl
zH*@83OlMhj0d|s2g-?2W-p$-iDcFn@uuP$ocz+>~WqA0@jnp4;@wP$baM`pjI#!M|
z%*JbaGlV5Y{)KNSNjxueQopAI;GuO&Tj-6M7mJ^=gF->(8i}kv!^=D%A^+MZgJA|W
zBx4~{tK~1lrj1`@i8RT)JAsjaLfSIcm{m3)nql+%89?tpeIPx|2EWsTziQgV3BoJ0
zs5Keu3Uecu&QlJ%Od#1kYs)Spq};dYvtf<l@ok!jFNehdF<w`%<G<r)-fy|mxg`Z#
zAWM)xV*mBG@IG$EfgIzaLHccoE*j@M8W)Ha2tMU}=CMp4<3w1bkt#KqLo<kW$^+IQ
z*RxI7M!{vdD3q%dxJ@oitzcDw%@oH(+$8hFAO%9D#g8|`g|^Gi?W1kYAPv64oDKDh
zD84%>`|xmgdhEULNc*{R$(wW9k*v2c*z@$n4A<w?kmB1r5wwudXSh7ZzIh*|2hycv
z+pa73(XfC;j%@go+eBCywvnVUjI{p5`yWM~NVn7bwh&A~TOj!F@_vTO@>$|WWLmft
zMy1B<kH+~9ziHz;@<g29Yif}|vP-87EZAd(%S|RYe{^twLtrQ!C>$Oxdbl%-b#Ch(
zG*sMHrxdNCBL8w3^)#|D%g=x&PHkBiNcEm8$7T<AZXD(Mg&#kCjB~(VlgQCekmlyZ
z1_&PEVBAXAer&*)M##{OY3=mX)$PHUFCAsniDcP*^gm!_U!tGFKxZ0V#Q7ahgy#hO
zF)wkGz(ri#oVV9A-4=pP3p=>T)$~&FXK66y-^h*)%fPEsqWKIHS&`nbvI|7V+W{>Q
z((n9h2trbvSK(6>D1>cu<a5zo90a0a$%=(&o}-~~`9>!<ezx}WE8v{2_xf_@vd91c
z59LWjK~%yyf2|ur+5+JDm(5rR*oI~h#@vM-o6Q9;J%xr3p@Y^Keu&G<j`VYj0CTTL
zPMRzHOaNPpsIgf-VWhXpp7OvTqXu&!n0^o1F|udC7aU4CgQGHRXf(q~?6(h4s6W@Z
zTp&6R;4(lO{N=$x6bBnCza=gjlI{9=+X%J<be(_6&$Rskjr&J_XMp9=U$EvFh2=&^
zM+87QJo5Y2#Q^ZF@FnGmV81=b%c<VfKFCS`sj<|BH0%Xxn+ygO8mhgvDoD6cr1wL1
z4`Sg_)r<x~ii^TE<ddSinA^Qw&+8M1Im0{5F_gjH&UAn~ul%{%;uND-9>K0DJO3c2
zCmf;RR~9fG8a$5V&90V5XtWGz?*X~?-6=;l?^`5u%!cw%%;kO*16+<K7rVy3?Y9UN
zE&(6m6|gA#O-uM60GGeif4lCE5Nx53Jo3mtIdkUBV^sD58x@TS<oX?>&IZ~!S?%pQ
z^SjoKIaA@q^SEm~*zTk*gs+)d4y&<A;B9v<g_w;Yq@rF8<jvpH)syx^jqW9@`t&%b
zzueu8bUfJC3u3!dKh&<dkH{qp4$7sTW~?nW32NbX+f|VH^40lN>%NbEfiZ6Av48g6
zhk(pw>}y6AbGR<|gR*4X4%h+~a<jsp6Y<CJKyKuTcbOn4`>97Cee|Dv<ttx_the<p
z`0Q;Zy_RTbXvm*^e~Rab4J;$K+&GbIyqYSVejn46ongf&FOa14JHWwfHm?hy0mKa?
zSO>ob<xGvKHZ#U8u-IyWj7{vfTn{@KT*~-^9KHNRPVvK7Y!gyhD|cb4&GM&uJPy-N
zI)7~1rq~*{6}>P#SArDn;8~~HuT8C{iNvYLp8K*PfWMHYQs3votLM^FPko8{n5Ws4
z5W)V?wf)igZC@jOaVt<U-`ZcFK%#HI&EpfWs>4f``~g_=<y`O`{JDM7Diz8PA72K^
zAEolI5q#bHxQsj-9i5Eq#s>f*%y*<S-hbXUD`3<%`P~FdbaNgwL(yF4aNs0{=&u1>
z_KcBgDIo)k(ld+okeIq_uO5_2{o&_!j0c(!z}f*|56d8bjYSRsW33N7XqZ9bJSyfd
zapTS$ceS<;9LF>V;M;cFSAV2NvgYq{U-XyzDF>5^i*<jI-$CzVn26QYk-1&I@S~hb
zVDnKf_r7D~T4phM>bpY+l3$?mpQG|6J0pSuNo52Y7B142zr$ZnCqTRwK_t^_VORhc
zKH3cRX&%p1n)(i(O4FNNEQLTS-<ea01oEt5ZRrUKDchfGcR!aKkMgay?iag^@(}r^
z8x|m{g&(`}cw#dbr8Gh1uTCOVwH`{XL+of#p7(S_|9tzbU<bB6|I#Y2^S6((+(>Kx
zBFr^2INN>%zds@0hBasvj^m@6H5(h!>q@0%30V9b$jwIVmUXA@8uafpC+VlAroIU<
zf0Yh!@r-CFoc>@v0^RSO9#b1GFmwTw_+I2>evE1_MaicJdHVxYHEgriP<R}C@I7h1
zy$?ho7;yw5vm^u`&kFlP9v(Mc!>=UW;^0u~W;7_AX~*1zVAjkwV<&TMFH-fwW=nc@
zlmq0<xz!#O8d6cFaRwU{9>}9SSY~dwZS=9vzQfr!om6T*pGaFyZ-0G+l^n|lZQcgz
z*k7HSoBL*z_eS1~={M&PhR$_&cfU+2zr>R<WyhjZnW~5=BT|2KKEfNnMW(Eavg?$|
z+=|A?a1WPx<IV<1^6>W1fx~H4<2yFvWy#(Epf!fNYp+=lp`IR8inWYFqGDh{C2dfx
zyH*?AFmP#lC0$rz2W#*IKg2W)l}phKEO4e)Eu4s4L&|^gh37EDTcAwm@&cLh4n&r}
z^$VA95$AU~J;>f*K>ybh6XTzWv~TqNrV(t#u+ry2gj<Wh%x9~OwId?eQCsdv_{;C`
zM<*1P46_`|sG?K$8l#L{fT=*lAkX(`c*UGQTes)PgX|HrW?h)h$4I3)+n~VaKmp}h
zik1p>?ou^*gFB}VXQA+O7_d(^A4qM(_oWsuXn}=SV4n&`@>H)bmP-Vc&d)ET7k=<v
z!U~0k?Tt3uZYk35;ADpRo!e4RTeRfb-#R5T<!$})*x1OMMy@5_6$D!lNIr+Q>q~Uv
zm+3^O9r1Wc(a~!x7+N5;z_`Ye&2Q&*rZ-+>8YW;m*<I4C#vLFJqvbd#OAE?2B;O{K
z3N@&D?_ns9u=$x$Y_GUD6jtta#L~<P8w(y4Z3c0!bG^{ix%J%SdU|~o?by)CRPEoF
zg)xOG6(M={XF%8nFI;myEo)aSyL9=L^vbyxq3{Bcwl$C%eKB973xr2_Aika-oqyBE
zK<-x}{>{D%$iLZA>iM0MY3Sp8UX*P`hl}Vy>@|QywRSQ(S`O3idU(-WWApmaIj)e*
z)f53~1_9+M^|Czij><j99!$fh-pAb<>Zq_~$J%lL>1vSQeduI4<N6knDxDi&PT#zM
zS!`u6^&fsPb?}qBQfpoh+aAj$zX*}l7Y2B)(`;3Zt-`S^2>Mk<X!s3pbjAsnosdlb
zFEUmh9~-;;rsmwnI`0|<N5Kdl6R_()g*ATw1Rp8F1GyPG07Re^fC<Ff`FJv0%v4+m
z9|F~%igVtTCFjAz631;rwMJe_s=cz5?X7v8!v~nV`_LkBDJhbz+m9_ssx?^oG%Czj
zuP&qse#xME^xdg%?-2~`R4p>cGuf8gqhDm?FdM<(g812=UQFLP^UZvPl68jgWMA!r
z>BGf$x!gc-^p{*ub#}IYl)F-1jeK|OeOD<s8s$3q-S2+)hd}VZpcA>bc19QPNb7e{
zdc+AI{Q(HomL3g}lGHzM13e>HfJ#&DAu;#Cf|roKTLzAzH$IkDd-kQY=TuthKbbCW
z^rg$|-KnzoblP*@!<<g+%Yy~s8k;W}d9lQ?ZJG@^hdb3oeKKcR`_#k)=aGwDB-^g@
z9sV4^pBNy1N8h5q#_<T7fAQ{jKm4IfmoB}bb*^RK%-wYgj>^uTKVM`0_SgOW{Rm&_
zql9<bxpGJKdkamYi!`$13<wfb5qvt4n89flvi!Y3)sj-P^I$GUguAu`38PmorLTVd
zKd09(ji$D)A$FoL41oHF51rtuqrE6cFx~^R*=Cx7Q|I?$BG*|ACI?h8CD@Ll{afj~
z&z?!6qnC5tP7%6jbN(p(iSQ!tHR`6^N%H>s^z_8P6jr4ych!5(5FD-Kq}$7VeZBt{
z5WJtTV-e0b-h%ovaO)94&9YV<@XoFSa~YRR>X}{kWcEy?Y}=&_B3YgjE3nzg@v(IN
z(yK_&9yL)2<Ib!3vGm;YXR>nR#QmqT#YRw^z&DNLr1LH122$hgT6&G!aG!qq8ysW7
zA`|NnhU^WL8_3LsSzbY{`E3~WevQNHKQlf)b|%u?tM?mHRo-c1m|HH=$)DW6|IlyK
z-G2@MhNKK#0lWZhA=Csw1eAW~WYv};Ohn5%J+|Vmjx1YbR4~Kw#KWbFS5R(nnfTrx
zOFzbM8o49%`uVeI{FN8^wX)vy?Qfr@){gX%pZ+Pzy<Q1pdu*4FW$I#n4WvzTTy%y@
zM{Se4N3xV?Zwwgo8>Ta#&Tm!$NXeCdeEIT4H|wu;I;Xfdf8G)V+w^*eK7IJ`;s1cK
z+wari-vJ;Hg>#WWC<Gh<A%Fyy!13EhfUkR2i46mtX^eNL$diArbT3?do&Dk!kozEZ
zT*Dx=FTL{}52wdI^s}5ATx8w)Tzcx8pHI&|^JNU&Thf2^*iQj;X%Gjv<C5_xJKA8h
z&M5<SnkD-#4D7{FZh5_pwzEig1MUc@e2VUVlDT%ucE45bp0nu2j-Yy5M*H*Go}Piv
zgWUH3lY@a=JD#Z%cBvC!hN;7CLq{ue{R#Daa15z8vuX8FfbR!qpG*Bi`$=;UTPtjr
zxfut+nmaVEfW!sv=;%xjVq>+mI0b^g%}ufwiEqO^_Xq+S)Jh><1`~Bkxn=6LJsw~?
z^X;ek4MQ(wDQLs?IS|Yjk7=*D%9)my%CC%!T>eA*el7g1@f8xnTT|C{wTz8jdU|wp
z<PjkIvjFKE1tJTo)US&-kjoUi&gOw;HacjU1gZ=d($i0U6*l}b%beD9@;-i+j=MBA
zxrGM<9;D-mbm5ifcwWkTy@ye2Voi@(*LwQ;*S?sZfBw5!SSq#~uMH~ej`|Cvv$?=J
zdy?x7TfGZfuEQg>`!qV5j6qz}&yI{-dIYL{x-tH(`u?FII662!KKi-w@vD#V{b2z5
zMX5#?l$1XJb{2Z-Y+UrJ)!M)c@|kD9oyI3G=lBb+zXB_sOo#WirV~fqD&$h{HuTw;
z`^?O3rID+c0`U`i3S}D@3@k5Ar_cT6U!?O~9@@rb-%_IW2WyTt6v)Oves-Lrq;m``
zr-)){WST&5J^vT^vFHzvja_+cboA2aa{GUXf8KHyy<1;Vb)H8_@_%8b^H%^=+oSsd
zUWdYr5C!z8J~6IiV?fEdqpb(3y^uz(xO`++2*h}f$=^d7<`>F(xUS(Srz5Ie{rol|
z_hRio$j|ItPOrZFQW_t<h~kU82x0xp+(~#9syun>0gM8Q8*Xi*NY#lzo#mf>@wxQc
zt7r4^RE)hcqHQ0`of+PL3}XM`rArroA69%mXL=j_dD|d3U;&b^fb9SG(4j;B6aMc4
zXl~!GoZ#X2pE0pvJv_V*%SOysmpE&*%rO*|AZnTX-QG1WXpuVi9eOYwKk=^g;5*)(
z50$l{n||qqXVY`vJ(KqD9m+S_X$0Vg|Mbj6zBl@zcf6DN9Tg}83g!z|i}~L%w#pf$
zFaM{{Bh4=}ccc5RZLKo~{t8XjKVvX`;=+a3KLcW~L_gjx@3$R-12E{dH$m_ZmX?<P
zE%#LYtM&Dbm%6)q7mgi!fE$nxcB}k%CubR>fP8@{NYIJ{3_<062xEKG0}q@`$1q&)
z<u`m^LkRo&SN|F_*Kw2_{#tmIO^hDy#PS>y?EA`<ykm6u_=&=51Fqm^guKJs2448V
zv+0>L-x}@g==ux7{^!=#rcbab@actx`5)NUX!qOg{kBDL8Bi!omN@G9%*4die}DGu
z^MCN6$DjOD==BA{RygEc1<}3C$@~lwY#LkH?jCN>VH<Fbi_G@!#bPoaH(iH%zn6c1
zfq{a;0^>QxLnl@gC}Kb)KO}wbmDJBKkb9FJ8~sXrue09%PelE1&z||#KRS2r#ZR&V
z`1gy8^Uv6(avR^Se*5(!@1A(#iH-{wE}Vq5pI%sAKRvYP(CIyUhW2p_PtQ+(^yA%6
zKJnomRFgfQ`OIJROmgOTV4!b)dU|GlW_o-cL@!|J;V;jOjgF0+9UC1v`%Ay_x6k%H
mc;e;%;qU)_Ch8w;_x}L}g9JVfF<Yeo0000<MNUMnLSTZU^@!#G

diff --git a/site/themes/pinniped/static/img/nanci-lancaster.png b/site/themes/pinniped/static/img/nanci-lancaster.png
deleted file mode 100644
index acf03758ade4a1eda6552574f2ea4847584ed2f4..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 31548
zcmY(q1yCJ9vj%!_clX1=-QD5f?(VL^CAc5l2?+#um!QGjEx0=b2ol_1{(JAc_r2Nb
z?VjGRzn-4jnwr|JiBVILMMEY=1^@tP@^WB}f7<syf(ZZbE?~tw|4%`AXvj(eYNttm
z|La6p>&e?FD+3t+*@yr*C~N@Ce<1%Z02DC*?!RmRKmm&6e{BsY`v1W|0|3$X0NDS*
z82r=!X>$MMU-bWIn0%=JW6X#CU$k#N%>UW{342-L|MO2FxytE#001aB{}Cv_w;aNM
zZ2I<EdY*d9N`jW3oLSASK3Q0^`Z~M*Cki0!EBMcJw)Qj!`Z_zgcnJE6fc^_1_|N{2
zn+*i~FNmk32uM#^4Jh@=-5SWl%FW6S5=90Afx_-qHi8;png0p@*AoHRd3w4Eva$L2
z_^|qLv3_#5W#bSK5MX2HWaH#y`G;Wf@N@Ar_hoVMp!#o;|Ca}B?P2L|@9Js)$p!cy
zUUQ32UY;T#(0>yBZ~O0YdfMCkUnUoi|0(NVfo%VI!p6bM&i23D|3ZcT;}ukOx3~V6
z`9J)k9K!#F{Qvp>Cyy}Of0F-y2J_#Q{+IV(siMfjZ2voLqR2}9bou~*I6xjOq2&uT
z*@e_uVr!iLlpFZ-MaN&;VM=9b7!z0lE`}oFrP*YhFKTIUBh0~<U6-&O&vSmTQ$0gv
zMa6PTAI^hSivcx$MOFw&j(|-a*Qf|=_j>r_^iX{xe5uO^D=`e0Tz9(RG40cR82IsW
z|K6kZIK8bAjZUTz>B=8CgqQXvbnz(u&@R<|GcDxt68(35wN)rX;ZnYAV9SK@T+Wu$
z(4+nDfw;9Ncis$!jr&um7VVemBX`Q|iF?kkp3M}JJl_@AqO`L1A8&qRsys+t`qpiW
zZ6WOr-p<dj<~_#b*@-;_`D_RJ*tolMdR=wDeBPZc5QW+2+-@h?f0^F62zoo?Qe^X!
