From nobody Tue Jun 1 05:44:11 2021 Return-Path: X-Original-To: txauth@ietfa.amsl.com Delivered-To: txauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6340E3A167B for ; Tue, 1 Jun 2021 05:44:09 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.097 X-Spam-Level: X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Z8DkQuuCu5rs for ; Tue, 1 Jun 2021 05:44:04 -0700 (PDT) Received: from mail-io1-xd2a.google.com (mail-io1-xd2a.google.com [IPv6:2607:f8b0:4864:20::d2a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 67D423A1677 for ; Tue, 1 Jun 2021 05:44:04 -0700 (PDT) Received: by mail-io1-xd2a.google.com with SMTP id o21so15078434iow.13 for ; Tue, 01 Jun 2021 05:44:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=vIioAPypFXqN1gBgstUYQBvv/LpgY4dqBKFK+8M4zs0=; b=fPr/LLxFUheZ1HXDDUQll4DhITm1Uy02jizpLR0fA7/KsaPDWtmpdJECBe3IVArTbP oMacYfeyf8GlXs2yNRevqEfvAkejoLNT2bwmcBvMhLK7ytphpg3E003zfzP6zPX5sMsF L55m6WAu8CTi+UMIj19swb4EOehSd5a4rtmlnN8aeLHIT3jVxyze2z0CWL3E+hzjKrkl 4Ljdw35ol15JQKJF9rO9XhHMco6QTYebFiFA7g5OdXM5NplbPzx1sznMGlGlIVXVDBXr jIouqUSTZ6mT1V1mi4HGM6bfcuBV7WyBAaBrjApZ8zgJO7yxosrCQjtIHcDcP+LgQQVt L2sQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=vIioAPypFXqN1gBgstUYQBvv/LpgY4dqBKFK+8M4zs0=; b=mguE5u1mBHnh1hS7or82ERl+pvxMRJ+DwBJMomm82Q53uNLiK3zmlfmWuwOza++paP Z9F06R553KPWIRrPIIp29jKLSfcQzoyA/1zcX1A7DbuA7fcYkii3ZG2dxSt6tYUkuDtg esn6uZkH8oivanZFrZ9z8B6QOcLFElAvzrwmz5kBoRrRkPi5Iz6OzsGKFn2WRalu8M5W DA1EDHbrKxfqmCCZzPn/g/fs7gyztJ2WYtYX+NXJl5uFgqLG4m8gpypmUCkt+puiLKqp BYfDIifsIZZkHeXCaNFPZz3XFB0Nn9+fngKHrwtpFsdghOI45mup7PRWGzCHcQuw+kZQ N15Q== X-Gm-Message-State: AOAM533NpV0PRmCd20tlO3FslGG1GOINlSYRL0z5WLbMWPceyyTpJpqO llKKxt6om1l/lrIlGkq0m2Tu+qLwIcavOH6pKoc= X-Google-Smtp-Source: ABdhPJyJ1uxTLO01IZQylvRMwdj1H94tCj8pyRcyE2etWvjE8wJ1g2V3MOAvm+sRVn4hlXsz3N+YN32cwl5JpJVHBK0= X-Received: by 2002:a05:6602:164c:: with SMTP id y12mr21169218iow.78.1622551443080; Tue, 01 Jun 2021 05:44:03 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Fabien Imbault Date: Tue, 1 Jun 2021 14:43:52 +0200 Message-ID: To: Kathleen Moriarty Cc: Adrian Gropper , GNAP Mailing List Content-Type: multipart/alternative; boundary="00000000000065bdc105c3b3b2a4" Archived-At: Subject: Re: [GNAP] Defense protection X-BeenThere: txauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: GNAP List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Jun 2021 12:44:10 -0000 --00000000000065bdc105c3b3b2a4 Content-Type: text/plain; charset="UTF-8" Hi Kathleen, Thanks a lot for those insights. We do have in mind some security analysis indeed, and that will become one very important working group topic in the coming : - Security assessment of the protocol https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/135 We rely on the assumption that private keys can be secured, by whatever means is necessary. - Security consideration: warn about the potential for creating phishing links https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/255 Certainly it would be great to gather more feedback and analysis from the group. Fabien On Fri, May 28, 2021 at 9:51 PM Kathleen Moriarty < kathleen.moriarty.ietf@gmail.com> wrote: > Hi Adrian, > > Thanks for your interest! > > This is a helpful link that describes how the attackers were able to > bypass MFA by stealing the signing key for SAML assertions: > > https://www.darkreading.com/attacks-breaches/solarwinds-campaign-focuses-attention-on-golden-saml-attack-vector/d/d-id/1339794 > > https://owasp.org/www-chapter-singapore/assets/presos/Deconstructing_the_Solarwinds_Supply_Chain_Attack_and_Deterring_it_Honing_in_on_the_Golden_SAML_Attack_Technique.pdf > > I did read one that was a bit better, but can't find the link at the > moment. > > And one on shared OAuth credentials/token issuance: > > https://www.csoonline.com/article/3607348/how-to-defend-against-oauth-enabled-cloud-based-attacks.html > > It would be good to think about attack vectors and if not prevention, > minimally detection. > > Best regards, > Kathleen > > On Fri, May 28, 2021 at 3:41 PM Adrian Gropper > wrote: > >> Hi Kathleen, >> >> I am not aware of the attacks on SAML and OAuth and would appreciate a >> link or two. >> >> I hope we can provide guidance on how GNAP can facilitate Zero Trust >> Architecture and believe that includes guidance on how to audit various >> things as systems use GNAP protocols to separate concerns among independent >> actors. >> >> Count me in for a brainstorming sessio, >> >> - Adrian >> >> >> On Fri, May 28, 2021 at 3:29 PM Kathleen Moriarty < >> kathleen.moriarty.ietf@gmail.com> wrote: >> >>> Hello! >>> >>> In light of recent attacks against SAML and OAuth, I'd like to see what >>> defense mechanisms and detection could be built into the spec. One example >>> would be from the recent SAML attack. If there was a detection of >>> instances of authorization without authentication, the SAML attack used in >>> SolarWinds might have been detected sooner. >>> >>> If you think along the lines of fraud detection, where you detect >>> unusual events, there may be some specific to GNAP that could enable early >>> detection of abuse, misuse, or exploits. >>> >>> Are there some planned? Would people like to brainstorm on this? >>> Thanks! >>> >>> >>> -- >>> >>> Best regards, >>> Kathleen >>> -- >>> TXAuth mailing list >>> TXAuth@ietf.org >>> https://www.ietf.org/mailman/listinfo/txauth >>> >> > > -- > > Best regards, > Kathleen > -- > TXAuth mailing list > TXAuth@ietf.org > https://www.ietf.org/mailman/listinfo/txauth > --00000000000065bdc105c3b3b2a4 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hi Kathleen,

Thanks a = lot for those insights.=C2=A0

We do have in mind s= ome security analysis indeed, and that will become one very important worki= ng group topic in the coming :

- Security assessme= nt of the protocol

We rely on the assumption t= hat private keys can be secured, by whatever means is necessary.=C2=A0=C2= =A0

- Security consideration: warn about the p= otential for creating phishing links

Certainly= it would be great to gather more feedback=C2=A0and analysis from the group= .

Fabien

On Fri, May 28, 2021 at 9:51 PM Kath= leen Moriarty <kathl= een.moriarty.ietf@gmail.com> wrote:
Hi Adrian,

T= hanks for your interest!

This is a helpful link th= at describes how the attackers were able to bypass MFA by stealing the sign= ing key for SAML assertions:

I di= d read one that was a bit better, but can't find the link at the moment= .

And one on shared OAuth credentials/token issuan= ce:

It would be good = to think about attack vectors and if not prevention, minimally detection.

Best regards,
Kathleen

On Fri, May 2= 8, 2021 at 3:41 PM Adrian Gropper <agropper@healthurl.com> wrote:
Hi=C2=A0Kath= leen,

I am not aware of = the attacks on SAML and OAuth and would appreciate a link or two.

I hope we can provide guidance on= how GNAP can facilitate Zero Trust Architecture and believe that includes = guidance on how to audit various things as systems use GNAP protocols to se= parate concerns among independent actors.=C2=A0

=
Count me in for a brainstorming=C2=A0sessio,
<= div dir=3D"auto">
- Adrian


On Fri, May 28, 2021 at 3:2= 9 PM Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> wrote:
Hell= o!

In light of recent attacks against SAML and OAuth, I&= #39;d like to see what defense mechanisms and detection could be built into= the spec.=C2=A0 One example would be from the recent SAML attack.=C2=A0 If= there was a detection of instances of authorization without authentication= , the SAML attack used in SolarWinds might have been detected sooner.
=

If you think along the lines of fraud detection, where = you detect unusual events, there may be some specific to GNAP that could en= able early detection of abuse, misuse, or exploits.

Are there some planned?=C2=A0 Would people like to brainstorm on this?
Thanks!

--

Best regards,
Kathleen
--
TXAuth mailing list
TXAuth@ietf.org https://www.ietf.org/mailman/listinfo/txauth


--

Best regards,
Kathleen
--
TXAuth mailing list
TXAuth@ietf.org https://www.ietf.org/mailman/listinfo/txauth
--00000000000065bdc105c3b3b2a4-- From nobody Tue Jun 1 06:51:57 2021 Return-Path: X-Original-To: txauth@ietfa.amsl.com Delivered-To: txauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9C4203A18B3 for ; Tue, 1 Jun 2021 06:51:56 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.896 X-Spam-Level: X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3lkKNHZbXAVV for ; Tue, 1 Jun 2021 06:51:52 -0700 (PDT) Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 24A413A18C3 for ; Tue, 1 Jun 2021 06:51:51 -0700 (PDT) Received: from [192.168.1.49] (static-71-174-62-56.bstnma.fios.verizon.net [71.174.62.56]) (authenticated bits=0) (User authenticated as jricher@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 151DpnFx001963 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 1 Jun 2021 09:51:49 -0400 Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.6\)) From: Justin Richer In-Reply-To: Date: Tue, 1 Jun 2021 09:51:48 -0400 Cc: GNAP Mailing List Content-Transfer-Encoding: quoted-printable Message-Id: References: To: Kathleen Moriarty X-Mailer: Apple Mail (2.3608.120.23.2.6) Archived-At: Subject: Re: [GNAP] Defense protection X-BeenThere: txauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: GNAP List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Jun 2021 13:51:57 -0000 Hi Kathleen, thanks so much for raising this topic! It=E2=80=99s = important that GNAP learn from what=E2=80=99s come before. Some aspects of that are already built into the design, based on what = we=E2=80=99ve learned form years of OIDC and SAML deployments. One of = the things that made the SAML attacks work was that the fake assertions = could be easily injected into SP=E2=80=99s (the relying party = equivalent) with a browser request by the attackers. GNAP already = doesn=E2=80=99t allow injection of results (such as assertions) over the = front channel, so an attacker would need to run an in-the-middle attack = against the AS and return the faulty assertion as well. Properly = configured OIDC (with state and nonce) has some similar protections, but = even then it=E2=80=99s more easily misconfigured. I agree that the detection of unusual events needs to be part of the = protocol. Maybe we should have more language about the direct = information return =E2=80=94 things like assertions and subject = information =E2=80=94 and explicitly tell clients that they shouldn=E2=80=99= t accept that information from unexpected calls of any type? We might = also want to lock down the callback function from extensions so that = people don=E2=80=99t re-invent the implicit flow and all its problems. I don=E2=80=99t know if there=E2=80=99s anything that can be done around = protecting against key theft. The key is the identity of the component = proven through the protocol. Do you have suggestions on how this can be = called out more? The security considerations section is just a = placeholder still, and it seems that would be a good place for it, to = me. =E2=80=94 Justin > On May 28, 2021, at 3:28 PM, Kathleen Moriarty = wrote: >=20 > Hello! >=20 > In light of recent attacks against SAML and OAuth, I'd like to see = what defense mechanisms and detection could be built into the spec. One = example would be from the recent SAML attack. If there was a detection = of instances of authorization without authentication, the SAML attack = used in SolarWinds might have been detected sooner. >=20 > If you think along the lines of fraud detection, where you detect = unusual events, there may be some specific to GNAP that could enable = early detection of abuse, misuse, or exploits. >=20 > Are there some planned? Would people like to brainstorm on this? > Thanks! >=20 > --=20 >=20 > Best regards, > Kathleen > --=20 > TXAuth mailing list > TXAuth@ietf.org > https://www.ietf.org/mailman/listinfo/txauth From nobody Tue Jun 1 07:03:13 2021 Return-Path: X-Original-To: txauth@ietfa.amsl.com Delivered-To: txauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AFB7B3A1962 for ; Tue, 1 Jun 2021 07:03:11 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.097 X-Spam-Level: X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 37zMQQ7IUQZW for ; Tue, 1 Jun 2021 07:03:07 -0700 (PDT) Received: from mail-il1-x132.google.com (mail-il1-x132.google.com [IPv6:2607:f8b0:4864:20::132]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EE4283A1927 for ; Tue, 1 Jun 2021 07:03:01 -0700 (PDT) Received: by mail-il1-x132.google.com with SMTP id c2so12967039ilo.11 for ; Tue, 01 Jun 2021 07:03:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=A+CcI/liwZ3fVyVK+VjhLI/ca82+zKlk5fc1KQR4Sr8=; b=hF95cLE3gdzQdcJ/Dwdk4XeH6uC09VubVq1Wqgueu1L9ESTHSaMKnFB2zJpCG1AGzI /LPtUPPd7PFTjozg+ces0acqg6MFxqDm7mUoutWrkXKR0xEIyuZQB2vvI/Q9i7ioSvos 7twEXyMXVlbwRDf6VAu4O+msuvshWy5d07qaxy+qaN99llxHUhEB5lrltdPt0MfaBB/o 0SC4L36rsnaz9K+wDxC57d8CyugjDlLtMTpnvtVLjuORizFqHR+A2BgpnI183PhFtcqn AhtiALe8VEb+9whnnoyFrC8yGTwOHh6pJguctpynL7EBHZM6UPHAtqzeKE5yQwApJdW8 Zr1Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=A+CcI/liwZ3fVyVK+VjhLI/ca82+zKlk5fc1KQR4Sr8=; b=TCcmByhJ/aueih1C5gwwgQDblcqbWPMFFyYbjvdTfubwule7S7Qf5ryaWUMvx3vrWB Pn/lsSZFJn5MD5BN5ovyGJgyGHK6FT2jpmIKaCbfw+jwfqCgZrolnNhSA/Zy1h/GI8+W g4aSVNKOgKLAk9scW88sF7+qxFn+kx8IyoBidy0VloaP3ShkSj/m4eVT2/WGn85iBilN fYxWoGK19LX7I249cRdoDsa8Qqhns7clhF5jaycXcKhKT/zaUFMm6kwLaWWPTlzzRiE0 cibtX4L8KeQDh/ghAP8RZazjMScPTrybKjEBFFuhqs7vUaYIKv8+P29DfNMF7tTB6Arf IwCg== X-Gm-Message-State: AOAM532Zb3nJVHbwdhXGcpGMFrNNS2v/3CTmgWbMcqEk6MCamebjEL/0 pVFNtj36sCWDscwRpL8tS75J+vb+w9BUsKYPcXw= X-Google-Smtp-Source: ABdhPJzJUHVkK8KWQg/TsORJ/TbgJAChyMOg1u5N1hebeloZbvyyhJD9wWtPgHRdcoJHTs0ihJFZR8Qo6CIGp/w9cus= X-Received: by 2002:a92:d4c2:: with SMTP id o2mr9366732ilm.123.1622556177618; Tue, 01 Jun 2021 07:02:57 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Fabien Imbault Date: Tue, 1 Jun 2021 16:02:46 +0200 Message-ID: To: Justin Richer Cc: Kathleen Moriarty , GNAP Mailing List Content-Type: multipart/alternative; boundary="000000000000985bee05c3b4cccd" Archived-At: Subject: Re: [GNAP] Defense protection X-BeenThere: txauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: GNAP List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Jun 2021 14:03:12 -0000 --000000000000985bee05c3b4cccd Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable The most advanced discussion I've seen on private key protection is from the cryptocurrency world, since it's so sensitive (and there have been many such attacks). In practice, you find hardware (ex: ledger, etc.) and software (ex: threshold cryptography, sandboxes such as WASI or lavamoat, etc.) solutions. Fabien On Tue, Jun 1, 2021 at 3:52 PM Justin Richer wrote: > Hi Kathleen, thanks so much for raising this topic! It=E2=80=99s importan= t that > GNAP learn from what=E2=80=99s come before. > > Some aspects of that are already built into the design, based on what > we=E2=80=99ve learned form years of OIDC and SAML deployments. One of the= things > that made the SAML attacks work was that the fake assertions could be > easily injected into SP=E2=80=99s (the relying party equivalent) with a b= rowser > request by the attackers. GNAP already doesn=E2=80=99t allow injection of= results > (such as assertions) over the front channel, so an attacker would need to > run an in-the-middle attack against the AS and return the faulty assertio= n > as well. Properly configured OIDC (with state and nonce) has some similar > protections, but even then it=E2=80=99s more easily misconfigured. > > I agree that the detection of unusual events needs to be part of the > protocol. Maybe we should have more language about the direct information > return =E2=80=94 things like assertions and subject information =E2=80=94= and explicitly > tell clients that they shouldn=E2=80=99t accept that information from une= xpected > calls of any type? We might also want to lock down the callback function > from extensions so that people don=E2=80=99t re-invent the implicit flow = and all > its problems. > > I don=E2=80=99t know if there=E2=80=99s anything that can be done around = protecting > against key theft. The key is the identity of the component proven throug= h > the protocol. Do you have suggestions on how this can be called out more? > The security considerations section is just a placeholder still, and it > seems that would be a good place for it, to me. > > =E2=80=94 Justin > > > On May 28, 2021, at 3:28 PM, Kathleen Moriarty < > kathleen.moriarty.ietf@gmail.com> wrote: > > > > Hello! > > > > In light of recent attacks against SAML and OAuth, I'd like to see what > defense mechanisms and detection could be built into the spec. One examp= le > would be from the recent SAML attack. If there was a detection of > instances of authorization without authentication, the SAML attack used i= n > SolarWinds might have been detected sooner. > > > > If you think along the lines of fraud detection, where you detect > unusual events, there may be some specific to GNAP that could enable earl= y > detection of abuse, misuse, or exploits. > > > > Are there some planned? Would people like to brainstorm on this? > > Thanks! > > > > -- > > > > Best regards, > > Kathleen > > -- > > TXAuth mailing list > > TXAuth@ietf.org > > https://www.ietf.org/mailman/listinfo/txauth > > -- > TXAuth mailing list > TXAuth@ietf.org > https://www.ietf.org/mailman/listinfo/txauth > --000000000000985bee05c3b4cccd Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
The most advanced discussion I've seen on private key = protection is from the cryptocurrency world, since it's so sensitive (a= nd there have been many such attacks). In practice, you find hardware (ex: = ledger, etc.) and software=C2=A0(ex: threshold cryptography, sandboxes such= as WASI or lavamoat, etc.)=C2=A0solutions.=C2=A0

Fabien=

On Tue, Jun 1, 2021 at 3:52 PM Justin Richer <jricher@mit.edu> wrote:
Hi Kathleen, thanks so much for raising this = topic! It=E2=80=99s important that GNAP learn from what=E2=80=99s come befo= re.

Some aspects of that are already built into the design, based on what we=E2= =80=99ve learned form years of OIDC and SAML deployments. One of the things= that made the SAML attacks work was that the fake assertions could be easi= ly injected into SP=E2=80=99s (the relying party equivalent) with a browser= request by the attackers. GNAP already doesn=E2=80=99t allow injection of = results (such as assertions) over the front channel, so an attacker would n= eed to run an in-the-middle attack against the AS and return the faulty ass= ertion as well. Properly configured OIDC (with state and nonce) has some si= milar protections, but even then it=E2=80=99s more easily misconfigured.
I agree that the detection of unusual events needs to be part of the protoc= ol. Maybe we should have more language about the direct information return = =E2=80=94 things like assertions and subject information =E2=80=94 and expl= icitly tell clients that they shouldn=E2=80=99t accept that information fro= m unexpected calls of any type? We might also want to lock down the callbac= k function from extensions so that people don=E2=80=99t re-invent the impli= cit flow and all its problems.

I don=E2=80=99t know if there=E2=80=99s anything that can be done around pr= otecting against key theft. The key is the identity of the component proven= through the protocol. Do you have suggestions on how this can be called ou= t more? The security considerations section is just a placeholder still, an= d it seems that would be a good place for it, to me.

=C2=A0=E2=80=94 Justin

> On May 28, 2021, at 3:28 PM, Kathleen Moriarty <kathleen.moriarty.ietf@g= mail.com> wrote:
>
> Hello!
>
> In light of recent attacks against SAML and OAuth, I'd like to see= what defense mechanisms and detection could be built into the spec.=C2=A0 = One example would be from the recent SAML attack.=C2=A0 If there was a dete= ction of instances of authorization without authentication, the SAML attack= used in SolarWinds might have been detected sooner.
>
> If you think along the lines of fraud detection, where you detect unus= ual events, there may be some specific to GNAP that could enable early dete= ction of abuse, misuse, or exploits.
>
> Are there some planned?=C2=A0 Would people like to brainstorm on this?=
> Thanks!
>
> --
>
> Best regards,
> Kathleen
> --
> TXAuth mailing list
> TXAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/txauth
--
TXAuth mailing list
TXAuth@ietf.org https://www.ietf.org/mailman/listinfo/txauth
--000000000000985bee05c3b4cccd-- From nobody Tue Jun 1 07:08:00 2021 Return-Path: X-Original-To: txauth@ietfa.amsl.com Delivered-To: txauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 652983A1932 for ; Tue, 1 Jun 2021 07:07:58 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.115 X-Spam-Level: X-Spam-Status: No, score=-1.115 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_NEUTRAL=0.779, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id inNAHiP3CXDN for ; Tue, 1 Jun 2021 07:07:53 -0700 (PDT) Received: from smtp.smtpout.orange.fr (smtp13.smtpout.orange.fr [80.12.242.135]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E350C3A191A for ; Tue, 1 Jun 2021 07:07:52 -0700 (PDT) Received: from [192.168.1.11] ([90.26.94.159]) by mwinf5d56 with ME id Bq7p2500A3SJSnu03q7prb; Tue, 01 Jun 2021 16:07:50 +0200 X-ME-Helo: [192.168.1.11] X-ME-Auth: ZGVuaXMucGlua2FzQG9yYW5nZS5mcg== X-ME-Date: Tue, 01 Jun 2021 16:07:50 +0200 X-ME-IP: 90.26.94.159 To: Justin Richer , Kathleen Moriarty Cc: GNAP Mailing List References: From: Denis Message-ID: <96f15047-29d6-486c-a696-6745ab86580a@free.fr> Date: Tue, 1 Jun 2021 16:07:46 +0200 User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.10.1 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/alternative; boundary="------------78721411DE55F9F31B04C98E" Content-Language: en-GB Archived-At: Subject: Re: [GNAP] Defense protection X-BeenThere: txauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: GNAP List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Jun 2021 14:07:59 -0000 This is a multi-part message in MIME format. --------------78721411DE55F9F31B04C98E Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Hi Kathleen, Thank you for your mail. I do appreciate the following sentence that you wrote: It would be good to think about attack vectors and if not prevention, minimally detection. Unfortunately, at this stage, the current documents still do not describe the trust relationships between the various components of the system. The issue about trust relationships#214 is still open: https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/214 The document does not describe the error codes that should be returned by the various component either. The issue about" The access token verifications to be performed by the RS should be described #30" available at: https://github.com/ietf-wg-gnap/gnap-resource-servers/issues/30 has been recently opened. The issue about  Requesting resources with insufficient access #203 has been closed without the definition of the error codes: https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/203 Since access tokens are, for the time being, considered to be opaque to the clients/end-users and subject to private agreements between ASs and RSs this makes hard or impossible to perform a security analysis under these conditions. Nevertheless, I have indicated to the WG, when two users accept to collide against a RS, the possibility to transmit an access token from an authorized user to an unauthorized user. This may happen even under the "assumption that private keys can be secured, by whatever means". In such a case, prevention is impossible, but detection is possible (as you said "if not prevention, minimally detection"). I have presented the case at he last IETF meeting on March, the 9 th , 2021. The title of the presentation was: GNAP model & trust relationships Privacy considerations & Security considerations These slides are available at: https://datatracker.ietf.org/meeting/110/materials/slides-110-gnap-gnap-model-and-trust-relationships-00 Slide 10 is about : Unlinkability between RS user accounts versus Client collaboration attacks. It indicates:       if an access token only contains one or more capabilities, client collaboration attacks will succeed.       In order to defeat client collaboration attacks, the access token must also contain a type (1), (2) or (3) end-user identifier. Note that is an answer somewhat related to the question just raised by Justin: "I don’t know if there’s anything that can be done around protecting against key theft". Last comment: Security is certainly important, but the user's privacy is equally important. At the current time,Unlinkability #241 https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/241 attempts to address a part of the problem. However, unfortunately, the current trend is to think about the user's privacy once the design will be finished instead of thinking about privacy before the starting the design or even during the design. At the current time, all the properties that would allow an AS to act as *Big Brother* have been defined (and none to stop it). Best regards, Denis > Hi Kathleen, thanks so much for raising this topic! It’s important > that GNAP learn from what’s come before. Some aspects of that are > already built into the design, based on what we’ve learned form years > of OIDC and SAML deployments. One of the things that made the SAML > attacks work was that the fake assertions could be easily injected > into SP’s (the relying party equivalent) with a browser request by the > attackers. GNAP already doesn’t allow injection of results (such as > assertions) over the front channel, so an attacker would need to run > an in-the-middle attack against the AS and return the faulty assertion > as well. Properly configured OIDC (with state and nonce) has some > similar protections, but even then it’s more easily misconfigured. I > agree that the detection of unusual events needs to be part of the > protocol. Maybe we should have more language about the direct > information return — things like assertions and subject information — > and explicitly tell clients that they shouldn’t accept that > information from unexpected calls of any type? We might also want to > lock down the callback function from extensions so that people don’t > re-invent the implicit flow and all its problems. I don’t know if > there’s anything that can be done around protecting against key theft. > The key is the identity of the component proven through the protocol. > Do you have suggestions on how this can be called out more? The > security considerations section is just a placeholder still, and it > seems that would be a good place for it, to me. — Justin >> On May 28, 2021, at 3:28 PM, Kathleen Moriarty >> wrote: Hello! In light of recent >> attacks against SAML and OAuth, I'd like to see what defense >> mechanisms and detection could be built into the spec. One example >> would be from the recent SAML attack. If there was a detection of >> instances of authorization without authentication, the SAML attack >> used in SolarWinds might have been detected sooner. If you think >> along the lines of fraud detection, where you detect unusual events, >> there may be some specific to GNAP that could enable early detection >> of abuse, misuse, or exploits. Are there some planned? Would people >> like to brainstorm on this? Thanks! -- Best regards, Kathleen -- >> TXAuth mailing list TXAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/txauth --------------78721411DE55F9F31B04C98E Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 8bit

Hi Kathleen,
Thank you for your mail. I do appreciate the following sentence that you wrote:

         It would be good to think about attack vectors and if not prevention, minimally detection.
Unfortunately, at this stage, the current documents still do not describe the trust relationships between the various components of the system.
The issue about trust relationships#214 is still open: https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/214
The document does not describe the error codes that should be returned by the various component either.
The issue about" The access token verifications to be performed by the RS should be described #30" available at:
 https://github.com/ietf-wg-gnap/gnap-resource-servers/issues/30 has been recently opened.
The issue about  Requesting resources with insufficient access #203 has been closed without the definition of the error codes:
https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/203
Since access tokens are, for the time being, considered to be opaque to the clients/end-users and subject to private agreements between ASs and RSs
this makes hard or impossible to perform a security analysis under these conditions.

Nevertheless, I have indicated to the WG, when two users accept to collide against a RS, the possibility to transmit an access token from an authorized user
to an unauthorized user. This may happen even under the "assumption that private keys can be secured, by whatever means". In such a case, prevention
is impossible, but detection is possible (as you said "if not prevention, minimally detection").
I have presented the case at he last IETF meeting on March, the 9 th , 2021. The title of the presentation was:
GNAP model & trust relationships Privacy considerations & Security considerations
 These slides are available at: https://datatracker.ietf.org/meeting/110/materials/slides-110-gnap-gnap-model-and-trust-relationships-00
Slide 10 is about : Unlinkability between RS user accounts versus Client collaboration attacks. It indicates:

      if an access token only contains one or more capabilities, client collaboration attacks will succeed. 
      In order to defeat client collaboration attacks, the access token must also contain a type (1), (2) or (3) end-user identifier.

Note that is an answer somewhat related to the question just raised by Justin: "I don’t know if there’s anything that can be done around protecting against key theft".

Last comment: Security is certainly important, but the user's privacy is equally important. At the current time, Unlinkability #241
https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/241 attempts to address a part of the problem.

However, unfortunately, the current trend is to think about the user's privacy once the design will be finished instead of thinking about privacy before
the starting the design or even during the design. At the current time, all the properties that would allow an AS to act as Big Brother have been defined
(and none to stop it).

Best regards,
Denis


Hi Kathleen, thanks so much for raising this topic! It’s important that GNAP learn from what’s come before.

Some aspects of that are already built into the design, based on what we’ve learned form years of OIDC and SAML deployments. One of the things that made the SAML attacks work was that the fake assertions could be easily injected into SP’s (the relying party equivalent) with a browser request by the attackers. GNAP already doesn’t allow injection of results (such as assertions) over the front channel, so an attacker would need to run an in-the-middle attack against the AS and return the faulty assertion as well. Properly configured OIDC (with state and nonce) has some similar protections, but even then it’s more easily misconfigured.

I agree that the detection of unusual events needs to be part of the protocol. Maybe we should have more language about the direct information return — things like assertions and subject information — and explicitly tell clients that they shouldn’t accept that information from unexpected calls of any type? We might also want to lock down the callback function from extensions so that people don’t re-invent the implicit flow and all its problems.

I don’t know if there’s anything that can be done around protecting against key theft. The key is the identity of the component proven through the protocol. Do you have suggestions on how this can be called out more? The security considerations section is just a placeholder still, and it seems that would be a good place for it, to me.

 — Justin


On May 28, 2021, at 3:28 PM, Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> wrote:

Hello!

In light of recent attacks against SAML and OAuth, I'd like to see what defense mechanisms and detection could be built into the spec.  One example would be from the recent SAML attack.  If there was a detection of instances of authorization without authentication, the SAML attack used in SolarWinds might have been detected sooner.

If you think along the lines of fraud detection, where you detect unusual events, there may be some specific to GNAP that could enable early detection of abuse, misuse, or exploits.

Are there some planned?  Would people like to brainstorm on this?
Thanks!

-- 

Best regards,
Kathleen
-- 
TXAuth mailing list
TXAuth@ietf.org
https://www.ietf.org/mailman/listinfo/txauth


--------------78721411DE55F9F31B04C98E-- From nobody Fri Jun 4 07:59:46 2021 Return-Path: X-Original-To: txauth@ietfa.amsl.com Delivered-To: txauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5CCE13A150B for ; Fri, 4 Jun 2021 07:59:45 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.893 X-Spam-Level: X-Spam-Status: No, score=-1.893 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_IMAGE_RATIO_06=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HtkptI629jyO for ; Fri, 4 Jun 2021 07:59:41 -0700 (PDT) Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E1CC93A1512 for ; Fri, 4 Jun 2021 07:59:39 -0700 (PDT) Received: from [192.168.1.49] (static-71-174-62-56.bstnma.fios.verizon.net [71.174.62.56]) (authenticated bits=0) (User authenticated as jricher@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 154Exac6022542 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 4 Jun 2021 10:59:37 -0400 From: Justin Richer Content-Type: multipart/alternative; boundary="Apple-Mail=_1791F8D0-2370-4260-916D-A74228F418F5" Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.6\)) Message-Id: Date: Fri, 4 Jun 2021 10:59:36 -0400 To: GNAP Mailing List X-Mailer: Apple Mail (2.3608.120.23.2.6) Archived-At: Subject: [GNAP] Mix Up Attack against GNAP X-BeenThere: txauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: GNAP List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Jun 2021 14:59:46 -0000 --Apple-Mail=_1791F8D0-2370-4260-916D-A74228F418F5 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 This week, some researchers reached out to the editors to describe an = attack against GNAP in the front channel that=E2=80=99s inherited from = OAuth 2. I will describe the attack, list out its preconditions, and = then describe a proposed solution space. We=E2=80=99re looking for input = and feedback from the group on managing this solution. But first, many thanks to =C3=85ke Axeland and Adam Omar Oueidat for = doing this analysis, putting together the diagram below, and bringing it = to the group=E2=80=99s attention. The attack is largely the same as one of the =E2=80=9CAS Mix Up=E2=80=9D = attack cases in "Comprehensive Security Analysis of OAuth 2.0=E2=80=9D = by Daniel Fett and colleagues. It=E2=80=99s a kind of in-the-middle = and/or phishing attack at its core.=20 The attacker has their own authorization server (AAS) which can also act = as a client instance. An uncompromised client (UC) instance and an = uncompromised authorization server (HAS) are assumed. There is no = compromise of secret keys or breaking of TLS in this attack. 1. UC is a client of AAS, and might also be a client of HAS. User wants = to authorize at HAS but tells UC to use AAS. 2. UC starts a request at AAS, signed with UC=E2=80=99s key. AAS is = imitating HAS. 3. AAS forwards UC=E2=80=99s request parameters (Client nonce, = interaction finish URI) to HAS, but signed with AAS=E2=80=99s key. 4. HAS responds with an interaction start URL and server nonce to AAS 5. AAS forwards the interaction start URL and server nonce to UC 6. (Note) HAS is functionally telling the user to show up and interact, = but doesn=E2=80=99t realize that the request is being proxied in this = way. 7. UC launches interaction start url, which is a function of HAS 8. HAS returns the verification hash and interaction reference to UC 9. UC validates the hash (which is correct) and sends the interaction = reference to AAS 10. AAS forwards the interaction reference to HAS=20 11. AAS receives an access token for calling an RS protected by HAS. The = client receives no access token. The diagram from the researchers is attached here. I=E2=80=99ll be using = the numbers in the text list here like (1) to refer to specific steps. Some preconditions and analysis: Step (1) is made easier if the client has choice over which AS to talk = to for a given request, since that=E2=80=99s how it starts talking to = AAS instead of HAS. The danger of allowing a client to choose its AS at = runtime has been discussed, but it=E2=80=99s a known pattern that we = can=E2=80=99t expect to go away. AAS is treated as a legitimate client of HAS and UC is a legitimate = client of AAS. While dynamic clients can exacerbate this problem at = runtime, at no time does HAS always knows the requests are coming from = AAS and UC always knows it=E2=80=99s talking to AAS. There is no = cryptographic impersonation and no theft of keys.=20 The attack occurs because the user and client think they=E2=80=99re = dealing with different AS=E2=80=99s, and you can=E2=80=99t expect a user = to always be able to tell them apart, especially when the backend calls = like (2) are hidden. It=E2=80=99s assumed that the user actually wants = to authorize UC for HAS, but UC talks to AAS instead because of = configuration (1). AAS can imitate HAS to the user to facilitate (1), = and imitate UC to HAS, but only for human-facing portions (7). Static = pre-registration makes this more difficult, assuming that all = registrations are reviewed by humans. If HAS has no idea that UC exists, = it wouldn=E2=80=99t necessarily know that AAS is impersonating anyone. The token at the end (11), assuming it=E2=80=99s a bound token, is only = good with AAS=E2=80=99s key and not UC=E2=80=99s key. This is great for = the attacker until UC starts to act funny and raise suspicion, since the = process didn=E2=80=99t ever complete. With the OAuth attack, and with = bearer tokens in GNAP, the token can be passed through to the UC making = UC none the wiser.=20 The hash validation (9) does not protect against this specific attack. = Since AAS sits in the middle, it has access to the Client nonce from UC, = the server nonce from AAS, and the interaction reference at the = appropriate times. AAS doesn=E2=80=99t need to generate the hash, but = can force HAS to generate an appropriate hash. The proposed mitigation(s):=20 In OAuth 2, the accepted mitigation is to provide another query = parameter with the =E2=80=9Cissuer=E2=80=9D URL of the AS. We could do = that here, but that would have the same downsides: the client has to = check this value explicitly. Therefore we=E2=80=99re proposing that = instead we use the existing validation hash algorithm and add an = additional field. This would need to be something known to UC and HAS = that can=E2=80=99t be impersonated by AAS, even if it=E2=80=99s known. = Therefore, it makes sense to use something that=E2=80=99s derived. There = are a few ideas of what to do here, each with benefits and drawbacks: - The grant endpoint of the AS that the client instance is talking to. - The continuation endpoint that the client instance will send the = interaction reference to. (This might be different from the above) - The continuation access token value - A key hash for the AS the client is talking to (TLS key to one of = these endpoints? Some other external key added to the mix?) The important thing here is that it=E2=80=99s a value that=E2=80=99s = known but not a shared-secret that=E2=80=99s passed between parties. The = client doesn=E2=80=99t need to check anything new, just needs to do the = hash validation that it should be doing anyway. Requested feedback: The editors are requesting feedback and discussion on the attack and the = proposed mitigation strategy. As a group, we would also benefit from = additional formal analysis of the protocol with and without the = mitigation in place. Additionally, we need to be sure we aren=E2=80=99t = accidentally cutting off a legitimate use case, like AS bridges and = proxies that aren=E2=80=99t trying to hide their presence. =E2=80=94 Justin= --Apple-Mail=_1791F8D0-2370-4260-916D-A74228F418F5 Content-Type: multipart/related; type="text/html"; boundary="Apple-Mail=_45733240-0609-4524-9226-CE9EDA012EB1" --Apple-Mail=_45733240-0609-4524-9226-CE9EDA012EB1 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8 This = week, some researchers reached out to the editors to describe an attack = against GNAP in the front channel that=E2=80=99s inherited from OAuth 2. = I will describe the attack, list out its preconditions, and then = describe a proposed solution space. We=E2=80=99re looking for input and = feedback from the group on managing this solution.

But first, many thanks to =C3=85ke = Axeland and Adam Omar Oueidat for doing this analysis, putting together = the diagram below, and bringing it to the group=E2=80=99s attention.

The attack is largely the same as = one of the =E2=80=9CAS Mix Up=E2=80=9D attack cases in "Comprehensive = Security Analysis of OAuth 2.0=E2=80=9D by Daniel Fett and = colleagues. It=E2=80=99s a kind of in-the-middle and/or phishing attack = at its core. 

The attacker has their own authorization server (AAS) which = can also act as a client instance. An uncompromised client (UC) instance = and an uncompromised authorization server (HAS) are assumed. There is no = compromise of secret keys or breaking of TLS in this attack.

1. UC is a client of = AAS, and might also be a client of HAS. User wants to authorize at HAS = but tells UC to use AAS.
2. UC starts a request at = AAS, signed with UC=E2=80=99s key. AAS is imitating HAS.
3. AAS forwards UC=E2=80=99s request parameters (Client = nonce, interaction finish URI) to HAS, but signed with AAS=E2=80=99s = key.
4. HAS responds with an interaction start URL = and server nonce to AAS
5. AAS forwards the = interaction start URL and server nonce to UC
6. = (Note) HAS is functionally telling the user to show up and interact, but = doesn=E2=80=99t realize that the request is being proxied in this = way.
7. UC launches interaction start url, which is = a function of HAS
8. HAS returns the verification = hash and interaction reference to UC
9. UC = validates the hash (which is correct) and sends the interaction = reference to AAS
10. AAS forwards the interaction = reference to HAS 
11. AAS receives an access = token for calling an RS protected by HAS. The client receives no access = token.

The = diagram from the researchers is attached here. I=E2=80=99ll be using the = numbers in the text list here like (1) to refer to specific = steps.

Some preconditions and analysis:

Step (1) is made easier = if the client has choice over which AS to talk to for a given request, = since that=E2=80=99s how it starts talking to AAS instead of HAS. The = danger of allowing a client to choose its AS at runtime has been = discussed, but it=E2=80=99s a known pattern that we can=E2=80=99t expect = to go away.

AAS = is treated as a legitimate client of HAS and UC is a legitimate client = of AAS. While dynamic clients can exacerbate this problem at runtime, at = no time does HAS always knows the requests are coming from AAS and UC = always knows it=E2=80=99s talking to AAS. There is no cryptographic = impersonation and no theft of keys. 

The attack occurs because the user and = client think they=E2=80=99re dealing with different AS=E2=80=99s, and = you can=E2=80=99t expect a user to always be able to tell them apart, = especially when the backend calls like (2) are hidden. It=E2=80=99s = assumed that the user actually wants to authorize UC for HAS, but UC = talks to AAS instead because of configuration (1). AAS can imitate HAS = to the user to facilitate (1), and imitate UC to HAS, but only for = human-facing portions (7). Static pre-registration makes this more = difficult, assuming that all registrations are reviewed by humans. If = HAS has no idea that UC exists, it wouldn=E2=80=99t necessarily know = that AAS is impersonating anyone.

The token at the end (11), assuming = it=E2=80=99s a bound token, is only good with AAS=E2=80=99s key and not = UC=E2=80=99s key. This is great for the attacker until UC starts to act = funny and raise suspicion, since the process didn=E2=80=99t ever = complete. With the OAuth attack, and with bearer tokens in GNAP, the = token can be passed through to the UC making UC none the = wiser. 

The= hash validation (9) does not protect against this specific attack. = Since AAS sits in the middle, it has access to the Client nonce from UC, = the server nonce from AAS, and the interaction reference at the = appropriate times. AAS doesn=E2=80=99t need to generate the hash, but = can force HAS to generate an appropriate hash.

The proposed = mitigation(s): 

In OAuth 2, the accepted mitigation is to provide another = query parameter with the =E2=80=9Cissuer=E2=80=9D URL of the AS. We = could do that here, but that would have the same downsides: the client = has to check this value explicitly. Therefore we=E2=80=99re proposing = that instead we use the existing validation hash algorithm and add an = additional field. This would need to be something known to UC and HAS = that can=E2=80=99t be impersonated by AAS, even if it=E2=80=99s known. = Therefore, it makes sense to use something that=E2=80=99s derived. There = are a few ideas of what to do here, each with benefits and = drawbacks:

- = The grant endpoint of the AS that the client instance is talking = to.
- The continuation endpoint that the client = instance will send the interaction reference to. (This might be = different from the above)
- The continuation access = token value
- A key hash for the AS the client is = talking to (TLS key to one of these endpoints? Some other external key = added to the mix?)

The important thing here is that it=E2=80=99s a value = that=E2=80=99s known but not a shared-secret that=E2=80=99s passed = between parties. The client doesn=E2=80=99t need to check anything new, = just needs to do the hash validation that it should be doing = anyway.

Requested feedback:

The editors are requesting feedback = and discussion on the attack and the proposed mitigation strategy. As a = group, we would also benefit from additional formal analysis of the = protocol with and without the mitigation in place. Additionally, we need = to be sure we aren=E2=80=99t accidentally cutting off a legitimate use = case, like AS bridges and proxies that aren=E2=80=99t trying to hide = their presence.