zCx-Rbs90zc4|pl~@GEcHYA;o<+a#U;eOxyG#Pr;CJ8i+LIeqw-GGi<%=$rlZc!?tA
z7naC?0z!8n@At82C0>&GC(`YvYmZ!y#;>S(Tv*y~L1NXdOMcC#`4^syw@J7Dn+TF@
z8+j^T6oEq|TlF1K9Er-CUdzU-b8~ZBWIh|$+7Yd8lVT4qKBQq((WC;Y9e-viv*=fY
zo@|4BAI8#-yZt>q_we?mH2Ls2f3tiI5cBlkoISIVDuW?@R#r=cAN?JKkvT~aSD_@B
zJ#LLsVbPESol;>`i^+*8u26i`xKp;xhL0TB_P~^b$ODxg|H*z(0!s44W5}k7$l%Yt
zpLcNLFVVHJQqiY1ipS7263fnqE&nDD4-dJlOJ;DeERZlnTE&;O^}SE%eL~B*;^|bY
z^5*SM=5A<0F|MRyOde>8w5fCA^HSr|`V0Awj;>a5<5v~N@5*Hc-_ao_VdCw)6e*hY
zy<;FgwB`PqCk+7*u^^&8|61U6#<Z)jRq8a5;}N$tH*bh4+DaobfKm>vYOz`7<nCQC
zVhiEvaG=hApTt%KqS<Z3dhv0*_P&bs`tQx+dN2}si0-*FWIK8ICAM|uWvV$^CVQBh
zk&)qg{x~=N4)gL1lhF|0-@0udzCnBSr+4U&T1{P~gELLO&A{Uz?lCu36WO3Uqc}i<
zx=ez7TM`O(;yaL2!j+dS1>+%(a$5fWr9H`8P3m^ggK<%@Ok<Ngk6+AivIskQGeO3=
zV*BikA^P>=Ea-eh^k?W~k4S66+xGNBFfZ)3|A`ttNA*_h`StsD=h;g~#k-;V>NyLI
zr%kgC+NMiY+EnIqnx^Jg6t3g>5_ekM37QZx$-oj~#z-eUqc%+P;8(@n+pkSPPc*U(
zG+m=WsWz*T&{-!hDFW!<y>qcPGm2%L1X$THrVOHGJKm^u@!N9)=My0T0zW5^7!U_7
zH-xuzlPG=s-%KjEFONKk(0|+dCBZKK_7vMZyW4ty^VxbT@Wn2p?B;6S^j>dbJl=c%
zG_l@F)<>*5eV&Lxy>vzKE_T^gl&A7xRH4>kvSYr{i&}uA(WS(?tlG14L=ah!a(&hJ
z^MhXaX^^U5Eke=!hj$ZAPozg#F6yt5Jfv_OL&@4KX<@c#87~&22V*vjmwRI@_~<Bp
zMmz%`$yR*MTJ&P)mw5@7Ln^lTI^3u%#AQsFvCUdWvekH~qiYjc_33Q7^75zNW@<9#
z1}(uf76L^EOj3u0;Q^%s-H*lWEl)lKIA@gYo=w3ute~GQ3qqHjTrW62n|PavVgVyU
zE|)Ezdo&o(H*m8)2X?JWgYFvv_O7n<Jc5FVu4e_I94}?TfBUYkw?AB00yk^bjK89{
z2XGklq8t-QnFAwYDx3@8`bq9|Mvof4#YN6uFh>-O>#a23h_AH!n-UUj!!C}Nv?u>A
z;g~ci_>xM{&TwhBoBW#&G8C!tMTWXeynOWjC&?*!MC{2AcR@;Qt&ldILMec|1MxCy
z$0#tyAun8M>puL`=U=9N-4-wHEm1Gs8SAZZeFzxjljNcS{ITT^Z%ZG|jz_PNrcAiV
zKDdnn{4QN-6L<~Yb5#Y|j2VB;yM85r9#Wz&(1P!O)AipxM5&Q>Q!`H*hdA!^&mtcx
zAgM4#^+BPPYL(aW4D|PN5{?#FHl*&_7}5RUQMsl;5WmtQ%-g_*j~bS2(TxyVECxmr
z7?7@$RQIkL9Dx=n4s8UC7A$bU!Y4LkyU;4d6RRM>aM3Rw(!!^Jqdx_8Qet^*R$Vq#
zi{051ALkfdPg7-`j|EcEoSof=7VB<7imgJQ+9-XNr7)yx-!fWXA608=Yv0R)TD5bt
zg_b8u1;=@vwl%oJ6b=LQ^bOHv$)BA@IV+Xdk<G0v#5z1hguQO*X+MeLvP0k*rOaLb
z?E=dBGnKRZPfrc>s+RhN5nc8<GsYw94GfW`Jv}P`e3lUz3R32%u%9+tn2Z|V0D`R{
zK{{nNQids;m&3YNLvff`ey}3qjfezem~h#m&Dn_fPp3}OKA`)TnONVXUDDS_&khaN
z65Xmr!GVt_iq8{<+ZUg<(W%Z2qjsd&BiN4S{1#E}FPJiix8RC4KA)aomG>->lM>Aw
z-K=U=wNFYw8z_2_1#?BrjVYVkm1EP&VEz(!^>$%UGR=b8HDu5FW=`0}XyM@cXLgod
zBR_n)iV}UfC~l#z(WS)!APDOTdM(t>Ny=F@sf%V=XT=cm`GYPMUSw|Pn@Y(jKl|HW
z#Llb94kadU$~NV=8=W<4ql>Z;r;8LLK`sdv3d<@*$vwD#mptz@+^W1io1|PzvTLiY
zF7MCB%Ex17o(MdF;)KW+&Z#`>gYwG@i^Nr5I8;jffu;YSnlJC8<MZQ}KZxUoN+Naq
zT?44oq7P8oxYmjY>1MhW+Sm@=vE1PIqM~Eu%*R?Z3f3<oo12H&MWgzaDb;pcyniN5
z|B0I0ZGh}F4?Eb^;yj+fsI7p}b>>fB6sV<dz0s*#UB7p{Ne|I?yo}cej=a}9pIxXO
zY;^^_=&M&jl{yw@ZtZNKq2sxM$i5&^yZgP59)h+kc`?~saYVk8&gjBQ_82mJ@u<1e
z!I}D7%GZ5&ygl#^Ec6TfC4J9F*5|VoBiGFod$8~z`jP6htMY1B(-Bt7+^m-8XN)y<
z;HAfdX6CL}ZjWomn#2z`IwgYxu<wNR<giKEmF{L^n;LM-P!n&pu!qrRzPR%q4d-w7
zs4+<@?9d`-SHN?49EzRy{z(?=${{Gm%)%Cvphiy50sm?qun#S>I(v2G`gEupiS%lV
zB>Vmc1gGK3eFPW*^|OJJP87fanQnBXj7vZm7Wbo4)<i)f=;ZxAzR}|>*1~MJP<Lvb
zj!5#EFR??jdY`&qWP^_gf=CNbf|<bge0Y6&V*)h?>lhKvSrWk;)qHu|<#$3^X}>F2
z_J1p9%M5IsE9rgWM%4IG?~VYo5WnSQ$*sK;>shW{6|hWiZ^i&a7*bVSx4dl0UAgB5
z_!*AU)O{f;6@&N&Z_(b4-pEmnDsAKTb%_MPLuO3V{PuTEfjU<hlMOos8VA_kFCtiA
z#2Bf_)<x^I)fu;bDDkaS7lAs|H45ks{$Z&M{sEEw6fV3N2cZ_n>4+C`=UPsD7OMP2
zjdDE9&tEAm53Oz%QR0v3++t8A259KKQ0}>6I__STv+>=|`7?WFn)mVbp}Y01g(7e<
zA#NgJhWm`^#c-2bX=O-UrQ|0WKYp(_05ch?UauDq%$iNg!V}kKP=k+^PI;x~_ye;C
z8bbwkR-{b@t7_UAr_-*s)wg+<|J)%Wn{qsY{B;Xv<%|-e@bD2H9C_9sh-jD^p;yH_
z@Rw86V<05<*sFi?$rAF1#oXOpI8owvNPZ$1raSe4K8%f6TYUx_zw3nVp)D~d$H|qu
zXP|ykbqporQ4F1Z9zU!y&!Lvja7Z$Uz<Z#_Z}kt~$D-={?Mz<R%WT0b0y>4t<b9m(
z%Sd;iCjaAXLHJ41!1s^)iH~<{Rr0{2+-QndM=}+#J8w@%7}gM2c7#@{L<8(uYe7%h
z0Wz3BnKK|HBt+dWqB8eFbM*D%d2Sz|8ra=9m((-VPm?Y@Ss?pMocrlkUd4fTS0kR-
za)t#fM$8D1f(8yG@?l6jb?>5%OP4?!-DFZ!rk2ZoODv3Ap*x`86aPDUW#>DlXi7#)
z+ZyKEhIw&bcynlx@&#h7g$Ow{`!2*s6H;hsYCv7tw0}oPvAr_%X$3mgew0UMYSNb`
z=YmiYMLs=xg63HFZB+GR&veV5Ev0+?{kPy#-eg~l+g0xL&!FGIPrEnAGr=cu7-Grx
z3t!et=FLo?rw_%E5si%X(O}wmVZyB`@t~-Om}=p%eu{J2I4Ny6V|FpQ>cX`mVd5;D
zMk33d^konhLy<6g3ebjMkPi?#?#n!pQ4;^fl%SxhiH}=|=`ety=LlH%c<!-@QYeRS
zlv1avt>u*rY=$>CbKV!4na-86MvYL1preAu(t4weiea%UE`IUhN4vK|7MvDLW*^-X
z6{vsU^iYmJW%E(Tg0BgGAiLdAL!fsH+oZBrcx|MP(CPwz_wCm`FMqsHfu0_MKdz$W
zu4q4Yre5BQT4CFx1utI~^FA85Y*o9?CQO6ab40x~2yKudtubTj?hS-;Ku7C}SoE;8
z$689zl|Lb+v_~_bSUk}ikk6>X(_2`ggsWJL$-G0RHNX?X8?=<1qIsYr?S$>96Yo=`
zzNj_h5kQuB(fd`IUx%!%!yrilTLYp#=~({sjg(>p#1@5DeK{@;XJysTv)sjgz7<RZ
zn;Q4<_Z`+|kFe7Rl!&!ww9NvO5@vhPrGg0Lm|npM_3LzyofOnbmmJ0ad)*0U9L!fB
zC<J(SIDZd*f%*9LaeooaNcT~M6>u_pb`y;rn15HW{a8XF8hkNHQC-cl`)%Q8@H-vF
z6sq#BKjVcABO%Lv0Sv&g>O}F*wl0diTKp-Ni=W6rt`Dz6*$<Tn!Vg_rHaZceG-wJn
zNLXKf#fTA~EMR~k(x!@{U!oWWoyZ*KON2gv6zGywAGyBZP!QLyin3oe)s=}D`)`4b
z^0>hy^JSpYMr4nYlp*Qm-T}GiQ_#}M^b>YJqV&9En7jY-9%KR|UAqqX8kMEEHd5B3
z%N>IPB2L<(V|BwhVjaY!R<L(vLa00RFhh>z%Ex*$kOMCAG4f+LVONYygZIfky|+J9
zrd{%TA};SzbiWm0cAB$%^nC2Hu$}!NrZ9%0R||Z&eY*J?O)gBz`9#@<uTqZNf91-c
zl#pb8j=O`~R<Rz@SP&FXOGht`+ZPB>qt(;`D~)GN2YcE9iRH-#FU2cD+|rLe;|-Fs
zreEOdjur*`pBzYvAz7u@N8yD#-=~ZmBi<EQq^W@f)lj<DRHC`!n0BwZj{CnP<)Th3
z*d0s=7;!V(X2mNO#vu&YG2nO`KX+b*5o|~X_>0%}JIK(TG1idWV(v^*p4wqKhK04W
zQ%L2^japDd4=NA3bh=U$QFASk)i|RzKW4)dwVHJz=H$4nO_)Ah2A#4|P)7ysZ!=OT
z)IKMCyoY0ThHiX7nl~K0FX;%fCv^WBD6j69sq~ZGV45@L2y!Sp%%CbKjcQ_1IbhDk
zK!(-SM=CuVPc*S`huCGX?fE?EGFfwCwP5<f&0)8{)QiYDNiUbC%QA-pq`eZ~`uU?z
zm_mBdb_A@4a$Pc?F)VqA#qGi6E=o!4)@gxFQ{KJ~pE&|{N9V34uW=~Thousz!O<LL
z{(sm*9OTMKcJIGzV%`7Qq*!X0_iFt?kWM;B6%w*=4bomp3+1DZp@6N2q-Hm_;LRjz
zif#M_jjQmgh`W19<-RyX*QaUOi~j81vd59>dRqLrD5H2C0X|Vg>_}0gp{H>BuAhC{
zj*7gpJK-I{GW<iTPy}aognu+}jiVafH|N$LHC6wkP3B6{wnZu#gwx`*6@MutZiQ?g
zu4lQXSNj|tD?4N*sFau(r9N0%!T+Y1;@mGDHzn*wgiaCh3r;eHV71KGh%ve?@!0hz
zqP1Iy$-reg1UHXND}s@d<qKfLpo*f>%o+*r?;{u8z#E1b7P&|etyNU?&Y%t<1t~0p
z9GY-QRo;W}f-KQdp#u284#!A~N*)B=H?4O&w%8|s6&@I{q^p}?*Y~22w2#TaBxw-h
zYNCL^Wpo%|QRGVeF!}=l0p5e!6#v`Tdmf+H>^xB)j-+YW_n`Id^;l8Q6Se1A|E+Mr
zvog_#n4~~Z_V3Hf`|ObNw97ucDp)Myvu3%9sbK?p;9o{?yqX~pW!(BNazh*~UC1)A
zN;GmIA4+{3(0nA5#T<G^=h0}Vl{t;Z1kL>_&D^laWC--KyMwya4xbYf84$Vy&&6;x
z;#k^dFN_~}0eeWA)fbv<Etzg9!6X^i$q4X=+_WZPxPLU%BkBgfru=4)aroUrQUFU}
z`>c1ef_PA^&H`+R8;k4s9foT<ZCZir>b{1y-SDm9QTJ%>_;stl)wFJLKoBWKrv@wY
z=-AT6$=Qpex?p@s=gYvgZ7ytqyMV-Z8Ik^mO&4pkT%C3!^7CpR(_7hx*TbJa6rxTW
zf`N}$yK!M3Bvj9r2|M8-$5&%%T}Qt#y8V64b~3=Jz-k?Hd%wi|J_T+Q*2zgQtHK6_
zsALo|%Ap2_!B}j?N!8v<r4O3+sRr(~uB^m)`JNsuLn79qK~wR!Huw$3<HBExC(@m0
zCIHf6yesP_Lct?nF4u}dXn_U{mCy-s1VJ>E%rnH!tc4vu=@Oam<{DS=+;Y(kDWUcL
z59qgnY@HuBW&J7(u|qH=3IfETmhrY$cCk#EDU55#a`1?Y{66G(X|meoyz#MK>R1V%
zsc2;)qPM~x4qU0_g|Ksw@Dc_pDk|8U{YU_o2b~9=EG|+Na+UG*<b>ttpKq<VyWZaZ
z&4tLvNMHEZZG^dP!sfBMU^dt)pWq`YiqqFGd_B9e;^UNy7`3R_OQ0x|EYobXCKShl
zRSvD?xDD#R#ZG4>kQKABSbt1_ZzE8<HwiVhpM*RHDn^}CHrC~B(;R%uzQ+OAuK<m;
z$qgtw5>LjeQ?SQWhi_ykrjo-SVzcWXmN0@L-26sQJ2y+qycZO-JPWGBagUEQz0&hF
zuaF|SCLDTFqak5k_mN)_5x@_6*kX$&8+e=`H66e2*9#4qdh})nQUh)#D9vY2;}x|-
z@seWYIb@1Fz4}X?lbujEI5&_zPJ#1YdFkYEkbJ<dVUF3*_|7PG1b1weUg%DsgjP;f
zYhN<gnHE8&;vtFYOBb8STWs)$2S!!W<@1f$$A@&I=1bIiffRxz-f-Q=0m*%VZcy12
z&^*SoYEw@8nkeB2_b-fI{$rY6fpPUdbHfJd({g|{e|5P2Bq^BD34tz#c{~dQ;!};c
z)H>`3$}zF0VDT5j9;=vnIVu!NWA*rz`{TeH!Wr|Uv&%?DdKN@_%t1%$nW<t@kMqM^
zlfG&8ypRAAdam)EskUA);jFWuS+T=1lSLatAt2ZWq~2|}3AEjZ?bo;6&?ZdQL(vJX
zI4udSrUukjA8}L-Xe)zJgjzgZq`&FJz+}b#=E@{V?%~dsITm9fV*xL>&bqyD<*)^5
zCFC1*mh<Ja=&!;UL%Aw-6HgWAm#;(qTTQxg27#oi@9@Fhlwn=>l#<DA0Lsp)tO@*r
zr_7<quH2wMj0Jtf!wbkTmyr&O3bOkhOFCY1TO`NUPk>#SyOV<zIl>XnS|B<d)>tn+
zDpjG(Y)n2yBKT9dlYlmr?Q9Oan|YCnWtwI|Na#`Asv!wXKNvIuO`5U@-;Qkt&cXEd
z?mUa4eiox7dDDN8?$NBp8NJr4`RvIhi&0{*>;Fj@b1UfBvENpel`GFh&&UL+O7Yi@
zI~v$kba_ego)%kMQW3<K0wiJ0md8S4QsP3Ky-_2m#J)JQZMEIrL}=imH;HEnN^~KY
zq}r@ZXBu*;d~=y;Pq;1QP09PH{X+tJWOXPPzFyvbwiMH5#B(V*TCp<dmcrbg-@Uuj
zuI?dDx8W{Bkwg?i@6#tl>7W}pS#Y~u%Z%Brw|&uC8GqsL{!?3HIB+m3M@U=SiBz0K
z*{z^t6#^EAOIbva*G$84{fihPM^&q!4t;=WEWqCm-@C*ir3v7J+W~WL(LEfti0dDW
zX_2s{oKL)UGb!*Tv!+@O!54m`4mfc4vQD)8Tb`#Iw2ZfVY<d^Q?%|MlAj>m3^Sv+M
z0ICl>0|a}OjKu9g__4;su@jY0<pgxBhB?HIK<k0z1XvSU7QVl3^10h}Dh32ej)p{Q
zyzkQj$CpXY{uGSQ)=<2KKXgVG^-EP(U%g$fy{o_)zS*5#8h>2Z{3M(WK1Ea`(}_}x
zb|k<*E@XvjS&(8$3nfC!=1t(hG9s}U#Tj&KRZ)(b0@@$9RH*e4Dhy;iw^&k1od|j|
z>{W&FpPQvvv<=P7A=?yU;ucag#2~Wm;K#_(Rj=?gm&eT^APp<RLI4S)(Ci)b*F)7M
zm*ph;?-9Qi!#UDNKPfS~yAn_Tfnpp#@uQ@KWnHFVyYF{&=}OFTD<<1psoL$2<N|+n
zFnI&HccE4yHB`ME>0!gtsSBjgOQIQ%PX#3+CblL)em;r_s5H!MzGl23$qMoH&EzV5
z2V#W3&rtYnzj!lL@-gxX>^ipe;PjEmmNq__Rwe(C#%=la=Kk%_(A@qvbmk3d??j|v
z;=$mo-HLRr5BoZjWk$eC#ZQ=MVhd&i*F^ip>V1`4Lf{?>ex%SdAuf&kk3}`v*5)ha
zl0E1i+0D}J@LJwqMQ~0hZ17JUnG4tY%tg2tkY&mDecdoEz{$_L1m!&b;fO<QYdcuc
z<78`W1_g>xIoK?pRC4eJA|h3AeWygnP|Fu*BIJ+flGbRPkz>g?M{Wn({?mQ|Bic%S
zfn`TeM92;`gE;2y8l~PNhc8THo34f@Mwt*d3`4wt%nE8M{gwcS0(S5{arYzXLpY7t
z$ag?tQm`;Prva`0gX6`!%=)r)J(SB?=H*k@b{iSNaiT%j+`deN&(uiE!0W3%Dnj5k
z<8stE(t<Ag=V4hE%}pYN3v6tUdau`RgDxVkhOry?C7P1rx!CHxOO^(QK41*#q5<7l
zh_6nxy#z8Emo)8?bZ0ov8V(#0*M(z=2gM8)CbU615-BC958MlI^}ZnjGP;BCBfjM@
zySu4kHtV;s)j%?`e1|4_$7)qSzb_&HSE#cWXf}wS(NGnZ$~bs0SsFXLq0riO!_u=O
z30kA<Xke*fWnwnYy2vs?G8a}0V`2!GZF?)J5By2K7y@h8wvAPb1{f%>iAitQBCUpw
zf7a-0?|IgjH~rR~qk(Q<)7A$j4Gx$Kj$WrKeT-waoVYQc%OVN~1tqMnP?%CD<JPDt
zjNL_1ap_37*t&E!fon?jL@j3gEH#To(#|^eh>qDmIppbyK%CaLiOseSi7^hwjP7V$
z4jew4Gm0-pXNxcVW(jny^w^XLUPZm`Ug1lDVAy@-<Q#xDz_DEVt=hBq@OPiv#pO4e
zy=UY8XiKS*dfN}t+QegV=pr4{!ktfCUp~<VIkTo{UB7QgIj*=lJ{bV%`}OZqG0`7>
z(P&DJt-9qD>h8ta!Mmhzb`g_YX|Ksa_Zt{Up4L}_l1S}7kYzh}TGm|@X(?16$0_O_
zwX<oc&QG>Img}}dXZ&!86415Mc;wV;*wU82L&<~l;iC$3f1H||K~OQUa)_{RCk_H@
z8uOFMj5mAdUCeV9o^k?w3fsmB6*lWNoCp2r!{7>gVqn9cl#2v_>Q*gnDg-L<<Zgw~
z#utg8OdqU`zk1R%5xXd%WE0lS)zY1p9r9SK8>X&Ld!;FH3@VV}Z|@yJx5FrNH2jD`
z2mSXIZo?r7q3^9S)l(W@mA?I;BZsTnZA*tuE$A%A7f_!2WF}iE&rc{He#GHlGI;d>
z4s<2oE=t7n$1M8@c(^-<ZxFOX!sWNVt`m|959ix_NKxI`)xJx}6S?1uuG=%?$J>jh
zUTvG6ArjZspf(>?$@-or!8~K}h$_wDu&ITA<`Lr=FQ;!{khv~`Pz*GH@{76*6u?xk
zjC87Pb)ZEA?o&oFK$FG>q2Xd3*`_$-GR9JY{|b(l4lk*}gOUYYbKYy`3VBP!b!6@2
zg&dZ#8A=bktpsARst29tzFXK~)sv3yhG6toHdb^dd2piHcM3j_U-QjSVn=Fy?Kcw^
z`$cuaNq97EW*0iT1+<okP>wm}@F8fU48#t{O*VX572m{_mWzlUJRv>UK)>;vBpKz#
zEW%=VV~i9Qdsn&6tBf(1iNO!P@d?7++SxgN3}}U4mL~mdv5_l9PT7{V+V!w;XWCPz
z#cHg|j9r9n8sfNky6Adwjzm9wqLD(#IINC0UHr{0mpZ)TM?#Q!1zj!9gy1gyuW%jZ
z!An?h;mYB2I;ERS#;m14H@I@}K(LT>a8~0In)>c5A7B5XMqXVF_OBZ0s`Zm(Ba~uR
zXc!Av*l8hjeid~s#{imnMYA^Py$~RrS>Xq^9x^8sg>`<241n?Q-){sm7<a_}l6hDr
z6Upyi%ZlxsL-_@z{Rg+Saq$V{<c>lT($&dGjt3VBzv!?NXd1~zaFHhyZwmLwnp1|m
zE;O+X;|FV&TnQvjY|ouN+B2{ImULYX-o?p#5|w>w-7Kw>y!u{U`T$HHF*Ndl^0Uk;
z)dVS0>wG!d>6ZvmUX)g59e@D&P3g)TlvoxGoY8V492iu-q$=-A!}i(Z=L+od=%6i?
zcM;QIndieOB3&zL)5sXaSkoKSr1XFP$)%H1>E8~|$#GkK-@B+rCv=UjP!aCS?Rmm9
z<ioPU9kHTIFiK;vMtW&=h|hWJ`t?w7Bf<j=!IlHXZA8EG4CkC$z6unc93Krl0)|lj
z3^uk7`g}IWvM{m~R&2->s=_-ur1U)NU0~qZV2q4=@KS2vMZpMTa|=#i#pH}@tl#>I
z^U!3(=ZA#0fL4CONCZ+LY_{AlLG7=xibOoVUz=m=HiwDcOPLZFQ8q=c{QdF!^6h>K
zc!YmT-`BuBvBSdc7>$Q{G8c=4FDA>V6~8FqjTerjO;)6j)}H~rvB#ITrV_I2ijUGT
zTKXeKS9Oo#=K}bwBNleHZFcVmZ3m17{M;oxU#AcDXIv=x5b=3DR5JijT=b-iy1roL
z-gk(o$MgUo_Ls&_o}HjZ2UUIe3vj>zW8`$AVfdPpRv>PD_-t&-8CrNMs#m$eGb%*U
znTI(2Y=y)bV&G`_EyGTuAB~~tGecq1D$xhY0VIXB$8<w0bna^3-!r4FyJy(#igj65
z@!Ola^L5;%u}+v3=jM6WLty7ei7a{N;SI&x0m`8H$DV==+Xr(P9bFP4oQl$$As0m=
zhMrsJbICw|tv)?s4?$5u95h^lIog1Nqh5rhqN^nIEo(Y4f6JVfmEn=Y80yeP#ET4~
zdvz_*+x$vDW~vaD=8|*`;rv0<1{-Ljvu8LC2iwg(8Zl9BL!9$+Y)~M<65P0*R*CH8
zkBWIU-R4Wg9`gdrT)5Ex$Q*-$#*&7|?X)W-D0b=+LRMG7w1m+t4QC|kwAF~zZ_=Od
z#4dK)<4bec5KH<RARNz|3U42u7$HSNUc29RD-15*-WS`3YV$b6$TKf~%r<j1g_VBY
zwB$W<0NUBx(|X;GMGIA+rxt2{xFx;P7?@Gp8iDIK{7GoOQM`ovWTE&c=&*P271f>H
zIYJhtNngAviW#;-J_P0J3JFNg)LKYi&Kt2L6M$t%2ot-|`WMEgWsR1e{R%<JTh!Rn
zwS?3YJSo{`bOa7@;wgWq;X<-|-84u5Zfeh!-EmH0B<py|-MomB7ISbhtVj>B-Heu;
zI=O>&fyeNewtF9pXt0%obh6o*Kky==j4^_Pv$)M6xsqQON<7<S$UBqh`3Nqwh-hHo
z`}BT&1`vOl%ZNC+#m3#ll7L?F8~r}X0{T)Qx2!(P?}o9<mlS6z@($wgSIL!(fjbYW
zs$G#n(`CyMds}eKeOehQMaL@Ig1ETx=5Eew1Vs0lh^R3n^+WmMzy07*iiN)`MX800
zh&*13<jLP49{LoU!m0p*N6HV1o0B#|H?Ha1GoXyybZ>a2AxSx-t}(-G$t?Q@;|xOU
z)Tz$i<8!P8m-i;%)8|<V>xKa2o5WOjPc3Tq8)iye+E+-jvTz|m*q^aY<3B$MxMNuu
z5X4$a+hK1UGq;nXdgCDPc!*`qZ?t?=viG!M4wU05gcySctSxqpN0hL9uq$NR!1YFd
z+5(0Uv(t{6_T&C-m)Jlnd09@cBF_;)Itp%`><~7WOrxajaw$y-RTb2d=qUH^MxUK;
zWA-sR*Cv=*0_O_|4^S#>6RKuEf_w_cdY!~nBpr+vC2js1^a(y~w&2BqRIm_6um_!a
zIWm)5QuF@A<}{a7cFXyJYnM-XCg~@?5h`g^ja?F3^q{NdcxG#m>%#M{Y10<A9R`4m
zL-H;SmN3)O4v7s)q@huXbVbFfoi8f(3kc#TV|BWu|8hH-3uEWXpcwrwhEj?iM}?(Y
zwlJv{j8{~@-EL!pN35g1-@N3IO=QYk9(aG-_r>8#u^O*V`_{*+Z>DXT;<e2ZujC9@
z<O=VYLlvGF6Q`Fo;x$Ax9&)b#SHGkNHWtm|DoI&|ODf7NU#@}%v`S$bWD7kFRaA`@
z-{L|ZXM)CADrQ$$s-3{!c{A-pT#5jSMwh^>co*q;$^Q9uEshG|zMVLnBaKSiAmSo$
zVQ32o1Dzl>QQ^iABY_A`oseH>kGn}PWo7l~EQYQZFV0zlSAULk?+MAcaRk`n`6x2-
z(yJ|Fk7U`K|0v&{%!4j!8!I_wRSTn+(FIX<wn;#z)GRtnnldXevp|XxDK)4*>y(|_
zh$ypDk1$JkCb{tw#r-BCUe@l07FYR1RZy&rL)sEqZ-eZLS$Q5AD8v`NXn&5r@P)@f
z`*j0F@7Jm41@V_H$RNKdi<c<M2zdUa2^4ss08fM_cR7G`A%E0zjef&U@!?#aX(#2{
znSJGL9hJdSN#`)aRVj4)H}2x?)5k8h8>7pw=ucf4l<dn+&onR#HSU@uNt9prFA#Sa
zKbNX;>zM&^-(GE+!{9YMk;>DspU{kGub>bN%UR(Ra7m|u%6>%I7q<{a7~h%2z1k%u
zPPz6I;r1yUehj^WIOEttYc!vb08?n4!Ov6WmfA2;lmb(YWCs2rV)xC>sfTv%zX<)%
zkg<QvFONkmreJR%8AAFb5y{SBM*d`hdm8&@<|=tF1{A4@`ZiRE({{A=$~MDGcoXp6
zJ{M!cm%u$6tii?N-U`Rpe7U~UX2C84KU60G3nbf-`a>~33R&TwP>C?Z-AzevHog?y
z7{vM@t%u{>!6NEm>oX9HpC#NY3SV5+AnIlNJVl=MY@kR;ljgbR(h1ESKA{xIAt~pL
z;uR(A%A(;}q38nm4O+x$8y;sxf)Zh5(&fHm!xrjo*C}Ulp@Fy{YC{i#A(}J(sp{of
z%6q;{Knu>$u^&&HNCH@0V%p-QOfRTUi%^wqjY`9NpV5kK(S(mIzVl>Y0#F@ux7XEz
z*K~*<%U4MY291d1hq8e4vwdooi8c|qt(3}GWH-NmBe5T&O5~1be&0R#N~2NyBV3$>
zrG`0DddbXr?FWpwJG(H@mLU{e4)Hh#@ps5czJm5PE^T9g9W1>Y?E=53MRS2#xb1!{
ze=w3RDX}u3=Xm8og!$;wu&e^N#vUF?4^1|p_r0E;!18tZZL5Wt^}bWoR8@D)1c%;d
z=skP!aG41W7wK2&xMjn}ZD|95MwQ0(vCshQiO4Pf!o(ppG>t<X+~#va=$jN!{ee1n
zq8QZ`*HsnVChmO!t<RzCF&3B8S1E}q`gX+1Y`svWFnoG@Zouz#53Nm5Wu8b+@@rV5
zH7Uc*%6;~rfNq2yiBW?!BJszH8KkpWM$M=Qc2;8rJ27cefiozai%35k+7p_TrM`XM
z9$YBwW|4TlN*y;J4Z%|L)T7}=>xFAs);xCLI$0KEbEpKl@2}aUAjIQLr^`X<4RS?H
zf9K;3_K8CzpbJpFj|rGY5GT3FG&eMpwj$&&o9BBQTE{@^+DnwG3L*V=W?L6(*#dOw
zqdbBmh+TjgTBo4eBXOzW!=@hVYybe_r3;fzNiU*14pPhOeQ_k<S(Wxk;vYKB2<_*g
zq)=h|^9@4!4un{45&K};y8!dQrwYxImR;lFVF+<;iClZHQmq9tGyd*E%O_IJ<X{|^
zvW0j;(Dv;zqgW<>c-h(NpAVDHlZy4Zr%zcmwrCpFJO1)r>9EhLly%6PaK%hJSKOH<
z!=h+U9J8+%xco}<Ii$KS5+PTRJo65yqYt!g!&CgWMdEtJZP6h!bzi<PDc}XjEf!^=
z9d$@{dG%n0PP{xd?Sd8`f;Vgb7%qi)=k@$%9OoWJ{J~@OEsF^<LTyWrN|{5xSZJ7%
zuw4I8M->)2I^|tzzkJ%ripXmhnh~e2QN$DW=%@!Z6*(~&n;<TLZ%jP$8(UGjyij1E
zo!J?_K#dustG*SMwtq<og9hHkq;l(9vcPN5*&<%1)jp3O;4$unn;N<Kk#9LWAR&Q&
z>K3{PtsnK5`){tWH?Q#Zpd0o@m+Kwg%fQMbtR+={RGX;mr=<3hMZMQ0>dY-*;&<~&
zYkmT2tWC1GZFtO|9V9J4ND6g(xIgHvpY+bgG~h_<v42i;_bUnk;(2vM=q}6dBwWq0
z-)S`ird?*TCmMcjO@T*r3OT%&6>2PegYl$UsDdXycv@I+V?rdg$`a438)XExuM>uE
zG*KNg3Oj5fRb@a6;YVJ<?$x}c<;<Lfb0p9|kv6!uQBlT3T^AGE6?K7KXMhiApL7p0
z?=yGB*{jNWkF`l*^yz3*MDCOeN~DR^N&v;3Gm9=a4xc6!QhVoEVh1*|#cndgLzY>f
zip%{AtP=RuM_%^_apz7sLQ7s!EKt!9oe~an%chm01(Mq=k9qs^imD9@qfn$|_vI+O
ze+}yC>Gcm$?euKrpVKLYaR2><KL;c9xp(m8tge($Qwz^ktjt5q3B!GTCWl`>X8MU8
zS>4FP%#?IF#j<SR+J=pp)w_a@DoEuM#w3XbWMUy-S-lY)!whyFRJ3m@2+Q%nY7?ZO
zA!v<Bl`O=LA#pv{e60)eHg(S#q%=wO2zcPz1+hN%@}&FDD0CgiB{@xgl=f#B43YNQ
zyJGPzbQqeHBIijoT_t8yyNjVmkht;l$+4a!Y@~*QBqbaoX_&C1Jnf1nhz`W_Wn^&q
z)Cx)jYE=sja2jBgWnqj@qxSnkwv9RRA5OC@7Ogg!wS|=On()9}=WEgh9evm#Hq$F`
zyYM=o)b<B<d{I_$JDY~b#kZwTAbIz>vZ$<Nczm+au~W&Yp-m)t_dkps-I8A~cyQ7v
z75}UViVLF<PzbrL{f=rn)*X1X#zm7fa-_C!;@WLoG#7mM!M?|>qx?!Y&w}KuCv*0I
zR*NanFE?onYYEoq?DP0QloZHOwz*|)*X{H*;dXsXnSdyIn_N%(Y<-<@VJK-GkQQ37
zHWTZ^9eFa2h>0I<NNxVIj|rJ)5)}g8HIKAQe@AhnHz>+I$T`t(n2}m4XRAdeJW6xG
zTDD3yYB$R_(H)eh&cM~6!-gIl`sP4;NOo>6z}ExoHY?>A(eJj`FoiFXf{s`Z2}v&$
zFcHv0vKXDsz{3GnjDK>3bv9ZnJef>cyv~Bw2f8FQPi3{oXjC#JvnR@wZ>lt!-ML<D
zc=B_J;248?mF!%3jJ$|wTB?~$jK_yBU_X;V&wU|v4E<?zbQ*<rK%1=b8N5obC18-_
zn>p$c+~`+Zk6*FIPIBSci4Yvo<P(29d?SCt1z+2ClX^SrT{3iG#ArI)QIw1s1dW0|
zNy=JA>3t*_>aD${6?lOx<mD6}U^eu5DguNzV-U50yXhDem2}N_7v4izO_co39#^d=
z>C`(IAGefmT?s9KO^0jl(?*zhK<Y8*QW*~yhD;b+{Z0}8d5JkOH0`FT30R5iSk96&
z(Z>)aD=Qm4fbCF<a-5X#X_&Eeefr!Fr0O6}jR=@W<bE_O%M(pl_}um>Q7oaPTVZ&V
zq;`Pi21Rj~dFi?HtzD163tnnAB)(*=^zIZh@6N{Mwm%kI0>DI6ZhZuVA(N|uK)|oV
z;dwW7Ps*cyzG07#(rq%-iU5)xV=L(4Eh!pbVG5|Sz<LjB9lr~i#QTS%IX2I5s&|#P
za4J-xj%Lir39e&y4R!@UTdh-+XWrOj6s5>}lM9Lqr50jI1<gt55XY<dpq${mn%r%D
z6k$39Rf+Pi7iA;lB7QMmrqGlAduJ^+B&9diCT~pOxn;Qfr&6P`>?%4IeBc@!r<!)L
za?JSjqKqJOZD>3?N{4tqBFfamrOjWt$VK??mvWe>*s3N5y(<G{tvkRHF=o17Dh%0f
zi(*K))w>x-26_@}ZDzu0Rp71}DriKp>Bv=U<W;CgAmm$A)u+z;d3N@0c-xtI2{ZCG
ztO}_~$}2QMXdx^(>MT=cN=Z)~nn+0G*B)v_?ZG>q^hef4-f2xd+If9PLlSBCJ&I+H
z6FD}KEw^iSr-luE=e3LUzlTmg=hhV~e1b7tA86U@J};%`;33n*cFsi8{%%Ndu5J$H
z#M8zvvqg}@&mST6Ax>P{GokvHMps=XtQy`{Je$zKNgAEBi&*v;10|zi`8P*w^0^q<
zB@U#iPD&*NP?6+Na$uL<pG?kA(C+-kVRFJT$-4VuF_q}Dg*`o86NS+23*tV>|8+SP
zeOA}Sa=sGi=X-L3Q{cTT=iArQ##?*fVP77TLjH#`c@dK`Q*a=WXUa7wE$a@hzgpEe
z3qv(G7kx(f&Wb+qT-+9>_X($ftBqy2D}|#?*K=3M6vgoix4gj7Xd92b-}C^m7kLMQ
z8>1byxPy(!@e`g@$u(;(b%!d1e`&v&jF)$)0kn3Lfdw))c5JkTtN2mt&+8$YZeF^$
zNE60heOBm)Cgb>VT|{RE5iyVyTCBp9`uDx12LgUrk{jN42G-&>7+2CV?Z(;SN&t=p
z)=k=c-Eo?v^H_8lmd%0B4olJl!8;q($e?U?3)Fln71WmmHD!~6ES4m>mMmp5J4?J8
zlc7$K{Dot`GxsLE>tF~AGjLE}sv`%!qM8FyRm_8y)X+(dO9umib(6fd<L|KRK*n;^
zdiSwu6eIRYg=!!u$N%8H{%nX(#@@oKe3%S3^0t8lupjQBsdpnIXsesO+s#Ifp~%g$
z>9wgi`gVcJXB_DF__`e+7_gJ{9zR@O6d$?4W9bAS@lVFpzbj9y*3q?$8gn4Pf}yui
zD~&~=q5Ym_p?9HlOZ#((f$hx%$<k7Buz9;P`4e#=u}gW2_rE1xkT-s{#hO!TW)8`9
zBGL5?Z#(k2Dxyq<HS!OF_qjN=ZL2u-^(odIvFdA@`?<dLVUuE?9uAJEPX~U`?qX}S
z?uNUvT*iyJi#4V2^XS-BOcE(to@g-T`A*w41N4=v>rWKx5a~LcH$z%$E2Rf;f&)~p
z2zxB(i^R{CWl^%!2DwG(Ma&ygLzb`B8jiydw3q7n1^ym(AqpM9cw&uE+Yw=}2`bkw
zLh&}Hsuc_}OrO>6?*$(B{2Px-ZLiNvh1tb(MW!>*MiBTjzS-`WhFL4D?JssK8~XS0
z5fiQnlMG2o%2CIrKE{tX7;i-HY%E!%B%|}vl{m-bGL?sDvp{3~_REzk-}n_YMCHV|
zTB=KRgr=D%j)~De_fo?2v5j<B5^v?#3$TDJ?0^HIQ^m@~Z+l2*Y_J$-kiMO0AZ~>?