 =E2=80=94 Justin
= --Apple-Mail=_45733240-0609-4524-9226-CE9EDA012EB1 Content-Transfer-Encoding: base64 Content-Disposition: inline; filename=PastedGraphic-2.png Content-Type: image/png; x-unix-mode=0666; name="PastedGraphic-2.png" Content-Id: <99A89F22-9720-4EFA-B072-DF6CD1A6C8C3> iVBORw0KGgoAAAANSUhEUgAACOgAAAZKCAYAAABobsziAAAMZGlDQ1BJQ0MgUHJvZmlsZQAASImV lwdYU8kWgOeWVBJaIAJSQm+idAJICaFFEJAqiEpIAgklxoSgYkeXVXDtIooVXRVRdHUFZC2IuNZF sbuWxYLKyrq4ig2VNymg677yvbnf3Plz5syZc05m7r0DgF4nXyYrQPUBKJQWyROjwljj0zNYpC5A gBcZXg58gULGSUiIBbAMtn8vr68DRNVecVPZ+mf/fy2GQpFCAACSCTlbqBAUQm4BAC8VyORFABDD odx2WpFMxWLIRnLoIORZKs7V8HIVZ2t4u1onOZELuQkAMo3Pl+cCoNsG5axiQS60o/sIsrtUKJEC oGcEOVgg5gshJ0MeUVg4RcXzIDtBfRnkXZDZ2V/YzP2b/ewh+3x+7hBr4lIXcrhEISvgz/g/U/O/ S2GBcnAOB1hpYnl0oip+mMOb+VNiVEyD3CPNjotX5RryW4lQk3cAUKpYGZ2i0UfNBQouzB9gQnYX 8sNjIJtDjpQWxMVq5dk5kkgeZLha0OmSIl6yduwikSIiSWtzg3xKYvwg58i5HO3Yer5cPa9Kv02Z n8LR2r8pFvEG7b8qESenQaYCgFGLJalxkHUhGynyk2I0OphNiZgbN6gjVyaq/LeDzBZJo8I09rHM HHlkolZfVqgYjBcrE0t4cVquKhInR2vyg+0W8NX+m0BuEEk5KYN2RIrxsYOxCEXhEZrYsXaRNEUb L3ZPVhSWqB3bKytI0OrjZFFBlEpuA9lMUZykHYuPLoKLU2Mfj5UVJSRr/MSz8vhjEjT+4MUgFnBB OGABJazZYArIA5L2nsYe+EvTEwn4QA5ygQi4aSWDI9LUPVJ4TwIl4A9IIqAYGhem7hWBYij/OCTV 3N1Ajrq3WD0iHzyGXAhiQAH8rVSPkg7NlgoeQYnkH7MLoK8FsKr6/injQEmsVqIctMvSG9QkRhDD idHESKIzboYH44F4LLyHwuqJs3H/QW8/6xMeEzoIDwjXCJ2EW5MlpfKvfBkLOqH9SG3E2V9GjDtA mz54GB4ErUPLOBM3A264N5yHg4fAmX2glKv1WxU769/EORTBFznX6lHcKShlGCWU4vT1SF0XXZ8h K6qMfpkfja/ZQ1nlDvV8PT/3izwLYRvztSa2CDuIncZOYGexI1gjYGHHsSbsAnZUxUNr6JF6DQ3O lqj2Jx/akfxjPr52TlUmFe517t3uH7R9oEg0vUi1wbhTZDPkklxxEYsD3wIiFk8qGDmC5enu6QGA 6p2ieUy9ZKrfFQjz3GfZgkMABB0bGBj46bMsBj7TDzrCbX7ps8xxBXwWDwfgzFaBUl6skeGqGwE+ DfTgjjIFlsAWOMGIPIEvCAShIAKMAfEgGaSDSTDPYrie5WAamAXmgzJQAZaDNWA92Ay2gV1gLzgA GsERcAL8DM6DS+AauA3XTxd4BnrBa9CPIAgJoSMMxBSxQuwRV8QTYSPBSAQSiyQi6UgWkotIESUy C1mAVCArkfXIVqQW+QE5jJxAziIdyC3kPtKN/IW8RzGUhhqhFqgDOgploxw0Bk1GJ6K56FS0BF2I LkWr0Bp0D9qAnkDPo9fQTvQZ2ocBTAdjYtaYG8bGuFg8loHlYHJsDlaOVWI1WD3WDP/pK1gn1oO9 w4k4A2fhbnANR+MpuACfis/Bl+Dr8V14A96GX8Hv4734JwKdYE5wJQQQeITxhFzCNEIZoZKwg3CI cArupi7CayKRyCQ6Ev3gbkwn5hFnEpcQNxL3EVuIHcSHxD4SiWRKciUFkeJJfFIRqYy0jrSHdJx0 mdRFekvWIVuRPcmR5AyylFxKriTvJh8jXyY/IfdT9Cn2lABKPEVImUFZRtlOaaZcpHRR+qkGVEdq EDWZmkedT62i1lNPUe9QX+ro6Njo+OuM05HozNOp0tmvc0bnvs47miHNhcalZdKUtKW0nbQW2i3a Szqd7kAPpWfQi+hL6bX0k/R79Le6DN2Rujxdoe5c3WrdBt3Lus/1KHr2ehy9SXolepV6B/Uu6vXo U/Qd9Ln6fP05+tX6h/Vv6PcZMAw8DOINCg2WGOw2OGvw1JBk6GAYYSg0XGi4zfCk4UMGxrBlcBkC xgLGdsYpRpcR0cjRiGeUZ1RhtNeo3ajX2NDY2zjVeLpxtfFR404mxnRg8pgFzGXMA8zrzPfDLIZx homGLR5WP+zysDcmw01CTUQm5Sb7TK6ZvDdlmUaY5puuMG00vWuGm7mYjTObZrbJ7JRZz3Cj4YHD BcPLhx8Y/qs5au5inmg+03yb+QXzPgtLiygLmcU6i5MWPZZMy1DLPMvVlscsu60YVsFWEqvVVset fmcZszisAlYVq43Va21uHW2ttN5q3W7db+Nok2JTarPP5q4t1ZZtm2O72rbVttfOym6s3Sy7Ortf 7Sn2bHux/Vr70/ZvHBwd0hy+dWh0eOpo4shzLHGsc7zjRHcKcZrqVON01ZnozHbOd97ofMkFdfFx EbtUu1x0RV19XSWuG107RhBG+I+QjqgZccON5sZxK3arc7s/kjkydmTpyMaRz0fZjcoYtWLU6VGf 3H3cC9y3u9/2MPQY41Hq0ezxl6eLp8Cz2vOqF90r0muuV5PXC29Xb5H3Ju+bPgyfsT7f+rT6fPT1 85X71vt2+9n5Zflt8LvBNmInsJewz/gT/MP85/of8X8X4BtQFHAg4M9At8D8wN2BT0c7jhaN3j76 YZBNED9oa1BnMCs4K3hLcGeIdQg/pCbkQahtqDB0R+gTjjMnj7OH8zzMPUwedijsDTeAO5vbEo6F R4WXh7dHGEakRKyPuBdpE5kbWRfZG+UTNTOqJZoQHRO9IvoGz4In4NXyesf4jZk9pi2GFpMUsz7m QaxLrDy2eSw6dszYVWPvxNnHSeMa40E8L35V/N0Ex4SpCT+NI45LGFc97nGiR+KsxNNJjKTJSbuT XieHJS9Lvp3ilKJMaU3VS81MrU19kxaetjKtc/yo8bPHn083S5ekN2WQMlIzdmT0TYiYsGZCV6ZP Zlnm9YmOE6dPPDvJbFLBpKOT9SbzJx/MImSlZe3O+sCP59fw+7J52RuyewVcwVrBM2GocLWwWxQk Wil6khOUszLnaW5Q7qrcbnGIuFLcI+FK1kte5EXnbc57kx+fvzN/oCCtYF8huTCr8LDUUJovbZti OWX6lA6Zq6xM1jk1YOqaqb3yGPkOBaKYqGgqMoIf7xeUTspvlPeLg4uri99OS512cLrBdOn0CzNc Ziye8aQksuT7mfhMwczWWdaz5s+6P5sze+scZE72nNa5tnMXzu2aFzVv13zq/Pz5v5S6l64sfbUg bUHzQouF8xY+/Cbqm7oy3TJ52Y1vA7/dvAhfJFnUvthr8brFn8qF5ecq3CsqKz4sESw5953Hd1Xf DSzNWdq+zHfZpuXE5dLl11eErNi10mBlycqHq8aualjNWl2++tWayWvOVnpXbl5LXatc21kVW9W0 zm7d8nUf1ovXX6sOq963wXzD4g1vNgo3Xt4Uuql+s8Xmis3vt0i23NwatbWhxqGmchtxW/G2x9tT t5/+nv197Q6zHRU7Pu6U7uzclbirrdavtna3+e5ldWidsq57T+aeS3vD9zbVu9Vv3cfcV7Ef7Ffu //2HrB+uH4g50HqQfbD+R/sfNxxiHCpvQBpmNPQ2ihs7m9KbOg6POdzaHNh86KeRP+08Yn2k+qjx 0WXHqMcWHhs4XnK8r0XW0nMi98TD1smtt0+OP3m1bVxb+6mYU2d+jvz55GnO6eNngs4cORtw9vA5 9rnG877nGy74XDj0i88vh9p92xsu+l1suuR/qbljdMexyyGXT1wJv/LzVd7V89firnVcT7l+80bm jc6bwptPbxXcevFr8a/9t+fdIdwpv6t/t/Ke+b2a35x/29fp23n0fvj9Cw+SHtx+KHj47JHi0Yeu hY/pjyufWD2pfer59Eh3ZPel3yf83vVM9qy/p+wPgz82PHd6/uOfoX9e6B3f2/VC/mLgryUvTV/u fOX9qrUvoe/e68LX/W/K35q+3fWO/e70+7T3T/qnfSB9qPro/LH5U8ynOwOFAwMyvpyv/hTAYEVz cgD4aycA9HQAGJfg98MEzZlPXRDNOVVN4D+x5lyoLr4A1MNG9bnObQFgP6wOoeojCVB9qieHAtTL a6hqiyLHy1NjiwZPPIS3AwMvLQAgNQPwUT4w0L9xYOAjPKNitwBomao5a6oKEZ4NtgSr6JqJcB74 qmjOoV/E+HULVB54g6/bfwFolIgx6tQBywAAAIplWElmTU0AKgAAAAgABAEaAAUAAAABAAAAPgEb AAUAAAABAAAARgEoAAMAAAABAAIAAIdpAAQAAAABAAAATgAAAAAAAACQAAAAAQAAAJAAAAABAAOS hgAHAAAAEgAAAHigAgAEAAAAAQAACOigAwAEAAAAAQAABkoAAAAAQVNDSUkAAABTY3JlZW5zaG90 Vn6kVgAAAAlwSFlzAAAWJQAAFiUBSVIk8AAAAdhpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADx4 OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IlhNUCBDb3JlIDUuNC4w Ij4KICAgPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJk Zi1zeW50YXgtbnMjIj4KICAgICAgPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIKICAgICAg ICAgICAgeG1sbnM6ZXhpZj0iaHR0cDovL25zLmFkb2JlLmNvbS9leGlmLzEuMC8iPgogICAgICAg ICA8ZXhpZjpQaXhlbFhEaW1lbnNpb24+MjI4MDwvZXhpZjpQaXhlbFhEaW1lbnNpb24+CiAgICAg ICAgIDxleGlmOlVzZXJDb21tZW50PlNjcmVlbnNob3Q8L2V4aWY6VXNlckNvbW1lbnQ+CiAgICAg ICAgIDxleGlmOlBpeGVsWURpbWVuc2lvbj4xNjEwPC9leGlmOlBpeGVsWURpbWVuc2lvbj4KICAg ICAgPC9yZGY6RGVzY3JpcHRpb24+CiAgIDwvcmRmOlJERj4KPC94OnhtcG1ldGE+CppINqIAAAAc aURPVAAAAAIAAAAAAAADJQAAACgAAAMlAAADJQACj1R0+98zAABAAElEQVR4AezdCfxV097H8VUq UTIU6pYoRDJlKFTkGjIk83S5XKFMyTxmKq4pJPNQZiKXokhUF5VZJJKZcOMmlKnCftZ3P8/az977 TPuc/9mn//BZr1f37HHttd97OMddv/9v1fNsMRQEEEAAAQQQQAABBBBAAAEEEEAAAQQQQAABBBBA AAEEEEAAAQQQQAABBBBIRaAeATqpuFIpAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggg gAACCCCAAAK+AAE63AgIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCKQo QIBOirhUjQACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAATrcAwgggAAC CCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIpChAgE6KuFSNAAIIIIAAAggggAAC CCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAABOtwDCCCAAAIIIIAAAggggAACCCCAAAIIIIAA AggggAACCCCAAAIIIIAAAgikKECAToq4VI0AAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAA AggggAACCCCAAAE63AMIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCKQo QIBOirhUjQACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAATrcAwgggAAC CCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIpChAgE6KuFSNAAIIIIAAAggggAAC CCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAABOtwDCCCAAAIIIIAAAggggAACCCCAAAIIIIAA AggggAACCCCAAAIIIIAAAgikKECAToq4VI0AAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAA AggggAACCCCAAAE63AMIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCKQo QIBOirhUjQACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAATrcAwgggAAC CCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIpChAgE6KuFSNAAIIIIAAAggggAAC CCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAABOtwDCCCAAAIIIIAAAggggAACCCCAAAIIIIAA AggggAACCCCAAAIIIIAAAgikKECAToq4VI0AAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAA AggggAACCCCAAAE63AMIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCKQo QIBOirhUjQACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAATrcAwgggAAC CCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIpChAgE6KuFSNAAIIIIAAAggggAAC CCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAABOtwDCCCAAAIIIIAAAggggAACCCCAAAIIIIAA AggggAACCCCAAAIIIIAAAgikKECAToq4VI0AAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAA AggggAACCCCAAAE63AMIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCKQo QIBOirhUjQACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAATrcAwgggAAC CCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIpChAgE6KuFSNAAIIIIAAAggggAAC CCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAABOtwDCCCAAAIIIIAAAggggAACCCCAAAIIIIAA AggggAACCCCAAAIIIIAAAgikKECAToq4VI0AAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAA AggggAACCCCAAAE63AMIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCKQo QIBOirhUjQACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAATrcAwgggAAC CCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIpChAgE6KuFSNAAIIIIAAAggggAAC CCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAABOtwDCCCAAAIIIIAAAggggAACCCCAAAIIIIAA AggggAACCCCAAAIIIIAAAgikKECAToq4VI0AAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAA AggggAACCCCAAAE63AMIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCKQo QIBOirhUjQACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAATrcAwgggAAC CCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIpChAgE6KuFSNAAIIIIAAAggggAAC CCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAABOtwDCCCAAAIIIIAAAggggAACCCCAAAIIIIAA AggggAACCCCAAAIIIIAAAgikKECAToq4VI0AAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAA AggggAACCCCAAAE63AMIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCKQo QIBOirhUjQACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAATrcAwgggAAC CCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIpChAgE6KuFSNAAIIIIAAAggggAAC CCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAABOtwDCCCAAAIIIIAAAggggAACCCCAAAIIIIAA AggggAACCCCAAAIIIIAAAgikKECAToq4VI0AAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAA AggggAACCCCAAAE63AMIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCKQo QIBOirhUjQACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAATrcAwgggAAC CCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIpChAgE6KuFSNAAIIIIAAAggggAAC CCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAABOtwDCCCAAAIIIIAAAggggAACCCCAAAIIIIAA AggggAACCCCAAAIIIIAAAgikKECAToq4VI0AAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAA AggggAACCCCAAAE63AMIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCKQo QIBOirhUjQACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAATrcAwgggAAC CCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIpChAgE6KuFSNAAIIIIAAAggggAAC CCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAABOtwDCCCAAAIIIIAAAggggAACCCCAAAIIIIAA AggggAACCCCAAAIIIIAAAgikKECAToq4VI0AAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAA AggggAACCCCAAAE63AMIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCKQo QIBOirhUjQACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAATrcAwgggAAC CCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIpChAgE6KuFSNAAIIIIAAAggggAAC CCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAABOtwDCCCAAAIIIIAAAggggAACCCCAAAIIIIAA AggggAACCCCAAAIIIIAAAgikKECAToq4VI0AAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAA AggggAACCCCAAAE63AMIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCKQo QIBOirhUjQACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAATrcAwgggAAC CCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIpChAgE6KuFSNAAIIIIAAAggggAAC CCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAABOtwDCCCAAAIIIIAAAggggAACCCCAAAIIIIAA AggggAACCCCAAAIIIIAAAgikKECAToq4VI0AAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAA AggggAACCCCAAAE63AMIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCKQo QIBOirhUjQACCCCAAAIIIIBAXRd47rnnzLPPPmt69+5tevTosUw4fv31V/Pnn3+aJk2aFDz+b7/9 Zho2bGiWW265gtuyAQIIIIAAAgggkEvgl19+MfXr1zeNGzfOtUnG8qVLlxrP80yjRo0y1tWVBdXh t2NdseY8EUAAAQQQQAABBBBAoPICBOhU3pwjIoAAAggggAACCCBQJwS+++4707ZtW6MOqlVWWcXM nTvXNG3aNPVzf/fdd839999vJkyYYD755BOzcOFC/5jq7GrTpo0fKLTbbruZAw44wDRo0CBoz9tv v2222WYbs/fee5tRo0YFy5lAAAEEaqOAAhLnz59v9K6O/1uwYIHp27ev6dSpU208dc4JgbIKKKDm 1VdfNU888YR56aWXzNdff23+85//BL8/WrRo4f8e0vN0yCGHmF133TXy+8M1Rs9h586dzQorrGDm zJnjFmd86niLFy/OWB5eoMCgUoN8VPfyyy8fri7ndDHb5qwktCLt345675WjVMW3HMenDgQQQAAB BBBAAAEEEKi5AgTo1NxrR8sRQAABBBBAAAEEEKjWAsOHDzcDBw4M2jhy5Ehz1FFHBfPlnlCny+DB g83VV19tfv/994LVt2/f3t/+sMMO8zPsdO3a1bz++ut+kI462ChRgalTp5pp06aZVq1amT333NM0 b948ugFzCCBQowT0ftZ7Old58skn/exnudazvPwCvGfLb5pmjQpwu+KKK8wDDzxg5s2bl/hQa6yx hjnvvPPMSSedFMnYd+CBB5pHH33UD47JF0jy2WefmXbt2hU8XocOHczkyZNN69atC27rNli0aJFp 1qyZn/lHgUIrrriiH0ykgBQVZSTUbywFX7sMhXIo12+CNH87KpiomGxGziTXp4LOV199daPfkz17 9jS77LKL0W9JCgIIIIAAAggggAACCCCQT4AAnXw6rEMAAQQQQAABBBBAAIGSBfRX4G+99Vawv4a4 euGFF4L5ck68/PLL5sgjjzQffPCBX606YE488UTTrVs3s9lmm5nVVlvNfPHFF+ajjz4yDz74oBk7 dmwQxKMOMnWunHbaaf6+yqJDgE706gwZMsRceOGFwUJlRFJHMtk1AhImEKhxApdddpkZNGhQznYT oJOTJpUVvGdTYU2l0p9++slce+21ZujQoUYBLeGyzjrrmF69epnu3bub9dZbzw/AmT17tlGWPv0m ev75580ff/zh77LFFluYe++91/8uVea/v//97/5yZa/JF6Dz3//+1+g4CpIpVHbYYQc/SMcF2BTa XsdVgI6G2kpayhmgk+ZvRwUWtWzZ0s8YlvTcit1OQTrXXXcdv4+KhWN7BBBAAAEEEEAAAQTqkAAB OnXoYnOqCCCAAAIIIIAAAghUSkCdUOpkiRcFyKy77rrxxVWa11ASm266adDhor9ivv32283666+f s96vvvrKH75l4sSJGdsQoBMlUQfgyiuvHAQ0ubWHHnqoH+zk5vlEAIGaJaDOagUNKPPHLbfcYsaP Hx85AQJ0IhypzvCeTZW3rJW/9957/lCY+j0TLgqEOeOMM8wee+zhZ58JrwtPz5gxwxx//PHmlVde 8Rcr4PWmm27yg4p/+OEHf1mhAB1tpOf2xx9/NEuWLDEK2HnkkUfMbbfd5u8f/59LL73UnH/++fHF Oefff/99o99JGrZr2LBh5ttvv41sqyG7TjnlFD9bjKY32WSTSCagyMZFzFTit6OCiWSnwCoNg6rz U/bEeLnhhhv8IG9lEKpXr16wWlmDVIeeWQ3d+swzz5hnn33WzybkNlpuueVM//79zSWXXGLkQ0EA AQQQQAABBBBAAAEEwgIE6IQ1mEYAAQQQQAABBBBAAIGyCKjj5vrrr8+oS9kalCWgXMXzPP8v1dU5 orL11lub6dOn+8MxFDqGhmlQ1px4OwnQicqpo65jx47RhXZuxx139P8qP2MFCxBIWUDvEQWWKPuV MlVUtZS7vqq2Z1ns//PPP/tDtajz2RUCdJxE+p+8Z6PG1fWZfPzxx80RRxxhlEHHFQ1zdM0115h+ /fq5RQU/9dvljjvuMOecc475/vvvM7ZPEqAT3+nNN980W265ZXyxP9+gQQPz4osv+kN4Zt0gz8IF CxaYvfbay/9tpc30O+upp55KJfCkUr8dw6er75LNN988vMistdZaftbFyMI8M7qGZ511lhkxYoTR tXVFw18pyEnZjigIIIAAAggggAACCCCAgBMgQMdJ8IkAAggggAACCCCAAAJlEdBfc7du3dr/C+N4 hW3btjWffvpp3r8uj++Tb3748OFm4MCB/iZNmjQx+sv0fJlz4nWpI6V3795+Z5NbR4COk/jfT13P VVddNWMoDbnrL88pCFRaQAFjCmhQpqxjjz22yocvd31VbtAyqkCdyJ9//nlwdAJ0AorUJ3jPRomr 4zOpIagUnBMOwGjVqpU/ZFUxvzvCZzpr1iyjzDsKggmXUgJ0Zs6c6Q/pqXr0e0hBd+GioTyVoWal lVYKL040PWHCBLP77rv722qI0D59+iTar5iNKvnbMdyub775xh/2Krxsgw028L9jwsuSTF955ZV+ 0FV4WwX/KHB8hRVWCC9mGgEEEEAAAQQQQAABBOqwAAE6dfjic+oIIIAAAggggAACCKQh8Nhjj5n9 998/Z9UaVmqXXXbJub6YFRouS0MUqBx88MFm1KhRxezub6vOmbXXXtssXrzYnydAJ5Mw3umkDj79 VfiGG26YuTFLEEhZQEOOKNNLuQJ0yl1fyqefWvV6nufMmRPUT4BOQFGRCd6z/89c3Z7JqVOnmp13 3jn4naCWrrbaan5wzsYbb/z/DS9h6qWXXjLbb799ZBjJqgbojB492hx00EGRYCI17fDDDzf33Xdf 0a387LPPTLt27fz99I7o0KFD0XUU2qGSvx3DbdHwYGussUZ4kSk1QEeVbLXVVuaNN96I1HfYYYcZ BXhREEAAAQQQQAABBBBAAAEJEKDDfYAAAggggAACCCCAAAJlFdBQCOPGjfOHWmjWrJmZMmVKpP5D Dz3UPPjgg5Flpcy8++67JtwxpiEmNGRVKUV/Fe86rQjQyS6o7ETPPPOM/5f5+ut5BTVREKi0wJdf fukPP6LjliNAp9z1VdqjnMcjQKecmqXVxXvWmOr2TCo4RcM6zZ8/P3JRJ0+e7A/1GFlY4sx5551n Lr/88mDvqgboLFy40FxyySX+0FtBpf83oUARBYwUU77++ms/M6L2UVC0C9Yppo5C21bqt2O8HeUO 0LnhhhvMySefHD+M0RBknTt3zljOAgQQQAABBBBAAAEEEKh7AgTo1L1rzhkjgAACCCCAAAIIIJCa wLx58/zO899//93ceOONRgE6Cn4Jl8aNG5v//Oc/ZpVVVgkvLnpa2R3CwyzcfPPN5vjjjy+6Hu2g bDBdu3b19yVApyRCdkKgIgJXXHGFOffcc/1jlSNAp9z1VQQhpYMQoJMSLNUWJVDdnsl9993XjBkz JnIOBx54oHnkkUciy6oy89tvv/kZ6dwQc+UI0FEd2267rR8YEm6bfpdpqKtigmzSDtCp5G/HsIWm yx2g8+2335o111wzfhhz1llnGWXJoiCAAAIIIIAAAggggAACBOhwDyCAAAIIIIAAAggggEDZBK6+ +mq/E0IdQwrCadSokWnVqpVZtGhR5Bi33HKLOe644yLLip0ZMWKEOeaYY4Ld+vfvb2699dZgvtiJ zTbbzMycOdMQoFOsHNsjUBmBP//806y33nrm008/9Q9Y1QCdctdXGYX0jkKATnq21JxMoLo9k88/ /7zp2bNnpPEKMp49e7ZZZ511IsurOhMe4qwcAToailLDUW255Zbm559/jjRPgTsvvPCCadCgQWR5 rpm0A3Qq+dsxfo7lDtBR/bpH3LCp7nh77713RqCXW8cnAggggAACCCCAAAII1C0BAnTq1vXmbBFA AAEEEEAAAQQQSFWgU6dO5r333jMHHXSQefjhh/1jHX300WbkyJGR43bp0sW88sorkWXFzjz22GNm //33D3ZbeeWV/U4zBQSVUgYMGOBn/SFApxQ99kEgfYFRo0YZDZHnSlUDdMpdn2tXTf0kQKemXrna 0+7q9kxutdVW5o033ogAKyvgPffcE1lWjhkFiqy11lp+YEe5AnTUrjvvvNMce+yxGU0cNGiQGTJk SMbybAvSDtCp5G/H+PmlEaCz6qqrmh9++CFyqB49evhBUZGFzCCAAAIIIIAAAggggECdFCBAp05e dk4aAQQQQAABBBBAAIHyC4SHiZowYYLp1auXf5AXX3zRbL/99hkHfPfdd81GG22UsTzpAnWaqfMs XBSwM3r0aFOvXr3w4kTTrhOre/fuRm2mIIBA9RGYPHmy2XPPPY2GgnGlKgE65a7PtakmfxKgU5Ov Xs1ve3V7JjUMVOfOnTNg9RvjgAMOyFhejgU77bSTkUM5A3TULg3J9eijj0aaWL9+fTNlypSsv88i G9qZNAN0Kv3bMX5uaQToNGzY0Gio13A55JBDzEMPPRRexDQCCCCAAAIIIIAAAgjUUQECdOrohee0 EUAAAQQQQAABBBAot8Dxxx/vDzHVunVr88UXXxh1/riy/vrrm48++sjN+p9nnnmmueqqqyLLipn5 9ddfTcuWLc3ChQsju/Xp08fcf//9RsM7FFM0JNf5559v1EF22GGHFbNrlbbVkB7ff/+9+e6778zq q69u9JfX8bJ06VLzySef+ItXW201f7v4Nrnm1bEmIw3HoWEXqlpU1/z58/3hy9q0aVPV6qr9/jrf BQsWGM/zTLt27RK3V8Nb6Jrqr+g7dOiQeCgRdeq5+0HPUvw+Vnu+/fZbo3tC13SFFVZI3KZKbKjn /Msvv/Q7dHXuekbXXXdd0759+4xzSdqe8ePHm4MPPjhjmJZSA3TKXV+280jDIdtxtEz3pjKX6b2r 95jujTXWWMMfXlAZxdZee+1cu0aW1/QAnUqaC+6nn34yn3/+uX+PN2/ePGLpZjQU0uOPP27efvtt //5V9jh11OudkK+U8p5N8l2i94u+S/Te0Pu7lGDWcLt/+eUXP8PMN99847+3tE7vJT3vuu80hNKS JUvMAw884AfUbrLJJuHdg+lKPJPBwRJOXHjhhRkZZhR4oe+/Zs2aJayluM3cMcsdoKPvFA3jOXfu 3EiDlLFH92a23x3hDdMM0Kn0b8fweWm63AE6H3/8sT8UY/w4ylakrEUUBBBAAAEEEEAAAQQQQIAA He4BBBBAAAEEEEAAAQQQqLKAgmX+8pe/+MEI5513nrnssssidV566aXmggsuiCxTx706i9SBV2rp 16+fueOOOzJ2b9u2renfv7856qij/E7qjA2W0YJ33nnHDwJS4IY6+fSpjjN1rKqEAw4+/fRT3/G1 114z77//vt/J6ZqtwI3ddtvNyFodoeGiDtjbbrvNaKiQWbNmBcMsqCNWLhtssIE566yz/ECk8H7x 6UWLFpkjjzzSb6NrrwJV1PmvoiAmBULFizrJzz77bNO0aVP/n4KClltuOT+I4I8//vAzoPz8889G HbuHH3642XvvvSNVTJo0yW+/hixTJ7I6RN3+OrbapcAPHbucwSm6Nuo807nqPN21cef717/+1aht 2Urfvn39jvrwvjo/VxQ0ofs9Xu6++25/KDjt5/6pY14BFypPPvmk6d27tx94MWzYMPP000/794Kr R9dUneDKRKU27LffflXucHd1F/OpDk7dc7omc+bMyblrz549zemnn+5nwikUGKD7aPjw4Wbq1Klm xowZWevcfPPN/WCAbCu33npr//lw68pdn6s3/JmGQ7j++LQCtfRuVQCIgqJyFT3zehfqec52H7r9 ignQufjii82HH35omjRpEjynCsrUvatnRs+QglDS7pCutLmGblQWDL0v9I52z6oCdDRMzwknnOBn K9Ezf9xxxxkFnrhtnHOLFi38e1oBMqW+Z4v9Lrn88suNvksUyKWAGRW9PxU8p+dy8ODBBYM0XPv1 qSx5Q4cO9Yfsce/I8HpNr7nmmv7QSv/+97/951jBs2PHjg02q8QzGRyshImNN97YKNNfuOy4445+ hpvwsnJOP/PMM/53uwKAfvzxx6Kqnjlzph+Eo530PRIP7nz++eeNvsfc7w1XubLrPPLII24262da ATrL6rdj+CTLHaBzySWXGL0fw0W/cxUYp4AoCgIIIIAAAggggAACCCCg/6OAggACCCCAAAIIIIAA AghUSeDBBx9URIH/74MPPsioy2YZ8GznbbCN29YGIGRsW8wC1WsDQTLqdfXrmPavxj3baerZv+D3 tP2yLLbzLWdb1WYboOPZABvPdmp79i/og201bQOggnl3fjZ4xXviiSeCU7LBDJ7tFI9sZzvkPdsR G1mm/W2HvWeHCwr2jU/YTquMfdxx9WkDdOK7+PO2EzjvfuE6rr766ow6Ro4cmWh/2wGZsW9VFhS6 NrZjM2f1tsM9b5ttZ33WfU8++eS8+9nAC88GtHi6zmG3XNM2O4WnfSpZbECOZzMLBe3TvWY7/D0b IOfZADpvu+228xo1ahSsV9ttQJFngxvyNlP3da7zTLLcBgNE6i93fZHK7UxaDvHjuHkb6ODZLDkZ RjZgy9tjjz38a2CzYkTWa3sb2OGqyPi0gTyR7fO9n8Pvp1zXY/fdd884RjkXVNJcbrqv4+dqA3My 7m89DzbAwt9WTjYrmzdw4MDIvtdee61PUep7ttD7yn2XXHTRRZ4NkgyOrfbYAE/PBsgFy3ROujfG jRtX8PLo+0nfHWGHbt26+c+6Dcz1rrnmGu+0007zbLBXZBttv+uuu0bqT/uZjBysyBkbBJrRfp2D 3mtpFhu86n//28Djog9jM+EEbc71/ajfFuFr56btEJ95j/fVV18F+9lAk7zbFrNyWf12DLfRBjoG 5+Y89C4spdjgN88GTWfUd+KJJ5ZSHfsggAACCCCAAAIIIIBALRUgg479ry8KAggggAACCCCAAAII VE3AdryZZ5991nTv3t28+OKLWSvbeeedMzKQKOPHv/71r6zbJ114zz33mH/84x9JN/eH9VA79Zfk Gmok/lfmiSsqYUNlF1FWEP1l/JQpU/xhgMLV3Hrrrebll182yqyioiw5ypCx6aab+plklGXllFNO iWSuUYaaN954w2iIEWVbUeYWZcm48sor/XkNiaUMB8rG8re//c1o6CVXlAFBGU2yFWW5Offcc/0M Dy+88EIwxJbbNlcGHf2l/c0332z0l/Fvvvmmfz8oc068aNizW265JSOTz/Tp0/1MMDqfeNGwPdtu u62fNUbDo9nO5vgmJc/r2txwww3+sDXKYjBv3rxIXfky6CiTkbKZKKvFq6++GtlPM7ky6CjziZ4b XdfJkyf7WZUydv6/BcpGYjv5jZ41Zc1ReydOnOhnXdJ0uGioNt03aRdla1JGAGelrEe2I9fPqhI+ tjJAKZuIMji4osxPuq+UDSpbsYF+fqaS8Drb+e/fj26ZDf7xPdx8+FOZmZRhx5Vy1+fq1WeaDuHj aFrDKukdMGLEiGCVMkwpU82AAQNMeKglZcrQu+Too48OtpW3Mpdly2BUTAYd+doAi6De8ITeP8o0 sssuu/iZe8LryjVdSXNlJtlmm238d5prv7KQ6XlU5ji9X+V80kknBdlptJ2eDT3X6623nn/frrLK KkH2En0P6HqV+p4t9F2ijFZ6F7n7pFevXn5GNg1zpGweykJ27LHHmkcffdSdktF3hbLa5Bvu6Lrr rjM2AMffR8NVKeubbLIVG4RkzjjjjCCDkN5dere6kuYz6Y5R6qcyDSkjUrwoE6CyDVXHUiiDjtqs 56ZHjx7+74zwOSgTlr6vcw29llYGnWX529Gdf7ky6Oh9q0xl9957r6va/9xyyy3NtGnTyvp7JXIA ZhBAAAEEEEAAAQQQQKDmCdTSwCNOCwEEEEAAAQQQQAABBCokEM6OYzsDcx7VDn+T8VfFyqyhDAJV LTYYJSMjgP2vs4zjxZfZ4BxPf9k8e/bsqjah6P1toIxnO24jbbRDUPnzynhgh1LJWqftYPO22mqr yH42kCfI2GCDcDz99X+2YgOAIvspw4YdYivbppFlNsDG69y5c2TfXBl0IjvaGRuA4sUzeeg65Mvk oewP4Wu1+uqre3YIDk9/nV6JYoOLPDs8S6QN+TLohNt0zjnnRPbTeeTKoBPezw5RFMma5M5fmS7s kBmerkG2YocS8rPUuO3dpw2IybZ5WZfZoWsyztUGBmQ9hu7brl27RrZXlgJljEha4lmkdJ9UpZSr vko62ECLiKGyodhAp5wMe+21V2R73R+2Iz7r9sVk0NE97e4196n3kjI42Y7qrPWXc2GlzG0wpWeD CSPnmiu7iQ04jGyn7Do2eC04bRvI57Vq1crTu8QG5QXL3USp79ls3yXrrLOO3xZlzLFDcrlDRD71 THbs2DHSZmXsylVsYJe34oor+tvbgA4vSSYVZWZx94cNxshVdbC8XM9kUGGJEzb4MWi3a78+bRBn iTWmv1uSDDpqxccffxz8Xgifmw0kyfkdm0YGnerw21Ee5cigY4PhMr7fZLvDDjsk+o2ldlAQQAAB BBBAAAEEEECg7ggwxFXdudacKQIIIIAAAggggAACqQgMGTIk6LBbtGhRzmOoI94N+xHuFBo2bFjO fYpZYTMBeIWGGgofNzytQCGbAaGYw5Vl2759+2btBLTZFfLWr2FEwu130wqiUWdtrqJgnPhwSRMm TMi1eWR5fIiWpAE6qsT+9XhkmBW1V8Oi5GrrQQcdFJzfFltssUyGJlOgk3PVZ9IAnUmTJkX2075J AnTkpOGJwsfUtM0QpVV5i54ttS++b64gr7yVFbHSZpLIOObhhx+eswabSSdjOKBigmzK3Xlfrvoq 5aB7IX6NNdRRvmKzCGXso3dltpI0QEeBJLrOri0KKNQ7KVcQWbZjVXVZpczPPPPM4Dx1vhqeLV8A 0vbbbx/Z3mZ3K+pUS33P5vousRlv8h7fZtqKtNdma8u5vc0MEmzbpUuXnNuFV8jKDYFXkwJ0sj1r uv6jRo0Kn161mk4aoKNG33fffcG1dM+xPnW/ZytpBOhUl9+O2QJ0NFSj3pPZ/o0ePdpTkJ6GdFMg rAuGCzsqEO/666/P+RsnmzHLEEAAAQQQQAABBBBAoO4IEKBTd641Z4oAAggggAACCCCAQNkF1Pm2 7rrr+h09Rx55ZMH6jznmmIxOIXUgl6vY4V/8ThE79I1Xv379jGOFO1CyTStTSSXLqaeemtFGZcMp VLJlj1CHkh2Wo9CuXrwTXlkfkpQLL7ww0tZiAnRUvx3KLCPLUbZ75q677gqOs88++3h2yK4kzSv7 Nscff3zQDt0rSQN0Xn/99ch+2jdpgE782hTTua8sUPF7XpmL1PmYVgl32Lvn6Yorrsh7uHgWHTtU Ut7twyvLFVDj6ixXfZVwsEO+eXYIosi9ZYcNdKeS89MObxXZR++JXBm24vefHRYvo15llAln5bHD YnnvvvtuxnZpL6iEuc4hnq2s0HfEP//5z4h3mzZtiqIo9T2b7btE2ZbyBROpYWPGjIm0t2nTpjnb e/bZZwfbKtg26bvFDgfm71eTAnSyZfzTOy5XNqKcaBVcUUyAjpoVDrJz729lbFPWu3gpd4BOdfrt mC1Ax3kU+6nvFAXmKAsfBQEEEEAAAQQQQAABBBDIJUCATi4ZliOAAAIIIIAAAggggEBBAQ2t4jow FDRSqEydOjXY3u2nzxkzZhTatej1GjpLwyINGDDAUxBQPHghfHw3rc6pQhkpim5Inh1OO+20DI+n nnoqzx7/uyrcEefanjTQYdttt40c89xzzy14PG1w0UUXRfYrNkBHdbi/mHdt1ufll1+uVX7RPaRs Rlq+zTbbLNNOrngmi6QBOm+88UbESedSaoCOspIUU+JZf3RsDf+WVlFGpvDQZx06dCh4rv369Yv4 5MvYEW93uQJqXL3lqq8SDvHOdL2rcg1V5c5Pnwrs2WmnnfzMWcr+ogC4XKVQgI4yICkgR/eV/vXp 08dTwM6yKJUwV8BngwYNgvPVOWvIpnxFGcmcj/vU8HVJS6nv2WzfJePHjy942GzfydmG31JF8bZp SKTXXnut4DFc0OV+++1XcNtyPZMFD1RggxdffDHjOup6FspuV6DaVFeHfxcsXLiw4LH07LZv3z7j PJX9JT70aLkDdKrTb8dcATq77767V+jfUUcd5SkoVYFuej8uXbq0oDsbIIAAAggggAACCCCAAAIE 6HAPIIAAAggggAACCCCAQMkC6pxQp5U6eQr9pb47yPrrr5/RIXTyySe71al9KmuEOizPOeccb7PN Nstog+tMVedUks6tcjQ0W6fqvHnzClb9wQcfZLS/UGYHV+mOO+4Y2ff00093q/J+xjtnSwnQ0QEO PvjgyPEVaPDYY495OieXIURDRiiwYFmW+LWpCQE6ymTi7mP3qaCZNMtvv/3mqTP7pZdeSnSY+PBs ysCVtJS7876c9aXpoCHMlPnGXVN9KlCm3CVfgM64ceO8lVde2W+DntmLL7448Tu/3O109aVprmN8 8sknEXO5a3ibfEXZR8LXSdNJglhcnaW+Z+PvKx03SWBgMQGFCl6Nn5vmlVFJmWVmzpzpLVmyxJ1K 8KmgBQWeJvluK+czGTSghIm5c+dmPdfzzz+/hNr+dxcNAafAsmKCOLSt9kny+6rYAB21Su/teBCa rqmC78Kl3AE61em3Y7YAHb3jKAgggAACCCCAAAIIIIBAWgL+f3HY//iiIIAAAggggAACCCCAAAJF CdjsAsYGsxh92r+kN8cee2yi/S+77DJjO78i27Zo0cLYDiBjs6dElqc5M2fOHGOzx5jHH3884zC3 33574vPJ2LmIBTY4xlx77bXBHrZz0ncIFuSY+PDDD40NvIisfeKJJ4ztKI0syzZjA03MlClTglVq w9ChQ4P5XBO2Q97YIKBgtQ3QMXYYkGA+6YQd+sH06NHD2I7hYBdd9+WXX94sWrTI2CAAM23aNNOp U6dg/bKYiF8buU2aNKlgU2xWE/95CG9oO8pNy5Ytw4uyTtugC6P70hUbzGJsx7ubTfRph7UyNhgt su3HH39sbBBdZFklZr744guje9VmY/D/2Y5Q8/zzzxsb0BMc3gbomI8++iiYzzfRunVr8/XXXweb VPU5LXd9QcNiE1V1sMENZs8994zUaju4zciRIyPLqjoTv//sEFf+ce2wTcYOvWRskIB/CDv0mrFZ Uap6uFT3r6q5Gmf/jzjTvHlzYwMkgrbaIQHNcccdF8zHJ2ygirGZrILFDRs2NDZTibEBVsGyfBOl vmfj7yt9N4eflVzHLOZ9pe96G2BrbKBNruqMznfjjTc2el/a7CP+u76Y7/VKPZM5T+D/Vuheb9y4 sbEBMpFN9TtH751Sig2+MoMHD/Z3tRn9fKvlllvOaNoGhARV6r7T8W2wk/n999/95ZdeeqmxwUHB NtkmbICUscHH/iobZGxWWmmlbJtlLNNvskGDBmUsv+mmm8wJJ5zgL9e9pGujYgPXTLt27fzpUv6n uv121PfTGmusETkVXQ/3vousYAYBBBBAAAEEEEAAAQQQKIdAWpE/1IsAAggggAACCCCAAAK1W8AN W2H/uyTrX5oXu/zRRx9dJmDxjAVqt4ZXqkSJZz3o2bNnosNmy6Cj4RWSlGWdQUdtVHYCG7CScd/o L/knTpyY5DT8bUaNGuX16tWr6H9Jsg3Fr01NyKAjlC5dumS42sCixKZV2XDBggWeDRrxevfu7dmg u4x2ZHsn1JYMOmG3cjtcd911GZa2wz58yLJMxzPoKCvKAQcckHHspk2berNnzy7LMctVSbnNXbts YFTk/DWMXL5ywQUXRLbv2rVrvs0z1sW/j5JmKou/r5J+lxSTQUeNVSalJMNFumd9zTXX9EaMGOEp e0ySUl0y6KitHTt2jFxLnVO3bt2SnEbWbVzWGGdTzGf//v2z1hleWEoGHe2va7PDDjtknKsNUPJm zZrlH6KcGXSq229HMuiE7yKmEUAAAQQQQAABBBBAoBICDHFVCWWOgQACCCCAAAIIIIBALRTYfvvt /Q4d+5fHfkCLglqS/tMwUvHOKXWEFlNs1g3vkEMO8f71r38Vs1vWbQ899NBIezS8weLFi7NuW86F 8U7VpEEg2QJ0bKaSRE2rDgE6aqiG1rBZcyLu6sy1GXYSnYc20tAq8fsoyfzee+9d8BilXptiO7zD DYkHSGg4qGKLOvTjBgqaSbNoODJ1INvsGRnH1rO+7777ekOGDPE76uPXrDYF6KTlcPbZZ2e43njj jWW/pPH7L34fhec32mgjz2bCKHsbiq0wLXPXjrvvvjtir2H4cg0dpe+MeODh9ddf76pK9FmuAJ2k 3yWlvK9sZiUv23d4+P6IT2+33XaezSRU0KA6BejonRU/D5vxxps/f37B88i2gc5fw3zZbDTeZ599 5tnsRZ7NyOQPVxc/jub79evnD4+modY0RGehUmqAjuq1Gac8m30t43w32WQT/zu5nAE6y/q3Y9yR AJ24CPMIIIAAAggggAACCCCQtgABOmkLUz8CCCCAAAIIIIAAArVQQMExCmJRJ1Ipnf+PPfZYRkeQ Or7UcZW0uI7TYgN7stVvhwDylL0l3EmWNOAlW31Jl5UaBFIbAnRk1L1794i5/BV0lbTEgz3C1y/f dG0O0MmWpUGdwGkVPYfNmjXLuI4K1hs7dqxnhwmJHFoBC+FrU1sCdNJ0sMMXRczkV6kAHb3nzzvv PM8OzZPRhkLZZCIXPoWZNM3DzY2/Z+wQfZ4d+ii8iWeHwfID0cL3tt4z8fs/slOWmZoQoKNmK2DE Do3ode7cOXFGHQUN2WGbspz1/y+qTgE6yvSWLVuQHdrx/xtchqmpU6dmPFu6j4oJVlUzqhKgo/1H jx6dtR0DBgzwyhWgUx1+O+pcw4UAnbAG0wgggAACCCCAAAIIIFAJAQJ0KqHMMRBAAAEEEEAAAQQQ qGUCgwYN8jtymjRp4i1atKjos1MnXbYhcK688srEdd1xxx1+Gzp06JB4n3wbqvMw3Ln6wgsv5Nu8 LOvqcoDO8OHDI95h+yRDUOkCxDvOw3Xkm+7bt2/B61fqtSklI4VrTDyDSSkZdLIFPY0ZM8Ydoqyf uoYuUM95t2/f3ps8eXLO41QiQEfZmYYNG+ZNmTIlZzu0ImkwQKH60nbQuThf96mAmXKX+P230kor eQqmdCXbcFdpBAq54+X7TNs8fOzp06dn+G+xxRbe7bff7g/5pCHI2rVrF9lG6xW0U2ypKQE64fPS eWoYPb2vFLS11lprRSzcPavPQgG95Xomw+2ryvTuu++ecS4HHXRQVarM2FfZa8JGmm7UqFHGdoUW VDVAR/Ufc8wxGW1Re2677bZguTL6lFqqw2/HeNsJ0ImLMI8AAggggAACCCCAAAJpCxCgk7Yw9SOA AAIIIIAAAgggUMsE/vjjD69t27Z+Z82RRx5Z8tkNHDgw6PBxnVMdO3ZMXJ8L0NGwOoX+Kj9JpSef fHKkPfpL77RLqUEgNT2Dzvjx4z1lTNJ132qrrbxdd901Yq+gj0ceeaQgv667sgwU++/3338vWHep 10aBXe5+dp+5hsSJNyIeIFFKgE62wDcNpVLu8s4772Rkl2jevLk3Z86cvIeqRIDOBRdc4F+DE088 MW9bkgYD5KuvEg4KsHL3kvtMEmSW9+SzrIzffy+//HJkKw1p1alTp0hbFEgQ3y6yUwozlTAPN3uf ffbxz1nZYlq3bh05f3c93KeGCbrpppu8JO+Y8DHcdHUO0Hn22We9nXfe2Zs4caJrbs7PGTNmeEcf fXTwnnc+Xbp0ybmPVpTjmcx7gCJXPv300xnXW99ds2bNKrKm3JuHs9M4Jw3/WGwpR4COnvH4e8C1 yX2WGqBTXX47xl0J0ImLMI8AAggggAACCCCAAAJpCxCgk7Yw9SOAAAIIIIAAAgggUMsE1EnnOmoK ZajId+pvvfVWUI+rT59JO3tdgI72CWd5yHfMfOvOPPPMoD0rr7xy0UOT5Ks717pSg0BqcoCOOhGV mUPXTdlWvvnmG0+dgptvvnngr3UrrLCC99prr+WiS335GWecEWmPMiwlKeH7Uuehf5UK0Jk3b16k zTp2y5YtPXWMlrv06dMn41jTpk0reJirr746sl94iCvdC/vvv7936aWXZq2n3J335aivEg7qwHcB be6e0rNTSlFQW65hl+Id8zpuvLz//vvB8+vaoowp//3vf+ObpjZfCXPXeGWHceep4DMNbfWvf/3L O+GEE7w99tjD23rrrf179uKLL/YeffRR77vvvnO7lvRZnQN03PeVgnSSFn03K9jEGeq9nuv+U53l eCaTti3pdtmGDVRQablKdQrQ0TkpC5wC79w1i3+WGqBTXX47xq8bATpxEeYRQAABBBBAAAEEEEAg bQECdNIWpn4EEEAAAQQQQAABBGqZgIawUIeNhvTI19GW5LSVkSDe+dO/f/8ku3rhQIhevXol2iff RuGhLHbYYYd8m5ZtnevwdAZJg0BqaoCOAlXc8CfxbCsa5kPBJM5Cn+qszRYkULYLkKeieEd50mtz +umnR85B51FqgI6CWYop5513XsaxTzrppGKqSLStAn4aN24cOdaGG26YaN9DDz00sl84QEcdv/LS 0HnZSjx7ya233pptM88FVxU696rWV0mH3r17R9zkpI70YsrMmTO9Bg0a+EEl2fZLEqCj/ZTdSscP /1PAQhqBYPF2VtJcx546dWpwnnrvpl3i753DDjss0SFL/S4pZkg+l2VO99CCBQsStUsbDRgwIDDU PfPLL7/k3Leqz2TOiquwYuHChd4666wTOQedhwKyylE+/fTTjLqXVQYddz7K3hZ+vsPTpQboVJff ju4c3ScBOk6CTwQQQAABBBBAAAEEEKiUAAE6lZLmOAgggAACCCCAAAII1AIBZUlwHfPqSKxqGT58 eEYnkLLX5OvAc8cMB+io8+jKK690q4r+VAfcaqutFrTlrLPOKrqOUnYotVO1JgboyHjLLbf0jXUP qeM7Xl555ZXg/nIdgtrn559/jm+a+vxVV10V3A9qS7du3QoeU8PaxIcA0r6lBugoS0fS8vXXX3sr rrhipM0KcEojs4mCqdz1cZ9Jh7uLd3QXE6Cz2WabRY57xRVXZOU56KCD/O0GDx6cdb1bWNX6Kumg YeGctfvUcEHFBMVoWCztq2cqW0kaoKN940EXqvfCCy/MVm1Zl1XSXA0fN25c4F6O77xCGDUhQEfX upjh9xTI4u7ZVq1a5SWo6jOZt/IqrNTQhfEsVsoG9OKLL1ah1v/ddcKECYGPcyolQEcZ59z+8+fP r1K7FHwdH3rS1V1KgE51+u0YhyFAJy7CPAIIIIAAAggggAACCKQtQIBO2sLUjwACCCCAAAIIIIBA LRIIB5S89NJLVT4zdSJlG0rh/vvvL1h3PECnXr16XpL9slUc7mxWZhd12FSinHLKKUGHmjq/evbs meiws2fPjuynfTX8SpKi7ECuo02fp556apLdvEGDBkX201/DJy26zt27dw/217XLVR588MFgO9fO Aw44oMrZmnIdL9fyxx9/PNKOjTbaKNemwfI777wzso9rf9IOzXiAhDpp33zzzaD+fBPHHHNM5Nh6 Hp577rl8u5S87tdff80IpNKwQ4VKtmHt2rRpE+ym4c9ktsoqqwTLwhP77rtv5BwPPvjg8Opg2gVJ PfDAA8GybBNVra/SDi4Dhbuv9HnzzTdnO7WMZQokqF+/vu+Xa5/1118/4jt37tyMetyC3377LSMY Tffc2LFj3SapfFbaXMF1zrthw4betdde6ynYMK1S6nu21O+ScFCHO89cWctcBh1tp0BaDUmXpNx1 112BYaGhoar6TCZpT6nb6DtBQTnOyTlU9bdQ/JxVbykBOvfcc0/Qtueff77U0wz2072/+uqrB3W6 8076fRZUZCeq02/HcLs0nW1oSJ1rVTNExo/DPAIIIIAAAggggAACCCDgBAjQcRJ8IoAAAggggAAC CCCAQE4BZWm44YYbIh016kgsR8k2zNUWW2zhKRtJvhIP0FGHijpQix12YtKkSUHHteq477778h22 rOsOOeSQiGnSYYKmTJkS2U/t/ve//52obR06dIjsqyGHkpR4AIiGBEtSlB0gnDVFQQJLly7Nu6uG JtI5hf8lDSTKW3ERK5XFSUMtuTYo+ODzzz/PWcOHH37oKTuE2z78+eyzz+bcL7wiHqCjOhTAkqvD XPvqOQl3nLvjnn322eGqyz698847R85VHdcKsMlV1Nnbtm3byD5qq1yV/UdFAXZatssuu2StRlmy 3PnpU1mv4hmC1DHttnn33Xez1uMWlqO+Sjr88MMP/tCC7vz0qUAJZXnJVzS01dprr+27bLXVVlmz 7qgzulmzZoGd6lbwRr6S7T2kLE7lyCqS77iVNFc74oFLGuKpadOm/r+VVlrJd1NQmYI79a7bfPPN vT322MPPKPTMM89k9c51fqW+Z0v9LnniiSci11zXPdfQafH3zG677VYwWEnZz8LfOYWCaMvxTOay LcdyZX4LZ9uTl+4HZT5asmRJ0YdQFjDVEf9XbICOvps6duwY1LP99tt73333XdHtie/w5JNPBnW6 NhYToFMdfzvGzzHbMG861y+//DK+KfMIIIAAAggggAACCCCAQFkECNApCyOVIIAAAggggAACCCBQ +wQ0lMjo0aO9yy+/3IsPO+E6ag488EDvkUceyRu4EJdRZ7yGMtJfox977LF+B72rL/z517/+1Q+W UYe7OlDif62fLUDH7a+gn4ceeihvkI+CRNSpFh62ImnQSfycks4r88Lrr7/uD+90/fXXZ80epMAK dXxru/A5z5o1y3v11Ve9xx57zNPQNu5c3WfXrl39ddomHJigOlSX6tTQXW5796mOQLVFHY/azmWH UMeq3KdNm+Zn6YgPqhAC2AAAQABJREFUn6ROyauvvtrT9VFHvvtrc13fhx9+2Lv44ou9bMFXOq6G NstVdLx4lh/XVgVuKEuAAgBmzJiRq4qyLY9nLOnVq1fWTs8xY8b4gRJqZ7iT1LVbHdS6X2UVvjbx hmYL0FEdLVu29NSRHi8KetE9646jTwW8HHfccSV1Fsfrzzevcw4/Ozq2ghOyBWc8/fTTQbYVBYrE gxD0rKujWkNyqZ5//vOfWQ/9448/+tl1wuer4azcPatOameoAIlCpRz1VdpBwVoKAAkbaFpDjMWH tVEHvQIr3bCECioJPzfqgNazqwAyvYvjdfbo0cPT+emdoqxd4aJ7T0OIxffRvN4NAwcO9BSc9847 74R3K8t0pc1vvPHGrOeZ7dyzLdNzMXTo0KzPZKnv2ap8lyhgS9/B+n7P9t2u4I5s1z0eoKNz1fOW 6xor+5fuIWdSqWeyLDdZnkree+89TxnV3Hm5Ty27/fbbEw3JqOdQWcfcvhtvvHEQRKdlhQJ0Fi9e 7E2fPt2/TvrNoGfb1eU+11hjDe+SSy7xNDzeyy+/nOeM8q8KZxhU3YUCdKrzb0f9TlEmN73TFJyt 7+Vsz4DOc9ttt/V/b0yePNl/T+a6z/PrsRYBBBBAAAEEEEAAAQQQyBQgQCfThCUIIIAAAggggAAC CCBgBc4777yMDh/X8RP/LCZbRzH1ho+jQKFwCQfobL311n7H8yabbBJpc7t27bx+/fr5QUYK2FGQ iobbUIaWeAebghrUWZpmUTaF8DkVmlY2AVfCWWgK7de+fXu3mx/4UGj78PqJEyf6+ypQJry80LTL HqCO6ELbKrAjV9EQKIX21/pcwyDlqreU5RrqbL311ou0R52ee+21l5+1RtmHdI+59qqT9eOPPw7m 3fLw56abbpqzKS64xG1/xBFHeK1btw7qUyYP3bv9+/cPAl7ctvrU0E66bpUqyoahYIxwGzStDn61 U89UuPNTgUofffSRPxybG24pvq/OMV/mAg2hFB8WT9l7ttlmG0/ZTFSfMh/lygIStylHfZV2UHDG UUcdlWGv4CzdQwok0zsgbKsgL3Xoh0u2gIvwPuFp3dvhoqC+8Ppc0wpYS6NU0lzPtAImcp1j0uUK UFFGkXAp9T1ble+SFi1aJD6X8PsqfL8oW1A4QE+ZvjRUk4YyUmCjgkh1Pzob3ZMK6kpSyvFMJjlO VbbRddRwjNkCMvXdtN9++/nDoSlITUFwCn5V0JMyD+pd5Vz0qeDa77//3v/ucEGKCqrLVz799NNI HeH6ck3nqy/fOg0rF/5t9dlnn+XbvFr/dtTQfLl8Ci1XhjEKAggggAACCCCAAAIIIFAOAQJ0yqFI HQgggAACCCCAAAII1EIBBdJoyKhVV13VH2ZHHb4KVlh33XX9oAR1JGl4FW1z9913JxbQEFLq1Ndf fK+++uqRutU5r386jgIfdAx1dqlDXhl3wsUF6KguN7SOOl+uuuqqSNBEoU4XDUv01FNPhatObVqd qgpM0LmvueaafsYReYZd1R656rzCATrq3FWnnTpG11prLb8DXvvpn66Nhg/SOm3Tu3fv4BzUKahr pM4l1S3X8DEV+KO2KLhBbQsH6Li2KihF2+lYuj7af22bCUX1qV51xLoAHQ2JoYAJBQSoXe56an+3 vdqTqyjzhjrDw/edq0NtV1uVzWe77bbLVUVZlysYQsNrxYc1Cd9XOl9lE1FWg0WLFuXtAAx3eMcb Gg/QueaaazwFCanTW8cIHzM8reuhrDPuGsTrTXNewTTKRBUOJAq3TdO6R5S9KTzkirIshQMFdE/s vffe3rx58wo2V1l6smWR0rH0zkganOMOVI76loWDMlkoADFf8IiMdf9qeKx4ueWWW/x3g943cnPv ePeM6z2j+17vFGUqChcF6ChAI/xeCb+PVJ8CpdIK0FFbKmGu4NN4MJk8FLCgoRjdP2UL0zKdd/z+ D8+fccYZYUY/oK6U92xVvksUQKf3Sa7vkvB119BZrqjtOheds7JPKetat27d8p6v3k3KsldsKccz WewxS9legTqjRo3KGjAZvu7ZpvW83HvvvZFMf3PmzPHr0r2UryigR/eavgv1jOv73z2/Mte0rqOu sa61ApKrUpRBS9+9Oo6Gf8xXqvNvRw0JqfebnmH9xtBvEv2WkZmWu3+a13L9jtFvUL1j9Z6kIIAA AggggAACCCCAAALlEKinSux/KFIQQAABBBBAAAEEEEAAgRol8Nxzz5nddtvN2A5Uc9lll0Xabocx MDbQxNihCYwdysC8//77xnZQGxtAYWywj7GdLsZ2WBkbEGAOPvhgYztqIvszg0BcwHbEGpsJwdjM BcYOJWRs4I6xHaDGdswbG4RgbECVv4sNkjF26C9jO/P8+0r3lvtngx2M7ezz78F4/ZrfcMMNje2g DVbZAB1jg3P8eZvdydhOa3+9DQLy69F9bDtyjQ3sCfZZVhO249PY4bvM3Llz/X8LFiwwtvPT2E5o Y4dkMjaQI6Npeh7tUC/+cp1Dsc/hBx98YGxWGGOHcTO2A9XYIUmMDR4wNtgn41hJFpSjvmXhYIfr MzZYx783PvzwQ6N71XbeGxsUZ2y2juDeTGJQE7dJw1yGNvjJjBw5MiCxGbPMueeeG3neg5WhCb0b 7DBIxmZtM3bII2MDR0NrjbHZVMyWW24ZWVYTZnRv2UBZY4eoM3qXuWIzDPnna4c28r9nbWCD/y7T M20DP91mJX2W45ks6cBF7qTfHC+99JL/jtZ72mYK878n9LtD6/T+s4E0RjZ2CEez4447GhtkWuuf zSIZ2RwBBBBAAAEEEEAAAQQQqBMCBOjUicvMSSKAAAIIIIAAAgggUDsF1DHrAiOSnKE6srW9zfiS ZHO2QaCiAvkCdCraEA6GQB0XuOeee8w//vGPQEGBOTZLVTCfdMJmhPIDWsaPHx/scvrppxs7FGAw z0TtFVBwjv4V8zul9mpwZggggAACCCCAAAIIIIAAAhIgQIf7AAEEEEAAAQQQQAABBBBAAIFqIECA TjW4CDQBASuw1157mXHjxvkWdmgfP3OWHSqoJBtlvFK2LTsslL//nnvuGdRdUoXshAACCCCAAAII IIAAAggggAACNVaAAJ0ae+loOAIIIIAAAggggAACCCCAQG0SIECnNl1NzqUmC2ioNDf82mabbWbe euutKp2OhnrTUFAqGtpo2rRpVaqPnRFAAAEEEEAAAQQQQAABBBBAoGYKEKBTM68brUYAAQQQQAAB BBBAAAEEEKhlAgTo1LILyunUWIEjjzzS3HvvvX77NSTiZ599Ztq2bVvS+cyZM8fo2Xbl73//e1C3 W8YnAggggAACCCCAAAIIIIAAAgjUDQECdOrGdeYsEUAAAQQQQAABBBBAAAEEqrmAhsH58ssvg1YO HjzYXHDBBcE8EwggUBmBxx57zOy///7Bwbp162bGjh1rmjdvHixLMjFv3jzTp08f89prrwWbjx8/ 3uyxxx7BPBMIIIAAAggggAACCCCAAAIIIFB3BAjQqTvXmjNFAAEEEEAAAQQQQAABBBCopgIffvih 6dixo/njjz+CFu6yyy7mmWeeMcrgQUEAgcoK9OvXz9xxxx3BQTVM1e2332569uxZ8Jn8888/zcSJ E03//v3NF198EdQxcOBAM2zYsGCeCQQQQAABBBBAAAEEEEAAAQQQqFsCBOjUrevN2SKAAAIIIIAA AggggAACCFQTgREjRpgxY8aYH3/80bz55pvm559/zmiZhtXZaKONTKNGjcyNN95olGWHggAC6Qss XbrUXHzxxebKK6+MBM6tu+66pm/fvqZr167+86hn0vM8M3fuXD8YZ/r06eauu+4yn3/+edDIxo0b m1tvvdVo6CwKAggggAACCCCAAAIIIIAAAgjUXQECdOrutefMEUAAAQQQQAABBBBAAAEElqGAsmkM Hz48cQtmzZplOnXqlHh7NkQAgaoLKHhu6NChRsNeLV68uKgKV1ttNXPAAQeYk046yWyyySZF7cvG CCCAAAIIIIAAAggggAACCCBQ+wQI0Kl915QzQgABBBBAAAEEEEAAAQQQqAECn332mbn//vtNkyZN /H/LL7+8qV+/vt9yZeTQcFe//vprkFnnhBNO8LerAadGExGodQLz58/3h5x7+eWXzSuvvGK+/vpr s2DBAv8Z1TB0zZs3N61btzZ/+ctfjDJf9e7d2/Tq1cs0bNiw1llwQggggAACCCCAAAIIIIAAAggg UJoAATqlubEXAggggAACCCCAAAIIIIAAAggggEAdF1BWHQXWEYhTx28ETh8BBBBAAAEEEEAAAQQQ QACBBAIE6CRAYhMEEEAAAQQQQAABBBBAAAEEEEAAAQQQQAABBBBAAAEEEEAAAQQQQAABBEoVIECn VDn2QwABBBBAAAEEEEAAAQQQQAABBBBAAAEEEEAAAQQQQAABBBBAAAEEEEAggQABOgmQ2AQBBBBA AAEEEEAAAQQQQAABBBBAAAEEEEAAAQQQQAABBBBAAAEEEEAAgVIFCNApVY79EEAAAQQQQAABBBBA AAEEEEAAAQQQQAABBBBAAAEEEEAAAQQQQAABBBBIIECATgIkNkEAAQQQQAABBBBAAAEEEEAAAQQQ QAABBBBAAAEEEEAAAQQQQAABBBBAoFQBAnRKlWM/BBBAAAEEarDAwoULTdOmTU39+vVr8FnQdAQQ QAABBBBAAAEEEEAAAQQQQAABBBBAAAEEEEAAAQRqhgABOjXjOtFKBBCopgKLFy82nuflbV2jRo1S D4JYsmSJ+fPPP/O2o3HjxnnXs7L2CsycOdPcc8895r333jOff/65/++XX34xuifat29vNtpoI3Py ySebHj161F4EzgwBBBBAAAEEEEAAAQQQQAABBBBAAAEEEEAAAQQQQACBZShAgM4yxOfQCCBQ8wXa tm1r5s6dm/dElltuOTNy5EhzxBFH5N2ulJUKytl+++3NtGnTCu5+3333mcMPPzzndlOnTvXradWq ldlzzz1N8+bNc27LiuovoOCx+++/39xxxx3mlVdeyWjwCiusYH799dfI8t122808+uijpkmTJpHl zNRtAd4Ndfv6c/YIIIAAAggggAACCCCAAAIIIIAAAggggAACCCBQHgECdMrjSC0IIFBHBZIE6IhG 233yySdGwTrlLI8//rjZb7/9ElV54YUXmksuuSTrtkOGDDFa78oqq6xi1CnfqVMnt4jPGiTw/vvv m0MOOcS8/fbbQauXX355c+SRR5q+ffuaDTfc0Ky88spm0aJF5rXXXjMnnnii0T4qe+21lxkzZkzq WZ+ChjFRrQV4N1Try0PjEEAAAQQQQAABBBBAAAEEEEAAAQQQQAABBBBAoAYJEKBTgy4WTUUAgeon oKAbZSH56aefzFdffWVuv/1288wzz2Rt6NixY02fPn2yrit1Ya9evczEiRMzdm/QoIE599xzzY47 7miaNWvmZ0RZffXVs2bF0VBHCtb4/fffI/Uceuih5sEHH4wsY6b6C3z00Udm2223NfPnzw8aq4xI d955p2nZsmWwzE28++67plu3bubHH390i8zkyZP9eydYwESdFODdUCcvOyeNAAIIIIAAAggggAAC CCCAAAIIIIAAAggggAACKQkQoJMSLNUigEDdFFCgjgJiPM/LAFAwzYQJEzKWl7pAgRgdOnQwDRs2 NEuWLIlUc9BBB5mHH344sizXjDKndOzYMWO1gnsUqEGpOQIa8mzTTTc1CrpxRUOgKWiscePGblHk 84wzzjDXXHNNZFm+bEuRDZmp1gKDBg3ysyiddNJJRu+fYgvvhmLF2B4BBBBAAAEEEEAAAQQQQAAB BBBAAAEEEEAAAQQQyC1AgE5uG9YggAACJQkoG83ChQvNNttsY15++eWgjnr16hkF1bRv3z5YVpWJ M8880wwdOtQcddRR5q677opUNXDgQDNs2LDIslwzCu5ZddVVjbJlhEsxdYT3Y3rZCTzyyCPm4IMP DhrQpk0bM2vWLD9DUrAwNnH44YebBx54ILJ0wIABZvjw4ZFlzNQ8AQXeKchGmb2OPfbYok+Ad0PR ZOyAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCOQUIEAnJw0rEEAAgdIEFOzyww8/mDvuuMOc cMIJZunSpUFFCqq56qqrgvlSJ3777Tej4IvvvvvOvPrqq6ZLly6Rqk499VRz7bXXRpblm7nyyivN OeecE2yy0kor+fVuuOGGwTImqr/A3//+d3P//fcHDb344ovNRRddFMxnm1DwRv/+/SOrRo0aFQn0 iaxkpsYIrLjiiv4QfKUG6OhEeTfUmMtNQxFAAAEEEEAAAQQQQAABBBBAAAEEEEAAAQQQQKCaCxCg U80vEM1DAIGaJ+ACdJ588kk/WCI81FSLFi3Ml19+aZZffvkqnZiCMBSM0a1bNzNp0qSM4YuKDdBR Y2bMmOEPhdSkSRPTp08fs/baa1epjexceQFlbXrllVeCA2toq1133TWYzzah4dgUyDN69GjTqFEj o4w6GvaKUrMF9J5Za621/JOoSoCOKuDdULPvBVqPAAIIIIAAAggggAACCCCAAAIIIIAAAggggAAC 1UOAAJ3qcR1oBQII1CKBcICOMtH07Nkzcnb33XefHwQRWVjkjAJzpk+fblTXgQceWJYAnSKbwObV UEAZj+bMmRO0TMNbderUKZhnou4IXHHFFebcc8/1T7iqATp1R40zRQABBBBAAAEEEEAAAQQQQAAB BBBAAAEEEEAAAQTSEyBAJz1bakYAgToqEA7Q6d27t9loo43M7NmzA43tttvOTJs2LZgvdmLmzJlm s802My4bj/Zv3LhxpJpSMuhEKmCmRgrEA3QUrNOhQ4caeS40unSBP//806y33nrm008/9SshQKd0 S/ZEAAEEEEAAAQQQQAABBBBAAAEEEEAAAQQQQAABBMolQIBOuSSpBwEEEPg/gXiAzvDhw83AgQMj Pm+//bbZdNNNI8uSzpxwwgnmlltuMWeeeaa56qqrzOLFiwnQSYpXy7cjQKeWX+CEpzdq1Chz6KGH BlsToBNQMIEAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIILDMBAnSWGT0HRgCB2ioQD9D54Ycf TOvWrc0vv/wSnPJxxx3nB9kECxJOLFq0yK/rp59+Mh9++KFZd911CdBJaFcXNiNApy5c5fznOHny ZLPnnnua3377LdiQAJ2AggkEEEAAAQQQQAABBBBAAAEEEEAAAQQQQAABBBBAYJkJEKCzzOg5MAII 1FaBeICOzvOYY44xI0aMCE55pZVWMl999ZXRZzHltttuMwru2XXXXc0zzzzj71ruDDoLFy408+fP N40aNTJt2rRJ1DwFH73xxhvmm2++Md9//72/zzrrrGPat29v1l57bdOgQQOzZMkS88ADD5itttrK bLLJJonqdRt5nmfee+8988UXX5j//Oc/ZunSpWaNNdYwrVq18v/pGKUWDQf0zjvvmLlz5/p1N2zY 0GywwQamY8eOZpVVVim1Wn8/1S2P7777zqy++upG90a8/P777+aTTz4xK6ywgu9dr169+CaJ50sN 0NG1UTsXLFjg/1txxRVN586dEx83vqECyD7//HPTsmVL07x58/hqf17Dvj3++ONG2aR+/vln06VL F3PIIYcUHJJL96faqXuiXbt2WevOtlDPia6DAuY07JfuySRF++l5WH755f1h5eL76L5RMIzuQT0z SctHH31kvvzyS/P111/7bZKVAu70zBT7XnDHHD9+vDn44IN9T7dMn+UK0Cnl3RBuh6Zr0/MWPzfm EUAAAQQQQAABBBBAAAEEEEAAAQQQQAABBBBAAIF8AgTo5NNhHQIIIFCCQLYAHQWvKDAlXG6++WZz /PHHhxcVnN588839gAYFNuyzzz7+9qUG6Cgbz5FHHukHLShwQUEICnxQ8IvKYYcdZu6//35/Otf/ TJgwwQwdOtS88MILwX7xbddcc01z7LHHmn//+99m6tSppk+fPmbs2LHxzbLOf/vtt+bSSy/1AzkU zJCrKKDmqKOO8s9HgQ5JigKkhgwZYsaMGeMHFmXbRwFAMtJwYquttlq2TYJlCvI5//zzfU9ZylRB LwpIUAkHSXz66afm8ssvN6+99pofeKQAGRUF6ShIo2fPnmbw4MFZA3r8Df/vf3T/zJs3L1j03HPP GQXHuKL7RYFS8aJrrPNXO9VGBciES+/evc2TTz4ZXlRw+uGHHzYPPfSQH+yk81MAjYoCdDp16mQ0 NNuBBx7oB0EpyEzBJG4bV3mLFi3MjBkz/EAleQ4aNMh31H3pPN39+de//tVMmjTJ7Rr57Nu3rx8g pH3cvuEMVgryynaf3H333UbDQ8nFXUPn2bZtW79OHUj3ou6JiRMn+vVrmYJzdNxhw4b5wTxaFi// /e9/jYLs9FzNmTMnvjqY1/U//fTT/Uw4hQK2FOijYfT0bMkuW8l1H2jbrbfe2px33nmR3crxbohU aGdqw/MWPyfmEUAAAQQQQAABBBBAAAEEEEAAAQQQQAABBBBAAIGiBGznGAUBBBBAoIwCNuuKIhM8 G+AQqdV2hPvLtU7/Nt1008j6QjPTp0/397NZbTybdSXY3GbviNSruk899dRgfa4JGyyQsZ9rmz5t gE6uXf3j24CYyP7dunXz+vXr51122WXeNddc45122mmezegS2Ub12uw/OesNr7BBPJ7NkpOxv81U 4u2xxx6eDWLwbDBUZL22t4Ed4WqyTt93332eu07unG0gkWeDh7x//OMfXvfu3b369esHdTdr1sy7 6KKLPBvkkbU+LbQZjYLtXZ3hTxug47upnsaNGwfb2swsnh0CzbOBGMEy7adzGTduXM7jaYXNthLZ J3y8qkzbAJ28xw2vlLeuRfx4NjDHs0ErkeU2440nS22r895pp528gQMHRra59tpr/eoLedoAnXAz ItM20CdSZ7xtNkAnsr2bOfnkk3Pu16RJE38zPddNmzbNuZ0N6HLVRT5tQI6n83dtscFYvlv//v39 52a77bbL8Npoo408G+wUqSc+88QTTwR1urqL+dQ9Hy9VeTfE69J8bXnesp0byxBAAAEEEEAAAQQQ QAABBBBAAAEEEEAAAQQQQACBpAJk0LG9WBQEEECgnALZMuio/rvuusvPsBE+lrJe2MCW8KKc00cc cYSxHd3mkksuMRdeeGGwXakZdJQ15dxzzzXKlqEMOBpmKVzyZdC57rrrjA3A8TfXcFXKDrPNNtuE dw+mbcCFOeOMM4JsKeHhuYKNQhPKWHLKKadEhgRbbrnl/GwqAwYMiAyZpOw0ynpy9NFHBzXYYBd/ uKpsmUeUwUTZWx577LFg+3333deojfFMMxpOywY6Rbbt0aOHn1lm5ZVXDvZ3E8qIokwmP/74o5ky ZYo/dJFbp09lTnn11VeD8+rVq5exwUxms80284db0tBLyjT06KOPBrspa48ypGQbGksb6XjKgOPK DTfc4GeacfM26MMfDs3Nxz9//fVX89ZbbwXDpbn1STPozJw507/uqseVs846y9igG/OXv/zFz6qk 63PSSSf5Q5y5bdZaay0zefJks9566/n3n4YSc5mGdE66zvLU+eh+0HBu4UxBqidfBh1lhFH2JWXh kXm85Mqgo8xUOpbWKxtROOuODdDxn5Ptt98+GJLLBqKZiy++OJLJxwZf+UNWaUgsVzSMmc7ZnYPu H2WUUZ3h8v777/v35/PPPx8s1pBXej51X2crH3zwgZ+5KLxO7dJz7Uq++2Dvvfc2yrATLlV5N4Tr qW3PW/jcmEYAAQQQQAABBBBAAAEEEEAAAQQQQAABBBBAAAEEihZIGsnDdggggAACyQRcZpZ4Bh1l X3Hr7Mvaz3qRL0tN+Gh2uB0/60qDBg0827EfXuWVmkEnXMkff/zhde7cOZKJI1fb5s6d66244or+ tsoqYgN7wlVlnb7zzjuDugtl0LGBK8G2clJ2GRugkLVeLdxrr70i22ufN998M2N7O4xU5ByVscYG Onk2MCRjW7dALieeeGKkfhtQ49kgHLdJ1k8bNOXZ4JPIfjYAyJ9X5hg7FFTW/ZQZqWPHjpH97FBH WbfNttAO9RXZN34PZttHy+xwaZH9kmTQkcH6668f2e+OO+7Ieohbbrklsp2y69hglWBbG1Dj2eHE PGXFscNSBcvdhA0A8pThyD03+syXQcftp89zzjknsp/2zZVBJ7yfDVyKZFFSxhsbjObXZYfsCu4B O3RdpH49o/H7ww7vFtlGbbABW+HDBdO6B7p27RrZXtfVBs0E2xSasMFRkf2VvanUUsy7IXyMuvC8 hc+XaQQQQAABBBBAAAEEEEAAAQQQQAABBBBAAAEEEECgkIAyGlAQQAABBMoo4IJwsgVHxIfzUbCG hpMpVIYOHep3uO+3334Zm5YjQEeVxtuWK0Dn3nvvDTr/u3TpktGebAsUBOOG98kXoHPPPfcEdbtg DA11lK/Y7B8Z+9gsNBm72Ewnke001FTSEh/6SMN7FSp9+/aNHM+dj80+lHfXSy+9NLJfMUOhlRqg M2TIkMgxkwTonHnmmZF9NBxTvmAnm3kmsr2GEium/O1vf4vsnzRAZ9KkSZH9kgboqG3xoCDtq6HH Pvvss6DpNgtVpH4FO8XL4MGDI9uonsMPPzy+WTBvM+lkDHdVTJBNOQN01Kik74bgBOxEXXjewufL NAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCBQSIAAnUJCrEcAAQSKFMgXoDN79uyMjvorr7wy 7xEU9OAylTz77LMZ25YrQEfZZFwQiT5zBeicffbZwXbNmjXz7FBCGW3KtsAOfeTvlytA55tvvvHs kE5B3WrDzjvvnK2qyDI7vFVkH2U6scNFRbaZMWOG17Bhw2C7Fi1aeHYIoMg2+WaU1UXZgsI+48aN y7eLZ4fHimyvfZUdKF8QiyocM2ZMZL+mTZvmPU54ZakBOnaIr8gxkwToxDPH2KHXwk3JmP7nP/8Z OUabNm0ytsm34Pjjj4/snzRA5/XXX4/sp+uQJIOO2tKhQ4eMfRUsFy5Lly71tOyAAw7wrrrqKk/3 cbyEg9rcPXTFFVfEN4vMx7Po2KGoIuvzzZQ7QCfpu8G1qa48b+58+UQAAQQQQAABBBBAAAEEEEAA AQQQQAABBBBAAAEEkggQoJNEiW0QQACBIgTyBeiomh133DHS6d++ffu8QRsKylGnvoJ0sgV3lCtA RxllXPCAPnMF6MS323LLLb3XXnutoNBdd93l158tC5B2VkaR8PE1BFW2oariB1JAxE477eQH4CiL i44TL/EsOwrqKbYccsghkfZ17949bxWnnXZaZHud2/jx4/Puo5VTp07N2C/bsE/ZKqpUgM5PP/3k aSin8PXSMGb5yoQJEyLba98vv/wy3y6RdfEsLkkDdN54442M4yYN0Il71q9fv6g2uxP4/vvvI8Or KfCnUBv69esXaXcxmZTKHaATf+ZzvRvc+daV582dL58IIIAAAggggAACCCCAAAIIIIAAAggggAAC CCCAQBIBAnSSKLENAgggUIRAoQCdRx55JNLxrkCFp59+OucRFNCibeKZO9wOlQ7Q0ZBT4cAMN73X Xnt5Dz30kDdz5kxvyZIlrnnBpzKNPPXUU968efOCZW7i559/9pT5xtWlzw033NCtrtJntgCNu+++ u+g6b7zxxkj71MY5c+bkrCdbgE6hoAxVlq29SfbTvvGAkmzDrGm7eCk2g84nn3ySYTF69Oh4tZF5 F2gWvsZJArtcJXHPZRGgo+C6Uoue0xdffNF76aWXElVxzTXXRIzXXXfdRPtpo2UZoJPt/q2tz1vi C8KGCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggIAVIECH2wABBBAos0ChAB0Fr7Rs2TLS+a7g lmxFGUaUqaRx48ZeriwqlQ7Q0dBQ8faHgy40reGkOnfu7J1++unec8895y1evDjb6QXLlFkmXsdR Rx0VrK/KRDz7h46jQIlii4Jd4m3MNzxZPKCkVatWiQ6ZLcChugXoKJPTqquuGvG45ZZb8p7fgw8+ GNle98gvv/ySd5/wyrjnsgjQOeOMM8JNKtv0559/7j8nCnAbPny4N2jQIK9Hjx4Rr5oSoFOXnrey 3QBUhAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAnVCgACdOnGZOUkEEKikQKEAHbVFHfDhYI/l llvOUyd9vFxyySX+dkcccUR8VTBf6QAdHXjcuHGehvsJn0O+6TXXXNMbMWKE98cffwTtDk9cd911 GXVdeuml4U1Knj7ooIMy6s6X+SbXgV544YWMevr3759rcy8eUNKzZ8+c24ZX1IQAHbV3zz33jHj8 7W9/C59GxvQFF1wQ2b5r164Z2+RbEPdcFgE6uk/LURYsWOCNHDnS6927t9eiRYuIS67nqKYE6NSl 560c9wJ1IIAAAggggAACCCCAAAIIIIAAAggggAACCCCAQN0RIECn7lxrzhQBBCokkCRAR8E4CsoJ d8aff/75kRb+/vvvXps2bfxt8g2LsywCdNRQZZRRVpjwORSa3m677bwff/wxcp6aOfvsszPq0ZBS 5Sjdu3fPqFtDNBVbZsyYkVFPr169clZTHQJK0hriSietYYvC13u11VbzcmX6UQaleNal66+/Pqdd thXVwVPD01WlfPPNN56CupQ9KGynaT1L++67rzdkyBA/mE1ZtcLb1JQAnbr0vFXlXmBfBBBAAAEE EEAAAQQQQAABBBBAAAEEEEAAAQQQqHsCBOjUvWvOGSOAQMoCSQJ01IQ+ffpEOuAVwKDhr1x5/PHH /fWbb765W5T1c1kF6KgxP/zwgzd06FB/OKukGXWU+SR8nqpHQ2GFgxE0Xa4AnS222CKj7nfeeUeH Laq8+uqrGfXsvffeOeuoDgElaQbo6MTjQSQalmnp0qURk++//94PPAlfX7lpmKxiSk3yzHZeCmhq 1qxZxj20zTbbeGPHjs3wUABT2KymBOjUpect23VmGQIIIIAAAggggAACCCCAAAIIIIAAAggggAAC CCCQS4AAnVwyLEcAAQRKFEgaoPPUU09FOuDVGf/www8HR1V2Fi279dZbg2XZJpZlgE64PQrEmDRp knfNNdd4Gu5orbXWyjg/F3Cg4X3CZdiwYRnbDh48OLxJydPxIBK14cUXXyy6vmeffTajjcp4kqvU pICSa6+9NnJuGnopSZk+fXpkP9kqQOP222/3h0HTkFDt2rWLbKP1uleKLTXJM35uw4cP9+rVqxdx aN++vTd58uT4psF8JQJ0lJlLz96UKVOC42abuOiiiyJtP+yww7Jt5i+rS89bTgRWIIAAAggggAAC CCCAAAIIIIAAAggggAACCCCAAAJZBAjQyYLCIgQQQKAqAkkDdP7444+M4IWePXv6h/7oo4/8Dv2V VlrJW7RoUd7mVDpAR4EqO++8szdx4sS87dJKDQt19NFHZwzn1aVLl8i+Y8aMiQQAKNCjb9++kW1K nRkwYEBG3Ukzy4SPOXr06Ix6VHeuUpMCSkoN0Nlnn318k86dO3utW7fO8HEBWfpcddVVvZtuusnT 0G2llFI9X3jhhYx25RqKK96uDTbYILJvKfeNsjXFs0s1b97cmzNnTvxwkflKBOhccMEF/vmdeOKJ kWPHZ4oJ0KlLz1vciXkEEEAAAQQQQAABBBBAAAEEEEAAAQQQQAABBBBAIJ8AATr5dFiHAAIIlCCQ NEBHVV9xxRWRAAAFMrz33v+wdyfwW4z7/8c/7VooERIphEpCJck5OIecc8Sxb3+kw7fSJkskW5GO FCKkzVqHnH6c7Hsoe8p6CJ02KZFWkZb5z2d8Z9z7d+577nu+s7zm8fi673vuuWau63nduee+7/dc 13+NgQMHWut79+5dYQ38DujYQQkN6bhdHn/8caNWrVpOW2vXrp00pc/SpUvTQjw6wkghi06flTh9 0pQpU5zj2oERHdEk32XEiBFp+9FpyLIttpN9TJ3ay83ywQcfpB2n1IGSQgI6OgqO3TYNm+jUVv/3 f/9n6Gv2b3/7m9GhQwfjlFNOMYYMGWJMmzbNWLlypZvmZ93m8ssvd46nx3XrOWHChKRyWrbUnomN SJ3KTo//5ptvJm6S8f7IkSOT6p04xdV3331n2Q4bNixj2V133TWprI5olGkpRUAnTv/eMpmyDgEE EEAAAQQQQAABBBBAAAEEEEAAAQQQQAABBBDIJkBAJ5sM6xFAAIECBfIJ6KxYscKoWbNm0o/pPXr0 MHbccUdr3ccff1xhLfwO6PTv39+qW/Xq1Y0ff/yxwvrZG6SOrLFhwwb7KetWp1WyAx/2rYZV8lnU S+ul4RB7+fnnnw27T+z9anAk30VDJ3Z5vdXRjXTf2ZaoB3RmzZrleHz55ZfZGIq2PnUUF7cBncsu u8ypp91/fgV0dJSsbbbZJun4++23nyuTs846K6lcYkDnf//7n/Vc3bp1M+4rdTSjbNPk2aGnvn37 ZtyPvTLVPtcUV3H692b7cIsAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIuBEgoONGiW0QQACB PATq1Klj/Xiuo4m4Wc4+++ykH+LtEEHnzp3dFDcqK6Cj9bz11ltd1VE30lFU7LY1btw4rdwzzzzj PG9vp1NhacjB7aLTYmnZdu3aJRWxRySy96uj+Sxfvjxpm1wPFi1aZNSoUSOpfmPHjs1VxIh6QOfp p592PDTAUerllltucY6n/ejm34dOp9W6deukclrWr4DO4sWL047drVs3V1TNmjVLKptPQKdt27ZJ ZXWkrkzL6aefbm13ww03ZHraWZdPQEcLxeXfmwPEHQQQQAABBBBAAAEEEEAAAQQQQAABBBBAAAEE EEDAhQABHRdIbIIAAgi4FVi4cKHzw/iNN97oqtjMmTOdMnaARG8nT57sqvxPP/2UVv7iiy92VTZx o2uuuSZpPxocyrTYI+hoHevXr2/odDtulvvvv9/Zf5cuXTIWyRRWuueeezJum7pSHatWrWodI7WM Gu27777O8bXuGpRInAordX+Jj3XbxL7RaYsqWgYMGJBU5sgjj6yoiPX8+++/n1ROj6tTgLlZWrRo kVR2+vTpbooZo0aNSir317/+tcJyGnKxTTS8pNNkrV27tsJyhW6g04nZx9PbVq1aVbiriRMnJpWx y+sING6WQj3tfetoMqkj6Lh57Xz44Ydp9d5tt93s3RofffSR9byODJVpOemkk5LKn3HGGZk2c8JL Oi1VrsXt/xvsfcTl35vdXm4RQAABBBBAAAEEEEAAAQQQQAABBBBAAAEEEEAAATcCBHTcKLENAggg 4EJAf5Q+9dRTnR/Gd9llF+PTTz91UdIw9t9/f6echgh0iisdGcfN8tVXXyWV1fJaj3yXCy+8MGk/ 2UIaiQEdPdZf/vKXCoMZarPPPvs4+88WPlq9erXRvHlzZzvdv4aAdLSWXItObbXHHntY5dq3b59x 1B0Nvui0VLpP+++cc84xNm3alGvXxj//+U9ney2no/98//33Ocvok2eeeWZSObdTGz355JNJ5fSY bqb60rDRdtttl1R23LhxFdZTN7CnOrJdDjroIFflUgMsOr1YvXr1rD+11vpoiGSHHXYwdESYAw88 0NCpwq677jrjhRdeyNhP2Q6sU6LplE52HatUqWLoyEbZFv13oX1lb594+9JLL2Ur5qz34unsxLxz 9NFHJ9Whdu3aVsAmcZvE+xp8atq0aVIZrbu299tvv7U21X8/uu6YY45JLOrcHzFiRFL5hg0bpr1m X3/9dWebzz77zCmb6Y7b/zcklo36v7fEtnIfAQQQQAABBBBAAAEEEEAAAQQQQAABBBBAAAEEEHAj QEDHjRLbIIAAAlkE5s6dazz//POG/iCeGizRH9Br1qxp9O3b15readasWca6desy7unuu+92fizX cjpFTLZFp2bSH79fffVVQ0el6dChQ1JZLa8jyWjoQqeN0uNqPVOndNLQjAY/3nzzTUNHnLGn5tLy +qdhi5EjRxr6Q74ezx5tJjWgo9vq6DSffPJJxirPmTPH+MMf/uDUUQMauRYdLUaDHHY97FsdxeaH H35IKrpy5UpjzJgxziglGg7RtmZbZs+ebey0005J+9YgUmrdf/31V+Pdd981jj/++KRt9957b2t9 pv3r6DG6f/W+4447rL63627fXnnllcaMGTOs7RJHHtKAkR7v3//+t5E6PZGW/eMf/2j85z//Md57 7z3j888/dw7/zTffWH2jgZOysrKkumo5fU3q6Ci6b+0Huw91ZBft+7ffftvQUWY0BGXX0b7VUVNe e+01q67ZAkl33XVXWjm7vJtbDe3o6D3q7WZJHWHp2GOPNfQ1kLqold2mli1bptVRw2ITJkywXtuJ 4ZSKPHfddVdj9OjRxssvv2yZar9VtGhdqlWrllQHbbeO+JS6PPfcc86oNho4Sw3G/OlPfzJ0uiqt h/oOHz48dRfW4zVr1ljBqMQ+0Oms7BGONNhkjyiV6d9jof9vSK1M1P69pbaPxwgggAACCCCAAAII IIAAAggggAACCCCAAAIIIIBAPgJVdGPzBxwWBBBAAIECBMyRLmTJkiWuS5qBBzniiCPStjd/OJcm TZrI+vXrxQzXyJdffil77bVX2na6whwVRMywTcbncq00Ry2RoUOHOpu89dZb0rlzZ+dxRXfMEIWY UxmJOX2W3Hnnndbm5sgoYo56I1u2bLEem9PwiBkYEjMYYtXx66+/FjPco2FQ63kzUCEPPPCAmKML 5TycGWSyjvPwww/L5s2bnW3NUUTEDFeIGXAQc4QUMacqcp7TfT7++OPSqVMnZ12mO+Y0ZDJ48GCZ OnWqmIEVZxNzyiTZc889xQx8iBnyEXMEI+c5bbcZeBI1NKcsctYn3nnxxRdF2+d2MUNdcsUVV1ib N2rUSMzwkauiBxxwgJhTHFnbJvaFm8J2H/73v/+V1q1buylibaP93a9fv7Tt1V/dNm7cmPZcPivM kIg89dRT1ms/VzkzKCSHHXaY6OvKXszAlXTs2NF6zenz77zzjixYsMB62hyZSsxpvrL+W9KNvHia I/pY/2btumS7NUNScv755ye9lnVbM3hlHV9f42ZYyulXfY0/++yz1r8rM2CU9Dq1j2GOXiRm2Mv6 /4a9LvHWHIlJTjvtNNE+txdz9B4xA2BihpJE/41p/d944w05+OCD7U2s20L/35C0k/IHUfr3lql9 rEMAAQQQQAABBBBAAAEEEEAAAQQQQAABBBBAAAEE3AoQ0HErxXYIIIBABgFzlAtZsWKFmKPPWH8a 5NCAjQZJNPyhwRVztBIxp+cRcxQNMUctyRoWMEfmEHOEFenTp4/cdtttGY7226patWpZx9Af2/XP HKVHzNFurGPahfS4+qO/hkz0+PqnoZTUgI45so1Td22DvR+tu5bXH/fN0TSsH/M1hKHtM0f3EXPU E+tHfQ0ImKPPWPU2R+KxD592q2Ejc6ooKzCQ9mSOFRq0MEcMkQcffDBrCMScDkzOPfdcuf7668Uc NSXH3pKf0pDKkCFDRIMM2QImGsYxpygSc6QSadOmTfIOUh5pQMccjcfy1OCD9o32ub4WNKCkptof +lpQ05tuuskJ6GhoS4NMqa8jPYSWM6fhsspo2RNPPFEeeeQR6+j33nuvmCMaOcfU14Z9TLucltE/ fQ3Yfaht1/CKfTy77/W1q3VNfN1qXW+//fa0gM6gQYPEHGEpKTyiXhoc0deJvej+9LWkwSdziiZ7 ddqtBqB0fxUtGizRvtbXxI8//phxc7W/6qqrrNelvobN6bYybqcrEwM6iZ5qou2xPXVb21Qt1UW9 tD5uFnNkKDFH7RFzxCLR+5kWc0ow6dWrl1Vvc1oqa5PHHnvM+n+CHeBSWw00mdOXyc4775xpN846 czQnueyyy8QceclZZ98xR+GxQlGp4Rx9XgM6hfy/wd53ptso/HvL1C7WIYAAAggggAACCCCAAAII IIAAAggggAACCCCAAAJuBQjouJViOwQQQAABS0BHrnniiSfEnH5H7BCBPjF//nzRH+EXL15sjaqj 4aX99ttPzKl0cgYk3LBqQEVHa5k3b541co4GSDRgoCPpHHrooVawyM1+Mm2j+9Ig0BdffGHtXx9r 8GH33Xe3RuPRsAfL7wLq06NHD7nvvvuclWeddZYViNHRXjTklW3RkaL0NaIBo/HjxyeNUqRlzCmR pF27dtmKJ63XemioSftOwyu6b+2zgw46SBLroQEdDf5oeGv77bdP+tPXb4MGDayQW9LOS/hAw0o6 go2OvKV/GjLSUbHM6dPEnNpNNKSTumiwSkd10kX/PWk78ll0RC4N3ZjTqomGuHSUKQ3mJAap8tmf l2359+ZFj7IIIIAAAggggAACCCCAAAIIIIAAAggggAACCCAQZgECOmHuPeqOAAIIIICAzwI6co1O 12QvOlKNjjCU76LTtGnI65lnnnGK6mgvOjoTCwIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCA AAJREyCgE7UepT0IIIAAAgiUUOD444+Xp59+2jqCjjSkI9gUOsqQTg+lo96sWbPG2t9xxx3n7LuE TWDXCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCPguQEDHd3IOiAACCCCAQHgFdGoke7ql tm3byocffuipMTq1k06Ppsthhx0mb775pqf9URgBBBBAAAEEEEAAAQQQQAABBBBAAAEEEEAAAQQQ QACBIAoQ0Alir1AnBBBAAAEEAirQrVs3eeihh6zaValSRRYuXChNmzYtqLbz5s2T/fbbzyl77rnn Ovt2VnIHAQQQQAABBBBAAAEEEEAAAQQQQAABBBBAAAEEEEAAgQgIENCJQCfSBAQQQAABBPwSePzx x+WUU05xDte5c2eZPn267LDDDs46N3eWL18uJ5xwgrz//vvO5s8884z87W9/cx5zBwEEEEAAAQQQ QAABBBBAAAEEEEAAAQQQQAABBBBAAIGoCBDQiUpP0g4EEEAAAQR8EujRo4dMmDDBOZpOUzV+/Hg5 8sgjRUfVybVs3bpVXnzxRenZs6csXrzY2fTiiy+W0aNHO4+5gwACCCCAAAIIIIAAAggggAACCCCA AAIIIIAAAggggECUBAjoRKk3aQsCCCCAAAI+CGzatEmGDBkiI0aMkC1btjhH3GuvveQf//iHdOzY UXbffXfrzzAMWbJkiRXGeeutt+T++++XRYsWOWW22WYbuffee0WnzmJBAAEEEEAAAQQQQAABBBBA AAEEEEAAAQQQQAABBBBAIKoCBHSi2rO0CwEEEEAAgRILzJkzR0aNGiU67dXGjRvzOlrDhg3l1FNP lb59+0qbNm3yKsvGCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCIRNgICOxx7r3bu36IgA LAggUByBnXbayZr+pjh7Yy8IIOCHwA8//CAvvPCCvPPOO/Luu+/Kt99+Kz/++KP8/PPP1pRXO+yw gzRp0kR23XVXadq0qXTt2lWOPfZYqVGjhh/V4xgIFCSg4bFZs2YVVJZCCCCQLrDtttvKzJkz059g DQIIIIAAAgiEUkBHVf3Pf/4TyrpTaQSCKqDfq+hIwywIIIAAAvkJXHnlldb30/mVYmsEEMgmUKVK FZk7d262p1nvUYCAjkfAv/zlL/xP36MhxRFIFNAf8JcuXZq4ivsIIBBSAR1Vp2rVqgRxQtp/ca/2 cccdJ88++2zcGWg/AkUTqF+/vqxevbpo+2NHCCCAAAIIIFC5AhdccIHcd999lVsJjo5AxAQ2bNgg tWvXjliraA4CCCBQeoEzzzxTpk6dWvoDcQQEYiKgAZ2tW7fGpLX+N5OAjkdzO6BTvXp1admypce9 URyB+AosWLBA1q9fb42wQUAnvq8DWo4AAggERcAO6FSrVk1atWoVlGpRDwRCJ7Bo0SJZu3atENAJ XddRYQQQQAABBHIKJAZ09t9/f2v01JwFeBIBBDIK6PegOgqxLgR0MhKxEgEEEKhQwA7oaKhAz0tY EECgMIElS5ZYF9gR0CnMz20pAjpupbJsZwd0GjVqJCtWrMiyFasRQKAigT//+c/y6quvEtCpCIrn EUAAAQR8EbADOjpFm07jxoIAAoUJnHDCCfLUU08R0CmMj1IIIIAAAggEViAxoKOjp9asWTOwdaVi CARZoGfPnjJ+/HirigR0gtxT1A0BBIIsYAd0atSoIb/++muQq0rdEAi0wDnnnCNTpkyxwveMoFO6 riKg49GWgI5HQIojUC5AQIeXAgIIIIBAkAQI6ASpN6hLmAUI6IS596g7AggggAAC2QUI6GS34RkE 8hEgoJOPFtsigAACmQUI6GR2YS0C+QoQ0MlXrLDtCegU5uaUIqDjUHAHAU8CBHQ88VEYAQQQQKDI AgR0igzK7mIrQEAntl1PwxFAAAEEIi5AQCfiHUzzfBMgoOMbNQdCAIEICxDQiXDn0jRfBQjo+MNN QMejMwEdj4AUR6BcgIAOLwUEEEAAgSAJENAJUm9QlzALENAJc+9RdwQQQAABBLILENDJbsMzCOQj QEAnHy22RQABBDILENDJ7MJaBPIVIKCTr1hh2xPQKczNKUVAx6HgDgKeBAjoeOKjMAIIIIBAkQUI 6BQZlN3FVoCATmy7noYjgAACCERcgIBOxDuY5vkmQEDHN2oOhAACERYgoBPhzqVpvgoQ0PGHm4CO R2cCOh4BKY5AuQABHV4KCCCAAAJBEiCgE6TeoC5hFiCgE+beo+4IIIAAAghkFyCgk92GZxDIR4CA Tj5abIsAAghkFiCgk9mFtQjkK0BAJ1+xwrYnoFOYm1OKgI5DwR0EPAkQ0PHER2EEQiVgGIasXr1a tt9++1DVm8rGS4CATrz6m9aWToCATuls2TMCCCCAAAKVKUBApzL1OXaUBAjoRKk3aQsCCFSWAAGd ypLnuFETIKDjT48S0PHoTEDHIyDFESgXIKDDSwGB+AiMHTtWhgwZInfeeaecccYZ8Wk4LQ2VAAGd UHUXlQ2wAAGdAHcOVUMAAQQQQMCDAAEdD3gURSBBgIBOAgZ3EUAAgQIFCOgUCEcxBFIECOikgJTo IQEdj7AEdDwCUhyBcgECOrwUEIiHwDfffCOtW7eWtWvXWg3WH27vueceadKkSTwAaGVoBAjohKar qGjABQjoBLyDqB4CCCCAAAIFChDQKRCOYgikCBDQSQHhIQIIIFCAAAGdAtAogkAGAQI6GVBKsIqA jkdUAjoeASmOQLkAAR1eCgjEQ2Djxo0yfPhwufnmm+XXX3+1Gl2/fn0ZOXKkXHjhhVKlSpV4QNDK wAsQ0Al8F1HBkAgQ0AlJR1FNBBBAAAEE8hQgoJMnGJsjkEWAgE4WGFYjgAACeQgQ0MkDi00RyCFA QCcHThGfIqDjEZOAjkdAiiNQLkBAh5cCAvES+OSTT6xAznvvvec0/KijjpIJEybIXnvt5azjDgKV JUBAp7LkOW7UBAjoRK1HaQ8CCCCAAAK/CRDQ4ZWAQHEECOgUx5G9IIBAvAUI6MS7/2l98QQI6BTP MteeCOjk0nHxHAEdF0hsgoALAQI6LpDYBIGICWzZskVGjx4t1113nWzYsMFqXZ06deSGG26QAQMG SLVq1SLWYpoTJgECOmHqLeoaZAECOkHuHeqGAAIIIIBA4QIEdAq3oyQCiQIEdBI1uI8AAggUJkBA pzA3SiGQKkBAJ1WkNI8J6Hh0JaDjEZDiCJQLENDhpYBAfAXmz58vZWVlMmPGDAehQ4cOMmnSJGnT po2zjjsI+ClAQMdPbY4VZQECOlHuXdqGAAIIIBBnAQI6ce592l5MAQI6xdRkXwggEG2zWc4AAEAA SURBVFcBAjpx7XnaXWwBAjrFFs28PwI6mV1cryWg45qKDRHIKUBAJycPTyIQeQHDMGTixIkycOBA WbNmjdXemjVryqBBg2Tw4MFSq1atyBvQwGAJENAJVn9Qm/AKENAJb99RcwQQQAABBHIJENDJpcNz CLgXIKDj3ootEUAAgWwCBHSyybAegfwECOjk51Xo1gR0CpUrL0dAxyMgxREoFyCgw0sBAQRUYOnS pdK7d2958sknHZDWrVtb4Z1DDz3UWccdBEotQECn1MLsPy4CBHTi0tO0EwEEEEAgbgIEdOLW47S3 VAIEdEoly34RQCBOAgR04tTbtLWUAgR0Sqn7+74J6PxuUdA9AjoFsVEIgTQBAjppJKxAINYCU6dO lf79+8uKFSssh2rVqkm/fv1k2LBhUrdu3Vjb0Hh/BAjo+OPMUaIvQEAn+n1MCxFAAAEE4ilAQCee /U6riy9AQKf4puwRAQTiJ0BAJ359TotLI0BApzSuqXsloJMqkudjAjp5grE5AlkECOhkgWE1AjEW WLlypQwYMEAmT57sKDRv3lzGjx8vRx99tLOOOwiUQoCATilU2WccBQjoxLHXaTMCCCCAQBwECOjE oZdpox8CBHT8UOYYCCAQdQECOlHvYdrnlwABHX+kCeh4dCag4xGQ4giUCxDQ4aWAAALZBJ577jnp 1auXLF682NqkSpUq0r17dxk1apRsv/322YqxHgFPAgR0PPFRGAFHgICOQ8EdBBBAAAEEIiVAQCdS 3UljKlGAgE4l4nNoBBCIjAABnch0JQ2pZAECOv50AAEdj84EdDwCUhyBcgECOrwUEEAgl8C6devk qquukrFjx8rWrVutTRs3bix33XWXnHzyybmK8hwCBQkQ0CmIjUIIpAkQ0EkjYQUCCCCAAAKRECCg E4lupBEBECCgE4BOoAoIIBB6AQI6oe9CGhAQAQI6/nQEAR2PzgR0PAJSHIFyAQI6vBQQQMCNwMyZ M6WsrEzmzZvnbH7qqafKmDFjZJdddnHWcQcBrwIEdLwKUh6B3wQI6PBKQAABBBBAIJoCBHSi2a+0 yn8BAjr+m3NEBBCIngABnej1KS2qHAECOv64E9Dx6ExAxyMgxREoFyCgw0sBAQTcCvzyyy9yww03 yMiRI2Xz5s1WsYYNG8qtt94q3bp1E50CiwUBrwIEdLwKUh6B3wQI6PBKQAABBBBAIJoCBHSi2a+0 yn8BAjr+m3NEBBCIngABnej1KS2qHAECOv64E9Dx6ExAxyMgxREoFyCgw0sBAQTyFZg7d67ol8J6 ay9dunSRcePGSbNmzexV3CJQkAABnYLYKIRAmgABnTQSViCAAAIIIBAJAQI6kehGGhEAAQI6AegE qoAAAqEXIKAT+i6kAQERIKDjT0cQ0PHoTEDHIyDFESgXIKDDSwEBBAoR0BF0Ro0aJUOHDhUdWUeX evXqyU033SR9+/aVqlWrFrJbyiAgBHR4ESBQHAECOsVxZC8IIIAAAggETYCATtB6hPqEVYCATlh7 jnojgECQBAjoBKk3qEuYBQjo+NN7BHQ8OhPQ8QhIcQTKBQjo8FJAAAEvAvPmzZOysjKZOXOms5vD DjtMJk6cKC1btnTWcQcBtwIEdNxKsR0CuQUI6OT24VkEEEAAAQTCKkBAJ6w9R72DJkBAJ2g9Qn0Q QCCMAgR0wthr1DmIAgR0/OkVAjoenQnoeASkOALlAgR0eCkggIBXga1bt8q9994rgwYNknXr1lm7 q1WrllxzzTVy5ZVXSo0aNbwegvIxEiCgE6POpqklFSCgU1Jedo4AAggggEClCRDQqTR6DhwxAQI6 EetQmoMAApUiQECnUtg5aAQFCOj406kEdDw6E9DxCEhxBMoFCOjwUkAAgWIJLF68WHr16iXPPfec s8u2bdtao+m0b9/eWccdBHIJENDJpcNzCLgXIKDj3ootEUAAAQQQCJMAAZ0w9RZ1DbIAAZ0g9w51 QwCBsAgQ0AlLT1HPoAsQ0PGnhwjoeHQmoOMRkOIIlAsQ0OGlgAACxRaYPHmyDBgwQFauXGntunr1 6nLJJZfI0KFDpXbt2sU+HPuLmAABnYh1KM2pNAECOpVGz4ERQAABBBAoqQABnZLysvMYCRDQiVFn 01QEECiZAAGdktGy45gJENDxp8MJ6Hh0JqDjEZDiCJQLENDhpYAAAqUQWLFihfTv31+mTp3q7L5F ixYyYcIEOeKII5x13EEgVYCATqoIjxEoTICATmFulEIAAQQQQCDoAgR0gt5D1C8sAgR0wtJT1BMB BIIsQEAnyL1D3cIkQEDHn94ioOPRmYCOR0CKI1AuQECHlwICCJRS4Mknn5TevXvL0qVLrcNUqVJF evToIbfccotst912pTw0+w6pAAGdkHYc1Q6cAAGdwHUJFUIAAQQQQKAoAgR0isLIThAQAjq8CBBA AAHvAgR0vBuyBwRUgICOP68DAjoenaMc0DEMQ3799VepVatWXkpbt26VTZs2VVhuy5YtUq1aNVf7 1nrUrFnT1bZsFE4BAjrh7DdqjUCYBNasWSMDBw6UiRMnir7H6bLbbrvJ2LFjpWvXrmFqCnX1QYCA jg/IHCIWAgR0YtHNNBIBBBBAIIYCBHRi2Ok0uSQCBHRKwspOEUAgZgIEdGLW4TS3ZAIEdEpGm7Rj AjpJHPk/iHJAZ+HChdK8eXPRUQa22WYb609DMtWrV7fW2VoayNm8ebNs3LhRfv75ZyvUs++++8oX X3xhb5LxVqcYmT9/vtSpU8f60/1WrVrV2lZ/ONWQj+7vl19+sfb/ww8/yA477JBxX6wMvwABnfD3 IS1AICwCM2bMkLKyMus9yK7zWWedJXfccYc0atTIXsVtzAUI6MT8BUDziyZAQKdolOwIAQQQQACB QAkQ0AlUd1CZEAsQ0Alx51F1BBAIjAABncB0BRUJuQABHX86kICOR+coB3S+//57adasmWzYsCFv pYoCOhrAscM4bndOQMetVDi3I6ATzn6j1giEVUDf26677joZPXq06Ihuuuy4445WSOfss88Oa7Oo dxEFCOgUEZNdxVqAgE6su5/GI4AAAghEWICAToQ7l6b5KkBAx1duDoYAAhEVIKAT0Y6lWb4LENDx h5yAjkfnKAd0lGb58uWyYsUKWbduncybN09GjhyZcWQcnRpEP5g3btxYtt12W2tEHA335Freeecd K/zzwQcfWD+Qfvvtt0mb6w+lAwYMkI4dO1o/mrZp08b1lFhJO+JBKAQI6ISim6gkApETeP/99633 r08++cRpmwYzdNqr3Xff3VnHnfgJxCGgo0E1HSmxdu3arjtYpx3VMjVq1HBdhg3jLUBAJ979T+sR QAABBKIrQEAnc9++/PLL8tJLL1nTKP/hD3/IvFElrQ1C3XS0dB2NvW7duhUq6Kjq+rmjWrVqFW4b 5g0I6IS596g7AggERYCATlB6wn09OC9xb+XnlgR0/NEmoOPROeoBnVSe559/Xv76178mrdbpr1at WmVNgZX0RB4P1qxZIyeffLK8+uqrVqkOHTrIs88+awVz8tgNm4ZYgIBOiDuPqiMQcgENHNx8880y fPhwa7pGbc52220nI0aMEP2iTMMILPETiFJAR78Af/fdd+XJJ58UDUgvW7ZMNBitAWxd9MvxJk2a yOGHH26d55100kkZvwTXMgcddJDstttuogFre9H960iHK1eudP5+/PFH5/4f//jHtPNHuyy30Rcg oBP9PqaFCCCAAALxFCCgk97vej7ctGlT64LEBg0ayJIlS6RevXrpG1bCmsqq22effSaTJ08W/U75 f//7n6xdu9Zqfc2aNa3PFRpi0u/XTz31VKlevboj89FHH8mhhx4qf//73+XRRx911kfxDgGdKPYq bUIAAb8FohjQ0ZlI9HvrWrVq5cWp39Nt2rQpYzl9Tr/rzuf77kLrkavSnJfk0qnc5wjo+ONPQMej c9wCOh9++KH1w0wi2y677GL90JO4rpD7b775pvXDkJadPn266Jf5LPERIKATn76mpQgEVUC/OLzw wgutAINdRw0WTJw4UVq0aGGv4jYmAlEI6OgoiBo+mzJlijUiotuu06lKb7zxRutL8sQP7BrS1i/W dZRDnQrVXt566y3p3Lmz/TDt9v/9v/9nfSmf9kSGFbNmzRI9J9RRGbUPdthhhwxbsSpMAgR0wtRb 1BUBBBBAAAH3AgR00q3uvPNOufjii50n7rvvPunevbvzuDLv+F03Hf3mhhtusEZj37x5c4VN33PP Pa3t9bOD/nioI6rPnj3bCum8/fbbFZYP8wYEdMLce9QdAQSCIhDFgM7ChQulefPmVphGB0rQPw24 aqA18fs6fd/U99qNGzeKjlSnoR79bu+LL75I654jjzxSXn/9dSu8o/vT8I/ur2rVqs62Gsix96f7 1Pd0XacX5xXrezrOSxzuwN0hoONPlxDQ8egct4DOxx9/LG3btk1S23XXXWXp0qVJ6wp5oIlJ/cFH F51Oa5999ilkN5QJqQABnZB2HNVGIGICW7ZskTFjxsg111wjP/30k9U6nf5nyJAhcumllyZd0Rex ptOcFIEwB3R0ZJxRo0bJbbfdJuvXr09qmX7x3aVLF9ErVfW+fgjXD+x6jjdnzhxrNEP90K1L+/bt Zdq0abLHHnvIvffeKxdddJG1Xj+M64dyeylWQEdDQdddd529W9GrjjWw07p1a2cdd8InQEAnfH1G jRFAAAEEEHAjQEAnXUlHm9SLG+1Fz7nfeOMN+2Gl3vpZNx21s1u3bvLll19abdYfAPv06WOF+vV7 5YYNG8rixYvl66+/ln/961/WhZp2iKdv377W5xT9/K2LjqJDQMei4D8IIIAAAjkEohjQ0YvjmjVr Zo3Ml6PpGZ/KFtDREbR1hOxClmIGdDgvKaQH/ClDQMcfZwI6Hp0J6IgUK6CjQ5zWr1/f6hEd8lST oSzxESCgE5++pqUIhEFgwYIF0qNHD9G5cO2lXbt21mg6Bx54oL2K2wgLhDWg88knn8iJJ55oDR+f 2D1HHXWUXH755dZUU4lX2SRuo/f1y3T9UtyewkpHShw9erToDzB2aC01oKNX5+iX73ou98orr1ij 7+jVO/biZgSdDRs2WOeB9hfzdtmzzjrL+tLefsxt+AQI6ISvz6gxAggggAACbgQI6CQrZRp1XLfQ EMpee+2VvLHPj/ysm/7od8ABB1jT3Woz9Ur98ePH5xyVVi/8/Mc//iEvvvhimgwBnTQSViCAAAII ZBCIYkBHm7l8+XJrVGy9GE8HNhg5cmTGkXG6du1qfXenI1Jvu+22UqdOHSvck0qlv73q93i6P33P HjduXMb3X30vv+yyy2Tvvfe29qcj7ej5TLVq1VJ3mfdjzkvyJvO1AAEdn7jNK2RZPAgce+yxeomx 0ahRIw97CU9Rc/5fq73aZvvPDOgUpQFr1qxx9mm+SRRln+wkPAJ/+tOfrP4v1uspPC2npgggEFQB M2BgTJo0ydh+++2d96caNWoYV199tWEO7RnUalOvIgn87W9/s/rdDKMUaY+l382///1vo27dus7r Vc/VzA/lhjlNW14HN0eSMswP6IY5gk3Svuxzv4pMTjvttKRyZkCnwuN//vnnSWXsY5nBogrLRnUD /X+N+QWLYU4rFuomHn/88VbfmkH8ULeDyiOAAAIIIIBAsoAZqHDO38zpD5KfjOEjc2orx8M+l9Vb c3TWStfwq276GfqYY45xHDp06GBs2rTJVfv1M0imepoBHVflw7yReXGQY2ZeuBDmplB3BBBAoNIE zjjjDOv/pfrdbZSX5557znnPsM83zJHqDDN0U1CzzYvt0van+zVHtC5of24KZXq/L8U5E+clbnoj fRv9Hlf7w7zAM/1J1hRNgBF0zFeZl4URdBhBx8vrh7K/CzCCzu8W3EMAgWAJLFu2zBpR5PHHH3cq tt9++1mj6XTu3NlZx51oCYRtBJ0HHnhAunfvntQJOmzta6+9Zl3tkvSEywezZ88WfX/WkXESl9QR dBKf0/uDBg2SESNGOKvdjKCj82ObYbi0YXvND+3WCD7OzmJ0p2XLltZVUXrFcVlZWWhbzgg6oe06 Ko4AAggggEBOAUbQ+Z1Hz2X13DtxGlj72aZNm4qO0Fq1alV7la+3ftbtzjvvFD1/18W8cEDmzp2b c+ScVAjzFw/REQCeffZZ5ylG0HEouIMAAgggkEMgqiPopDY50+gzOvq1fn9d6FKvXj1n1Gx7H6Ua AZDzEls4uLeMoONP3xDQ8ehMQIeAjseXEMXLBQjo8FJAAIGgC0ybNk369etnDS2qddUvWPv06SPD hw8X/SDDEi2BMAV0Xn/9denSpYvoh1x7adiwocycOVNatWplryrodsaMGXL00UdL4pRVFQV0hgwZ IkOHDnWO5yagoxtrqEfDPfaiQ/K+9957ooG4OC46HLEOO0xAJ469T5sRQAABBBAIvgABnd/7SC/m OOWUU35fkXJPp24yR5ZJWevPQz/rplNf6NQZupgjGcijjz6adyO/++472WOPPcQclckqS0Anb0IK IIAAArEUiEtA5+OPP5a2bdsm9bE5K4XodJGFLtttt5015VVieX0/b968eeKqotznvKQojCXdCQGd kvL+vvOijcUT0x0xxZUYxZqSiCmuYvqPqLzZTHEV7/6n9QiERWDlypXG+eefbw3xaJ5NWcM9ml8e hn4KmrD4+1nPsExxNX/+fMMM46QNR2uOnFM0LjOYlrT/iqa4uv7665O2dzPFlV3ZOXPmGP/85z8N 8+pbY+HChfbq2N0uWbLEMTQDOqFuP1Nchbr7qDwCCCCAAAJZBZji6ncanZZUPx+2a9fO0Cla7c+K 9u1ZZ531+8Y+3/Orbp9++mlSu2+99daCW3ruuec6+2KKq4IZKYgAAgjESiAuU1x99NFHznukfZ7h 9Tda8wK5tH2aAZ2SvH44LykJa1F3yhRXReXMujNG0DH/D+ZlYQSd4IygY87RKx988IHolRarVq2y urVZs2ay5557WldeVK9e3bqyfMqUKdK+fXtp06aN667X4eH++9//WinU9evXS/369a30aKdOncSc h8/1fuwN9SoQHfa2Vq1asuOOO9qrnVvzRxn55ZdfrHrXrFnTWR/lO4ygE+XepW0IRE9Ar4Ds2bOn mAECp3HdunWT2267TXTkEpbwC4RlBB17+qBE8UKvVk3cR+J9PffRq2FXrFhhrS7VCDqJx4z7/Ztv vlmuuuoqi4ERdOL+aqD9CCCAAAIIBFOAEXR+65fly5fL7rvvLps3b5a77rpL9Cr08847L6nTttlm G2vqiQYNGiStL/UDP+v21FNPiX42sZd77rlHLrroIvthXrc6imbHjh2tMoygkxcdGyOAAAKxFWAE neCPoMN5STj+eTKCjk/9lDW6wxOuBBhBp/JH0HnuuecMM9xh1KhRIy3laf4zstbtvPPOxjXXXGMc fvjh1mPzA6Or/n3kkUcMM4STNFKCvU+9NT+AG+ZUDIZeJZJtuf/++w19nehVNDrKgjkNilNPcx5q p5heKW2eRCRdBW+Gc4xevXoZZljH2S6qdxhBJ6o9S7sQiK7AunXrjP79+xvmVFfO/9f1/eaxxx6L bqNj1LIwjKDz6quvOq89+/zEDP8aCxYsKHpPDR482DlWKUfQKXrFQ7jDLVu2GOYwwo43I+iEsBOp MgIIIIAAAjEQYASd3zr5lltusc7b9Dz8xx9/NMxwu5HpSvSxY8f6/qrws24TJ050zl/1s4l5QYun 9h5wwAHW/hhBxxMjhRFAAIHYCDCCTuFdnem8pRQj6HBeUngf+VmSEXT80RZ/DhPdoxDQqbyAjnll itG9e/ekD3+dO3c2evToYdx0002GDqV66aWXGvvtt1/SNvohsUuXLjlflPqB2n5Dt3/wMq+AMcyr 6a2pTf74xz8a5og8Sfu94447Mu5Tf7y195F6W7duXauMeZVJUnAndTtzVIaM+47SSgI6UepN2oJA vATefPNNo2XLlkn/rz/ppJMMc+7feEFErLVhCOgcdNBBSa87PX8o1TnDokWLnDAaAZ3Svtg1IJ54 LkhAp7Te7B0BBBBAAAEEChMgoPObW6tWraxzt9NPP92BTLSxz+sOOeQQ53m/7vhZt//7v/9LOoc1 Rx83vv3224Kb2rdvX2t/BHQKJqQgAgggECsB+/c8vZA/ykuYp7jivCQcr0wCOv70EwEdj84EdCov oGNOI+J88DOnqzLefvvtrL2pYR1zKipn+1wBnVdeecVo0qSJs62OjKBXfZjTOiTt//PPP7dG17E/ aOvtqFGjkrbRB48//rhVXkftqVOnjrNf3V4DOua0XNatPtYP6zNnzrRGBErcrzkUbuRH0SGgk/bS YQUCCIRIQEc605HaEkdzM4cvN/Qqwq1bt4aoJVTVFgh6QGfOnDlJ5xT2ecO0adPsJhT99uCDD7aO SUCn6LTODvU8VM/77P7UWwI6Dg93EEAAAQQQQCBAAokhFHMq9wDVzL+qvPvuu8552/PPP+8c+I03 3nDWJ57XffbZZ842pb7jd91mz56d1uZTTjml4M/DEyZMsPano6FHfdGLTe3XyYYNG6LeXNqHAAII lESAgE7hrH6MoMN5SeH943dJAjr+iBPQ8ehMQKdyAjo6HZQddtGQi5vh1hKHWs0W0Jk/f76zX/1g pKGeBx54IOurZNmyZcaOO+7ofIjSMtOnT8+6/Ycffuhcfa7b1q5d29Bwkd5v3bq1sWbNGqts+/bt k/apo/XYz2XdecifIKAT8g6k+gggYAno/+dT/x+u0zDq+wtLuASCHtDRQJiePyT+aUBs7dq1JYPu 16+fdTw/Ajp63qP/bvScr5BFr9Z9+eWXjQcffNC4++67jcmTJxs62lWhgTmdduqHH34w5s2bZ01d kKlOmzZtsp5fvHhxQcd5+umnndB2Yr8S0MmkzToEEEAAAQQQqGwBAjqGNS29nrfphX56vpi47L33 3knn6rrdwIEDEzcp6f1evXpZx/erbhos0dHHE89j9b5esFjIZxQ9n9eR0/U8PuoLAZ2o9zDtQwAB PwQI6BSu7EdAh/OSwvvH75IEdPwRJ6Dj0ZmATuUEdB566CHnA5/bIWL1B5nmzZtb5bIFdOyQiP1h Uj8IVrRoIMfeXm8PO+ywnEV23nnnpO21zE477WQsXLjQKXfVVVclbXPiiSc6z0X1jm2/6667RrWJ tAsBBGIioD/S65y6GsK03x80TKojv+n0jCzhEAh6QMceFtZ+jentUUcdVVLcqVOnWq/pit6rr7/+ eue1r/XSD3bZFv2yXqeE0+lDNays50mJI1HlKptpnzo9VKdOnZJGTkw02n333Y1BgwYZn376aabi 1rqPP/7YOP74461zun322cfQQJKOqGjvJzEwoyHxsrIy48ADDzRq1qzpbKP//vfff39Dh+bXqVOz LV999ZWhwadM05XZx9N967lgpj+d1jXoi1pqW3SaAxYEEEAAAQQQiI5A3AM6GkjRUVP1PGfw4MFp HXvjjTc654b2ed0uu+xi6OfFUi+VVTc9L7bbmnjbtGlTQ89bvUx5VWqzytw/AZ3K1OfYCCAQFQEC OoX3ZKkDOpyXFN43lVGSgI4/6gR0PDoT0KmcgM6VV17pfODTqzNSp5/K1q1XXHGFVS5TQMceOtX+ AFmtWjXXHxw1lGOX09tc023pDz2J2+r91Kmx9MO6rjv11FOtH3m/++67bE2KzHoCOpHpShqCAALl Al9++aVxxBFHJP0/v2PHjjmDAeAFRyDIAZ1Vq1Ylva7s8wqdkrOUy+rVq60fHzQonWvJJ6Dz/fff Z2yL3Sa3AR0Nwdhfxthl9RzxuOOOM84//3wrAKQjEtrP6e0dd9yRsRkvvPBC0naJZfS+BnQ0bKft TJyOqlatWtbV04nTqur2GsTW0XEyLU8++WTOY6UeO/WxXpEc9IWATtB7iPohgAACCCBQmEDcAzr/ +te/nPM4/eyXuixatCgp5G2fxz311FOpmxb9cWXVTdtcr149x8Vus32rofe2bdsavXv3NqZMmWLo 9iyGQUCHVwECCCDgXcD+Tkgv+ory8tFHH6W9z1Z0IV1FHqUO6HBeUlEPBOt5Ajr+9AcBHY/OBHQq J6CT+sNPu3btjPfff7/C3rz//vutN6+TTz45aduffvrJuqrX/sCotzolidvluuuuS3pTvPzyy7MW 3XfffZO21Q+n33zzTdbt4/IEAZ249DTtRCBeAjp627333ps01LeOsjFkyBBj48aN8cIIWWuDHNDR 0V8Sz1ns+3o+EoQl9TwtV8hm/fr11ggyGqLZc88909qVq6zd1ldeecUKxtgOem6lYaXUAPfnn39u ja5jb6e3qSFp3ecXX3xh/Wigx9YvORK31/vjxo0zLrjgAme9fh6YPXu2czW0Bqg0ZJ1YrmHDhhlH 0tEps/T/B4l/qV+MaBA88fnE+3PnzrUZAntLQCewXUPFEEAAAQQQ8CQQ94DOMcccY53vHX744Vkd 9bvFxHNCvZ/6nWTWwh6eqMy6PfDAA2ltTjVIfLzbbrsZZ555phWCL2QqLA9MgSlKQCcwXUFFEEAg xAIEdArvvNTvofR9WkeMLtbCeUmxJP3ZDwEdf5wJ6Hh0JqBTOQGdbFc26w8AOrWBTk3w66+/pvWu jkzz7LPPGsuXL096LnWaKn0D0ulJ3C6vv/560ofPXB+2UwM6pZ6Owm0bKns7AjqV3QMcHwEESimw ZMkSo2vXrknvFTr9zbvvvlvKw7JvDwJBDui8+OKLSa8l+wvuu+66y0OLi1c0n4BO4lG3bNmSNtVT RQGd+fPnG3Xq1HE8dPQa/VEg27Js2TJjxx13dLZXOz0PzLZokG7vvfdO2r5Zs2bWYx0xR887My06 wk7Lli2Tyl122WWZNk1blxoKSpxSK23jEKwgoBOCTqKKCCCAAAIIFCAQ54BO4ug4kyZNyqo3efLk pPNBPffUCzZ0FMlSLUGo24gRI7JOOWt/dsl0qz8Q9unTx9BgfZwWAjpx6m3aigACpRKIc0BHRw1q 3759wX+Z3pOLFdDhvKRUr/jS7ZeATulsE/dMQCdRo4D7BHQqJ6Czbt06Q+dtzvTGYa/TN6WDDjrI 0B9DXn755ZwjFfTt2zdtX9OmTbOmL9AfWCr60zmU7ePqrR4325Ia0Mk12k62fURxPQGdKPYqbUIA gVQBHdKzUaNGznuGTqd46aWXGjqSG0uwBIIc0HnwwQed11Di+cfUqVMDgVhoQEcrf/HFFye1raKA jn3+YDt07969QoPUYLaOUJNrSfzxyT6O3t5+++25ihnDhg1LassBBxyQc3v7SQI6tgS3CCCAAAII IBBkgcRzpLiNDnrjjTda53l169Y19DvKbIt+ztNpVxPPIfX+6NGjsxXxvD4oddPvVVOD8akO2R5r iClX6N4zUsB2QEAnYB1CdRBAIJQCcQ7oZHs/9bK+WAEdzkvC98+JgI4/fUZAx6MzAZ3KCehotz39 9NMZ53LO9qaz8847G3pVi16dnbrYV/ZmK5vv+t133z31EM7j1IBORT/uOAUjfsf+gc3rfJkRZ6J5 CCAQAQG9WvLss89O+pJ2r732MnSaHpbgCAQ5oJPpSlw9V8k2movfql4COqnThuYK6EyYMCHp35EG 3jQ07WbRUE7i+d3bb7+dtdgll1yStK2W088AOoVdruU///lPUrl69erl2tx5joCOQ8EdBBBAAAEE EAiwQFwDOnoOqJ/f9JywW7duFfbQhRdemHROqOUOPPDACssVskHQ6qbT2d5xxx2GnnvrNLSJ599u 7g8dOrQQhtCVIaATui6jwgggEECBOAd0GjRoYEycOLHgv2222SbtPboYAR3OSwL4D8VFlQjouEAq wiYEdDwixi2go1NHpX6A2mmnnTwq/lZcp52y971gwQJX+3zqqaeMxo0bO+Xs8rlu9UPhmjVrkvbf oUOHtH3oCD2tW7fO+69t27bGgAEDkvaf+CA1oPPYY48lPh3b+wR0Ytv1NByB2Apo0FQDnfZ7lk7N o1/erlq1KrYmQWp4kAM6M2fOdF439utHb/XL7yAsXgI6bsvq1cj169dPcvjzn//suvmpQaBcIxrq KFeJznr/mWeeqfBYs2bNSiu3cuXKCssR0KmQiA0QQAABBBBAIAACcQ3ovPHGG8453muvvVZhT2Q6 J9Tzyblz51ZYNt8Nglw3vVBFvwPt16+fFVByE9jRz8gvvPBCvgyh256ATui6jAojgEAABeIc0PF6 0btOMZn6vVcxAjqclwTwH4qLKhHQcYFUhE0I6HhEjFtAJzFEY/8PW69WzjQqTb60H374ofMmkM+P k6tXrzZGjRplTSvl5sOd1lvDIL/++qtTxY4dOzrHttv19ddfO88X805qQEdDRiyG1Sdq7/VkAksE EEAgTAIaGO3Vq5ehXzza7z/6/0EdeYOlcgWCHNBZsmSJ83qxXzd6O3jw4MpFKz+625BNpsq6LZs6 TZW2/5Zbbsm0y4zrXn/99STDk08+OeN2ujJTQGfZsmVZt7ef+OCDD5KOoXV0U46Aji3ILQIIIIAA AggEWSCuAR2dUlXP6/bcc88KR1S0+69FixZp54X9+/e3ny7abZDrltpI/T5XQ++DBg0y9GJHNc30 pxdmrl27NrV4pB4T0IlUd9IYBBCoJAECOoXDlyqgw3lJ4X1SmSUJ6PijX0UPY578shQo8Je//EXM JL80atRIVqxYUeBewlWsTp068vPPPydV2rwKQsx5hZPW5fvA/KFFTjzxRDGHU0vbv9t9mR/uZM6c OWKGfcT8UUTMK8zF/BErY/H77rtPzDcI6znzzVvMqziStnvnnXfEDO4krSvGg/3220/mzZvn7MoM 6EjXrl2dx3G9Y171Lq+++qqYP0rJ0qVL48pAuxFAIKYC5hUFYo6eI1999ZUjcPrpp8udd94p5hSN zjru+Cdw3HHHybPPPis77LCD/PDDD/4d2MWRzCFirfOlTZs2JW2tryFz2qekdZXxYMiQIWIOR+8c 2vxgJ+a0XM7jXHfcljWvvJW77roraVfTpk2zziWTVmZ5oOftes5hLwcddJB1Dmk/Try97LLL5Lbb bnNWmT8SiDmVlvM42x09J23Xrl3S02ZAR8xRGpPWpT5o0qRJ0v7Hjx8vZWVlqZuF5vEJJ5wger5r jngkeq7OggACCCCAAALRELjgggtEv1vTZePGjVKzZs1oNCxHK8wpm0TPBfVWz/PcnqPddNNNad9P 6veo+v1XsdyCXLccpM5T+l3pVVddJU888YSzzr4T9vNhux3Zbnv27CnaRl02bNggtWvXzrYp6xFA AAEEsgiceeaZMnXqVKlRo4aYF+dn2Sr8q81ZTsQMtiY1xOtvatttt52sW7cuaZ/mCDrSvHnzpHX5 POC8JB+tYG17zjnnyJQpU8S8oFj0O2iWEgn4kwOK7lHiNoKO9uT++++fdkXDe++957mTe/fube23 TZs2Fe7rpZdeMo4++mjjxRdfrHBbHTLW/NLA0JF+zH9Gzt8hhxzilL3iiiuc9fY2pZp6ihF0HPak O0xxlcTBAwQQiKGA+UWcoe9H1atXd96TzHCI8dBDD8VQo/KbHOQRdFTHDPw6rxP73OWII44oKZwZ ajF0alM9B8u1uB0FJ9M+3JY9/vjj09pvOxRyq9PNZVtSR9A58sgjs22atJ4RdH7jsPtKpyRjQQAB BBBAAIHoCMRxBJ3777+/qOegZsC8aC+IINctn0amfh7Qc/tDDz00n12EbltG0Aldl1FhBBAIoAAj 6BTeKaUYQYfzksL7o7JLMoKOPz3ACDrmWb6XJY4j6KRe2ax+N9xwg1x77bUFU2qida+99pJvvvlG zB8nZcSIETn3ZV/JbP5AJGZYJ+e29pN6BcZZZ51lXdWj6/RqhJ9++slKAeooSNqXiYsew5w6K3GV q/s6mpDuu169ehm3ZwSdjCzCCDqZXViLAALxE9AR4HQkFB0Nzl70PWrcuHHStGlTexW3JRYI8gg6 2nQ99zK/vE5SMMNdouchDRo0SFpfrAdmMFrMcLqYIR357rvvsu429VyxFCPomEFref/995PqoCPT 6IhH+S7qdtRRR8ntt9+esah93mk/aYaK5ZVXXrEfZr1lBJ3faBhBJ+tLhCcQQAABBBAItUAcR9Ax A/Gio5/q+bA5xVVe/bdo0SLR0RQTF/3M8fTTTyeuKvh+Zddt/vz5cs0118hpp50m5vSxBbdDC559 9tnyyCOPOPvQK7h/+eWXoo025Ow4IHcYQScgHUE1EEAg1AKMoFP4rBSlGEGH85Lw/nNiBB2f+s6f HFB0jxLHEXTMD5RG1apVk64Yad++vadOvvrqq539vfvuuxXuS+dpNv+JWKMM/PjjjxVub29gTofg HEfL62gFumzZssUwf/RMeq5Vq1Z2Mde3s2fPNswPjYY5TULWMoygk5mGEXQyu7AWAQTiKWAGV41h w4YZtWrVct6b9GoGc0of6z0rnir+tjroI+gsXrw47XxMz23+9a9/lQzKnHLNej2aQ+nmPEbqVa96 5YXbxW1ZcxpS59+Gtlv/vv76a7eHyWu71BF09JzFzcIIOr8pMYKOm1cL2yCAAAIIIBA+gbiNoKPn mvqdn553mlN75d1hjz/+eNr5q472bU6dmve+UgsEoW4PPPCA1T4zdJRavbwfm2GfpJFl1dycDjrv /YSlACPohKWnqCcCCARZgBF0Cu+dYo+gw3lJ4X0RhJKMoONPL4g/h4nuUeIY0NHeNK9kSPtQ+dxz zxXU0ebVz86HrvPPP9/VPuyAjn5Au/XWW12V0Y106Fgto3/mnNFJ5UaOHOk8Z29jXsWStE1FD046 6SRrH4cffnjWTQnoZKYhoJPZhbUIIBBvgc8//9zo3Llz0vuTvsfoepbSCgQ9oKOtN0dWSnpt6PmL ecVQyWC6d+9uHa9r1645j+E2ZJNpJ27Lnn766Wltf+eddzLt0vO6oAZ03n77bWP06NHGjBkzPLex lDsgoFNKXfaNAAIIIIBA5QnELaBjjg5jnX/WrVvXWLduXd7wehHGjjvumHYOa44inve+UgsEoW4T Jkyw2rbPPvukVq+gx/b3hPZ3tObIRQXtJwyFCOiEoZeoIwIIBF2AgE7hPVTsgA7nJYX3RRBKEtDx pxcI6Hh0jmtAR0etadKkSdKHSnPqJmP9+vV5iZrDkxqtW7e29mMOD2usXLnSVfnEgE79+vUNc5oF V+US5z3s0qVLUpnNmzcbnTp1SmqThmlWrVqVtF22Bxrmsa+kGTt2bLbNjBYtWiQdY/r06Vm3jdMT 9gfvXXfdNU7Npq0IIIBAhQI6ypuOXGJOnei8f2yzzTbG8OHDDf2Sl6U0AmEI6DzzzDPOa8L+4lpH XSrFSDI66qCec+lxbrvttpzobkM2mXbitqw5JWpa2x977LFMu/S8LqgBHXN6WcugT58+nttYyh0Q 0CmlLvtGAAEEEECg8gTiFNBJHHm7W7duBaNffPHFaeewLVu2LHh/WjAodbMDOjVq1CjK59TE7371 M0gpPuN4gi9iYQI6RcRkVwggEFsBAjqFd30xAzqclxTeD0EpSUDHn54goOPROa4BHWV79dVXk6be 0A9LGrL4+eefXal++umnhk6NZf+g9Oijj7oqpxulfkjTK8jXrl2bs/xPP/1k6FUc9vEmT56ctr1+ 2Eu9mkXbtHr16rRtE1c89dRTRoMGDax9m3MrZp1+ZOvWrYY5n6NTB63LuHHjEncV2/sEdGLb9TQc AQRcCixcuNCwzzvs97IDDzzQ0Gl0WIovEIaAjrb63HPPTTqv0NfGCSecUHQQe8h63b9Od5prcRuy ybQPt2Wff/75tHZfdtllmXZZ4boVK1bkvAqagE6FhDk3IKCTk4cnEUAAAQQQCK1AnAI6L730knPu 6WX0wg8//NDZj/2ZTm+9jAQZlLrZAR1tj07n5XUZOHCgY6UXCuh3qlFdCOhEtWdpFwII+ClAQKdw 7WIGdDgvKbwfglKSgI4/PUFAx6Oz/UNZo0aNPO4pnMX1Q2lq4GT//fc33n333awN2rRpkzFs2DCj Zs2azgctt1Nb2TtNDejohz8d7eaTTz6xN0m6nTNnjvGHP/zBOZ7+6JZtmTdvntG8eXNnW933Hnvs YX241LonLt98841x0UUXOdvuvPPOxuLFixM3MXQbncZL35jKysqcbXW/+qcjxuj0BC+//LLl9vHH HyeVj8sDAjpx6WnaiQACXgU0KNGwYUPn/aR69erGlVde6Tog6/X4cSkfloDOmjVrrPMU+7zCvi10 6tFM/fvVV185QeSTTz450yZJ69yGbJIKlT9wWzbxihy7za1atcq0y5zrZs+ebY2AeNBBB2Xdzu+A Tuoolffee2/Gul1++eXW/wf69u2b8fmgrCSgE5SeoB4IIIAAAggUVyBOAZ2zzz7bOu/S7wu9BkX0 vNM+f7Vve/bsWXDnBKVuiQEd/b7c6/LXv/7VcdKLIaO8ENCJcu/SNgQQ8EuAgE7h0sUM6HBeUng/ BKUkAR1/eoKAjkfnuAd0lO+jjz4yOnbs6Hxosj9caiDm5ptvNp544gnj2WefNf75z38ap556qrHb brslbavzEeb74TYxoLPDDjsY1apVc/ap+z/ppJMM/TFF3wwOOeQQZ+oprZv22bJly3L2vD5/3nnn Je1Xy2oQS0fr0Tf7gw8+2DmmPqfrly9fnrbfxLraNrludS7rOC4EdOLY67QZAQQKFdD3m9NOOy3p fUhHiXvjjTcK3SXlUgTCEtDRar/22mtG1apVk14POrKfBpS9LuvWrXOmI9Xh6r/88ssKd+k2ZJNp R/mUHTlyZFKb9fxKpxzNZ9FzRi13+OGHZy3md0Cnbdu2Se3S8+lMy+mnn25td8MNN2R6OjDrCOgE piuoCAIIIIAAAkUViEtA5/vvvzd0imE9Z9RzVa+LTl+c+r2gjhCjU8rmuwSpbokBHW3fiBEj8m2O s72Okp54UYpObxvlhYBOlHuXtiGAgF8CBHQKly5WQIfzksL7IEglCej40xsEdDw6E9D5HfCZZ55J mrIq9cNm6uMOHToYb7755u87yOOefcWwhmT0yvFZs2YZnTt3TvuAm3jMvfbay3jsscfyOIph6Gg6 55xzTtJoP4n71PtNmzY19MN1tpDR2LFjDf1BSz9sN27c2BqdZ++99zZatGhh/Wm9dB8a/qlTp45R r169vOoYlY0J6ESlJ2kHAgj4KaAhWB2JzX5v0pCGjuym740s3gTCFNDRlk6bNi1t6lGdtjPb6IJu dPTcRkfMsV9fbr9k1/C1XUZvzzrrLDeHs7ZJLath62zL5s2bjU6dOiUdS0dUXLVqVbYiSes1zFOl ShWrvJ6vZVsGDBiQdIwjjzwy26ZJ63UExUQHvb906dKkbTI9sENDdln9kinT0rp1a2v/U6ZMyfR0 YNYR0AlMV1ARBBBAAAEEiioQl4BOYlj77bff9mz4ww8/ZPyecfLkyXnvO0h1Sw3o6Hl2IW1ShH79 +jnn0Xphpk5JG+WFgE6Ue5e2IYCAXwJxCejMnTvXeY+0vzfaZZddPDHroAH2vuzbr7/+Ou99cl6S N1kgCxDQ8adbCOh4dCagkw74/PPPG0OGDLFGmdErgGvXrm39+KEBFB3G9ZJLLjFmzpyZNdCSvsf0 NXr1tv5ItHLlyqQn9U3jySefNO666y5rGq2HH37Yml5Kr7zwsujUVhrWmT59uqFXa99yyy2G/hii P7xkC+Z4OV4cyxLQiWOv02YEECiGgIYRLrjgAidooB+kdt99d0ODsyyFC4QtoKMt1RGUdOQc+8O0 3mr49/bbbzd0Sqh8ls8//9zo2rWrsy8dWdDtcuGFFzrltA5HHXWU26JGalkd2j7Xoud+GkRKbLOe U6xevTpXMeOpp55yrHTI/Fw+Z555ZtL+99tvv5z7tp/Uc9LEeun9Dz74wH46662e4yaW06uH9Sqk xOX11193tvnss88SnwrcfQI6gesSKoQAAggggEBRBKIe0NHzwzFjxjjnXHp+pmHyYiyZprnSixA1 gO5mCWLdUgM66qUXLOqFBPksr7zyStLooPrdbtQXAjpR72HahwACfgjEJaCjF5slfmek92vVqmX8 9NNPBTHr98qp+9PH+r2T24XzErdS4diOgI4//VRFD2P+Y2MpUMCc1kheeOEFMcMnYqb5C9xLtIvp S8z8H7RUr1492g2ldZ4E/vznP8urr74q5kgQYl5d7mlfFEYAAQTiKGB+kSnmF3vyv//9z2m+eUIt o0ePFjPA4KzjjjuB4447TswpOsW8YlPMq1zdFQrAVmZYQ0455RQxg8VJtTGn/BRzBEI58cQTxfyi POm5xAdmEETMoLWMHz9ezB8IrKf0dWWGn7OWM4fjly+++EJ++eUXMac+tY6j6+zFHNlJbrzxRjGn PxUzMCR77rmnbL/99tbTFZXV80dzmlTR+mvZdu3aiXk1rr1r69YMboueky9YsMBZv8cee4gZTBIz HJJ0DqrnGDfddJOYI+ZY2+68885iBq7FDLU5Zc1pvUT3qe0xAzUycOBA+fXXX53n9c6VV15pHdMc Btgqu9NOO1nPmyMWyc8//yyLFy+WYcOGWR6JBf/4xz+KeUWRdb6jZc2wT+LT1n0zWC5afzNk5Dxn TmclEydOFC2j++7SpYvVx2aQTMwwnrNdEO+ccMIJYgaixBxNMqlNQawrdUIAAQQQQAAB9wLmRQJy 3333WQU2btwoNWvWdF84oFsuWbJE3n33XTFD4PLoo4+mnctptc2phq2/jh07ijkitquWLFu2THTf 3377rfUZQ8/rMn0lbwbNpXv37tZ+zRG2ZbfddhP7PDPIdVMEbVNZWVlGDzOQJOY0VZZbtWrVMm6j nz30/Fn/9HtkXcywvuWVsUCEVvbs2dP6/KVN0s9H5sWuEWodTUEAAQT8ETAvrpKpU6da312lfofj Tw2KfxRth3kBneh5ln5Xpd+96fe8ep6Suuj3RHoOYY6mY313ZI6Kk/E7J3PQA1m4cKG1P/2OzAzY ihnGSd2dtGzZUi6++GIxZwOx9meGgGT//fcX+32c85I0ssisMGeVEXOACuv7V3OAisi0K3AN0YAO S+ECjKBTuB0lEUgUYASdRA3uI4AAAoUJrF+/3hqpzvyw5Fz9YH6hazzyyCOF7TDGpcI4go7dXXrl rV5pqtM9mR8+kv502Ntu3boZ48aNM2bMmGGNamj+sGJcdtllhhlyMRLnndYhbnVUwooWnbI09Ti5 Hj/00EPOLvMta3454ZRNvGP+6GHoKD+Jr32tg47gqO3SK6n0quTEeun65cuXJ+7Gum+G75O2SyyT 6X7i1F+po/lk2t5ed8ABB6Qd216hozaaP3Il1UNHpTz00EOdPtL+cTMij73PyrplBJ3Kkue4CCCA AAIIlFYgiiPoDB48OOn8yz5vy3RrBrZdA+ez38RjmUF15xj57MPvumklE0fQ6dChg6FTcLRp0ybJ s3nz5oaOFqPt0s+o+nnk/vvvN/r27Wu0atUqadtevXoVPBqAgxaSO4ygE5KOopoIIBBogSiOoGNe iJb03ph4jlDRff1OMNOS+t5c0X4Sn9dpOu2F8xJbInq3jKDjT58ygo75fxcvi16tywg6XgQpi8Bv AoygwysBAQQQKJ6AXvWpV7TqaCr2oiOJ6KghTZo0sVdxm0MgrCPoJDZJrzzVK3/1KlS9ysbtoiPs 6Ovn+uuvt668qajcW2+95YyOo6Pc6BWfOvKNjpxjfqSxroDVUWXM4XbFnDbUGjGvU6dO1m5Ty2p5 Lauj5OhVGnolrV4xpGX1aiG9aijXCEA68o2O1vPYY4+ljXpjt0OvdNbRhMwfAtJG49FtXnzxRetq Xa2LXnGk7dErhLRO2h6tl46uo1e3ar10RB69IlgXc7osa0QeLat/Wld10EXLafu1jJbV0YzMHyas 5zL9Z9asWWIGp+S9995Le1pHHNRRaczQUdpzQVvBCDpB6xHqgwACCCCAQHEEojiCztVXXy3m1Pai o9foeaCOCmSf0+q5nJ6L2udyesW5GXx3hTl58mTrqvZtttnGOrfUq9DtfdujQ9rnzXoMPVfUPx0J QM8ZdQly3bR+9gg6ei6vo1CaYXTL684777Q+hyaOdqnbZ1saN24skyZNss7Hs20TtfWMoBO1HqU9 CCBQGQJRHEFHR1Zu3bq1mNNQOecPeg6h31HZ3zWptf19k55D6PdV+h2cfq/5+OOPp3WFjs6nI4Un npPY3+HZG+v+9DvFxP3pyDz//e9/rXrodpyX2FrRu2UEHX/6lICOR2cCOh4BKY5AuQABHV4KCCCA QHEFNNQwfPhwa3ogva+LTjFzyy23WEOP218EF/eo0dlbFAI6dm/oB2sNe8ycOdP602nQ9MO4ftDX 14FOgaaBD51uScMUOpR8gwYN7OKhvNVgj7ZTg0ka2tEfPDScts8++2ScJivIjdT6a5Dpu+++E/0i RsNNGszJFVQKUnsI6ASpN6gLAggggAACxROIYkCneDrx29PLL79sTQGrU8FqgD1x0c8jGoLXqe01 fK7n6PpZRH/406CS/uhnjqAjf//738UcAcGZDjdxH1G+T0Anyr1L2xBAwC+BKAZ0/LKL4nE4Lym8 VwnoFG6XT0kCOvloZdiWgE4GFFYhUIAAAZ0C0CiCAAIIuBD49NNPrdFQEkfhOPLII605hnUeYZbM AlEK6GRuoVhXw+hzeuUNCwKlEiCgUypZ9osAAggggEDlChDQqVz/IB5dQ/J6Fb7bRUeXtEfPdFsm itsR0Ilir9ImBBDwW4CAjt/iwT8e5yWF9REBncLc8i1FQCdfsZTtCeikgPAQgQIFCOgUCEcxBBBA wIWADkt6xx13yLXXXmsNla5FdPqdoUOHyiWXXEJAI4NhHAI6GZrNKgSKLkBAp+ik7BABBBBAAIFA CBDQCUQ3UIkICBDQiUAn0gQEEKh0AQI6ld4FVCAiAgR0/OlIAjoenQnoeASkOALlAgR0eCkggAAC pReYP3++9OjRwxpa3D5ahw4dZOLEiXLAAQfYq7g1BQjo8DJAoDgCBHSK48heEEAAAQQQCJoAAZ2g 9Qj1CasAAZ2w9hz1RgCBIAkQ0AlSb1CXMAsQ0PGn9wjoeHQmoOMRkOIIlAsQ0OGlgAACCPgjYBiG TJo0SQYOHCirV6+2DlqjRg0ZNGiQXH311VKrVi1/KhLwoxDQCXgHUb3QCBDQCU1XUVEEEEAAAQTy EiCgkxcXGyOQVYCATlYankAAAQRcCxDQcU3FhgjkFCCgk5OnaE8S0PFISUDHIyDFESgXIKDDSwEB BBDwV+Dbb7+V3r17y/Tp050Dt2rVyhpNp1OnTs66uN4hoBPXnqfdxRYgoFNsUfaHAAIIIIBAMAQI 6ASjH6hF+AUI6IS/D2kBAghUvgABncrvA2oQDQECOv70IwEdj84EdDwCUhyBcgECOrwUEEAAgcoR eOyxx6R///7y3XffWRWoWrWq9OvXT2666SapW7du5VQqAEcloBOATqAKkRAgoBOJbqQRCCCAAAII pAkQ0EkjYQUCBQkQ0CmIjUIIIIBAkgABnSQOHiBQsAABnYLp8ipIQCcvrvSNCeikm7AGgUIECOgU okYZBBBAoDgCK1eulEsuuUQefvhhZ4fNmzeXcePGyTHHHOOsi9MdAjpx6m3aWkoBAjql1GXfCCCA AAIIVJ4AAZ3Ks+fI0RIgoBOt/qQ1CCBQOQIEdCrHnaNGT4CAjj99SkDHozMBHY+AFEegXICADi8F BBBAoPIFnn/+eenVq5csWrTIqkyVKlXk/PPPl1tvvVW23377yq+gjzUgoOMjNoeKtAABnUh3L41D AAEEEIixAAGdGHc+TS+qAAGdonKyMwQQiKkAAZ2E6fAhAABAAElEQVSYdjzNLroAAZ2ik2bcIQGd jCzuVxLQcW/FlgjkEiCgk0uH5xBAAAH/BNatWyeDBw+We+65R7Zu3WodeJdddpG77rpLTjnlFP8q UslHIqBTyR3A4SMjQEAnMl1JQxBAAAEEEEgSIKCTxMEDBAoWIKBTMB0FEUAAAUeAgI5DwR0EPAkQ 0PHE57owAR3XVJk3JKCT2YW1COQrQEAnXzG2RwABBEorMGvWLCkrK5MvvvjCOZAGdDSoo4GdqC8E dKLew7TPLwECOn5JcxwEEEAAAQT8FSCg4683R4uuAAGd6PYtLUMAAf8ECOj4Z82Roi1AQMef/iWg 49GZgI5HQIojUC5AQIeXAgIIIBA8gV9++UVuvPFGGTlypGzatMmqoE51pVNe6dRXOgVWVBcCOlHt WdrltwABHb/FOR4CCCCAAAL+CBDQ8ceZo0RfgIBO9PuYFiKAQOkFCOiU3pgjxEOAgI4//UxAx6Mz AR2PgBRHoFyAgA4vBQQQQCC4Ah9++KHoF/Bz5sxxKnnMMcfI+PHjpVmzZs66KN0hoBOl3qQtlSlA QKcy9Tk2AggggAACpRMgoFM6W/YcLwECOvHqb1qLAAKlESCgUxpX9ho/AQI6/vQ5AR2PzgR0PAJS HIFyAQI6vBQQQACBYAts3rzZGjlnyJAhoiPr6FKvXj0ZNmyY9OvXT6pWrRrsBuRZOwI6eYKxOQJZ BAjoZIFhNQIIIIAAAiEXIKAT8g6k+oERIKATmK6gIgggEGIBAjoh7jyqHigBAjr+dAcBHY/OBHQ8 AlIcgXIBAjq8FBBAAIFwCHz55ZdSVlYmb7zxhlPhTp06ycSJE6VVq1bOurDfIaAT9h6k/kERIKAT lJ6gHggggAACCBRXgIBOcT3ZW3wFCOjEt+9pOQIIFE+AgE7xLNlTvAUI6PjT/wR0PDoT0PEISHEE ygUI6PBSQAABBMIjsHXrVhk3bpwMGjRI1q5da1W8Vq1acvXVV1vratSoEZ7GZKkpAZ0sMKxGIE8B Ajp5grE5AggggAACIREgoBOSjqKagRcgoBP4LqKCCCAQAgECOiHoJKoYCgECOv50EwEdj84EdDwC UhyBcgECOrwUEEAAgfAJLFmyRHr16iXPPvusU/kDDjhAJk2aJO3bt3fWhfEOAZ0w9hp1DqIAAZ0g 9gp1QgABBBBAwLsAAR3vhuwBARUgoMPrAAEEEPAuQEDHuyF7QEAFCOj48zogoOPRmYCOR0CKI1Au QECHlwICCCAQXoEpU6bIgAED5IcffrAaUa1aNbnkkktk6NChUqdOnVA2jIBOKLuNSgdQgIBOADuF KiGAAAIIIFAEAQI6RUBkFwiYAgR0eBkggAAC3gUI6Hg3ZA8IqAABHX9eBwR0PDoT0PEISHEEygUI 6PBSQAABBMIt8P3330v//v3l0UcfdRqy9957y4QJE+TII4901oXlDgGdsPQU9Qy6AAGdoPcQ9UMA AQQQQKAwAQI6hblRCoFUAQI6qSI8RgABBPIXIKCTvxklEMgkQEAnk0rx1xHQ8WhKQMcjIMURKBcg oMNLAQEEEIiGwFNPPSUXXXSRLF261GpQlSpVpKysTG655RapX79+aBpJQCc0XUVFAy5AQCfgHUT1 EEAAAQQQKFCAgE6BcBRDIEWAgE4KCA8RQACBAgQI6BSARhEEMggQ0MmAUoJVBHQ8ohLQ8QhIcQTK BQjo8FJAAAEEoiOwZcsWGT16tFx33XWyYcMGq2E61dUNN9xgTYWlU2AFfSGgE/Qeon5hESCgE5ae op4IIIAAAgjkJ0BAJz8vtkYgmwABnWwyrEcAAQTcCxDQcW/FlgjkEiCgk0uneM8R0PFoSUDHIyDF ESgXIKDDSwEBBBCInsD8+fOt0XNmzJjhNO6QQw6RiRMnSps2bZx1QbxDQCeIvUKdwihAQCeMvUad EUAAAQQQqFiAgE7FRmyBgBsBAjpulNgGAQQQyC1AQCe3D88i4FaAgI5bKW/bEdDx5icEdDwCUhyB cgECOrwUEEAAgWgKGIZhBXIGDhwoa9assRpZs2ZNGTRokFx99dWi94O4ENAJYq9QpzAKENAJY69R ZwQQQAABBCoWIKBTsRFbIOBGgICOGyW2QQABBHILENDJ7cOzCLgVIKDjVsrbdgR0vPkR0PHoR3EE bAECOrYEtwgggEA0BZYuXSq9e/eWJ5980mlg69atrfDOoYce6qwLyh0COkHpCeoRdgECOmHvQeqP AAIIIIBAZgECOpldWItAvgIEdPIVY3sEEEAgXYCATroJaxAoRICATiFq+ZchoJO/WVIJRtBJ4uAB AgULENApmI6CCCCAQKgEpk6dKv3795cVK1ZY9a5WrZr069dPhg0bJnXr1g1MWwjoBKYrqEjIBQjo hLwDqT4CCCCAAAJZBAjoZIFhNQJ5ChDQyROMzRFAAIEMAgR0MqCwCoECBAjoFIBWQBECOgWgJRYh oJOowX0EChcgoFO4HSURQACBsAmsXLlSBgwYIJMnT3aq3rx5cxk/frwcffTRzrrKvENApzL1OXaU BAjoRKk3aQsCCCCAAAK/CxDQ+d2Cewh4ESCg40WPsggggMBvAgR0eCUgUBwBAjrFcaxoLwR0KhKq 4HkCOhUA8TQCLgUI6LiEYjMEEEAgQgLPPfec9OrVSxYvXmy1qkqVKtK9e3cZNWqUbL/99pXaUgI6 lcrPwSMkQEAnQp1JUxBAAAEEEEgQIKCTgMFdBDwIENDxgEdRBBBAoFyAgA4vBQSKI0BApziOFe2F gE5FQhU8T0CnAiCeRsClAAEdl1BshgACCERMYN26dTJo0CC59957ZevWrVbrGjduLHfffbecdNJJ ldZaAjqVRs+BIyZAQCdiHUpzEEAAAQQQKBcgoMNLAYHiCBDQKY4je0EAgXgLENCJd//T+uIJENAp nmWuPRHQyaXj4jkCOi6Q2AQBFwIEdFwgsQkCCCAQYYGZM2dKWVmZzJs3z2nlqaeeKmPGjJFddtnF WefXHQI6fklznKgLENCJeg/TPgQQQACBuAoQ0Ilrz9PuYgsQ0Cm2KPtDAIE4ChDQiWOv0+ZSCBDQ KYVq+j4J6KSb5LWGgE5eXGyMQFYBAjpZaXgCAQQQiI3AL7/8IkOHDrWmuNq8ebPV7oYNG8ptt90m 3bp189WBgI6v3BwswgIEdCLcuTQNAQQQQCDWAgR0Yt39NL6IAgR0iojJrhBAILYCBHRi2/U0vMgC BHSKDJpldwR0ssC4XU1Ax60U2yGQW4CATm4fnkUAAQTiJDB37lzRL/z11l66dOki48aNk2bNmtmr SnpLQKekvOw8RgIEdGLU2TQVAQQQQCBWAgR0YtXdNLaEAgR0SojLrhFAIDYCBHRi09U0tMQCBHRK DFy+ewI6Hp0J6HgEpDgC5QIEdHgpIIAAAggkCugIOiNHjpQbbrhBdGQdXerVqyfDhw+XPn36SNWq VRM3L/p9AjpFJ2WHMRUgoBPTjqfZCCCAAAKRFyCgE/kupoE+CRDQ8QmawyCAQKQFCOhEuntpnI8C BHT8wSag49GZgI5HQIojUC5AQIeXAgIIIIBAJoF58+bJhRdeKLNmzXKePuyww2TixInSsmVLZ12x 7xDQKbYo+4urAAGduPY87UYAAQQQiLoAAZ2o9zDt80uAgI5f0hwHAQSiLEBAJ8q9S9v8FCCg4482 AR2PzgR0PAJSHIFyAQI6vBQQQAABBLIJbN26VcaOHStXXXWVrFu3ztqsVq1acu2118oVV1whNWrU yFa04PUEdAqmoyACSQIEdJI4eIAAAggggEBkBAjoRKYraUglCxDQqeQO4PAIIBAJAQI6kehGGhEA AQI6/nQCAR2PznZAR6dc0CkYWBBAoDAB/eH1q6++kl133VWWLl1a2E4ohQACCCAQaYHFixdLr169 5LnnnnPa2bZtW5k0aZK0a9fOWVeMO3ZAp06dOjJs2LBi7JJ9FElg06ZN1p6qVKki1atXL9Je2U2p BPTf52effSb169eX1atXl+ow7BcBBBBAAAEEfBZIDOjo1LTVqlXzuQYcDoFoCPz73/+Wt99+22rM hg0bpHbt2tFoGK1AAAEEfBSwAzp6PqLnJSwIIFCYwJQpU+SDDz4Q/d5VL5plKY0AAR2PrnZAx+Nu KI4AAuUCBHR4KSCAAAIIVCTw8MMPyyWXXCIrV660NtWQxqWXXipDhgwp2peZdkCnorrwPAIIuBMg oOPOia0QQAABBBAIi0BiQCcsdaaeCARdgIBO0HuI+iGAQFAF7IBOUOtHvRAImwABndL2GAEdj74E dDwCUhyBFAECOikgPEQAAQQQyCiwYsUK6d+/v0ydOtV5vkWLFjJhwgQ54ogjnHWF3iGgU6gc5RDI LEBAJ7MLaxFAAAEEEAirAAGdsPYc9Q6yAAGdIPcOdUMAgSALENAJcu9QtzAKENApba8R0PHo+/XX X8vatWs97oXipRTQIfXPO+886xBXXHGFnHHGGaU8HPv2KFCjRg1p06aNx71QHAEEEEAgLgLTp0+X Pn36ONMj6oeHnj17yogRI2S77bYrmGH+/PmyZs2agstTsDQC69evdwJYXbt2laFDh5bmQOy16AI6 zLROSceCAAIIIIAAAtEQWLRokTOiZTRaFN5WDBgwQGbOnCnbbrutvPbaa+FtCDWXAw88UKpWrYoE AggggECeAgsWLJBVq1blWYrN/RTQc8eTTz7ZOuRFF10kF154oZ+H51gFCBx88MEFlKKIGwECOm6U 2CbUAu+995507NjRasOYMWOkb9++oW4PlUcAAQQQQACBZAEN0gwcOFAmTpwohmFYT+62224yduxY 0RAHS3QENBivI7Ho0q1bN3nggQes+/wHAQQQQAABBBBAAIG4Chx//PHy9NNPS4MGDfhxMq4vAtqN AAIIIIBAwAW+/PJL2Xfffa1a3njjjXLNNdcEvMZUD4HSCRDQKZ0tew6IAAGdgHQE1UAAAQQQQKDE AjNmzJCysjLR0W/s5ayzzpI77rhDGjVqZK/iNsQCBHRC3HlUHQEEEEAAAQQQQKAkAgR0SsLKThFA AAEEEECgiAIEdIqIya5CL0BAJ/RdSAMqEiCgU5EQzyOAAAIIIBAdgQ0bNsh1110no0ePli1btlgN 03COPj777LOj09CYtoSATkw7nmYjgAACCCCAAAIIZBUgoJOVhicQQAABBBBAICACBHQC0hFUIxAC BHQC0Q1UopQCBHRKqcu+EUAAAQQQCKaAvv/rXMaffPKJU0Gd7kqnvdLpr1jCKUBAJ5z9Rq0RQAAB BBBAAAEESidAQKd0tuwZAQQQQAABBIojQECnOI7sJRoCBHSi0Y+0IocAAZ0cODyFAAIIIIBAhAV+ /fVXufnmm+Wmm24Sva/LdtttJyNGjJCePXtKlSpVItz6aDaNgE40+5VWIYAAAggggAACCBQuQECn cDtKIoAAAggggIA/AgR0/HHmKOEQIKATjn6ilh4ECOh4wKMoAggggAACERD47LPPrNF03nnnHac1 RxxxhEyYMEFatGjhrONO8AUI6AS/j6ghAggggAACCCCAgL8CBHT89eZoCCCAAAIIIJC/AAGd/M0o EV0BAjrR7VtaVi5AQIeXAgIIIIAAAghs2bJFxowZI9dcc4389NNPFkjt2rVlyJAhcumll0r16tVB CoEAAZ0QdBJVRAABBBBAAAEEEPBVgICOr9wcDAEEEEAAAQQKECCgUwAaRSIrQEAnsl1Lw2wBAjq2 BLcIIIAAAgggsGDBAunRo4e8/PLLDka7du1k0qRJ0rZtW2cdd4IpQEAnmP1CrRBAAAEEEEAAAQQq T4CATuXZc2QEEEAAAQQQcCdAQMedE1vFQ4CATjz6OdatJKAT6+6n8QgggAACCKQJGIYh999/v1x+ +eWyatUq6/kaNWrIFVdcIddee63UqlUrrQwrgiGQGNA577zz5MEHHwxGxagFAggggAACCCCAAAKV JEBAp5LgOSwCCCCAAAIIuBYgoOOaig1jIEBAJwadHPcmEtCJ+yuA9iOAAAIIIJBZYNmyZdKnTx95 4oknnA1atmwpEyZMkM6dOzvruBMcAQI6wekLaoIAAggggAACCCAQDAECOsHoB2qBAAIIIIAAAtkF COhkt+GZ+AkQ0Ilfn8euxQR0YtflNBgBBBBAAIG8BKZNmyb9+vWT5cuXW+WqVq1qBXeGDx8u9erV y2tfbFxaAQI6pfVl7wgggAACCCCAAALhEyCgE74+o8YIIIAAAgjETYCATtx6nPbmEiCgk0uH5yIh QEAnEt1IIxBAAAEEECipwI8//iiXXnpp0pRJe+yxh4wbN06OPfbYkh6bnbsXIKDj3ootEUAAAQQQ QAABBOIhQEAnHv1MKxFAAAEEEAizAAGdMPcedS+2AAGdYouyv8AJENAJXJdQIQQQQAABBAIr8OKL L0rPnj1l4cKFTh27desmt912mzRs2NBZx53KESCgUznuHBUBBBBAAAEEEEAguAIEdILbN9QMAQQQ QAABBH4TIKDDKwGB3wUI6Pxuwb2IChDQiWjH0iwEEEAAAQRKJLB+/XoZPHiw3H333bJ161brKDvv vLOMGTNGTjvttBIdld26ESCg40aJbRBAAAEEEEAAAQTiJEBAJ069TVsRQAABBBAIpwABnXD2G7Uu jQABndK4stcACRDQCVBnUBUEEEAAAQRCJPDWW2/JhRdeKJ9//rlT65NOOskK7jRu3NhZxx3/BAjo +GfNkRBAAAEEEEAAAQTCIUBAJxz9RC0RQAABBBCIswABnTj3Pm1PFSCgkyrC48gJENCJXJfSIAQQ QAABBHwT2LhxowwbNkxGjBghmzZtso7boEEDGTVqlPzjH/+QKlWq+FYXDiRCQIdXAQIIIIAAAggg gAACyQIEdJI9eIQAAggggAACwRMgoBO8PqFGlSdAQKfy7DmyTwIEdHyC5jAIIIAAAghEWOCjjz6y RtOZPXu208qjjz5axo0bJ3vuuaezjjulFSCgU1pf9o4AAggggAACCCAQPgECOuHrM2qMAAIIIIBA 3AQI6MStx2lvLgECOrl0eC4SAgR0ItGNNAIBBBBAAIFKF9i8ebPcfvvtcv3118vPP/9s1adu3bpy 4403Sv/+/aVatWqVXseoV4CATtR7mPYhgAACCCCAAAII5CtAQCdfMbZHAAEEEEAAAb8FCOj4Lc7x gixAQCfIvUPdiiJAQKcojOwEAQQQQAABBMoFvvrqKykrK5PXX3/dMenY8f+zdyfwMtXx/8c/1mSJ UpYka0iyJi32kvVHe1mKlLQoFRWKLIUWFEVpFZVKEipptVQqEi2IEJKdJDvzn8/3/zvnNzN35t6Z e2c558zrPB63OXPmnO/y/M7MlfP2/TaQl19+Wc455xz7GDvxFyCgE39TSkQAAQQQQAABBBBwtwAB HXePH61HAAEEEEAgHQQI6KTDKNPHaAUI6EQrxXmuFSCg49qho+EIIIAAAgg4VsDn88nEiRPlgQce EA2N6JY/f34ZMGCA9O/f3+w7tvEubhgBHRcPHk1HAAEEEEAAAQQQSIgAAZ2EsFIoAggggAACCMRR gIBOHDEpyvUCBHRcP4R0ICsBAjpZCfE6AggggAACCGRXYNOmTXL77bfL7Nmz7SLOPfdceemll+T8 88+3j7ETHwECOvFxpBQEEEAAAQQQQAAB7wgQ0PHOWNITBBBAAAEEvCpAQMerI0u/siNAQCc7alzj KgECOq4aLhqLAAIIIICAKwXeeust6d27t2zfvt20P0+ePOb5sGHDpGDBgq7skxMbTUDHiaNCmxBA AAEEEEAAAQRSKUBAJ5X61I0AAggggAAC0QgQ0IlGiXPSRYCATrqMdBr3k4BOGg8+XUcAAQQQQCCJ AhrOueeee+TNN9+0a61UqZJZCqt58+b2MXayLxAa0HnhhRfk2LFjJgSVK1eu7BfMlQgggAACCCCA AAIIuFSAgI5LB45mI4AAAgggkEYCBHTSaLDpapYCBHSyJOIEtwsQ0HH7CNJ+BBBAAAEE3CXw4Ycf ym233Sa6/JVuGhy5+eab5cknn5RixYq5qzMpau3Bgwdl8+bN9s9ff/1l9tevXy/Tpk0zrcqbN68c PXrU7OfPn19Kly4tp59+uvkpU6ZM0KMe12NFihRJUY+oFgEEEEAAAQQQQACBxAgQ0EmMK6UigAAC CCCAQPwECOjEz5KS3C9AQMf9Y0gPshAgoJMFEC8jgAACCCCAQNwFdKaXBx98UHSGF5/PZ8rXkMj4 8eOlQ4cOca/P7QX++++/snDhQvnqq69k3rx5snjxYjMzTrz7Va1aNWnatKk0adLEPJYqVSreVVAe AggggAACCCCAAAJJFSCgk1RuKkMAAQQQQACBbAgQ0MkGGpd4VoCAjmeHlo5ZAgR0LAkeEUAAAQQQ QCDZAho26dGjh6xevdqu+tprr5Vx48ZJiRIl7GPpuPPHH3/IrFmzzM+CBQvkyJEjERny5MkjRYsW NT/r1q0z55155pnSokUL0df27NkT9ufw4cMRy9SZjWrVqiV6Q6N9+/ZSr149M9tRxAt4AQEEEEAA AQQQQAABBwoQ0HHgoNAkBBBAAAEEEAgSIKATxMGTNBcgoJPmb4B06D4BnXQYZfqIAAIIIICAcwUO HDgggwcPltGjR9tLMhUvXlzGjBkjN9xwg3MbnoCW6cxCU6dOlZdffln0z2jhNg0uXXzxxVKnTh2p UaOGnHPOOVKpUiUTxNGZdk466SRz2Y033iiTJk0KV4R9TJcZ+/XXX+WXX36R5cuXy9dffy0aDAq3 VahQQbp37y5du3aVsmXLhjuFYwgggAACCCCAAAIIOE6AgI7jhoQGIYAAAggggECIAAGdEBCeprUA AZ20Hv706DwBnfQYZ3qJAAIIIICA0wWWLFkiN998syxbtsxuauvWreX5558XnQ3Gy9vWrVtNQGnC