za{)hb=IN9cNeWtjYhx-GSH^+xE+s2!k(&qBc_g<KE?4{23Rm22O<fzq>%tj2_8kCn
zr?2xT`l@ri4n-{BrDpdavT65yBr(co<L#?jX_VeCKPm!7>w%4w=gCo2G>g~x`T*=n
zM+rkyXInj$n44MU*h1ueFu_Din0Ko>_8>XU=sj*pWrio6k>tm?=&&|g7%?ezxp=#(
z?YpA6<8DWCt`J#=_TJ!4*}&j5C9~Z*BE;I=DV=@+8ywaUO-^C{HD2a>FC(g&h=2jQ
zA-rBg=%~=$Rhgviu~)%I=Y$kS%IJLMY_5$tKk0gef6X#yYr+&dCH0if(uqDNw5w-V
zL;;wA&!sJ8YeL!O&NN=HfoX2comVc3Lzphs`m2gMx_g?kaSoEM$%C=^3yq<hajN9V
zR9dzro_yt}Tk=OO_q5fA;HxBAJatXYv<gGh+ro%7Ksid`B0(`hekp1pdxY-B53xz|
z4-Njm6&O+YC>YgO^k|<@ezNv(8+F_2W|6MVjQ0gS7KwF;RYN15b0jnJV1F((l})+(
zVV#@FDX3xN%uYJ_Omq4<=AF6*^<cJ`m)JPI&4HvHq+BclR13HU;^D^}_h(jcVDi92
z^+rCn3sCp(ao(AqoR0T81IzGKL~fS{3x1i~;fj5oZp`MzLJW0GC}g4HfU93jVc{QW
zBty$*KHZ6&S%(QTAs~)mCUKNY+>k5R<UBt+ov1~lv+V)PAQu;EfD^q#YvXUy_0xIb
z`47;WoUt8$IE#CR8DV{Ktu(4iPpxQ^3v;b)4c&pvLX3h{6KCNDnFoPXExj8A_%l+j
zhpuC_ihIO$tE<20PZ<?Gep#-HJ*D}>+ZU0!^!)y|FvZr*U{WkwI`Yjz(ZadqrwZXk
z)R+=|gOR1%a{%GSXXg{D)DFP9!yArmt~h~Gw6bUPPjkAstl*uFt9DD<e(a9acIl6W
zg1K0LdLGSeo(+!}%B)czhGX{C5<SfK$u(azSt0XU)d)e{P#MPWgcg2)X^d+^0{5?y
zN;*$>{U;H>1rcLjJa?})@;6~-uL(b~ezjL;E}xs*A@$l#{zK7L$AS+$W|v!!Vh&AG
z@4!Ca7RH*MWQ~0LqJ%k9nuw|x=<ZHWx)R=ZHzq4daInTMO@&1D?^J|<ezyaf0gR!9
z6eB_ap-4}10w)5CgxS+t`7kjr0an{7i}$ZztRaA+(M<m?r;XQx2@?B_#)}FybXDOe
zJ-v=Aey|gzDF<rOC(3TIY69?AzL6u8@Ks~~R$ZAnB2iQNSi2B=>f-2?A36%I-}LA;
zP?#eXc=V;ILz?nMFv>6zbY^`V&A;KJYb@X@%JdvZF|k7<GVk25&Jnm*#P-C2^O2M9
z!I}A)5GYMcWk|AsDXzpuoIexC4?z#oqRT3~i3j;#q4B%s;qZxArg-2dF#gYz&@XlY
zgi5_%6Uh9E2`uN&PMCki)((sBhFKhi@HgK{LAO%xTZVovq_sO1=gNvaBo3@(izsN&
zT2V4ALBH7B#~e=UwW1>rFIaPe1G`R<I+LB7v1xKk)H151R88aY5LdXkm-_vt|0a>;
zv3T?}oULo7=^akt^wU?h$r9#k&F*h1jDarQ!Th8?8cwGQJ*T`eoyJ=m+PTz-M_zby
zjqh-_SPgD^M!xnzcn21Ul&sC}FVF32IYYmtW6Y`XruT3<uubFq0Kg>G#=jI+%)MhH
zrC$b^MI948#>L%m%`zlHsvLdev`EPO0Oc3g*5A;i<E)twAESdeOR^KiK~}wic6Net
zSfX7`OX5)#%4_;&dPrzP1P^AyG{{TJZ1-r^jdGj3So*aUb>E~nWMMG+lS%GI(A=|T
zx~$eq>qC$^URSaN68)D(E=Bf-8sKQK5wU35udvryKmtcde~7Oj-#<|@Vx9X2%9ra{
z@V7?P53YI$EHWv2zD|EUD*wh4;|ji?I6%aJbgGc%I3ADmqw=pd+Czg%eW4f%hD7=K
z`x|s1{xr0ucV*qPK+Zh-34fHCqxK2bgO`C{)ksJ7!9oZ~D==AJ?S#|Q99M;z^x~`C
z9tg(+cdpLir1q`L;>(R~Bu#-Ca`TfQb^2;+IHwrL<Mu#L5?n(iC#r^g>X^diMomEg
zF6N;TbMXNx?N??Td4PBlcCwxs<&&?`AHrW*0AqXe7ix-mbH5Zr1UG$2&#x)i$s!k@
ze6{S&SL47|vyn{zGdk3e16&KCsnm=hOJI(mm!J~VLU2Pn>Gb3RR3W7bG}@{A9u1rm
z(h1iz6$o$B1y`|uj`99^Pqk`oo2rEr>1J~!H3=lJy6=W9K^=s`yz+;WxZ^2Gpktp`
zmq7f&M({A#-2TjRw~?tXs;yoM=s*E4V}OJc0%hmKjmZ`ZkhdYDMq#E0Ufcw!=1Sw*
z$j-6=W3pp5)GcZZ;x%u3*SdT#jIHPTa6gyn_bi+rlph<!?YWbNmxoYl%6_TX=DBNz
z_47r4K4!wv0FTHIt@m$ssEYbZdF8Jh`EI7@MZ>w`bzxhC&hFCJ;IKH86;6m_Va0k=
zi>wURhpFieq|*Th{vIL%H%Ynl8pIRNhC7)(Vt?}^B~daM$F5L0>TONPMM4qhnKV0s
zNIO3xz|&rkpIc?6IcQZXc;bX0g`&NArLg`@t8If=KonpUtz^(`f;c1j39_f3+9BST
z!=*vqX|&*mhFkdW37-ddw7CMQuV{0TN6_&BCgREqg_}_Nw*kU(XdFVLfiKj^dQYLE
zlICY(#J*X3{k51I2@d`{ak2x-{;fr$P+*d9n#i96H+ZoyEgMa@aI7KgVh@8~`WG^5
z07+TYV2ccyxl9D0&Ssg50bNuTTe)4+RRYF_yn=Qi;S~_E5A3UB%&k;Cjc62}%35f9
zs%48>?>pxFJWWdut3}S*8ZC>!hdc+6HQzuayep`e?1b{qAEJO54zNz-aI^A6Szrmn
zrvsW&6k-GxaK~=PI<0IeH{e6X+&<F?KQBb8kxLLT1rs`ASrN#0u~2s9By=_J?Fn^;
z>is(lQF2|bqcbQw2<^MuR||36%H8CJNMx_hx{zF!hH)<>p6nb65G7PFO5^SqW!oh*
za0y>Orql;t=Dzpt*u}yj@f6E`o)WY!kHO^9vtid^{<fsK4BC}5;p^vT9e$w@!k^B!
zl%eJABjSIFIG%^dPTk{+9!yr??8fB<WAdH4&Bs?Yco-wad8R|OaenWl=7fdF4l<>_
zpsqz)AH`^)ZID`-=kyMdTN2lWzbo#}mTh3LHbVMH1xKQ6PFwYqSP7)SiR&iXaBU@%
zIY!iFbBFG#{<=@N8oI1<5SfBPMOp-Vz?i-(4~8(ZJq;$?m&Dj;iN7N-9GFrQRMj67
z4^DKA&0K`PH2ce2NtlPO8-!`94O<CQVXb3r>IzEcqI;!_MC7Og#NsyeB4*xb^hPKx
zdj9SiSbX1}k8+P8sIJr9l}RJQ6zM6s`SAlN{gqY+eYU@y%l27+SYq633L8T%lw{77
z28+x@ncDLI2{k&(#caSm#Lb}|bO!(Eo*X{%*~c*P2cYapI0mjDc5C(E0x7(6<Y;TG
z`rmmCrKJlqR8Ul-fipxRewA?EAW4l;+BR4{sT<*%;u_~FAxv?p613obR|jit)-jwk
za=IcJS*Y*o<6+YnP$`hy2ly$7%#{fy)}a&t3D!VXY)KS}03-lt-6e^li{wcWNRFXX
z=GY>3+{CDCQ;!v^M%2epc8eNrIWr5V$VK*|F7g^4D28jV*d8vUI>$miIkK^yLj722
za?#3#0p!*c@omrrM8Snz4&j(|(8}Hr$r87p72*2JUqP;)72R6egi#5soI8I$Jaznd
zIKzsDCh>S~iS8c-&Lhl==Rpx7J@Vy8`WnBeh(+d|n$@_0b7=UQ$a)|I;%ExS!fus%
z%rH?HzGK&Tc<%#GhQH2KK9m3eIN(V{K~#D2d>GnxDONQUkKwY8QeT*(=nSN(A6=C<
zj%7<H+DOUEWMni7#sJKq7B|;a7gup%8W>VEjseN~kW3O4p?|2Vkdy5sYx}<r$WE)X
z9IGIc;q__YAgyfqA?}MJ9)R&(WGjh$iC_U|KqF6<DGkt82}v%KSn!HzIGx@X><1a#
z*A%9Y5Rhgh_>GDat#J{3*(Foq#vAsAweu@cSL@f>`N!sH@~KGEKCnnp28l+Jl1{?K
z-q}E+h<Ee*-`-?6UrKPtpjfv_+5nI7OVe?0xtR&`)P_|?HX(hiEFo4wH3<#a`_37A
zW-g0po;EF4uP&p56^)1w2F4wc@3a#f_9Mm$vc5&Y|G-#2y!E{w3722-lVR`Jw$Q{6
zZDTN@ZTQEe0M{1u@A&u-T$QxkUp{jNeO#hlVTDLj2=lS(0@2UFUG)%CjUW!1i((Tz
zM?`AmD6*j!B1*JB6o3RgjB$%Wh8=k$Mz{dFlrCTuzjoQ%0G>cn9E)}>T6O*$K6{gE
zPHo>Fa>Il>5zVnVDEDm9L(*n5IXFZ@?-QTSBl28RWhz{v9z*2c^t>y=hd+5NY(w|B
zIwOWr;ano0NGn7n=Si?4FOiNUZa7XZmQx+Qzin`>Xk<rxd+r}-lgS!<Vjf6@(WxC_
zYR5hh&pwhKr80G3z!KR+Y~LVAAtJce>YQi&QTKGDZUDKl*^W?@#iT#D7C4d-)BraW
zV)*j6|Kwx%xad2cTBd{Hrl=ku^|$+yodm;ucvUJqbL==37*zf<a3@`XgV+tl(d`w{
zTf^ey!4%PN)IEzq7Q}EY5MWHE3|;GEjdUB1ZxRn~Tl6P4GfwqW>`4iCDEhp33=hhB
z7cmSNqm^uz0Do`L{PWz&qXbPx@ztk7ndcf7(5)~hx^yX27s%^Uht)yy*igKubq%6(
za6W&i(io&OUp`zy7H1bWirsd2?v?0@bE^>L8^Bi3G8bOL!Qb56Clkf2k&=qJD!QYn
zKox9ow$&brXVnhY2XnHKjUEOJL4{_+Qr^rUp<>Kn7NLnVo_qphKtRCRewW<i4E5mI
z;~G~y{w7AUM5eM{>axR}6l?0w!f{X$I#B&}+jtu21INPi59|p)e(>6mTRBhT?0sQ|
z;_t-^i`<O$IRpsSXeS&)aeOag5LiHvg?cTa89;v$6h{a1gfcB)g7=DF?;Kqg#vvz1
zKq#XacpnvDwPq<rjs~EpPd!#V`Zx<Eh+@?xAI?elLc2IwE@}`1!;!J9Aet>6D3Upd
zQ$-JVSr279e;2l|oAN}32=pvEeq@Xw0*KY6EAt?(6glTq*2XNEuy<cJoLwThkMWa-
zhz-s(d^RFdPZ%olqwxwdHAa~o5(YxFaDr(?)`Js~XHmsOImX2GE|^dZgStv2&I>{@
z0-533SuFevlC#Mi(|8=JoDR!$R(U#Wu|Rl@F#xRN<aWX_0n55(EPBedSuiB`8u(C-
zYbdP4IR>*$9GD?l;kgG_ZygFh``<qiuDxVSxNZk>oQjFdcU=<N+jj$$fiN>O9~#G=
z;1RDoQT!pcHMCkHlclVN#6X#s2+9!=i-q4#ojd!IN||{?o>c2AO~6;;%dw)a0|#sE
zvNIl|YZTk*^X})3O{>`NiZa(1@d2qswIq70#*&#f1Xo*fl|FhANzsH0PSD7_L35Z2
z?FR}J?CB;cX7lJiIk->)uyCcE=J?A)toldXX9>%x%3?ECgDd==a4B<PKFo}Fd~p0^
zePX{zoX{ggh}2PYbB?Z$$403P?0sjVkczQu?E){SJn)0p@VjK=hI--2UNC0HIrV#)
zV_Y?y;P*PNY#9zi8oD$Iy#sl9knV?-jaq%ND2=OGtyKdUTe<2l{Kg-I|N4tR8n!{<
zPk-S{VFa<2pF-&)+ONOi8e-8b-@rXF^Rh^9WS*cDpBU<ZG+10|V4=H9NH-AdK-Cyp
zuBs1_B*5IC#TawJb;u{;EJlhr2AMB~#A7y&kE`}Tf`B&AudmzT{CbmC5^Kb<;pBFa
z@FvFK8fCDb{KAPad+ceNsM3;gxDYP8Y#-yzg$pwaVbfOhFk>}}$J7D2QiAWiduwyr
zeI!yJ{X9Iho$rWH;1sRkh!xcy^Wm?(O++iC$2A}dt_N>2e9#EoBl@CbVm|za(vL{=
zsEw<5PSR$Ab2yJ1q0R`(tgiMaMyJxO<gAm<JdvH)zVGbf>8H<N8(b;}Clv4F;OtJ0
z3j#%%@$us7Hdphz=xdd_t+C0$@MVh7{_ppHGW_z7zAjAey^>`2`H;swBA`nZBmFB7
zOSzJTcKE><KN@RUk_|~*)ku($DSS_^FEX__MYJ17$AQby?lKmlvkxgpLrD(OU=qoe
z69JhB9N#@bF|OMaSMGZO<uP1gtKRa!Fx+~E&N;M;piQug;3jAtyyun|aynont~<oC
zltGT$ylG2}qFGSa!nH#_LiiTf(|KrSn)tjA88Jdf$O9zv{9^{7ubmjHx`iS@12Dn_
zgs)qjV!BVpAriHYo3?7zC-%tJ9oq@%qC+E0bizbzyaZrHn(>=+#K*<nL^{Ec;!SR^
z)>ivFw<1N;>C^9i-)GKdAL7xkd!_~-=eJ97x-Ys)3=UxHOBo(?4X;;h0oa&rVL+C-
zt`ibFFf|Z9^u^O*`#txDAO4=}!}G4X3O{!}OtVht)TwhZ<XOSsT0^W#o0CL?^iyNs
zW-eyPQ*?SCw>VIULPU!kk?Xrb5e+T%mIj-u!xG)tB#nJi{l@veYb`6jTpXwBGq@oq
zOC(b)8q1{i$Hp>?5M#FK_0wT5sX<jpu}r&SV&D~?HBlmXpy6mh#vUVvbTbfy_n+m-
zEpyLM@p4rOuBHx)aTQQcx{0<|&XdNA`CpJ|U0GaE&tR+&(FL?yeG7x{g3aS*E`$Y$
zrAZs+ZJVZ|lx#6>Gi8HRkXlhAF~{x)5Rz+?W5KLQ=4C-6yr})tA10(qjQz-6cl`uw
zEZtJsFEH=d#oDAOB8)T@vDT6Rx-AD4M*<zl0ZNYMM+?oC=Bwc)SMCa*dEily)d~Zz
zx;;!17w)3BN9aCV>wvfvK3cm@_>$&ni1H@llB+>LSeQm*6vp63j<lJnNpuO!Wtq`U
zVob5>0YI5-$UziVQMiG#i=6Kj9a|#S%`X$L1lV4kA@C=9&`?v6*!E;*if1KJFn|SY
zTM5lOIj%A=N@^4&fdr*O2B`UnJSYVul2m}pGUkCX6rVaZ9a1oB4sKT@E1t{vrw6XQ
z89PObpBMqgTqdd$V+0yuiJdS-`q67Qr_Z@$2;xQb*LZyW;26w+sK;14eg0%P^p4*P
zH}5|XZlqjjAMayW{)T4TjJb~+TSU6j-I<w#62@7_Xf0?Q6Im8M5y32pyx#)^Yvhb*
z)gj6-Dx9eD-eoIB)m=iV+u*~j6c-~HTk9O38=VLr{P+`a?Na!mR~`)8@p;Q67zPAX
zXNcz$mBPekp0>G$&cWg}l&608fgG-eS9F_BGZLguQJ-{UGzjEESQ4MyZO)ZnBDW~Y
zT|=y%6Oj@~!l?|{`6#-bq5zP4IZqL9+&Z?DU~EN<y&<wi(UTwxR<z447I7lYl_FTw
zAk@^Op~5*j%?=c{QlH%lhaY+<OzsB55U&*_-Ci|p-f<PRQ2VI#RI8GBsImrY;VeEk
zM8b7i)UiRogu_<}bz|cwofumc1TVu#S;~m2+`PF`4TtZ$Hx|x6bYVK&`@RRm_4}_5
z|MJ$`s4BS}*ddnT3Zr|j(~@}9>s*j-O)x>Bc)u`+2;R4K=Ocf4W_lVj-9oScd#anZ
z38?F8OZ3{v^k*aR%yBvxtLcGt6yYUw^&-Izq(GS3yE)uL0RHe(cZVN%<;~%S-NRwD
zw;Z+*92pw77>w42wp`-c^a6=GUg4@>5IH~~B1`U#`jtUPpD~JL<OVmjcZc+v7+neX
z`dI`g`a40c*I=+wMEgvpK7nkBM4!8iQ74d%fcZgVj2vN16vQ#84kQ|QAJlRg?#DHJ
zwy|;KHZ3e3eR?(=`*J;8ck`A|U-7}0!~?j@*yt8Gnfhw3J4}t#7~#WBWZDc8O`kat
z=1!dmZ5FU41%3!w#$IJiE5KxtBKvWWZkFlDsZ-(f(n8p|gX^iw$&#I#n+gB<x8ELK
ze(?5i`>nT!1DEWN^QKW3E*dJcR_pO38Y-Dv)0NG`kBZ>T>*)*q;g5fu$U%7F%{Sh7
zdAT%5S#%o$A%M@$GiQ&5MV4Y3m9bu0BTK(b-Djzclj;%>DDylc%VLHIN5UuJQ;)M6
z@5F_$je4l+3hQ=>0-dJ>=J+!waG4qyE)yUajsv@1!*xqQ6kw{U5sio*jX8C&A=C{E
zyN&UtJ~I#^ViN;QPV+d$pW{miAR1|2l+E9aX`7@sDG&oH+(*kK#)3ge1}=1|N%WT?
z2GivO#H{f$8JqqrMiE?JCGPyLKfXU?r|5d;@#MW-Nm1Zo9(xZQjCE>hf*~oQcb2~+
zV?uFkIE*mo&AYb8cEt;nK6x#R3#xc2t01_F;gut<oF|#{g{PmUI+gMA+(-Nx^36V`
zz7*@oA3Xj{c;v_v5G0Sg=fNR)j7HVg>cVuV-dM<N+j+?+_FsO@d+oI23jYX!7hikz
zN0IHXU0#_(XPfv>@}{FC3feGeaSG9V5vX#U+&sXV9Cf7Jli?ienQRSg?0UyUIXpJE
z7LIdnehXC>Cm+X1z!+g7b>h-%HOgGkW9qHwYqQ_h2QhHr1^F-cIu^NE?o$t&m`|*E
zf*$y%YF5>4L=qpsdE{h`Hj!=#3*Fq%pB%^0eRO=2ESa36TBuOiP{P(InpkL25RVI`
z-#kohml3pu*;7Q@@Cq=v1~yGn=QU1+>C@pp3d?VK0ZUagAUF2P&|4VBI_Ck^8IVqf
zM*@k)BJ*0X3I-89Osx38H8&uh+u`gJk0JgER`6M3_PI`L9CMnS?ond<!z5;WNVY)^
zbKdLdSYzhbUV0f~e<A$#2mde}Jo`kr{e|BXZoc9g{P-psRga?gQHgqTax#@Yc<^BF
z@ZrPZ(*2ix@|kCzZcwaNqW5#Jlp9EwSeIgd$N}b|%MqhofJu&0j2Q221AOR?e*lQ}
zH|o%y90o$%p1QCW4(!_=wiGE=>tSp$kuJGl1MYG}&*Pautf+{b2NJ{*n__l@bA1;>
zs)xkg(h_A1ay<KE28naf<bH`rmw6=tA4V<5S~Q?X5XZ(3MY2i-h@*$vm?2nEU2KL6
zEG}D}nGIWa?gog2G(Y{NF!|yw;mVhPH|nY!W@_E=iO)Y4cKKk^7^Fdu#vlxVeyS*<
zOUZc3Ai^iFcCir<Zm1>3%6w*LmqT@WHcU^?g*jFu6p#>(O`D`x8VFB3b0n<uoJUtg
z*!NP;AsTQ@M!Uqcr$HHAvpqYvqbi;VhmnfE_}U-rZ7rv=bsC|t)aX;f@8Es+^)e!t
zE%oq`BTMtgPu_yO*-I;a7Pznih@9gZ;YZVcI@Pu%0OBBq$pJh|ZmdbNErDxoV^Uh=
z!#TPHMGCPO5X;wIu_<i9=o)5?&j5OCoNjm4O#84ZLxEO4B&97}1K@D!X!1uliCY>S
z61j@p7@39Zqg5Sw(y^G;N-S?D<0e7GY6<|CJmLn?jmgmx(71OQ)*Y?StcG((PK8H4
z|44Z3&p#h7eEw*dJ~|y%STV88{xnq}6^z0y|HCa|=e2tgsg-c-+-i8+dp{bk-p?a}
z25}`BkxgfOHu1#7_ONHqjc_$qxQn(ZYcfdGMgpwjCZ2<ME}T0Njy?5Y`21hr4IGIs
zp%%1bOjMkon+r$J5(B3XH99clu?6ysUxK&uP!H)-!dL|q5H>K@xWYy%VU+#FeIM_P
zr8}9?k+FMU|AsgJrXctwaI0nG@o4eDva0aG{l&^l>!gQ#-u>eI1x)y**ef}mV!;(u
z58gPzQ$V!hL(3J6Xu3xx)3Av|;LX!vnl?!-Dlp0{QOpq<jNMqF5L@-j#Xb}Z^hI5y
zn`4E79I5E1TTDcxT>9)LSDHBj>8gU{pK&EVao>$slmZ-Qm{ga^w!UZP&(V5;0K)=F
zj`Q<j{fYT#XBfE}qHF!o4ysKeFq3CUjG_P53&g0&y_%yozVOuX6M_5!zHxyn72H8o
zl7&qMIEE)SqXP6YfDs6ThLIkqEsQ885)&}_emzVd@8e_dWFl#*KbG;!H-$6j&Jses
z5H{`E8WzzRBvFAf>WSwubzzissz^r3dPxk`nteb;8c{}IHHhEK<N9zEFhX0c4+<-K
zpJnMDe9;dEp6=YcY14<NXXk(Q=;?E#b8EF8ZftsjXAV|~M5*gsH)O|Dxmh>DrKDN(
zj~28*2kcN5;s(H5pblfkZMABWoMzgY1q==iC&VS3FXFoBogV(2dfi}y0Okh}jBklP
z@feXN!nADN<aisfC?z7TxzizD+&tbW91r4+(nKjyf#S0htSKUBuuR=gtHwNbvrrvz
zH^!4iE97x=gd%e!L+Y$jv>4x2_{~&3OyKV2@z<BhiGS(n)8R50j1T~G@P_C{dvgqK
zCd7$b2?C7W=i$zEN`-kO9d+0wFo4w>>h6h0z8F6Dv5%0+qH1Jd5_LzM_`(e0z7)Re
z=I;(qa?CQtjYEidv>Cm=AYB$1jL@#whBJ@N&d|Ju_0FU(ZQB$H8Ndv&JcQ)R((av8
zA9hr9FO0y7ZW7<QO~@XbnVE%1{}izO$N+t{%9v^TnYJeKiP{=b3dsbjq`d%|{$p%|
zPw>LXmwu!EB30HL>19KB?CF{C+MBLm^#uKv(Ibi%F`~<({_&lYWAfiB$JogZWGBtR
zK{m)ujHtvy7Mbc|4YY&+5}6{hy|QpmL_UTOgqFd|?1ByZfRr`^lsy<~>$^a5HLT6d
zg*IM52R+;e8OU|4V01IfQ45v9u=PcgVQ|+J;xQA>(^B~<9$>lS(h-P^F{A4(zt!#-
zBo1Ivp(`MZMC*JkKwJe$)~Ly1JG;(yaFzD&*%L~y{8wb!X2K#*8rP^?T|A4Z9*-*T
z@V$Q%R!e(A;2|f-XeL7b+s0hg+3-CFc7!*+=9S?rCBlF9g-1X%jKMz&F1n>cHeGF2
z|MZP-Iy8Im;KA$%KJWns$aMU3aT7LhO^F9!g&)cETNEQ2k)R}shNERD+bE3BAkf%S
zEm|U5C2&4up9*$pRKPrJl*K}RHXM`rzx?!kSVTnbm~wRl0Re6;f^0!-M?4=~p}{3`
zO>_u2gYKICx=o5}#hF{oq_EGfJ#HFe-rEOaiB!2)S16Y6z%{xex*3X2k6F{8fe_O?
z!Y&H}Cs^B*p@|vG;^TcXSkr|9wcXTnWo%*wFzkG1x$kinnL`U<Z`6af31*=kHOM)*
z$%Wu+6#utd=R##13wHaakSAhB8W!n*s{{8Nbvm%`vhc#|uOn1Sr3y^ZWG+5LtV@uk
z4v}5;qT5&&G=QB#<_bx(LX5nHtpmej!ypxjQhn-?BglT{##l8m0dZD!xwg9gyTSzP
zIROrzpNnAGE!F5W?jJ4|KTWvx7M>~JCK;VG^3<|hEEmrZ3QHmQr5ycXfhM8`vFhRz
zQP`(ADiFR?)Q$`l!Zd-9WyF}ZTxAm&7LFmt;=`v<>@MIIUs}cbt5#t~WGev__Yu(?
zaB<j*Z*B(i8Hc+eh8PfG0v5UHue+?psoUy7Sz;X5WtSRfTBbfrSe4-7F<Mc=El?dm
z&(NMQgEea@V8`g4stLkVhq#h)Vn-ZOj9jU*Iv8Rl9;chd#yD~QY`8FYiumqW*tTyM
zx^a^9AnSDz|8-V9Hh9j%>fAI>IvpiwLYxc6$YB)^;5ub^-@S7iwP3V@fY<;LoP~5_
zL0yk{xMi~S`ROowsvgcBI~hG0y+mN$fnamZTL07c-S@@MI_VF%p6KHCTm*+3K=?z@
z#z?vM_F}ep3jn7n9XvxhZ5v~$&E$*dEBisU^ecg`@!L8aP%7Y8%Dn*9q&o14#)jPF
zwuEj8T~_{q_yPxtz#f+2AjV1)(Qj+wJi1tB)&Dfk-LdTfTU_Db2aqX3F`W`bMI@W>
zW}nxSv)P9~5r0>iSi9{eXIqv@n1fU%FaC+RC;_leEpmYWiSH5wp?#ET!W;-JAW=FH
z1r`Abc4FmR#?)s837}<L#<uW5U7NP;4h_`IgXbQ>$IXTZK65_{#py{xgc5oWs}v-@
z=(6462VeR^q~6(p%SvBj?qPnI$QsY53iB{fe5xE{RjN5t+gDhUY+}d4i!}_cdGghE
z>6I<o{SMC?<Jflh?auRt8*hv_^t0PnAsFOFx&7p9>qFO1Wgn*C?fN{_Koz4j9L2L$
z9wz?v+l)oa1wQ4Z$^dM)o1p;QT4o1>oQ$02jjWCYe7qPoKgCEGfNOvNpCN4HFjvMK
z^3%uG+AbhQ#H!Y0#*;)A+!`w)BBJ?)cbs(81LI&k3DP_i0%SHxXw}sV01@giyCZQK
zJW);fid_XT$n+A7v!@Zymcnu;F2ER67f{g@kKrRK2=P&?MmvbPd8$1zvc|`z!tA+o
zVG*Jj8QFxp1LBbu8hXPJ1F4!Ym}ZeS%Sz3?xa>5IWlcA$C~ZtMSn^xtc^5diPAC$p
z<8ASv?Npxv2ds1iU0C9~B~bRkAP!+6dxpaIFP^^t!4Gj_AUhaw=w~-(@KswMF4kot
z{@nT10gMu2rhU07hs=oaX~fsAJ^PUNPz?qQ!Y^{q8c1D3&lm(p2uE&UlnGL}o+Yp`
z>J{%8u@jMOaNo7TBP<5DrIC4KeZo3axrSS1a-)gJvg2M9wfwbBQnb?mx?<OtR=j?-
zd0KJeHH>1}idd`N;&+W9xn1P?RMTjPfncLv7U@d_Rzji_BH{&)MS&WU)@AQv#o-{u
zD;jPt6HSv^wDZm?Y&ytdyd|Pfsu!O<(L>+5B7(p}sH3<qP&QmLbB1cD(LY4PE4ER_
zPO&b{hT?77N_1;17HU$-%&Sk8Os376Fp?S8uPwtQbEFTeR%J3L3J0h$u$@Ko|BP6?
z;RbOh$v?X#^7GlRA&_xUrlro;yN~Z4FTae6gPklL=@csE^df<QiS66N)mLB1+Syik
z`t&^9r>H_?A`9$CS%hj`*I}iCo7t#Utkc`C+7_<fO}{CC<EE~Z%kls_%3a3=u-BM`
zWwdR8+CY~^`&d!TXBZyDCb~a{06m3staUP@;&qbRVu<cJq^sVIac_VwSIMzfjC!uf
z72%F2R+X^NShRIcX1i2oN(MPt$@TP^#|SVWu5oK@o0ui$eBs<lQjeQrOQ=(4XTv<|
ztcf>audOv&Aa+2Y^<*9V`h7ch#iBv%R#r=30mBM)BvX?)uJf`~s)6ffv?^Ad0@E5(
zTSMNj5CfmZ=$a*1gMUvYJJwgX^|{mc{>@J_Ogh3$JKV3@zDh)I{BrPM$Q(Y*xccjF
z%a#kD>QeATe6v5XV=`sHetwbu58F25oKxa5Z<#2TEU3`-vEOtV?!W>E>FBzPI@sly
zx;he=Mv+{l__U|9NH@DuA@(|oXg_y;77oG5VxNW=t<2-1G5dI^e-+~rQ(QH`o>;QN
zrA1gwqd_>HuLUiJM7Esk?M1GUFUj0Ocz%h3#<}aV#8$;{vU=0eT8Zg9;)QwT!qmi8
zitOe{gO1153?|pBr1nl7eIgvV{EG1W%XWs3JbH>=Cdb1d3&$rA**=E13$ZlFPv7^*
z<Do!=P_diUD(2ET2vCE~@t7lz1P9!-4}7Uoe4J6A823CYHE}HgZ;R>Tz4TIVb9e_2
z9t3BHze+s2|LY=H<h~vz`@pH@U)^;1z};k!?ts?YnQSLl=h3QjtXdf1;gdI9^StoP
z$#dcHW3#OFMVB#9tNTMyB&cz5S7dFrA(opIaZBi_5V^*3*mwjJv0t;R_Q}FgZJD!0
zJ$*8GW^Wav0t2W49$c)gJEUtUu(hm}4y>+<qSmrj3CAFaVDl;CaV302s(~2Q4I)_1
z<QV0YDns2Jiwq*7_3{BW*H+ZWA_ustK+am~b(!fPT?z7t%?6^MrMIEnqg)5EzD#2O
z*pp9(sY|a4FTeRf7=JVs<~jp3sx5_uC(mN-GByb7vkxDGrno;kHBz6H=F54x%T1=>
zzM;w>4V$69xEZ@y4h!+II<kYEK(oHg-HXRg{#AHA4EcetMQ*&5f4<&!<?BQG$dS;W
zoXmeAQ>ffY#e9+V!97w_si`encx3rdd{&ah;#dH&5;69!)KcMp3Cfp#OfObI`fFcu
z1<w#>%_`z(BlfKC=Hy&4sK}MYViKE=9%DGNj$Zds0P0~ZdJsUpHbx2`fjK7w2qS0y
z;<faf1*EI~lo0OIl9!u(kL5nFwQUq*zy&d>f#dTfyniewl1TWjAsL^*CNc5P9#+Sv
z&r<5E@19~g4v82lFf9CEqa*FyBDGZ@U}D?W*zLf_{+&8=GMuABZGl!2Emi}T(Dl(h
zgj<XJZc@RTw1S_Jd}UW&Xd?hW<IWnRIiy<h3@X$GRE`UnU9YXx>*p6<1CUq35g{JQ
z<ZDm~seJuS<lcbNe)vl#7Ps%5sHJn+mlex{otcHDjH~v27}j~LxieH7$OXe#m{|tn
zqh!|clO3pfYys#0y8V;kmA76-w{+V2UDOgL&|SZ48qk2eZp^c83u4*T7K*KC`GQ0r
z%Toi%tlvgQiBJ&8(ADD-N-VGCv;MC-Q)G!u@Qkveq7owT-7E%l3L&9X^o6zdNtP$z
ziDUwSvX7Sp;F_q|kd5m#Frl9~{uJCuRVN~InRtB~G2CbqQ(j>m6^j5`xJ@lYsl|kC
z45u|>`D;iPZWdL524F-7<MAGbW^wKq4>Ll2m~k?Gu4>~Jh-K!<vCcJi+h;ng7*T%z
zuf1CPWB9f?45zOV%^O(#I}z*w)6>&l7oE8Dc{-%uHnT9l=gfuqR-;+XSjFM0M3-95
z5q5JSHqRN3gEaSAr>;oL_%zX(@4e~raNG4b{yrccJ!G0u?lA3`<ZTU-<9~3s$c^l`
z#6~$PaLudgD`LA5*Chmqo;Oh;BDIp^Vl_mldb168yT-|uy#mifgOMV`s;-=f07d^N
zJ~P5xP6b}kt%9>-qzoW$j88GHE7rkIn5Smyv7?VNj$|HG7=v7@FGt40xeE(nj)M6X
z1$#75AcJHx_0@2SMcO6{M4&{tu}RSCSI6O&<iWwHvV#4QKqXRNkr)I|uf+qLSsInP
zuX%p$P4UF(i2L~Q>;3tL2=;`72SfJc$<Vv@^1Xk<Du_Efokl^TgR^+nvwDwySrp#c
z?apTjRd5lkKCDqNH%fKK9Mv0dc*%|7#siy3zxj~KauUVTa+OL!5^i>!ghd2SSft9~
z;yCtL2EvM0>#cOi4L10^1y{2BgtZ0;tp9(_om*_%_jSjAyh)TuQKCfMD2bLO*EhxU
z94Bp-ZG}AS#ch$a80MD&8MYY?wqaYbVGqMzGBkS_Hf-oifCX6>VC#lDL$W2^+QMz@
zD2`*hmTfh*Y{jx})Ws4-QoKl{BwqIU{wO+`JLh7@N&bLDiK2M<o!{?VzUO<+5!%M%
zP`-GdQsW4P_og=a6?HCwL)($_#wpk7v}S?zQSqGSNXQNf1(O}tvJ0@0aOK?=aEQ*2
zUZb*q4EVCaB+|4(B<;CK-%C}~hiNcAJaW?%ATcZ?)$)n=z;n(m$C&aa5`<t_Ie0pJ
zd|sI(F0FwsUfN!IZC=i<D>wH2t4e|`MTpMXb-3~_PwDV_a-Cq<`cRb}Qu+6v`~IN<
zmT;x2-#$OG9O-SHZwdyUoSBXl0|6fzu;f?;RZ*F#u;k`uW+m~A2^=J4i_|th24Csu
zS06Kd9RUb;<d!*s0w$!g^cbnhbv}TIcd|Vq3#hEazIPTwaihFmg+TJcZJ2|g^|Kbq
z3V_$Qais`rd}(v73E)Sv`g<NhiSn|+%H^caQM(pQ;l6e1V>eKxiYuio)mKxtUaS$T
zqS+7|Ab;;nPMKFv{HqCdZo^ruHxo0rObD``2Pf+K=v6%EU9c@YW_VUJmFQ_ndJl#L
z0^)T!%@%O6pF=2`%nPr^n(4GkYgo-uku0BG(E`q+-4yai7_vjM9a16-Q9PEN%)I_#
zs<|rZ4;8Q;h^j6P4i37{ymj&7uH8M6mX@Z2X*zY**7)3ui`XGlNDZiyX6aSvH&TUe
z90~+TTfoO2>o<NHpUuZt%^7yN1~ICTS)hQb_+*#VH3xc|ZNpcD|Fww$((}p|6|lv!
zLsHp7&Mb_`{Y;*>p%pFcaYEENKy(~nJr*j<ZQ73P!8Rhq46&$qPiq)B2|tJA)qO{s
zKu(fkTKV;QZKdccwYPa3$&@+w&NcJ>H(w@+5FumaCN<b-X|X97ACaCgg7ujxQhs~)
z?#1(`XC7wAP1KNrLAlA`EUAC_66#<t;c2t#bXr`TTis`EGn-a2)b`eAmrtU?G&b`F
z=v@s?=XX|T(tpLD-5+Fk^^Dc462nw~`+(cQ!BbFsjCuXU<)iz4F|yC^uX~hr+z2$*
z)g<EzeenF;OlIM5stSIIMD`j^*Un$sX3k7U&DrsH%`&HXdZ}n0UCc8#p==)R?Jxt>
zHo2(agAHhLVAa^VsPj=*_6;&In}idPU#tgf`CIr&E>^>V_gS@LjW~4j*5zqus6G(K
zNi7`I+?2Muc;g5Y&5>kcK^zK^!VOytE*`fS6@n=}<ZwwkIMl|0&6b5XmRMN^f}EtC
z5}z*=GL0}dGO1Of7P`yR^z-cH36ceV`jfQNK`3q}r{>M$2ltum)hL@7n{6FP;8XVI
zZCk5-$|V8vV)keG1^UV6ygAj?%l^*XJpNisg5>;aG<9_AZ|^;*`ry0VZoS-H{(8sV
zI>lSTbocIo@CbR_=5&e~WtnyI<m_ymDs_3&N%PaoGO{g#%7(LrZA}v=`pL`6`Dmp7
zRWqPQn^+MvNbzp2n!c`9vwv3~00ImJ7DpVgO$5ONa=c&cEw=($RL;4{3Dg@GAwWXb
z;>kpCBr50+$3p-G?uZ5Jy&iI^o}hX2XA|ZxUU=E;?QEuEAY&OL+L)Fy1Ja}+SeX@?