hAmiIZvArWDBgtK4cWMzG47OiKOhHJ3dJtwWa0AnXBkbN26UTz/91Px89tlnsmPHjqDTdEYeneVo wIABpi1BL/IEAQQQQAABBBBAAAGHCRDQcdiA0BwEEEAAAQQQyCBAQCcDCQfSWICAThoPfrp0nYBO uow0/UQAAQQQQMD5ArqM0xNPPCHDhg2TQ4cOmQYXKVJERowYIbfffrvkzp3b+Z2IoYXbt283/R0/ frzs37/fvlJDOW3btjVBGH088cQT7dcy24lHQCew/OPHj8v8+fPlnXfekWnTpom219p0LK6++mp5 5JFHpHr16tZhHhFAAAEEEEAAAQQQcJQAAR1HDQeNQQABBBBAAIEwAgR0wqBwKG0FCOik7dCnT8cJ 6KTPWNNTBBBAAAEE3CKwYsUK6dGjh1lyyWpzw4YN5aWXXpKqVatah1z7uG/fPhk1apT5CZwxR2cK uueee8xSUkWLFo25f/EO6AQ2QMNT06dPN23+4Ycf7Jd0Rh1dimzIkCGen+nI7jQ7CCCAAAIIIIAA Aq4RIKDjmqGioQgggAACCKStAAGdtB16Oh5GgIBOGBQOeUuAgI63xpPeIIAAAggg4BUBnb3lueee M0spaaBFtwIFCsigQYOkb9++ki9fPtd1Vfv02muvyUMPPSRbtmyx21++fHnTz65du0r+/Pnt47Hu JDKgE9iWOXPmmEDOokWL7MM6y899990n/fr1k8KFC9vH2UEAAQQQQAABBBBAIJUCBHRSqU/dCCCA AAIIIBCNAAGdaJQ4J10ECOiky0incT8J6KTx4NN1zwgcOHBA9KZvoUKFsuzTwYMHzU1tnfGADQEE EHCDwJ9//ik9e/aUTz75xG5unTp1zGw6devWtY85fWfx4sVyxx13SODsM6VKlZKHH37YzBaUk2CO 1fdkBXSs+mbPnm3CRsuXL7cOyRlnnCGjR4+Wa665xj7GDgIIIIAAAggggAACqRIgoJMqeepFAAEE EEAAgWgFCOhEK8V56SBAQCcdRjnN+0hAJ83fAHTflQK//vqrTJkyRXQGg7Vr18revXtNP/Tmrt4Y bdSokbRq1UquvvpqyZs3r93HZcuWyQUXXCAdOnSQqVOn2sfZQQABBNwgMGnSJDNDy65du0xz9ftN Z9J55JFHzMw6Tu3D/v37ZeDAgfLMM8/IsWPHTDMLFixo2n7//ffHdbaZwICOLjv1+uuvJ5xFA6Ja j84KtHnzZru+du3ayYQJE8zvJfsgOwgggAACCCCAAAIIJFmAgE6SwakOAQQQQAABBGIWIKATMxkX eFiAgI6HB5eu/X8BAjq8ExBwj4DOfjN06FB58skn5ejRo1k2vGLFiub8zp07mxl2GjRoIDqDg4Z0 vv322yyv5wQEEEDAaQJbt26Vu+66S9599127aVWqVDGz6Wg40Wmb/jlLgzL6P9nWdtVVV5kZZs48 80zrUNweUxHQsRqvy5ANGzZMnn76aTl8+LA5XKxYMXn22WdFfw+xIYAAAggggAACCCCQCgECOqlQ p04EEEAAAQQQiEWAgE4sWpzrdQECOl4fYfonBHR4EyDgDoFFixZJ165d7Zu8BQoUkDvvvFMuvvhi qVWrlpxyyimyYcMGWbNmjbz55pvywQcf2CGeXr16iYZ17rvvPtNZAjruGHNaiQACkQXef/998x34 999/m5Ny584tt912m4wcOVKKFCkS+cIkveLz+WTUqFEyYMAAOXLkiKm1bNmyZkaZtm3bJqwVqQzo WJ3SWd5uueUW0d9b1qa/v8aPHy86cxAbAggggAACCCCAAALJFCCgk0xt6kIAAQQQQACB7AgQ0MmO Gtd4VYCAjldHln7ZAgR0bAp2EHCsgC4ZUrNmTdm5c6dpY9OmTWXixIly1llnRWzzX3/9Jd27d5e5 c+dmOIeATgYSDiCAgAsF9uzZY5aJeuWVV0QDMbppCOb555+XNm3apKxHuqRVt27dgmb50YDK2LFj 5aSTTkpou5wQ0NEO6lJeTz31lAwaNMieTUfDpBoeLVeuXEINKBwBBBBAAAEEEEAAgUABAjqBGuwj gAACCCCAgBMFCOg4cVRoU6oECOikSp56kyZAQCdp1FSEQLYE9KZzy5Yt5dNPPzXX169fX7755hvJ mzdvluUdP37czJrzzDPPBJ0ba0Dn4YcflmXLlonOxKNtSdcNh3QdefrtdIHPP/9cbr31Vlm7dq3d 1C5dusiYMWPk1FNPtY8lY2fHjh2iM+Ton69009l8XnjhBenYsWMyqhenBHSszi5ZskSuvfZae2xK lSolH330kdSpU8c6hUcEEEAAAQQQQAABBBIqQEAnobwUjgACCCCAAAJxECCgEwdEivCMAAEdzwwl HYkkQEAnkgzHEXCGgM640Lt3b9OYQoUKydKlSzOdOSe01Rrwadeunbkhar0Wa0Dn7LPPlpUrV5pZ e3r06GEVk3aPOKTdkNNhFwn8999/MnDgQDNLjc7eoluJEiVEA4rXX399Unqybds2ad68uegST7pV rlzZzBhTvXr1pNSvlTgtoKNt2r17t1x33XV20LRYsWLyySefyPnnn68vsyGAAAIIIIAAAgggkFAB AjoJ5aVwBBBAAAEEEIiDAAGdOCBShGcECOh4ZijpSCQBAjqRZDiOgDMEKlWqZM88oDc4p06dGnPD tm7dapYUOXTokLk21oBOwYIF5cCBA2kf0MEh5rceFyCQdIHvvvtObr75Zjskow1o3769jB8/XsqU KZOw9vzzzz/SpEkTM9uYVtKgQQOZPXt20mfwcWJARz2OHj1qZjl69dVX9amcfPLJMn/+fKlRo4Z5 zn8QQAABBBBAAAEEEEiUAAGdRMlSLgIIIIAAAgjES4CATrwkKccLAgR0vDCK9CFTAQI6mfLwIgIp FdBZGAJvXo4aNcosWZWdRt14440yefJkc2ksAZ1NmzZJ2bJlzXUTJ06UdJ1BB4fsvOu4BoHUCBw+ fFiGDx8uI0aMEN3XrWjRovLEE0+Y77BcuXLFtWH79+83y/8tXLjQlHvxxRfLxx9/bJa3imtFURTm 1ICONl1ndNOlEjUspdvpp58uCxYskIoVK5rn/AcBBBBAAAEEEEAAgUQIENBJhCplIoAAAggggEA8 BQjoxFOTstwuQEDH7SNI+7MUIKCTJREnIJAygVmzZpmZH6wG6E3N22+/3Xoa02PgZz2WgM7IkSOl f//+pq50DujgENPbjZMRcITAL7/8YmbT0e8/a2vWrJmZDUyXn4rHpjPDXHHFFWa2HC2vdu3a8tVX X5lAUDzKj7UMJwd0tC8a0unWrZu8/vrrpms6Dl9//bVZjizWvnI+AggggAACCCCAAALRCBDQiUaJ cxBAAAEEEEAglQIEdFKpT91OEyCg47QRoT1xFwi8aT9u3DjzL5vjXgkFIoBAtgRefvllueWWW+xr e/bsKc8//7z9PNadWrVqyfLlyyXagM7x48dFb56uW7fOVJWuAR0cYn2ncT4CzhE4duyYPPPMMzJw 4EDRmW500+XqhgwZIvfee6/kyZMnR43V72X9btStSpUqZkaYEiVK5KjMnFzs9ICO9k1DTVdddZXM nDnTdPX888+XL7/80oxLTvrOtQgggAACCCCAAAIIhBMgoBNOhWMIIIAAAggg4CQBAjpOGg3akmoB AjqpHgHqT7gAAZ2EE1MBAtkWmD59urmJaRWgS7SsWLFCSpcubR2K6fGuu+6SZ599NuqAztSpU6Vj x452Heka0MHBfguwg4BrBf744w+59dZb5YsvvrD7UL9+fXnppZekZs2a9rFYdnTZwb59+5pL9Hv5 m2++kfLly8dSRNzPdUNARzt94MABadGihZk9R59rYOfdd9+VeC8/pmWzIYAAAggggAACCKS3AAGd 9B5/eo8AAggggIAbBAjouGGUaGOyBAjoJEuaelImQEAnZfRUjECWAkuWLJHzzjsv6Lyc3MTUG9E9 evSQhg0bmlkeggoOeaI3sdu2bSsHDx60X0nHgA4O9vCzg4DrBXR5JZ2Z7P7775c9e/aY/uTLl0/6 9esnDz30kJxwwglR9/GTTz4x35E6Q0+hQoVk3rx5Uq9evaivT9SJbgnoaP937twpF154oaxevdpw DB48WB555JFE0VAuAggggAACCCCAQJoKENBJ04Gn2wgggAACCLhIgICOiwaLpiZcgIBOwompINUC BHRSPQLUj0BkAZ1hoFSpUrJ3796gk9q3by9TpkyRIkWKBB3P6snff/9tbkJfcskl0rlz54inf/jh h3LdddfJf//9F3ROPAM6a9askU2bNsnmzZvNjXLtZ6VKlaRixYox9yuokf/75NChQ7Jjxw5zw/3U U0/NcMrGjRtN+KhcuXKSP3/+DK/rgWQ4hK2YgwggkFAB/d6544475IMPPrDrqV69uplNRwMjWW1/ /vmn1K1bV3bt2mVmfJk2bZpceeWVWV2WlNfdFNBREP3LhwYNGpjfA7lz55bZs2dL69atk2JFJQgg gAACCCCAAALpIUBAJz3GmV4igAACCCDgZgECOm4ePdoebwECOvEWpTzHCRDQcdyQ0CAEggR0SZYX X3wx6Jg+OfPMM6Vnz55y0003ZXvJq8BCNTAzduxYWbhwoSxdujTwJXu/du3aEZdv0aViBgwYYJ8b bmf79u3ywgsvmHDRqlWrwp1ijjVt2lT69OljZqeIZrmT1157TXQZKg3k6I/OyrBv3z5TljrpzXTd NBCkM2fMnTvX3FjXYxrO6d69uzz99NMmzJMMB62XDQEEUi/wzjvviC79t23bNtMYDYjo88cee8zM ihOuhUeOHJFGjRrJd999Z14eOHCgDB06NNypKTnmtoCOIn300UeiN02OHz8uxYsXl59++knOOOOM lPhRKQIIIIAAAggggID3BAjoeG9M6RECCCCAAAJeEyCg47URpT85ESCgkxM9rnWFAAEdVwwTjUxj gQ0bNsg555xjB05CKfSG8rnnnisXX3yx+dHlqzSUEus2a9Ys0Zl5srvptYGzUYSWo3/AbNWqlaxb t868dOKJJ5pZE6pWrSq67Mwvv/wiixcvlsOHD9uX6owWOotN+fLl7WPhdnr37m3CReFe06VnNKyj szJ07NgxomPXrl1Fgz6JdgjXRo4hgEDqBDTQd++998rkyZPtRlSoUMGECVu0aGEfs3Z0Kazhw4eb p/r6nDlzRL+HnbK5MaCjdoMGDZJhw4YZxmbNmslnn33mKFenjC/tQAABBBBAAAEEEIhdgIBO7GZc gQACCCCAAALJFSCgk1xvanO2AAEdZ48PrYuDAAGdOCBSBAIJFpg0aZJ069Yt6lp05gEN6jRv3lyu v/76qJaM0j8AvvXWW0F1jBo1SvRmr7VddNFFctlll1lPgx47dOggOsNOuO3o0aNStmxZ2bJli3m5 aNGi8tdff2WYoWLlypVy2223ybx58+xidMmr+fPnS5kyZexjoTvvv/++fPLJJ6JLeOlN3f3799un aEBHr2/cuLFZsuv8888X7dfgwYPl888/t88rUKCAWWJFZ9tJlINdGTsIIOA4AQ3a6KxkGorUTWfv 0u9d/b44+eSTzbFFixaZ79Zjx45JyZIlZdmyZebRvOiQ/2gg0Vr+8IYbbpDXX3/dIS3LvBlqqsGc BQsWmBPHjBkj99xzT+YX8SoCCCCAAAIIIIAAAlEIENCJAolTEEAAAQQQQCClAgR0UspP5Q4TIKDj sAGhOfEXIKATf1NKRCARAk888YT069fPzDYTS/l6o/bGG2+UXr16SbVq1WK51IRiNm/ebF8zceJE 6dGjh/082h0N3DRt2jTodF3qSpfvCt30Jq3OBmQtH6Ov6yw7P/74oxQsWDD09AzP9YZ53bp1zVIp +qLO1FO5cmX5+eefzUxE33zzjZx00kmiS3LpjD3WljdvXrM0lr4Wumk4KB4OoeXyHAEEnCWggcT+ /fvLhAkT7O+Q0qVLy7PPPivt2rWTOnXqyG+//WYaPXPmTLMsk7N6IGaWMDcGdNRx/fr1UqtWLdm7 d6/5vtfvbQ1psiGAAAIIIIAAAgggkBMBAjo50eNaBBBAAAEEEEiGAAGdZChTh1sECOi4ZaRoZ7YF COhkm44LEUi6wHvvvWdmmNmxY0fMdefPn180YKNLOUW7xSuYosuW6PIlgVuXLl2ClpQJfG3VqlVS s2bNoOWuYgkHlSpVSrZu3RpYpJQoUUL0+65cuXLm+IABA2TEiBH2OZdffrnoTDzhtng5hCubYwgg 4DyBhQsXyi233CL6XWRtutTgr7/+ap5q6FFnNnPi5tYZdCxLDW/qTGq6tW7dWj766CPrJR4RQAAB BBBAAAEEEMiWAAGdbLFxEQIIIIAAAggkUYCAThKxqcrxAgR0HD9ENDCnAgR0cirI9QgkV+C///6T l19+Wd5++23R5VaOHz8eUwOGDBmSISwTqYB4BVMmT55sZvEJrGfkyJHy4IMPBh4K2r/ggguCZtHR JbRmzJgRdE6kJzrjjv6BNnB76qmnpE+fPvYhXXbrmWeeMYa67JUGlzTEE26Ll0O4sjmGAALOFDh4 8KAMHTpU9LvjyJEjdiNPPfVUWbFiheijEze3B3R8Pp9ZklBDUro5daYiJ449bUIAAQQQQAABBBAI L0BAJ7wLRxFAAAEEEEDAOQIEdJwzFrQk9QIEdFI/BrQgwQIEdBIMTPEIJFBAZ9L58ssvZcGCBeZn +fLlWQZ2cuXKJXPmzJHLLrssy5bFK5iyZ88ead68uSxdutTUWaVKFdFlr3Smm0hbz549zYw/1us6 o44uXxXNpkt5Bc58kTt3btmwYYNZsiua60PPiZdDaLk8RwAB5wvo91aLFi3MEnja2kjL8zmlJ24P 6KijftfXq1dPdMnDs88+W/R3my5DyIYAAggggAACCCCAQHYECOhkR41rEEAAAQQQQCCZAgR0kqlN XU4XIKDj9BGifTkWIKCTY0IKQMAxAv/88498/fXXJqzz8ccfRwy0lC5d2gRYihQpkmnb4xlMOXTo kPzwww/mJqvOjpPVNnr06KAZbypVqiRr1qzJ6jLzemhAp1mzZvLFF19EdW24k+LpEK58jiGAgHMF Vq5cKTVq1DBhkXPPPdcEDfPkyePYBnshoKO4PXr0kJdeesk4v/rqq9KtWzezz38QQAABBBBAAAEE EIhVgIBOrGKcjwACCCCAAALJFiCgk2xx6nOyAAEdJ48ObYuLAAGduDBSCAKOFNBZZPr37y/vv/9+ hvZNnDjR3ADN8ELAgWQFU3R2m9WrV8v27dvNz7Zt28wMOzozkLXlJKDTt29fefLJJ62iYn5MlkPM DeMCBBBIuMANN9wgU6ZMMfV88MEH0r59+4TXmZMKvBLQ2bRpk5x11lmiS43poy4r5uRgVE7GjGsR QAABBBBAAAEEEitAQCexvpSOAAIIIIAAAjkXIKCTc0NK8I4AAR3vjCU9iSBAQCcCDIcR8JDA4MGD ZciQIUE90llsvv3226BjoU8SFUzZvXu3zJgxQ6ZPny6LFi0SXaorqy0nAZ0xY8bIPffck1UVEV9P lEPECnkBAQQcIbBx40bR754jR45InTp1ZMmSJaLLBDp580pAR4179eolzz33nOGeNm2aXHXVVU6m p20IIIAAAggggAACDhUgoOPQgaFZCCCAAAIIIGALENCxKdhBQAjo8CbwvAABHc8PMR10scAff/wh Dz/8sFxzzTVy5ZVX5qgnnTp1krfeessuQ28y68wE+fPnt4+F7sQ7mKIz4wwaNEheeeUVc8M7sD5d dktDQ3Xr1pXTTz/dBHhmzZpln5KTgM4777xjDO3CYtyJt0OM1XM6AgikSEC/fx977DFT+5tvvikd O3ZMUUuir9ZLAZ21a9dKlSpVzPJiTZs2lS+//DJ6CM5EAAEEEEAAAQQQQOB/BQjo8FZAAAEEEEAA AacLENBx+gjRvmQKENBJpjZ1pUSAgE5K2KkUgagEJk2aJN26dZO2bdvK7Nmzo7om0kl6o7Nq1apy 9OhR+xRdVqpy5cr289CdeAZTtC9333237N27N6gaDeXoMlz6F2aBM1OMHTtWevfubZ+bk4COBn3a tWtnlxXrTjwdYq2b8xFAIDUCOmvOmWeeKVu2bBENEP7555+SL1++1DQmhloDAzpdunSRyZMnx3C1 807t0KGDzJw50/x++O2336RatWrOayQtQgABBBBAAAEEEHC0AAEdRw8PjUMAAQQQQAABvwABHd4G CPyfAAGd/7Ngz6MCBHQ8OrB0yxMCL730kvTo0cPMILBq1aoc9+mSSy6RL774wi5n/vz50qhRI/t5 6E60wRRdpuq7776TWrVqic5yELqNGzfOhG18Pp/9UsWKFUX716xZM/tY4I4bAzpZOQT2j30EEHC2 gC7Dd8UVV5hGPvTQQ/Loo486u8H/2zqvBXQ+/vhjadOmjeld37595cknn3TFONBIBBBAAAEEEEAA AecIENBxzljQEgQQQAABBBAIL0BAJ7wLR9NTgIBOeo57WvWagE5aDTeddZmAFdDRWRv++++/HM/e oDPSaPDF2tasWSM6M02kLdqAji5bNWzYMLnzzjvl2WefDSrul19+McGd48eP28eLFy8u33zzjQke 2QdDdtwY0MnMIaR7PEUAAYcLaDhHQzo6s5d+V2qo0A2b1wI6x44dkwoVKsjGjRvNTEb6mCdPHjcM BW1EAAEEEEAAAQQQcIgAAR2HDATNQAABBBBAAIGIAgR0ItLwQhoKENBJw0GPV5f37NkjO3bsMMsj 5M+fP17Fxr0cAjpxJ6VABOImYAV0tMDp06fbszlkt4IHHnjAnn2gaNGisnv37qBlpULLjUdAx1qe JLDsr7/+Wi666KLAQxn2n3rqKbn//vvt44FLXG3btk3uuOMOqVOnjujMFqGbLoESOONQspa4IqAT OhI8R8CdAvpnuFKlSsmhQ4ekcePGMm/ePNd0xGsBHYXXZRBHjhxpxuDTTz+VSy+91DXjQUMRQAAB BBBAAAEEUi9AQCf1Y0ALEEAAAQQQQCBzAQI6mfvwanoJENBJr/GOW291ZoirrrpKtmzZIj179pTn n38+bmXHuyACOvEWpTwE4icQGNBp2bKlzJkzJ0eF6zIhulyIbk2aNJGvvvrK7Ef6zxlnnCF//fWX /bJ+l+l3WuimQRoN1PTq1Ut0OStr01lzChUqJAcPHrQOiYZnVqxYYT+PtNOpUyd566237JcDAzrr 1q0zs1lo2XozOnSLd0Anpw6h7eM5Agg4W+D111+Xrl27mkZOmDBBbrvtNmc3OKB1XgzoLF++3MzE pt10+p+rA4aCXQQQQAABBBBAAAGHCBDQcchA0AwEEEAAAQQQiChAQCciDS+koQABnTQc9Jx0WW9k P/HEEyaQc/jwYVPUNddcI++8805Oik3otQR0EspL4QjkSCAwoKMFPf7446Kz4GRn+/fff6V8+fKy a9cuc7mWo+VlttWuXVuWLVtmn6IzGDz44IP2c2vnuuuuM99zQ4cOlYEDB1qHzZIkZ555pv1cd/Sm 92uvvRZ0LNwTXdJk/fr19kupDOjk1MHuBDsIIOAKAQ1Z66xluXPnls2bN0vJkiVd0W5tpBcDOtqv qlWriv5FRenSpU1wVJceY0MAAQQQQAABBBBAIBoBAjrRKHEOAggggAACCKRSgIBOKvWp22kCBHSc NiIOac+RI0fMTW5dHkaXWvn222/NTBRffvmlWQ4hsJlXX321vPvuu4GHHLVPQMdRw0FjEAgSCA3o 6A3JyZMnS+fOnYPOi+bJ3Xffbc9uU7x4cTOLzWmnnZbppVdeeaW8//779jkaxJk6dar93NqpUaOG /Prrr/LGG2+IznxjbTpzzsknnxw0g0779u3lgw8+sE4J+6ihIA3FBG46i83GjRvNIWs2hWLFipll ugLP0/0qVarI6tWr7cNan9ab3S2nDtmtl+sQQCD5AhqwPvXUU0VDjRdeeKHorIhu2rwa0LFmatOx WLx4sdSrV89Nw0JbEUAAAQQQQAABBFIoQEAnhfhUjQACCCCAAAJRCRDQiYqJk9JEgIBOmgx0rN3U ZVyee+65qC4joBMVEychgEAYgdCAjp6SL18+s/STzvAQ7fbFF19IixYtRJec0k1DPl26dMnycp0R LHDGnFNOOUVWrVplbl5bF8+fP98sl6XPNaRTvXp16yXzqPV+9tln9rETTzxRFi1aJDVr1rSPBe7o 0oANGjSQDRs2BB4WDSfpLGU6e4IGgbT9WvbcuXODzvP5fKLBnb1799rHX3jhBbn11lvt57HuxMMh 1jo5HwEEUiMQ+J0WOitYaloUW61eDejo77FLLrnEYIwYMUL69esXGwxnI4AAAggggAACCKStAAGd tB16Oo4AAggggIBrBAjouGaoaGgSBAjoJAHZjVWEBnQqVqxobihrGGf48OGyZMkSu1sscWVTsIMA AjEKhAvoWEXUqVPHLHel3zF58uSxDgc9Hj16VB599FHzc+zYMfNa69at5aOPPgo6L9ITDbmUK1dO 9uzZY59y7bXXirarSJEiJkRz2WWXmdBOmzZt5MMPP7TPs3Z09hoNE1n16/Hy/qW2NCTUsGFD6zTz OGfOHOnbt68J+mi9GsDRuqytefPmovWNHTvWLDuj37f9+/c3wZ2///7btFOXFHzxxRetS8zj6aef bqx0ph9tt4aEzj333KBzMnsSD4fMyuc1BBBwjoCGch555BHTIJ09R2fRcdPm1YDOoUOHzIxsBw4c kJYtW4r+vmBDAAEEEEAAAQQQQCAaAQI60ShxDgIIIIAAAgikUoCATir1qdtpAgR0nDYiDmmPdSO4 YMGCUrJkSSlQoIDdsosvvjhoOQQCOjYNOwggEKNAYECnfv36MnHiRLnxxhvl559/tkuqUKGCCbLo owZfSpUqJevXrzdBQZ1x4LfffrPPve2222TUqFGi313RbjNnzhT9HtNlX6xNAy61atUyQRpdBqZQ oUKis07UrVvXOiXoUWe86datm2hgKHBr3LixmUlHj+tSgbq0lW66RJWGiDTUc/bZZ9sz/wRee9ZZ Z4kuK1imTBnp3bu3Ce0Evp7ZvrZXb2LHssXDIZb6OBcBBFIjoOEPnZlLvyc1nKizlrlp82pAR8eg adOmMm/ePDnppJPM8oa5c+d209DQVgQQQAABBBBAAIEUCRDQSRE81SKAAAIIIIBA1AIEdKKm4sQ0 ECCgkwaDHO8uhgZ0WOIq3sKUh0D6CFgBnbx585rAjS4LpbMI6AwyEyZMkHXr1kWFoctCvfzyy6Kz 52RnW7hwofTp00e+//77DJfr7DSzZs2KGM6xLtDlqXRmG+2T7ofb9Karhoh0WS1dTks3nRHnzjvv lB07dpjnerNcZ+vRZas0IKnb888/L3fffbe5oa431TU0qbMK6bJYuunSXkeOHBGdeeG///4Tvamr waJYt3g4xFon5yOAQPIEdIm84sWLm/CHBgg1DJKoTb+T9bvohhtuEP2Oj9fm5YCOzpg2cuRIQxVu ScV4GVIOAggggAACCCCAgLcECOh4azzpDQIIIIAAAl4UIKDjxVGlT9kVIKCTXbk0vo6AThoPPl1H IM4Cn332mbRq1coEVh577LGg0jV0orM86Cw5GpxZuXKlme1BAzz58+c3M+lUr15dOnToINddd51Z GiSogGw80T8k6pIvW7dulRNOOMEs/aKz5sQyw4TOlqM3Vjdu3Gh+du3aJRogqly5stSuXdvMjBDa NO3T0qVLzeGqVavGpS+hdcTyPB4OsdTHuQggkBwBDT3qsqW63XvvvTJ69OiEVbxz504z65l+/w0a NEg6duwYcbnCWBrh5YDOe++9Jxp8123KlCnSuXPnWGg4FwEEEEAAAQQQQCBNBQjopOnA020EEEAA AQRcJEBAx0WDRVMTLkBAJ+HE3quAgI73xpQeIZBKAQ20xDK7gs4Uo+dbs8eksu3UjQACCLhJYPbs 2aJ/ea/bq6++apbmS2T7dbawJ554wq5i6tSpZknBnCzd5OWAzurVq80SiArWr18/GTFihG3HDgII IIAAAggggAACkQQI6ESS4TgCCCCAAAIIOEWAgI5TRoJ2OEGAgI4TRsFlbSCg47IBo7kIIIAAAggg gIBfYNSoUdK3b19jsWjRImnQoEFCXbZt22Yv1WdVVKNGDRkyZIhcccUV2Qpaejmgc+zYMSlUqJBZ 6lF9pk+fbrHxiAACCCCAAAIIIIBARAECOhFpeAEBBBBAAAEEHCJAQMchA0EzHCFAQMcRw+CuRhDQ cdd40VoEEEAAAQQQQEAF7rzzThk/frzB2LFjhxQvXjzhMLq0lc6cE7rVqVPHBHXatWsXU1DHywEd NapWrZqsWrXKLIloLX0YasdzBBBAAAEEEEAAAQQCBQjoBGqwjwACCCCAAAJOFCCg48RRoU2pEiCg kyp5F9dLQMfFg0fTEUAAAQQQQCBtBTp06CAzZ840s7Ro0CUZ2+bNm6VSpUpy8ODBsNXVr19fhg4d Kq1atQr7eujB//77TwoXLmwOd+nSRSZPnhx6iqufX3bZZfLpp5+a8JSGqNgQQAABBBBAAAEEEMhK gIBOVkK8jgACCCCAAAKpFiCgk+oRoH4nCRDQcdJouKQtBHRcMlA0EwEEEEAAAQQQCBDQJa2+//57 qVy5sqxevTrglcTu9urVS5577rlMK7noootMUOeSSy7J9DyvB3S6du0qr7/+uplV6NChQ5IvX75M PXgRAQQQQAABBBBAAAECOrwHEEAAAQQQQMDpAgR0nD5CtC+ZAgR0kqntkboI6HhkIOkGAggggAAC CKSVwFlnnSVr1qwRDeosWrQoaX3fuHGjCQUdPnw4yzqbNGligjqNGzcOe67XAzp9+vSR0aNHm75v 2bJFSpYsGdaBgwgggAACCCCAAAIIWAIEdCwJHhFAAAEEEEDAqQIEdJw6MrQrFQIEdFKh7vI6Cei4 fABpPgIIIIAAri8ByQAAQABJREFUAgikpYCGPbZt2yYtWrSQuXPnJtWgZ8+eMnHixKjrvPTSS2XI kCGiM+sEbl4P6GifBw8ebLqssxzpbEdsCCCAAAIIIIAAAghkJkBAJzMdXkMAAQQQQAABJwgQ0HHC KNAGpwgQ0HHKSLioHW4K6KxYsUI++ugj6du3rxHWm0Nt27Z1kTZNRQABBBBAIHECOqPJrl275MCB A+bn4MGD9v6///4r+nquXLkkd+7c5lH3rZ/QY5k919d0s86xHgPLSlwvKdkSePLJJ0WXTWrfvr18 8MEH1uGkPK5bt06qVq0qR44ciam+1q1bm6BO/fr1zXVeD+g8/vjj0q9fP9PXn3/+WWrUqBGTFycj gAACCCCAAAIIpJ8AAZ30G3N6jAACCCCAgNsECOi4bcRobyIFCOgkUtejZbspoKM3OPRGBxsCCCCA AAIIIIDA/xfQsIsupWSFrzQwZf2EO2YFqqxzrMdw52Z2rH///vLee+/FPAxapt500JllqlSpIoUL FzZldOnSRSZPnhxzeU6+YNSoUXawfOnSpVK7dm0nN5e2IYAAAggggAACCDhAgICOAwaBJiCAAAII IIBApgIEdDLl4cU0EyCgk2YDHo/uEtCJhyJlIIAAAggggAACCMQioEGdwNl/COjEose5CCCAAAII IIAAAl4VIKDj1ZGlXwgggAACCHhHgICOd8aSnuRcgIBOzg3TrgQ3BXR0aYDZs2fLgAEDzDh1795d WrVqlXZjRocRQAABBBAIJ6DLHa1fv1502SBd5mr//v32jx7XZa58Pp/9c/z4cXvfOp6oY+HayzEE AgW8GNB54okn5MEHHzTdXL58uZx77rmBXWYfAQQQQAABBBBAAIEMAgR0MpBwAAEEEEAAAQQcJkBA x2EDQnNSKkBAJ6X87qzcTQEdFf7++++lQYMGBnvcuHHSq1cvd8LTagQQQAABBBBwhYCGlzS4ZP2E PrdCTdbrgY/Rnpud86655hrZs2eP1KlTR4YNG2a3z6o/O2XGcu2CBQvks88+y/YY6p/nHnjgAbnq qqtMGV4M6AwZMsQs5aUdXL16tVSuXDnbXlyIAAIIIIAAAgggkB4CBHTSY5zpJQIIIIAAAm4WIKDj 5tGj7fEWIKATb9E0KI+AThoMMl1EAAEEEEAAAc8JaNjjjz/+MMHlRYsWJbV/OhtTxYoVZceOHTHX q3/2HDhwoLRs2dLM9lS4cGFTRufOnWXKlCkxl+fkC/r06SOjR482TdyyZYuULFnSyc2lbQgggAAC CCCAAAIOECCg44BBoAkIIIAAAgggkKkAAZ1MeXgxzQQI6KTZgMejuwR04qFIGQgggAACCCCAQHIF dAYanVlQgzo6O0syt+HDh8tDDz0UU5VNmjSRQYMGSfPmze3rdDk2Lwd0unXrJpMmTZJcuXLJwYMH JX/+/Hbf2UEAAQQQQAABBBBAIJwAAZ1wKhxDAAEEEEAAAScJENBx0mjQllQLENBJ9Qi4sH4COi4c NJqMAAIIIIAAAmkv0L59e5k1a5YJuOiMNsna9u7dKxUqVJBdu3ZFVeWll15qZsxp3LhxhvO9HtDR WYLmzp0rp5xyiuzcuTND/zmAAAIIIIAAAggggECoAAGdUBGeI4AAAggggIDTBAjoOG1EaE8qBQjo pFLfpXUT0HHpwNFsBBBAAAEEEEhrgTvuuEMmTJhgDDT8oSGQZGxDhw6VRx55JMuqWrVqZYI5F110 UcRzvR7QOfvss2XlypVSq1Yt+emnnyI68AICCCCAAAIIIIAAApYAAR1LgkcEEEAAAQQQcKoAAR2n jgztSoUAAZ1UqLu8TgI6Lh9Amo8AAggggAACaSnw1FNPyf3332/6/t1338n555+fcIc9e/aY2XP0 MdymSzm1a9fOBHPq168f7pSgY14O6Bw7dszMbqRLW11++eXy/vvvB/WdJwgggAACCCCAAAIIhBMg oBNOhWMIIIAAAggg4CQBAjpOGg3akmoBAjqpHgEX1k9Ax4WDRpMRQAABBBBAIO0FZs6cKR06dDAO kyZNkhtvvDHhJoMGDZJhw4ZlqEeDORpCGThwoNSpUyfD65EOeDmgs2bNGjnrrLNM1x988EEZOXJk JAaOI4AAAggggAACCCBgCxDQsSnYQQABBBBAAAGHChDQcejA0KyUCBDQSQm7uysloOPu8aP1CCCA AAIIIJCeAmvXrpVKlSqZzvfp00d0Rp1Ebrt27ZLixYsHVZE7d265+uqr5eGHH5Zzzz036LVonng5 oDN9+nS56qqrDMPrr78uN9xwQzQknIMAAjEK7N+/XzQkeOKJJ0Z95eHDh801+fLli/oaTkQAAQQQ QCBZAgR0kiVNPQgggAACCCCQXQECOtmV4zovChDQ8eKoJrhPBHQSDEzxCCCAAAIIIIBAAgR8Pp+c csopostNNWnSRL766qsE1PJ/RT700EMyfPhw+0CnTp1Ej1WvXt0+FuuOlwM6gV4///yz1KhRI1Ye zk+SgC5DFo9NA2v58+fPdlHajh07dsjOnTsz/GhArnv37nLOOedku3y3X3j8+HHR5fx09rBFixbJ 33//LZs3b5Z///3XdK1QoUJSpkwZadiwobRu3VquuOIKyZMnT4Zu6zU609cZZ5whS5YsCXpd6wgd A7W3xqRx48am7KCLeIIAAggggECcBQjoxBmU4hBAAAEEEEAg7gIEdOJOSoEuFiCg4+LBS1XTGzRo IN9//71dvf5Fpv6LX6du2lZts27jxo2TXr16ObWptAsBBBBAAAEEEEioQIsWLeSzzz4TvTGtQZ28 efMmpD69YV2xYkU5cOCAdO7cWQYMGCBVqlTJcV1eDug0b95cvvzySylSpIjs3r07bFAgx4AUkGOB Q4cOSYECBXJcjlVA4cKF5bTTTjOfl6ZNm4p+Rq3/d7HOifTYu3dvGTt2bKSXZdasWdKuXbuIr3v1 hW3btpkl4t544w3R/Wi3qlWrmiX5dJYvnWHH2jS8M2fOHDn11FNl+/bt1mHz+M0334j+A5ZIm37/ TZkyJdLLQccXLlwoX3/9tZQuXVratm2bYQayoJN5ggACCCCAQIAAAZ0ADHYRQAABBBBAwJECBHQc OSw0KkUCBHRSBO/WavUvpCtUqGD+9aHVh5o1a8pPP/0U9JeY1mtOeCSg44RRoA0IIIAAAggg4ASB wYMHy5AhQ0xTdEaJaIMAsbZdl7DasmWL9O/f315WK9Yywp3v1YCO/hlbZzfSpXc0oDF37txw3eeY AwSOHj0qpUqVMjOkJKo5+h4YM2ZMlrPfPPbYY2a5uEjtSLeAjs6Mo0v3jR49Wvbt2xfEooHByy67 TBo1amTCUBpOXLlypSxfvlx+/PFH+eKLL0RnGdPtvPPOk2nTpkm5cuXk+eefl9tvv90c1yX7NHwY uMUroDNs2DAZNGiQXXSxYsVEAzvpPAOSjcEOAggggECWAgR0siTiBAQQQAABBBBIsQABnRQPANU7 SoCAjqOGwzmN0b/cXLt2rflLSv1LaH2+atUqmTp1qsybNy9DQ/Vf+F155ZXmBoz+i2z9C0/9V4f6 rxDj+S9MM1QcxQECOlEgcQoCCCCAAAIIpIWALmvVrFkz09dHH33ULDmViI7rLBM6K0i8N68GdALH RUMXOuMQm3MFNKShATTr/5mefvppWbx4cYYG6+ydOrtKwYIFg/4xg84spWVoIGvjxo3yySefyKef fmpmnLIK0aWWevbsaQJ1OnNLuE3/P23ZsmWmLRMmTJAPP/ww6LR0CujosnCXX365+X/YQAT9vuvb t69ZZipwVpzAc3RfA4s606q1hJWGsHRcb775ZtHvHd3CBXR0LPUvGffu3Suff/65mYFHl72ytmhm 0NH3QdGiRUXHM3Dr2LGjvPnmm4GH2EcAAQQQQCCsAAGdsCwcRAABBBBAAAEHCRDQcdBg0JSUCxDQ SfkQOLMBH3/8sbRp0ybHjdOZdWrVqpXjcnJSAAGdnOhxLQIIIIAAAgh4SeDw4cPmJrPOLtGwYUNZ sGCBq7rn1YDOgw8+KE888YQZC/2za/369V01LuneWA3J1K5dO4ihbNmysmHDhqBjmT3RZc0eeOAB efnll+2ZXPR8Dbrpe6J8+fKZXW5CJHquBkasLV0COjrbTbdu3ewgjfZfl4rTWYg0YBPtpsGal156 SfTzqEsAhm7hAjqh51x77bXy7rvv2oejCejoTD5nn322fY21o+EindknHTedhU0/VxqaatmyZToS 0GcEEEAgJgECOjFxcTICCCCAAAIIpECAgE4K0KnSsQIEdBw7NKlt2G+//SYXXHCB+ZeeJ554ouTL l8/MipM7d27Rn8B/fahTgetfZurPkSNHzI/+xbDeQNHpwgnopHYsqR0BBBBAAAEEEAgU0FkmPvjg A9EZOv7++++EzHQTWF88970a0NGb83qTvmTJkrJ582bz5+14ulFWYgW2bt1qlr0KrEVnEtUxjXV7 /PHHpV+/fkGXafhHl1LS/y/LbNMQz59//mmfkg4Bnddee01uuukmu8+6U6ZMGdFZqSpXrhx0PNon OhvSJZdcYmbFCbwmmoCOjp2OobVFE9DR4OTJJ59sZlSyrtPH3r17m1l8Ao+ly771nThx4kTp0aNH unSbfiKAAALZFiCgk206LkQAAQQQQACBJAkQ0EkSNNW4QoCAjiuGiUbmRIAZdHKix7UIIIAAAggg 4DWBwBvaL7zwgtx6662u6aIXAzq//vqr1KhRw4zBLbfcIi+++KJrxoOG/n8BXdKtRIkSQRzZDeho Ieedd5691JJVaDRBj2rVqpllia1rvB7Q0aWXL7vsMtGAi7WdcsopZmaw6tWrW4ey9fjll1/KpZde av4RilVANAGdwYMHm2XJrGuiGTc9NzSYpTMA6f/H6pim46bLwuk/+iGgk46jT58RQCA7AgR0sqPG NQgggAACCCCQTAECOsnUpi6nCxDQcfoI0b4cCxDQyTEhBSCAAAIIIICAhwR27dolpUuXNje13baE ihcDOrqUy2OPPWbeYXPmzGE5Fxd+1uId0Bk3bpzcfffdGSR0dtI6depkOG4dSKeAztq1a81ScPp9 FrjpzDlNmjQJPJTtfR0DHQtrS2RAR+tYunSpfPLJJ1KoUCFp3769lCtXzqo6rR43bdokukScbgR0 0mro6SwCCORAgIBODvC4FAEEEEAAAQSSIkBAJynMVOISAQI6Lhkompl9AQI62bfjSgQQQAABBBDw poDe/NXZNXTpUr3R7ZYbwfv37zc3r3VUop2ZwskjqEvEVqxY0SxLpMtb6Y3pvHnzOrnJtC2MQLwD Otu2bTPLnYVW9cADDwQtnxT6ejoFdKzvsECD6667TqZOnRp4KEf7+/btk0qVKomOh26JDujkqLEe unjkyJHSv39/0yMCOh4aWLqCAAIJFSCgk1BeCkcAAQQQQACBOAgQ0IkDIkV4RoCAjmeGko5EEiCg E0mG4wgggAACCCCQrgLvvfeeXH311ab7gwYNClqSxckmXgvozJ07154x595775XRo0c7mZ+2RRCI d0BHqylQoIAcOnQoqMYOHTrIjBkzgo4FPkmXgI4uP9W8efPArssJJ5wgK1eulPLlywcdz+mThx56 SIYPH26KIaCTU82sr9fQYuXKlWXdunXmZAI6WZtxBgIIIKACBHR4HyCAAAIIIICA0wUI6Dh9hGhf MgUI6CRTm7pSIkBAJyXsVIoAAggggAACDhY4fPiwWUJEZ4YoU6aMrF+/3hUzt3gtoHPVVVfJ9OnT zTvll19+kXPOOcfB7xqaFkkgEQGdk08+Wfbs2RNUZaNGjWT+/PlBxwKfpEtAp27dumY5qMC+d+3a VV577bXAQ3HZ37Bhg1SoUEE0OEJAJy6kmRaiMyB17NjRPoeAjk3BDgIIIJCpAAGdTHl4EQEEEEAA AQQcIEBAxwGDQBMcI0BAxzFDQUMSJUBAJ1GylIsAAggggAACbhbo16+fvVzO22+/Lddee63ju+Ol gM6ff/5pZoo4evSoZBW8cPzApHkDExHQyZcvn+h7I3C7/vrr5a233go8FLSfDgGdpUuXigZ0Qrdp 06aJBt4SsdWrV09+/PFHAjqJwA0o84svvpC2bdvKwYMH7aMEdGwKdhBAAIFMBQjoZMrDiwgggAAC CCDgAAECOg4YBJrgGAECOo4ZChqSKAECOomSpVwEEEAAAQQQcLNAYEDkvPPOkx9++MHx3fFSQOee e+6RZ555xpi7JSDl+DdIihoY74DOH3/8YcJbod0ZNmyYPPzww6GH7efpENAZOHCgPProo3afdUfD TDt37pQiRYoEHY/Xk7vvvlvGjRuXtIDO3r17ZceOHZI/f34544wzYu7G33//Lb/99pv89ddfsm/f PilatKiZBejCCy+UXLlyxVyezh60e/duY3zaaaeJzu4UummYbO3atXLiiSeaNsdaz4cffijXXXed /Pfff0FFOyWgkwyDoI6HPNH6f/75Z9m4caPo+Op7vmrVqnL22WdLsWLFQs6O7Wmq++bz+cz7VWer 0r4dOXJESpQoIaVLlzY/5cqVi61DAWfH+7MQUDS7CDhOgICO44aEBiGAAAIIIIBAiAABnRAQnqa1 AAGdtB7+9Og8AZ30GGd6iQACCCCAAAKxC3Tq1MmekUNvkLZp0yb2QpJ4hVcCOnrTsFKlSnLgwAGp WLGirFq1yhVLjCVxqF1VVbwDOkOGDJHBgwcHGeTNm9cEIMqWLRt0PPBJLAEdLX/16tVSqFAhE6rQ G/65c+cWvVmuN8h37dolVapUyTQQFFh3svZ1GTgNnwRuzZo1E519JVHbO++8Y8Ijp59+ugm9ZFaP uur4WVvnzp1lypQp1tOgx3///Vd0aS4NF+mPhnLUXf11y+zaoIL+94kuDzV27FhZtGiRGcfQc/S9 o2V26dIl4nJ6GgJ56KGH7PZouzScoyEO3QIDM+vWrZMRI0aYcKeOiS6dqJuGdPT7rWnTpjJ06NCw gR49b82aNaa9CxcuzLBkmb6uW+3ataV8+fJmP/Q/9evXlwEDBoQezvHzZBpk1VgNWWkwb8aMGbJ1 69awp2uQRd9H999/v5xyyilhz7EOOqlvusSmhu3ef/992bRpk9XEDI8aRLrppptMH0uVKpXh9XAH 4vFZCFcuxxBwsgABHSePDm1DAAEEEEAAARUgoMP7AIEAAf9fwLEh4GmB7777zud/y5sf/7989HRf 6RwCCCCAAAIIIBCLgP9mnc9/U978Ocl/I9R37NixWC5P+rn+2RXsP9f5bzQnvf54VXj77bfb/Xjx xRfjVSzlpEjAf6PZHk/r/zv8N5Wz1Rp/yMHnD21lKO/OO+/Msjyt06pfH2fNmhXxmhNOOCHo3MDr rP3WrVtHvD4VL/iDImHb3LNnz4Q2Z8+ePT5/EMT3+uuvZ1nPI488EtTGzL6n/MGuoHMtd+sxs2sD G+IP9fj8s88ElXXSSSf5/MtF+bp16+Zr3Lixzx/wCnrdP3tXYBH2/ieffBJ0ntUW69Ef0PH5Z8vx aT8LFChgn6vvpzJlyvj8M+fYx/Qa/0wovtmzZ9vlB+7MnDkz6Fyrjmgf27dvH1hc3PaTaZBZoydP nuzzz44TZFSyZEmf9lvHtWHDhvbvbzXTMddx8QdZIxbrlL598MEH5r0ROtb+2XJ8/qCwzx/u8vln agrqu76X9M8smW3x/CxkVg+vIeBEgXbt2pnPjH5vsCGAAAIIIIAAAk4U8P/jNPvP+P5/iODEJtIm BJImoP+yig0BTwsQ0PH08NI5BBBAAAEEEMihgN4Etm6SvfzyyzksLbGXeyGg88svv9g3y8866yyf BjLY3C0Qr4COBuRuvPFG+/NofS7r1avnO3jwYJZIsQR09Ca/VX7oo3+WCl/Hjh19r7zySpZ1JvME /eyEtlWfDxo0KJnNyLQuDUgEtjGzkI1/+SnfXXfdZcIW4UJZmV1rNeLzzz83wRirTg1camBJ35OB 24oVK3z+Ja6C2vbUU08FnmL2V65c6bvjjjt8Wrd/xqCg87WOF154wXfzzTfbx1u2bOlbvHixzz/r j7leQ1RXX321/bpe45/VxafBidBN/3LWP+NQ0I9/mbKgay+66KKg1wPPX7p0aWiRcXmeTINwDdax u/LKK4McrrjiCp9/xqIMp/uXqsxwbqNGjXwaKgu3pbpv/lmjgt4/+v7IkyePCRb5Z5AKarJ+H+qf Saz3tj5qCMw/m1PQedaTeH8WrHJ5RMAtAgR03DJStBMBBBBAAIH0FSCgk75jT88zChDQyWjCEY8J ENDx2IDSHQQQQAABBBCIq8D69et9/iVJzE0w/Rfq4W6kxrXCHBTm9oCO3ljUmQGsG47Tp0/PgQaX OkUgHgEd/7K8vgYNGtjvDes90qRJE5+GHqLZYgno+JdZy1DXeeed5/MvNxPxBng0bUjkOXPnzs3Q ZnV69tlnE1ltTGXHEtAJLFjDCHXq1AnqX1YBnT/++MNXsGBB+xqdvea1114LLDZoX8f81FNPtc9X O53JJNJ26NAhX+XKlYPO9y83ZZ7rjDlvvfVW2Et1hp2zzz476Lo+ffqEPTf0YGgoSGfsSeWWbAMN bAa+D3RMNYAWKZSiNvre0Rm2rO8MfaxVq5bvn3/+yZQu2X3TxmigK7CdGriZP39+xHb6l+wJOl+v /fHHHzOcn+jPQoYKOYCAAwUI6DhwUGgSAggggAACCAQJENAJ4uBJmgsQ0EnzN0A6dJ+ATjqMMn1E AAEEEEAAgZwIBN5U1tkRnLq5PaATOBtAixYtnMpMu2IUCBfQ0dDbtGnTwv68++67Pl3a7LHHHvPd dtttPiv0EHjjunTp0j5dhkhvoke7RRvQ0Rv6Xbp0sW9861JFo0aNcvwSd5MmTbLbHGj19ttvR0uU 8PMCv0u1jVmFbAIb1Lt376D+ZXVt8+bNg86/6aabAosLu6+BnEA7naEms6179+5B51vXjhkzJrPL fI8++mjQdTVr1sz0fOtFpwV0tF3JNNAZgixjfdT3U7Tb3XffHXRtNO+HZPYt3OdXl9zKbNOlNwM9 dF+/V0O3ZHwWQuvkOQJOEyCg47QRoT0IIIAAAgggECpAQCdUhOfpLEBAJ51HP036TkAnTQaabiKA AAIIIIBAtgUOHDjgq1KlirkRpv9i/+OPP852WYm80M0BnQ0bNviKFStmjDW88fvvvyeSirKTKBAu oBN6Uzna5xpQ0GCOfiZj3aIJ6OisGoGzUlSrVs3366+/xlpVSs6fMmVKhpv16hppJpdUNDInAR2d KSXwfZJZQEcDXoHn6jJBmzdvjqrLGsoJvPbbb7+NeN29994bdK5ep7OgZDajixY2Y8aMoOsKFy4c sY7AF5wY0EmWgS7ZlS9fPttNZzvSJaGi3Xbu3OkrVKiQfb2O1ezZszO9PFl927p1q1nqLPB9d+ml l2baNn0xcDk1vVZ/d4Yu35Wsz0KWjeUEBFIsQEAnxQNA9QgggAACCCCQpQABnSyJOCGNBAjopNFg p2tXCeik68jTbwQQQAABBBCIRWDBggW+3Llzm5t7OnuHhg6ctrk1oKMzlgT+C/8nnnjCabS0JwcC kQI6rVu39mX1o7NcjBw50gQaVq5c6Tty5Ei2W5JVQEfL10COdZO8ffv2WS6Dk+3GJOBC/Y6y2h74 qIEmp2w5CehEe61+DxYtWjTI4pJLLomaIDQI1Ldv34jX3nfffUH1qPuHH34Y8XzrhYULF2a4TgMk WW1ODOgkyyB0tpjszGZ3/fXXB7k3bNgwU/Jk9S1wxi59D2kQONxSVaGN1WCPvrc1uFS9enXfq6++ GnRKMj8LQRXzBAEHChDQceCg0CQEEEAAAQQQCBIgoBPEwZM0FyCgk+ZvgHToPgGddBhl+ogAAggg gAAC8RDQG7XWje82bdpkOUtCPOqMpQy3BnSGDRtmuzZq1Mh39OjRWLrNuQ4XCBfQ0RvQyd4yC+jo TBpWqEPbpkvpZDULSrLbn1V9GzdutD9H1veUPg4YMCCrS5P2erQhm3ANivba0GWq1CCW0N+8efOC HK+88spwzTHHwgU4/v7774jnWy8sWbIkqA5tYzTXuSWgE01fYjEId+5rr71mcUb9+Oyzz2Zw178E j7QlY3z197bOfBP4mdWgYDy2ZH4W4tFeykAgkQIEdBKpS9kIIIAAAgggEA8BAjrxUKQMrwgQ0PHK SNKPiAIEdCLS8AICCCCAAAIIIBAkcOjQIV+9evXsG2kaLHHS5saAzty5c326/IzenDz55JN969ev dxIpbYmDgJMDOhrCefTRR+3ZsfR92K1btzj0OvlF6ExUgUsAWTf8b7nlluQ3JkKN0YZswl0e7bW9 evWyv6Mtg2nTppngn4b/svrRpbCs6/SxTp064ZpjjoUGOHR2tWi2cIGTaEItbgjoJMIgdOx1XHTG qFi3WbNmBY2tlvP4449HLCYZ46szLgW+33RfZw6Lx5bMz0I82ksZCCRSgIBOInUpGwEEEEAAAQTi IUBAJx6KlOEVAQI6XhlJ+hFRgIBORBpeQAABBBBAAAEEMgisWbPGV6xYMXNDTZe80ht+TtncFtBR y+LFixtLnbVkxowZTqGkHXEUcGpA56233vJdffXVGW6OFy5c2LdixYo4CiSvqMAluqyb/k2aNElo A3R8S5Qo4bv00kuzrCc0aNG5c+csr7FOiPba//mf/8kwppZFdh7Lli1rNSHDY2iAo2nTphnOCXfA ywGdRBhce+21GcY0s5lvwpnrsfnz52cop2fPnpFO9yVjfMeMGZOhTRoajMeWzM9CPNpLGQgkUoCA TiJ1KRsBBBBAAAEE4iFAQCceipThFQEz77b/L3HYEPCswPfffy8NGjQw/Rs3bpz4/5WVZ/tKxxBA AAEEEEAAgXgI+JfDkQ4dOoh/9g0pUqSILFy4UGrWrBmPonNUxv79+6VQoUKmDP+Nb5kyZUqOykvk xXv27JGLLrpI/EEIU41/GR557LHHElklZadIYPv27eIPcATV7g9kmc9P0MEEP/GHV8T/F15R1VK9 enXR/0+yPk9RXeSAk4YOHSr+IEtQS/LmzSs6Bv5gYdDxeD3xz4IlLVu2NGO8devWTIv1Lx0mQ4YM sc+J5Xsq2mvPP/98+eGHH+w6dKdUqVLiDwMGHYvmido1a9ZM/CGKsKf36dNHRo8ebb/WvHlz+fzz z+3nkXZ+/PFH8c/GFvSyfwYd086ggyFPypQpI/4ZfuyjEydOlB49etjPU7GTDAP/0ofm92xg/9au XSsVKlQIPJTl/k8//ST+GZGCztP37pw5c4KOWU+S0bd+/fqJfxYfq0rz6F+KS+68886gY9l5kszP QnbaxzUIJFPAH1gT/fO7/i7cvXt3MqumLgQQQAABBBBAICqB33//XfxLc5tz/TN2y8MPPxzVdZyE gCcFvJI0oh8IRBJgBp1IMhxHAAEEEEAAAQQiCwwfPtz+V+9nnHGGb8OGDZFPTtIrbplB5+DBgz7/ TW/br3379j5dnofNmwJOnUHH/xcYPp25yR8O8/mDLfb7UY/rT6dOnVw3IPo9pDN7WX2wHt98882E 9WXs2LGmvlq1amVZR7Sz4IQrKNpr/f/4JEP/dbauRGyhM6z4AzpRVePlGXQSYVC3bt0MY/rzzz9H ZR14kj90l6Ecf9g28JSg/WSMrz8ElKFN/oBOUDuy+ySZn4XstpHrEEiWADPoJEuaehBAAAEEEEAg uwLMoJNdOa7zogBLXHlxVOlTkAABnSAOniCAAAIIIIAAAlEJ+GfP8XXr1s2+seafccO3Y8eOqK5N 1EluCOgcPXo0aFkh/2wGvn///TdRJJTrAAGnBnT8s1/5pk+fbguFW+4qXjfK7UqSsNOqVSv7e8kK 6Fx//fUJq/mmm24y9enNz6y2aEM24cqJ9tpwyyEtWrQoXJE5PpaMAEdgI08//fSgsfXPoBP4sr3/ 7bff+p5++mnfl19+aR9L1E4yDMIt1bRgwYKYu/Tpp58G+enn44orrohYTjL6puNkfU6tRw0MxmNL 5mchHu2lDAQSKUBAJ5G6lI0AAggggAAC8RAgoBMPRcrwigABHa+MJP2IKEBAJyINLyCAAAIIIIAA ApkKHD582OdfHsO+uVa/fv2Uhk2cHtDRUNMtt9xie5UvX97nX64lU2NedL+AUwM6oaGNffv2+c45 5xz7/ak3y/Pnz+8LPc/pI/Lhhx8G9UH7ccIJJ/gSMYuMf1k9X9GiRU19/qWesqSJNmQTrqBor33g gQcy9P+dd94JV2SOjyUjwBHYyGgDOgMHDjQG/mWSAi9PyH4yDO66664MYzpr1qyY+/Puu+9mKEfL jrQlo28zZszI0Kbu3btHalJMx5P5WYipYZyMQAoECOikAJ0qEUAAAQQQQCAmAQI6MXFxsscFCOh4 fIDpns9HQId3AQIIIIAAAgggkH0Bnf0lcBkJXbpJgzKp2Jwe0Am82VmyZEmf/uUDm/cFnBrQ+euv vzLgr1y50qcz61gzWehj2bJlfdu3b89wrpMP3HDDDUF90H7oUnLx3l577TW7nj///DPL4qMN2YQr KNpr58yZY7fJGkddRig7m753M5vhK/A7TetKxPJOge1O14DOG2+8kWFMdWm1WLfHH388Qznvv/9+ xGKSMb76PZQnT56gdlWsWDFimzJ7QUPDGoS1tmR+Fqw6eUTAqQIEdJw6MrQLAQQQQAABBCwBAjqW BI8I+HwEdHgXeF6AgI7nh5gOIoAAAggggECCBXbu3Bk080bDhg19u3btSnCtGYt3akBHl7W67bbb 7BuQOuPG0qVLM3aAI54UcFNARwdAZ1uxgh3W42WXXeY7duyYa8bnn3/+8ZUrVy5DPz7++OO49WH1 6tW+YsWKmTquvPLKqMqNNmQTrrBor9VxOvPMM4P6rksQxrotXrzYlytXLp8uwxdpS0aAI7DuMmXK BPXr+eefD3zZ3u/bt685r1evXvaxRO0kw+DAgQP2e836TF511VUxd6lNmzZBfhrG07Ijbcnom9Zt BQesvunjkiVLIjUr7PHly5f78ubN69OZ/KwtmZ8Fq04eEXCqgPU5099bbAgggAACCCCAgBMFCOg4 cVRoU6oECOikSp56kyZAQCdp1FSEAAIIIIAAAh4W0H8FX6VKFfvmX7Vq1Xy///57UnvsxICOBgWs myJ601FviC5cuDCpLlSWWgG3BXRUK9ySOoMGDYoa8siRI757773XV7x4cV+BAgV8rVu39mmgJZnb V1995cudO7f9naSfP70x+eOPP+a4GTqrjLUcWL58+aL+ros2ZBOugbFc++STTwb1W/s+e/bscMVG PHbFFVeYMjRwGWlLVoDDqr9WrVpB/Ro5cqT1UtDjtddea84bOnRo0PFEPEmWwf333x/Ud122bcuW LVF3SWd40veqvhesnwkTJmR6fbL6Fm5ZuvPPPz+mUKAui6X9qlevXlCfkvFZcML3XVCneYJAGAHr z6IEdMLgcAgBBBBAAAEEHCFAQMcRw0AjHCJAQMchA0EzEidAQCdxtpSMAAIIIIAAAukl8Pfff5vZ Fqybf3oTYPr06UlDcFpAZ9myZb6qVavaN0NPO+00s7xq0kCoyBECehPd+kwEPgYuxZKMhp511llB 7di4cWPEag8ePGgHUKw262wqH3zwQcRrAl946qmngurSMipXrpz05e+mTZvm0yCD1Qd9PPXUU30/ //xzYHNj2tdx0xlzrDJ12aBot4cffti+Tq/v2LFjtJf6Qq/t1KlTxGt11q4LL7wwqC79Ltq9e3fE awJf0DCPjre2MbMQxz333BNUR9OmTQOLibj/ww8/BF2n9YRbci20ACs0ZNlfd911oaeY51Z4SpeG SvSWLAP9/Rb4+0QNunbtGrSkU2Z91XMtN32MZsm3ZPVN263v58D26f748eMz65L92oIFC+wwXug1 yfgsOOX7zgZhB4EwAgR0wqBwCAEEEEAAAQQcJUBAx1HDQWNSLEBAJ8UDQPWJFyCgk3hjakAAAQQQ QACB9BHYu3evufFn3WjTm7w9e/b07du3L+EI+/fvt2/wde7cOeH1RapAb+A//fTTvhNPPNFujy4x s2bNmkiXcNzDArpUi/V5CHzctGlT0nqt78mTTjopqB0akshs+/LLL4PO17YXLFjQpzfDs9ouvfTS DNfq9W+++WZWl8b99fnz52dYHkj7MWbMmJhm6NCGrVixImhGrBtvvDGm9t5yyy1BLs2aNYv6+tBr dVaizDb9vtEwUuB7rnnz5r49e/Zkdplv1qxZtleTJk0yNbr++uuDyteZ06LZZs6cGXSdtjGaJY00 DBXYn1NOOcW3ffv2oCrnzZtnn/Prr78GvZaIJ8k00M+szsIWaNClSxefzuCS2TZixIiga0qXLp3B Ldz1yeybvi8rVKgQ1E5dDjKrmZ90aStrObvzzjsv7Ps10Z8FJ33fhRtHjiGgAgR0eB8ggAACCCCA gNMFCOg4fYRoXzIFCOgkU5u6UiJAQCcl7FSKAAIIIIAAAh4WOHbsmO/RRx/15cmTx77ZVrFiRd+n n36a0F47IaCjf6GgN7UDb6DqLA8aXGLzvoAGYX766Sff999/7/v88899L774oi90WR7rvaEznEya NMn3xRdf+PTGe05mdQknqwEgLVc/dz169Ah6T2obGjVq5JsxY4ZpqwZPAjedDUuXB7LaGviYN29e X+/evX1z5syJ2Oa2bduGvVbDBKnYfvnllwyzj2ifdBmdd955x3f48OFMm6XLlN1xxx0+7btlceut t2Z5nc56osGTr7/+2swGosEg63p91CW4HnvsMZ+GiBYvXuzbtWuX3Y6srtW26PI9GkjRcdb3Xuim 30ehoQcNM+jMZqGhDn2/3H777Xb7SpYs6duwYUNQkfo9pu3UZfqeeeYZX/78+e3zrX49+OCDPg13 6Xlbt261r9cghf6/97vvvhv2M9G4ceOI70erEF0yUGdms+rSR13Oyvp+1WWcrFlm2rRpY10W18dU G6hriRIlggw0rBX6/aHvafX+n//5n6BzdSYrPR5uS3XfdBal2rVrB7VXx1hn/9mxY0dQk3fu3Okb N26cWUJPzylcuLBv6dKlQecEPon3ZyGwbKd93wW2jX0ELAECOpYEjwgggAACCCDgVAECOk4dGdqV CgECOqlQp86kChDQSSo3lSGAAAIIIIBAGgnoTBuBN4d1Nh2d2Wbz5s0JUUhlQEfrHjRokH2zUG8Y 6kwHL7/8ckL6SqHOFNCloXTss/OjM9zEc7v77rujbkeNGjWCqtbwRTR9OPvss4Ous548++yzYa+P dgkkq5x4PupSN5MnT7YDHIH9K1WqlAkBvPDCCyZcot9dr7zyiq9Pnz6+Vq1aBc1aUqhQIZ/2L5pN gzmB9WS1//rrr9vFxnptpJCRhq10pp/AwKS2Q5fc075pgLBu3bpB7dTjujRb6PbJJ58EnZdVfwKX /wqdzSeza2vWrBlatf1cl1kLDQbpbGUXXHCBPU46RtHMyGMXGsOOEwzWrVtnlkfTgFego87Upjfh NfxXoECBoNfy5cvn69+/v+/AgQMRe+uEvmlI6KabbgoKw2kf9c8PGr5q2bKlTwO/gf3Wz+8333wT sV/WC/H8LFhl6qMTv+8C28c+AipAQIf3AQIIIIAAAgg4XYCAjtNHiPYlUyCXVub/H182BDwr4P/X rdKgQQPTP/+/wJJevXp5tq90DAEEEEAAAQQQSLbAv//+K/369ZPnn39e/DM8mOr9wRXx3yiUe+65 R/w3VuPWJP+NR/HPUGHK8weBZMqUKXErO1JB+r9Lb7/9tumjf/YG+zT/khcyceJE8QeU7GPseF/A P3uU+EMrsnHjRvPe9t8kF3+YQPyznYj/ZroNoJ8Ff2BEDh06JP5Qj+h7V8/1L/Nin5PTHf3M+UM6 5jPhDyyY8rUN/hvd5rPoD3SIf5YW8YfLpH379uZ9bNU5duxYue+++0Svs671BzzMy9p2bbN/NhM5 88wz5bfffrMuC3ocOHCg+EMu4p/5QvxL1Yh/KSLxz44h/lkugs5L9hMdo6lTp4p/li9ZuXJl1NX7 Aw5y8803yyOPPCL+QEBU1/lDA+KfqciMgX436fed9V7Q7w5ti469joN/Rhvxz6Yk/nCFKTv0Wr1e r7XGT98/1hjq96y+l7SNkbbff/9dhg0bJv4Zg8x14c7T8ezbt6/5f2KtJ3SbO3eu+Gdrsd9T2h99 X+i52h/rvaHvKe2Tf3YgeeCBB0wx/pnFxD/Tj22hbbU+E3qd9t96P15++eXy1ltvhVZvP/fP4CP+ 8JTo/8uHbqeffrr4l+kSf+go9KW4PHeKgXZGP3uDBw8W/5JhZvzDdVC/V/T30fDhw+Xcc88Nd4p9 zEl984eQZOTIkeKfZSxi3/yhL7nhhhvMZ1K/Y6Ld4vFZCK3Lqd93oe3kefoK+GfTEv+SceKfhUx2 796dvhD0HAEEEEAAAQQcK6B/TveH8k379P9dH374Yce2lYYhkGgBAjqJFqb8lAsQ0En5ENAABBBA AAEEEEgDAb3Z7F8iRpYtW2b3tmzZsubGmn/5CnPj2X4hmzvJDuh89tlnMmDAAHPT2Wqyf1kY8S87 I/6lfMxNa+s4jwiks4AGKjSo4l8KxtwgdIKFhkK0Xf7ZcszP2rVrTZhIQ1IaONGb/xr2qFatmgkw aTBFb2y6fdNgj/ZVw0n6F6AarClTpoxUqVJF6tWr56rvLW2//m7xL6UlJ5xwggk3aTAns6CS28cv XPs16KWBFh1T/786NcEv/V2kv2M18BXPIGy4+hN5TINb+n7Vfq1evdr0TT+X5cuXF/+sSTn6s0Oi PgtO/L5L5BhRtjsECOi4Y5xoJQIIIIAAAuksQEAnnUefvocKENAJFeG55wQI6HhuSOkQAggggAAC CDhUQG+G6awyOgOFzqphbXpjWP9lTKdOncxsDNbxWB+TFdD56quvzKwF8+bNs5uos6Tcddddov+K PpZ/yW8XwA4CHhYYP3683HnnnWZ2Fg2wOXnTsINu1oxBTm4rbUMAAecJuOn7znl6tChRAgR0EiVL uQgggAACCCAQLwECOvGSpBwvCBDQ8cIo0odMBQjoZMrDiwgggAACCCCAQNwFdIaKxx9/XJ555hmz vItVQeXKlc2yOjfeeKNZVsc6Hu1jIgM6etNelwYYNWqUmW3DapPOtHHdddeZ5XIqVapkHeYRAQQC BHRGqTfeeMMseXXTTTcFvMIuAggg4C0Bvu+8NZ5e6Q0BHa+MJP1AAAEEEEDAuwIEdLw7tvQsdgEC OrGbcYXLBAjouGzAaC4CCCCAAAIIeEZg8+bNMmLECHnxxRfl0KFDdr+KFCkiHTp0kOuvv15atGgh OjtNNFu8Azq69Iv+WXHq1Kny7rvvyl9//WU3Q4M5erNjyJAhUrt2bfs4OwggECygs2XpUjsHDx6U 7777Ts4///zgE3iGAAIIeESA7zuPDKQHu0FAx4ODSpcQQAABBBDwmAABHY8NKN3JkQABnRzxcbEb BAjouGGUaCMCCCCAAAIIeFlg06ZNosvevPTSS7J///6grp500knSrFkzueyyy8yPzrITaYtHQGfb tm3y2Wefydy5c+XTTz8VDREFbrlz5zbhIV2Sq27duoEvsY8AAmEEhg8fLg899JCcc8458vPPP4uG 29gQQAABLwrwfefFUfVGnwjoeGMc6QUCCCCAAAJeFiCg4+XRpW+xChDQiVWM810nQEDHdUNGgxFA AAEEEEDAowK7du0yy+BoUGf58uVhe6kzcTRs2NCEY2rWrCm1atWSkiVLmnNjDejs3bvXBAa0rp9+ +km+/vpr+e2330RnzgndypQpI926dZPu3btLxYoVQ1/mOQIIhBFYtWqVmTFHP2tTpkyRzp07hzmL QwgggID7Bfi+c/8YerkHBHS8PLr0DQEEEEAAAW8IENDxxjjSi/gIENCJjyOlOFiAgI6DB4emIYAA AggggEDaCmhQZubMmTJr1ixZtGiRHD9+PKJFgQIFpFixYuZn5cqV5rzy5ctLmzZtJG/evLJnzx7Z vXu3eQzc37dvX8Qy9YVq1apJ+/btzVJWF154oeTJkyfT83kRAQT+T+Cff/6RBg0aiN60rlSpknnk M/R/PuwhgIB3BPi+885YerUnBHS8OrL0CwEEEEAAAe8IENDxzljSk5wLENDJuSElOFyAgI7DB4jm IYAAAggggEDaC+jMOvPnz5evvvrK/OgyOZkFdrILpqGepk2b2j/lypXLblFch0DaC2i4TQN2J5xw gsybN8+EddIeBQAEEPCkAN93nhxWT3WKgI6nhpPOIIAAAggg4EkBAjqeHFY6lU0BAjrZhOMy9wgQ 0HHPWNFSBBBAAAEEEEBABXQpq7/++ks2bdoU9PPnn3/K7NmzwyKdfPLJcsYZZ2T6c9JJJ4W9loMI IBCbwMaNG+XMM8+UXLlyyauvvipdu3aNrQDORgABBFwiwPedSwYqzZtJQCfN3wB0HwEEEEAAARcI ENBxwSDRxKQJENBJGjUVpUqAgE6q5KkXAQQQQAABBBCIr4AGdwoWLGgK7dixo4wfP16OHTsmRYoU kfz588e3MkpDAIFMBcaNGye1atWSxo0bZ3oeLyKAAAJuF+D7zu0j6P32E9Dx/hjTQwQQQAABBNwu QEDH7SNI++MpQEAnnpqU5UgBAjqOHBYahQACCCCAAAIIxCwQGNDp1KmTvPHGGzGXwQUIIIAAAggg gAACCHhJgICOl0aTviCAAAIIIOBNAQI63hxXepU9AQI62XPjKhcJENBx0WDRVAQQQAABBBBAIBMB AjqZ4PASAggggAACCCCAQFoKENBJy2Gn0wgggAACCLhKgICOq4aLxiZYgIBOgoEpPvUCBHRSPwa0 AAEEEEAAAQQQiIcAAZ14KFIGAggg4H6BvXv3SuHChSV37tzu7ww9QAABBHIoQEAnh4BcjgACCCCA AAIJFyCgk3BiKnCRAAEdFw0WTc2eAAGd7LlxFQIIIIAAAggg4DQBAjpOG5HM23P06FHJmzdv5ieF efXYsWOSJ0+eMK9wCAEE0lFg+fLlMmnSJPntt9/kzz//ND/79++XAgUKSMWKFaV69epy9913S6NG jdKRJ6Y+6/frjh07ZOfOnfbPrl277P3OnTvLueeeG1OZyTjZ5/PJ4cOH5YQTToipuuPHj8uRI0ey vC6W3zvajvz58we14+DBg0HPY32iQbPQMmMtI9L5/C6OJOOt4wR0vDWe9AYBBBBAAAEvChDQ8eKo 0qfsChDQya4c17lGgICOa4aKhiKAAAIIIIAAApkKENDJlMdRL86fP1+aN29u2nTiiSeam6N681Fv QubKlctuq9501Rujhw4dMj86xqVKlZLVq1dLoUKF7PPYQcApAgsXLpSvv/5aSpcuLW3btpXixYs7 pWmeaod+J0yZMkVefPFF+e677zL0Tb9X9PsicGvVqpVMmzbN8d8dqXwPzZ07V1q2bBnIFrR/2223 yYQJE4KOOeHJ+vXrpUKFCub3hwaz9Ed/p2gINPB3igZyNJCi7x99f2iYpmrVqrJy5cpMu3HWWWfJ H3/8IQULFjQ/Wq41O5P+ntKQj5anQRwtX0NO1mdf69L25HTTGaFOPfVUKVmypJx33nnSrFkzadKk iTmW3bL5XZxdOfddR0DHfWNGixFAAAEEEEg3AQI66Tbi9DczAQI6menwmicECOh4YhjpBAIIIIAA AgggYG6O6c0z3Tp16iRvvPEGKg4V0NkuunXrlu3Wbd26VUqUKJHt67kQgUQIDBs2TAYNGmQXXaxY MdGwxTnnnGMfYyfnAhqmuP7662XZsmV2YTpzSteuXaV79+5SrVo1KVq0qPz777/yww8/yJ133mkH MPQm9YwZM+xwhV2AQ3ZS/R5ya0Bn+/btUr58edGZk2LdsgroaADHCuNEW3ZgQEcDOxos1VmJ4r1p u6644grp06ePXHjhhTEXz+/imMlcewEBHdcOHQ1HAAEEEEAgbQQI6KTNUNPRKAQI6ESBxCnuFiCg 4+7xo/UIIIAAAggggIAloP96nYCOpeHsx71798qWLVtMqGrfvn2yYsUKeeqpp2TVqlUZGq6zkNx8 881y+umni84gkC9fPqlUqRLLXGWQ4kAqBTQYoKEQvRkfuHXs2FHefPPNwEPs50BgzZo1JoigAQhr 0++Il156yYQgrGPW46+//ioXX3yx/PPPP9Yh+eKLL8zsI/YBh+w44T3033//iRqr15w5c2TEiBFB Ok6dQUcbqb9Ttm3bZoJZ+rvkySeftINZgZ1o166d+Z2is1wVKVLE/LlBwz2ZbYsWLTLhnyVLlsjT Tz8tmzdvDjpdZ7a55557pEGDBmZGG10GLHApRn2/avs0NLZ27VpTxuLFi4PK0Cfjx48371drOav/ x96ZwN9Q/f//2NdCZEl2WcuStbJFkRZFfe0Skoqi7KUiKspS9G0vKkX4FqEvCmX5SrJ8UalEoST7 ki2a/7zO7z/znZl75965987MnXvv6zweHzNz5izv83yfmetzz+vzPoi+g6g8+Nm1a5dYs2aN/Nmy ZYuMLmdsAJGPpk6dKqN3GfMjnfOzOBKd9LpHgU56+ZOjIQESIAESIIF0JECBTjp6lWOKlwAFOvGS Y72UIUCBTsq4ioaSAAmQAAmQAAmQQEQCFOhExBP4m5988oncEshoKKJiHDlyxJXtQYztun0+YsQI Gc2jX79+EbeHcbtftucegUR9iKguVatWDTEI29BAEMKUOAFsT1SjRg0B0Y2WmjRpIhYvXmz7jhg0 aJCYMGGCVlweEeVo1KhRprwgXARxDrVu3VoKdTQ+QRboaDZqRwiMYL8xYaupw4cP284XY1m7c4iX 2rVrpz/X9erVE/j8gkjHaUL0p1q1apmKX3TRRY6j7CAaD+YwBD3YBlJLsAHRA1u2bKllxXxM5c/i mAebQRUo0MkgZ3OoJEACJEACJJCiBCjQSVHH0WxPCFCg4wlWNhokAhToBMkbtIUESIAESIAESIAE 4idAgU787IJQc9OmTaJ27domU7AtyN69e015QbyAMAOL66+99pro3bt3EE2kTVEIJOrDs2fPikKF CoVssdO/f38ZLSNK97ztgMCsWbNEhw4d9JKXXnqp2Lp1q4xcpGdaTrp27Rqy3eEDDzwgJk+ebCmZ /MsgziFsDwYRiJZSSaDj5WfK6tWrRaNGjSSWefPmiTZt2miIHB2xTSM+34ypUqVKYaPIGctYz999 9125tRu24dJSvnz5BCL+XH755VpWTEcvucVkCAu7SoACHVdxsjESIAESIAESIAEPCFCg4wFUNpmy BCjQSVnX0XCnBCjQcUqK5UiABEiABEiABEgg2AQo0Am2f6JZt3nzZlGzZk1TMWxr9euvv5rygniB rdUw/yjQCaJ3nNnkhg/HjRsnhg0bpneI7XPw+2aVKlX0PJ7ET6Bbt25i+vTpegMjR44UTzzxhH4d 7gTPZJ8+fUy3Zs6caRL6mG4m+SJoc2jgwIFi4sSJOpVUEuh4+ZmCCDZaxBxspwVxTSxp//79omjR oqYqlStXDrsll6lQmAuriApFLrvsMrFu3bqI4rUwTcksL7nZ9cl87wlQoOM9Y/ZAAiRAAiRAAiSQ GAEKdBLjx9rpRYACnfTyJ0cThgAFOmGgMIsESIAESIAESIAEUpDA6dOnRZ48eaTlnTt3DomakIJD yiiTU3VRcM+ePaJUqVLSVxTopOaUddOHGzdulFsuIYoFomqUKVMmNaEE0OqGDRuKtWvX6pZha6to W/kgsgiEPLNnzxY5c+YUiKiDba+CnII0hyjQCT9Tjh07potfduzYIcqVKxe+oE2umwKdn376SQqE sAWcMY0dO1YMHTrUmOXoPFU/ix0NLoMLUaCTwc7n0EmABEiABEggRQhQoJMijmhqDAcAAEAASURB VKKZvhCgQMcXzOwkmQQo0EkmffZNAiRAAiRAAiRAAu4RoEDHPZbJaClVFwWxCDp8+HCJjAKdZMyc xPukDxNn6EcLiESEaCVawvZW1atX1y559IAABTrhoQZJoAMLETFn+/btJmNbt24tPvnkE1Oek4tU /Sx2MrZMLkOBTiZ7n2MnARIgARIggdQgQIFOaviJVvpDgAIdfzizlyQSoEAnifDZNQmQAAmQAAmQ AAm4SIACHRdhJqGpVFwURMSCihUrip07d0piFOgkYeIk2CV9mCBAH6tbBTrxbC3ko7lp0RUFOuHd GDSBTosWLcSyZctMxmKLvSNHjoisWbOa8qNdpOJncbQx8b4QFOhwFpAACZAACZAACQSdAAU6QfcQ 7fOTAAU6ftJmX0khQIFOUrCzUxIgARIgARIgARJwnQAFOq4j9bXBVFwUnDlzpujUqZPOiQIdHUXK nNCHKeMqQYGO/76iQCc886AJdBo0aCDw3ZYxZcuWTZw5c0bgGEtKxc/iWMaXqWUp0MlUz3PcJEAC JEACJJA6BCjQSR1f0VLvCVCg4z1j9pBkAhToJNkB7J4ESIAESIAESIAEXCJAgY5LIJPUTKotCiJa wU033SQw77REgY5GIjWO9GFq+EmzkgIdjYR/Rwp0wrMOkkDn3Llz4sILLxSnTp0yGVuuXDmxY8cO U56Ti1T7LHYyJpZhBB3OARIgARIgARIggeAToEAn+D6ihf4RoEDHP9bsKUkEKNBJEnh2SwIkQAIk QAIkQAIuE6BAx2WgPjfn5qIgti06fPiwOHjwoLj44otFoUKFQkaDRU0sXubJk0dceumlIkuWLCFl 7DIWLlwoOnToIP78809TES8EOnv37hXffvut+PXXX8WJEydEgQIFBBZer7rqqphs1gxFRIUDBw6I XLlyiSJFimjZ+nH37t1SdFSmTBmRM2dOPT/ayfbt28WePXvEb7/9JrdVKV68uKhQoYIoX768wFYr biZFUSSTXbt2CfD566+/RNGiRUWJEiXkD2yPlrz2IRbwwRkMMb/iSZjHW7ZsEfAJxpkjRw5RuXJl UbVqVVGwYMF4mtTreP2M6B25eBKvQOfs2bPyfXDo0CGBn7x584ratWs7tixZrOKdQydPnhTr168X +/btk+PGQMuWLSufRTwb2bNnF2Dy3nvvibp164orrrjCloVTgQ7eKz///LNkG+v71LbzBG+4+Zli NSVIAp1w44S9Dz/8sJgwYYLV9KjX4dq75JJL5GdQ1MosEFgCjKATWNfQMBIgARIgARIggf9PgAId TgUS+B8BCnT+x4JnaUqAAp00dSyHRQIkQAIkQAIkkHEEKNBJbZfHuygIAcOjjz4qxTgQRECUA3EO FtWRjKKZnTt3imeeeUasW7dOCjywSI0EkQ7EJM2aNRNPPvlkWEEPBCiTJ08Wq1atEhs3bpT1rP/U qlVLLoRb83Fdr1498cgjj4S7FTYPWy+hvy+//FJAkGJNpUqVEl26dBFdu3YV1atXt96W19OmTRNo B1w0NhD5IJUuXVr88ssv8hzCmsGDB4slS5ZIAQMyISzp2bOneP7556WYRxa0/LN//37x6quviunT p4vvv//ecvd/l+CKhX5EHIpFCPW/Fv7v7I8//hBjxowRH330kRQDWe9r1xCx9OjRQ3Tv3l1AKKQl L3x4/Phx2Q/mHX7AGSIQiIaQ4CPwiSVBjDV69Ggxd+5cKbIIVxdiJIwPfrvooovCFdHz/HpG9A5d OrnvvvvE77//rrf22WefSZGalmH3vIE9GMIXeBdYhXQ333yzmD9/vtaM6ZgMVm7NoUWLFonx48eL FStW6PPPNDj1olixYqJ3797i888/l++yNm3aiHnz5lmL6deRBDo//fSTeOqpp8TKlSsF3q3nz5+X 9fA+rVixomjatKnt+1TvwMOTeD9TnJgUJIEOnpNXXnnFZDYENficwzHW5CW3WG1hefcIUKDjHku2 RAIkQAIkQAIk4A0BCnS84cpWU5SA+kUgEwmkNYG1a9fi2275M2XKlLQeKwdHAiRAAiRAAiRAAulM QN3eQf9/XefOndN5qGk5tv/+97+6/7T/n6uLi1HHunjx4pB6Wn0cVYGOokbLUZ544gkld+7celk1 goxSsmRJRRWM6Hkor0ZiURYsWBDS78cff2wqZ+zDybm6EB7SZrgMVdyhqNF5TH2p25coqrhFueuu u5QmTZooagQM0/0XXnghXFPKgw8+aCpntDNfvnyyjipUUPLnz29bThWBhG1bFeQoaiQfvZ66KK+o QhylT58+yj333KNcffXViiry0e+j72rVqinqQn7Y9qJlqiIC6RvjGHCuRgRRbrzxRtm3GinJ1B98 qQou9Ka98KEqUjL1abVPFejo/Ts5effddxU1Oo6pTVVUoWD+wP+NGjVSsmbNqt/H3MDcVqOm2Dbv 1zNia0CcN9ToS/o4rVwTuVYFOrYWJYNVonMI7zdVkGZidc0118jnUBXQKGoUFUWNpqKoEYhMZcCw ZcuWtixwA/WMrO+9915FFeIoqnDH9B6K9X0asVOXbsb7meKk+6NHj+pc1EhsTqqYyqhiQ72+xlcV FprKOLmYNGlSSDtqxDJl06ZNTqqHLeMlt7AdMtMXAnjvYa7h84WJBEiABEiABEiABIJIAN8xaP83 Vv9gJYgm0iYS8I0AI+iobwOm9CbACDrp7V+OjgRIgARIgARIIHMIMIJOavs63r/aR+QWRJpRF0zF 8uXL5RZLRhKI8IL/87/55psyu1WrVjLqQ82aNeVWL0eOHJERJebMmaNXQ0QSRFsxbo2Fv+aaMWOG XgYn2D4E0S+0pIpShLrgrV2ajrfeeqtAxI9IadmyZeLOO+/UtxJRhRjSNkRTwVZdWtq2bZuMbrNm zRotS0bOQLQLY0KkGVVwILdHQvQRbH2jJVWgIyNtqIIfGWGkfv36cjwjR44US5cu1YoJVdQkt6zC llhawvZgiOCjRTfBtluIWII2jQl2qgv64osvvtCzseUVInyo4ig9L9IJIv4MGDBA9x/KZsuWTYwY MUI88MADonDhwnp1RE1C1KBevXrpeegHW0Qhco8XPkR0luHDh8t5gHFh2zRjchpBB9GIwOrDDz/U q7dt21ZMnDgxJCoTtvZ66KGHTGUbN24so8LAF9bk1zNi7TfRazzXiICjJfUPamSUIu060vOGMqpo U6hCBfkMaHVwjBRBJxmsEp1DqkhDbmeEsWG7KkQNa9iwIS5DEubToEGD9KhceF/hHWGXrBF07r77 bhnFCJG5kOJ9n9r152Z+vJ8pTmxIdgQdROtC1JzHH39cjxYHu7FtIXzTokULJ8MIW8ZLbmE7ZKYv BBhBxxfM7IQESIAESIAESCABAoygkwA8Vk0/Ar5JgdgRCSSJACPoJAk8uyUBEiABEiABEiABlwkw go7LQH1uzo2/2j9z5oyibq2i/9WV+hu6UrZsWXmNCA+qwCbsqBCBomrVqqZ6iBARLSHCD/rQfhCt J96kbhej5M2bV28LkX1UsYltc3v37lXUxVi9PGxAlBm7hIgKxsgriHijLubL+uoWWQoiQiDVrVvX 1Cai9Wj3tLbV7XFMZdC3KoTSbpuOYNugQQNTeUSKUEUJpnJ2F6oAwFQXUY9UIYxdcUVdhDSVh20b NmywLe+mDxFZpHbt2qb+nUTQUbdaM9WD79WFd0UVHNnajb769u1r6ksVnYX4ytqA38+Itf9ErjFv tGcNR0R/cpJuu+02U71IEXSM7SWDVaxzSBWf6e8NRMVyEs3ljTfe0HnEGkFH4x/pfYoxxPM+NbJ3 49yNzxQ7O7yIoFOpUiUZ7Q3vTOOPKlKUflW3V1RmzZqlIKqZMRqc5hNEUVK3dbMz2XG+l9wcG8GC rhNgBB3XkbJBEiABEiABEiABlwkwgo7LQNlcShPAX9UwkUBaE6BAJ63dy8GRAAmQAAmQAAlkEAGj QKdTp04ZNPL0GKpbi4I9e/bUF5+1hUscsRVIpDRmzBhTvRo1akQqLu+5Ke5o3ry5qX8stkZLEOQY x4htpSIlbJVkLI9zbAP1888/69XUaDCmMhA3WNOTTz5pKoN2unbtai2mX6uRdEK2u3IiZnr77bdD +sEWRJGSGqUopI4aHcm2ips+RCf9+/c39e9EoKNGLTLVwZZVTpN1GzMn88bPZ8TpOJyUi1egg/Do xnnvVKADm5LBKpY59M477+hjU6NgOcEohV/a9nTxCnS8eJ86Mj6GQm59poTr0guBjnGOOj3HdlZ4 5tVoauHMjCvPS25xGcRKrhCgQMcVjGyEBEiABEiABEjAQwIU6HgIl02nHAEKdFLOZTQ4VgIU6MRK jOVJgARIgARIgARIIJgEKNAJpl+cWuXWoqC69Y++YK0tciIKS6RoJLBx7ty5pnr58+eParpb4o7X X3/d1Le6hZPy22+/Re0fBSDK0caJY6SFWkRoMJbF+fjx4039/PXXXzLvjjvuUJ599lll3759pvu4 MIoCtPbGjh0bUs6YYY2io275Zbwdco5+1a3GTPZed911IeWsGer2VqY6iBSkbmNmLaZfu+VDrUFE vtGY4BhNoLNx40YlR44ceh1ERVK3TdOai3pUt7pREDnF2OeCBQsi1vPzGYloSIw34xXoqNs6mfjE ItBJBqtY5tDQoUP1sV144YXKH3/84YjqkCFDZL14BDpO3qdW8SCEJH4ntz5TwtnthUAHEc7wzrP+ gJ3x+TaelylTRkYvQ9Qit5KX3Nyyke3EToACndiZsQYJkAAJkAAJkIC/BCjQ8Zc3ews2AQp0gu0f WucCAQp0XIDIJkiABEiABEiABEggAAQo0AmAExIwwa1FwYcffjhkMXPhwoVRLcP2IcaFT5xD/BAp uSHuwFZPBQoUMPXdokWLSN2a7lkX8wcNGmS6b7ywChywILxnzx5jEUfnhw8fNm3JBOEPttyKlO65 5x7TGKNFKEJEHqM/sO1TpK2qtL4h7AE/iF6qVaumTJ06VbsV9uiGD40NI/qN0e5oAh1rxB8IjGJN HTt2NPXZqFGjiE34+YxENCTGm9b563SLq0QEOslgFcscspatU6eOsm7duqhk8VxgnrZr1y5i2WSM P6JBMdx06zMlXJdeCHQwv+0S+sM2haNGjVKwzZ/xHYNzCCDxXnYjecnNDfvYRnwEKNCJjxtrkQAJ kAAJkAAJ+EeAAh3/WLOn4BOgQCf4PqKFCRKgQCdBgKxOAiRAAiRAAiRAAgEhQIFOQBwRpxluLQqG W1COJh6ByevXrw9Z9IxWzw1xhzXSBBZbEbnGafriiy9MdkdacLcKHK699lqn3YSUO336tLJy5cqI EXuMlSZMmGCys0KFCsbbpnOIlhD5xrgIXaVKFVMZty7c8KHRFqtgIpJAJ9ycmzZtmrE5R+cvvvii iRW44ctNu+TnM2JnQzz51vmbLIFOtPcCxhbOt07qoW4scwhbvhmfE+38lltuUWbMmKFs3rxZOXv2 LJo1JUTK+uSTT5Tff//dlG+9SNW5gnG49ZliZYJrvwU6RhtOnDih3HnnnSF+hzDv5MmTxqJxnXvJ LS6DWMkVAhTouIKRjZAACZAACZAACXhIgAIdD+Gy6ZQjQIFOyrmMBsdKgAKdWImxPAmQAAmQAAmQ AAkEkwAFOsH0i1Or3FoUtC4olyhRwpEJ8SyouyHu6NevX8hC65w5c5Rz5845+sFWWNqiPI61a9e2 Ha9V4BAp2o5tIw5u/PLLL8pnn30mBQKTJ09WRowYoTRu3NhkZySBDiIeGceE8x49ejjoOfYibvjQ 2Gss4gprWYwToqdYE4QqVl7jxo2zbcbPZ8TWiDhuWOdvMgQ6Xr5PNCTWeRFJ5IXt0IoXLx7if+N8 QDQpvBcGDhwon8szZ85oXUU9pupcwcDc+kwJBymZAh3Ygy0bsU2g0c84v//++8OZG1Oel9xiMoSF XSVAgY6rONkYCZAACZAACZCABwQo0PEAKptMWQIU6KSs62i4UwIU6DglxXIkQAIkQAIkQAIkEGwC FOgE2z/RrHNrUdC6oNysWbNoXcv7yRLoINKFdZE1ketSpUrZjtcqcJg0aZJt2VhuHDp0SHnrrbcU LAAWKVLE0XgiCXRgl5XBmDFjYjHJcdlkCnTat28fMs5IkW/sBrVixYqQdvr06WNXXPHzGbE1Io4b 1vmbDIGOl+8TDUksAh3UWbBggYLt6qzPjN11sWLFlDfffFM5f/681qXtMVXnCgbk1mdKODjJFujA pj/++EPJmTOnye8XXHCBAtFWIslLbonYxbqJEaBAJzF+rE0CJEACJEACJOA9AQp0vGfMHlKHAAU6 qeMrWhonAQp04gTHaiRAAiRAAiRAAiQQMAIU6ATMITGa49aioHVBuXnz5o4sSZZAp169eqYFViyq IyJG9erVY/6pWbOmMmDAANvxWgUOs2bNsi3r5Ma+ffsUCEEQocMqBkCkkbZt2yqjR4+WYgCrECmS QGfo0KEh7WEbJy9SMgU62JLGym3Hjh0xD3Pjxo0h7bRq1cq2HT+fEVsj4rhhnb/JEOh4+T7RkMQq 0EE9sMAzZ51Pka6vvvpquVWT1m+4Y6rOFYwF23tZx1+0aNFww4w5D1uDaW3v3Lkz5voQ12j1tSPm d6zp+uuvD2ln+vTpsTZjKu/WZ7GpUV4knQAFOkl3AQ0gARIgARIgARKIQoACnSiAeDujCFCgk1Hu zszBUqCTmX7nqEmABEiABEiABNKPAAU6qe1TtxYF/VxQdkPc0aBBg5AF1u3bt3vizHgFDuGMmTZt mnLhhReG2N6wYUNl3rx5cgsWY70XXnjBVDaSQAdb8WiL1toxHQU6V155Zcg4t2zZYsTm6Pyrr74K aQfb39glP58ROxviyY93/k6cONHEBwvVTlMyWMUj0MF4jhw5oowfP15uZ+U0og4ER2fPnrXFkYzx 2xoT4w2jiEZ7j2TLls1R5KBoXW3atEmfU4cPH45WPOS+WwKd3r1763ZoY0x060K3PotDBs2MpBKg QCep+Nk5CZAACZAACZCAAwIU6DiAxCIZQ4ACnYxxdeYOlAKdzPU9R04CJEACJEACJJBeBCjQSW1/ urUo6OeCslOBzpo1a5Tnn39eWb58eYiTwm1z9OWXX4aUcyMjXoGDte/JkycrWbJkMS0Mly9fXlm2 bJm1qH4di0AHrLTFZu345JNP6m25eeKGD432xCKusEYVwlhXrlxpbM7R+aeffhrCC9GL7JKfz4id DfHkxzt/M0WgY2QK0cjSpUuVCRMmKJ07d1aw9Z32LFmP2J7OLqXqXNHGkydPnpBx79+/X7sd93Hu 3Lmy3dy5c8fVhlsCHURMs/rzxhtvjMsmrZJbn8VaezwGgwAFOsHwA60gARIgARIgARKwJ0CBjj0b 3sk8AhToZJ7PM27EFOhknMs5YBIgARIgARIggTQlQIFOajvWrUVBPxeUnYo7HnvsMbmI2rdv3xAn DRkyJGSBNdGtp0I6+f8Z8QocjO0hwos1OkfhwoUVfJkWKcUi0NEWv40Lzz179ozUfNz33PChsfNY BDoPPPBAiO+dbttk7HP27Nkh7aBtu+TnM2JnQzz58c7fdBboQJx13XXXKUuWLImKFFuh9erVS0EU GeOzVb9+fdu6qTpXtAFdfvnlprFi3Ig4lWi6//77ZbtXXHFFXE25JdAJF20sUnQyJ8a69VnspC+W 8Y8ABTr+sWZPJEACJEACJEAC8RGgQCc+bqyVngQo0ElPv3JUBgIU6Bhg8JQESIAESIAESIAEUpgA BTop7DzVdLcWBf1cUHZD3LFo0aKQBWQsusaTsOh7/Phx26rxChyMDbZp0ybE3tWrVxuLhD1/7rnn TPWMi8j79u1Tbr/9dmXMmDGy7q+//hoiIkCEnngStu/5+++/bau64UNj47EIdN577z0TE4gHEJ0o 1jRu3LiQdj766CPbZvx8RmyNiONGvPM3nQU6mi8h0nGaPvzwQyVXrlz6nEGUGbtnRGtfE/RgSywn af369Xr7Wt29e/c6qepqGevzCFsSjcZ15swZ5dJLL5Xjg8AynuSWQEcTf2qMcYQACzbGm9z6LI63 f9bzhgAFOt5wZaskQAIkQAIkQALuEaBAxz2WbCn1CVCgk/o+5AiiEKBAJwog3iYBEiABEiABEiCB FCFAgU6KOMrGTLcWBf1cUC5ZsqRpEfqVV14JO7pBgwbJcv369Qu5f/78eaV06dKmdqpVqxZSLlrG 119/Lbedql27tm3ReAUOWoOwFVu6GBeDq1Spot2OeOzUqZOpnlGgs2PHDnkvX758ehvaYqKxLyz6 x5I2b96sZM+eXalXr55tNTd8aGzcKgjo0qWL8bbpHO+sggULmrhAqBRrwpY2Rk4XXHCBgrbtkp/P iJ0N8eTHO3/TWaDz4IMPSt9jnh86dMgxVmv0ppMnT4atm6pzRRvML7/8EhLxq27dutrtuI6PPvqo /rzh+6R4klsCHevc1t4D33zzTTxmyTpufRbHbQArekJA+0zFZw4TCZAACZAACZAACQSRAAU6QfQK bUoWAQp0kkWe/fpGgAId31CzIxIgARIgARIgARLwlAAFOp7i9bxxtxYF/VxQrlmzpr5Qi4XRsWPH huXUvn17Wc4ucoM1ugzaWrBgQdi27DLbtm0r+2jUqJFdESVegYPW4K5du0zjhZ3du3fXbkc8li1b 1lQ3mkBn4cKFpvLoC1vxQCTkNGFbLNSrU6eObRW3fKh1EItAB3UGDx5sGicim/z+++9ac1GPECDk yJHD1MbLL78csZ6fz0hEQ2K8Ge/8tYoYsFDtNCWDVSxzSBPoYJ5PmDDB6bCUOXPm6HOmRIkStvWS MX5bY+K80blzZ32s4ISff//733G1tm7dOin6Qxt33XVXXG2gklsCnbfeeitkbLAN/g2XRo8erRQp UkRZuXJluNsyz63PYtsOeCMpBCjQSQp2dkoCJEACJEACJBADAQp0YoDFomlPgAKdtHexuwM8d+6c 8ttvvyk//vijcuLECXcb96g1CnQ8AstmSYAESIAESIAESMBnAhTo+Azc5e42btwYstBYvHjxmHsZ MGCAqZ1mzZo5agMLr9rirXbEVkuRkiaK0cp36NAhbPHq1avLtrGlUbiE36OuuuoqU/8QIxw+fDhc 8ZA8iHmyZMki60cSZ1x22WWmPubNmxfSVqQMPGPWCDrY8ipa2rRpk6lf8MIWMVrSFoStf9kfbmH9 pZde0qpFPGIBOmvWrLLfSHXc8qFmzIgRI0xjxRgipT///DNEOAXRk92WQ9a2UFabfzg68Yefz4jV 3kSu452/48ePNzFq3bq1YzOSwSqWOWQU6BQoUEDBdnFO0tSpU3UmLVu2tK2SjPHbGhPnDUQWskbK QuSvWL+zOn36tKK9y4sWLaocPHgwTosUKcIzPrc4r1ixYsztYSs7azu4ht/CJU2Q+Oabb4a7LfPc +iy27YA3kkKAAp2kYGenJEACJEACJEACMRCgQCcGWCya9gQo0El7Fyc+QPx1H0L84hd97QtQ7QuC iy++WP6VI74c+OGHHxLvzIMWKNDxACqbJAESIAESIAESIIEkEMDimfb/UGynw5RaBObPn6/7T/Nj zpw5FQgYYkkdO3Y0teN0C6aPP/7YVA82RNtSady4caY6F110kbJ//36TuV988YVeJtK2I9u3b5eR DbSx49i8eXPlyJEjpvasF+CmbZPUtGlT2wgzEHxceOGFui1o/9VXX7U2F/X6uuuuM7WRJ08eBQIb u7R3796QLbzQNwRF+OMOpOnTp8s2r7/+elMzGHu5cuVM/UGEEC26ELa2KlOmjKyH7WwiRd1x04cw /u677zbZ60QMAnEYtqUy+r5r167KX3/9ZeJhvXjmmWdMdRAJxTr/rHVw7eczEq7/ePISmb/aFnMa 30jbwFltSwarWOaQUaCD8d1www3KsWPHrMMwXeOdWqlSJX3u4PmzS8kYv50tieQvW7ZMQXQqbQ7g iPdrpK3gjP1t3bpVwbtEqz9z5kzj7ZjP8dmitaUd8R4/c+ZMTG3h+zhsb6a1oR3DzXHMi2zZssmy S5cute3Hrc9i2w54IykEKNBJCnZ2SgIkQAIkQAIkEAMBCnRigMWiaU+AAp20d3FiA3z77bcVfAmt fQkQ6YgvYPFl0VdffZVYpy7XpkDHZaBsjgRIgARIgARIgASSRIACnSSBj7NbiFW+/PJL5bPPPlMm T56slC9fPuzvFRCEIPLM8uXLFQgZEI3FKFzAouPXX3+trFq1SnnhhRcUiHqsv5cMHTpU1kc5Y4QJ CDnw+8Ds2bPlHxxY6zVp0kSZO3eu/B3mu+++Cxnp0aNHdXGMVhfbWWkL5Nh+SNuW58Ybbwypb83A F1JWQQqEJh9++KFpzKi3Z88e5b777tPHWqxYMQVbUBkTyoDZp59+qvTu3Vsvq9l6ySWXKM8//7z0 ATiAR7QEHtoir9YOtq8Kt2UKtpHRIk5gHFbhARbIsS0Y7EBbTz/9dEj3iGJUq1atENsROebAgQOm 8ohoMWXKFD3KT/78+RVEg4iUEvUhxA5YbF+9erWCSD158+Y12YrFc2xhBqEWfGEXGQdzE1E5NKY4 QtyzZcsWk/lnz56Vc/aWW24xlUX0DfgwXErmMxLOHqd50eYvnhW8GzDuDRs26GwhuoBP1qxZo7zx xhsKRF1GrjhHlJrPP/9cvjuMoqZksEpkDlkFOhgb3jnWeaMxB6fGjRvrPKzvpWSMX7PN6yM+Q6wi xcsvv9z2uYE9+KwZM2aM6XMl1q2t8MzjcwvfhUEY8/rrr4f9vIHvIKL44IMP5NzEHHbyh27hIo3h j+es37099thj0u8QAhmFr259FnvtP7afGAEKdBLjx9okQAIkQAIkQALeE6BAx3vG7CF1CFCgkzq+ 8tVSfImJLwu1L7kg0sHe5PjS8aeffpJffuPLVeMXP1pZfGEeKey6rwNRO8OXeZpt+DKXiQRIgARI gARIgARIIDUJUKCTOn4L9xf62v/JnRyNIpvFixfr/593UhcRU7RUpEgRx3Vr1KihVTMdsU2UVRSE qDINGzbUo6Lky5cvajQerVFEnLnzzjtDRDCIToo/eMA2WldeeaXJbuQjkoI1hVu8j8QIdjpJiLgR LmoDBE39+vVT7r33XtMCNKJ1IEIQvnCzRl3V7MH2RRBkhEsQDfTo0SOkT/wRCMQIrVq1ChF4YXu0 //znP+GaC8lLxIcQ5mhjcHKEwMYu7dy5U0H0LyujatWqyYV7bINm3WIsR44cyvDhwyNGAkn2M2I3 3mj5sc5fjS0EB058oZWBQFBLyWCVyBwyMipcuLDpvYFt5LCFG76rgYijfv36+lZ4GDueG7xvjCkZ 4zf27/U5on01aNAgZH7guyuIBbFl1CeffKIgOtUdd9wht+LT5gmOEHbZiezsbDf+38TYlpNzRO2J lvB+hNDI2l7VqlWlSAdinIkTJyp4V6DM4MGD9Sbd/CzWG+VJIAlQoBNIt9AoEiABEiABEiABAwEK dAwweJrxBLKAgPoLHBMJmAiof60o3nnnHZnXpUsXof4FkFC/hDaVwQWmz8iRI8Xo0aPlubHAP//5 T3H//fcbs5Jyrv5VkVC/oJF9qwIdoX6hnBQ72CkJkAAJkAAJkAAJkEBiBNStIYS6eC0bURe5xfvv v59Yg6ztGQE1Eqfo2bOnUKONyN8j1K1HhLp4KNTILEIVXej94veJc+fOCXXhXaiLnEKNjCGPqhhF qNFGZLklS5YI9Y8HZFuqwES2p7WD+upiqqxz8uRJoS5UiqeeekoMGTJE1lW3hBJqVBNZF7bABlUc Ie+hnho9QdZB3dtuu03MmDFDt814okbvEQMHDhT43cKa1OgwQl0EFaqoxnor4rUaOUH+HjVr1iw5 /nCFS5cuLdTte+TvMEZuWtlXXnlFqAv4+vjwfGhsUEYbI7iCDcZ+/PhxrXrEoxrZRv4eqEYoETgP l9RoFUIV6wg1gpFQ/6hDFsF4+vbtK9ToN/IazNUoHkLdbkuoUYDCNaPnqQIWoS6iC8wfPO/hkiq6 Et26dRNPPPGEUCOnhCsSNi9eH6oiIKEu7uuMMY9U8ZKcx+CrzV/wBVvYjTFHSt9++638PVrdds12 nPClGl1KqH8YI6644opIzYkgPCMRDbS5aZy/eLbxntDmrzZ38WziB3NYYwt+qmAhxCeY33gnqFue yfLaO2HSpEnigQcekFYkg1Uic0gVW4jx48fL94saIUaokXPk86aKfmyoClGhQgWhClDEP/7xj5Ay yRh/iBE+ZKgiHPmOUCNXOeqtXr16Qo02Jq6++mpH5Y2FMN9UkZ1QI5zJzyc8u9pc1j5vUF6b05jH 2uedKgyVn1HG9sKdqyIdOZ4XX3xRvnPClUEe3rVqRDbZP67d/CxGe0zBJaBGXRPq9pBCjaAkDh8+ HFxDaRkJkAAJkAAJkEDGEsB3IOof4MjxY01ZFcdnLAsOnAQo0OEcCCEwZ84c/Yucxx9/XIwaNSqk jDXjzTffFGo4c1O2+lemAl+C4ouOZCYKdJJJn32TAAmQAAmQAAmQgHsEsKhFgY57PNlS7ATwhRIW 29UIP3IBVI14IhfOowkyIvUEgceOHTvEtm3bBNqHwKBkyZJCjUoj6tSpYxI0RWrHq3uwT41YInbv 3i1/Dh06JEqUKCHULZeEujWVgEjHmvCsqltPyWx8AVeoUCFrkYjXEE6BifoXduLHH3+UggsIodSt toQauUgKZCI2EOGmFz6M0F3EW1jYhygJvsdYcQ0RU6lSpQTmVrg/konYIG+mHQHMfzXqi/y+RRPB YZBqZGMBoRJEIUeOHBHqFnOiSpUq8gvvCy64IO04xDsgNWKQULdaFOoWhvo7FuIYCP3UCESiWbNm ol27duKaa65J+rvWyRjhc3WLLKFuHSnHBN/j/0Ww//rrrxf9+/fXxTlO2mMZfwlAZKdu3Sc/y9zu mQIdt4myPRIgARIgARIgAbcJUKDjNlG2l8oEKNBJZe95YDu+SMWXwQcPHpTCGnyRYfyLn0hdquGU Q/7yp2XLlgJfiCQzUaCTTPrsmwRIgARIgARIgATcI0CBjnss2RIJkAAJkAAJZBoBLcISomClQ4Ko DwmRp5iCTwCCTERE69q1q3jkkUcEouS5lSjQcYsk2yEBEiABEiABEvCKAAU6XpFlu6lIgAKdVPSa hzavXbtW/kUiusBfKD700ENiwIABjv5CcdGiRTL0vNE8hGHHSxd/XZmsRIFOssizXxIgARIgARIg ARJwlwAFOu7yZGskQAIkQAIkQAIkQAL+EejVq5d46623BKKO33zzzXJrNURNSzRRoJMoQdYnARIg ARIgARLwmgAFOl4TZvupRIACnVTylg+2vvDCC1KQY+yqZ8+eAltYOUnY6/jo0aOmothXvk+fPqY8 Py8o0PGTNvsiARIgARIgARIgAe8IUKDjHVu2TAIkQAIkQAIkQAIk4C0BbE+H7eiwfSQShDp33323 GD58uNx2Ld7eKdCJlxzrkQAJkAAJkAAJ+EWAAh2/SLOfVCBAgU4qeMlHG7t16yamT59u6hH7nB84 cMDRftzhtrkaOnSoGDt2rKlNPy8o0PGTNvsiARIgARIgARIgAe8IUKDjHVu2TAIkQAIkQAIkQAIk 4D2BVq1aiSVLlpg6yp07ty7UQUTzWBMFOrESY3kSIAESIAESIAG/CVCg4zdx9hdkAhToBNk7SbCt d+/e4o033jD1jL/mOHXqlMiaNaspP9zFHXfcIf71r3+ZbnXp0iVE9GMq4PEFBToeA2bzJEACJEAC JEACJOATAQp0fALNbkiABEiABEiABEiABDwhsH37dlGpUiWhKEpI+xDq3HPPPWLYsGGiRIkSIfft MijQsSPDfBIgARIgARIggaAQoEAnKJ6gHUEgQIFOELwQIBtmzZolOnToYLKoRYsW4rPPPjPl2V00 bdpUrFixwnS7e/fuYtq0aaY8Py8o0PGTNvsiARIgARIgARIgAe8IGAU6HTt2FDNmzPCuM7ZMAiRA AiRAAiRAAiRAAh4QwHel77zzjm3LefLkEX369BGISl68eHHbctoNCnQ0EjySAAmQAAmQAAkElQAF OkH1DO1KBgEKdJJBPcB9/v333+LJJ5+UUXROnjwp2rVrJ0aOHOl4H+RChQqJI0eOmEY4ZswY8eij j5ry/LygQMdP2uyLBEiABEiABEiABLwjQIGOd2zZMgmQAAmQAAmQAAmQgD8EsEBVrVo1cf78+Ygd 5s2bV9x7771iyJAholixYrZlKdCxRcMbJEACJEACJEACASFAgU5AHEEzAkGAAp1AuCE9jNi9e7co Xbp0yGDWrFkjGjZsGJLvVwYFOn6RZj8kQAIkQAIkQAIk4C0BCnS85cvWSYAESIAESIAESIAE/CHQ rVs3MX36dEed5cuXT9x3331i8ODBomjRoiF1KNAJQcIMEiABEiABEiCBgBGgQCdgDqE5SSVAgU5S 8adX5xMmTBCDBg0yDQoRdfbv3y+yZctmyvfzggIdP2mzLxIgARIgARIgARLwjoBRoHPrrbeKl19+ We8sS5Ys8jzRIxpJtA2tfiJtycHwHxIgARIgARIgARIggbQksG3bNnH55ZdHjaJjHDyEOn379pVC nSJFiui3KNDRUfCEBEiABEiABEggoAQo0AmoY2hWUghQoJMU7OnXKba1qlChgjh06JBpcJMmTRID Bgww5fl9QYGO38TZHwmQAAmQAAmQAAl4Q8Ao0PGmh+C0qol8tCMs084TPbrRlhttaONgW7GJy8gr tXnRf6ntP763YvMfecXGy+/3A/pjSi6Bzp07ixkzZsRsRP78+UW/fv3kH0oWLlxYUKATM0JWIAES IAESIAES8JkABTo+A2d3gSZAgU6g3ZM6xg0bNkyMGzfOZHD16tXFpk2bRPbs2U35fl9QoOM3cfZH AiRAAiRAAiRAAt4QyCSBjjcE2SoJkAAJkAAJkAAJ/B8BTUAV7YjS0co4ve9GW260odmb7Lbwf9vv v/8eZsSVMI7hw4eL9evXi8WLF4uCBQuKw4cPx9UWK5EACZAACZAACZCAlwQo0PGSLttONQIU6KSa xwJo7/bt20WNGjXEqVOndOsKFCggVq1aJUO16plJOqFAJ0ng2S0JkAAJkAAJkAAJuEzAKNCpWrWq /GthRVFkL3ZH3LS7F2s+24rM2srTDV5utKHZxbb8958b7OE3JhIgARIgARIgAXsCOXPmFGfPnqVA xx4R75AACZAACZAACSSZAAU6SXYAuw8UAQp0AuWO1DPm+PHjomHDhuLbb7/VjccvhYsWLRLXXnut npfMEwp0kkmffZMACZAACZAACZCAewSMAp2OHTvGtSWAe9awJRIgAT8IaCIf7Yg+tfN4j260ofXN tlJT+EX/xeY38koPXnxfxeZHP3idPn1aYLEqkXTvvfeKH3/8USxdupQCnURAsi4JkAAJkAAJkICn BCjQ8RQvG08xAhTopJjDgmTu33//LW677TYxf/583axcuXKJ2bNny79m1jOTfEKBTpIdwO5JgARI gARIgARIwCUCFOi4BJLNkAAJkAAJkAAJkAAJJJ0ABOcffPBBzHbg+9devXqJYcOGiVKlSsnvYRcs WECBTswkWYEESIAESIAESMAvAhTo+EWa/aQCAQp0UsFLAbXxkUceEc8884xuXb58+cS8efNEixYt 9LwgnFCgEwQv0AYSIAESIAESIAESSJwABTqJM2QLJEACJEACJEACJEACySfwzTffiBo1agj8AaTT lDt3bl2Yc+mll+rVbrnlFkGBjo6DJyRAAiRAAiRAAgEkQIFOAJ1Ck5JGgAKdpKFP7Y5fe+010adP H30QJUuWFB9//LG48sor9bygnFCgExRP0A4SIAESIAESIAESSIwABTqJ8WNtEiABEiABEiABEiCB YBDo0KGDmDVrliNjIMzp3bu3GDp0qMB3sNZEgY6VCK9JgARIgARIgASCRoACnaB5hPYkkwAFOsmk n6J9T58+XXTv3l3/C4+GDRuKjz76SBQvXjyQI6JAJ5BuoVEkQAIkQAIkQAIkEDMBCnRiRsYKJEAC JEACJEACJEACASOwdetWUbNmTf27VTvz8uTJowtzLrnkErti3OLKlgxvkAAJkAAJkAAJBIUABTpB 8QTtCAIBCnSC4IUUsuHDDz8U7du3F+fPn5dWd+rUSUydOlVg7+OgJgp0guoZ2kUCJEACJEACJEAC sRGgQCc2XixNAiRAAiRAAiRAAiQQPAL4bnX27Nm2hkGYg8jlQ4YMESVKlLAtp91gBB2NBI8kQAIk QAIkQAJBJUCBTlA9Q7uSQYACnWRQT9E+Fy1aJG699VZx9uxZOYJBgwaJZ599VmTJkiXsiLZt2yY2 b94sSpcuLRBlJ1mJAp1kkWe/JEACJEACJEACJOAuAQp03OXJ1kiABEiABEiABEiABPwlsGXLFlGj Ro2wnebNm1cX5sQSqZwCnbA4mUkCJEACJEACJBAgAhToBMgZNCXpBCjQSboLUsOA5cuXi5tuukmc OnVKCnKee+45MXDgwIjGP/jgg2LKlCni7rvvFq+//nrEsl7epEDHS7psmwRIgARIgARIgAT8IwCh uBa5sWPHjmLGjBn+dc6eSIAESIAESIAESIAESCBBAvgjxrVr15payZcvn7j33nvF4MGDRbFixUz3 nFxQoOOEEsvESgDz9OTJk6Jx48Yie/bssVZneRIgARIgARIwEaBAx4SDFxlOgAKdDJ8AToa/evVq 0apVK/Hnn3+KHDlyiLfeekt07do1alX8533VqlViwoQJ4uGHH45a3qsCFOh4RZbtkgAJkAAJkAAJ kIC/BCjQ8Zc3eyMBEiABEiABEiABEnCPAKLn1KpVS/z999+yUQhz7r//foEo5UWLFo27Iwp04kbH ijYERo4cKUaNGiXv4vyJJ56wKclsEiABEiABEnBGgAIdZ5xYKjMIUKCTGX6Oe5QQt1x//fXi2LFj Ar80/utf/5JinWgNnj59WhQqVEjg+Mknn4jWrVtHq+LZfQp0PEPLhkmABEiABEiABEjAVwIU6PiK m52RAAmQAAmQAAmQAAm4SOCOO+6Q363mz59fdOrUSTz11FPi4osvTrgHCnQSRsgGLARuuOEGsXjx Ypnbvn178cEHH1hKZMYlIghlyZJF5MmTx/GA8Tsr6uAPnZlIgARIgAT+R4ACnf+x4BkJUKDDOWBL YOPGjaJFixbi8OHD8pfFhQsXinr16tmWN96YNWuW6NChg8z6+eefRZkyZYy3fT2nQMdX3OyMBEiA BEiABEiABDwjQIGOZ2jZMAmQAAmQAAmQAAmQgIcENm/eLLcKQsScgQMHiiJFirjWGwU6saPEH5W6 kbJmzSpy5swZd1Ow48CBA+LgwYMhP4cOHRI9e/YU1atXj7v9eCu2bdtWzJ07V1bHd/wzZ86Mt6mU qIeoVtjS6+OPPxZffvml2Lt3r/jtt9/E8ePHpf34w+WSJUuKRo0ayT9EBp9s2bKFjA11ateuLS69 9FKxfv160330YfU1fKz5vkmTJkn9I2eTsbwgARIgAQ8IUKDjAVQ2mbIEKNBJWdd5a/jWrVvFtdde K//TiJ4g1KlUqZJtp4qiCCyYYBusffv2yf/Qnjp1SkbdwX9koRpPVqJAJ1nk2S8JkAAJkAAJkAAJ uEuAAh13ebI1EiABEiABEiABEiABfwisWLFCVKtWzVVhjmY5BToaCWfHM2fOiNy5czsr7KAUIiIh ElL58uVFs2bNZDT6Bg0aOKgpRP/+/cXkyZNty86fP1/cfPPNtve9unHfffeJV155RTY/YMAAMWnS JK+6Smq7f/zxhxg7dqx47733BM6dpsqVK4vRo0cLRMUyrntgF4FFixbJ53z//v2m5v7zn/+Ia665 xpRnvOjSpYuYPn26MSvs+apVq8Tq1atFiRIlxE033SQKFy4cthwzSYAESCBoBCjQCZpHaE8yCVCg k0z6Ae37+++/F02bNpVCm0RNrFOnjvj6668TbSah+hToJISPlUmABEiABEiABEggMAQo0AmMK2gI CZAACZAACZAACZBAQAhQoBObI86dOyeKFy8uI5fEVtN56euvv16KWqJFv8E2ZyNGjLBt2CuBzsqV K8WoUaPkNkw41q9f32QDxCePP/64zHv22WfF4MGDTffxfT/shthp3LhxIfVNhQN4gT8oHj9+vJg4 caI4ceKEyUIIrVq2bCkjXuE8e/bsYtu2bQJRsDZs2CCWLVsm8MfKSHXr1hVz5syRuwdA0ARhExJE M4iWY0xuCHSMfkHbBQsWFBDsRJtnRjt4TgIkQALJIkCBTrLIs98gEqBAJ4heSaJNv/zyi1Ry//rr r65Y0bVrV/Huu++60la8jVCgEy851iMBEiABEiABEiCBYBGgQCdY/qA1JEACJEACJEACJEACySdA gU7sPoB44vfff5dbGO3YsUM8//zzYf/IdMqUKfK78rx585oipSByPNo4efKk2L17t1i8eLH49NNP BfK1hC2Q+vTpI4UwdluaQSz03//+V9ry8ssvi4ULF2rV5dErgc6VV14pNm7cKPuAnY8++qh47LHH pBgFmW+88Ybo3bu3vI/v9vEdPxLsHTNmjICwCOdIiMIP0UqqpC1btojbbrtNwO/GhHEMGjRIbjNl jIpjLINzbIHVr18/fQsriL0wf3r16iV3F0CZcAIdzA0sTh87dkwsXbpURuDBtldaihZBB3OtQIEC OnetXqdOncT777+vXfJIAiRAAoElQIFOYF1Dw5JAgAKdJEAPcpd33323ePPNN10z8emnnxbDhw93 rb14GqJAJx5qrEMCJEACJEACJEACwSNAgU7wfEKLSIAESIAESIAESIAEkkuAAp3E+UMkU6tWLVND pUqVErt27TLlRbo4fPiwGDJkiPxuXYuwgvLY/grfT5ctWzZSdSnuQFmjyMcrgQ4irnz77bcmexBF B2KcSpUqSaGQtrXWZ599Jlq0aCEQdb9bt25i3bp1pnrYtglRXFIhIdrNXXfdpQtpYPMFF1wgox1B YOM0QVgDEdPQoUPFkSNHQqqFE+hYC7Vv317Mnj1bz44m0EEUn6pVq+rltZNUE0hpdrt1RCQnPL8Q TbVq1cqtZtkOCZCABwQo0PEAKptMWQIU6KSs67wxHMp4/OfSrfTRRx9JRbpb7cXTDgU68VBjHRIg ARIgARIgARIIHgEKdILnE1pEAiRAAiRAAiRAAiSQXAIU6CTOf9++fXLbK2NLlStXllsbGfOcnGPL p2HDhpmKQvyDLY7y5MljyrdeQMSDCPda8kqg88UXX4gHH3xQbtuk9YUjIgVh66cGDRqIOnXqyFvf fPONjJAD8ZFRPISbiMSDyD/WLbJkxYD9M23aNNGjRw+TVSVLlhSff/65qFixoinf6QW2+oJ4CVFx jMmJQAdzBHNFS9EEOvhduFChQjJqk1YHx/79+8sIPsa8TDqHaAnipddee02P+pRJ4+dYSSCVCFCg k0reoq1eE6BAx2vCbD/pBCjQSboLaAAJkAAJkAAJkAAJuEKAAh1XMLIREiABEiABEiABEiCBNCJA gU7izty/f78oWrSoqaF4BTpopG7duvoWSFqj0QQYKFelShUZqUar45VAR2sfW1NheyZsrWXcbql2 7dr6Flj16tUzRc3B9k+IrvPwww+LZs2aaU0F+ghBUsuWLQV+n9TSRRddJFauXCmqVaumZcV1XL58 ubjuuutM/JwIdEaOHCm3P9M6dTI/rOIvRP/B2gfmTaYmiMogHKNAJ1NnAMedSgQo0Eklb9FWrwlQ oOM1YbafdAIU6CTdBTSABEiABEiABEiABFwhYBTodOjQQcycOdOVdtkICZAACZAACZAACZAACaQq AQp0Evec2wKdKVOmyAg1Vss2bNggIH6xS34LdDQ7tm/fLiZPniymTp0qTpw4oWWbjhBCYHuoAQMG iMsuu8x0L8gXO3bsEBAZHTp0yGQmIuc0bdrUlBfvBaIRweda8kqgg/Y3btwoFi9eLPLlyyfatGkj ypQpo3Wbccc9e/YIbEWHRIFOxrmfA05BAhTopKDTaLJnBCjQ8QwtGw4KAQp0guIJ2kECJEACJEAC JEACiRGgQCcxfqxNAiRAAiRAAiRAAiSQfgQo0Encp24LdP744w9RrFixEMOwTZRxWyNrgWQJdDQ7 IHi45pprxK5du7QseYQgB1FoSpQoYcpPhQuIWBCJyJjc/mMPiJoqVKgg4HckLwU6xnFk+vnYsWPF 8OHDJQYKdDJ9NnD8qUCAAp1U8BJt9IsABTp+kWY/SSNAgU7S0LNjEiABEiABEiABEnCVAAU6ruJk YyRAAiRAAiRAAiRAAmlAgAKdxJ3otkAHFuXOnVucOXPGZNytt94q5s6da8ozXiRLoANBDiLovPHG G+Lo0aNGk/RzbAF23333yZ9w4iO9YIBOsP1U8+bNTRblypVLbNu2TZQtW9aUn+jFo48+Kp5++mnZ DAU6idKMXh9bslWsWFHs3LlTFqZAJzozliCBZBOgQCfZHmD/QSJAgU6QvEFbPCFAgY4nWNkoCZAA CZAACZAACfhOgAId35GzQxIgARIgARIgARIggYAToEAncQd5IdApVKiQOHLkiMm4xo0bixUrVpjy jBd+C3TwvfnEiRPFv/71L3Hu3DndlGrVqolvv/1WXhvPkZEzZ07RqVMnudVVrVq19DpBPLnyyivl llBG27p37y6mTZtmzHLlHCKncuXKCQhHKNBxBWnERrDdNeahlijQ0UjwSALBJUCBTnB9Q8v8J0CB jv/M2aPPBCjQ8Rk4uyMBEiABEiABEiABjwhQoOMRWDZLAiRAAiRAAiRAAiSQsgQo0EncdV4IdHLk yGESvcDKjh07ihkzZtga7JdAZ/369aJ///5i9erVJlvy5MkjsG0QhEQQtyBt3bpVfPTRR2LUqFEh 42natKmYNGmSqF27tqmdIFxs3LhRH4PRnjlz5ojbb7/dmOXaeZ06dcSGDRso0HGNaPiGli1bJm66 6SZx+vRpvQAFOjoKnpBAYAlQoBNY19CwJBCgQCcJ0NmlvwQo0PGXN3sjARIgARIgARIgAa8IUKDj FVm2SwIkQAIkQAIkQAIkkKoEKNBJ3HNuC3R++uknuf2O1bLRo0eLESNGWLP1a78EOg0aNBD4ztyY kPf222+LypUri0WLFonWrVvL2xBDXHvtteLrr78WXbt2Fd9//72xmqhfv75Yu3atKS8IF4899pgY M2aMyRSIpg4ePCguuOACU75bFw8++KCYMmWKLwKdY8eOiQMHDsiIRpdeemlcQ9i7d6+MlPTrr7+K EydOiAIFCsgoQFdddZXIkiVLzG0ietDhw4cl44svvlggipQ1IVLTjh07BMRgsDvWfhYuXCg6dOgg /vzzT1PTQRHo+MHANHDLBfrfsmWL2L17t4B/MefxTFetWlUULFjQUjq2y2SPTVEUOV8RrQpj++uv vwS23itRooT8KVOmTGwDMpR2+1kwNM1TAwEKdAwweJrxBCjQyfgpkP4AKNBJfx9zhCRAAiRAAiRA AplBgAKdzPAzR0kCJEACJEACJEACJOCcAAU6zlnZlXRboINoMyNHjjR1lz17dilMKFWqlCnfeBGL QAft//jjjyJfvnxS7ICF+KxZswosYmPh+tChQ6JSpUphBUHYtuq7776TXaPeE088IYYNGyayZcsm 86apW0D16NFDnr/33nuic+fO8vzUqVNi8ODB4p///Ke8xj9BFehUr15d36ZLMxZCIwiOvEqzZs2S 4pFLLrlEQPQSKcF/mCda6tKli5g+fbp2qR+PHz8usC0XhEX4gSgHvoWPkezq6Q2EOcH2UJMnTxZf fvmlnC/WIpijaBeCLHAMlyACefTRR3WbYBtCL4UxAABAAElEQVTEORBxIBkFMzt37hTPPPOMWLdu nfQJfq9HgkinQoUKolmzZuLJJ58MK+hBue3bt0t7V61aFbJlGe4jYbu1smXLynPrP/Xq1ROPPPKI NTvhaz8ZRDMW8w0CwLlz54p9+/aFLQ4hC+YSnuGLLroobBktM0hj++OPP6TYDpG89uzZo5kYcoQQ Ce8tjLF48eIh98NluPEshGuXeeEJUKATngtzM5SA+h82JhJIawKqgl9RH2/5oyrY03qsHBwJkAAJ kAAJkAAJpDOBM2fO6P+vU/9qLp2HyrGRAAmQAAmQAAmQAAmQgCMCN998s/w/shodwVF5FgoloC4A 679naN8jq4u9oQUd5KjiA6V8+fIh7fXt2zdqbfSp9Y/j/PnzbevkypXLVNZYTztXo+CEra8u4itq xBzlmmuuUTZt2hRS5umnn9bbHj9+fMj9xYsXKw0bNpQ/y5cvD7mf7AxVKKLbr7HAsU+fPp6aduTI EUUVgijvvPNO1H5UUZTJRlUQE7aOKh4zlTOOB+d29cI1pgp7FPwebWzjwgsvVNTtopS77rpLadKk iaIKyUz3X3jhhXBNKZgDxnas56pAR1Gj5SgYZ+7cufWymLclS5ZU1Mg5eh7qqpFQlAULFoTt6+OP PzaVtfYV7bpNmzZh2000008GkWx99913Fbz/jRyKFSumYNzwa6NGjRRVvKffh8/hl5MnT9o2G5Sx zZs3T84N49hwrkbLUW688UZFFXcpaqQmfWy4h7mkCoxsx4Ybbj4LETviTRMBNQKb7itVUGa6xwsS yDQCUMgykUBaE6BAJ63dy8GRAAmQAAmQAAlkEAEKdDLI2RwqCZAACZAACZAACZCAIwIU6DjCFLGQ WwKd8+fPK3feeae+AKktKtepU0c5ffp0RBtwMxaBDhbftfatRzV6hNKpUyflrbfeitpnuALqVk16 2w8//HC4IoHO27p1q26/kc3jjz8eGLshkDDaZie0UbeeUh544AEptAgn/LKrZx3o0qVLpTBG6xOC DQiWMPeNSY2spKhbXJlsCyfS2rZtm3L//fdLgZAaMchUHn28+uqrSq9evfT8Vq1aKeo2aYoa+Ud2 BxHVHXfcod9HHTWqixROGO3BORb11YhDph91mzJT3auvvtp031h+48aN1iZdufaTQTiD4bt27dqZ OLRt21ZRIxaFFP/ll19CyjZu3FiBqCxcSvbY1MhRpvmD+aFG+JLCIjWKlMlkvHfffPNNEweIwNRo TqZy2oXbz4LWLo/RCVCgE50RS2QOAQp0MsfXGTtSCnQy1vUcOAmQAAmQAAmQQJoRoEAnzRzK4ZAA CZAACZAACZAACSRMgAKdhBFKkYImXNCOsUbQ+eqrr2RUGq2+dmzatKkCMYKTFItAZ+/evaYFafRX t25dRd0GxnZh2okNKPOPf/xDbxtCn1RLS5Ys0e3X/IDjiy++GJihOBXoGA2GEKF27dqmsTkR6Pz0 009K3rx59XqIXqNuY2Zs2nSOuVWkSBG9PNghkoldwu/pFStWNJVXt5uS14iYM2PGjLBVEWGnatWq pnoDBw4MW9aaaRUFIWJPMpPfDBCpyzgX4FMI0OxEKWCD+YNIXsZnombNmsrRo0cjovN7bDAGgi6j nRDcrFixwtZOdatHU3nU3bBhQ0h5r5+FkA6ZYSJAgY4JBy8ynAAFOhk+ATJh+BToZIKXOUYSIAES IAESIIFMIECBTiZ4mWMkARIgARIgARIgARKIhQAFOrHQCl82XASdPHnyKHPmzAn7M3v2bOX1119X nnrqKeXee+9VNDGCcUG5RIkSCrYHwu8wTpNTgQ4W2rt27aovSGMLoQkTJsgFeKd9RSp33XXX6W0j ykmqpbffflu33+iTDz74IDBDiUegA+P79+9vGpsTgU7z5s1NdXr06BGVAwQ5RnaIUBMp9ezZ01Re qztp0qRI1ZQxY8aY6tWoUSNiee1m0AQ6sMtPBogQpDHGEfPJaTJGyEJdJ/PBz7GFe36x5VakVKtW LRMPjAvvb2vy41mw9snr/xGgQOd/LHhGAhTocA6kPQEKdNLexRwgCZAACZAACZBAhhCgQCdDHM1h kgAJkAAJkAAJkAAJOCZAgY5jVLYFwwl0jIvfsZxDOABhzqlTp2z7s7vhRKCDaBfGaBFVqlRRvvnm G7sm48qH6Egb82OPPRZXG8msNH36dN1+bRw42kVySYat8Qp0ECXFOKZoAh0IyYzlsU3Qb7/95mjI EOUY665Zs8a23kMPPWQqi3qIghIpogsamzt3rqle/vz5bfsw3giiQMcvBtiyK0eOHDo3RDvCllBO 08GDB5V8+fLp9eGrBQsWRKzu19j27dsntzozzjsIBqMl43ZqqAuBpXX7Lr+ehWi2ZvJ9CnQy2fsc u5UABTpWIrxOOwIU6KSdSzkgEiABEiABEiCBDCVAgU6GOp7DJgESIAESIAESIAESsCVAgY4tGsc3 7AQ6rVu3VqL9IPrE2LFjpdBg27Ztyl9//eW4X2vBaAIdtA9BjrZ43aZNm6jb01j7cHKN7XP+/e9/ yzGdPn3aSZVAlVm5cqXOSGOFI4RTQUnxCnRiqffnn38qBQoUMLFo0aKFYwRWMdCgQYNs6z788MOm fsB74cKFtuW1G6tWrQqpBwFJtBREgY5fDKzRYiBOiTV17NjRxL1Ro0YRm/BrbMbIYJhD2Lor3FZV VmMh7MHchnCpWrVqytSpU01F/HwWTB3zwkSAAh0TDl5kOAEKdDJ8AmTC8CnQyQQvc4wkQAIkQAIk QAKZQIACnUzwMsdIAiRAAiRAAiRAAiQQCwEKdGKhFb5sOIEOFob9TpEEOohwoYktYBu2uIkWncRv +4PS3+7du03iA02k88gjjwTFRCUWoY3R6FjqWbepAodnn33W2FzE8y+++MLEsV27drblwwk49u7d a1teu7F+/XpTH7DRSb1UEeg4GUssDMKVnTZtmobT8fHFF18M4Q7xhF3yw78Q0SDyjfa84ghBohvJ z2fBDXvTtQ0KdNLVsxxXPAQo0ImHGuukFAEKdFLKXTSWBEiABEiABEiABGwJ4C85tS9rOnToYFuO N0iABEiABEiABEiABEggUwhQoJO4p4Ms0IEIZ8yYMUrWrFn134XuuuuuxAedxi2cP3/etAWQ9jvk 3XffHZhRxyK0MRodS71+/frpc0ZjMGfOHOXcuXOOfrAVllYPx9q1axtNMZ1bBRwlSpQw3be7CCc4 cSJqSQWBjhcMrP6HXxAxKtY0f/58k2/Rzrhx42yb8cO/iLhknG84R4QyN5Kfz4Ib9qZrGxTopKtn Oa54CFCgEw811kkpAhTopJS7aCwJkAAJkAAJkAAJ2BKgQMcWDW+QAAmQAAmQAAmQAAlkKAEKdBJ3 fFAFOjNmzFDuuOOOkEXr/PnzK999913iA0/jFoxbgWmL/k2bNvV0xJhHRYsWVa677rqo/ViFFl26 dIlaBwViqXfLLbeEzB2NRTzHUqVK2dpoFXA0a9bMtqzxRjoLdLxg0L59+xCfRop8Y2RtPF+xYkVI O3369DEWMZ374d9JkyaF2ARxohvJz2fBDXvTtQ0KdNLVsxxXPARknEb1w5iJBNKWwFdffSUaNGgg xzdlyhShqmXTdqwcGAmQAAmQAAmQAAmkM4G//vpL5MyZUw5RjaAjZs6cmc7D5dhIgARIgARIgARI gARIICoBdeFRqNsfiYIFC4rDhw9HLc8CoQT2798vVGGF6Ya6jZRQo9eY8ry+UEUlQl3AdNRNtWrV BL73zpcvn6PymVboySefFKqYxTTs7NmzC/gaz4oXacmSJaJVq1ZyLu3bty9iF+oWZWLUqFF6GVWg I6ZPn65f253EUq9+/fpi3bp1pqaKFy8uChcubMpzcgF21157rVBFFGGLDxw4UEycOFG/17x5c7F0 6VL92u5kw4YNok6dOqbbagQdATsjpZIlSwo1wo9e5LXXXhO9e/fWr5Nx4geDxo0bi1WrVpmGt2PH DlGuXDlTXrSLTZs2CTUikqkY5u6iRYtMedqFH2MbNmyYUKP4aF3Ko7oVl+jbt68pL54LP5+FeOzL lDo//PCDULdylMMdPXq0GDFiRKYMneMkgVAC8ah6WIcEUokAI+ikkrdoKwmQAAmQAAmQAAnYE2AE HXs2vEMCJEACJEACJEACJJCZBBhBJ3G/BzWCjrqao6hCIeWRRx5RVMFJSHSJzp07Jz74NG1h165d pm3BwBI/77//vmcjnjx5suyjZs2aUfuIJRKOsbFY6ql/tBwyZ7Zv325szrVza4QVVaDjqO10jqDj BYMrr7wyxKdbtmxxxNpYSBX3hbRz6623GouYzv3wryoCCrFJFeiY7Ij3ws9nIV4bM6EeI+hkgpc5 RqcEuMWVU1Isl7IEKNBJWdfRcBIgARIgARIgARIwEaBAx4SDFyRAAiRAAiRAAiRAAiSgUKCT+CQI qkDnggsuUD788EN9gOG2u3JrAVvvJI1ObrjhhpAF/44dO3o2wh49esj+8ExGS7EIbYxtxVIv3HZI X375pbE51879EHAYjb3kkktMvlUj6Bhv6+dr1qxRnn/+eWX58uV6nlcnfjAIt1XTypUrYx7Sp59+ auIH8Vrbtm1t2/FjbPCTJqTTjhAmupH8fBbcsDdd26BAJ109y3HFQ4ACnXiosU5KEaBAJ6XcRWNJ gARIgARIgARIwJYABTq2aHiDBEiABEiABEiABEggQwlQoJO444Mq0LGKKU6cOKFUr17dtIitbgGs WMslTiQ9Wli4cKGJFRb9c+XKpXgRRebkyZNKgQIFZH/qVk9RAcYitDE2Fku9IUOGhIx/1qxZxuZc O/dDwGE01qlA57HHHpMM1G2SjNU9OfeDwQMPPBDi0/nz58c8ntmzZ4e0g7btkh9jmzt3bohNPXv2 tDMppnw/n4WYDMuwwhToZJjDOdyIBCjQiYiHN9OBAAU66eBFjoEESIAESIAESIAEFIUCHc4CEiAB EiABEiABEiABEjAToEDHzCOeq6AKdH799deQ4Wzbtk1BZB0twgSOpUqVUvbv3x9SlhmK0q1bNxMr 8GrTpo3raKZNm6b388svv0RtPxahjbGxWOotWrRIt0mbL9hGKJ6EZ+T48eO2Vf0QcBg7z1SBznvv vRfiU2ytFmsaN25cSDsfffSRbTN++Bfvu2zZspnsKl++vK1NkW7gu6O///5bL+Lns6B3ypMQAhTo hCBhRgYToEAng52fKUOnQCdTPM1xkgAJkAAJkAAJpDsBCnTS3cMcHwmQAAmQAAmQAAmQQKwEKNCJ lVho+VQS6MB6REHRBBfasWXLlsr58+dDB5fhOUePHlXKlCkTwuvf//63a2R+/PFHpWDBgrKPdu3a OWo3FqGNscFY6mE+lC5d2jT2atWqGZtzdP71118rWbJkUWrXrm1b3g8Bh7HzkiVLmsb1yiuvGG/r 54MGDZLl+vXrp+d5deIHg1OnTulzTXv2b7/99piHdOONN5r4QfSHtu2SH2ND39rnmTY2HNevX29n Vtj8zZs3K9mzZ1fq1aun3/fzWdA75UkIAQp0QpAwI4MJUKCTwc7PlKFToJMpnuY4SYAESIAESIAE 0p0ABTrp7mGOjwRIgARIgARIgARIIFYC2oImBAJM8RFINYEORhluq5vHH388PgAe1vrrr7+Uhx56 SClcuLCSO3dupXXr1goELX6mzz//XMmaNatJkIDnZcOGDQmbgagy2rZjOXLkUH744QdHbcYitDE2 GGu95557zjRuCB4WLFhgbDLqedu2bWUbjRo1si3rl4BDM6BmzZqmcY0dO1a7ZTq2b99elnvyySdN +V5c+MVg8ODBprFj27bff//d8ZAQ4Qlz1SiCefnllyPW92ts4balq1+/fkziQ2yLhbHVqVPHNCY/ noUgvO9Mgw7YBQU6AXMIzUkqAQp0koqfnftBgAIdPyizDxIgARIgARIgARLwngAFOt4zZg8kQAIk QAIkQAIkQAKpRYACncT9hcVt42K1dm7cIiXxXqK3cNlll5ns2L17t22l06dP68IQzV5EOZk3b55t nWTcGD9+vGlMsLVixYrKn3/+6as5c+bMUSBk0FjhWKRIEWXLli1x24H5gYg5WpvYNshpGjFihF4P 9Tt16uSoqrVe586dI9Y7d+6cctVVV5n6qly5snL48OGI9bSbEPNgXsHGSCKOAQMGmPpo1qyZ1kTE 47p160z10E+4rd2sjWiiIY19hw4drEXktSaewtZQXie/GODZgQ+1sePYvXt305ZOkcaKssa6TrZ8 82tssBtz2mgfzl966aVIQ9LvrVy5UhfjWev48SwE5X2nAwnYCQU6AXMIzUkqAQp0koqfnftBgAId PyizDxIgARIgARIgARLwnoBRoIO/hGMiARIgARIgARIgARIggUwnQIFO4jMAW6hYF4RxvWfPnsQb d9gCxB4XXnihyQ6IFyKl5cuXm8rD5rx58ypYpA5Kuu6660JshJ3vv/++7yauWLEiZHsg8Jo0aVJM ETpg+HfffWfajufOO++MaTx33323icu1117rqL61HiISRUvbt2+XYiTjHG/evLly5MiRiFXnz5+v 82ratGlERh07djSNp0qVKhHb1m5+/PHHpnqw0cmWRhBDGcdz0UUXKfv379ealccvvvhCL/PNN9+Y 7nlx4ScDvBuwLZWRQdeuXRVEcImUnnnmGVOdEiVKhHALV9/PsWFelitXzmRngQIFokZ+wtZW2nZ2 devWDTtfvX4WgvS+C+fHZOdRoJNsD7D/IBGgQCdI3qAtnhCgQMcTrGyUBEiABEiABEiABHwnQIGO 78jZIQmQAAmQAAmQAAmQQMAJUKATm4MghNm0aZPy1VdfKUuXLlVef/11xbpdjrbojcgjb7/9trJs 2TIFC+KJRFsJZyUEQGj3008/VXr37m1akIYNjRs3VubOnStthSDEmPbu3atg2x7NVuMxe/bsSv/+ /ZVFixa5brPRBifnN910U1gbISZIRtq6dWtI9BGwwzY6s2bNUvA7Z6SE7dDuv/9+BYw15vfcc0/U eoh6AuHJ6tWrZTQQCIO0+jhiC66nnnpKgYjo66+/Vg4dOiTNiFYPdmDrHohRMJfsoj5hYdwqeoCY 4cMPPwwRdWBe3nfffbp9xYoVU3bt2mXCcuzYMWnnqlWrlBdeeEHJmTOnXl4b19ChQxWIyDCeffv2 6fUhpMCazezZs8M+e02aNLGd91ojR48e1cVDWn/4Ix7YhYRtnLQoMzfeeKNWzdVjshmAa9GiRU3c Idiyvqcwp8H7lltuMZVFJCvkh0vJHhuiKNWqVctkL/yM6D8HDhwwmXzw4EFlypQpcgs9lMmfP7+y ceNGUxnjhdvPgrHtoL3vjLYF4ZwCnSB4gTYEhQAFOkHxBO3wjAAFOp6hZcMkQAIkQAIkQAIk4CsB CnR8xc3OSIAESIAESIAESIAEUoAABTqxOQlbQ2kL+rEeEeHGzfTggw86tuXyyy83dQ1RhBP7q1at aqrn98WLL74Y1k6nWyB5YS+2unn33Xd1AYeRY/HixaUI4NVXX5XiEkQjeuutt5SBAwcqN9xwgylq Sb58+RSMz0mCMMfYT7Tzd955RzYba71IAiOIuhDpJ1u2bCZbLr74Yjk2bBN15ZVXmu5hzNgCzpoW L15sKhdtPMbtv7C1WLTy2v0aNWpYu9avsZ2bVRiUJ08epWHDhrqf4CMnEXn0RmM4CQKDnTt3yu3R IPDSmOFYrVo1GeEJIsPcuXOb7uXIkUMZPny4curUKdvRBmFsEAn16NHDJIbD2LDlGsRXrVq1UsqX L28aG57f//znP7bj0m64+SxobeIYxPed0b5kn1Ogk2wPsP8gEcgCY9SXGhMJpC0B9a8hRIMGDeT4 VCWt6NevX9qOlQMjARIgARIgARIggXQmoIZrFuoXcHKI6l/HiQ8++CCdh8uxkQAJkAAJkAAJkAAJ kEBUAmpUBLFgwQJRsGBBcfjw4ajlM73A+fPnhSpaEbt37xbqYr5QF6/l7xhqJBKhLnLreNRIJEIV cogzZ84IVdQj1MVsWVbdfkUvk+jJK6+8IlSRjlCjqQhVSCDbhw3qArRA/6rYQqgRVMTJkydFmzZt TL//TJ48WTz88MOynlZXFV5Ik1AXNqtRRkTp0qXFt99+m6ipCdV/7LHHhCpyEWrkC6FuVSPUrYiE Gh1DqFEuEmo30cqYCzNnzhRjxowR27Ztc9ycKnAQvXr1Ek888YRQBQGO6qmiAaFGRJK+hr8x97Q5 hyU62II5Bn/j9141apNQxRXCWg91UU+bI5ij2jw5fvy4nK+wL1L64YcfxOjRo4UaMUjWDVcW82bQ oEFyLQV9WdOSJUuEGq1Fn7sYD+YfymI82hzE3MWY1OhAYsiQIbIZdbssoUb70VnAXu3ZQz2MX5v3 t912m5gxY4a1e/1ajeAjVPGUwBqQNV1yySVC3aZLqKIj6y1XroPCAIPBMz5y5Eihbhkm50C4AeJd p27BJJ5++mlxxRVXhCui5wVpbKoISYwdO1ao0cxsx6aKvkS3bt3kM4l3jNPkxrNg7Suo7zurncm4 Bm9VXCW7xjtoxIgRyTCDfZJAIAhQoBMIN9AILwlQoOMlXbZNAiRAAiRAAiRAAv4RoEDHP9bsiQRI gARIgARIgARIIDUIUKCTGn6ilf9HAIIKCFXUrWCksCwIXCAKgV1qtBz5s2PHDikmghgLghMs/kPs UaVKFSmUgjAFgrhUTxD3YKwQJ2HhHMKakiVLikqVKok6derIsafKGGE/xEzqVloiV65cUtwEYU40 sVKqjM+pnRB6QdACn6rRSqTwS92iTJQqVUoygZAqVRO+D8J8xbh+/PFHOTY8l2XLlhVq1CQpXIt3 bF49C0F838XLyI16FOi4QZFtpAsBCnTSxZMchy0BCnRs0fAGCZAACZAACZAACaQUAQp0UspdNJYE SIAESIAESIAESMAHAhTo+ACZXbhG4KWXXhJ9+/aV0Vmee+4519r1oiGIHZC0yERe9ME2SYAE0pdA Kr3v/PACBTp+UGYfqUKAAp1U8RTtjJsABTpxo2NFEiABEiABEiABEggUAQp0AuUOGkMCJEACJEAC JEACJBAAAhToBMAJNMExga5du4r33ntPbnnVo0cPx/VYkARIgARSjQDfd2aPUaBj5sGrzCZAgU5m +z8jRk+BTka4mYMkARIgARIgARLIAAIU6GSAkzlEEiABEiABEiABEiCBmAhQoBMTLhZOIoEDBw7I rXZOnz4t1q5dK+rXr59Ea9g1CZAACXhHgO+7ULYU6IQyYU7mEqBAJ3N9nzEjp0AnY1zNgZIACZAA CZAACaQ5AQp00tzBHB4JkAAJkAAJkAAJkEDMBCjQiRkZKySJwNNPPy0effRRUb16dbFlyxaRJUuW JFnCbkmABEjAWwJ834XypUAnlAlzMpcABTqZ6/uMGTkFOhnjag6UBEiABEiABEggzQlQoJPmDubw SIAESIAESIAESIAEYiZAgU7MyFghCQS+//57GTHn2LFjYvr06aJLly5JsIJdkgAJkID3BPi+C8+Y Ap3wXJibmQQo0MlMv2fUqCnQySh3c7AkQAIkQAIkQAJpTIACnTR2LodGAiRAAiRAAiRAAiQQFwEK dOLCxko+Ejh69Kho0KCBwKJ1hQoV5DFbtmw+WsCuSIAESMAfAnzf2XOmQMeeDe9kHgEKdDLP5xk3 Ygp0Ms7lHDAJkAAJkAAJkECaEqBAJ00dy2GRAAmQAAmQAAmQAAnETYACnbjRsaJPBNq0aSPmz58v cuXKJb744gsp1vGpa3ZDAiRAAr4S4PvOHjcFOvZseCfzCFCgk3k+z7gRU6CTcS7ngEmABEiABEiA BNKUAAU6aepYDosESIAESIAESIAESCBuAhToxI2OFX0gsHv3blG6dGmRJUsWMXXqVNG9e3cfemUX JEACJOA/Ab7vIjOnQCcyH97NLAIU6GSWvzNytBToZKTbOWgSIAESIAESIIE0JECBTho6lUMiARIg ARIgARIgARJIiAAFOgnhY2UfCEyZMkXUrFlTNGnSxIfe2AUJkAAJJI8A33f27CnQsWfDO5lHgAKd zPN5xo2YAp2MczkHTAIkQAIkQAIkkKYEzp07J3LkyCFH1759e/HBBx+k6Ug5LBIgARIgARIgARIg ARJwRoACHWecWIoESIAESIAESCB5BCjQSR579hw8AhToBM8ntMhlAhTouAyUzZEACZAACZAACZBA kghQoJMk8OyWBEiABEiABEiABEggsAQo0Amsa2gYCZCAywSOHTsm8ufPL7Jmzepyy2yOBEjAawIU 6HhNmO2nEgEKdFLJW7Q1LgIU6MSFjZVIgARIgARIgARIIHAEKNAJnEtoEAmQAAmQAAmQAAmQQJIJ BE2gg/+zZ8+ePWYq58+fF9myZYu5HiuQAAmkJ4HNmzeLt99+W3z77bfil19+kT8nT54UuXPnFuXL lxfVqlUTDz74oGjcuHF6AnBxVHi/HjhwQBw8eFD/OXTokH7epUsXccUVV7jYoztNKYoizp49K3Ll yhVTg3///bfAFunR6sXyuQM7cubMabLj9OnTputYLyA0s7YZaxt25YP4WUyBjp23mJ+JBCjQyUSv Z9iYKdDJMIdzuCRAAiRAAiRAAmlLgAKdtHUtB0YCJEACJEACJEACJBAngSAJdFasWCGaN28uR5In Tx65OIrFRyxCZsmSRR8hFl2xMHrmzBn5c+rUKVG8eHHx448/inz58unleEICQSGwatUqsXr1alGi RAlx0003icKFCwfFtLSyA++E6dOni9dff12sXbs2ZGx4r+B9YUw33HCDmDNnTuDfHcmcQ0uWLBGt WrUyYjOd33vvveLll1825QXh4ueffxblypWTnx8QZuEHnykQgRo/UyDIwfdFmD+YHxDTVK5cWWzb ti3iMC677DLx008/ibx588oftKtFZ8LnFEQ+aA9CHLQPkZP27KMv2JNoQkSoIkWKiGLFiom6deuK a6+9VjRt2lTmxdt2UD+LKdCJ16Osl44EKNBJR69yTCYCFOiYcPCCBEiABEiABEiABFKWAAU6Kes6 Gk4CJEACJEACJEACJOARgSAJdBDt4q677op7pPv27RNFixaNuz4rkoAXBEaPHi0ef/xxvemCBQsK iC2qV6+u5/EkcQIQU3Ts2FH897//1RtDBJTu3buLnj17iipVqogCBQqI48ePi3Xr1om+ffvqAgy8 B+fOnauLK/QGAnKS7DmUqgKd/fv3i7JlywpEToo1RRPoQICjiXGctm0U6OD7KQhLEZXI7QS72rZt KwYOHCiuuuqqmJsP6mcxBToxu5IV0pgABTpp7FwO7f8IUKDDmUACJEACJEACJEAC6UGAAp308CNH QQIkQAIkQAIkQAIk4B6BIAl0jh07Jn7//XcZceDEiRPiu+++E+PHjxfff/99yIARhaRXr17ikksu EYggkCNHDlGhQgVucxVCihnJJABhAEQh+F3UmDp16iTef/99YxbPEyCwfft2KUSAAEJLeEe88cYb UgSh5WnHb775RlxzzTXi6NGjWpZYtmyZjD6iZwTkJAhz6M8//xRgDF6LFi0SzzzzjIlOUCPowEh8 pvzxxx9SmIXPkueee04XZhkHcfPNN8vPFES5uuCCC2REHIh7IqUvv/xSin/Wr18vnn/+efHbb7+Z iiOyzYABA0SDBg1kRBtsA2bcihHzFfZBNLZjxw7Zxtdff21qAxcvvfSSnK/adlaIvoOoPPjZtWuX WLNmjfzZsmWLjC5nbACRj6ZOnSqjdxnzI50H9bOYAp1IXuO9TCNAgU6meTwDx0uBTgY6nUMmARIg ARIgARJISwIU6KSlWzkoEiABEiABEiABEiCBBAgESaATbhiffPKJ3BLIeA9RMY4cOeLK9iDGdt0+ HzFihIzm0a9fv4jbw7jdL9tzj0CiPkRUl6pVq4YYhG1oIAhhSpwAtieqUaOGgOhGS02aNBGLFy+2 fUcMGjRITJgwQSsuj4hyNGrUKFNeEC6COIdat24thToanyALdDQbtSMERrDfmLDV1OHDh23ni7Gs 3TnES+3atdOf63r16gl8fkGk4zQh+lOtWrVMxS+66CLHUXYQjQdzGIIebAOpJdjw3nvviZYtW2pZ MR+D8FlMgU7MbmOFNCZAgU4aO5dD+z8CFOhwJpAACZAACZAACZBAehCgQCc9/MhRkAAJkAAJkAAJ kAAJuEcg6AKdTZs2idq1a5sGjG1B9u7da8oL4gWEGVhcf+2110Tv3r2DaCJtikIgUR+ePXtWFCpU KGSLnf79+8toGVG6520HBGbNmiU6dOigl7z00kvF1q1bZeQiPdNy0rVrVylYMGY/8MADYvLkycas QJwHcQ5hezCIQLSUSgIdLz9TVq9eLRo1aiSxzJs3T7Rp00ZD5OiIbRrx+WZMlSpVChtFzljGev7u u+/Krd2wDZeW8uXLJxDx5/LLL9eyYjp6yc2pIRToOCXFcplAgAKdTPByho+RAp0MnwAcPgmQAAmQ AAmQQNoQoEAnbVzJgZAACZAACZAACZAACbhEIOgCnc2bN4uaNWuaRottrX799VdTXhAv8ubNK7fr okAniN5xZpMbPhw3bpwYNmyY3iG2z8GaQ5UqVfQ8nsRPoFu3bmL69Ol6AyNHjhRPPPGEfh3uBM9k nz59TLdmzpxpEvqYbib5ImhzaODAgWLixIk6lVQS6Hj5mYIINlrEHGynBXFNLGn//v2iaNGipiqV K1cOuyWXqVCYC6uICkUuu+wysW7duojitTBNySwvudn1ac2nQMdKhNeZTIACnUz2foaMnQKdDHE0 h0kCJEACJEACJJD2BIwCnX/84x8Cf2nHRAIkQAIkQAIkQAIkQAKZTIACHW+8v2fPHlGqVCnZOAU6 3jD2ulU3fbhx40a55RKiWCCqRpkyZbw2P2Pab9iwoVi7dq0+XmxtFW0rH0QWgZBn9uzZImfOnAIR dbDtVZBTkOYQBTrhZ8qxY8d08cuOHTtEuXLlwhe0yXVToPPTTz9JgRC2gDOmsWPHiqFDhxqzHJ1T oOMIEwuRgG8EKNDxDTU7ShYBCnSSRZ79kgAJkAAJkAAJkIC7BCjQcZcnWyMBEiABEiABEiABEkh9 AhToeONDLIIOHz5cNk6BjjeMvW6VPvSasDvtIxIRopVoCdtbVa9eXbvk0QMCFOiEhxokgQ4sRMSc 7du3m4xt3bq1+OSTT0x5Ti4o0HFCiWVIwD8CFOj4x5o9JYkABTpJAs9uSYAESIAESIAESMBlAhTo uAyUzZEACZAACZAACZAACaQ8AQp03HchIhZUrFhR7Ny5UzZOgY77jL1ukT70mrB77VsFOvFsLeSe NZnREgU64f0cNIFOixYtxLJly0zGYou9I0eOiKxZs5ryo11QoBONEO+TgL8EKNDxlzd7SwIBCnSS AJ1dkgAJkAAJkAAJkIAHBCjQ8QAqmyQBEiABEiABEiABEkhpAhTouO++mTNnik6dOukNU6Cjo0iZ E/owZVwlKNDx31cU6IRnHjSBToMGDQTWN40pW7Zs4syZMwLHWBIFOrHQYlkS8J4ABTreM2YPSSZA gU6SHcDuSYAESIAESIAESMAlAhTouASSzZAACZAACZAACfw/9s4Efoup/f9X+66QFFLJUpFEKZ4i haxRliw9IrJVlkiWrGWJosW+e0QeklCWKGSLUIQsCWnRpiRt8pv/ueb/zJi517nv773P+7xeNWfO nO16n3PPdzmf73VBAAIlQwCBTmaXUr0VHH300bJx40a3YwQ6LoqiyLCGRbFM7iQR6LgocpZBoBMb dSEJdPT3X1tttZVs2LDBN9kmTZrIggULfGVBbhDoBKFEHQjkjgACndyxZqQ8EUCgkyfwDAsBCEAA AhCAAAQyTACBToaB0h0EIAABCEAAAhCAQNETCJNAR8MWrV69WlatWiXbbbedbL311lHrpz8z6OFl tWrVZKeddpJy5cpF1YlXMGXKFOnZs6f8+eefvirZEOgsXbpUvv76a1m8eLGsW7dOateuLXrwesAB B6Q0Z2ei6lFh5cqVUqVKFalbt65T7F5/+eUXW3TUqFEjqVy5slueLDN//nxZtGiRLFmyxA6rUr9+ fWnatKnssssuoqFWMpksy7KZLFy4UJTPX3/9JfXq1ZMGDRrY/3TuyVK211AP8JWzMtT9lU7SfTx3 7lzRNVE7K1WqJHvssYc0b95c6tSpk06Xbptsf0bcgTKYSVegs3nzZvt98Ntvv4n+q169urRu3Trw zPLFKp09tH79evn0009l2bJlts1qZOPGje3PoX4uKlasKMrjqaeekjZt2kjLli0Tcggq0NH3yk8/ /WSzTfV9mnACZXiYTaFJIQl0Ytmp2AYOHCgjR45MmWCs/nbYYQf7a1DKnaXZ4LvvvrPfddp86NCh MmTIkDR7ohkEip8AAp3iX0MsSEIAgU4SQDyGAAQgAAEIQAACRUIAgU6RLBTThAAEIAABCEAAAhDI GYFSFeiogOGaa66xxTgqiFBRjopz9FBdk1c08+OPP8qtt94qs2bNsgUeelCtSUU6Kibp1KmT3HTT TTEFPSpAGTNmjLz33nsye/Zsu13kf/vss499GB5Zrvdt27aVq6++OtajmGUaeknHmzlzpqggJTI1 bNhQTj/9dOnVq5fsueeekY/t+8cff1y0H+XisFGRj6add95Zfv75ZzuvwppBgwbJ1KlTbQGDFqqw pE+fPjJq1ChbzGNXjPhvxYoV8sADD8i4cePk22+/jXj6z61y1YN+9TiUihDqnx7+f2758uUybNgw eeGFF2wxUORz515FLGeddZb07t1bVCjkpGys4R9//GGPo/tO/ylnFYGoaEiTrpHySSWpGEsPpSdN mmQLLWK1VTGS2qfrts0228Sq4pbl6jPiDpihzAUXXCC//vqr29ubb75pi9ScgnifN2WvDHUt9F0Q KaQ75phj5OWXX3a68V3zwSoTe+i1116TESNGyIwZM9y95zPM3Gy//fbSt29fefvtt+33WLdu3eTF F1+MrOa7TyTQ+eGHH+Tmm2+Wd999V/Td+vfff9tt9X266667ysEHHxz3feobJEs32RSaFJJARz8n 999/v4+iCmr065xeU03Z5BZ0Lgh0gpKiXigImG8CSRAoaQIfffSR/qRj/xs7dmxJ24pxEIAABCAA AQhAoJQJmF/Iud/XnXTSSaVsKrZBAAIQgAAEIAABCEAgEAFzKG1/j2w8bwSqn+tKn3/+ufs9vPM7 WnO4mHQar7/+elQ7p71ejUDHMgJ+6/rrr7eqVq3q1jUeZKwdd9zRMoIRt0zrG08s1uTJk6PGfeml l3z1vGMEyZvD8Kg+YxUYcYdlvPP4xjLhSywjbrHOPPNM66CDDrKMFwzf89GjR8fqyrrooot89bzz rFGjht3GCBWsmjVrxq1nRCAx+zaCHMt48nHbmUN5ywhxrPPOO88699xzrQMPPNAyIh/3uY7dokUL yxzkx+wvWaEREthr47VB88YriHXUUUfZYxtPSb7xdC2N4MLtOhtraERKvjEj52cEOu74QTJPPvmk pZ9Rbz9GWGHp/tH179Chg1W+fHn3ue4N3dvGc0rc7nP1GYk7gTQfGO9Lrp1eHmXN67swXsoHq7Ls IX23GTGaj9O//vUv+zNoxDOW8aBiGU8qlvE+5KujDA8//PB4GNxybevlff7551tGiGMZ4Y7vPZTq +9QdIIuZdL+mBJnS77//7nIxntiCNPHVMWJDt73D1wgLfXWC3Nx1111R/RiPZdacOXOCNI9ZJ5vc Yg4Yo1C/vjhcjFgxRg2KIBAeAnjQMW8DUmkTwINOaa8v1kEAAhCAAAQgEB4CeNAJz1pjKQQgAAEI QAACEIBAMAKl6kFHPbeopxlzYCpvvfWWHWLJS0Q9vOjvfR955BG7uGvXrrbXh1atWtnhXtasWWN7 lZgwYYLbTD2SqLcVb2gs/Yv+8ePHu3U0o+FD1PuFk4woRcyht3Prux533HGiHj8SpenTp8sZZ5zh hhIxQgx7bupNRUN1Oembb76xvdt8+OGHTpHtPUO9XXiTepoxggM7PJJ6H9HwN04yAh3b24YR/Nge Rvbff3/bnhtuuEGmTZvmVBMjarJDVmlILCfpz1vqwcfxbqJht9RjifbpTTpPc6Av77zzjlusIa/U y4cRR7lliTLq8eeSSy5x10/rVqhQwQ55MmDAANl2223d5uo1Sb0GnX322W6ZjqMhotRzTzbWUL2z XHXVVfY+ULs0bJo3BfWgo96IlNXEiRPd5t27d5c777wzyiuThva69NJLfXU7duxoe4XRtYhMufqM RI5b1nv9XKsHHCeZP6q2vRQ594k+b1pnw4YNYoQK9mfAaaPXRB508sGqLHvICDTsUEZql4arUo9h 7du319uopHvp8ssvdz1y6btK3w+JUqQHnXPOOcf2YqSeuTSl+z5NNGamnmXTE0y+Peioty71mnPd dde53uKUm4Yt1LXp0qVL2hizyS3opPCgE5QU9UJBIDxaJCwNKwE86IR15bEbAhCAAAQgAIFSI4AH nVJbUeyBAAQgAAEIQAACECgrgVL1oOPlsmnTJsuEVnH/8t4c3FiNGze279XDgxHYeKu7efVC0bx5 c1879RCRLKmHHx3D+afeetJNJlyMVb16dbcv9exjxCZxu1u6dKllDmPd+joH9TITL6lHBa/nFfV4 Yw707fYmRJalHiE0tWnTxteneutxnjl9mxA5vjo6thFCOY99V2Xbrl07X331FGFECb568W6MAMDX Vr0eGSFMvOqWEaL56uvcPvvss7j1M7mG6lmkdevWvvGDeNAxodZ87XTtzcG7ZQRHceetY/Xr1883 lhGdRa1VZAe5/oxEjl+We903zmdNr+r9KUg6/vjjfe0SedDx9pcPVqnsISM8c98Z6hEriCeXhx9+ 2GWRjgcdh3+i96nakM771Ms+E/lseoLJhged3Xff3fb2pu9M7z8jUrTX1oRXtJ599llLvZp5vcE5 a6KelExYtzKjyya3oJPDg05QUtQLAwFVVZIgUNIEEOiU9PJiHAQgAAEIQAACISKAQCdEi42pEIAA BCAAAQhAAAKBCIRBoKMg+vTp4x5AOweXetVQIInSsGHDfO323nvvRNXtZ5kUd3Tu3Nk3vh62Jksq yPHaqGGlEiUNleStr3kNA/XTTz+5zYw3GF8dFTdEpptuuslXR/vp1atXZDX33njSiQp3FUTM9MQT T0SNoyGIEiXjpSiqjfGOFLdJJtdQB7n44ot94wcR6BivRb42GrIqaIoMYxZk3+TyMxLUjiD10hXo aIgc774PKtDROeWDVdA99J///Me1y3jACoLQFn05oenKItDJxvs0kAEpVMqm0CQbAh3vHg2a13BW +pk33tRSIJO4aja5JR75n6cIdP5hQQ4CCHTYAyVPAIFOyS8xBkIAAhCAAAQgEBICCHRCstCYCQEI QAACEIAABCAQmEBYBDom9I97aO0ccqoXlkTeSBTipEmTfO1q1qyZlG2mxB0PPfSQb2wTwslasmRJ 0vG1gopyHDv1muigVj00eOtqfsSIEb5x9GcpLTvxxBOt22+/3Vq2bJnvud54hQFOf7fddltUPW9B pBcdE/LL+zgqr+OaUGO++R566KFR9SILTHgrXxv1FGTCmEVWc+8ztYZOh+r5xmGi12QCndmzZ1uV KlVy26hXJBM2zeku6dWEurHUe4p3zMmTJydsl8vPSMKJpPgwXYGOCe3k45OKQCcfrILuocGDB7t2 bbXVVtby5csDEb3iiivsdukKdIK8TyPFgyokyXXKptAkGwId9XCm77zIf8rO+/n25hs1amR7L1Ov RZlK2eQWdI4IdIKSol4YCCDQCcMqh9xGBDoh3wCYDwEIQAACEIBAyRBAoFMyS4khEIAABCAAAQhA AAIZIhAWgc7AgQOjDjOnTJmSlKKGD/EefGpexQ+JUibEHRrqqXbt2r6xu3TpkmhY37PIw/zLL7/c 99x7Eylw0APhRYsWeasEyq9evdoXkkmFPxpyK1E699xzfTYm81CkHnm866FhnxKFqnLGVmGP8lPR S4sWLazHHnvMeRTzmok19Has3m+8804m0In0+KMCo1TTKaec4huzQ4cOCbvI5Wck4URSfBi5f4OG uCqLQCcfrILuoch6++23nzVr1qykVPUzoXu0R48eSevmw/6kkwpYIZtCk2wIdHR/x0s6noYpvPHG Gy0N8+d9x2heBZD6Xs5Eyia3oPNDoBOUFPXCQACBThhWOeQ2ItAJ+QbAfAhAAAIQgAAESoYAAp2S WUoMgQAEIAABCEAAAhDIEIEwC3SSiUcU8aeffhp16JmsXSbEHZGeJvSwVT3XBE3vvPOOb96JDt0j BQ6HHHJI0GGi6m3cuNF69913E3rs8TYaOXKkb55Nmzb1PvblVbSknm+8h9DNmjXz1cnUTSbW0DuX SNFEIoFOrD33+OOPe7sLlL/77rt9rJSbHnDHS7FEF8n2uvYVa75B2sWbR6rlkfs3XwKdIDaXhVXQ PaTh3ryfESd/7LHHWuPHj7e++OILa/PmzVGY9fclr7zyivXrr79GPYssKNa9onZkU2iSa4GOd13W rVtnnXHGGVFrr8K89evXe6umlc8mt6ATQqATlBT1wkAAgU4YVjnkNiLQCfkGwHwIQAACEIAABEqG AAKdkllKDIEABCAAAQhAAAIQyBCBsAp0GjRoEIhgOgfqmRB39O/fP+qgdcKECdaWLVsC/dNQWM7B vF5bt24d195IgUMibztxOwnw4Oeff7befPNNWyQwZswYa8iQIVbHjh1980wk0FGPR16bNH/WWWcF GDn1KplYQ++oQcUV2iayrtqpoqdUkwpVInkNHz48bjeRootsfkbiTiKNB5H7Nx8CnVywitwX8URe Ggqtfv36UWvv3QvqSUrfCZdddpn9mdy0aVNK5It1r6iR2RSa5FOgo7ZpyEYNE+hda81feOGF+rhM KZvcgk4MgU5QUtQLAwEEOmFY5ZDbiEAn5BsA8yEAAQhAAAIQKBkC+sts5xcVJ510UsnYhSEQgAAE IAABCEAAAhBIl0BYBTqdOnUKhCxfAh31duH87JKJa8OGDePaGylwuOuuu+LWTeXBb7/9Zj366KOW 7rG6desGsieRQEfnFcli2LBhqUwpcN18CnROPvnkKDsTeb6JZ9SMGTOi+jnvvPPiVbciRRfZ/IzE nUQaDyL3bz4EOrlgFVSgowgnT55saai6yM9LvPvtt9/eeuSRR6y///470AoU615R47IpNMm3QEft W758uVW5cmXf2teqVctS4VZZUja5BZ0XAp2gpKgXBgIIdMKwyiG3EYFOyDcA5kMAAhCAAAQgUDIE EOiUzFJiCAQgAAEIQAACEIBAhgiEVaDTuXPnQATzJdBp27at74BVD9bVK8aee+6Z8r9WrVpZl1xy SVx7IwUOzz77bNy6QR4sW7bMUiGIeumIFASop5Hu3btbQ4cOtQUBkUKkRAKdwYMHR/WnYZyykfIp 0NGQNJHcFixYkLKZs2fPjuqna9eucfuJFF1k8zMSdxJpPIjcv/kQ6OSCVSoCHcWoHPTzFrmXEt0f eOCBlopMkqVi3Stql4b4imRQr169ZCYHeq7hwZy+f/zxx0BtvJVUXOO0d666v1NNhx12WFQ/48aN S7UbX30EOj4c3EAg7wQQ6OR9CZhAtgkg0Mk2YfqHAAQgAAEIQAACuSGAQCc3nBkFAhCAAAQgAAEI QKB4CCDQSbxW+RLotGvXLuqAdf78+Yknm+bTdAUOsYZ7/PHHra222ipq7u3bt7defPFFOwSLt93o 0aN9dRMJdDQcj3No7VxLUaCz7777Rtk5d+5cL7ZA+Y8//jiqHw1/Ey8Vq+gi3f175513+vjouzBo ygerVAU6asuaNWusESNG2OGsgnrUUbHR5s2bE6LIh/0JJ5TCQ6+IxnmPVKhQIbD3oERDzZkzx91T q1evTlQ15rNMCXT69u3rzsOxsayhCxHoxFwyCiGQNwIIdPKGnoFzRQCBTq5IMw4EIAABCEAAAhDI LgEEOtnlS+8QgAAEIAABCEAAAsVHAIFO4jXLpkDnww8/tEaNGmW99dZbUZOIFeZo5syZUfUyUZCu wCFy7DFjxljlypXzHQzvsssu1vTp0yOruvepCHSUlXPY7Fxvuukmt69MZoJ60Em0ht75pCKuiPQq pLa+++673u4C5d94440oXuq9KF4qVtFFuvs3DAId71qrYGTatGnWyJEjrdNOO83SsHfO5yjyqqHp EqVi3SuOTdWqVYuyfcWKFc7jtK+TJk2y+61atWpafWRKoKMe0yLX9KijjkprTk4jBDoOCa4QKAwC CHQKYx2YRRYJINDJIly6hgAEIAABCEAAAjkkgEAnh7AZCgIQgAAEIAABCECgKAgg0Em8TNkU6Fx7 7bX2IWq/fv2iJnHFFVdEHbCWNfRU1CD/K0hX4ODtTz28RHro2Hbbba1vv/3WWy0qn4pAxzn89h48 9+nTJ6rPTBQEFegkWkPvPFIR6AwYMCBq7YOGbfKO+dxzz0X1o33HS8Uqukh3/5aqQEeFWYceeqg1 derUeEvtlmsYtLPPPttSDzLez9X+++/v1omVKda94tiy1157+exV29XjVFnThRdeaPfbsmXLtLrK lEAnlrexRN7JgkwWgU4QStSBQO4IINDJHWtGyhMBBDp5As+wEIAABCAAAQhAIMMEEOhkGCjdQQAC EIAABCAAAQgUPQEEOomXMF8Cnddeey3qAFkPXdNJeuj7xx9/xG2arsDB22G3bt2i5vv+++97q8TM 33HHHb523kPkZcuWWSeccII1bNgwu+3ixYujhATqoSedpCF8/u///i9u03wKdJ566ikfExUPqHei VNPw4cOj+nnhhRfidlOsoot092+pCnScdVSRTtA0ceJEq0qVKu5+UQ8ziT4fzhiOqEfDYgVJ6bxP g/Sbap1IwZzaUVZvXJs2bbJ22mknm6EKLNNJmRLoOMJBZ330qiIsnWO6CYFOuuRoB4HsEECgkx2u 9FpABBDoFNBiMBUIQAACEIAABCBQBgIIdMoAj6YQgAAEIAABCEAAAiVJAIFO4mVN50B5xx13dA+6 9WD0/vvvjznI5Zdfbtfr379/1PO///7b2nnnnX39tGjRIqpesoJPPvnEDjvVunXruFXTFTg4Hepc NaSL9zC4WbNmzuOE11NPPdXXzivQWbBggf2sRo0abh/OfvWOpWuUSvriiy+sihUrWm3bto3bLBNr 6O08UhBw+umnex/78hs2bLDq1Knj46JCpVSThrTxcqpVq5alfcdLxSq6SHf/lqpA56KLLrLXXff4 b7/9Fm+5o8ojPTetX78+qo5TUKx7xZn/zz//HOXxq02bNs7jtK7XXHON+3nTM8V0UqYEOpF723kP fPXVV+lMy26DQCdtdDSEQFYIINDJClY6LSQCCHQKaTWYCwQgAAEIQAACEEifAAKd9NnREgIQgAAE IAABCECgNAk4ggcVBBRiytShYC4PlFu1auUe1OrB6G233RYT7cknn2zXi+e5IdK7jPY1efLkmH3F K+zevbs9RocOHeJVsdIVODgdLly40GevzrN3797O44TXxo0b+9omE+hMmTLFV1/H0nA8KhIKmjQs lrbbb7/94jbJ1Bo6A6Qi0NE2gwYN8tmp3k1+/fVXp7ukVxUgVKpUydfHfffdl7BdLj8jCSeS4sN0 92+kiEHfhUFTPlgF3UOOQEf3+MiRI4OaZE2YMMHdLw0aNEjYLh/2J5xQGg9PO+00115lpf9effXV NHqyrFmzZtmiP+3jzDPPTKsPbZQpgc6jjz4aZZvOTdc4Vho6dKhVt25d691334312C7L1NfiuAME eKAhE521DrXSpgAAQABJREFU0jmTIBBmAgh0wrz6adqu7iNV/Z7KN5RpDpWRZgh0MoKRTiAAAQhA AAIQgEDeCSDQyfsSMAEIQAACEIAABCAAgQIjUOgCndmzZ7sHcs7BXP369VOmeMkll/j66dSpU6A+ 9ODVGde5aqilRMkRxTj1e/bsGbP6nnvuafetIY1iJf355YADDvCNr2KE1atXx6oeVaZinnLlytnt E4kzdtttN98YL774YlRfiQrUK0ukBx0NeZUszZkzxzeu8tIQMU5yDoQjxWOxDtbvvfdep1nCqx5A ly9f3h43UZtMraEzmSFDhvhsVRsSpT///DNKOKWip0Rhh7z9aV1n/+k1yHrk8jPinWtZ8+nu3xEj RvgYHXnkkYGnkg9WQfeQV6BTu3ZtS0PFBUmPPfaYy+Pwww9P2CQf9iecUBoP1btQpKcs9fy1bt26 lHrbuHGj5bzL69WrZ61atSql9t7Kembq/dxqftddd/VWCZTXUHaR/ei9rlus5AgSH3nkkViP7bJM fS2OO0CABwh0AkCiSmgIINAJzVKnb+jatWut22+/3dKYl02aNPHFidVvENSVZK9evaxnnnkm8DeY 6c8m9ZYIdFJnRgsIQAACEIAABCBQiAS8Ap0TTzyxEKfInCAAAQhAAAIQgAAEIJBTAoUu0Hn55Zej DhorV65sqYAhlXTKKaf4+gkagumll17ytdNDzmQhlYYPH+5rs80221grVqzwTfedd95x6yQKOzJ/ /nzbs4H3sLVz587WmjVrfP1F3ig3J0zSwQcfHNfDjAo+ttpqK3cuOs4DDzwQ2V3Se/3dv3eO1apV s1RgEy8tXbo0KoSXtldB0ZIlS+xm48aNs/s87LDDfN2o7XrO4B1PzxmSeRfS0FaNGjWy22k4m0Re dzK5hjr5c845xzffIGIQFYdpWCqvnXqO8tdff/l4RN7ceuutvjbqDSVy/0W20ftcfkZijZ9OWVn2 rxNizuGbKAxc5NzywSroHvIKdNS2I444wtIzukRJ36e77767u2/0s5co5cP+RPNJ99n06dMt9U7l 7AG96vs1USg471hffvmlpe8Sp72ecZYlxQqpqO/xTZs2pdStCn00xJkzL+caa4/r3qhQoYJdd9q0 aXHHydTX4rgDBHiAQCcAJKqEhgACndAsdeqGaoxKVfVuvfXW7hcC/aLQsmVLq0uXLtbee+/tljtf IFSpmewb6dRnUrYWCHTKxo/WEIAABCAAAQhAoFAIINAplJVgHhCAAAQgAAEIQAAChUKg0AQ6KlaZ OXOm9eabb1pjxoyxdtlll6jfIevvklUQop5n3nrrLTu8iHpj8QoX9NDxk08+sd577z1r9OjRlop6 nN9BO9fBgwfb7bWe18uECjn0d8LPPfec5XgWcNro9aCDDrImTZpkffzxx9a8efOilvL33393xTFO Ow1n5RySa/ghJyzPUUcdFdU+skAPJSMFKSo0mThxos9mbbdo0SLrggsucG3dfvvtLQ1B5U1aR8Uf b7zxhtW3b1+3rjPXHXbYwRo1apS9BspBeSRLysM55HX60fBVsUKmaBgZx+OE2hEpPNADcg0LpvPQ vm655Zao4dWL0T777BM1d/Ucs3LlSl999WgxduxY18tPzZo1LfUGkSiVdQ1V8KCH7e+//76lnnqq V6/um6uek2gIMxVq6VrE84yje1O9cjhM9arinrlz5/qmr1ELdK2OPfZYX131vqHlsVI+PyOx5hO0 LNn+1c+KvhvU7s8++8xlq6ILXZMPP/zQevjhhy0VdXm5al7Ps95++2373eEVNeWDVbp7KFKgo3bp +yZyzzi8lVHHjh1dFrHeSfmw35lftq/6NSRSpLjXXnvF/dzofPRrzbBhw3xfV1INbaWfef26pV9H VBjz0EMPxfx6o+unX6f/+9//2ntT9/B3332XFEssT2PqPUzH86Zrr73WXnsVAnmFr5n6Wuwdq6x5 BDplJUj7UiKAQKeUVjODtug3hPqNovMNjsa41S8gkcrTb775xjr++OPdek79VL+YZXDqUV3pN3LO vPQbeRIEIAABCEAAAhCAQHESQKBTnOvGrCEAAQhAAAIQgAAEskegkAQ6sf5C3/m9bJCrV2Tz+uuv u7/TDdJWPaY4qW7duoHb6h+hxkoaJipSFKReZdq3b+96RalRo0ZSbzxO3+px5owzzogSwWy33Xa2 