zzX3-Q?wjr%uvLTj6$n(oN-Kl`FNm2R-=c<?espvKr;;*JHfJ3P2Q?&bh03~!tN+T`
z%a%K?;&-=9($=N-tE=KoOI>dX79lId<8W6l`?xZ>qM{hjaattp&&}rM_@fTxd*0gC
z!|!(UkyLc`pQom#u*b#&gL=i|&A*OI^E(LHvq@@+-G(25%A=4gNWD*ABy94WCKpXf
zdb)b~ncQX~&Vo@f!AZllG6`bI3)3-kYUTz5FXjOY%CyM`gT*_ogLIE#vl~P|dj-N{
zk7XOJJw|=mQ(#q|)ERNE;z>4<5+b@4Htm7B>h%Ob#Tw1=AD=U0vkPntx4DJ$rw}BA
z&0WSOtC%j0?XLHcFo1*H+UYSNI@_sYUv^TJh)Rmou?YlOD*jJWz_tntGtS@+2`<vV
z%K|i-u-bqb8h&?_I%1(^I;<7J%Gr`*B{}MZ>i(^hY9D9OIqqlE;vYf_AvuTW53SGV
z#y+auwNJG5?PCd8|ATN#0|TaJV!RaX?rFN<^ZR~_IM$iRXkk;Ft!+&vO#Sd0-e`(Y
zMxJJtqV1{a3FD{TQjiw;8K^8Gzb!-LUQNuI-j*=7)@K$d_c+HqgmDIGG{7T<y2fHw
z;6%+Q#Io@?dANAD+U;y8mcj~v<H}~>OP~d(*F!QMH=qBf#IrU?U+I+j*1x=B!XZjS
zz`N@~%uo{8Jjz5-y#gPUx0O2eBg9%VJ?aYYZ;+or84c_YwTr3&mMx)mYEjKeK;pA+
zj8n<b4AxUJ<8#ZXa~hPR+B?G?^ds?`vFJ3~4AZr>;8j5*Lwkzt?>fCzf$&;fOkM}*
zm6>rkzLuZQ4q4$2-^RMO9{u4rA6vkBO2~gKjj4$(t&Mf|G*5<Fg5RJ|m9r((SnTWT
zb&8mtqAz5qC1lft>J+P@DQQu8s8VH3jC0SRzEm96+qZ+0UouHDF5!+Y)4BZ%AV$k(
zYHo?vy*b-PQB)w?Ly4tOxTNB7mA2&N?Xn5Hw$2G73Qnzdieh;JpsSJt_3Sl2xp*BF
zJw{(IoG6}Cs!*p%r$_2nDpT6Q1ES<bh+ZhMwa%Pnf!5+FuTx2={ugy**f#Nw)oRKG
z7JTs{bejMaB~*4Ere<^|N_Tl$3a7JdXfZDXoOHSsvDp*{Tcl2>nb(&$jWMzwwgj$w
zfLa*#4f>1*VDmkdomqL=aG(s~w;u6vuX_^k){7Je2aWsOnbf83-j>;5Q{V}pHYys+
zMR-Y0KQ>l0pA`}lwJiE7-laku**umV5CCtJO%T9Yk>~3tepZq@#lno=xJlcl9<zvh
zF?8jMS)fxu9uGOe0v0);b+AX2brB?~3PZ6&T>RbE8*zHAO(q$SLB><ZBWDA=_BLH|
z!OhjZu88)~!t(ESvq;q|{#68^@)R`%@xUT&pio};vk&3n`)U38yS#PLmPp+~t;yp*
zBvMR=BRyo>GPBW=IY#a%DZoFeRCNW%%mOA`8%d|Ol6aAt)@s^sy3c~_5-#@RXl8Qx
zMZ+4KpWd5r_00DpV51m$5XbASH!lu{yMvRclyA`6%1QmtW>YZeiqpDKU_p{_La5I6
z?R^wSH`+K^WIhelkYgrbL#r1C<4$p^^9<us_Z@sGi0aH+;OoTYYbHlu#v-`2+Aq0j
zJfe+K&x!M6dwoz}eN0XhGA5g;lPH_44!0{T{`Y=##>`Xj?PKw@@ahmGf$60cyUQvn
zIz<7ak~#FOwVHg(=89h}P-l&Vd^0t}5{`u{i5f((8#y=4#uEb)4aGBTlK4<LN|FtX
zOxXw`Gyre%ym~>2Q-yXCtP&(vO{>W>BsVMSV)?1;bmB!G;5Jhq-J#;~KX=`ifc0#0
zyaw52r-$N~+PVVg*Yg`k+S}VOX-*DgfmQ;54%oZ~KzV@~vYSOtmZ}+oWM%}g+c=R=
zA5SbpEzMf*INX6<1~1ODsOw~H8VH3jz-E!6^6P|M%!r}bJOi5|gu{b3PESnR5f{(8
zlH--_W-(dNXkyL$!%HW~Sm9OUAW6WQ%VcY6c@3o@#c@`9B++;^u?><Un@7%`5I5Q$
zqPBCn3>(SM=Fui&Xjn35VahZ~gaqEV$b3rCQXYbuCLPG*RP3hQvjiuol-*&?!q(B{
zUfEw%M!8&r$q-lQYpc`AmyJ&DeF~Q+zrPc#C(xynJTNd&Gcr6jw(r2MAMlQUg8`Jx
zEB3A@<0;B&Y8}B~GYrav7=M<HI6XB@yQOwJ-#|{7k1#`%#)SAZA^2wST?ZRMja&Q>
z(4*5cFem7;M@?^@1-vpbZGJX320Y0T<b?Q0xZ4Cd3o84{(^Ntygc?N<ubjF-ZEe8T
z)t022xm1avO{6mgXlezk&7oOK_IEaeAFo=%t%rjp5`*k!1I@*YbQoHU$Dq@C$u0q|
zfRM@NOOuPKp$0Ivf>0-xFP&Ur^s>Ra1gh#?vbmv}ltoU8LuNR%HnTEhZSH-jW%~kK
z-|qVaSD%a`wxS@-(?b_#{XXY+aaewp(;HzlUNHnnKwDoxDHlT{=Sf7s^yhQda`GBk
zbXzrtLm~ldJe__|5vLYFgw&i&?FVDbOWHHAAJYVYfHNi=?g2r%N%iB+XcT&BnciG*
zi+K%sv=$A;PK#ePa&y6)IDgev2B_Fu!nfHQR#m50Css*y30jVqOrTe%m+}+dB41*F
zR8*~E@_N*=F!kw)8)%MJ3#crBWYyDc&W-bBO#siv8{q|{h7}qqtgF2476uNU&%1Ow
z=t*8W&!Z0IX0w%0=pG%asx01r`-uryPr3l4DIs6FG`2D~n|R@`pZ&|8zW%<0Y+gq)
zxx7(VUk3*rHXu7Z026{)O?1;E9HJs`3C=ORd(^WS{2)<0pSZ@VC0-(&YQh<lGo;Lt
zN=<7)sO0q)>AF+G*|{-0iE5NLi;WcgiStE}1oT*E{^#6PbNR-M1t`*B)wUHr$pfiL
zzFYpaHlKK0ZW@+*8G|Q6oLV({LDl3~so-6GF!^UT87dvHMngbK<g1$)f44A~wSdmm
z={TB($_ZlqdT6oQkaDn8S*Y?B9bnQl8;}Vqy1(fB4uXB6kS?U}H5Ag?-|Z4A@`+yR
z`7wy&#qJc^@_Uc}O6TclH2NH;*o#m%qqFm@rQ6xWM6w$<u3HDAE8L0NtMoSx!W4<c
zmRJmCJD{osdyX?6ptF;D5iZN8B5Wy8fk*6Z2T?uprLS7lN(qIx#-~gc(4?Di>(Buv
ztRUzM*WR`ND@RAVP_eY7!JsB}Zk3FvL$Gq7<zV?C&{6Bd0o3V(<1Nx5VHa2mcD7Qq
z?F)oB;dI*NZ#86)cJF)`EwaXA$(9wI=KPgW^U8mpG7d=a&1||njm)g#z*8pAT|=e@
z+EwunHs>?{Y~P$5s(XlYxBmC8H=pPUuD*&KFMf6+XxH~&{mDiApYP$(?k8W|m(AuJ
zr2g<W%5Vs3XbTC}j9OcOhb7{917Lzqr-n#Nm93C>ZWU3SuuCdf>RTuI7AjHc#a+90
zGqSGPs`L!GXPurnP~oe?S0R<r;}XZ`(%5x`NQzJpCjz$s394DRxjb%JL#f~Z-Q_hn
zqz;HvY8pR`gg%|?$&!h`EzP4a54X&8fMa^SklH!j0hkw|rWVuDM&~@n8#Ggt9f@?A
zJrC`mcs_1s;;}M4w3#tY!c{x8P<n%xJDi&%D<r{IF1?LU{CXe)-g=j13Hso%gPxHe
zjxW#7#9w5n#R?zr%Y;T=)G~=7XOY~oGY>G31FP<dM6hA%4MLwP1g+FvoI>aJjy4#J
z40A?JYeqwy8lmOoWhReqBlOxvc}UJIM(41*98ZLnBphl0*>aK5xgMP|O|&c2Twx91
z3eepymSB7ic2#CTK!<u!*O1*3=SyAq<b!!YfYn#aK`N8fC~BJ_m}me|l@xx7|LpYw
zfl4D_Yn3)#$K>Fn+xlk`-FEIne_vl=dUD#4SWUUTt~v@g3xB>gyZZa<Y4W-6u`%>k
z9>~Q<d9c^;^HSNBU3z-x%C{R^8uqRvQ^%K<V$SB~AR%T=Ar@OM;)KEfrr|ZYRtZ?F
zOAUBbSfUb4&Krx4AV~SdVhgBrpXuuA;*`70<TP0wY~nhV5b@O&GoPL_{rh*C8a9c#
zuqs34#A#||0=SPl<rY$x8*r$UUQ}Ig9+1NY7(=m=i3694u>lH9%&j~(w?c!d@Y6(A
z4>isTw>Bsxkq_k~b*K(`>WZ_57oFqFL2pJIZLg*a`}-sAuN)e5<`zoFAKvlMUJ?f1
z-dgboqLS~F=7T)Jw_i(P6u&s+fDOHVJ~2NV|BuF|+S4FgJJ)in5r6<^4aH2!RGg$A
zbT@h{h|#z}CA^R&FKQ4@1%+N&imXF)o?C=D;xipIH%a1o%TrPVPGPqhz=hV9R`Bo+
zVptldvPtCmCOGx#sN=(4tbsoHskPl8gQQa%fQdp^R!oIP@}M!1Ts@_v0c^373|`tA
zHi5L|z|iZ#mFw9|8c^aVl&b^fazW8?QWgV=zf8=}%t%|T=L$6VXlAo{mfYrV|LEk|
zzoqe7YU|YM#A;0*`1Pp>xcVvNWvl56F|+fHlV@*EjL-j5O<n04wspt${@yU`Lf8BP
z12LK9s$hk&>5j;@F1+PDJumz1XxXb*-@z8Qf+&RmM&g`uh~+p*o$X=UG>oH<y=2A`
z!qN;1P30E3Ps04dj-9}wBsw4__!+UI7RM<XnKR1~(1R66#R@c$JuU*Sw2@U(6V?(A
zuDTNB*6^~0oS_9A_ziWuj$4#k=$6z66#@-@Cl!Ru5vixOb@?LR{5PLG_N_lfxRb~E
z+%JueQW1ZD$W(PLKkDtLDqy{-(b3VezT|0Rqsytp`qkN)*gqb4WX~0bICm_^V!fbS
zE;WatyIX<OT#2b{oKlx#{Kh1)@(N%{o3))8aBH1f(O!iEE61xDz!JDkBB1g$4qobA
zr%E<F14E;Y|Bo+=T2n*c>s<)79t15;SqcCK|7$z@VIoxY)<IUQT%fraQZIr>s_}Od
z_tA)~6l`fPFqT$%QWpe65(J>*F4qv-<<Fjc`q^*(`)fn$An17JnP=R8_}p`Hq8^y7
z)!P1l7s~Cky`;7kT2<f0mw)Y{$C=rCbYX7(>)qWEj5M8aaFz&(3W<28oJ_`C{X6=d
z^cq1J*iM|EW-9PAX(+0|m;x#yIBN~4VmV~uRVk4^e)9&-QUfSiiyiE^L?;`qw=!M?
zre=OF3P!$2Es)ZMbpJu90yy^dGA)KqI)W`t$)_6BVpmT{99(y}cQ@X2A848@2_xk{
zW3j{wzxgMBf2R6bG-Cbfr=P$5*{b({nzx_&3BL2gNo{kV;~3ud@bE%;dU7ecG@tsf
z_SU)=seOI7wKY_W;KDMIne>_q)#|_zE7R1oNXo8+6Gr_Ng=+M%rd-7#BuwDFNCgUO
zEMHoH2<JyIsge(Cc-=WTTAGR?4>}7fhF1hoku|Ge%C#=$wt)M?!YrY&`6`tHem~O?
z+|F9ZhO4c)p3Ju=ms;I8$?5+aD7t@i_;;WEx0inSb`;Iw2!|Iuuf2Am{Kz9uJdn`m
z&Ncj?-#_yceCL~!jh1>o^}afrFMe^?_W9VYUr!}B4tICAJqFLQGlU%$7?P5cg_i})
z$=a5Sd-m=r>%NAD21iRvv%~NAInJGb+p&A+ULxNTj@vEkdDGXC`ku8iW&wt-vz*GL
zagbI_dN%F|1sYxaoi>_I(;N1i_Qp-q#Vn@UQq4j-wRASp+x3Iy#<m|n^>;&))%Sn$
z<TLaf+gm<z<j7|()arZE?dMLw?|XAD)VFi1-u1TaI(+y`fh*TX_V3wq;Fp<i{3vnq
z0O3y0)Z%=-y0nHnAn_5%im@s9QRD7Zfgm_hN%whBF7>b0xSb&Psl-%y>O5SrBo0?}
zWQ_0&?id(k!R3s0(up_hFaI>+GjDBgY8m<C?~YT+Ub)y`j_030<_-pvr6WgP`dkUN
z`W`>e0)GE{bP!8BVRcH-|7Rg(!<Vz;-3*f4-rm;HPf8CuSa*a+h1c?{tsD75Fr7{M
z_y58HKXJ7)2fCG6%gHil@p7|JZ<Eyj#F+Ael8DdDj!sN$>+;?ta-Z~v^0UKtz=y{v
t^co!)WZec!I8S;%w>Mw)4S$|){}*=FCxWMII6nXY002ovPDHLkV1i1Y;I04w

diff --git a/site/themes/pinniped/static/img/nigel-brown.png b/site/themes/pinniped/static/img/nigel-brown.png
new file mode 100644
index 0000000000000000000000000000000000000000..63124eb95130b0a883428c865e44354648d660c6
GIT binary patch
literal 9225
zcmV+kB=*~hP)<h;3K|Lk000e1NJLTq004LZ004Lh1^@s6Ib=4{001BWNkl<ZcwX&&
z34GMmwf~vSmPsZvlbP&$AR)-AB&dj`v=yN~>r$SSr=qBps+DT(`&<0Kw(j=TKEx^t
zEm*forBt6{tx#M*kVQmXaDjyE+a#HpOfviW&iPG#lV2vknfc9RG8z2j@)?rM@BZ#`
zzW1Da?>Xn5D}u@Nji!L;8{NCf&cP(W-|#^&3GgJq-*5_i!@D=h!IJ=g!zqx!?rkp4
zzo#N2{Sl@}zuzJDd1{t4cD5$4ikOR<<X|3>Z7D5$Rgnf)vX7eVj$IY$vRw*^#Ho@<
z^gh484ARm>4OZLIDurTM6so&?hQZuRjK+bO(MiAylK}G&ad&mO3qh3jx?GSZ8YYnh
zHys+8G+wf|FRgDW!_xfm77)*SlK}Hj?Ix9~>Z<(g`aT4hn{-ksh&X_UBe>V^2XUBu
zKEHSIB@ONS;sGn3cP0T2L$zJi<qW5F*c~7jr!l#5WU{a{{(Qg!10MIN=Y?_^Ov%g)
z`QG2QtiH7@9>8LKXA<BLiv9D6x^rsJ(thl=c;Lj{r-94G;Q;=?Xc|TLh1zUjzt^Hz
zKTD|`jg8+wYgt3<7qNmCOa4iKIn>hcS>gi}!h4VQJvzHaeRs<*PkZsPm_R1c%m;9@
z%?2F~XRwswbU9RHWH5i*yk0nN4y>)FD>FgICjtEaJqYr}v49p!-bsK%sP&J>YOkMC
zu6pjH&keJGci(5t>#NHLSuW-Sn7EXPn1iBt+9**x5@h1)(8QGO2g9|kT{*D;Cp7OQ
zz#)`6{K9vRs50T)8Oz^eXhU-`Et*<vcAQHCoXIAy-v@_HW;icf4H8jco(@fZeD|QK
zpZPizV0vb72j=Y~g9A&SG+O^96gZ*z&UAp~l?7Ud+2WdMv{=3r+UZ#GJzA8va89P;
z0CAc|A^}O-Fpz^D4}3N-$Z+rlJlsk3L;~1^WzrmgTe80ETDx;&X_wHvXDq-d?9`e9
zZGbf}HFX<Bg&O6eu71n=LOU-sA8|1OMO<9L;o?Z(v1K1Z5sni(F9)-t|Js(Wal>KU
z3KmMdSn_4dWV3M8pQy;s_Tr*vluSf|)AwSp*Y~7YoVK>7Z(ym_;~BHqd#<ebdj)dI
z+XM(Ll(<A=SIQL%1r#gNM|Fq0!sd!-J1)Si_&Gc<FlVF5`gtsLh$U}I1Du<iS)dfl
zyO292D2hF?bSyNlzS~%A1L%ym4B}!GrC>p^tU`qco9ORPQA|^!5l5OXqtgWobz0^-
zn!gX@99*YSgPbGYX|Q;FzK+#x`jU9tB;>u616YGJ$}Z3{8%v+xXG#;Ljb3^R=~+mg
zKEvRRgKqauxkU0Sr^j<QJ|3-=2)vUvw?tQ%CiO~=H}$tsGuWaCWFyVR2ryTL`L)FY
z2A3OVWhue#^FjX5b|{?I%kK3c_xfNwMKjyxlmoaTH+!8(Ec$I67)E`?iy~1h7K0u4
zt#Sm(IACpX_~2@}$ZgkYvUj8Xph$~SmJ8m|CPO|J+(U&Ez{quAMy?Ir(~`*j827wl
zq^K8lU`mM?=BiY@Z6fY%usc@W*JJui)JBgnL(%}QDaiVzN+J7iZhM_>-yypfvOIp#
z4B{M|L(Mqq)nn{a%&%uj{4nSVkV1r;(oC@z(m6&21etkwdrsD6mu72UCx9ZUEh9C6
z#C)s6@%b(7J#%7iXdEvj1z<!hds?N=NbRGQCv{THnUCmuHx7IAkZ#{@cY;D82bSaF
z=+}r>+-?tA_tKDi`S+?Gd@hknhTic*4%!M`_?>L%I~HJ;i>VJL+`nog=%&N9nFa@n
zW-(XvkF|f1-cJg^bIY_gnOLN7;5<c~;q&>yg<_5pms9%e2tJBH0%M|*ROAJ>UyL9l
zFC&mNkABr=Sd6M^#sajfy6g_*^T!D&v<-tShPG09KW*un-{^LKl&t=Z8^A@{tY_si
z>FP9zY*)6#z08lIk2|+f2U(!)-Zb3sPaLS>h^@o<m;g2oSk|64I5)ESSWA<^<;1yI
zE*LAl(|Pjx*6!(oUr0d4aRV5)H9^BRmm8?fE{_*_kR`x}a~<v<No0qDpMbt4qzD>z
zev!!4*kuSJxh_w8@nUt>Zj;*u+0yVPL~aAf@bJUN_Hm<kxXzASg`og*8_<c9tt@`e
zh=c$aYayg5<G#b{sA=`AL{S|rJ=3F~vcv3Xik2_Y&yxl)&99kA2a7u}ubpX$0M3v~
z=iA)wqty1FYO`+qflm93kQMcAqv`1lhJl|>M4!in(p>JPPAO6GV+p5Ln227-S!cdh
z2EYAT<?$I)v(BL+j^B2YS%}$CagizE_to-?pz-^sTBgQX<(OYf7{G-&>e_UPn0IwZ
zoNFDEqH)aqOh^IqXJ)~Z>uO-{M}2qAo~C}Rai{)-<e+sHaj`Z;yG0c`eg5XlPq$Vk
zr1CfmNf^MPTpMS5lKxteRs)?z)+j~m!pJ09RI7ns-dGMsm!$Z@|Jc*XTAJ**V9XE?
z&&9ZKv|ZBB8tROd^!_CTV1-zGrB0)|MJg4I$@RpAoFEgRJfOX@8~4$20eM-9lCnb@
zRAvm*xwg6j2CQ~wB`-@8!O4zJR6dg)f<N8%qavuAp@Q%H<RC-4|E(%pp%96-la4wQ
z)u3|x^tfD2*R^y_NjjQ56($7Wv2bsBUJjh@=!Sf)8q{cOZRpgGP;`U?hWg?`kkgQ$
zp<66I4HzjTsE)S2fP<VmQvrqOiJ=Pd(&+5%g?7eAJvwP{;YC{~7rQS;(<B%@zF*zk
z*7a~IfJ<$N-is(L4QHEW0KhGT1OW(_%JX!Pk3{AsJ-Wbr+R(zRv`M2i4>_!-e*nyA
zY!{O3n2(hGnHlL!85Q|Cj9N4so!-!xz;G)mU1%_cOP`$lnjwr6Xpc*()qnwl)oiiv
z^%#t2Tix*K@28aAIa3T9*44M>e>P;85YpCU<QWsdIKkxS6==KTX{b(_0Tl&#y!v4)
z`XW0}q$*J#O;#TwtRCmd)*<c-S04dcQ=HELOYc+CW@W~_Ez|eu!HV9JgQydip;gF$
zTRdt54LB+O9hzthbyuyt#q9FG`^@LA8%i~jUzF$S{)f$XyveW(xqEj!bQ<eBaRXeI
zr@G&4ws&f?vo^=t2<$wlki!({Vj4^8=rclxA?T$u;?>#Z#mpQVPGYoncEOB!XTv8)
zjzVQgNm#=J73xMqLR(jRuzcFXM@nd{c&g1XaQo8fI=|H$Ug_cTdhh$NvG4v^`aIUW
zaRFSOuQ`f__&TcGgK9@w^n}w)+0na!3<~KYH*+YbFt?DI3&SN6>pcbo6jzi(Uq=_{
zve5;AlPt*HWa;6OoXXD(GgxSzzG%gAxM1-@<YcrG;bQ2`zwd-E4;_w3yT;aGrBhUZ
zz3_agTCyC)IFEPx$Z9-3@4myQ`xcKCIHB*y1#nre<}{k#1g{b^(>$P%2NVHQ$|7$I
ztLx5zWmjGfnYaidh1b8{*aaW$c{gS;%MxJz((l0!mR~lC9=ESp4O(=g37294xHv1e
z18H`b`{c0}V^WL`aRJP(nnM>I;fO`X1~x?kxC>XXn|8bak`UeQTd%zdhyEG6?;LHV
z9(iUX@8Ed&?q7ow7jF{*Fx6=ou&(?{Z`m%C6XVSn7r?l3HsV4?u&<O*fIIv8VC$<d
z@%H8a-~2OlE|0CbXPr9_{^Q5j^OpD4tN(yQyY}!t^P<wCrG5C^b|eu^J_H4sv2ie4
z>4AEEY#oXN<+v({b>Ax#;JhgnaQnKS^LC>jSJ98HyEmpT-nV%Jth(gi;l(%hKuLKK
zbatK$zW>p|Be3(iZM@~#?RMzu9o`&70yteF0-YkdHHojHlm!^);G;MPGm9)CNhrW2
zHC3?Y7i)t>YPBVhlT!wDmH9AZ?rd=Nn}t*t%+t^k;KC`>YGBnZH$ctIn&7j)Kfet=
z```#~dEE%E4MAoT7hsx}D6tkXIeOXUWPHN_rVfVVVjsGLlG;zg*)IwOxT~iZw!Aiy
zt6q5eFR<(NR~VwsJ9`cc44v~4f;0;-)86W-@bJdq))dyRyaBSqcs+6#SoAInu)~2n
zf^->pao0e5ZkNmR8$8ghn3|)!M@V}@^Q0^XQ$tI0HJ@Z;W}I|694n%Ajtg*cK@sYZ
z!|#6|_|qRo6nFK~V5khpLhVz2j_^ZxT!71`PJ!P(y*^m>Z`Pn|RhYyFun)Iyq!#5S
zbQE0M-fP-;K~<hVnnwydD7f#ZG{DqQT}JvQl`7+wSO8Wjvmi$s9;CS!E`a6Ntqc~)
z1(?39Di?k*o(u3f=hnjid+=9Gxm(sh32i4Ec$@7+KdX-Jkq037=3w+E>uTvS6;UB|
zl{yEmwd7J90HMwdq!;%LiFL}0j`zWOQyyS!sRBhco(PGYxExH%hRV|NurJUY_u!T%
z1OY5Z-7-0vGe$oA=|Uy6hob@E0=({#d*R4|gXjk4hm*%X0c99nbg!Wo2CbH0{Z!__
z$WR^3vrreF`IWk0&BV>5)+D9P;v6gN?Hjflo@oFxosG7tCXWtUZL%qvvO|G}flIIb
z5m+r&IDN7nHBYYv-z5&tz_JuL$2)PpFG=^qJk(d5LQER$Xj#IXboyY>?Spz;WK|az
zKn7~LSbuC{CiZt48NMN70)2<hb<o}00}kY3ZsKxqd$;jybWZt{Z-mxW7N7&iNY@pK
z$Oi>-FSI)XTPY5}9^~No_E*t3it{|KZBl6YQ;RfLczhCb8u;Gjt6PFp*T|y-Y`0k<
z15e76f?q`ch!gNN`biv0Dp4tlI4X%TC^(()9W9-(1u#23@S)KUN|l;f<gq}u^!20B
zzyaOnVXnNerh);PSdQ|tA3R;g*qJ-~n3F2O#05B%bJ<Mi&0V$M<91$%$K}A={~@?c
zUBUOirL)35>%W26u^0Om5YaZf>)MaoP5hhw7yyixH6Z}Al|<rXu9#M4C?Qvu1AY`?