hwwNo7Xvvvv65q2eM9STQmSKdYCfiJHOM0hSrxuxvDaooKl///7W+eef7zuAVo8d6iFID12dsFOR 89DwRSrIiJVUNHDWWWdFjaleeFSQ0LVr1yiBl4ZH++CDD2J1F1VWljVUYU6kLYnu9TwlXvrxxx+t U089NYpRixYt7IN7DYMWGWKsUqVK1lVXXRV1HuMdI9+fEe9cUsmnun8dtio4SLQGkc9UIOikfLBK dw95+Wy77ba+d4aGkNPwbQMHDrRUwLH//vu7YfDUfv3M6LsmMuXD/sg5ZPNevX21a9cuan+ocEnF ghoy6pVXXrHUO5V6Y1aO3v2iwq54Irt489bQWN4+Usmr155kSd+PKjSK7Ld58+a2SEfFOHfeeael 7wqtM2jQILfLTH4tdjvNQAaBTgYg0kXJECinlpgPLwkCPgLmi7uMHz9ezDfDYl7yYmIb+p57b4za VMwPC2LcyXmL5eabb5arr77aV5aPG6MoFfPF2R7aCHTE/DCRj2kwJgQgAAEIQAACEIBAGQkYF+Zi fmFs92J+qSLmL2LL2CPNIQABCEAAAhCAAAQgUNwEjMcNMR7Nxfz1vKxevTqvxjzxxBPSp08fMd5G xIhZxIQeEXN4KMYzi/17ZmdyeiRhxPdiDt7FHHKK+aNQ+2rEKGK8jdjVpk6dKuYPSO2+jMDE7s/p R9ubw1S7jfECL+ag0v5d9BVXXGG3NSGhxHg1sdvqXHQORkBiP9N2+vtsbaNtzR+f2r8Hd+bmvRrv PXLZZZeJ/n45MhnvMGIOQcWIaiIfJbw3nhNk6NCh8uyzz9r2x6q88847iwnfY/8eW38/H5nuv/9+ MYf4rn1G3OFj7NioXNVOtf2PP/6I7CbmvfFsI8YThBgPJaL5WMl4qxAj1hHjwUhM+C+7itrTr18/ Md5v7Htlbjx5iAm3JcYLUKxu3DIjYBFziC66f0woGLfcmzGiK/n3v/8t119/vRjPKd5HCfPprqER AYk53HcZ6z7Sn0V1PZSvs3+Vr7LVeavNidLXX38tN9xwg5iwa3Ht1LU03qXEeB0SE8kgUXdSCJ+R hBOM89C7f/Wzre8J57Pt7F39bOo/3cMOW+VnBAtRa6L7W98J+vsCre+8E+666y4ZMGCAPYt8sEp3 DxmhhYwYMcJ+txjvMGI859ifNSP4iUNUpGnTpmLEJ3LSSSfFrJMP+2NOJMuFRoRjvyOM56pAI7Vt 21aMtzE58MADA9X3VtL9ZkR2Yjyc2V+f9LPr7GXn643Wd/a07mPn650Rhtpfo7z9xcobkY5tz913 322/c2LV0TJ91xqPbPb4ep/Jr8XaX6aSfv0z4ku7O/06aIRRmeqafiBQdAQQ6BTdkmV/wkb1LkbZ 7g50+umni3HjKPqNd7xkVLnSsGFD+5sgp45+s2rU8aI/rOQzIdDJJ33GhgAEIAABCEAAApkjgEAn cyzpCQIQgAAEIAABCECgNAgUkkCnNIhGW6GHinrYbjz82AegxuOJfXieTJAR3dM/JSrwWLBggRgP 9aL9q8Bgxx13FOOVRvbbbz+foOmfVrnL6fyMxxL55Zdf7H+//fabNGjQQEzIJTGhqWKeFegBtAk9 ZU9SD2G33nrrlCaswillYrwsyPfff2+fNejZQuPGjcV4LnL/WCOlTv9XORtrmM48tI3+XKuiJF17 tVXvVcSk5yu6t1TcRgovAd37xuOLmNBxrgBOafzwww+iIiUVhKxZs0ZMeDlp1qyZLXioVatWeIHF sNx4DBITalFMCEP3HaviGBX6Ge850qlTJ+nRo4f861//yvu7Nsb0o4p03U2EEzGhI22bdP1VEKTz P+yww+Tiiy92xTlRjQMW6HtIhXLZTAh0skmXvouNAAKdYluxHMz3vvvukwsvvNA3kglZJY899piv LPJGv3nUL3reZNxiigp88pkQ6OSTPmNDAAIQgAAEIACBzBFAoJM5lvQEAQhAAAIQgAAEIFAaBBDo lMY6YgUEIAABCGSHgONhyfHInJ1Rcter/m5MUyYFNepJSEWSejasnq2ykRDoZIMqfRYrAQQ6xbpy WZy3iYUrTz75pG8EVamrqjtRUvd5EyZM8FXRl/k999zjK8v1DQKdXBNnPAhAAAIQgAAEIJAdAgh0 ssOVXiEAAQhAAAIQgAAEipcAAp3iXTtmDgEIQAACECgEAqtWrZImTZrYnnk0zFo2hDoIdAphpZlD oRBAoFMoK1FA87j22mtl2LBhvhkdcsghMn36dF9Z5M1xxx1nx0/1lmvcWY2PmM+EQCef9BkbAhCA AAQgAAEIZI4AAp3MsaQnCEAAAhCAAAQgAIHSIIBApzTWESsgAAEIQAAC+SRwzTXXyC233OJO4fbb b8+oUAeBjouWDAQEgQ6bIIrAnDlz7NiF69evd5899dRTctppp7n3sTJt27aVTz75xPdo+PDhcsUV V/jKcn2DQCfXxBkPAhCAAAQgAAEIZIcAAp3scKVXCEAAAhCAAAQgAIHiJYBAp3jXjplDAAIQgAAE CoWAetGpW7eubzrbbbedZMqjDgIdH1puQk4AgU7IN0A887/++mt5+umnZdOmTXLQQQeJ/qCXKP3x xx+iL2qt700zZ86Udu3aeYtynkegk3PkDAgBCEAAAhCAAASyQgCBTlaw0ikEIAABCEAAAhCAQBET QKBTxIvH1CEAAQhAAAIFRKB///5yzz33RM0oE0IdBDpRWCkIMQEEOiFe/Eya/swzz8ipp57q67JF ixby1Vdf+crycYNAJx/UGRMCEIAABCAAAQhkngACncwzpUcIQAACEIAABCAAgeImgECnuNeP2UMA AhCAAAQKhYB60WnSpImoU4ZYqSxCHQQ6sYhSFlYCCHTCuvIZtNuyLGndurV8/vnnbq9Vq1aVDz74 wC53C/OUQaCTJ/AMCwEIQAACEIAABDJMAIFOhoHSHQQgAAEIQAACEIBA0RNAoFP0S4gBEIAABCAA gYIhcM0118gtt9yScD7pCHUQ6CREysOQEUCgE7IFz4a5t99+uwwePNjX9cMPPyxnn322ryxfNwh0 8kWecSEAAQhAAAIQgEBmCSDQySxPeoMABCAAAQhAAAIQKH4CCHSKfw2xAAIQgAAEIFAoBJJ50fHO MxWhDgIdLznyYSeAQCfsO6AM9m/cuFFuvvlmGTZsmNtLuXLl5NJLL5WRI0e6ZfnOINDJ9wowPgQg AAEIQAACEMgMAQQ6meFILxCAAAQgAAEIQAACpUMAgU7prCWWQAACEIAABAqBQBAvOt55BhHqINDx EiMfdgIIdMK+AwLav2LFCpkxY4YsW7ZMli9fLvPmzZPp06fLypUr3R7atm0rY8aMkfbt27tlhZBB oFMIq8AcIAABCEAAAhCAQNkJINApO0N6gAAEIAABCEAAAhAoLQIIdEprPbEGAhCAAAQgkG8CqXjR 8c41kVAHgY6XFPmwE0CgE/YdEND+AQMGyN133x23doUKFWTKlCnSpUsXqVixYtx6+XiAQCcf1BkT AhCAAAQgAAEIZJ7A//3f/4l+36npxBNPlOeeey7zg9AjBCAAAQhAAAIQgAAEioiAI9CpWbOmvPDC C0U0c6YKAQhAAAIQgEChEnj00Udl/PjxaU1v6623lquuukouvPBCqVGjht0HAp20UNKoRAkg0CnR hc20WdOmTZMnn3xS9FBEk3rO+fTTT21vOt6xGjZsKKNGjZIePXp4i/OaR6CTV/wMDgEIQAACEIAA BDJGAIFOxlDSEQQgAAEIQAACEIBAiRBwBDolYg5mQAACEIAABCBQIgS8HnUWL14se+yxh23Z0KFD ZciQISViJWZAIHUCCHRSZ0YLD4EFCxZI37597XBXnmI57rjj5Omnn5bq1at7i/OSR6CTF+wMCgEI QAACEIAABDJOAIFOxpHSIQQgAAEIQAACEIBAkRNAoFPkC8j0IQABCEAAAiVKoFq1anLuuefKlVde KWvXrkWgU6LrjFmpE0CgkzozWkQQ+Pvvv2XQoEFy1113+Z507NhRXn31Vdd9me9hDm8Q6OQQNkNB AAIQgAAEIACBLBJAoJNFuHQNAQhAAAIQgAAEIFCUBByBjv6h5L333luUNjBpCEAAAhCAAAQKi8CU KVPKFFr+4osvliuuuEJ22GEH2zBCXBXW+jKb/BJAoJNf/iUz+pYtW6R58+Yyf/58n00aX/Cee+7x leX6BoFOrokzHgQgAAEIQAACEMgOAQQ62eFKrxCAAAQgAAEIQAACxUvAEejUqVNHVq9eXbyGMHMI QAACEIAABAqCwLp166RJkyaycuXKlObjeMzxCnOcDhDoOCS4QkAEgQ67IGME/vOf/0jv3r19/ZUr V05UINOmTRtfeS5vEOjkkjZjQQACEIAABCAAgewRQKCTPbb0DAEIQAACEIAABCBQnAQQ6BTnujFr CEAAAhCAQKESGD58uB2WKuj8EglznD4Q6DgkuEIAgQ57IIMENNRVzZo1ZePGjb5e+/btKw8++KCv LJc3CHRySZuxIAABCEAAAhCAQPYIINDJHlt6hgAEIAABCEAAAhAoTgIIdIpz3Zg1BCAAAQhAoBAJ pOI9J4gwx7ERgY5DgisEEOiwB+IQULFN+fLlRT3gpJKaNWsm3377ra+JxhdcvHixryyXNwh0ckmb sSAAAQhAAAIQgED2CCDQyR5beoYABCAAAQhAAAIQKE4CCHSKc92YNQQgAAEIQKAQCQTxnqPCHHXO MHjwYNEz4CAJgU4QStQJCwFCXIVlpQPaOW/ePLn55ptl0qRJUqlSJenZs6eMHTvWzgfp4sgjj5TX XnvNV1VFPhs2bJAqVar4ynN1g0AnV6QZBwIQgAAEIAABCGSXAAKd7PKldwhAAAIQgAAEIACB4iOA QKf41owZQwACEIAABAqRQDLvOekIcxw7Eeg4JLhCAA867IEIAi1btpQvv/zSV3r99dfLDTfc4CuL d3PmmWfKE088EfV42bJlUq9evajyXBQg0MkFZcaAAAQgAAEIQAAC2SfgFeiccMIJMmHChOwPyggQ gAAEIAABCEAAAhAoYAIIdAp4cZgaBCAAAQhAoIgIDBs2TK699tqoGZdFmON0hkDHIcEVAgh02AMe AqtWrZK6det6Sv5/9sADD5T3338/qjxWwYknnijPP/+871HFihVl06ZNdsgs34Mc3SDQyRFohoEA BCAAAQhAAAJZJoBAJ8uA6R4CEIAABCAAAQhAoOgIINApuiVjwhCAAAQgAIGCI6Dec2rVquWbVyaE OU6HCHQcElwhgECHPeAhsHTp0pixAlMR6LRu3VrmzJnj6VWkWbNmoqGz8pUQ6OSLPONCAAIQgAAE IACBzBJAoJNZnvQGAQhAAAIQgAAEIFD8BBDoFP8a5tuCDRs2iP6sVaNGjaRT2bhxo1SqVEkqVKiQ tC4VIAABCECgeAjcdtttctVVV7kTvuiii2Tw4MExz43dSilkEOikAIuqJU+gnGVSyVuJgYEI6Dfh 1atXt73deBvceuutcuWVV3qLYuZ/++032W677exv5r0V1B3aTTfd5C3KaR6BTk5xMxgEIAABCEAA AhDIGgEEOllDS8cQgAAEIAABCEAAAkVKAIFOkS5cHqf91Vdfybhx4+S1116TBQsWyNq1a+3ZVK5c WXbaaSfp2LGjHHHEEaLe8tU7vpM+//xzad++vRx33HHyzDPPOMVcIQABCECgyAmo95wmTZrIn3/+ KX379s2oMMdBg0DHIcEVAnjQYQ9EENBvrl966SW7VMU6AwcOlOuvv973jXhEE/dWlZWqsPQmFezo N+4NGjTwFuc0j0Anp7gZDAIQgAAEIAABCGSNAAKdrKGlYwhAAAIQgAAEIACBIiWAQKdIFy4P01bv N/qHtHfccYds2bIl6Qx22WUXu/7pp59u/1Fuu3bt5JNPPrFFOh9++GHS9lSAAAQgAIHiIDB69Ghb sJlJjzmRliPQiSTCfZgJ4EEnzKsfw3YVsxx88MGi36y3bNlS3nrrLdl2221j1PQXffPNN7L33nvL X3/95T4oX768rcI/7LDD3LJ8ZBDo5IM6Y0IAAhCAAAQgAIHME0Cgk3mm9AgBCEAAAhCAAAQgUNwE EOgU9/rlavYzZ86U3r17ix6Qaqpatar069dP/vWvf0mrVq1km222kYULF8r8+fPl6aeflhdffNEV 8fTv319UrKN/zKtJvegg0LFR8B8EIACBkiCgnnOChDksi7EIdMpCj7alRgCBTqmtaAbsee6556Rn z56i0c8aNWpkq+R79eolKriJlb7//nu7/uzZs32Pr7vuOrnxxht9Zfm4QaCTD+qMCQEIQAACEIAA BDJPAIFO5pnSIwQgAAEIQAACEIBAcRNAoFPc65eL2S9ZssT+49pVq1bZw3Xq1EkefPBB2W233eIO v3jxYunTp49MnTo1qg4CnSgkFEAAAhCAQBICCHSSAOJxqAgg0AnVcgc39t5775XLL79cNmzYYDfS b9b1hz31hqP5WrVq2e7O3njjDbn11lvdelq5Zs2acu2119rt44l6gs+k7DUR6JSdIT1AAAIQgAAE IACBQiCAQKcQVoE5QAACEIAABCAAAQgUEgEEOoW0GoU3F/0j3K5du4r+Hl9T27Zt5YMPPpCKFSsm naz+/KVeczT0iTch0PHSIA8BCEAAAkEIINAJQok6YSGAQCcsK52Gnb/++qsMHz5cHnjgAZ8AJ1FX p5xyiowYMUJ23HHHRNVy+gyBTk5xMxgEIAABCEAAAhDIGgEEOllDS8cQgAAEIAABCEAAAkVKAIFO kS5cjqY9ZswYufjii+3RNHyJesFP5Dkncloq8DnmmGPklVdecR8h0HFRkIEABCAAgYAEEOgEBEW1 UBBAoBOKZS6bkSrUGT9+vHz77bd2jFoNaaUuLitUqCDbbbedHQarc+fOcvzxx9sK/LKNlvnWCHQy z5QeIQABCEAAAhCAQD4IINDJB3XGhAAEIAABCEAAAhAoZAIIdAp5dfI/t6ZNm9qe8HUmPXv2lGee eSblSS1btsw+A9i0aZPdFoFOyghpAAEIQCD0BBDohH4LAMBDAIGOBwbZ4AS2bNliC3TKlSsXvFGe aiLQyRN4hoUABCAAAQhAAAIZJoBAJ8NA6Q4CEIAABCAAAQhAoOgJINAp+iXMmgFfffWV7LXXXm7/ I0eOtENWuQUpZM444wx58skn7RYIdFIAR1UIQAACELAJINBhI0DgHwIIdP5hQa5ECSDQKdGFxSwI QAACEIAABEJHAIFO6JYcgyEAAQhAAAIQgAAEkhBAoJMEUIgfv/zyy9KtWzeXwL333isXXHCBe59K xvs7dgQ6qZCjLgQgAAEIKAEEOuwDCPxDAIHOPyzIlSgB7w8PY8eOlf79+5eopZgFAQhAAAIQgAAE SpsAAp3SXl+sgwAEIAABCEAAAhBInQACndSZhaXFI488Iuecc45r7nnnnSf333+/e59qplWrVvLF F18IAp1UyVEfAhCAAAQQ6LAHIPAPAQQ6/7AgV6IEEOiU6MJiFgQgAAEIQAACoSOAQCd0S47BEIAA BCAAAQhAAAJJCCDQSQIoxI8nTpwoJ5xwgkugdu3aMm/ePGnQoIFblkpmwIABcvfddyPQSQUadSEA AQhAwCaAQIeNAIF/CCDQ+YcFuRIlgECnRBcWsyAAAQhAAAIQCB0BBDqhW3IMhgAEIAABCEAAAhBI QgCBThJAIX786aefSps2bXwEVLDz3HPPSbly5XzlQW4efvhh6du3r3To0EHefffdIE2oAwEIQAAC ELAJINBhI0DgHwIIdP5hQa5ECSDQKdGFxSwIQAACEIAABEJHQAU6FStWFMuy7L8EnTBhQugYYDAE IAABCEAAAhCAAAS8BBDoeGmQ9xLYsGGD1K9fX9auXestlm7dusm4ceOkVq1avvJkN0uXLpVrrrlG unTpIqeffnqy6lHPtf3XX38tixcvlnXr1ol69GnSpIkccMABaQmGNm3aJCtXrpQqVapI3bp1o8b7 5ZdfZOPGjdKoUSOpXLly1PNCKAgLE/1ZfvXq1bJq1SrZbrvtZOutt47Cv2XLFlmwYIFUq1ZNdtpp p7T2RFSn/yvQ8efOnSu6J5R5pUqVZI899pDmzZtLnTp14jULVJ5v2/T3I/q5WrhwoW3bX3/9JfXq 1bM9Zam3LN3/6aZM789050G70iCAQKc01hErMkMAgU5mONJLARNAoFPAi8PUIAABCEAAAhCAQAoE EOikAIuqEIAABCAAAQhAAAKhIIBAJxTLnLaR5557rjz00ENR7XfeeWc577zz5Kyzzko75FVUp3EK nnnmGRkzZozMnDnT/mOLyGoNGza0BT+9evWSPffcM/Kxff/444+L9qOCHP2nQg8V+WhSW37++Wc7 v2jRIhk0aJBMnTpVfvvtN7tMxTl9+vSRUaNG2WKe+fPny+DBg6VmzZr2v6pVq0qFChXsun///beo 8OfPP/+U9evXS7t27WTgwIH2s8j/rr76alvwoUInFZVoHyqW0PYqRlF7unbtGtnMvi80JjEnmWah CmFUyKVr5KyV8tCf5zU9+OCDticmzf/4449y6623yqxZs2yRyebNm7XY5tm0aVPp1KmT3HTTTTEF PXbFJP+pGGzo0KEyadIkWbZsWczaKmLp3bu3vW+22WabmHWcwkKybfny5TJs2DB54YUXRPd9vKRC JP2cq40q2AuSMrE/g4xDnXARQKATrvXG2iQEzDcMJAiUNIGPPvrIMh8D+9/YsWNL2laMgwAEIAAB CEAAAqVMwPyy1DKu2O3v64xr9lI2FdsgAAEIQAACEIAABCAQiMAxxxxjf39svEAEqk+lcBEwwhXL CFHc3487vyd3ruXLl7datWplXXjhhdZTTz1laf1MJSOQsXr27Okbe6uttrKOPvpo68wzz7QOOugg y3hI9T0fPXp0zOEvuugiXz1n/nqtUaOG3ebll19OaKsRKNj1jBgkbl/efjV/6qmnxpyP/mwaWTfy 3ngZimpbqEyiJlqGgtdffz0hGyPQsYy3HOv666+3jDjKrWs8IVk77rij+zO/w9N4g7EmT56c8oye fPJJS9+LTj963X777S3jQcrefyZUm6X733mue1PnZIRZcccqFNtefPFFS7k4c3euxluOddRRR1lG 2GQZL0W+51rfCIzi2qYPMrk/Ew7Ew1AS+Pbbb909aYRzoWSA0RBwCKiilwSBkiaAQKeklxfjIAAB CEAAAhAIEQEEOiFabEyFAAQgAAEIQAACEAhEAIFOIEyhrmS8z7iHos5BfqKrCS9knXLKKZYKKUx4 rLTYTZs2zRZbOOOoEMJ47LGM1w9ff/PmzbNMiCvf/EaMGOGrozcTJ06026u4onr16r76KtD59NNP baGOjrf//vtb7777rmVCcfnqqRjEhLyyjFcV68orr7QuuOACy3gX8dVx5rvDDjtY55xzjjV+/Pio uWiB8QZjGa88lgnTFdVe53PyySdHtS1kJjGNTLPwm2++sQVfKlBSjg5T5/rAAw9YZ599tltuvAxZ n3zyiWVCM9kjGm871oknnug+13bGs40tHgkyJd1jPXr08LXv3r27Zbz1RDVXQVpk3Y4dO1pr1qyJ qqsF+bbtjz/+8LFTNsZzky0sMt6KfHPW35888sgjPg4qgNK9Gytlen/GGoOycBNAoBPu9cd6PwEE On4e3JUgAQQ6JbiomAQBCEAAAhCAQCgJINAJ5bJjNAQgAAEIQAACEIBAAgIIdBLA4ZFLYPjw4VGe SRzBRKKrCd9k9evXz1IhTdD0ww8/+EQ06gVVRULx0tKlS626dev6hATqISRemjNnjs/ziQkvZbVs 2dJub0JkWb///rvdtE2bNr4+1VuP88zp24Sjsj35RDJQgU+Q9MEHH/jGOOKIIywVmESmYmISOfey 3CvfXXfd1ceocePG9r16zIkngFIPO82bN/e1u+yyy5JOxYTIslq3bu2207133XXXxRWlaIf6ewbd 4949oF6lIvdK5OC5tk3HVzGTd54quJkxY0bk1Nx7EwLRV1/bfvbZZ+5zJ5Pt/emMwzXcBBDohHv9 sd5PAIGOnwd3JUgAgU4JLiomQQACEIAABCAQSgIIdEK57BgNAQhAAAIQgAAEIJCAAAKdBHB45CMw YcKEKCGM97A/Ub5y5coJRTbegTp37uwTBZx11lnexzHzKsjxjn/ggQfGrOcUaqgib33Nawifn376 yaliXXXVVb46xx9/vPvMm3n//fd99bSvoOFX1COPM499993XUoFIrFRsTGLZkG6ZehpyGHmvd911 V8Iuhw0b5mu39957J6yvD2+44QZfGw1ZFTRFhlELsm9zadsTTzzhs01ZasitRGmfffaJaqPvgciU i/0ZOSb34SOAQCd8a47F8Qkg0InPhiclQgCBToksJGZAAAIQgAAEIBB6Agh0Qr8FAAABCEAAAhCA AAQgEEEAgU4EEG4TEli3bp01evRoSwUwGnbKK5gIkr/xxhsT9v/QQw/5+tTwO0uWLEnYxnmoc/LO 4cMPP3QeRV133313X11tFxkaS0MmaZmGS7r99tutZcuWRfXjFGhYLO/YDRo0iCu2cdro9YUXXnDb xfO6U6xMvHaWJX/ppZe6jBzG6gkmXqglZ6xJkyb52tWsWdN5FPM6e/Zsq1KlSm4b9cqkIaGCplWr Vrlh0px5Tp48OWHzXNmme1fDfDnz0uuhhx6acG760BtKTNuot6nI8F252p9JJ0uFkieAQKfklxgD UyCAQCcFWFQtTgIIdIpz3Zg1BCAAAQhAAAIQiCSAQCeSCPcQgAAEIAABCEAAAmEngEAn7DsgfftX rFhhPfvss9aAAQMs9bQRRLCjIYPiee34888/rdq1a/tEBF26dAk8QQ1F5BUgXH755XHb7rHHHr66 OvdFixbFrZ/swVNPPeXrT+cxbty4ZM0sx/OIXmOlYmYSy550ygYOHBjFdsqUKUm7eu+996LaqYgm Xor0FqPilFTTKaec4huzQ4cOCbvIlW29evXyzUs/h7FCVUVOVoU9+hlU4VKLFi2sxx57zFcll/vT NzA3oSSAQCeUy47RcQiU03LzzQYJAiVL4OOPP5Z27drZ9o0dO1b69+9fsrZiGAQgAAEIQAACEChl AuYv7KRixYr6RwZywgkniHHNXMrmYhsEIAABCEAAAhCAAASSEjj22GPFeHmQOnXqyOrVq5PWpwIE 4hH4/fffxYR7EuMJRl599VX5/PPPY1Y13mXEHLRKrVq1fM9feuklOe6443xlxnONDBo0yFcW72bG jBly8MEHu4979Oghzz//vHvvzTRr1syeg1N2yCGHyPTp053blK/G2440btxYjLcft23btm1Fzxbi pS+//FJatmxpPzbeXqJs1wfFzCSe3amWX3bZZXLnnXf6mi1dulTq16/vK4u8MQIU2W+//XzF8drF qvv4449L7969fe2T3dxzzz1R50e6143HpphNc2Hb+vXrxXgDkg0bNrhz0P0/b9489z7dTC73Z7pz pF3pEPjuu+/EiCttg0wYQRkyZEjpGIclEEiVQBzhDsUQKBkCeNApmaXEEAhAAAIQgAAEQk7A60HH /LI25DQwHwIQgAAEIAABCEAAApaFBx12QbYIfPPNN1b37t19njvM+ZN9/+CDD0YNa/4wNqqu+aMK a8uWLYH+aSgsp3+9tm7dOmoMpyDSg04ibztOm2RXc2DsG1/nYARLcZude+65dv0mTZpY+rNqrFTs TGLZlGpZpJcZDR8WJH366adR62EEOjGbXn/99VF144Uci9nB/wpffvnlqH6GDx8et0kubFNvQ97P hebPOuusuHNK5UEu92cq86JuaRLAg05pritWpUcADzrmqxmptAngQae01xfrIAABCEAAAhAIDwGv B51Ef00ZHiJYCgEIQAACEIAABCAQdgJ40An7Dsi+/TfccIPceOONvoHat28vH374oa+sW7duYgQO vrKy3DRs2FAWLlwYs4tIDzp33XWXXHLJJTHrBi00Ib9Ex9y0aZPb5OSTT5b//ve/7r2TUW9VO+20 k6h3k5EjR4oRajiPfNdiZ+IzJs2bSC8znTp1krfeeitpb7G84sTzoNOzZ08x4dp8fSbyfOOr6LlR 71EHHXSQp0TkvPPOk/vvv99X5tzkwrZRo0bJpZde6gxpX4cNGybXXHONryydm1zuz3TmR5vSIoAH ndJaT6wpGwEEOmXjR+siIIBApwgWiSlCAAIQgAAEIACBAAQQ6ASARBUIQAACEIAABCAAgVARQKAT quVOydgffvjBDiFy0kknif6BQ1nSaaedJuPHj3e7KFeunGzcuFEqV67slu2///4ya9Ys914zGsZo 22239ZUFudHQxhq2SoU3sVKkQEfFGWpnWVOfPn3ksccec7vReSxYsMAW7riFJjNixAg7dFeNGjVk 0aJFdog573MnXwpMHFvSvUaKWDp37izTpk1L2l0qAp2OHTvKe++95+tT1814N/KVJbuZM2eOGM9N vmpdu3aV1157zVfm3OTCtiuvvFKMFx9nSPt69913S79+/Xxl6dzkcn+mMz/alBYBBDqltZ5YUzYC CHTKxo/WRUAAgU4RLBJThAAEIAABCEAAAgEIINAJAIkqEIAABCAAAQhAAAKhIoBAJ1TLnZKxTzzx hJx55ply9NFHy+TJk1NqG1lZxQ4mrJSYcFXuo++//1523XVX91696nz00UfuvWbmz58vTZs29ZVl 4iZSoKOee0y4tzJ3HUugMXjwYLntttvcvvXnUrXpp59+kgsuuEDuvfde91lkphSYRNqU6n0uRCz7 7befqKDHm+bOnSt77bWXtyhpXgVmKlrxpuOOO04mTZrkLXLzubDNhG+zvTS5g5pMpgQ6udyf3vmT DycBBDrhXHesjk0AgU5sLpSWEAEEOiW0mJgCAQhAAAIQgECoCSDQCfXyYzwEIAABCEAAAhCAQAwC CHRiQKHIJvDwww9L3759ZffddxcN91PW1KVLF5k+fbrbzYwZM0Q9lzgpVpihmTNnSrt27ZwqGbtm S6CjE9QQTO+8844712222UZ++eUXqV69ul2mYo3u3bvb+a+//lqaN2/u1o3MlAqTSLtSuc+FiCVW qCYNV9WhQ4dUpipvvvmmHHbYYb42utYTJ070lTk3ubBt9OjRUeHbbrrpJrn22mudaaR9zeX+THuS NCwZAgh0SmYpMSQTBCwSBEqcgFHtW+azYv8bO3ZsiVuLeRCAAAQgAAEIQKB0Cfz999+WcaVuf19n XLSXrqFYBgEIQAACEIAABCAAgYAEjNcQ+/vjOnXqBGxBtbAQeOihh+y9UalSJWvz5s1lNvuiiy6y +3N+12684/j6vOKKK3zPtZ4JPeWrk6kb483HN5bxoJOpri0jxvD1rXbcf//9bv8mRJP9/PDDD3fL 4mVKhUk8+4KUDxw40MdT+QVJn376qa+drsPSpUtjNh0wYEBU3XT2xHPPPRfVj/YdL+XCNiMIi5qT CcUWb0opledyf6Y0MSqXJAEjFHX38tChQ0vSRoyCQFACeNAxX9VJpU0ADzqlvb5YBwEIQAACEIBA eAjgQSc8a42lEIAABCAAAQhAAALBCOBBJxinMNZyPOio7eoBxPH6ki4Lc5gvd9xxh928du3asnr1 ajF/QOF29/rrr8sRRxzh3mtGPYyMGDHCVxbkZsWKFVKtWjWpWbNmzOrZ9KBj/jDEDt2lIayc1KJF C/nqq6/kyy+/lJYtW9rFGjZMw4clSqXCJJGNyZ7lwsvM008/LaeffrpvKmPGjBEjrvGVJbu5/fbb RUOaedMLL7wgxx9/vLfIzefCtiVLlsjOO+8sui+dtMsuu8gPP/zg3Aa+/vXXX1KxYkX3c5vL/Rl4 klQsWQJ40CnZpcWwNAgg0EkDGk2KiwACneJaL2YLAQhAAAIQgAAE4hFAoBOPDOUQgAAEIAABCEAA AmElgEAnrCuf3G6vQKdr167y2muvJW+UoMZRRx0lr776ql3j4IMPlrfffttXW39ea9KkiSxcuNAt d4QtbkGAjPGcIm3btpV99tlHPvvss5gtsinQ0QFHjhwpl19+uW9sFTM8//zz8uCDD9oCHj1s9gqU fJX/d1NKTGLZF6QsFyKWjRs3SoMGDWTNmjXulE444QSZMGGCex8ko4KrV155xa1aq1YtWb58uVSt WtUt82ZyYZuO57znvWPr52Tffff1FiXMz507167funVr0TMzTbncnwknx8NQEECgE4plxsigBIK6 2qEeBIqVACGuinXlmDcEIAABCEAAAhDwEyDElZ8HdxCAAAQgAAEIQAACECDEFXsgHgEnxJU5K7LD igwfPjxe1aTla9eutbbZZhs3PImGxomVjIcdt44zrvE0E6tq3DLj6cfuo0OHDnHrZDPElQ5qvANZ NWrU8NnSvn17q3r16nbZqFGj4s4t8kGpMIm0K+h9LsJA6VwGDRrkW68qVapYv/76a9BpWj///LOl 4eCcfavX++67L2H7XNk2ZcoU37x0bvvvv7+lvyMJmjQslrbbb7/9fE1ysT+N5x7r0ksvtbbddlvL iJ2sI4880vr+++998+Cm9AkQ4qr01xgLgxOQ4FWpCYHiJIBApzjXjVlDAAIQgAAEIACBSAIIdCKJ cA8BCEAAAhCAAAQgEHYCCHTCvgPi2x8p0DHeXqxx48bFb5DgiQkV5AoE9JDdeBWJWXvLli3WAQcc 4NZVQYCKaVTwEiSpmEfnmUwcsdtuu/nGePHFF4N0n1KdCy+80DeGzkn/Ga8q1u+//x64r1JiEtho T8VLLrnEx7FTp06ep/Gzs2bN8rVT9osXL47b4M8//7T3mrNOeu3du7dlvMTEbeN9oHW9bbt16+Z9 HDOfK9t08NNOO803P53rvffeG3NekYXvvvuuVb58ebt9ZJtc7E8T5i5q7rvuuqula0YKDwEEOuFZ ayxNTgCBTnJG1ChyAgh0inwBmT4EIAABCEAAAhD4HwEEOmwFCEAAAhCAAAQgAAEI+Akg0PHz4O4f ApECHT3QVw8hJuzPP5UC5KZNm+Ye7msfTz75ZMJW8+fPt+rWres7kO/cubNlwg8lbPfyyy9bderU sduZEFpxvYOo4GKrrbby9f/AAw8k7Dudh/PmzXPFQl7hhoqVUk2lwiRVu7X+Kaec4lsrE54sUDcv vfSSr52ugQnrlLCtinpUQOVdr169elnqwSVRuvXWW31tTLgsa8WKFYma2M9yaZt+fkwIOd88a9eu bSXzUPXFF19YjRo1stu1adMm5ucq2/vz0EMP9c3bWZ+nn346KWMqlA4BBDqls5ZYUnYCCHTKzpAe CpwAAp0CXyCmBwEIQAACEIAABAISQKATEBTVIAABCEAAAhCAAARCQwCBTmiWOmVDYwl0nIPx1q1b W+PHj7fUe0a8pKKG66+/3qpQoYJ7uK6haYIkPYiNFBOoSGDixIlRYolFixZZF1xwgTvG9ttvby1c uNA3jNZR8cUbb7xh9e3b163r2LPDDjtYGnbqzTfftPQ8QEUJmUhdu3b1jaXefdS2dFKpMElmu4ZD ++STT6z33nvPGj16tFW5cmUfQ12zwYMHW2+99ZZdb9myZW6Xum66fs8995zVqlWrqHYHHXSQNWnS JOvjjz+2VEAVK+nY9erV87XVfTt37lxf9c2bN9tjHXvssb666tlF5xAr5ds29SC0zz77+OarPNX7 z8qVK31TXrVqlTV27Fg7pJTWqVmzpjV79mxfHe9Npvent++jjz46as46JxVPkcJDQPeYrrv+Gzp0 aHgMx1IIxCBQTsvMh4EEgZIlYL5Zk3bt2tn2mW9IpH///iVrK4ZBAAIQgAAEIACBUiZg/lJSKlas qH9kID169JDnn3++lM3FNghAAAIQgAAEIAABCCQlYA6XxXhQEON5REwYoaT1qRAeAg8//LAYMYtt cNu2beXBBx+UM844Q4xQwYVgRDRy2GGHiV4bN24s9evXl59++kmMpxKZPn26fP31127d888/X0aO HCnVq1d3yxJlfv31VzFCDHnqqafE/LGFW3W77baT/fbbT4z3D/n+++/ls88+c58dccQR8vjjj4sR 6bhlmrn44otlzJgxvrJENzVq1JB169YlqhLo2auvvipHHXWUW9cIPeSVV15x71PNlAKTZDZPnTpV jLApWTX3+fDhw+WKK66w73VvGKGJ+yxRZu+995bPP/88ZhXdw1dffbX897//Ff09gpNatGghu+yy ixjxihiximzcuNF5JMa7lFx++eVy3XXXSdWqVd1yb6YQbPvjjz/sz4PxZCVGYOdOz4jHZPfdd7c/ x/q5WrBggftMP9dGHCcm/JxbFiuTyf3p7f+ee+6JeS5nwp2JEWp5q5IvYQLfffedmJCHtoVGoCND hgwpYWsxDQKJCSDQScyHpyVAAIFOCSwiJkAAAhCAAAQgAAFDAIEO2wACEIAABCAAAQhAAAJ+Agh0 /Dy4+4eAI9DRP3JQwY0KGjZt2mQLXe677z758ccf/6mcIGfC/cgjjzwiKk5JJ+mhrB7GPvvss2K8 lsTsYuedd7bFEfrHtSo0iEz333+/XHTRRbY4SAVCKqAwnn3cuvqzovH4Ixs2bJA///xTypcvLypk KGvSPw5RMZGKOTSpaOmQQw4pa7dSzEySGa8iFt0ruk4qlKpWrZq7VspT10qFMevXr7fX6uabb3YF Oia0mRhPSe46q2hG11KTs8a6vtr2+OOPF+MFKuF0VGB2ww03iAmXZe/9WJV1L5kQTHLLLbdIy5Yt Y1VxywrJNv383nbbbfLEE0/Etc2EmpN///vfYjxh2YI415AkmUzsz8ghrr32Wnn00UdtAZaK80wI MTHegNzPVmR97kuPAAKd0ltTLEqfAAKd9NnRskgIINApkoVimhCAAAQgAAEIQCAJAQQ6SQDxGAIQ gAAEIAABCEAgdAQQ6IRuyQMbbMI9iXqkUS82KoLwJv3ZSsUGKjjR359/8803smbNGvug34Qksj3p qLeR4447Tnr27Clbb721t3laefX2oV49dCw9qFWxxo477mh7/VARTCxhTloDZbiRCbdle2Jp1qyZ 6Octk6lYmWSSQS76Ug9OKmjRvWfC7NgendRLU8OGDW2vMioiKtakwjT9XKld6jlHbTUh32xPOu3b t7e9EKdrW7b2pwl/Jh07dhQT+sr2AJfu/GhXXAQQ6BTXejHb7BJAoJNdvvReAAQQ6BTAIjAFCEAA AhCAAAQgkAEC+ktk/Qs6vRLiKgNA6QICEIAABCAAAQhAoOgJINAp+iXMqgF6wK4edIImPezX+oUq lglqB/UgAIHCJXDvvfdKv379bK9Zd9xxR+FOlJlllAACnYzipLMiJ4BAp8gXkOknJ4BAJzkjakAA AhCAAAQgAIFiIIBApxhWiTlCAAIQgAAEIAABCOSSAAKdXNJmLAhAAAIQKCuBXr16yVNPPWWHvDrr rLPK2h3ti4QAAp0iWSimmRMCCHRygplB8kkAgU4+6TM2BCAAAQhAAAIQyBwBBDqZY0lPEIAABCAA AQhAAAKlQQCBTmmsI1ZAAAIQCAOBlStX2qHFNm7cKB999JHsv//+YTAbGw0BBDpsAwj8QwCBzj8s yJUoAQQ6JbqwmAUBCEAAAhCAQOgIINAJ3ZJjMAQgAAEIQAACEIBAEgIIdJIA4jEEIAABCBQMgVtu uUWuueYa2XPPPWXu3LmE0yuYlcn+RBDoZJ8xIxQPAQQ6xbNWzDRNAgh00gRHMwhAAAIQgAAEIFBg BBDoFNiCMB0IQAACEIAABCAAgbwTQKCT9yVgAhCAAAQgEIDAt99+a3vMWbt2rYwbN05OP/30AK2o UioEEOiUykpiRyYIINDJBEX6KGgCCHQKenmYHAQgAAEIQAACEAhMAIFOYFRUhAAEIAABCEAAAhAI CQEEOiFZaMyEAAQgUMQEfv/9d2nXrp2oSKdp06b2tUKFCkVsEVNPlQACnVSJUb+UCSDQKeXVxTab AAIdNgIEIAABCEAAAhAoDQIIdEpjHbECAhCAAAQgAAEIQCBzBBDoZI4lPUEAAhCAQHYIdOvWTV5+ +WWpUqWKvPPOO7ZYJzsj0WuhEkCgU6grw7zyQQCBTj6oM2ZOCSDQySluBoMABCAAAQhAAAJZI4BA J2to6RgCEIAABCAAAQhAoEgJINAp0oVj2hCAAARCQuCXX36RnXfeWcqVKyePPfaY9O7dOySWY6aX AAIdLw3yYSeAQCfsOyAE9iPQCcEiYyIEIAABCEAAAqEggEAnFMuMkRCAAAQgAAEIQAACKRBAoJMC LKpCAAIQgEBeCIwdO1ZatWolBx10UF7GZ9D8E0Cgk/81YAaFQwCBTuGsBTPJEgEEOlkCS7cQgAAE IAABCEAgxwQQ6OQYOMNBAAIQgAAEIAABCBQ8AQQ6Bb9ETBACEIAABCAQegIIdEK/BQDgIYBAxwOD bGkSQKBTmuuKVRCAAAQgAAEIhI8AAp3wrTkWQwACEIAABCAAAQgkJoBAJzEfnkIAAhCAAAQgkH8C CHTyvwbMoHAIINApnLVgJlkigEAnS2DpFgIQgAAEIAABCOSYAAKdHANnOAhAAAIQgAAEIACBgieA QKfgl4gJQgACEIAABEJPAIFO6LcAADwEEOh4YJAtTQIIdEpzXbEKAhCAAAQgAIHwEUCgE741x2II QAACEIAABCAAgcQEEOgk5lMoT7ds2SIVK1ZMeTp///23VKhQIeV2NIAABIqLgGVZsnnzZqlSpUpK E9ffk/z1119J26XyLtF5VK5c2TePjRs3+u5TvSlfvnxUn6n2Eas+79ZYVAqzDIFOYa4Ls8oPAQQ6 +eHOqDkkgEAnh7AZCgIQgAAEIAABCGSRAAKdLMKlawhAAAIQgAAEIACBoiSAQKfwl23GjBnSuXNn e6LVqlWzD9L18FsPrMuVK+caoAf0eoi+adMm+9+GDRukfv368v3330uNGjXcemQgUCgE3nvvPXn/ /felQYMGcvTRR8u2225bKFMrunn89NNP0qRJE/udULVqVdF/+p5QYZ/3PaG/F1FRir4n9B2hYpo9 9thDvvnmm4Q277bbbvLDDz9I9erV7X/ar76DNOm7R0U+2p8KcbT/lStXuuupY+l8yppq1qwpdevW le23317atGkjhxxyiBx88MF2WTp9825Nh1r+2iDQyR97Ri48Agh0Cm9NmFGGCSDQyTBQuoMABCAA AQhAAAJ5IoBAJ0/gGRYCEIAABCAAAQhAoGAJINAp2KVxJ/bEE0/ImWee6d6nmlm2bJnUq1cv1WbU h0BWCQwdOlSuu+46d4w6deqICnb23HNPt4xMcAIrVqyQxo0by/r164M3+l/NZAIdFeA4YpygnXsF OirYUbHgqlWrgjYPXE/n1b17d7nsssvkgAMOCNxOK/JuTQlX3isj0Mn7EjCBAiKAQKeAFoOpZIcA Ap3scKVXCEAAAhCAAAQgkGsCCHRyTZzxIAABCEAAAhCAAAQKnQACnUJfIZG1a9fKr7/+anunWLdu ncybN09GjBgh3377bdTk1QvJ2WefLTvssIOot4lKlSpJ06ZNCXMVRYqCfBJQEUnt2rVtTyveeZx6 6qny9NNPe4vIp0BA3xPLly+XP/74w34/3HHHHTE94xxzzDH2e0I9F9WqVcv2iKPinkRp5syZtvjn 008/lVGjRsmSJUt81dWzzSWXXCLt2rWzPdq0bNnS995RwY7OT+e2YMECu663744AAEAASURBVI9P PvnE14fe3HvvvfKvf/3LDWel3nfUK4/+W7hwoXz44Yf2v7lz59oew7wddO3aVR577DHbI5O3PF6e d2s8MoVZjkCnMNeFWeWHAAKd/HBn1BwSQKCTQ9gMBQEIQAACEIAABLJIAIFOFuHSNQQgAAEIQAAC EIBAURJAoFOUyyavvPKKHRLIO/sqVarImjVrMhJKxttvpvNDhgyRzz//XPr37y96oE4qPgJlXUMN p9S8efMowzVk0fTp06PKKUiPwGuvvSZHHnmkr7GGmlq9enWZ3hO///679OjRw12rtm3b2u8kFekE TfoO2GeffXzVt9lmm8BedtQbz4033mgLejS0n5N0Dk899ZQcfvjhTlFK12J+t6ZkaBFWRqBThIvG lLNGAIFO1tDScaEQQKBTKCvBPCAAAQhAAAIQgEDZCCDQKRs/WkMAAhCAAAQgAAEIlB4BBDrFuaZz 5syR1q1b+yavIWSWLl3qKyvEGxVmqEDjwQcflL59+xbiFJlTEgJlXcPNmzfL1ltvHRWO6eKLL7Y9 qyQZnscBCWTzPfH+++9Lhw4d7Jm8+OKL0q1bt4Cz+v/VNPSevrO8affdd4/pGcxbJzL/5JNPSu/e vUXDcDmpRo0aoh5/9tprL6co8DWbzAJPgooxCSDQiYmFwpASQKAT0oUPk9kIdMK02tgKAQhAAAIQ gEApE0CgU8qri20QgAAEIAABCEAAAukQQKCTDrX8t/niiy+kVatWvoloWKvFixf7ygrxpnr16na4 LgQ6hbg6weaUiTUcPny4XHnlle6AGmpJz2KaNWvmlpEpG4FsvifUg43jMUfD7am4JpW0YsUKqVev nq/JHnvsETMkl69SjJt+/frZnnS8j3bbbTeZNWuWHUrNW54sn01mycbmeWICCHQS8+FpuAgg0AnX eofSWgQ6oVx2jIYABCAAAQhAoAQJINApwUXFJAhAAAIQgAAEIACBMhFAoFMmfHlrXKyHyIsWLZKG DRva3BDo5G37lGngTK7h7Nmz5fXXXxf1eKIeWBo1alSmudHYTyCb74m1a9e64pcFCxZIkyZN/IMn ucukQOeHH36wBUL6Ox9vuu2222Tw4MHeoqT5bDJLOjgVEhJAoJMQDw9DRgCBTsgWPIzmItAJ46pj MwQgAAEIQAACpUgAgU4prio2QQACEIAABCAAAQiUhQACnbLQy1/bYj1E1gPzq666ygaHQCd/+6cs I7OGZaGX27bZfE8UkkBHqarHnPnz5/sAH3nkkfLKK6/4ypLdZJNZsrF5npgAAp3EfHgaLgIIdMK1 3qG0FoFOKJcdoyEAAQhAAAIQKEECCHRKcFExCQIQgAAEIAABCECgTAQQ6JQJX94aF+Mhsv48tuuu u8qPP/5oc0Ogk7ftk/bArGHa6PLSMJvviUIT6HTp0kWmT5/u46xh09asWSPly5f3lSe6ySazROPy LDkBBDrJGVEjPAQQ6IRnrUNrKQKd0C49hkMAAhCAAAQgUGIEEOiU2IJiDgQgAAEIQAACEIBAmQkg 0Ckzwrx0UIyHyM8884yceuqpLi8EOi6KosmwhkWzVPZEs/meKDSBTrt27UTP8rypQoUKsmnTJtFr 0JRNZkHnQL3YBBDoxOZCaTgJINAJ57qHymoEOqFaboyFAAQgAAEIQKCECSDQKeHFxTQIQAACEIAA BCAAgbQIINBJC1veGxXbIbJ6tjj66KNl48aNLjsEOi6KosiwhkWxTL5JZvM9UUgCnS1btshWW20l GzZs8NnfpEkTWbBgga8s2U02mSUbm+eJCSDQScyHp+EigEAnXOsdSmsR6IRy2TEaAhCAAAQgAIES JKACncqVK8vff/8tPXr0kOeff74ErcQkCEAAAhCAAAQgAAEIBCeAQCc4q0KqmalDZP0ZafXq1bJq 1SrZbrvtZOutt44yUw+/9ZC7WrVqstNOO0m5cuWi6iQqmDJlivTs2VP+/PNPX7VMC3SWLl0qX3/9 tSxevFjWrVsntWvXFj2gP+CAA1Kes05UPW+sXLlSqlSpInXr1vXNXW9++eUXW3DUqFEj++fMqAoJ CubPny+LFi2SJUuW2CF46tevL02bNpVddtlFNCxPJpNlWTaXhQsXijL666+/pF69etKgQQP7n84/ Wcr2GqrYQ1nrz+u6x1JNuo/nzp1rr4naWKlSJdljjz2kefPmUqdOnVS789XPxWfEN2AGbzL1nog1 pUIS6MSyU+c8cOBAGTlyZKzpxy2L1dcOO+xgv1fiNuJBTggg0MkJZgYpEgIIdIpkoZhm+gQQ6KTP jpYQgAAEIAABCECgkAgg0Cmk1WAuEIAABCAAAQhAAAKFQACBTiGsQupzSOcQWQUM11xzjS3GUTGE inJUnKM/J2nyCmZ+/PFHufXWW2XWrFm2uGPz5s12HRXpqJCkU6dOctNNN8UU9GhFFaCMGTNG3nvv PZk9e7bdNvK/ffbZRxo3bhxZbN+3bdtWrr766pjPIgs17JKONXPmTFExSmRq2LChnH766dKrVy/Z c889Ix/b948//rhoP8rFYaMiH00777yz/Pzzz3ZeRTWDBg2SqVOnym+//WaXqaikT58+MmrUKFvM YxfG+G/FihXywAMPyLhx4+Tbb7+NUeP/Fynbyy67zPY4lKoYytvp8uXLZdiwYfLCCy/YYiDvM29e hSxnnXWW9O7dW1Qo5KRsrOEff/xhj6N7T/8pa+WooiFNuk7KJ2hSMdbQoUNl0qRJsmzZspjNVIik tum6bbPNNjHrOIW5/Iw4Y2bzms57Iuh8Ckmgc8EFF8j999/vm7qKavT9pddUUjaZpTIP6kYTQKAT zYSSEBMw3/CQIFDSBD766CP9rt7+N3bs2JK2FeMgAAEIQAACEIBAKRMwnnMsE3vc/r7OeNApZVOx DQIQgAAEIAABCEAAAoEIHHPMMfb3x8bLRKD6VCoMAp9//rn7O2vnd9fmIDrh5F5//fWoNk5bvRqB jmW85VjXX3+9VbVqVbeu8SBj7bjjjpYRi7hlWt94YbEmT54cc8yXXnrJV9c7TpB8t27dYvbrLTTC Dst45vGNY8LcWCaUlnXmmWdaBx10kFWxYkXf89GjR3u7cPMXXXSRr553jjVq1LDrvfzyy1bNmjXj 1jMiELe/yIwR5FjGm4/b1gidLCPEsc477zzr3HPPtQ488EDLCH3c5zp+ixYtLCOUiuwq0P2LL75o r4/XDs0bbznWUUcdZY9tvCX5xtP1NAIVt/9srKERKfnGjJyfEei44yfLPPnkk5a+t7x9bL/99pbu HV3/Dh06WOXLl3ef697Qvb1+/fq4XefyMxJ3Ehl8kM57Iujwv//+u8vWeNgK2sytZwRkbntnDY1Y zH0eNHPXXXdF9WO8UFlz5swJ2oWvXjaZ+QbiJmUC+h519ooR5qXcngYQKCUCeNAxbwNSaRPAg05p ry/WQQACEIAABCAQHgJ40AnPWmMpBCAAAQhAAAIQgEAwAnjQCcap0Gql4+VBvbaopxlzsC5vvfWW HV7Ja5d6d9HfhT/yyCN2cdeuXeXmm2+WVq1aiRG62KGY+vbtKxMmTHCbqUcS9bQSGRpLPR2MHz/e racZDTWjHlScZEQpcvjhhzu3vutxxx0n6mEnXpo+fbqcccYZbtgZI8QQnZt6U9FQXU765ptvbO82 H374oVMkI0aMsD3UuAUmo15mjDjDDgH15ptvihFxuI+NQEdmzJghRvBjh+naf//9bVtuuOEGmTZt mlvPiJpsRhoSy5s0RJh68fn111/tYg29pZ5ftF9v0rmef/758s4777jFGvJKxzYCKbcsUUa9/lxy ySXuGmpd80cqMmTIEBkwYIBsu+22bnP9+Vg9B5199tlumY6jobvUc0821lDDnF111VX2PlC7NHSa NwXxoKOeiJTTxIkT3abdu3eXO++8M8ojk4b1uvTSS311O3bsKEZsZYdAczv4XyaXn5HIsbNxn857 Iug88u1BRz0wqdec6667zvUCpnPXcHTqDatLly5BTfHVyyYz30DcpEwADzopI6NBKRMoJbURtkAg FgE86MSiQhkEIAABCEAAAhAoPgJ40Cm+NWPGEIAABCAAAQhAAALZJYAHnezyzVbvZfXysGnTJmvX XXd1vRGYMyzLhJuy79VjjhHXxJy6ethp3ry5r50JxxSzbmShevjRcZx/6rEnnfTDDz9Y1atXd/tR zz5GaBK3q6VLl1rm0N6tr+Orh5l4ST1veD2vqLebli1b2u1NiCxLPYdoatOmja9P9dbjPPP2/fbb b/vq6fhGDOWt4uaVb7t27Xz11auIEba4dRJljKjK11Y9HxkhTNwmRqDnq69z++yzz+LWz9Qa6gD6 83nr1q194yfzoGNCrfna6NobgYZlxEZx56zj9OvXzzeOEZ3FXCtvJ/n4jHjHz0S+rO+JRHPIhged 3Xff3fbipZ8D7z8jPLPUS48JmWc9++yzlnqr8nr5ct4pJlSbZcKmJZp20mfZZJZ0cCokJIAHnYR4 eBgyAhrTkwSBkiaAQKeklxfjIAABCEAAAhAIEQEEOiFabEyFAAQgAAEIQAACEAhEAIFOIEwFVykT h8h9+vTxiRacQ24NGZMoDRs2zNdu7733TlTdfZYpcUfnzp194+uhfLKkghzHPr1qSKlESUMleetr XkNA/fTTT24z4wnGV+f44493n3kzN910k6+e9tWrVy9vFV/eeNKJCncVRMz0xBNPRI2jIZsSJeOl KKqN8ZAUt0mm1tAZ4OKLL/aNn0ygY7wW+epryKqgKTKMWZB9k+vPSFBbgtbLxHsi3ljZEOhEfuaC 3Gs4K11L4yUr3lRTKs8ms5QmQuUoAgh0opBQEGICCHRCvPhhMR2BTlhWGjshAAEIQAACECh1Agh0 Sn2FsQ8CEIAABCAAAQhAIFUCCHRSJVYY9TNxiGxC//jEDnoYrh5YEnkjUesnTZrka1ezZs1AUDIh 7njooYd8Y5vwTdaSJUsCja+iHO+Bf6IDffXk4a2reRMayzfOX3/9ZZedeOKJ1u23324tW7bM99y5 +c9//hPV12233eY8jnmN9KJjQn7FrOcU6tgm3JhvnEMPPdR5HPdqwlv52qi3oDVr1sStn4k19Hau 3m+8nBMJdGbPnm1VqlTJra9ekUzING93CfMmJJJlwoq57XXcyZMnJ2yT689Iwsmk8TAT74l4w2ZD oKOeq3QfR/5TEY53n3jzjRo1sj1S6e97MpGyySwT8wtzHwh0wrz62B5JAIFOJBHuS44AAp2SW1IM ggAEIAABCEAgpAQQ6IR04TEbAhCAAAQgAAEIQCAuAQQ6cdEU9INMHCIPHDgw6tB7ypQpSe3WMDPe A3LNq/ghWSqruEPDPNWuXds3dpcuXZIN6z6PFINcfvnl7rPIjIaV8tqowoFFixZFVgt0v3r1al9Y JhX/aNitROncc8/1jZ/MS5F65PHOV0M/JQpV5Yytwh5lqMKXFi1aWI899pjzKOa1rGsY2al6wPHO O5FAJ9Lbj4qLUk2nnHKKb7wOHTok7CLXn5GEk0njYSbeE/GGzYZARz938ZKOp+HnbrzxRktDt3n3 jeZV1KaftbKmbDIr69zC3h6BTth3APZ7CZTTG/PyI0GgZAl8/PHHYr642/aNHTtW+vfvX7K2YhgE IAABCEAAAhAoZQLmL0GlcuXKYoQ60qNHD3n++edL2VxsgwAEIAABCEAAAhCAQFICxx57rBgvElKn Th0xh5tJ61OhMAh88cUX0qpVK99kjHhCFi9e7CtLdHPZZZfJnXfe6atihCNSv359X1nkjRF+yH77 7ecrDtLOHKqL8XbjtjNhm6Rv377ufbLMSy+9JMaTjK+a8VwjgwYN8pXFu5kxY4YcfPDB7uNEPxM2 a9ZMzGGwW/eQQw6R6dOnu/epZjZt2iSzZs2SihUrSvv27ZM213XR9XFS06ZNZf78+c6t77p+/Xox 3mRkw4YNbrnOf968ee59pjJlXcPIeZiQVWIEF26xEejIuHHj3HsnE2vPPf7449K7d2+nSqDrPffc E3W+o+tsRFMx2+f6MxJzEmUozMR7It7wa9euFSOYsx8vWLBAmjRpEq9qzPIVK1aICRvne2YEOmJC vPnKYt0YsZ5ceOGFYrxT+R4bwZVMnTpVjCcoX3kqN9lklso8qBtN4LvvvhPdI5qGDh0qQ4YMia5E CQRCQgCBTkgWOsxmItAJ8+pjOwQgAAEIQAACpUTAK9Dp3r27TJw4sZTMwxYIQAACEIAABCAAAQik TACBTsrICqJBJg6RI8UHDRo08Alo4hkaSyyRC4HOgAED5O677/ZNa8KECXL88cf7yuLdLF++XFTE 5KT/x955gE9NZX//0KuCiihKtYMUESnuAiIWrBR1xYIirOgqoKJiWayAhVWR4ipiX8HKKghix4aC BUGxrSIoooDA0pTu5r0n7z8xmV4y85vJfO7z/Exyc8s5n5NEZvKdc1u3bi3qS6wSKdAx2Xbkjjvu iNU067qlS5fKt99+KypY0D+18+2335Z3333XHTuRQGfmzJly4oknum11p1+/fvLwww/76oI4KCuB TqSQR31RPirISKeoGFGfed4yatQoueqqq7xV7n6+7xF34oB2gnhOxDOlLAU6apPmjtDvdaZNm+Yz UYU7KsTKtOSSWaY20e//E0Cgw5UAgT8IIND5gwV7ISWAQCekgcUtCEAAAhCAAARKjgACnZILOQ5D AAIQgAAEIAABCCQhgEAnCaACPR3ES+RI8UGXLl3kzTffTOpxWQl0unfvLtOnT09qX6oNGjRoICqO iVUiBTp33323XHbZZbGapl2nmaqmTp1q/2Bk7ty5snr16qRjJBLojBkzRoYMGeIbY+TIkTJs2DBf XRAHZSXQ6d27tzzzzDM+FxJlvvE19ByoqKdz586eGpELL7xQJkyY4KtzDvJ9jzjzBrUN4jkRz5ay FuioXSpoq1+/vmzbts01c6eddrKFhjVr1nTr0tnJJbN07KBtNAEEOtFMqCldAgh0Sjf2JeM5Ap2S CTWOQgACEIAABCAQcgIIdEIeYNyDAAQgAAEIQAACEEibAAKdtJEVRIcgXiJHig+6du0qb7zxRlL/ ykqg065dO3uZKK+BuhzXbrvt5q1KaV+XmtJlq1R4E6tECnRUHPKXv/wlVtOU6zQzzg033GBnttm+ fbuvn2Yv0qWvDj30UDvLjwp4vGKkRAKda665RjQLjLdopqGBAwd6qwLZLyuBTqdOnWT27Nk+HzJZ VmnBggWimZO8pVu3bvLyyy97q9z9fN8j7sQB7SxcuFBatmzpG02XlVq5cqWvLpMDHcNZDm/JkiXS uHHjtIbJZokr70THHnusvPbaa94qe5k0XS4tkxLEszWTeemTnAACneSMaFFCBEwaMQoEQk3ggw8+ sMwtbf+NHz8+1L7iHAQgAAEIQAACEAgzgd9//92qUKGC/e86kwo5zK7iGwQgAAEIQAACEIAABFIi cNJJJ9n/Pq5du3ZK7WlUGAQ+/fRT9ztr57trs3xTWsZdfvnlvjGMQCel/vPmzfP10/nNEldJ+6p9 jq26nThxYtI+3gbt27f39dcxFi1a5G0S2P6BBx7om8uIZbIa+9FHH7V23nln35hqvxHlWGaJHsv8 mMQ3/tixY31tjUDHd957YEQkvrY6rhHoeJsEtp9tDCMNufHGG322G1FFZBP72AiXfO3URyM+idk2 UaX5MXbUOD169IjbJd/3SFxDMjyxYsWKKH/1OxH9biTbYsRO7tgmK1TawxnBmttf46l/et+lWwYM GBA1jlmSLt1h3PZBPFvdwdgJlIDJmuXGesSIEYGOzWAQKDYCus4fBQKhJoBAJ9ThxTkIQAACEIAA BEqIAAKdEgo2rkIAAhCAAAQgAAEIpEQAgU5KmAquURAvkfMtPkhV3DFnzhzLLNtkmeW2fNxPP/10 9+Ws80LfLBHlaxPUQZACnXHjxlnlypXz2b7PPvtYs2bNimtuOgIdZeXwcLbDhw+PO3Y2J7KNYeTc qQp0TKavKB/NclWRwyU9NplWosZJ9OOdfN8jSR3IoEG1atWifDbZazIYyd/FZHmyx61atar/RIpH QQl0zNJzUf6dcMIJKVoR3SyIZ2v0qNQEQQCBThAUGSMsBBDohCWS+BGXAAKduGg4AQEIQAACEIAA BIqKAAKdogoXxkIAAhCAAAQgAAEI5IEAAp08QM7BFEG8RM63+CBVccf1119vv3A3SzT5yF111VVR L+LN0lO+NkEdBCXQ0Swv5cuX99ltluSy9EVzopKOQMcRSjjiHN32798/0fAZn8s2hpETpyrQGTx4 sI+h+phJVqNnn302ahwdO17J9z0Sz45s6ps3bx7ls2YSyrZcfPHF9rgtWrTIaKigBDqxMkglyjiV zNggnq3J5uB8ZgQQ6GTGjV7hJIBAJ5xxxSsPAQQ6HhjsQgACEIAABCAAgSImgECniIOH6RCAAAQg AAEIQAACOSGAQCcnWHM+aBAvkfMtPshW3PHyyy9HCQ305XwmRcUBGzdujNs1KIFO9+7do2x+7733 4s7rnLjjjjt8/byCg5UrV1qnnnqqNXLkSLv5Tz/95C7l7Ih0NENPJmXbtm1Ry215x8k2ht6xdD9V gc7kyZN9PNRPzUyUbhk1alTUOM8//3zcYfJ9j8Q1JIsTkYyVXbYZlrZu3WrVr1/fZqnCuUxKUAId R9DnXPu61WW81MZMShDP1kzmpU9yAgh0kjOiRekQQKBTOrEuWU8R6JRs6HEcAhCAAAQgAIGQEUCg E7KA4g4EIAABCEAAAhCAQNYEEOhkjbBMBgjiJXK+xQd77723TxwxYcKEmOyuvPJKu92gQYN85/Xz XMOGDX1jNGvWzNcmlYOPP/7YXnKqdevWcZsHIdBRe3X5H69w4KCDDoo7p/fEmWee6evnFegsXrzY PlejRg23i3Mfe+eaN2+eez6Vnc8++8yqWLGi1bZt27jNs41h5MCR4pGzzz47sol9vHnzZqt27do+ JipSSrfo0kdeRjvttJOlY8cr+b5H4tmRTf0PP/wQlcXpsMMOy2ZIa9iwYS5HfX+WSQlKoDN69GjX Fm9sv/jii0zMsoJ4tmY0MZ2SEkCgkxQRDUqIAAKdEgp2qbqKQKdUI4/fEIAABCAAAQiEjQACnbBF FH8gAAEIQAACEIAABLIl4LzY15fflOIhEMRL5HyLD1q1auV7kX777bfHBH766afb7WJl+YjMLKMv 5GfMmBFznHiVvXr1ssfv2LFjvCZWEAKdpUuX+vxVW/v27Rt3Tu+Jxo0b+/omE+i8+OKLvvY6V7t2 7Sz9DJxq0WWxtF+bNm3idgkiht7BUxXoaJ+hQ4f6fKxSpYq1YsUK73AJ91WoUqlSJd8Y9913X8I+ +b5HEhqTxcmzzjrL57fG+aWXXspoxI8++sgWcukY5513XkZjaKegBDoPP/xwlG9q25QpU2LaNmLE CKtOnTrWu+++G/N8EM/WmANTmTUBBDpZI2SAEBFAoBOiYJalK//73/+sm266yTr//POtTz75pCxN iZobgU4UEiogAAEIQAACEIBAURJAoFOUYcNoCEAAAhCAAAQgAIEcEkCgk0O4ORx6/vz5US+l99xz z7RmvOyyy3xjdOnSJaX++oJeX4B7/3SZpWTFEcY4/Xr37h2zy8EHH2yPrcsaRZYdO3ZYhx9+uG9u FdOsXbs2smnMYxXzlCtXzu6fSJyx//77++aYNm1azPESVWpmlsgMOrrkVbKyYMEC39zKS5cTcooj IIgU1cUSYdx7771Ot4RbFSuUL1/enjdRnyBi6DXkuuuu8/mqPsQrv/32W5RwSgVP+m4plaJtnWtP t6nEIt/3SCp+ZNLmv//9rxWZ/UizOf36669pDbdlyxbLuT/r1q1rrVmzJq3+3sYqrvLGQ/f3228/ b5OU9nWJsshx9FhjF6s4IrOHHnoo1mkriGdrzIGpzJoAAp2sETJAiAgg0AlRMMvSFVXLO/8THTJk SFmaEjU3Ap0oJFRAAAIQgAAEIACBoiSAQKcow4bREIAABCAAAQhAAAI5JIBAJ4dwczj09OnT3e/T ne/VK1eubKmIIdVyxhln+MZIdfmlF154wddP509lOaVRo0b5+u26667WqlWrfOa+/fbbbpt4S9Qs WrTIzoDh+K3brl27WuvWrfONFXmgzJxlko444oi42WVU8LHzzju7duj4999/f+RwKR0fffTRvnGq VatmL6ETr/Py5cujlvHS+VVU9PPPP9vdJk2aZI95zDHH+IZR/5s0aeKbr1atWkkzDOnSVo0aNbL7 6dJHibLuBBVDx3D9wbY3jscff7xzKuZWxWG6LJW3T58+fazt27fHbO9U3nbbbb4+9erVi7r2nLbe bb7vEe/cQe/PmjXL0qxDXnZ63yRa4strw+eff27p9eH0f+qpp7yn097XZ4YzlrPV+3Pr1q1pjaVC H12azRnD2cZawm7Dhg1WhQoV7LZvvPFGzHmCeLbGHJjKrAkg0MkaIQOEiAACnRAFs6xcUUW4fnhw /sd50UUXlZUpMedFoBMTC5UQgAAEIAABCECg6Agg0Cm6kGEwBCAAAQhAAAIQgECOCeRDoLNx48Yc exH+4VWsMnfuXOv111+3xo0bZ+2zzz7u9+nO9+q6VUGIZp558803LRUz6HfvjnhBX05//PHH1uzZ s62xY8f6vpN3xrj66qvtvtpu5cqVLlgVcej35M8++6zlZKBw+ui2c+fO1tSpU60PP/zQ+uqrr9x+ 3p3169e7Ahmnry5npXZp0SWInKWlTjjhBG/XqH19URspRlGRyXPPPef663RatmyZpe8cnDn32GMP S5ef8hZto7xee+01a8CAAW5bp89ee+1ljRkzxuavHJRHKkWZOIIAZyxdvirW8jq65JCTnUR9iRSv qJhCf+istuhYt956a5QJmsnokEMOibJfs8esXr3a116zn4wfP97N8lOzZk07e4ivUcRBtjFUAZkK M9577z1LM/VUr17dZ6sKLXQZMxVqaTxiZcfRa1Oztzg8davCnoULF/qs3bZtm33Nnnzyyb62mqVF YxirlPU9EsumIOv0uRApPmvevHlcHjq3Pj9Gjhzpe16ku7SVxlGfRfp8UGHMAw88EPM5orHU/yc9 /fTT1ltvvWVfK998801SBLGyR2lGKJ3PW66//nr7WlAhkCNmDOLZ6p2D/dwRQKCTO7aMXHwEEOgU X8wKymJVw7Zs2dL3DyQEOgUVIoyBAAQgAAEIQAACoSGAQCc0ocQRCEAAAhCAAAQgAIGACORSoKPL qtxwww3WFVdcEZC1pTlMrIwOXnFCsn1HaPPKK6/4vodP1k+zpTilTp06KffV7/vjFV0qyvtjXbVB s8p06NDBzYxSo0aNlDLyaLaZc889N0oAs/vuu1vHHXecpUtoHXrooT67tV4zbkSWSy65xNcuGRu1 MdWiGW9iZfhQUdOgQYOsv/3tbz6xwgEHHGBpliB9Ge0sOxVpjy7BpaKiWEVFJv369YuaU7PwqACq W7duUQIvXR7t/fffjzVcVF02MVRhTqQviY5VZBOrLFmyxDrzzDOj+DRr1swWeOgyaJHLi1WqVMm6 9tprE2aMKYR7JJa/QdbpEmnt27ePikOnTp1sAZguGTVz5kxLsw6ddtpp9vJq3hjpsmSxhFOJbNSl sbxjpLOvWXuSFb3mVWgUOW7Tpk1tkY6KcUaPHm3pNaBthg4dag8Z1LM1mX2cD4YAAp1gODJKOAiU UzfMA40CgYwIXHPNNWL+oe/rawQ6YtTTvrqyPDAqWzH/YLFNMIpyMf9oLktzmBsCEIAABCAAAQhA IEMC5kskMV8GixHqSK9evcT8ujLDkegGAQhAAAIQgAAEIACBcBAw2SVkxowZYjIKyNq1awNxSscx 2UbEZGmRTZs2iXmpJibbSSBjl+Igjz32mPTv319MthExYhYxy9SIedEsJjOLGNGFi0Rf1ezYsUOM qEHMC3ExS9fYWyNIEZNxRF599VUxmUbscYzAxB7LGUP76ucl7acxMy+05ZZbbpGrrrrKHt8sCSUm o4ndV+3Q+Y14xD6n/UyWDbuP9u3Zs6c8+eSTrl2ROyaDjxjRluj37pHFZIcR89JcjLAm8lTcY5Nh Q0aMGCHPPPOM7Xushg0bNpQrr7zS/m7fy8xpO2HCBDEiHdc/I+7w8XV8VKbKRn03maGc7km3JrON mKwh8uCDD4ruxyoms4kYsY6YLEZilv+ym6hPAwcOFJP9xj5W7ia7kJglt8RkAoo1jFtnRCxiMu6I Xj/mh9JuvXfHCK/knHPOkRtvvFHMcljeUwn3M42hEQGJEYK4nPVaMuIl+zpWxs71q4yVr9qtPscr X375pdx0001ill2L66PG0mSWEpNxSFq0aBFvKLu+UO6RhEYGdNKIcOy4m4xEKY3Ytm1b+7n+pz/9 KaX23kb6HYwRT4nJXGU/dzQm+hzT54/zHNH2zn2mcXeeYUbwZz97vOPF2jciHdufe+65x76OYrXR Or1/9LsgnT+oZ2u8uagPloA+643I0B5Un/lGLBbsBIwGgSIigECniIJVaKbqP+L0H/b6P11vQaDj pcE+BCAAAQhAAAIQgEBQBPTfnfoljH7ph0AnKKqMAwEIQAACEIAABCBQzASCFOg4wpzhw4e7SP76 17/aogS3gh0I/B8Bfdmqgg2T4cf+nGayntjCnESCjETw9HPe4sWL5euvvxYdW0VHe++9t5iMNNKm TRufmCnROLk8pzaaJXXkxx9/tP9MlimpV6+emGWXxCxNJSrSiSwqVpg/f75drS+nd9lll8gmCY9V PKVcVCj37bff2j9YUSGUWWpLTOYiWyCTcIAEJ4OOYYKpEp5SAYgKkjT26qceq4CpQYMGoteVCtso sQmYrEFils8TszSde++oOEbFW/Xr15cuXbrIKaecIn/+858L4h6K7cUftSraMktkiVkO0PZp3bp1 ooIgtf+YY46RSy+91H7e/NGDvWIhgECnWCKFnfkggEAnH5RDOMevv/4qZq1a+x+Gke4h0IkkwjEE IAABCEAAAhCAQBAEEOgEQZExIAABCEAAAhCAAATCRCAIgY4jzNGMOevXr/fhUWEA2XN8SDiAAAQg ULAEVNimAifNbBSGor5o0Ww9lOImgECnuOOH9cESQKATLM+SGe3CCy+UiRMn2orwgw8+WObMmeP6 jkDHRcEOBCAAAQhAAAIQgECABBDoBAiToSAAAQhAAAIQgAAEQkEgG4FOImGOwjnrrLNk8uTJoeCE ExCAAAQgAAEIlB0BBDplx56ZC48AAp3Ci0nBW/Tiiy/KSSedZNv5yCOPiKbQe+qpp1y7Eei4KNiB AAQgAAEIQAACEAiQAAKdAGEyFAQgAAEIQAACEIBAKAhkItBJJsxRMLpMkS41Q/acUFwmOAEBCEAA AhAoUwIIdMoUP5MXGAEEOgUWkEI3Z82aNdK8eXNZsWKF9OzZU55//nk588wzEegUeuCwDwIQgAAE IAABCISAAAKdEAQRFyAAAQhAAAIQgAAEAiWQjkAnFWGOY9z5558vDzzwgHPIFgIQgAAEIAABCGRM AIFOxujoGEICCHRCGNRcunT66afLs88+K3Xr1pXPP/9cdt99dwQ6uQTO2BCAAAQgAAEIQAACLgEE Oi4KdiAAAQhAAAIQgAAEIGATSEWgk44wRwclew4XFwQgAAEIQAACQRJAoBMkTcYqdgIIdIo9gnm0 X9cb7tOnjz3j1KlTpUePHvY+GXTyGASmggAEIAABCEAAAiVMAIFOCQcf1yEAAQhAAAIQgAAEYhJI JNBJV5jjTED2HIcEWwhAAAIQgAAEgiCAQCcIiowRFgIIdMISyRz7sWzZMmnRooWsW7dOzjvvPHnk kUfcGRHouCjYgQAEIAABCEAAAhDIIQEEOjmEy9AQgAAEIAABCEAAAkVJIJZAJ1NhjgIge05RXgYY DQEIQAACEChoAgh0Cjo8GJdnAgh08gy8GKezLEu6desmr732mjRq1Eg+++wz2XnnnV1XEOi4KNiB AAQgAAEIQAACEMghAQQ6OYTL0BCAAAQgAAEIQAACRUnAK9BZvHixjBkzRoYPH56xL507d5a+fftm 3J+OEIAABCAAAQhAwEugZcuW9nvlAw880K4eMWKEXHfddd4m7EOgpAgg0CmpcGfm7D333CODBw+W cuXKyaxZs6RLly6+gRDo+HBwAAEIQAACEIAABCCQIwIIdHIElmEhAAEIQAACEIAABIqWgCPQqVq1 qlSpUkXWr19ftL5gOAQgAAEIQAAC4SNwzTXXSL9+/QSBTvhii0eZEUCgkxm3kumlKcdat24tmzZt kiFDhsjo0aOjfEegE4WECghAAAIQgAAEIACBHBDwCnR69uwpzz//fA5mYUgIQAACEIAABCAAAQgU DwFHoFO9enXZa6+9ZNGiRcVjPJZCAAIQgAAEIBB6Agh0Qh9iHEyTAAKdNIGVUvMdO3ZIx44d5YMP PpCmTZvKJ598IvpLjMiCQCeSCMcQgAAEIAABCEAAArkggEAnF1QZEwIQgAAEIAABCECgmAk4Ap3a tWvLqlWrZPLkyXLzzTfLkiVLMnJLl7i66aabMupLJwhAAAIQgAAEIBBJoFGjRqLvnMmgE0mG41Il gECnVCOfgt8jR46U66+/XipWrChz586VNm3axOyFQCcmFiohAAEIQAACEIAABAImgEAnYKAMBwEI QAACEIAABCBQ9AS8Ap21a9fa/uhLMBXq6Pe76WbUKVeunCxYsEBatmxZ9GxwAAIQgAAEIACBwiCg K7Yg0CmMWGBF2RNAoFP2MShICzRbTocOHWT79u32Ly5uuOGGuHYi0ImLhhMQgAAEIAABCEAAAgES QKATIEyGggAEIAABCEAAAhAIBYFYAh3HsUyFOqeeeqpMmTLFGYYtBCAAAQhAAAIQyIoAAp2s8NE5 ZAQQ6IQsoEG4s2XLFjtbzpdffint2rWT9957z86iE29sBDrxyFAPAQhAAAIQgAAEIBAkAQQ6QdJk LAhAAAIQgAAEIACBMBBIJNBx/EtXqEMWHYccWwhAAAIQgAAEgiCAQCcIiowRFgIIdMISyQD9uOKK K2T06NFSrVo1mT9/vptyLN4UCHTikaEeAhCAAAQgAAEIQCBIAgh0gqTJWBCAAAQgAAEIQAACYSCQ ikDH8TMdoQ5ZdBxqbCEAAQhAAAIQyJYAAp1sCdI/TAQQ6IQpmgH48tZbb0nXrl3FsiwZN26cDB48 OOmoCHSSIqIBBCAAAQhAAAIQgEAABBDoBACRISAAAQhAAAIQgAAEQkUgHYGO43gqQh2y6Di02EIA AhCAAAQgkC0BBDrZEqR/mAgg0AlTNLP0ZcOGDdKyZUv54Ycf5KijjpLXXntN9INYsoJAJxkhzkMA AhCAAAQgAAEIBEEAgU4QFBkDAhCAAAQgAAEIQCBMBDIR6Dj+JxPqdOjQQebMmeM0ZwsBCEAAAhCA AAQyIoBAJyNsdAopAQQ6IQ1sJm5dcMEF8sADD9hdn3nmGWnQoEFKw1x//fXy+uuvu207d+4so0aN co91p2bNmtK8eXNfXb4OPvzwQ2nfvr093fjx42XQoEH5mpp5IAABCEAAAhCAAAQCJIBAJ0CYDAUB CEAAAhCAAAQgEAoC2Qh0HACJhDqffvqp/aNOpy1bCEAAAhCAAAQgkC4BBDrpEqN9mAkg0AlzdNP0 7ZBDDhH9wJWLUpa/tkCgk4uIMiYEIAABCEAAAhDIPwEEOvlnzowQgAAEIAABCEAAAoVNIAiBjuOh CnUmTZok/fr1c6rk1FNPlSlTprjH7EAAAhCAAAQgAIF0CSDQSZcY7cNMAIFOmKObpm+aZWbhwoVp 9hLZvHmzr0+FChWkcuXKvrp27drJW2+95avL1wECnXyRZh4IQAACEIAABCCQWwIIdHLLl9EhAAEI QAACEIAABIqPQJACHcd7R6hzyy23yHfffScLFiwgi44Dhy0EIAABCEAAAmkTQKCTNjI6hJgAAp0Q BzdfrpUrV8431UUXXST33nuvr64sDxDolCV95oYABCAAAQhAAALBEUCgExxLRoIABCAAAQhAAAIQ CAeBXAh0HDKOUOfrr7+W22+/3almCwEIQAACEIAABNIigEAnLVw0DjkBBDohD3A+3EOgkw/KzAEB CEAAAhCAAAQggECHa6BUCGiWUr3ea9SokdTlLVu2SKVKlUQzmVIgAAEIQAACECg9ArkU6Dg0f//9 d/6t4cBgCwEIQAACEIBA2gQQ6KSNjA4hJoBAJ8TBzZdrCHTyRZp5IAABCEAAAhCAQGkTQKBT2vEP s/dffPGFTJo0SV5++WVZvHixbNiwwXZXlw6uX7++dOrUSY477jg57bTTpGLFii6KTz/9VDp06CA9 evSQp556yq1nBwIQgAAEIACB0iGQD4FO6dDEUwhAAAIQgAAEckEAgU4uqDJmsRJAoFOskSsQu/Ul SeQvNS+44AK5//77C8RCEZa4KphQYAgEIAABCEAAAhDIigACnazw0bkACWj2m+HDh8sdd9whuoRE srLPPvvY7c8++2w7w0779u3l448/tkU6c+bMSdad8xCAAAQgAAEIhJAAAp0QBhWXIAABCEAAAiEj gEAnZAHFnawIINDJCh+dly5dKo0aNfKBOOGEE+TFF1/01ZXlAQKdsqTP3BCAAAQgAAEIQCA4Agh0 gmPJSGVPYO7cudK3b1/RL6m0VK1aVQYOHCh//vOfpVWrVrLrrruKft5atGiRPPHEEzJt2jRXxDNo 0CBRsc7ll19u99UsOgh0bBT8BwIQgAAEIFByBBDolFzIcRgCEIAABCBQdAQQ6BRdyDA4hwQQ6OQQ bhiH/umnn+Tnn3+WjRs3yg8//CATJkywM9RE+jp48GA59thjpXbt2lKjRg3ZbbfdpGHDhpHN8nKM QCcvmJkEAhCAAAQgAAEI5JwAAp2cI2aCPBHQz1QtW7aUNWvW2DN26dJFJk6cKPvvv39cC/SzWP/+ /eXVV1+NaoNAJwoJFRCAAAQgAIGSIYBAp2RCjaMQgAAEIACBoiWAQKdoQ4fhOSCAQCcHUMM65Nat W6Vu3bqyYcOGtF0855xz5F//+lfa/YLogEAnCIqMAQEIQAACEIAABMqeAAKdso8BFmRPwLIs6dat m7z22mv2YG3btpX3339fKlasmHRwvQc0a87YsWN9bRHo+HBwAAEIQAACECgpAgh0SircOAsBCEAA AhAoSgIIdIoybBidIwIIdHIENozD/vbbb1KzZk079Xq1atXsbZUqVaRChQpSvnx51+Xff/9dtm/f Liro2bx5s/03YsQIueaaa9w2+dxBoJNP2swFAQhAAAIQgAAEckcAgU7u2DJy/giMGzdOLr30UntC zTY6f/78hJlzIi1Tgc9JJ50kM2fOdE8h0HFRsAMBCEAAAhAoOQIIdEou5DgMAQhAAAIQKDoCCHSK LmQYnEMCCHRyCJehC4MAAp3CiANWQAACEIAABCAAgWwJINDJliD9C4HAvvvuK4sXL7ZN6d27tzz1 1FNpm7Vy5Upp1KiR/aMI7YxAJ22EdIAABCAAAQiEhgACndCEEkcgAAEIQAACoSWAQCe0ocWxDAgg 0MkAGl2KiwACneKKF9ZCAAIQgAAEIACBeAQQ6MQjQ32xEPjiiy+kefPmrrl33XWXvWSVW5HGzrnn niuPP/643QOBThrgaAoBCEAAAhAIGQEEOiELKO5AAAIQgAAEQkgAgU4Ig4pLGRNAoJMxOjoWCwEE OsUSKeyEAAQgAAEIQAACiQkg0EnMh7OFT2D69OnSvXt319B7771XLrroIvc4nR3v5xwEOumQoy0E IAABCEAgXAQQ6IQrnngDAQhAAAIQCCMBBDphjCo+ZUoAgU6m5OhXNAS8X1yPHz9eBg0aVDS2YygE IAABCEAAAhCAwB8EEOj8wYK94iTw0EMPyfnnn+8af+GFF8qECRPc43R3WrVqJZ999hlLXKULjvYQ gAAEIACBEBFAoBOiYOIKBCAAAQhAIKQEEOiENLC4lREBBDoZYaNTMRFAoFNM0cJWCEAAAhCAAAQg EJ8AAp34bDhTHASee+45OfXUU11ja9WqJV999ZXUq1fPrUtnZ/DgwXLPPfcg0EkHGm0hAAEIQAAC ISOAQCdkAcUdCEAAAhCAQAgJINAJYVBxKWMCCHQyRkfHYiGAQKdYIoWdEIAABCAAAQhAIDEBr0Cn R48eMnXq1MQdOAuBAiMwb948Oeyww3xWqWDn2WeflXLlyvnqUzl48MEHZcCAAdKxY0d59913U+lC GwhAAAIQgAAEQkYAgU7IAoo7EIAABCAAgRASQKATwqDiUsYEEOhkjI6OxUIAgU6xRAo7IQABCEAA AhCAQGICCHQS8+Fs4RPYvHmz7LnnnrJhwwafsd27d5dJkybJTjvt5KtPdrB8+XIZNmyYHHXUUXL2 2Wcna+47r32//PJL+emnn+TXX38VzebTpEkTOfzwwzMSC+ngW7duldWrV0uVKlWkTp06vvn04Mcf f5QtW7ZIo0aNpHLlylHnC6EiaC6FykSfp2vXrpU1a9bI7rvvLrvssksU/h07dsjixYulWrVqUr9+ /Yyvi6iBTYXOv3DhQvuaUOaVKlWSAw88UJo2bSq1a9eO1SXlurL2zbIs+95aunSpqG/bt2+XunXr 2pmyNFuWXv+ZlqCvz0ztoB8EIFBYBBDoFFY8sAYCEIAABCAAgWgCCHSimVBTugQQ6JRu7EvGcwQ6 JRNqHIUABCAAAQhAIOQEEOiEPMAl4t4FF1wgDzzwQJS3DRs2lAsvvFD69euX8ZJXUYPGqHjqqadk 3LhxMnfuXFEhQWRp0KCBLfbp06ePHHzwwZGn3eNHH31UdCwV5OifCj1U6KNFffnhhx/s/WXLlsnQ oUPl1Vdflf/+9792nYpz+vfvL2PGjLHFPIsWLZKrr75aatasaf9VrVpVKlSoYLf9/fffbeHPb7/9 Jps2bZL27dvL5Zdfbp+L/M/f//53W/ChQicVlegY6qOKZFSMoj5169Ytspt9HASXIJnENDLDShXC qJBLY+TESnnoM1XLxIkT7UxMur9kyRK57bbb5KOPPrJFJtu2bdNqm+e+++4rXbp0keHDh8cU9NgN k/xHBWEjRoywM6CtXLkyZmsVsfTt29e+bnbdddeYbZzKQvLtl19+kZEjR8rzzz8vet3HKypE0vtc fVTBXioliOszlXloAwEIFCcBBDrFGTeshgAEIAABCJQSAQQ6pRRtfE1KwHxZRYFAqAl88MEH+q2z /Td+/PhQ+4pzEIAABCAAAQhAIMwEzIt6q2LFiva/68wSV2F2Fd9CTMAIVywjRHE/ozifVZxt+fLl rVatWlkXX3yxNXnyZEvbB1GMOMbq3bu3b96dd97ZOvHEE63zzjvP6ty5s3t/ObaMHTs27tSXXHKJ byynj25r1Khh95s+fXpCX41AwW5nxCBxx/KOq/tnnnlmTJv0+RDZNvLYZBmK6hsklyCZRBmaRcUr r7ySkI0R6FgmW4514403WkYc5bY1mZCsvffe2zLLr7l1ytRkg7FmzJiRtkWPP/64ZbLj+MbaY489 LJNByr4GzVJtll7/Ttz0+lSbjDAr7lyF4tu0adNsLo7tztZky7FOOOEEywibLJOlyPXN4WgERnF9 0xNBXp8JJ+IkBCBQ1AROOukk+/miz1gKBCAAAQhAAAIQKEQC//nPf9zPQ+ZHG4VoIjZBIG8E9Ndk FAiEmgACnVCHF+cgAAEIQAACECghAgh0SijYIXfVZFpxv5hyXuQn2prlhawzzjjDUiGFWR4rbTpv vPGGLbRw5lARhMnWY5mMH76xvvrqK8ssceWz7c477/S1cQ6ee+45ewwVV1SvXt3XRwU68+bNs4U6 Ome7du2sd9991zJLcfnaqRjELHllmawq1jXXXGNddNFFlsku4mvj2LzXXntZ559/vvXkk086Jvi2 JhuMZbLyWGaprqj+as/pp58e1TdoLkEy8TmX5cHXX39tC75UoKQcHabO9v7777f++te/uvUmy5D1 8ccfW2ZpJntmk23HOu2009zz2s9ktrHFI6mYptfZKaec4uvfq1cvy2TriequgrTItp06dbLWrVsX 1VYrytq3jRs3+tgpG5O5yRYWmWxFPpv1/2EPPfSQj4MKoPTajVWCvj5jzUEdBCAQDgIIdMIRR7yA AAQgAAEIhJkAAp0wRxff0iWAQCddYrQvOgIIdIouZBgMAQhAAAIQgAAEYhJAoBMTC5VFSmDUqFFR mUkcwUSirVm+yRo4cKClYppUynfffecT0Gg2FBUIxSvLly+36tSp4xMRaHaQRGXBggW+zCdmeSmr RYsW9hhmmSxr/fr1dvfDDjvMN65mxHLOOeOb5ajsbD6RDFTgk0p5//33fXMcd9xxlgpMIkuuuQTJ JNL2bI6V73777edj1LhxY/tYM+bEE0Bphp2mTZv6+l1xxRVJTTFLZFmtW7d2++n1d8MNN8QVpeiA +qzXa9x7DWhWqchrJXLyfPum86uYyWunCm7eeeedSNPcY7MMja+99v3kk0/c885Orq9PZx62EIBA OAgg0AlHHPECAhCAAAQgEGYCCHTCHF18S5cAAp10idG+6Agg0Cm6kGEwBCAAAQhAAAIQiEkAgU5M LFQWMYEpU6ZEiWG8L/sT7VeuXDmh0MbB0rVrV58goF+/fs6puFsV5Hjn/tOf/hS3rXNClyry9tF9 XQrp+++/d5pY1157ra9Nz5493XPenffee8/XTsdKNQW2ZuRx7Dj00EMtFYjEKvngEiSTWD5kWqeZ hhxG3u3dd9+dcMiRI0f6+rVs2TJhez150003+froklWplsglw1K5dvPp22OPPebzTVnqkluJyiGH HBLVR58DkSUf12fknBxDAALFSwCBTvHGDsshAAEIQAACpUIAgU6pRBo/UyGAQCcVSrQpagIIdIo6 fBgPAQhAAAIQgAAEXAIIdFwU7ISIwK+//mqNHTvWUhGMLj3lFUyksn/zzTfHpfHAAw/4xtOld37+ +ee47b0n1B7v/HPmzPGejto/4IADfO21b+TyWLpkktbpckn/+Mc/rJUrV0aN41Toslje+evVqxdX bOP00e3zzz/v9ouXdSdfXIJm4vUzm/0hQ4a4jBzGmgkm3lJLzlxTp0719atZs6ZzKuZ2/vz5VqVK ldw+mplJl4RKtaxZs8ZdJs2xc8aMGQm758s3vXZ1mS/HLt0effTRCW3Tk96lxLSPZpuKXL4rX9dn UmNpAAEIFA0BBDpFEyoMhQAEIAABCJQsAQQ6JRt6HI9BAIFODChUhYsAAp1wxRNvIAABCEAAAhAo XQIIdEo39qXi+apVq6xnnnnGGjx4sKWZNlIR7OiSQbGydvz2229WrVq1fAKCo446KmWUugyRV3xw 5ZVXJux74IEH+tqr7cuWLUvYJ9HJyZMn+8ZTWyZNmpSoi33OyTyi21gln1yCZhLLn0zqLr/88ii2 L774YtKhZs+eHdVPRTTxSmS2GBWnpFvOOOMM35wdO3ZMOES+fOvTp4/PLr0PYy1VFWmsCnv0PlTh UrNmzaxHHnnE1ySf16dvYg4gAIGiJoBAp6jDh/EQgAAEIACBkiCAQKckwoyTKRIop+3MF10UCISW wIcffijt27e3/Rs/frwMGjQotL7iGAQgAAEIQAACEAgzAZPdQapUqSI7duyQHj16iMnmEGZ38Q0C sn79ejHLPYnJBCMvvfSSfPrppzGpmOwyYr7skp122sk9/8ILL9j3iVthdkzWGhk6dKi3Ku7+O++8 I0cccYR7/pRTTpF///vf7nHkzkEHHWTb4NQfeeSRMmvWLOcw7a3JtiONGzcWk/HH7du2bVvRz3fx yueffy4tWrSwT+vzQZ8TkSWfXIJmEun1IP+zAABAAElEQVRLpsdXXHGFjB492td9+fLlsueee/rq Ig+MAEXatGnjq47XL1bbRx99VPr27evrn+zgn//8Z9RneL3WTXaimF3z4dumTZvEZAOSzZs3uzZo rL/66iv3ONOdfF6fmdpIPwhAoPAInHzyyWIyjEnt2rVl7dq1hWcgFkEAAhCAAAQgUPIEvvnmGzE/ YrE5mCWs5brrrit5JgAoYQIpCnloBoGiJUAGnaINHYZDAAIQgAAEIAABHwEy6PhwcFCCBL7++mur V69evswd5usM+3jixIk+IuaHCVHtpkyZYhmBW0p/uhSWM7ZuW7du7Rs/8iAyW0yyjDuR/WMdmy/t fDaoHUawFKupXXfBBRfY7Zs0aWLp8yJWySeXXDCJ5VO6dZFZZnT5sFTKvHnzouJhBDoxu954441R beMtORZzgP+rnD59etQ4o0aNitslH75ptiHvvaH7/fr1i2tTOifyeX2mYxdtIQCBwiZABp3Cjg/W QQACEIAABCBgWWTQ4SqAwB8EyKBjvkmhhJsAGXTCHV+8gwAEIAABCECgdAiQQad0Yo2niQncdNNN cvPNN/sadejQQebMmePWde/eXYy4wT3OdqdBgwaydOnSuMNEZou5++675bLLLovbPpUTZskv0Xm3 bt3qNj/99NPl6aefdo+dHc0YUL9+fdHsJnfddZcYoYZzyrfNJ5dcMPE5k+FBZJaZLl26yJtvvpl0 tFhZceJl0Ondu7eY5dp8YybKfONr6DnQ7FGdO3f21IhceOGFMmHCBF+dc5AP38aMGSNDhgxxprS3 I0eOlGHDhvnqMjnI5/WZiX30gQAECpMAGXQKMy5YBQEIQAACEIDAHwTIoPMHC/YggECHayD0BBDo hD7EOAgBCEAAAhCAQIkQQKBTIoEOsZvfffedncb5L3/5i+iSUdmUs846S5588kl3iHLlysmWLVuk cuXKdl27du3ko48+cs/rji5htNtuu/nqUjmoWLGi6JJVKrqJVyLFKCrOUD+zLf3795dHHnnEHUZt Wbx4sS3ccSvNzp133mkv31WjRg1ZtmyZvcyH97yzn08uuWLi+JLpNlLE0rVrV3njjTeSDpeOQKdT p04ye/Zs35gaN5PdyFeX7GDBggVisjf5mnXr1k1efvllX51zkA/frrnmGjFZfJwp7e0999wjAwcO 9NVlcpDP6zMT++gDAQgUJgEEOoUZF6yCAAQgAAEIQOAPAgh0/mDBHgQQ6HANhJ4AAp3QhxgHIQAB CEAAAhAoEQIIdEok0CF287HHHpPzzjtPTjzxRJkxY0ZWnqrYQddvN0tWueN8++23st9++9nHmlHH LPfrntOdRYsWyb777uurC+ogUoyi2XvMkhtZDx9LoHH11VfL7bff7o6tzwb16/vvv5eLLrpI7r33 Xvdc5E4+ueSKSaRP6R7nQ8TSpk0bUUGPtyxcuFCaN2/urUq6ryIzFa14S48ePWTq1KneKnc/H76Z 5dvsLE3upGYnKIFOPq9Pr/3sQwACxU0AgU5xxw/rIQABCEAAAqVAAIFOKUQZH1MlgEAnVVK0K1oC CHSKNnQYDgEIQAACEIAABHwEEOj4cHBQhAQefPBBGTBggBxwwAGiy/1kW4466iiZNWuWO8w777wj mrlES6wlhubOnSvt27d32we5k0sxii7B9Pbbb7vm7rrrrvLjjz9K9erV7ToVa/Tq1cve//LLL6Vp 06Zu28idfHLJJZNIv9I5zoeIJdZSTbpcVceOHdMxVV5//XU55phjfH001s8995yvzjnIh29jx46N Wr5t+PDhcv311ztmZLzN5/WZsZF0hAAECo4AAp2CCwkGQQACEIAABCAQQQCBTgQQDkubgEWBQMgJ mF+NWuYut//Gjx8fcm9xDwIQgAAEIAABCISXwO+//25VqlTJ/nedyaAQXkfxLLQEHnjgAfv61et4 27ZtWft5ySWXuJ919DOPyZDjjnnVVVf5zul5s+yUez7oHZPNxzefyaAT2BRGjOEbW32ZMGGCO75Z osk+f+yxx7p18XbyySWXTOL5l0r95Zdf7uOp/FIp8+bN8/XTOCxfvjxm18GDB0e1zeSaePbZZ6PG 0bHjlXz4ZgRhUTaZpdjimZRWfT6vz7QMozEEIFDQBEzGOvu5VLt27YK2E+MgAAEIQAACEChdAuZH Su7nqBEjRpQuCDyHgCFABh3zjRIl3ATIoBPu+OIdBCAAAQhAAAKlQ0Az6FStWlW2b98uiZY4KR0i eFpsBJwMOmq3ZgBxsr5k6od5mS933HGH3b1WrVqydu1aKVeunH38yiuvyHHHHecbWrOL3Hnnnb66 VA5WrVol1apVk5o1a8ZtnstsMUacZy/dpUtYOaVZs2byxRdfyOeffy4tWrSwq3XZMF0+LFHJJ5dc MknkY7Jz+cgy88QTT8jZZ5/tM2XcuHFixDW+umQH//jHP0SXNPOW559/Xnr27Omtcvfz4dvPP/8s DRs2FL0unbLPPvvId9995xymvNX/n1WsWLHM7tuUDaUhBCBQ0ATIoFPQ4cE4CEAAAhCAAAQMATLo cBlA4A8CCHT+YMFeSAkg0AlpYHELAhCAAAQgAIGSI4BAp+RCHjqHvQKdbt26ycsvv5yVjyeccIK8 9NJL9hhHHHGEvPXWW+54er80adJEli5d6tY5oha3IoUdkzVF2rZtK4cccoh88skncXvkWoxy1113 yZVXXumbX8U2//73v2XixIm2gEe/8HMESr6GnoN8csk1E49bae3mQ8SyZcsWqVevnqxbt8617dRT T5UpU6a4x6nsqOBq5syZbtOddtpJfvnlF1us6VZ6dvLhm07nvAz3TC16rxx66KHeqoT7CxcutNu3 bt1a9HsLLfm8PhMax0kIQKCoCDjPJJNBxxbrFpXxGAsBCEAAAhCAQEkQQKBTEmHGyVQJkEcIAmEn wBJXYY8w/kEAAhCAAAQgUCoEWOKqVCIdXj+dJa7M53U7tfOoUaMydnbDhg3Wrrvu6qaI1qVxIovJ ruOed+Y0WWYimyU8Nll+7DE6duyYsF2ul3My2YGsGjVq+Pzp0KGDVb16dbtuzJgxCe3znswXl1wz 8fqUzn4+loFSe4YOHeqLV5UqVawVK1akbOoPP/zgLmvoXL/33Xdfwv758u3FF1/0+ab2tWvXztL/ T6VadFks7demTRtfl3xcnyZzjzVkyBBrt912s0xmOuv444+3vv32W58dHEAAAsVDgCWuiidWWAoB CEAAAhAoVQIscVWqkcfvWAQkViV1EAgTAQQ6YYomvkAAAhCAAAQgUMoEEOiUcvTD4XukQMdke7Em TZqUkXNmqSBXIKAv2U1WkahxduzYYR1++OFuOxUDqGhExS6pFBXzqI3aL5kwYv/99/fNM23atFSm SKvNxRdf7JtD7dI/k1XFWr9+fcpj5YtLPpik7LSn4WWXXebj2KVLF8/Z+LsfffSRr5+y/+mnn+J2 +O233+zrzYmTbvv27WuZLDFx+3hPaFtv3+7du3tPx9zPl286+VlnneWzT2299957Y9oVWfnuu+9a 5cuXt/tH9snH9WmWuouyfb/99rM0ZhQIQKD4CCDQKb6YYTEEIAABCECg1Agg0Cm1iONvIgIIdBLR 4VwoCCDQCUUYcQICEIAABCAAAQjYmQkqVapkv1Ts0aMHRCBQdAQiBTr6Ql+vabPsT1q+vPHGG+7L fR3j8ccfj9t/0aJFVp06dXwv47t27WqZpYfi9tET06dPt8xSGXY/s3xWwswgKrjYeeedfXPcf//9 CcfP5ORXX33lCoa8wg0VK6Vbcs0lX0zS9Vvbn3HGGb5YmaW4UhrmhRde8PXTGJhlnRL2VVGPCqi8 8erTp4+lGVwSldtuu83XxyyXZa1atSpRF/tcPn3Te8gsI+ezs1atWlayLFWfffaZ1ahRI7vfYYcd FvPeyvX1efTRR/vsduLzxBNPJGVMAwhAoPAIINApvJhgEQQgAAEIQAACfgIIdPw8OCptAgh0Sjv+ JeE9Ap2SCDNOQgACEIAABCBQAgTIoFMCQQ65i7EEOs6L8datW1tPPvmkpdkz4hUVNdx4441WhQoV 3JfrujRNsqJfhEUKCVQg8Nxzz0UJJZYtW2ZddNFF7vh77LGHtXTp0qgptJ2KL1577TVrwIABbnvH n7322svSZadef/11Sz+TqSghiNKtWzffXJrhR/3LpATNpayYJPNdl0P7+OOPrdmzZ1tjx461Kleu 7GOoMbv66qutN9980263cuVKd0iNm8bv2WeftVq1ahXVr3PnztbUqVOtDz/80FIBVayic9etW9fX V6/bhQsX+ppv27bNnuvkk0/2tdXMLmpDrFLWvmkGoUMOOcRnr/LU7D+rV6/2mbxmzRpr/Pjx9pJS 2qZmzZrW/PnzfW28B0Ffn96xTzzxxCib1SYVT1EgAIHiI4BAp/hihsUQgAAEIACBUiOgn2/0M4f+ jRgxotTcx18I+AiU0yNzM1AgEFoC5otCad++ve2f+TJMBg0aFFpfcQwCEIAABCAAAQiEmYDJSCFV q1YVI1IQk0FHzEvhMLuLbyEk8OCDD4oRs9ietW3bViZOnCjnnnuuGKGC660R0sgxxxwjum3cuLHs ueee8v3334vJVCKzZs2SL7/80m37t7/9Te666y6pXr26WxdvZ8WKFWJEGDJ58mQxYje32e677y5t 2rQRk/lDvv32W/nkk0/cc8cdd5w8+uijYkQ6bp2zc+mll8q4ceOcw6TbGjVqyK+//pq0XbIGL730 kpxwwgluMyP0kJkzZ7rH6e4EyaWsmCTz+dVXXxUjbErWzD0/atQoueqqq+xjvT6M0MQ9l2inZcuW 8umnn8Zsotfw3//+d3n66adFn+VOadasmeyzzz5ixCtixCqyZcsW55SY7FJy5ZVXyg033GA/+90T np1C8G3jxo2isTeZrMQI7FzrjHhMDjjgAPs+1ntr8eLF7jm9r41ATswSdG5drJ0gr0/v+P/85z9j fjdiljsTI9TyNmUfAhAoAgJG2Cgme5eYzHdilrEsAosxEQIQgAAEIACBUiPwzTffiFly23bbCHTk uuuuKzUE+AsBlwACHRcFO2ElgEAnrJHFLwhAAAIQgAAESo0AAp1Si3j4/HUEOhUrVrQFNypo2Lp1 qy10ue+++2TJkiUpOW2W+5GHHnpIVJySbtEvxfTLsGeeeUZMxpKY3Rs2bGgLI/THDSoyiFUmTJgg l1xyiS0OUoGQiudMZh+3vd6vKqbbvHmz/Pbbb1K+fHlRIUO2RX9jpIIiFXNoUdHSkUceme2wEgSX smKSzHkVsei1onFSoVS1atXcWClPjZUKYzZt2mTH6pZbbnEFOmZ5MzGZktw4q2hGY6nFibHGV/v2 7NlTTBaohOaowOymm24Ss1yWfe3HaqzXklmCSW699VZp0aJFrCZuXSH5pvfv7bffLo899lhc38xy c3LOOeeIyYRli+JcR5LsBHF9Rk5x/fXXy8MPP2wLsFSgZ5YQE5MNyL23IttzDAEIFC4BBDqFGxss gwAEIAABCEDg/xNAoMOVAIE/CCDQ+YMFeyElgEAnpIHFLQhAAAIQgAAESo6AV6DTvXt3mTZtWskx wOHiJmCWexLNSqOZbFQE4S16favYQAUn+hnm66+/lnXr1tkv+s2SRHYmHc02otmjevfuLbvssou3 e9r7mulDM3roPPpFmQo19t57bzvjhwpg4glz0p4oBx3Mklt2JpaDDjpI9KVkkKWYuQTJIddjaRYn FbTo9WdSndtZnTRTU4MGDeysMioiKtaiwjS9t9QvzZyjvpol3+xMOh06dBAV6GVacnV9muXPpFOn TmKWvrKzcGRqH/0gAIGyIYBAp2y4MysEIAABCEAAAqkTQKCTOitahp8AAp3wx7jkPUSgU/KXAAAg AAEIQAACEAgJAQQ6IQlkibuhL9jTeUGvL/u1fSELZko8pLgPgaIncO+998rAgQPtzFl33HFH0fuD AxAoNQIIdEot4vgLAQhAAAIQKD4CCHSKL2ZYnDsCCHRyx5aRC4QAAp0CCQRmQAACEIAABCAAgSwJ INDJEiDdIQABCEAAAjEI9OnTRyZPnmwvedWvX78YLaiCAAQKmQACnUKODrZBAAIQgAAEIKAEEOhw HUDgDwIIdP5gwV5ICSDQCWlgcQsCEIAABCAAgZIjgECn5EKOwxCAAAQgkGMCq1evtpcW27Jli3zw wQfSrl27HM/I8BCAQNAEEOgETZTxIAABCEAAAhAImgACnaCJMl4xE0CgU8zRw/aUCCDQSQkTjSAA AQhAAAIQgEDBE0CgU/AhwkAIQAACECgyArfeeqsMGzZMDj74YFm4cCHL6RVZ/DAXAkoAgQ7XAQQg AAEIQAAChU4AgU6hRwj78kkAgU4+aTNXmRBAoFMm2JkUAhCAAAQgAAEIBE4AgU7gSBkQAhCAAARK mMB//vMfO2POhg0bZNKkSXL22WeXMA1ch0DxEkCgU7yxw3IIQAACEIBAqRBAoFMqkcbPVAgg0EmF Em2KmgACnaIOH8ZDAAIQgAAEIAABlwACHRcFOxCAAAQgAIGsCKxfv17at28vKtLZd9997W2FChWy GpPOEIBA2RBAoFM23JkVAhCAAAQgAIHUCSDQSZ0VLcNPAIFO+GNc8h4i0Cn5SwAAEIAABCAAAQiE hAACnZAEEjcgAAEIQKDMCXTv3l2mT58uVapUkbffftsW65S5URgAAQhkRACBTkbY6AQBCEAAAhCA QB4JINDJI2ymKngCCHQKPkQYmC0BBDrZEqQ/BCAAAQhAAAIQKAwCCHQKIw5YAQEIQAACxU3gxx9/ lIYNG0q5cuXkkUcekb59+xa3Q1gPgRIngECnxC8A3IcABCAAAQgUAQEEOkUQJEzMGwEEOnlDzURl RQCBTlmRZ14IQAACEIAABCAQLAEEOsHyZDQIQAACEChdAuPHj5dWrVpJ586dSxcCnkMgJAQQ6IQk kLgBAQhAAAIQCDEBBDohDi6upU0AgU7ayOhQbAQQ6BRbxLAXAhCAAAQgAAEIxCaAQCc2F2ohAAEI QAACEIAABEqXAAKd0o09nkMAAhCAAASKhQACnWKJFHbmgwACnXxQZo4yJYBAp0zxMzkEIAABCEAA AhAIjAACncBQMhAEIAABCEAAAhCAQEgIINAJSSBxAwIQgAAEIBBiAgh0QhxcXEubAAKdtJHRodgI INAptohhLwQgAAEIQAACEIhNAIFObC7Upk9gx44dUrFixbQ7/v7771KhQoW0+9EBAhAoLgKWZcm2 bdukSpUqaRmu/5/avn170n7pPEvUjsqVK/vs2LJli+843YPy5ctHjZnuGPHa83yNR4Z6COSOAAKd 3LFlZAhAAAIQgAAEgiGAQCcYjowSDgIIdMIRR7xIQACBTgI4nIIABCAAAQhAAAJFRACBThEFq4BN feedd6Rr1662hdWqVbNfpOvLb31hXa5cOddyfUGvL9G3bt1q/23evFn23HNP+fbbb6VGjRpuO3Yg UEgEZs+eLe+9957Uq1dPTjzxRNltt90KybyiseX777+XJk2a2M+EqlWriv7pc0KFfd7nhP5/SQUp +pzQZ4SKaQ488ED5+uuvE/q6//77y3fffSfVq1e3/3RcfQZp0WePinx0PBXi6PirV692Y6lzqT3Z lpo1a0qdOnVkjz32kMMOO0yOPPJIOeKII+y6TMfm+ZopOfpBIDsCCHSy40dvCEAAAhCAAARyTwCB Tu4ZM0PxEECgUzyxwtIMCSDQyRAc3SAAAQhAAAIQgECBEUCgU2ABKVJzHnvsMTnvvPMytn7lypVS t27djPvTEQK5IjBixAi54YYb3OFr164tKtg5+OCD3Tp2UiOwatUqady4sWzatCm1Dp5WyQQ6KsBx xDiebgl3vQIdFeyoWHDNmjUJ+2RyUu3q1auXXHHFFXL44YenPQTP17SR0QECgRBAoBMIRgaBAAQg AAEIQCCHBBDo5BAuQxcdAQQ6RRcyDE6XAAKddInRHgIQgAAEIAABCBQmARXoaMYTzVDQvXt3mTZt WmEailUFTWDDhg2yYsUKOzvFr7/+Kl999ZXceeed8p///CfKbs1A8te//lX22msv0WwTlSpVkn33 3ZdlrqJIUVHWBFRIUqtWLTvbiteWM888U5544glvFfspEtDnxC+//CIbN260nw933HFHzMw4J510 kv2c0KxFO+20k50RR8U9icrcuXNt8c+8efNkzJgx8vPPP/uaa2abyy67TNq3b29ntGnRooXvuaOC HbVPbVu8eLE9xscff+wbQw/uvfde+fOf/+wuZ6XZdzQrj/4tXbpU5syZY/8tXLjQzhjmHaBbt27y yCOP2NmYvPWJ9nm+JqLDOQjkjgACndyxZWQIQAACEIAABIIhgEAnGI6MEg4CCHTCEUe8SEAAgU4C OJyCAAQgAAEIQAACRUQAgU4RBavITJ05c6a9HJDX7CpVqsi6desCWUrGO24u9q+77jr59NNPZdCg QaIv1SnFRSCI+OmSSk2bNo1yXJctmjVrVlQ9FekTePnll+X444/3ddSlptauXZvVc2L9+vVyyimn uHFq27at6DNJRTqpFr3/DznkEF/zXXfdNeUsO5qN5+abb7YFPbq0n1PUhsmTJ8uxxx7rVKW9Lfbn a9oO0wECZUAAgU4ZQGdKCEAAAhCAAATSIoBAJy1cNA45AQQ6IQ8w7okg0OEqgAAEIAABCEAAAuEg gEAnHHEsRC8WLFggrVu39pmmS8gsX77cV1eoByrMUIHGxIkTZcCAAYVqJnbFIRBE/DSz2C677BK1 JNOll15qZ1eJMzXVaRDI5XPivffek44dO9rWaHY4zRKXTtGl9/SZ5S0HHHBAzMxg3jaR+48//rj0 7dtXdBkup9SoUUM040/z5s2dqrS2ueSWliE0hkCICSDQCXFwcQ0CEIAABCAQEgIIdEISSNwIhAAC nUAwMkghE0CgU8jRwTYIQAACEIAABCCQOgEEOqmzomV6BD777DNp1aqVr5Mua/XTTz/56gr1oHr1 6vaSXQh0CjVCie0KKn6jRo2Sa665xp1Ml1vSz8MHHXSQW8dO5gRy+ZzQDDZOxhxdbk/FNemUVatW Sd26dX1dDjzwwJhLcvkaxTgYOHCgnUnHe2r//feXjz76yF5GzVufyn4uuaUyP20gUAoEEOiUQpTx EQIQgAAEIFDcBBDoFHf8sD5YAgh0guXJaAVIAIFOAQYFkyAAAQhAAAIQgEAGBBDoZACNLikRKOYX yMuWLZMGDRrYfiLQSSncBdUo6PjNnz9fXnnlFdGsJ5qFpVGjRgXlbzEbk8vnxIYNG1zxy+LFi6VJ kyZpoQpSoPPdd9/ZAiH9f6633H777XL11Vd7q1LazyW3lAygEQRKgAACnRIIMi5CAAIQgAAEipwA Ap0iDyDmB0oAgU6gOBmsEAkg0CnEqGATBCAAAQhAAAIQSJ8AAp30mdEjNQLF/AJZX5pfe+21tqMI dFKLdyG1In6FFI3EtuTyOVFIAh2loBlzFi1a5ANy/PHHy8yZM311qRzkklsq89MGAqVAAIFOKUQZ HyEAAQhAAALFTQCBTnHHD+uDJYBAJ1iejFaABBDoFGBQMAkCEIAABCAAAQhkQACBTgbQ6JISgWJ9 gaz3xH777SdLliyx/USgk1K4C6YR8SuYUKRkSC6fE4Um0DnqqKNk1qxZPi66ZNq6deukfPnyvvpk B7nklmxuzkOgVAgg0CmVSOMnBCAAAQhAoHgJINAp3thhefAEEOgEz5QRC4wAAp0CCwjmQAACEIAA BCAAgQwJINDJEBzdkhIo1hfITz31lJx55pmufwh0XBRFsUP8iiJMrpG5fE4UmkCnffv2ot+leEuF ChVk69atott0Si65pWMHbSEQZgIIdMIcXXyDAAQgAAEIhIMAAp1wxBEvgiGAQCcYjoxSwAQQ6BRw cDANAhCAAAQgAAEIpEEAgU4asGiaFoFifIGs2S1OPPFE2bJli+srAh0XRcHvEL+CD1GUgbl8ThSS QGfHjh2y8847y+bNm30MmjRpIosXL/bVpXKQS26pzE8bCJQCAQQ6pRBlfIQABCAAAQgUNwEEOsUd P6wPlgACnWB5MloBEkCgU4BBwSQIQAACEIAABCCQAQGvQEdfRLzwwgsZjEIXCEQTCPIFsl6na9eu lTVr1sjuu+8uu+yyS9SE+gJcX3RXq1ZN6tevL+XKlYtqk6jixRdflN69e8tvv/3maxa0QGf58uXy 5Zdfyk8//SS//vqr1KpVS/Ql/eGHH562zWqoZt9YvXq1VKlSRerUqeOzXQ9+/PFHW3DUqFEjqVy5 ctT5eBWLFi2SZcuWyc8//2wvwbPnnnvKvvvuK/vss4/osjxBFsuybCZLly4V5bN9+3apW7eu1KtX z/5T25OVfMRPBR/KWjnqNZZu0et44cKFdkzUz0qVKsmBBx4oTZs2ldq1a6c7nK99Pu4R34QBHQT5 nIg0qZAEOrH8VHsvv/xyueuuuyJNT3oca7y99trLfq4k7UwDCEAgJQIIdFLCRCMIQAACEIAABMqQ AAKdMoTP1AVHAIFOwYUEg4ImgEAnaKKMBwEIQAACEIAABMqGAAKdsuFeCrNm+gJZBQzDhg2zxTgq hlBRjopz9FrV4hXMLFmyRG677Tb56KOPbIHHtm3b7DYq0lExSZcuXWT48OExBT3aUEUo48aNk9mz Z8v8+fPtvpH/OeSQQ6Rx48aR1fZx27Zt5e9//3vMc5GVuvSSzjV37lxRQUpkadCggZx99tnSp08f OfjggyNP28ePPvqo6DjKxWGjIh8tDRs2lB9++MHeV2HN0KFD5dVXX5X//ve/dp2KSvr37y9jxoyx xTx2ZcR/Vq1aJffff79MmjRJ/vOf/0Sc/eNQuV5xxRV2tqF0hVB/jCLyyy+/yMiRI+X555+3xUDe c959FbH069dP+vbtKyoUckqu4rdx40Z7Lr329E9ZK0cVDmnROCmjVIuKsUaMGCFTp06VlStXxuym YiT1T+O26667xmzjVObzHnHmzNU20+dEKvYUkkDnoosukgkTJvjMVkGNPrt0m27JJbd0baE9BMJK AIFOWCOLXxCAAAQgAIHwEECgE55Y4kkABMyXbRQIhJrABx98oN8o23/jx48Pta84BwEIQAACEIAA BMJM4Pfff7fMi3v733XmRUSYXcW3PBP49NNP3c8MzmcH8yI6qRWvvPJKVD+nv26NQMcy2XKsG2+8 0apatarb1mSQsfbee2/LCEbcOm1vMrFYM2bMiDmvyRjla+udJ5X97t27xxzXW2mEHZbJzOObxyx1 Y5mltKzzzjvP6ty5s1WxYkXf+bFjx3qHcPcvueQSXzuvjTVq1LDbTZ8+3apZs2bcdkYE4o7n3TGC HMtk8nH7GZGTZYQ41oUXXmhdcMEF1p/+9Cf3WeHM26xZM8uIpLzDpLw/bdo0OzbOWM7WZMuxTjjh BHtukynJtUfPayyNOMWdI1fxM0Il37yObc7WCHRcG5LtPP7445bJjuMbb4899rD02tH4d+zY0Spf vrx7Xq8NvbY3bdoUd+h83iNxjQjoRKbPiVSmX79+vcvVZNdKpYuvjRGQuf2d2BuxmK9NKgd33313 1DgmC5W1YMGCVLrHbJNLbjEnpBICJUjgpJNOsu9dfYZTIAABCEAAAhCAQCES0M/xzmcV86OQQjQR myCQNwJk0DFPA0q4CZBBJ9zxxTsIQAACEIAABEqHABl0SifW+fY00wwPmrlFM82Yl+vy5ptv2kss eW3XDC/6eeShhx6yq7t16ya33HKLtGrVSozQxV6OacCAATJlyhS3m2Yk0WwrkUtj6a/NnnzySbed 7uhyM5pBxSlGmCLHHnusc+jb9ujRQzTDTrwya9YsOffcc91lZ4wQQ9Q2zaaiS3U55euvv7az28yZ M8epkjvvvNPOUuNWmB3NNGPEGfYyUK+//roYEYd72gh05J133hEj+LGX6WrXrp3ty0033SRvvPGG 286ImmxGuiSWU3R5MM3gs2LFCrtKl93SrC86preonX/729/k7bffdqt1ySud14ij3LpEO5rx57LL LnPjp20rVKgg1113nQwePFh22203t7s+nzRr0F//+le3TufRZbs0c0+u4qfLnF177bX2daC+6dJp 3pJKBh3NRqSsnnvuObdrr169ZPTo0VEZmXRpryFDhvjadurUSYzYyl4CzR3g/3byeY9Ezh30cabP iVTsKOsMOpp9SbPm3HDDDW4GMLVbl6LTTFhHHXVUKm7EbJNLbjEnpBICJUiADDolGHRchgAEIAAB CBQZATLoFFnAMDe3BPImBWIiCJQRATLolBF4poUABCAAAQhAAAIBEyCDTsBAGc4lEESGh61bt1r7 7bef+4sw80neMstN2ceaMceIa9z5vDuaYadp06a+fmZJJm+TuPua5Ufncf40Y08m5bvvvrOqV6/u jqOZfYzYJO5Qy5cvt8yLe7e9zq9ZZuIVzb7hzbyiGW9atGhh9zdLZFmaPUTLYYcd5htTs/U455yx 33rrLV8bndsIoZzTvq2ybd++va+9ZhUxohZfu3gHRlDl66tZj4wIJl5zSzN7ObFwtp988knc9kHF z5lAn5GtW7f22ZAsg45Zas3XR2NvRBqWERw5w0ZtdZ6BAwf65jGis6hYRXYsi3sk0oZsjoN4TsSb PxcZdA444AA7g5feB94/IzyzNEuPWS7PeuaZZyzNVOXN8OVcu2apNsssmRbP5JTrc8ktZSNoCIGQ EyCDTsgDjHsQgAAEIACBEBAgg04IgogLgRHQ9eQpEAg1AQQ6oQ4vzkEAAhCAAAQgUEIEEOiUULDz 7GpQL5D79+/vEy04L7p12ZhEZeTIkb5+LVu2TNTcPReUwKNr166++fXFfLKighzHP93qslKJii6V 5G2v+7oM1Pfff+92M5lgfG169uzpnnN2hg8f7muj4/Tp08c5HbU1mXSilrtKRcj02GOPRc2jyzUl KiZDUVQfkx0pbpeg4ued4NJLL/XZkEygY7IW+drrklWplshlzFK5bvJ9j6TqSyrtgnpOxJorFwKd yPstlWNdzkrjaDJkxTIzo7pccsvIIDpBIIQEEOiEMKi4BAEIQAACEAgZAQQ6IQso7mRFAIFOVvjo XAwEEOgUQ5SwEQIQgAAEIAABCCQngEAnOSNaZEYgqBfIZukfn9hBX4hrFpZE2UjU4qlTp/r61axZ MyVHghB4PPDAA765zRJO1s8//5zS/CrK8b70T/RSX7N5eNvqvlkayzfP9u3b7brTTjvN+sc//mGt XLnSd14P/vWvf0WNc/vtt0e181ZEZtExy315T0ft67xmqTHfPEcffXRUu8gKs7yVr49mClq3bl1k M/c4iPi5g/3fjma/8XJOJNCZP3++ValSJbe9ZkUyS6ZFDhn32CyLZJmlxdz+Ou+MGTPittcT+b5H EhqT5smgnhOxps2FQEezVul1HPmnIhzvNeLdb9SokZ2RSv9/G1TJJbegbGQcCBQ7AQQ6xR5B7IcA BCAAAQiEnwACnfDHGA9TJ4BAJ3VWtCxSAgh0ijRwmA0BCEAAAhCAAAQiCCDQiQDCYWAEgnqBfPnl l0e9+H7xxReT2qlLzXhfkuu+ih+SlWwFHrrUU61atXxzH3XUUcmmdc9HikGuvPJK91zkji4t5fVR xQPLli2LbJb0eO3atb4lmVT4o0tuJSoXXHCBb+5kGYo0I4/XVl32KdFSVc7cKuxRfip6adasmfXI I484p2Jus41frEE1A47X9kQCnciMPyowSrecccYZvvk6duyYcIh83yMJjUnzZFDPiVjT5kKgo/dc vKLz6dJzN998s6VLt3mvGd1XUZvea0GUXHILwj7GgEAYCCDQCUMU8QECEIAABCAQbgIIdMIdX7xL j0A5bW4+fFMgEFoCH374oZgvl2z/xo8fL4MGDQqtrzgGAQhAAAIQgAAEwkzAZCERk5FCtm3bJief fLK88MILYXYX3/JI4LPPPpNWrVr5ZjTiCfnpp598dckOrrjiChk9erSvmRGPyJ577umrizww4g9p 06aNrzqVfubFuphsN24/s3STDBgwwD1OtqP3kMkm42tmMtfI0KFDfXXxDt555x054ogj3NOnnHKK /Pvf/3aPvTsHHXSQmC/k3KojjzxSZs2a5R6ns7N161b56KOPpGLFitKhQ4ekXTUmGhun7LvvvrJo 0SLn0LfdtGmTmEwysnnzZrdebf/qq6/c46B2so1fLDvMklViRBfuKSPQkUmTJrnHzk6sa+7RRx+V vn37Ok1S2v7zn/+M+oytcTbCqZj9832PxDQiw8qgnhOxpt+wYYMYsZx9avHixdKkSZNYzeLWrVq1 SsyScb7zRqAjZok3X12sAyPUk4svvlhMdirfaSO2kldffdX+/67vRJoHueSWpik0h0BoCei/i00G M6ldu7YYcV1o/cQxCEAAAhCAAASKl8A333wj+hlFy4gRI+S6664rXmewHAJZEkCgkyVAuhc+AQQ6 hR8jLIQABCAAAQhAAAKpEECgkwol2mRCIKgXyJHig3r16vkENPFsiyWWyIdAZ/DgwXLPPff4zJoy ZYr07NnTVxfv4JdffhEVMjmldevWor7EKpECHZNtR+64445YTbOqW7p0qXz77beiggX9Uxvffvtt effdd91xEwl0Zs6cKSeeeKLbVnf69esnDz/8sK8uiIOyFOhECnnUH2Wkoox0ir4Q1hfD3jJq1Ci5 6qqrvFXufr7vEXfiAHaCek7EMqUsBTpqj/52r1evXjJt2jSfeSrcURFWNiWX3LKxi74QCBMBBDph iia+QAACEIAABMJJAIFOOOOKV5kRQKCTGTd6FREBBDpFFCxMhQAEIAABCEAAAgkIINBJAIdTWREI 6gVypPigS5cu8uabbya1rawEOt27d5fp06cntS/VBg0aNBAVyMQqkQKdu+++Wy677LJYTdOq00wB U6dOleeee07mzp0rq1evTto/kUBnzJgxMmTIEN8YI0eOlGHDhvnqgjgoS4FO79695ZlnnvG5kSjz ja+h50BFPZ07d/bUiFx44YUyYcIEX51zkO97xJk3iG1Qz4lYtpS1QEdtUkFb/fr17Sx1jo077bST LTKsWbOmU5X2Npfc0jaGDhAIKQEEOiENLG5BAAIQgAAEQkQAgU6IgokrWRNAoJM1QgYodAIIdAo9 QtgHAQhAAAIQgAAEUiOAQCc1TrRKn0BQL5AjxQddu3aVN954I6lBZSXQadeunb1UlNdAXY5rt912 81altK/LTemyVSq8iVUiBToqDvnLX/4Sq2lKdZoZ54YbbrAz22zfvt3XRzMX6dJXhx56qJ3hRwU8 XiFSIoHONddcI5oBxls0y9DAgQO9VYHsl6VAp1OnTjJ79myfH5ksrbRgwQLRzEne0q1bN3n55Ze9 Ve5+vu8Rd+IAdhYuXCgtW7b0jaTLSq1cudJXl8mBjuEshbdkyRJp3LhxWsNks8SVd6Jjjz1WXnvt NW+VvUSaLpWWaQnq+Zrp/PSDQCkQQKBTClHGRwhAAAIQgEBxE0CgU9zxw/qACZg0thQIhJrABx98 YJnbxv4bP358qH3FOQhAAAIQgAAEIBBmAr///rtVuXJl+9915kVEmF3FtzwT+PTTT93PDM5nB7N0 U9pWXH755b5xjEAnpTHmzZvn66c2mCWukvZVGx17dTtx4sSkfbwN2rdv7+uvYyxatMjbJLB9s9a8 by4jmMl47EcffdTaeeedfeOp7UaUY5kleiwj5vONPXbsWF9bI9DxnfceGAGJr62OawQ63iaB7Wcb v1iG3HjjjT77jbAiVjPLiJd87dRPI0CJ2TZRpflBTNQ4PXr0iNsl3/dIXEMyOLFixYooXytUqGDp /5uyLUbo5I5tskKlPZwRrLn9NZb6p/dcumXAgAFR45jl6NIdxtc+qOerb1AOIAABH4GTTjrJvndr 167tq+cAAhCAAAQgAAEIFAoBk7HV/awxYsSIQjELOyBQJgR0nWkKBEJNAIFOqMOLcxCAAAQgAAEI lBABBDolFOw8uxrUC+R8iw9SFXjMmTPHMks3WWa5LR/Z008/3f2CzHmpb5aJ8rUJ6iAogc64ceOs cuXK+ezeZ599rFmzZsU1NR2BjnJyWDjb4cOHxx07mxPZxi/W3KkKdFTk6PjnbM1yVbGGTFhnsq1E jdOrV6+4ffJ9j8Q1JMMT1apVi/LXZK/JcLQ/upksT/a4VatW/aMyjb2gBDpm2bko/0444YQ0LIlu GtTzNXpkaiAAAYcAAh2HBFsIQAACEIAABAqVAAKdQo0MdpUFAQQ6ZUGdOfNKAIFOXnEzGQQgAAEI QAACEMgZARXoVKlSxX55SAadnGEuyYGDeoGcb/FBqgKP66+/3r5vzDJNvvheddVVUS/jzdJTvjZB HQQh0NEML+XLl/fZbJbjsvSLvkQlHYGOI5RwRCu67d+/f6LhMz6XbfxiTZyqQGfw4ME+jupnJlmN nn322ahxdOx4Jd/3SDw7Mq1v3rx5lL+aRSjbcvHFF9vjtmjRIqOhghLoxMoglSjjVCrGBvV8TWUu 2kCgVAkg0CnVyOM3BCAAAQhAoHgIINApnlhhae4JINDJPWNmKGMCCHTKOABMDwEIQAACEIAABAIi gEAnIJAME0UgqBfI+RYfZCvwePnll6PEBvqCPpOiAoGNGzfG7RqEQKd79+5R9r733ntx53RO3HHH Hb5+XsHBypUrrVNPPdUaOXKk3fynn36ydNkir0BHM/RkUrZt2xa13JZ3nGzj5x3L2U9VoDN58mSf j+qvZidKt4waNSpqnOeffz7uMPm+R+IakuGJSL7KLdsMS1u3brXq169vc1TRXCYlKIGOI+bzXv96 P6iNmZagnq+Zzk8/CJQCAQQ6pRBlfIQABCAAAQgUNwEEOsUdP6wPlgACnWB5MloBEkCgU4BBwSQI QAACEIAABCCQAQEEOhlAo0tKBIJ6gZxv8cHee+/tE0dMmDAhpr9XXnml3W7QoEG+83pPNWzY0DdG s2bNfG1SOfj444/tZadat24dt3m2Ah21VZf/8QoHDjrooLjzeU+ceeaZvn5egc7ixYvtczVq1HC7 OC86vXPNmzfPPZ/KzmeffWZVrFjRatu2bdzm2cYv1sCRApKzzz47VjNr8+bNVu3atX1cVKiUbtHl j7ycdtppJ3vseOPk+x6JZ0em9T/88ENUFqfDDjss0+HsfsOGDXMZ6vcXmZSgBDqjR492bfHG9Ysv vsjELLtPUM/XjA2gIwRKgIDz/y19rlMgAAEIQAACEIBAIRJAoFOIUcGmsiKAQKesyDNv3ggg0Mkb aiaCAAQgAAEIQAACOSWAQCeneEt68KBeIOdbfNCqVSvfy/Tbb789ZhxPP/10u12sTB+R2WX0pfyM GTNijhOvslevXvb4HTt2jNfEylags3TpUp+vamffvn3jzuc90bhxY1/fZAKdF1980dde52rXrp2l z6BUiy6Lpf3atGkTt0sQ8YscPFWBjvYbOnSoz09dQnDFihWRQ8Y9VrFKpUqVfGPcd999cdvriXzf IwmNyfDkWWed5fNZ4/zSSy9lNNpHH31kC7l0jPPOOy+jMbRTUAKdhx9+OMo3tW3KlCkxbRsxYoRV p04d69133415XiuDer7GnYATEICAhUCHiwACEIAABCAAgUIngECn0COEffkkgEAnn7SLbK5Vq1ZZ a9euzchq/aJu06ZNGfUNuhMCnaCJMh4EIAABCEAAAhAoGwIIdMqGeynMOn/+/KiX0nvuuWfarl92 2WW+cbp06ZLSGPqSXl+Ce/90qaVkxRHGOP169+4ds8vBBx9sj63LGkWWHTt2WIcffrhvbhXTpPpZ UMU85cqVs/snEmfsv//+vjmmTZsWaUrCY834EplBR5e8SlYWLFjgm1dZ6XJCTnHEA5FZB2KJMO69 916nW8KtihXKly9vz5uoTxDxizTkuuuu8/mrfsQrv/32W5RwSkVP//vf/+J18dVrW+fa020q8cj3 PeIzOKCD//73v1Zk9iPN5vTrr7+mNcOWLVss596sW7eutWbNmrT6exursMobC93fb7/9vE1S2tfl ySLH0WONW6ziiMweeuihWKftuqCer3En4AQEIIBAh2sAAhCAAAQgAIGCJ4BAp+BDhIF5JIBAJ4+w i22qnXfe2f4CVL9ke/DBBxP+kk6/wNO05vprvUMPPdT+QmfIkCEF4TICnYIIA0ZAAAIQgAAEIACB rAkg0MkaIQPEITB9+vSol9KVK1e2VMCQTjnjjDN846S6BNMLL7zg66cvxFNZUmnUqFG+frvuuqul P7TwlrffftttE2+ZmkWLFtlZMLwv5rt27WqtW7fOO1TUvnJzlkk64ogj4maY0c+L+vnSO/79998f NV6yiqOPPto3RrVq1ezsHPH6LV++PGoJL7VBBUU///yz3W3SpEn2mMccc4xvGPW9SZMmvvlq1aqV NLuQLm3VqFEju58ufZQo605Q8fMafv755/tsPv74472no/ZVHKbLUnlj06dPH2v79u1Rbb0Vt912 m69PvXr1oq49b3tnP9/3iDNv0NtZs2ZZmnHIy03vGRWSpVI+//xzS68Pp/9TTz2VSre4bfR54Yzl bPXe3Lp1a9w+sU6o0EeXZnPGcLaxlq/bsGGDVaFCBbvtG2+8EWs4uy6o52vcCTgBAQgg0OEagAAE IAABCECg4Akg0Cn4EGFgHgkg0Mkj7GKaSr+Idr6I8W71C54WLVpYus68frF21FFHWfqlc82aNaPa T5w4sSBcRqBTEGHACAhAAAIQgAAEIJA1AQQ6WSNkgP8joEKVuXPnWq+//ro1btw4a5999on6PKOf g1QQolln3nzzTUuFDJqNxStc0BfU+kOF2bNnW2PHjrVU1OP9/KT7V199td1f261cudKNgQo59LPK s88+azlZKLx9O3fubE2dOtX68MMPra+++srt591Zv369K5Bx+upyVmqXFs1s6iwtpZ/hEhX9sixS kKJCk+eee87ns46xbNky66KLLnJ93WOPPSxdgspbtI0ye+2116wBAwa4bR0799prL2vMmDF2DJSD 8khWlIcjCHDG0eWrYi2vo0sOOdlJ1I9I4YqKKXRJMLVDx7r11lujptcsRoccckiU7Zo5ZvXq1b72 mv1k/PjxbpYf/YysmUMSlSDip5/dVZzx3nvvWZqtp3r16j57VWyhy5ipUEvjESs7jl6bmsHFYapb FfYsXLjQZ/62bdvsa/bkk0/2tdVMLRrDWKWs75FYNgVVp8+FSOFZ8+bN47LQefX5MXLkSN+zIt2l rTSG+izSZ4MKYx544IGYzxCNoy578/TTT1tvvfWWfZ188803Sd2PlT1KM0LpfN5y/fXX29eBfk/k FTMG9Xz1zsU+BCCQmABLXCXmw1kIQAACEIAABMqeAAKdso8BFhQOAQQ6hROLgrIknkDH+4Vdon39 8jPWF39l4SQCnbKgzpwQgAAEIAABCEAgeAIIdIJnWoojxsrmkOizTeQ5r8jmlVde8QkVIttGHmvG FKfUqVMn5b4tW7Z0ukVtdamoSGGQZpbp0KGDmxmlRo0aKWXk0Ywz5557bpQIZvfdd7eOO+44S5fQ cjKmOr5pvWbdiCyXXHJJyv7pWGpjKkUz3sTK8KGCpkGDBll/+9vffGKFAw44wNIMQfploLPslGO7 s9Xlt1RQFKuowKRfv35Rc2oWHhU/devWLUrgpcujvf/++7GGi6rLNn4qzHH8SGWrIptYZcmSJdaZ Z54ZxahZs2a2yEOXQYtcYqxSpUrWtddemzBrTCHcI7H8DapOl0hr3759VAw6depkC8B0yaiZM2da mnHotNNOs5dX88ZJlyRL97sTXRrLO0Y6+5q1J1nRa16FRpHjNm3a1Bbp6PdFo0ePtjT+2mbo0KHu kEE+X91B2YEABJISQKCTFBENIAABCEAAAhAoYwIIdMo4AExfUATKqTXmAzUFAj4CmzZtEvMFqa8u lQPzhacMHz5chg0blkrzvLQxv/IS84WZPZf5RaOYL23zMi+TQAACEIAABCAAAQgES8C8xBSTHULM kh1iMjiIWRYo2AkYrSQIPPbYY9K/f3/7WjJCFjHL1Ih50SwmM4sY0YXLQD8q79ixQ4ygQcwLcTFL 19hbI0YRk23Ebvfqq6+KyTRij6Wfn3Q8Zxztr9es9tXPV+alttxyyy1y1VVX2X3NklBiMprYffW6 Vhv085QW7Wcybdh9tG/Pnj3lySeftM/F+o/J4CNXXHGF6GefyGIyxIh5aS5GWBN5Ku6xybIhI0aM kGeeecb2P1bDhg0bypVXXml/vvJyc9pOmDBBjEjH9c+IO1w22sbxUbkqG/V948aNTveEW5PZRkzW EDFLMYvuxyoms4kYsY6YDEZilv6ym6g/AwcOFJP9xj5W5iazkJjltsRkAYo1jFtnBCxiMu6IXj/6 DIpVjOhKzjnnHDFLP4tZDitWk5h12cTPCIHEiEFcznotGQGTfS0rY+caVsbKV21Xv+OVL7/8Um66 6Sb7+RrPT42lyS4lJuuQmAy78Yay6wvlHkloZAAnjQjHjrvJRpTSaG3bthWTQUr+9Kc/pdTe28iI VcUIp8RkrbKfORoPfY7ps8d5hmh75x7TODrPMCP2s5873vFi7RuRju3PPffcY19Dsdpond4/JsuW Pb8eB/l81fEoEIBAagT038UzZswQk9FK1q5dm1onWkEAAhCAAAQgAIE8EtDvGcyPXOwZ9fsG82OF PM7OVBAoLAIIdAorHgVjTboCHf1C1vwazP4Cx6QRLxg/1BAEOv+PvXsLlar64wC+TLOyNPWUJHUK oqKHIKIiUoLo8lAWpvaQEkaakhRdMcjUUDPvmWnejiUagoX0YCaBvdZDRAVRGF1OqHnrppV5SfE/ a/7OeOY458y5zGXPzGdD7L3X7L3XWp/f7s+/M9/ZO1HlMBgCBAgQIECAQJcF4peNmYBO6pfC6dBB ly/WzokxGNHeF9jtnOojAhUViH/wioGN1FN+0l+Yp556kg7mdPV+juGOn376KWzfvj3Ea8fQ0aWX XhpST6UJN954Y06gqRITj+NLvU4n7Ny5M/3PH3/8EQYPHhxSr1wKqVdThRjSab3EsELq1VPp5vjH wQEDBrQ+pN39+L8P0ST167/w/fffhxiWiCGo1Ku2QuqpRelwTLsXaOfDYtevna4KfhTnFUNJsfZx rnE/hpgaGxtDvK9iGM1ypkDqiUEh9fq8kHotXfbfmxiOieGtyy67LNx+++1h5MiRYejQoRX/9+fM 0Z/ZEgNbqVdkhdTrANNzOnDgQIiBoDj+u+++Ozz99NPZcM6ZZ2shQKBcAgI65ZLWDwECBAgQINBV AQGdrso5rxYFBHRqsapFmFPLgE78w2b8hWHqcefpP8plLh9/mZV6xHG44447woQJEwr+ci5zXrnX AjrlFtcfAQIECBAgQKA0AqUO6Bw8eDD9RIP4RWp8yoaFAAECBAh0RyCG2mK4KT7VqBaWOJe4xKf1 WAgQSI6AgE5yamEkBAgQIECAQH4BAZ38LlrrU0BApz7rXnDWLQM68VeB8ReI8QuR33//PcRfTMXH dTc0NFTFH2UEdAqW2wEECBAgQIAAgaoQKFVAJ77KY8mSJWHx4sXpJxrEp0bke/JGVSAZJAECBAgQ IECAQF0JCOjUVblNlgABAgQIVKWAgE5Vls2gSyQgoFMi2Gq/bL6ATrXOSUCnWitn3AQIECBAgACB XIFiB3T+/vvv8MYbb+S893rmzJlh2rRpuR3bI0CAAAECBAgQIJBQAQGdhBbGsAgQIECAAIGsgIBO lsIGgSCg4ybIKyCgk5dFIwECBAgQIECAQAUFihXQicGcZcuWhUWLFqWfENlySpmnRbZss02AAAEC BAgQaVSJMQAADqhJREFUIEAgqQICOkmtjHERIECAAAECGQEBnYyENYEgoOMmyC8goJPfRSsBAgQI ECBAgEDlBLob0Pnnn3/Cm2++GRYuXBh+++23MyYyefLkMH/+/DPaNRAgQIAAAQIECBBIqoCATlIr Y1wECBAgQIBARkBAJyNhTUBAxz3QhoCAThswmgkQIECAAAECBCom0NWAzqFDh8Ly5cvDggULwq+/ /pp3/P379w/Nzc0hri0ECBAgQIAAAQIEqkVAQKdaKmWcBAgQIECgfgUEdOq39mZ+poBXXJ1poiUl UCigc+LEifSvjhsaGkKvXr0SbfbZZ5+FW265JT3GpUuXhieffDLR4zU4AgQIECBAgACB/AKdDejE /0+7YsWK9FNx9u/fn/+ip1qnT58eZsyY0e4xPiRAgAABAgQIECCQNAEBnaRVxHgIECBAgACB1gIC Oq1F7NezgIBOPVe/nbm3DuhceeWVYf369eHjjz8O33zzTdi+fXs4cuRIOpxzxRVXhJtuuik88cQT 4bbbbmvnqpX5SECnMu56JUCAAAECBAgUW6CjAZ3Dhw+HlStXhnnz5oV9+/YVHEa/fv3Czz//HAYM GFDwWAcQIECAAAECBAgQSJKAgE6SqmEsBAgQIECAQD4BAZ18KtrqVUBAp14rX2DeLQM6GzZsCIsX Lw6ff/559qyzzjornHfeeSG+LqDlcuutt4Z33303NDY2tmyu6LaATkX5dU6AAAECBAgQKJpAoYBO DOasXr06HczZs2dPh/udOnVqmDVrVoePdyABAgQIECBAgACBpAgI6CSlEsZBgAABAgQItCUgoNOW jPZ6FBDQqceqd2DOLQM6mcPj66yeeeaZMGLEiHDVVVeFc845J+zYsSP9yoDly5eHkydPpg8dNGhQ 2LRpU2KepiOgk6mgNQECBAgQIECgugXaCujEJzs2NTWFuXPnht27d3dqkn379k0/PWfgwIGdOs/B BAgQIFDfApm/gbReR5XWbV3dd63//52po3617FXLc8vU1xw7dr/nc3r//ffDjz/+GPr37x/+/PPP eIiFAAECBAgQIJAoAQGdRJXDYCosIKBT4QIktfvWAZ2HHnoo/aXHBRdckHfI8QuRiRMnZj+Lx335 5ZfpIE+2sUIbAjoVgtctAQIECBAgQKDIAq0DOjEUvmbNmjB79uzQmSfmtBzWmDFjwrhx49JNmS+I Cq3jwYWOKfR5Ma6R6cO1OvaFFq/OORXTyz3aOXte1eEV62QhQIBAkgQEdJJUDWMhQIAAAQIEWgoI 6LTUsF3vAgI69X4HtDH/48ePh969e6e/eHj88cfDihUr2jjydPPo0aPDxo0bsw0333xz+OSTT8LZ Z5+dbavEhoBOJdT1SYAAAQIECBAovkDLgM51110XDhw4EHbt2lX8jlyRAAECBAgQIECAQJUJCOhU WcEMlwABAgQI1JGAgE4dFdtUCwoI6BQkqt8DZs2aFXr06BFefPHF0LNnz4IQn376aRg6dGjOcfHV V5MmTcppK/eOgE65xfVHgAABAgQIECiNQMuAzuWXXx727t0bjh07VprOXJUAgbwC8b8R49J6na+t 9TEd3Xet/MZt+dWyVy3PLVNPc3S/Z+6FzLoY90QxrlHM8bhW5+7zznqNHTs2bNu2zSuu4o1vIUCA AAECBBIpIKCTyLIYVIUEBHQqBF+L3can7jQ0NIS//vorO70bbrghfPHFF9n9SmwI6FRCXZ8ECBAg QIAAgeILtAzo3HfffWHZsmXh1VdfDatXr+5yZw8++GAYNmxYScIGcVCZL1i6u3atzn2xxatjXl1x iudYCBAgQIAAgeQI3H///WHLli0COskpiZEQIECAAAECrQQEdFqB2K1rAQGdui5/8Sc/fPjwsHnz 5pwLf/XVV+H666/PaSvnjoBOObX1RYAAAQIECBAonUAM6Jx//vnhyJEjIQZ0Pvjgg3RnO3bsCHPm zAlr164NR48e7dQAYsC8ubk59O3bt1PnOZgAAQIECBAgQIBAEgQEdJJQBWMgQIAAAQIE2hMQ0GlP x2f1JiCgU28VL/F8J0+eHBYuXJjTy5o1a8L48eNz2sq5I6BTTm19ESBAgAABAgRKJ9BWQCfT486d O8PcuXPDW2+91amgzuzZs8OUKVMyl7EmQIAAAQIECBAgUDUCAjpVUyoDJUCAAAECdSsgoFO3pTfx PAICOnlQNHVdYObMmeHll1/OucDUqVPDrFmzctrKuSOgU05tfREgQIAAAQIESidQKKCT6XnXrl3Z oE582k6hxVN0Cgn5nAABAgQIECBAIKkCAjpJrYxxESBAgAABAhkBAZ2MhDWBEAR03AU5Av/99194 /vnnw3vvvRcOHToURowYEVauXBn69OmTc1xbOwsWLAgvvPBCzsdjx44N69aty2kr546ATjm19UWA AAECBAgQKJ1ARwM6mRH88ssvYd68eaGpqSn9WqxMe771K6+8El566aV8H2kjQIAAAQIECBAgkFgB AZ3ElsbACBAgQIAAgVMCAjpuBQKnBQR0TlvYSgksXrw4PPfcczkWnXnkf3xSzvTp03POf/TRR8Pb b7+d01bOHQGdcmrriwABAgQIECBQOoHOBnQyI9m9e3c2qHP48OFMc8564MCBobm5OfTr1y+n3Q4B AgQIECBAgACBJAsI6CS5OsZGgAABAgQIRAEBHfcBgdMCAjqnLWylBEaPHh02btyYYzFs2LCwZcuW nLa2duLTd1577bWcj73iKofDDgECBAgQIECAQBcFuhrQyXS3Z8+eMH/+/LBq1aqQL6gTg+YzZszI HG5NgAABAgQIECBAIPECAjqJL5EBEiBAgACBuhcQ0Kn7WwBACwEBnRYYNkN4+OGHw4YNG3IoYts7 77yT09bWziOPPBLWr1+f83F8vVV8zVWlFk/QqZS8fgkQIECAAAECxRXobkAnM5q9e/dmgzr//vtv pjm9PnjwoKfo5IjYIUCAAAECBAgQSLKAgE6Sq2NsBAgQIECAQBQQ0HEfEDgtIKBz2sJWSmDKlClh zpw5WYsLL7wwbN26NQwZMiTb1t7GtddeG7777rvsIb169QrxC5CGhoZsW7k3BHTKLa4/AgQIECBA gEBpBIoV0MmMbt++fWHBggVh0aJFmaYQX9kanwBpIUCAAAECBAgQIFANAgI61VAlYyRAgAABAvUt IKBT3/U3+1wBAZ1cj7rfi2Gc+EqruEybNi0d2Dn33HM75PLDDz+Eq6++OufYUaNGhU2bNuW0lXtH QKfc4vojQIAAAQIECJRGoNgBncwo9+/fnw7qrFixIvTu3Ts0NzeHGFS3ECBAgAABAgQIEEi6gIBO 0itkfAQIECBAgICAjnuAwGkBAZ3TFrZSAsePHw+NjY3pp97cddddYdu2bR12mThxYmhqasoeP2jQ oPD111+HuK7kIqBTSX19EyBAgAABAgSKJ1CqgE5mhDGoE5+mc8kll4Rnn30202xNgAABAgQIECBA ILECAjqJLY2BESBAgAABAqcEBHTcCgROCwjonLawdUpg7dq1Ydy4cem9p556Krz++uuhR48e7fqs W7cujB8/Ppw4cSJ73Icffhjuvffe7H6lNgR0KiWvXwIECBAgQIBAcQVaBnTiUx+3bNlS3A5OXe3I kSOho0+RLMkAXJQAAQIECBAgQIBABwUEdDoI5TACBAgQIECgYgICOhWj13ECBQR0EliUJAxp+PDh YfPmzemhjBkzJh3Sufjii/MObdWqVWHSpEnh5MmT2c9jsGfJkiXZ/UpuCOhUUl/fBAgQIECAAIHi CZQroFO8EbsSAQIECBAgQIAAgdIKCOiU1tfVCRAgQIAAge4LCOh039AVakdAQKd2alnUmRw9ejSM HDkybN26NX3dPn36hAkTJoR77rknXHPNNekwTnx91cqVK8NHH32U7bt///5h/vz54bHHHiv41J3s SSXeENApMbDLEyBAgAABAgTKJCCgUyZo3RAgQIAAAQIECFSNgIBO1ZTKQAkQIECAQN0KCOjUbelN PI+AgE4eFE3/F4ivq4qvu5o+fXrYs2dPQZZRo0aFpUuXhsGDBxc8tpwHCOiUU1tfBAgQIECAAIHS CQjolM7WlQkQIECAAAECBKpTQECnOutm1AQIECBAoJ4EBHTqqdrmWkhAQKeQkM/DoUOHQlNTU4hB l2+//TZs3749HDt2LFx00UWhsbEx3HnnneGBBx4IQ4YMSaSWgE4iy2JQBAgQIECAAIFOCwjodJrM CQQIECBAgAABAjUuIKBT4wU2PQIECBAgUAMCAjo1UERTKJqAgE7RKOvnQvGLkZMnT4aePXtWxaQF dKqiTAZJgAABAgQIECgoIKBTkMgBBAgQIECAAAECdSYgoFNnBTddAgQIECBQhQICOlVYNEMumYCA TsloXTgpAgI6SamEcRAgQIAAAQIEuicgoNM9P2cTIECAAAECBAjUnoCATu3V1IwIECBAgECtCQjo 1FpFzac7AgI63dFzblUICOhURZkMkgABAgQIECBQUEBApyCRAwgQIECAAAECBOpMQECnzgpuugQI ECBAoAoFBHSqsGiGXDIBAZ2S0bpwUgQEdJJSCeMgQIAAAQIECHRPQECne37OJkCAAAECBAgQqD0B AZ3aq6kZESBAgACBWhMQ0Km1ippPdwQEdLqj59yqEBDQqYoyGSQBAgQIECBAoKCAgE5BIgcQIECA AAECBAjUmYCATp0V3HQJECBAgEAVCgjoVGHRDLlkAgI6JaN14aQICOgkpRLGQYAAAQIECBDonoCA Tvf8nE2AAAECBAgQIFB7AgI6tVdTMyJAgAABArUmIKBTaxU1n+4ICOh0R8+5VSEgoFMVZTJIAgQI ECBAgEBBAQGdgkQOIECAAAECBAgQqDMBAZ06K7jpEiBAgACBKhQQ0KnCohlyyQQEdEpG68JJERDQ SUoljIMAAQIECBAg0D0BAZ3u+TmbAAECBAgQIECg9gQEdGqvpmZEgAABAgRqTUBAp9Yqaj7dEfgf AAAA//+OVHvyAABAAElEQVTs3QscFXP+//FvV111pZuEIhWSKHZzKZcool0rWasNuUYJhU10sWpJ t13Juu5m3folKkRCsSIq2iUrRdJF94vudv7zmf/OmDnXOefMnDOX1zwe/c7MnJnvfL/P78zZfs3b 91tG0xfFgkCEBT766CPVvn17o4UTJkxQffv2jXBraRoCCCCAAAIIIBBdgf/+97+qatWqavfu3apr 165qxowZ0W0sLUMAAQQQQAABBBBAwIXABRdcYPy9uGbNmmrz5s0uzuAQBBBAAAEEEECguAL/+c9/ VPPmzY2LDh8+XA0ePLi4FeBqCARIoAwBnQD1BlXxRYCAji+sFIoAAggggAACCBRdQAI61apVU7t2 7SKgU3R9LogAAggggAACCCAQRAECOkHsFeqEAAIIIIAAAnYBAjp2DdbjLkBAJ+53QAzaT0AnBp1M ExFAAAEEEEAgFgIEdGLRzTQSAQQQQAABBBBAIAcBAjo5YHEoAggggAACCJREgIBOSdi5aEAFCOgE tGOolncCBHS8s6QkBBBAAAEEEECglAIEdEqpz7URQAABBBBAAAEEgihAQCeIvUKdEEAAAQQQQMAu QEDHrsF63AUI6MT9DohB+wnoxKCTaSICCCCAAAIIxEKAgE4suplGIoAAAggggAACCOQgQEAnBywO RQABBBBAAIGSCBDQKQk7Fw2oAAGdgHYM1fJOgICOd5aUhAACCCCAAAIIlFKAgE4p9bk2AggggAAC CCCAQBAFCOgEsVeoEwIIIIAAAgjYBQjo2DVYj7sAAZ243wExaD8BnRh0Mk1EAAEEEEAAgVgIENCJ RTfTSAQQQAABBBBAAIEcBAjo5IDFoQgggAACCCBQEgECOiVh56IBFSCgE9COoVreCRDQ8c6SkhBA AAEEEEAAgVIKENAppT7XRgABBBBAAAEEEAiiAAGdIPYKdUIAAQQQQAABuwABHbsG63EXIKAT9zsg Bu0noBODTqaJCCCAAAIIIBALAQI6sehmGokAAggggAACCCCQgwABnRywOBQBBBBAAAEESiJAQKck 7Fw0oAIEdALaMVTLOwECOt5ZUhICCCCAAAIIIFBKAQI6pdTn2ggggAACCCCAAAJBFCCgE8ReoU4I IIAAAgggYBcgoGPXYD3uAgR04n4HxKD9BHRi0Mk0EQEEEEAAAQRiIUBAJxbdTCMRQAABBBBAAAEE chAgoJMDFocigAACCCCAQEkECOiUhJ2LBlSAgE5AO4ZqeSdAQMc7S0pCAAEEEEAAAQRKKWAP6HTp 0kXNnDmzlNXh2ggggAACCCCAAAIIlFyAgE7Ju4AKIIAAAggggEAWAQI6WYD4OlYCBHRi1d3xbCwB nXj2O61GAAEEEEAAgegJENCJXp/SIgQQQAABBBBAAIHCBAjoFObH2QgggAACCCDgvwABHf+NuUJ4 BAjohKevqGmeAgR08oTjNAQQQAABBBBAIGACBHQC1iFUBwEEEEAAAQQQQKDkAgR0St4FVAABBBBA AAEEsggQ0MkCxNexEiCgE6vujmdjCejEs99pNQIIIIAAAghET4CATvT6lBYhgAACCCCAAAIIFCZA QKcwP85GAAEEEEAAAf8FCOj4b8wVwiNAQCc8fUVN8xQgoJMnHKchgAACCCCAAAIBEyCgE7AOoToI IIAAAggggAACJRcgoFPyLqACCCCAAAIIIJBFgIBOFiC+jpUAAZ1YdXc8G0tAJ579TqsRQAABBBBA IHoCBHSi16e0CAEEEEAAAQQQQKAwAQI6hflxNgIIIIAAAgj4L0BAx39jrhAeAQI64ekrapqnAAGd POE4DQEEEEAAAQQQCJgAAZ2AdQjVQQABBBBAAAEEECi5AAGdkncBFUAAAQQQQACBLAIEdLIA8XWs BAjoxKq749lYAjrx7HdajQACCCCAAALREyCgE70+pUUIIIAAAggggAAChQkQ0CnMj7MRQAABBBBA wH8BAjr+G3OF8AgQ0AlPX1HTPAUI6OQJx2kIIIAAAggggEDABAjoBKxDqA4CCCCAAAIIIIBAyQUI 6JS8C6gAAggggAACCGQRIKCTBYivYyVAQCdW3R3PxhLQiWe/02oEEEAAAQQQiJ4AAZ3o9SktQgAB BBBAAAEEEChMgIBOYX6cjQACCCCAAAL+CxDQ8d+YK4RHgIBOePqKmuYpQEAnTzhOQwABBBBAAAEE AiZAQCdgHUJ1EEAAAQQQQAABBEouQECn5F1ABRBAAAEEEEAgiwABnSxAfB0rAQI6serueDaWgE48 +51WI4AAAggggED0BAjoRK9PaRECCCCAAAIIIIBAYQIEdArz42wEEEAAAQQQ8F+AgI7/xlwhPAIE dMLTV9Q0TwECOnnCcRoCCCCAAAIIIBAwAQI6AesQqoMAAggggAACCCBQcgECOiXvAiqAAAIIIIAA AlkECOhkAeLrWAkQ0IlVd8ezsQR04tnvtBoBBBBAAAEEoidAQCd6fUqLEEAAAQQQQAABBAoTIKBT mB9nI4AAAggggID/AgR0/DfmCuERIKATnr6ipnkKENDJE47TEEAAAQQQQACBgAlIQKd69epq586d qkuXLmrmzJkBqyHVQQABBBBAAAEEEECguAIEdIrrzdUQQAABBBBAIHcBAjq5m3FGdAUI6ES3b2nZ /wQI6HArIIAAAggggAAC0RAgoBONfqQVCCCAAAIIIIAAAt4JENDxzpKSEEAAAQQQQMAfAQI6/rhS ajgFCOiEs9+odQ4CBHRywOJQBBBAAAEEEEAgwAIEdALcOVQNAQQQQAABBBBAoCQCBHRKws5FEUAA AQQQQCAHAQI6OWBxaOQFCOhEvotpIAEd7gEEEEAAAQQQQCAaAgR0otGPtAIBBBBAAAEEEEDAOwEC Ot5ZUhICCCCAAAII+CNAQMcfV0oNpwABnXD2G7XOQYCATg5YHIoAAggggAACCARYgIBOgDuHqiGA AAIIIIAAAgiURICATknYuSgCCCCAAAII5CBAQCcHLA6NvAABnch3MQ0koMM9gAACCCCAAAIIREOA gE40+pFWIIAAAggggAACCHgnQEDHO0tKQgABBBBAAAF/BAjo+ONKqeEUIKATzn6j1jkIENDJAYtD EUAAAQQQQACBAAsQ0Alw51A1BBBAAAEEEEAAgZIIENApCTsXRQABBBBAAIEcBAjo5IDFoZEXIKAT +S6mgQR0uAcQQAABBBBAAIFoCBDQiUY/0goEEEAAAQQQQAAB7wQI6HhnSUkIIIAAAggg4I8AAR1/ XCk1nAIEdMLZb9Q6BwECOjlgcSgCCCCAAAIIIBBgAQI6Ae4cqoYAAggggAACCCBQEgECOiVh56II IIAAAgggkIMAAZ0csDg08gIEdCLfxTSQgA73AAIIIIAAAgggEA0BAjrR6EdagQACCCCAAAIIIOCd AAEd7ywpCQEEEEAAAQT8ESCg448rpYZTgIBOOPuNWucgQEAnBywORSDAAjt37lQVKlQw/gS4mlQN AQQQQMBHAXtA57zzzlOvvvqqj1ejaAQQQAABBBBAAAEEgi9AQCf4fUQNEUAAAQQQiLsAAZ243wG0 3y5AQMeuwXokBfwM6Ozevbsgs7Jly6qKFSsWVEZYTtY0TW3YsEFt3LjR+LNp0yZrXfYddthh6ppr rglLc6hnEQT27dunJk2apF5//XW1ZMkStXLlSlWuXDl16KGHqh49eqhbb71V1a1btwg14RIIIIAA AkERIKATlJ6gHggggAACCCCAAAJBESCgE5SeoB4IIIAAAgggkE6AgE46GfbHUYCAThx7PWZt9iug s2fPHlWpUqWCNatVq2aEDOrVq6dOPPFE1bFjR3X66adHLnjw+eefq1atWqX1Ov/889X06dPTfm// 4r333lPvv/++atCggeratauqU6eO/WvWIyAgIyIMGDBAffnll1ZrJNAmL2bN5eijj1bz5s2L3LNi ti/XT56LXMU4PigC3LtB6Ylw1IOATjj6iVoigAACCCCAAAIIFE+AgE7xrLkSAggggAACCOQnQEAn PzfOiqYAAZ1o9iutsgn4FdDZv3+/ql+/vjEKjO1ynqxKEKF79+7GCCGnnHKKJ2WWuhCvAjrDhw9X Q4YMsZpTs2ZNJS93M4V/rINZCYXASy+9pH71q19Zda1du7Z69NFHjfDaUUcd5Xjm5F4YOnSodWxc V3gu4trz4W839274+7DYLSCgU2xxrocAAggggAACCCAQdAECOkHvIeqHAAIIIIAAAgR0uAcQ+FmA gM7PFqxFVMCvgI5wyZRNa9euVdu3b1fLly9XY8eOVR9//HGS5MMPP6x++ctfWtNZyeg7Mj2W/JFp ez744APjj0zj89NPPznO79y5s3ryySeN0WIcX4RsY+/evWrp0qWG1dy5c9W9996rZJ+5uBlBZ+fO napGjRpKwlH2pWfPnuof//iHfRfrIRVYtmyZatu2rdq2bZvRApnCav78+app06bqk08+MUaZsjft 7LPPVm+88YZ9V+zWeS5i1+WRaTD3bmS6sqgNIaBTVG4uhgACCCCAAAIIIBACAQI6IegkqogAAggg gEDMBQjoxPwGoPkOAQI6Dg42oijgZ0An0evTTz9Vxx9/vGO3jP6xceNGx750G3KcjAYigR57UEdC Cs8884w655xz0p0auv19+vRRjz32mFVvNwEdCfi0aNHCOsdckWnB5syZY27ymYPA4MGDldy3ffv2 VRIGK/Xyi1/8wgirmfUYPXq0MdWVbK9evVo1atTI/Mr4lHpPmDDBsS9uG2F9LoJ278XtvvGivYX2 YVjvXS/sKCN/AQI6+dtxJgIIIIAAAggggEA0BQjoRLNfaRUCCCCAAAJREiCgE6XepC2FChDQKVSQ 8wMvUMyAzrp164xpr+woMiXPl19+ad+Vdf3vf/+76tWrl9I0zTq2atWqxkgixxxzjLUvzCv333+/ uuuuu6wmuAnoyIg7tWrVUjLqgn3p16+fMXqRfR/r7gQk8CQvyWUKKQlNlXL56quvlDwv5iJ9LaGc SpUqmbvUDTfcoCZOnGhsy6g6r7zyimrZsqX1fRxXwvpcBOnei+N940WbC+3DsN67XthRRv4CBHTy t+NMBBBAAAEEEEAAgWgKENCJZr/SKgQQQAABBKIkQEAnSr1JWwoVIKBTqCDnB16gmAGd9evXq4MP Pthh0rx5cyMA4djpYuPGG280RtKxH3rkkUeqBQsWGNM82feHcX3MmDHWyChSfzcBHTlu1KhR6o47 7pBVY6levbqSPj766KPNXXzmIFClShW1a9euQAR0JJh2xRVXWLXv0KGDmjdvnrVtrnz77bfGqFRt 2rRRZcqUMXfH+jOMz0WQ7r1Y3zwFNN6LPgzjvVsAGad6IEBAxwNEikAAAQQQQAABBBCIlAABnUh1 J41BAAEEEEAgkgIEdCLZrTQqTwECOnnCcVp4BMIa0Pn666+N0UTkRZR9GTlypBo0aJB9VyjX8w3o SGMXLVqkZs2apWRUoW7duqkmTZqE0qDUlV61apVq3LixUY0gjKCT+KK+d+/e6oknnig1U2iuH6bn Imj3Xmg6OUAV9bIPw3TvBqgLYlsVAjqx7XoajgACCCCAAAIIIJBGgIBOGhh2I4AAAggggEBgBAjo BKYrqEgABAjoBKATqIK/AmEN6IiKjJizbNkyB9B5552nXn31Vce+MG4UEtAJY3uDWGcJe915551G 1YIQ0Ln33nvV0KFDLap77rlHyT6W6AkE7d6LnrD/LaIP/TfmCqkFCOikdmEvAggggAACCCCAQHwF COjEt+9pOQIIIIAAAmERIKATlp6insUQIKBTDGWuUVKBMAd0zjzzTDVnzhyHn0zptGXLFlW2bFnH /rBtENApbY/JC85mzZqpFStWGBUJYkBHwjpDhgwpLRRX91wgiPee542MeIH0YcQ7OODNI6AT8A6i eggggAACCCCAAAJFFyCgU3RyLogAAggggAACOQoQ0MkRjMMjLUBAJ9LdS+NEIMwBnfbt2xv1t/dk uXLl1J49e5R8hnkhoFPa3nvuuedUz549rUoQ0LEoWPFZIIj3ns9Njlzx9GHkujRUDSKgE6ruorII IIAAAggggAACRRAgoFMEZC6BAAIIIIAAAgUJENApiI+TIyZAQCdiHUpzkgXCGtDZv3+/OvDAA9Wu XbscjTr88MPV8uXLHfvCuEFAp3S9JqMyde3aVe3evduqBAEdi4IVHwWCeu/52OTIFU0fRq5LQ9cg Ajqh6zIqjAACCCCAAAIIIOCzAAEdn4EpHgEEEEAAAQQKFiCgUzAhBURIgIBOhDqTpqQWCGtA57PP PlOtW7dOatSAAQPU6NGjk/bnsmPNmjXq888/V99//73asWOHqlGjhpLgzymnnKLKlCmTS1Fpj5Xw h1xHRvuRqZTKly/vONaLgM62bdvUhg0bVMWKFdUhhxziKD/dhtRHzjnggANU3bp1kw777rvvjOBK kyZNjHKTDsiww29XTdOMflu5cqVhu2/fPnXwwQerBg0aGH+kztmWmTNnqh49eqgff/zRcWgUAzry EnfJkiVK+lT6pkKFCqp58+aqRYsWqmbNmo7257rh532Ua10Sj8/nuRCrzZs3q40bN6qDDjpI1apV K7FYJaFBCQdWrlzZeN5y/a0o1r3n9XPoV18vW7ZMrVq1Sq1evdqYtrB+/fqqadOm6ogjjlAylaGX ixe/HVIfv/swn3vX7uTnM1+MZ8TeFtbTC0hfyDOyc+dOdd5556lXX301/cF8gwACCCCAAAIIIIBA DAQI6MSgk2kiAggggAACIRcgoBPyDqT6ngoQ0PGUk8KCKBDWgM7111+vHnnkEQdpw4YN1YIFC5R8 5rPItCTjx49X8+fPV/LCNnFp3Lix+u1vf6suv/xy1apVq8Svs27PnTtXPfPMM+q1114zQhHmCZUq VVLHHXecatu2rerVq5eSqbtyCehs377dOE/CA/JHAjabNm1SElCRReo8efJk83LW51NPPaWkzXK8 /JFzJZAky6GHHqq+/fZbY11ekt9+++3qjTfeMMqVnRL6ufLKK9XYsWONMI9xYJr/47frDz/8oEaM GKFeeukl44V+mmoY4ZPevXsbVvKy31wkCCD9/t5776lFixaZux2fxx9/vDrssMMc+8yNk046Sd11 113mpmefcq9MmTLFKu+LL75QX375pbUtKxdddJFjWzYuvvhio8+TvvjfDgmeDR8+XE2bNk2tW7cu 5WESapJ7Ufq9du3aKY8xdxbrPjKv5/Yz3+dCQkt/+MMfrGdJngsJ58hLb1nsYa0VK1ao+++/3/jd kVDf3r17jWMkpCNhkjPOOEMNGzYsZaBHDizmvefFc+h3X69fv15NmjTJ+L1KvNcN2P/9H3G99dZb jZGucg1C2csp9LdDyvKjD/O9d+1ts697/cwX8xmxt4N1dwLyWyUjDErQlICOOzOOQgABBBBAAAEE EIi2AAGdaPcvrUMAAQQQQCAKAgR0otCLtMEzAf0lPQsCkRb48MMPJYli/JkwYYKvbdVfhlrXMq+p j9iR8zX18EpSOfp/La4tXrw457LkBD3MoumjpjjK1F9uafo0R9rvf/977bTTTtP0EW4c348bN871 taTdeqjHcb60Xx+ZR5P216lTx/quXLly2tChQ7UHHnjA2ifHnn/++Wmvp7/Udhxr2pqfekAn5bk3 33xz2vOqVq1qnDN9+nStWrVqaY/TQxwpy5adfrvKNV5++WVNHyUnqX76aDlaly5dNP1FvqaPduL4 Xo7XXzDL6cbyyiuvOL433dx+duvWzSzK00899JNXvfRwSdp6/P3vf9f00XEc5darV0+TNsi93qFD B61s2bLW9/Ic3HPPPZo+EkPaMv2+j9JeOMsX+T4Xs2bNstqf6h7QAzqaPlqO4aKH66xj9VGntEaN Gml6YMTaJ+fL/TZjxoyUtS3Gveflc+hnX+uBHE0fqcyy00NOxvN77bXXatdcc432i1/8QtODgdb3 YtuyZUtND0mltM2204vfDrmGH32Y772bqs1+PPPFfEZStYl9mQV++uknTf43XJ4RPaCT+WC+RQAB BBBAAAEEEEAgBgLyb2ry92P59xAWBBBAAAEEEEAgiALy7+Py9xX5o/8H1kGsInVCoGgCjKCj/xKw RFsgTCPoyEgWMmrOkCFDrNEspHdkKiYZHeLMM8/MubPmzJmjrrjiCmM6KzlZDyeoPn36GCOMyFQ2 5rJ06VJjxJgPPvjA3KUefPBBYxQHa0eKFRlx4rbbbjNG4zC/limUZCqudu3ambvUwoULjVFcnn76 aWuffUX/xwSlh2Xsu6x1+a/k77zzTiWjLsgoPTLNjn1JN4KOjDijv2g1pjeaPXu2MR2GeZ7+cs8o Sw8nGf8VvtRVpg6799571VtvvWUepmT0ny1btiSNouO3q4z0079/f/X4449bddHDTWrw4MHqpptu UnroydovowlIP1x11VXWPj1IYYxiJKNvSDL52Weftb6TFWmreJqLHg5Q55xzjrnp+LzwwguVjLDj 9SKG8+bNs4p9++231bvvvmttyyg3enjB2jZX5P5NHEVKRia57rrr1NSpU83DVPfu3dVDDz2UNDKQ TBF2yy23OI499dRTjftPpntLXPy8jxKvlct2vs+FjNwiIypt3bpViblMsWRfZIQX+d00773OnTur ++67z5hyT6aqk+dB+sA++pGMQiQjrSROjeX3vef1c+hXX8v0YDJC2dq1aw1quc9k1Bf5HbIv8jss 97H9OZApr+R3T55pN4uXvx1yPT/6MN97195+P5/5Yj4j9jax7k6AEXTcOXEUAggggAACCCCAQHwE GEEnPn1NSxFAAAEEEAirACPohLXnqLcvAkWLAnEhBEokUOoRdI466ihjNAoZkcL+R3+JqulBE02f dkh74YUXNBmpxT5ahf7AG0lSfcoiTZ+eKS+9r7/+WqtSpYqVSpWRL/QgR9qy1qxZo+lhIOt4qYOM wpBuSRwFR47PlnzVX+pb/+W72Ub5zDSCjv368l/Ot2nTxlHHdCPo2M+T0YfsI6fI6BXHHnusUY4+ nZemhxWMw0888URH2TKykPmdWZ7frnIdPRThqIeMXKK/pDerkPSp/2OM43gx1UNRSceZO/SAi+N4 GTWl1IuMZGO/J9z0q9RZn3bJcU/Ifa6H3DT9JW7aJsl9dOONNzqu17p166S+TizAy/sosexCtvN9 Lvbs2aM1a9bM4aBPdWZsy4g5erArZbXkt6xFixaO8/QpmVIem7jTq3vP7+fQy75+5513HFZyn+tB qEQaY1ts9WkAHcfLSGR6qCXl8Yk7/f7tkOt51YdSVj73bjGf+VI8I+LCkl5A7hlG0EnvwzcIIIAA AggggAAC8RNgBJ349TktRgABBBBAIGwCjKATth6jvn4KKD8Lp2wEgiBQ6oCOPXDgdl2ms5Jgjj6a TUGEnTp1crzklTKzLRLIsddTpl1JtXz88ceO6VgkFPGXv/wl1aFJ+55//nnHNeR6bgM6Uli/fv0c 57sNcshUR/a2ybpMz/PNN99YddRH6nEcc9FFF1nfmSt+uso19FGGHHWQesqUK5kWfYSbpHMkDJVu 8fIFe7pr5Lo/34COPuqRo+1SjtslcUojN8+IV/eR2zq6PS7f5+LKK690+JnPiEy1l2kZMWKE47zj jjsu0+HWd17de34/h1Jhr/p62LBhDisxlmkB0y36SDqO31c53k2Irhi/HVJnr/rQbH+u926xn/li PyOmC5+pBQjopHZhLwIIIIAAAggggEB8BQjoxLfvaTkCCCCAAAJhESCgE5aeop7FECCgUwxlrlFS gVIHdGTUFn36l6Q/EsIxX4QnfjZp0sQYXUFeQuW7/PWvf3WUr0+PpOlT2bgqTkI59jolBoX0qZG0 I4880nFMt27dXJVtHqRPP+Q4P5eAjoyOYq+f24COjGZkP0/W9Wm8zCoZn/v27TP2XXzxxdqf/vQn bd26dY7v/XSVC8n15H6x1/Oss85y1CHVhj69leMcGSFIn4oo1aHGPq9fsKe9UA5f5BPQWbRokVah QgWr7TIClNyfbhd9WjlrJAbTfMaMGRlP9+I+yniBPL/M97nQp/uy/EwDGYUl0whEUsVp06Y5zqtW rZqrmntx7/n9HJoN8aqv//a3vzmsxHnkyJHmZVJ+Jo6io081l/I4c2exfjvkel70oVlv+czl3i3F M1/sZ8Ruw3qyAAGdZBP2IIAAAggggAACCMRbgIBOvPuf1iOAAAIIIBAGAQI6Yegl6lgsAQI6xZLm OiUTKHVAR6YmSbfI1EkyjcrQoUM1mcLIfDlufsoL2s2bN6c7Pe1+mQqlRo0ajvLOPPPMtMcnfpH4 svS2225zHNK3b19H2VLfN954w3FMto3rr7/eUUYuAZ18ghxSH+kL01Y+JTy1atWqbFW1vvfbVS4k o2rY6ygjE2WaqsqsnLyclz6WsErLli21J5980vwq5afXL9hTXiTHnfn0a+LIQRJUynW59NJLHeYd OnTIWESh91HGwgv4Mh8/udyAAQMc7Zf7b+bMmVlrItPz2e9VWZfAU7al0HuvGM+h2Qav+lp+x+1T 80nwR6YUzLRcc801Dt9sIxQV67dD6lxoHya2O5d7txTPfLGfkUQftp0CBHScHmwhgAACCCCAAAII IEBAh3sAAQQQQAABBIIuQEAn6D1E/YopQECnmNpcqyQCQQ7o2EF27NihXXHFFY4XsvLCW8ICO3fu tB+adT1xmiopR0aDcbu8++67jnr86le/sk7du3evVrNmTcf3MppOttE2rAL+txKEgE7Hjh0Tq5Vx 209XubAED2TkG3vo4eijj85Yp3y/9PoFe771sJ+Xy0t6Oe+TTz5xWInbU089ZS/S1fqf//znpHLk L4vplsTQRq73UbpyC92fq595vVThg2zhETk3lb+b8wq99/x+Dk0X+fSyr3fv3q3NmzfP9dSFo0eP dtyXTZs2tVfNsV7M3w65cKF96Ki8vuH23k11zxXjmS/2M5Low7ZTgICO04MtBBBAAAEEEEAAAQQI 6HAPIIAAAggggEDQBQjoBL2HqF8xBQjoFFOba5VEICwBHcGRkItMY2IPaMj6DTfckJNdqhFupkyZ ou3fv9/VH5kKy14HGfnBXGSkHPt3si4jkOS6BCGgkzgyULY2+Okq15ZRSxJte/funa1aeX3v9Qv2 vCqRcJLbl/TmaYnHi50EIHJdpk+fnuQ+atSotMUkhjZyvY/SFlzgF4kebqd+SwwfNGjQwFVNUoUl ihHQ8fs5tDe+WH397bffarNnz9aeffZZbfz48drgwYO1U0891XFfZgroFPO3Q3y8/v1we+8mHles Z77Yz4j9HmQ9WYCATrIJexBAAAEEEEAAAQTiLUBAJ979T+sRQAABBBAIgwABnTD0EnUslgABnWJJ c52SCYQpoCNIP/zwg1axYkXHi9nq1atr27dvd214wQUXOM5PDH3kut24cWPr2qlGG7nlllus792u BCGgM2bMGLfVNY7z01UuIPVJ7JsRI0bkVEe3B3v9gt3tdTMdl/jyPVvA5JJLLknyyjTyTbprz507 N6mca6+9Nt3hSaOq5HofpS24wC9y9TMvlxg+OOOMM8yvMn6WKqDj93Nob3RiQMervt60aZP2xBNP aPKPqHXr1k26/xJ/B2Q7U0CnmL8d4uP174fbe7dUz3yxnxH7Pch6soA9oHPuuecmH8AeBBBAAAEE EEAAAQRiJkBAJ2YdTnMRQAABBBAIoQABnRB2GlX2TYCAjm+0FBwUgbAFdMTt7LPPTnphO3nyZNek J510UtL59evX11q1apXzn9atW2v9+/e3rn3nnXcmlZ3L9FlmQUEI6LzwwgtmdVx9+ukqFRg0aFCS rQSi/Fi8fsHuRR3dvqQ3ryXTvyUGGZYvX25+7fpz0aJFSeV07tw57fmJoY1c76O0BRf4Ra5+5uUS wwedOnUyv8r4WaqAjt/Pob3RXvf1unXrNAl/VahQIemek5GLunfvrg0fPlx7/PHHtcQgUqaATjF/ O8TH698Pt/duqZ75Yj8j9nuQ9WQBAjrJJuxBAAEEEEAAAQQQiLcAAZ149z+tRwABBBBAIAwCBHTC 0EvUsVgCBHSKJc11SiYQxoBOnz59kl7e5jKNTvv27ZPOX7ZsmSd9kPiiUgIS+YRIghDQkamNcln8 dJV63HrrrUn9lo+tmzZ5/YLdzTWzHeP2Jb1ZzgknnJDktWTJEvNr158fffRRUjky1Vy6JTG0ket9 lK7cQvfn6mdeL/GZDnpAx+/n0HSRTy/7+qmnntIOPPDApHvt5JNP1l5++WVjikP7tceNG+c4NlNA