zBIF^|YYzj7g^`2&vF5-$NC&QoBd6wRp;V_qV*=yI$`}<0ATNSKKj~XBjs_>{slV*#
z0X+v$>Lgi#$X%Bb0ZgD$3IdFE1O^2_tA6Ah+++2A(bCgDD;zOjDl9C2xn@nX(`f<a
zd=>byEH<^i`xW!+6wzDI<r+3oCS(4kdJ_t8nOdFgF`J$80<ATa7+ipha`G5;BylCp
zS7JKqOTRN*i{T7Tx8eMS+?pn40H9C_;gS>qC$pl(?!x0Q0RY*gL5o$1Rs}jV88&nq
zpu-eUO;+Y+qp=@>7!ucq8v^@fD$9cdCLc9Z9`CTIwK|;-eA#K?)w1Bpw9NJ8g_d2#
z{|;uE7G|tEk15NGj(FzgKIqurz!*772G+wD*1%yjv&FvQ^R9ur!geZw4-yJ+XuF7`
zz2JWl;X9P8NP9X+c$Jnhx}VlF$CY4SWii;CZpcOh1Bv9XJA1)kvB9^dS1<#B{<Whf
zi@?_RTR?=FC_l@E+<J4fGN1^-%Rx|yM@ba-nFm3uQo_Ek0u~}#?PeqRJ%gjh;fOAz
z<E}_4BSSx+TFd{k!|gqvGGxdk|M;-Uz<6!^SB`qqS($;I#P-THP`&&dkY>oh)@y<0
zU4aNmeO)_1>@x(*P8Ro4h2sh^ms+&Sq{GlAN95soUR5a^ZER<bwJe%m$%tzw1{l*~
zoGIdN<}<|U-Ti~ms5jukMGCnXIi)m*tV4k=(ExJbAfN+hw4x=T-~YOa;o4Xdt<u#p
zu(ld3Hz{S3EOn;rW)%15QW;AmidSd2ygy{i`&?5CUuM^iDBh3Kr?>5C98`h17a4ow
zp(g#Xx-OQ+#E~~?09O@i87*IUVLQ6@HHA5lug+pX?L{usC>4;7M@5)M4*|`*MPCd7
zM+>o2=;KvckQ<z**;Vr=%^fi4h}}V(b^(3;w*T%Lbli_MF+-I6upaVQ;1=J=qbqM0
zTn+{W9Vrf^?v{;7-}`bYIc@+KY0_^f(qvwT^Jl)v;V-~>NU-&ZZ6L*aB-}_;vs_Di
zOIk>E8jLvS`k3!A5&)<(6rjVwkRcCf$=Fpg4XSQ53!d!ii(~u`zaqtXMol{b6b<Kz
zrH)I}<O+J~#P$q^%>5>*4*pfL9L$Ej;IV%dbP8-S4Hmcc+2Rf(5l;sa3h=ao%<I&O
z^yj$^8F2b64i5~X!&_lI4dlM_?X#u~iRi$$p;{x>5Wq@d8Vm<cwnVJfg;Rjgb5gWL
z`c7qz!vcP}1_#zJBmo6RXwXu&!e`TPdKuEm;|6)h2dDH=)w*M)QRw>#1DLDHu{z!N
zf7v;3A5~USptWEn32^{lbXFz9vBXBqPrlaE%6Ld#ThKUgtf_;SW+ck#;I|C--H{U4
zsp08@q8%dZ;8m2LoQ48B@_@8p1Df%b^;Vh>UTPYD+b>_;2?2P11xCQZ@I|M(%omv*
zo_DCCLXGT)CD~c8MDu5g<oC?iU|M($W6PO*IhmR55B|L$7gc;os3(dY6(kByXrxV9
zSz*UQB#=!wnAWzP!2r)K)iizD){m4Aq}e6v-RV-v#RFFNW>=adsxgAzabRGS^ccM?
zX^viq^E1~2?+ET`okI$Zh^!gI!`sr+VKygpQlwWMI4xL)=49H&nS6fd9qszj0kmSM
ze=J!O!ol1I%q~@LPM1i2f{yBIPU&r1qUou}(s+8eDqjZ;xK$djRE>M)yN0623a!J2
z>P{PStqE<6YukF_^9B%FS(JPU1-J+;fyFtx-j<%hxjj}FI{62ZR-ss+Rx1uBsLe?$
z24w@>frgLtFo8z-8bVxaM89eh+07pJreAj&ZcAE&c`8aMz>zwFyO*k>Y;FBSb~e_!
zmm&9F9wYa%E9!}yce(vc8o+F&<1Mm<g2*nk_@erh<J|sZJh{ks<~LmVbO_vr`*KPI
z?iaR!lFbG?{}NtkBNLD>=>V7Hsvbw_HGpQbU-Pve1BnKV5K+PtkqZo&_ed2;(d(k+
z=hj7gUrOQjzYn6g5elw*DDoYZN2*w}&*yl)y+?H{e5k|(z$Uziqyx-0t*WXj*K0A3
zG`tQyBt5i~!sz2(Cmk(C$xLML`CWwV5Ze}Zu4Vu3N1!{M?zbN4F<z3)_C~8~!T`?7
z%F4;fl=enzU^1RxjuN04CB}3V%hD*4gAL+M?IMr|@YCpUuY9c6IPRwu;-STa0Zfg}
zlFMrbF*sO7zV<Oxcq~AXITJUvS*Kny!mR7F(LkTr=FxtI4Ha@L?rTYhm4kp%ExZ?I
z41q|Yk|>HSC32v1lG)PjdG8aO{g<x}*qEq0shSc?!36bk@GbD8;Rs&c3saZh2aOtK
z`nR){8GFZ4e5e+R-K&O%>8CnqF72nS&Je&30u{ince!7FNN>DxEbU14yD15<eK+`7
zrB=5IHWgk8w{0ye@D)zCi*El+3~P}4{xo!%ML2>z_?!QNUqA3LJb`xP3t!y<N0vv{
z^PAA-+>aVC;&9Y+JKiz$KdQ7j9(|Dx`VTXHvhf*neJKgB`yKGJ2O~s_LG)B^u5#95
z`(Wuj7aZEG8zD{&C^|cEi?Rt-o#dkU2L!bInw3!eZ<oNKYlaV=6)ar>-Mje@n-LW)
z9<TlJuJ&069MCvss-{o@DG4w$*S!libjDB|IstbdeI$3u&0BkyD9~qZ_syeysx8QU
zQ<q*0`gh)ANW0{NePC;Ehl2>Pe<-T$xmz~Dhd19EmGmxL!f)+rE7@s_Km32xN|Kl%
zWdSA{`1c0P2!H)?K3u+0kN(Z00Van$S_I`ytpZ!iNZaoPFFpqcSFL8qsjQj`=K2O^
z<r{6KO!)`BZqHSXoq;GUXK+d>fRFzP9<M2f%YJYN%zx)=F!a3+9Xd4>ZC_o)+>@|$
zOUnojCU@HYAr9q>z`peG0oZ;1g+X|vcu_`IS2yEgD<qgVX}dPJcF%d;<r=qJQO0}h
zq!hr^*{)aM(*hmL!IjS7lDnXE&wA*`^VqQGmU0H*Pyeij?n4@etqeogzt&uP4H*8m
zV-&4a(`#T5xt9E|*))KQGuM#kT{gPzhDM&}BY20y@zG6f`uXDx#(0#UasX2&ExW*<
ziQ;&}b@`Xw`ee_}boH>59PE_9!F!8GxXI||%m&fd!-u<rghHLCJU17dJs~F*a9~)y
zo>O?r(U#%!olV!|;M@yR<^%;lNd~>1)~gyjMlS%y1C<1pnUVlswEz@P-vhREn+TKz
z!{F|@wG@1wG+rO5aF=9+ifN+V(7g#v-|xxM-Ze8*&YUZacF{(!!*ThlHvP^7(tq5G
zN=bn4D=E<~ndUZ}vrZ4jkK|B%LEtbLt)RKeeJ*vvfpgLO@50-QzB_`D6moEv(X?iZ
z*|ud%S>c9ax%AF}J}cl~6^@H(frbG_Q<7%kMoP*x7H?=&zKB=4QiCNK9`M*u!I<WU
zrGIRN)BjY$;qCl>QQ-jo?%TWI-HVou=)Vc$YHby{z=?;~xG4`oUWI|oFt}=1&bqC>
zMS~mV*kVbHJD-NHAmspltE!w%agIuJexirMItRRTeIcDr@U3d?65pJa`Jdm`s;<Gz
zGZ5fW?vcceWh+;J;mC(zYYuFoFxnhEDvs>@ev2zDthm0vxn<rVHyocp%wnoKr2zih
zl;T#ESW?Q@1Dc5!KG6a@Zz+Jc&E47cx%o$N1zbgW$rfCfR|FSz4lkyBxR6R4!o23^
zcfiRFfzS{SiI8ifoL@nK0c+g+AivSuxB97m>+>;Dc>*)148R!Fq3AEw<)b_xXwIbr
zX><b7S8aty>cflAj7%lmig(q?G2(36&<O{k?c%rIfW6=U0d!%sy=R<(izK6^AGt)3
zkD^4yxmCrCTdZw{o`tUudd?XCvXlXsjkz3-@L%~o@QNt<y#OkW25#?njJSn~T}i*0
ztAXR3_*aoY=Hp^oeQ#*#%0+LDv7Lj7Ho6k{JS6~rI9GFatwzl|uaQ{~-B00JnQ)Ea
zGF<`GaiY>*d}u%XYr(f*V@?+I_X+ngpt+d##%kOrC*v~b1mYSjDkT7Zro8BIu}m5`
zIn7C|)@idWmNSVc>oLg7jcxj1Nej1cgAaamHEhR#W%ah<P!7=uN&r(*qSeEKzG9!*
ztZN_b9SGil7VZ61c%BjfhZD~%*Tf2NL2)Tu!8w!k?Z?-{zB_*by%@yo?_Rs$$h9oM
zEKtd~?>EtdB4q*Qx}nAja7lS3T+pEhtu1icyc})A2M_FrH|&A!t0E&4DBw$^B*huw
zCR|CM$>37kQv%@o^0Hq%U#+^9OK>tI(5%~!|Gyl={996539T)S=sV?us;Sk`Sbqw<
zL%pQ4Op)%8;MV^=jEz-2v{ZYzyKCB4PB^2S_SwFq1i)KMa~GAQXY5M^z-$?GeQg>B
zagk8u9sHfK0b_6J(0FJfBCz3&=o$H3|I`yWQq*R5{^p(@<AaG7oyjUMB><+*zED=+
z&*SV}Sq?TK2X7b1!2}H1h>7#5V{Fhd0+<_Nj^bvqmp}6n+U52A?$cJ&x@3Vcp7o>*
zz)zOu`?HbDbhsrUWj_lrM(Keq5dbE2B!S9C++k1or*n>bh5}3>A1G#)1#eZMg!esI
zaYRrQL}#zjerMZ&{jcLm^kkNuG62`f<(I9_)4Z-hkOQI4hJ9uJkmee}fh>XC=xj%K
z8nKCDYf+#y(q+py*UW_i%!*+e7?fIi%*%SL6Lam&c!QlX08>XFE6!_@rim)(unLhr
zofbv-c@Zr?bbBu=W-0at`7V!46frblZ;*vVeI<Yi@K7U$3kL`lGYRl`4>L~r7@s%e
zj^dp6GSULEsMJinN)bGTAoCq`peuGt^1bkn^%gky1|3rpcfO^+31A9|$mgCz&n5v*
zBEX?lJ$`=eRz*kqO?Uw$w4vaBO&rii<6P^<@P++Z8FD5()2=5B@aBFQ{ONy3M{BZD
zcnGusPXauFKt`(??Si=&!h3`wnH$+B9o3od|Iq~Bx_LMV8C&K6-oKEEEA&Z#qft4<
zo^t`FdH1S|Eb#YtMtgkFwkV4eEr;6;asX)7_fIaeQVd%_hOC)Wr2Cq0Q5D)&D_*ac
z873YUE!Y|-0Zuh|0nRDY97VNbUFeFLucdZWdn&?QCQX-Mo$j9G;FLp{#B=CsIb0(h
z=!wBqe1zsZ)oGX%(W!>;1y#9tmCdlVCsO-t$iW#Au7jThIK|K{&63|$UZ5Gi1SvxM
z@H$t<*O`si%$Ic%;1mNG#j_2?GZW4?T4F3o6on_ukraA=65wc5O!D)Ec+*(8(+8nV
z5dv^yy*?9zI7hwzDaqYTNOdWtix$$O*(IuL)C$F4gyf|>LI9>a6fT-K=lr5vb$&y;
zzVqN0rzi~L$YT#eD@?I`XB@x_kbB89LufKvZIFf0;3J7>Rdx>a^0?E^o;&B*pI>`V
z@GYxC+my_F!YP%^Rz;}m!s>j%{<CBwrmJ?yn<HE#yxjakXzyqXTVq*Sh5MC#$0A1!
zPZ8SiH6x_~Ub19K^@9&SSZgwwuADY)+Vbb0S}%V0jlfm2LK2B*ike6FA%*kB$}cK`
z*4E~T#Z8|+>#J^$?D9Q(_MCBkSt$eXf&~i{Yu2p!@uEeGhHs_}A^Y{qE)ariFb@Ho
zrP9FQKtHd;0A&>6l{^l|@MX|^70B>9+}rPY1hzfb1dl&+9g}7E?%lsXaNxjiw{6>I
zim6da&OD(27vhz0`}XZSfx$$T(fVz~`viY}?G@3o1)sCx`K4V4;Tjwm;j~`ly2IY_
z5U%i&vUzBW4h$|9U~XQ#Le~1wLk}%^;e{6t32tDLGENA<Cr+GrR-sU=j@HMwcfJC9
zUf%&dJ>4KhAFF(vFS|Ng!95h4BhvfC2z9}@000BTNkl<Zy~Sk}u>Q|~gOwMZi-*_v
zU1lj?q*Pc`1AgfeCd+@`dnuHZX(Q(E@9%%Jwzl@tXnjl8^P~d2fB*h}78MnJUr6U3
z`uQ3-@%bmCveIHni2<{m&hS^Lky9PH$G-gbhr#y=Wa=z?i8C#}_^!s|R+v{X6Qrso
zP_v>Ime-YoPAUBA1zb0LR##UyS4dySGfz?hZfI!u87e47-r>&EyO%aS4sX1&En>gJ
ziCj`kl8rZ8mkXP=zd53e|GD>W_y~if2?>3r*4Ba|YXN-!&hNs~*(GsfaO~JI$%+*#
zM&6nkcWJS|m{fqNc?f`{v9XanGc@6vyZX{axbTU5$)OmX=s0&y2a94wE|+`x>M@&)
zU@`<wfl^R$x*?R30z>%c;8Z|C#uJo$Q>RW%SYffYDd_;S4Mc9v!{6JHqnTT<k7LlX
z=eJOpNI!`EA45lL^z{mti&>|4D(m-K{|coQQ)8vYc;$EEwE^nt>goy6j7=E8EH#^(
zo9E#wlqO5@oj1KOg2+DC`_R)Byu3va09Ran1FXC;dQ3_|g$c-niz?9Ip>v*uQHcH1
zFtUAkEsB8h$C_or0cJaZ#E|dU_KxGlE&D_I<i;C3|0t-R5By;(Oq)4JP+o2(X5Pk?
zxtw!!CQ>0dAQ=;6I|e+(tsXO-sMU0}Epwluzp}Ct&y9;FY~JOzJ!Jr98@1u#R|>le
z6bC#`&y-Vt!(a)R(nMzHY{tmVVbbmQJOCGdZ)B(>Hfvj38{Wq4g^G%bu<yIk<D;*y
z5Ad1+P+~aZ?(S{|Knk-&-08usl*MAfo7vLwA`cmA$9&B91TdA`f<aL6=ONt6U0PaN
z8o2d3MN-NE%%#gu);)Wh>vZ4moi0yC>#65KEOCHJqlLoa5~!Iu7p}N^bwn}}aI{z=
z?zE%ptl4a4Kw<_BZnp?{0ue!hj*bq<zy%g@@!;Sf;C7D5M+2m!q=W^L`AP5Q<>dj2
zXG4B|{#sl_rR-Uzlm?iKUQ<)kO602b_z6&6Kw^O<t{fN`U;rkL!+9T6Divt8TGT_g
zLRncE^HZnOG2BTaHy2}EvWY+?MGJwBqPGP<t5FQ^70`qU&vM29%%zmUU{E3V(1G!%
zB2kdQViP$C5Kxo|C=$5@u+eB_ep;<oM*I?x+;E2Yy9d9&7P<P(nKNe!5AZSJ&;}ZC
zMgq)7yZZY25)_?h<1-5T`&|U)JlcZMDwjB!L@IG^n7Np?FbDAS4wmsT&bc4swnlh3
fo)iI-uNnUbQ1XyVT-T(+00000NkvXXu0mjfl5gyl

literal 0
HcmV?d00001


From 7ccd41b5f251c9c1c930317c1b38908fc1c5c3a7 Mon Sep 17 00:00:00 2001
From: Ryan Richard <richardry@vmware.com>
Date: Fri, 22 Jul 2022 09:56:20 -0700
Subject: [PATCH 7/7] docs gen tool changed its output, so rerun codegen

---
 generated/1.17/README.adoc | 25 ++++++++++++++++++++++++-
 generated/1.18/README.adoc | 25 ++++++++++++++++++++++++-
 generated/1.19/README.adoc | 25 ++++++++++++++++++++++++-
 generated/1.20/README.adoc | 25 ++++++++++++++++++++++++-
 generated/1.21/README.adoc | 25 ++++++++++++++++++++++++-
 generated/1.22/README.adoc | 25 ++++++++++++++++++++++++-
 generated/1.23/README.adoc | 25 ++++++++++++++++++++++++-
 generated/1.24/README.adoc | 25 ++++++++++++++++++++++++-
 8 files changed, 192 insertions(+), 8 deletions(-)

diff --git a/generated/1.17/README.adoc b/generated/1.17/README.adoc
index 9efe8a67..38e7d27a 100644
--- a/generated/1.17/README.adoc
+++ b/generated/1.17/README.adoc
@@ -614,7 +614,30 @@ WhoAmIRequest submits a request to echo back the current authenticated user.