p5i/HVJHr38/3N67pXrmi/2M2O8D1pMFCOgkm7AHAQQQQAABBBBAIN4CBHTi3f+0HgEEEEAAgTAI ENAJQy9Rx2IJENApljTXKZlAGAM6MmJN4sggXbp0cW2YahqQ+fPnuz4/04GpplIZNmxYplNSfhfG gI6froI0duzYpH7PxzYleMJOty/YP/jgA6Neb7/9dkIJ3m+6fUlvXjlxhBF5ZubNm2d+7frzzTff THKXkUzSLV6GNtJdI5/9ufqZ1yh2+KDQe8/v59B0kU+v+nr8+PFamTJlHPfZEUccoc2ZM8d+Ocd6 LgGdYv52SCUL7UNHQ/UNt/duqZ75Yj8jiT5sOwUI6Dg92EIAAQQQQAABBBBAgIAO9wACCCCAAAII BF2AgE7Qe4j6FVOAgE4xtblWSQTCGNBJNRpCptETEmEHDhzoeBEswQWvpuGZOnVqUtk33XRTYhWy bocxoOOnq4BNmzYtyfbKK6/MapnPAW5fsN99991GnW688cZ8LpPTOW5f0puFyn2XGGTLZzSbF198 MamcTPe0V6ENsx1efebqZ1632OGDQu89v59D00U+vehrGdWpbNmyjnusTp06mvw/JJmWXAI6xfzt kDoX2oeJ7XZ775bqmS/2M5Low7ZTgICO04MtBBBAAAEEEEAAAQQI6HAPIIAAAggggEDQBQjoBL2H qF8xBQjoFFM7gtfavXu3tnz5cu2HH34IbOvCGNAxQxH28EG5cuW0PXv2uHJ+/fXXHS+DpRwJ/eSz SN9u377dOvW7775LetncrVs363u3K2EM6PjpKm7ff/+9Jv1s73cZZSOfZe/evUlT5tjL8foFu73s fNfdvqQ3y3/mmWccVuImI5XkuowaNSqpnJdeeiltMV6ENtIWXsAXufqZlyp2+KDQe8/v59B0kU8v +lp+H+3PtKy///779sukXH/ggQcc59lDmuvWrdN+/etfayNGjDDOLeZvh1yw0D5MbLDbe7dUz3yx n5FEH7adAgR0nB5sIYAAAggggAACCCBAQId7AAEEEEAAAQSCLkBAJ+g9RP2KKUBAp5jaEbiWvPR/ +eWXtR49emj16tVzTNnRuHFj7aKLLtLuu+8+bceOHYFpbRgDOg899JDjxaz5cvff//63K1d5eXXo oYc6ymjZsqWrc+0Hffzxx0Yft2nTxr5bO/fccx1lH3jggZrcG7ksV199taMM+ccEt4vbl7mJ5RX6 st1vV6mv+Y8qZp/L5yeffJLYlIzbn332mVa+fHntpJNOSntco0aNHP6PPPJIymNvu+0247i+ffum /N7Lnbn2665du7SaNWs62iGhhVwXmT7O7l29enVNyk63FHofpSu30P25+pnXK3b4oNB7rxjPoWlT aF9LXStVquS4v44++miz+IyfPXv2dJxnD+hIMFbu2apVq1plFOu3Qy5YaB9alf7fitt7t1TPfLGf kUQftp0C8lzJvS/PgPx9hAUBBBBAAAEEEEAAgbgLmP//oPwbCQsCCCCAAAIIIBBEAQI6QewV6lQq AQI6pZIP4XVlRAkJ4dhfZFepUkWT8Mbpp5+uyZQd5ncnnniitmbNmkC00s+ATuJLfBltxjQwP+UF b67LE088kVSOlDdlypSURQ0fPlyrW7euNm/ePOv7xNEX5PwZM2ZY37tZ6d69u1GPDh06OA5PNZ3K 3/72N8cxmTb++9//am3btnW0MQwBHWmTn65S/syZMx0u0m/t2rXT5IWk20WmxZLzxDjd0rp1a8d1 Ro4cmfLQSy65xDhu2LBhKb/3cqfbl/T2a95+++2OdhxwwAHa2rVr7YdkXP/222+1ChUqOMqYOHFi xnMKDW1kLLyAL/Pxk8sVO3zgxb3n93NodkOhfb1y5UrHvSXPZa9evcziM34edthhjnOzBXSK9dsh lfaiD+2Nz+XeLcUzX+xnxG7DerIAAZ1kE/YggAACCCCAAAIIxFuAgE68+5/WI4AAAgggEAYBAjph 6CXqWCwBAjrFkg7xdWR6IxkZR14smn8kMCBhDwlamIu8MJk6dapWv35947gmTZpo27ZtM78u2acf AR2ZXkReEo4ZM8bRLgkGmEbmZ7NmzRzHuNmQMJR5vv2zf//+KU83X5Y+/vjj1vf79+/XTjnlFEc5 8rJ58+bN1jGZVqR/y5QpY5yfKrAgI5XY6yYvkzdu3JipSOs7CYPYz5X1M8880/o+28rgwYMd5192 2WXZTjG+P/LIIx3nyWhQuS5+u0p9pD2JPg8//LCrqkpIq2zZssb5mc4xw1fmdWRUrFRLq1atjLJk ahm/l8R+lRFEsi0//vhj0jREEoCw/zZlKkOONQ3k0810bV7cR5nqlO93iX5unwv5XbEbnHHGGa6q sGDBAsd5UoZMtZRt8eLeK8ZzKO0otK8lxJk4go6be2zx4sVJtocccohF++mnnxrfJ/7XkcX47ZBK eNGHVmP0lVzu3VI888V+Ruw2rCcLENBJNmEPAggggAACCCCAQLwFCOjEu/9pPQIIIIAAAmEQIKAT hl6ijsUSIKBTLOmQXkcCFxLGsb+8vffee9O2ZsSIEY5jZaSVUi9eBnTMYI5MrVC7dm1t69atjubJ VER2K1mXF6h79uxxHJdtQ4I+MkVRYlmJU01JORKCKleunHHsW2+95Sh62bJlxsg69nI6deqkbdmy xXFc4sb06dOtqYNkdKRUo7ds2LBBkxfG9rKPPfbYjKOXSGgicSQC8/zDDz885XUS6ybbidNjnXfe eakOc+yTa8tUXOb15HPSpEmOY9xu+OkqdZD+EQ97XWvUqJF1BCSZ2kqCcXKejGKVqt/MNo4aNcpR vtzP69evN782Pt99913rGLfTqzkKyHEjsV87duzoqgQJisi0VHavyy+/XNu3b1/G8++//37HOQ0a NEgySCzAy/sosexCtxP93DwXcs1LL73U4eB2CqZXXnnFcZ74u5mOzat7z+/n0Ku+PuussxxOlStX 1iRgk26R0ecSpygUWwlMrl692jht8uTJRplnn322o5hi/HbIBb3qQ7Pyud67xXzmpY7FfkZMFz5T CxDQSe3CXgQQQAABBBBAAIH4ChDQiW/f03IEEEAAAQTCIkBAJyw9RT2LIUBApxjKIb3Gjh07tOOO O87xYvEvf/lL2tYsXLjQcay8ULzhhhvSHl+sL7wI6JjBHHsAQKaVklEOPvroI02CMX/961+Tpv0w j5f/R/n555/X3nnnHeMF9n/+85+szU81EoKMjCLXsy9333234S5BIBlZIHGR/9FLDHtIiENGO0oM MKxatUq7/vrrrX6sV6+eJlO0pFu++eYbTV7mm+2UTxlxIlWYQwzN6ZLsx9vXZcQUeen//vvvazJd mLlIu+TFv+yXUWFkajX7eRJmkilvJFAiL27lxbos0h7ZfvPNN7U+ffo4zpHzGzZsqI0dO1abPXu2 JveJBFzcLn66Sh1kJJLjjz8+qc4y4ouEo+yLBOkmTJhgjdRRrVo1bdGiRfZDktYlXCb3jN1R+scc 9UqmfjKn9+nSpUvS+V7syNavUrd+/foZ035J30ubEkNxZj0+/vhj7eCDD3a0RwIqS5YsMQ8xPvfu 3Wv09QUXXOA4Vka6knsg1eLnfZTqem73ZfNL91xIH4vXe++9p40bN06rWLGiw0LcBw0apL399tvG cfLsmos8I+L04osvpvy9O+200zQJZsrv1BdffGGe5vj08t7z+jn0o6/FwwxRms+bjDhmn5LQBHrt tdc0c9Qq+Z1ODK5IwFJGIJPfLinrj3/8o3mq9en3b4dcqNA+zPfetRqpr/j5zJf6GbG3k/VkAQI6 ySbsQQABBBBAAAEEEIi3AAGdePc/rUcAAQQQQCAMAgR0wtBL1LFYAgR0iiUdwutcddVVjpe2v/vd 7zK24rHHHnMcLy8PTz311IznFOPLQgI6ZjBHRswxX6yanxIgMddz/ZTRTbIt8oLwmGOOSbpGixYt jJff8oLzoYce0ipUqGAcI1NupVtkRIYrrrgi6SXxQQcdpJ177rmaTG90wgknOK4l+2Ukn2yLhEV+ 85vfWNNhmRYy8o5MCyIj5kjAw6ynvKgeNmyYds011ziuZ55nfo4fP966tIQzzP1uPiWEIcvNN9+c 03nSz7ksfrpKPeQe6N27d9JoSjKShoRnOnfurB1xxBGONsoUc//85z9dNUOm+EoMZ8joHieffLI1 Io2YuBkVxdUFEw7KtV+l72XqtXTLihUrNAl5mVN8mfdKy5YtNfnHKpnyLXG6Ibkv77zzTk2mIkq3 +H0fpbtutv25+pnPxaxZsxz3jOmU7lNGSzGXunXruj5XAp7pFi/vPS+fQ7/6Wka8STUqmgSa+vbt q1133XWOwNNRRx2lyQhB8v+0JN7PZj9JGFICRakWv3875JqF9GG+925iW/165oPwjCS2le2fBQjo /GzBGgIIIIAAAggggAACIkBAh/sAAQQQQAABBIIuQEAn6D1E/YopQECnmNohutaUKVMcL2Flep10 I1eYzZLRGMwXh+anhAtKveQT0MkUzJG2DRkyRNu/f78mL1HlhX+tWrU0mR5HRkVo2rSpMYqMvDyV P7It05XIaDTiKIEINwEdcRNzCbmkerFrGsunBGB2796dlVr+B1Cm/kkMZdjLkrpKOMYchSZrof87 QEYqkRFY0r1MllDJL3/5S23u3LnGGfaReuzXN9cTAzpSrowMI6OkiLOMeGL6ykgT4i9TWMl1zCDC xIkTjWCQuMv3MpKQeZ55rrRXgkoyKo+Un8/ip6vUZ/ny5Uag6YADDkh6xkwvCU7ccsstWacvS2yf jOKROI2dWaaM0uFXOEfqIS/p7f0q/Wh/fqSvpK8ldCR9K+GuTAEds20ygpOExjJ5yXMr/4DlZtSk Yt1HZv3dfib6uX0uJHxgusvvkvm7Jd7iL8+JPC/y3Mhvjz2gI4ESCXHVqVNHa9y4sREQk/Pkj4TF ZJ9Mlya+Mi1QpsXre8+L59DPvpYwzT333KM1atQo7XMs9/nAgQM1GRXLXGT0NXswSkJlF154oasA pZ+/HVK/fPsw33vXNEn89PqZD8ozkthOtv+/AAEd7gQEEEAAAQQQQAABBJwCBHScHmwhgAACCCCA QPAECOgEr0+oUekEysil9ZexLAhYAvqLD6WHF5T+X6Zb+/TpTpQ+rYa1nWpFD3QofVQU9eSTTypZ b9OmjdKnQVH6C99Uhxdtnz7Vimrfvr1xPX0aIKWPVpD22vqoOOrBBx9U+jRKSh+hJuVx+otppb/0 VPqL1JTf+7Hz888/V/pLWqVPxaT0aWPUli1blP4CXOmBF3X22WcrfRogpYcRXF9aDxcZbVi6dKnS p9uSoJ7SXxorPXCk2rZtq/SQi+uyEg/Ug0Lqq6++UlL2119/bdRTD8EY5eoBDOtwfSoXpb9UVXq4 SelTLRmfsm7+Ed9C6mFdqIgrfrpKM/QpyYx+0/8iYxjLs6qHaJQesFD6qDdKD1Pk3Vq5D/SRd5Qe TjPuJX20GaWPqqT0MEDeZZb6RPGR3zG5F8VMtvVAitJDJErapwdNSl1Frq8LeH3v+f0cFtppUj/5 7fvuu++MP5s2bVJ6IErpISelT2uX8n9b9uzZo/Qp3oxL66NnGb+TudTDz98OqYfXfZhL2+zH8szb NaK7Ln/HlL8jyN/T9NH+lPx9ggUBBBBAAAEEEEAAgTgL6NN4K/0/aDL+fW3z5s1xpqDtCCCAAAII IBBQAfk3ZPm3bVmGDx+uBg8eHNCaUi0E/BcgoOO/ceiu8Oyzz6rLLrvMqreEJORFogQ43CwSHtmx Y4c65JBD3Bzu+zFuAjpugjlmRe+77z511113mZsl+ZSXkLLoI4qU5PpcFAEEEEAAAQQQKIUAAZ1S qHNNBBBAAAEEEEAAgSALENAJcu9QNwQQQAABBBAQAQI63AcI/CxAQOdnC9b+JyAj3yxevNjyOOaY Y5Q+fZG1HbaVTAGdXII50u5SjJ4TNm/qiwACCCCAAAII+CVAQMcvWcpFAAEEEEAAAQQQCKsAAZ2w 9hz1RgABBBBAID4CBHTi09e0NLsAAZ3sRrE6QqZuSpySSqaEkqmhwrqkCujkGswx2x6E0XPMuvCJ AAIIIIAAAgjETYCATtx6nPYigAACCCCAAAIIZBMgoJNNiO8RQAABBBBAoNQCBHRK3QNcP0gCBHSC 1BsBqMtjjz2m+vTp46jJxIkT1XXXXWfsk6mVvvrqK/X5558b017Vq1dPNWvWTB111FHqwAMPdJwX lA17QOePf/yjkrmYH374YfXjjz/mVEUZPWfFihWqevXqOZ3HwQgggAACCCCAAALeCBDQ8caRUhBA AAEEEEAAAQSiI0BAJzp9SUsQQAABBBCIqgABnaj2LO3KR4CATj5qET6nZ8+e6rnnnnO08Pnnn1eX XHKJevnll9Udd9yhli5d6vheNipWrKguvfRS1b9/fyVTZAVpsQd0CqlXjx491EUXXVRIEZyLAAII IIAAAgggUICApmnqyiuvVLt371atW7c2/m5aQHGcigACCCCAAAIIIIBA6AUeeOABtXDhQlWlShX1 +OOPh749NAABBBBAAAEEoiXQokULVblyZdW8eXOjYcOHD1eDBw+OViNpDQI5CBDQyQErDofKj6Ok GO3LG2+8od58800l/8+eLBUqVFAnnniiatWqlfr+++/V7Nmz1b59+6xT+vXrpx588EFVvnx5a1+p VtavX68GDBigJk+eXKoqcF0EEEAAAQQQQAABBBBAAAEEEEAAAQQQQAABBBBAAAEEEEAgdgIy+EPv 3r0J6MSu52lwOgECOulkYrq/du3axhRQ9ubL6DkvvPCCsUumuho9erTxX2SYx6xcuVJdfPHFasGC BeYudcYZZxgj7pR62qtt27apgQMHqkmTJll1YwUBBBBAAAEEEEAAAQQQQAABBBBAAAEEEEAAAQQQ QAABBBBAwF8BAjr++lJ6+AQI6ISvz3yr8f79+42pqmTqgFTLyJEj1aBBg1J9pdatW6dOPvlk9c03 31jfy5RQidNlWV8WccU+xdUBBxyg9uzZk9fVZfqvyy+/PK9zOQkBBBBAAAEEEECgcAH5e6oEw2WK KxnRcejQoYUXSgkIIIAAAggggAACCIRYQP5OLP/+WbVqVes/sgxxc6g6AggggAACCERMoGnTpqpM mTKMoBOxfqU5+QsQ0MnfLnJnrl27VjVo0CBlu84//3w1ffr0lN+ZO//1r3+pY4891tw0PmXkmmuu ucaxr9gb9oCOTNMlL3TGjBmjNm3alFNVatSooVasWKFq1aqV03kcjAACCCCAAAIIIOCNwH//+18l IzT++OOP6txzz1WvvfaaNwVTCgIIIIAAAggggAACIRW44IIL1IwZM1TNmjWTRkYPaZOoNgIIIIAA AghETOA///kPAZ2I9SnNyV+AgE7+dpE7U6aqatKkScp2ScjlpJNOSvmdfWfbtm3VwoULrV3169dX 3333nSpfvry1r9gr9oDOhAkTVN++fZVMfTV+/PicgzpDhgzhv9QudgdyPQQQQAABBBBA4H8CBHS4 FRBAAAEEEEAAAQQQcAoQ0HF6sIUAAggggAACwRMgoBO8PqFGpRMgoFM6+8BdecuWLSlHh+nYsaOa M2eOq/rec889atiwYY5jp0yZon7961879hVzI1VAx7x+rkEdRtEx5fhEAAEEEEAAAQSKL0BAp/jm XBEBBBBAAAEEEEAg2AIEdILdP9QOAQQQQAABBJQioMNdgMDPAgR0fraI/Zq88JCRbjRNc1gMHDhQ jRo1yrEv3ca8efPUaaed5vj6wgsvVNOmTXPsK+ZGpoCOWY9cgjp33313UgjJLIdPBBBAAAEEEEAA Af8ECOj4Z0vJCCCAAAIIIIAAAuEUIKATzn6j1ggggAACCMRJgIBOnHqbtmYTIKCTTShm38sIMRJW sS+TJk1S11xzjX1X2vV///vf6phjjnF837x5c7V06VLHvmJuuAnomPVxE9RhFB1Ti08EEEAAAQQQ QKC4AgR0iuvN1RBAAAEEEEAAAQSCL0BAJ/h9RA0RQAABBBCIuwABnbjfAbTfLkBAx67Bujr00EPV d99955CYPXu2OvPMMx370m0sX75cNW3a1PF1pUqV1M6dO1WZMmUc+4u1kUtAx6xTtqDOgAED1OjR o83D+UQAAQQQQAABBBAoggABnSIgcwkEEEAAAQQQQACBUAkQ0AlVd1FZBBBAAAEEYilAQCeW3U6j 0wgQ0EkDE9fdHTt2VO+8846j+R9++KFq166dY1+6jdWrV6tGjRolfb1+/XpVt27dpP3F2JFPQMes V6agzqZNm1StWrXMQ/lEAAEEEEAAAQQQ8FmAgI7PwBSPAAIIIIAAAgggEDoBAjqh6zIqjAACCCCA QOwECOjErstpcAYBAjoZcOL41cCBA9UDDzzgaHouI+jI6DsyCk/iUsowSyEBHbMdZlDn7rvvNncp WR82bJi1zQoCCCCAAAIIIICAvwIEdPz1pXQEEEAAAQQQQACB8AkQ0Alfn1FjBBBAAAEE4iZAQCdu PU57MwkQ0MmkE8PvpkyZon7zm984Wv7cc8+pHj16OPal27D/wJrHVKtWTW3fvt3cLPqnFwEds9Jm UGfMmDHqp59+UitWrGAUHROHTwQQQAABBBBAwGcBAjo+A1M8AggggAACCCCAQOgECOiErsuoMAII IIAAArETsL8/Hj58uBo8eHDsDGgwAqYAAR1Tgk9DINUIOPfdd5+66667XAktXrxYtWnTxnFsq1at 1L/+9S/HvmJueBnQMettBnUkfNS/f39zN58IIIAAAggggAACPgoQ0PERl6IRQAABBBBAAAEEQilA QCeU3UalEUAAAQQQiJUAAZ1YdTeNzSJAQCcLUBy/7tixo3rnnXespl9yySXq+eeft7Yzrfztb39T vXr1chxy3XXXqYkTJzr2FXPDj4COWf99+/apChUqmJt8IoAAAggggAACCPgoQEDHR1yKRgABBBBA AAEEEAilAAGdUHYblUYAAQQQQCBWAgR0YtXdNDaLAAGdLEBx/FqmtOrZs6fV9Lp166rVq1e7CqLI VFgvvPCCda6sfPjhh6pdu3aOfcXc8DOgU8x2cC0EEEAAAQQQQCDuAgR04n4H0H4EEEAAAQQQQACB RAECOokibCOAAAIIIIBA0AQI6AStR6hPKQUI6JRSP6DX3rt3r2ratKlatWqVVcOXXnpJXXTRRdZ2 qhUZTeaggw5SW7dutb4+55xz1KxZs6ztUqwQ0CmFOtdEAAEEEEAAAQS8FyCg470pJSKAAAIIIIAA AgiEW4CATrj7j9ojgAACCCAQBwECOnHoZdroVoCAjlupmB0noZpzzz3XanXDhg2VBF0aNWpk7Utc ueuuu9T9999v7a5Zs6b67LPPVOPGja19pVghoFMKda6JAAIIIIAAAgh4L0BAx3tTSkQAAQQQQAAB BBAItwABnXD3H7VHAAEEEEAgDgIEdOLQy7TRrQABHbdSMTzuhhtuUBMnTrRafsIJJ6i5c+eqqlWr WvvMlSeffFJdffXVSl6ayFK5cmVj5JxTTz3VPKRknwR0SkbPhRFAAAEElXsa7gAAQABJREFUEEAA AU8FCOh4yklhCCCAAAIIIIAAAhEQIKATgU6kCQgggAACCERcgIBOxDuY5uUkQEAnJ654HSwvQCSk M2nSJKvhMhrO4MGDlQRvatSooT7//HPj+ylTpljH1K1bV73wwguqY8eO1r5SrhDQKaU+10YAAQQQ QAABBLwTIKDjnSUlIYAAAggggAACCERDgIBONPqRViCAAAIIIBBlAQI6Ue5d2parAAGdXMViePzD Dz+shgwZojZu3Ji19TIt1l//+ld1yCGHZD22WAcQ0CmWNNdBAAEEEEAAAQT8FSCg468vpSOAAAII IIAAAgiET4CATvj6jBojgAACCCAQNwECOnHrcdqbSYCATiYdvrMEtm7dqp5++mk1c+ZMtXjxYrVh wwZVtmxZ1bRpU9WiRQvjz8UXX6xkGqygLQR0gtYj1AcBBBBAAAEEEMhPQAI6Morjjh07lATDX3vt tfwK4iwEEEAAAQQQQAABBCIiQEAnIh1JMxBAAAEEEIiwAAGdCHcuTctZgIBOzmScIALyckTTNFWu XLnAgxDQCXwXUUEEEEAAAQQQQMCVAAEdV0wchAACCCCAAAIIIBAjAQI6MepsmooAAggggEBIBQjo hLTjqLYvAgR0fGGl0CAJENAJUm9QFwQQQAABBBBAIH8BAjr523EmAggggAACCCCAQDQFCOhEs19p FQIIIIAAAlESIKATpd6kLYUKENApVJDzAy9AQCfwXUQFEUAAAQQQQAABVwIEdFwxcRACCCCAAAII IIBAjAQI6MSos2kqAggggAACIRUgoBPSjqPavggQ0PGFlUKDJEBAJ0i9QV0QQAABBBBAAIH8BQjo 5G/HmQgggAACCCCAAALRFCCgE81+pVUIIIAAAghESYCATpR6k7YUKkBAp1BBzg+8AAGdwHcRFUQA AQQQQAABBFwJENBxxcRBCCCAAAIIIIAAAjESIKATo86mqQgggAACCIRUgIBOSDuOavsiQEDHF1YK DZIAAZ0g9QZ1QQABBBBAAAEE8hcgoJO/HWcigAACCCCAAAIIRFOAgE40+5VWIYAAAgggECUBAjpR 6k3aUqgAAZ1CBTk/8AIEdALfRVQQAQQQQAABBBBwJUBAxxUTByGAAAIIIIAAAgjESICATow6m6Yi gAACCCAQUgECOiHtOKrtiwABHV9YKTRIAgR0gtQb1AUBBBBAAAEEEMhfgIBO/naciQACCCCAAAII IBBNAQI60exXWoUAAggggECUBAjoRKk3aUuhAgR0ChXk/MALENAJfBdRQQQQQAABBBBAwJWAPaDT uXNn9frrr7s6j4MQQAABBBBAAAEEEIiqAAGdqPYs7UIAAQQQQCA6AgR0otOXtKRwAQI6hRtSQsAF COgEvIOoHgIIIIAAAggg4FKAgI5LKA5DAAEEEEAAAQQQiI0AAZ3YdDUNRQABBBBAILQCBHRC23VU 3AcBAjo+oFJksAQI6ASrP6gNAggggAACCCCQrwABnXzlOA8BBBBAAAEEEEAgqgIEdKLas7QLAQQQ QACB6AgQ0IlOX9KSwgUI6BRuSAkBFyCgE/AOonoIIIAAAggggIBLAQI6LqE4DAEEEEAAAQQQQCA2 AgR0YtPVNBQBBBBAAIHQChDQCW3XUXEfBAjo+IBKkcESIKATrP6gNggggAACCCCAQL4CBHTyleM8 BBBAAAEEEEAAgagKENCJas/SLgQQQAABBKIjQEAnOn1JSwoXIKBTuCElBFyAgE7AO4jqIYAAAggg gAACLgUI6LiE4jAEEEAAAQQQQACB2AgQ0IlNV9NQBBBAAAEEQitAQCe0XUfFfRAgoOMDKkUGS4CA TrD6g9oggAACCCCAAAL5ChDQyVeO8xBAAAEEEEAAAQSiKkBAJ6o9S7sQQAABBBCIjgABnej0JS0p XICATuGGlBBwAQI6Ae8gqocAAggggAACCLgUIKDjEorDEEAAAQQQQAABBGIjQEAnNl1NQxFAAAEE EAitAAGd0HYdFfdBgICOD6gUGSwBAjrB6g9qgwACCCCAAAII5CtAQCdfOc5DAAEEEEAAAQQQiKoA AZ2o9iztQgABBBBAIDoCBHSi05e0pHABAjqFG1JCwAUI6AS8g6geAggggAACCCDgUoCAjksoDkMA AQQQQAABBBCIjQABndh0NQ1FAAEEEEAgtAIEdELbdVTcBwECOj6gUmSwBAjoBKs/qA0CCCCAAAII IJCvAAGdfOU4DwEEEEAAAQQQQCCqAgR0otqztAsBBBBAAIHoCBDQiU5f0pLCBQjoFG5ICQEXIKAT 8A6ieggggAACCCCAgEsBAjouoTgMAQQQQAABBBBAIDYCBHRi09U0FAEEEEAAgdAKENAJbddRcR8E COj4gEqRwRIgoBOs/qA2CCCAAAIIIIBAvgIEdPKV4zwEEEAAAQQQQACBqAoQ0Ilqz9IuBBBAAAEE oiNAQCc6fUlLChcgoFO4ISUEXICATsA7iOohgAACCCCAAAIuBQjouITiMAQQQAABBBBAAIHYCBDQ iU1X01AEEEAAAQRCK0BAJ7RdR8V9ECCg4wMqRQZLgIBOsPqD2iCAAAIIIIAAAvkKENDJV47zEEAA AQQQQAABBKIqQEAnqj1LuxBAAAEEEIiOAAGd6PQlLSlcgIBO4YaUEHABAjoB7yCqhwACCCCAAAII uBSQgE7NmjXV9u3bVefOndXrr7/u8kwOQwABBBBAAAEEEEAgmgIEdKLZr7QKAQQQQACBKAkQ0IlS b9KWQgUI6BQqyPmBFyCgE/guooIIIIAAAggggIArAQI6rpg4CAEEEEAAAQQQQCBGAgR0YtTZNBUB BBBAAIGQChDQCWnHUW1fBAjo+MJKoUESIKATpN6gLggggAACCCCAQP4CBHTyt+NMBBBAAAEEEEAA gWgKENCJZr/SKgQQQAABBKIkQEAnSr1JWwoVIKBTqCDnB16AgE7gu4gKIoAAAggggAACrgQI6Lhi 4iAEEEAAAQQQQACBGAkQ0IlRZ9NUBBBAAAEEQipAQCekHUe1fREgoOMLK4UGSYCATpB6g7oggAAC CCCAAAL5CxDQyd+OMxFAAAEEEEAAAQSiKUBAJ5r9SqsQQAABBBCIkgABnSj1Jm0pVICATqGCnB94 AQI6ge8iKogAAggggAACCLgSIKDjiomDEEAAAQQQQAABBGIkQEAnRp1NUxFAAAEEEAipAAGdkHYc 1fZFgICOL6wUGiQBAjpB6g3qggACCCCAAAII5C9AQCd/O85EAAEEEEAAAQQQiKYAAZ1o9iutQgAB BBBAIEoCBHSi1Ju0pVABAjqFCnJ+4AUI6AS+i6ggAggggAACCCDgSoCAjismDkIAAQQQQAABBBCI kQABnRh1Nk1FAAEEEEAgpAIEdELacVTbFwECOr6wUmiQBAjoBKk3qAsCCCCAAAIIIJC/AAGd/O04 EwEEEEAAAQQQQCCaAgR0otmvtAoBBBBAAIEoCRDQiVJv0pZCBQjoFCrI+YEXIKAT+C6igggggAAC CCCAgCsBe0DnnHPOUbNmzXJ1HgchgAACCCCAAAIIIBBVAQI6Ue1Z2oUAAggggEB0BAjoRKcvaUnh AgR0CjekhIALENAJeAdRPQQQQAABBBBAwKUAAR2XUByGAAIIIIAAAgggEBsBAjqx6WoaigACCCCA QGgFCOiEtuuouA8CBHR8QKXIYAkQ0AlWf1AbBBBAAAEEEEAgXwECOvnKcR4CCCCAAAIIIIBAVAUI 6ES1Z2kXAggggAAC0REgoBOdvqQlhQsQ0CnckBICLkBAJ+AdRPUQQAABBBBAAAGXAgR0XEJxGAII IIAAAggggEBsBAjoxKaraSgCCCCAAAKhFSCgE9quo+I+CBDQ8QGVIoMlQEAnWP1BbRBAAAEEEEAA gXwFCOjkK8d5CCCAAAIIIIAAAlEVIKAT1Z6lXQgggAACCERHgIBOdPqSlhQuQECncENKCLgAAZ2A dxDVQwABBBBAAAEEXAoQ0HEJxWEIIIAAAggggAACsREgoBObrqahCCCAAAIIhFaAgE5ou46K+yBA QMcHVIoMlgABnWD1B7VBAAEEEEAAAQTyFSCgk68c5yGAAAIIIIAAAghEVYCATlR7lnYhgAACCCAQ HQECOtHpS1pSuAABncINKSHgAgR0At5BVA8BBBBAAAEEEHApQEDHJRSHIYAAAggggAACCMRGgIBO bLqahiKAAAIIIBBaAQI6oe06Ku6DAAEdH1ApMlgCBHSC1R/UBgEEEEAAAQQQyFeAgE6+cpyHAAII IIAAAgggEFUBAjpR7VnahQACCCCAQHQECOhEpy9pSeECBHQKN6SEgAsQ0Al4B1E9BBBAAAEEEEDA pQABHZdQHIYAAggggAACCCAQGwECOrHpahqKAAIIIIBAaAUI6IS266i4DwIEdHxApchgCRDQCVZ/ UBsEEEAAAQQQQCBfAQI6+cpxHgIIIIAAAggggEBUBQjoRLVnaRcCCCCAAALRESCgE52+pCWFCxDQ KdyQEgIuQEAn4B0Uw+rt379flS9fPueW//TTT6pcuXI5n8cJCCCAAAIIREWAgE5UepJ2IIAAAggg gAACCHglQEDHK0nKQQABBBBAAAG/BAjo+CVLuWEUIKATxl6jzjkJENDJiYuDfRaYO3eu6tSpk3GV ypUrqwMOOEBVrFhRlS1bVpUpU8a6uqZpSgI5e/bsMf7s2rVL1a9fX3311VeqatWq1nGsIBAkgffe e0+9//77qkGDBqpr166qTp06QaoedUEAgQgIENCJQCfSBAQQQAABBBBAAAFPBQjoeMpJYQgggAAC CCDggwABHR9QKTK0AgR0Qtt1VNytAAEdt1IcVwyBp59+Wv3+97/P+1Lr1q1TBx98cN7ncyICfgkM Hz5cDRkyxCq+Zs2aSgI7rVq1svaxggACCBQqQECnUEHORwABBBBAAAEEEIiaAAGdqPUo7UEAAQQQ QCB6AgR0otentCh/AQI6+dtxZkgECOiEpKNiUs1t27aptWvXKhkRZ8eOHeqLL75QDz74oPryyy+T BGQEkquuuko1bNhQVatWTVWoUEE1bdqUaa6SpNhRaoGdO3eqGjVqKJm+zb707NlT/eMf/7DvYh0B BBAoSICATkF8nIwAAggggAACCCAQQQECOhHsVJqEAAIIIIBAxAQI6ESsQ2lOQQIEdAri4+QwCBDQ CUMvxbuOr776qjEdkF1Bpr7asmWLqlSpkn13INcHDx6sPv30U9W3b1/VuXPnQNaRSqUX8KL/li5d qlq0aJF0kY4dO6o5c+Yk7WcHAgggkK+ABHRq1aqlJPB6zjnnqFmzZuVbFOchgAACCCCAAAIIIBAJ AQI6kehGGoEAAggggECkBQjoRLp7aVyOAgR0cgTj8PAJENAJX5/FrcaLFy9Wbdq0cTS7fv36as2a NY59Qd2QYIYENB599FHVp0+foFaTeqUR8KL/9u7da7wwl5F07Eu/fv3U2LFj7btYRwABBAoSIKBT EB8nI4AAAggggAACCERQgIBOBDuVJiGAAAIIIBAxAQI6EetQmlOQAAGdgvg4OQwCBHTC0EvxruNn n32mWrdu7UCQaa2+//57x76gblSpUsWYsouATlB7KHO9vOq/UaNGqTvuuMO6WPXq1ZX8/h599NHW PlYQQACBQgUI6BQqyPkIIIAAAggggAACURMgoBO1HqU9CCCAAAIIRE+AgE70+pQW5S9AQCd/O84M iQABnZB0VIyrGeaAzqpVq1Tjxo2N3iOgE76b2Ov+W7RokTHdTNWqVVW3bt1UkyZNwodCjRFAINAC BHQC3T1UDgEEEEAAAQQQQKAEAgR0SoDOJRFAAAEEEEAgJwECOjlxcXDEBQjoRLyDaZ4yRnBo3769 QTFhwgTVt29fWBAIlECYAzojR45Ud955p+FJQCdQt5WrytB/rpg4CAEEAiRAQCdAnUFVEEAAAQQQ QAABBAIhQEAnEN1AJRBAAAEEEEAggwABnQw4fBU7AQI6sevy+DWYEXTi1+dha3FYAzrykrRZs2Zq xYoVBjkBnXDdefRfuPqL2iKAwP8XIKDDnYAAAggggAACCCCAgFOAgI7Tgy0EEEAAAQQQCJ4AAZ3g 9Qk1Kp0AAZ3S2XPlIgkQ0CkSNJfJWyCsAZ3nnntO9ezZ02o3AR2LIhQr9F8ouolKIoBAggABnQQQ NhFAAAEEEEAAAQRiL0BAJ/a3AAAIIIAAAggEXoCATuC7iAoWUYCAThGxuVRpBAjolMadq7oXCGNA Z86cOapr165q9+7dVkMJ6FgUgV+h/wLfRVQQAQTSCBDQSQPDbgQQQAABBBBAAIHYChDQiW3X03AE EEAAAQRCI0BAJzRdRUWLIEBApwjIXKK0AgR0SuvP1bMLeBnQkReXmzdvVhs3blQHHXSQqlWrVlIF 9u/fr5YvX64qV66sDjnkEFWmTJmkYzLtmDlzpurRo4f68ccfHYd5HdBZs2aN+vzzz9X333+vduzY oWrUqKEOP/xwdcopp+RcZ6nonj171IYNG9QBBxyg6tat66i7bHz33XdG4KhJkyaqYsWKSd+n27Fs 2TK1atUqtXr1arVlyxZVv3591bRpU3XEEUeo6tWrpzstr/2aphkmK1euVOKzb98+dfDBB6sGDRoY f6Tu2ZZi9N+2bdsMa3GUeyzXRe7jJUuWGH0i7axQoYJq3ry5atGihapZs2auxTmOL8Yz4rggGwgg 4KkAAR1POSkMAQQQQAABBBBAIAICBHQi0Ik0AQEEEEAAgYgLENCJeAfTvJwECOjkxMXBYRQgoBPG XotXnfMN6EiA4Q9/+IMRxpHgiYRyJJwjLy9lsQdmVqxYoe6//361YMECI+Cxd+9e4xgJ6UiY5Iwz zlDDhg1LGeiRAyWEMn78ePXee++pRYsWGecm/p/jjz9eHXbYYYm7je2TTjpJ3XXXXSm/S9wpUy/J tebPn68kkJK4NG7cWP32t79Vl19+uWrVqlXi18b2U089paQccTFtJOQjy6GHHqq+/fZbY12CNbff frt644031KZNm4x9Eiq58sor1dixY40wj7Ez4f+sX79eTZo0SU2ePFl9+eWXCd/+vCmut956qzHa UK5BqJ9LUeqHH35QI0aMUC+99JIRBrJ/Z1+XEEvv3r1Vr169jKCQ+Z1f/bd9+3bjWnLvyR+xFkcJ Dski/SRGbhcJYw0fPlxNmzZNrVu3LuVpEkaS9km/1a5dO+Ux5s5iPiPmNflEAAF/BewBnbPPPtv4 /fb3ipSOAAIIIIAAAggggECwBQjoBLt/qB0CCCCAAAIIKEVAh7sAgZ8FCOj8bMFaRAUI6ES0YyPU rHwDOhIq6dy5c1oJCehI0EQCD6NGjbKmozJHkJERX+wBGBmJ5YknnjDCJImFTp8+XXXr1i1xt+tt Offll1/OeLyEi66//nr1/PPPW8cdeOCB6tRTTzVGA5JRf/75z38qGQHIXMaNG6duvvlmc9P67Nev nxHysXbYVqpWrWqMyDNjxgzVs2dPY932tbUqIRAJ+iQu8hfJc889V0noSRYJObVv394Y4UU8//Wv f6mPP/5YmSEoOaZly5ZKRq5JF2CSY9Itr7zyiurTp48R0rEfI6PlSEBp586d6tNPPzXCWeb30pdv vfWWOuaYY4xdfvWfBHJkpKZ0Sy4BHQny3HTTTcYoRGZ59erVM2wliCMhI+l/M4Am98Ytt9yiBg0a ZPSBeY79s5jPiP26rCOAgH8CBHT8s6VkBBBAAAEEEEAAgXAKENAJZ79RawQQQAABBOIkQEAnTr1N W7MJENDJJsT3oRcgoBP6Lox8A/IN6MjILTLSzNatW9Xbb79tTLFkx5IRXuT+f/zxx43dEua57777 VOvWrVX58uWNIIQEP6ZMmWKdZgYhEqfGkr88Pfvss9ZxsjJ69GglI6iYyy9+8Qt1zjnnmJuOzwsv vFDJCDvpljlz5qgrrrjCmM5KjilbtqwRSpFwkT0AsnTpUiN09MEHH1hFPfjgg8YoNdYOfUVGmpk1 a5YxDdTs2bONEIv5vQR05s6dq0477TRjmq527doZbbn33nuNUIt5XKVKlQwjCTSZi4SDZASftWvX Grtk2i0Z9UXKtC9Sz+uuu069++671m6Z8kqu26hRI2tfphUZ8ad///5W/8mx5cqVU4MHDzaCLHXq 1LFOlxfWEia66qqrrH1yHZm2S0bu8av/ZJqzO++807gPpG0SorIvbgI6MhqRWE2dOtU6tXv37uqh hx5KCjTJ1F4SyrEfKwEuCSBJXyQuxXxGEq/NNgII+CNAQMcfV0pFAAEEEEAAAQQQCK8AAZ3w9h01 RwABBBBAIC4CBHTi0tO005WA/l/7syAQaYEPP/xQ5sgx/kyYMCHSbaVx4RTQRz+x7lHzXm3YsGFO jdmzZ4/WrFkzRzn6aC3Gth4w0fRwTcry9MCJ1qJFC8d5+pRMKY9N3Cl1NOsrn/qIPYmHuNr++uuv tSpVqlhl6YESTQ+bpD13zZo1Wt26da3j5dr66Dxpj1+8eLGmB36s4/URb7Rjjz3W2NZHoNH0gJNx 7oknnmgdI2XqISbrO7Pwd955x3GMHKcHocyvHZ9iq4+s4zhen4JK00MtjuPSbeiBKse5euBG00Mw 6Q7X9H+QcxwvdVu4cGHa473qP/MCP/30k9amTRtHHfSAjvl1yk99lCHHOdL3Q4YM0fQX8CmPl51y nRtvvNFxHT10ltRXiQWU4hlJrAPbCCBQuID8BugjaBm/AfoUV4UXSAkIIIAAAggggAACCIRc4Pzz zzf+flyzZs2Qt4TqI4AAAggggEBUBfT/mNb6N339P8yOajNpFwKuBGR6ExYEIi1AQCfS3RuJxnkR 0BEIfTor6y84Es4w/4wZMyaj04gRI6xj5Zzjjjsu4/Hml14FPDp16uS4fu/evc1LpP2UQI7ZPvnU R+9Je6x8oU+V5DheztGngdK++eYb6zx9JBjHMRdddJH1nbkybNgwxzFSzuWXX25+nfSpj6SjVaxY 0XGOmyDT008/7ThHrqOPCJRUvn2HPkJR0jn66Ej2QxzrXvWfvVB9ajFHHbIFdPRRixzH33PPPfbi Mq7rU5s5znVz3xT7GcnYAL5EAIG8BAjo5MXGSQgggAACCCCAAAIRFiCgE+HOpWkIIIAAAghERICA TkQ6kmZ4IsAUV/pbT5ZoCzDFVbT7Nwqty3eKq8S2DxgwQOlhHMdumdbqtddeM6Y5cnxh29DDLkoP o1h7qlWr5pi6yvoiYUWmUFq9erW1Vw+eGNNSWTtcrDz22GOOc2QKJ5mWqUGDBlnP/uUvf6n++c9/ WsfJtFcnn3yytW1f0UeuMaZ5su9LnBpLpq8aN26cmj9/vpJpr3r16qX0EI/9FPX3v//dmIrLvnPk yJFq0KBB9l2OdamTHhS09sl0X9OmTbO2E1d++OEHpY9qpDZt2mR9ddZZZ6k333zT2k61cvXVVzum w9JHCjKm+Eo19ZOc70X/JdZDD9goPcRk7c40xZU+spHhvG/fPuN4fVQktWLFCiX3n5tFfA499FBj mjLz+BkzZqiuXbuam0mfxX5GkirADgQQKFiAKa4KJqQABBBAAAEEEEAAgYgJMMVVxDqU5iCAAAII IBBBAaa4imCn0qS8BQjo5E3HiWERIKATlp6Kbz29CujoU1Ophx56yAE5c+ZM1aVLF8e+xI33339f dejQwbF748aNqnbt2o59iRuFBjx27typ9FFclD7FlFX0mWeeqWbPnm1tZ1pJDIPcdttt6oEHHkh5 ytFHH630hLb1nT7llVq5cqURUrF2uljZsmWL0kf8UYsWLTKOPuqoo9S7776r6tevn/bsa6+9Vkl4 yVz0EYqUPmqSuZn0+bvf/U5NnjzZ2q9P+6Q++eQTpU8fZe1LtSLBnssuu0zp02CpI488Ut1+++3q 97//fapDjX2F9l+qgvURcdTQoUOtrzIFdKQ9EtIxl6uuukpJYCuXpWfPnuq5556zTpH7eN68edZ2 4kqxn5HE67ONAAKFCxDQKdyQEhBAAAEEEEAAAQSiJUBAJ1r9SWsQQAABBBCIogABnSj2Km3KV4CA Tr5ynBcaAQI6oemq2FbUz4DOmjVrMoZHBH3hwoWqbdu2Dn835xUa8HjllVeUjCZjX/70pz8ZwRL7 vnTrEkQ5/fTTra9/9atfqf/7v/+ztu0riQGdjh07qjlz5tgPcb2+Z88etWDBAlW+fPm0I/bYC5PQ lARDzKVp06Zq2bJl5qbjU0JLMpLMrl27rP1S9y+++MLa9mql0P5LVQ+3AZ1U99xTTz1ljFqUqtx0 +/7yl7+ovn37Or6WIJYEp1ItqQI6bu71VPV1c16qOrAPAQQKEyCgU5gfZyOAAAIIIIAAAghET4CA TvT6lBYhgAACCCAQNQECOlHrUdpTiAABnUL0ODcUAgR0QtFNsa6kXwEdmSbKPgVVOuR8wweFBjxu uukm9ec//9lRrSlTpjim23J8mbAhI8bICDzmIiOySFtSLYkBnUyj7aQ63+0+GZXnq6++UuvXrzf+ SB1lhB37qC6ZAjqvvvpq0hRNvXv3Vk888YTbKrg+rtD+S3UhtwGdxOOkLDFKHMkp1TXs+2RKK/mH SPsyatQoNXDgQPsuaz0xoOP3M2JdmBUEEPBMgICOZ5QUhAACCCCAAAIIIBARAQI6EelImoEAAggg gECEBQjoRLhzaVrOAgR0cibjhLAJENAJW4/Fr75+BXTOOOMM9fbbb2cFLVVAp1u3bmr69OlZ6+f2 gMaNGxvTVqU6PjGgM2bMGNW/f/9Uh+a0b/PmzWratGlq6tSpav78+WrDhg1Zz88U0Bk7dqy65ZZb HGWMGDFC/eEPf3Ds82KjlAGdHj16qBdeeMHRjEwj3zgOtG1IqOe0006z7VFKphR75JFHHPvMjcSA jt/PiHldPhFAwDsBAjreWVISAggggAACCCCAQDQECOhEox9pBQIIIIAAAlEWIKAT5d6lbbkKENDJ VYzjQydAQCd0XRa7CvsV0OnUqZN66623snqWKqDTrl07Y6ooewXr16+v6tSpY9/lal2mm5JpqyR4 k2pJDOhIOOQ3v/lNqkNd7ZORcYYMGWKMbLNv3z7HOTIqy8knn6xOOOEEY4QfCfDYg0iZAjp33HGH khFg7IuMMnTjjTfad3myXsqAzqmnnqree+89RzuWL1+uDj/8cMe+bBuLFy9WMnKSfencubN6/fXX 7bus9cSAjt/PiHVhVhBAwDMBAjqeUVIQAggggAACCCCAQEQECOhEpCNpBgIIIIAAAhEWIKAT4c6l aTkLENDJmYwTwiZAQCdsPRa/+sY1oCMhlg8//NDR4cuWLVMSYPF6SQzoSGDm/PPPz+syTz/9tLr5 5pvVtm3bHOdLe+68805jyqUyZcpY340fP17169fP2s4U0JGpt0aPHm0dKytRDOi0bds2aTqyJUuW qGOOOcbR9mwbCxYsUBL0si8XXnihMaqRfZ+5TkDHlOATgfAKENAJb99RcwQQQAABBBBAAAF/BAjo +ONKqQgggAACCCDgnQABHe8sKSn8AgR0wt+HtCCLAAGdLEB8XXKBqAd0ZOonCeK0bt1ayZRC5pJq miM5tn379uYhnn16FdCZMGGCEbbRNM2q2xFHHKEee+wxYwQfa6dtJZeAzrhx45Km3ho2bJi6++67 bSV6s+p2BJ10/ZeqFvfee68aOnSo9dVvf/tbNXnyZGvbXEk1vZlMV9WhQwfzEFefs2fPVmeffbbj 2O7duxtTjjl2/m+DgE4qFfYhEC4BAjrh6i9qiwACCCCAAAIIIOC/AAEd/425AgIIIIAAAggUJkBA pzA/zo6YgP6SkQWBSAvowQB5k2780V+uR7qtNC6cAp9++ql1j5r3asOGDXNuzIABAxzl6NP3uCrj k08+cZwndVizZk3Wc6WOZn3l89FHH015jh4uMY7Tp2lyfD9w4EDH+VKGPvWU4xivNpo3b+64lj6C Ts5F6yO8aGXLlnWUo0/HpX355ZcZy9JDN45z9BF00h6vT4flOFZMrrzyyrTHF/JFof2X6tr33HOP o/56QCfVYdpNN93kOE7amU+fvPjii0nlSNnplmI/I+nqwX4EEMhf4KefftIOPPBA49nXA3r5F8SZ CCCAAAIIIIAAAghEREAfIdj4+3HNmjUj0iKagQACCCCAAAJRE5D3KPIeQP4MHz48as2jPQjkJKBy OpqDYyNw++23a/o0IdrUqVND32YCOqHvwsg3IK4Bnddff936C5n5FzN9hJO8+vuHH37Qtm/fnvZc LwI6+qgvSfV9//33017T/OKBBx5wnGcP6Kxbt0779a9/rY0YMcI4/Pvvv9fKlSvnOF4foccsKqfP vXv3avpIE2nPKWVA55lnnnG0UfpfH2kobV3TfTFq1Kikcl566aV0h2sEdNLS8AUCoREgoBOarqKi CCCAAAIIIIAAAkUSIKBTJGgugwACCCCAAAJ5CxDQyZuOEyMowBRX+ltBlmSBgw46SG3YsEHVqlVL XXfdderYY49V+stcpf8Xy6pKlSqqQoUKSn+JnHxihj1NmjTJ8K1/XzHFlX+2lOyNQFinuDrkkEOU HiixEB555BF17bXXWtvmih74Uw8++KDq27evkimizEWmKTn88MPVypUrzV2qZcuW6t///re17WZF HwFInXTSSer4449XCxcuTHlKoVNcSV2rVq2qdu/ebZUvZX7xxRfWdrqVyy67TD377LPW13pARy1b tszYXrFihZIpsqTsHTt2GPvMoamtE/QVaeMJJ5xg35VxXR/txzi+TZs2Sn4DUy2F9l+qMt1OcSWO DRo0UFu2bLGK0YNKasqUKda2m5WuXbuqV1991Tq0evXqSg9rqUqVKln77CtMcWXXYB2BcArI73Ht 2rXV1q1bjSnu3njjjXA2hFojgAACCCCAAAIIIOCRgPnvCPoIOmrz5s0elUoxCCCAAAIIIICAdwJM ceWdJSVFQCCCoSOaVKCAjESh39qe/5k4cWKBNcvvdEbQyc+Ns4onENYRdFq3bu34nRg5cmRKtEsu ucQ4btiwYUnfJ44uI789M2bMSDou047u3bsb5Xfo0CHtYYWOoKOHiBxtlXr26tUr7fXsXxx22GGO c+0j6Cxfvtz4Tg/oWKfMnDnTcbxcq127dpqMGuF2kWmx5Ly2bdumPcWL/kss3O0UV3KejNQmdTT/ HHDAAdratWsTi0y7/e2332p6WNQ6X8rJ9r8zjKCTlpMvEAiNgPwW1qhRw3j2meIqNN1GRRFAAAEE EEAAAQR8FGAEHR9xKRoBBBBAAAEEPBFgBB1PGCkkIgJMcRWRjvSyGe+++67jhaf58rTQz0cffdTL aroui4COayoOLJHAokWLkp65+vXr51yb/v37O8o544wzXJWxYMECx3nyrMtUS9kWMxhj/jb06NEj 5SmtWrUyypdpjRKX/fv3a6eccorj+hKm0f+Lr8RDU25LmKdMmTLG+ZnCGUceeaTjGi+//HLK8tLt 3LVrl6aPyuIoQ6a8yrYsXrzYcY5Y6SPXWKeZ4azEeeL1UXeSznv44Yet8zKtzJs3TytbtqxxfqZz vOi/xHoMHjzYUW9pR7rlxx9/1BKDUxJ6yjQtl70sOda89+TTTX8U+xmx15d1BBDwRoCAjjeOlIIA AggggAACCCAQHQECOtHpS1qCAAIIIIBAKQRee+01TZ9VxddLE9DxlZfCQyZAQCdkHVaM6urT1Dhe etpfgOa7rk8/o+3du7cY1U+6BgGdJBJ2BExg+vTpSc9cxYoVNQkw5LJceumljnL0KZhcnf7KK684 zpPnXJ9SKeu5o0aNcpynTzmirV+/3nGePfCnT13l+M7c0Kd70urWresoq1OnTpo+/ZF5SMpPcZNg i9T39NNPTzvCjAQ+9On5HOVPmjQpZZmZdp511lmOMipXrqxJwCbdsmbNGu3QQw91nCN1lUDR6tWr jdMmT55sfJ84CoS0XZ/+y3GujBiRbXQhfbo0TZ9O0DjvxBNPTGsiF/eq/+ztv/rqqx11Pu+88+xf J61LOEyflspxzuWXX67t27cv6Vj7jvvvv99xjj5dVtK9Zz/eXC/2M2Jel08EEPBOgICOd5aUhAAC CCCAAAIIIBANAQI60ehHWoEAAggggECpBObOnWv8O/1dd93lW1CHgE6pepfrBlGAgE4Qe6XEderX r5/jxWe+oRzzvFq1amkrVqwoWasI6JSMngunEZCgyvz587XZs2dr48eP14444oiUz5wEQmTUmbff fluTIIOMxmIPLmzbtk37+OOPtffee08bN26cJqEe87kzPwcNGmScL8etW7fOqpEEOeTZePHFF7XE qY7k3NNOO02bNm2a9tFHH2lffPGFdZ59ZevWrVZAxryeTGcl9ZJFpiAyR0jp0qWL/dSkdfnLWWIg RYImU6dOdbRZTly1apV2/fXXW22tV6+eJlNQ2Rc5RszefPNNrU+fPtaxZj0bNmyojR071ugDcRCP bIt4lCtXzlGWTF8lI9YkLpI4N0cOknYkBlckgCRTgkk9pE5//OMfE4swRjE6/vjjHdeTY2XkmMQ0 +8aNG7UJEyZYo/xUq1ZNk5GZMi1e9J+EyCTM9f7772syWk+VKlUc9S1fvrwm05hJUEv6I9XoOHJv HnzwwY7zJNizZMkSR/Ul5Cl9dcEFFziObdasmbHfcfD/Nkr9jKSqE/sQQKAwAQI6hflxNgIIIIAA AggggED0BAjoRK9PaRECCCCAAALFFpB3FvL+Qf6DWnmnkvgOotD6ENApVJDzoyRQRhqjP3AsCPw/ 9s4E/otp///vNmmhtCkVkaVFijZL0UbWlIuEK0W2IlSWn5QWS9aUa1+yZukqZCuFiiwt6BJKSUnR nvbc+Z/X/O+MmflsM5/PzHxmPp/XeTxqtrO8z/OcOTPfz3nN+5gEOnfuLFOmTJEyZcpIjx49RC21 IxUqVNCP1bIporw/mHFT7ShRgHlJLSUjaukR8zjsHSUwkNatW+vFqgls6devX9gmsDwSMAkoDyii BAbmsdcdJbIRJWbQk+E+xf3qNiiPKXLDDTfo0atXry7qBctV0iOOOEKUp5ikcZX3HTnnnHNEiSfM 68qzjCjRjyghkmzevFkfP5QCW4466igzTrKdVatWCcYOJUoSNQFrRoGtzZs3F+VBRhYtWiTz5s0z r5188skybtw4USId8xx2lNBQlPjJdi7dAca4P//8M10U/Rpsu/jii0UtzWWLqwRNAk44P3v2bJPX oYceKu+8845en4YNG4oSqNjS4UAtvyVKhCW1a9dOuAZ+qMvzzz9vKxPjMPJWAiGdyZIlS8y0GLOV sEnU0mHmuVQ7ubbfp59+Kscdd1yq7BPOo5/g2eIMP//8syh1vrzyyis2Ro0aNRIlYBMlQBIlOJLt 27ebSZHPwIEDZciQIaKWHzPPW3eicI9Y7eE+CZBA7gQwjiqPbaJEhqK8j+nvrLnnyhxIgARIgARI gARIgARIIL4E8DsTfm9SXoZFLRke34rQchIgARIgARIggbwRUB8iC+Y5jKCEOnL11VfL9ddfL1Wr VjVOZ7398ccfRX3QracfMWKEDB48OOu8mJAE4k6AAp24t2AA9qslWWT58uX6pLDyMOG5BOVFQfr2 7aunw+Sp8p7gOQ8/E1Cg4ydN5pUrgWeffVZ69+4tytOIQMhStmxZXbCgPLPYxG/QTkLsAUEDRAnb tm3TtxCxWAU6ytOInhcEJsjPyAfpMYmJtFu3bhXl6URuv/12U6CjloQS5dFETwtbIHaAAA8B6ZSn Hj0N0nbt2lXGjx+fsurKg48MGDBAcK85g/IQI2opqoziHGs6vKjhBe3VV1+1CX+scTBOYXyB4C6Z aFAt1SfXXHONWT8IOAw2yMeoI7iCDeoOMYyb8Ouvv8oTTzwhTz75pGA/WVBLaskVV1yhC44wkYyA +mBsNIRRYK48C4labitBYOTMU3khE+VxR9B/duzY4bysH6tlwuSf//ynDB06VBczJY2U5GQu7QeB Ttu2bU3O6EvKa47eJmBs9GEwBl/YnkygY5j13XffyW233SYQDqWqJ9pSeZcS5XVImjRpYiRNuoVA Jwr3SFLjeJIESCArAhhbKNDJCh0TkQAJkAAJkAAJkAAJFCgBCnQKtGFZLRIgARIgARIImQA+/sVH 4tbgl1CHAh0rVe4XOwEKdIq9BzjqjwlUTCwjYNLWi2cEpIGHA3htwMQq0n700Uf6ZC2u5StQoJMv 8iy32AjgBQuCDbzAQXiEsQBec9IJMtIxgrgDnmG+//57Qd4QHcHLDDzHwKNOMmFOuvz8vgb74CUI gkb8W7dundSqVUvUkkuilqYyx1JruRgbMU4iQC2ulgC0Xs64D+EUmCh3kLrnHHgagggKnnSOPvro nMZbv9svY2XSREC9IEpC26OuOIaXpLp16+r9CmI0BhIggeIkQIFOcbY7a00CJEACJEACJEACJJCa AAU6qdnwCgmQAAmQAAmQgHsCTi861pS5CnUo0LHS5H6xE6BAp9h7gKP+8KjRqlUr2WOPPXRvB9i6 DRD3YNIcS9DAkwMmoevUqeM2eWDxKNAJDC0zJgESIAESIAESIIFQCVCgEypuFkYCJEACJEACJEAC JBADAhToxKCRaCIJkAAJkAAJxIRAx44dZfr06SmtzVaoQ4FOSqS8UIQEKNApwkZPV2WsV4w/6o48 8kiZN29euqgJ13r06CEvv/yy7tXi3Xfflc6dOyfEyccJCnTyQZ1lkgAJkAAJkAAJkID/BKwCHSx3 N3XqVP8LYY4kQAIkQAIkQAIkQAIkECMCFOjEqLFoKgmQAAmQAAlEnEA6LzpW070KdSjQsdLjfrET oECn2HtAkvrPnTtXKlasqC+/kuRy0lOPP/64XH755fq1wYMHy4gRI5LGy8dJCnTyQZ1lkgAJkAAJ kAAJkID/BCjQ8Z8pcyQBEiABEiABEiABEog3AQp04t1+tJ4ESIAESIAEokYgkxcdq71uhToU6Fip cb/YCVCgU+w9wIf6L1iwQF8Wa/v27dK+fXv9S+ZSpUr5kLM/WVCg4w9H5kICJEACJEACJEAC+SZA gU6+W4DlkwAJkAAJkAAJkAAJRI0ABTpRaxHaQwIkQAIkQALxJuDWi461lpmEOhToWGlxv9gJUKBT 7D0gx/rv2rVLWrZsKV9//bXsu+++8tVXX0nNmjVzzNXf5BTo+MuTuZEACZAACZAACZBAvghQoJMv 8iyXBEiABEiABEiABEggqgQo0Ilqy9AuEiABEiABEogvAS9edKy1TCXUoUDHSon7xU6AAp1i7wE5 1n/IkCHmclbjxo2Tnj175pijv8lHjx4tDz30kPz00096xrVq1ZKqVav6WwhzIwESIAESIAESIAES CI3AwoUL5a+//tKXZK1Xr15o5bIgEiABEiABEiABEiABEogigWXLlsnmzZsFHs0bNmwYRRNpEwmQ AAmQAAmQQMwIbNmyRZYuXZq11U6hDgU6WaNkwgIkQIFOATZqWFWC15wWLVrI7t27pWnTpjJv3jwp WbJkWMW7Kuemm26SUaNGuYrLSCRAAiRAAiRAAiRAAiRAAiRAAiRAAiRAAiRAAiRAAiRAAiRAAiRA AiRAArkTqFu3rnz44Yf6x3aHHXaYnuGIESNk8ODBuWfOHEggpgQo0Ilpw0XB7JNOOkmmTp2qm/Lu u+/KySefHAWzbDaMGTNG/vWvfwmUmQh16tSRatWq2eLwgARIgARIgARIgARIID4EFixYoP9Rjy9x 6tevHx/DaSkJkAAJkAAJkAAJkAAJBEBgyZIlsmnTJt2DTpMmTQIogVmSAAmQAAmQAAkUG4E///xT Fi9enHW1K1WqJP3795frrrtOKleurM/TUqCTNU4mLDACFOgUWIOGVZ0pU6ZI586d9eL23Xdf+e23 36REiRJhFe+pnC+++EJat26tpxk7dqz069fPU3pGJgESIAESIAESIAESiAaB//73v1KlShXZuHGj dOrUyRSLR8M6WkECJEACJEACJEACJEAC4RM444wzZPLkyfrk1/r168M3gCWSAAmQAAmQAAkUHIH2 7dvLRx995LleTmGOkQGXuDJIcEsCIhTosBdkReDYY4+V2bNn62l79+4tTz31VFb5hJGIAp0wKLMM EiABEiABEiABEgieAAU6wTNmCSRAAiRAAiRAAiRAAvEiQIFOvNqL1pIACZAACZBA1Al8/PHH0q5d O09mphLmGJlQoGOQ4JYEKNBhH8iCwLfffiuHH364mXLixInStWtX8zhqOxToRK1FaA8JkAAJkAAJ kAAJZEeAAp3suDEVCZAACZAACZAACZBA4RKgQKdw25Y1IwESIAESIIF8EPDiPccQ5lx77bWyzz77 pDSXAp2UaHihCAnQg04RNnquVcZ6gaNHj9azKVmypL7EQMWKFXPNNrD0FOgEhpYZkwAJkAAJkAAJ kECoBCjQCRU3CyMBEiABEiABEiABEogBAQp0YtBINJEESIAESIAEYkIAy1pBoJMpuBXmGPlQoGOQ 4JYE6EGHfcAjgZ07d8p+++0na9eu1VPWq1dPli5d6jGXcKNToBMub5ZGAiRAAiRAAiRAAkERoEAn KLLMlwRIgARIgARIgARIIK4EKNCJa8vRbhIgARIgARKIHoFM3nO8CnOMGlKgY5DglgQo0GEf8Ejg 1Vdfle7du5upTjrpJHn//ffN4yjuUKATxVahTSRAAiRAAiRAAiTgnQAFOt6ZMQUJkAAJkAAJkAAJ kEBhE6BAp7Dbl7UjARIgARIggbAIpPOek60wx7CdAh2DBLckQIEO+4BHAqeddpq88847Zqqrr75a xowZYx5HcYcCnSi2Cm0iARIgARIgARIgAe8EKNDxzowpSIAESIAESIAESIAECpsABTqF3b6sHQmQ AAmQAAmERaB69eqyZs0aW3G5CnOMzCjQMUhwSwIU6LAPeCCACZF99tlHNm3aZKYaO3as9OvXzzyO 4g4FOlFsFdpEAiRAAiRAAiRAAt4JUKDjnRlTkAAJkAAJkAAJkAAJFDYBCnQKu31ZOxIgARIgARII g4DTe45fwhzDdgp0DBLckgAFOuwDHgh8++23cvjhh9tSvPzyy7Ylr2wXI3JAgU5EGoJmkAAJkAAJ kAAJkECOBCDQqVq1qmzYsEE6deokU6dOzTFHJicBEiABEiABEiABEiCBeBOgQCfe7UfrSYAESIAE SCAKBNq3by8Q6UCYc+GFF8qIESN0pw1+2UaBjl8kmU8hECihqVAIFWEdgifw5JNPSp8+fWwFvfXW W3L66afbzkXtgAKdqLUI7SEBEiABEiABEiCB7AhQoJMdN6YiARIgARIgARIgARIoXAIU6BRu27Jm JEACJEACJBAGAQhzunbtKv3795drr73WV2GOYT8FOgYJbkmAHnTYBzwQuPTSS+Wpp56ypZg+fbpA VRnlQIFOlFuHtpEACZAACZAACZCAewIU6LhnxZgkQAIkQAIkQAIkQALFQYACneJoZ9aSBEiABEiA BIIiMGXKFGnZsmUgwhzDZgp0DBLckgAFOuwDHggcc8wx8tlnn9lSQPyCQTvKgQKdKLcObSMBEiAB EiCBeBLYvn17ToaXLFlS9thjj5zyiEtiOOxcs2aNrF27Vv+3bt06cx/n6tWrJ5dddpmr6lCg4woT IxUxAdwj1vsN95j1njv++OPllFNOKWJCrDoJRI8AnpO7du3y9F6we/duvSKlS5f2XCGME3gPSRdg D/IuUaJEumhZX4vTWOXne0zWwJiwYAj89ddfaZ/TF1xwgTRp0sRzfQtVoBMUL8+AmYAESIAESIAE SCBnAhTo5IyQGRQQAS5xVUCNGXRVDjnkEFm8eLGtmG+//VYaNWpkOxe1Awp0otYitIcESIAESIAE 4k1gx44dsueee+ZciYoVK0q1atVk3333lRYtWuheCU844QT9XM6ZRyiD7777Tho3bpzSIiyXimVT 3YQZM2bIySefLNu2bROwggteBhIggb8JfPrpp3Lcccf9fcKxh4m/F154wXE2+eGsWbPkk08+kVq1 aslpp50mVatWTR6RZ0mABHIiMGfOHP3Dp1KlSkn58uWlXLlygn2IaAyBDCapIZqBQBj/INAZNGiQ 3H333Z7KHjJkiIwYMULKli0rFSpU0LcoCwFl7Ny5U7Zu3ao/Z7///ns57LDDPOXvNnKcxio/32Pc 8olaPD4P/GsRfJ3euXPnlBleccUV8sgjj6S8nupCoQp0guKViiPPkwAJkAAJkAAJBEeAAp3g2DLn +BGgQCd+bZY3i6tUqSLr16+3lf/DDz/IoYceajsXtQMKdKLWIrSHBEiABEiABOJNAJNiNWvW1L3A +F0TTMZ169ZNBgwYIPBeWAjBr4ktTChiYtEIZcqUkfnz56cV/xhxuSWBYiHg16S3836rXLmyYII2 ndiuWBizniTgNwF8CIUPnyDA8RKyEeh07NhRsFS5mxAHgU4YY5Vf7zFumEcxThiMo1jvoGwKSnBC gU5QLcZ8SYAESIAESIAE/CJAgY5fJJlPIRCgQKcQWjGEOsD9MNwbw7WvNVCgY6XBfRIgARIgARIg gWIhgCVkVq1aJZs3b5YlS5bI6NGjBV/AO8PDDz+se7MwlrOC9x3j6/dffvlFZs+erf9bsGCB/uW6 NT2+rn3mmWd07xXW83Hbx9f4mOQDK3jAue222/Qv9I16uPGgg6/5K1WqpHsMMNJh26NHD3nppZes p7hPAkVNAN6l8KPXpk2bZNq0abqnDPwtZwQ3HnR4vxm0uCWB8AjgnQAfRC1btkzGjRsnEydOTFp4 r1695Oyzz5Y6dero7wfVq1dPGi/Vyblz58ry5cvlySeflLfffjshGvKGUBiCIfwz3l8SIuZ4Ik5j lR/vMTniyltyPg/8R79lyxbdO/nGjRvlvffekzvvvNNWCD3o2HBIULzspfCIBEiABEiABEggDAIU 6IRBmWXEhQAFOnFpqTzbCVfHydY2/+mnn+Sggw7Ks3Xpi6cHnfR8eJUESIAESIAESCB3Al9//bU0 a9bMlhG8D65du9Z2LtUB4g0bNkwg6MF7lxGwBNaLL74oJ510knEq9ts+ffroE4NGRdwIdCDwadiw oZHE3LZv3961JwAzEXd0AoMHDxb02379+qVdaiFMXFG0Kcz6B1HWueeeK6+99pqZtRuBDu83E5e5 w75pouBOSASwnOP7779vKw1LY0J8Zyx7ZbuYxcFZZ51lCoH22msvfR8edvIR4jRWZfMekw+mKDPX sYvPg+Bb7pRTTtGFOkZJFOgYJJJv/eKVPHeeJQESIAESIAESCJIABTpB0mXesSOgPKIwkIArAk2a NIH7HPOfcnOuqSUeXKXNZ6TPP//ctHns2LH5NIVlkwAJkAAJkAAJFCgB5U3HfN8w3pfUMqCea/vc c89pauLNlleFChU05WHHc15RTXDHHXfY6qcEOhlNVZ6HtPLly9vSgXP//v0zpmWE5AQaNGig83z8 8ceTR8jD2SjalAcMvhZ544032u4bJdDJmD/vt0RE7JuJTHgmWAJffvml7d413i2mTp3qW8H33HOP WUa+nwVxGquyeY/xrdE8ZpTr2MXngUfgWUS/6qqrzPsQ97kS6GSRi6bhfRrp8VttIQe/eBUyI9aN BEiABEiABKJKQK3IYr73qGVUo2om7SKBUAhgySIGEnBFQC3BoB1xxBH6pNEhhxyiKZfLrtLlOxIF OvluAZZPAiRAAiRAAoVP4Pfffzf/yDQm0Q477LCsKu784Rn54d1rw4YNWeUXtUT333+/jZUbgQ7q cNddd9nSKe+O2sKFC6NWvdjYU65cOZ1nvidlrcCiaJPVvjjuDx061HbfuBHooJ7O+0151yjq+419 M469P/42t2jRwnb/4n1ALT/lW8WM/DKr0HgAAEAASURBVNu2betbntlmFKexKtv3mGzZ5JLOj7GL z4NcWiBz2uuvv952n1Ogk56ZX7zSl8KrJEACJEACJEACQRCgQCcIqswzrgS4xJX6hYPBG4Fdu3ZJ mTJlvCXKY2wucZVH+CyaBEiABEiABIqEwB9//CE1atSw1VYJdARLA3gNWEJUed+R//73v7akaoJE 1BfmtnNxPHjggQdE/bhumu5miSsj8ty5c0VNJMq2bdvkuOOOk1mzZhmXuPVAYMWKFVK3bl09hRLo CJbryHeIok35ZuJH+bfddpu+fJ6Rl5slroy48+fP15fYUV68pEuXLnLAAQcYl4pqy75ZVM0dqco+ /fTTcskll9hswtLjP//8s9SuXdt23uvBnDlzpGXLlnqyCRMmyD/+8Q+vWfgaP05jVS7vMb5Cy5CZ n2MXnwcZYOdwecCAAaJEX2YOXOLKRJF0xy9eSTPnSRIgARIgARIggUAJcImrQPEy87gRiKuyiHaT gFsC9KDjlhTjkQAJkAAJkAAJZEvATw86sOHggw+2fU2r/sbQTjnllGzNi1S6XL48/+uvv3TX/eDR sWPHSNUrTsbceeedZv+KigedKNoUpzZNZWu2XilS5VeM59k3i7HVo1HnLVu2mM88PPeMf7ivcw29 e/fW89tvv/009RFWrtnlnD5OY1Uu7zE5g/KQAccuD7DyGNUvjzDFssSVX7zy2OQsmgRIgARIgASK lgA96BRt07PiSQjQg476hYOhsAnQg05hty9rRwIkQAIkQAJRIOCnBx3UR4lPZPr06baqqSVmRC1z JSVLlrSdj9tBLl+ew6tQ1apVdQ5g9MEHH8St+nm3FwyVAEyWLl2q2xIFDzpRtCnvDeWTAbl4pfDJ hFhnw74Z6+YrCOP79+8vY8aMsdVFiWpk2bJlAm862QS8S8ADz9atW2XIkCE2L1vZ5OdHmjiNVbm8 x/jByk0eHLvcUIpGHL88wpxxxhkyefJkqVy5sqxfvz4alQvACr94BWAasyQBEiABEiABEshAgB50 MgDi5aIiQIFOUTV3cVaWAp3ibHfWmgRIgARIgATCJOC3QKd169aCdxhrKFWqlOzYsUOwjXPIZWIL E04U6OTW+i+//LL06NHDzCQKAp0o2mQCivlOnCa9o4iafTOKrVJcNi1cuFAaNWqUUOlclqWC4AfC H7xPYLmsOnXqJOQf9ok4jVW5vMeExZVjV1ikcy/HL8EJBTq5twVzIAESIAESIAESCJYABTrB8mXu 8SJAgU682ovWZkGAAp0soDEJCZAACZAACZCAJwJ+CnR2794te++9t2zbts1mw4EHHihLliyxnYvj QS4TWxTo5Nbi8Mp02mmnyfbt282M8i3QiaJNJpwC2InTpHfUcLNvRq1Fitee9u3by0cffWQDkIsX OQh+IPzp2rWrTJw40ZZvvg7iNFbl8h4TBl+OXWFQ9q8MCnS8sfSLl7dSGZsESIAESIAESMAPAhTo +EGReRQKAQp0CqUlWY+UBCjQSYmGF0iABEiABEiABHwi4KdA55tvvpGmTZsmWHb99dfLfffdl3De y4nffvtNvvvuO/n111/lzz//lEqVKgmEP8ccc4yUKFHCS1Yp40L8gXLg7QdLKTmX4MhlYssq0Dn2 2GPllVdecf3lP+xZs2aNlC1bVqpVq5Zg//Lly3XhygEHHCB77LFHwvVMJ4Jkq5Yq1tvtl19+0dnu 2rVLatSoIbVq1dL/weZM4e2335bu3bvLli1bbFHzKdAJ0yb0nQULFgjaGW1VpkwZOeyww6Rhw4b6 chA2KHk+8KO9jSr4Mem9adMm/d7BfZGNpw2/7w20JZbvWLt2rVSvXl322Wcfo7rmFkJHCBrLlSun 2+x1fAuzb5pGc4cEUhDAs+68886zXUWf/v777+XQQw+1nc908PHHH0u7du30aO+//76cdNJJmZKY 1xcvXiwrVqyQlStX6ktN1qxZU+rXry8HHXSQYBnOXEIUxirD/iDfY4wysA2CZ9BjV67PA9Q7yOdx GM8H1MHP4FZwgvdYeLwqX7580udath50guiHVj5YSm/u3LmyevVqc+mtevXq6eMG3l/xd8LOnTvl xRdflBYtWkiTJk2syRP2/eKVkDFPkAAJkAAJkAAJBE6AAp3AEbOAOBFQP/4xkEBBE/j88881dU/q /8aOHVvQdWXlSIAESIAESIAE8kPg999/N983jPcONfmflTFXXHFFQl777befpkQ1WeWHROPHj9eU CEdTE3oJecPeunXrajfddJP2n//8J6sy1ISfdtlll+n5GPXHds8999RatWqlXXnlldpnn32m533/ /ffbbDj99NNTlqkmgrRu3bppxx9/vNa4cWNt3333taW94IILkqZ95plntM6dO2vNmzfX1I//WsWK Fc10+++/v5lGiTU0NempValSxbyuRAga2kBN0Jnx0u0EyVZNZmhXX321pkQRpn1WvsY++tpdd92l KSGEzdRFixbp6Y888siU6Zs1a6YpLwpJ/91+++22/Pw4CNsmNZmsXX755Ql9x2CHrRI66f1fCT78 qGLWeeTa3skKHjp0qK3tU90zSJvsflNCJjN9urTJyvbj3lCCRU1NOmpKkKcpIYKmlrjTSpYsadqk BGZm0UqQo/Xp00dDn8Z9bLSxEulohx9+uNavXz9t3bp1ZnznTth901k+j0kgFQE1MZ90DLvuuutS JUl5Xgk19XtDCWg1JWZIGc+4gPebESNGaHjOGPdUsq0S/WhvvfWWqzyNvK3bfI5VsCOo9xhrHbEf BM8gxi6/nweou9/P4zCfD7A/qKAE+LZ7C++gRlDiGa1Xr14a7le1JJ0ZD881JWSxPdfwPo17s3Ll ykbylNsg+qGzsHfffVdTnr4063uEc+zAe/3gwYO1Nm3a6LZ36dLFmU3CsV+8EjLmCRIgARIgARIg gcAJ/PDDD+b7DP7GYCCBYiYgxVx51r04CFCgUxztzFqSAAmQAAmQQD4J+CXQUd5lzD9WjR+x1Vfp 2ldffZVV9TAZbUzGGfmp5bM0tcyRdvHFF+vCF/Xlqq3MBx980HVZqPeFF15oS49ylGcefTIPk+lG uZhYGDZsmHbPPfeY53AtnUBHeSayxTXyMrapBAPXXHNNynQVKlTQ64eJRKtwx8jT2Pbs2TMth6DZ vvHGG5rykpNQDwiOTj31VA2TocpziO064isvMabdb775pu26UTe3WzcTJWZhLnfCtOn555/XJ6qs 9cVkEOqF/o8JIavYA/cGJonV194ua+NfND/aO5k1Xia9s73fnOX6eW8oDx9p+zAEOspbjt5uEAQa ba08ZWm1a9dOECXiHpk8ebLTZP04zL6Z1ACeJIE0BP7v//7P7N9GP8czwMt4tWrVKnOyHM/iTAE/ oCsve2a5EAXg2QPRI0S5EM5ZxXCwSy2fpS1dujRT1gnX8zFWwYig32OsFQ2KZxBjl1/PA6P+QTyP w3w+GPUIYptMcPLXX39pylOMZn1Hz/RccyvQCaofGmzwTIaoyBinsD3uuOP0MQPCb+UNVEOdGzRo YIuDeMqjl5FNyq1fvFIWwAskQAIkQAIkQAKBEaBAJzC0zDiGBCjQiWGj0WRvBCjQ8caLsUmABEiA BEiABLwTyFWgo5Ze0kaOHGkTC+CHarUUk/bBBx94N0ilmDZtmj5BbfxADiECJtVgqzUsXLhQ965j xMP23nvvtUZJug8vNVYBDtJBDIR3L2tQbu01iF2s+Vv30wl01DJcugcYiCnUEhoJeaQS6Lz++ut6 XSHEUEsB2NJBoAObsIUd8PAzc+ZM/Stfq12Y7E/lRSdItps3b9YuueQSm80QN2HyEv3EGjCB89RT T9niQpRgeEXAjx9q2RDbPwi+rPXEBKszjnE8f/58a3G+7IdhE/r4WWedZasnPDElmzRetmxZQty2 bdtqGzZs8KW+mTLxs72TleVl0jvb+81art/3hlrCR7vqqqs03OvwJGbtu9h/7LHHbPcLPGfNmTNH U8vA6WappbC0s88+25YOHrOSedIJo29aWXGfBLwQwPhlFRQa98LTTz/tOps77rhDvxfwfHM+T5yZ 4B5SS1iZ9w6EtxgjnAHvECeccIIZD3bheQ1vKV5C2GMVbAvjPcZgECTPIMYuP54HqHuQz+Mwnw9G OwaxdQpOLr30Ut27o3GPu32uIR7SpPOgE2Q/NNhYPWXCy8/s2bONSwlbiHWs3j2zEehkyyvZe0CC gTxBAiRAAiRAAiTgKwG8txrvOPSg4ytaZhZDAhToxLDRaLI3AhToeOPF2CRAAiRAAiRAAt4JJBPo YDkWfEXq/IdJDyzFMmvWLO3VV1/VxStWzw/GH6v4+jTTBFoqS3/66SebMAU/fo8bNy5VdH1pJIiB jLKxhUePVMHpBQfxM/1xPWHCBFMUYy0nnUDHWj7EKM6lmlIJdKzp4H3IOqlpLAsAG7Bs1saNG/Xo LVq0sNUfXy0b16z5Bc3WmGAxGEFwM2PGDKsJtn0s/2PENbbz5s2zxbEeOEUO1iWCrPHC3PfTpp07 d9r6Cfr+kCFDTNFSsnqhb/Xt29fGsWnTpknbP1n6XM4F3d5eJr2t9cjmfgv63sAyP1jmw+jn2Nar V08/hmcBLKmVLGAMbtiwoS0dPBO4CX72TTflMQ4JpCMA73fW/o/9li1bpktiXsM9bdwvF110kXk+ 1c5HH32UUBYEcckC7rHWrVvb4mNJrC1btiSLnvRcmGMVDAj7PSZsnn6OXdk8D8A4zOdxPp4PqKMf wSnQMe7xdM81tInzuWYI2dMJdILuh1g61hDGQwiPv3cyhSeffNIcO7IR6GTLy+17QCb7eZ0ESIAE SIAESMA9AQp03LNizMInQIFO4bdx0deQAp2i7wIEQAIkQAIkQAKBE0gm0DF+MPayhXcTCHPSfW3q pjIdOnQwf+xG+cgzU4Agx2orPKskC/BOYV3SAgKIf/3rX8miJpx75ZVXbGWgPLcCHWTmXLrKjUAH 6bCskbVu2MdSNz///DMu6+Hmm2+2xenatatxybYNku2zzz5rswF2YgmHdKFZs2YJaSCGShX8nLRL VYbX837aBO8/1rbGpK/b4Oxfbu4bt3knixdGe2c76Q17+/fvb2OZ6X4L8t4w+PXu3dtmk9HWWB4w XYCHMiMutkcccUS66OY1P/ummSl3SCBLAliezdqPjX08lzMFa1o37xjDhw9PKAtLWqYK8GZifTeA bV4EoGGOVfl4jwmbp99jl9fnAfpJ2M/jsJ8Pqe4Fr+dTCXS8PtewTCfuu3QCnaD74XPPPWeOG/BQ 6SbA66OxlF4uAh2vvNy+B7ipA+OQAAmQAAmQAAm4I0CBjjtOjFUcBCjQKY52LupaUqBT1M3PypMA CZAACZBAKASSCXTgtQVLqTj/OZcYMibYsD3ggAP0JVvwZWy24YknnjB/HEeeWB5p5cqVrrKDKMdq j3MSD8vxHHLIIbY4WEbKS8BSQ9YyvAh0br31VlvaTIIBwy54M7KWiX3nMl5w+49zWA7n7rvv1lav Xm0kN7dBskV56CtWOzt16mSWnWrHuRwWPASlW57J70m7VHZ5Oe+XTViSq0yZMiZDeIVCn3Ub1q5d m+DlCZPaQYSw2juXSW94HrL2x3T3W5D3hpX/ddddZ7MJ9sELkbGsmzWudX/SpEm2dBUrVrReTrnv V99MWQAvkIAHAng3wHuC9b7EPoQJmQKetYgLUaebYJ1oN8q766670iZ1etE588wz08a3XgxrrMrX e0zYPP0eu7w8D9Cu+Xgeh/18sPbfXPaTCXTcPNecwnp4fsS9mk6gE3Q/vPHGG83xCYIh/H3kJtxw ww16umwFOtnwwt9jDCRAAiRAAiRAAuESoEAnXN4sLdoEKNCJdvvQOh8IUKDjA0RmQQIkQAIkQAIk kJZAMoEOlndIFbB0EpZeGjZsmIYljIzJL2OLSa7169enSp7yPJaTqFSpki2/jh07pozvvOCcgBk4 cKAtSr9+/Wx5w94pU6bY4mQ6uPLKK215eBHoOO1LJxiw2oG2MNhiC/HUihUrrFEy7gfNFp4JrDbC M1G6paoMgyH0QBtDmNKoUSPtmWeeMS4l3fo9aZe0EI8n/bLJ6U0I4iWv4bzzzrO1Q5s2bbxm4Sp+ WO2dy6S327RB3xtWoMkmMt9++21rlKT7WFLQen9hH4KsTMGvvpmpHF4nAbcEbr/99oS+jCVl0r0z wFucsdRjqmWqnOUjP+uykhC6/vbbb85otuPLLrvMZpsXDxVuxxtbgf878JI2X+8xYfP0e+zywhjN ko/ncdjPh2R9MZtzftqNZ1s6gU7Q/dDZT5o3b659+eWXGbHg3RW2n3XWWRnj+snLzXtARoMYgQRI gARIgARIwDUBCnRco2LEIiBQAnVUL8EMJFCwBL744gtRk1x6/caOHSvqB5mCrSsrRgIkQAIkQAIk kB8Cf/zxh6glk2yFK1GIqCUfbOeSHajJbbnqqqtEfdVqu6yEAaLEL6I8otjOpzt48803RX2xboui vMHIoEGDbOdSHcyYMUNOOOEE87L6oVz+/e9/68fKw4xeR+WdxbyuvOmI+gNblJjEPJdpB3V95JFH zGhKoCNvvfWWeZxuR/3wL8o9vxlFCXTkhRdeMI9T7TRo0EC307jevn17mT59unHoahsk261bt4ry 9iLbtm0zbYHNCxcuNI/92lGCMFEelczs1BIk0qdPH/M4Hzt+2KTETKImgmzmjxs3Tnr27Gk7l+lA LdeW8PcC+rianM6U1PX1MNtbLTEiSgho2ub2nkECt2mDvDdMw/+3M2DAALn//vttp5VoQGrWrGk7 5zxI1j/cpPOjbzptcXuMMffjjz8WbAsh7N69W7Zv3y7Ke1EhVEevw1FHHSVqCcVQ67Nq1SrZf//9 E/rF6NGjRS1DlNSWW265Re644w5RHi308b9ChQpJ4zlP7tixQ9TkuijPHHL00Uc7Lycc497EPWqE +vXry+LFi43DtFu3402yTNymzfd7TJg8/R673DJG+yQbb8N4Hof9fEjWF7M556fdKF8JdEQJcVKa EmQ/xN8typtNQtlnnHGGnH/++dK4cWPB+60Sldvi4PkwdepUcTOm+snLzXuAzVAekAAJkAAJkAAJ 5ETgxx9/FPxWijBixAgZPHhwTvkxMQnEmkARiJBYxSInQA86Rd4BWH0SIAESIAESCIGAVw86TpOw PAuWglB/WNj+KTGLM2ra42Rfhk+YMEFTP3y7+oelsKw24Ot5I8BTjvUa9uFtxGuIggcdp2cgN3UI ki08gDjZ9urVy41ZnuP4/VW9ZwOSJPDDJudX2+A5c+bMJKWlP6XEYgltMWrUqPSJPF4Ns72dXNx6 nUKV3KYN8t5wonV+OV+rVi1nlKTHc+fOTWjXTN5AkJEffTOpQS5Ovvvuuwk2O8cJHtufmWHzmDhx oouW9D/Kueeem9A31KR30oJ27typKRGRHr9v375J42RzctmyZdoHH3ygjR8/XhszZoymflzX2rZt a7NLCXRcZ+12vEmWodu0UXiPSWY/zvnN0++xyy1j1MUZN6zncdjPB9TVj+Cn3WCdzoNOJntz7YdY Qk4JZm3jgHNchsdH/H2hhDb6GKIEQ5nMsl33k5eb9wBb4TwgARIgARIgARLIiQA96OSEj4kLjAA9 6Ki/FBgKmwA96BR2+7J2JEACJEACJBAFArl40DHsRx516tQRNZlmnJK99tpL/9rdrceBLl26uPZG YxaSZqdu3bryyy+/6DGSeRa57rrrErxZpMlOvxQFDzoPPPCAXHvttZlMtV0Pki08H4ClNYwcOVLg 9cDv4PdX9X7Y54dN3bt3l1dffdVmTjaeb5SoR44//nhbPpdffrk8+uijtnO5HITZ3l68Hjjr5DZt kPeG0ybnl/Pt2rWTDz/80Bkt4TiZRwc3X8770TcTjHF5YtGiRaKW9XMZO/rR1MSt7vWlSpUq0TfW pYXojy1atHAZ279oH330kcATnDNMmzZNOnToYDuNcRHjI8J//vMf3YOFLYLLA3jkmDRpkrz++uvy 2WefyZo1azKmjJoHnSi8xxjQgubp99jl9nmA+uXreRz288Foy1y3ftoNWzJ50LHaG0Q/VCJkwXuB +vjAWlTKfXghg4eviy++WNRSfCnjGRf85OXmPcAol1sSIAESIAESIIHcCdCDTu4MmUMBESgwwRGr QwIJBOhBJwEJT5AACZAACZAACfhMIFcPOoY5J554YsJXp2oJJ+Nyxm3Lli0T0uNLVuVS3vO/pk2b akrEYpZ58803J+Stls8yr7vdiYIHHTVh6dZcM16QbG+88cYEtg899JBZtp87fn9V74dtftikloRL YLhkyRLP5s2fPz8hH7Vcg+d80iUIs72dngyC8KAT5L3h5Oj8cl6JEZxRkh7H0YNO0orwJAn8jwA8 5qifJm3/zj777AQ+SsSmx4F3m2zC6tWrNSVS1OD1wlkePFh169ZNU+7ptaeeekpTy9jY4kTNg04U 3mPC4unHc9XaX7w8S/L1PA77+WDlk8u+n3bjHnXjQSfofghvhBgfnGNGuuNjjz1W27hxY0aUfvKi B52MuBmBBEiABEiABHwlQA86vuJkZjEnIDG3n+aTQEYCFOhkRMQIJEACJEACJEACORLwS6DTp0+f hB+zvSzH1Lp164T0ixcvzrF2/z+58wdx/MiejYgkCgIdTBx4DUGyVV8DJ7RbNmzd1MnvSTs3ZWaK 44dNRx11VALDBQsWZCo64bryvpmQD5af8zOE2d5eJlWddXSbNsh7w2mTcxyiQMdJiMfFQkB54koY qyCiwVKVRvjuu+/MOC+99JJx2vV23Lhx2t57723mYUyuH3300dobb7yhYXlOa3jwwQdtcaMm0HGO H2G/x4TJ04/nqrVt3T4PkCZfz2Nn+wb9fLDyyWXfT7vRpzMJdMLqhxs2bNDuvfdefTkr5RnHNjYY Y4lzizbDsnzpgp+8KNBJR5rXSIAESIAESMB/AhTo+M+UOcaXAAU68W07Wu6SAAU6LkExGgmQAAmQ AAmQQNYE/BLowGON88fqU0891bVd5557bkJ6tRSF6/TpIqploRLyHj58eLokSa/FVaATJNtkE63Z sE0K3HHS7aTd7NmzNdillg9y5OD/oR82OT034D5Sy1V5Nnbq1KkJ/RweIvwMYba3l0lVZx3dpg3y 3nDaFPbEnB9901kHHpOAHwTU0jRa+fLlE8Yr67Ojf//++vUaNWpoO3bs8FTsmDFjtBIlStjyP+ig g7Tp06enzCfqAp18vseEzdPvscvt8wCdI1/P47CfDylvBI8X/LQb7z7pBDph90MDBcYrtQSfdt99 92nnn3++ppbQtY0t1r99nn76aSNZ0q2fvCjQSYqYJ0mABEiABEggMAIU6ASGlhnHkAAFOjFsNJrs jQAFOt54MTYJkAAJkAAJkIB3An4JdJJ51vDyBfoNN9yQ8IN3Nss5JSPw+uuvJ+R99dVXJ4ua9lxc BTpBsp00aVIC2969e6flmO1Ft5N2t956q25T3759sy3KdTo/bEJftE7wYD8bT0mvvfZaQj7Z9PN0 lQ+zvb1Mqjptdps2yHvDaVPYE3N+9E1nHXhMAn4RwHPCOe5h4nv37t3ali1b9Il6XL/ppps8FQnv Y06PF1WrVtXwg3q6EHWBTr7eY/LB0++xy+3zAP0jX8/jsJ8P6e4FL9f8tBv3eyqBThj9ECLnTp06 aVOmTMmIAEuKXnLJJVqpUqVs41irVq3SpvWTFwU6aVHzIgmQAAmQAAn4ToACHd+RMsMYE6BAJ8aN R9PdEaBAxx0nxiIBEiABEiABEsiegF8CHUMUYZ1www/Xbr98f++992w/ciMfiH6yCajT5s2bzaTL ly9PmLDr0qWLed3tTlwFOkGy/fXXXxMmKOCpIJuApQGcy45Y8/F70s6ad7b7ftj04osvJvR9fCnu NYwaNSohn4kTJ3rNJm38MNvby6Sq02i3aYO8N5w2hT0x50ffdNaBxyTgF4FkS/LhuY8x66mnntLH Mghtli5d6qlIPNut7yHY/+STTzLmcc8999jSWQXGq1ev1v7xj39oI0eOTJqP2/EmWWK3afP1HpMP nn6PXW4Zo33y9TwO+/mQrC9mc85Pu3GvphLohNEPjbpApOM2QDhXtmxZc+woV65c2vdYowxjjIrL UmZueTAeCZAACZAACRQyAQp0Crl1WTevBCjQ8UqM8WNHgAKd2DUZDSYBEiABEiCB2BHwS6Bz//33 mz9QGz88Y/vtt9+6YvLXX39p+++/vy2PRo0auUprjTRnzhx9aYsjjzzSelo7+eSTbXnvvffeGgQh XsKll15qy+P00093nXzIkCG2tBdccIGrtIcddpgtXTaeVYJmCw7WNsf+3LlzXdXPiPTNN99opUuX 1lq2bGmcStjWrl3bVs6jjz6aEAcnBg4cqMfr169f0ut+nvTDpm3btpneIgyOmAz2GrCknJEe2732 2ktD3n6HsNrby6Sqs45u0wZ9b1jtCntizo++abWf+yTgN4HmzZvbxiyMWyeddJL+HMC+l2UyYRvu 5z333NOWZ4MGDVyZ3aNHD1s6q0BnyZIl+rUKFSokzcvteJMssZe0Yb/H5Iun32OXF8b5eh6H/XxI 1hezOeen3bjnkwl0wuqH11xzjX6f41103bp1rnE4vS5t3bo1ZVo/edGDTkrMvEACJEACJEACgRCg QCcQrMw0pgQo0Ilpw9Fs9wQo0HHPijFJgARIgARIgASyI+CXQOfpp5+2TW7hh3b8mzBhQlLDRowY oVWrVk2bOXOmed35BTvST5482bzuZqdbt256uW3atLFFT7Y0z3PPPWeLk+4Anl2ck4lxEeigXkGy ffvttxPaHm7+ManiNhjLnYBxqtC0aVNbOXfddVfSqOeee64eb/jw4Umv+3nSL5sGDRpkqxu+yF61 apVrU5ctW6aVKVPGlscjjzziOr2XiGG1t5dJVaf9XtIGeW9Y7Qp7Ys6vvmmtA/dJwE8CTz75pG3M Mt4bjK1XQeovv/ySkF/Pnj1dmVyvXj1b2igKdMJ+j8kXT7/HLi/PA3SWfDyPw34+uLopXETy027c 98kEOmH1Q0OgAzvuu+8+F7X//1Hwd44xZtWqVSttOj95uRHo7Nq1S7vuuus0LPMH8eIpp5yiLVq0 KK2NvEgCJEACJEACJJCcAAU6ybnwbHESoECnONu9qGpNgU5RNTcrSwIkQAIkQAJ5IQARgPHDsrE9 +OCDPduCZSmM9NbttddemzQvYwIGS1kYYffu3doxxxxjywceZNavX29ESbuFmKdEiRJ6+mTiBHgl sdqGCbm1a9emzdO4CDGINS32O3bsaFzOuL3lllts6c8///yMaRDhkEMOsaV74403XKVzRgqaLerj 5PPwww87zUh6DJEWljJB+nRpDPGVUU737t2T5te4cWM9LyxVEXTwy6YtW7ZoTm9JmFhOt+SXtW6I a3DBNpsl3Kz5ZdoPo70HDx5sqxM8XLgNzrTp7reg7w3DZoyF1jZq166dcSnt9ssvv7SlQx5YaixT 8KtvZiqH10kgWwJ//vmnVqlSpYT+jT6O57MXkSdsgPcTpwcdN2PhV199lWBDnTp1zGp9/fXX+vVk 4gFEco43QY1VKCvM95h88fR77HK2T7rnARjn43kc9vMB9fQj+Gk37vtk91hY/dAq0MG4hKXt3IRn nnnGHD/gASxd8JOXm/eAe++917TNeP/A33jo4wwkQAIkQAIkQALeCFCg440XYxc2AQp0Crt9WTtF gAIddgMSIAESIAESIIGgCWApIuNHW2OLH8h37NjhqWgIfeAW3sjD2DqXmkKmmzZt0kqVKqXHnTZt mq2cxYsX6551jPTYdujQQduwYYMtnvMAX9rDbsQ/4YQTkk7srVmzRsOkmzXvJk2apPVUAoGE84tX I/2BBx6YtBynbTi+5JJLbOXiK9ZMAWVjKS6jPGwfe+yxTMlSXg+SLdoHPKy2YoIjkwckLG11wAEH 6OlatGiRlueoUaNs+VepUkX7448/bPX9+OOPzThul1ezZeDxwE+bIMTAslRWhhdeeKGGL6DThTvv vNOWBl9wO7mkS5/NtTDa27mkXPv27V2b6kyb6X4L8t4wjD7vvPNs7eR26Z0333zTlg79w80Scn72 TaMO3JKA3wScy8MY498dd9yRVVGdOnWy3S/lypXTILBJFeCFwrm8JmyA2HflypV6shdeeEHP88QT T0yajXO8CXKsCvs9Jh88/R67nO2T6XmARg77eRz28yFpR87ipJ92475LJtCBWWH0Q6tAB7ZgSTn8 vZIuQOhy6KGHmmMOxop0wU9ebt4DnNyM8fWll15KZyavkQAJkAAJkAAJJCFAgU4SKDxVtAQo0Cna pi+eilOgUzxtzZqSAAmQAAmQQBgEIPjAl+JffPGFBmHME088oRmebIwfbY0tlm965ZVXtI8++kif DP7xxx8zmpjMqwY8o6A8a7j11lv1H7PxQ3yyrzjxh69T7AERx+uvv54gVlixYoV25ZVXmj+O77vv vhrc4acKP//8s4aJcaOe2MJLTTIxB76eNZZLssa37uNLeUygf/LJJxqWCzMC6oUfz3EeXmHKly9v KxNiJiytA0EJJoIMTymoD46nTp2q9enTx5YG5e63337a6NGjtQ8++EAXc0Pg4iUEyRZf8zZr1izB Znh3waSiNcBz0dixY01vBxUrVtTmz59vjZKwv3HjRlOEZbQB2seYQMEyT4YXmlNPPTUhfRAn/LZp zpw5Wo0aNWwMMZm4YMECm/k7d+7U2/+MM86wxcWX0fgbIozgd3tnumcwltx+++3ajBkzNHBat26d Wc1MaVPdb2YGasfvewP9EnbOmjVLe/DBB7U99tjD1lbowzfeeKP24Ycf6vGsX+vjvkY7vvbaa0nH 6OOPP17DcjcYWxcuXGithrnvd980M+YOCfhIAM9eYzw3trhXrPeDl+JwXxgCYCM/eOOxLqdp5Pfu u+9qhsc1vGM4hRwQB8N7Hp67yMsQDWUab4Ieq8J6jwGnMHga7WFscx27MrWPm+cBbAnyeZzv54PB 2us2SLtxj1WoUCHpcy2MfugU6MAevFM6378MZvPmzdPatm1rjl/J3juD5OXmPeC0004z7TPGQ2wh /mYgARIgARIgARLwRoACHW+8GLuwCVCgU9jty9opAhTosBuQAAmQAAmQAAn4SWD79u1Jf6i1/mib ah/eTTIF/BB9+OGHJ5TRsGFD/Qd3TJrcf//9WpkyZfQ4gwYNSpklvmq/6KKLEibaqlevrn/ViuWN jjrqKFtZ+NoVnnwyBYhFzjnnHHM5LKPO8LwD9/PwmIMf2g07Mdk3fPhw7bLLLrOVZ6QztmPGjDGL hjDHOO9mC8EFQrIJgnTpMZnhNQTJFn2gV69eCd6U4I0AEx2dO3fWDjroIBubmjVrap9++qmramCJ L6fQAR4Sjj76aNP7DJi4+bLYVYEuIvlt09KlSzUIv4xlv4z2b9SokQbhHJaBcy7jgr56880360u8 uDDZtyh+trfXe+a5554z6+E1rXG/mRn8b8fPe+P999+39XOjHVNt4TXCCNWqVXOd9ogjjjCSJWz9 7psJBfAECfhAAM9e630BLxO5BHixSObRDxPa/fr106644gqb8A0eMOBFCz+6O8ddwy4IeSGgRfA6 3gQxVoXxHmO0QdA8jXKs21zGLq/tk+p5AHuCeh5H4flg5e12P592B90Pre/fVatWtf39Ae+bWHoN fx/gY4RWrVrZ/obAuy3eH5whn7xgy0MPPWQbW43xzO0Sm8768JgESIAESIAEipkABTrF3Pqsu5MA BTpOIjwuOAIU6BRck7JCJEACJEACJJBXArt379ZdsWNyf5999tGwFA6+LK9fv77uRQYTUPiHYyz5 AG80WKYIggg3Ah1UDl8+Q+SSbHLM+GEYWwhgIBjKFPBHML70dIoyrHnBVohjDC80mfI0ruOrWHhg STUhB1HJcccdp3vsQBqrpx5r+ca+U6CDfOEZBh5RwNn4qh+CEnytD/5YwgrlGBNEjzzyiC4MAndc hycheEVxtg2ESvDKg/yzDUGyXbJkiS5oKlu2bNLJATCDCOG6667LuHyZs37whIDJEYO7dQtPB2GK cwzbgrAJniUgJEvHEPcyRDtePSkZdvu19aO9MalqvWdwjxhjE+4B3AsQc2EZMNTbKupypsX9Ztw3 yCPV/Zaq/n7cG5iYM+qDsdQYa2EXbEJ9cI/jXsd4aRXoQEiAcQKThHXr1tVFbUiHfxC44RyWeAOH TGKGIPpmKm48TwLZEBg/frxtPIdnuVwDxDRDhw7Vateubcvb+rzA8/eGG27Q4NHNCPAcaBXIQfx4 5pln2sS/zvEmn2NVkO8xBhNsg+RpLce6n+3Y5WyfXJ8HsMnv53FUng9W3m72g7Lb8DKJ9+F0z7Ug ++HAgQP1sQLif/wtA+93+BvAOmY49/Esf/XVV1OiC4qXl/eAwYMH617A8HcU/nZAHeDtkoEESIAE SIAESMAbAQp0vPFi7MImUALVUy+WDCRQsASUy3Jp3bq1Xj+1BICor70Ktq6sGAmQAAmQAAmQQGER +O6770RNdIlaiknUEiyyYcMGUT+6i/qxW0488UTp37+/KOGB60orcZEoEYB8//33opbbglhf1MSb qC/fpXnz5qJ+1HedlzOiEgrJokWL9Lx/+ukn3U4l+tHzVRNvZnS1HIaoSRpR4iZRy3PpW+wb/9Rk X0o7lHhI1KSfrF+/XtSyGaKWGDPzzfdOkGx37dqlt5v6MUNn/Ndff4kS0YiaMBPl9UaUMCHr6qMf KJGGqKVQ9L6kPMuImlgRNaGadZ65JgzCJjBTX/Hr/RMccawEH6JEGoI6KyFHrmb7lj7I9vbNSA8Z BXlveDDDl6hB9E1fDGMmRU8Az0flgUJ/Lp511lkyYcIE35jgHsZze/ny5fo/tTSeKGGcKLGbqElq wXPbGXbs2CFqyUX9tPL8pj/jnXGidhzGewzqnA+eURq74vQ8jlofTWePWq5TJk+erL9b4z05Uwii H+LvgIkTJ4pa6k6UANY0AX8X4G8atXyu/rcM/i5QS+UKxgYlGDbjxWFHiY5ELcslaukrnXccbKaN JEACJEACJBAVAngnxfMfYcSIEaJEsFExjXaQQOgEKNAJHTkLDJsABTphE2d5JEACJEACJEACQRHA pAaC8iITVBGRzjfKAp1Ig6NxJEACJEACRUEAk+65iDaLAhIrSQIFSMCrQKcAEYRSpYcfflj69u0r yluQ3HPPPaGUyUJIgARIgARIoFAIUKBTKC3JevhBgAIdPygyj0gToEAn0s1D40iABEiABEiABEjA NQEKdFyjYkQSIAESIAESIAESIIEiIUCBTjgNrZYMlhdffFGefvpp6dWrVziFshQSIAESIAESKBAC FOgUSEOyGr4QoEDHF4zMJMoEKNCJcuvQNhIgARIgARIgARJwT4ACHfesGJMESIAESIAESIAESKA4 CFCgE3w7r1mzRl8aFcvhff7559KqVavgC2UJJEACJEACJFBABCjQKaDGZFVyJkCBTs4ImUHUCVCg E/UWon0kQAIkQAIkQAIk4I4ABTruODEWCZAACZAACZAACZBA8RCgQCf4tr7jjjvklltukcaNG8uC BQukRIkSwRfKEkiABEiABEiggAhQoFNAjcmq5EyAAp2cETKDqBOgQCfqLUT7SIAESIAESIAESMAd AQp03HFiLBIgARIgARIgARIggeIhQIFOsG39ww8/6B5zNm3aJC+88IJccMEFwRbI3EmABEiABEig AAlQoFOAjcoqZU2AAp2s0TFhXAhQoBOXlqKdJEACJEACJEACJJCeAAU66fnwKgmQAAmQAAmQAAmQ QPERoEAnuDbfuHGjtG7dWiDSqV+/vr4tVapUcAUyZxIgARIgARIoUAIU6BRow7JaWRGgQCcrbEwU JwIU6MSptWgrCZAACZAACZAACaQmQIFOaja8QgIkQAIkQAIkQAIkUJwEKNAJrt27dOkib731lpQt W1Y+/vhjXawTXGnMmQRIgARIgAQKlwAFOoXbtqyZdwIU6HhnxhQxI0CBTswajOaSAAmQAAmQAAmQ QAoCFOikAMPTJEACJEACJEACJEACRUuAAp1gmn758uWy//77S4kSJeSZZ56Rnj17BlMQcyUBEiAB EiCBIiBAgU4RNDKr6JoABTquUTFiXAlQoBPXlqPdJEACJEACJEACJGAnAIFO9erVZd26ddKhQweZ Nm2aPQKPSIAESIAESIAESIAESKDICFCgE1yDjx07Vpo2bSrHH398cIUwZxIgARIgARIoAgIU6BRB I7OKrglQoOMaFSPGlQAFOnFtOdpNAiRAAiRAAiRAAnYCFOjYefCIBEiABEiABEiABEiABCjQYR8g ARIgARIgARKIOgEKdKLeQrQvTAIU6IRJm2XlhQAFOnnBzkJJgARIgARIgARIwHcCFOj4jpQZkgAJ kAAJkAAJkAAJxJwABToxb0CaTwIkQAIkQAJFQIACnSJoZFbRNQEKdFyjYsS4EqBAJ64tR7tJgARI gARIgARIwE6AAh07Dx6RAAmQAAkUNoGtW7dKmTJl9H+FXVPWjgRIIBcCFOjkQo9pSYAESIAESIAE wiBAgU4YlFlGXAhQoBOXlqKdWROgQCdrdExIAiRAAiRAAiRAApEiQIFOpJojFGN2794tpUuX9lzW X3/9JaVKlfKcjglIgARIIJ8Edu3aJY899pi89957smDBAvnll1/0sWz//feX7t27y4ABA6RatWr5 NJFlkwAJRJAABToRbBSaRAIkQAIkQAIkYCNAgY4NBw+KnAAFOkXeAYqh+hToFEMrs44kQAIkQAIk QALFQIACnWJo5b/rOGPGDOnQoYN+oly5clK2bFnZY489pGTJklKiRAkzoqZpAkHOjh079H/btm2T mjVryqJFi6RChQpmPO6QQFQIzJo1Sz755BOpVauWnHbaaVK1atWomEY78kjgnXfekeuvv15++OEH 0wqMd3j2GaFBgwYyc+ZMinQMINySAAnoBCjQYUcgARIgARIgARKIOgEKdKLeQrQvTAIU6IRJm2Xl hQAFOnnBzkJJgARIgARIgARIwHcCFOj4jjTSGT777LNy8cUXZ23j6tWrpUaNGlmnZ0ISCILAiBEj ZMiQIWbWlStXFgh2GjdubJ7jTvERmDhxopx11llmxatUqSKPP/64tG/fXg499FBZu3ateQ39Z9iw YeYxd0iABEiAAh32ARIgARIgARIggagToEAn6i1E+8IkQIFOmLRZVl4IUKCTF+wslARIgARIgARI gAR8J0CBju9II53hpk2bZNWqVQKPOH/++acsXLhQ7r33Xpt3CaMC8EJyySWXyH777ScVK1aUMmXK SP369bnMlQGI20gQ2Lp1q1SqVEmwdJs19OjRQ1566SXrKe4XEYHFixdL8+bNBWMeApaw+uyzz/Qx bO7cudKiRQsbjRNPPFGmTJliO8cDEiCB4iZAgU5xtz9rTwIkQAIkQAJxIECBThxaiTaGRYACnbBI s5y8EaBAJ2/oWTAJkAAJkAAJkAAJ+EqAAh1fccYyMywBAzGONWDpqw0bNsiee+5pPR25/cGDB8vX X38t/fr1k86dO0fOPhqUmUCubfj9999Lw4YNEwqCl5Tp06cnnOeJ4iBw7LHHyuzZs83K3nffffpS VzixcuVKqV27tnkNOxhDxo4dazvHAxIggeImQIFOcbc/a08CJEACJEACcSBAgU4cWok2hkWAAp2w SLOcvBGgQCdv6FkwCZAACZAACZAACfhKgAIdX3HGMrOvvvpKjjzySJvtNWvWlN9++812LooHEGZA oIFla/r06RNFE2lTBgK5tuHOnTtln332EXjSsYb+/fvL6NGjrae4XyQEFi1apC9hZVQX/QOiHKvg 8KqrrpJHHnlEjwLPYG+++aY0atTISMItCZAACQgFOuwEJEACJEACJEACUSdAgU7UW4j2hUmAAp0w abOsvBCgQCcv2FkoCZAACZAACZAACfhOwCrQoccJ3/HGIsNvvvlGmjZtarMVy1r9+uuvtnNRPChf vry+XBcFOlFsHXc2+dGGo0aNkptuuskscK+99hL8zdqgQQPzHHeKh8Dzzz8vF110kVnhNm3ayMyZ M81jY2fZsmWydu1aXaBYokQJ4zS3JEACJKAToECHHYEESIAESIAESCDqBCjQiXoL0b4wCVCgEyZt lpUXAhTo5AU7CyUBEiABEiABEiAB3wlQoOM70thlGFeBzooVK6Ru3bo6bwp0YtftdIP9bMP58+fL +++/LxUqVJAuXbrIAQccEE8otDpnAk7BVq9eveTpp5/OOV9mQAIkUFwEKNAprvZmbUmABEiABEgg jgQo0Iljq9HmoAhQoBMUWeYbGQIU6ESmKWgICZAACZAACZAACeREgAKdnPAVROK4CnTuuusuufnm m/U2oEAnnl2RbRjPdou61bfddpsMGzbMNHPo0KGCcwwkQAIk4IUABTpeaDEuCZAACZAACZBAPghQ oJMP6iwzqgQo0Ilqy9Au3whQoOMbSmZEAiRAAiRAAiRAAnklQIFOXvFHovA4CnTQbw8++GBZunSp zpACnUh0JU9GsA094WJkDwScAh2IdYYMGeIhB0YlARIgAREKdNgLSIAESIAESIAEok6AAp2otxDt C5MABTph0mZZeSFAgU5esLNQEiABEiABEiABEvCdAAU6viONXYZxFOi8/PLL0qNHD5M1BTomitjs sA1j01SxM5QCndg1GQ0mgUgSoEAnks1Co0iABEiABEiABCwEKNCxwOBu0ROgQKfou0DhA6BAp/Db mDUkARIgARIgARIoDgIU6BRHO6erZdwEOtOnT5fTTjtNtm/fblaLAh0TRSx22IaxaKbYGkmBTmyb joaTQKQIUKATqeagMSRAAiRAAiRAAkkIUKCTBApPFS0BCnSKtumLp+IU6BRPW7OmJEACJEACJEAC hU2AAp3Cbl83tfNToIP+tH79elm7dq1Ur15d9tlnnwQTdu/eLUuWLJFy5cpJnTp1pESJEglxUp14 ++23pXv37rJlyxZblCAEOr/99pt899138uuvv8qff/4plSpVkgMPPFCOOeYYTzYbhu7YsUPWrFkj ZcuWlWrVqhmnze3y5ct10dEBBxwge+yxh3k+087ixYtlxYoVsnLlStmwYYPUrFlT6tevLwcddJDs tddemZJ7uq5pms7kl19+EfDZtWuX1KhRQ2rVqqX/g+2ZQtBtuGnTJp0zGKJ/ZRPQjxcsWCBoE9Sz TJkycthhh0nDhg2lcuXK2WRppgn6HjEL8nknqP5rmOnn/ea3QMdP21DfIFn6bWu++6sfY47Rx5xb v1k58+dx/AlQoBP/NmQNSIAESIAESKDQCVCgU+gtzPp5IUCBjhdajBtLAhToxLLZaDQJkAAJkAAJ kAAJJBDA5BuEFOvWrZP27dsLPFswFBeBbAU6EDDccsstuhgHwhOIciDOQZ9CsIpmli5dKnfeead8 +eWXusBj586dehyIdCAmadeunQwfPjypoAcClDFjxsisWbNk/vz5ejrnf82aNZN69eo5T+vHLVu2 lP/7v/9Lei3ZSSy9hPI+++wzweSwM9StW1cuuOACufDCC6Vx48bOy/rxuHHjBPmAi8EGIh+E/fff X5YtW6bvQ1gzaNAgmTJlin4P4iSEJb1795bRo0frYh49ouO/P/74Qx577DF54YUX5IcffnBc/fsQ XAcMGKB7HPIihPo7h/+/9/vvv8vIkSNl4sSJuhjIed04hoilV69e0rNnT10oZJwPog03b96sl4N+ h3/gjHEMoiEEtBH4eAkQY40YMUImTZokq1evTpoUYiTUD+1WpUqVpHGMk2HdI0Z5fm2D7r9WO/24 31588UWZMGGCme3ChQsT7ouuXbua142ds88+W+8nxrFz64dtYbH0w9Yo9ddcxxxnW1qP/WBlzY/7 hUuAAp3CbVvWjARIgARIgAQKhQAFOoXSkqyHLwTUj3gMJFDQBD7//HP8Uq3/Gzt2bEHXlZUjARIg ARIgARIggUIm8Ndff2lqkll/r1MCnUKuKuuWgsDXX39tvtsb7/j77bdfith/n37//fcT0hnpsVUC HU15y9GGDh2q7bnnnmZc5UFGq127tqYEI+Y5xFeeWLTJkyf/XcD/9t58801bPGsZbva7dOmSkGey E0rcoSnvPLay9t57b00tp6VdfPHF2vHHH6+VLl3adv3BBx9MlpV2zTXX2OJZ7axQoYKe5q233tIq VqyYMp4SgSTNWwlyNOXJx0ynRE6aEuJol19+uXbZZZdpxx57rKZEPuZ1lN2oUSNNiaSS5pfp5Btv vKG3jbUO2FfecrRTTz1VL1t5SrKVh7ZUk/1m1kG0oRIp2cp02qcEOmb5bnaef/55TXnHseW57777 aug/aP82bdpoJUuWNK+jb6Bvb926NWX2Yd0jKQ3I8kKQ/dcwyc/7TQnwzHZx9oN0x0pgaJhj2/pp W9As/bQ1Kv3VjzHH1qD/O/CTVbL8ea7wCJx++un62IJnAwMJkAAJkAAJkAAJRJEAfh8w/uZRH5tE 0UTaRAKhEcBXdgwkUNAEKNAp6OZl5UiABEiABEiABIqIAAU6RdTYKaqarUDn+++/16666ioNQggI eowfhYyt8vCiXXLJJeb5zp07a3PmzNGUhxPdEuVtR1MeLMzrSAexGCZRrQE/OKkla2z/1NJNtnQQ pTjjGMfK6441u6T706ZN00VDhu0QYkDworw42OIrzxyaWuLKVva9995ri4OD119/XU8PcUf58uVt 8SHQmTt3roYtymvVqpU2c+ZMrWPHjrZ4EDVt377dljfYqSWszHhq2S1NeeaxxcEB7DzhhBPMeChH LXmlKY89CXFTnVAeamzthzxKlSqli1KUtxpbMowjTz31lK08iLCUNyU9XhBtiHpfffXVungGdTPa zti6Feigjc866yxb+m7duiUVNCnPRwlx27Ztq6mlxWw8jIOw7hGjPL+2QfVfwz6/7zfkZ9zv2Dr7 vvJ6ZLtuxFUekwyTzK3ftgXJ0m9b891f/RxzzAb9347frJz587gwCVCgU5jtylqRAAmQAAmQQCER oECnkFqTdcmVAAU6uRJk+sgToEAn8k1EA0mABEiABEiABEjAFQEKdFxhKuhI2Qp0rFB27NihHXzw wTaRg1pySj+Gx5zx48dbo5v78LDTsGFDWzq1JJN5PdWOUxAEbz3Zhp9++skmooFnH7UsTcrsfvvt N61atWo2m+HxIVX46quvbJ5X4PGmSZMmenq1RJa2ceNGPWmLFi1secJbj3HNyPujjz6yxYEYBUKo ZAFsW7dubYuvlqDStmzZkix6wjkIqgyxC7YQ3MyYMSMhnnFCLQVii4808+bNMy4nbP1sQ4xjRx55 pK18NwIdtdSaLR3afsiQIaawKMFodQJl9e3b11ZW06ZNE9rKmTbse8RZfrbHfvZf2BD0/YYyhirP Rta+66YvhGGbnyyD5piP/hrUmBM0K/QdhsIkQIFOYbYra0UCJEACJEAChUSAAp1Cak3WJVcCFOjk SpDpI0+AAp3INxENJAESIAESIAESIAFXBCjQcYWpoCP5IdABoN69e9smxY0J8gceeCAtv5EjR9rS HXHEEWnj46Kf4o4OHTrYyu/Vq1fG8iHIMeqHLTz4pAtYKskaH/tYBurnn382k9188822OF27djWv GTvDhw+3xUE+F154oXE5YQuPGM7lrtyImZ599tmEcrD8TbrQrFmzhDQTJkxImcTPNkQh/fv3t5Xv RpQBTyrWdoGww21wLl3kpt+EeY+4rYebeH71X5QVxv2WrUAnDNv8YhmGrWH21yDHnDBYubmPGCd+ BChjUU24AABAAElEQVTQiV+b0WISIAESIAESKDYCFOgUW4uzvukIUKCTjg6vFQQBCnQKohlZCRIg ARIgARIgARLQvUFgWSFMUrdv355EipCAXwKd6667ziZ2QJ+CRwRjmaNUaCdNmmRLV7FixVRRzfN+ iTueeOIJW9lYwmnlypVmOel2IMqxijtmz56dMvqhhx5qi4t0zqWxsHwVzmHZr7vvvltbvXp1Qn7P PfdcQj533XVXQjzrCacXnTPPPNN6OWEf5RpjglG/Tp06JcRznrAuZ4Z08BSUauknpPWrDQ074PnG sBfbTAIdLH1WpkwZMw28ImGJHbdh7dq15jJlRrmTJ09OmzzMeyStIR4v+tV/w7rfshHohGWbHyzD sjWs/hrkmBMWK4+3FKPHhAAFOjFpKJpJAiRAAiRAAkVMgAKdIm58Vj2BAAU6CUh4otAIUKBTaC3K +pAACZAACZAACRQrAXrQKdaW/7vefgl0rr/+elPsYAgW3n777b8LSrE3a9ashHQQP6QLfog7sNRT pUqVbGV37NgxXbG2a05ByMCBA23XrQdYWspggm3JkiW1FStWWKO42l+/fr1tSSZM9mPJrXThsssu s5WdyUMRPPJYbcWyT+mWqjLKxiQ7+EH00qhRI+2ZZ54xLiXd+tGG1oy9ijKcHn8gMPIazjvvPBur Nm3apM0izHskrSEeL/rRf8O837z2hTBty5VlmLaG1V+DGnPCZOXxlmL0mBCgQCcmDUUzSYAESIAE SKCICVCgU8SNz6onEKBAJwEJTxQaAQp0Cq1FWR8SIAESIAESIIFiJUCBTrG2/N/1DlKgk0k8Aivm zp1rEzlAHJIpnR/iDucyVSgXnmvcho8//thm91lnnZUyqXNSPhdvVdu3b9dmzpyppfPYYzXkvvvu s9lZv35962XbPia04fnGKtBp0KCBLY5fB360odUWL6KMZH1u3Lhx1uxc7T/00EM2VuCGH0hThWSC h0x9HXkls9dNulR2eD3vR/8N837z0hfAIkzbcmUZpq1h9Ncgx5wwWXm9pxg/HgQo0IlHO9FKEiAB EiABEihmAhToFHPrs+5OAhToOInwuOAIUKBTcE3KCpEACZAACZAACRQpAQp0irThLdUOSqBTq1Yt Sympd7MRH/gh7ujXr1+CuGLChAna7t27Xf3DUlhWIcuRRx6ZspLOSfl03nZSZuLiwrJly7QPPvhA Gz9+vDZmzBht8ODBWtu2bW12phPowOORtU7Y79Wrl4uSvUfxow2tpXoRZTjjop4QPXkNb731VgKv UaNGpczGKXgI8h5JaUQWF/zov2Heb872zbTcWZi25coyTFvD6K9BjjlhssritmKSGBCgQCcGjUQT SYAESIAESKDICVCgU+QdgNW3EaBAx4aDB4VIgAKdQmxV1okESIAESIAESKAYCVCgU4ytbq9zUAKd du3a2QtKcZQvgc4ZZ5yRIK5wilO8HNetWzdFDTXNOSn/wAMPpIzr5cK6deu0p59+WsMkYrVq1VzV J51AB3Y56zxy5EgvJrmOm0+BzrnnnptQz3Seb1JVasaMGQn5XH755amia07BQ5D3SEojsrjgR/8N 837zKtAJ07ZcWYZpaxj9NcgxJ0xWWdxWTBIDAhToxKCRaCIJkAAJkAAJFDkBCnSKvAOw+jYCJXCk ftRiIIGCJfDFF19I69at9fqNHTtW1JdJBVtXVowESIAESIAESIAECpnAf//7X6levbqoiX5Ry+7I 9OnTC7m6rFsSAt988400bdrUdkWJJ+TXX3+1nct0MGDAALn//vvNaB06dJBp06aZx6l25s2bJ82b N7ddVsv3SM2aNW3nrAe1a9cW5cHGPPX4449Lnz59zGM3O61atZIvv/zSFhVlVq1a1XbOzUHp0qX1 +0dNNieNrpaJEvXDmXnt1VdflXPOOcc89rrz+++/y5AhQ0SJc2TXrl225Morixx99NFy1FFHCdpx 0qRJojy9mHGUQEcWL15sHlt3brrpJlEeYKynRC3jJH379rWd8+PAjza02nHbbbfJsGHDzFPKa4q8 8MIL5rF1R3kVklmzZllPyZIlS+TAAw+0nct08NVXX4nynGSL1rlzZ3nvvfds54yDMO8Ro0w/tn70 3zDvNy99AXzCtC1XlmHaGkZ/DXLMCZOVH/cZ84geASXyksmTJ0vlypVl/fr10TOQFpEACZAACZAA CRQ9gR9//FHURwA6hxEjRojyolv0TAigiAnY5Do8IIECJEAPOgXYqKwSCZAACZAACZBAURKgB52i bHZbpYPyoKMEOrZyUh3ky4OO+uAgwfuJEq6kMjOn806vGVgaKdswbtw4be+9906wXYlytDfeeENT ojtb1g8++KAtbjoPOmpC3hZX/ayjKYGOLT+/DvLpQUeJlxLquWDBAs9VUx+uJORz5plnpszH6ZEk yHskpRFZXPCj/4Z5v3n1oBOmbbmyDNPWMPprkGNOmKyyuK2YJAYE6EEnBo1EE0mABEiABEigyAnQ g06RdwBW30aAS1zZcPCgEAlQoFOIrco6kQAJkAAJkAAJFCMBCnSKsdXtdS5kgc7s2bO10aNHax9+ +KG90uoo2TJHn332WUI8P07kOilv2DBmzBitRIkSNlHIQQcdpCnPV0aUhK0XgQ5YQZRj/Td8+PCE PP044Vagk64NrXZ4EWUkW/pm5syZ1uxc7U+dOtXGCty6deuWMm0YgoeUhedwwY/+G+b95qUvAEuY tuXKMkxbw+ivQY45YbLK4fZi0ggToEAnwo1D00iABEiABEiABHQCFOiwI5DA3wQo0PmbBfcKlAAF OgXasKwWCZAACZAACZBA0RGgQKfomjyhwoUs0Ln11lt1AYVaoimh3jfccEOCuEItPZUQz48TuU7K wwZ4eClZsqTNZrUcl4Yf5NIFLwIdtRyWLX8ITnr37p0u+6yvuRXopGtDa+FeRBlXX311Qj2z8Wr0 2muvJeSDvFOFMAQPqcrO5bwf/TfM+81LXwCXMG3LlWWYtobRX4Mcc8Jklcv9xbTRJUCBTnTbhpaR AAmQAAmQAAn8fwIU6LAnkMDfBCjQ+ZsF9wqUAAU6BdqwrBYJkAAJkAAJkEDREaBAp+iaPKHCxSrQ ee+99xLEFVhuJZvw+++/a5s3b06ZNNdJeWTcpUuXBHs/+eSTlGUaF+655x5bOusSV6tXr9b+8Y9/ aCNHjtSj//rrr1qpUqVs8eGhJ5uwc+fOhOW2rPnkU6Dz4osv2uoIIRK8E3kNo0aNSshn4sSJKbMJ Q/CQsvAcLvjRf8O837wKdMK0LVeWYdoaRn8NcswJk1UOtxeTRpgABToRbhyaRgIkQAIkQAIkoBOg QIcdgQT+JkCBzt8suFegBCjQKdCGZbVIgARIgARIgASKjgAFOkXX5AkVjqNAp3bt2jZhxKOPPppQ L5wYOHCgHq9fv34J19H3999/f1s+jRo1SoiX6cScOXP0ZaeOPPLIlFFznZSHrXvuuafN1gYNGqQs z3qhR48etnRWgc6SJUv0axUqVDCTGBOS1mWu5s6da153s/PNN99opUuX1lq2bJkyuh9taM3ciyhj 27ZtWuXKlW1cIFTyGk499VRbHnvttZeGvFOFMAQPqcrO5Xyu/Rdlh3m/eekLYduWK8swOYbVX4Ma c8Jklcv9xbTRJWD0TTwvGEiABEiABEiABEggigQo0Iliq9CmfBGgQCdf5FluaAQo0AkNNQsiARIg ARIgARIggUAJYAKrSpUq+iRz+/btAy2LmUeTQBwFOk2bNrUJI+66666kcM8991w93vDhw5Ned3qX gShl8uTJSeOmOtmtWze9jDZt2qSKouU6Kf/LL7/Y6gs7e/bsmbI864V69erZ0mYS6Lz99tu2+Cir VatWusDCmm+6fSyLhXTNmzdPGc2vNjQK8CrKGDRokK2eZcuW1VatWmVkl3G7bNkyrUyZMrY8Hnnk kbTpwhI8pDUii4u59l+jyLDuN699AfaFZZsfLMOyNaz+GuSYExYro49zW1gEKNAprPZkbUiABEiA BEigEAlQoFOIrco6ZUuAAp1syRV5Orj2xY98mCSJeqBAJ+otRPtIgARIgARIgARIwB0Bq0CnXbt2 7hIxVkERmD9/vk1kAGFFzZo1Pdfx2muvteXjtj99+eWXtnQoH38bpQuGKAZx8a979+5Jozdu3Fi/ jiWNkoXdu3drxxxzjK18TKCvX78+WfSEcxDzlChRQk+fTpxxyCGH2Mp44403EvJKdwJeWZwedLDk Vabw1Vdf2coFqzp16pjJDHGW0zvA+eefn5Du4YcfNtOl25k5c6ZWsmRJPX26NH61oWHL4MGDbTaj DunCli1bEoRTED3997//TZfMvIa4Rv/D1k17hHmPmIb6sJNr/zVMCOt+c/YFeJHKFMKyzQ+WYdka Zn8NaswJi1Wm/sXr8SRAgU48241WkwAJkAAJkEAxEaBAp5ham3XNRIACnUyEeF0nMG/ePO2KK67Q 8KWl1b02vtzDD8lwsf3OO+9EkhYFOpFsFhpFAiRAAiRAAiRAAp4JUKDjGVnBJXjrrbdsQgOIDfbY Yw8NAgYv4bzzzrPl43YJpjfffNOWDuVnWlJp1KhRtjTwAvXHH3/YzP3444/NON9++63tmvVg8eLF WrVq1cy4KL9Dhw7ahg0brNES9sHN+DvuhBNOSPmhBQQfe++9ty3/xx57LCG/TCc6depky6NcuXIa BDapwm+//ZawhBfqBkHRypUr9WQvvPCCnueJJ55oywZ1P/DAA23lVapUKaN3ISxtdcABB+jpWrRo kZIJCvOzDZHfpZdearP3lFNOwem0AeIwLEsFLsa/Cy+8UNu1a1fadHfeeacZH+lq1aqV0P+SZRDm PZKs/GzO+dV/jbKDvt9QjrMvuPUOF7RtfrIM2lZwDLO/BjnmhMEKvBgKjwAFOoXXpqwRCZAACZAA CRQaAQp0Cq1FWZ9cCFCgkwu9Ikj7+++/a5dddpn5VSF+0Ntnn320o446SmvYsKFWunRp2499+GET P/5GKVCgE6XWoC0kQAIkQAIkQAIkkD0BCnSyZxfXlBCrfPbZZ9oHH3ygjRkzRjvooINsf38YQgUI QuB55sMPP9QgZIA3FqtwYdOmTdqcOXO0WbNmaQ8++KAu6jHSGtsbb7xRT494q1evNpFByIG/KV57 7TXNudQR0h5//PHapEmTtC+++EJbuHChmc7Y2bhxoymOMcrCclawCQGeSY2lZE499VQjWcotftRy ClIgNHn99ddtdUYGK1as0K688kqT2b777qthCSprQBwwmzp1qtanTx8zrmHrfvvtp40ePVpvA3AA j0wBPEqVKmXLC8tXwWONM7z77rv6Rx8oD/VwChYgQMKyYLADce644w5nFroXo2bNmtnKQ1x4jlmz Zo0t/tq1a7WxY8eaXn4qVqyowTNTupBrG0JABiHXJ598osFTT/ny5W224u9qLG8DoRbaIpVnHPTN GjVq2NJC3LNgwQKb+Tt37tT77BlnnGGLe/DBB+vnbZH/d5DPeySZPW7PBdF/rWX7fb9l6gvot/37 99ewlBL6C/om+l+y4LdtQbL029Z891d4TgtqzPGbVbK+w3OFR4ACncJrU9aIBEiABEiABAqNAN5z 8fcO/o0YMaLQqsf6kIAnAhToeMJVXJH/85//mD8k44tH/LC7aNEiG4QdO3Zo06ZN0wU7xsCK7eOP P26Ll88DCnTySZ9lkwAJkAAJkAAJkIB/BCjQ8Y9lHHJK5i3H+jdHpn2ryOb99983fwjKlA7X4THF CE6PNenSH3HEEUYy2xbLRMHTjzUt/sY6+uijTa8oFSpUyOiNx8gUHmcuuuiiBBFM9erVtZNPPllf RgsfVVjLw/lVq1YZWZjba665xhbPmibZPux0E+DxxvlBB/KDoKlfv366h1ar4OnQQw/V4D0CP9oZ y045y8eSOxARJAuYsO/Vq1dCmfDCAwFU586dEwReWB7t008/TZZdwrlc2hBCC2dd0h1DYJMqLF26 VMMySE5GjRo10jBBi2XQnEuMlSlTRrv55ps1LD+WKuT7HkllV6bzQfVfa7l+3m9e+wL6CZanSxX8 tC1oln7aGoX+GuSY4yerVH2H5wuLAAU6hdWerA0JkAAJkAAJFCIBCnQKsVVZp2wJlEBC9Qc/AwnY CKgfGqRly5by448/ivrRUtSXfKJ+MLXFsR6oL/zkgQcekIEDB+qn1deS8u9//1vOPPNMa7S87Ksv WaV169Z62epLSVE/BufFDhZKAiRAAiRAAiRAAiSQGwG8cyoBgqxbt07atWsnyltKbhkydaQJPPvs s9K7d29R3kZEiVlELa8rSmgg+FtDiS5M2/En7e7du0WJGmT79u2iRAj6VolRRHkb0eNNmTJFlKcR PS8lMNHzM/JBevQtpN26dasoDxdy++23yw033KCnVUtCifJqoqeFLbBBiSP0a0inPPXoaZC2a9eu Mn78eNM2647y3iMDBgwQ/H3iDMo7jChBkihRjfNS2mP8vaa+PJNXX31Vr3+yyPvvv7/+dxr+DrJy M+I++uijoibmzfopcYeNsVFHcAUb1H3z5s1G8rRb5WVCnnjiCXnyyScF+8mCWlJL1HLKojwYiVr+ S4+C+vTt21eU9xv9GMyVdyFRy22J8gKULBvznBKwiPK4I+g/6oMS87x1R4mu5J///KcMHTpU1HJY 1ktp97NtQyUCkrZt25qM0Y+UeElvD/A1+i/4gi3sRp3The+++05uu+02Ucuupawn2lJ5lxLldUia NGmSLjuJwj2S1sAUF4Psv84i/bjfnH0BYxv6gjGmGOOZdTxS4jA57bTTnObYjv2wLSyWftgapf4a 5JjjBytbR+FBwRJQHtNEiflELWcp69evL9h6smIkQAIkQAIkQALxJYB3W/XxjF4B/I4xePDg+FaG lpNAjgQo0MkRYKEmP+ecc2TChAn6D4j4MVp9jeeqqsrLjuBHHQTlKlxWrlwpe+21l6u0QUUKSqCj vuAW5TpfmjdvHpTpzJcESIAESIAESIAESMBCABPZFOhYgHA3lgTwoxQm6ZWHH110pDye6MKcTIKM dJWFwGPJkiXy/fff6x9ZYJK/du3a+kcW+HslmTAnXX5+X4N9arkyWb58uf4PIrtatWqJWnJJ1DIx ApGOM0Ckopb30U/jRzy11LIzStpjCKfARH2lJ8oTrODvNwih1FJbojwX6aKItBmkuRhEG6YpLu0l 1AsCAbQ96opjiJjq1q0r6FsQgDD4SyDK91uUbXO2Qpxsddqe7DjIMafQWCXjx3O5EaBAJzd+TE0C JEACJEACJBA8AQp0gmfMEuJDgAKd+LRVaJbiK0VMfCDgKy18geE24KtVfKGJH5sRnnnmGbn44ov1 /Xz957dABz94vvTSSzJy5Ej9y8xu3brlq2oslwRIgARIgARIgASKigAFOkXV3KwsCZAACZAACZAA CZCACwIU6LiAxCgkQAIkQAIkQAJ5JUCBTl7xs/CIEaBAJ2INEgVz4CLbWJpq2LBhMmTIEE9mnX32 2fryVkg0aNAgufvuuz2l9zuyXwIdCHPGjRun1wcPkqZNm+pfdOb7a1S/eTE/EiABEiABEiABEogq AQp0otoytIsESIAESIAESIAESCBfBCjQyRd5lksCJEACJEACJOCWAAU6bkkxXjEQoECnGFrZYx1v vPFGU1Rz/vnny4svvugph1tuuUVf4x6JevfuLU899ZSn9H5HzlWgY/WYgweIEV5//XWh9xyDBrck QAIkQAIkQAIkEDwBCnSCZ8wSSIAESIAESIAESIAE4kWAAp14tRetJQESIAESIIFiJECBTjG2Ouuc igAFOqnIFPH5Cy+80BTllCpVSmbMmCHHHnusayIQ9YwfP16Pf88998jAgQNdpw0iYrYCnVTCHNhY unRpwXJe9J4TRIsxTxIgARIgARIgARJIToACneRceJYESIAESIAESIAESKB4CVCgU7xtz5qTAAmQ AAmQQFwIUKATl5ainWEQoEAnDMoxK2P48OEydOhQ0+ry5cvLa6+9Jqeeeqp5LtXOpk2b5OCDD5Y/ /vhDjwJxT9u2bVNFD+W8V4FOOmGOYTC95xgkuCUBEiABEiABEiCB8AhQoBMea5ZEAiRAAiRAAiRA AiQQDwIU6MSjnWglCZAACZAACRQzAQp0irn1WXcnAQp0nER4LJMmTUpYugkeY66//noZMmSIVKhQ ISUlxHnggQf063Xr1hUMuHvuuWfK+GFccCvQcSPMgb3NmjWTefPm0XtOGI3HMkiABEiABEiABEjA QoACHQsM7pIACZAACZAACZAACZCAIkCBDrsBCZAACZAACZBA1AlQoBP1FqJ9YRKgQCdM2jEpa/36 9boXnHXr1iVYXKdOHbnvvvvk3HPPTbj27LPPyiWXXCIQumDppylTpkinTp0S4oV9IpNAx60wx7Cb 3nMMEtySAAmQAAmQAAmQQLgEKNAJlzdLIwESIAESIAESIAESiD4BCnSi30a0kARIgARIgASKnQAF OsXeA1h/KwEKdKw0uG8SePzxx+Xyyy83j507HTt2lIceekgaNGggmCiB15xBgwaJpml6VHjaGTZs mDNZXo5TCXS8CnNgPL3n5KUJWSgJkAAJkAAJkAAJ6AQo0GFHIAESIAESIAESIAESIAE7AQp07Dx4 RAIkQAIkQAIkED0CFOhEr01oUf4IUKCTP/aRLhmTH+3bt5cZM2aktLNMmTLSs2dP+frrr+XLL7/U 4+Hcww8/LJdeemnKdGFfcAp0rrzySnnppZdk5MiR+hJcXuyh9xwvtBiXBEiABEiABEiABPwlQIGO vzyZGwmQAAmQAAmQAAmQQPwJUKAT/zZkDUiABEiABEig0AlQoFPoLcz6eSFAgY4XWkUWd8OGDfpS VlOnTnVV8zZt2siDDz4oRx11lKv4YUWyCnT++c9/yueff+5ZmANb6T0nrBZjOSRAAiRAAiRAAiSQ nAAEOjVq1JC1a9dKu3bt5MMPP0wekWdJgARIgARIgARIgARIoEgIUKBTJA3NapIACZAACZBAjAlQ oBPjxqPpvhOgQMd3pIWVIZaseuSRR+Tmm2+WTZs2pa1c9+7d/x979wE2NZW2cfx56YIKKiCIiGKj 2LCxIs22WBGwK66iawVlFbEtgooNRVRYu2vv8CmKFRVpdrHhigqKgNKkKArS3Hx5siZOpmcmyWQy /1wXO5nk5OSc38m8vsvcnGMFdDbffPOs5cI++e6778o+++xT9G21jmbNmhVdDxUggAACCCCAAAII FCagv5uOGzdO1q5dK40aNZIuXboUVhFXIYAAAggggAACCCAQE4G33npLFixYIDqz+ZFHHhmTXtEN BBBAAAEEEIiLQI8ePWSvvfaSHXfc0erS0KFDZdCgQXHpHv1AwLMAAR3PZJV3weLFi+W0006TF198 MWfnGzRoIDfffLNVPmfhEAp88803cuCBB8p3330Xwt24BQIIIIAAAggggAACCCCAAAIIIIAAAggg gAACCCCAAAIIIICAClx66aXSp08fAjo8Dgj8IUBAh0cho4D+y+QRI0bIddddJ7/88otVrmHDhqL/ clmXFci2HXroofLII4/Ipptumq1YKOeefPJJOeGEE4q+V+3ataWqqqroeqgAAQQQQAABBBBAoHCB NWvWWL+PVqtWTWrVqlV4RVyJAAIIIIAAAggggEAMBPTvcHUpWP17S/37SzYEEEAAAQQQQCBKAhdd dJGcfPLJBHSiNCi0paQCBHRKyh/dm//666/Ss2dPef31161G1qhRQy6++GL55z//aX0Rcuutt8qV V14pK1euzNiJXXbZRd577z2pU6dOxjJhnHj//felffv21q123313+eSTT6z/0+r13kcffbSMHj3a 62WURwABBBBAAAEEEPBJQL94aNy4sRUW79q1q7z55ps+1Uw1CCCAAAIIIIAAAgiUp8ARRxwhL7zw gujM5suXLy/PTtBqBBBAAAEEEIi1wNdff01AJ9YjTOe8CBDQ8aJVIWX1/8gdcsghVrhGu6z/8uLp p5+W7t27uwTmzZsn559/vowdO9Z1PPHNgAEDZPjw4YmHQt9PDOiMGjVK9ttvP7n66qtlzJgxnoI6 +q+0Ndyz8847h94HbogAAggggAACCCAg1u9uBHR4EhBAAAEEEEAAAQQQ+FOAgM6fFuwhgAACCCCA QDQFCOhEc1xoVWkECOiUxj3Sdz311FPloYcestqoM+e89NJLctBBB2Vs87hx4+S8886TOXPmpJTR UMsHH3wgOnNNqbbkgE6/fv2spvznP//xHNRhFp1SjSL3RQABBBBAAAEECOjwDCCAAAIIIIAAAggg kCxAQCdZhPcIIIAAAgggEDUBAjpRGxHaU0oBAjql1I/gvT/99FMrTKPLB+h2wQUXyIgRI3K2VJe6 Gjx4cNqyZ555ptx999056wiqQKaAjn0/L0EdZtGx1XhFAAEEEEAAAQTCF2CJq/DNuSMCCCCAAAII IIBAtAUI6ER7fGgdAggggAACCIgQ0OEpQOBPAQI6f1qwZwr07NnTWbKqUaNGMnPmTKlfv37eNo8/ /ricdtppsmbNGuea5s2by9y5c533Ye/kCujY7ck3qMMsOrYYrwgggAACCCCAQLgCBHTC9eZuCCCA AAIIIIAAAtEXIKAT/TGihQgggAACCFS6AAGdSn8C6H+iAAGdRA32pVmzZjJ//nxL4vTTT5f77rvP s8pzzz0nPXr0cK7TWWdWr14tNWvWdI6FuZNvQMduU66gTlVVlehMQzvvvLN9Ca8IIIAAAggggAAC IQgkBnS6dOkiEydODOGu3AIBBBBAAAEEEEAAgegKENCJ7tjQMgQQQAABBBD4nwABHZ4EBP4UIKDz p0XF761YscI1W87IkSPlvPPOK8jl4IMPlldffdW5dtGiRdK4cWPnfZg7XgM6dtuyBXU0nPPZZ5/Z RXlFAAEEEEAAAQQQCEGAgE4IyNwCAQQQQAABBBBAoKwECOiU1XDRWAQQQAABBCpSgIBORQ47nc4g QEAnA0wlHp43b55stdVWTtfvv/9+6dOnj/Pey86IESNkwIAB1iU6g44ueVWjRg0vVfhWttCAjt2A TEEdDegwi46txCsCCCCAAAIIIBC8AAGd4I25AwIIIIAAAggggEB5CRDQKa/xorUIIIAAAghUogAB nUocdfqcSYCATiaZCjy+bt06qVOnjugXH7qde+65cvvttxckMXz4cBk4cKB1rYZ+5syZU1A9flxU bEDHboMGdXr37i2ffPKJdejoo4+W0aNH26d5RQABBBBAAAEEEAhYgIBOwMBUjwACCCCAAAIIIFB2 AgR0ym7IaDACCCCAAAIVJ0BAp+KGnA5nESCgkwWnEk+1bt1avvzyS6vrbdu2lc8//7wghsMPP1xe fPFF69rzzz9fbrvttoLq8eMivwI6dlvsGXWeeeYZ+eijj5hFx4aJ8athGKIBtlq1auXdy/Xr11tl C5k5Sr981Jmnsm3aHq27qqoqW7GCz2kblixZIkuXLnX+LFu2zNnv3LmzHHLIIQXX7+eFOj6JbU1s p7Z/6623ljPPPNPPW1JXjAV+//131/Okz1DiM3XSSSfxcz9h/PFKwGA3FAECOqEwcxMEEEAAAQQQ QACBMhIgoFNGg0VTEUAAAQQQqFABAjoVOvB0O60AAZ20LJV78MYbb5RLLrnEAdD39kw4zsEcO7Nn z7a+vFy5cqU1I8+0adOkTZs2Oa4K7rTfAR27pRrU0WWuTjjhBPsQrzEV+PDDD2WvvfaS6tWrS926 dWWDDTaw9jVEYwdk9EtqDc2sXr3a+qMBHf3s6GfIyzZ48GAZOnSo1K5dW+rVq2e96n1103usXbtW Vq1aJb/99psVpttxxx29VJ932bffflv23XffjOU1pPDoo49mPJ94YurUqfLWW29J06ZN5bDDDpPN Ntss8XTR+1988YVooDDTpoHBcePGZTodm+NBO8cGKkdHxo8fL926dctY6uyzz5Y777wz4/lKO4FX pY146ftLQKf0Y0ALEEAAAQQQQAABBKIlQEAnWuNBaxBAAAEEEEAgVYCATqoJRypXgIBO5Y592p7/ 8ssvojNj2Ms4aTDg1VdflQMOOCBt+eSDCxYskI4dO8q3335rnXrggQfk1FNPTS4W6vugAjqhdoKb lVRg1qxZVshMAzhetkICOvpZmzBhQl630dmuoh7Q0bCRho7srUGDBqJBkmyBGrtsvq8EdMQKdQXt nO94lHs5AifeRhAvb16ULl6AgE7xhtSAAAIIIIAAAgggEC8BAjrxGk96gwACCCCAQBwFCOjEcVTp U6ECBHQKlYvxdYsWLbJmzvjmm2+sXtapU0cGDBggl112mTWjR7qu6xIzuqTVRRddJF999ZVV5Jxz zpE77rgjXfFQjxHQCZU7tjebO3euLF++XObMmSMPPvigPPvss2n72qdPHzn66KNlyy23tGaMadSo UdpymQ7qjFPz5s2T++67z1kmLrGs1t2zZ08rMKQzU3lZdiuxnlz7OkOP/sK0YsUKeeONN6wAiH4p am/5zKCjM/3Ur19f7OW+7Gt11qnHH3/cflv0q84qpGElDRhOnjxZrrzySmumIbviuM+gE5az7Rn3 V539TUN5P//8s7zyyity/fXXu7rMDDouDsHL7cG74AUI6ARvzB0QQAABBBBAAAEEykuAgE55jRet RQABBBBAoBIFCOhU4qjT50wCBHQyyVT4cQ3n6EweGkawN12e5qyzzpJddtnFCgfoEjxabsaMGXLv vfdayz1pWZ11R7/AvOWWW6RmzZr25SV7JaBTMvpY3/jggw+2ZpdK7OSGG25oBVrsZa8SzxWy36tX LycItNFGG1n7+c5mVcj9sl1z7LHHyujRo50i+QR0NDTTunVr5xp7Z7/99st7liD7Gi+vZ5xxhhVw sq+JckBn0KBB8umnn0q/fv2yLqtk9yXda6mc07UljscOOeQQK6hj942Aji2R/hWv9C4c9U+AgI5/ ltSEAAIIIIAAAgggEA8BAjrxGEd6gQACCCCAQJwFCOjEeXTpm1cBAjpexSqovM5KoTOFDBs2zFmy Klf3u3XrJiNGjLACPLnKhnWegE5Y0pV1nw8//FD22muvlE6/9tprcuCBB6YcL+TA8OHDRZfJ0u2e e+4RDZ6Uarv00kutnwX2/fMJ6OjPkE022UR0hpfErX///nLrrbcmHvJ1X2c8ufzyy506oxzQ0QCT BmyKGd9SOTvAMd/p27evazY4AjrZBxyv7D6cLV6AgE7xhtSAAAIIIIAAAgggEC8BAjrxGk96gwAC CCCAQBwFCOjEcVTpU6ECBHQKlaug63R5Gp0545133pGZM2daf7777jtrdpxWrVpJ27ZtrT8dOnSQ Ll26RE6GgE7khiQ2DdKAjgZ1EjddfuqZZ55JPFTwvl1/p06drKWbCq7Ihwt12airrrrKqSmfgI4W 1oCfhnvsTWcC0s+k/uwIatPZuy688EKn+igHdOrWrSu6nFgxAR3taCmcHeCY7+gSjxo8tTcCOrZE +le80rtw1D8BAjr+WVITAggggAACCCCAQDwECOjEYxzpBQIIIIAAAnEWIKAT59Glb14FCOh4FaO8 JfD777+LLuNTrVq1yIsQ0In8EJVtA++//345/fTTXe2vUaOGaICtWbNmruNe3yTO0DNmzBg56qij vFbha/lCAzraiI8//thaDqxevXrSvXt3adGiha9tS66sXAI633//vTRv3txqfrEBHa0kbOdk97i+ J3DibWTx8uZFae8CBHS8m3EFAggggAACCCCAQLwFCOjEe3zpHQIIIIAAAnEQIKATh1GkD34JENDx S5J6IitAQCeyQ1P2DdOlmzSI89NPP7n6MmTIENFASzGbBn80ALTFFlvInDlzRIM/pdyKCeiE3e5y CejccMMNctlll1k8fgR0wnaulPsROPE20nh586K0dwECOt7NuAIBBBBAAAEEEEAg3gIEdOI9vvQO AQQQQACBOAgQ0InDKNIHvwQI6PglST2RFSCgE9mhiUXD+vfvLyNHjnT1pdhQjQZ+NPijAaDBgwe7 lpZy3SjENwR0/MXWL5i32247mT17tlUxAR1/ff2sjcCJN028vHlR2rsAAR3vZlyBAAIIIIAAAggg EG8BAjrxHl96hwACCCCAQBwECOjEYRTpg18CBHT8kqSeyAoQ0Ins0MSiYTNmzJA2bdqk9KWYZak0 8KPBn+rVq1vLZW255ZYp9Yd9gICOv+JPPvmknHDCCU6lBHQcisjtEDjxNiR4efOitHcBDehsvvnm smTJEunSpYtMnDjReyVcgQACCCCAAAIIIIBAjAQI6MRoMOkKAggggAACMRUgoBPTgaVbBQkQ0CmI jYvKSYCATjmNVnm2db/99kv5gvCAAw6Q119/vaAOaeBHgz89evSQZ599tqA6/L6IgI5/ohMmTJDD DjtMVq9e7VRKQMehiNwOgRNvQ4KXNy9KexcgoOPdjCsQQAABBBBAAAEE4i1AQCfe40vvEEAAAQQQ iIMAAZ04jCJ98EuAgI5fktQTWQECOpEdmtg07KmnnpLjjz/e1Z+qqir58ssvZYcddnAdz/Vm0qRJ 0rVrV6vYq6++Kn/9619zXeKcnzVrlnz//fcyf/580WWymjRpIttuu620bNlSNtpoI6dcITt+BHRW rFhhzXhQq1YtKWZWIA22LFiwQNasWWMtE1WjRg1Xl2655Ra58MILnWOHH364jBs3znmf704Qni++ +KIcd9xxsnLlSlcz/AzoFOusX35Pnz5d5s2bZznXrFlTdtxxR2ndurU0aNDA1W6vb7Tu5cuXy9Kl S6VRo0ayySabpFSxfv16+fbbb2WDDTawnhP9LJVyyzdwos/jd999J3Xr1vW13UE8h4meupTetGnT ZNGiRdbY6Lmtt97a+rnRokUL0c/X2rVr5bHHHpM999xTdt5558TLU/ZL7ZXSIA7EToCATuyGlA4h gAACCCCAAAIIFClAQKdIQC5HAAEEEEAAgcAFCOgETswNyknAYEMg5gLvvfeeYX4mrT+jRo2KeW/p XikEzC/mDXO5Dec5s5+3Cy64wHNzzPCGVc92221nmF9C5rx+8eLFxtChQw0zQJFyf7sd+mqGfgwz pJJXneluOmTIEFf9J510Urpi1jEzIGL07NnT6Ny5s9G2bVvLxgx5ONdnuzZTpWZwyTjzzDON5s2b O/Vov+rUqWPsvffexjnnnGO8++671uUjRoxwlTEDOpmqTTkehOfMmTON8847z2jXrp2rXYnjs9tu uxnmjElp/1x77bUp7dQDfjub4S7jrLPOSvss221t2rSpcemllxpmwCZtmxIPfvbZZ4b5l4RGhw4d DDOoZmy22WZGtWrVHAMzlOQUNwM5xhlnnGGogxngcsqYIR1jp512Mvr162csW7bMKR/mjhn2ctqj DmeffbZzezM8Y/Tp08fQz6u5JJ1TTtttBlkKbncQz6HT6D92Xn75ZcOc6ctI/Gza42y/6s+1QYMG GR07drT61r179+RqUt6XwiulERyItcDvv/9uNGzY0HomzSWuYt1XOocAAggggAACCCCAQD4C+vce +v/jzH9Uk09xyiCAAAIIIIAAAqELfPXVV87fn+t3WmwIVLKAVHLn6XtlCBDQqYxxLnUvL7/8cueX C/vLbXN2EMOcnSLvpi1cuND5svymm27KeZ3+QrPNNts499VQgAZxNGShYRYNRiSGHbRd5vJZxuzZ s3PWnVzAS0Dnxx9/dNpkWyS+egnoaFChd+/eKfXVr1/fCiVp6MOuWwMSV111laF29jF9zTegE5Tn 888/72pPYtvy2c8UivDT+ZFHHrH+Ii+xPRrO0HufeuqpVkAjMVyz8cYbG/pMZHu+zRmgsvZbAzrm bDlWPRq0su9du3Zto1mzZoY5c45zTM81btzYeOGFF5IfzcDfpwucaEDAnCnGMGeXcdroV7uDeg5t KDXXUJHtra/77ruv9TNDw2A333yzoX1u1aqVq4yWM2f0sqvJ+Bq2V8aGcCK2AgR0Yju0dAwBBBBA AAEEEECgQAECOgXCcRkCCCCAAAIIhCZAQCc0am5UBgIEdMpgkGhicQIEdIrz4+r8BDT0khhgsL/8 vv/++/OrwCx13XXXWV+Ia1hhyZIlWa9bt26dYS5h5XyBroGVX3/9NeWaGTNmGDrDgN0efTWXvDJ0 thQvm4YxEuvIFrLRduiMMRrs0HslXqf72a5NbNMDDzxgzbqSeL3OMKSf6cTNXJ7HOOWUU1LuY1+X T0AnSE/9xdNcIsz1x1xyzNVeDVMll7Hff/zxx4nddfb9cNYAVK9evVxt0dmP0oW45syZk1K2U6dO hrmcmtOmxB1ziTfj3HPPtcZ7iy22cN1Dx+buu+82Tj/9dOd4t27djA8//NDQsdDNXArLOProo53z es2mm24a+kw6yYGTv//974a5pJ3TLj/bHeRzaI9N4gxTOsvPO++8Y59KedWwTmJQqpCATpBeKQ3m QEUIENCpiGGmkwgggAACCCCAAAIeBAjoeMCiKAIIIIAAAgiURICATknYuWlEBQjoRHRgaJZ/AgR0 /LOkpuwChx12mPOlvR0O2WuvvbJf9MdZ/cJx6623tq7/29/+lvOaiRMnptxLAw/pNp0xo3379q7y uiTWypUr0xVPe8xLQCexAu1X8tJO+QR0kmfBUc9c0x6OGTPGqFevnqufel0+AZ2wPZMDK4nLPSX6 5btfiPPatWtdY6NBjMGDB2ddBk3v07dvX5fxrrvuavz8889Zm6rLwOkyUPbnQl/t511nnnniiSfS Xq/PbuvWrV3X6cw1YW7JAR27D9narU6FtDvo53DevHlG3bp1LU/9rOjSYrm2++67z/EvJKATpFeu tnM+ngL6+WKJq3iOLb1CAAEEEEAAAQQQKEyAgE5hblyFAAIIIIAAAuEJENAJz5o7RV+AgE70x4gW FilAQKdIQC7PW0CX37G/jE581VlBcm2J12ab0cKu5+qrr065ly4FlWnT2UySl7vyEgopNKCj7enf v7+rrbkCOuqV2FYNjtx+++2ZuuY6/tRTT7nupeOQT0AnbE+/AzqFOOsMPYnPqY5xvtv555/vulaX TMq1nXbaaa5r7HvfcsstWS+95pprXNftsssuWcv7fTJTQCeIdgf9HD788MOO5d57750X1X//+19n Kb1iAjpBeOXVAQrFToCATuyGlA4hgAACCCCAAAIIFClAQKdIQC5HAAEEEEAAgcAFCOgETswNykiA gE4ZDRZNLUyAgE5hblzlXUC/NGzRooXzBbgdQNBgQq7N/suU3XbbLVdR63ziF+32fW644Yas1ybP onPkkUdmLZ94spiAjs7KYrdRX7MFdH755Rdj++23d5Xv3r17YlNy7usSTYn3yyegE7ZnEAEdL866 bFbNmjUdJ52NQu3z3ZYuXZoyW5GGzLJtF1xwgXM/e3x0eSgNgGTbxo4d67puww03zFbc93PpAjr5 tPu5555ztVuXNcu1Bf0cXnLJJU6bNt54Y0OXOMtnu/jii63rCg3oBOWVT9spEz8BAjrxG1N6hAAC CCCAAAIIIFCcgP13Sg0aNCiuIq5GAAEEEEAAAQQCEiCgExAs1ZalAAGdshw2Gu1FgICOFy3KFitw 7bXXOl+A2yEEXVJm+fLlGav+7rvvjGrVqlnXZVqmKvlirS9x6agddtjBWLBgQXIx1/szzzzT1TYv M5EUE9Dxcm2/fv1cbVTD8ePHu/qR680555zjqiOfgE7YnkEEdLw4axDMfj719fTTT8/FmnL++OOP d9XRsWPHlDKJB9IFXV588cXEImn3p06d6rqPtlcDQmFtYbY76Ocw+RnZY489jA8++CAn5QMPPGCN Qa9evXKWDdMrZ2MoEEsBAjqxHFY6hQACCCCAAAIIIFCEAAGdIvC4FAEEEEAAAQRCESCgEwozNykT AQI6ZTJQNLNwAQI6hdtxpXcBDckkzkxihyBuvfXWjJVdfvnl1pffOqPFr7/+mrFc8onVq1cbU6ZM MfJZEkuvvfnmm11Bh2233Ta5yozvk7/YzzYLTnIl+V67du1aQ/+1l22mrzqbTq4ZVpLvV0hAR+sI 07OUAZ1p06a5jNX5wQcfTGbM+f5f//pXSj36S3amLV1wI1eoTOtK1958rsvUDq/Hw253kM/hq6++ mjJmOv5HHHGE8cQTTxifffaZoZ/D5G3dunXGSy+9ZCxcuDD5VMr7sL1SGsCB2AsQ0In9ENNBBBBA AAEEEEAAAY8CBHQ8glEcAQQQQAABBEIXIKATOjk3jLBAlbbN/HKGDYHYCrz//vtiLu1j9W/UqFFi ztAR277SsWgIHHfccfL000+7GtOqVSuZMWOG65i+Mb/4lubNm8uiRYukb9++YoYeUsoUcmDu3Lky c+ZM+fHHH60/5lI2MmnSJDEDPU51ZkBHZs2a5bzPtnPllVfKVVdd5RQxAzry6KOPOu+z7eR77Wuv vSbmEjquqsxZWsQMDriO5Xpz7rnnyp133ukUM/+iSsaNG+e8L2THb89mzZrJ/Pnznabcc889csYZ ZzjvC9nJ1zm5nN5LnwtzBhxPtzWXtBIz2OG6ZtiwYWIuh+Q6Zr8ZMGCAjBgxwn4rTZs2dRk4J5J2 PvroIzFnenEdNQM60qRJE9exoN5Eqd3FPodmAFDM0JuYQZuMXGbAUHbaaSfZf//95ZBDDpFOnTpJ rVq1MpZPPhElr+S28T4eAmZoUzbffHNZsmSJdOnSRSZOnBiPjtELBBBAAAEEEEAAAQQKFND/b67/ H938R09izsxaYC1chgACCCCAAAIIBCfw9ddfy4477mjdYOjQoTJo0KDgbkbNCERdIMLhIZqGgC8C zKDjCyOVeBB48803085S8cYbb6TU8tRTTzllP//885Tz+R5YtmyZcf/99xv6r6YaNmzo1Gn+Nyjj ftRm0Ek3I8sFF1yQL4FTrtAZdJwKzJ2gPUs5g86xxx6b8kxkm/km0SVxf/LkySn1nHXWWYlFXPvJ M6t07drVdT7Tm6jNoBNmu4N4Ds2/tHWW1Mv288E+ZwYhjH//+9+GzlqSz1au45xP3ygTDQFm0InG ONAKBBBAAAEEEEAAgegIMINOdMaCliCAAAIIIIBAegFm0EnvwtHKFGCJq8oc94rqNQGdihruyHTW nDEnJbxw9NFHp7RPv+zXL8LNWSpSzuVzwJx5x9BQRLpltcwZSoyePXsaZhrZ+oJdl7Gxv3TX16gF dC677DJX+7SNN954Yz4MrjLFBHTC8ixlQMecKSfF+dtvv3UZ5vPm448/TqmnW7duGS9NDm6YM7Rk LJt4ImoBnTDaHfRzaM4oZejPh8SfB7n2O3ToYPz888+JQ5N2v1zHOW1nOBhJAQI6kRwWGoUAAggg gAACCCBQQgECOiXE59YIIIAAAgggkJcAAZ28mChUIQIEdCpkoCu5mwR0Knn0S9f3W2+9NeXLbw3R mMsaOY364osvnDKPP/64czzfnQcffNDYeOONnTrsL9j/8pe/GM8995xhLgPiquq2225zlY1aQCf5 i33tj86q43UrNKATpmcpAzq777676zlQ5+nTp3tlNszlA1PqOfLIIzPWkzy+YQRdMjbGw4mw2x3W c/jTTz8Zw4cPN9q1a5f3jDo6ZmvXrs2qF7ZX1sZwMpYCBHRiOax0CgEEEEAAAQQQQKAIAQI6ReBx KQIIIIAAAgiEIkBAJxRmblImAgR0ymSgaGbhAgR0CrfjysIFzDW/jbp166YEGK6++mqn0v79+1vn GzdubKxZs8Y5ns/OyJEjjaqqKlf9LVu2NCZMmJDx8qgHdG655RZXfzQ4kuiVsWNJJwoJ6ITtmW9A 55133jE07KXLpuXahgwZ4vI76aST0l6SPJOSOk+ZMiVt2WwHX3vtNdf9tB6dsSnTVq7BjTDbHfZz aI+V/rzSJfhuvvlm48QTTzSaN2+eMrY6vvpHl9LLtoXpla0dnIuvAAGd+I4tPUMAAQQQQAABBBAo TICATmFuXIUAAggggAAC4QkQ0AnPmjtFX4CATvTHiBYWKUBAp0hALi9Y4LTTTkv5klu/+F6/fr2x cuVKo0GDBtb5Sy+91NM9dLaTatWquerebLPNDP0FJ9sW9YDOM8884+qThgHOO++8bF1Ke85rQKcU nvkGdK644grLpG/fvmn7mngw34COmtphC/tVlzzyuo0ePTqlnmzjVa7BjbDaHcZzqKGqAw880Bg/ fnzO4dYlzE4//XSjevXqrnHee++9s14bllfWRnAy1gIEdGI9vHQOAQQQQAABBBBAoAABAjoFoHEJ AggggAACCIQqQEAnVG5uFnEBAjoRHyCaV7wAAZ3iDamhMIF0SwBpIOLZZ581/v3vf1tfemvQZvbs 2Z5u0L17d9cX5lrnW2+9lbOOm266yXVd4hJXixYtMo466ijjmmuuSVtPvuGPdBfne+28efNSgkfa V6+b14BOKTxLGdB57LHHXM+BPj86c4vXbdiwYSn16LOdaSvX4EZY7Q7jObT7oiGdfDcNztWuXdsZ 6w022CBl+bzEuux72OGvclnKLLEP7EdbgIBOtMeH1iGAAAIIIIAAAgiEL0BAJ3xz7ogAAggggAAC 3gQI6HjzonS8BQjoxHt86Z0pQECHx6CUAnvssYfzxbb9hfVf//pXY6+99rKOH3rooZ6ap19M1qlT x1Vnq1at8qrjhBNOcF2XGND59ttvrXP16tVLW1e+IZt0F3u59uCDD3a1ceONNzbWrl2brtqMx/7+ 97+76tC/qMq0lcqzWbNmrjbeddddaZt40UUXWeX69euX9nziwXydf/vtN2f2JvuZ1HCW102fXft6 fd1oo40MrTvTVq7BjTDaHdZzeP7551tjVqNGDWPZsmWZhirlePKsS6tWrUopYx8Iw8u+F6+VKUBA pzLHnV4jgAACCCCAAAIIZBYgoJPZhjMIIIAAAgggEA0BAjrRGAdaEQ0BAjrRGAdaEaAAAZ0Acak6 p8B9993nCjEkBhp03+vSQnPnzk2p75RTTsnZDi2w9dZbu66NYkBn7Nixrjaq0cMPP5xX/7TQf//7 XyM5FJUtoFMqz1133dXVzxtuuCFtH4899lir3NVXX532fOLBfAM6es3AgQNd99cZUhYuXJhYXdb9 OXPmGDVr1nTVceedd2a9plyDG2G0O6zn0A7o6Ofq5ptvzjpeiSfHjBnjjHXTpk0TT6Xsh+GVeNN1 69YZF1xwgaHL/Gl48ZBDDjFmzpyZWIT9mAkQ0InZgNIdBBBAAAEEEEAAgaIFCOgUTUgFCCCAAAII IBCwAAGdgIGpvqwECOiU1XDR2EIECOgUosY1fgn8+uuvRv369Z0vtxMDOhqY0S8avWw6Q0nyDDr5 LAP1ySefpLRhyy23dG796aefWucbNGjgHEvcGTRokOt6nY0n3y352hNPPDHrpTqbS7LT0qVLs15j n9SgS+K1un/AAQfYp1NeS+XZs2dPVzuPO+64lLbpgbZt21rldFmqXJsX55UrVxo77rijqw0a9NKA Uz6blk10zucZ/Mc//uG6pmvXrvncyvjggw9c1+l9f/jhh7yu9aNQGO0O6zlMDOjozyVd2i6f7YEH HnDGQGcAy7aF4ZV4/+HDhztts5/J7bbbztBnnC2eAgR04jmu9AoBBBBAAAEEEECgcAECOoXbcSUC CCCAAAIIhCNAQCccZ+5SHgIEdMpjnGhlEQIEdIrA41JfBJKXh7G/RL7uuusKqv/AAw90fSG9wQYb GBqwybQtWLDA2GqrrVzXaBuqqqqM+fPnW5c9+uij1vmDDjoobTXJy0btt99+aculO5h8rc5wkW1b smSJoeEh20lfd95556wzvGiwJHnmDvv6bbbZJmsQqhSew4YNc/Vv2CQL8wAAQABJREFU0003NX78 8UcXy6RJk5wy//nPf1zn0r3x6qzBF12WynbS1969exs6I0m27frrr3ddozOqJLc93fXHH3+867p8 l2Z7/vnnXddpO6dNm5buFoEcC6vdYTyHiQEdddQl5VasWJHVTYMuO+ywgzMG+rMi2xaWl92GZDf7 eX788cftIrzGTICATswGlO4ggAACCCCAAAIIFC1AQKdoQipAAAEEEEAAgYAFCOgEDEz1ZSVAQKes hovGFiJAQKcQNa7xU0DDFfaXxvZrrVq18p69IrktugxU9erVXXXqbDxTpkxJLmq8/PLLziwsLVq0 MJJDHPvvv7+hs85sscUWVn12aEi/lNcQxFtvvWXccccdRt26dV33q1atmnHttdcakydPNj788ENj 2bJlzr1zXVujRg3jpptuMjSAoiGRdLO2fPfdd4YGOGwvfd1+++2NdEEVnQXEXgoqsXzivs74o0EP 7c/ixYudtupOGJ6uG5pvfv75Z0NnK0pso/bBDkvoElL2DDeHHnpo8uXWez+cdewaN27saocGqKZP n+6659q1aw39WXrEEUe4yupMJXo83aZ90fqnTp1q3HbbbYY+84n91f1LLrnEePPNN61yibO5fPbZ Z1a9o0ePNpKXA9PrOnfubI3b+++/b8yYMSPd7Qs+Vqp2h/EcJgd01FKfs+TxtvE++ugjo1OnTs64 pXsWS+Vlt/Gwww5z2pf4fGnYjC2eAgR04jmu9AoBBBBAAAEEEECgcAECOoXbcSUCCCCAAAIIhCNA QCccZ+5SHgJV2kzzCw02BGIrYH6BK+3bt7f6N2rUKOnXr19s+0rHoitgLucjZiDFaaA5y4Q88cQT znuvO+aSR3LqqafK+vXrXZeawQXZZZddrOPvvPOOmDPrWOfNGTDkpZdeEvOLTWndurWYoRjXdfrG DMCIGZaQZs2aydtvvy377rtvSplMBx5++GE5+eSTrdNerzXDH1KzZs2Uqs1lreScc86RMWPGaJjU Od+lSxdp166dmCEh+fLLL+W1114Tc9YXMUNLMmTIEPn+++/lnnvuccon74wcOVLMWY1ch4P2dN3s jzdmYEiOOeYY0f7bmzkbkpiBFDGDSPLLL79IvXr1xAxBye67724XcV79cjbDUHL55ZfLU0895Xou 2rRpIy1bthQdh48//lhWr17t3FvH66KLLpLBgweLueSaczxxZ/z48dKtW7fEQ1n3zVmF5OKLL7bK NGrUSMyZlLKWt0/q824/5/axYl5L2e6gn8P+/fuLPv+6bbbZZvLTTz9ZPxP0vTlrley1115izjgl CxculFmzZokZoHM+ezqWDz74oDRp0kSLO1spvbQRt99+e9r/ruvPXP15xhY/Af3v1+abb279jND/ HkycODF+naRHCCCAAAIIIIAAAgh4EDD/MY288MILYv5DIFm+fLmHKymKAAIIIIAAAgiEI/D111+L +Y9FrZsNHTpUBg0aFM6NuQsCERQgoBPBQaFJ/goQ0PHXk9oKE3jyySfFnMXFuVjDOhqmKWb74Ycf 5N5775X77rtPdD/dtvHGG8vZZ58t5kwlYi6jZBV5+umnpW/fvk4AQsMW5swYcvfdd1tfemohDX+Y M2eIOXOO9UeDI+bMN1YoRsMyGvT57bffxJzFxQrHTJgwQfbZZx+r/uRrtQ691lxSywqAaKhIQyl6 rYZQ1qxZkzagY1Vm/s/nn38u+gubBnXSBYu03g4dOoi59JLV5nPPPVfuvPNO+/KU13QBHS0UpGdK I/44YM4uIwMGDBD9OZW8mbMaybhx49KGc7Ss385ffPGFXHnllaLBIR2TdJuGccwlhcScaUnMZcfS FXGOaXDDnI3Hen40aKTPkIaodLz0GdKx1NDPqlWrrGfBnJHJCejol+4aDrGfP31GNZClm16ngSx9 fvTaHj16FBV2cxr8x06p2x3kczhw4EAZPny49UxpeMWcOcf62WDOLJXM4Lzfdtttrc+WhsnSbaX2 0jZdccUVcv/991s/0+rXry/mkmuy2267WcGydG3mWHkL6M8ADYrpOBPQKe+xpPUIIIAAAggggAAC /ggQ0PHHkVoQQAABBBBAIDgBAjrB2VJz+QkQ0Cm/MaPFHgUI6HgEo3ggAvqFos5A8cYbb0ivXr2s sIlfN9LAi864Mm/ePOuPudyUNG3aVMzlh6wvqTWkk7xpAENnRdFNU8ubbLJJcpHIvdcwx8yZM61Z c7755htr5patttpK9thjDzGX73Laay7rZXlon/Rfj+lr4h/10JBIpq0UnvrLqQZuzGWepHbt2lbY SWfNSTezUKZ2+3Vcw1ezZ8+2nM1pJ60wls5W0bx5c6tdGrRhC14giOdQPz/PPvusmEvdOYE97Yl+ njSgNXfuXGtWHf08mUvMWT8bNtpoo+A76+MdNPSm4UJz6SvrX5D6WDVVRUSAgE5EBoJmIIAAAggg gAACCERGgIBOZIaChiCAAAIIIIBABgECOhlgOFyRAgR0KnLYK6vTBHQqa7yj3lv90l1nk2FDAAEE EPBf4I477rBmCNMl2G666Sb/b0CNJRcgoFPyIaABCCCAAAIIIIAAAhETIKATsQGhOQgggAACCCCQ IkBAJ4WEAxUsQECngge/UrpOQKdSRpp+IoAAAghUukDv3r3lscces5a86tOnT6VzxLL/BHRiOax0 CgEEEEAAAQQQQKAIAQI6ReBxKQIIIIAAAgiEIkBAJxRmblImAgR0ymSgaGbhAgR0CrfjSgQQQAAB BMpFYMmSJdZSbLoc3nvvvSd77713uTSddnoQIKDjAYuiCCCAAAIIIIAAAhUhQECnIoaZTiKAAAII IFDWAgR0ynr4aLzPAgR0fAaluugJENCJ3pjQIgQQQAABBPwWuO666+Sf//yntG3bVqZPny5VVVV+ 34L6IiBAQCcCg0ATEEAAAQQQQAABBCIlQEAnUsNBYxBAAAEEEEAgjQABnTQoHKpYAQI6FTv0ldNx AjqVM9b0FAEEEECgMgW++uora8acFStWyKOPPionnXRSZUJUQK8J6FTAINNFBBBAAAEEEEAAAU8C BHQ8cVEYAQQQQAABBEogQECnBOjcMrICBHQiOzQ0zC8BAjp+SVIPAggggAAC0RP4+eefpX379qIh nW233dZ6rV69evQaSot8ESCg4wsjlSCAAAIIIIAAAgjESICATowGk64ggAACCCAQUwECOjEdWLpV kAABnYLYuKicBAjolNNo0VYEEEAAAQS8CXTv3l3GjRsntWvXlkmTJllhHW81ULqcBAjolNNo0VYE EEAAAQQQQACBMAQI6IShzD0QQAABBBBAoBgBAjrF6HFt3AQI6MRtROlPigABnRQSDiCAAAIIIBAL gXnz5slWW20lVVVV8sADD8gpp5wSi37RicwCiQGdzp07W6GszKU5gwACCCCAAAIIIIBA/AUI6MR/ jOkhAggggAAC5S5AQKfcR5D2+ylAQMdPTeqKpAABnUgOC41CAAEEEEDAF4FRo0bJrrvuKhrWYIu/ AAGd+I8xPUQAAQQQQAABBBDwJkBAx5sXpRFAAAEEEEAgfAECOuGbc8foChDQie7Y0DKfBAjo+ARJ NQgggAACCCCAQIkFCOiUeAC4PQIIIIAAAggggEDkBAjoRG5IaBACCCCAAAIIJAkQ0EkC4W1FCxDQ qejhr4zOE9CpjHGmlwgggECUBVatWiU1a9a0/kS5nbQNgagLENCJ+gjRPgQQQAABBBBAAIGwBQjo hC3O/RBAAAEEEEDAqwABHa9ilI+zAAGdOI8ufbMECOhE40FYv3691KhRw3Njfv/9d6levbrn67gA AQQQKKXAunXr5O6775ZXXnlFpk+fLnPnzrV+lm211VZy3HHHyYABA6Rhw4albCL3RqAsBQjolOWw 0WgEEEAAAQQQQACBAAUI6ASIS9UIIIAAAggg4IsAAR1fGKkkJgIEdGIykHQjswABncw2YZ2ZPHmy 7L///tbtNthgA6ldu7bUqlVLqlWrJlVVVU4zDMMQDeSsWbPG+vPbb79JkyZNZObMmVKvXj2nHDsI RElg6tSp8tZbb0nTpk3lsMMOk8022yxKzaMtJRB46aWX5MILL5SvvvrKubv+vNNggb21atVKpkyZ QkjHBuEVgTwFCOjkCUUxBBBAAAEEEEAAgYoRIKBTMUNNRxFAAAEEEChbAQI6ZTt0NDwAAQI6AaBS ZbQECOiUfjweeughOfXUUwtuyKJFi6Rx48YFX8+FCAQlMHToUBk8eLBTfYMGDUQDO23btnWOsVNZ As8++6z06tXL6fSmm24q99xzj+y3336yww47yNKlS51z+uxcddVVznt2EEAgtwABndxGlEAAAQQQ QAABBBCoLAECOpU13vQWAQQQQACBchQgoFOOo0abgxIgoBOULPVGRoCATumHYsWKFbJw4ULRGXF+ /fVXmTFjhgwfPtw1u4TdSp2B5PTTT5cttthCNtxwQ6lZs6Zsu+22LHNlA/EaGYFVq1ZJ/fr1RZdv S9xOOOEEefzxxxMPsV8hArNmzZI99thD9GeebrqE1bvvvmv9DJs2bZrsueeeLomDDjpIxo8f7zrG GwQQyC5AQCe7D2cRQAABBBBAAAEEKk+AgE7ljTk9RgABBBBAoNwECOiU24jR3iAFCOgEqUvdkRAg oBOJYUhphC4Bo2GcxE2Xvvrpp5+kTp06iYcjuT9o0CD59NNPpV+/ftKtW7dItpFGZRbwY/y+/PJL ad26dcpNdKaUCRMmpBznQPwFOnToIO+8847T0Ztvvtla6koPzJ8/X5o1a+ac0x39+TFq1CjXMd4g gEB2AQI62X04iwACCCCAAAIIIFB5AgR0Km/M6TECCCCAAALlJkBAp9xGjPYGKUBAJ0hd6o6EAAGd SAxDSiM++eQTadeunet4kyZNZMGCBa5jUX2jwQwNaOjSNWeccUZUm0m7Mgj4MX5r166VTTbZRHQm ncStf//+cuuttyYeYr8CBGbOnGktYWV3VZ8NDeUkBg7PPfdcufPOO60iOjPY888/L23atLEv4RUB BPIQIKCTBxJFEEAAAQQQQAABBCpKgIBORQ03nUUAAQQQQKAsBQjolOWw0eiABAjoBARLtdERIKAT nbFIbMlnn30mu+66a+Iha1mrH374wXUsqm/q1q1rLdlFQCeqI5S9XX6N37Bhw+TSSy91brbRRhuJ /sxp1aqVc4ydyhB45JFH5G9/+5vT2Y4dO8qUKVOc9/bOnDlzZOnSpVZAsaqqyj7MKwII5ClAQCdP KIohgAACCCCAAAIIVIwAAZ2KGWo6igACCCCAQNkKENAp26Gj4QEIENAJAJUqoyVAQCda42G3ppwD Ot9//700b97c6goBHXtEy+fV7/H7+OOP5dVXX5V69epJ9+7dpUWLFuWDQUt9E0gOa/Xp00fuv/9+ 3+qnIgQQ+J8AAR2eBAQQQAABBBBAAAEE3AIEdNwevEMAAQQQQACB6AkQ0InemNCi0gkQ0CmdPXcO SYCATkjQHm9TzgGdG264QS677DKrxwR0PA58BIozfhEYhBg24corr5SrrrrK6dmQIUNEj7EhgIC/ AgR0/PWkNgQQQAABBBBAAIHyFyCgU/5jSA8QQAABBBCIuwABnbiPMP3zIkBAx4sWZctSgIBONIet XAM6+sXgdtttJ7Nnz7ZgCehE8/nK1CrGL5MMx4sVSA7oaFhn8ODBxVbL9QggkCRAQCcJhLcIIIAA AggggAACFS9AQKfiHwEAEEAAAQQQiLwAAZ3IDxENDFGAgE6I2NyqNAIEdErjnuuu5RrQefLJJ+WE E05wukdAx6Eoix3GryyGqSwbSUCnLIeNRpehAAGdMhw0mowAAggggAACCCAQqAABnUB5qRwBBBBA AAEEfBAgoOMDIlXERoCATmyGko5kEiCgk0mmtMfLMaAzYcIEOeyww2T16tUOHgEdhyLyO4xf5Ieo rBtIQKesh4/Gl5GABnSaNm0qixcvls6dO8ukSZPKqPU0FQEEEEAAAQQQQAAB/wUI6PhvSo0IIIAA Aggg4K8AAR1/PamtvAUI6JT3+NH6PAQI6OSBVIIifgZ09Mu65cuXy9KlS6VRo0ayySabpPRo/fr1 8u2338oGG2wgW265pVRVVaWUyXbgxRdflOOOO05WrlzpKuZ3QGfBggXyxRdfyA8//CC//vqr1K9f X7bZZhvZZ599PLdZG7pmzRpZsmSJ1K5dWxo2bOhqu76ZN2+eFThq0aKF1KpVK+V8pgOzZs2S77// XubPny8//fSTNGnSRLbddltp2bKlbLTRRpkuK+i4YRiWydy5c0V91q1bJ40bN7a+oNUvabXtubYw xm/FihWWtTrqM+Z10+d4+vTp1phoP2vWrCk77rijtG7dWho0aOC1Olf5MD4jrhv69Cao59dunp+f N78DOn62TfsbpKXfbS318+rHzxz7GUt+9dsquf5KeK/PBwGdShhp+ogAAggggAACCCCQrwABnXyl KIcAAggggAACpRIgoFMqee4bRQECOlEcFdrkqwABHV85faus0ICOBhj++c9/WmEcDZ5oKEfDOfqF nW6JgZnZs2fL9ddfLx988IEV8Fi7dq1VRkM6Gibp2rWrXH311WkDPVpQQygjR46UqVOnyscff2xd m/w/u+22m2y99dbJh633e+21l1x++eVpzyUf1KWX9F7vvvuu6JfDyVvz5s3lpJNOkt69e0vbtm2T T1vvH3zwQdF61MW20ZCPbltttZXMmTPH2tdgzcCBA2X8+PGybNky65iGSk477TS59dZbrTCPdTDp f3788Ue5++675dFHH5Wvvvoq6eyfb9V1wIAB1mxDXoNQf9Yi1uwI11xzjTz77LNWGCjxXOK+hlj6 9Okjp5xyihUUss8FNX6//PKLdS999vSPWqujBod003FSo3w3DWMNHTpUxo4dK4sWLUp7mX4Zrf3T cdt0003TlrEPhvkZse/px2vQz29iG/34vD322GMyZswYp9oZM2akfC569OjhnLd3jj76aOsZsd8n v/rRtrAs/WhrlJ5XnZGlmJ85yWOZ+N4Pq8T6KnmfgE4ljz59RwABBBBAAAEEEEgnQEAnnQrHEEAA AQQQQCBKAgR0ojQatKXkAuYXwWwIxFrgvffe07SD9WfUqFGx7ms5de7TTz91xsUeny222CJnF159 9dWU6+zr9dUM6BjmbDnGkCFDjDp16jhlzRlkjGbNmhlmYMQ5puXNmViMF154Ie19n3/+eVfZxPvk s9+9e/e09SYeNIMdhjkzj+s+G2+8sWEupWWceuqphrl8h1GjRg3X+dtuuy2xCmf//PPPd5VLbGO9 evWscuPGjTM23HDDjOXMEIhTX+KOGcgxzJl8nOvMkJNhBnGMs846yzjzzDONDh06GGbIxzmv927T po1hhqQSq8l7/7nnnrPGJrEPum/OlmMceuih1r3NmZJc99OxNL/sd+4R1PiZQSXXfZPbaAZ0nDbk 2nnkkUcMc3YcV32bb765oc+Ojn/Hjh2NatWqOef12dBne9WqVRmrDvMzkrERBZwI8vm1m+Pn580M 3znjkvwMZHtvBgzt5rhe/Wxb0JZ+tjUqz6sfP3NcA/rHGz+t0tVficd+//13578P+t9INgQQQAAB BBBAAAEEKl3g8MMPt/7/qf79AhsCCCCAAAIIIBBFAf2Oyf57c/MfLEexibQJgdAEdKYGNgRiLUBA J5rDW2hA58svvzTOPfdcQ0MQGuix/4Nuv5ozvBinn366c7xbt27Ghx9+aJizm1gQ5mw7hjmDhXNe rzNnJDH0S9TkTX9hMJetcf0xl29yXavBlOQy9ntz1p3kKl3v33jjDSs0ZLddgxgaeDFncXCVM2fm MMwlrlz3HT58uKuMvnnmmWes6zXcUbduXVd5DehMmzbN0Fe93957721MmTLFOOCAA1zlNNS0evVq V91qZy5h5ZQzl90yzJl5XGX0jbazS5cuTjm9j7nklWHO2JNSNtMBc3Ya1/hpHdWrV7dCKeZMNa7L 9Evaf//73677aQjLnF3BKhfU+GnfzzvvPCtAo/2zx89+zSego2Pcq1cv17U9e/ZMG2gyZz5KKdup UyfDXFrM5WG/CfMzYt/Tj9egnl+7bX5/3rQ++7Our8nPvjnrkeu8XdacMclukvPqd9uCtPS7raV+ Xv38meMM6B87flsl11+p7wnoVOrI028EEEAAAQQQQACBTAIEdDLJcBwBBBBAAAEEoiJAQCcqI0E7 oiBAQCcKo0AbAhUgoBMob8GVFxrQSbzhmjVrjO22284VcjCXm7Le64w5TzzxRGJxZ19n2GndurXr OnNJJud8tp3kUJDO2FPI9s0337hCNDqzj7ksTcaqFixYYDRs2NDVZp3xIdP2ySefuGZe0Rlvdt55 Z+t6c4ks4+eff7Yu3XPPPV116mw99jm77okTJ7rKaBBFg1DpNrVt3769q7y5BJWxcuXKdMVTjmmg yg666KsGbiZPnpxSzj5gTuPsKq/XfPTRR/bplFe/xs+uWL8obteunasNuQI65lJrrmt07AcPHuwE i+y6E1/1Pn379nXdZ9ddd00Zq8RrdL8Un5HkNhTy3s/nV+8f9OdN7zHEnNko8dnN9RzoNboF3TY/ LYNuayme16B+5gRt9b+npzL/l4BOZY47vUYAAQQQQAABBBDILEBAJ7MNZxBAAAEEEEAgGgIEdKIx DrQiGgIEdKIxDrQiQAECOgHiFlG1HwEdvf1pp53m+lLc/oL8lltuydq6a665xnXdLrvskrW8fdKv gMf+++/vun+fPn3sW2R81UCO3T991dl7sm26VFJied3XZaC+++4757LLLrvMVaZHjx7OOXvn6quv dpXRenr37m2fTnnVGTGSl7vKJ8j00EMPpdxHl7/Jtu22224p14wZMybjJX6NX+IN+vfv72pDrmCG zqSSOC4a7Mh3S166KJ/nJuzPSL59yVXOr+dX7xPG563QgE4YbfPLMoy2hvm8BvkzJwyrXJ+huJ4n oBPXkaVfCCCAAAIIIIAAAoUKENApVI7rEEAAAQQQQCAsAQI6YUlzn3IQIKBTDqNEG4sSIKBTFF9g F/sV0LngggtcYQcNPuiMCPYyR5k6MHbsWNd1G264YaairuN+BDzuvfde1711Caf58+e77pPpjYZy EsMd77zzTqaixg477OAqq9clL42ly1fpMV3268YbbzQWLVqUUt/DDz+cUs8NN9yQUi7xQPIsOkce eWTi6ZR9va8uNZbYtwMPPDClXPKBxOXM9FqdKSjT0k96rR/jl9wGnf0msd3ZAjq67FnNmjWd8jor ki6xk++2dOlSZ5ky+54vvPBC1svD/oxkbYyHk349v2F93goJ6ITVNj8sw2prWM9rkD9zwrLy8HGK VVECOrEaTjqDAAIIIIAAAggg4IMAAR0fEKkCAQQQQAABBAIVIKATKC+Vl5kAAZ0yGzCa612AgI53 szCu8Cugc+GFFzphBzuw8OKLL+bswtSpU1Ou0/BDrq3YgIcu9VS/fn3XvQ844IBct3XOJ4dBLrro Iudc8o4uLWWb6Gu1atWM77//PrlYzvfLly93LcmkX/brklvZtjPPPNN171wzFOmMPIlt1WWfsi1V Zd9bv2RXPw29tGnTxnjggQfsU2lfix2/dJV6CWYkz/ijASOv2/HHH++y6tixY9Yqwv6MZG2Mh5N+ PL9hft68PAfKEGbbirUMs61hPa9B/cwJ08rDxylWRQnoxGo46QwCCCCAAAIIIICADwIEdHxApAoE EEAAAQQQCFSAgE6gvFReZgIEdMpswGiudwECOt7NwrgiyIBOrvCI9m/atGmukIOGQ/K5rtiAR/Iy VXpfnbkm323SpEmudvfq1Svjpclfyu+3334Zy+Y6sXr1amPKlClGthl7Euu4+eabXe3cdtttE0+7 9vULbZ35JjGg06pVK1cZv94UO37p2pFvMCPdM/fggw+mqzLrsX/9618uK3XTX24zbekCD/k86+na m891mdrh9bgfz2+Yn7d8nwPbIcy2FWsZZlvDeF6D/JkTppX9LFXaKwGdShtx+osAAggggAACCCCQ S4CATi4hziOAAAIIIIBAqQUI6JR6BLh/lAQI6ERpNGhLIAIEdAJhLbrSoAI6TZs2zatthYYPig14 9OvXLyVcMWbMGGP9+vV5/dGlsBKDLO3atcvY3+Qv5bPNtpOxkjxOzJkzx3j99deNJ554whg5cqQx aNAgo1OnTq52Zgvo6IxHiX3S/T59+uRxZ+9Fih2/dHfMN5iRXE77qaEnr9u4ceNSvIYNG5axmuTA Q9CfkYwN8XjCj+c3zM9b8vhmW+pMKcJsW7GWYbY1jOc1yJ85YVp5/EjFpnhiQEf/W8OGAAIIIIAA AggggEClCxDQqfQngP4jgAACCCAQfQECOtEfI1oYngABnfCsuVOJBAjolAg+x22DCuh07do1x53/ d7pUAZ0jjjgiJVyRHE7x8r558+YZ+5v8pfwtt9ySsayXE8uWLTPuv/9+Q/8CqGHDhnn1J1tAR9uV 3OdrrrnGS5PyLlvKgM6xxx6b0s9sM99k6tTkyZNT6jnrrLMyFTeSAw9Bf0YyNsTjCT+e3zA/b14D OmG2rVjLMNsaxvMa5M+cMK08fqRiU5yATmyGko4ggAACCCCAAAII+CRAQMcnSKpBAAEEEEAAgcAE COgERkvFZShQpW02vxhlQyC2Au+//760b9/e6t+oUaPE/Nftse1rOXXss88+k1133dXVZDM8IT/8 8IPrWK43AwYMkBEjRjjF9t9/f3njjTec95l2PvroI9ljjz1cp83le6RJkyauY8lvmjVrJuYsNs7h e+65R8444wznfa6dvffeWz744ANXMb3nZptt5jqWz5saNWqIuWyVmF82py1uLhMl5i89zrmnn35a jjnmGOe9153FixfL4MGDxQznyLp161yXm7OyyF/+8hfZfffdRcdx7NixYs704pQxAzoya9Ys533i zqWXXirmDDCJh8Rcxkn69u3rOubHm2LHL10brrzySrnqqqucU+bMKfLoo4867+0dc6YHmTp1qv3W ev32229lm222cR3L9eaTTz4Rc+YkV7Fu3brJK6+84jpmvwn7M2Lft9hXP57fMD9v+T4HtkuYbSvW Msy2hvG8BvkzJ0wr+1mqtNf//ve/ov/N0f8m6c9VM7RYaQT0FwEEEEAAAQQQQAABl4D5DwXkhRde kAYNGsjy5ctd53iDAAIIIIAAAghEQeDrr78W8x+SWk0ZOnSomCsxRKFZtAGB0giUYaiIJiPgSYAZ dDxxhVY4qBl0zIBOXn0o1Qw6ZlgsZfYTM7iSV5u9FkqeNUOXRip0e/DBB42NN944pe1mKMd47rnn DPMLU1fVt912m6tsthl0zC/kXWXN/xoaZkDHVZ9fb0o5g44ZXkrp5/Tp0z13zQwdptRz5JFHZqwn eUaSoD8jGRvi8YQfz2+YnzevM+iE2bZiLcNsaxjPa5A/c8K08viRik1xZtCJzVDSEQQQQAABBBBA AAGfBJhBxydIqkEAAQQQQACBwASYQScwWiouQwGWuCrDQaPJ3gQI6HjzCqt03AM677zzjnHrrbca b775pos03TJH7777rquMX2+K/VLebsfIkSONqqoqVyikZcuWxoQJE+wiKa9eAjrqpKGcxD9XX311 Sp1+HMg3oJNp/NK1Id9gRrqlb6ZMmZKuyqzHXnvtNZeVuvXs2TPjNWEEHjLevIgTfjy/YX7e8n0O bJIw21asZZhtDeN5DfJnTphW9rNUaa8EdCptxOkvAggggAACCCCAQC4BAjq5hDiPAAIIIIAAAqUW IKBT6hHg/lESIKATpdGgLYEIENAJhLXoSuMe0LniiiusEIW5TJPL6uKLL04JV5hLT7nK+PWm2C/l tR06w0u1atVcbTaX4zL0l6lsm5eAjrkclqt+DZycdtpp2aov+Fy+AZ1M45fuxvkGM84777yUfhYy q9Ho0aNT6tG6M21hBB4y3buY4348v2F+3vJ9DmyTMNtWrGWYbQ3jeQ3yZ06YVvazVGmvBHQqbcTp LwIIIIAAAggggEAuAQI6uYQ4jwACCCCAAAKlFiCgU+oR4P5REiCgE6XRoC2BCBDQCYS16EorNaDz yiuvpIQrdLmVQrbFixcbv/zyS8ZLi/1SXivu3r17SnvfeuutjPe0T9x0002u6xKXuFq0aJFx1FFH Gddcc41V/IcffjCqV6/uKq8z9BSyrV27NmW5rcR6ShnQeeyxx1x91CCSzk7kdRs2bFhKPc8++2zG asIIPGS8eREn/Hh+w/y8eQ3ohNm2Yi3DbGsYz2uQP3PCtCri41XWlxLQKevho/EIIIAAAggggAAC AQgQ0AkAlSoRQAABBBBAwFcBAjq+clJZmQsQ0CnzAaT5uQUI6OQ2KkWJcg3oNGvWzBWOuOuuu9Ly XXTRRVa5fv36uc7rF4tbbbWVq442bdq4yuTz5sMPP7SWnWrXrl3G4sV+Ka9trVOnjqutrVq1yni/ xBMnnHCC67rEgM63335rnatXr55zif2XSYnLXE2bNs05n8/OZ599ZtSoUcPYa6+9MhYvdvzSVZxv MOO3334zGjRo4HLRoJLX7dBDD3XVsdFGGxlad6YtjMBDpnsXc7zY51fvHebnLd/nwDYJs23FWobZ 1rCe16B+5oRpZT9Llfaqxo0bN7Z+Dnbq1KnSuk9/EUAAAQQQQAABBBBIEbD//43+nQMbAggggAAC CCAQRQECOlEcFdpUKgECOqWS576hCRDQCY3a043KNaCz6667usIRN9xwQ9p+H3vssVa5q6++OuV8 8uwyGkp54YUXUsplO9CzZ0+r/o4dO2YsVuyX8nPnznX1Vdt5yimnZLxf4omtt97adW2ugM6LL77o Kq/32nvvva2ARWK92fZ1WSy9bo899shYzI/xS67cSzBj4MCBrn7Wrl3bWLhwYXKVGd/PmTPHqFmz pquOO++8M2N5PRFW4CFrIwo4Wezza98yrM+bl+cg7Lb5YRmWY1jPa5A/c8Kysp+jSnsloFNpI05/ EUAAAQQQQAABBHIJENDJJcR5BBBAAAEEECi1AAGdUo8A94+SAAGdKI1GmbRlzZo1hn5J/M0332Rd Xicq3SGgE5WRcLfj448/doUMNFjRpEkTd6E83v3jH/9w1dO1a9c8rjKMDz74wHWd3l+XPcm12cEY La9/jjvuuLSXtG3b1jqvyxolb+vXrzf22Wcf1/31C/Tly5cnF037XsM8VVVV1vXZwhnbb7+96x7P Pfdc2voyHdRZWZJn0NElr3Jtn3zyieu+6rTllls6l9nhrOR/2XXiiSemXHfHHXc412XbmTJlilGt WjXr+mzX+DF+ye0YNGiQq93aj0zbypUrjeSwhIae/vvf/2a6xHVcy9rPnr7mMx5hf0ZcDS7iTbHP r33rsD5vyc+BziKVawurbX5YhtXWMJ/XoH7mhGWV6/mK63kCOnEdWfqFAAIIIIAAAgggUKgAAZ1C 5bgOAQQQQAABBMISIKATljT3KQcBAjrlMEoRaOO7775rnHPOOUbyrBj6BXHTpk2Ns846y9Ald6K4 EdCJ4qgYxrhx41xBA32WatWqZWiAwct2/PHHu+rJdwmm559/3nWd3j+fJZWGDRvmum7TTTc1fvzx R1eTJ02a5JT5z3/+4zpnv5k1a5bRsGFDp5zef//99zd++uknu0jaV3Wzl0nq0qVLxhlmNPCx8cYb u+q/++6709aZ7eCBBx7oqmODDTYwNGCTaVuwYEHKEl7aNw0UzZ8/37rs0Ucfteo86KCDXNVo37fZ ZhvX/erXr59zdiFd2qpFixbWdXvuuWdGE72ZX+OX2PC///3vrjYfcsghiadT9jUcpstSqYv9p3fv 3sa6detSyiYeuP76653yep3+7E1+9hLL2/thf0bs+xbz6tfza7ch6M+b3if5Odhvv/3s22d9Dbpt floG3VaFCvN5DfJnThhWWR+sGJ8koBPjwaVrCCCAAAIIIIAAAgUJENApiI2LEEAAAQQQQCBEAQI6 IWJzq8gLENCJ/BCVtoErVqww+vbt68zWYX+ZrMECXbLGnsVDj+u+fkH5yy+/lLbRSXcnoJMEUqK3 GlTRoNfrr79ujBw50mjZsqUrbGA/WxoI0Vln3nzzTWuWG52NJTG4oM+khsGmTp1q3HbbbVaox77W fr3kkkus67XcokWLnB5rkEOfh9GjRxvJSx3ptZ07dzbGjh1rvP/++8aMGTOc6xJ3fv75ZycgY99P l7PSdumms0vZM6QceuihiZem7OsvJMmBFA2aPPPMM64+64Xff/+9FZKz77n55psbugRV4qZlNPzx 2muvGWeccUaK7xZbbGHceuut1hiog3rk2tSjevXqrro0qKcz1iRvL7/8smHPHKT9SA4saABJlwTT dmg/rrvuuuQqrFmMdtttN9f9tKzOHLNkyRJX+aVLlxqjRo1yZvnZcMMNDZ2ZKdvmx/hpiEzDXG+9 9Zahs/XUrVvX1d4aNWoYusSNBrV0PNLNjqPPZuPGjV3XabBn+vTpruavXbvWemaPOOIIV9ntttvO Ou4q/MebUn9G0rUpn2NBPL+J9/X785brOdDntn///oYupaTPij6b+vyl2/xuW5CWfre11M+rzpwW 1M8cv63SPTuVeIyATiWOOn1GAAEEEEAAAQQQyCZAQCebDucQQAABBBBAIAoC+nel9vdbQ4cOjUKT aAMCJRMgoFMy+ujfWL9UbN68ufMDUwM4V111lfHFF184Xzjr7A3nnXeeU0Z/uHbo0CHjl5Cl6DUB nVKou++ZbrYc+z/E+bwmhmxeffVV1/OW63qdMcXekmesyXbtLrvsYl+W8qpLRelsP4nX68wyf/nL X5yZUerVq5fXjDw648zf/va3lBBMo0aNjIMPPthaQmv33Xd33UuPL1y4MKVd559/vqtcYvvS7Wsb 89l0xhsNnSTXoYGmfv36GWeffbYr8LTDDjsYOnuE/sJlLzuVfK0uuaMhgnSbfmHfp0+flHvqzyAN P3Xr1i0l4KXLo7399tvpqks5Vuz4adgiuT/Z3mvIJt02e/ZsQ5dBSjZq06aNoX+5psugJS8xVrNm TeOyyy4zdPmxTFsUPiOZ2pbteFDPb+I9/fy8eX0O9BnR5ekybX62LWhLP9sahec1yJ85flplenYq 7TgBnUobcfqLAAIIIIAAAgggkEuAgE4uIc4jgAACCCCAQKkFCOiUegS4f5QEqrQx5pdGbAi4BMzZ ScRcPkfMmR+s4+YMGvLAAw/IySef7Cpnv7nzzjvl3HPPtd9K165dZcKECWJ+oe4cK9WOORuKtG/f 3rq9OduGmIGCUjWlYu/70EMPyWmnnSbmTCNiBlmkdu3aYgYNRJ+rxGdEfxytX79ezECDrF69WswQ gvVqhlHEnG3E8hs/fryYM41YdZkBE6s+ux69Xp9ZvXbVqlViznAh1157rVx88cXWtfpMmzOaWNdq W7QNZjjCOqfXmTP1WNfotT169JAnnngi45jpZ2TAgAGiz1fyZs4QI2YoScxgTfKpjO+//vprMVPD 8vTTT1v9T1dwq622kosuush6hhPd7LJ33XWXmF/MO/0zwx0uY7uP6qo22ndzxiv78qyv5iwTcu+9 98p9990nup9uM5fUEjOsI+YMRmIu/WUV0f6Ys3CJOfuN9V7NzZmFxFxuS8xZgNJV4xwzAyxizrgj +vysWbPGOZ64Y4aurJ9LQ4YMEXM5rMRTWfeLGT8zCCSdOnVynPVZMgNM1rOsxvYzrMbqq23Xfmfa zNCjXHnllWIuu5axnzqW5uxSYs46JDvvvHOmqqzjUfmMZG1kmpNBPr/Jt/Pj85b8HOjPNn0O7J8p 9s+zxJ9HZjhMDjvssOTmuN770bawLP1oa5Se1yB/5vhh5XpQKviN/pw1l/iTxYsXWz+LJ0+eXMEa dB0BBBBAAAEEEEAAARFz1l0x/0GImEuiy/LlyyFBAAEEEEAAAQQiJ6B/P2r+A2yrXfpd2KBBgyLX RhqEQFgCBHTCki6j+5j/klzM5X/ku+++c1qtX8qffvrpzvt0O+ZMEPLkk086pzS0o1/Wl3ojoFPq EYj3/fWXCv2i3pzlxwoembOeWMGcbIGMbCIa7vj222/lyy+/FK1bv+Rv1qyZmLPSyB577OEKNGWr J6hz2j5zuTKZN2+e9WfZsmXWF6XmkktiLhMjGtJJ3jSgYi7vYx3WX8A22WST5CJZ32twSk3MhLXM nDlTzNkTRENQ5lJbYs5aZIUislaQ5aTf45flVjlPab80IKBjr33V9xpiMmcyE32uNADC5q9AlD9v UW5b8iiUU1uT257ufZA/c+Jmlc4v6GMa0NH/Buh/dzUsSUAnaHHqRwABBBBAAAEEEIi6AAGdqI8Q 7UMAAQQQQAABAjo8Awj8KUBA508L9v4QOPXUU60ZK2yQnXbaST777LOcwQD9Url169b2ZdZsFvql uj2ThnMi5B0COiGDczsEEEAAAQQQqHiBESNGWEHKnj175vwd0gsWAR0vWpRFAAEEEEAAAQQQqAQB AjqVMMr0EQEEEEAAgfIWIKBT3uNH6/0VIKDjr2fZ1zZp0iRrearEjuiSKpdddlnioYz7OsuHznBh b1FYUoqAjj0avCKAAAIIIIAAAuEI6O+Dbdq0kbZt28rgwYPFr6AOAZ1wxo+7IIAAAggggAACCJSP AAGd8hkrWooAAggggEClChDQqdSRp9/pBAjopFOp4GPnnnuu6NJUidvEiROlS5cuiYcy7p955ply 7733OufbtWsnH330kfO+FDsEdEqhzj0RQAABBBBAoNIFTjnlFHn44Ycdhv/7v/8rOqhDQMfhZAcB BBBAAAEEEEAAAUuAgA4PAgIIIIAAAghEXYCATtRHiPaFKUBAJ0ztMrjX1ltvLXPmzHG19PPPP7f+ 9bPrYIY3N998s1x00UWus1999ZXozDql2gjolEqe+yKAAAIIIIBAJQvoLDrJvwPuuuuuRc2oQ0Cn kp8o+o4AAggggAACCCCQToCATjoVjiGAAAIIIIBAlAQI6ERpNGhLqQUI6JR6BCJ0/99//11q164t +pq4zZ49WzS4k8/2zDPPyFFHHeUq+sgjj0jv3r1dx8J8Q0AnTG3uhQACCCCAAAII/CmgszBOnjz5 zwN/7GlQZ8iQIdKjRw+pqqpKOZ/pAAGdTDIcRwABBBBAAAEEEKhUAQI6lTry9BsBBBBAAIHyESCg Uz5jRUuDFyCgE7xx2dxhwYIFssUWW6S0d/HixdKoUaOU4+kOTJo0Sbp27eo6dcEFF8iIESNcx8J8 Q0AnTG3uhQACCCCAAAII/Cmgs+i0adNG1q9f/+fBhD2vQR0COgl47CKAAAIIIIAAAgggYAoQ0OEx QAABBBBAAIGoCxDQifoI0b4wBQjohKkd8XvNnz9fmjVrltLKJUuWyGabbZZyPN2Bjz76SPbYYw/X qc6dO4sGd0q1EdAplTz3RQABBBBAAAEERE455RR5+OGHs1LkG9QhoJOVkZMIIIAAAggggAACFShA QKcCB50uI4AAAgggUGYCBHTKbMBobqACBHQC5S2vyvULjw022EDWrl3ravi8efNkyy23dB3L9Oa1 116Tv/71r67TLVq0kO+++851LMw3BHTC1OZeCCCAAAIIIICAWyDXLDqJpXMFdQjoJGqxjwACCCCA AAIIIIAAM+jwDCCAAAIIIIBA9AUI6ER/jGhheAIEdMKzLos7bb/99jJr1ixXW7/66ivZYYcdXMcy vbn77rvl7LPPdp3eZJNNZNmyZa5jYb4hoBOmNvdCAAEEEEAAAQRSBfKZRSfxqkxBHQI6iUrsI4AA AggggAACCCBAQIdnAAEEEEAAAQSiL0BAJ/pjRAvDEyCgE551Wdzp6KOPlv/7v/9ztfXdd9+V9u3b u45lejNw4EAZPny463T16tVl/fr1rmNhviGgE6Y290IAAQQQQAABBFIFvMyik3h1clAnMaDTsWNH mTJlSmJx9hFAAAEEEEAAAQQQqDgBlriquCGnwwgggAACCJSdAAGdshsyGhygAAGdAHHLseqXX35Z Dj30UFfT77jjDjnnnHNcx9K9+f3336Vly5Yyd+7clNO//PKLbLjhhinHgz7w448/ysSJE+XYY4+1 bnXFFVfISSedFPRtqR8BBBBAAAEEEEAgSeDSSy+VsWPHJh3N760d1Onevbs0a9ZMFi1aJAR08rOj FAIIIIAAAggggEC8BQjoxHt86R0CCCCAAAJxECCgE4dRpA9+CRDQ8UsyJvXov0rWkM2cOXOcHh10 0EEyfvx4532mnTFjxsgxxxyT9vTChQtl8803T3suyIP6RdCwYcOCvAV1I4AAAggggAACCIQkoEEd /T31p59+IqATkjm3QQABBBBAAAEEEIi2AAGdaI8PrUMAAQQQQAABEQI6PAUI/ClAQOdPC/b+EHju ueekR48eLo9JkyZJ586dXccS36xevdr6kmTatGmJh539Us2gQ0DHGQJ2EEAAAQQQQACBsheoVq2a 1KpVS+zfPVniquyHlA4ggAACCCCAAAIIFClAQKdIQC5HAAEEEEAAgcAFCOgETswNykiAgE4ZDVaY Tf3HP/4ht912m3PLTTbZRCZPniw77bSTc8ze0S9IjjzyyIyz7NSuXdv6EsUuH+brhAkT5Omnn5a7 777buu3hhx8u7du3D7MJ3AsBBBBAAAEEEEDAFNAwTT6zMmbCOv7442XQoEFywAEHsMRVJiSOI4AA AggggAACCFScAAGdihtyOowAAggggEDZCRDQKbsho8EBChDQCRC3nKteu3atnH322fLAAw843dhi iy3k9ttvl/3220/q169vHf/qq6+kX79+8vrrr0vNmjXluuuuk4EDBzrX6E6zZs3k+++/dx0L8837 77/vhHJGjRpltTfM+3MvBBBAAAEEEECg0gV+/fVXaxnVH3/80ROFzphz7LHHyuDBg6V169aiy7Hq 76SLFi1iiStPkhRGAAEEEEAAAQQQiKsAAZ24jiz9QgABBBBAID4CBHTiM5b0pHgBAjrFG8a6Bg3k aODmt99+c/pZvXp1adKkiTRo0EC++OILMQzDCuc8/vjj1vFOnTo5ZXWnXbt28tFHH7mOhfmGgE6Y 2twLAQQQQAABBBBIFbjxxhvlkksuST2R4UhyMMcuRkDHluAVAQQQQAABBBBAAIH/CRDQ4UlAAAEE EEAAgagLENCJ+gjRvjAFCOiEqV2m91q6dKncc889cu+998rs2bNdvdDlq3r06GHNnNOyZUt54YUX RP9PYeJ21llnyV133ZV4KNR9AjqhcnMzBBBAAAEEEEDAJeBl9hw7mHPFFVdImzZtXPXoGwI6KSQc QAABBBBAAAEEEKhwAQI6Ff4A0H0EEEAAAQTKQICAThkMEk0MTYCATmjU8bjRqlWr5JtvvpHFixdL ixYtZJttthGdUcfeRo4cKf3797ffWq+PPfaYnHjiia5jYb4hoBOmNvdCAAEEEEAAAQTcAsOGDZNL L73UfTDpXa5gjl2cgI4twSsCCCCAAAIIIIAAAv8TIKDDk4AAAggggAACURcgoBP1EaJ9YQoQ0AlT uwLuddJJJ4kudZW4zZs3T7bccsvEQ6HuE9AJlZubIYAAAggggAACjkCu2XPyDebYFRLQsSV4RQAB BBBAAAEEEEDgfwIEdHgSEEAAAQQQQCDqAgR0oj5CtC9MAQI6YWpXwL222247a4Ydu6sdOnSQt956 y35bklcCOiVh56YIIIAAAggggIBkmj3HazDHpiSgY0vwigACCCCAAAIIIIDA/wQI6PAkIIAAAggg gEDUBQjoRH2EaF+YAgR0wtQuo3utX79e3nnnHdl0002lTZs2UlVVlbP1uvSVBnQSt6eeekqOPfbY xEOh7xPQCZ2cGyKAAAIIIIAAAqKz52y00UYuiUKDOXYlBHRsCV4RQAABBBBAAAEEEPifAAEdngQE EEAAAQQQiLoAAZ2ojxDtC1OAgE6Y2mVyr7ffflu6d+8uS5cutVp82GGHydixY6VGjRpZezBw4EAZ Pny4U0aXtZo9e3bO65wLAtohoBMQLNUigAACCCCAAAJZBJJnzzn++OPliiuusMLfWS7LeoqATlYe TiKAAAIIIIAAAghUoAABnQocdLqMAAIIIIBAmQkQ0CmzAaO5gQoQ0AmUtzwr79Wrlzz77LOuxk+d OlX23Xdf17HEN/ovpLfeemsn1KPnnn76aTnmmGMSi5Vkn4BOSdi5KQIIIIAAAghUsID+btiyZUvr d0OdTbHYYI5NSUDHluAVAQQQQAABBBBAAIH/CRDQ4UlAAAEEEEAAgagLENCJ+gjRvjAFCOiEqV0m 99p7773lgw8+cLX28ccflxNOOMF1LPHNGWecIffdd59zSIM5GtCJwkZAJwqjQBsQQAABBBBAoJIE dFbFadOm+RbMse00oNOsWTNZuHChdOzYUaZMmWKf4hUBBBBAAAEEEEAAgYoUIKBTkcNOpxFAAAEE ECgrAQI6ZTVcNDZgAQI6AQOXY/X9+vWT22+/3Wl6tWrVRH9wbrvtts6xxJ1HH31UTj75ZOfQ9ttv L7pMVsOGDZ1jpdwhoFNKfe6NAAIIIIAAApUosGjRItl888197zoBHd9JqRABBBBAAAEEEECgzAUI 6JT5ANJ8BBBAAAEEKkCAgE4FDDJdzFuAgE7eVJVT8Pnnn5cjjzzS6XCmpar0C5IRI0bIxRdfLIZh WOW32247mThxovUvm50KSrxDQKfEA8DtEUAAAQQQQAABnwQI6PgESTUIIIAAAggggAACsREgoBOb oaQjCCCAAAIIxFaAgE5sh5aOFSBAQKcAtLhfsnLlSunatat8+OGHVle7d+8uvXv3lj333FMaNGgg X3zxhbVkgS5pNX36dIejc+fOokth6bIDUdoI6ERpNGgLAggggAACCCBQuAABncLtuBIBBBBAAAEE EEAgngIEdOI5rvQKAQQQQACBOAkQ0InTaNKXYgUI6BQrGNPrV61aJSeeeKI899xzOXuooZ2hQ4dK 3759paqqKmf5sAsQ0AlbnPshgAACCCCAAALBCBDQCcaVWhFAAAEEEEAAAQTKV4CATvmOHS1HAAEE EECgUgQI6FTKSNPPfAQI6OSjVKFl9AuQF198UUaPHi0aclm4cKH8/PPPUqdOHWnRooW0atVKjj/+ eOnRo4d1LKpMBHSiOjK0CwEEEEAAAQQQ8CZAQMebF6URQAABBBBAAAEE4i9AQCf+Y0wPEUAAAQQQ KHcBAjrlPoK0308BAjp+alZAXevWrZMaNWpEcqacTPwEdDLJcBwBBBBAAAEEECgvAQI65TVetBYB BBBAAAEEEEAgeAECOsEbcwcEEEAAAQQQKE6AgE5xflwdLwECOvEaT3qTRoCAThoUDiGAAAIIIIAA AmUoQECnDAeNJiOAAAIIIIAAAggEKkBAJ1BeKkcAAQQQQAABHwQI6PiASBWxESCgE5uhpCOZBAjo ZJLhOAIIIIAAAgggUF4CBHTKa7xoLQIIIIAAAggggEDwAgR0gjfmDggggAACCCBQnAABneL8uDpe AgR04jWe9CaNAAGdNCgcQgABBBBAAAEEylAgMaCz7777ytSpU8uwFzQZAQQQQAABBBBAAAH/BAjo +GdJTQgggAACCCAQjAABnWBcqbU8BQjolOe40WoPAgR0PGBRFAEEEEAAAQQQiLAAAZ0IDw5NQwAB BBBAAAEEECiJAAGdkrBzUwQQQAABBBDwIEBAxwMWRWMvQEAn9kNMBwno8AwggAACCCCAAALxECCg E49xpBcIIIAAAggggAAC/gkQ0PHPkpoQQAABBBBAIBgBAjrBuFJreQoQ0CnPcaPVHgQI6HjAoigC CCCAAAIIIBBhAQI6ER4cmoYAAjhTVowAAEAASURBVAgggAACCCBQEgECOiVh56YIIIAAAggg4EGA gI4HLIrGXoCATuyHmA4S0OEZQAABBBBAAAEE4iFAQCce40gvEEAAAQQQQAABBPwTIKDjnyU1IYAA AggggEAwAgR0gnGl1vIUIKBTnuNGqz0IENDxgEVRBBBAAAEEEEAgwgIEdCI8ODQNAQQQQAABBBBA oCQCBHRKws5NEUAAAQQQQMCDAAEdD1gUjb0AAZ3YDzEdJKDDM4AAAggggAACCMRDgIBOPMaRXiCA AAIIIIAAAgj4J0BAxz9LakIAAQQQQACBYAQI6ATjSq3lKUBApzzHjVZ7ECCg4wGLoggggAACCCCA QIQFCOhEeHBoGgIIIIAAAggggEBJBAjolISdmyKAAAIIIICABwECOh6wKBp7AQI6sR9iOkhAh2cA AQQQQAABBBCIhwABnXiMI71AAAEEEEAAAQQQ8E+AgI5/ltSEAAIIIIAAAsEIENAJxpVay1OAgE55 jhut9iBAQMcDFkURQAABBBBAAIEICxDQifDg0DQEEEAAAQQQQACBkggQ0CkJOzdFAAEEEEAAAQ8C BHQ8YFE09gIEdGI/xHSQgA7PAAIIIIAAAgggEA8BAjrxGEd6gQACCCCAAAIIIOCfAAEd/yypCQEE EEAAAQSCESCgE4wrtZanAAGd8hw3Wu1BgICOByyKIoAAAggggAACERYgoBPhwaFpCCCAAAIIIIAA AiURIKBTEnZuigACCCCAAAIeBAjoeMCiaOwFCOjEfojpIAEdngEEEEAAAQQQQCAeAgR04jGO9AIB BBBAAAEEEEDAPwECOv5ZUhMCCCCAAAIIBCNAQCcYV2otTwECOuU5brTagwABHQ9YFEUAAQQQQAAB BCIsQEAnwoND0xBAAAEEEEAAAQRKIkBApyTs3BQBBBBAAAEEPAgQ0PGARdHYCxDQif0Q00ECOjwD CCCAAAIIIIBAPAQI6MRjHOkFAggggAACCCCAgH8CBHT8s6QmBBBAAAEEEAhGgIBOMK7UWp4CBHTK c9xotQcBAjoesCiKAAIIIIAAAghEWEADOltuuaUsWLBA9t13X5k6dWqEW0vTEEAAAQQQQAABBBAI XoCATvDG3AEBBBBAAAEEihMgoFOcH1fHS4CATrzGk96kESCgkwaFQwgggAACCCCAQBkKENApw0Gj yQgggAACCCCAAAKBChDQCZSXyhFAAAEEEEDABwECOj4gUkVsBAjoxGYo6UgmAQI6mWQ4jgACCCCA AAIIlJcAAZ3yGi9aiwACCCCAAAIIIBC8AAGd4I25AwIIIIAAAggUJ0BApzg/ro6XAAGdeI0nvUkj QEAnDQqHEEAAAQQQQOD/2bsTsKmpu+/jh30XBFSQTUQty6WI7BQXUItiVcAFba0KVrGCWkWtWAqy PFVarQh9arVvXbFapYIsrbigsiugCK2gUBBkEZVFFJTF5s0/TxOTmcySmSSTZL65Lpwkk5zlczLj fc/87hMEYihAQCeGg0aTEUAAAQQQQAABBAIVIKATKC+FI4AAAggggIAPAgR0fECkiMQIENBJzFDS kUwCBHQyybAfAQQQQAABBBCIlwABnXiNF61FAAEEEEAAAQQQCF6AgE7wxtSAAAIIIIAAAsUJENAp zo+zkyVAQCdZ40lvXAQI6LigsAsBBBBAAAEEEIihAAGdGA4aTUYAAQQQQAABBBAIVICATqC8FI4A AggggAACPggQ0PEBkSISI0BAJzFDSUcyCRDQySTDfgQQQAABBBBAIF4CBHTiNV60FgEEEEAAAQQQ QCB4AQI6wRtTAwIIIIAAAggUJ0BApzg/zk6WAAGdZI0nvXERIKDjgsIuBBBAAAEEEEAghgIEdGI4 aDQZAQQQQAABBBBAIFABAjqB8lI4AggggAACCPggQEDHB0SKSIwAAZ3EDCUdySRAQCeTDPsRQAAB BBBAAIF4CRDQidd40VoEEEAAAQQQQACB4AUI6ARvTA0IIIAAAgggUJwAAZ3i/Dg7WQIEdJI1nvTG RYCAjgsKuxBAAAEEEEAAgRgK2AM6PXr0UAsXLoxhL2gyAggggAACCCCAAAL+CRDQ8c+SkhBAAAEE EEAgGAECOsG4Umo8BQjoxHPcaLUHAQI6HrA4FAEEEEAAAQQQiLAAAZ0IDw5NQwABBBBAAAEEECiJ AAGdkrBTKQIIIIAAAgh4ECCg4wGLQxMvQEAn8UNMBwnocA0ggAACCCCAAALJECCgk4xxpBcIIIAA AggggAAC/gkQ0PHPkpIQQAABBBBAIBgBAjrBuFJqPAUI6MRz3Gi1BwECOh6wOBQBBBBAAAEEEIiw AAGdCA8OTUMAAQQQQAABBBAoiQABnZKwUykCCCCAAAIIeBAgoOMBi0MTL0BAJ/FDTAcJ6HANIIAA AggggAACyRAgoJOMcaQXCCCAAAIIIIAAAv4JENDxz5KSEEAAAQQQQCAYAQI6wbhSajwFCOjEc9xo tQcBAjoesDgUAQQQQAABBBCIsAABnQgPDk1DAAEEEEAAAQQQKIkAAZ2SsFMpAggggAACCHgQIKDj AYtDEy9AQCfxQ0wHCehwDSCAAAIIIIAAAskQIKCTjHGkFwgggAACCCCAAAL+CRDQ8c+SkhBAAAEE EEAgGAECOsG4Umo8BQjoxHPcaLUHAQI6HrA4FAEEEEAAAQQQiLAAAZ0IDw5NQwABBBBAAAEEECiJ AAGdkrBTKQIIIIAAAgh4ECCg4wGLQxMvQEAn8UNMBwnocA0ggAACCCCAAALJECCgk4xxpBcIIIAA AggggAAC/gkQ0PHPkpIQQAABBBBAIBgBAjrBuFJqPAUI6MRz3Gi1BwECOh6wOBQBBBBAAAEEEIiw AAGdCA8OTUMAAQQQQAABBBAoiQABnZKwUykCCCCAAAIIeBAgoOMBi0MTL0BAJ/FDTAcJ6HANIIAA AggggAACyRAgoJOMcaQXCCCAAAIIIIAAAv4JENDxz5KSEEAAAQQQQCAYAQI6wbhSajwFCOjEc9xo tQcBAjoesDgUAQQQQAABBBCIsAABnQgPDk1DAAEEEEAAAQQQKIkAAZ2SsFMpAggggAACCHgQIKDj AYtDEy9AQCfxQ0wHCehwDSCAAAIIIIAAAskQIKCTjHGkFwgggAACCCCAAAL+CRDQ8c+SkhBAAAEE EEAgGAECOsG4Umo8BQjoxHPcaLUHAQI6HrA4FAEEEEAAAQQQiLAAAZ0IDw5NQwABBBBAAAEEECiJ AAGdkrBTKQIIIIAAAgh4ECCg4wGLQxMvQEAn8UNMBwnocA0ggAACCCCAAALJECCgk4xxpBcIIIAA AggggAAC/gkQ0PHPkpIQQAABBBBAIBgBAjrBuFJqPAUI6MRz3Gi1BwECOh6wOBQBBBBAAAEEEIiw AAGdCA8OTUMAAQQQQAABBBAoiQABnZKwUykCCCCAAAIIeBAgoOMBi0MTL0BAJ/FDTAcJ6HANIIAA AggggAACyRAgoJOMcaQXCCCAAAL5Cezbt09VqVLF+JffGRyFAALlKEBApxxHnT4jgAACCCAQLwEC OvEaL1obrAABnWB9KT0CAgR0IjAINAEBBBBAAAEEEPBBgICOD4gxK+LQoUOqcuXKnlv97bffqkqV Knk+jxMQQACBUgocPHhQPfzww+qll15Sq1atUps2bTLey5o3b64GDhyohg8frho2bFjKJlI3AghE UICATgQHhSYhgAACCCCAgEOAgI6Dg40yFyCgU+YXQDl0n4BOOYwyfUQAAQQQQACBchAgoFMOo/xd H+fNm6d69+5t7KhRo4aqVq2aqlq1qqpYsaKqUKGCdaCmaUoCOfv37zf+ff3116pRo0Zq7dq1qlat WtZxrCAQFYEFCxaohQsXqsaNG6vzzjtPNWjQICpNox0lFPj73/+ubr31VvXBBx9YrZD3O/l/n7m0 bt1azZ8/n5COCcIjAggYAgR0uBAQQAABBBBAIOoCBHSiPkK0L0wBAjphalNXSQQI6JSEnUoRQAAB BBBAAAHfBQjo+E4a6QKfeOIJdfXVVxfcxu3bt6sjjzyy4PM5EYEgBMaNG6dGjRplFV2vXj0lgZ12 7dpZ+1gpP4Fp06apAQMGWB2vX7++euSRR1SvXr3UCSecoHbs2GE9J9fPmDFjrG1WEEAAAQI6XAMI IIAAAgggEHUBAjpRHyHaF6YAAZ0wtamrJAIEdErCTqUIIIAAAggggIDvAgR0fCeNdIF79uxRn3zy iZIZcb766iu1evVqdd999zlmlzA7ILOQXHPNNeroo49WtWvXVlWqVFGtWrXiNlcmEI+RENi3b5+q W7euklu32ZfLL79c/eUvf7HvYr2MBNatW6c6duyo5D1PFrmF1ZIlS4z3sOXLl6tOnTo5NM4++2z1 8ssvO/axgQAC5S1AQKe8x5/eI4AAAgggEAcBAjpxGCXaGJYAAZ2wpKmnZAIEdEpGT8UIIIAAAggg gICvAgR0fOWMZWFyCxgJ49gXufXV7t27VfXq1e27I7c+cuRI9d5776lhw4apPn36RK59NCi3QLFj uGbNGtWmTZu0imSWlLlz56btZ0d5CPTo0UMtXrzY6uz9999v3OpKdmzdulU1adLEek5W5D1k8uTJ jn1sIIBAeQsQ0Cnv8af3CCCAAAIIxEGAgE4cRok2hiVAQCcsaeopmQABnZLRUzECCCCAAAIIIOCr AAEdXzljWdiKFStUhw4dHG1v1KiR2rZtm2NfFDckmCEBDbltzbXXXhvFJtKmHALFjuGBAwfU4Ycf rmQmHfty8803q4kTJ9p3sV4mAmvXrjVuYWV2V64PCeXYA4c33HCDeuihh4xDZGawGTNmqLZt25qn 8IgAAggoAjpcBAgggAACCCAQdQECOlEfIdoXpgABnTC1qaskAgR0SsJOpQgggAACCCCAgO8CBHR8 J41dgStXrlTt27d3tFtua7VlyxbHvihu1KxZ07hdFwGdKI5Ofm3yYwwnTJig7rzzTqvCOnXqKPmd tXXr1tY+VspH4KmnnlJXXnml1eGePXuq+fPnW9vmysaNG9WOHTuMgGKFChXM3TwigAAChgABHS4E BBBAAAEEEIi6AAGdqI8Q7QtTgIBOmNrUVRIBAjolYadSBBBAAAEEEEDAdwF7QKd79+5q0aJFvtdB gdEWiGtAZ/PmzapZs2YGLgGdaF9jmVrn5xi+++67as6cOapWrVrqggsuUC1atMhULfsTLpAa2Bo0 aJB69NFHE95ruocAAn4LENDxW5TyEEAAAQQQQMBvAQI6fotSXpwFCOjEefRoe14CBHTyYuIgBBBA AAEEEEAg8gIEdCI/RIE3MK4BnXvvvVeNGDHC8CGgE/hlEkgFjGEgrGVf6N13363GjBljOYwePVrJ PhYEEEDAiwABHS9aHIsAAggggAACpRAgoFMKdeqMqgABnaiODO3yTYCAjm+UFIQAAggggAACCJRU gIBOSfkjUXkcAzpy3R533HFqw4YNhiEBnUhcSp4awRh64uJgDwKpAR0J64waNcpDCRyKAAIIKEVA h6sAAQQQQAABBKIuQEAn6iNE+8IUIKATpjZ1lUSAgE5J2KkUAQQQQAABBBDwXYCAju+ksSswjgGd Z599Vl1++eWWNQEdiyI2K4xhbIYqdg0loBO7IaPBCERSgIBOJIeFRiGAAAIIIICATYCAjg2D1bIX IKBT9pdA8gEI6CR/jOkhAggggAACCJSHAAGd8hjnbL2MW0Bn7ty56rzzzlPffPON1S0COhZFLFYY w1gMU2wbSUAntkNHwxGIlAABnUgNB41BAAEEEEAAARcBAjouKOwqWwECOmU79OXTcQI65TPW9BQB BBBAAAEEki1AQCfZ45tP7/wM6Mj1tGvXLrVjxw51xBFHqMMPPzytCYcOHVLr169XNWrUUE2bNlUV KlRIOybTjtmzZ6uBAweqvXv3Og4JIqCzbds29f7776stW7aor776StWtW1e1bNlSde/e3VObzYbu 379fff7556patWqqYcOG5m7r8eOPPzZCRy1atFBVq1a19udaWbdundq8ebPaunWr2r17t2rUqJFq 1aqVOvbYY1WdOnVyne7peU3TDJNNmzYp8Tl48KA68sgjVePGjY1/0vZcS9BjuGfPHsNZDOX6KmSR 63jVqlVKxkT6WaVKFfW9731PtWnTRtWrV6+QIq1zgn6NWBX5vBLU9Ws208/Xm98BHT/bJv0N0tLv tpb6evXjPce8xlIf/bZKLZ/t+AsQ0In/GNIDBBBAAAEEki5AQCfpI0z/vAgQ0PGixbGxFCCgE8th o9EIIIAAAggggECagHz5Jl9iyxdVEjxYtGhR2jHsSLZAoQEdCTD88pe/NMI4EjyRUI6Ec+SaksUe mtmwYYO655571NKlS42Ax4EDB4xjJKQjYZIzzjhDjR071jXQIwGUSZMmqQULFqh3333XOC/1Pyef fLI65phjUncb2507d1Z33XWX63NuO+XWS1LfkiVLlHw5nLo0a9ZM/fjHP1ZXXHGFateuXerTxvbj jz+upBxxMW0k5CNL8+bN1caNG411Cdbcfvvt6uWXX1Y7d+409kmwZPDgwWrixIlGmMfYmfKfzz77 TD388MNqypQp6oMPPkh59rtNcR0+fLgx45CXINR3Jfzf2qeffqrGjx+vpk2bZoSBUp83tyXEMmjQ IHXVVVcZQSFzfxBj+OWXXxr1yHUn/8RZDCU0JIuMkfh4WSSMNW7cODV9+nS1fft211MljCT9k3Gr X7++6zHmzrBeI2Z9fj0Gff3a2+nH6+3pp59WU6dOtYpdvXp12uuiX79+1vPmysUXX2xcJ+Z26qMf bQvL0o+2Rul6LfY9J3Us7dt+WNnLYz25AgR0kju29AwBBBBAAIGkCBDQScpI0g9fBPQP8VgQSLTA W2+9JZ9UG/8mT56c6L7SOQQQQAABBBBAIMkC3377raZ/4Wz8XKcHdJLcVfqWQeC9996zfrY3f8Y/ +uijMxz93e45c+aknWeeL496QEfTZ8vRRo8erVWvXt06Vp9BRmvSpImmB0asfXK8PhOLNmvWrO8q +O/ajBkzHMfZ68hn/YILLkgr022HHu7Q9Nl5HHUddthhmn47Le3qq6/WTjvtNK1y5cqO5x988EG3 orSbbrrJcZy9nbVq1TLOmTlzpla7du2Mx+khENey9UCOps/kY52nh5w0PYijDRkyRLvuuuu0Hj16 aHrIx3pe6m7btq2mh6Rcy8u188UXXzTGxt4HWddny9H69u1r1K3PlOSoT8ZS/7LfKjqIMdRDSo46 U9unB3Ss+vNZeeqppzR9dhxHmUcddZQm14+Mf8+ePbWKFStaz8u1Idf2vn37MhYf1mskYwMKfCLI 69dskp+vNz2AZ41L6nWQbVsPGJrNcTz62bagLf1sa1SuVz/ecxwD+t8NP63cymdf8gR++MMfGu8t 8v8GFgQQQAABBBBAIIoC8vmA+TuP/scmUWwibUIgNAH5KzsWBBItQEAn0cNL5xBAAAEEEECgjAQI 6JTRYGfoaqEBnTVr1mg33HCDJkEICfSYHwqZj/oML9o111xj7e/Tp4+2bNkyTZ/hxGiJPtuOps9g YT0v5+kzkmjyJap9kQ+c9FvWOP7pt25ynCehlNRjzG191h17ca7rr732mhEaMtsuQQwJvOizODiO 12fm0CTIZh4nj/fdd5/jGNl44YUXjPMl3FGzZk3H8RLQWb58uSaPcn6XLl20+fPna2eeeabjOAk1 ffPNN46yxU6/hZV1nH7bLU2fmcdxjGxIO08//XTrOKlHv+WVps/Yk3Zsph36DDWO8ZMyKlWqZIRS 9NlqHKfJ+8if//xnR30SwtJnUzKOC2IMpd833nijEZ6Rvkn77P/yDejIGA8YMMBxbv/+/V0DTfrM R2nHnnrqqZp+azGHh7kR1mvErM+vx6CuX7N9fr/epDzz9S6Pqde+hFDtz5vr+oxJZpOsR7/bFqSl 320t9fXq53uONaD/XfHbKrV8tpMpQEAnmeNKrxBAAAEEEEiSAAGdJI0mfSlWgIBOsYKcH3kBAjqR HyIaiAACCCCAAAII5CVAQCcvpkQfVGhAx46yf/9+7bjjjnOEHPRbThnbMmPOM888Yz/cWpcZdtq0 aeM4T78lk/V8ppXUQJDM1lPo8u9//9sRopGZffTb0mQsTr8dnNawYUNHm2XGh0zLihUrHDOvyIw3 J554onG+foss7YsvvjBO7dSpk6NMma3HfM4s+4033nAcI4EUCUK5LWLbtWtXx/H6Lai0vXv3uh2e tk8CVfbAiwRu5s2bl3acuUO/FYjjeDn3nXfeMZ9Oe/RzDOV9rEOHDo768wno6Ldac5wnYz9q1Cgr WJTWaH2H1DV06FBHXe3bt08bq9Rzw36NpNZf6Laf16+0IejXm9QxWp/ZyH7t5nMthNE2Py2DdizF 9RrUe07QVnLtsCRTgIBOMseVXiGAAAIIIJAkAQI6SRpN+lKsAAGdYgU5P/ICBHQiP0Q0EAEEEEAA AQQQyEuAgE5eTIk+yI+AjgANHjzY8aW4+QX5Aw88kNVv/PjxjvNOOumkrMfLk36GO3r37u2of9Cg QTnrl0CO2T95lBl8si1yqyT78bIut4H66KOPrNNGjBjhOKZfv37Wc+bK2LFjHcdIOVdccYX5dNqj zIiRerurfMJMTzzxRFo9cvubbMvJJ5+cds7UqVMznuLnGEolN998s6P+fEIZMpOKfVwk2JHvknrr onyumzBfI/n2I5/j/Lp+pa4wXm+FBnTCaJtflmG0NczrNcj3nDCs8nkdcUz8BAjoxG/MaDECCCCA AALlJkBAp9xGnP5mEyCgk02H5xIhQEAnEcNIJxBAAAEEEEAAAWM2CLn9h3xJLbfuYSk/Ab8COrfc cosj7CDXlMyIYN7mKJPs9OnTHefVrl0706HWfr/CHX/6058cdcstnLZu3WrVk21FQjn2cMfixYsz Hn7CCSc4jpXzUm+NJbevkn1y26/f/OY32vbt29PKe/LJJ9PKuffee9OOs+9InUXnwgsvtD+dti71 yq3G7H0766yz0o5L3WG/nZmcKzMFZbr1k5zr1xia7ZCZb+xtzhXQkVufValSxTpHZkWSW+zku+zY scO6TZlZ76xZs7KeHuZrJGtDPD7p1/Ub1uutkIBOWG3zwzKstoZ1vQb5nhOWlceXFIfHRICATkwG imYigAACCCBQxgIEdMp48Ol6mgABnTQSdiRNgIBO0kaU/iCAAAIIIIBAuQowg065jvx3/fYroHPr rbdaYQczsDB79uzvKsqwtmDBgrTzJPyQbfEj3CG3eqpbt66j7jPPPDNbtY7nUgMht912m+N5+4bc Wso0kceKFStqmzdvth+S1/quXbsct2SSL/vlllvZluuuu85Rd64ZimRGHntb5bZP2W5VZdYtX7KL n4Re2rZtqz322GPmU66PfoyhvWCvoYzUGX8kYOR1ueyyyxxWPXv2zFpEmK+RrA3x+KQf12+Yrzev 10KYbSvWMsy2hnW9BvWeE6aVx5cUh8dEgIBOTAaKZiKAAAIIIFDGAgR0ynjw6XqaAAGdNBJ2JE2A gE7SRpT+IIAAAggggEC5ChDQKdeR/67fQQZ0coVHpBXLly93hBwkHJLrPD/CHam3qZJ6ZeaafJc3 33zT0e4BAwZkPDX1S/levXplPDbXE9988402f/58LduMPfYy7r//fkc7W7VqZX/asS5faMvMN/aA TuvWrR3H+LXhxxja2+IllOF2zT3++OP24vJa//3vf++wEjf5gDTT4hZ4yHWtS1lu7c3nvEzt8Lrf j+s3zNebl2tBLMJsW7GWYbY1jOs1yPecMK28vqY4Ph4CBHTiMU60EgEEEEAAgXIWIKBTzqNP31MF COikirCdOAECOokbUjqEAAIIIIAAAmUqQECnTAfe1u2gAjpy67R8lkLCB36EO4YNG5YWrpg6dap2 6NChvP7JrbDsQZYOHTpk7G7ql/LZZtvJWEgeT2zcuFF79dVXtWeeeUabNGmSNnLkSO3UU091tDNb QEdmPLL3SdYHDRqUR83eD/FjDO21egllpB4r/ZTQk9dl5syZaV4TJkzIWExq4CHI10jGRhTwhB/X b5ivt9TxzXW7szDbVqxlmG0N43oN8j0nTKsCXlacEgMBAjoxGCSaiAACCCCAQJkLENAp8wuA7jsE COg4ONhIogABnSSOKn1CAAEEEEAAgXIUkICO+UV59+7dy5Gg7PscVEDnjDPOyMu2VAGd888/Py1c kRpO8bLdrFmzjP1N/VL+gQceyHislyd27typPfroo5p8idiwYcO8+pMtoCPtSu3z+PHjvTQp72PN 9x2zvkceeSTvc90O9BLKuPTSS9P6mW3mG7f6ZN+8efPSyhkyZEimw7XUwEOQr5GMjSjgCT+u3zBf b16uBeEIs23FWobZ1jCu1yDfc8K0KuBlxSkxECCgE4NBookIIIAAAgiUuQABnTK/AOi+Q6CCbOkf MrEgkFiBt99+W3Xt2tXo3+TJk5X+l0mJ7SsdQwABBBBAAAEEkizwn//8R+nBAqXPBqL0gI5atGhR krtL31wEVq5cqdq3b+94Rg9PqC1btjj25doYPny4+t3vfmcd1rt3b/Xaa69Z25lW3nnnHdWxY0fH 0/rte1SjRo0c++wbTZo0Ma5Zc58e7lDXXnutuZnXY5cuXdTSpUsdx0qdDRo0cOzLZ6Ny5cpKv22V 0r9sdj1cv02U0j84s5577rnn1CWXXGJte1359NNP1ahRo5QezlEHDx50nK7PyqK6deumTjnlFCXj OH36dKXP9GIdowd01Lp166xt+8qdd96p9Blg7LuUfhsnNXToUMc+Pzb8GEN7O+6++241ZswYa5c+ a4qaMmWKtW1f0WcVUgsWLLDvUuvXr1ctW7Z07Mu1sWLFCqXPnOQ4rE+fPuqll15y7DM3wnyNmHX6 8ejH9Rvm683LtSA+YbatWMsw2xrG9Rrke06YVn68zigjegJ6yEvNmjVL1atXT+3atSt6DaRFCCCA AAIIIFD2Ah9++KHS/wjAcBg3bpzSZ9EtexMAyljAEddhA4EECjCDTgIHlS4hgAACCCCAQFkKMINO WQ67o9NBzaCjB3Qc9WTaCHIGncWLF2sTJ07UXn/99bTq3WZRWbJkSdpxfuxInTVDbo1UyCK3rapQ oYJj1pZjjz1Wmzt3bsbiHnzwQcfx2WbQESv9oxzHv7Fjx2Ysu5gn8p1BJ9sY2uv3MmuK28wahdzi 6pVXXnFYiV3//v3tzXKsp85IEuRrxFFxkRt+XL9hvt68XAtCE2bbirUMs61hXK9BvueEaVXkS4zT IyrADDoRHRiahQACCCCAAAKWADPoWBSsIKBxiysugsQLENBJ/BDTQQQQQAABBBAoEwECOmUy0Fm6 meSAzq9+9SsjQKHPAJMmcMcdd6SFK/SZbdKO82NHsV/KSxtWrVqlVaxY0dFmfbYfLdetmbwEdPTZ dhzlS+Bk8ODBfhCklZFvQCfbGNoL9RLKuPHGG9P6WUho6vnnn08rR8rOtIQReMhUdzH7/bh+w3y9 ebkWxCXMthVrGWZbw7heg3zPCdOqmNcX50ZXgIBOdMeGliGAAAIIIIDA/wkQ0OFKQOA7AQI631mw llABAjoJHVi6hQACCCCAAAJlJ0BAp+yGPK3D5RrQ0W9DlBau0G/pkuaTzw79llPal19+mfHQYr+U l4IvuOCCtPYuXLgwY53mE7/97W8d59ln0Nm+fbt20UUXaePHjzcO129rplWqVMlxvMzQU8hy4MAB Tb+FXsZTSxnQefrppx19lCCSzE7kddFvB5ZWzrRp0zIWE0bgIWPlRTzhx/Ub5uvNa0AnzLYVaxlm W8O4XoN8zwnTqoiXF6dGWICAToQHh6YhgAACCCCAgCFAQIcLAYHvBAjofGdR1mv6/Ym1tWvXavv3 7w/EYe/evdr69eu1devWabt37w6kjkyFEtDJJMN+BBBAAAEEEEAgXgIEdOI1XkG0No4BnSZNmjiC EX/84x9daW677TbjuGHDhqU9L9d+8+bNHeW0bds27bhcO5YtW2bcdqpDhw4ZDy32S3lpa/Xq1R1t bd26dcb67E9cfvnljvPsAR35fVLCKbVq1bJOMb+QlP3mP7kNmZdl5cqVWuXKlbXOnTtnPM2PMbQX 7iWU8fXXX2v16tWz+if9lKCS16Vv376OMurUqaNJ2ZmWMAIPmeouZn+x16/UHebrzcu1EHbbirUM 0zGs6zWo95wwrYp5fXFudAXMa1P+f8GCAAIIIIAAAghEUYCAThRHhTaVSoCATqnkI1Sv/CVjo0aN jA/rhgwZ4lvL5s+fr1155ZXakUce6fggUD5QlA9ar7nmGk0+YA96IaATtDDlI4AAAggggAAC4QjI F1jmTBbdu3cPp1JqiZRAHAM67du3d/w+dO+997qaXnrppcZxY8eOdX0+dXYZ+b1q1qxZrsdm2tm/ f3+jjp49e2Y6RCv2S/lNmzY5+ivtvOqqqzLWZ3/imGOOcZybK6Aze/Zsx/FSV5cuXYyAhb3cbOty Wyw5r2PHjhkP82sMzQq8hjJuv/12Rz+rVaumffLJJ2ZxOR83btyoValSxVHGQw89lPW8sAIPWRtR wJPFXr9mlWG93rxeC9K+sNrmh2VYbQ3reg3yPScsK/Ma5zFZAgR0kjWe9AYBBBBAAIEkChDQSeKo 0qdCBQjoFCqXgPM2b96s3XTTTVrVqlWtD+ouueSSonv2xRdfaNdff73xl5nyQaf8q1ChgtasWTOt cePGjv3yXL9+/TSZwSeohYBOULKUiwACCCCAAAIIhCtAQCdc7yjW9u6771q/u5i/a8gfG3hdfv7z nzvKOeOMM/IqYunSpY7zpA1y25NsixmKMds7cOBA18PbtWtnlC23NHJbDh06pEkwzSxHHuUL9Hx/ l5Iwj/xeJudlC2ccf/zxjjpefPFFt+Zk3CezsqTOoCO3vMq1rFixwlGvtLNp06bWaWY4K3V2gB/9 6Edp5/3hD3+wzsu2In9UUrFiReP8bOf4NYZmW0aOHOlos/Qh2yIz0qaGJST0lO22XPby5Fj7dZPP eIT5GrG3tdj1Yq9fs/6wXm+p14LMIpVrCattfliG1dYwr9eg3nPCssp1ffF8PAUI6MRz3Gg1Aggg gAAC5SRAQKecRpu+5hIgoJNLKAHPHzhwwPjrutWrV2tvvvmmJn+xec4552jyV3f2D+lk/eKLLy6q x3ILK/kQ1SxX/krvzjvv1DZs2GCVK1OT33LLLY6/4JMPftasWWMd4+cKAR0/NSkLAQQQQAABBBAo nQABndLZR6XmmTNnWr9rmL9zyB8cSIDBy3LZZZc5ysn3FkwzZsxwnCdtyHVLpQkTJjjOqV+/vvbZ Z585miu/p5n9+de//uV4zr4hv281bNjQOlbO6d27d87bCIubeZuk008/PeMMMxL4OOywwxzlP/zw w/Ym5LV+1llnOcqoUaNG1tlTt23blnYLL+mbBIq2bt1q1DllyhSjzLPPPtvRBrmFcsuWLR311a1b N+fsQnJrqxYtWhjnderUKaOJVObnGEp5P/3pTx3tPffcc2V31kXCYXJbKvM6kccrrrhCO3jwYNbz 7rnnHsc58kczqdefWwFhvkbc6i9kn1/Xr1l30K83qSf1WujVq5dZfdbHoNvmp2XQbRWoMK/XIN9z wrDKemHxZGwFCOjEduhoOAIIIIAAAmUjQECnbIaajuYhQEAnD6S4HzJ06FDHB3L2D/RS14sJ6MjM OW3atLHqkr+azDbluvwlpn32HgnpeP1gPZ+xIaCTjxLHIIAAAggggAAC0RewB3S6desW/QbTwqIF JKyyZMkS7dVXX9UmTZqkHXvssdbvG/bfZSQQIjPPvP7665oEGWQ2FntwYc+ePdqyZcu0BQsWaA8+ +KDj9xCznF/84hfG+XLc9u3brbZLkEN+p3j++ee11FsdybmnnXaaNn36dO3tt9/W5I8iUhf5PckM x5h1ye2spE2yyO2HzNlR+vbtm3p62rZ8qJUaSJGgyQsvvODos5wos6b+7Gc/s8yOOuooTW5BZV/k GDF75ZVXtGuvvdY61myr3FZu4sSJxhiIg3jkWsSjUqVKjrLk9lUyY03q8o9//EMzZw+SfqQGFiSA JH9kYt7e7te//nVqEcYsRieffLKjPmm/zBzz+eefO47fsWOHNnnyZGuWn9q1a2syM1O2pdgxlN9z Jcglt5eWmXpq1qzpaGvlypWN2xZJUEvGItPMOHJtpt5CWsI9q1atcjRf/khHxur888931HPccccZ +x0H/3ejlK8Rt/bkuy+I69det9+vt1zXgly3N998sya3UpLrRa5Nuf7cFr/bFqSl320t9fUqM6cF 9Z7jt5XbtcO+5AkQ0EnemNIjBBBAAAEEkiYgP+eanzOMGzcuad2jPwh4EiCg44krngenBnTkQ22Z Nvlvf/ub1rFjR+sNUd4Yi7nFlXzIbL65yuPUqVNzgv35z392nCNt9XshoOO3KOUhgAACCCCAAAKl ESCgUxr3UtXqNluO/feNXOv2kM2cOXMcv3fkOldmTDGX1Blrsp170kknmac5HlP/OEHKkFllJGhm zopSq1atnLPxmIXKjDNXXnllWgjmiCOOMGZLldtonXLKKY4+yyyqn3zyiVmE9Si3Pc7Wp9TnpJ35 LDLjjQRPUs+XQNOwYcOM2yLbA08nnHCCJrNHyId25m2nUs+VP+qQEIHbIl/YDxo0KK1OmYVHAlB9 +vRJC3jJ7dEWLVrkVlzavmLGUIIWqX3Jti0Bm0yLzE4rv8+nGrVt21aTL2jlNmiptxiTmW1HjBih ye3HMi2lfo1kaleu/UFdv/Z6/Xy9eb0W5DrJ9odPfrYtaEs/2xqF6zXI9xw/rezXMuulFZg3b54m IdEgFgI6QahSJgIIIIAAAgj4KUBAx09Nyoq7QAXpgP4LP0uCBfRf7JU+Ba/S/0pP6X8xqfQP66ze fv/731f6B5LWth7QUc8995y1ne+K/iGT6tmzp3W4/qGgo1zriZQV/a9aVbNmzZT+4bnxjP7hqdL/ slB16NAh5cjCN/W/ZFVdu3Y1CtD/UlLpHwYXXhhnIoAAAggggAACCJRMQJ9VwvjZUb/ljdKDDWrx 4sUlawsVBy/wxBNPqMGDBxu/x+hhFqXfolfpQQOlz8yi5PcGc5FfaQ8dOqT0UIP65ptvlB5CMB71 MIrSZxsxDnv55ZeVPtOIUZYeMFFSnlmOnC/Xlpy7b98+pc9wof7nf/5H3XHHHca5+i2hlD6riXGu /E4lbdDDEcZzcp78TiPnyLn9+vVTzzzzjNk0x6M+e48aPny4kt9PUhd9dhilB5KUHqpJfSrr9ocf fqj0vzwzfoeT/rstzZs3V7fddpvxe5DdzTz2j3/8o9K/mLf6J78vmjZyjNlHcZV+St+//PJL8/Ss j/osE+pPf/qT+n//7/8pWXdb9Ftqqeuvv17pMxgp/fZfxiHyO6n+xxtKn/3G2BZzfXYhpd9uy/id 1q0cc58eYFH6jDtKrp/9+/ebux2PeuhK/eQnP1GjR49W+u2wHM9l2yh0DOV37lNPPdUylutIDy8Z 17H4mtev+IqttFv6nG15//331d133630265l7KeMpT67lNJnHVInnnhituJUFF4jWRuY4ckgr9/U Kv14vaVeC/JeJNeC+Z5ivp/Z34/0cJg677zzUpvj2PajbWFZ+tHWKF2vQb7n+GHluFDYKKnAe++9 p+RnCvlc8tZbb7X+n+dHo/QZ05Qe5lP6jH1q165dfhRJGQgggAACCCCAgK8C8rOt/sczRpnyOcbI kSN9LZ/CEIiTAAGdOI1WAG1NDejot7hS+tTtnmvS7/et/vrXv1rn6dPPqxtvvNHazrbyq1/9So0f P9465Oqrr1aPPfaYtV3sCgGdYgU5HwEEEEAAAQQQiIaAfJEt4W4COtEYD1pRmIB8KCVf0ssfKUjo SP64QYI5uQIZ2WqTgMf69evVmjVrlJQvX/I3adJE6bPSKH3WVEegKVs5QT0n7dNvV6Y+/vhj49/O nTtV48aNlX7LJaXfJkZJSCd1kZCKfnsfY7d8iHf44YenHpJ1W4JTYqL/lZ5au3at0mfgUhKE0m+1 ZQT8JBRR6BLEGBbaFumXBARk7KWvsi1/mCPvlXJtSQCExV+BKL/eoty21FGIU1tT2+62HeR7TtKs 3PzKZd9FF12k9FtSGv/fk6Do2LFjfQnqENAplyuIfiKAAAIIIBBfAQI68R07Wu6/AAEd/01jVaIf AR19Wl+lTw1u/KWq2fmVK1fm/As981j5cFraYS7yV37ypYvXD2DN81MfCeikirCNAAIIIIAAAgjE U4CATjzHjVYjgAACCCCAAAIIKCWz6Mis4RKklUUCqvIHjsXOqENAh6sLAQQQQAABBKIuQEAn6iNE +8IUIKATpnYE6/IjoCNTh8usN/ZFplOVaVXzWeSvKGXadfsydepUJX9V4sdCQMcPRcpAAAEEEEAA AQRKL0BAp/RjQAsQQAABBBBAAAEEChfo0qWLcetMewnFBnUI6Ng1WUcAAQQQQACBKAoQ0IniqNCm UgkQ0CmVfETq9SOgM2TIEPXII49YPapZs6bau3evtZ1rRabqland5QsXc7nhhhvU//7v/5qbRT0S 0CmKj5MRQAABBBBAAIHICBDQicxQ0BAEEEAAAQQQQACBAgRkFh25vaPbUmhQh4COmyb7EEAAAQQQ QCBKAgR0ojQatKXUAgR0Sj0CJa7fj4BOt27d1FtvvWX15Pjjj1fyRutladq0qdqyZYt1SseOHdWy Zcus7WJWCOgUo8e5CCCAAAIIIIBAdAQI6ERnLGgJAggggAACCCCAQGECMmv4Cy+8kPFkr0EdAjoZ KXkCAQQQQAABBCIiQEAnIgNBMyIhQEAnEsNQukYUG9CReybXrl1b7du3z+rE6aefrt544w1rO5+V rl27KgnSmEuDBg3U559/bm4W9UhApyg+TkYAAQQQQAABBCIjQEAnMkNBQxBAAAEEEEAAAQQKFJBZ dDp06KDkc9VsS75BHQI62RR5DgEEEEAAAQSiIEBAJwqjQBuiIkBAJyojUaJ2FBvQ2blzp5IwjX3p 27evmj17tn1XzvVevXqlhXq++uorVatWrZzn5jqAgE4uIZ5HAAEEEEAAAQTiIUBAJx7jRCsRQAAB BBBAAAEEsgvkmkXHfnauoA4BHbsW6wgggAACCCAQRQECOlEcFdpUKgECOqWSj0i9xQZ07G+oZpfk l8IZM2aYm3k9nnXWWeq1115zHLtu3TrVqlUrx75CNgjoFKLGOQgggAACCCCAQPQECOhEb0xoEQII IIAAAggggIB3gXxn0bGXnCmoQ0DHrsQ6AggggAACCERRwP598rhx49TIkSOj2EzahEAoAgR0QmGO biXFBnQWL16sevTo4ehgv3791LRp0xz7cm2cc845as6cOY7D/vnPf6p27do59hWyQUCnEDXOQQAB BBBAAAEEoidAQCd6Y0KLEEAAAQQQQAABBAoT8DKLjr2G1KAOAR27DusIIIAAAgggEEUBAjpRHBXa VCoBAjqlko9IvcUGdN544w0lt6eyLxdffLF6/vnn7btyrv/whz9Muy3WsmXLVMeOHXOem+sAAjq5 hHgeAQQQQAABBBCIh4A9oFOnTh1fwtzx6DmtRAABBBBAAAEEEEiawL59+9TKlSsL7lbFihXViBEj lHyGKn/4WK9ePbVr166Cy+NEBBBAAAEEEEAgKAECOkHJUm4cBQjoxHHUfGxzsQGdV155Rf3gBz9w tGjgwIHq2WefdezLtXHhhRem3RbrrbfeUl26dMl1as7nCejkJOIABBBAAAEEEEAgFgL2gE4sGkwj EUAAAQQQQAABBBAIWKBq1arqwIEDBHQCdqZ4BBBAAAEEEChcgIBO4XacmTwBAjrJG1NPPYpyQEf+ guTEE0/01B+3gwnouKmwDwEEEEAAAQQQiJ+APaBTvXp11bRp0/h1ghYjgAACCCCAAAIIIKALSKhm 06ZNRVkMGTJErVu3Tr322msEdIqS5GQEEEAAAQQQCFKAgE6QupQdNwECOnEbMZ/bW2xAx+0WV5dc col67rnnPLX0ggsuUDNnznScs3jxYtWtWzfHvkI2COgUosY5CCCAAAIIIIBA9AQkoNO8eXO1ZcsW 4+dE+XmRBQEEEEAAAQQQQACBOAr85Cc/UVOmTPHcdJkxZ9CgQequu+4yfjY+//zz1axZswjoeJbk BAQQQAABBBAIS4CATljS1BMHAQI6cRilANtYbEBn0aJFSsqwL/369VPTpk2z78q5fu6556qXXnrJ cZzcP7ljx46OfYVsENApRI1zEEAAAQQQQACB6AkQ0InemNAiBBBAAAEEEEAAAe8CH3zwgWrXrp36 9ttv8z45NZhjnkhAx5TgEQEEEEAAAQSiKkBAJ6ojQ7tKIUBApxTqEaqz2IDOP//5z7TbUPXt21fN nj3bUy/PPPNMNXfuXMc5a9euVccdd5xjXyEbBHQKUeMcBBBAAAEEEEAgegIEdKI3JrQIAQQQQAAB BBBAwLuAl9lzMgVzzFoJ6JgSPCKAAAIIIIBAVAUI6ER1ZGhXKQQI6JRCPUJ1FhvQ2blzp2rQoIGj R7169UoL2zgOcNno0aOHSr1FwZ49e1SdOnVcjva2i4CONy+ORgABBBBAAAEEoipAQCeqI0O7EEAA AQQQQAABBPIVyHf2nFzBHLM+AjqmBI8IIIAAAgggEFUBAjpRHRnaVQoBAjqlUI9QncUGdKQr1atX V/v377d6dcopp6jly5db2/mstGnTRq1Zs8Y6tEaNGmrfvn3WdjErBHSK0eNcBBBAAAEEEEAgOgIE dKIzFrQEAQQQQAABBBBAoDCBXLPn5BvMMWsnoGNK8IgAAggggAACURUgoBPVkaFdpRAgoFMK9QjV 6UdA58QTT1RyqytzOfbYY9W///1vczOvx0aNGqnt27dbx3bq1EktXbrU2i5mhYBOMXqciwACCCCA AAIIREeAgE50xoKWIIAAAggggAACCHgXkNlzWrdu7Xqi12COWQgBHVOCRwQQQAABBBCIqgABnaiO DO0qhQABnVKoR6hOPwI6119/vXr44YetXsmMOjL7TYUKFax92VZk9p2aNWsq+cLFXKTMhx56yNws 6pGATlF8nIwAAggggAACCERGgIBOZIaChiCAAAIIIIAAAggUIHD66aerefPmOc4sNJhjFkJAx5Tg EQEEEEAAAQSiKkBAJ6ojQ7tKIUBApxTqEarTj4DOU089pa688kpHrzZv3qyaNGni2Jdp4/3331ft 2rVzPP3YY4+pq6++2rGv0A0COoXKcR4CCCCAAAIIIBAtAQI60RoPWoMAAggggAACCCCQv4DMniOf gX777bfGSVWqVFGDBw9Wd911l2revHn+BaUcSUAnBYRNBBBAAAEEEIicAAGdyA0JDSqhAAGdEuJH oWo/AjpbtmxRLVq0sH65lH7Nnj1b9e3bN68uPvPMM+pHP/qRdazMwLNt2zZVr149a18xKwR0itHj XAQQQAABBBBAIDoCBHSiMxa0BAEEEEAAAQQQQMCbwE9+8hM1ZcoUJTPmnHPOOWry5MlFBXPM2gno mBI8IoAAAggggEBUBQjoRHVkaFcpBAjolEI9QnX6EdCR7lx22WXqr3/9q9WzG2+8UU2aNMnazrYi M+U88cQT1iES1nn66aet7WJXCOgUK8j5CCCAAAIIIIBANATsAZ2uXbuqJUuWRKNhtAIBBBBAAAEE EEAAgSwCMntOhw4djFnIi50xJ7UaAjqpImwjgAACCCCAQNQECOhEbURoTykFCOiUUj8CdcsXGxJg MZf+/furF154wdzM+9EegpGT6tevrzZu3Khq166dtYxdu3YZs+98+eWXxnEVK1ZUixYtUtIuvxZ7 2+QvU4YNG+ZX0ZSDAAIIIIAAAgggEKIAAZ0QsakKAQQQQAABBBBAwDeBV155RX3ve9/zZcac1EYR 0EkVYRsBBBBAAAEEoiZAQCdqI0J7SilAQKeU+iWue//+/aply5bG7aTMppx00klqxYoVqkKFCuau vB/lllb/+Mc/rOOHDh2qfv/731vbbitDhgxRjzzyiPXUL3/5SzV+/Hhr248VAjp+KFIGAggggAAC CCBQegECOqUfA1qAAAIIIIAAAgggEC0BAjrRGg9agwACCCCAAALpAgR00k3YU74CBHTKYOxldpr1 69crTdPUoUOHlGzLtKrPPvusevPNN9MEzjvvPDVgwADVqlUrVatWLVW5cmUjsCN/5VG9evW0480d O3fuNGa+WbdunbnLCNtI6MZtGT16tBo7dqz1VLdu3dT8+fON+qydPqwQ0PEBkSIQQAABBBBAAIEI CBDQicAg0AQEEEAAAQQQQACBSAkQ0InUcNAYBBBAAAEEEHARIKDjgsKushUgoFMGQy+z2sjsNsUu MrNO+/btsxazevVqo66PPvrIOk7qvuOOO1T37t2NoM/ChQvV/fffr2bNmmUdI/dgnj59eiDTvBLQ sZhZQQABBBBAAAEEYi1AQCfWw0fjEUAAAQQQQAABBAIQIKATACpFIoAAAggggICvAgR0fOWksJgL ENCJ+QDm0/z3339fyew0ctuqGjVqqCpVqhiz1FSsWFHJP/vtrGSWHfniQ/4dPHjQ+Pf111+rvXv3 qnfeeSdnQEfas2fPHnXTTTepJ5980pi1x95GqUvqMBep/xe/+IUaM2aM0S5zv5+PBHT81KQsBBBA AAEEEECgdAIEdEpnT80IIIAAAggggAAC0RQgoBPNcaFVCCCAAAIIIPCdAAGd7yxYQ4CADtdAYAIb NmxQjz76qHr99dfVv/71L7V7924jENSgQQN1/PHHq/79+6uLLrpItWzZMrA2SMEEdALlpXAEEEAA AQQQQCA0AQI6oVFTEQIIIIAAAggggEBMBAjoxGSgaCYCCCCAAAJlLEBAp4wHn66nCRDQSSNhR1AC hw4dMmbrqVSpUlBVuJZLQMeVhZ0IIIAAAggggEDsBAjoxG7IaDACCCCAAAIIIIBAwAIEdAIGpngE EEAAAQQQKFqAgE7RhBSQIAECOgkaTLriLkBAx92FvQgggAACCCCAQNwECOjEbcRoLwIIIIAAAggg gEDQAgR0ghamfAQQQAABBBAoVoCATrGCnJ8kAQI6SRpN+uIqQEDHlYWdCCCAAAIIIIBA7AQI6MRu yGgwAggggAACCCCAQMACBHQCBqZ4BBBAAAEEEChagIBO0YQUkCABAjoJGky64i5AQMfdhb0IIIAA AggggEDcBAjoxG3EaC8CCCCAAAIIIIBA0AIEdIIWpnwEEEAAAQQQKFaAgE6xgpyfJAECOkkaTfri KkBAx5WFnQgggAACCCCAQOwECOjEbshoMAIIIIAAAggggEDAAgR0AgameAQQQAABBBAoWoCATtGE FJAgAQI6CRpMuuIuQEDH3YW9CCCAAAIIIIBA3AQI6MRtxGgvAggggAACCCCAQNACBHSCFqZ8BBBA AAEEEChWgIBOsYKcnyQBAjpJGk364ipAQMeVhZ0IIIAAAggggEDsBAjoxG7IaDACCCCAAAIIIIBA wAIEdAIGpngEEEAAAQQQKFqAgE7RhBSQIAECOgkaTLriLkBAx92FvQgggAACCCCAQNwECOjEbcRo LwIIIIAAAggggEDQAgR0ghamfAQQQAABBBAoVoCATrGCnJ8kAQI6SRpN+uIqQEDHlYWdCCCAAAII IIBA7AQkoNOiRQu1efNm1bVrV7VkyZLY9YEGI4AAAggggAACCCDgpwABHT81KQsBBBBAAAEEghAg oBOEKmXGVYCATlxHjnbnLUBAJ28qDkQAAQQQQAABBCItQEAn0sND4xBAAAEEEEAAAQRKIEBApwSx y84YAABAAElEQVToVIkAAggggAACngQI6Hji4uCECxDQSfgA0z2lCOhwFSCAAAIIIIAAAskQIKCT jHGkFwgggAACCCCAAAL+CRDQ8c+SkhBAAAEEEEAgGAECOsG4Umo8BQjoxHPcaLUHAQI6HrA4FAEE EEAAAQQQiLAAAZ0IDw5NQwABBBBAAAEEECiJAAGdkrBTKQIIIIAAAgh4ECCg4wGLQxMvQEAn8UNM BwnocA0ggAACCCCAAALJECCgk4xxpBcIIIAAAggggAAC/gkQ0PHPkpIQQAABBBBAIBgBAjrBuFJq PAUI6MRz3Gi1BwECOh6wOBQBBBBAAAEEEIiwAAGdCA8OTUMAAQQQQAABBBAoiQABnZKwUykCCCCA AAIIeBAgoOMBi0MTL0BAJ/FDTAcJ6HANIIAAAggggAACyRAgoJOMcaQXCCCAAAIIIIAAAv4JENDx z5KSEEAAAQQQQCAYAQI6wbhSajwFCOjEc9xotQcBAjoesDgUAQQQQAABBBCIsAABnQgPDk1DAAEE EEAAAQQQKIkAAZ2SsFMpAggggAACCHgQIKDjAYtDEy9AQCfxQ0wHCehwDSCAAAIIIIAAAskQIKCT jHGkFwgggAACCCCAAAL+CRDQ8c+SkhBAAAEEEEAgGAECOsG4Umo8BQjoxHPcaLUHAQI6HrA4FAEE EEAAAQQQiLCAPaDTpUsX9dZbb0W4tTQNAQQQQAABBBBAAIHgBQjoBG9MDQgggAACCCBQnAABneL8 ODtZAgR0kjWe9MZFgICOCwq7EEAAAQQQQACBGAoQ0InhoNFkBBBAAAEEEEAAgUAFCOgEykvhCCCA AAIIIOCDAAEdHxApIjECBHQSM5R0JJMAAZ1MMuxHAAEEEEAAAQTiJUBAJ17jRWsRQAABBBBAAAEE ghcgoBO8MTUggAACCCCAQHECBHSK8+PsZAkQ0EnWeNIbFwECOi4o7EIAAQQQQAABBGIoQEAnhoNG kxFAAAEEEEAAAQQCFSCgEygvhSOAAAIIIICADwIEdHxApIjECBDQScxQ0pFMAgR0MsmwHwEEEEAA AQQQiJcAAZ14jRetRQABBBBAAAEEEAhegIBO8MbUgAACCCCAAALFCRDQKc6Ps5MlQEAnWeNJb1wE COi4oLALAQQQQAABBBCIoQABnRgOGk1GAAEEEEAAAQQQCFSAgE6gvBSOAAIIIIAAAj4IENDxAZEi EiNAQCcxQ0lHMgkQ0Mkkw34EEEAAAQQQQCBeAgR04jVetBYBBBBAAAEEEEAgeAECOsEbUwMCCCCA AAIIFCdAQKc4P85OlgABnWSNJ71xESCg44LCLgQQQAABBBBAIIYCBHRiOGg0GQEEEEAAAQQQQCBQ AQI6gfJSOAIIIIAAAgj4IEBAxwdEikiMAAGdxAwlHckkQEAnkwz7EUAAAQQQQACBeAkQ0InXeNFa BBBAAAEEEEAAgeAFCOgEb0wNCCCAAAIIIFCcAAGd4vw4O1kCBHSSNZ70xkWAgI4LCrsQQAABBBBA AIEYChDQieGg0WQEEEAAAQQQQACBQAUI6ATKS+EIIIAAAggg4IMAAR0fECkiMQIEdBIzlHQkkwAB nUwy7EcAAQQQQAABBOIlQEAnXuNFaxFAAAEEEEAAAQSCFyCgE7wxNSCAAAIIIIBAcQIEdIrz4+xk CRDQSdZ40hsXAQI6LijsQgABBBBAAAEEYihAQCeGg0aTEUAAAQQQQAABBAIVIKATKC+FI4AAAggg gIAPAgR0fECkiMQIENBJzFDSkUwCBHQyybAfAQQQQAABBBCIlwABnXiNF61FAAEEEEAAAQQQCF6A gE7wxtSAAAIIIIAAAsUJENApzo+zkyVAQCdZ40lvXAQI6LigsAsBBBBAAAEEEIihAAGdGA4aTUYA AQQQQAABBBAIVICATqC8FI4AAggggAACPggQ0PEBkSISI0BAJzFDSUcyCRDQySTDfgQQQAABBBBA IF4CBHTiNV60FgEEEEAAAQQQQCB4AQI6wRtTAwIIIIAAAggUJ0BApzg/zk6WAAGdZI0nvXERIKDj gsIuBBBAAAEEEEAghgIS0DnmmGPUxx9/rLp06aLeeuutGPaCJiOAAAIIIIAAAggg4J8AAR3/LCkJ AQQQQAABBIIRIKATjCulxlOAgE48x41WexAgoOMBi0MRQAABBBBAAIEICxDQifDg0DQEEEAAAQQQ QACBkggQ0CkJO5UigAACCCCAgAcBAjoesDg08QIEdBI/xHSQgA7XAAIIIIAAAgggkAwBAjrJGEd6 gQACCCCAAAIIIOCfAAEd/ywpCQEEEEAAAQSCESCgE4wrpcZTgIBOPMeNVnsQIKDjAYtDEUAAAQQQ QACBCAsQ0Inw4NA0BBBAAAEEEEAAgZIIENApCTuVIoAAAggggIAHAQI6HrA4NPECBHQSP8R0kIAO 1wACCCCAAAIIIJAMAQI6yRhHeoEAAggggAACCCDgnwABHf8sKQkBBBBAAAEEghEgoBOMK6XGU4CA TjzHjVZ7ECCg4wGLQxFAAAEEEEAAgQgLENCJ8ODQNAQQQAABBBBAAIGSCBDQKQk7lSKAAAIIIICA BwECOh6wODTxAgR0Ej/EdJCADtcAAggggAACCCCQDAECOskYR3qBAAIIIIAAAggg4J8AAR3/LCkJ AQQQQAABBIIRIKATjCulxlOAgE48x41WexAgoOMBi0MRQAABBBBAAIEICxDQifDg0DQEEEAAAQQQ QACBkggQ0CkJO5UigAACCCCAgAcBAjoesDg08QIEdBI/xHSQgA7XAAIIIIAAAgggkAwBAjrJGEd6 gQACCCCAAAIIIOCfAAEd/ywpCQEEEEAAAQSCESCgE4wrpcZTgIBOPMeNVnsQIKDjAYtDEUAAAQQQ QACBCAvYAzqdO3dW8nMeCwIIIIAAAggggAAC5SxAQKecR5++I4AAAgggEA8BAjrxGCdaGY4AAZ1w nKmlhAIEdEqIT9UIIIAAAggggICPAgR0fMSkKAQQQAABBBBAAIFECBDQScQw0gkEEEDAEti3b5+q UqWK8c/ayQoCMRcgoBPzAaT5vgoQ0PGVk8KiKEBAJ4qjQpsQQAABBBBAAAHvAgR0vJtxBgIIIIAA AggggECyBZIY0Dl06JCqXLmy54H79ttvVaVKlTyfxwkIIIBAKQUOHjyoHn74YfXSSy+pVatWqU2b NhnvZc2bN1cDBw5Uw4cPVw0bNixlE6kbgaIFCOgUTUgBCRIgoJOgwaQr7gIEdNxd2IsAAggggAAC CMRNgIBO3EaM9iKAAAIIIIAAAggELZC0gM68efNU7969DbYaNWqoatWqqapVq6qKFSuqChUqWJya pikJ5Ozfv9/49/XXX6tGjRqptWvXqlq1alnHsYJAVAQWLFigFi5cqBo3bqzOO+881aBBg6g0jXaU UODvf/+7uvXWW9UHH3xgtULe7+TzD3Np3bq1mj9/PiEdE4THWAoQ0InlsNHogAQI6AQES7HRESCg E52xoCUIIIAAAggggEAxAgR0itHjXAQQQAABBBBAAIEkCiQtoPPEE0+oq6++uuCh2r59uzryyCML Pp8TEQhCYNy4cWrUqFFW0fXq1VMS2GnXrp21j5XyE5g2bZoaMGCA1fH69eurRx55RPXq1UudcMIJ aseOHdZzcv2MGTPG2mYFgbgJENCJ24jR3iAFCOgEqUvZkRAgoBOJYaARCCCAAAIIIIBA0QIEdIom pAAEEEAAAQQQQACBhAkkLaCzZ88e9cknnyiZEeerr75Sq1evVvfdd59jdglzCGUWkmuuuUYdffTR qnbt2qpKlSqqVatW3ObKBOIxEgL79u1TdevWVXLrNvty+eWXq7/85S/2XayXkcC6detUx44dlbzn ySK3sFqyZInxHrZ8+XLVqVMnh8bZZ5+tXn75Zcc+NhCIkwABnTiNFm0NWoCATtDClF9yAQI6JR8C GoAAAggggAACCPgiQEDHF0YKQQABBBBAAAEEEEiQQNICOm5DI7eAkTCOfZFbX+3evVtVr17dvjty 6yNHjlTvvfeeGjZsmOrTp0/k2keDcgsUO4Zr1qxRbdq0SatIZkmZO3du2n52lIdAjx491OLFi63O 3n///catrmTH1q1bVZMmTaznZEXeQyZPnuzYxwYCcRIgoBOn0aKtQQsQ0AlamPJLLkBAp+RDQAMQ QAABBBBAAAFfBAjo+MJIIQgggAACCCCAAAIJEiiHgM6KFStUhw4dHKPWqFEjtW3bNse+KG5IMEMC GnLbmmuvvTaKTaRNOQSKHcMDBw6oww8/XMlMOvbl5ptvVhMnTrTvYr1MBNauXWvcwsrsrlwfEsqx Bw5vuOEG9dBDDxmHyMxgM2bMUG3btjVP4RGB2AkQ0IndkNHgAAUI6ASIS9HRECCgE41xoBUIIIAA AggggECxAgR0ihXkfAQQQAABBBBAAIGkCZRDQGflypWqffv2jqGT21pt2bLFsS+KGzVr1jRu10VA J4qjk1+b/BjDCRMmqDvvvNOqsE6dOkq+t2jdurW1j5XyEXjqqafUlVdeaXW4Z8+eav78+da2ubJx 40a1Y8cOI6BYoUIFczePCMRSgIBOLIeNRgckQEAnIFiKjY4AAZ3ojAUtQQABBBBAAAEEihEgoFOM HucigAACCCCAAAIIJFGAgE50R3Xz5s2qWbNmRgMJ6ER3nLK1zM8xfPfdd9WcOXNUrVq11AUXXKBa tGiRrWqeS7BAamBr0KBB6tFHH01wj+kaAkoR0OEqQOA7AQI631mwllABAjoJHVi6hQACCCCAAAJl J0BAp+yGnA4jgAACCCCAAAII5BAgoJMDqIRP33vvvWrEiBFGCwjolHAgiqiaMSwCj1MzCtx9991q zJgx1vOjR49Wso8FgSQLENBJ8ujSN68CBHS8inF87AQI6MRuyGgwAggggAACCCDgKkBAx5WFnQgg gAACCCCAAAJlLEBAJ5qDL7+7HHfccWrDhg1GAwnoRHOcsrWKMcymw3PFCKQGdCSsM2rUqGKK5FwE Ii9AQCfyQ0QDQxQgoBMiNlWVRoCATmncqRUBBBBAAAEEEPBbgICO36KUhwACCCCAAAIIIBB3AQI6 0RzBZ599Vl1++eVW4wjoWBSxWWEMYzNUsWsoAZ3YDRkN9kGAgI4PiBSRGAECOokZSjqSSYCATiYZ 9iOAAAIIIIAAAvESIKATr/GitQgggAACCCCAAALBCxDQCd7Yaw1z585V5513nvrmm2+sUwnoWBSx WGEMYzFMsW0kAZ3YDh0NL0KAgE4ReJyaOAECOokbUjqUKkBAJ1WEbQQQQAABBBBAIJ4CEtBp2bKl 2rRpk+rcubOSn/NYEEAAAQQQQAABBBAoZwECOt5GX36n2LVrl9qxY4c64ogj1OGHH55WwKFDh9T6 9etVjRo1VNOmTVWFChXSjsm0Y/bs2WrgwIFq7969jkOCCOhs27ZNvf/++2rLli3qq6++UnXr1jV+ X+revbunNpsN3b9/v/r8889VtWrVVMOGDc3d1uPHH39shI5atGihqlatau3PtbJu3Tq1efNmtXXr VrV7927VqFEj1apVK3XssceqOnXq5Drd0/Oaphkm8juj+Bw8eFAdeeSRqnHjxsY/aXuuJegx3LNn j+EshnJ9FbLIdbxq1SolYyL9rFKlivre976n2rRpo+rVq1dIkdY5Qb9GrIp8Xgnq+pVm+v1a8zug 43f74mRZ6uvVj/ecTC8Fv8c1Uz1h7SegE5Y09cRBgIBOHEaJNhYlQECnKD5ORgABBBBAAAEEIiMg H7wQ0InMcNAQBBBAAAEEEEAAgQgIENDJPAgSYPjlL39phHEkeCKhHAnnyO8VsthDMxs2bFD33HOP Wrp0qRHwOHDggHGMhHQkTHLGGWeosWPHugZ6JIAyadIktWDBAvXuu+8a56X+5+STT1bHHHNM6m5j W/744K677nJ9zm2n3HpJ6luyZImSL4dTl2bNmqkf//jH6oorrlDt2rVLfdrYfvzxx5WUIy6mjYR8 ZGnevLnauHGjsS7Bmttvv129/PLLaufOncY+CZYMHjxYTZw40QjzGDtT/vPZZ5+phx9+WE2ZMkV9 8MEHKc9+tymuw4cPN2Yc8hKE+q6E/1v79NNP1fjx49W0adOMMFDq8+a2hFgGDRqkrrrqKiMoZO4P Ygy//PJLox657uSfOIuhhIZkkTESHy+LhLHGjRunpk+frrZv3+56qoSRpH8ybvXr13c9xtwZ1mvE rM+vx6CvX7OdfrzWpKynn35aTZ061SxWrV69Ou110a9fP+t5c+Xiiy82rhNzO/XRj/bFyTJK12ux 7zmpY2nf9mNc7eVFZZ2ATlRGgnZEQkD/AY4FgUQLvPXWW/JbivFv8uTJie4rnUMAAQQQQAABBJIs 8O2332r6h8XGz3X6h9hJ7ip9QwABBBBAAAEEEEAgL4Ef/vCHxs/H+qwZeR0fx4Pee+896/Nd83Pe o48+OmdX5syZk3aeeb486gEdTZ8tRxs9erRWvXp161h9BhmtSZMmmh4YsfbJ8fpMLNqsWbPS6p0x Y4bjOHsd+axfcMEFaWW67dDDHZo+O4+jrsMOO0zTb6elXX311dppp52mVa5c2fH8gw8+6FaUdtNN NzmOs7ezVq1axjkzZ87UateunfE4PQTiWrYeyNH0P6ywztNDTpoexNGGDBmiXXfddVqPHj00PeRj PS91t23bVtNDUq7l5dr54osvGmNj74Os67PlaH379jXq1mdKctQnY6l/2W8VHcQY6iElR52p7dMD Olb9+aw89dRTmrzO7eUcddRRmlw/Mv49e/bUKlasaD0v14Zc2/v27ctYfFivkYwNKPCJIK9faZKf rzUpTw/gWeNiH79c63rAUE5PW/xsX5wso3K9+vGekzao+g4/x9Wt/FLvk/83mNe8HjQsdXOoH4GS CkjCmgWBRAsQ0En08NI5BBBAAAEEECgjAQI6ZTTYdBUBBBBAAAEEEEAgLwECOpmZ1qxZo91www2a BCEk0GN+MWg+6jO8aNdcc421v0+fPtqyZcs0fYYTo1B9th1Nn8HCel7O02ckMb5EtdcqXzrqt6xx /NNv3eQ4T0IpqceY2/qsO/biXNdfe+01IzRktl2CGBJ40WdxcByvz8yh6be4ctR93333OY6RjRde eME4X8IdNWvWdBwvAZ3ly5dr8ij1denSRZs/f7525plnOo6TUNM333zjKFvs9FtYWcfpt93S9Jl5 HMfIhrTz9NNPt46TevRbXmn6jD1px2baoc9Q4xg/KaNSpUpGKEWfrcZxmvwu+ec//9lRn4Sw9NmU jOOCGEPp94033miEZ6Rv5tiZj/kGdGSMBwwY4Di/f//+roEmfeajtGNPPfVUTb+1mMPD3AjrNWLW 59djUNevtM/v15pZpvl6l8fUa1+f9cj1/UGfMSmNzO/2xcmy1Nern+85qQPr97imlh+FbQI6URgF 2hAVAQI6URkJ2hGYAAGdwGgpGAEEEEAAAQQQCFWAgE6o3FSGAAIIIIAAAgggEAMBAjr5DdL+/fu1 4447zhFy0G85ZWzLjDnPPPOMa0Eyw06bNm0c5+m3ZHI91r4zNRAks/UUuvz73/92hGhkZh/9tjQZ i9u2bZvWsGFDR5tlxodMy4oVKxwzr8iMNyeeeKJxvn6LLO2LL74wTu3UqZOjTJmtx3zOLPuNN95w HCNhFAlCuS1i27VrV8fx+i2otL1797odnrZPAlVm2EUeJXAzb968tOPMHfrt4BzHyznvvPOO+XTa o59jKL/LdujQwVF/PgEd/VZrjvNk7EeNGmUFi9Iare+QuoYOHeqoq3379mljlXpu2K+R1PoL3fbz +g36tWb2UWY2sl+7+VwLcm7Q7YuTZSmu16Dec4IeV/O6K/UjAZ1SjwD1R0mAgE6URoO2BCJAQCcQ VgpFAAEEEEAAAQRCFyCgEzo5FSKAAAIIIIAAAghEXICATv4DNHjwYMeX4uYX5A888EDWQsaPH+84 76STTsp6vDzpZ7ijd+/ejvoHDRqUs34J5Jj9k0eZwSfbIrdKsh8v63IbqI8++sg6bcSIEY5j+vXr Zz1nrowdO9ZxjJRzxRVXmE+nPcqMGKm3u8onzPTEE0+k1SO3v8m2nHzyyWnnTJ06NeMpfo6hVHLz zTc76s8nlCGzrdjHRYId+S6pty7K57oJ8zWSbz/yOc6v6zeM15r0p9CAThjti5NlmNdrkO85YYxr Pq+joI8hoBO0MOXHSYCATpxGi7YWJEBApyA2TkIAAQQQQAABBCInQEAnckNCgxBAAAEEEEAAAQRK LEBAJ/8BuOWWWxxhBwk+yIwI5m2OMpU0ffp0x3m1a9fOdKi1369wx5/+9CdH3XILp61bt1r1ZFuR UI493LF48eKMh59wwgmOY+W81Ftjye2rZJ/c9us3v/mNtn379rTynnzyybRy7r333rTj7DtSZ9G5 8MIL7U+nrUu9cqsxe9/OOuustONSd9hvZybnykxBmW79JOf6NYZmO2TmG3ubcwV05NZnVapUsc6R WZHkFjv5Ljt27LBuU2bWO2vWrKynh/kaydoQj0/6cf2G9VqTrhUS0AmrfXGyDOt6DfI9J6xx9fiS CuRwAjqBsFJoTAUI6MR04Gh2/gIEdPK34kgEEEAAAQQQQCDKAgR0ojw6tA0BBBBAAAEEEECgFAIE dPJXv/XWW62wgxlYmD17ds4CFixYkHaehB+yLX6EO+RWT3Xr1nXUfeaZZ2ar1vFcaiDktttuczxv 35BbS5km8lixYkVt8+bN9kPyWt+1a5fjlkzyZb/ccivbct111znqzjVDkczIY2+r3PYp262qzLrl S3bxk9BL27Zttccee8x8yvXRjzG0F+w1lJE6448EjLwul112mcOqZ8+eWYsI8zWStSEenyz2+g3z tSZd83othNm+OFmGdb0G9Z4T5rh6fEkFcjgBnUBYKTSmAgR0YjpwNDt/AQI6+VtxJAIIIIAAAggg EGUBAjpRHh3ahgACCCCAAAIIIFAKAQI6+au7fZmbKzwipS9fvtwRcpBwSK7z/Ah3pN6mSuqVmWvy Xd58801HuwcMGJDx1NQv5Xv16pXx2FxPfPPNN9r8+fO1bDP22Mu4//77He1s1aqV/WnHunyhLTPf 2AM6rVu3dhzj14YfY2hvi5dQhts19/jjj9uLy2v997//vcNK3ORL8kxLmK+RTG0oZH+x12+YrzXp n5drQY4Ps31xsgzjeg3yPSfMcZXrqNQLAZ1SjwD1R0mAgE6URoO2BCJAQCcQVgpFAAEEEEAAAQRC FyCgEzo5FSKAAAIIIIAAAghEXICATv4DlPplbuPGjfM62S0sEUZAZ9iwYWnhiqlTp2qHDh3K65/c CsseZOnQoUPG/qZ+KZ9ttp2MheTxxMaNG7VXX31Ve+aZZ7RJkyZpI0eO1E499VRHO7MFdGTGI3uf ZH3QoEF51Oz9kFIGdFIDHNJPCT15XWbOnJnmNWHChIzFhPkaydiIAp4o9voN87Um3Usd31y3Owuz fXGyDON6DfI9J8xxLeBl5fspBHR8J6XAGAsQ0Inx4NH0/AQI6OTnxFEIIIAAAggggEDUBQjoRH2E aB8CCCCAAAIIIIBA2AIEdPIXT/0y94wzzsjr5FIFdM4///y0cEVqOMXLdrNmzTL2N/VL+QceeCDj sV6e2Llzp/boo49qcp02bNgwr/5kC+hIu1L7PH78eC9NyvvYUgZ0Lr300rR+Zpv5JlOn5s2bl1bO kCFDMh2uhfkaydiIAp4o9voN87Um3fMa0AmzfXGyDON6DfI9J8xxLeBl5fspBHR8J6XAGAtUkLbr P9CwIJBYgbffflt17drV6N/kyZOVnkpNbF/pGAIIIIAAAgggkGSB//znP6ply5Zq06ZNqnPnzkp+ zmNBAAEEEEAAAQQQQKCcBfQv+NSsWbNUvXr11K5duxJJsXLlStW+fXtH3/TwhNqyZYtjX66N4cOH q9/97nfWYb1791avvfaatZ1p5Z133lEdO3Z0PK3PoKMaNWrk2GffaNKkidJnsLF2PfLII+raa6+1 tvNZ6dKli1q6dKnjUKmzQYMGjn35bFSuXFnpt61S+pfNrofrt4lS+pen1nPPPfecuuSSS6xtryuf fvqpGjVqlNLDOergwYOO0/WZi1S3bt3UKaecomQcp0+frvSZXqxj9ICOWrdunbVtX7nzzjuVPgOM fZfSb+Okhg4d6tjnx4YfY2hvx913363GjBlj7dJnTVFTpkyxtu0r+qxCasGCBfZdav369cbvw46d OTZWrFih9JmTHEf16dNHvfTSS4595kaYrxGzTj8ei71+w3ytSX+9XAtyfJjti5NlGNdrkO85YY6r XEelXj788EOlB8CMZowbN07pM6iVuknUj0DpBGIcLqLpCOQlwAw6eTFxEAIIIIAAAgggEHkBZtCJ /BDRQAQQQAABBBBAAIGQBZhBJ3/w1NkW9IBOXieXagYd/Y9O02Y/0YMrebXZ60Gps2bIrZEKXR5/ /HHtsMMOS2u7HsrRXnzxRU3/wwtH0Q8++KDj2Gwz6OhfyDuO1b9Z0/SAjqM8vzZKOYOOHl5K6+eq Vas8d03/o5a0ci688MKM5YT5GsnYiAKeKPb6DfO1Jt3zOoNOmO2Lk2UY12uQ7zlhjmsBLyvfT2EG Hd9JKTDGAtziKsaDR9PzEyCgk58TRyGAAAIIIIAAAlEXIKAT9RGifQgggAACCCCAAAJhCxDQyV88 jC9zzdbkG+5YvHixNnHiRO311183T7Ue3W5ztGTJEut5P1eK/VLebMukSZO0ChUqOEIhxx57rDZ3 7lzzkLRHLwEdsZJQjv3f2LFj08r0Y4cfY2hvh5dQhtutb+bPn28vLq/1V155xWElbv379894bpiv kYyNKOCJYq/fMF9r0j0v14IcH2b74mQZxvUa5HtOmOMq11GpFwI6pR4B6o+SAAGdKI0GbQlEgIBO IKwUigACCCCAAAIIhC5AQCd0cipEAAEEEEAAAQQQiLgAAZ38ByiML3PN1uQb7vjVr35lBCj0WzSZ p1qPd9xxR1q4Qr/1lPW8nyvFfikvbZEZXipWrOhos347Lk2+lM22eAno6LfDcpQvgZPBgwdnK77g 5/wYQ3vlXkIZN954Y1o/C5nV6Pnnn08rR8rOtIT5GsnUhkL2F3v9hvlak/55uRbk+DDbFyfLMK7X IN9zwhxXuY5KvRDQKfUIUH+UBAjoRGk0StgW/f7E2tq1a7X9+/cH2oqw6rF3goCOXYN1BBBAAAEE EEAgvgIEdOI7drQcAQQQQAABBBBAIBgBAjr5u4bxZa7ZGj/CHS+99FJauEJut1LI8umnn2pffvll xlOL/VJeCr7gggvS2rtw4cKMdZpP/Pa3v3WcZ7/F1fbt27WLLrpIGz9+vHH4li1btEqVKjmOlxl6 ClkOHDiQdrstezl+jKG9PC+hjKefftrRRwkiyexEXpcJEyaklTNt2rSMxYT5GsnYiAKeKPb6DfO1 Jt3zci3I8WG2L06WYVyvQb7nhDmuch2VeiGgU+oRoP4oCRDQidJolKgt8kNyo0aNjB/UhgwZElgr wqontQMEdFJF2EYAAQQQQAABBOIpQEAnnuNGqxFAAAEEEEAAAQSCEyCgk79tGF/mmq1p0qSJIxjx xz/+0XzK8XjbbbcZxw0bNsyxXzbsv/+Yt3Rq27Zt2nG5dixbtsy47VSHDh0yHlrsl/LS1urVqzv6 3Lp164z12Z+4/PLLHefZAzrr1683nqtVq5Z1innNmybyuHz5cuv5fFZWrlypVa5cWevcuXPGw/0Y Q3vhXkIZX3/9tVavXj2HiwSVvC59+/Z1lFGnTh1Nys60hPkaydSGQvb7cf02b97cYRXUa0365+Va kOPj9l4QlmVY12tQ7zlhjqtcR6VeCOiUegSoP0oCBHSiNBoht2Xz5s3aTTfdpFWtWtX6weOSSy7x vRVh1ZOp4QR0MsmwHwEEEEAAAQQQiJeA/cOLbB+kxqtXtBYBBBBAAAEEEEAAgcIFzC8O5cv8pC7v vfee9fm1GcqQ2U28LmF9mSvtat++vaPN9957r2tzL730UuO4sWPHuj6fOruM9H/WrFmux2ba2b9/ f6OOnj17ZjpEKzbgsGnTJkd/pZ1XXXVVxvrsTxxzzDGOc3MFdGbPnu04Xurq0qWLEWKwl5ttXW6L Jed17Ngx42F+jaFZgddQxu233+7oZ7Vq1bRPPvnELC7n48aNG7UqVao4ynjooYeynhfmayRrQzw+ Wez1K9WF9VqTurxeC2G2L06WYV2vQb7nhHndyXVUyoWATin1qTtqAgR0ojYiAbRHpmqUH9xWr16t vfnmm5r8MnDOOedo8gOd/BBq/3fxxRcX3IKw6vHaQAI6XsU4HgEEEEAAAQQQiKYAAZ1ojgutQgAB BBBAAAEEECidQDkEdN59913HZ9jyebbMCO91+fnPf+4o54wzzsiriKVLlzrOk/rltifZFjMUY372 PnDgQNfD27VrZ5QttzRyWw4dOqR1797dUb98gb5r1y63w9P2SZinQoUKxvnZwhnHH3+8o44XX3wx raxsO2RWltQZdOSWV7mWFStWOOoVr6ZNm1qnmeGs1ADaj370o7Tz/vCHP1jnZVuZP3++VrFiReP8 bOf4NYZmW0aOHOlos/Qh27J379604JSEnv7zn/9kO816To41rz95zGc8wnyNWA31YaXY61eaENZr TepKvRZkFqlcS1jti5NlmNdrUO85YY1rrusrjOcJ6IShTB1xESCgE5eRKqKdQ4cOdfwgZv+hLHW9 mIBOWPV4pSCg41WM4xFAAAEEEEAAgWgKENCJ5rjQKgQQQAABBBBAAIHSCZRDQGfmzJlpn2/LrPAS YPCyXHbZZY5y8r0F04wZMxznyWfquW6pNGHCBMc59evX1z777DNHc+WPac3P5//1r385nrNvrFu3 TmvYsKF1rJzTu3dvbffu3fbD0tbFzbxN0umnn55xhhkJfBx22GGO8h9++OG08nLtOOussxxl1KhR Q5OATaZl27ZtWuqtcKRvEijaunWrcdqUKVOMMs8++2xHMdL3li1bOuqrW7duztmF5NZWLVq0MM7r 1KlTRhOpzM8xlPJ++tOfOtp77rnnyu6si4TD5LZU5nUij1dccYV28ODBrOfdc889jnMaN26cdv25 FRDma8St/kL2+XX9St1Bv9bM/qVeC7169TKfyvoYdPviZhnm9Rrke07Q45r1ovrvkxKeCXohoBO0 MOXHSYCATpxGq8C2pgZnjj32WE0SuX/729+MKRztP9wVc4ursOrxykBAx6sYxyOAAAIIIIAAAtEU IKATzXGhVQgggAACCCCAAAKlE0hiQEfCKkuWLNFeffVVbdKkSZp8nm3/DNtcl0CIzDzz+uuvaxJk kNlY7MGFPXv2aMuWLdMWLFigPfjgg5qEesxzzcdf/OIXxvly3Pbt262BlCCHfK78/PPPp92uSs49 7bTTtOnTp2tvv/22MXO9deJ/V7744gsrHGPWJbezkjbJIrcfMm8l07dv3/+elflBvthMDaRI0OSF F15w9FlK2Lx5s/azn/3M6utRRx2lyS2o7IscI2avvPKKdu2111rHmm2VW4hNnDjRGANxEI9ci3hU qlTJUZbcvkpmrEld/vGPf2jm7EHSj9TAggSQ5E4A0g5p069//evUIoxZjE4++WRHfXKszBzz+eef O47fsWOHNnnyZGuWn9q1a2syM1O2pdgxlACZBLkWLlyoyUw9NWvWdLS1cuXKxm2VJKglY5FpZhy5 No888kjHuRLuWbVqlaP5cocDGavzzz/fcexxxx1n7Hcc/N+NUr5G3NqT774grl+zbr9fa1JurmtB rtubb75Zk1spyfUi16Zcf26L3+2Lk2Wpr1eZOS2o9xy/x9Xt2sm278knnzRma5szZ062w4p6Tvpo /j9m3LhxRZXFyQjEXYCATtxHMI/2S9r8/fff1z766CNNppq0Lz169LDeEOWNsZiATlj12NufzzoB nXyUOAYBBBBAAAEEEIi+AAGd6I8RLUQAAQQQQAABBBAIVyBpAR232XLML/TyebSHbOSLxnzOMY+R GVPMJXXGGvMYt8eTTjrJPM3xKLeJSg0Fyawy3bp1s2ZFqVWrVs7ZeMxCZcaZK6+8Mi0Ec8QRR2jn nHOOJrfROuWUUxx9lv2ffPKJWYT1eNNNNzmOc+uXfZ+0M59FZryR4In9XFmXQNOwYcO066+/3hF4 OuGEE4xZS+SLW/O2U6nnyi13JETgtsgX9oMGDUqrU2bhkQBUnz590gJecnu0RYsWuRWXtq+YMZSg RWpfsm1LwCbTsmHDBuOPrlON2rZtq8l7gNwGLfUWY1WqVNFGjBiR9p2QvY5Sv0bsbfGyHtT1a7bB z9ealOn1WpDrRG5Pl2nxs31xsozC9Rrke46f45rp2sm0X261Je/Hcu3J+4mEKP1eCOj4LUp5cRYg oBPn0fOh7akBnWJucZWtOWHV49YGAjpuKuxDAAEEEEAAAQTiJ0BAJ35jRosRQAABBBBAAAEEghVI WkDn8ccfN4IaMsOJBE+aNm1qzBwjs4BIUMP8J9syO4vMsCK3j5Lgi4QyUgM6EmiQsmQWGTm+VatW mpwrjzIjjdz6R26NJKESe0BHAiVSZoMGDbRmzZoZIQ85T/7JjD6yT+qVUITcZiXTIrPHdOnSxTWo IW3Pdasst3LlS065zVFq+Mce/pBbR8nsQ5lmZXnooYc0CXBI38VALKRvpq/4SBkyBjLzixjmu0iY ZvTo0VqTJk1c+y3tlFtq3XHHHZrMbGMuf/3rXx238pL2XXjhha4BI/Mc83H9+vXaddddp1WrVi1j nRK6uuWWW3LeGsws03wsdAwllGFefzIDjlx/prH4ysxBYi8Wcu1mC+iYbZHZpeSPrLP1U65JeV/I Z9YjCTyYbSzVa8Tsm5fHIK9fezv8eK1JeanXgoy9XAPm602uC7k+JDwm14PMRJUtoGO20Y/2xcky StdrkO85foyreY14eZRZdOz/H5Ggjpj7tUi/zPKZQccvVcqJq0AFabj+gmApU4Hvf//7Sk+LW73X AzpKn7bT2vZrJax63NqrTzOqunbtajylT2Op9KS+22HsQwABBBBAAAEEEIi4gP7hstI/OFb69Oyq c+fOSn7OY0EAAQQQQAABBBBAoJwF9NvZKP2LXFWvXj21a9eucqaIdN8//PBD43N4PUCk9HCF0r/4 VPpsN0oPoRTcbn3GA6V/SazWrFmjpHz5qkcPxSh9FgTVsWNHpYc+Ci7bjxOlfXqgRH388cfGv507 dyo9kKL0MILSbxOj9CBCWjX79+9X+u19jP36DDjq8MMPTzsm2w79FmeGif5FsFq7dq3S/8hD6UEo pYcflD5zkdKDWNlOz/pcEGOYtcIsT0q/9Fl1jLGXvsq2HrBRenDMuLb0cFmWs3nKq0AcXmtRfi+w e0fd0t7WfNaDfM8J20reR9zeI+X/V3fffbf6wQ9+kA9JxmPkPVTe12XRAzpq5MiRGY/lCQSSLkBA J+kjnKN/YQVnwqrHrbsEdNxU2IcAAggggAACCMRPQAI6+l+rqo0bNxLQid/w0WIEEEAAAQQQQACB AAQI6ASASpEIIIAAAgiUocBTTz2l9FspuvZcv1OK0mdHKzioQ0DHlZWdZSpAQKdMB97sdljBmbDq MftlfySgY9dgHQEEEEAAAQQQiK8AAZ34jh0tRwABBBBAAAEEEAhGgIBOMK6UigACCCCAQLkJyCw6 bdu2NWZly9T3QoM6BHQyibK/HAUI6JTjqNv6HFZwJqx6bF2zVgnoWBSsIIAAAggggAACsRYgoBPr 4aPxCCCAAAIIIIAAAgEIENAJAJUiEUAAAQQQKFOBbLPo2Em8BnUI6Nj1WC93AQI6ZX4FhBWcCase t+EkoOOmwj4EEEAAAQQQQCB+AgR04jdmtBgBBBBAAAEEEEAgWAECOsH6UjoCCCCAAALlJJDPLDp2 j3yDOgR07Gqsl7sAAZ0yvwLCCs6EVY/bcBLQcVNhHwIIIIAAAgggED8BAjrxGzNajAACCCCAAAII IBCsAAGdYH0pHQEEEEAAgXITyHcWHbtLrqAOAR27FuvlLkBAp8yvgLCCM2HV4zacBHTcVNiHAAII IIAAAgjET4CATvzGjBYjgAACCCCAAAIIBCtAQCdYX0pHAAEEEECg3AS8zqJj98kU1CGgY1divdwF COiU+RUQVnAmrHrchpOAjpsK+xBAAAEEEEAAgfgJENCJ35jRYgQQQAABBBBAAIFgBcyATrVq1dRP f/rTYCujdAQQQAABBBAoC4EPPvhAvfrqqwX3NTWoQ0CnYEpOTKAAAZ0EDqqXLoUVnAmrHre+E9Bx U2EfAggggAACCCAQPwECOvEbM1qMAAIIIIAAAv+/vXuBlqsq7wC+EwIkEgQxyKOABCQpQR4xlMTy Cgqi4EKgVbRQAbtosQoUymNRgwYRbJBCG3UpaiHUKpFqBCKkIq8SCukKJsEsgRQMj6CByFNIQkJY 1D11JjP3zr135t55nLPPb9aKc84+j72/3zd1Nea/ziFAoL0C5YBOe2dxdwIECBAgQIBA8wIxqPNv //ZvIT6VZ/z48aUbXHLJJWHatGnN38wVBBIRENBJpJGDLaNTwZlOzVPPQUCnnooxAgQIECBAgED+ BAR08tczKyZAgAABAgQIEGivgIBOe33dnQABAgQIEBicwKGHHhqmT58epk6dGjxBZ3CGrkpTQEAn zb42XFWngjOdmqde4QI69VSMESBAgAABAgTyJyCgk7+eWTEBAgQIECBAgEB7BcoBna222io8+eST 7Z3M3QkQIECAAIFCCPzt3/5t+P73vz+oWquDOeUbCOiUJXwTCEFAp+C/gk4FZzo1T712CujUUzFG gAABAgQIEMifQHVAZ//99w8LFy7MXxFWTIAAAQIECBAgQKCFAuWAztZbbx1efPHFFt7ZrQgQIECA AIEiCjz22GNhzz33DBs2bGiq/HrBnPINBHTKEr4JCOgU/jfQqeBMp+ap11ABnXoqxggQIECAAAEC +RMQ0Mlfz6yYAAECBAgQIECgvQICOu31dXcCBAgQIFA0gVNPPTXMmjWr4bL7C+aUbyKgU5bwTUBA p/C/gU4FZzo1T72GCujUUzFGgAABAgQIEMifgIBO/npmxQQIECBAgAABAu0VENBpr6+7EyBAgACB Igk08/ScRoI5ZTsBnbKEbwICOoX/DXQqONOpeeo1VECnnooxAgQIECBAgED+BAR08tczKyZAgAAB AgQIEGivgIBOe33dnQABAgQIFEnglFNOCdddd12/JTcTzCnfSECnLOGbgIBO4X8DnQrOdGqeeg0V 0KmnYowAAQIECBAgkD8BAZ389cyKCRAgQIAAAQIE2isgoNNeX3cnQIAAAQJFERjo6TmDCeaU7QR0 yhK+CQjoFP430KngTKfmqddQAZ16KsYIECBAgAABAvkTENDJX8+smAABAgQIECBAoL0CAjrt9XV3 AgQIECBQFIFDDjkkzJ8/v1e5QwnmlG8moFOW8E1AQKfwv4FOBWc6NU+9hgro1FMxRoAAAQIECBDI n4CATv56ZsUECBAgQIAAAQLtFRDQaa+vuxMgQIAAgSIIxKfn7LHHHjWltiKYU76hgE5ZwjcBAZ3C /wY6FZzp1Dz1GiqgU0/FGAECBAgQIEAgfwICOvnrmRUTIECAAAECBAi0V0BAp72+7k6AAAECBIog cMopp4TrrruuVOro0aPD3Llzw9SpU1tWuoBOyyjdKAGBYW/+/pNAHUoYpECngjOdmqceg4BOPRVj BAgQIECAAIH8CQjo5K9nVkyAAAECBAgQINBeAQGd9vq6OwECBAgQSF0gPj1nzz33DPHfcqdPn97S YE7ZTkCnLOGbgCfoFP430KngTKfmqddQAZ16KsYIECBAgAABAvkTENDJX8+smAABAgQIECBAoL0C Ajrt9XV3AgQIECCQusA111wTdtttt7YEc8p2AjplCd8EBHQK/xuYPHlyiAGW8ue4444Lc+bMKe+2 7LtT89RbsIBOPRVjBAgQIECAAIH8CQjo5K9nVkyAAAECBAgQINBeAQGd9vq6OwECBAgQIDB0AQGd oRu6QzoCXnGVTi+brmTdunVh7NixYeXKlZVr99lnn7BkyZIwbNiwythQNzo1T1/rFNDpS8Y4AQIE CBAgQCBfAgI6+eqX1RIgQIAAAQIECLRfQECn/cZmIECAAAECBIYmIKAzND9XpyUgoJNWP+tW88or r4Tly5eHN998M2zYsCHE/WXLloXZs2eH//qv/+p1zdFHHx2OP/74sPvuu4ctttgijBgxohTYGT9+ fBg5cmSv88sDnZqnPF+j3wI6jUo5jwABAgQIECCQbQEBnWz3x+oIECBAgAABAgQ6LyCg03lzMxIg QIAAAQLNCQjoNOfl7LQFBHTS7m+punnz5oWjjjpqyJXGJ+vsu+++fd6nU/P0uYA+Dgjo9AFjmAAB AgQIECCQMwEBnZw1zHIJECBAgAABAgTaLiCg03ZiExAgQIAAAQJDFBDQGSKgy5MSENBJqp31i3no oYfClClTSk/BGTVqVNh0001LT8UZPnx4iH+qX2cVn7IT/+Ej/nn99ddLf9auXRtWr14dFi1a1G9A p1Pz1K+y71EBnb5tHCFAgAABAgQI5Ekg/v+o8SmPTzzxRNh///3DwoUL87R8ayVAgAABAgQIECDQ cgEBnZaTuiEBAgQIECDQYgEBnRaDul2uBQR0ct0+i29EQECnESXnECBAgAABAgSyLyCgk/0eWSEB AgQIECBAgEBnBQR0OuttNgIECBAgQKB5AQGd5s1cka6AgE66vVXZHwQEdPwUCBAgQIAAAQJpCAjo pNFHVRAgQIAAAQIECLROQECndZbuRIAAAQIECLRHQECnPa7umk8BAZ189s2qmxAQ0GkCy6kECBAg QIAAgQwLCOhkuDmWRoAAAQIECBAg0BUBAZ2usJuUAAECBAgQaEJAQKcJLKcmLyCgk3yLFSig4zdA gAABAgQIEEhDQEAnjT6qggABAgQIECBAoHUCAjqts3QnAgQIECBAoD0CAjrtcXXXfAoI6OSzb1bd hICAThNYTiVAgAABAgQIZFhAQCfDzbE0AgQIECBAgACBrggI6HSF3aQECBAgQIBAEwICOk1gOTV5 AQGd5FusQAEdvwECBAgQIECAQBoCAjpp9FEVBAgQIECAAAECrRMQ0GmdpTsRIECAAAEC7REQ0GmP q7vmU0BAJ599s+omBAR0msByKgECBAgQIEAgwwICOhlujqURIECAAAECBAh0RUBApyvsJiVAgAAB AgSaEBDQaQLLqckLCOgk32IFCuj4DRAgQIAAAQIE0hAQ0Emjj6ogQIAAAQIECBBonYCATuss3YkA AQIECBBoj4CATntc3TWfAgI6+eybVTchIKDTBJZTCRAgQIAAAQIZFhDQyXBzLI0AAQIECBAgQKAr AgI6XWE3KQECBAgQINCEgIBOE1hOTV5AQCf5FitQQMdvgAABAgQIECCQhkB1QGfSpEnhgQceSKMw VRAgQIAAAQIECBAYpICAziDhXEaAAAECBAh0TEBAp2PUJsqBgIBODppkiUMTENAZmp+rCRAgQIAA AQJZERDQyUonrIMAAQIECBAgQCArAgI6WemEdRAgQIAAAQJ9CQjo9CVjvIgCAjpF7HrBahbQKVjD lUuAAAECBAgkKyCgk2xrFUaAAAECBAgQIDBIAQGdQcK5jAABAgQIEOiYgIBOx6hNlAMBAZ0cNMkS hyYgoDM0P1cTIECAAAECBLIiIKCTlU5YBwECBAgQIECAQFYEBHSy0gnrIECAAAECBPoSENDpS8Z4 EQUEdIrY9YLVLKBTsIYrlwABAgQIEEhWQEAn2dYqjAABAgQIECBAYJACAjqDhHMZAQIECBAg0DEB AZ2OUZsoBwICOjlokiUOTUBAZ2h+riZAgAABAgQIZEVAQCcrnbAOAgQIECBAgACBrAgI6GSlE9ZB gAABAgQI9CUgoNOXjPEiCgjoFLHrBatZQKdgDVcuAQIECBAgkKyAgE6yrVUYAQIECBAgQIDAIAUE dAYJ5zICBAgQIECgYwICOh2jNlEOBAR0ctAkSxyagIDO0PxcTYAAAQIECBDIioCATlY6YR0ECBAg QIAAAQJZERDQyUonrIMAAQIECBDoS0BApy8Z40UUENApYtcLVrOATsEarlwCBAgQIEAgWQEBnWRb qzACBAgQIECAAIFBCgjoDBLOZQQIECBAgEDHBAR0OkZtohwICOjkoEmWODQBAZ2h+bmaAAECBAgQ IJAVAQGdrHTCOggQIECAAAECBLIiIKCTlU5YB4H8C7z22mvhueeeC88//3yvPy+88EL41Kc+Ffba a6/8F6oCAgQ6LiCg03FyE2ZYQEAnw82xtNYICOi0xtFdCBAgQIAAAQLdFhDQ6XYHzE+AAAECBAgQ IJA1AQGdrHXEelIU+NGPfhS++93vdq20YcOGhTlz5oT43c7PWWedFWbOnNnnFHPnzg0f/vCH+zzu AAECBPoSENDpS8Z4EQUEdIrY9YLVLKBTsIYrlwABAgQIEEhWQEAn2dYqjAABAgQIECBAYJACAjqD hHMZgSYEzj333PBP//RPTVzR+lPjk23e/va3t/7GVXe89NJLw7Rp06pGajcFdGo97BEg0LiAgE7j Vs5MX0BAJ/0eF75CAZ3C/wQAECBAgAABAokICOgk0khlECBAgAABAgQItExAQKdllG5EoE+BT37y k3WfoBNf9zRu3Liw0047hbe85S1hs802C8OHDw/r168Pd999d7j//vt73TOec9JJJ4UddtghjBgx Irz++uth3bp14cUXXwyPP/54WLx4cXjppZd6XffLX/4yTJgwodd4Kwc2bNgQHnzwwfDMM8+Eb3zj G+GWW26pub2ATg2HHQIEmhAQ0GkCy6nJCwjoJN9iBQro+A0QIECAAAECBNIQENBJo4+qIECAAAEC BAgQaJ2AgE7rLN2JQF8CRx55ZLjtttsqh0899dRw0UUXhbFjx1bGem7Ev7++853vDE8//XTNofgK qTPOOKNmrHonBnZuvfXW0jkrVqyoHLrrrrvC1KlTK/vt3li9enXYdtttw9q1aytTCehUKGwQINCk gIBOk2BOT1pAQCfp9iouCgjo+B0QIECAAAECBNIQENBJo4+qIECAAAECBAgQaJ2AgE7rLN2JQF8C EydODEuWLCkdvvDCC8Nll13W16k145MnTy79+0T14I9//ONw7LHHVg/V3V61alXYZ599wrPPPls6 Pnv27HDCCSfUPbddg7vuumt48sknK7cX0KlQ2CBAoEkBAZ0mwZyetICATtLtVVwUENDxOyBAgAAB AgQIpCEQAzrvete7So/9njRpUnjggQfSKEwVBAgQIECAAAECBAYpIKAzSDiXEWhCYMcddwwrV64M u+yyS3jsscfCpptu2tDVf/qnf9rrNVc333xziP9328hn1qxZIT6tJ34GevJOI/dr9pw//uM/DsuW LatcJqBTobBBgECTAgI6TYI5PWkBAZ2k26u4KCCg43dAgAABAgQIEEhDQEAnjT6qggABAgQIECBA oHUCAjqts3QnAvUE3nzzzbDZZpuFDRs2hPPPPz/MmDGj3ml1x4Ya0Hn11VfDdtttF9asWRM+97nP hS996Ut152nXoIBOu2Tdl0DxBAR0itdzFfctIKDTt40jiQgI6CTSSGUQIECAAAEChRcQ0Cn8TwAA AQIECBAgQIBADwEBnR4gdgm0WOD5558PY8aMKd31Zz/7WTj88MMbnmGoAZ040fvf//5w5513htNO Oy1861vfanjuVpwooNMKRfcgQCAKCOj4HRDYKCCgs9HCVqICal05jwAAMvlJREFUAjqJNlZZBAgQ IECAQOEEBHQK13IFEyBAgAABAgQIDCAgoDMAkMMEhijw8MMPhwkTJpTusmrVqrDttts2fMdWBHTO OeeccNVVV4Vjjjkm3HTTTQ3P3YoTBXRaoegeBAhEAQEdvwMCGwUEdDZa2EpUQEAn0cYqiwABAgQI ECicgIBO4VquYAIECBAgQIAAgQEEBHQGAHKYwBAF7r777nDYYYeFbbbZJsSn6TTzaUVA59vf/nb4 67/+6zBlypRw//33NzP9kM8V0BkyoRsQIPAHAQEdPwUCGwUEdDZa2EpUQEAn0cYqiwABAgQIECic gIBO4VquYAIECBAgQIAAgQEEBHQGAHKYwBAFbrjhhnDCCSeEvffeO/ziF79o6m6tCOjceuut4eij jw5jx44Ny5cvb2r+oZ4soDNUQdcTIFAWENApS/gmEIKAjl9B8gICOsm3WIEECBAgQIBAQQQEdArS aGUSIECAAAECBAg0LCCg0zCVEwkMSuCOO+4IH/jAB0p/5s2b19Q9WhHQWbJkSZg4cWJ461vfGl5+ +eW688e/Ky9dujSsWLEirFy5Mmy66aZh/PjxYc899wxbb7113WsaGexWQCfW8NBDD4Vf//rX4dVX Xw1bbbVVKaD03ve+NwwbNqyRpdecE31efPHF0hOQ4ivK3va2t9UcjzsbNmwoBaBGjRoVdtppp0HN 0+umBggQqAgI6FQobBAQ0PEbSF9AQCf9HquQAAECBAgQKIaAgE4x+qxKAgQIECBAgACBxgUEdBq3 ciaBTgu0IqDT35pjgOWSSy4JN954Y3j22WfrnrrDDjuEk08+OZx33nml13TVPamPwWYCOtOnTw+P Pvpo2GKLLUIMucSQ0PDhw8Obb74ZXn/99fDCCy+EcePGhWnTpvUxWwizZ88OM2fODAsWLChd1/PE nXfeOZx44onhpJNOCnvttVfPw6X9GFT63Oc+VwrjPPfcc6XvGM6J/3tC/HzrW98Kp512Wmn78ccf D1/+8pfDwoULS4Gg9evXl8bj+nffffcwderU8MUvfrFuoKd0ov8gQKBhAQGdhqmcWAABT9ApQJOL XqKATtF/AeonQIAAAQIEUhEQ0Emlk+ogQIAAAQIECBBolYCATqsk3YdA6wXaGdD593//93DGGWeE l156qbLw7bbbLkyePLkUxHnsscfCfffdVwmmxCfwnH322eGCCy4oBWgqF/Wz0UxAZ+TIkWHdunX9 3C2ED33oQyG+sqvnJwZoPv3pT4cf/OAHlUNxvQcffHCIT7yJr/aKtcSn3JQ///Iv/xLOPPPM8m7l +7bbbgtHHnlkZb/nRgzofOpTnyoFm2bMmBFee+210imbb755GDNmTPjNb35TEw56xzveEa655prS a8Z63ss+AQKNCwjoNG7lzPQFBHTS73HhKxTQKfxPAAABAgQIECCQiEB1QOc973lP+PnPf55IZcog QIAAAQIECBAgMDgBAZ3BubmKQCcE2hHQ+e1vfxtOP/30MGfOnEoJxx13XLjyyivDrrvuWhmLG089 9VQplFN9bgy9zJ07t/TaqJqT6+w0E9D5yEc+Em6++eY6dwlh++23D4cddlg44ogjwqmnnlpzzp13 3hk++clPll5nFQ/Ep+7EJ9zEJwPFcE7588gjj5SCNffff395KFxxxRXh7//+7yv7cWPZsmWlp/DE 14HdddddpcBN9QlXX311iP9m9K//+q+l4RjmufTSS8O+++4bRowYUQo8xfl/+MMfVi7bZpttQgw8 1Xs1VuUkGwQI9CsgoNMvj4MFExDQKVjDi1iugE4Ru65mAgQIECBAIEUBAZ0Uu6omAgQIECBAgACB oQgI6AxFz7UE2ivQ6oBOfFVUfELO4sWLSwsfNmxYuOiii0J8vVTcrveJf4+OT5r5+te/Xjkcwyj3 3HNPiE+p6e/TTEDnmWeeCfF1WtWf/fffv/S6qRjeqbe++GScvffeO6xZs6Z0WTzn2muvLb2Sq/o+ 5e04Rzw/vrqq/LnpppvCMcccU96t+Y6vrIqvworhmvInhpieeOKJEJ+YM2vWrPDxj3+8fKjy/cYb b5TmefjhhytjMQgUA0E+BAgMTkBAZ3BurkpTQEAnzb6qqkpAQKcKwyYBAgQIECBAIMcCAjo5bp6l EyBAgAABAgQItEVAQKctrG5KoCUCrQ7oXHzxxaUwTnlxX/jCF2r2y+P1vs8666zSk2XKx+KTbOKr m/r7NBrQiX9XP/nkk0N87Vb8xNddxafS/N3f/V3piTh9zfH+978/xCfolD+NrCk+pScGfsqfaPzf //3f5d1e33/1V39Vt86rrrqqtL5eF/xhIK5/2rRplcP77LNPePDBByv7NggQaE5AQKc5L2enLSCg k3Z/Vfd7AQEdPwMCBAgQIECAQBoCAjpp9FEVBAgQIECAAAECrRMQ0GmdpTsRaLVAKwM6S5YsCQcc cECIT9GJnzFjxoTHH388jB49uqFlv/DCC2GXXXYJq1evrpz/k5/8JBx99NGV/Z4bjQR0fve734WT Tjqp9NqseH285kc/+lGYMGFCz9vV7H/nO98pvcqqPLjJJpuEFStW9HoKT/l49feBBx4Y7rvvvspQ fO3VlClTKvvVG+ecc06IYZzqT3yt1bx58+o+1ad8Xnwyz7HHHlveLTm/8sorlX0bBAg0JyCg05yX s9MWENBJu7+q+72AgI6fAQECBAgQIEAgDQEBnTT6qAoCBAgQIECAAIHWCQjotM7SnQi0WqCVAZ2J EyeGGNIpf+KTYWLIpZnPJz7xiTB79uzKJQcddFCYP39+Zb/nxkABnWXLlpVCLI888kjp0viqqe9+ 97sDvjorvtJqxx13DC+//HJlyvg0ndtvv72y399GfHLQF7/4xcop5557bvjKV75S2a/eiK+muvLK K6uHwi233BKOOuqomrGeO/GpPNGn+vP888+HbbbZpnrINgECDQoI6DQI5bRCCAjoFKLNxS5SQKfY /Vc9AQIECBAgkI6AgE46vVQJAQIECBAgQIBAawQEdFrj6C4E2iHQqoDOokWLwqRJk2qWOGvWrNJr pWoGB9j5+te/Hj772c/WnBVDNuPGjasZK+/0F9CJIZcTTzyxFLIZNmxYiKGZz3/+8/0+laZ8356v qYrjl19+eTjvvPPKp/T7fc8994RDDz20cs7xxx9fempPZaBqo15AZ+XKlWH77bevOqv3Zj3zRq7r fScjBAhEAQEdvwMCGwUEdDZa2EpUQEAn0cYqiwABAgQIECicgIBO4VquYAIECBAgQIAAgQEEBHQG AHKYQBcFWhXQmT59erj44otrKolPvun5hJeaE+rsxFdaxf/OqP7MmDEjnH/++dVDle16AZ34SqzL LrusFMaJf0ePn1NOOSVce+21lesG2jjjjDPC1772tZrTfvjDH9a8UqrmYI+dVatWlZ7AUx6OTxeK gZp6n54BnR122CH85je/qXdqzZiATg2HHQJDFhDQGTKhGyQkIKCTUDOVUl9AQKe+i1ECBAgQIECA QN4EBHTy1jHrJUCAAAECBAgQaLeAgE67hd2fwOAFWhXQOeGEE8INN9xQs5D+nnxTc2LVTgz1HHLI IVUjIfzN3/xN+OY3v1kzVt7pGdC5/vrrS0+qiWGa6s/o0aPDwoULQzy/kU98FdbcuXMbObWhc3be eefw1FNP1T23Z0Bn6tSp4a677qp7bvWggE61hm0CQxcQ0Bm6oTukIyCgk04vVdKHgIBOHzCGCRAg QIAAAQI5ExDQyVnDLJcAAQIECBAgQKDtAgI6bSc2AYFBC7QqoHPwwQeHe++9t2Ydy5cvD2PHjq0Z G2hnyZIlIT5tpvpz5JFHhv/8z/+sHqps9wzoVA7U2ZgwYUKI/xazxRZb1DlaO3TAAQeUAj3Vo/GV U29/+9urhxraHjFiRDjssMPCVVddVff8ngGd973vfeGOO+6oe271oIBOtYZtAkMXENAZuqE7pCMg oJNOL1XSh4CATh8whgkQIECAAAECORMQ0MlZwyyXAAECBAgQIECg7QICOm0nNgGBQQu0KqAzadKk Xq9wWrp0aXj3u9/d1NriU25iOKb685GPfCTceOON1UOV7XoBnWHDhoULL7wwjBw5svSaq8rJv9/4 i7/4i/C9732veqju9pQpU8L//M//1Bx77LHHwu67714z1oodAZ1WKLoHgaELCOgM3dAd0hEQ0Emn lyrpQ0BApw8YwwQIECBAgACBnAkI6OSsYZZLgAABAgQIECDQdgEBnbYTm4DAoAVaFdCp90qo+Lqq gw46qKm13X777eGII46ouea4444Lc+bMqRkr7/QM6Gy55ZbhuuuuC/Ga+PnoRz8aer7u6mtf+1r4 zGc+U75F3e96r+xasGBBmDx5ct3zhzIooDMUPdcSaJ2AgE7rLN0p/wICOvnvoQoGEBDQGQDIYQIE CBAgQIBATgQEdHLSKMskQIAAAQIECBDomICATseoTUSgaYFWBXTOPPPM8NWvfrVm/rlz54YPf/jD NWMD7cQwTQzVVH/OOOOMMHPmzOqhynbPgE7PEM3q1atLoZpf/vKXlWs222yzcM899/QbtrngggvC 5ZdfXrkmbtxwww291lZzwiB3BHQGCecyAi0WENBpMajb5VpAQCfX7bP4RgQEdBpRcg4BAgQIECBA IPsCAjrZ75EVEiBAgAABAgQIdFZAQKez3mYj0IxAqwI63//+98OJJ55YM3UM1cRwTTOfGIqJ4Zjq z49//ONw7LHHVg9VtnsGdH7961+HHXfcsXI8bixbtiz8yZ/8SXjllVcq4zvvvHPplVxjxoypjFVv /PSnPw0f/OAHq4dCDNJcccUVNWON7Pz2t78No0aNCqNHj657uoBOXRaDBDouIKDTcXITZlhAQCfD zbG01ggI6LTG0V0IECBAgAABAt0WENDpdgfMT4AAAQIECBAgkDUBAZ2sdcR6CGwUaFVA57XXXgs7 7LBDeOmllyo3/7M/+7Ner5eqHOxj4+ijjw633npr5Wh8ZdWqVavCyJEjK2PVG40EdOL5//Ef/xE+ 9rGPVV8aPvCBD4R58+aF4cOH14zHnfh3+7Fjx4annnqqcmzChAmh+kk8lQP9bPz85z8vhYP222+/ UiCo3qkCOvVUjBHovICATufNzZhdAQGd7PbGylokIKDTIki3IUCAAAECBAh0WUBAp8sNMD0BAgQI ECBAgEDmBAR0MtcSCyJQEWhVQCfe8Pzzzw9f+cpXKvfefPPNw5NPPhm22267ylh/GzEM8653vSu8 /vrrldO+8Y1vhNNPP72y33Oj0YBOvK7ea7g+//nPh4svvrjnbUv78Wk55513Xs2xn/zkJyGGiBr9 HH/88SE+Aeiggw4K8+fPr3uZgE5dFoMEOi4goNNxchNmWEBAJ8PNsbTWCAjotMbRXQgQIECAAAEC 3RYQ0Ol2B8xPgAABAgQIECCQNQEBnax1xHoIbBSYPHlyiP8+Uf3p75VS1ef13F6zZk14z3veU3ql VPnYySefHK699towbNiw8lCf36ecckq47rrrKsePOeaYcNNNN1X2622MGzcuPProo5VDK1asCDvt tFNlv3pj3bp1YdKkSTVPwYnruvHGG0Ocq+fnjTfeCAcffHC4//77K4fGjx8fFixYELbeeuvKWF8b t9xyS4j//ffmm2+G/oJGZ599dvjnf/7nym2mTp0a7rrrrsp+XxsPPPBA6ek81cfrveKr+rhtAgT6 FhDQ6dvGkeIJCOgUr+eFq1hAp3AtVzABAgQIECCQqICATqKNVRYBAgQIECBAgMCgBQR0Bk3nQgJt FYivpdptt93CypUra+aZMWNG6Wk4NYMN7sTQyPve977wyiuvVK446aSTSiGdESNGVMZ6bvzjP/5j uPDCCyvD8XVZv/jFL8KYMWMqYz03YvAlBmV+97vfVQ4tXLgw7L///pX9nht33313OOyww2qG3/KW t4Sf/vSnpafc1Bz4/c6vfvWrMGXKlPDcc89VDsX65syZE7baaqvKWM+N+KSdv/zLvyy98uvQQw8N d955Z91XacXrPvGJT4TZs2dXbhGfCvTwww9X9vvamDt3bq9gUXylVgxJ+RAg0LyAgE7zZq5IV0BA J93equwPAgI6fgoECBAgQIAAgTQEBHTS6KMqCBAgQIAAAQIEWicgoNM6S3ciMBiB5cuXlwIz8e+r 8fVRL7/8cukpMjfccEPN02HK946Blfjkm/gklx133DGMHDkybLrppqXDu+++exg9enT51LrfMSRy 1FFHhVWrVlWOf+hDHwqXX355ePe7310Zi2tZvHhx+NKXvhRi2KT8ia+5+t73vhcOOOCA8lDlOz4h JgaKXnrppRDX/+1vf7tyLG7EJ97EV0bFdW+55ZYhhl3Kn2eeeaZ0fnytVc9PDA995jOfCXGdf/RH f1SzzviP9h/84AfD448/Xrnsne98Z7jqqqtKT8ipDh7F9V166aWlJ+bEk+PrvWJoaOedd65cG8NL 8Z4xIBWt4mu01q9fXzkeNy644ILSnLGGeO073vGO0vGlS5eGtWvXhvg6sOj24IMP1lx3yCGHhHPO Oadu/TUn2iFAoJeAgE4vEgMFFhDQKXDzi1K6gE5ROq1OAgQIECBAIHUBAZ3UO6w+AgQIECBAgACB ZgUEdJoVcz6B1gocccQR4fbbb2/JTe+4447SE3IGutkTTzwR/uEf/iH84Ac/CPHvyeXPhAkTSk/t ef7550vhnBhSKX9iCOjcc88NMUATQ0H1PmeddVaYOXNmvUO9xmIYKAZayp94Xbx+oM+ee+4ZHnro oZrTYrgnhmZicCi++qr82XbbbUuvzYpP04mv2lq0aFH5UClgM2vWrFJIpzL4+43bbrstHHnkkdVD /W5XP9Eozlf9NJ/+Ltxnn316BXj6O98xAkUXENAp+i9A/dUCAjrVGraTFBDQSbKtiiJAgAABAgQK KCCgU8CmK5kAAQIECBAgQKBfAQGdfnkcJNB2gRhKufrqq8MWW2wRNttss9LTcDbZZJPSK5eGDx8e hg0bVllDfG1U+U8MomzYsKH01J341JZ4XnyF1R577FE5f6CNGHSZPn16uPnmm8O6devqnh7DOIcf fni47LLLwt577133nPLgN7/5zXDmmWeG+JSfWE+8tlxD/Pt4fBLN6tWrw5o1a0qvf4oBofInBnTi 02XideVro0P8xGtjWCg+XWiXXXbpFdAp3yP+A/4ll1xSenpPz6felM+J18eg0Wc/+9ka2/LxGNCJ T+op1zBq1KgQ1xF9o315LbGGWEt8Is/5559fujy+Lis+kSdeG//EUFOsP37idfGpROX6jz322HD9 9deXjvkPAgQGFhDQGdjIGcURENApTq8LW6mATmFbr3ACBAgQIEAgMYH4P4jFx3HHR1/H977Hx1X7 ECBAgAABAgQIECiygIBOkbuvdgL/LxDDPvHvyY888khYtmxZ6Sk08fVP8fVN733ve0MMqeTpE4NL 8dVhsZ74j/oxWBNfjTVu3LjSE3WqQ095qstaCRRZQECnyN1Xe08BAZ2eIvaTExDQSa6lCiJAgAAB AgQKKiCgU9DGK5sAAQIECBAgQKBPAQGdPmkcIECAAAECBDIiIKCTkUZYRiYEBHQy0QaLaKeAgE47 dd2bAAECBAgQINA5AQGdzlmbiQABAgQIECBAIB8CAjr56JNVEiBAgACBIgsI6BS5+2rvKSCg01PE fnICAjrJtVRBBAgQIECAQEEFqgM6EydODIsWLSqohLIJECBAgAABAgQI/L+AgI5fAgECBAgQIJB1 AQGdrHfI+jopIKDTSW1zdUVAQKcr7CYlQIAAAQIECLRcQECn5aRuSIAAAQIECBAgkHMBAZ2cN9Dy CRAgQIBAAQQEdArQZCU2LCCg0zCVE/MqIKCT185ZNwECBAgQIECgVkBAp9bDHgECBAgQIECAAAEB Hb8BAgQIECBAIOsCAjpZ75D1dVJAQKeT2ubqioCATlfYTUqAAAECBAgQaLmAgE7LSd2QAAECBAgQ IEAg5wICOjlvoOUTIECAAIECCAjoFKDJSmxYQECnYSon5lVAQCevnbNuAgQIECBAgECtgIBOrYc9 AgQIECBAgAABAgI6fgMECBAgQIBA1gUEdLLeIevrpICATie1zdUVAQGdrrCblAABAgQIECDQcgEB nZaTuiEBAgQIECBAgEDOBQR0ct5AyydAgAABAgUQENApQJOV2LCAgE7DVE7Mq4CATl47Z90ECBAg QIAAgVoBAZ1aD3sECBAgQIAAAQIEBHT8BggQIECAAIGsCwjoZL1D1tdJAQGdTmqbqysCAjpdYTcp AQIECBAgQKDlAgI6LSd1QwIECBAgQIAAgZwLCOjkvIGWT4AAAQIECiAgoFOAJiuxYQEBnYapnJhX AQGdvHbOugkQIECAAAECtQICOrUe9ggQIECAAAECBAgI6PgNECBAgAABAlkXENDJeoesr5MCAjqd 1DZXVwQEdLrCblICBAgQIECAQMsFBHRaTuqGBAgQIECAAAECORcQ0Ml5Ay2fAAECBAgUQEBApwBN VmLDAgI6DVM5Ma8CAjp57Zx1EyBAgAABAgRqBQR0aj3sESBAgAABAgQIEBDQ8RsgQIAAAQIEsi4g oJP1DllfJwUEdDqpba6uCAjodIXdpAQIECBAgACBlgsI6LSc1A0JECBAgAABAgRyLiCgk/MGWj4B AgQIECiAgIBOAZqsxIYFBHQapnJiXgUEdPLaOesmQIAAAQIECNQKCOjUetgjQIAAAQIECBAgIKDj N0CAAAECBAhkXUBAJ+sdsr5OCgjodFLbXF0RENDpCrtJCRAgQIAAAQItFxDQaTmpGxIgQIAAAQIE CORcQEAn5w20fAIECBAgUAABAZ0CNFmJDQsI6DRM5cS8Cgjo5LVz1k2AAAECBAgQqBUQ0Kn1sEeA AAECBAgQIEBAQMdvgAABAgQIEMi6gIBO1jtkfZ0UENDppLa5uiIgoNMVdpMSIECAAAECBFouEAM6 e+yxR1i+fHmYOHFiWLRoUcvncEMCBAgQIECAAAECeRIQ0MlTt6yVAAECBAgUU0BAp5h9V3V9AQGd +i5GExIQ0EmomUohQIAAAQIECi0goFPo9iueAAECBAgQIECgjoCATh0UQwQIECBAgECmBAR0MtUO i+mygIBOlxtg+vYLCOi039gMBAgQIECAAIFOCAjodELZHAQIECBAgAABAnkSENDJU7eslQABAgQI FFNAQKeYfVd1fQEBnfouRhMSENBJqJlKIUCAAAECBAotIKBT6PYrngABAgQIECBAoI6AgE4dFEME CBAgQIBApgQEdDLVDovpsoCATpcbYPr2CwjotN/YDAQIECBAgACBTggI6HRC2RwECBAgQIAAAQJ5 EhDQyVO3rJUAAQIECBRTQECnmH1XdX0BAZ36LkYTEhDQSaiZSiFAgAABAgQKLSCgU+j2K54AAQIE CBAgQKCOgIBOHRRDBAgQIECAQKYEBHQy1Q6L6bKAgE6XG2D69gsI6LTf2AwECBAgQIAAgU4ICOh0 QtkcBAgQIECAAAECeRLodkBn/fr14b777gtTp07NE5u1EiBAgAABAh0UENDpILapMi8goJP5Flng UAUEdIYq6HoCBAgQIECAQDYEBHSy0QerIECAAAECBAgQyI5AtwI6MZhzzTXXhC9/+cthxowZ4eMf /3h2UKyEAAECBAgQyJSAgE6m2mExXRYQ0OlyA0zffgEBnfYbm4EAAQIECBAg0AkBAZ1OKJuDAAEC BAgQIEAgTwKdDujEYM5Xv/rVMHPmzPDUU0+FCRMmhKVLl4bhw4fnic1aCRAgQIAAgQ4KCOh0ENtU mRcQ0Ml8iyxwqAICOkMVdD0BAgQIECBAIBsC1QGd/fbbLyxevDgbC7MKAgQIECBAgAABAl0S6FRA p/qJOTGYU/5cf/31np5TxvBNgAABAgQI1BUQ0KnLYrCgAgI6BW18kcoW0ClSt9VKgAABAgQIpCwg oJNyd9VGgAABAgQIECAwGIF2B3T6CuaU1/rGG294ek4ZwzcBAgQIECBQV0BApy6LwYIKCOgUtPFF KltAp0jdVisBAgQIECCQsoCATsrdVRsBAgQIECBAgMBgBNoV0BkomBPX6uk5g+mYawgQIECAQPEE BHSK13MV9y0goNO3jSOJCAjoJNJIZRAgQIAAAQKFFxDQKfxPAAABAgQIECBAgEAPgVYHdBoJ5sQl TJgwISxdutTTc3r0wy4BAgQIECDQW0BAp7eJkeIKCOgUt/eFqVxApzCtVigBAgQIECCQuICATuIN Vh4BAgQIECBAgEDTAq0K6DQazCkv0NNzyhK+CRAgQIAAgYEEBHQGEnK8SAICOkXqdkFrFdApaOOV TYAAAQIECCQnIKCTXEsVRIAAAQIECBAgMESBoQZ0mg3mxOV6es4Qm+ZyAgQIECBQMAEBnYI1XLn9 Cgjo9MvjYAoCAjopdFENBAgQIECAAIEQBHT8CggQIECAAAECBAjUCgw2oDOYYE55Zk/PKUv4JkCA AAECBBoRENBpRMk5RREQ0ClKpwtcp4BOgZuvdAIECBAgQCApAQGdpNqpGAIECBAgQIAAgRYINBvQ GUowJy7X03Na0DS3IECAAAECBRMQ0ClYw5Xbr4CATr88DqYgIKCTQhfVQIAAAQIECBDwBB2/AQIE CBAgQIAAAQI9BRoN6Aw1mFOed6+99grbbbddedc3AQIECBAgQGBAgTVr1oQFCxaUztttt93Crrvu Wrnm05/+dPjzP//zyr4NAqkLCOik3mH1BQEdPwICBAgQIECAQBoCnqCTRh9VQYAAAQIECBAg0DqB RgI6Tz/9dDj88MPDsmXLWjexOxEgQIAAAQIEWiBw5ZVXhrPPPrsFd3ILAvkQENDJR5+scggCAjpD wHMpAQIECBAgQCBDAgI6GWqGpRAgQIAAAQIECGRCoJGATlzoM888E2bMmBGuvvrqsHbt2kGvfcyY MWHzzTcf9PUuJECAAAECBIonsGHDhvDss8+WCn/rW98attxyywrCF77whXDaaadV9m0QSF1AQCf1 DqvPE3T8BggQIECAAAECiQgI6CTSSGUQIECAAAECBAi0TKDRgE55wqEGdQ466KAwf/788u18EyBA gAABAgQGFPjf//3fMH78+NJ5l1xySZg2bdqA1ziBQKoCAjqpdlZdFQFP0KlQ2CBAgAABAgQI5FpA QCfX7bN4AgQIECBAgACBNgg0G9ApL2EoQZ2f/exnpVdmle/lmwABAgQIECDQn4CATn86jhVNQECn aB0vYL0COgVsupIJECBAgACBJAUEdJJsq6IIECBAgAABAgSGIDDYgE55ysEEdTxFp6znmwABAgQI EGhEQECnESXnFEVAQKconS5wnQI6BW6+0gkQIECAAIGkBAR0kmqnYggQIECAAAECBFogMNSATnkJ zQZ1PEWnLOebAAECBAgQGEhAQGcgIceLJCCgU6RuF7RWAZ2CNl7ZBAgQIECAQHICMaAzbty48Ktf /Srst99+YfHixcnVqCACBAgQIECAAAECzQi0KqBTnrPRoM6BBx4Y7r333vJlvgkQIECAAAECfQoI 6PRJ40ABBQR0Ctj0opUsoFO0jquXAAECBAgQSFVAQCfVzqqLAAECBAgQIEBgsAKtDuiU19FIUMdT dMpavgkQIECAAIH+BAR0+tNxrGgCAjpF63gB6xXQKWDTlUyAAAECBAgkKSCgk2RbFUWAAAECBAgQ IDAEgXYFdMpL6i+oM3LkyLB27dryqb4JECBAgAABAnUFBHTqshgsqICATkEbX6SyBXSK1G21EiBA gAABAikLCOik3F21ESBAgAABAgQIDEag3QGd8ppWrlwZLr/88nD11VfXhHI8Racs5JsAAQIECBDo S0BApy8Z40UUENApYtcLVrOATsEarlwCBAgQIEAgWQEBnWRbqzACBAgQIECAAIFBCnQqoFNeXgzq nHXWWeGmm24K69evDwceeGC49957y4d9EyBAgAABAgR6CQjo9CIxUGABAZ0CN78opQvoFKXT6iRA gAABAgRSFxDQSb3D6iNAgAABAgQIEGhWoNMBnfL6qp+oc/PNN4fDDz+8fMg3AQIECBAgQKBGQECn hsNOwQUEdAr+AyhC+QI6ReiyGgkQIECAAIEiCAjoFKHLaiRAgAABAgQIEGhGoFsBnfIaY1Bn/vz5 4WMf+1h5yDcBAgQIECBAoEZAQKeGw07BBQR0Cv4DKEL5AjpF6LIaCRAgQIAAgSIICOgUoctqJECA AAECBAgQaEag2wGdZtbqXAIECBAgQKCYAgI6xey7qusLCOjUdzGakICATkLNVAoBAgQIECBQaAEB nUK3X/EECBAgQIAAAQJ1BAR06qAYIkCAAAECBDIlIKCTqXZYTJcFBHS63ADTt19AQKf9xmYgQIAA AQIECHRCoDqgs++++4YlS5Z0YlpzECBAgAABAgQIEMisgIBOZltjYQQIECBAgMAfBAR0/BQIbBQQ 0NloYStRAQGdRBurLAIECBAgQKBwAgI6hWu5ggkQIECAAAECBAYQENAZAMhhAgQIECBAoOsCAjpd b4EFZEhAQCdDzbCU9ggI6LTH1V0JECBAgAABAp0WENDptLj5CBAgQIAAAQIEsi4goJP1DlkfAQIE CBAgIKDjN0Bgo4CAzkYLW4kKCOgk2lhlESBAgAABAoUTENApXMsVTIAAAQIECBAgMICAgM4AQA4T IECAAAECXRcQ0Ol6CywgQwICOhlqhqW0R0BApz2u7kqAAAECBAgQ6LSAgE6nxc1HgAABAgQIECCQ dQEBnax3yPoIECBAgAABAR2/AQIbBQR0NlrYSlRAQCfRxiqLAAECBAgQKJyAgE7hWq5gAgQIECBA gACBAQQEdAYAcpgAAQIECBDouoCATtdbYAEZEhDQyVAzLKU9AgI67XF1VwIECBAgQIBApwUEdDot bj4CBAgQIECAAIGsCwjoZL1D1keAAAECBAgI6PgNENgoIKCz0cJWogICOok2VlkECBAgQIBA4QQE dArXcgUTIECAAAECBAgMICCgMwCQwwQIECBAgEDXBQR0ut4CC8iQgIBOhpphKe0RENBpj6u7EiBA gAABAgQ6LSCg02lx8xEgQIAAAQIECGRdQEAn6x2yPgIECBAgQEBAx2+AwEYBAZ2NFrYSFRDQSbSx yiJAgAABAgQKJyCgU7iWK5gAAQIECBAgQGAAAQGdAYAcJkCAAAECBLouIKDT9RZYQIYEBHQy1AxL aY+AgE57XN2VAAECBAgQINBpAQGdToubjwABAgQIECBAIOsCAjpZ75D1ESBAgAABAgI6fgMENgoI 6Gy0sJWowAMPPBCmTp1aqu6KK64Ip59+eqKVKosAAQIECBAgkLZADOjsu+++Yfny5WHvvfcOCxYs SLtg1REgQIAAAQIECBAYQOCjH/1omDdvXth6663D008/PcDZDhMgQIAAAQIEOi/w6KOPhokTJ5Ym vuiii8IFF1zQ+UWYkUBGBAR0MtIIyyBAgAABAgQIECBAoH+BGNBZsWJF6aTNN988bL/99v1f4CgB AgQIECBAgAABAgQIECBAgAABAgQIEMiIgIBORhphGQQIECBAgAABAgQIDCzw6quvlk7aZJNNwqhR owa+wBkECBAgQIAAAQIECBAgQIAAAQIECBAgQCADAgI6GWiCJRAgQIAAAQIECBAgQIAAAQIECBAg QIAAAQIECBAgQIAAAQIECKQrIKCTbm9VRoAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIE CBAgkAEBAZ0MNMESCBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIE0hUQ0Em3tyoj QIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBDIgICATgaaYAkECBAgQIAAAQIECBAg QIAAAQIECBAgQIAAAQIECBAgQIAAAQLpCgjopNtblREgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIE CBAgQIAAAQIECGRAQEAnA02wBAIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAgXQF BHTS7a3KCBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIEMiAgoJOBJlgCAQIECBAg QIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIBAugICOun2VmUECBAgQIAAAQIECBAgQIAAAQIE CBAgQIAAAQIECBAgQIAAAQIZEBDQyUATLIEAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIE CBAgQCBdAQGddHurMgIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAgQwICOhkoAmW QIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgkK6AgE66vVUZAQIECBAgQIAAAQIE CBAgQIAAAQIECBAgQIAAAQIECBAgQIBABgQEdDLQBEsgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIE CBAgQIAAAQIECBBIV0BAJ93eqowAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQCAD AgI6GWiCJRAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECKQrIKCTbm9VRoAAAQIE CBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgkAEBAZ0MNMESCBAgQIAAAQIECBAgQIAAAQIE CBAgQIAAAQIECBAgQIAAAQIE0hUQ0Em3tyojQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAA AQIECBDIgICATgaaYAkECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQLpCgjopNtb lREgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECGRAQEAnA02wBAIECBAgQIAAAQIE CBAgQIAAAQIECBAgQIAAAQIECBAgQIAAgXQFBHTS7a3KCBAgQIAAAQIECBAgQIAAAQIECBAgQIAA AQIECBAgQIAAAQIEMiAgoJOBJlgCAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIBA ugICOun2VmUECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIZEBDQyUATLIEAAQIE CBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQCBdAQGddHurMgIECBAgQIAAAQIECBAgQIAA AQIECBAgQIAAAQIECBAgQIAAgQwICOhkoAmWQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAA AQIECBAgkK6AgE66vVUZAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIBABgQEdDLQ BEsgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBBIV0BAJ93eqowAAQIECBAgQIAA AQIECBAgQIAAAQIECBAgQIAAAQIECBAgQCADAgI6GWiCJRAgQIAAAQIECBAgQIAAAQIECBAgQIAA AQIECBAgQIAAAQIECKQrIKCTbm9VRoAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAg kAEBAZ0MNMESCBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIE0hUQ0Em3tyojQIAA AQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBDIgICATgaaYAkECBAgQIAAAQIECBAgQIAA AQIECBAgQIAAAQIECBAgQIAAAQLpCgjopNtblREgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAg QIAAAQIECGRAQEAnA02wBAIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAgXQFBHTS 7a3KCBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIEMiAgoJOBJlgCAQIECBAgQIAA AQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIBAugICOun2VmUECBAgQIAAAQIECBAgQIAAAQIECBAg QIAAAQIECBAgQIAAAQIZEBDQyUATLIEAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAg QCBdAQGddHurMgIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAgQwICOhkoAmWQIAA AQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgkK6AgE66vVUZAQIECBAgQIAAAQIECBAg QIAAAQIECBAgQIAAAQIECBAgQIBABgQEdDLQBEsgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAg QIAAAQIECBBIV0BAJ93eqowAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQCADAgI6 GWiCJRAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECKQrIKCTbm9VRoAAAQIECBAg QIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgkAEBAZ0MNMESCBAgQIAAAQIECBAgQIAAAQIECBAg QIAAAQIECBAgQIAAAQIE0hUQ0Em3tyojQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIE CBDIgICATgaaYAkECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQLpCgjopNtblREg QIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECGRAQEAnA02wBAIECBAgQIAAAQIECBAg QIAAAQIECBAgQIAAAQIECBAgQIAAgXQFBHTS7a3KCBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIE CBAgQIAAAQIEMiAgoJOBJlgCAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIBAugIC Oun2VmUECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIZEBDQyUATLIEAAQIECBAg QIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQCBdAQGddHurMgIECBAgQIAAAQIECBAgQIAAAQIE CBAgQIAAAQIECBAgQIAAgQwICOhkoAmWQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIE CBAgkK6AgE66vVUZAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIBABgQEdDLQBEsg QIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBBIV+D/ANfXYPtShVLNAAAAAElFTkSu QmCC --Apple-Mail=_45733240-0609-4524-9226-CE9EDA012EB1-- --Apple-Mail=_1791F8D0-2370-4260-916D-A74228F418F5-- From d.w.chadwick@verifiablecredentials.info Sat Jun 5 05:26:56 2021 Return-Path: X-Original-To: txauth@ietfa.amsl.com Delivered-To: txauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DC8013A214C for ; Sat, 5 Jun 2021 05:26:56 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.997 X-Spam-Level: X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_RATIO_06=0.001, HTML_MESSAGE=0.001, MIME_HTML_ONLY=0.1, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=verifiablecredentials.info Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iyMDrLPY6gIU for ; Sat, 5 Jun 2021 05:26:51 -0700 (PDT) Received: from client-mail2.aiso.net (client-mail2.aiso.net [199.19.158.252]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A71F83A2149 for ; Sat, 5 Jun 2021 05:26:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=verifiablecredentials.info; s=mail; h=Content-Type:In-Reply-To:MIME-Version :Date:Message-ID:From:References:To:Subject:Sender:Reply-To:Cc: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=NhDlP+edu59MLnXxvk4/6hyfXlqyEk9EQONX9/2Fn9o=; b=ST5ZGdMrscbX71as89BuaNVzvf BShEgMQJLB9KF26nwexoCDQgxlCk/3sXMZVGiydXYdiZxPFWFXa1hBlDANFYkqrzLfAgF+xdjYj0q kvAcTN0cTWf1iESQ+lPqwIOT0g0HSlCxVCEc8fEmu4LDZ4OqVFg4pTE+Tpn5W+8JAlOo=; Received: from [146.200.52.122] (helo=AdministorsMBP2.lan) by client-mail2.aiso.net (envelope-from ) with esmtpsa (TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.94.2) id 1lpVO2-0004Cz-87 for txauth@ietf.org; Sat, 05 Jun 2021 05:26:50 -0700 To: txauth@ietf.org References: From: David Chadwick Organization: Verifiable Credentials Ltd Message-ID: <3950725f-26e5-0eb5-92bb-5e2ed977ac85@verifiablecredentials.info> Date: Sat, 5 Jun 2021 13:26:43 +0100 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.10.2 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/related; boundary="------------B9F4A2494F7205517F9FB028" Content-Language: en-GB X-AISO-Id: info@verifiablecredentials.info X-AISO-Outbound-SA-Spam-Score: 0.7 X-AISO-Outbound-SA-Spam-Score-Int: 7 X-AISO-Outbound-SA-Spam-Report: BAYES_00=-1.9, HTML_IMAGE_RATIO_06=0.001, HTML_MESSAGE=0.001, KAM_INFOUSMEBIZ=2.5, MIME_HTML_ONLY=0.1, NICE_REPLY_A=-0.001 X-AISO-Report-Abuse: abuse@aiso.net Archived-At: X-Mailman-Approved-At: Sat, 05 Jun 2021 07:45:24 -0700 Subject: Re: [GNAP] Mix Up Attack against GNAP X-BeenThere: txauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: GNAP List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 05 Jun 2021 13:09:52 -0000 This is a multi-part message in MIME format. --------------B9F4A2494F7205517F9FB028 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 8bit

This attack is similar to surreptitious forwarding (message 3). One solution is for the sender (Client) to identify the recipient in message 2 so that it cannot be altered by the AAS when it creates message 3. The grant endpoint of the AS that the client instance is talking to would seem to fit this solution

Kind regards

David

On 04/06/2021 15:59, Justin Richer wrote:
This week, some researchers reached out to the editors to describe an attack against GNAP in the front channel that’s inherited from OAuth 2. I will describe the attack, list out its preconditions, and then describe a proposed solution space. We’re looking for input and feedback from the group on managing this solution.

But first, many thanks to Åke Axeland and Adam Omar Oueidat for doing this analysis, putting together the diagram below, and bringing it to the group’s attention.

The attack is largely the same as one of the “AS Mix Up” attack cases in "Comprehensive Security Analysis of OAuth 2.0” by Daniel Fett and colleagues. It’s a kind of in-the-middle and/or phishing attack at its core. 

The attacker has their own authorization server (AAS) which can also act as a client instance. An uncompromised client (UC) instance and an uncompromised authorization server (HAS) are assumed. There is no compromise of secret keys or breaking of TLS in this attack.

1. UC is a client of AAS, and might also be a client of HAS. User wants to authorize at HAS but tells UC to use AAS.
2. UC starts a request at AAS, signed with UC’s key. AAS is imitating HAS.
3. AAS forwards UC’s request parameters (Client nonce, interaction finish URI) to HAS, but signed with AAS’s key.
4. HAS responds with an interaction start URL and server nonce to AAS
5. AAS forwards the interaction start URL and server nonce to UC
6. (Note) HAS is functionally telling the user to show up and interact, but doesn’t realize that the request is being proxied in this way.
7. UC launches interaction start url, which is a function of HAS
8. HAS returns the verification hash and interaction reference to UC
9. UC validates the hash (which is correct) and sends the interaction reference to AAS
10. AAS forwards the interaction reference to HAS 
11. AAS receives an access token for calling an RS protected by HAS. The client receives no access token.

The diagram from the researchers is attached here. I’ll be using the numbers in the text list here like (1) to refer to specific steps.

Some preconditions and analysis:

Step (1) is made easier if the client has choice over which AS to talk to for a given request, since that’s how it starts talking to AAS instead of HAS. The danger of allowing a client to choose its AS at runtime has been discussed, but it’s a known pattern that we can’t expect to go away.

AAS is treated as a legitimate client of HAS and UC is a legitimate client of AAS. While dynamic clients can exacerbate this problem at runtime, at no time does HAS always knows the requests are coming from AAS and UC always knows it’s talking to AAS. There is no cryptographic impersonation and no theft of keys. 

The attack occurs because the user and client think they’re dealing with different AS’s, and you can’t expect a user to always be able to tell them apart, especially when the backend calls like (2) are hidden. It’s assumed that the user actually wants to authorize UC for HAS, but UC talks to AAS instead because of configuration (1). AAS can imitate HAS to the user to facilitate (1), and imitate UC to HAS, but only for human-facing portions (7). Static pre-registration makes this more difficult, assuming that all registrations are reviewed by humans. If HAS has no idea that UC exists, it wouldn’t necessarily know that AAS is impersonating anyone.

The token at the end (11), assuming it’s a bound token, is only good with AAS’s key and not UC’s key. This is great for the attacker until UC starts to act funny and raise suspicion, since the process didn’t ever complete. With the OAuth attack, and with bearer tokens in GNAP, the token can be passed through to the UC making UC none the wiser. 

The hash validation (9) does not protect against this specific attack. Since AAS sits in the middle, it has access to the Client nonce from UC, the server nonce from AAS, and the interaction reference at the appropriate times. AAS doesn’t need to generate the hash, but can force HAS to generate an appropriate hash.

The proposed mitigation(s): 

In OAuth 2, the accepted mitigation is to provide another query parameter with the “issuer” URL of the AS. We could do that here, but that would have the same downsides: the client has to check this value explicitly. Therefore we’re proposing that instead we use the existing validation hash algorithm and add an additional field. This would need to be something known to UC and HAS that can’t be impersonated by AAS, even if it’s known. Therefore, it makes sense to use something that’s derived. There are a few ideas of what to do here, each with benefits and drawbacks:

- The grant endpoint of the AS that the client instance is talking to.
- The continuation endpoint that the client instance will send the interaction reference to. (This might be different from the above)
- The continuation access token value
- A key hash for the AS the client is talking to (TLS key to one of these endpoints? Some other external key added to the mix?)

The important thing here is that it’s a value that’s known but not a shared-secret that’s passed between parties. The client doesn’t need to check anything new, just needs to do the hash validation that it should be doing anyway.

Requested feedback:

The editors are requesting feedback and discussion on the attack and the proposed mitigation strategy. As a group, we would also benefit from additional formal analysis of the protocol with and without the mitigation in place. Additionally, we need to be sure we aren’t accidentally cutting off a legitimate use case, like AS bridges and proxies that aren’t trying to hide their presence.