 [cols="25a,75a", options="header"]
 |===
 | Field | Description
-| *`ObjectMeta`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#objectmeta-v1-meta[$$ObjectMeta$$]__ | 
+| *`name`* __string__ | Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names
+| *`generateName`* __string__ | GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. 
+ If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). 
+ Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency
+| *`namespace`* __string__ | Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. 
+ Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces
+| *`selfLink`* __string__ | SelfLink is a URL representing this object. Populated by the system. Read-only. 
+ DEPRECATED Kubernetes will stop propagating this field in 1.20 release and the field is planned to be removed in 1.21 release.
+| *`uid`* __UID__ | UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. 
+ Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids
+| *`resourceVersion`* __string__ | An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. 
+ Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+| *`generation`* __integer__ | A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
+| *`creationTimestamp`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#time-v1-meta[$$Time$$]__ | CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. 
+ Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+| *`deletionTimestamp`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#time-v1-meta[$$Time$$]__ | DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. 
+ Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+| *`deletionGracePeriodSeconds`* __integer__ | Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
+| *`labels`* __object (keys:string, values:string)__ | Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels
+| *`annotations`* __object (keys:string, values:string)__ | Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations
+| *`ownerReferences`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#ownerreference-v1-meta[$$OwnerReference$$] array__ | List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller.
+| *`finalizers`* __string array__ | Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. Finalizers may be processed and removed in any order.  Order is NOT enforced because it introduces significant risk of stuck finalizers. finalizers is a shared field, any actor with permission can reorder it. If the finalizer list is processed in order, then this can lead to a situation in which the component responsible for the first finalizer in the list is waiting for a signal (field value, external system, or other) produced by a component responsible for a finalizer later in the list, resulting in a deadlock. Without enforced ordering finalizers are free to order amongst themselves and are not vulnerable to ordering changes in the list.
+| *`clusterName`* __string__ | The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
+| *`managedFields`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#managedfieldsentry-v1-meta[$$ManagedFieldsEntry$$] array__ | ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like "ci-cd". The set of fields is always in the version that the workflow used when modifying the object.
 | *`Spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-identity-whoamirequestspec[$$WhoAmIRequestSpec$$]__ | 
 | *`Status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-identity-whoamirequeststatus[$$WhoAmIRequestStatus$$]__ | 
 |===
diff --git a/generated/1.18/README.adoc b/generated/1.18/README.adoc
index f6ecc0f5..5761797e 100644
--- a/generated/1.18/README.adoc
+++ b/generated/1.18/README.adoc
@@ -614,7 +614,30 @@ WhoAmIRequest submits a request to echo back the current authenticated user.
 [cols="25a,75a", options="header"]
 |===
 | Field | Description
-| *`ObjectMeta`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#objectmeta-v1-meta[$$ObjectMeta$$]__ | 
+| *`name`* __string__ | Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names
+| *`generateName`* __string__ | GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. 
+ If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). 
+ Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency
+| *`namespace`* __string__ | Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. 
+ Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces
+| *`selfLink`* __string__ | SelfLink is a URL representing this object. Populated by the system. Read-only. 
+ DEPRECATED Kubernetes will stop propagating this field in 1.20 release and the field is planned to be removed in 1.21 release.
+| *`uid`* __UID__ | UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. 
+ Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids
+| *`resourceVersion`* __string__ | An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. 
+ Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+| *`generation`* __integer__ | A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
+| *`creationTimestamp`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#time-v1-meta[$$Time$$]__ | CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. 
+ Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+| *`deletionTimestamp`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#time-v1-meta[$$Time$$]__ | DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. 
+ Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+| *`deletionGracePeriodSeconds`* __integer__ | Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
+| *`labels`* __object (keys:string, values:string)__ | Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels
+| *`annotations`* __object (keys:string, values:string)__ | Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations
+| *`ownerReferences`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#ownerreference-v1-meta[$$OwnerReference$$] array__ | List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller.
+| *`finalizers`* __string array__ | Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. Finalizers may be processed and removed in any order.  Order is NOT enforced because it introduces significant risk of stuck finalizers. finalizers is a shared field, any actor with permission can reorder it. If the finalizer list is processed in order, then this can lead to a situation in which the component responsible for the first finalizer in the list is waiting for a signal (field value, external system, or other) produced by a component responsible for a finalizer later in the list, resulting in a deadlock. Without enforced ordering finalizers are free to order amongst themselves and are not vulnerable to ordering changes in the list.
+| *`clusterName`* __string__ | The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
+| *`managedFields`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#managedfieldsentry-v1-meta[$$ManagedFieldsEntry$$] array__ | ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like "ci-cd". The set of fields is always in the version that the workflow used when modifying the object.
 | *`Spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-identity-whoamirequestspec[$$WhoAmIRequestSpec$$]__ | 
 | *`Status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-identity-whoamirequeststatus[$$WhoAmIRequestStatus$$]__ | 
 |===
diff --git a/generated/1.19/README.adoc b/generated/1.19/README.adoc
index 197ed326..0fcfdb1e 100644
--- a/generated/1.19/README.adoc
+++ b/generated/1.19/README.adoc
@@ -614,7 +614,30 @@ WhoAmIRequest submits a request to echo back the current authenticated user.
 [cols="25a,75a", options="header"]
 |===
 | Field | Description
-| *`ObjectMeta`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#objectmeta-v1-meta[$$ObjectMeta$$]__ | 
+| *`name`* __string__ | Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names
+| *`generateName`* __string__ | GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. 
+ If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). 
+ Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency
+| *`namespace`* __string__ | Namespace defines the space within which each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. 
+ Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces
+| *`selfLink`* __string__ | SelfLink is a URL representing this object. Populated by the system. Read-only. 
+ DEPRECATED Kubernetes will stop propagating this field in 1.20 release and the field is planned to be removed in 1.21 release.
+| *`uid`* __UID__ | UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. 
+ Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids
+| *`resourceVersion`* __string__ | An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. 
+ Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+| *`generation`* __integer__ | A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
+| *`creationTimestamp`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#time-v1-meta[$$Time$$]__ | CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. 
+ Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+| *`deletionTimestamp`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#time-v1-meta[$$Time$$]__ | DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. 
+ Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+| *`deletionGracePeriodSeconds`* __integer__ | Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
+| *`labels`* __object (keys:string, values:string)__ | Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels
+| *`annotations`* __object (keys:string, values:string)__ | Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations
+| *`ownerReferences`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#ownerreference-v1-meta[$$OwnerReference$$] array__ | List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller.
+| *`finalizers`* __string array__ | Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. Finalizers may be processed and removed in any order.  Order is NOT enforced because it introduces significant risk of stuck finalizers. finalizers is a shared field, any actor with permission can reorder it. If the finalizer list is processed in order, then this can lead to a situation in which the component responsible for the first finalizer in the list is waiting for a signal (field value, external system, or other) produced by a component responsible for a finalizer later in the list, resulting in a deadlock. Without enforced ordering finalizers are free to order amongst themselves and are not vulnerable to ordering changes in the list.
+| *`clusterName`* __string__ | The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
+| *`managedFields`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#managedfieldsentry-v1-meta[$$ManagedFieldsEntry$$] array__ | ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like "ci-cd". The set of fields is always in the version that the workflow used when modifying the object.
 | *`Spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-identity-whoamirequestspec[$$WhoAmIRequestSpec$$]__ | 
 | *`Status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-identity-whoamirequeststatus[$$WhoAmIRequestStatus$$]__ | 
 |===
diff --git a/generated/1.20/README.adoc b/generated/1.20/README.adoc
index 8ad43876..2371c62a 100644
--- a/generated/1.20/README.adoc
+++ b/generated/1.20/README.adoc
@@ -614,7 +614,30 @@ WhoAmIRequest submits a request to echo back the current authenticated user.
 [cols="25a,75a", options="header"]
 |===
 | Field | Description
-| *`ObjectMeta`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.2/#objectmeta-v1-meta[$$ObjectMeta$$]__ | 
+| *`name`* __string__ | Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names
+| *`generateName`* __string__ | GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. 
+ If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). 
+ Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency
+| *`namespace`* __string__ | Namespace defines the space within which each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. 
+ Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces
+| *`selfLink`* __string__ | SelfLink is a URL representing this object. Populated by the system. Read-only. 
+ DEPRECATED Kubernetes will stop propagating this field in 1.20 release and the field is planned to be removed in 1.21 release.
+| *`uid`* __UID__ | UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. 
+ Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids
+| *`resourceVersion`* __string__ | An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. 
+ Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+| *`generation`* __integer__ | A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
+| *`creationTimestamp`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.2/#time-v1-meta[$$Time$$]__ | CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. 
+ Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+| *`deletionTimestamp`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.2/#time-v1-meta[$$Time$$]__ | DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. 
+ Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+| *`deletionGracePeriodSeconds`* __integer__ | Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
+| *`labels`* __object (keys:string, values:string)__ | Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels
+| *`annotations`* __object (keys:string, values:string)__ | Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations
+| *`ownerReferences`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.2/#ownerreference-v1-meta[$$OwnerReference$$] array__ | List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller.
+| *`finalizers`* __string array__ | Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. Finalizers may be processed and removed in any order.  Order is NOT enforced because it introduces significant risk of stuck finalizers. finalizers is a shared field, any actor with permission can reorder it. If the finalizer list is processed in order, then this can lead to a situation in which the component responsible for the first finalizer in the list is waiting for a signal (field value, external system, or other) produced by a component responsible for a finalizer later in the list, resulting in a deadlock. Without enforced ordering finalizers are free to order amongst themselves and are not vulnerable to ordering changes in the list.
+| *`clusterName`* __string__ | The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
+| *`managedFields`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.2/#managedfieldsentry-v1-meta[$$ManagedFieldsEntry$$] array__ | ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like "ci-cd". The set of fields is always in the version that the workflow used when modifying the object.
 | *`Spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-20-apis-concierge-identity-whoamirequestspec[$$WhoAmIRequestSpec$$]__ | 
 | *`Status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-20-apis-concierge-identity-whoamirequeststatus[$$WhoAmIRequestStatus$$]__ | 
 |===
diff --git a/generated/1.21/README.adoc b/generated/1.21/README.adoc
index 6abd6c4b..24640438 100644
--- a/generated/1.21/README.adoc
+++ b/generated/1.21/README.adoc
@@ -614,7 +614,30 @@ WhoAmIRequest submits a request to echo back the current authenticated user.
 [cols="25a,75a", options="header"]
 |===
 | Field | Description
-| *`ObjectMeta`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#objectmeta-v1-meta[$$ObjectMeta$$]__ | 
+| *`name`* __string__ | Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names
+| *`generateName`* __string__ | GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. 
+ If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). 
+ Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency
+| *`namespace`* __string__ | Namespace defines the space within which each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. 
+ Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces
+| *`selfLink`* __string__ | SelfLink is a URL representing this object. Populated by the system. Read-only. 
+ DEPRECATED Kubernetes will stop propagating this field in 1.20 release and the field is planned to be removed in 1.21 release.
+| *`uid`* __UID__ | UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. 
+ Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids
+| *`resourceVersion`* __string__ | An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. 
+ Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+| *`generation`* __integer__ | A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
+| *`creationTimestamp`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#time-v1-meta[$$Time$$]__ | CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. 
+ Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+| *`deletionTimestamp`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#time-v1-meta[$$Time$$]__ | DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. 
+ Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+| *`deletionGracePeriodSeconds`* __integer__ | Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
+| *`labels`* __object (keys:string, values:string)__ | Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels
+| *`annotations`* __object (keys:string, values:string)__ | Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations
+| *`ownerReferences`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#ownerreference-v1-meta[$$OwnerReference$$] array__ | List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller.
+| *`finalizers`* __string array__ | Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. Finalizers may be processed and removed in any order.  Order is NOT enforced because it introduces significant risk of stuck finalizers. finalizers is a shared field, any actor with permission can reorder it. If the finalizer list is processed in order, then this can lead to a situation in which the component responsible for the first finalizer in the list is waiting for a signal (field value, external system, or other) produced by a component responsible for a finalizer later in the list, resulting in a deadlock. Without enforced ordering finalizers are free to order amongst themselves and are not vulnerable to ordering changes in the list.
+| *`clusterName`* __string__ | The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
+| *`managedFields`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#managedfieldsentry-v1-meta[$$ManagedFieldsEntry$$] array__ | ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like "ci-cd". The set of fields is always in the version that the workflow used when modifying the object.
 | *`Spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-identity-whoamirequestspec[$$WhoAmIRequestSpec$$]__ | 
 | *`Status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-identity-whoamirequeststatus[$$WhoAmIRequestStatus$$]__ | 
 |===
diff --git a/generated/1.22/README.adoc b/generated/1.22/README.adoc
index 46e9a2e5..2833aea7 100644
--- a/generated/1.22/README.adoc
+++ b/generated/1.22/README.adoc
@@ -614,7 +614,30 @@ WhoAmIRequest submits a request to echo back the current authenticated user.
 [cols="25a,75a", options="header"]
 |===
 | Field | Description
-| *`ObjectMeta`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#objectmeta-v1-meta[$$ObjectMeta$$]__ | 
+| *`name`* __string__ | Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names
+| *`generateName`* __string__ | GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. 
+ If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). 
+ Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency
+| *`namespace`* __string__ | Namespace defines the space within which each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. 
+ Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces
+| *`selfLink`* __string__ | SelfLink is a URL representing this object. Populated by the system. Read-only. 
+ DEPRECATED Kubernetes will stop propagating this field in 1.20 release and the field is planned to be removed in 1.21 release.
+| *`uid`* __UID__ | UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. 
+ Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids
+| *`resourceVersion`* __string__ | An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. 
+ Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+| *`generation`* __integer__ | A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
+| *`creationTimestamp`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#time-v1-meta[$$Time$$]__ | CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. 
+ Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+| *`deletionTimestamp`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#time-v1-meta[$$Time$$]__ | DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. 
+ Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+| *`deletionGracePeriodSeconds`* __integer__ | Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
+| *`labels`* __object (keys:string, values:string)__ | Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels
+| *`annotations`* __object (keys:string, values:string)__ | Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations
+| *`ownerReferences`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#ownerreference-v1-meta[$$OwnerReference$$] array__ | List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller.
+| *`finalizers`* __string array__ | Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. Finalizers may be processed and removed in any order.  Order is NOT enforced because it introduces significant risk of stuck finalizers. finalizers is a shared field, any actor with permission can reorder it. If the finalizer list is processed in order, then this can lead to a situation in which the component responsible for the first finalizer in the list is waiting for a signal (field value, external system, or other) produced by a component responsible for a finalizer later in the list, resulting in a deadlock. Without enforced ordering finalizers are free to order amongst themselves and are not vulnerable to ordering changes in the list.
+| *`clusterName`* __string__ | The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
+| *`managedFields`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#managedfieldsentry-v1-meta[$$ManagedFieldsEntry$$] array__ | ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like "ci-cd". The set of fields is always in the version that the workflow used when modifying the object.
 | *`Spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-identity-whoamirequestspec[$$WhoAmIRequestSpec$$]__ | 
 | *`Status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-identity-whoamirequeststatus[$$WhoAmIRequestStatus$$]__ | 
 |===
diff --git a/generated/1.23/README.adoc b/generated/1.23/README.adoc
index 9d67cb25..f0e016c2 100644
--- a/generated/1.23/README.adoc
+++ b/generated/1.23/README.adoc
@@ -614,7 +614,30 @@ WhoAmIRequest submits a request to echo back the current authenticated user.
 [cols="25a,75a", options="header"]
 |===
 | Field | Description
-| *`ObjectMeta`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#objectmeta-v1-meta[$$ObjectMeta$$]__ | 
+| *`name`* __string__ | Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names
+| *`generateName`* __string__ | GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. 
+ If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). 
+ Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency
+| *`namespace`* __string__ | Namespace defines the space within which each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. 
+ Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces
+| *`selfLink`* __string__ | SelfLink is a URL representing this object. Populated by the system. Read-only. 
+ DEPRECATED Kubernetes will stop propagating this field in 1.20 release and the field is planned to be removed in 1.21 release.
+| *`uid`* __UID__ | UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. 
+ Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids
+| *`resourceVersion`* __string__ | An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. 
+ Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+| *`generation`* __integer__ | A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
+| *`creationTimestamp`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#time-v1-meta[$$Time$$]__ | CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. 
+ Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+| *`deletionTimestamp`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#time-v1-meta[$$Time$$]__ | DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. 
+ Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+| *`deletionGracePeriodSeconds`* __integer__ | Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
+| *`labels`* __object (keys:string, values:string)__ | Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels
+| *`annotations`* __object (keys:string, values:string)__ | Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations
+| *`ownerReferences`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#ownerreference-v1-meta[$$OwnerReference$$] array__ | List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller.
+| *`finalizers`* __string array__ | Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. Finalizers may be processed and removed in any order.  Order is NOT enforced because it introduces significant risk of stuck finalizers. finalizers is a shared field, any actor with permission can reorder it. If the finalizer list is processed in order, then this can lead to a situation in which the component responsible for the first finalizer in the list is waiting for a signal (field value, external system, or other) produced by a component responsible for a finalizer later in the list, resulting in a deadlock. Without enforced ordering finalizers are free to order amongst themselves and are not vulnerable to ordering changes in the list.
+| *`clusterName`* __string__ | The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
+| *`managedFields`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#managedfieldsentry-v1-meta[$$ManagedFieldsEntry$$] array__ | ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like "ci-cd". The set of fields is always in the version that the workflow used when modifying the object.
 | *`Spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-identity-whoamirequestspec[$$WhoAmIRequestSpec$$]__ | 
 | *`Status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-identity-whoamirequeststatus[$$WhoAmIRequestStatus$$]__ | 
 |===
diff --git a/generated/1.24/README.adoc b/generated/1.24/README.adoc
index c59924cd..80c05b5f 100644
--- a/generated/1.24/README.adoc
+++ b/generated/1.24/README.adoc
@@ -614,7 +614,30 @@ WhoAmIRequest submits a request to echo back the current authenticated user.
 [cols="25a,75a", options="header"]
 |===
 | Field | Description
-| *`ObjectMeta`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#objectmeta-v1-meta[$$ObjectMeta$$]__ | 
+| *`name`* __string__ | Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names
+| *`generateName`* __string__ | GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. 
+ If this field is specified and the generated name exists, the server will return a 409. 
+ Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency
+| *`namespace`* __string__ | Namespace defines the space within which each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. 
+ Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces
+| *`selfLink`* __string__ | Deprecated: selfLink is a legacy read-only field that is no longer populated by the system.
+| *`uid`* __UID__ | UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. 
+ Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids
+| *`resourceVersion`* __string__ | An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. 
+ Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+| *`generation`* __integer__ | A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
+| *`creationTimestamp`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#time-v1-meta[$$Time$$]__ | CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. 
+ Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+| *`deletionTimestamp`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#time-v1-meta[$$Time$$]__ | DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. 
+ Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+| *`deletionGracePeriodSeconds`* __integer__ | Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
+| *`labels`* __object (keys:string, values:string)__ | Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels
+| *`annotations`* __object (keys:string, values:string)__ | Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations
+| *`ownerReferences`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#ownerreference-v1-meta[$$OwnerReference$$] array__ | List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller.
+| *`finalizers`* __string array__ | Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. Finalizers may be processed and removed in any order.  Order is NOT enforced because it introduces significant risk of stuck finalizers. finalizers is a shared field, any actor with permission can reorder it. If the finalizer list is processed in order, then this can lead to a situation in which the component responsible for the first finalizer in the list is waiting for a signal (field value, external system, or other) produced by a component responsible for a finalizer later in the list, resulting in a deadlock. Without enforced ordering finalizers are free to order amongst themselves and are not vulnerable to ordering changes in the list.
+| *`clusterName`* __string__ | Deprecated: ClusterName is a legacy field that was always cleared by the system and never used; it will be removed completely in 1.25. 
+ The name in the go struct is changed to help clients detect accidental use.
+| *`managedFields`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#managedfieldsentry-v1-meta[$$ManagedFieldsEntry$$] array__ | ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like "ci-cd". The set of fields is always in the version that the workflow used when modifying the object.
 | *`Spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-concierge-identity-whoamirequestspec[$$WhoAmIRequestSpec$$]__ | 
 | *`Status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-concierge-identity-whoamirequeststatus[$$WhoAmIRequestStatus$$]__ | 
 |===