 — Justin

--------------B9F4A2494F7205517F9FB028 Content-Type: image/png; name="PastedGraphic-2.png" Content-Transfer-Encoding: base64 Content-ID: Content-Disposition: inline; filename="PastedGraphic-2.png" iVBORw0KGgoAAAANSUhEUgAACOgAAAZKCAYAAABobsziAAAMZGlDQ1BJQ0MgUHJvZmlsZQAA SImVlwdYU8kWgOeWVBJaIAJSQm+idAJICaFFEJAqiEpIAgklxoSgYkeXVXDtIooVXRVRdHUF ZC2IuNZFsbuWxYLKyrq4ig2VNymg677yvbnf3Plz5syZc05m7r0DgF4nXyYrQPUBKJQWyROj wljj0zNYpC5AgBcZXg58gULGSUiIBbAMtn8vr68DRNVecVPZ+mf/fy2GQpFCAACSCTlbqBAU Qm4BAC8VyORFABDDodx2WpFMxWLIRnLoIORZKs7V8HIVZ2t4u1onOZELuQkAMo3Pl+cCoNsG 5axiQS60o/sIsrtUKJECoGcEOVgg5gshJ0MeUVg4RcXzIDtBfRnkXZDZ2V/YzP2b/ewh+3x+ 7hBr4lIXcrhEISvgz/g/U/O/S2GBcnAOB1hpYnl0oip+mMOb+VNiVEyD3CPNjotX5RryW4lQ k3cAUKpYGZ2i0UfNBQouzB9gQnYX8sNjIJtDjpQWxMVq5dk5kkgeZLha0OmSIl6yduwikSIi SWtzg3xKYvwg58i5HO3Yer5cPa9Kv02Zn8LR2r8pFvEG7b8qESenQaYCgFGLJalxkHUhGyny k2I0OphNiZgbN6gjVyaq/LeDzBZJo8I09rHMHHlkolZfVqgYjBcrE0t4cVquKhInR2vyg+0W 8NX+m0BuEEk5KYN2RIrxsYOxCEXhEZrYsXaRNEUbL3ZPVhSWqB3bKytI0OrjZFFBlEpuA9lM UZykHYuPLoKLU2Mfj5UVJSRr/MSz8vhjEjT+4MUgFnBBOGABJazZYArIA5L2nsYe+EvTEwn4 QA5ygQi4aSWDI9LUPVJ4TwIl4A9IIqAYGhem7hWBYij/OCTV3N1Ajrq3WD0iHzyGXAhiQAH8 rVSPkg7NlgoeQYnkH7MLoK8FsKr6/injQEmsVqIctMvSG9QkRhDDidHESKIzboYH44F4LLyH wuqJs3H/QW8/6xMeEzoIDwjXCJ2EW5MlpfKvfBkLOqH9SG3E2V9GjDtAmz54GB4ErUPLOBM3 A264N5yHg4fAmX2glKv1WxU769/EORTBFznX6lHcKShlGCWU4vT1SF0XXZ8hK6qMfpkfja/Z Q1nlDvV8PT/3izwLYRvztSa2CDuIncZOYGexI1gjYGHHsSbsAnZUxUNr6JF6DQ3Olqj2Jx/a kfxjPr52TlUmFe517t3uH7R9oEg0vUi1wbhTZDPkklxxEYsD3wIiFk8qGDmC5enu6QGA6p2i eUy9ZKrfFQjz3GfZgkMABB0bGBj46bMsBj7TDzrCbX7ps8xxBXwWDwfgzFaBUl6skeGqGwE+ DfTgjjIFlsAWOMGIPIEvCAShIAKMAfEgGaSDSTDPYrie5WAamAXmgzJQAZaDNWA92Ay2gV1g LzgAGsERcAL8DM6DS+AauA3XTxd4BnrBa9CPIAgJoSMMxBSxQuwRV8QTYSPBSAQSiyQi6UgW kotIESUyC1mAVCArkfXIVqQW+QE5jJxAziIdyC3kPtKN/IW8RzGUhhqhFqgDOgploxw0Bk1G J6K56FS0BF2ILkWr0Bp0D9qAnkDPo9fQTvQZ2ocBTAdjYtaYG8bGuFg8loHlYHJsDlaOVWI1 WD3WDP/pK1gn1oO9w4k4A2fhbnANR+MpuACfis/Bl+Dr8V14A96GX8Hv4734JwKdYE5wJQQQ eITxhFzCNEIZoZKwg3CIcArupi7CayKRyCQ6Ev3gbkwn5hFnEpcQNxL3EVuIHcSHxD4SiWRK ciUFkeJJfFIRqYy0jrSHdJx0mdRFekvWIVuRPcmR5AyylFxKriTvJh8jXyY/IfdT9Cn2lABK PEVImUFZRtlOaaZcpHRR+qkGVEdqEDWZmkedT62i1lNPUe9QX+ro6Njo+OuM05HozNOp0tmv c0bnvs47miHNhcalZdKUtKW0nbQW2i3aSzqd7kAPpWfQi+hL6bX0k/R79Le6DN2Rujxdoe5c 3WrdBt3Lus/1KHr2ehy9SXolepV6B/Uu6vXoU/Qd9Ln6fP05+tX6h/Vv6PcZMAw8DOINCg2W GOw2OGvw1JBk6GAYYSg0XGi4zfCk4UMGxrBlcBkCxgLGdsYpRpcR0cjRiGeUZ1RhtNeo3ajX 2NDY2zjVeLpxtfFR404mxnRg8pgFzGXMA8zrzPfDLIZxhomGLR5WP+zysDcmw01CTUQm5Sb7 TK6ZvDdlmUaY5puuMG00vWuGm7mYjTObZrbJ7JRZz3Cj4YHDBcPLhx8Y/qs5au5inmg+03yb +QXzPgtLiygLmcU6i5MWPZZMy1DLPMvVlscsu60YVsFWEqvVVsetfmcZszisAlYVq43Va21u HW2ttN5q3W7db+Nok2JTarPP5q4t1ZZtm2O72rbVttfOym6s3Sy7Ortf7Sn2bHux/Vr70/Zv HBwd0hy+dWh0eOpo4shzLHGsc7zjRHcKcZrqVON01ZnozHbOd97ofMkFdfFxEbtUu1x0RV19 XSWuG107RhBG+I+QjqgZccON5sZxK3arc7s/kjkydmTpyMaRz0fZjcoYtWLU6VGf3H3cC9y3 u9/2MPQY41Hq0ezxl6eLp8Cz2vOqF90r0muuV5PXC29Xb5H3Ju+bPgyfsT7f+rT6fPT185X7 1vt2+9n5Zflt8LvBNmInsJewz/gT/MP85/of8X8X4BtQFHAg4M9At8D8wN2BT0c7jhaN3j76 YZBNED9oa1BnMCs4K3hLcGeIdQg/pCbkQahtqDB0R+gTjjMnj7OH8zzMPUwedijsDTeAO5vb Eo6FR4WXh7dHGEakRKyPuBdpE5kbWRfZG+UTNTOqJZoQHRO9IvoGz4In4NXyesf4jZk9pi2G FpMUsz7mQaxLrDy2eSw6dszYVWPvxNnHSeMa40E8L35V/N0Ex4SpCT+NI45LGFc97nGiR+Ks xNNJjKTJSbuTXieHJS9Lvp3ilKJMaU3VS81MrU19kxaetjKtc/yo8bPHn083S5ekN2WQMlIz dmT0TYiYsGZCV6ZPZlnm9YmOE6dPPDvJbFLBpKOT9SbzJx/MImSlZe3O+sCP59fw+7J52Ruy ewVcwVrBM2GocLWwWxQkWil6khOUszLnaW5Q7qrcbnGIuFLcI+FK1kte5EXnbc57kx+fvzN/ oCCtYF8huTCr8LDUUJovbZtiOWX6lA6Zq6xM1jk1YOqaqb3yGPkOBaKYqGgqMoIf7xeUTspv lPeLg4uri99OS512cLrBdOn0CzNcZiye8aQksuT7mfhMwczWWdaz5s+6P5sze+scZE72nNa5 tnMXzu2aFzVv13zq/Pz5v5S6l64sfbUgbUHzQouF8xY+/Cbqm7oy3TJ52Y1vA7/dvAhfJFnU vthr8brFn8qF5ecq3CsqKz4sESw5953Hd1XfDSzNWdq+zHfZpuXE5dLl11eErNi10mBlycqH q8aualjNWl2++tWayWvOVnpXbl5LXatc21kVW9W0zm7d8nUf1ovXX6sOq963wXzD4g1vNgo3 Xt4Uuql+s8Xmis3vt0i23NwatbWhxqGmchtxW/G2x9tTt5/+nv197Q6zHRU7Pu6U7uzclbir rdavtna3+e5ldWidsq57T+aeS3vD9zbVu9Vv3cfcV7Ef7Ffu//2HrB+uH4g50HqQfbD+R/sf NxxiHCpvQBpmNPQ2ihs7m9KbOg6POdzaHNh86KeRP+08Yn2k+qjx0WXHqMcWHhs4XnK8r0XW 0nMi98TD1smtt0+OP3m1bVxb+6mYU2d+jvz55GnO6eNngs4cORtw9vA59rnG877nGy74XDj0 i88vh9p92xsu+l1suuR/qbljdMexyyGXT1wJv/LzVd7V89firnVcT7l+80bmjc6bwptPbxXc evFr8a/9t+fdIdwpv6t/t/Ke+b2a35x/29fp23n0fvj9Cw+SHtx+KHj47JHi0YeuhY/pjyuf WD2pfer59Eh3ZPel3yf83vVM9qy/p+wPgz82PHd6/uOfoX9e6B3f2/VC/mLgryUvTV/ufOX9 qrUvoe/e68LX/W/K35q+3fWO/e70+7T3T/qnfSB9qPro/LH5U8ynOwOFAwMyvpyv/hTAYEVz cgD4aycA9HQAGJfg98MEzZlPXRDNOVVN4D+x5lyoLr4A1MNG9bnObQFgP6wOoeojCVB9qieH AtTLa6hqiyLHy1NjiwZPPIS3AwMvLQAgNQPwUT4w0L9xYOAjPKNitwBomao5a6oKEZ4NtgSr 6JqJcB74qmjOoV/E+HULVB54g6/bfwFolIgx6tQBywAAAIplWElmTU0AKgAAAAgABAEaAAUA AAABAAAAPgEbAAUAAAABAAAARgEoAAMAAAABAAIAAIdpAAQAAAABAAAATgAAAAAAAACQAAAA AQAAAJAAAAABAAOShgAHAAAAEgAAAHigAgAEAAAAAQAACOigAwAEAAAAAQAABkoAAAAAQVND SUkAAABTY3JlZW5zaG90Vn6kVgAAAAlwSFlzAAAWJQAAFiUBSVIk8AAAAdhpVFh0WE1MOmNv bS5hZG9iZS54bXAAAAAAADx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6 eG1wdGs9IlhNUCBDb3JlIDUuNC4wIj4KICAgPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8v d3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4KICAgICAgPHJkZjpEZXNj cmlwdGlvbiByZGY6YWJvdXQ9IiIKICAgICAgICAgICAgeG1sbnM6ZXhpZj0iaHR0cDovL25z LmFkb2JlLmNvbS9leGlmLzEuMC8iPgogICAgICAgICA8ZXhpZjpQaXhlbFhEaW1lbnNpb24+ MjI4MDwvZXhpZjpQaXhlbFhEaW1lbnNpb24+CiAgICAgICAgIDxleGlmOlVzZXJDb21tZW50 PlNjcmVlbnNob3Q8L2V4aWY6VXNlckNvbW1lbnQ+CiAgICAgICAgIDxleGlmOlBpeGVsWURp bWVuc2lvbj4xNjEwPC9leGlmOlBpeGVsWURpbWVuc2lvbj4KICAgICAgPC9yZGY6RGVzY3Jp cHRpb24+CiAgIDwvcmRmOlJERj4KPC94OnhtcG1ldGE+CppINqIAAAAcaURPVAAAAAIAAAAA AAADJQAAACgAAAMlAAADJQACj1R0+98zAABAAElEQVR4AezdCfxV097H8VUqUTIU6pYoRDJl KFTkGjIk83S5XKFMyTxmKq4pJPNQZiKXokhUF5VZJJKZcOMmlKnCftZ3P8/az977TPuc/9mn //BZr1f37HHttd97OMddv/9v1fNsMRQEEEAAAQQQQAABBBBAAAEEEEAAAQQQQAABBBBAAAEE EEAAAQQQQAABBBBIRaAeATqpuFIpAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggg gAACCCCAAAK+AAE63AgIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAAC CKQoQIBOirhUjQACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAATrc AwgggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIpChAgE6KuFSNAAII IIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAABOtwDCCCAAAIIIIAAAggg gAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAgikKECAToq4VI0AAggggAACCCCAAAIIIIAA AggggAACCCCAAAIIIIAAAggggAACCCCAAAE63AMIIIAAAggggAACCCCAAAIIIIAAAggggAAC CCCAAAIIIIAAAggggAACCKQoQIBOirhUjQACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggg gAACCCCAAAIIIIAAATrcAwgggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCA AAIIpChAgE6KuFSNAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAAB OtwDCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAgikKECAToq4VI0A AggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAE63AMIIIAAAggggAAC CCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCKQoQIBOirhUjQACCCCAAAIIIIAAAggg gAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAATrcAwgggAACCCCAAAIIIIAAAggggAACCCCA AAIIIIAAAggggAACCCCAAAIIpChAgE6KuFSNAAIIIIAAAggggAACCCCAAAIIIIAAAggggAAC CCCAAAIIIIAAAggggAABOtwDCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAII IIAAAgikKECAToq4VI0AAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCA AAE63AMIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCKQoQIBOirhU jQACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAATrcAwgggAACCCCA AAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIpChAgE6KuFSNAAIIIIAAAggggAAC CCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAABOtwDCCCAAAIIIIAAAggggAACCCCAAAII IIAAAggggAACCCCAAAIIIIAAAgikKECAToq4VI0AAggggAACCCCAAAIIIIAAAggggAACCCCA AAIIIIAAAggggAACCCCAAAE63AMIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAA AggggAACCKQoQIBOirhUjQACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAII IIAAATrcAwgggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIpChAgE6K uFSNAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAABOtwDCCCAAAII IIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAgikKECAToq4VI0AAggggAACCCCA AAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAE63AMIIIAAAggggAACCCCAAAIIIIAA AggggAACCCCAAAIIIIAAAggggAACCKQoQIBOirhUjQACCCCAAAIIIIAAAggggAACCCCAAAII IIAAAggggAACCCCAAAIIIIAAATrcAwgggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggg gAACCCCAAAIIpChAgE6KuFSNAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAA AggggAABOtwDCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAgikKECA Toq4VI0AAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAE63AMIIIAA AggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCKQoQIBOirhUjQACCCCAAAII IIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAATrcAwgggAACCCCAAAIIIIAAAggg gAACCCCAAAIIIIAAAggggAACCCCAAAIIpChAgE6KuFSNAAIIIIAAAggggAACCCCAAAIIIIAA AggggAACCCCAAAIIIIAAAggggAABOtwDCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAAC CCCAAAIIIIAAAgikKECAToq4VI0AAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggg gAACCCCAAAE63AMIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCKQo QIBOirhUjQACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAATrcAwgg gAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIpChAgE6KuFSNAAIIIIAA AggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAABOtwDCCCAAAIIIIAAAggggAAC CCCAAAIIIIAAAggggAACCCCAAAIIIIAAAgikKECAToq4VI0AAggggAACCCCAAAIIIIAAAggg gAACCCCAAAIIIIAAAggggAACCCCAAAE63AMIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCA AAIIIIAAAggggAACCKQoQIBOirhUjQACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAAC CCCAAAIIIIAAATrcAwgggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAII pChAgE6KuFSNAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAABOtwD CCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAgikKECAToq4VI0AAggg gAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAE63AMIIIAAAggggAACCCCA AAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCKQoQIBOirhUjQACCCCAAAIIIIAAAggggAAC CCCAAAIIIIAAAggggAACCCCAAAIIIIAAATrcAwgggAACCCCAAAIIIIAAAggggAACCCCAAAII IIAAAggggAACCCCAAAIIpChAgE6KuFSNAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCA AAIIIIAAAggggAABOtwDCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAA AgikKECAToq4VI0AAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAE6 3AMIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCKQoQIBOirhUjQAC CCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAATrcAwgggAACCCCAAAII IIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIpChAgE6KuFSNAAIIIIAAAggggAACCCCA AAIIIIAAAggggAACCCCAAAIIIIAAAggggAABOtwDCCCAAAIIIIAAAggggAACCCCAAAIIIIAA AggggAACCCCAAAIIIIAAAgikKECAToq4VI0AAggggAACCCCAAAIIIIAAAggggAACCCCAAAII IIAAAggggAACCCCAAAE63AMIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggg gAACCKQoQIBOirhUjQACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAA ATrcAwgggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIpChAgE6KuFSN AAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAABOtwDCCCAAAIIIIAA AggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAgikKECAToq4VI0AAggggAACCCCAAAII IIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAE63AMIIIAAAggggAACCCCAAAIIIIAAAggg gAACCCCAAAIIIIAAAggggAACCKQoQIBOirhUjQACCCCAAAIIIIBAXRd47rnnzLPPPmt69+5t evTosUw4fv31V/Pnn3+aJk2aFDz+b7/9Zho2bGiWW265gtuyAQIIIIAAAgggkEvgl19+MfXr 1zeNGzfOtUnG8qVLlxrP80yjRo0y1tWVBdXht2NdseY8EUAAAQQQQAABBBBAoPICBOhU3pwj IoAAAggggAACCCBQJwS+++4707ZtW6MOqlVWWcXMnTvXNG3aNPVzf/fdd839999vJkyYYD75 5BOzcOFC/5jq7GrTpo0fKLTbbruZAw44wDRo0CBoz9tvv2222WYbs/fee5tRo0YFy5lAAAEE aqOAAhLnz59v9K6O/1uwYIHp27ev6dSpU208dc4JgbIKKKDm1VdfNU888YR56aWXzNdff23+ 85//BL8/WrRo4f8e0vN0yCGHmF133TXy+8M1Rs9h586dzQorrGDmzJnjFmd86niLFy/OWB5e oMCgUoN8VPfyyy8fri7ndDHb5qwktCLt345675WjVMW3HMenDgQQQAABBBBAAAEEEKi5AgTo 1NxrR8sRQAABBBBAAAEEEKjWAsOHDzcDBw4M2jhy5Ehz1FFHBfPlnlCny+DBg83VV19tfv/9 94LVt2/f3t/+sMMO8zPsdO3a1bz++ut+kI462ChRgalTp5pp06aZVq1amT333NM0b948ugFz CCBQowT0ftZ7Old58skn/exnudazvPwCvGfLb5pmjQpwu+KKK8wDDzxg5s2bl/hQa6yxhjnv vPPMSSedFMnYd+CBB5pHH33UD47JF0jy2WefmXbt2hU8XocOHczkyZNN69atC27rNli0aJFp 1qyZn/lHgUIrrriiH0ykgBQVZSTUbywFX7sMhXIo12+CNH87KpiomGxGziTXp4LOV199daPf kz179jS77LKL0W9JCgIIIIAAAggggAACCCCQT4AAnXw6rEMAAQQQQAABBBBAAIGSBfRX4G+9 9Vawv4a4euGFF4L5ck68/PLL5sgjjzQffPCBX606YE488UTTrVs3s9lmm5nVVlvNfPHFF+aj jz4yDz74oBk7dmwQxKMOMnWunHbaaf6+yqJDgE706gwZMsRceOGFwUJlRFJHMtk1AhImEKhx ApdddpkZNGhQznYToJOTJpUVvGdTYU2l0p9++slce+21ZujQoUYBLeGyzjrrmF69epnu3bub 9dZbzw/AmT17tlGWPv0mev75580ff/zh77LFFluYe++91/8uVea/v//97/5yZa/JF6Dz3//+ 1+g4CpIpVHbYYQc/SMcF2BTaXsdVgI6G2kpayhmgk+ZvRwUWtWzZ0s8YlvTcit1OQTrXXXcd v4+KhWN7BBBAAAEEEEAAAQTqkAABOnXoYnOqCCCAAAIIIIAAAghUSkCdUOpkiRcFyKy77rrx xVWa11ASm266adDhor9ivv32283666+fs96vvvrKH75l4sSJGdsQoBMlUQfgyiuvHAQ0ubWH HnqoH+zk5vlEAIGaJaDOagUNKPPHLbfcYsaPHx85AQJ0IhypzvCeTZW3rJW/9957/lCY+j0T LgqEOeOMM8wee+zhZ58JrwtPz5gxwxx//PHmlVde8Rcr4PWmm27yg4p/+OEHf1mhAB1tpOf2 xx9/NEuWLDEK2HnkkUfMbbfd5u8f/59LL73UnH/++fHFOefff/99o99JGrZr2LBh5ttvv41s qyG7TjnlFD9bjKY32WSTSCagyMZFzFTit6OCiWSnwCoNg6rzU/bEeLnhhhv8IG9lEKpXr16w WlmDVIeeWQ3d+swzz5hnn33WzybkNlpuueVM//79zSWXXGLkQ0EAAQQQQAABBBBAAAEEwgIE 6IQ1mEYAAQQQQAABBBBAAIGyCKjj5vrrr8+oS9kalCWgXMXzPP8v1dU5orL11lub6dOn+8Mx FDqGhmlQ1px4OwnQicqpo65jx47RhXZuxx139P8qP2MFCxBIWUDvEQWWKPuVMlVUtZS7vqq2 Z1ns//PPP/tDtajz2RUCdJxE+p+8Z6PG1fWZfPzxx80RRxxhlEHHFQ1zdM0115h+/fq5RQU/ 9dvljjvuMOecc475/vvvM7ZPEqAT3+nNN980W265ZXyxP9+gQQPz4osv+kN4Zt0gz8IFCxaY vfbay/9tpc30O+upp55KJfCkUr8dw6er75LNN988vMistdZaftbFyMI8M7qGZ511lhkxYoTR tXVFw18pyEnZjigIIIAAAggggAACCCCAgBMgQMdJ8IkAAggggAACCCCAAAJlEdBfc7du3dr/ C+N4hW3btjWffvpp3r8uj++Tb3748OFm4MCB/iZNmjQx+sv0fJlz4nWpI6V3795+Z5NbR4CO k/jfT13PVVddNWMoDbnrL88pCFRaQAFjCmhQpqxjjz22yocvd31VbtAyqkCdyJ9//nlwdAJ0 AorUJ3jPRomr4zOpIagUnBMOwGjVqpU/ZFUxvzvCZzpr1iyjzDsKggmXUgJ0Zs6c6Q/pqXr0 e0hBd+GioTyVoWallVYKL040PWHCBLP77rv722qI0D59+iTar5iNKvnbMdyub775xh/2Krxs gw028L9jwsuSTF955ZV+0FV4WwX/KHB8hRVWCC9mGgEEEEAAAQQQQAABBOqwAAE6dfjic+oI IIAAAggggAACCKQh8Nhjj5n9998/Z9UaVmqXXXbJub6YFRouS0MUqBx88MFm1KhRxezub6vO mbXXXtssXrzYnydAJ5Mw3umkDj79VfiGG26YuTFLEEhZQEOOKNNLuQJ0yl1fyqefWvV6nufM mRPUT4BOQFGRCd6z/89c3Z7JqVOnmp133jn4naCWrrbaan5wzsYbb/z/DS9h6qWXXjLbb799 ZBjJqgbojB492hx00EGRYCI17fDDDzf33Xdf0a387LPPTLt27fz99I7o0KFD0XUU2qGSvx3D bdHwYGussUZ4kSk1QEeVbLXVVuaNN96I1HfYYYcZBXhREEAAAQQQQAABBBBAAAEJEKDDfYAA AggggAACCCCAAAJlFdBQCOPGjfOHWmjWrJmZMmVKpP5DDz3UPPjgg5Flpcy8++67JtwxpiEm NGRVKUV/Fe86rQjQyS6o7ETPPPOM/5f5+ut5BTVREKi0wJdffukPP6LjliNAp9z1VdqjnMcj QKecmqXVxXvWmOr2TCo4RcM6zZ8/P3JRJ0+e7A/1GFlY4sx5551nLr/88mDvqgboLFy40Fxy ySX+0FtBpf83oUARBYwUU77++ms/M6L2UVC0C9Yppo5C21bqt2O8HeUO0LnhhhvMySefHD+M 0RBknTt3zljOAgQQQAABBBBAAAEEEKh7AgTo1L1rzhkjgAACCCCAAAIIIJCawLx58/zO899/ /93ceOONRgE6Cn4Jl8aNG5v//Oc/ZpVVVgkvLnpa2R3CwyzcfPPN5vjjjy+6Hu2gbDBdu3b1 9yVApyRCdkKgIgJXXHGFOffcc/1jlSNAp9z1VQQhpYMQoJMSLNUWJVDdnsl9993XjBkzJnIO Bx54oHnkkUciy6oy89tvv/kZ6dwQc+UI0FEd2267rR8YEm6bfpdpqKtigmzSDtCp5G/HsIWm yx2g8+2335o111wzfhhz1llnGWXJoiCAAAIIIIAAAggggAACBOhwDyCAAAIIIIAAAggggEDZ BK6++mq/E0IdQwrCadSokWnVqpVZtGhR5Bi33HKLOe644yLLip0ZMWKEOeaYY4Ld+vfvb269 9dZgvtiJzTbbzMycOdMQoFOsHNsjUBmBP//806y33nrm008/9Q9Y1QCdctdXGYX0jkKATnq2 1JxMoLo9k88//7zp2bNnpPEKMp49e7ZZZ511IsurOhMe4qwcAToailLDUW255Zbm559/jjRP gTsvvPCCadCgQWR5rpm0A3Qq+dsxfo7lDtBR/bpH3LCp7nh77713RqCXW8cnAggggAACCCCA AAII1C0BAnTq1vXmbBFAAAEEEEAAAQQQSFWgU6dO5r333jMHHXSQefjhh/1jHX300WbkyJGR 43bp0sW88sorkWXFzjz22GNm//33D3ZbeeWV/U4zBQSVUgYMGOBn/SFApxQ99kEgfYFRo0YZ DZHnSlUDdMpdn2tXTf0kQKemXrna0+7q9kxutdVW5o033ogAKyvgPffcE1lWjhkFiqy11lp+ YEe5AnTUrjvvvNMce+yxGU0cNGiQGTJkSMbybAvSDtCp5G/H+PmlEaCz6qqrmh9++CFyqB49 evhBUZGFzCCAAAIIIIAAAggggECdFCBAp05edk4aAQQQQAABBBBAAIHyC4SHiZowYYLp1auX f5AXX3zRbL/99hkHfPfdd81GG22UsTzpAnWaqfMsXBSwM3r0aFOvXr3w4kTTrhOre/fuRm2m IIBA9RGYPHmy2XPPPY2GgnGlKgE65a7PtakmfxKgU5OvXs1ve3V7JjUMVOfOnTNg9RvjgAMO yFhejgU77bSTkUM5A3TULg3J9eijj0aaWL9+fTNlypSsv88iG9qZNAN0Kv3bMX5uaQToNGzY 0Gio13A55JBDzEMPPRRexDQCCCCAAAIIIIAAAgjUUQECdOrohee0EUAAAQQQQAABBBAot8Dx xx/vDzHVunVr88UXXxh1/riy/vrrm48++sjN+p9nnnmmueqqqyLLipn59ddfTcuWLc3ChQsj u/Xp08fcf//9RsM7FFM0JNf5559v1EF22GGHFbNrlbbVkB7ff/+9+e6778zqq69u9JfX8bJ0 6VLzySef+ItXW201f7v4Nrnm1bEmIw3HoWEXqlpU1/z58/3hy9q0aVPV6qr9/jrfBQsWGM/z TLt27RK3V8Nb6Jrqr+g7dOiQeCgRdeq5+0HPUvw+Vnu+/fZbo3tC13SFFVZI3KZKbKjn/Msv v/Q7dHXuekbXXXdd0759+4xzSdqe8ePHm4MPPjhjmJZSA3TKXV+280jDIdtxtEz3pjKX6b2r 95jujTXWWMMfXlAZxdZee+1cu0aW1/QAnUqaC+6nn34yn3/+uX+PN2/ePGLpZjQU0uOPP27e fvtt//5V9jh11OudkK+U8p5N8l2i94u+S/Te0Pu7lGDWcLt/+eUXP8PMN99847+3tE7vJT3v uu80hNKSJUvMAw884AfUbrLJJuHdg+lKPJPBwRJOXHjhhRkZZhR4oe+/Zs2aJayluM3cMcsd oKPvFA3jOXfu3EiDlLFH92a23x3hDdMM0Kn0b8fweWm63AE6H3/8sT8UY/w4ylakrEUUBBBA AAEEEEAAAQQQQIAAHe4BBBBAAAEEEEAAAQQQqLKAgmX+8pe/+MEI5513nrnssssidV566aXm ggsuiCxTx706i9SBV2rp16+fueOOOzJ2b9u2renfv7856qij/E7qjA2W0YJ33nnHDwJS4IY6 +fSpjjN1rKqEAw4+/fRT3/G1114z77//vt/J6ZqtwI3ddtvNyFodoeGiDtjbbrvNaKiQWbNm BcMsqCNWLhtssIE566yz/ECk8H7x6UWLFpkjjzzSb6NrrwJV1PmvoiAmBULFizrJzz77bNO0 aVP/n4KClltuOT+I4I8//vAzoPz8889GHbuHH3642XvvvSNVTJo0yW+/hixTJ7I6RN3+Orba pcAPHbucwSm6Nuo807nqPN21cef717/+1aht2Urfvn39jvrwvjo/VxQ0ofs9Xu6++25/KDjt 5/6pY14BFypPPvmk6d27tx94MWzYMPP000/794KrR9dUneDKRKU27LffflXucHd1F/OpDk7d c7omc+bMyblrz549zemnn+5nwikUGKD7aPjw4Wbq1KlmxowZWevcfPPN/WCAbCu33npr//lw 68pdn6s3/JmGQ7j++LQCtfRuVQCIgqJyFT3zehfqec52H7r9ignQufjii82HH35omjRpEjyn CsrUvatnRs+QglDS7pCutLmGblQWDL0v9I52z6oCdDRMzwknnOBnK9Ezf9xxxxkFnrhtnHOL Fi38e1oBMqW+Z4v9Lrn88suNvksUyKWAGRW9PxU8p+dy8ODBBYM0XPv1qSx5Q4cO9Yfsce/I 8HpNr7nmmv7QSv/+97/951jBs2PHjg02q8QzGRyshImNN97YKNNfuOy4445+hpvwsnJOP/PM M/53uwKAfvzxx6Kqnjlzph+Eo530PRIP7nz++eeNvsfc7w1XubLrPPLII24262daATrL6rdj +CTLHaBzySWXGL0fw0W/cxUYp4AoCgIIIIAAAggggAACCCCg/6OAggACCCCAAAIIIIAAAghU SeDBBx9URIH/74MPPsioy2YZ8GznbbCN29YGIGRsW8wC1WsDQTLqdfXrmPavxj3baerZv+D3 tP2yLLbzLWdb1WYboOPZABvPdmp79i/og201bQOggnl3fjZ4xXviiSeCU7LBDJ7tFI9sZzvk PdsRG1mm/W2HvWeHCwr2jU/YTquMfdxx9WkDdOK7+PO2EzjvfuE6rr766ow6Ro4cmWh/2wGZ sW9VFhS6NrZjM2f1tsM9b5ttZ33WfU8++eS8+9nAC88GtHi6zmG3XNM2O4WnfSpZbECOZzML Be3TvWY7/D0bIOfZADpvu+228xo1ahSsV9ttQJFngxvyNlP3da7zTLLcBgNE6i93fZHK7Uxa DvHjuHkb6ODZLDkZRjZgy9tjjz38a2CzYkTWa3sb2OGqyPi0gTyR7fO9n8Pvp1zXY/fdd884 RjkXVNJcbrqv4+dqA3My7m89DzbAwt9WTjYrmzdw4MDIvtdee61PUep7ttD7yn2XXHTRRZ4N kgyOrfbYAE/PBsgFy3ROujfGjRtX8PLo+0nfHWGHbt26+c+6Dcz1rrnmGu+0007zbLBXZBtt v+uuu0bqT/uZjBysyBkbBJrRfp2D3mtpFhu86n//28Djog9jM+EEbc71/ajfFuFr56btEJ95 j/fVV18F+9lAk7zbFrNyWf12DLfRBjoG5+Y89C4spdjgN88GTWfUd+KJJ5ZSHfsggAACCCCA AAIIIIBALRUgg479ry8KAggggAACCCCAAAIIVE3AdryZZ5991nTv3t28+OKLWSvbeeedMzKQ KOPHv/71r6zbJ114zz33mH/84x9JN/eH9VA79ZfkGmok/lfmiSsqYUNlF1FWEP1l/JQpU/xh gMLV3Hrrrebll182yqyioiw5ypCx6aab+plklGXllFNOiWSuUYaaN954w2iIEWVbUeYWZcm4 8sor/XkNiaUMB8rG8re//c1o6CVXlAFBGU2yFWW5Offcc/0MDy+88EIwxJbbNlcGHf2l/c03 32z0l/Fvvvmmfz8oc068aNizW265JSOTz/Tp0/1MMDqfeNGwPdtuu62fNUbDo9nO5vgmJc/r 2txwww3+sDXKYjBv3rxIXfky6CiTkbKZKKvFq6++GtlPM7ky6CjziZ4bXdfJkyf7WZUydv6/ BcpGYjv5jZ41Zc1ReydOnOhnXdJ0uGioNt03aRdla1JGAGelrEe2I9fPqhI+tjJAKZuIMji4 osxPuq+UDSpbsYF+fqaS8Drb+e/fj26ZDf7xPdx8+FOZmZRhx5Vy1+fq1WeaDuHjaFrDKukd MGLEiGCVMkwpU82AAQNMeKglZcrQu+Too48OtpW3Mpdly2BUTAYd+doAi6De8ITeP8o0sssu u/iZe8LryjVdSXNlJtlmm238d5prv7KQ6XlU5ji9X+V80kknBdlptJ2eDT3X6623nn/frrLK KkH2En0P6HqV+p4t9F2ijFZ6F7n7pFevXn5GNg1zpGweykJ27LHHmkcffdSdktF3hbLa5Bvu 6LrrrjM2AMffR8NVKeubbLIVG4RkzjjjjCCDkN5dere6kuYz6Y5R6qcyDSkjUrwoE6CyDVXH UiiDjtqs56ZHjx7+74zwOSgTlr6vcw29llYGnWX529Gdf7ky6Oh9q0xl9957r6va/9xyyy3N tGnTyvp7JXIAZhBAAAEEEEAAAQQQQKDmCdTSwCNOCwEEEEAAAQQQQAABBCokEM6OYzsDcx7V Dn+T8VfFyqyhDAJVLTYYJSMjgP2vs4zjxZfZ4BxPf9k8e/bsqjah6P1toIxnO24jbbRDUPnz ynhgh1LJWqftYPO22mqryH42kCfI2GCDcDz99X+2YgOAIvspw4YdYivbppFlNsDG69y5c2Tf XBl0IjvaGRuA4sUzeeg65MvkoewP4Wu1+uqre3YIDk9/nV6JYoOLPDs8S6QN+TLohNt0zjnn RPbTeeTKoBPezw5RFMma5M5fmS7skBmerkG2YocS8rPUuO3dpw2IybZ5WZfZoWsyztUGBmQ9 hu7brl27RrZXlgJljEha4lmkdJ9UpZSrvko62ECLiKGyodhAp5wMe+21V2R73R+2Iz7r9sVk 0NE97e4196n3kjI42Y7qrPWXc2GlzG0wpWeDCSPnmiu7iQ04jGyn7Do2eC04bRvI57Vq1crT u8QG5QXL3USp79ls3yXrrLOO3xZlzLFDcrlDRD71THbs2DHSZmXsylVsYJe34oor+tvbgA4v SSYVZWZx94cNxshVdbC8XM9kUGGJEzb4MWi3a78+bRBniTWmv1uSDDpqxccffxz8Xgifmw0k yfkdm0YGnerw21Ee5cigY4PhMr7fZLvDDjsk+o2ldlAQQAABBBBAAAEEEECg7ggwxFXdudac KQIIIIAAAggggAACqQgMGTIk6LBbtGhRzmOoI94N+xHuFBo2bFjOfYpZYTMBeIWGGgofNzyt QCGbAaGYw5Vl2759+2btBLTZFfLWr2FEwu130wqiUWdtrqJgnPhwSRMmTMi1eWR5fIiWpAE6 qsT+9XhkmBW1V8Oi5GrrQQcdFJzfFltssUyGJlOgk3PVZ9IAnUmTJkX2075JAnTkpOGJwsfU tM0QpVV5i54ttS++b64gr7yVFbHSZpLIOObhhx+eswabSSdjOKBigmzK3Xlfrvoq5aB7IX6N NdRRvmKzCGXso3dltpI0QEeBJLrOri0KKNQ7KVcQWbZjVXVZpczPPPPM4Dx1vhqeLV8A0vbb bx/Z3mZ3K+pUS33P5vousRlv8h7fZtqKtNdma8u5vc0MEmzbpUuXnNuFV8jKDYFXkwJ0sj1r uv6jRo0Kn161mk4aoKNG33fffcG1dM+xPnW/ZytpBOhUl9+O2QJ0NFSj3pPZ/o0ePdpTkJ6G dFMgrAuGCzsqEO/666/P+RsnmzHLEEAAAQQQQAABBBBAoO4IEKBTd641Z4oAAggggAACCCCA QNkF1Pm27rrr+h09Rx55ZMH6jznmmIxOIXUgl6vY4V/8ThE79I1Xv379jGOFO1CyTStTSSXL qaeemtFGZcMpVLJlj1CHkh2Wo9CuXrwTXlkfkpQLL7ww0tZiAnRUvx3KLCPLUbZ75q677gqO s88++3h2yK4kzSv7Nscff3zQDt0rSQN0Xn/99ch+2jdpgE782hTTua8sUPF7XpmL1PmYVgl3 2Lvn6Yorrsh7uHgWHTtUUt7twyvLFVDj6ixXfZVwsEO+eXYIosi9ZYcNdKeS89MObxXZR++J XBm24vefHRYvo15llAln5bHDYnnvvvtuxnZpL6iEuc4hnq2s0HfEP//5z4h3mzZtiqIo9T2b 7btE2ZbyBROpYWPGjIm0t2nTpjnbe/bZZwfbKtg26bvFDgfm71eTAnSyZfzTOy5XNqKcaBVc UUyAjpoVDrJz729lbFPWu3gpd4BOdfrtmC1Ax3kU+6nvFAXmKAsfBQEEEEAAAQQQQAABBBDI JUCATi4ZliOAAAIIIIAAAggggEBBAQ2t4jowFDRSqEydOjXY3u2nzxkzZhTatej1GjpLwyIN GDDAUxBQPHghfHw3rc6pQhkpim5Inh1OO+20DI+nnnoqzx7/uyrcEefanjTQYdttt40c89xz zy14PG1w0UUXRfYrNkBHdbi/mHdt1ufll1+uVX7RPaRsRlq+zTbbLNNOrngmi6QBOm+88UbE SedSaoCOspIUU+JZf3RsDf+WVlFGpvDQZx06dCh4rv369Yv45MvYEW93uQJqXL3lqq8SDvHO dL2rcg1V5c5Pnwrs2WmnnfzMWcr+ogC4XKVQgI4yICkgR/eV/vXp08dTwM6yKJUwV8BngwYN gvPVOWvIpnxFGcmcj/vU8HVJS6nv2WzfJePHjy942GzfydmG31JF8bZpSKTXXnut4DFc0OV+ ++1XcNtyPZMFD1RggxdffDHjOup6FspuV6DaVFeHfxcsXLiw4LH07LZv3z7jPJX9JT70aLkD dKrTb8dcATq77767V+jfUUcd5SkoVYFuej8uXbq0oDsbIIAAAggggAACCCCAAAIE6HAPIIAA AggggAACCCCAQMkC6pxQp5U6eQr9pb47yPrrr5/RIXTyySe71al9KmuEOizPOeccb7PNNsto g+tMVedUks6tcjQ0W6fqvHnzClb9wQcfZLS/UGYHV+mOO+4Y2ff00093q/J+xjtnSwnQ0QEO PvjgyPEVaPDYY495OieXIURDRiiwYFmW+LWpCQE6ymTi7mP3qaCZNMtvv/3mqTP7pZdeSnSY +PBsysCVtJS7876c9aXpoCHMlPnGXVN9KlCm3CVfgM64ceO8lVde2W+DntmLL7448Tu/3O10 9aVprmN88sknEXO5a3ibfEXZR8LXSdNJglhcnaW+Z+PvKx03SWBgMQGFCl6Nn5vmlVFJmWVm zpzpLVmyxJ1K8KmgBQWeJvluK+czGTSghIm5c+dmPdfzzz+/hNr+dxcNAafAsmKCOLSt9kny +6rYAB21Su/teBCarqmC78Kl3AE61em3Y7YAHb3jKAgggAACCCCAAAIIIIBAWgL+f3HY//ii IIAAAggggAACCCCAAAJFCdjsAsYGsxh92r+kN8cee2yi/S+77DJjO78i27Zo0cLYDiBjs6dE lqc5M2fOHGOzx5jHH3884zC333574vPJ2LmIBTY4xlx77bXBHrZz0ncIFuSY+PDDD40NvIis feKJJ4ztKI0syzZjA03MlClTglVqw9ChQ4P5XBO2Q97YIKBgtQ3QMXYYkGA+6YQd+sH06NHD 2I7hYBdd9+WXX94sWrTI2CAAM23aNNOpU6dg/bKYiF8buU2aNKlgU2xWE/95CG9oO8pNy5Yt w4uyTtugC6P70hUbzGJsx7ubTfRph7UyNhgtsu3HH39sbBBdZFklZr744guje9VmY/D/2Y5Q 8/zzzxsb0BMc3gbomI8++iiYzzfRunVr8/XXXwebVPU5LXd9QcNiE1V1sMENZs8994zUaju4 zciRIyPLqjoTv//sEFf+ce2wTcYOvWRskIB/CDv0mrFZUap6uFT3r6q5Gmf/jzjTvHlzYwMk grbaIQHNcccdF8zHJ2ygirGZrILFDRs2NDZTibEBVsGyfBOlvmfj7yt9N4eflVzHLOZ9pe96 G2BrbKBNruqMznfjjTc2el/a7CP+u76Y7/VKPZM5T+D/Vuheb9y4sbEBMpFN9TtH751Sig2+ MoMHD/Z3tRn9fKvlllvOaNoGhARV6r7T8W2wk/n999/95ZdeeqmxwUHBNtkmbICUscHH/iob ZGxWWmmlbJtlLNNvskGDBmUsv+mmm8wJJ5zgL9e9pGujYgPXTLt27fzpUv6nuv121PfTGmus ETkVXQ/3vousYAYBBBBAAAEEEEAAAQQQKIdAWpE/1IsAAggggAACCCCAAAK1W8ANW2H/uyTr X5oXu/zRRx9dJmDxjAVqt4ZXqkSJZz3o2bNnosNmy6Cj4RWSlGWdQUdtVHYCG7CScd/oL/kn TpyY5DT8bUaNGuX16tWr6H9Jsg3Fr01NyKAjlC5dumS42sCixKZV2XDBggWeDRrxevfu7dmg u4x2ZHsn1JYMOmG3cjtcd911GZa2wz58yLJMxzPoKCvKAQcckHHspk2berNnzy7LMctVSbnN XbtsYFTk/DWMXL5ywQUXRLbv2rVrvs0z1sW/j5JmKou/r5J+lxSTQUeNVSalJMNFumd9zTXX 9EaMGOEpe0ySUl0y6KitHTt2jFxLnVO3bt2SnEbWbVzWGGdTzGf//v2z1hleWEoGHe2va7PD DjtknKsNUPJmzZrlH6KcGXSq229HMuiE7yKmEUAAAQQQQAABBBBAoBICDHFVCWWOgQACCCCA AAIIIIBALRTYfvvt/Q4d+5fHfkCLglqS/tMwUvHOKXWEFlNs1g3vkEMO8f71r38Vs1vWbQ89 9NBIezS8weLFi7NuW86F8U7VpEEg2QJ0bKaSRE2rDgE6aqiG1rBZcyLu6sy1GXYSnYc20tAq 8fsoyfzee+9d8BilXptiO7zDDYkHSGg4qGKLOvTjBgqaSbNoODJ1INvsGRnH1rO+7777ekOG DPE76uPXrDYF6KTlcPbZZ2e43njjjWW/pPH7L34fhec32mgjz2bCKHsbiq0wLXPXjrvvvjti r2H4cg0dpe+MeODh9ddf76pK9FmuAJ2k3yWlvK9sZiUv23d4+P6IT2+33XaezSRU0KA6Bejo nRU/D5vxxps/f37B88i2gc5fw3zZbDTeZ5995tnsRZ7NyOQPVxc/jub79evnD4+modY0RGeh UmqAjuq1Gac8m30t43w32WQT/zu5nAE6y/q3Y9yRAJ24CPMIIIAAAggggAACCCCQtgABOmkL Uz8CCCCAAAIIIIAAArVQQMExCmJRJ1Ipnf+PPfZYRkeQOr7UcZW0uI7TYgN7stVvhwDylL0l 3EmWNOAlW31Jl5UaBFIbAnRk1L1794i5/BV0lbTEgz3C1y/fdG0O0MmWpUGdwGkVPYfNmjXL uI4K1hs7dqxnhwmJHFoBC+FrU1sCdNJ0sMMXRczkV6kAHb3nzzvvPM8OzZPRhkLZZCIXPoWZ NM3DzY2/Z+wQfZ4d+ii8iWeHwfID0cL3tt4z8fs/slOWmZoQoKNmK2DEDo3ode7cOXFGHQUN 2WGbspz1/y+qTgE6yvSWLVuQHdrx/xtchqmpU6dmPFu6j4oJVlUzqhKgo/1Hjx6dtR0DBgzw yhWgUx1+O+pcw4UAnbAG0wgggAACCCCAAAIIIFAJAQJ0KqHMMRBAAAEEEEAAAQQQqGUCgwYN 8jtymjRp4i1atKjos1MnXbYhcK688srEdd1xxx1+Gzp06JB4n3wbqvMw3Ln6wgsv5Nu8LOvq coDO8OHDI95h+yRDUOkCxDvOw3Xkm+7bt2/B61fqtSklI4VrTDyDSSkZdLIFPY0ZM8Ydoqyf uoYuUM95t2/f3ps8eXLO41QiQEfZmYYNG+ZNmTIlZzu0ImkwQKH60nbQuThf96mAmXKX+P23 0koreQqmdCXbcFdpBAq54+X7TNs8fOzp06dn+G+xxRbe7bff7g/5pCHI2rVrF9lG6xW0U2yp KQE64fPSeWoYPb2vFLS11lprRSzcPavPQgG95Xomw+2ryvTuu++ecS4HHXRQVarM2FfZa8JG mm7UqFHGdoUWVDVAR/Ufc8wxGW1Re2677bZguTL6lFqqw2/HeNsJ0ImLMI8AAggggAACCCCA AAJpCxCgk7Yw9SOAAAIIIIAAAgggUMsE/vjjD69t27Z+Z82RRx5Z8tkNHDgw6PBxnVMdO3ZM XJ8L0NGwOoX+Kj9JpSeffHKkPfpL77RLqUEgNT2Dzvjx4z1lTNJ132qrrbxdd901Yq+gj0ce eaQgv667sgwU++/3338vWHep10aBXe5+dp+5hsSJNyIeIFFKgE62wDcNpVLu8s4772Rkl2je vLk3Z86cvIeqRIDOBRdc4F+DE088MW9bkgYD5KuvEg4KsHL3kvtMEmSW9+SzrIzffy+//HJk Kw1p1alTp0hbFEgQ3y6yUwozlTAPN3ufffbxz1nZYlq3bh05f3c93KeGCbrpppu8JO+Y8DHc dHUO0Hn22We9nXfe2Zs4caJrbs7PGTNmeEcffXTwnnc+Xbp0ybmPVpTjmcx7gCJXPv300xnX W99ds2bNKrKm3JuHs9M4Jw3/WGwpR4COnvH4e8C1yX2WGqBTXX47xl0J0ImLMI8AAggggAAC CCCAAAJpCxCgk7Yw9SOAAAIIIIAAAgggUMsE1EnnOmoKZajId+pvvfVWUI+rT59JO3tdgI72 CWd5yHfMfOvOPPPMoD0rr7xy0UOT5Ks717pSg0BqcoCOOhGVmUPXTdlWvvnmG0+dgptvvnng r3UrrLCC99prr+WiS335GWecEWmPMiwlKeH7Uuehf5UK0Jk3b16kzTp2y5YtPXWMlrv06dMn 41jTpk0reJirr746sl94iCvdC/vvv7936aWXZq2n3J335aivEg7qwHcBbe6e0rNTSlFQW65h l+Id8zpuvLz//vvB8+vaoowp//3vf+ObpjZfCXPXeGWHceep4DMNbfWvf/3LO+GEE7w99tjD 23rrrf179uKLL/YeffRR77vvvnO7lvRZnQN03PeVgnSSFn03K9jEGeq9nuv+U53leCaTti3p dtmGDVRQablKdQrQ0TkpC5wC79w1i3+WGqBTXX47xq8bATpxEeYRQAABBBBAAAEEEEAgbQEC dNIWpn4EEEAAAQQQQAABBGqZgIawUIeNhvTI19GW5LSVkSDe+dO/f/8ku3rhQIhevXol2iff RuGhLHbYYYd8m5ZtnevwdAZJg0BqaoCOAlXc8CfxbCsa5kPBJM5Cn+qszRYkULYLkKeieEd5 0mtz+umnR85B51FqgI6CWYop5513XsaxTzrppGKqSLStAn4aN24cOdaGG26YaN9DDz00sl84 QEcdv/LS0HnZSjx7ya233pptM88FVxU696rWV0mH3r17R9zkpI70YsrMmTO9Bg0a+EEl2fZL EqCj/ZTdSscP/1PAQhqBYPF2VtJcx546dWpwnnrvpl3i753DDjss0SFL/S4pZkg+l2VO99CC BQsStUsbDRgwIDDUPfPLL7/k3Leqz2TOiquwYuHChd4666wTOQedhwKyylE+/fTTjLqXVQYd dz7K3hZ+vsPTpQboVJffju4c3ScBOk6CTwQQQAABBBBAAAEEEKiUAAE6lZLmOAgggAACCCCA AAII1AIBZUlwHfPqSKxqGT58eEYnkLLX5OvAc8cMB+io8+jKK690q4r+VAfcaqutFrTlrLPO KrqOUnYotVO1JgboyHjLLbf0jXUPqeM7Xl555ZXg/nIdgtrn559/jm+a+vxVV10V3A9qS7du 3QoeU8PaxIcA0r6lBugoS0fS8vXXX3srrrhipM0KcEojs4mCqdz1cZ9Jh7uLd3QXE6Cz2Wab RY57xRVXZOU56KCD/O0GDx6cdb1bWNX6KumgYeGctfvUcEHFBMVoWCztq2cqW0kaoKN940EX qvfCCy/MVm1Zl1XSXA0fN25c4F6O77xCGDUhQEfXupjh9xTI4u7ZVq1a5SWo6jOZt/IqrNTQ hfEsVsoG9OKLL1ah1v/ddcKECYGPcyolQEcZ59z+8+fPr1K7FHwdH3rS1V1KgE51+u0YhyFA Jy7CPAIIIIAAAggggAACCKQtQIBO2sLUjwACCCCAAAIIIIBALRIIB5S89NJLVT4zdSJlG0rh /vvvL1h3PECnXr16XpL9slUc7mxWZhd12FSinHLKKUGHmjq/evbsmeiws2fPjuynfTX8SpKi 7ECuo02fp556apLdvEGDBkX201/DJy26zt27dw/217XLVR588MFgO9fOAw44oMrZmnIdL9fy xx9/PNKOjTbaKNemwfI777wzso9rf9IOzXiAhDpp33zzzaD+fBPHHHNM5Nh6Hp577rl8u5S8 7tdff80IpNKwQ4VKtmHt2rRpE+ym4c9ktsoqqwTLwhP77rtv5BwPPvjg8Opg2gVJPfDAA8Gy bBNVra/SDi4Dhbuv9HnzzTdnO7WMZQokqF+/vu+Xa5/1118/4jt37tyMetyC3377LSMYTffc 2LFj3SapfFbaXMF1zrthw4betdde6ynYMK1S6nu21O+ScFCHO89cWctcBh1tp0BaDUmXpNx1 112BYaGhoar6TCZpT6nb6DtBQTnOyTlU9bdQ/JxVbykBOvfcc0/Qtueff77U0wz2072/+uqr B3W68076fRZUZCeq02/HcLs0nW1oSJ1rVTNExo/DPAIIIIAAAggggAACCCDgBAjQcRJ8IoAA AggggAACCCCAQE4BZWm44YYbIh016kgsR8k2zNUWW2zhKRtJvhIP0FGHijpQix12YtKkSUHH teq477778h22rOsOOeSQiGnSYYKmTJkS2U/t/ve//52obR06dIjsqyGHkpR4AIiGBEtSlB0g nDVFQQJLly7Nu6uGJtI5hf8lDSTKW3ERK5XFSUMtuTYo+ODzzz/PWcOHH37oKTuE2z78+eyz z+bcL7wiHqCjOhTAkqvDXPvqOQl3nLvjnn322eGqyz698847R85VHdcKsMlV1Nnbtm3byD5q q1yV/UdFAXZatssuu2StRlmy3PnpU1mv4hmC1DHttnn33Xez1uMWlqO+Sjr88MMP/tCC7vz0 qUAJZXnJVzS01dprr+27bLXVVlmz7qgzulmzZoGd6lbwRr6S7T2kLE7lyCqS77iVNFc74oFL GuKpadOm/r+VVlrJd1NQmYI79a7bfPPNvT322MPPKPTMM89k9c51fqW+Z0v9LnniiSci11zX PdfQafH3zG677VYwWEnZz8LfOYWCaMvxTOayLcdyZX4LZ9uTl+4HZT5asmRJ0YdQFjDVEf9X bICOvps6duwY1LP99tt73333XdHtie/w5JNPBnW6NhYToFMdfzvGzzHbMG861y+//DK+KfMI IIAAAggggAACCCCAQFkECNApCyOVIIAAAggggAACCCBQ+wQ0lMjo0aO9yy+/3IsPO+E6ag48 8EDvkUceyRu4EJdRZ7yGMtJfox977LF+B72rL/z517/+1Q+WUYe7OlDif62fLUDH7a+gn4ce eihvkI+CRNSpFh62ImnQSfycks4r88Lrr7/uD+90/fXXZ80epMAKdXxru/A5z5o1y3v11Ve9 xx57zNPQNu5c3WfXrl39ddomHJigOlSX6tTQXW5796mOQLVFHY/azmWHUMeq3KdNm+Zn6YgP qhAC2AAAQABJREFUn6ROyauvvtrT9VFHvvtrc13fhx9+2Lv44ou9bMFXOq6GNstVdLx4lh/X VgVuKEuAAgBmzJiRq4qyLY9nLOnVq1fWTs8xY8b4gRJqZ7iT1LVbHdS6X2UVvjbxhmYL0FEd LVu29NSRHi8KetE9646jTwW8HHfccSV1Fsfrzzevcw4/Ozq2ghOyBWc8/fTTQbYVBYrEgxD0 rKujWkNyqZ5//vOfWQ/9448/+tl1wuer4azcPatOameoAIlCpRz1VdpBwVoKAAkbaFpDjMWH tVEHvQIr3bCECioJPzfqgNazqwAyvYvjdfbo0cPT+emdoqxd4aJ7T0OIxffRvN4NAwcO9BSc 984774R3K8t0pc1vvPHGrOeZ7dyzLdNzMXTo0KzPZKnv2ap8lyhgS9/B+n7P9t2u4I5s1z0e oKNz1fOW6xor+5fuIWdSqWeyLDdZnkree+89TxnV3Hm5Ty27/fbbEw3JqOdQWcfcvhtvvHEQ RKdlhQJ0Fi9e7E2fPt2/TvrNoGfb1eU+11hjDe+SSy7xNDzeyy+/nOeM8q8KZxhU3YUCdKrz b0f9TlEmN73TFJyt7+Vsz4DOc9ttt/V/b0yePNl/T+a6z/PrsRYBBBBAAAEEEEAAAQQQyBQg QCfThCUIIIAAAggggAACCCBgBc4777yMDh/X8RP/LCZbRzH1ho+jQKFwCQfobL311n7H8yab bBJpc7t27bx+/fr5QUYK2FGQiobbUIaWeAebghrUWZpmUTaF8DkVmlY2AVfCWWgK7de+fXu3 mx/4UGj78PqJEyf6+ypQJry80LTLHqCO6ELbKrAjV9EQKIX21/pcwyDlqreU5RrqbL311ou0 R52ee+21l5+1RtmHdI+59qqT9eOPPw7m3fLw56abbpqzKS64xG1/xBFHeK1btw7qUyYP3bv9 +/cPAl7ctvrU0E66bpUqyoahYIxwGzStDn61U89UuPNTgUofffSRPxybG24pvq/OMV/mAg2h FB8WT9l7ttlmG0/ZTFSfMh/lygIStylHfZV2UHDGUUcdlWGv4CzdQwok0zsgbKsgL3Xoh0u2 gIvwPuFp3dvhoqC+8Ppc0wpYS6NU0lzPtAImcp1j0uUKUFFGkXAp9T1ble+SFi1aJD6X8Psq fL8oW1A4QE+ZvjRUk4YyUmCjgkh1Pzob3ZMK6kpSyvFMJjlOVbbRddRwjNkCMvXdtN9++/nD oSlITUFwCn5V0JMyD+pd5Vz0qeDa77//3v/ucEGKCqrLVz799NNIHeH6ck3nqy/fOg0rF/5t 9dlnn+XbvFr/dtTQfLl8Ci1XhjEKAggggAACCCCAAAIIIFAOAQJ0yqFIHQgggAACCCCAAAII 1EIBBdJoyKhVV13VH2ZHHb4KVlh33XX9oAR1JGl4FW1z9913JxbQEFLq1NdffK+++uqRutU5 r386jgIfdAx1dqlDXhl3wsUF6KguN7SOOl+uuuqqSNBEoU4XDUv01FNPhatObVqdqgpM0Lmv ueaafsYReYZd1R656rzCATrq3FWnnTpG11prLb8DXvvpn66Nhg/SOm3Tu3fv4BzUKahrpM4l 1S3X8DEV+KO2KLhBbQsH6Li2KihF2+lYuj7af22bCUX1qV51xLoAHQ2JoYAJBQSoXe56an+3 vdqTqyjzhjrDw/edq0NtV1uVzWe77bbLVUVZlysYQsNrxYc1Cd9XOl9lE1FWg0WLFuXtAAx3 eMcbGg/QueaaazwFCanTW8cIHzM8reuhrDPuGsTrTXNewTTKRBUOJAq3TdO6R5S9KTzkirIs hQMFdE/svffe3rx58wo2V1l6smWR0rH0zkganOMOVI76loWDMlkoADFf8IiMdf9qeKx4ueWW W/x3g943cnPvePeM6z2j+17vFGUqChcF6ChAI/xeCb+PVJ8CpdIK0FFbKmGu4NN4MJk8FLCg oRjdP2UL0zKdd/z+D8+fccYZYUY/oK6U92xVvksUQKf3Sa7vkvB119BZrqjtOheds7JPKeta t27d8p6v3k3KsldsKcczWewxS9legTqjRo3KGjAZvu7ZpvW83HvvvZFMf3PmzPHr0r2Uryig R/eavgv1jOv73z2/Mte0rqOusa61ApKrUpRBS9+9Oo6Gf8xXqvNvRw0JqfebnmH9xtBvEv2W kZmWu3+a13L9jtFvUL1j9Z6kIIAAAggggAACCCCAAALlEKinSux/KFIQQAABBBBAAAEEEEAA gRol8Nxzz5nddtvN2A5Uc9lll0XabocxMDbQxNihCYwdysC8//77xnZQGxtAYWywj7GdLsZ2 WBkbEGAOPvhgYztqIvszg0BcwHbEGpsJwdjMBcYOJWRs4I6xHaDGdswbG4RgbECVv4sNkjF2 6C9jO/P8+0r3lvtngx2M7ezz78F4/ZrfcMMNje2gDVbZAB1jg3P8eZvdydhOa3+9DQLy69F9 bDtyjQ3sCfZZVhO249PY4bvM3Llz/X8LFiwwtvPT2E5oY4dkMjaQI6Npeh7tUC/+cp1Dsc/h Bx98YGxWGGOHcTO2A9XYIUmMDR4wNtgn41hJFpSjvmXhYIfrMzZYx783PvzwQ6N71XbeGxsU Z2y2juDeTGJQE7dJw1yGNvjJjBw5MiCxGbPMueeeG3neg5WhCb0b7DBIxmZtM3bII2MDR0Nr jbHZVMyWW24ZWVYTZnRv2UBZY4eoM3qXuWIzDPnna4c28r9nbWCD/y7TM20DP91mJX2W45ks 6cBF7qTfHC+99JL/jtZ72mYK878n9LtD6/T+s4E0RjZ2CEez4447GhtkWuufzSIZ2RwBBBBA AAEEEEAAAQQQqBMCBOjUicvMSSKAAAIIIIAAAgggUDsF1DHrAiOSnKE6srW9zfiSZHO2QaCi AvkCdCraEA6GQB0XuOeee8w//vGPQEGBOTZLVTCfdMJmhPIDWsaPHx/scvrppxs7FGAwz0Tt FVBwjv4V8zul9mpwZggggAACCCCAAAIIIIAAAhIgQIf7AAEEEEAAAQQQQAABBBBAAIFqIECA TjW4CDQBASuw1157mXHjxvkWdmgfP3OWHSqoJBtlvFK2LTsslL//nnvuGdRdUoXshAACCCCA AAIIIIAAAggggAACNVaAAJ0ae+loOAIIIIAAAggggAACCCCAQG0SIECnNl1NzqUmC2ioNDf8 2mabbWbeeuutKp2OhnrTUFAqGtpo2rRpVaqPnRFAAAEEEEAAAQQQQAABBBBAoGYKEKBTM68b rUYAAQQQQAABBBBAAAEEEKhlAgTo1LILyunUWIEjjzzS3HvvvX77NSTiZ599Ztq2bVvS+cyZ M8fo2Xbl73//e1C3W8YnAggggAACCCCAAAIIIIAAAgjUDQECdOrGdeYsEUAAAQQQQAABBBBA AAEEqrmAhsH58ssvg1YOHjzYXHDBBcE8EwggUBmBxx57zOy///7Bwbp162bGjh1rmjdvHixL MjFv3jzTp08f89prrwWbjx8/3uyxxx7BPBMIIIAAAggggAACCCCAAAIIIFB3BAjQqTvXmjNF AAEEEEAAAQQQQAABBBCopgIffvih6dixo/njjz+CFu6yyy7mmWeeMcrgQUEAgcoK9OvXz9xx xx3BQTVM1e2332569uxZ8Jn8888/zcSJE03//v3NF198EdQxcOBAM2zYsGCeCQQQQAABBBBA AAEEEEAAAQQQqFsCBOjUrevN2SKAAAIIIIAAAggggAACCFQTgREjRpgxY8aYH3/80bz55pvm 559/zmiZhtXZaKONTKNGjcyNN95olGWHggAC6QssXbrUXHzxxebKK6+MBM6tu+66pm/fvqZr 167+86hn0vM8M3fuXD8YZ/r06eauu+4yn3/+edDIxo0bm1tvvdVo6CwKAggggAACCCCAAAII IIAAAgjUXQECdOrutefMEUAAAQQQQAABBBBAAAEElqGAsmkMHz48cQtmzZplOnXqlHh7NkQA gaoLKHhu6NChRsNeLV68uKgKV1ttNXPAAQeYk046yWyyySZF7cvGCCCAAAIIIIAAAggggAAC CCBQ+wQI0Kl915QzQgABBBBAAAEEEEAAAQQQqAECn332mbn//vtNkyZN/H/LL7+8qV+/vt9y ZeTQcFe//vprkFnnhBNO8LerAadGExGodQLz58/3h5x7+eWXzSuvvGK+/vprs2DBAv8Z1TB0 zZs3N61btzZ/+ctfjDJf9e7d2/Tq1cs0bNiw1llwQggggAACCCCAAAIIIIAAAgggUJoAATql ubEXAggggAACCCCAAAIIIIAAAggggEAdF1BWHQXWEYhTx28ETh8BBBBAAAEEEEAAAQQQQACB BAIE6CRAYhMEEEAAAQQQQAABBBBAAAEEEEAAAQQQQAABBBBAAAEEEEAAAQQQQAABBEoVIECn VDn2QwABBBBAAAEEEEAAAQQQQAABBBBAAAEEEEAAAQQQQAABBBBAAAEEEEAggQABOgmQ2AQB BBBAAAEEEEAAAQQQQAABBBBAAAEEEEAAAQQQQAABBBBAAAEEEEAAgVIFCNApVY79EEAAAQQQ QAABBBBAAAEEEEAAAQQQQAABBBBAAAEEEEAAAQQQQAABBBBIIECATgIkNkEAAQQQQAABBBBA AAEEEEAAAQQQQAABBBBAAAEEEEAAAQQQQAABBBBAoFQBAnRKlWM/BBBAAAEEarDAwoULTdOm TU39+vVr8FnQdAQQQAABBBBAAAEEEEAAAQQQQAABBBBAAAEEEEAAAQRqhgABOjXjOtFKBBCo pgKLFy82nuflbV2jRo1SD4JYsmSJ+fPPP/O2o3HjxnnXs7L2CsycOdPcc8895r333jOff/65 /++XX34xuifat29vNtpoI3PyySebHj161F4EzgwBBBBAAAEEEEAAAQQQQAABBBBAAAEEEEAA AQQQQACBZShAgM4yxOfQCCBQ8wXatm1r5s6dm/dElltuOTNy5EhzxBFH5N2ulJUKytl+++3N tGnTCu5+3333mcMPPzzndlOnTvXradWqldlzzz1N8+bNc27LiuovoOCx+++/39xxxx3mlVde yWjwCiusYH799dfI8t122808+uijpkmTJpHlzNRtAd4Ndfv6c/YIIIAAAggggAACCCCAAAII IIAAAggggAACCCBQHgECdMrjSC0IIFBHBZIE6IhG233yySdGwTrlLI8//rjZb7/9ElV54YUX mksuuSTrtkOGDDFa78oqq6xi1CnfqVMnt4jPGiTw/vvvm0MOOcS8/fbbQauXX355c+SRR5q+ ffuaDTfc0Ky88spm0aJF5rXXXjMnnnii0T4qe+21lxkzZkzqWZ+ChjFRrQV4N1Try0PjEEAA AQQQQAABBBBAAAEEEEAAAQQQQAABBBBAoAYJEKBTgy4WTUUAgeonoKAbZSH56aefzFdffWVu v/1288wzz2Rt6NixY02fPn2yrit1Ya9evczEiRMzdm/QoIE599xzzY477miaNWvmZ0RZffXV s2bF0VBHCtb4/fffI/Uceuih5sEHH4wsY6b6C3z00Udm2223NfPnzw8aq4xId955p2nZsmWw zE28++67plu3bubHH390i8zkyZP9eydYwESdFODdUCcvOyeNAAIIIIAAAggggAACCCCAAAII IIAAAggggAACKQkQoJMSLNUigEDdFFCgjgJiPM/LAFAwzYQJEzKWl7pAgRgdOnQwDRs2NEuW LIlUc9BBB5mHH344sizXjDKndOzYMWO1gnsUqEGpOQIa8mzTTTc1CrpxRUOgKWiscePGblHk 84wzzjDXXHNNZFm+bEuRDZmp1gKDBg3ysyiddNJJRu+fYgvvhmLF2B4BBBBAAAEEEEAAAQQQ QAABBBBAAAEEEEAAAQQQyC1AgE5uG9YggAACJQkoG83ChQvNNttsY15++eWgjnr16hkF1bRv 3z5YVpWJM8880wwdOtQcddRR5q677opUNXDgQDNs2LDIslwzCu5ZddVVjbJlhEsxdYT3Y3rZ CTzyyCPm4IMPDhrQpk0bM2vWLD9DUrAwNnH44YebBx54ILJ0wIABZvjw4ZFlzNQ8AQXeKchG mb2OPfbYok+Ad0PRZOyAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCOQUIEAnJw0rEEAA gdIEFOzyww8/mDvuuMOccMIJZunSpUFFCqq56qqrgvlSJ3777Tej4IvvvvvOvPrqq6ZLly6R qk499VRz7bXXRpblm7nyyivNOeecE2yy0kor+fVuuOGGwTImqr/A3//+d3P//fcHDb344ovN RRddFMxnm1DwRv/+/SOrRo0aFQn0iaxkpsYIrLjiiv4QfKUG6OhEeTfUmMtNQxFAAAEEEEAA AQQQQAABBBBAAAEEEEAAAQQQQKCaCxCgU80vEM1DAIGaJ+ACdJ588kk/WCI81FSLFi3Ml19+ aZZffvkqnZiCMBSM0a1bNzNp0qSM4YuKDdBRY2bMmOEPhdSkSRPTp08fs/baa1epjexceQFl bXrllVeCA2toq1133TWYzzah4dgUyDN69GjTqFEjo4w6GvaKUrMF9J5Za621/JOoSoCOKuDd ULPvBVqPAAIIIIAAAggggAACCCCAAAIIIIAAAggggAAC1UOAAJ3qcR1oBQII1CKBcICOMtH0 7Nkzcnb33XefHwQRWVjkjAJzpk+fblTXgQceWJYAnSKbwObVUEAZj+bMmRO0TMNbderUKZhn ou4IXHHFFebcc8/1T7iqATp1R40zRQABBBBAAAEEEEAAAQQQQAABBBBAAAEEEEAAAQTSEyBA Jz1bakYAgToqEA7Q6d27t9loo43M7NmzA43tttvOTJs2LZgvdmLmzJlms802My4bj/Zv3Lhx pJpSMuhEKmCmRgrEA3QUrNOhQ4caeS40unSBP//806y33nrm008/9SshQKd0S/ZEAAEEEEAA AQQQQAABBBBAAAEEEEAAAQQQQAABBMolQIBOuSSpBwEEEPg/gXiAzvDhw83AgQMjPm+//bbZ dNNNI8uSzpxwwgnmlltuMWeeeaa56qqrzOLFiwnQSYpXy7cjQKeWX+CEpzdq1Chz6KGHBlsT oBNQMIEAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIILDMBAnSWGT0HRgCB2ioQD9D54Ycf TOvWrc0vv/wSnPJxxx3nB9kECxJOLFq0yK/rp59+Mh9++KFZd911CdBJaFcXNiNApy5c5fzn OHnyZLPnnnua3377LdiQAJ2AggkEEEAAAQQQQAABBBBAAAEEEEAAAQQQQAABBBBAYJkJEKCz zOg5MAII1FaBeICOzvOYY44xI0aMCE55pZVWMl999ZXRZzHltttuMwru2XXXXc0zzzzj71ru DDoLFy408+fPN40aNTJt2rRJ1DwFH73xxhvmm2++Md9//72/zzrrrGPat29v1l57bdOgQQOz ZMkS88ADD5itttrKbLLJJonqdRt5nmfee+8988UXX5j//Oc/ZunSpWaNNdYwrVq18v/pGKUW DQf0zjvvmLlz5/p1N2zY0GywwQamY8eOZpVVVim1Wn8/1S2P7777zqy++upG90a8/P777+aT Tz4xK6ywgu9dr169+CaJ50sN0NG1UTsXLFjg/1txxRVN586dEx83vqECyD7//HPTsmVL07x5 8/hqf17Dvj3++ONG2aR+/vln06VLF3PIIYcUHJJL96faqXuiXbt2WevOtlDPia6DAuY07Jfu ySRF++l5WH755f1h5eL76L5RMIzuQT0zSctHH31kvvzyS/P111/7bZKVAu70zBT7XnDHHD9+ vDn44IN9T7dMn+UK0Cnl3RBuh6Zr0/MWPzfmEUAAAQQQQAABBBBAAAEEEEAAAQQQQAABBBBA AIF8AgTo5NNhHQIIIFCCQLYAHQWvKDAlXG6++WZz/PHHhxcVnN588839gAYFNuyzzz7+9qUG 6Cgbz5FHHukHLShwQUEICnxQ8IvKYYcdZu6//35/Otf/TJgwwQwdOtS88MILwX7xbddcc01z 7LHHmn//+99m6tSppk+fPmbs2LHxzbLOf/vtt+bSSy/1AzkUzJCrKKDmqKOO8s9HgQ5JigKk hgwZYsaMGeMHFmXbRwFAMtJwYquttlq2TYJlCvI5//zzfU9ZylRBLwpIUAkHSXz66afm8ssv N6+99pofeKQAGRUF6ShIo2fPnmbw4MFZA3r8Df/vf3T/zJs3L1j03HPPGQXHuKL7RYFS8aJr rPNXO9VGBciES+/evc2TTz4ZXlRw+uGHHzYPPfSQH+yk81MAjYoCdDp16mQ0NNuBBx7oB0Ep yEzBJG4bV3mLFi3MjBkz/EAleQ4aNMh31H3pPN39+de//tVMmjTJ7Rr57Nu3rx8gpH3cvuEM Vgryynaf3H333UbDQ8nFXUPn2bZtW79OHUj3ou6JiRMn+vVrmYJzdNxhw4b5wTxaFi///e9/ jYLs9FzNmTMnvjqY1/U//fTT/Uw4hQK2FOijYfT0bMkuW8l1H2jbrbfe2px33nmR3crxbohU aGdqw/MWPyfmEUAAAQQQQAABBBBAAAEEEEAAAQQQQAABBBBAAIGiBGznGAUBBBBAoIwCNuuK IhM8G+AQqdV2hPvLtU7/Nt1008j6QjPTp0/397NZbTybdSXY3GbviNSruk899dRgfa4JGyyQ sZ9rmz5tgE6uXf3j24CYyP7dunXz+vXr51122WXeNddc45122mmezegS2Ub12uw/OesNr7BB PJ7NkpOxv81U4u2xxx6eDWLwbDBUZL22t4Ed4WqyTt93332eu07unG0gkWeDh7x//OMfXvfu 3b369esHdTdr1sy76KKLPBvkkbU+LbQZjYLtXZ3hTxug47upnsaNGwfb2swsnh0CzbOBGMEy 7adzGTduXM7jaYXNthLZJ3y8qkzbAJ28xw2vlLeuRfx4NjDHs0ErkeU2440nS22r895pp528 gQMHRra59tpr/eoLedoAnXAzItM20CdSZ7xtNkAnsr2bOfnkk3Pu16RJE38zPddNmzbNuZ0N 6HLVRT5tQI6n83dtscFYvlv//v3952a77bbL8Npoo408G+wUqSc+88QTTwR1urqL+dQ9Hy9V eTfE69J8bXnesp0byxBAAAEEEEAAAQQQQAABBBBAAAEEEEAAAQQQQACBpAJk0LG9WBQEEECg nALZMuio/rvuusvPsBE+lrJe2MCW8KKc00cccYSxHd3mkksuMRdeeGGwXakZdJQ15dxzzzXK lqEMOBpmKVzyZdC57rrrjA3A8TfXcFXKDrPNNtuEdw+mbcCFOeOMM4JsKeHhuYKNQhPKWHLK KadEhgRbbrnl/GwqAwYMiAyZpOw0ynpy9NFHBzXYYBd/uKpsmUeUwUTZWx577LFg+3333deo jfFMMxpOywY6Rbbt0aOHn1lm5ZVXDvZ3E8qIokwmP/74o5kyZYo/dJFbp09lTnn11VeD8+rV q5exwUxms80284db0tBLyjT06KOPBrspa48ypGQbGksb6XjKgOPKDTfc4GeacfM26MMfDs3N xz9//fVX89ZbbwXDpbn1STPozJw507/uqseVs846y9igG/OXv/zFz6qk63PSSSf5Q5y5bdZa ay0zefJks9566/n3n4YSc5mGdE66zvLU+eh+0HBu4UxBqidfBh1lhFH2JWXhkXm85Mqgo8xU OpbWKxtROOuODdDxn5Ptt98+GJLLBqKZiy++OJLJxwZf+UNWaUgsVzSMmc7ZnYPuH2WUUZ3h 8v777/v35/PPPx8s1pBXej51X2crH3zwgZ+5KLxO7dJz7Uq++2Dvvfc2yrATLlV5N4TrqW3P W/jcmEYAAQQQQAABBBBAAAEEEEAAAQQQQAABBBBAAAEEihZIGsnDdggggAACyQRcZpZ4Bh1l X3Hr7Mvaz3qRL0tN+Gh2uB0/60qDBg0827EfXuWVmkEnXMkff/zhde7cOZKJI1fb5s6d6624 4or+tsoqYgN7wlVlnb7zzjuDugtl0LGBK8G2clJ2GRugkLVeLdxrr70i22ufN998M2N7O4xU 5ByVscYGOnk2MCRjW7dALieeeGKkfhtQ49kgHLdJ1k8bNOXZ4JPIfjYAyJ9X5hg7FFTW/ZQZ qWPHjpH97FBHWbfNttAO9RXZN34PZttHy+xwaZH9kmTQkcH6668f2e+OO+7Ieohbbrklsp2y 69hglWBbG1Dj2eHEPGXFscNSBcvdhA0A8pThyD03+syXQcftp89zzjknsp/2zZVBJ7yfDVyK ZFFSxhsbjObXZYfsCu4BO3RdpH49o/H7ww7vFtlGbbABW+HDBdO6B7p27RrZXtfVBs0E2xSa sMFRkf2VvanUUsy7IXyMuvC8hc+XaQQQQAABBBBAAAEEEEAAAQQQQAABBBBAAAEEEECgkIAy GlAQQAABBMoo4IJwsgVHxIfzUbCGhpMpVIYOHep3uO+3334Zm5YjQEeVxtuWK0Dn3nvvDTr/ u3TpktGebAsUBOOG98kXoHPPPfcEdbtgDA11lK/Y7B8Z+9gsNBm72Ewnke001FTSEh/6SMN7 FSp9+/aNHM+dj80+lHfXSy+9NLJfMUOhlRqgM2TIkMgxkwTonHnmmZF9NBxTvmAnm3kmsr2G Eium/O1vf4vsnzRAZ9KkSZH9kgboqG3xoCDtq6HHPvvss6DpNgtVpH4FO8XL4MGDI9uonsMP Pzy+WTBvM+lkDHdVTJBNOQN01Kik74bgBOxEXXjewufLNAIIIIAAAggggAACCCCAAAIIIIAA AggggAACCCBQSIAAnUJCrEcAAQSKFMgXoDN79uyMjvorr7wy7xEU9OAylTz77LMZ25YrQEfZ ZFwQiT5zBeicffbZwXbNmjXz7FBCGW3KtsAOfeTvlytA55tvvvHskE5B3WrDzjvvnK2qyDI7 vFVkH2U6scNFRbaZMWOG17Bhw2C7Fi1aeHYIoMg2+WaU1UXZgsI+48aNy7eLZ4fHimyvfZUd KF8QiyocM2ZMZL+mTZvmPU54ZakBOnaIr8gxkwToxDPH2KHXwk3JmP7nP/8ZOUabNm0ytsm3 4Pjjj4/snzRA5/XXX4/sp+uQJIOO2tKhQ4eMfRUsFy5Lly71tOyAAw7wrrrqKk/3cbyEg9rc PXTFFVfEN4vMx7Po2KGoIuvzzZQ7QCfpu8G1qa48b+58+UQAAQQQQAABBBBAAAEEEEAAAQQQ QAABBBBAAAEEkggQoJNEiW0QQACBIgTyBeiomh133DHS6d++ffu8QRsKylGnvoJ0sgV3lCtA RxllXPCAPnMF6MS323LLLb3XXnutoNBdd93l158tC5B2VkaR8PE1BFW2oariB1JAxE477eQH 4CiLi44TL/EsOwrqKbYccsghkfZ17949bxWnnXZaZHud2/jx4/Puo5VTp07N2C/bsE/ZKqpU gM5PP/3kaSin8PXSMGb5yoQJEyLba98vv/wy3y6RdfEsLkkDdN54442M4yYN0Il71q9fv6g2 uxP4/vvvI8OrKfCnUBv69esXaXcxmZTKHaATf+ZzvRvc+daV582dL58IIIAAAggggAACCCCA AAIIIIAAAggggAACCCCAQBIBAnSSKLENAgggUIRAoQCdRx55JNLxrkCFp59+OucRFNCibeKZ O9wOlQ7Q0ZBT4cAMN73XXnt5Dz30kDdz5kxvyZIlrnnBpzKNPPXUU968efOCZW7i559/9pT5 xtWlzw033NCtrtJntgCNu+++u+g6b7zxxkj71MY5c+bkrCdbgE6hoAxVlq29SfbTvvGAkmzD rGm7eCk2g84nn3ySYTF69Oh4tZF5F2gWvsZJArtcJXHPZRGgo+C6Uoue0xdffNF76aWXElVx zTXXRIzXXXfdRPtpo2UZoJPt/q2tz1viC8KGCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggg gIAVIECH2wABBBAos0ChAB0Fr7Rs2TLS+a7glmxFGUaUqaRx48ZeriwqlQ7Q0dBQ8faHgy40 reGkOnfu7J1++unec8895y1evDjb6QXLlFkmXsdRRx0VrK/KRDz7h46jQIlii4Jd4m3MNzxZ PKCkVatWiQ6ZLcChugXoKJPTqquuGvG45ZZb8p7fgw8+GNle98gvv/ySd5/wyrjnsgjQOeOM M8JNKtv0559/7j8nCnAbPny4N2jQIK9Hjx4Rr5oSoFOXnrey3QBUhAACCCCAAAIIIIAAAggg gAACCCCAAAIIIIAAAnVCgACdOnGZOUkEEKikQKEAHbVFHfDhYI/lllvOUyd9vFxyySX+dkcc cUR8VTBf6QAdHXjcuHGehvsJn0O+6TXXXNMbMWKE98cffwTtDk9cd911GXVdeuml4U1Knj7o oIMy6s6X+SbXgV544YWMevr3759rcy8eUNKzZ8+c24ZX1IQAHbV3zz33jHj87W9/C59GxvQF F1wQ2b5r164Z2+RbEPdcFgE6uk/LURYsWOCNHDnS6927t9eiRYuIS67nqKYE6NSl560c9wJ1 IIAAAggggAACCCCAAAIIIIAAAggggAACCCCAQN0RIECn7lxrzhQBBCokkCRAR8E4CsoJd8af f/75kRb+/vvvXps2bfxt8g2LsywCdNRQZZRRVpjwORSa3m677bwff/wxcp6aOfvsszPq0ZBS 5Sjdu3fPqFtDNBVbZsyYkVFPr169clZTHQJK0hriSietYYvC13u11VbzcmX6UQaleNal66+/ PqddthXVwVPD01WlfPPNN56CupQ9KGynaT1L++67rzdkyBA/mE1ZtcLb1JQAnbr0vFXlXmBf BBBAAAEEEEAAAQQQQAABBBBAAAEEEEAAAQQQqHsCBOjUvWvOGSOAQMoCSQJ01IQ+ffpEOuAV wKDhr1x5/PHH/fWbb765W5T1c1kF6KgxP/zwgzd06FB/OKukGXWU+SR8nqpHQ2GFgxE0Xa4A nS222CKj7nfeeUeHLaq8+uqrGfXsvffeOeuoDgElaQbo6MTjQSQalmnp0qURk++//94PPAlf X7lpmKxiSk3yzHZeCmhq1qxZxj20zTbbeGPHjs3wUABT2KymBOjUpect23VmGQIIIIAAAggg gAACCCCAAAIIIIAAAggggAACCCCQS4AAnVwyLEcAAQRKFEgaoPPUU09FOuDVGf/www8HR1V2 Fi279dZbg2XZJpZlgE64PQrEmDRpknfNNdd4Gu5orbXWyjg/F3Cg4X3CZdiwYRnbDh48OLxJ ydPxIBK14cUXXyy6vmeffTajjcp4kqvUpICSa6+9NnJuGnopSZk+fXpkP9kqQOP222/3h0HT kFDt2rWLbKP1uleKLTXJM35uw4cP9+rVqxdxaN++vTd58uT4psF8JQJ0lJlLz96UKVOC42ab uOiiiyJtP+yww7Jt5i+rS89bTgRWIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAJZBAjQ yYLCIgQQQKAqAkkDdP7444+M4IWePXv6h/7oo4/8Dv2VVlrJW7RoUd7mVDpAR4EqO++8szdx 4sS87dJKDQt19NFHZwzn1aVLl8i+Y8aMiQQAKNCjb9++kW1KnRkwYEBG3Ukzy4SPOXr06Ix6 VHeuUpMCSkoN0Nlnn318k86dO3utW7fO8HEBWfpcddVVvZtuusnT0G2llFI9X3jhhYx25RqK K96uDTbYILJvKfeNsjXFs0s1b97cmzNnTvxwkflKBOhccMEF/vmdeOKJkWPHZ4oJ0KlLz1vc iXkEEEAAAQQQQAABBBBAAAEEEEAAAQQQQAABBBBAIJ8AATr5dFiHAAIIlCCQNEBHVV9xxRWR AAAFMrz33v+wdyfwW4z7/8c/7VooERIphEpCJck5OIecc8Sxb3+kw7fSJkskW5GOFCKkzVqH nH6c7Hsoe8p6CJ02KZFWkZb5z2d8Z9z7d+577nu+s7zm8fi673vuuWau63nduee+7/dc13+N gQMHWut79+5dYQ38DujYQQkN6bhdHn/8caNWrVpOW2vXrp00pc/SpUvTQjw6wkghi06flTh9 0pQpU5zj2oERHdEk32XEiBFp+9FpyLIttpN9TJ3ay83ywQcfpB2n1IGSQgI6OgqO3TYNm+jU Vv/3f/9n6Gv2b3/7m9GhQwfjlFNOMYYMGWJMmzbNWLlypZvmZ93m8ssvd46nx3XrOWHChKRy WrbUnomNSJ3KTo//5ptvJm6S8f7IkSOT6p04xdV3331n2Q4bNixj2V133TWprI5olGkpRUAn Tv/eMpmyDgEEEEAAAQQQQAABBBBAAAEEEEAAAQQQQAABBBDIJkBAJ5sM6xFAAIECBfIJ6KxY scKoWbNm0o/pPXr0MHbccUdr3ccff1xhLfwO6PTv39+qW/Xq1Y0ff/yxwvrZG6SOrLFhwwb7 KetWp1WyAx/2rYZV8lnUS+ul4RB7+fnnnw27T+z9anAk30VDJ3Z5vdXRjXTf2ZaoB3RmzZrl eHz55ZfZGIq2PnUUF7cBncsuu8ypp91/fgV0dJSsbbbZJun4++23nyuTs846K6lcYkDnf//7 n/Vc3bp1M+4rdTSjbNPk2aGnvn37ZtyPvTLVPtcUV3H692b7cIsAAggggAACCCCAAAIIIIAA AggggAACCCCAAAIIuBEgoONGiW0QQACBPATq1Klj/Xiuo4m4Wc4+++ykH+LtEEHnzp3dFDcq K6Cj9bz11ltd1VE30lFU7LY1btw4rdwzzzzjPG9vp1NhacjB7aLTYmnZdu3aJRWxRySy96uj +Sxfvjxpm1wPFi1aZNSoUSOpfmPHjs1VxIh6QOfpp592PDTAUerllltucY6n/ejm34dOp9W6 deukclrWr4DO4sWL047drVs3V1TNmjVLKptPQKdt27ZJZXWkrkzL6aefbm13ww03ZHraWZdP QEcLxeXfmwPEHQQQQAABBBBAAAEEEEAAAQQQQAABBBBAAAEEEEDAhQABHRdIbIIAAgi4FVi4 cKHzw/iNN97oqtjMmTOdMnaARG8nT57sqvxPP/2UVv7iiy92VTZxo2uuuSZpPxocyrTYI+ho HevXr2/odDtulvvvv9/Zf5cuXTIWyRRWuueeezJum7pSHatWrWodI7WMGu27777O8bXuGpRI nAordX+Jj3XbxL7RaYsqWgYMGJBU5sgjj6yoiPX8+++/n1ROj6tTgLlZWrRokVR2+vTpbooZ o0aNSir317/+tcJyGnKxTTS8pNNkrV27tsJyhW6g04nZx9PbVq1aVbiriRMnJpWxy+sING6W Qj3tfetoMqkj6Lh57Xz44Ydp9d5tt93s3RofffSR9byODJVpOemkk5LKn3HGGZk2c8JLOi1V rsXt/xvsfcTl35vdXm4RQAABBBBAAAEEEEAAAQQQQAABBBBAAAEEEEAAATcCBHTcKLENAggg 4EJAf5Q+9dRTnR/Gd9llF+PTTz91UdIw9t9/f6echgh0iisdGcfN8tVXXyWV1fJaj3yXCy+8 MGk/2UIaiQEdPdZf/vKXCoMZarPPPvs4+88WPlq9erXRvHlzZzvdv4aAdLSWXItObbXHHntY 5dq3b59x1B0Nvui0VLpP+++cc84xNm3alGvXxj//+U9ney2no/98//33Ocvok2eeeWZSObdT Gz355JNJ5fSYbqb60rDRdtttl1R23LhxFdZTN7CnOrJdDjroIFflUgMsOr1YvXr1rD+11vpo iGSHHXYwdESYAw880NCpwq677jrjhRdeyNhP2Q6sU6LplE52HatUqWLoyEbZFv13oX1lb594 +9JLL2Ur5qz34unsxLxz9NFHJ9Whdu3aVsAmcZvE+xp8atq0aVIZrbu299tvv7U21X8/uu6Y Y45JLOrcHzFiRFL5hg0bpr1mX3/9dWebzz77zCmb6Y7b/zcklo36v7fEtnIfAQQQQAABBBBA AAEEEEAAAQQQQAABBBBAAAEEEHAjQEDHjRLbIIAAAlkE5s6dazz//POG/iCeGizRH9Br1qxp 9O3b15readasWca6desy7unuu+92fizXcjpFTLZFp2bSH79fffVVQ0el6dChQ1JZLa8jyWjo QqeN0uNqPVOndNLQjAY/3nzzTUNHnLGn5tLy+qdhi5EjRxr6Q74ezx5tJjWgo9vq6DSffPJJ xirPmTPH+MMf/uDUUQMauRYdLUaDHHY97FsdxeaHH35IKrpy5UpjzJgxziglGg7RtmZbZs+e bey0005J+9YgUmrdf/31V+Pdd981jj/++KRt9957b2t9pv3r6DG6f/W+4447rL63627fXnnl lcaMGTOs7RJHHtKAkR7v3//+t5E6PZGW/eMf/2j85z//Md577z3j888/dw7/zTffWH2jgZOy srKkumo5fU3q6Ci6b+0Huw91ZBft+7ffftvQUWY0BGXX0b7VUVNee+01q67ZAkl33XVXWjm7 vJtbDe3o6D3q7WZJHWHp2GOPNfQ1kLqold2mli1bptVRw2ITJkywXtuJ4ZSKPHfddVdj9OjR xssvv2yZar9VtGhdqlWrllQHbbeO+JS6PPfcc86oNho4Sw3G/OlPfzJ0uiqth/oOHz48dRfW 4zVr1ljBqMQ+0Oms7BGONNhkjyiV6d9jof9vSK1M1P69pbaPxwgggAACCCCAAAIIIIAAAggg gAACCCCAAAIIIIBAPgJVdGPzBxwWBBBAAIECBMyRLmTJkiWuS5qBBzniiCPStjd/OJcmTZrI +vXrxQzXyJdffil77bVX2na6whwVRMywTcbncq00Ry2RoUOHOpu89dZb0rlzZ+dxRXfMEIWY UxmJOX2W3Hnnndbm5sgoYo56I1u2bLEem9PwiBkYEjMYYtXx66+/FjPco2FQ63kzUCEPPPCA mKML5TycGWSyjvPwww/L5s2bnW3NUUTEDFeIGXAQc4QUMacqcp7TfT7++OPSqVMnZ12mO+Y0 ZDJ48GCZOnWqmIEVZxNzyiTZc889xQx8iBnyEXMEI+c5bbcZeBI1NKcsctYn3nnxxRdF2+d2 MUNdcsUVV1ibN2rUSMzwkauiBxxwgJhTHFnbJvaFm8J2H/73v/+V1q1buylibaP93a9fv7Tt 1V/dNm7cmPZcPivMkIg89dRT1ms/VzkzKCSHHXaY6OvKXszAlXTs2NF6zenz77zzjixYsMB6 2hyZSsxpvrL+W9KNvHiaI/pY/2btumS7NUNScv755ye9lnVbM3hlHV9f42ZYyulXfY0/++yz 1r8rM2CU9Dq1j2GOXiRm2Mv6/4a9LvHWHIlJTjvtNNE+txdz9B4xA2BihpJE/41p/d944w05 +OCD7U2s20L/35C0k/IHUfr3lql9rEMAAQQQQAABBBBAAAEEEEAAAQQQQAABBBBAAAEE3AoQ 0HErxXYIIIBABgFzlAtZsWKFmKPPWH8a5NCAjQZJNPyhwRVztBIxp+cRcxQNMUctyRoWMEfm EHOEFenTp4/cdtttGY7226patWpZx9Af2/XPHKVHzNFurGPahfS4+qO/hkz0+PqnoZTUgI45 so1Td22DvR+tu5bXH/fN0TSsH/M1hKHtM0f3EXPUE+tHfQ0ImKPPWPU2R+KxD592q2Ejc6oo KzCQ9mSOFRq0MEcMkQcffDBrCMScDkzOPfdcuf7668UcNSXH3pKf0pDKkCFDRIMM2QImGsYx pygSc6QSadOmTfIOUh5pQMccjcfy1OCD9o32ub4WNKCkptof+lpQ05tuuskJ6GhoS4NMqa8j PYSWM6fhsspo2RNPPFEeeeQR6+j33nuvmCMaOcfU14Z9TLucltE/fQ3Yfaht1/CKfTy77/W1 q3VNfN1qXW+//fa0gM6gQYPEHGEpKTyiXhoc0deJvej+9LWkwSdziiZ7ddqtBqB0fxUtGizR vtbXxI8//phxc7W/6qqrrNelvobN6bYybqcrEwM6iZ5qou2xPXVb21Qt1UW9tD5uFnNkKDFH 7RFzxCLR+5kWc0ow6dWrl1Vvc1oqa5PHHnvM+n+CHeBSWw00mdOXyc4775xpN846czQnueyy y8QceclZZ98xR+GxQlGp4Rx9XgM6hfy/wd53ptso/HvL1C7WIYAAAggggAACCCCAAAIIIIAA AggggAACCCCAAAJuBQjouJViOwQQQAABS0BHrnniiSfEnH5H7BCBPjF//nzRH+EXL15sjaqj 4aX99ttPzKl0cgYk3LBqQEVHa5k3b541co4GSDRgoCPpHHrooVawyM1+Mm2j+9Ig0BdffGHt Xx9r8GH33Xe3RuPRsAfL7wLq06NHD7nvvvuclWeddZYViNHRXjTklW3RkaL0NaIBo/HjxyeN UqRlzCmRpF27dtmKJ63XemioSftOwyu6b+2zgw46SBLroQEdDf5oeGv77bdP+tPXb4MGDayQ W9LOS/hAw0o6go2OvKV/GjLSUbHM6dPEnNpNNKSTumiwSkd10kX/PWk78ll0RC4N3ZjTqomG uHSUKQ3mJAap8tmfl2359+ZFj7IIIIAAAggggAACCCCAAAIIIIAAAggggAACCCAQZgECOmHu PeqOAAIIIICAzwI6co1O12QvOlKNjjCU76LTtGnI65lnnnGK6mgvOjoTCwIIIIAAAggggAAC CCCAAAIIIIAAAggggAACCCCAAAJREyCgE7UepT0IIIAAAgiUUOD444+Xp59+2jqCjjSkI9gU OsqQTg+lo96sWbPG2t9xxx3n7LuETWDXCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAAC CPguQEDHd3IOiAACCCCAQHgFdGoke7qltm3byocffuipMTq1k06Ppsthhx0mb775pqf9URgB BBBAAAEEEEAAAQQQQAABBBBAAAEEEEAAAQQQQACBIAoQ0Alir1AnBBBAAAEEAirQrVs3eeih h6zaValSRRYuXChNmzYtqLbz5s2T/fbbzyl77rnnOvt2VnIHAQQQQAABBBBAAAEEEEAAAQQQ QAABBBBAAAEEEEAAgQgIENCJQCfSBAQQQAABBPwSePzxx+WUU05xDte5c2eZPn267LDDDs46 N3eWL18uJ5xwgrz//vvO5s8884z87W9/cx5zBwEEEEAAAQQQQAABBBBAAAEEEEAAAQQQQAAB BBBAAIGoCBDQiUpP0g4EEEAAAQR8EujRo4dMmDDBOZpOUzV+/Hg58sgjRUfVybVs3bpVXnzx RenZs6csXrzY2fTiiy+W0aNHO4+5gwACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggECU BAjoRKk3aQsCCCCAAAI+CGzatEmGDBkiI0aMkC1btjhH3GuvveQf//iHdOzYUXbffXfrzzAM WbJkiRXGeeutt+T++++XRYsWOWW22WYbuffee0WnzmJBAAEEEEAAAQQQQAABBBBAAAEEEEAA AQQQQAABBBBAIKoCBHSi2rO0CwEEEEAAgRILzJkzR0aNGiU67dXGjRvzOlrDhg3l1FNPlb59 +0qbNm3yKsvGCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCIRNgICOxx7r3bu36IgA LAggUByBnXbayZr+pjh7Yy8IIOCHwA8//CAvvPCCvPPOO/Luu+/Kt99+Kz/++KP8/PPP1pRX O+ywgzRp0kR23XVXadq0qXTt2lWOPfZYqVGjhh/V4xgIFCSg4bFZs2YVVJZCCCCQLrDtttvK zJkz059gDQIIIIAAAgiEUkBHVf3Pf/4TyrpTaQSCKqDfq+hIwywIIIAAAvkJXHnlldb30/mV YmsEEMgmUKVKFZk7d262p1nvUYCAjkfAv/zlL/xP36MhxRFIFNAf8JcuXZq4ivsIIBBSAR1V p2rVqgRxQtp/ca/2cccdJ88++2zcGWg/AkUTqF+/vqxevbpo+2NHCCCAAAIIIFC5AhdccIHc d999lVsJjo5AxAQ2bNggtWvXjliraA4CCCBQeoEzzzxTpk6dWvoDcQQEYiKgAZ2tW7fGpLX+ N5OAjkdzO6BTvXp1admypce9URyB+AosWLBA1q9fb42wQUAnvq8DWo4AAggERcAO6FSrVk1a tWoVlGpRDwRCJ7Bo0SJZu3atENAJXddRYQQQQAABBHIKJAZ09t9/f2v01JwFeBIBBDIK6Peg OgqxLgR0MhKxEgEEEKhQwA7oaKhAz0tYEECgMIElS5ZYF9gR0CnMz20pAjpupbJsZwd0GjVq JCtWrMiyFasRQKAigT//+c/y6quvEtCpCIrnEUAAAQR8EbADOjpFm07jxoIAAoUJnHDCCfLU U08R0CmMj1IIIIAAAggEViAxoKOjp9asWTOwdaViCARZoGfPnjJ+/HirigR0gtxT1A0BBIIs YAd0atSoIb/++muQq0rdEAi0wDnnnCNTpkyxwveMoFO6riKg49GWgI5HQIojUC5AQIeXAgII IIBAkAQI6ASpN6hLmAUI6IS596g7AggggAAC2QUI6GS34RkE8hEgoJOPFtsigAACmQUI6GR2 YS0C+QoQ0MlXrLDtCegU5uaUIqDjUHAHAU8CBHQ88VEYAQQQQKDIAgR0igzK7mIrQEAntl1P wxFAAAEEIi5AQCfiHUzzfBMgoOMbNQdCAIEICxDQiXDn0jRfBQjo+MNNQMejMwEdj4AUR6Bc gIAOLwUEEEAAgSAJENAJUm9QlzALENAJc+9RdwQQQAABBLILENDJbsMzCOQjQEAnHy22RQAB BDILENDJ7MJaBPIVIKCTr1hh2xPQKczNKUVAx6HgDgKeBAjoeOKjMAIIIIBAkQUI6BQZlN3F VoCATmy7noYjgAACCERcgIBOxDuY5vkmQEDHN2oOhAACERYgoBPhzqVpvgoQ0PGHm4COR2cC Oh4BKY5AuQABHV4KCCCAAAJBEiCgE6TeoC5hFiCgE+beo+4IIIAAAghkFyCgk92GZxDIR4CA Tj5abIsAAghkFiCgk9mFtQjkK0BAJ1+xwrYnoFOYm1OKgI5DwR0EPAkQ0PHER2EEQiVgGIas Xr1att9++1DVm8rGS4CATrz6m9aWToCATuls2TMCCCCAAAKVKUBApzL1OXaUBAjoRKk3aQsC CFSWAAGdypLnuFETIKDjT48S0PHoTEDHIyDFESgXIKDDSwGB+AiMHTtWhgwZInfeeaecccYZ 8Wk4LQ2VAAGdUHUXlQ2wAAGdAHcOVUMAAQQQQMCDAAEdD3gURSBBgIBOAgZ3EUAAgQIFCOgU CEcxBFIECOikgJToIQEdj7AEdDwCUhyBcgECOrwUEIiHwDfffCOtW7eWtWvXWg3WH27vuece adKkSTwAaGVoBAjohKarqGjABQjoBLyDqB4CCCCAAAIFChDQKRCOYgikCBDQSQHhIQIIIFCA AAGdAtAogkAGAQI6GVBKsIqAjkdUAjoeASmOQLkAAR1eCgjEQ2Djxo0yfPhwufnmm+XXX3+1 Gl2/fn0ZOXKkXHjhhVKlSpV4QNDKwAsQ0Al8F1HBkAgQ0AlJR1FNBBBAAAEE8hQgoJMnGJsj kEWAgE4WGFYjgAACeQgQ0MkDi00RyCFAQCcHThGfIqDjEZOAjkdAiiNQLkBAh5cCAvES+OST T6xAznvvvec0/KijjpIJEybIXnvt5azjDgKVJUBAp7LkOW7UBAjoRK1HaQ8CCCCAAAK/CRDQ 4ZWAQHEECOgUx5G9IIBAvAUI6MS7/2l98QQI6BTPMteeCOjk0nHxHAEdF0hsgoALAQI6LpDY BIGICWzZskVGjx4t1113nWzYsMFqXZ06deSGG26QAQMGSLVq1SLWYpoTJgECOmHqLeoaZAEC OkHuHeqGAAIIIIBA4QIEdAq3oyQCiQIEdBI1uI8AAggUJkBApzA3SiGQKkBAJ1WkNI8J6Hh0 JaDjEZDiCJQLENDhpYBAfAXmz58vZWVlMmPGDAehQ4cOMmnSJGnTpo2zjjsI+ClAQMdPbY4V ZQECOlHuXdqGAAIIIBBnAQI6ce592l5MAQI6xdRkXwggEG2zWc4AAEAASURBVFcBAjpx7Xna XWwBAjrFFs28PwI6mV1cryWg45qKDRHIKUBAJycPTyIQeQHDMGTixIkycOBAWbNmjdXemjVr yqBBg2Tw4MFSq1atyBvQwGAJENAJVn9Qm/AKENAJb99RcwQQQAABBHIJENDJpcNzCLgXIKDj 3ootEUAAgWwCBHSyybAegfwECOjk51Xo1gR0CpUrL0dAxyMgxREoFyCgw0sBAQRUYOnSpdK7 d2958sknHZDWrVtb4Z1DDz3UWccdBEotQECn1MLsPy4CBHTi0tO0EwEEEEAgbgIEdOLW47S3 VAIEdEoly34RQCBOAgR04tTbtLWUAgR0Sqn7+74J6PxuUdA9AjoFsVEIgTQBAjppJKxAINYC U6dOlf79+8uKFSssh2rVqkm/fv1k2LBhUrdu3Vjb0Hh/BAjo+OPMUaIvQEAn+n1MCxFAAAEE 4ilAQCee/U6riy9AQKf4puwRAQTiJ0BAJ359TotLI0BApzSuqXsloJMqkudjAjp5grE5AlkE COhkgWE1AjEWWLlypQwYMEAmT57sKDRv3lzGjx8vRx99tLOOOwiUQoCATilU2WccBQjoxLHX aTMCCCCAQBwECOjEoZdpox8CBHT8UOYYCCAQdQECOlHvYdrnlwABHX+kCeh4dCag4xGQ4giU CxDQ4aWAAALZBJ577jnp1auXLF682NqkSpUq0r17dxk1apRsv/322YqxHgFPAgR0PPFRGAFH gICOQ8EdBBBAAAEEIiVAQCdS3UljKlGAgE4l4nNoBBCIjAABnch0JQ2pZAECOv50AAEdj84E dDwCUhyBcgECOrwUEEAgl8C6devkqquukrFjx8rWrVutTRs3bix33XWXnHzyybmK8hwCBQkQ 0CmIjUIIpAkQ0EkjYQUCCCCAAAKRECCgE4lupBEBECCgE4BOoAoIIBB6AQI6oe9CGhAQAQI6 /nQEAR2PzgR0PAJSHIFyAQI6vBQQQMCNwMyZM6WsrEzmzZvnbH7qqafKmDFjZJdddnHWcQcB rwIEdLwKUh6B3wQI6PBKQAABBBBAIJoCBHSi2a+0yn8BAjr+m3NEBBCIngABnej1KS2qHAEC Ov64E9Dx6ExAxyMgxREoFyCgw0sBAQTcCvzyyy9yww03yMiRI2Xz5s1WsYYNG8qtt94q3bp1 E50CiwUBrwIEdLwKUh6B3wQI6PBKQAABBBBAIJoCBHSi2a+0yn8BAjr+m3NEBBCIngABnej1 KS2qHAECOv64E9Dx6ExAxyMgxREoFyCgw0sBAQTyFZg7d67ol8J6ay9dunSRcePGSbNmzexV 3CJQkAABnYLYKIRAmgABnTQSViCAAAIIIBAJAQI6kehGGhEAAQI6AegEqoAAAqEXIKAT+i6k AQERIKDjT0cQ0PHoTEDHIyDFESgXIKDDSwEBBAoR0BF0Ro0aJUOHDhUdWUeXevXqyU033SR9 +/aVqlWrFrJbyiAgBHR4ESBQHAECOsVxZC8IIIAAAggETYCATtB6hPqEVYCATlh7jnojgECQ BAjoBKk3qEuYBQjo+NN7BHQ8OhPQ8QhIcQTKBQjo8FJAAAEvAvPmzZOysjKZOXOms5vDDjtM Jk6cKC1btnTWcQcBtwIEdNxKsR0CuQUI6OT24VkEEEAAAQTCKkBAJ6w9R72DJkBAJ2g9Qn0Q QCCMAgR0wthr1DmIAgR0/OkVAjoenQnoeASkOALlAgR0eCkggIBXga1bt8q9994rgwYNknXr 1lm7q1WrllxzzTVy5ZVXSo0aNbwegvIxEiCgE6POpqklFSCgU1Jedo4AAggggEClCRDQqTR6 DhwxAQI6EetQmoMAApUiQECnUtg5aAQFCOj406kEdDw6E9DxCEhxBMoFCOjwUkAAgWIJLF68 WHr16iXPPfecs8u2bdtao+m0b9/eWccdBHIJENDJpcNzCLgXIKDj3ootEUAAAQQQCJMAAZ0w 9RZ1DbIAAZ0g9w51QwCBsAgQ0AlLT1HPoAsQ0PGnhwjoeHQmoOMRkOIIlAsQ0OGlgAACxRaY PHmyDBgwQFauXGntunr16nLJJZfI0KFDpXbt2sU+HPuLmAABnYh1KM2pNAECOpVGz4ERQAAB BBAoqQABnZLysvMYCRDQiVFn01QEECiZAAGdktGy45gJENDxp8MJ6Hh0JqDjEZDiCJQLENDh pYAAAqUQWLFihfTv31+mTp3q7L5FixYyYcIEOeKII5x13EEgVYCATqoIjxEoTICATmFulEIA AQQQQCDoAgR0gt5D1C8sAgR0wtJT1BMBBIIsQEAnyL1D3cIkQEDHn94ioOPRmYCOR0CKI1Au QECHlwICCJRS4Mknn5TevXvL0qVLrcNUqVJFevToIbfccotst912pTw0+w6pAAGdkHYc1Q6c AAGdwHUJFUIAAQQQQKAoAgR0isLIThAQAjq8CBBAAAHvAgR0vBuyBwRUgICOP68DAjoenaMc 0DEMQ3799VepVatWXkpbt26VTZs2VVhuy5YtUq1aNVf71nrUrFnT1bZsFE4BAjrh7DdqjUCY BNasWSMDBw6UiRMnir7H6bLbbrvJ2LFjpWvXrmFqCnX1QYCAjg/IHCIWAgR0YtHNNBIBBBBA IIYCBHRi2Ok0uSQCBHRKwspOEUAgZgIEdGLW4TS3ZAIEdEpGm7RjAjpJHPk/iHJAZ+HChdK8 eXPRUQa22WYb609DMtWrV7fW2VoayNm8ebNs3LhRfv75ZyvUs++++8oXX3xhb5LxVqcYmT9/ vtSpU8f60/1WrVrV2lZ/ONWQj+7vl19+sfb/ww8/yA477JBxX6wMvwABnfD3IS1AICwCM2bM kLKyMus9yK7zWWedJXfccYc0atTIXsVtzAUI6MT8BUDziyZAQKdolOwIAQQQQACBQAkQ0AlU d1CZEAsQ0Alx51F1BBAIjAABncB0BRUJuQABHX86kICOR+coB3S+//57adasmWzYsCFvpYoC OhrAscM4bndOQMetVDi3I6ATzn6j1giEVUDf26677joZPXq06Ihuuuy4445WSOfss88Oa7Oo dxEFCOgUEZNdxVqAgE6su5/GI4AAAghEWICAToQ7l6b5KkBAx1duDoYAAhEVIKAT0Y6lWb4L ENDxh5yAjkfnKAd0lGb58uWyYsUKWbduncybN09GjhyZcWQcnRpEP5g3btxYtt12W2tEHA33 5FreeecdK/zzwQcfWD+Qfvvtt0mb6w+lAwYMkI4dO1o/mrZp08b1lFhJO+JBKAQI6ISim6gk ApETeP/99633r08++cRpmwYzdNqr3Xff3VnHnfgJxCGgo0E1HSmxdu3arjtYpx3VMjVq1HBd hg3jLUBAJ979T+sRQAABBKIrQEAnc9++/PLL8tJLL1nTKP/hD3/IvFElrQ1C3XS0dB2NvW7d uhUq6Kjq+rmjWrVqFW4b5g0I6IS596g7AggERYCATlB6wn09OC9xb+XnlgR0/NEmoOPROeoB nVSe559/Xv76178mrdbpr1atWmVNgZX0RB4P1qxZIyeffLK8+uqrVqkOHTrIs88+awVz8tgN m4ZYgIBOiDuPqiMQcgENHNx8880yfPhwa7pGbc52220nI0aMEP2iTMMILPETiFJAR78Af/fd d+XJJ58UDUgvW7ZMNBitAWxd9MvxJk2ayOGHH26d55100kkZvwTXMgcddJDstttuogFre9H9 60iHK1eudP5+/PFH5/4f//jHtPNHuyy30RcgoBP9PqaFCCCAAALxFCCgk97vej7ctGlT64LE Bg0ayJIlS6RevXrpG1bCmsqq22effSaTJ08W/U75f//7n6xdu9Zqfc2aNa3PFRpi0u/XTz31 VKlevboj89FHH8mhhx4qf//73+XRRx911kfxDgGdKPYqbUIAAb8FohjQ0ZlI9HvrWrVq5cWp 39Nt2rQpYzl9Tr/rzuf77kLrkavSnJfk0qnc5wjo+ONPQMejc9wCOh9++KH1w0wi2y677GL9 0JO4rpD7b775pvXDkJadPn266Jf5LPERIKATn76mpQgEVUC/OLzwwgutAINdRw0WTJw4UVq0 aGGv4jYmAlEI6OgoiBo+mzJlijUiotuu06lKb7zxRutL8sQP7BrS1i/WdZRDnQrVXt566y3p 3Lmz/TDt9v/9v/9nfSmf9kSGFbNmzRI9J9RRGbUPdthhhwxbsSpMAgR0wtRb1BUBBBBAAAH3 AgR00q3uvPNOufjii50n7rvvPunevbvzuDLv+F03Hf3mhhtusEZj37x5c4VN33PPPa3t9bOD /nioI6rPnj3bCum8/fbbFZYP8wYEdMLce9QdAQSCIhDFgM7ChQulefPmVphGB0rQPw24aqA1 8fs6fd/U99qNGzeKjlSnoR79bu+LL75I654jjzxSXn/9dSu8o/vT8I/ur2rVqs62Gsix96f7 1Pd0XacX5xXrezrOSxzuwN0hoONPlxDQ8egct4DOxx9/LG3btk1S23XXXWXp0qVJ6wp5oIlJ /cFHF51Oa5999ilkN5QJqQABnZB2HNVGIGICW7ZskTFjxsg111wjP/30k9U6nf5nyJAhcuml lyZd0RexptOcFIEwB3R0ZJxRo0bJbbfdJuvXr09qmX7x3aVLF9ErVfW+fgjXD+x6jjdnzhxr NEP90K1L+/btZdq0abLHHnvIvffeKxdddJG1Xj+M64dyeylWQEdDQdddd529W9GrjjWw07p1 a2cdd8InQEAnfH1GjRFAAAEEEHAjQEAnXUlHm9SLG+1Fz7nfeOMN+2Gl3vpZNx21s1u3bvLl l19abdYfAPv06WOF+vV75YYNG8rixYvl66+/ln/961/WhZp2iKdv377W5xT9/K2LjqJDQMei 4D8IIIAAAjkEohjQ0YvjmjVrZo3Ml6PpGZ/KFtDREbR1hOxClmIGdDgvKaQH/ClDQMcfZwI6 Hp0J6IgUK6CjQ5zWr1/f6hEd8lSToSzxESCgE5++pqUIhEFgwYIF0qNHD9G5cO2lXbt21mg6 Bx54oL2K2wgLhDWg88knn8iJJ55oDR+f2D1HHXWUXH755dZUU4lX2SRuo/f1y3T9UtyewkpH Shw9erToDzB2aC01oKNX5+iX73ou98orr1ij7+jVO/biZgSdDRs2WOeB9hfzdtmzzjrL+tLe fsxt+AQI6ISvz6gxAggggAACbgQI6CQrZRp1XLfQEMpee+2VvLHPj/ysm/7od8ABB1jT3Woz 9Ur98ePH5xyVVi/8/Mc//iEvvvhimgwBnTQSViCAAAIIZBCIYkBHm7l8+XJrVGy9GE8HNhg5 cmTGkXG6du1qfXenI1Jvu+22UqdOHSvck0qlv73q93i6P33PHjduXMb3X30vv+yyy2Tvvfe2 9qcj7ej5TLVq1VJ3mfdjzkvyJvO1AAEdn7jNK2RZPAgce+yxeomx0ahRIw97CU9Rc/5fq73a ZvvPDOgUpQFr1qxx9mm+SRRln+wkPAJ/+tOfrP4v1uspPC2npgggEFQBM2BgTJo0ydh+++2d 96caNWoYV199tWEO7RnUalOvIgn87W9/s/rdDKMUaY+l382///1vo27dus7rVc/VzA/lhjlN W14HN0eSMswP6IY5gk3Svuxzv4pMTjvttKRyZkCnwuN//vnnSWXsY5nBogrLRnUD/X+N+QWL YU4rFuomHn/88VbfmkH8ULeDyiOAAAIIIIBAsoAZqHDO38zpD5KfjOEjc2orx8M+l9Vbc3TW Stfwq276GfqYY45xHDp06GBs2rTJVfv1M0imepoBHVflw7yReXGQY2ZeuBDmplB3BBBAoNIE zjjjDOv/pfrdbZSX5557znnPsM83zJHqDDN0U1CzzYvt0van+zVHtC5of24KZXq/L8U5E+cl bnojfRv9Hlf7w7zAM/1J1hRNgBF0zFeZl4URdBhBx8vrh7K/CzCCzu8W3EMAgWAJLFu2zBpR 5PHHH3cqtt9++1mj6XTu3NlZx51oCYRtBJ0HHnhAunfvntQJOmzta6+9Zl3tkvSEywezZ88W fX/WkXESl9QRdBKf0/uDBg2SESNGOKvdjKCj82ObYbi0YXvND+3WCD7OzmJ0p2XLltZVUXrF cVlZWWhbzgg6oe06Ko4AAggggEBOAUbQ+Z1Hz2X13DtxGlj72aZNm4qO0Fq1alV7la+3ftbt zjvvFD1/18W8cEDmzp2bc+ScVAjzFw/REQCeffZZ5ylG0HEouIMAAgggkEMgqiPopDY50+gz Ovq1fn9d6FKvXj1n1Gx7H6UaAZDzEls4uLeMoONP3xDQ8ehMQIeAjseXEMXLBQjo8FJAAIGg C0ybNk369etnDS2qddUvWPv06SPDhw8X/SDDEi2BMAV0Xn/9denSpYvoh1x7adiwocycOVNa tWplryrodsaMGXL00UdL4pRVFQV0hgwZIkOHDnWO5yagoxtrqEfDPfaiQ/K+9957ooG4OC46 HLEOO0xAJ469T5sRQAABBBAIvgABnd/7SC/mOOWUU35fkXJPp24yR5ZJWevPQz/rplNf6NQZ upgjGcijjz6adyO/++472WOPPcQclckqS0Anb0IKIIAAArEUiEtA5+OPP5a2bdsm9bE5K4Xo dJGFLtttt5015VVieX0/b968eeKqotznvKQojCXdCQGdkvL+vvOijcUT0x0xxZUYxZqSiCmu YvqPqLzZTHEV7/6n9QiERWDlypXG+eefbw3xaJ5NWcM9ml8ehn4KmrD4+1nPsExxNX/+fMMM 46QNR2uOnFM0LjOYlrT/iqa4uv7665O2dzPFlV3ZOXPmGP/85z8N8+pbY+HChfbq2N0uWbLE MTQDOqFuP1Nchbr7qDwCCCCAAAJZBZji6ncanZZUPx+2a9fO0Cla7c+K9u1ZZ531+8Y+3/Or bp9++mlSu2+99daCW3ruuec6+2KKq4IZKYgAAgjESiAuU1x99NFHznukfZ7h9Tda8wK5tH2a AZ2SvH44LykJa1F3yhRXReXMujNG0DH/D+ZlYQSd4IygY87RKx988IHolRarVq2yurVZs2ay 5557WldeVK9e3bqyfMqUKdK+fXtp06aN667X4eH++9//WinU9evXS/369a30aKdOncSch8/1 fuwN9SoQHfa2Vq1asuOOO9qrnVvzRxn55ZdfrHrXrFnTWR/lO4ygE+XepW0IRE9Ar4Ds2bOn mAECp3HdunWT2267TXTkEpbwC4RlBB17+qBE8UKvVk3cR+J9PffRq2FXrFhhrS7VCDqJx4z7 /Ztvvlmuuuoqi4ERdOL+aqD9CCCAAAIIBFOAEXR+65fly5fL7rvvLps3b5a77rpL9Cr08847 L6nTttlmG2vqiQYNGiStL/UDP+v21FNPiX42sZd77rlHLrroIvthXrc6imbHjh2tMoygkxcd GyOAAAKxFWAEneCPoMN5STj+eTKCjk/9lDW6wxOuBBhBp/JH0HnuuecMM9xh1KhRIy3laf4z stbtvPPOxjXXXGMcfvjh1mPzA6Or/n3kkUcMM4STNFKCvU+9NT+AG+ZUDIZeJZJtuf/++w19 nehVNDrKgjkNilNPcx5qp5heKW2eRCRdBW+Gc4xevXoZZljH2S6qdxhBJ6o9S7sQiK7AunXr jP79+xvmVFfO/9f1/eaxxx6LbqNj1LIwjKDz6quvOq89+/zEDP8aCxYsKHpPDR482DlWKUfQ KXrFQ7jDLVu2GOYwwo43I+iEsBOpMgIIIIAAAjEQYASd3zr5lltusc7b9Dz8xx9/NMxwu5Hp SvSxY8f6/qrws24TJ050zl/1s4l5QYun9h5wwAHW/hhBxxMjhRFAAIHYCDCCTuFdnem8pRQj 6HBeUngf+VmSEXT80RZ/DhPdoxDQqbyAjnllitG9e/ekD3+dO3c2evToYdx0002GDqV66aWX Gvvtt1/SNvohsUuXLjlflPqB2n5Dt3/wMq+AMcyr6a2pTf74xz8a5og8Sfu94447Mu5Tf7y1 95F6W7duXauMeZVJUnAndTtzVIaM+47SSgI6UepN2oJAvATefPNNo2XLlkn/rz/ppJMMc+7f eEFErLVhCOgcdNBBSa87PX8o1TnDokWLnDAaAZ3Svtg1IJ54LkhAp7Te7B0BBBBAAAEEChMg oPObW6tWraxzt9NPP92BTLSxz+sOOeQQ53m/7vhZt//7v/9LOoc1Rx83vv3224Kb2rdvX2t/ BHQKJqQgAgggECsB+/c8vZA/ykuYp7jivCQcr0wCOv70EwEdj84EdCovoGNOI+J88DOnqzLe fvvtrL2pYR1zKipn+1wBnVdeecVo0qSJs62OjKBXfZjTOiTt//PPP7dG17E/aOvtqFGjkrbR B48//rhVXkftqVOnjrNf3V4DOua0XNatPtYP6zNnzrRGBErcrzkUbuRH0SGgk/bSYQUCCIRI QEc605HaEkdzM4cvN/Qqwq1bt4aoJVTVFgh6QGfOnDlJ5xT2ecO0adPsJhT99uCDD7aOSUCn 6LTODvU8VM/77P7UWwI6Dg93EEAAAQQQQCBAAokhFHMq9wDVzL+qvPvuu8552/PPP+8c+I03 3nDWJ57XffbZZ842pb7jd91mz56d1uZTTjml4M/DEyZMsPano6FHfdGLTe3XyYYNG6LeXNqH AAIIlESAgE7hrH6MoMN5SeH943dJAjr+iBPQ8ehMQKdyAjo6HZQddtGQi5vh1hKHWs0W0Jk/ f76zX/1gpKGeBx54IOurZNmyZcaOO+7ofIjSMtOnT8+6/Ycffuhcfa7b1q5d29Bwkd5v3bq1 sWbNGqts+/btk/apo/XYz2XdecifIKAT8g6k+gggYAno/+dT/x+u0zDq+wtLuASCHtDRQJie PyT+aUBs7dq1JYPu16+fdTw/Ajp63qP/bvScr5BFr9Z9+eWXjQcffNC4++67jcmTJxs62lWh gTmdduqHH34w5s2bZ01dkKlOmzZtsp5fvHhxQcd5+umnndB2Yr8S0MmkzToEEEAAAQQQqGwB AjqGNS29nrfphX56vpi47L333knn6rrdwIEDEzcp6f1evXpZx/erbhos0dHHE89j9b5esFjI ZxQ9n9eR0/U8PuoLAZ2o9zDtQwABPwQI6BSu7EdAh/OSwvvH75IEdPwRJ6Dj0ZmATuUEdB56 6CHnA5/bIWL1B5nmzZtb5bIFdOyQiP1hUj8IVrRoIMfeXm8PO+ywnEV23nnnpO21zE477WQs XLjQKXfVVVclbXPiiSc6z0X1jm2/6667RrWJtAsBBGIioD/S65y6GsK03x80TKojv+n0jCzh EAh6QMceFtZ+jentUUcdVVLcqVOnWq/pit6rr7/+eue1r/XSD3bZFv2yXqeE0+lDNays50mJ I1HlKptpnzo9VKdOnZJGTkw02n333Y1BgwYZn376aabi1rqPP/7YOP74461zun322cfQQJKO qGjvJzEwoyHxsrIy48ADDzRq1qzpbKP//vfff39Dh+bXqVOzLV999ZWhwadM05XZx9N967lg pj+d1jXoi1pqW3SaAxYEEEAAAQQQiI5A3AM6GkjRUVP1PGfw4MFpHXvjjTc654b2ed0uu+xi 6OfFUi+VVTc9L7bbmnjbtGlTQ89bvUx5VWqzytw/AZ3K1OfYCCAQFQECOoX3ZKkDOpyXFN43 lVGSgI4/6gR0PDoT0KmcgM6VV17pfODTqzNSp5/K1q1XXHGFVS5TQMceOtX+AFmtWjXXHxw1 lGOX09tc023pDz2J2+r91Kmx9MO6rjv11FOtH3m/++67bE2KzHoCOpHpShqCAALlAl9++aVx xBFHJP0/v2PHjjmDAeAFRyDIAZ1Vq1Ylva7s8wqdkrOUy+rVq60fHzQonWvJJ6Dz/fffZ2yL 3Sa3AR0Nwdhfxthl9RzxuOOOM84//3wrAKQjEtrP6e0dd9yRsRkvvPBC0naJZfS+BnQ0bKft TJyOqlatWtbV04nTqur2GsTW0XEyLU8++WTOY6UeO/WxXpEc9IWATtB7iPohgAACCCBQmEDc Azr/+te/nPM4/eyXuixatCgp5G2fxz311FOpmxb9cWXVTdtcr149x8Vus32rofe2bdsavXv3 NqZMmWLo9iyGQUCHVwECCCDgXcD+Tkgv+ory8tFHH6W9z1Z0IV1FHqUO6HBeUlEPBOt5Ajr+ 9AcBHY/OBHQqJ6CT+sNPu3btjPfff7/C3rz//vutN6+TTz45aduffvrJuqrX/sCotzolidvl uuuuS3pTvPzyy7MW3XfffZO21Q+n33zzTdbt4/IEAZ249DTtRCBeAjp627333ps01LeOsjFk yBBj48aN8cIIWWuDHNDR0V8Sz1ns+3o+EoQl9TwtV8hm/fr11ggyGqLZc88909qVq6zd1lde ecUKxtgOem6lYaXUAPfnn39uja5jb6e3qSFp3ecXX3xh/Wigx9YvORK31/vjxo0zLrjgAme9 fh6YPXu2czW0Bqg0ZJ1YrmHDhhlH0tEps/T/B4l/qV+MaBA88fnE+3PnzrUZAntLQCewXUPF EEAAAQQQ8CQQ94DOMcccY53vHX744Vkd9bvFxHNCvZ/6nWTWwh6eqMy6PfDAA2ltTjVIfLzb brsZZ555phWCL2QqLA9MgSlKQCcwXUFFEEAgxAIEdArvvNTvofR9WkeMLtbCeUmxJP3ZDwEd f5wJ6Hh0JqBTOQGdbFc26w8AOrWBTk3w66+/pvWujkzz7LPPGsuXL096LnWaKn0D0ulJ3C6v v/560ofPXB+2UwM6pZ6Owm0bKns7AjqV3QMcHwEESimwZMkSo2vXrknvFTr9zbvvvlvKw7Jv DwJBDui8+OKLSa8l+wvuu+66y0OLi1c0n4BO4lG3bNmSNtVTRQGd+fPnG3Xq1HE8dPQa/VEg 27Js2TJjxx13dLZXOz0PzLZokG7vvfdO2r5Zs2bWYx0xR887My06wk7Lli2Tyl122WWZNk1b lxoKSpxSK23jEKwgoBOCTqKKCCCAAAIIFCAQ54BO4ug4kyZNyqo3efLkpPNBPffUCzZ0FMlS LUGo24gRI7JOOWt/dsl0qz8Q9unTx9BgfZwWAjpx6m3aigACpRKIc0BHRw1q3759wX+Z3pOL FdDhvKRUr/jS7ZeATulsE/dMQCdRo4D7BHQqJ6Czbt06Q+dtzvTGYa/TN6WDDjrI0B9DXn75 5ZwjFfTt2zdtX9OmTbOmL9AfWCr60zmU7ePqrR4325Ia0Mk12k62fURxPQGdKPYqbUIAgVQB HdKzUaNGznuGTqd46aWXGjqSG0uwBIIc0HnwwQed11Di+cfUqVMDgVhoQEcrf/HFFye1raKA jn3+YDt07969QoPUYLaOUJNrSfzxyT6O3t5+++25ihnDhg1LassBBxyQc3v7SQI6tgS3CCCA AAIIIBBkgcRzpLiNDnrjjTda53l169Y19DvKbIt+ztNpVxPPIfX+6NGjsxXxvD4oddPvVVOD 8akO2R5riClX6N4zUsB2QEAnYB1CdRBAIJQCcQ7oZHs/9bK+WAEdzkvC98+JgI4/fUZAx6Mz AZ3KCehotz399NMZ53LO9qaz8847G3pVi16dnbrYV/ZmK5vv+t133z31EM7j1IBORT/uOAUj fsf+gc3rfJkRZ6J5CCAQAQG9WvLss89O+pJ2r732MnSaHpbgCAQ5oJPpSlw9V8k2movfql4C OqnThuYK6EyYMCHp35EG3jQ07WbRUE7i+d3bb7+dtdgll1yStK2W088AOoVdruU///lPUrl6 9erl2tx5joCOQ8EdBBBAAAEEEAiwQFwDOnoOqJ/f9JywW7duFfbQhRdemHROqOUOPPDACssV skHQ6qbT2d5xxx2GnnvrNLSJ599u7g8dOrQQhtCVIaATui6jwgggEECBOAd0GjRoYEycOLHg v2222SbtPboYAR3OSwL4D8VFlQjouEAqwiYEdDwixi2go1NHpX6A2mmnnTwq/lZcp52y971g wQJX+3zqqaeMxo0bO+Xs8rlu9UPhmjVrkvbfoUOHtH3oCD2tW7fO+69t27bGgAEDkvaf+CA1 oPPYY48lPh3b+wR0Ytv1NByB2Apo0FQDnfZ7lk7No1/erlq1KrYmQWp4kAM6M2fOdF439utH b/XL7yAsXgI6bsvq1cj169dPcvjzn//suvmpQaBcIxrqKFeJznr/mWeeqfBYs2bNSiu3cuXK CssR0KmQiA0QQAABBBBAIAACcQ3ovPHGG8453muvvVZhT2Q6J9Tzyblz51ZYNt8Nglw3vVBF vwPt16+fFVByE9jRz8gvvPBCvgyh256ATui6jAojgEAABeIc0PF60btOMZn6vVcxAjqclwTw H4qLKhHQcYFUhE0I6HhEjFtAJzFEY/8PW69WzjQqTb60H374ofMmkM+Pk6tXrzZGjRplTSvl 5sOd1lvDIL/++qtTxY4dOzrHttv19ddfO88X805qQEdDRiyG1Sdq7/VkAksEEEAgTAIaGO3V q5ehXzza7z/6/0EdeYOlcgWCHNBZsmSJ83qxXzd6O3jw4MpFKz+625BNpsq6LZs6TZW2/5Zb bsm0y4zrXn/99STDk08+OeN2ujJTQGfZsmVZt7ef+OCDD5KOoXV0U46Aji3ILQIIIIAAAggE WSCuAR2dUlXP6/bcc88KR1S0+69FixZp54X9+/e3ny7abZDrltpI/T5XQ++DBg0y9GJHNc30 pxdmrl27NrV4pB4T0IlUd9IYBBCoJAECOoXDlyqgw3lJ4X1SmSUJ6PijX0UPY578shQo8Je/ /EXMJL80atRIVqxYUeBewlWsTp068vPPPydV2rwKQsx5hZPW5fvA/KFFTjzxRDGHU0vbv9t9 mR/uZM6cOWKGfcT8UUTMK8zF/BErY/H77rtPzDcI6znzzVvMqziStnvnnXfEDO4krSvGg/32 20/mzZvn7MoM6EjXrl2dx3G9Y171Lq+++qqYP0rJ0qVL48pAuxFAIKYC5hUFYo6eI1999ZUj cPrpp8udd94p5hSNzjru+Cdw3HHHybPPPis77LCD/PDDD/4d2MWRzCFirfOlTZs2JW2tryFz 2qekdZXxYMiQIWIOR+8c2vxgJ+a0XM7jXHfcljWvvJW77roraVfTpk2zziWTVmZ5oOftes5h LwcddJB1Dmk/Try97LLL5LbbbnNWmT8SiDmVlvM42x09J23Xrl3S02ZAR8xRGpPWpT5o0qRJ 0v7Hjx8vZWVlqZuF5vEJJ5wger5rjngkeq7OggACCCCAAALRELjgggtEv1vTZePGjVKzZs1o NCxHK8wpm0TPBfVWz/PcnqPddNNNad9P6veo+v1XsdyCXLccpM5T+l3pVVddJU888YSzzr4T 9vNhux3Zbnv27CnaRl02bNggtWvXzrYp6xFAAAEEsgiceeaZMnXqVKlRo4aYF+dn2Sr8q81Z TsQMtiY1xOtvatttt52sW7cuaZ/mCDrSvHnzpHX5POC8JB+tYG17zjnnyJQpU8S8oFj0O2iW Egn4kwOK7lHiNoKO9uT++++fdkXDe++957mTe/fube23TZs2Fe7rpZdeMo4++mjjxRdfrHBb HTLW/NLA0JF+zH9Gzt8hhxzilL3iiiuc9fY2pZp6ihF0HPakO0xxlcTBAwQQiKGA+UWcoe9H 1atXd96TzHCI8dBDD8VQo/KbHOQRdFTHDPw6rxP73OWII44oKZwZajF0alM9B8u1uB0FJ9M+ 3JY9/vjj09pvOxRyq9PNZVtSR9A58sgjs22atJ4RdH7jsPtKpyRjQQABBBBAAIHoCMRxBJ37 77+/qOegZsC8aC+IINctn0amfh7Qc/tDDz00n12EbltG0Aldl1FhBBAIoAAj6BTeKaUYQYfz ksL7o7JLMoKOPz3ACDrmWb6XJY4j6KRe2ax+N9xwg1x77bUFU2qida+99pJvvvlGzB8nZcSI ETn3ZV/JbP5AJGZYJ+e29pN6BcZZZ51lXdWj6/RqhJ9++slKAeooSNqXiYsew5w6K3GVq/s6 mpDuu169ehm3ZwSdjCzCCDqZXViLAALxE9AR4HQkFB0Nzl70PWrcuHHStGlTexW3JRYI8gg6 2nQ99zK/vE5SMMNdouchDRo0SFpfrAdmMFrMcLqYIR357rvvsu429VyxFCPomEFref/995Pq oCPT6IhH+S7qdtRRR8ntt9+esah93mk/aYaK5ZVXXrEfZr1lBJ3faBhBJ+tLhCcQQAABBBAI tUAcR9AxA/Gio5/q+bA5xVVe/bdo0SLR0RQTF/3M8fTTTyeuKvh+Zddt/vz5cs0118hpp50m 5vSxBbdDC5599tnyyCOPOPvQK7h/+eWXoo025Ow4IHcYQScgHUE1EEAg1AKMoFP4rBSlGEGH 85Lw/nNiBB2f+s6fHFB0jxLHEXTMD5RG1apVk64Yad++vadOvvrqq539vfvuuxXuS+dpNv+J WKMM/PjjjxVub29gTofgHEfL62gFumzZssUwf/RMeq5Vq1Z2Mde3s2fPNswPjYY5TULWMoyg k5mGEXQyu7AWAQTiKWAGV41hw4YZtWrVct6b9GoGc0of6z0rnir+tjroI+gsXrw47XxMz23+ 9a9/lQzKnHLNej2aQ+nmPEbqVa965YXbxW1ZcxpS59+Gtlv/vv76a7eHyWu71BF09JzFzcII Or8pMYKOm1cL2yCAAAIIIBA+gbiNoKPnmvqdn553mlN75d1hjz/+eNr5q472bU6dmve+UgsE oW4PPPCA1T4zdJRavbwfm2GfpJFl1dycDjrv/YSlACPohKWnqCcCCARZgBF0Cu+dYo+gw3lJ 4X0RhJKMoONPL4g/h4nuUeIY0NHeNK9kSPtQ+dxzzxXU0ebVz86HrvPPP9/VPuyAjn5Au/XW W12V0Y106Fgto3/mnNFJ5UaOHOk8Z29jXsWStE1FD0466SRrH4cffnjWTQnoZKYhoJPZhbUI IBBvgc8//9zo3Llz0vuTvsfoepbSCgQ9oKOtN0dWSnpt6PmLecVQyWC6d+9uHa9r1645j+E2 ZJNpJ27Lnn766Wltf+eddzLt0vO6oAZ03n77bWP06NHGjBkzPLexlDsgoFNKXfaNAAIIIIBA 5QnELaBjjg5jnX/WrVvXWLduXd7wehHGjjvumHYOa44inve+UgsEoW4TJkyw2rbPPvukVq+g x/b3hPZ3tObIRQXtJwyFCOiEoZeoIwIIBF2AgE7hPVTsgA7nJYX3RRBKEtDxpxcI6Hh0jmtA R0etadKkSdKHSnPqJmP9+vV5iZrDkxqtW7e29mMOD2usXLnSVfnEgE79+vUNc5oFV+US5z3s 0qVLUpnNmzcbnTp1SmqThmlWrVqVtF22Bxrmsa+kGTt2bLbNjBYtWiQdY/r06Vm3jdMT9gfv XXfdNU7Npq0IIIBAhQI6ypuOXGJOnei8f2yzzTbG8OHDDf2Sl6U0AmEI6DzzzDPOa8L+4lpH XSrFSDI66qCec+lxbrvttpzobkM2mXbitqw5JWpa2x977LFMu/S8LqgBHXN6WcugT58+nttY yh0Q0CmlLvtGAAEEEECg8gTiFNBJHHm7W7duBaNffPHFaeewLVu2LHh/WjAodbMDOjVq1CjK 59TE7371M0gpPuN4gi9iYQI6RcRkVwggEFsBAjqFd30xAzqclxTeD0EpSUDHn54goOPROa4B HWV79dVXk6be0A9LGrL4+eefXal++umnhk6NZf+g9Oijj7oqpxulfkjTK8jXrl2bs/xPP/1k 6FUc9vEmT56ctr1+2Eu9mkXbtHr16rRtE1c89dRTRoMGDax9m3MrZp1+ZOvWrYY5n6NTB63L uHHjEncV2/sEdGLb9TQcAQRcCixcuNCwzzvs97IDDzzQ0Gl0WIovEIaAjrb63HPPTTqv0NfG CSecUHQQe8h63b9Od5prcRuyybQPt2Wff/75tHZfdtllmXZZ4boVK1bkvAqagE6FhDk3IKCT k4cnEUAAAQQQCK1AnAI6L730knPu6WX0wg8//NDZj/2ZTm+9jAQZlLrZAR1tj07n5XUZOHCg Y6UXCuh3qlFdCOhEtWdpFwII+ClAQKdw7WIGdDgvKbwfglKSgI4/PUFAx6Oz/UNZo0aNPO4p nMX1Q2lq4GT//fc33n333awN2rRpkzFs2DCjZs2azgctt1Nb2TtNDejohz8d7eaTTz6xN0m6 nTNnjvGHP/zBOZ7+6JZtmTdvntG8eXNnW933HnvsYX241LonLt98841x0UUXOdvuvPPOxuLF ixM3MXQbncZL35jKysqcbXW/+qcjxuj0BC+//LLl9vHHHyeVj8sDAjpx6WnaiQACXgU0KNGw YUPn/aR69erGlVde6Tog6/X4cSkfloDOmjVrrPMU+7zCvi106tFM/fvVV185QeSTTz450yZJ 69yGbJIKlT9wWzbxihy7za1atcq0y5zrZs+ebY2AeNBBB2Xdzu+ATuoolffee2/Gul1++eXW /wf69u2b8fmgrCSgE5SeoB4IIIAAAggUVyBOAZ2zzz7bOu/S7wu9BkX0vNM+f7Vve/bsWXDn BKVuiQEd/b7c6/LXv/7VcdKLIaO8ENCJcu/SNgQQ8EuAgE7h0sUM6HBeUng/BKUkAR1/eoKA jkfnuAd0lO+jjz4yOnbs6Hxosj9caiDm5ptvNp544gnj2WefNf75z38ap556qrHbbrslbavz Eeb74TYxoLPDDjsY1apVc/ap+z/ppJMM/TFF3wwOOeQQZ+oprZv22bJly3L2vD5/3nnnJe1X y2oQS0fr0Tf7gw8+2DmmPqfrly9fnrbfxLraNrludS7rOC4EdOLY67QZAQQKFdD3m9NOOy3p fUhHiXvjjTcK3SXlUgTCEtDRar/22mtG1apVk14POrKfBpS9LuvWrXOmI9Xh6r/88ssKd+k2 ZJNpR/mUHTlyZFKb9fxKpxzNZ9FzRi13+OGHZy3md0Cnbdu2Se3S8+lMy+mnn25td8MNN2R6 OjDrCOgEpiuoCAIIIIAAAkUViEtA5/vvvzd0imE9Z9RzVa+LTl+c+r2gjhCjU8rmuwSpbokB HW3fiBEj8m2Os72Okp54UYpObxvlhYBOlHuXtiGAgF8CBHQKly5WQIfzksL7IEglCej40xsE dDw6E9D5HfCZZ55JmrIq9cNm6uMOHToYb7755u87yOOefcWwhmT0yvFZs2YZnTt3TvuAm3jM vfbay3jsscfyOIph6Gg655xzTtJoP4n71PtNmzY19MN1tpDR2LFjDf1BSz9sN27c2BqdZ++9 9zZatGhh/Wm9dB8a/qlTp45Rr169vOoYlY0J6ESlJ2kHAgj4KaAhWB2JzX5v0pCGjuym740s 3gTCFNDRlk6bNi1t6lGdtjPb6IJudPTcRkfMsV9fbr9k1/C1XUZvzzrrLDeHs7ZJLath62zL 5s2bjU6dOiUdS0dUXLVqVbYiSes1zFOlShWrvJ6vZVsGDBiQdIwjjzwy26ZJ63UExUQHvb90 6dKkbTI9sENDdln9kinT0rp1a2v/U6ZMyfR0YNYR0AlMV1ARBBBAAAEEiioQl4BOYlj77bff 9mz4ww8/ZPyecfLkyXnvO0h1Sw3o6Hl2IW1ShH79+jnn0Xphpk5JG+WFgE6Ue5e2IYCAXwJx CejMnTvXeY+0vzfaZZddPDHroAH2vuzbr7/+Ou99cl6SN1kgCxDQ8adbCOh4dCagkw74/PPP G0OGDLFGmdErgGvXrm39+KEBFB3G9ZJLLjFmzpyZNdCSvsf0NXr1tv5ItHLlyqQn9U3jySef NO666y5rGq2HH37Yml5Kr7zwsujUVhrWmT59uqFXa99yyy2G/hiiP7xkC+Z4OV4cyxLQiWOv 02YEECiGgIYRLrjgAidooB+kdt99d0ODsyyFC4QtoKMt1RGUdOQc+8O03mr49/bbbzd0Sqh8 ls8//9zo2rWrsy8dWdDtcuGFFzrltA5HHXWU26JGalkd2j7Xoud+GkRKbLOeU6xevTpXMeOp p55yrHTI/Fw+Z555ZtL+99tvv5z7tp/Uc9LEeun9Dz74wH46662e4yaW06uH9SqkxOX11193 tvnss88SnwrcfQI6gesSKoQAAggggEBRBKIe0NHzwzFjxjjnXHp+pmHyYiyZprnSixA1gO5m CWLdUgM66qUXLOqFBPksr7zyStLooPrdbtQXAjpR72HahwACfgjEJaCjF5slfmek92vVqmX8 9NNPBTHr98qp+9PH+r2T24XzErdS4diOgI4//VRFD2P+Y2MpUMCc1kheeOEFMcMnYqb5C9xL tIvpS8z8H7RUr1492g2ldZ4E/vznP8urr74q5kgQYl5d7mlfFEYAAQTiKGB+kSnmF3vyv//9 z2m+eUIto0ePFjPA4KzjjjuB4447TswpOsW8YlPMq1zdFQrAVmZYQ0455RQxg8VJtTGn/BRz BEI58cQTxfyiPOm5xAdmEETMoLWMHz9ezB8IrKf0dWWGn7OWM4fjly+++EJ++eUXMac+tY6j 6+zFHNlJbrzxRjGnPxUzMCR77rmnbL/99tbTFZXV80dzmlTR+mvZdu3aiXk1rr1r69YMboue ky9YsMBZv8cee4gZTBIzHJJ0DqrnGDfddJOYI+ZY2+68885iBq7FDLU5Zc1pvUT3qe0xAzUy cOBA+fXXX53n9c6VV15pHdMcBtgqu9NOO1nPmyMWyc8//yyLFy+WYcOGWR6JBf/4xz+KeUWR db6jZc2wT+LT1n0zWC5afzNk5DxnTmclEydOFC2j++7SpYvVx2aQTMwwnrNdEO+ccMIJYgai xBxNMqlNQawrdUIAAQQQQAAB9wLmRQJy3333WQU2btwoNWvWdF84oFsuWbJE3n33XTFD4PLo o4+mnctptc2phq2/jh07ijkitquWLFu2THTf3377rfUZQ8/rMn0lbwbNpXv37tZ+zRG2Zbfd dhP7PDPIdVMEbVNZWVlGDzOQJOY0VZZbtWrVMm6jnz30/Fn/9HtkXcywvuWVsUCEVvbs2dP6 /KVN0s9H5sWuEWodTUEAAQT8ETAvrpKpU6da312lfofjTw2KfxRth3kBneh5ln5Xpd+96fe8 ep6Suuj3RHoOYY6mY313ZI6Kk/E7J3PQA1m4cKG1P/2OzAzYihnGSd2dtGzZUi6++GIxZwOx 9meGgGT//fcX+32c85I0ssisMGeVEXOACuv7V3OAisi0K3AN0YAOS+ECjKBTuB0lEUgUYASd RA3uI4AAAoUJrF+/3hqpzvyw5Fz9YH6hazzyyCOF7TDGpcI4go7dXXrlrV5pqtM9mR8+kv50 2Ntu3boZ48aNM2bMmGGNamj+sGJcdtllhhlyMRLnndYhbnVUwooWnbI09Ti5Hj/00EPOLvMt a3454ZRNvGP+6GHoKD+Jr32tg47gqO3SK6n0quTEeun65cuXJ+7Gum+G75O2SyyT6X7i1F+p o/lk2t5ed8ABB6Qd216hozaaP3Il1UNHpTz00EOdPtL+cTMij73PyrplBJ3Kkue4CCCAAAII lFYgiiPoDB48OOn8yz5vy3RrBrZdA+ez38RjmUF15xj57MPvumklE0fQ6dChg6FTcLRp0ybJ s3nz5oaOFqPt0s+o+nnk/vvvN/r27Wu0atUqadtevXoVPBqAgxaSO4ygE5KOopoIIBBogSiO oGNeiJb03ph4jlDRff1OMNOS+t5c0X4Sn9dpOu2F8xJbInq3jKDjT58ygo75fxcvi16tywg6 XgQpi8BvAoygwysBAQQQKJ6AXvWpV7TqaCr2oiOJ6KghTZo0sVdxm0MgrCPoJDZJrzzVK3/1 KlS9ysbtoiPs6Ovn+uuvt668qajcW2+95YyOo6Pc6BWfOvKNjpxjfqSxroDVUWXM4XbFnDbU GjGvU6dO1m5Ty2p5Lauj5OhVGnolrV4xpGX1aiG9aijXCEA68o2O1vPYY4+ljXpjt0OvdNbR hMwfAtJG49FtXnzxRetqXa2LXnGk7dErhLRO2h6tl46uo1e3ar10RB69IlgXc7osa0QeLat/ Wld10EXLafu1jJbV0YzMHyas5zL9Z9asWWIGp+S9995Le1pHHNRRaczQUdpzQVvBCDpB6xHq gwACCCCAQHEEojiCztVXXy3m1Paio9foeaCOCmSf0+q5nJ6L2udyesW5GXx3hTl58mTrqvZt ttnGOrfUq9DtfdujQ9rnzXoMPVfUPx0JQM8ZdQly3bR+9gg6ei6vo1CaYXTL684777Q+hyaO dqnbZ1saN24skyZNss7Hs20TtfWMoBO1HqU9CCBQGQJRHEFHR1Zu3bq1mNNQOecPeg6h31HZ 3zWptf19k55D6PdV+h2cfq/5+OOPp3WFjs6nI4UnnpPY3+HZG+v+9DvFxP3pyDz//e9/rXro dpyX2FrRu2UEHX/6lICOR2cCOh4BKY5AuQABHV4KCCCAQHEFNNQwfPhwa3ogva+LTjFzyy23 WEOP218EF/eo0dlbFAI6dm/oB2sNe8ycOdP602nQ9MO4ftDX14FOgaaBD51uScMUOpR8gwYN 7OKhvNVgj7ZTg0ka2tEfPDScts8++2ScJivIjdT6a5Dpu+++E/0iRsNNGszJFVQKUnsI6ASp N6gLAggggAACxROIYkCneDrx29PLL79sTQGrU8FqgD1x0c8jGoLXqe01fK7n6PpZRH/406CS /uhnjqAjf//738UcAcGZDjdxH1G+T0Anyr1L2xBAwC+BKAZ0/LKL4nE4Lym8VwnoFG6XT0kC OvloZdiWgE4GFFYhUIAAAZ0C0CiCAAIIuBD49NNPrdFQEkfhOPLII605hnUeYZbMAlEK6GRu oVhXw+hzeuUNCwKlEiCgUypZ9osAAggggEDlChDQqVz/IB5dQ/J6Fb7bRUeXtEfPdFsmitsR 0Ilir9ImBBDwW4CAjt/iwT8e5yWF9REBncLc8i1FQCdfsZTtCeikgPAQgQIFCOgUCEcxBBBA wIWADkt6xx13yLXXXmsNla5FdPqdoUOHyiWXXEJAI4NhHAI6GZrNKgSKLkBAp+ik7BABBBBA AIFACBDQCUQ3UIkICBDQiUAn0gQEEKh0AQI6ld4FVCAiAgR0/OlIAjoenQnoeASkOALlAgR0 eCkggAACpReYP3++9OjRwxpa3D5ahw4dZOLEiXLAAQfYq7g1BQjo8DJAoDgCBHSK48heEEAA AQQQCJoAAZ2g9Qj1CasAAZ2w9hz1RgCBIAkQ0AlSb1CXMAsQ0PGn9wjoeHQmoOMRkOIIlAsQ 0OGlgAACCPgjYBiGTJo0SQYOHCirV6+2DlqjRg0ZNGiQXH311VKrVi1/KhLwoxDQCXgHUb3Q CBDQCU1XUVEEEEAAAQTyEiCgkxcXGyOQVYCATlYankAAAQRcCxDQcU3FhgjkFCCgk5OnaE8S 0PFISUDHIyDFESgXIKDDSwEBBBDwV+Dbb7+V3r17y/Tp050Dt2rVyhpNp1OnTs66uN4hoBPX nqfdxRYgoFNsUfaHAAIIIIBAMAQI6ASjH6hF+AUI6IS/D2kBAghUvgABncrvA2oQDQECOv70 IwEdj84EdDwCUhyBcgECOrwUEEAAgcoReOyxx6R///7y3XffWRWoWrWq9OvXT2666SapW7du 5VQqAEcloBOATqAKkRAgoBOJbqQRCCCAAAIIpAkQ0EkjYQUCBQkQ0CmIjUIIIIBAkgABnSQO HiBQsAABnYLp8ipIQCcvrvSNCeikm7AGgUIECOgUokYZBBBAoDgCK1eulEsuuUQefvhhZ4fN mzeXcePGyTHHHOOsi9MdAjpx6m3aWkoBAjql1GXfCCCAAAIIVJ4AAZ3Ks+fI0RIgoBOt/qQ1 CCBQOQIEdCrHnaNGT4CAjj99SkDHozMBHY+AFEegXICADi8FBBBAoPIFnn/+eenVq5csWrTI qkyVKlXk/PPPl1tvvVW23377yq+gjzUgoOMjNoeKtAABnUh3L41DAAEEEIixAAGdGHc+TS+q AAGdonKyMwQQiKkAAZ2E6fAhAABAAElEQVSYdjzNLroAAZ2ik2bcIQGdjCzuVxLQcW/Flgjk EiCgk0uH5xBAAAH/BNatWyeDBw+We+65R7Zu3WodeJdddpG77rpLTjnlFP8qUslHIqBTyR3A 4SMjQEAnMl1JQxBAAAEEEEgSIKCTxMEDBAoWIKBTMB0FEUAAAUeAgI5DwR0EPAkQ0PHE57ow AR3XVJk3JKCT2YW1COQrQEAnXzG2RwABBEorMGvWLCkrK5MvvvjCOZAGdDSoo4GdqC8EdKLe w7TPLwECOn5JcxwEEEAAAQT8FSCg4683R4uuAAGd6PYtLUMAAf8ECOj4Z82Roi1AQMef/iWg 49GZgI5HQIojUC5AQIeXAgIIIBA8gV9++UVuvPFGGTlypGzatMmqoE51pVNe6dRXOgVWVBcC OlHtWdrltwABHb/FOR4CCCCAAAL+CBDQ8ceZo0RfgIBO9PuYFiKAQOkFCOiU3pgjxEOAgI4/ /UxAx6MzAR2PgBRHoFyAgA4vBQQQQCC4Ah9++KHoF/Bz5sxxKnnMMcfI+PHjpVmzZs66KN0h oBOl3qQtlSlAQKcy9Tk2AggggAACpRMgoFM6W/YcLwECOvHqb1qLAAKlESCgUxpX9ho/AQI6 /vQ5AR2PzgR0PAJSHIFyAQI6vBQQQACBYAts3rzZGjlnyJAhoiPr6FKvXj0ZNmyY9OvXT6pW rRrsBuRZOwI6eYKxOQJZBAjoZIFhNQIIIIAAAiEXIKAT8g6k+oERIKATmK6gIgggEGIBAjoh 7jyqHigBAjr+dAcBHY/OBHQ8AlIcgXIBAjq8FBBAAIFwCHz55ZdSVlYmb7zxhlPhTp06ycSJ E6VVq1bOurDfIaAT9h6k/kERIKATlJ6gHggggAACCBRXgIBOcT3ZW3wFCOjEt+9pOQIIFE+A gE7xLNlTvAUI6PjT/wR0PDoT0PEISHEEygUI6PBSQAABBMIjsHXrVhk3bpwMGjRI1q5da1W8 Vq1acvXVV1vratSoEZ7GZKkpAZ0sMKxGIE8BAjp5grE5AggggAACIREgoBOSjqKagRcgoBP4 LqKCCCAQAgECOiHoJKoYCgECOv50EwEdj84EdDwCUhyBcgECOrwUEEAAgfAJLFmyRHr16iXP PvusU/kDDjhAJk2aJO3bt3fWhfEOAZ0w9hp1DqIAAZ0g9gp1QgABBBBAwLsAAR3vhuwBARUg oMPrAAEEEPAuQEDHuyF7QEAFCOj48zogoOPRmYCOR0CKI1AuQECHlwICCCAQXoEpU6bIgAED 5IcffrAaUa1aNbnkkktk6NChUqdOnVA2jIBOKLuNSgdQgIBOADuFKiGAAAIIIFAEAQI6RUBk FwiYAgR0eBkggAAC3gUI6Hg3ZA8IqAABHX9eBwR0PDoT0PEISHEEygUI6PBSQAABBMIt8P33 30v//v3l0UcfdRqy9957y4QJE+TII4901oXlDgGdsPQU9Qy6AAGdoPcQ9UMAAQQQQKAwAQI6 hblRCoFUAQI6qSI8RgABBPIXIKCTvxklEMgkQEAnk0rx1xHQ8WhKQMcjIMURKBcgoMNLAQEE EIiGwFNPPSUXXXSRLF261GpQlSpVpKysTG655RapX79+aBpJQCc0XUVFAy5AQCfgHUT1EEAA AQQQKFCAgE6BcBRDIEWAgE4KCA8RQACBAgQI6BSARhEEMggQ0MmAUoJVBHQ8ohLQ8QhIcQTK BQjo8FJAAAEEoiOwZcsWGT16tFx33XWyYcMGq2E61dUNN9xgTYWlU2AFfSGgE/Qeon5hESCg E5aeop4IIIAAAgjkJ0BAJz8vtkYgmwABnWwyrEcAAQTcCxDQcW/FlgjkEiCgk0uneM8R0PFo SUDHIyDFESgXIKDDSwEBBBCInsD8+fOt0XNmzJjhNO6QQw6RiRMnSps2bZx1QbxDQCeIvUKd wihAQCeMvUadEUAAAQQQqFiAgE7FRmyBgBsBAjpulNgGAQQQyC1AQCe3D88i4FaAgI5bKW/b EdDx5icEdDwCUhyBcgECOrwUEEAAgWgKGIZhBXIGDhwoa9assRpZs2ZNGTRokFx99dWi94O4 ENAJYq9QpzAKENAJY69RZwQQQAABBCoWIKBTsRFbIOBGgICOGyW2QQABBHILENDJ7cOzCLgV IKDjVsrbdgR0vPkR0PHoR3EEbAECOrYEtwgggEA0BZYuXSq9e/eWJ5980mlg69atrfDOoYce 6qwLyh0COkHpCeoRdgECOmHvQeqPAAIIIIBAZgECOpldWItAvgIEdPIVY3sEEEAgXYCATroJ axAoRICATiFq+ZchoJO/WVIJRtBJ4uABAgULENApmI6CCCCAQKgEpk6dKv3795cVK1ZY9a5W rZr069dPhg0bJnXr1g1MWwjoBKYrqEjIBQjohLwDqT4CCCCAAAJZBAjoZIFhNQJ5ChDQyROM zRFAAIEMAgR0MqCwCoECBAjoFIBWQBECOgWgJRYhoJOowX0EChcgoFO4HSURQACBsAmsXLlS BgwYIJMnT3aq3rx5cxk/frwcffTRzrrKvENApzL1OXaUBAjoRKk3aQsCCCCAAAK/CxDQ+d2C ewh4ESCg40WPsggggMBvAgR0eCUgUBwBAjrFcaxoLwR0KhKq4HkCOhUA8TQCLgUI6LiEYjME EEAgQgLPPfec9OrVSxYvXmy1qkqVKtK9e3cZNWqUbL/99pXaUgI6lcrPwSMkQEAnQp1JUxBA AAEEEEgQIKCTgMFdBDwIENDxgEdRBBBAoFyAgA4vBQSKI0BApziOFe2FgE5FQhU8T0CnAiCe RsClAAEdl1BshgACCERMYN26dTJo0CC59957ZevWrVbrGjduLHfffbecdNJJldZaAjqVRs+B IyZAQCdiHUpzEEAAAQQQKBcgoMNLAYHiCBDQKY4je0EAgXgLENCJd//T+uIJENApnmWuPRHQ yaXj4jkCOi6Q2AQBFwIEdFwgsQkCCCAQYYGZM2dKWVmZzJs3z2nlqaeeKmPGjJFddtnFWefX HQI6fklznKgLENCJeg/TPgQQQACBuAoQ0Ilrz9PuYgsQ0Cm2KPtDAIE4ChDQiWOv0+ZSCBDQ KYVq+j4J6KSb5LWGgE5eXGyMQFYBAjpZaXgCAQQQiI3AL7/8IkOHDrWmuNq8ebPV7oYNG8pt t90m3bp189WBgI6v3BwswgIEdCLcuTQNAQQQQCDWAgR0Yt39NL6IAgR0iojJrhBAILYCBHRi 2/U0vMgCBHSKDJpldwR0ssC4XU1Ax60U2yGQW4CATm4fnkUAAQTiJDB37lzRL/z11l66dOki 48aNk2bNmtmrSnpLQKekvOw8RgIEdGLU2TQVAQQQQCBWAgR0YtXdNLaEAgR0SojLrhFAIDYC BHRi09U0tMQCBHRKDFy+ewI6Hp0J6HgEpDgC5QIEdHgpIIAAAggkCugIOiNHjpQbbrhBdGQd XerVqyfDhw+XPn36SNWqVRM3L/p9AjpFJ2WHMRUgoBPTjqfZCCCAAAKRFyCgE/kupoE+CRDQ 8QmawyCAQKQFCOhEuntpnI8CBHT8wSag49GZgI5HQIojUC5AQIeXAgIIIIBAJoF58+bJhRde KLNmzXKePuyww2TixInSsmVLZ12x7xDQKbYo+4urAAGduPY87UYAAQQQiLoAAZ2o9zDt80uA gI5f0hwHAQSiLEBAJ8q9S9v8FCCg4482AR2PzgR0PAJSHIFyAQI6vBQQQAABBLIJbN26VcaO HStXXXWVrFu3ztqsVq1acu2118oVV1whNWrUyFa04PUEdAqmoyACSQIEdJI4eIAAAggggEBk BAjoRKYraUglCxDQqeQO4PAIIBAJAQI6kehGGhEAAQI6/nQCAR2PznZAR6dc0CkYWBBAoDAB /eH1q6++kl133VWWLl1a2E4ohQACCCAQaYHFixdLr1695LnnnnPa2bZtW5k0aZK0a9fOWVeM O3ZAp06dOjJs2LBi7JJ9FElg06ZN1p6qVKki1atXL9Je2U2pBPTf52effSb169eX1atXl+ow 7BcBBBBAAAEEfBZIDOjo1LTVqlXzuQYcDoFoCPz73/+Wt99+22rMhg0bpHbt2tFoGK1AAAEE fBSwAzp6PqLnJSwIIFCYwJQpU+SDDz4Q/d5VL5plKY0AAR2PrnZAx+NuKI4AAuUCBHR4KSCA AAIIVCTw8MMPyyWXXCIrV660NtWQxqWXXipDhgwp2peZdkCnorrwPAIIuBMgoOPOia0QQAAB BBAIi0BiQCcsdaaeCARdgIBO0HuI+iGAQFAF7IBOUOtHvRAImwABndL2GAEdj74EdDwCUhyB FAECOikgPEQAAQQQyCiwYsUK6d+/v0ydOtV5vkWLFjJhwgQ54ogjnHWF3iGgU6gc5RDILEBA J7MLaxFAAAEEEAirAAGdsPYc9Q6yAAGdIPcOdUMAgSALENAJcu9QtzAKENApba8R0PHo+/XX X8vatWs97oXipRTQIfXPO+886xBXXHGFnHHGGaU8HPv2KFCjRg1p06aNx71QHAEEEEAgLgLT p0+XPn36ONMj6oeHnj17yogRI2S77bYrmGH+/PmyZs2agstTsDQC69evdwJYXbt2laFDh5bm QOy16AI6zLROSceCAAIIIIAAAtEQWLRokTOiZTRaFN5WDBgwQGbOnCnbbrutvPbaa+FtCDWX Aw88UKpWrYoEAggggECeAgsWLJBVq1blWYrN/RTQc8eTTz7ZOuRFF10kF154oZ+H51gFCBx8 8MEFlKKIGwECOm6U2CbUAu+995507NjRasOYMWOkb9++oW4PlUcAAQQQQACBZAEN0gwcOFAm TpwohmFYT+62224yduxY0RAHS3QENBivI7Ho0q1bN3nggQes+/wHAQQQQAABBBBAAIG4Chx/ /PHy9NNPS4MGDfhxMq4vAtqNAAIIIIBAwAW+/PJL2Xfffa1a3njjjXLNNdcEvMZUD4HSCRDQ KZ0tew6IAAGdgHQE1UAAAQQQQKDEAjNmzJCysjLR0W/s5ayzzpI77rhDGjVqZK/iNsQCBHRC 3HlUHQEEEEAAAQQQQKAkAgR0SsLKThFAAAEEEECgiAIEdIqIya5CL0BAJ/RdSAMqEiCgU5EQ zyOAAAIIIBAdgQ0bNsh1110no0ePli1btlgN03COPj777LOj09CYtoSATkw7nmYjgAACCCCA AAIIZBUgoJOVhicQQAABBBBAICACBHQC0hFUIxACBHQC0Q1UopQCBHRKqcu+EUAAAQQQCKaA vv/rXMaffPKJU0Gd7kqnvdLpr1jCKUBAJ5z9Rq0RQAABBBBAAAEESidAQKd0tuwZAQQQQAAB BIojQECnOI7sJRoCBHSi0Y+0IocAAZ0cODyFAAIIIIBAhAV+/fVXufnmm+Wmm24Sva/Ldttt JyNGjJCePXtKlSpVItz6aDaNgE40+5VWIYAAAggggAACCBQuQECncDtKIoAAAggggIA/AgR0 /HHmKOEQIKATjn6ilh4ECOh4wKMoAggggAACERD47LPPrNF03nnnHac1RxxxhEyYMEFatGjh rONO8AUI6AS/j6ghAggggAACCCCAgL8CBHT89eZoCCCAAAIIIJC/AAGd/M0oEV0BAjrR7Vta Vi5AQIeXAgIIIIAAAghs2bJFxowZI9dcc4389NNPFkjt2rVlyJAhcumll0r16tVBCoEAAZ0Q dBJVRAABBBBAAAEEEPBVgICOr9wcDAEEEEAAAQQKECCgUwAaRSIrQEAnsl1Lw2wBAjq2BLcI IIAAAgggsGDBAunRo4e8/PLLDka7du1k0qRJ0rZtW2cdd4IpQEAnmP1CrRBAAAEEEEAAAQQq T4CATuXZc2QEEEAAAQQQcCdAQMedE1vFQ4CATjz6OdatJKAT6+6n8QgggAACCKQJGIYh999/ v1x++eWyatUq6/kaNWrIFVdcIddee63UqlUrrQwrgiGQGNA577zz5MEHHwxGxagFAggggAAC CCCAAAKVJEBAp5LgOSwCCCCAAAIIuBYgoOOaig1jIEBAJwadHPcmEtCJ+yuA9iOAAAIIIJBZ YNmyZdKnTx954oknnA1atmwpEyZMkM6dOzvruBMcAQI6wekLaoIAAggggAACCCAQDAECOsHo B2qBAAIIIIAAAtkFCOhkt+GZ+AkQ0Ilfn8euxQR0YtflNBgBBBBAAIG8BKZNmyb9+vWT5cuX W+WqVq1qBXeGDx8u9erVy2tfbFxaAQI6pfVl7wgggAACCCCAAALhEyCgE74+o8YIIIAAAgjE TYCATtx6nPbmEiCgk0uH5yIhQEAnEt1IIxBAAAEEECipwI8//iiXXnpp0pRJe+yxh4wbN06O PfbYkh6bnbsXIKDj3ootEUAAAQQQQAABBOIhQEAnHv1MKxFAAAEEEAizAAGdMPcedS+2AAGd Youyv8AJENAJXJdQIQQQQAABBAIr8OKLL0rPnj1l4cKFTh27desmt912mzRs2NBZx53KESCg UznuHBUBBBBAAAEEEEAguAIEdILbN9QMAQQQQAABBH4TIKDDKwGB3wUI6Pxuwb2IChDQiWjH 0iwEEEAAAQRKJLB+/XoZPHiw3H333bJ161brKDvvvLOMGTNGTjvttBIdld26ESCg40aJbRBA AAEEEEAAAQTiJEBAJ069TVsRQAABBBAIpwABnXD2G7UujQABndK4stcACRDQCVBnUBUEEEAA AQRCJPDWW2/JhRdeKJ9//rlT65NOOskK7jRu3NhZxx3/BAjo+GfNkRBAAAEEEEAAAQTCIUBA Jxz9RC0RQAABBBCIswABnTj3Pm1PFSCgkyrC48gJENCJXJfSIAQQQAABBHwT2LhxowwbNkxG jBghmzZtso7boEEDGTVqlPzjH/+QKlWq+FYXDiRCQIdXAQIIIIAAAggggAACyQIEdJI9eIQA AggggAACwRMgoBO8PqFGlSdAQKfy7DmyTwIEdHyC5jAIIIAAAghEWOCjjz6yRtOZPXu208qj jz5axo0bJ3vuuaezjjulFSCgU1pf9o4AAggggAACCCAQPgECOuHrM2qMAAIIIIBA3AQI6MSt x2lvLgECOrl0eC4SAgR0ItGNNAIBBBBAAIFKF9i8ebPcfvvtcv3118vPP/9s1adu3bpy4403 Sv/+/aVatWqVXseoV4CATtR7mPYhgAACCCCAAAII5CtAQCdfMbZHAAEEEEAAAb8FCOj4Lc7x gixAQCfIvUPdiiJAQKcojOwEAQQQQAABBMoFvvrqKykrK5PXX3/dMenY8f+zdyfwMtXx/8c/ 1mSJUpYka0iyJi32kvVHe1mKlLQoFRWKLIUWFEVpFZVKEipptVQqEi2IEJKdJDvzn8/3/zvn NzN35t6Ze2c558zrPB63OXPmnO/y/M7MlfP2/TaQl19+Wc455xz7GDvxFyCgE39TSkQAAQQQ QAABBBBwtwABHXePH61HAAEEEEAgHQQI6KTDKNPHaAUI6EQrxXmuFSCg49qho+EIIIAAAgg4 VsDn88nEiRPlgQceEA2N6JY/f34ZMGCA9O/f3+w7tvEubhgBHRcPHk1HAAEEEEAAAQQQSIgA AZ2EsFIoAggggAACCMRRgIBOHDEpyvUCBHRcP4R0ICsBAjpZCfE6AggggAACCGRXYNOmTXL7 7bfL7Nmz7SLOPfdceemll+T888+3j7ETHwECOvFxpBQEEEAAAQQQQAAB7wgQ0PHOWNITBBBA AAEEvCpAQMerI0u/siNAQCc7alzjKgECOq4aLhqLAAIIIICAKwXeeust6d27t2zfvt20P0+e POb5sGHDpGDBgq7skxMbTUDHiaNCmxBAAAEEEEAAAQRSKUBAJ5X61I0AAggggAAC0QgQ0IlG iXPSRYCATrqMdBr3k4BOGg8+XUcAAQQQQCCJAhrOueeee+TNN9+0a61UqZJZCqt58+b2MXay LxAa0HnhhRfk2LFjJgSVK1eu7BfMlQgggAACCCCAAAIIuFSAgI5LB45mI4AAAgggkEYCBHTS aLDpapYCBHSyJOIEtwsQ0HH7CNJ+BBBAAAEE3CXw4Ycfym233Sa6/JVuGhy5+eab5cknn5Ri xYq5qzMpau3Bgwdl8+bN9s9ff/1l9tevXy/Tpk0zrcqbN68cPXrU7OfPn19Kly4tp59+uvkp U6ZM0KMe12NFihRJUY+oFgEEEEAAAQQQQACBxAgQ0EmMK6UigAACCCCAQPwECOjEz5KS3C9A QMf9Y0gPshAgoJMFEC8jgAACCCCAQNwFdKaXBx98UHSGF5/PZ8rXkMj48eOlQ4cOca/P7QX+ +++/snDhQvnqq69k3rx5snjxYjMzTrz7Va1aNWnatKk0adLEPJYqVSreVVAeAggggAACCCCA AAJJFSCgk1RuKkMAAQQQQACBbAgQ0MkGGpd4VoCAjmeHlo5ZAgR0LAkeEUAAAQQQQCDZAho2 6dGjh6xevdqu+tprr5Vx48ZJiRIl7GPpuPPHH3/IrFmzzM+CBQvkyJEjERny5MkjRYsWNT/r 1q0z55155pnSokUL0df27NkT9ufw4cMRy9SZjWrVqiV6Q6N9+/ZSr149M9tRxAt4AQEEEEAA AQQQQAABBwoQ0HHgoNAkBBBAAAEEEAgSIKATxMGTNBcgoJPmb4B06D4BnXQYZfqIAAIIIICA cwUOHDgggwcPltGjR9tLMhUvXlzGjBkjN9xwg3MbnoCW6cxCU6dOlZdffln0z2jhNg0uXXzx xVKnTh2pUaOGnHPOOVKpUiUTxNGZdk466SRz2Y033iiTJk0KV4R9TJcZ+/XXX+WXX36R5cuX y9dffy0aDAq3VahQQbp37y5du3aVsmXLhjuFYwgggAACCCCAAAIIOE6AgI7jhoQGIYAAAggg gECIAAGdEBCeprUAAZ20Hv706DwBnfQYZ3qJAAIIIICA0wWWLFkiN998syxbtsxuauvWreX5 558XnQ3Gy9vWrVtNQGnChAmiIZvArWDBgtK4cWMzG47OiKOhHJ3dJtwWa0AnXBkbN26UTz/9 1Px89tlnsmPHjqDTdEYeneVowIABpi1BL/IEAQQQQAABBBBAAAGHCRDQcdiA0BwEEEAAAQQQ yCBAQCcDCQfSWICAThoPfrp0nYBOuow0/UQAAQQQQMD5ArqM0xNPPCHDhg2TQ4cOmQYXKVJE RowYIbfffrvkzp3b+Z2IoYXbt283/R0/frzs37/fvlJDOW3btjVBGH088cQT7dcy24lHQCew /OPHj8v8+fPlnXfekWnTpom219p0LK6++mp55JFHpHr16tZhHhFAAAEEEEAAAQQQcJQAAR1H DQeNQQABBBBAAIEwAgR0wqBwKG0FCOik7dCnT8cJ6KTPWNNTBBBAAAEE3CKwYsUK6dGjh1ly yWpzw4YN5aWXXpKqVatah1z7uG/fPhk1apT5CZwxR2cKuueee8xSUkWLFo25f/EO6AQ2QMNT 06dPN23+4Ycf7Jd0Rh1dimzIkCGen+nI7jQ7CCCAAAIIIIAAAq4RIKDjmqGioQgggAACCKSt AAGdtB16Oh5GgIBOGBQOeUuAgI63xpPeIIAAAggg4BUBnb3lueeeM0spaaBFtwIFCsigQYOk b9++ki9fPtd1Vfv02muvyUMPPSRbtmyx21++fHnTz65du0r+/Pnt47HuJDKgE9iWOXPmmEDO okWL7MM6y899990n/fr1k8KFC9vH2UEAAQQQQAABBBBAIJUCBHRSqU/dCCCAAAIIIBCNAAGd aJQ4J10ECOiky0incT8J6KTx4NN1zwgcOHBA9KZvoUKFsuzTwYMHzU1tnfGADQEEEHCDwJ9/ /ik9e/aUTz75xG5unTp1zGw6devWtY85fWfx4sVyxx13SODsM6VKlZKHH37YzBaUk2CO1fdk BXSs+mbPnm3CRsuXL7cOyRlnnCGjR4+Wa665xj7GDgIIIIAAAggggAACqRIgoJMqeepFAAEE EEAAgWgFCOhEK8V56SBAQCcdRjnN+0hAJ83fAHTflQK//vqrTJkyRXQGg7Vr18revXtNP/Tm rt4YbdSokbRq1UquvvpqyZs3r93HZcuWyQUXXCAdOnSQqVOn2sfZQQABBNwgMGnSJDNDy65d u0xz9ftNZ9J55JFHzMw6Tu3D/v37ZeDAgfLMM8/IsWPHTDMLFixo2n7//ffHdbaZwICOLjv1 +uuvJ5xFA6Jaj84KtHnzZru+du3ayYQJE8zvJfsgOwgggAACCCCAAAIIJFmAgE6SwakOAQQQ QAABBGIWIKATMxkXeFiAgI6HB5eu/X8BAjq8ExBwj4DOfjN06FB58skn5ejRo1k2vGLFiub8 zp07mxl2GjRoIDqDg4Z0vv322yyv5wQEEEDAaQJbt26Vu+66S9599127aVWqVDGz6Wg40Wmb /jlLgzL6P9nWdtVVV5kZZs4880zrUNweUxHQsRqvy5ANGzZMnn76aTl8+LA5XKxYMXn22WdF fw+xIYAAAggggAACCCCQCgECOqlQp04EEEAAAQQQiEWAgE4sWpzrdQECOl4fYfonBHR4EyDg DoFFixZJ165d7Zu8BQoUkDvvvFMuvvhiqVWrlpxyyimyYcMGWbNmjbz55pvywQcf2CGeXr16 iYZ17rvvPtNZAjruGHNaiQACkQXef/998x34999/m5Ny584tt912m4wcOVKKFCkS+cIkveLz +WTUqFEyYMAAOXLkiKm1bNmyZkaZtm3bJqwVqQzoWJ3SWd5uueUW0d9b1qa/v8aPHy86cxAb AggggAACCCCAAALJFCCgk0xt6kIAAQQQQACB7AgQ0MmOGtd4VYCAjldHln7ZAgR0bAp2EHCs gC4ZUrNmTdm5c6dpY9OmTWXixIly1llnRWzzX3/9Jd27d5e5c+dmOIeATgYSDiCAgAsF9uzZ Y5aJeuWVV0QDMbppCOb555+XNm3apKxHuqRVt27dgmb50YDK2LFj5aSTTkpou5wQ0NEO6lJe Tz31lAwaNMieTUfDpBoeLVeuXEINKBwBBBBAAAEEEEAAgUABAjqBGuwjgAACCCCAgBMFCOg4 cVRoU6oECOikSp56kyZAQCdp1FSEQLYE9KZzy5Yt5dNPPzXX169fX7755hvJmzdvluUdP37c zJrzzDPPBJ0ba0Dn4YcflmXLlonOxKNtSdcNh3QdefrtdIHPP/9cbr31Vlm7dq3d1C5dusiY MWPk1FNPtY8lY2fHjh2iM+Ton69009l8XnjhBenYsWMyqhenBHSszi5ZskSuvfZae2xKlSol H330kdSpU8c6hUcEEEAAAQQQQAABBBIqQEAnobwUjgACCCCAAAJxECCgEwdEivCMAAEdzwwl HYkkQEAnkgzHEXCGgM640Lt3b9OYQoUKydKlSzOdOSe01Rrwadeunbkhar0Wa0Dn7LPPlpUr V5pZe3r06GEVk3aPOKTdkNNhFwn8999/MnDgQDNLjc7eoluJEiVEA4rXX399Unqybds2ad68 uegST7pVrlzZzBhTvXr1pNSvlTgtoKNt2r17t1x33XV20LRYsWLyySefyPnnn68vsyGAAAII IIAAAgggkFABAjoJ5aVwBBBAAAEEEIiDAAGdOCBShGcECOh4ZijpSCQBAjqRZDiOgDMEKlWq ZM88oDc4p06dGnPDtm7dapYUOXTokLk21oBOwYIF5cCBA2kf0MEh5rceFyCQdIHvvvtObr75 Zjskow1o3769jB8/XsqUKZOw9vzzzz/SpEkTM9uYVtKgQQOZPXt20mfwcWJARz2OHj1qZjl6 9dVX9amcfPLJMn/+fKlRo4Z5zn8QQAABBBBAAAEEEEiUAAGdRMlSLgIIIIAAAgjES4CATrwk KccLAgR0vDCK9CFTAQI6mfLwIgIpFdBZGAJvXo4aNcosWZWdRt14440yefJkc2ksAZ1NmzZJ 2bJlzXUTJ06UdJ1BB4fsvOu4BoHUCBw+fFiGDx8uI0aMEN3XrWjRovLEE0+Y77BcuXLFtWH7 9+83y/8tXLjQlHvxxRfLxx9/bJa3imtFURTm1ICONl1ndNOlEjUspdvpp58uCxYskIoVK5rn /AcBBBBAAAEEEEAAgUQIENBJhCplIoAAAggggEA8BQjoxFOTstwuQEDH7SNI+7MUIKCTJREn IJAygVmzZpmZH6wG6E3N22+/3Xoa02PgZz2WgM7IkSOlf//+pq50DujgENPbjZMRcITAL7/8 YmbT0e8/a2vWrJmZDUyXn4rHpjPDXHHFFWa2HC2vdu3a8tVXX5lAUDzKj7UMJwd0tC8a0unW rZu8/vrrpms6Dl9//bVZjizWvnI+AggggAACCCCAAALRCBDQiUaJcxBAAAEEEEAglQIEdFKp T91OEyCg47QRoT1xFwi8aT9u3DjzL5vjXgkFIoBAtgRefvllueWWW+xre/bsKc8//7z9PNad WrVqyfLlyyXagM7x48dFb56uW7fOVJWuAR0cYn2ncT4CzhE4duyYPPPMMzJw4EDRmW500+Xq hgwZIvfee6/kyZMnR43V72X9btStSpUqZkaYEiVK5KjMnFzs9ICO9k1DTVdddZXMnDnTdPX8 88+XL7/80oxLTvrOtQgggAACCCCAAAIIhBMgoBNOhWMIIIAAAggg4CQBAjpOGg3akmoBAjqp HgHqT7gAAZ2EE1MBAtkWmD59urmJaRWgS7SsWLFCSpcubR2K6fGuu+6SZ599NuqAztSpU6Vj x452Heka0MHBfguwg4BrBf744w+59dZb5YsvvrD7UL9+fXnppZekZs2a9rFYdnTZwb59+5pL 9Hv5m2++kfLly8dSRNzPdUNARzt94MABadGihZk9R59rYOfdd9+VeC8/pmWzIYAAAggggAAC CKS3AAGd9B5/eo8AAggggIAbBAjouGGUaGOyBAjoJEuaelImQEAnZfRUjECWAkuWLJHzzjsv 6Lyc3MTUG9E9evSQhg0bmlkeggoOeaI3sdu2bSsHDx60X0nHgA4O9vCzg4DrBXR5JZ2Z7P77 75c9e/aY/uTLl0/69esnDz30kJxwwglR9/GTTz4x35E6Q0+hQoVk3rx5Uq9evaivT9SJbgno aP937twpF154oaxevdpwDB48WB555JFE0VAuAggggAACCCCAQJoKENBJ04Gn2wgggAACCLhI gICOiwaLpiZcgIBOwompINUCBHRSPQLUj0BkAZ1hoFSpUrJ3796gk9q3by9TpkyRIkWKBB3P 6snff/9tbkJfcskl0rlz54inf/jhh3LdddfJf//9F3ROPAM6a9askU2bNsnmzZvNjXLtZ6VK laRixYox9yuokf/75NChQ7Jjxw5zw/3UU0/NcMrGjRtN+KhcuXKSP3/+DK/rgWQ4hK2Ygwgg kFAB/d6544475IMPPrDrqV69uplNRwMjWW1//vmn1K1bV3bt2mVmfJk2bZpceeWVWV2WlNfd FNBREP3LhwYNGpjfA7lz55bZs2dL69atk2JFJQgggAACCCCAAALpIUBAJz3GmV4igAACCCDg ZgECOm4ePdoebwECOvEWpTzHCRDQcdyQ0CAEggR0SZYXX3wx6Jg+OfPMM6Vnz55y0003ZXvJ q8BCNTAzduxYWbhwoSxdujTwJXu/du3aEZdv0aViBgwYYJ8bbmf79u3ywgsvmHDRqlWrwp1i jjVt2lT69OljZqeIZrmT1157TXQZKg3k6I/OyrBv3z5TljrpzXTdNBCkM2fMnTvX3FjXYxrO 6d69uzz99NMmzJMMB62XDQEEUi/wzjvviC79t23bNtMYDYjo88cee8zMihOuhUeOHJFGjRrJ d999Z14eOHCgDB06NNypKTnmtoCOIn300UeiN02OHz8uxYsXl59++knOOOOMlPhRKQIIIIAA AggggID3BAjoeG9M6RECCCCAAAJeEyCg47URpT85ESCgkxM9rnWFAAEdVwwTjUxjgQ0bNsg5 55xjB05CKfSG8rnnnisXX3yx+dHlqzSUEus2a9Ys0Zl5srvptYGzUYSWo3/AbNWqlaxbt868 dOKJJ5pZE6pWrSq67Mwvv/wiixcvlsOHD9uX6owWOotN+fLl7WPhdnr37m3CReFe06VnNKyj szJ07NgxomPXrl1Fgz6JdgjXRo4hgEDqBDTQd++998rkyZPtRlSoUMGECVu0aGEfs3Z0Kazh w4ebp/r6nDlzRL+HnbK5MaCjdoMGDZJhw4YZxmbNmslnn33mKFenjC/tQAABBBBAAAEEEIhd gIBO7GZcgQACCCCAAALJFSCgk1xvanO2AAEdZ48PrYuDAAGdOCBSBAIJFpg0aZJ069Yt6lp0 5gEN6jRv3lyuv/76qJaM0j8AvvXWW0F1jBo1SvRmr7VddNFFctlll1lPgx47dOggOsNOuO3o 0aNStmxZ2bJli3m5aNGi8tdff2WYoWLlypVy2223ybx58+xidMmr+fPnS5kyZexjoTvvv/++ fPLJJ6JLeOlN3f3799unaEBHr2/cuLFZsuv8888X7dfgwYPl888/t88rUKCAWWJFZ9tJlINd GTsIIOA4AQ3a6KxkGorUTWfv0u9d/b44+eSTzbFFixaZ79Zjx45JyZIlZdmyZebRvOiQ/2gg 0Vr+8IYbbpDXX3/dIS3LvBlqqsGcBQsWmBPHjBkj99xzT+YX8SoCCCCAAAIIIIAAAlEIENCJ AolTEEAAAQQQQCClAgR0UspP5Q4TIKDjsAGhOfEXIKATf1NKRCARAk888YT069fPzDYTS/l6 o/bGG2+UXr16SbVq1WK51IRiNm/ebF8zceJE6dGjh/082h0N3DRt2jTodF3qSpfvCt30Jq3O BmQtH6Ov6yw7P/74oxQsWDD09AzP9YZ53bp1zVIp+qLO1FO5cmX5+eefzUxE33zzjZx00kmi S3LpjD3WljdvXrM0lr4Wumk4KB4OoeXyHAEEnCWggcT+/fvLhAkT7O+Q0qVLy7PPPivt2rWT OnXqyG+//WYaPXPmTLMsk7N6IGaWMDcGdNRx/fr1UqtWLdm7d6/5vtfvbQ1psiGAAAIIIIAA AgggkBMBAjo50eNaBBBAAAEEEEiGAAGdZChTh1sECOi4ZaRoZ7YFCOhkm44LEUi6wHvvvWdm mNmxY0fMdefPn180YKNLOUW7xSuYosuW6PIlgVuXLl2ClpQJfG3VqlVSs2bNoOWuYgkHlSpV SrZu3RpYpJQoUUL0+65cuXLm+IABA2TEiBH2OZdffrnoTDzhtng5hCubYwgg4DyBhQsXyi23 3CL6XWRtutTgr7/+ap5q6FFnNnPi5tYZdCxLDW/qTGq6tW7dWj766CPrJR4RQAABBBBAAAEE EMiWAAGdbLFxEQIIIIAAAggkUYCAThKxqcrxAgR0HD9ENDCnAgR0cirI9QgkV+C///6Tl19+ Wd5++23R5VaOHz8eUwOGDBmSISwTqYB4BVMmT55sZvEJrGfkyJHy4IMPBh4K2r/ggguCZtHR JbRmzJgRdE6kJzrjjv6BNnB76qmnpE+fPvYhXXbrmWeeMYa67JUGlzTEE26Ll0O4sjmGAALO FDh48KAMHTpU9LvjyJEjdiNPPfVUWbFiheijEze3B3R8Pp9ZklBDUro5daYiJ449bUIAAQQQ QAABBBAIL0BAJ7wLRxFAAAEEEEDAOQIEdJwzFrQk9QIEdFI/BrQgwQIEdBIMTPEIJFBAZ9L5 8ssvZcGCBeZn+fLlWQZ2cuXKJXPmzJHLLrssy5bFK5iyZ88ead68uSxdutTUWaVKFdFlr3Sm m0hbz549zYw/1us6o44uXxXNpkt5Bc58kTt3btmwYYNZsiua60PPiZdDaLk8RwAB5wvo91aL Fi3MEnja2kjL8zmlJ24P6KijftfXq1dPdMnDs88+W/R3my5DyIYAAggggAACCCCAQHYECOhk R41rEEAAAQQQQCCZAgR0kqlNXU4XIKDj9BGifTkWIKCTY0IKQMAxAv/88498/fXXJqzz8ccf Rwy0lC5d2gRYihQpkmnb4xlMOXTokPzwww/mJqvOjpPVNnr06KAZbypVqiRr1qzJ6jLzemhA p1mzZvLFF19EdW24k+LpEK58jiGAgHMFVq5cKTVq1DBhkXPPPdcEDfPkyePYBnshoKO4PXr0 kJdeesk4v/rqq9KtWzezz38QQAABBBBAAAEEEIhVgIBOrGKcjwACCCCAAALJFiCgk2xx6nOy AAEdJ48ObYuLAAGduDBSCAKOFNBZZPr37y/vv/9+hvZNnDjR3ADN8ELAgWQFU3R2m9WrV8v2 7dvNz7Zt28wMOzozkLXlJKDTt29fefLJJ62iYn5MlkPMDeMCBBBIuMANN9wgU6ZMMfV88MEH 0r59+4TXmZMKvBLQ2bRpk5x11lmiS43poy4r5uRgVE7GjGsRQAABBBBAAAEEEitAQCexvpSO AAIIIIAAAjkXIKCTc0NK8I4AAR3vjCU9iSBAQCcCDIcR8JDA4MGDZciQIUE90llsvv3226Bj oU8SFUzZvXu3zJgxQ6ZPny6LFi0SXaorqy0nAZ0xY8bIPffck1UVEV9PlEPECnkBAQQcIbBx 40bR754jR45InTp1ZMmSJaLLBDp580pAR4179eolzz33nOGeNm2aXHXVVU6mp20IIIAAAggg gAACDhUgoOPQgaFZCCCAAAIIIGALENCxKdhBQAjo8CbwvAABHc8PMR10scAff/whDz/8sFxz zTVy5ZVX5qgnnTp1krfeessuQ28y68wE+fPnt4+F7sQ7mKIz4wwaNEheeeUVc8M7sD5ddktD Q3Xr1pXTTz/dBHhmzZpln5KTgM4777xjDO3CYtyJt0OM1XM6AgikSEC/fx977DFT+5tvvikd O3ZMUUuir9ZLAZ21a9dKlSpVzPJiTZs2lS+//DJ6CM5EAAEEEEAAAQQQQOB/BQjo8FZAAAEE EEAAAacLENBx+gjRvmQKENBJpjZ1pUSAgE5K2KkUgagEJk2aJN26dZO2bdvK7Nmzo7om0kl6 o7Nq1apy9OhR+xRdVqpy5cr289CdeAZTtC9333237N27N6gaDeXoMlz6F2aBM1OMHTtWevfu bZ+bk4COBn3atWtnlxXrTjwdYq2b8xFAIDUCOmvOmWeeKVu2bBENEP7555+SL1++1DQmhloD AzpdunSRyZMnx3C1807t0KGDzJw50/x++O2336RatWrOayQtQgABBBBAAAEEEHC0AAEdRw8P jUMAAQQQQAABvwABHd4GCPyfAAGd/7Ngz6MCBHQ8OrB0yxMCL730kvTo0cPMILBq1aoc9+mS Sy6RL774wi5n/vz50qhRI/t56E60wRRdpuq7776TWrVqic5yELqNGzfOhG18Pp/9UsWKFUX7 16xZM/tY4I4bAzpZOQT2j30EEHC2gC7Dd8UVV5hGPvTQQ/Loo486u8H/2zqvBXQ+/vhjadOm jeld37595cknn3TFONBIBBBAAAEEEEAAAecIENBxzljQEgQQQAABBBAIL0BAJ7wLR9NTgIBO eo57WvWagE5aDTeddZmAFdDRWRv++++/HM/eoDPSaPDF2tasWSM6M02kLdqAji5bNWzYMLnz zjvl2WefDSrul19+McGd48eP28eLFy8u33zzjQke2QdDdtwY0MnMIaR7PEUAAYcLaDhHQzo6 s5d+V2qo0A2b1wI6x44dkwoVKsjGjRvNTEb6mCdPHjcMBW1EAAEEEEAAAQQQcIgAAR2HDATN QAABBBBAAIGIAgR0ItLwQhoKENBJw0GPV5f37NkjO3bsMMsj5M+fP17Fxr0cAjpxJ6VABOIm YAV0tMDp06fbszlkt4IHHnjAnn2gaNGisnv37qBlpULLjUdAx1qeJLDsr7/+Wi666KLAQxn2 n3rqKbn//vvt44FLXG3btk3uuOMOqVOnjujMFqGbLoESOONQspa4IqATOhI8R8CdAvpnuFKl SsmhQ4ekcePGMm/ePNd0xGsBHYXXZRBHjhxpxuDTTz+VSy+91DXjQUMRQAABBBBAAAEEUi9A QCf1Y0ALEEAAAQQQQCBzAQI6mfvwanoJENBJr/GOW291ZoirrrpKtmzZIj179pTnn38+bmXH uyACOvEWpTwE4icQGNBp2bKlzJkzJ0eF6zIhulyIbk2aNJGvvvrK7Ef6zxlnnCF//fWX/bJ+ l+l3WuimQRoN1PTq1Ut0OStr01lzChUqJAcPHrQOiYZnVqxYYT+PtNOpUyd566237JcDAzrr 1q0zs1lo2XozOnSLd0Anpw6h7eM5Agg4W+D111+Xrl27mkZOmDBBbrvtNmc3OKB1XgzoLF++ 3MzEpt10+p+rA4aCXQQQQAABBBBAAAGHCBDQcchA0AwEEEAAAQQQiChAQCciDS+koQABnTQc 9Jx0WW9kP/HEEyaQc/jwYVPUNddcI++8805Oik3otQR0EspL4QjkSCAwoKMFPf7446Kz4GRn +/fff6V8+fKya9cuc7mWo+VlttWuXVuWLVtmn6IzGDz44IP2c2vnuuuuM99zQ4cOlYEDB1qH zZIkZ555pv1cd/Sm92uvvRZ0LNwTXdJk/fr19kupDOjk1MHuBDsIIOAKAQ1Z66xluXPnls2b N0vJkiVd0W5tpBcDOtqvqlWriv5FRenSpU1wVJceY0MAAQQQQAABBBBAIBoBAjrRKHEOAggg gAACCKRSgIBOKvWp22kCBHScNiIOac+RI0fMTW5dHkaXWvn222/NTBRffvmlWQ4hsJlXX321 vPvuu4GHHLVPQMdRw0FjEAgSCA3o6A3JyZMnS+fOnYPOi+bJ3Xffbc9uU7x4cTOLzWmnnZbp pVdeeaW8//779jkaxJk6dar93NqpUaOG/Prrr/LGG2+IznxjbTpzzsknnxw0g0779u3lgw8+ sE4J+6ihIA3FBG46i83GjRvNIWs2hWLFipllugLP0/0qVarI6tWr7cNan9ab3S2nDtmtl+sQ QCD5AhqwPvXUU0VDjRdeeKHorIhu2rwa0LFmatOxWLx4sdSrV89Nw0JbEUAAAQQQQAABBFIo QEAnhfhUjQACCCCAAAJRCRDQiYqJk9JEgIBOmgx0rN3UZVyee+65qC4joBMVEychgEAYgdCA jp6SL18+s/STzvAQ7fbFF19IixYtRJec0k1DPl26dMnycp0RLHDGnFNOOUVWrVplbl5bF8+f P98sl6XPNaRTvXp16yXzqPV+9tln9rETTzxRFi1aJDVr1rSPBe7o0oANGjSQDRs2BB4WDSfp LGU6e4IGgbT9WvbcuXODzvP5fKLBnb1799rHX3jhBbn11lvt57HuxMMh1jo5HwEEUiMQ+J0W OitYaloUW61eDejo77FLLrnEYIwYMUL69esXGwxnI4AAAggggAACCKStAAGdtB16Oo4AAggg gIBrBAjouGaoaGgSBAjoJAHZjVWEBnQqVqxobihrGGf48OGyZMkSu1sscWVTsIMAAjEKhAvo WEXUqVPHLHel3zF58uSxDgc9Hj16VB599FHzc+zYMfNa69at5aOPPgo6L9ITDbmUK1dO9uzZ Y59y7bXXirarSJEiJkRz2WWXmdBOmzZt5MMPP7TPs3Z09hoNE1n16/Hy/qW2NCTUsGFD6zTz OGfOHOnbt68J+mi9GsDRuqytefPmovWNHTvWLDuj37f9+/c3wZ2///7btFOXFHzxxRetS8zj 6aefbqx0ph9tt4aEzj333KBzMnsSD4fMyuc1BBBwjoCGch555BHTIJ09R2fRcdPm1YDOoUOH zIxsBw4ckJYtW4r+vmBDAAEEEEAAAQQQQCAaAQI60ShxDgIIIIAAAgikUoCATir1qdtpAgR0 nDYiDmmPdSO4YMGCUrJkSSlQoIDdsosvvjhoOQQCOjYNOwggEKNAYECnfv36MnHiRLnxxhvl 559/tkuqUKGCCbLoowZfSpUqJevXrzdBQZ1x4LfffrPPve2222TUqFGi313RbjNnzhT9HtNl X6xNAy61atUyQRpdBqZQoUKis07UrVvXOiXoUWe86datm2hgKHBr3LixmUlHj+tSgbq0lW66 RJWGiDTUc/bZZ9sz/wRee9ZZZ4kuK1imTBnp3bu3Ce0Evp7ZvrZXb2LHssXDIZb6OBcBBFIj oOEPnZlLvyc1nKizlrlp82pAR8egadOmMm/ePDnppJPM8oa5c+d209DQVgQQQAABBBBAAIEU CRDQSRE81SKAAAIIIIBA1AIEdKKm4sQ0ECCgkwaDHO8uhgZ0WOIq3sKUh0D6CFgBnbx585rA jS4LpbMI6AwyEyZMkHXr1kWFoctCvfzyy6Kz52RnW7hwofTp00e+//77DJfr7DSzZs2KGM6x LtDlqXRmG+2T7ofb9Karhoh0WS1dTks3nRHnzjvvlB07dpjnerNcZ+vRZas0IKnb888/L3ff fbe5oa431TU0qbMK6bJYuunSXkeOHBGdeeG///4TvamrwaJYt3g4xFon5yOAQPIEdIm84sWL m/CHBgg1DJKoTb+T9bvohhtuEP2Oj9fm5YCOzpg2cuRIQxVuScV4GVIOAggggAACCCCAgLcE COh4azzpDQIIIIAAAl4UIKDjxVGlT9kVIKCTXbk0vo6AThoPPl1HIM4Cn332mbRq1coEVh57 7LGg0jV0orM86Cw5GpxZuXKlme1BAzz58+c3M+lUr15dOnToINddd51ZGiSogGw80T8k6pIv W7dulRNOOMEs/aKz5sQyw4TOlqM3Vjdu3Gh+du3aJRogqly5stSuXdvMjBDaNO3T0qVLzeGq VavGpS+hdcTyPB4OsdTHuQggkBwBDT3qsqW63XvvvTJ69OiEVbxz504z65l+/w0aNEg6duwY cbnCWBrh5YDOe++9Jxp8123KlCnSuXPnWGg4FwEEEEAAAQQQQCBNBQjopOnA020EEEAAAQRc JEBAx0WDRVMTLkBAJ+HE3quAgI73xpQeIZBKAQ20xDK7gs4Uo+dbs8eksu3UjQACCLhJYPbs 2aJ/ea/bq6++apbmS2T7dbawJ554wq5i6tSpZknBnCzd5OWAzurVq80SiArWr18/GTFihG3H DgIIIIAAAggggAACkQQI6ESS4TgCCCCAAAIIOEWAgI5TRoJ2OEGAgI4TRsFlbSCg47IBo7kI IIAAAggggIBfYNSoUdK3b19jsWjRImnQoEFCXbZt22Yv1WdVVKNGDRkyZIhcccUV2Qpaejmg c+zYMSlUqJBZ6lF9pk+fbrHxiAACCCCAAAIIIIBARAECOhFpeAEBBBBAAAEEHCJAQMchA0Ez HCFAQMcRw+CuRhDQcdd40VoEEEAAAQQQQEAF7rzzThk/frzB2LFjhxQvXjzhMLq0lc6cE7rV qVPHBHXatWsXU1DHywEdNapWrZqsWrXKLIloLX0YasdzBBBAAAEEEEAAAQQCBQjoBGqwjwAC CCCAAAJOFCCg48RRoU2pEiCgkyp5F9dLQMfFg0fTEUAAAQQQQCBtBTp06CAzZ840s7Ro0CUZ 2+bNm6VSpUpy8ODBsNXVr19fhg4dKq1atQr7eujB//77TwoXLmwOd+nSRSZPnhx6iqufX3bZ ZfLpp5+a8JSGqNgQQAABBBBAAAEEEMhKgIBOVkK8jgACCCCAAAKpFiCgk+oRoH4nCRDQcdJo uKQtBHRcMlA0EwEEEEAAAQQQCBDQJa2+//57qVy5sqxevTrglcTu9urVS5577rlMK7noootM UOeSSy7J9DyvB3S6du0qr7/+uplV6NChQ5IvX75MPXgRAQQQQAABBBBAAAECOrwHEEAAAQQQ QMDpAgR0nD5CtC+ZAgR0kqntkboI6HhkIOkGAggggAACCKSVwFlnnSVr1qwRDeosWrQoaX3f uHGjCQUdPnw4yzqbNGligjqNGzcOe67XAzp9+vSR0aNHm75v2bJFSpYsGdaBgwgggAACCCCA AAIIWAIEdCwJHhFAAAEEEEDAqQIEdJw6MrQrFQIEdFKh7vI6Cei4fABpPgIIIIAAri8ByQAA QABJREFUAgikpYCGPbZt2yYtWrSQuXPnJtWgZ8+eMnHixKjrvPTSS2XIkCGiM+sEbl4P6Gif Bw8ebLqssxzpbEdsCCCAAAIIIIAAAghkJkBAJzMdXkMAAQQQQAABJwgQ0HHCKNAGpwgQ0HHK SLioHW4K6KxYsUI++ugj6du3rxHWm0Nt27Z1kTZNRQABBBBAIHECOqPJrl275MCBA+bn4MGD 9v6///4r+nquXLkkd+7c5lH3rZ/QY5k919d0s86xHgPLSlwvKdkSePLJJ0WXTWrfvr188MEH 1uGkPK5bt06qVq0qR44ciam+1q1bm6BO/fr1zXVeD+g8/vjj0q9fP9PXn3/+WWrUqBGTFycj gAACCCCAAAIIpJ8AAZ30G3N6jAACCCCAgNsECOi4bcRobyIFCOgkUtejZbspoKM3OPRGBxsC CCCAAAIIIIDA/xfQsIsupWSFrzQwZf2EO2YFqqxzrMdw52Z2rH///vLee+/FPAxapt500Jll qlSpIoULFzZldOnSRSZPnhxzeU6+YNSoUXawfOnSpVK7dm0nN5e2IYAAAggggAACCDhAgICO AwaBJiCAAAIIIIBApgIEdDLl4cU0EyCgk2YDHo/uEtCJhyJlIIAAAggggAACCMQioEGdwNl/ COjEose5CCCAAAIIIIAAAl4VIKDj1ZGlXwgggAACCHhHgICOd8aSnuRcgIBOzg3TrgQ3BXR0 aYDZs2fLgAEDzDh1795dWrVqlXZjRocRQAABBBAIJ6DLHa1fv1502SBd5mr//v32jx7XZa58 Pp/9c/z4cXvfOp6oY+HayzEEAgW8GNB54okn5MEHHzTdXL58uZx77rmBXWYfAQQQQAABBBBA AIEMAgR0MpBwAAEEEEAAAQQcJkBAx2EDQnNSKkBAJ6X87qzcTQEdFf7++++lQYMGBnvcuHHS q1cvd8LTagQQQAABBBBwhYCGlzS4ZP2EPrdCTdbrgY/Rnpud86655hrZs2eP1KlTR4YNG2a3 z6o/O2XGcu2CBQvks88+y/YY6p/nHnjgAbnqqqtMGV4M6AwZMsQs5aUdXL16tVSuXDnbXlyI AAIIIIAAAgggkB4CBHTSY5zpJQIIIIAAAm4WIKDj5tGj7fEWIKATb9E0KI+AThoMMl1EAAEE EEAAAc8JaNjjjz/+MMHlRYsWJbV/OhtTxYoVZceOHTHXq3/2HDhwoLRs2dLM9lS4cGFTRufO nWXKlCkxl+fkC/r06SOjR482TdyyZYuULFnSyc2lbQgggAACCCCAAAIOECCg44BBoAkIIIAA AgggkKkAAZ1MeXgxzQQI6KTZgMejuwR04qFIGQgggAACCCCAQHIFdAYanVlQgzo6O0syt+HD h8tDDz0UU5VNmjSRQYMGSfPmze3rdDk2Lwd0unXrJpMmTZJcuXLJwYMHJX/+/Hbf2UEAAQQQ QAABBBBAIJwAAZ1wKhxDAAEEEEAAAScJENBx0mjQllQLENBJ9Qi4sH4COi4cNJqMAAIIIIAA Amkv0L59e5k1a5YJuOiMNsna9u7dKxUqVJBdu3ZFVeWll15qZsxp3LhxhvO9HtDRWYLmzp0r p5xyiuzcuTND/zmAAAIIIIAAAggggECoAAGdUBGeI4AAAggggIDTBAjoOG1EaE8qBQjopFLf pXUT0HHpwNFsBBBAAAEEEEhrgTvuuEMmTJhgDDT8oSGQZGxDhw6VRx55JMuqWrVqZYI5F110 UcRzvR7QOfvss2XlypVSq1Yt+emnnyI68AICCCCAAAIIIIAAApYAAR1LgkcEEEAAAQQQcKoA AR2njgztSoUAAZ1UqLu8TgI6Lh9Amo8AAggggAACaSnw1FNPyf3332/6/t1338n555+fcIc9 e/aY2XP0MdymSzm1a9fOBHPq168f7pSgY14O6Bw7dszMbqRLW11++eXy/vvvB/WdJwgggAAC CCCAAAIIhBMgoBNOhWMIIIAAAggg4CQBAjpOGg3akmoBAjqpHgEX1k9Ax4WDRpMRQAABBBBA IO0FZs6cKR06dDAOkyZNkhtvvDHhJoMGDZJhw4ZlqEeDORpCGThwoNSpUyfD65EOeDmgs2bN GjnrrLNM1x988EEZOXJkJAaOI4AAAggggAACCCBgCxDQsSnYQQABBBBAAAGHChDQcejA0KyU CBDQSQm7uysloOPu8aP1CCCAAAIIIJCeAmvXrpVKlSqZzvfp00d0Rp1Ebrt27ZLixYsHVZE7 d265+uqr5eGHH5Zzzz036LVonng5oDN9+nS56qqrDMPrr78uN9xwQzQknIMAAjEK7N+/XzQk eOKJJ0Z95eHDh801+fLli/oaTkQAAQQQQCBZAgR0kiVNPQgggAACCCCQXQECOtmV4zovChDQ 8eKoJrhPBHQSDEzxCCCAAAIIIIBAAgR8Pp+ccsopostNNWnSRL766qsE1PJ/RT700EMyfPhw +0CnTp1Ej1WvXt0+FuuOlwM6gV4///yz1KhRI1Yezk+SgC5DFo9NA2v58+fPdlHajh07dsjO nTsz/GhArnv37nLOOedku3y3X3j8+HHR5fx09rBFixbJ33//LZs3b5Z///3XdK1QoUJSpkwZ adiwobRu3VquuOIKyZMnT4Zu6zU609cZZ5whS5YsCXpd6wgdA7W3xqRx48am7KCLeIIAAggg gECcBQjoxBmU4hBAAAEEEEAg7gIEdOJOSoEuFiCg4+LBS1XTGzRoIN9//71dvf5Fpv6LX6du 2lZts27jxo2TXr16ObWptAsBBBBAAAEEEEioQIsWLeSzzz4TvTGtQZ28efMmpD69YV2xYkU5 cOCAdO7cWQYMGCBVqlTJcV1eDug0b95cvvzySylSpIjs3r07bFAgx4AUkGOBQ4cOSYECBXJc jlVA4cKF5bTTTjOfl6ZNm4p+Rq3/d7HOifTYu3dvGTt2bKSXZdasWdKuXbuIr3v1hW3btpkl 4t544w3R/Wi3qlWrmiX5dJYvnWHH2jS8M2fOHDn11FNl+/bt1mHz+M0334j+A5ZIm37/TZky JdLLQccXLlwoX3/9tZQuXVratm2bYQayoJN5ggACCCCAQIAAAZ0ADHYRQAABBBBAwJECBHQc OSw0KkUCBHRSBO/WavUvpCtUqGD+9aHVh5o1a8pPP/0U9JeY1mtOeCSg44RRoA0IIIAAAggg 4ASBwYMHy5AhQ0xTdEaJaIMAsbZdl7DasmWL9O/f315WK9Yywp3v1YCO/hlbZzfSpXc0oDF3 7txw3eeYAwSOHj0qpUqVMjOkJKo5+h4YM2ZMlrPfPPbYY2a5uEjtSLeAjs6Mo0v3jR49Wvbt 2xfEooHByy67TBo1amTCUBpOXLlypSxfvlx+/PFH+eKLL0RnGdPtvPPOk2nTpkm5cuXk+eef l9tvv90c1yX7NHwYuMUroDNs2DAZNGiQXXSxYsVEAzvpPAOSjcEOAggggECWAgR0siTiBAQQ QAABBBBIsQABnRQPANU7SoCAjqOGwzmN0b/cXLt2rflLSv1LaH2+atUqmTp1qsybNy9DQ/Vf +F155ZXmBoz+i2z9C0/9V4f6rxDj+S9MM1QcxQECOlEgcQoCCCCAAAIIpIWALmvVrFkz09dH H33ULDmViI7rLBM6K0i8N68GdALHRUMXOuMQm3MFNKShATTr/5mefvppWbx4cYYG6+ydOrtK wYIFg/4xg84spWVoIGvjxo3yySefyKeffmpmnLIK0aWWevbsaQJ1OnNLuE3/P23ZsmWmLRMm TJAPP/ww6LR0CujosnCXX365+X/YQAT9vuvbt69ZZipwVpzAc3RfA4s606q1hJWGsHRcb775 ZtHvHd3CBXR0LPUvGffu3Suff/65mYFHl72ytmhm0NH3QdGiRUXHM3Dr2LGjvPnmm4GH2EcA AQQQQCCsAAGdsCwcRAABBBBAAAEHCRDQcdBg0JSUCxDQSfkQOLMBH3/8sbRp0ybHjdOZdWrV qpXjcnJSAAGdnOhxLQIIIIAAAgh4SeDw4cPmJrPOLtGwYUNZsGCBq7rn1YDOgw8+KE888YQZ C/2za/369V01LuneWA3J1K5dO4ihbNmysmHDhqBjmT3RZc0eeOABefnll+2ZXPR8Dbrpe6J8 +fKZXW5CJHquBkasLV0COjrbTbdu3ewgjfZfl4rTWYg0YBPtpsGal156SfTzqEsAhm7hAjqh 51x77bXy7rvv2oejCejoTD5nn322fY21o+EindknHTedhU0/VxqaatmyZToS0GcEEEAgJgEC OjFxcTICCCCAAAIIpECAgE4K0KnSsQIEdBw7NKlt2G+//SYXXHCB+ZeeJ554ouTLl8/MipM7 d27Rn8B/fahTgetfZurPkSNHzI/+xbDeQNHpwgnopHYsqR0BBBBAAAEEEAgU0FkmPvjgA9EZ Ov7++++EzHQTWF88970a0NGb83qTvmTJkrJ582bz5+14ulFWYgW2bt1qlr0KrEVnEtUxjXV7 /PHHpV+/fkGXafhHl1LS/y/LbNMQz59//mmfkg4Bnddee01uuukmu8+6U6ZMGdFZqSpXrhx0 PNonOhvSJZdcYmbFCbwmmoCOjp2OobVFE9DR4OTJJ59sZlSyrtPH3r17m1l8Ao+ly771nThx 4kTp0aNHunSbfiKAAALZFiCgk206LkQAAQQQQACBJAkQ0EkSNNW4QoCAjiuGiUbmRIAZdHKi x7UIIIAAAggg4DWBwBvaL7zwgtx6662u6aIXAzq//vqr1KhRw4zBLbfcIi+++KJrxoOG/n8B XdKtRIkSQRzZDehoIeedd5691JJVaDRBj2rVqpllia1rvB7Q0aWXL7vsMtGAi7WdcsopZmaw 6tWrW4ey9fjll1/KpZdeav4RilVANAGdwYMHm2XJrGuiGTc9NzSYpTMA6f/H6pim46bLwuk/ +iGgk46jT58RQCA7AgR0sqPGNQgggAACCCCQTAECOsnUpi6nCxDQcfoI0b4cCxDQyTEhBSCA AAIIIICAhwR27dolpUuXNje13baEihcDOrqUy2OPPWbeYXPmzGE5Fxd+1uId0Bk3bpzcfffd GSR0dtI6depkOG4dSKeAztq1a81ScPp9FrjpzDlNmjQJPJTtfR0DHQtrS2RAR+tYunSpfPLJ J1KoUCFp3769lCtXzqo6rR43bdokukScbgR00mro6SwCCORAgIBODvC4FAEEEEAAAQSSIkBA JynMVOISAQI6Lhkompl9AQI62bfjSgQQQAABBBDwpoDe/NXZNXTpUr3R7ZYbwfv37zc3r3VU op2ZwskjqEvEVqxY0SxLpMtb6Y3pvHnzOrnJtC2MQLwDOtu2bTPLnYVW9cADDwQtnxT6ejoF dKzvsECD6667TqZOnRp4KEf7+/btk0qVKomOh26JDujkqLEeunjkyJHSv39/0yMCOh4aWLqC AAIJFSCgk1BeCkcAAQQQQACBOAgQ0IkDIkV4RoCAjmeGko5EEiCgE0mG4wgggAACCCCQrgLv vfeeXH311ab7gwYNClqSxckmXgvozJ07154x595775XRo0c7mZ+2RRCId0BHqylQoIAcOnQo qMYOHTrIjBkzgo4FPkmXgI4uP9W8efPArssJJ5wgK1eulPLlywcdz+mThx56SIYPH26KIaCT U82sr9fQYuXKlWXdunXmZAI6WZtxBgIIIKACBHR4HyCAAAIIIICA0wUI6Dh9hGhfMgUI6CRT m7pSIkBAJyXsVIoAAggggAACDhY4fPiwWUJEZ4YoU6aMrF+/3hUzt3gtoHPVVVfJ9OnTzTvl l19+kXPOOcfB7xqaFkkgEQGdk08+Wfbs2RNUZaNGjWT+/PlBxwKfpEtAp27dumY5qMC+d+3a VV577bXAQ3HZ37Bhg1SoUEE0OEJAJy6kmRaiMyB17NjRPoeAjk3BDgIIIJCpAAGdTHl4EQEE EEAAAQQcIEBAxwGDQBMcI0BAxzFDQUMSJUBAJ1GylIsAAggggAACbhbo16+fvVzO22+/Ldde e63ju+OlgM6ff/5pZoo4evSoZBW8cPzApHkDExHQyZcvn+h7I3C7/vrr5a233go8FLSfDgGd pUuXigZ0Qrdp06aJBt4SsdWrV09+/PFHAjqJwA0o84svvpC2bdvKwYMH7aMEdGwKdhBAAIFM BQjoZMrDiwgggAACCCDgAAECOg4YBJrgGAECOo4ZChqSKAECOomSpVwEEEAAAQQQcLNAYEDk vPPOkx9++MHx3fFSQOeee+6RZ555xpi7JSDl+DdIihoY74DOH3/8YcJbod0ZNmyYPPzww6GH 7efpENAZOHCgPProo3afdUfDTDt37pQiRYoEHY/Xk7vvvlvGjRuXtIDO3r17ZceOHZI/f345 44wzYu7G33//Lb/99pv89ddfsm/fPilatKiZBejCCy+UXLlyxVyezh60e/duY3zaaaeJzu4U ummYbO3atXLiiSeaNsdaz4cffijXXXed/Pfff0FFOyWgkwyDoI6HPNH6f/75Z9m4caPo+Op7 vmrVqnL22WdLsWLFQs6O7Wmq++bz+cz7VWer0r4dOXJESpQoIaVLlzY/5cqVi61DAWfH+7MQ UDS7CDhOgICO44aEBiGAAAIIIIBAiAABnRAQnqa1AAGdtB7+9Og8AZ30GGd6iQACCCCAAAKx C3Tq1MmekUNvkLZp0yb2QpJ4hVcCOnrTsFKlSnLgwAGpWLGirFq1yhVLjCVxqF1VVbwDOkOG DJHBgwcHGeTNm9cEIMqWLRt0PPBJLAEdLX/16tVSqFAhE6rQG/65c+cWvVmuN8h37dolVapU yTQQFFh3svZ1GTgNnwRuzZo1E519JVHbO++8Y8Ijp59+ugm9ZFaPuur4WVvnzp1lypQp1tOg x3///Vd0aS4NF+mPhnLUXf11y+zaoIL+94kuDzV27FhZtGiRGcfQc/S9o2V26dIl4nJ6GgJ5 6KGH7PZouzScoyEO3QIDM+vWrZMRI0aYcKeOiS6dqJuGdPT7rWnTpjJ06NCwgR49b82aNaa9 CxcuzLBkmb6uW+3ataV8+fJmP/Q/9evXlwEDBoQezvHzZBpk1VgNWWkwb8aMGbJ169awp2uQ Rd9H999/v5xyyilhz7EOOqlvusSmhu3ef/992bRpk9XEDI8aRLrppptMH0uVKpXh9XAH4vFZ CFcuxxBwsgABHSePDm1DAAEEEEAAARUgoMP7AIEAAf9fwLEh4GmB7777zud/y5sf/7989HRf 6RwCCCCAAAIIIBCLgP9mnc9/U978Ocl/I9R37NixWC5P+rn+2RXsP9f5bzQnvf54VXj77bfb /XjxxRfjVSzlpEjAf6PZHk/r/zv8N5Wz1Rp/yMHnD21lKO/OO+/Msjyt06pfH2fNmhXxmhNO OCHo3MDrrP3WrVtHvD4VL/iDImHb3LNnz4Q2Z8+ePT5/EMT3+uuvZ1nPI488EtTGzL6n/MGu oHMtd+sxs2sDG+IP9fj8s88ElXXSSSf5/MtF+bp16+Zr3Lixzx/wCnrdP3tXYBH2/ieffBJ0 ntUW69Ef0PH5Z8vxaT8LFChgn6vvpzJlyvj8M+fYx/Qa/0wovtmzZ9vlB+7MnDkz6Fyrjmgf 27dvH1hc3PaTaZBZoydPnuzzz44TZFSyZEmf9lvHtWHDhvbvbzXTMddx8QdZIxbrlL598MEH 5r0ROtb+2XJ8/qCwzx/u8vlnagrqu76X9M8smW3x/CxkVg+vIeBEgXbt2pnPjH5vsCGAAAII IIAAAk4U8P/jNPvP+P5/iODEJtImBJImoP+yig0BTwsQ0PH08NI5BBBAAAEEEMihgN4Etm6S vfzyyzksLbGXeyGg88svv9g3y8866yyfBjLY3C0Qr4COBuRuvPFG+/NofS7r1avnO3jwYJZI sQR09Ca/VX7oo3+WCl/Hjh19r7zySpZ1JvME/eyEtlWfDxo0KJnNyLQuDUgEtjGzkI1/+Snf XXfdZcIW4UJZmV1rNeLzzz83wRirTg1camBJ35OB24oVK3z+Ja6C2vbUU08FnmL2V65c6bvj jjt8Wrd/xqCg87WOF154wXfzzTfbx1u2bOlbvHixzz/rj7leQ1RXX321/bpe45/VxafBidBN /3LWP+NQ0I9/mbKgay+66KKg1wPPX7p0aWiRcXmeTINwDdaxu/LKK4McrrjiCp9/xqIMp/uX qsxwbqNGjXwaKgu3pbpv/lmjgt4/+v7IkyePCRb5Z5AKarJ+H+qfSaz3tj5qCMw/m1PQedaT eH8WrHJ5RMAtAgR03DJStBMBBBBAAIH0FSCgk75jT88zChDQyWjCEY8JENDx2IDSHQQQQAAB BBCIq8D69et9/iVJzE0w/Rfq4W6kxrXCHBTm9oCO3ljUmQGsG47Tp0/PgQaXOkUgHgEd/7K8 vgYNGtjvDes90qRJE5+GHqLZYgno+JdZy1DXeeed5/MvNxPxBng0bUjkOXPnzs3QZnV69tln E1ltTGXHEtAJLFjDCHXq1AnqX1YBnT/++MNXsGBB+xqdvea1114LLDZoX8f81FNPtc9XO53J JNJ26NAhX+XKlYPO9y83ZZ7rjDlvvfVW2Et1hp2zzz476Lo+ffqEPTf0YGgoSGfsSeWWbAMN bAa+D3RMNYAWKZSiNvre0Rm2rO8MfaxVq5bvn3/+yZQu2X3TxmigK7CdGriZP39+xHb6l+wJ Ol+v/fHHHzOcn+jPQoYKOYCAAwUI6DhwUGgSAggggAACCAQJENAJ4uBJmgsQ0EnzN0A6dJ+A TjqMMn1EAAEEEEAAgZwIBN5U1tkRnLq5PaATOBtAixYtnMpMu2IUCBfQ0dDbtGnTwv68++67 Pl3a7LHHHvPddtttPiv0EHjjunTp0j5dhkhvoke7RRvQ0Rv6Xbp0sW9861JFo0aNcvwSd5Mm TbLbHGj19ttvR0uU8PMCv0u1jVmFbAIb1Lt376D+ZXVt8+bNg86/6aabAosLu6+BnEA7naEm s6179+5B51vXjhkzJrPLfI8++mjQdTVr1sz0fOtFpwV0tF3JNNAZgixjfdT3U7Tb3XffHXRt NO+HZPYt3OdXl9zKbNOlNwM9dF+/V0O3ZHwWQuvkOQJOEyCg47QRoT0IIIAAAgggECpAQCdU hOfpLEBAJ51HP036TkAnTQaabiKAAAIIIIBAtgUOHDjgq1KlirkRpv9i/+OPP852WYm80M0B nQ0bNviKFStmjDW88fvvvyeSirKTKBAuoBN6Uzna5xpQ0GCOfiZj3aIJ6OisGoGzUlSrVs33 66+/xlpVSs6fMmVKhpv16hppJpdUNDInAR2dKSXwfZJZQEcDXoHn6jJBmzdvjqrLGsoJvPbb b7+NeN29994bdK5ep7OgZDajixY2Y8aMoOsKFy4csY7AF5wY0EmWgS7ZlS9fPttNZzvSJaGi 3Xbu3OkrVKiQfb2O1ezZszO9PFl927p1q1nqLPB9d+mll2baNn0xcDk1vVZ/d4Yu35Wsz0KW jeUEBFIsQEAnxQNA9QgggAACCCCQpQABnSyJOCGNBAjopNFgp2tXCeik68jTbwQQQAABBBCI RWDBggW+3Llzm5t7OnuHhg6ctrk1oKMzlgT+C/8nnnjCabS0JwcCkQI6rVu39mX1o7NcjBw5 0gQaVq5c6Tty5Ei2W5JVQEfL10COdZO8ffv2WS6Dk+3GJOBC/Y6y2h74qIEmp2w5CehEe61+ DxYtWjTI4pJLLomaIDQI1Ldv34jX3nfffUH1qPuHH34Y8XzrhYULF2a4TgMkWW1ODOgkyyB0 tpjszGZ3/fXXB7k3bNgwU/Jk9S1wxi59D2kQONxSVaGN1WCPvrc1uFS9enXfq6++GnRKMj8L QRXzBAEHChDQceCg0CQEEEAAAQQQCBIgoBPEwZM0FyCgk+ZvgHToPgGddBhl+ogAAggggAAC 8RDQG7XWje82bdpkOUtCPOqMpQy3BnSGDRtmuzZq1Mh39OjRWLrNuQ4XCBfQ0RvQyd4yC+jo TBpWqEPbpkvpZDULSrLbn1V9GzdutD9H1veUPg4YMCCrS5P2erQhm3ANivba0GWq1CCW0N+8 efOCHK+88spwzTHHwgU4/v7774jnWy8sWbIkqA5tYzTXuSWgE01fYjEId+5rr71mcUb9+Oyz z2Zw178Ej7QlY3z197bOfBP4mdWgYDy2ZH4W4tFeykAgkQIEdBKpS9kIIIAAAgggEA8BAjrx UKQMrwgQ0PHKSNKPiAIEdCLS8AICCCCAAAIIIBAkcOjQIV+9evXsG2kaLHHS5saAzty5c326 /IzenDz55JN969evdxIpbYmDgJMDOhrCefTRR+3ZsfR92K1btzj0OvlF6ExUgUsAWTf8b7nl luQ3JkKN0YZswl0e7bW9evWyv6Mtg2nTppngn4b/svrRpbCs6/SxTp064ZpjjoUGOHR2tWi2 cIGTaEItbgjoJMIgdOx1XHTGqFi3WbNmBY2tlvP4449HLCYZ46szLgW+33RfZw6Lx5bMz0I8 2ksZCCRSgIBOInUpGwEEEEAAAQTiIUBAJx6KlOEVAQI6XhlJ+hFRgIBORBpeQAABBBBAAAEE MgisWbPGV6xYMXNDTZe80ht+TtncFtBRy+LFixtLnbVkxowZTqGkHXEUcGpA56233vJdffXV GW6OFy5c2LdixYo4CiSvqMAluqyb/k2aNEloA3R8S5Qo4bv00kuzrCc0aNG5c+csr7FOiPba //mf/8kwppZFdh7Lli1rNSHDY2iAo2nTphnOCXfAywGdRBhce+21GcY0s5lvwpnrsfnz52co p2fPnpFO9yVjfMeMGZOhTRoajMeWzM9CPNpLGQgkUoCATiJ1KRsBBBBAAAEE4iFAQCceipTh FQEz77b/L3HYEPCswPfffy8NGjQw/Rs3bpz4/5WVZ/tKxxBAAAEEEEAAgXgI+JfDkQ4dOoh/ 9g0pUqSILFy4UGrWrBmPonNUxv79+6VQoUKmDP+Nb5kyZUqOykvkxXv27JGLLrpI/EEIU41/ GR557LHHElklZadIYPv27eIPcATV7g9kmc9P0MEEP/GHV8T/F15R1VK9enXR/0+yPk9RXeSA k4YOHSr+IEtQS/LmzSs6Bv5gYdDxeD3xz4IlLVu2NGO8devWTIv1Lx0mQ4YMsc+J5Xsq2mvP P/98+eGHH+w6dKdUqVLiDwMGHYvmido1a9ZM/CGKsKf36dNHRo8ebb/WvHlz+fzzz+3nkXZ+ /PFH8c/GFvSyfwYd086ggyFPypQpI/4ZfuyjEydOlB49etjPU7GTDAP/0ofm92xg/9auXSsV KlQIPJTl/k8//ST+GZGCztP37pw5c4KOWU+S0bd+/fqJfxYfq0rz6F+KS+68886gY9l5kszP QnbaxzUIJFPAH1gT/fO7/i7cvXt3MqumLgQQQAABBBBAICqB33//XfxLc5tz/TN2y8MPPxzV dZyEgCcFvJI0oh8IRBJgBp1IMhxHAAEEEEAAAQQiCwwfPtz+V+9nnHGGb8OGDZFPTtIrbplB 5+DBgz7/TW/br3379j5dnofNmwJOnUHH/xcYPp25yR8O8/mDLfb7UY/rT6dOnVw3IPo9pDN7 WX2wHt98882E9WXs2LGmvlq1amVZR7Sz4IQrKNpr/f/4JEP/dbauRGyhM6z4AzpRVePlGXQS YVC3bt0MY/rzzz9HZR14kj90l6Ecf9g28JSg/WSMrz8ElKFN/oBOUDuy+ySZn4XstpHrEEiW ADPoJEuaehBAAAEEEEAguwLMoJNdOa7zogBLXHlxVOlTkAABnSAOniCAAAIIIIAAAlEJ+GfP 8XXr1s2+seafccO3Y8eOqK5N1EluCOgcPXo0aFkh/2wGvn///TdRJJTrAAGnBnT8s1/5pk+f bguFW+4qXjfK7UqSsNOqVSv7e8kK6Fx//fUJq/mmm24y9enNz6y2aEM24cqJ9tpwyyEtWrQo XJE5PpaMAEdgI08//fSgsfXPoBP4sr3/7bff+p5++mnfl19+aR9L1E4yDMIt1bRgwYKYu/Tp p58G+enn44orrohYTjL6puNkfU6tRw0MxmNL5mchHu2lDAQSKUBAJ5G6lI0AAggggAAC8RAg oBMPRcrwigABHa+MJP2IKEBAJyINLyCAAAIIIIAAApkKHD582OdfHsO+uVa/fv2Uhk2cHtDR UNMtt9xie5UvX97nX64lU2NedL+AUwM6oaGNffv2+c455xz7/ak3y/Pnz+8LPc/pI/Lhhx8G 9UH7ccIJJ/gSMYuMf1k9X9GiRU19/qWesqSJNmQTrqBor33ggQcy9P+dd94JV2SOjyUjwBHY yGgDOgMHDjQG/mWSAi9PyH4yDO66664MYzpr1qyY+/Puu+9mKEfLjrQlo28zZszI0Kbu3btH alJMx5P5WYipYZyMQAoECOikAJ0qEUAAAQQQQCAmAQI6MXFxsscFCOh4fIDpns9HQId3AQII IIAAAgggkH0Bnf0lcBkJXbpJgzKp2Jwe0Am82VmyZEmf/uUDm/cFnBrQ+euvvzLgr1y50qcz 61gzWehj2bJlfdu3b89wrpMP3HDDDUF90H7oUnLx3l577TW7nj///DPL4qMN2YQrKNpr58yZ Y7fJGkddRig7m753M5vhK/A7TetKxPJOge1O14DOG2+8kWFMdWm1WLfHH388Qznvv/9+xGKS Mb76PZQnT56gdlWsWDFimzJ7QUPDGoS1tmR+Fqw6eUTAqQIEdJw6MrQLAQQQQAABBCwBAjqW BI8I+HwEdHgXeF6AgI7nh5gOIoAAAggggECCBXbu3Bk080bDhg19u3btSnCtGYt3akBHl7W6 7bbb7BuQOuPG0qVLM3aAI54UcFNARwdAZ1uxgh3W42WXXeY7duyYa8bnn3/+8ZUrVy5DPz7+ +OO49WH16tW+YsWKmTquvPLKqMqNNmQTrrBor9VxOvPMM4P6rksQxrotXrzYlytXLp8uwxdp S0aAI7DuMmXKBPXr+eefD3zZ3u/bt685r1evXvaxRO0kw+DAgQP2e836TF511VUxd6lNmzZB fhrG07Ijbcnom9ZtBQesvunjkiVLIjUr7PHly5f78ubN69OZ/KwtmZ8Fq04eEXCqgPU5099b bAgggAACCCCAgBMFCOg4cVRoU6oECOikSp56kyZAQCdp1FSEAAIIIIAAAh4W0H8FX6VKFfvm X7Vq1Xy///57UnvsxICOBgWsmyJ601FviC5cuDCpLlSWWgG3BXRUK9ySOoMGDYoa8siRI757 773XV7x4cV+BAgV8rVu39mmgJZnbV1995cudO7f9naSfP70x+eOPP+a4GTqrjLUcWL58+aL+ ros2ZBOugbFc++STTwb1W/s+e/bscMVGPHbFFVeYMjRwGWlLVoDDqr9WrVpB/Ro5cqT1UtDj tddea84bOnRo0PFEPEmWwf333x/Ud122bcuWLVF3SWd40veqvhesnwkTJmR6fbL6Fm5ZuvPP Pz+mUKAui6X9qlevXlCfkvFZcML3XVCneYJAGAHrz6IEdMLgcAgBBBBAAAEEHCFAQMcRw0Aj HCJAQMchA0EzEidAQCdxtpSMAAIIIIAAAukl8Pfff5vZFqybf3oTYPr06UlDcFpAZ9myZb6q VavaN0NPO+00s7xq0kCoyBECehPd+kwEPgYuxZKMhp511llB7di4cWPEag8ePGgHUKw262wq H3zwQcRrAl946qmngurSMipXrpz05e+mTZvm0yCD1Qd9PPXUU30///xzYHNj2tdx0xlzrDJ1 2aBot4cffti+Tq/v2LFjtJf6Qq/t1KlTxGt11q4LL7wwqC79Ltq9e3fEawJf0DCPjre2MbMQ xz333BNUR9OmTQOLibj/ww8/BF2n9YRbci20ACs0ZNlfd911oaeY51Z4SpeGSvSWLAP9/Rb4 +0QNunbtGrSkU2Z91XMtN32MZsm3ZPVN263v58D26f748eMz65L92oIFC+wwXug1yfgsOOX7 zgZhB4EwAgR0wqBwCAEEEEAAAQQcJUBAx1HDQWNSLEBAJ8UDQPWJFyCgk3hjakAAAQQQQACB 9BHYu3evufFn3WjTm7w9e/b07du3L+EI+/fvt2/wde7cOeH1RapAb+A//fTTvhNPPNFujy4x s2bNmkiXcNzDArpUi/V5CHzctGlT0nqt78mTTjopqB0akshs+/LLL4PO17YXLFjQpzfDs9ou vfTSDNfq9W+++WZWl8b99fnz52dYHkj7MWbMmJhm6NCGrVixImhGrBtvvDGm9t5yyy1BLs2a NYv6+tBrdVaizDb9vtEwUuB7rnnz5r49e/Zkdplv1qxZtleTJk0yNbr++uuDyteZ06LZZs6c GXSdtjGaJY00DBXYn1NOOcW3ffv2oCrnzZtnn/Prr78GvZaIJ8k00M+szsIWaNClSxefzuCS 2TZixIiga0qXLp3BLdz1yeybvi8rVKgQ1E5dDjKrmZ90aStrObvzzjsv7Ps10Z8FJ33fhRtH jiGgAgR0eB8ggAACCCCAgNMFCOg4fYRoXzIFCOgkU5u6UiJAQCcl7FSKAAIIIIAAAh4WOHbs mO/RRx/15cmTx77ZVrFiRd+nn36a0F47IaCjf6GgN7UDb6DqLA8aXGLzvoAGYX766Sff999/ 7/v88899L774oi90WR7rvaEznEyaNMn3xRdf+PTGe05mdQknqwEgLVc/dz169Ah6T2obGjVq 5JsxY4ZpqwZPAjedDUuXB7LaGviYN29eX+/evX1z5syJ2Oa2bduGvVbDBKnYfvnllwyzj2if dBmdd955x3f48OFMm6XLlN1xxx0+7btlceutt2Z5nc56osGTr7/+2swGosEg63p91CW4Hnvs MZ+GiBYvXuzbtWuX3Y6srtW26PI9GkjRcdb3Xuim30ehoQcNM+jMZqGhDn2/3H777Xb7SpYs 6duwYUNQkfo9pu3UZfqeeeYZX/78+e3zrX49+OCDPg136Xlbt261r9cghf6/97vvvhv2M9G4 ceOI70erEF0yUGdms+rSR13Oyvp+1WWcrFlm2rRpY10W18dUG6hriRIlggw0rBX6/aHvafX+ n//5n6BzdSYrPR5uS3XfdBal2rVrB7VXx1hn/9mxY0dQk3fu3OkbN26cWUJPzylcuLBv6dKl QecEPon3ZyGwbKd93wW2jX0ELAECOpYEjwgggAACCCDgVAECOk4dGdqVCgECOqlQp86kChDQ SSo3lSGAAAIIIIBAGgnoTBuBN4d1Nh2d2Wbz5s0JUUhlQEfrHjRokH2zUG8Y6kwHL7/8ckL6 SqHOFNCloXTss/OjM9zEc7v77rujbkeNGjWCqtbwRTR9OPvss4Ous548++yzYa+Pdgkkq5x4 PupSN5MnT7YDHIH9K1WqlAkBvPDCCyZcot9dr7zyiq9Pnz6+Vq1aBc1aUqhQIZ/2L5pNgzmB 9WS1//rrr9vFxnptpJCRhq10pp/AwKS2Q5fc075pgLBu3bpB7dTjujRb6PbJJ58EnZdVfwKX /wqdzSeza2vWrBlatf1cl1kLDQbpbGUXXHCBPU46RtHMyGMXGsOOEwzWrVtnlkfTgFego87U pjfhNfxXoECBoNfy5cvn69+/v+/AgQMRe+uEvmlI6KabbgoKw2kf9c8PGr5q2bKlTwO/gf3W z+8333wTsV/WC/H8LFhl6qMTv+8C28c+AipAQIf3AQIIIIAAAgg4XYCAjtNHiPYlUyCXVub/ H182BDwr4P/XrdKgQQPTP/+/wJJevXp5tq90DAEEEEAAAQQQSLbAv//+K/369ZPnn39e/DM8 mOr9wRXx3yiUe+65R/w3VuPWJP+NR/HPUGHK8weBZMqUKXErO1JB+r9Lb7/9tumjf/YG+zT/ khcyceJE8QeU7GPseF/AP3uU+EMrsnHjRvPe9t8kF3+YQPyznYj/ZroNoJ8Ff2BEDh06JP5Q j+h7V8/1L/Nin5PTHf3M+UM65jPhDyyY8rUN/hvd5rPoD3SIf5YW8YfLpH379uZ9bNU5duxY ue+++0Svs671BzzMy9p2bbN/NhM588wz5bfffrMuC3ocOHCg+EMu4p/5QvxL1Yh/KSLxz44h /lkugs5L9hMdo6lTp4p/li9ZuXJl1NX7Aw5y8803yyOPPCL+QEBU1/lDA+KfqciMgX436fed 9V7Q7w5ti469joN/Rhvxz6Yk/nCFKTv0Wr1er7XGT98/1hjq96y+l7SNkbbff/9dhg0bJv4Z g8x14c7T8ezbt6/5f2KtJ3SbO3eu+Gdrsd9T2h99X+i52h/rvaHvKe2Tf3YgeeCBB0wx/pnF xD/Tj22hbbU+E3qd9t96P15++eXy1ltvhVZvP/fP4CP+8JTo/8uHbqeffrr4l+kSf+go9KW4 PHeKgXZGP3uDBw8W/5JhZvzDdVC/V/T30fDhw+Xcc88Nd4p9zEl984eQZOTIkeKfZSxi3/yh L7nhhhvMZ1K/Y6Ld4vFZCK3Lqd93oe3kefoK+GfTEv+SceKfhUx2796dvhD0HAEEEEAAAQQc K6B/TveH8k379P9dH374Yce2lYYhkGgBAjqJFqb8lAsQ0En5ENAABBBAAAEEEEgDAb3Z7F8i RpYtW2b3tmzZsubGmn/5CnPj2X4hmzvJDuh89tlnMmDAAHPT2Wqyf1kY8S87I/6lfMxNa+s4 jwiks4AGKjSo4l8KxtwgdIKFhkK0Xf7ZcszP2rVrTZhIQ1IaONGb/xr2qFatmgkwaTBFb2y6 fdNgj/ZVw0n6F6AarClTpoxUqVJF6tWr56rvLW2//m7xL6UlJ5xwggk3aTAns6CS28cvXPs1 6KWBFh1T/786NcEv/V2kv2M18BXPIGy4+hN5TINb+n7Vfq1evdr0TT+X5cuXF/+sSTn6s0Oi PgtO/L5L5BhRtjsECOi4Y5xoJQIIIIAAAuksQEAnnUefvocKENAJFeG55wQI6HhuSOkQAggg gAACCDhUQG+G6awyOgOFzqphbXpjWP9lTKdOncxsDNbxWB+TFdD56quvzKwF8+bNs5uos6Tc ddddov+KPpZ/yW8XwA4CHhYYP3683HnnnWZ2Fg2wOXnTsINu1oxBTm4rbUMAAecJuOn7znl6 tChRAgR0EiVLuQgggAACCCAQLwECOvGSpBwvCBDQ8cIo0odMBQjoZMrDiwgggAACCCCAQNwF dIaKxx9/XJ555hmzvItVQeXKlc2yOjfeeKNZVsc6Hu1jIgM6etNelwYYNWqUmW3DapPOtHHd ddeZ5XIqVapkHeYRAQQCBHRGqTfeeMMseXXTTTcFvMIuAggg4C0Bvu+8NZ5e6Q0BHa+MJP1A AAEEEEDAuwIEdLw7tvQsdgECOrGbcYXLBAjouGzAaC4CCCCAAAIIeEZg8+bNMmLECHnxxRfl 0KFDdr+KFCkiHTp0kOuvv15atGghOjtNNFu8Azq69Iv+WXHq1Kny7rvvyl9//WU3Q4M5erNj yJAhUrt2bfs4OwggECygs2XpUjsHDx6U7777Ts4///zgE3iGAAIIeESA7zuPDKQHu0FAx4OD SpcQQAABBBDwmAABHY8NKN3JkQABnRzxcbEbBAjouGGUaCMCCCCAAAIIeFlg06ZNosvevPTS S7J///6grp500knSrFkzueyyy8yPzrITaYtHQGfbtm3y2Wefydy5c+XTTz8VDREFbrlz5zbh IV2Sq27duoEvsY8AAmEEhg8fLg899JCcc8458vPPP4uG29gQQAABLwrwfefFUfVGnwjoeGMc 6QUCCCCAAAJeFiCg4+XRpW+xChDQiVWM810nQEDHdUNGgxFAAAEEEEDAowK7du0yy+BoUGf5 8uVhe6kzcTRs2NCEY2rWrCm1atWSkiVLmnNjDejs3bvXBAa0rp9++km+/vpr+e2330Rnzgnd ypQpI926dZPu3btLxYoVQ1/mOQIIhBFYtWqVmTFHP2tTpkyRzp07hzmLQwgggID7Bfi+c/8Y erkHBHS8PLr0DQEEEEAAAW8IENDxxjjSi/gIENCJjyOlOFiAgI6DB4emIYAAAggggEDaCmhQ ZubMmTJr1ixZtGiRHD9+PKJFgQIFpFixYuZn5cqV5rzy5ctLmzZtJG/evLJnzx7ZvXu3eQzc 37dvX8Qy9YVq1apJ+/btzVJWF154oeTJkyfT83kRAQT+T+Cff/6RBg0aiN60rlSpknnkM/R/ PuwhgIB3BPi+885YerUnBHS8OrL0CwEEEEAAAe8IENDxzljSk5wLENDJuSElOFyAgI7DB4jm IYAAAggggEDaC+jMOvPnz5evvvrK/OgyOZkFdrILpqGepk2b2j/lypXLblFch0DaC2i4TQN2 J5xwgsybN8+EddIeBQAEEPCkAN93nhxWT3WKgI6nhpPOIIAAAggg4EkBAjqeHFY6lU0BAjrZ hOMy9wgQ0HHPWNFSBBBAAAEEEEBABXQpq7/++ks2bdoU9PPnn3/K7NmzwyKdfPLJcsYZZ2T6 c9JJJ4W9loMIIBCbwMaNG+XMM8+UXLlyyauvvipdu3aNrQDORgABBFwiwPedSwYqzZtJQCfN 3wB0HwEEEEAAARcIENBxwSDRxKQJENBJGjUVpUqAgE6q5KkXAQQQQAABBBCIr4AGdwoWLGgK 7dixo4wfP16OHTsmRYoUkfz588e3MkpDAIFMBcaNGye1atWSxo0bZ3oeLyKAAAJuF+D7zu0j 6P32E9Dx/hjTQwQQQAABBNwuQEDH7SNI++MpQEAnnpqU5UgBAjqOHBYahQACCCCAAAIIxCwQ GNDp1KmTvPHGGzGXwQUIIIAAAggggAACCHhJgICOl0aTviCAAAIIIOBNAQI63hxXepU9AQI6 2XPjKhcJENBx0WDRVAQQQAABBBBAIBMBAjqZ4PASAggggAACCCCAQFoKENBJy2Gn0wgggAAC CLhKgICOq4aLxiZYgIBOgoEpPvUCBHRSPwa0AAEEEEAAAQQQiIcAAZ14KFIGAggg4H6BvXv3 SuHChSV37tzu7ww9QAABBHIoQEAnh4BcjgACCCCAAAIJFyCgk3BiKnCRAAEdFw0WTc2eAAGd 7LlxFQIIIIAAAggg4DQBAjpOG5HM23P06FHJmzdv5ieFefXYsWOSJ0+eMK9wCAEE0lFg+fLl MmnSJPntt9/kzz//ND/79++XAgUKSMWKFaV69epy9913S6NGjdKRJ6Y+6/frjh07ZOfOnfbP rl277P3OnTvLueeeG1OZyTjZ5/PJ4cOH5YQTToipuuPHj8uRI0eyvC6W3zvajvz58we14+DB g0HPY32iQbPQMmMtI9L5/C6OJOOt4wR0vDWe9AYBBBBAAAEvChDQ8eKo0qfsChDQya4c17lG gICOa4aKhiKAAAIIIIAAApkKENDJlMdRL86fP1+aN29u2nTiiSeam6N681FvQubKlctuq950 1Rujhw4dMj86xqVKlZLVq1dLoUKF7PPYQcApAgsXLpSvv/5aSpcuLW3btpXixYs7pWmeaod+ J0yZMkVefPFF+e677zL0Tb9X9PsicGvVqpVMmzbN8d8dqXwPzZ07V1q2bBnIFrR/2223yYQJ E4KOOeHJ+vXrpUKFCub3hwaz9Ed/p2gINPB3igZyNJCi7x99f2iYpmrVqrJy5cpMu3HWWWfJ H3/8IQULFjQ/Wq41O5P+ntKQj5anQRwtX0NO1mdf69L25HTTGaFOPfVUKVmypJx33nnSrFkz adKkiTmW3bL5XZxdOfddR0DHfWNGixFAAAEEEEg3AQI66Tbi9DczAQI6menwmicECOh4Yhjp BAIIIIAAAgggYG6O6c0z3Tp16iRvvPEGKg4V0NkuunXrlu3Wbd26VUqUKJHt67kQgUQIDBs2 TAYNGmQXXaxYMdGwxTnnnGMfYyfnAhqmuP7662XZsmV2YTpzSteuXaV79+5SrVo1KVq0qPz7 77/yww8/yJ133mkHMPQm9YwZM+xwhV2AQ3ZS/R5ya0Bn+/btUr58edGZk2LdsgroaADHCuNE W3ZgQEcDOxos1VmJ4r1pu6644grp06ePXHjhhTEXz+/imMlcewEBHdcOHQ1HAAEEEEAgbQQI 6KTNUNPRKAQI6ESBxCnuFiCg4+7xo/UIIIAAAggggIAloP96nYCOpeHsx71798qWLVtMqGrf vn2yYsUKeeqpp2TVqlUZGq6zkNx8881y+umni84gkC9fPqlUqRLLXGWQ4kAqBTQYoKEQvRkf uHXs2FHefPPNwEPs50BgzZo1JoigAQhr0++Il156yYQgrGPW46+//ioXX3yx/PPPP9Yh+eKL L8zsI/YBh+w44T3033//iRqr15w5c2TEiBFBOk6dQUcbqb9Ttm3bZoJZ+rvkySeftINZgZ1o 166d+Z2is1wVKVLE/LlBwz2ZbYsWLTLhnyVLlsjTTz8tmzdvDjpdZ7a55557pEGDBmZGG10G LHApRn2/avs0NLZ27VpTxuLFi4PK0Cfjx48371drOav/x96ZwN9Q/f//2NdCZEl2WcuStbJF kRZFfe0Skoqi7KUiKspS9G0vKkX4FqEvCmX5SrJ8UalEoST7ki2a/7zO7z/znZl75965987M nXvv6zweHzNz5izv83yfmetzz+vzPoi+g6g8+Nm1a5dYs2aN/NmyZYuMLmdsAJGPpk6dKqN3 GfMjnfOzOBKd9LpHgU56+ZOjIQESIAESIIF0JECBTjp6lWOKlwAFOvGSY72UIUCBTsq4ioaS AAmQAAmQAAmQQEQCFOhExBP4m5988oncEshoKKJiHDlyxJXtQYztun0+YsQIGc2jX79+EbeH cbtftucegUR9iKguVatWDTEI29BAEMKUOAFsT1SjRg0B0Y2WmjRpIhYvXmz7jhg0aJCYMGGC VlweEeVo1KhRprwgXARxDrVu3VoKdTQ+QRboaDZqRwiMYL8xYaupw4cP284XY1m7c4iX2rVr pz/X9erVE/j8gkjHaUL0p1q1apmKX3TRRY6j7CAaD+YwBD3YBlJLsAHRA1u2bKllxXxM5c/i mAebQRUo0MkgZ3OoJEACJEACJJCiBCjQSVHH0WxPCFCg4wlWNhokAhToBMkbtIUESIAESIAE SIAE4idAgU787IJQc9OmTaJ27domU7AtyN69e015QbyAMAOL66+99pro3bt3EE2kTVEIJOrD s2fPikKFCoVssdO/f38ZLSNK97ztgMCsWbNEhw4d9JKXXnqp2Lp1q4xcpGdaTrp27Rqy3eED DzwgJk+ebCmZ/MsgziFsDwYRiJZSSaDj5WfK6tWrRaNGjSSWefPmiTZt2miIHB2xTSM+34yp UqVKYaPIGctYz9999125tRu24dJSvnz5BCL+XH755VpWTEcvucVkCAu7SoACHVdxsjESIAES IAESIAEPCFCg4wFUNpmyBCjQSVnX0XCnBCjQcUqK5UiABEiABEiABEgg2AQo0Am2f6JZt3nz ZlGzZk1TMWxr9euvv5rygniBrdUw/yjQCaJ3nNnkhg/HjRsnhg0bpneI7XPw+2aVKlX0PJ7E T6Bbt25i+vTpegMjR44UTzzxhH4d7gTPZJ8+fUy3Zs6caRL6mG4m+SJoc2jgwIFi4sSJOpVU Euh4+ZmCCDZaxBxspwVxTSxp//79omjRoqYqlStXDrsll6lQmAuriApFLrvsMrFu3bqI4rUw TcksL7nZ9cl87wlQoOM9Y/ZAAiRAAiRAAiSQGAEKdBLjx9rpRYACnfTyJ0cThgAFOmGgMIsE SIAESIAESIAEUpDA6dOnRZ48eaTlnTt3DomakIJDyiiTU3VRcM+ePaJUqVLSVxTopOaUddOH GzdulFsuIYoFomqUKVMmNaEE0OqGDRuKtWvX6pZha6toW/kgsgiEPLNnzxY5c+YUiKiDba+C nII0hyjQCT9Tjh07potfduzYIcqVKxe+oE2umwKdn376SQqEsAWcMY0dO1YMHTrUmOXoPFU/ ix0NLoMLUaCTwc7n0EmABEiABEggRQhQoJMijmhqDAcAAEAASURBVKKZvhCgQMcXzOwkmQQo 0EkmffZNAiRAAiRAAiRAAu4RoEDHPZbJaClVFwWxCDp8+HCJjAKdZMycxPukDxNn6EcLiESE aCVawvZW1atX1y559IAABTrhoQZJoAMLETFn+/btJmNbt24tPvnkE1Oek4tU/Sx2MrZMLkOB TiZ7n2MnARIgARIggdQgQIFOaviJVvpDgAIdfzizlyQSoEAnifDZNQmQAAmQAAmQAAm4SIAC HRdhJqGpVFwURMSCihUrip07d0piFOgkYeIk2CV9mCBAH6tbBTrxbC3ko7lp0RUFOuHdGDSB TosWLcSyZctMxmKLvSNHjoisWbOa8qNdpOJncbQx8b4QFOhwFpAACZAACZAACQSdAAU6QfcQ 7fOTAAU6ftJmX0khQIFOUrCzUxIgARIgARIgARJwnQAFOq4j9bXBVFwUnDlzpujUqZPOiQId HUXKnNCHKeMqQYGO/76iQCc886AJdBo0aCDw3ZYxZcuWTZw5c0bgGEtKxc/iWMaXqWUp0MlU z3PcJEACJEACJJA6BCjQSR1f0VLvCVCg4z1j9pBkAhToJNkB7J4ESIAESIAESIAEXCJAgY5L IJPUTKotCiJawU033SQw77REgY5GIjWO9GFq+EmzkgIdjYR/Rwp0wrMOkkDn3Llz4sILLxSn Tp0yGVuuXDmxY8cOU56Ti1T7LHYyJpZhBB3OARIgARIgARIggeAToEAn+D6ihf4RoEDHP9bs KUkEKNBJEnh2SwIkQAIkQAIkQAIuE6BAx2WgPjfn5qIgti06fPiwOHjwoLj44otFoUKFQkaD RU0sXubJk0dceumlIkuWLCFl7DIWLlwoOnToIP78809TES8EOnv37hXffvut+PXXX8WJEydE gQIFBBZer7rqqphs1gxFRIUDBw6IXLlyiSJFimjZ+nH37t1SdFSmTBmRM2dOPT/ayfbt28We PXvEb7/9JrdVKV68uKhQoYIoX768wFYrbiZFUSSTXbt2CfD566+/RNGiRUWJEiXkD2yPlrz2 IRbwwRkMMb/iSZjHW7ZsEfAJxpkjRw5RuXJlUbVqVVGwYMF4mtTreP2M6B25eBKvQOfs2bPy fXDo0CGBn7x584ratWs7tixZrOKdQydPnhTr168X+/btk+PGQMuWLSufRTwb2bNnF2Dy3nvv ibp164orrrjCloVTgQ7eKz///LNkG+v71LbzBG+4+ZliNSVIAp1w44S9Dz/8sJgwYYLV9KjX 4dq75JJL5GdQ1MosEFgCjKATWNfQMBIgARIgARIggf9PgAIdTgUS+B8BCnT+x4JnaUqAAp00 dSyHRQIkQAIkQAIkkHEEKNBJbZfHuygIAcOjjz4qxTgQRECUA3EOFtWRjKKZnTt3imeeeUas W7dOCjywSI0EkQ7EJM2aNRNPPvlkWEEPBCiTJ08Wq1atEhs3bpT1rP/UqlVLLoRb83Fdr149 8cgjj4S7FTYPWy+hvy+//FJAkGJNpUqVEl26dBFdu3YV1atXt96W19OmTRNoB1w0NhD5IJUu XVr88ssv8hzCmsGDB4slS5ZIAQMyISzp2bOneP7556WYRxa0/LN//37x6quviunTp4vvv//e cvd/l+CKhX5EHIpFCPW/Fv7v7I8//hBjxowRH330kRQDWe9r1xCx9OjRQ3Tv3l1AKKQlL3x4 /Phx2Q/mHX7AGSIQiIaQ4CPwiSVBjDV69Ggxd+5cKbIIVxdiJIwPfrvooovCFdHz/HpG9A5d OrnvvvvE77//rrf22WefSZGalmH3vIE9GMIXeBdYhXQ333yzmD9/vtaM6ZgMVm7NoUWLFonx 48eLFStW6PPPNDj1olixYqJ3797i888/l++yNm3aiHnz5lmL6deRBDo//fSTeOqpp8TKlSsF 3q3nz5+X9fA+rVixomjatKnt+1TvwMOTeD9TnJgUJIEOnpNXXnnFZDYENficwzHW5CW3WG1h efcIUKDjHku2RAIkQAIkQAIk4A0BCnS84cpWU5SA+kUgEwmkNYG1a9fi2275M2XKlLQeKwdH AiRAAiRAAiRAAulMQN3eQf9/XefOndN5qGk5tv/+97+6/7T/n6uLi1HHunjx4pB6Wn0cVYGO okbLUZ544gkld+7celk1goxSsmRJRRWM6Hkor0ZiURYsWBDS78cff2wqZ+zDybm6EB7SZrgM VdyhqNF5TH2p25coqrhFueuuu5QmTZooagQM0/0XXnghXFPKgw8+aCpntDNfvnyyjipUUPLn z29bThWBhG1bFeQoaiQfvZ66KK+oQhylT58+yj333KNcffXViiry0e+j72rVqinqQn7Y9qJl qiIC6RvjGHCuRgRRbrzxRtm3GinJ1B98qQou9Ka98KEqUjL1abVPFejo/Ts5effddxU1Oo6p TVVUoWD+wP+NGjVSsmbNqt/H3MDcVqOm2Dbv1zNia0CcN9ToS/o4rVwTuVYFOrYWJYNVonMI 7zdVkGZidc0118jnUBXQKGoUFUWNpqKoEYhMZcCwZcuWtixwA/WMrO+9915FFeIoqnDH9B6K 9X0asVOXbsb7meKk+6NHj+pc1EhsTqqYyqhiQ72+xlcVFprKOLmYNGlSSDtqxDJl06ZNTqqH LeMlt7AdMtMXAnjvYa7h84WJBEiABEiABEiABIJIAN8xaP83Vv9gJYgm0iYS8I0AI+iobwOm 9CbACDrp7V+OjgRIgARIgARIIHMIMIJOavs63r/aR+QWRJpRF0zF8uXL5RZLRhKI8IL/87/5 5psyu1WrVjLqQ82aNeVWL0eOHJERJebMmaNXQ0QSRFsxbo2Fv+aaMWOGXgYn2D4E0S+0pIpS hLrgrV2ajrfeeqtAxI9IadmyZeLOO+/UtxJRhRjSNkRTwVZdWtq2bZuMbrNmzRotS0bOQLQL Y0KkGVVwILdHQvQRbH2jJVWgIyNtqIIfGWGkfv36cjwjR44US5cu1YoJVdQkt6zCllhawvZg iOCjRTfBtluIWII2jQl2qgv64osvvtCzseUVInyo4ig9L9IJIv4MGDBA9x/KZsuWTYwYMUI8 8MADonDhwnp1RE1C1KBevXrpeegHW0Qhco8XPkR0luHDh8t5gHFh2zRjchpBB9GIwOrDDz/U q7dt21ZMnDgxJCoTtvZ66KGHTGUbN24so8LAF9bk1zNi7TfRazzXiICjJfUPamSUIu060vOG MqpoU6hCBfkMaHVwjBRBJxmsEp1DqkhDbmeEsWG7KkQNa9iwIS5DEubToEGD9KhceF/hHWGX rBF07r77bhnFCJG5kOJ9n9r152Z+vJ8pTmxIdgQdROtC1JzHH39cjxYHu7FtIXzTokULJ8MI W8ZLbmE7ZKYvBBhBxxfM7IQESIAESIAESCABAoygkwA8Vk0/Ar5JgdgRCSSJACPoJAk8uyUB EiABEiABEiABlwkwgo7LQH1uzo2/2j9z5oyibq2i/9WV+hu6UrZsWXmNCA+qwCbsqBCBomrV qqZ6iBARLSHCD/rQfhCtJ96kbhej5M2bV28LkX1UsYltc3v37lXUxVi9PGxAlBm7hIgKxsgr iHijLubL+uoWWQoiQiDVrVvX1Cai9Wj3tLbV7XFMZdC3KoTSbpuOYNugQQNTeUSKUEUJpnJ2 F6oAwFQXUY9UIYxdcUVdhDSVh20bNmywLe+mDxFZpHbt2qb+nUTQUbdaM9WD79WFd0UVHNna jb769u1r6ksVnYX4ytqA38+Itf9ErjFvtGcNR0R/cpJuu+02U71IEXSM7SWDVaxzSBWf6e8N RMVyEs3ljTfe0HnEGkFH4x/pfYoxxPM+NbJ349yNzxQ7O7yIoFOpUiUZ7Q3vTOOPKlKUflW3 V1RmzZqlIKqZMRqc5hNEUVK3dbMz2XG+l9wcG8GCrhNgBB3XkbJBEiABEiABEiABlwkwgo7L QNlcShPAX9UwkUBaE6BAJ63dy8GRAAmQAAmQAAlkEAGjQKdTp04ZNPL0GKpbi4I9e/bUF5+1 hUscsRVIpDRmzBhTvRo1akQqLu+5Ke5o3ry5qX8stkZLEOQYx4htpSIlbJVkLI9zbAP1888/ 69XUaDCmMhA3WNOTTz5pKoN2unbtai2mX6uRdEK2u3IiZnr77bdD+sEWRJGSGqUopI4aHcm2 ips+RCf9+/c39e9EoKNGLTLVwZZVTpN1GzMn88bPZ8TpOJyUi1egg/DoxnnvVKADm5LBKpY5 9M477+hjU6NgOcEohV/a9nTxCnS8eJ86Mj6GQm59poTr0guBjnGOOj3HdlZ45tVoauHMjCvP S25xGcRKrhCgQMcVjGyEBEiABEiABEjAQwIU6HgIl02nHAEKdFLOZTQ4VgIU6MRKjOVJgARI gARIgARIIJgEKNAJpl+cWuXWoqC69Y++YK0tciIKS6RoJLBx7ty5pnr58+eParpb4o7XX3/d 1Le6hZPy22+/Re0fBSDK0caJY6SFWkRoMJbF+fjx4039/PXXXzLvjjvuUJ599lll3759pvu4 MIoCtPbGjh0bUs6YYY2io275Zbwdco5+1a3GTPZed911IeWsGer2VqY6iBSkbmNmLaZfu+VD rUFEvtGY4BhNoLNx40YlR44ceh1ERVK3TdOai3pUt7pREDnF2OeCBQsi1vPzGYloSIw34xXo qNs6mfjEItBJBqtY5tDQoUP1sV144YXKH3/84YjqkCFDZL14BDpO3qdW8SCEJH4ntz5Twtnt hUAHEc7wzrP+gJ3x+TaelylTRkYvQ9Qit5KX3Nyyke3EToACndiZsQYJkAAJkAAJkIC/BCjQ 8Zc3ews2AQp0gu0fWucCAQp0XIDIJkiABEiABEiABEggAAQo0AmAExIwwa1FwYcffjhkMXPh woVRLcP2IcaFT5xD/BApuSHuwFZPBQoUMPXdokWLSN2a7lkX8wcNGmS6b7ywChywILxnzx5j EUfnhw8fNm3JBOEPttyKlO655x7TGKNFKEJEHqM/sO1TpK2qtL4h7AE/iF6qVaumTJ06VbsV 9uiGD40NI/qN0e5oAh1rxB8IjGJNHTt2NPXZqFGjiE34+YxENCTGm9b563SLq0QEOslgFcsc spatU6eOsm7duqhk8VxgnrZr1y5i2WSMP6JBMdx06zMlXJdeCHQwv+0S+sM2haNGjVKwzZ/x HYNzCCDxXnYjecnNDfvYRnwEKNCJjxtrkQAJkAAJkAAJ+EeAAh3/WLOn4BOgQCf4PqKFCRKg QCdBgKxOAiRAAiRAAiRAAgEhQIFOQBwRpxluLQqGW1COJh6ByevXrw9Z9IxWzw1xhzXSBBZb EbnGafriiy9MdkdacLcKHK699lqn3YSUO336tLJy5cqIEXuMlSZMmGCys0KFCsbbpnOIlhD5 xrgIXaVKFVMZty7c8KHRFqtgIpJAJ9ycmzZtmrE5R+cvvviiiRW44ctNu+TnM2JnQzz51vmb LIFOtPcCxhbOt07qoW4scwhbvhmfE+38lltuUWbMmKFs3rxZOXv2LJo1JUTK+uSTT5Tff//d lG+9SNW5gnG49ZliZYJrvwU6RhtOnDih3HnnnSF+hzDv5MmTxqJxnXvJLS6DWMkVAhTouIKR jZAACZAACZAACXhIgAIdD+Gy6ZQjQIFOyrmMBsdKgAKdWImxPAmQAAmQAAmQAAkEkwAFOsH0 i1Or3FoUtC4olyhRwpEJ8SyouyHu6NevX8hC65w5c5Rz5845+sFWWNqiPI61a9e2Ha9V4BAp 2o5tIw5u/PLLL8pnn30mBQKTJ09WRowYoTRu3NhkZySBDiIeGceE8x49ejjoOfYibvjQ2Gss 4gprWYwToqdYE4QqVl7jxo2zbcbPZ8TWiDhuWOdvMgQ6Xr5PNCTWeRFJ5IXt0IoXLx7if+N8 QDQpvBcGDhwon8szZ85oXUU9pupcwcDc+kwJBymZAh3Ygy0bsU2g0c84v//++8OZG1Oel9xi MoSFXSVAgY6rONkYCZAACZAACZCABwQo0PEAKptMWQIU6KSs62i4UwIU6DglxXIkQAIkQAIk QAIkEGwCFOgE2z/RrHNrUdC6oNysWbNoXcv7yRLoINKFdZE1ketSpUrZjtcqcJg0aZJt2Vhu HDp0SHnrrbcULAAWKVLE0XgiCXRgl5XBmDFjYjHJcdlkCnTat28fMs5IkW/sBrVixYqQdvr0 6WNXXPHzGbE1Io4b1vmbDIGOl+8TDUksAh3UWbBggYLt6qzPjN11sWLFlDfffFM5f/681qXt MVXnCgbk1mdKODjJFujApj/++EPJmTOnye8XXHCBAtFWIslLbonYxbqJEaBAJzF+rE0CJEAC JEACJOA9AQp0vGfMHlKHAAU6qeMrWhonAQp04gTHaiRAAiRAAiRAAiQQMAIU6ATMITGa49ai oHVBuXnz5o4sSZZAp169eqYFViyqIyJG9erVY/6pWbOmMmDAANvxWgUOs2bNsi3r5Ma+ffsU CEEQocMqBkCkkbZt2yqjR4+WYgCrECmSQGfo0KEh7WEbJy9SMgU62JLGym3Hjh0xD3Pjxo0h 7bRq1cq2HT+fEVsj4rhhnb/JEOh4+T7RkMQq0EE9sMAzZ51Pka6vvvpquVWT1m+4Y6rOFYwF 23tZx1+0aNFww4w5D1uDaW3v3Lkz5voQ12j1tSPmd6zp+uuvD2ln+vTpsTZjKu/WZ7GpUV4k nQAFOkl3AQ0gARIgARIgARKIQoACnSiAeDujCFCgk1HuzszBUqCTmX7nqEmABEiABEiABNKP AAU6qe1TtxYF/VxQdkPc0aBBg5AF1u3bt3vizHgFDuGMmTZtmnLhhReG2N6wYUNl3rx5cgsW Y70XXnjBVDaSQAdb8WiL1toxHQU6V155Zcg4t2zZYsTm6Pyrr74KaQfb39glP58ROxviyY93 /k6cONHEBwvVTlMyWMUj0MF4jhw5oowfP15uZ+U0og4ER2fPnrXFkYzx2xoT4w2jiEZ7j2TL ls1R5KBoXW3atEmfU4cPH45WPOS+WwKd3r1763ZoY0x060K3PotDBs2MpBKgQCep+Nk5CZAA CZAACZCAAwIU6DiAxCIZQ4ACnYxxdeYOlAKdzPU9R04CJEACJEACJJBeBCjQSW1/urUo6OeC slOBzpo1a5Tnn39eWb58eYiTwm1z9OWXX4aUcyMjXoGDte/JkycrWbJkMS0Mly9fXlm2bJm1 qH4di0AHrLTFZu345JNP6m25eeKGD432xCKusEYVwlhXrlxpbM7R+aeffhrCC9GL7JKfz4id DfHkxzt/M0WgY2QK0cjSpUuVCRMmKJ07d1aw9Z32LFmP2J7OLqXqXNHGkydPnpBx79+/X7sd 93Hu3Lmy3dy5c8fVhlsCHURMs/rzxhtvjMsmrZJbn8VaezwGgwAFOsHwA60gARIgARIgARKw J0CBjj0b3sk8AhToZJ7PM27EFOhknMs5YBIgARIgARIggTQlQIFOajvWrUVBPxeUnYo7Hnvs MbmI2rdv3xAnDRkyJGSBNdGtp0I6+f8Z8QocjO0hwos1OkfhwoUVfJkWKcUi0NEWv40Lzz17 9ozUfNz33PChsfNYBDoPPPBAiO+dbttk7HP27Nkh7aBtu+TnM2JnQzz58c7fdBboQJx13XXX KUuWLImKFFuh9erVS0EUGeOzVb9+fdu6qTpXtAFdfvnlprFi3Ig4lWi6//77ZbtXXHFFXE25 JdAJF20sUnQyJ8a69VnspC+W8Y8ABTr+sWZPJEACJEACJEAC8RGgQCc+bqyVngQo0ElPv3JU BgIU6Bhg8JQESIAESIAESIAEUpgABTop7DzVdLcWBf1cUHZD3LFo0aKQBWQsusaTsOh7/Phx 26rxChyMDbZp0ybE3tWrVxuLhD1/7rnnTPWMi8j79u1Tbr/9dmXMmDGy7q+//hoiIkCEnngS tu/5+++/bau64UNj47EIdN577z0TE4gHEJ0o1jRu3LiQdj766CPbZvx8RmyNiONGvPM3nQU6 mi8h0nGaPvzwQyVXrlz6nEGUGbtnRGtfE/RgSywnaf369Xr7Wt29e/c6qepqGevzCFsSjcZ1 5swZ5dJLL5Xjg8AynuSWQEcTf2qMcYQACzbGm9z6LI63f9bzhgAFOt5wZaskQAIkQAIkQALu EaBAxz2WbCn1CVCgk/o+5AiiEKBAJwog3iYBEiABEiABEiCBFCFAgU6KOMrGTLcWBf1cUC5Z sqRpEfqVV14JO7pBgwbJcv369Qu5f/78eaV06dKmdqpVqxZSLlrG119/Lbedql27tm3ReAUO WoOwFVu6GBeDq1Spot2OeOzUqZOpnlGgs2PHDnkvX758ehvaYqKxLyz6x5I2b96sZM+eXalX r55tNTd8aGzcKgjo0qWL8bbpHO+sggULmrhAqBRrwpY2Rk4XXHCBgrbtkp/PiJ0N8eTHO3/T WaDz4IMPSt9jnh86dMgxVmv0ppMnT4atm6pzRRvML7/8EhLxq27dutrtuI6PPvqo/rzh+6R4 klsCHevc1t4D33zzTTxmyTpufRbHbQArekJA+0zFZw4TCZAACZAACZAACQSRAAU6QfQKbUoW AQp0kkWe/fpGgAId31CzIxIgARIgARIgARLwlAAFOp7i9bxxtxYF/VxQrlmzpr5Qi4XRsWPH huXUvn17Wc4ucoM1ugzaWrBgQdi27DLbtm0r+2jUqJFdESVegYPW4K5du0zjhZ3du3fXbkc8 li1b1lQ3mkBn4cKFpvLoC1vxQCTkNGFbLNSrU6eObRW3fKh1EItAB3UGDx5sGicim/z+++9a c1GPECDkyJHD1MbLL78csZ6fz0hEQ2K8Ge/8tYoYsFDtNCWDVSxzSBPoYJ5PmDDB6bCUOXPm 6HOmRIkStvWSMX5bY+K80blzZ32s4ISff//733G1tm7dOin6Qxt33XVXXG2gklsCnbfeeitk bLAN/g2XRo8erRQpUkRZuXJluNsyz63PYtsOeCMpBCjQSQp2dkoCJEACJEACJBADAQp0YoDF omlPgAKdtHexuwM8d+6c8ttvvyk//vijcuLECXcb96g1CnQ8AstmSYAESIAESIAESMBnAhTo +Azc5e42btwYstBYvHjxmHsZMGCAqZ1mzZo5agMLr9rirXbEVkuRkiaK0cp36NAhbPHq1avL trGlUbiE36OuuuoqU/8QIxw+fDhc8ZA8iHmyZMki60cSZ1x22WWmPubNmxfSVqQMPGPWCDrY 8ipa2rRpk6lf8MIWMVrSFoStf9kfbmH9pZde0qpFPGIBOmvWrLLfSHXc8qFmzIgRI0xjxRgi pT///DNEOAXRk92WQ9a2UFabfzg68Yefz4jV3kSu452/48ePNzFq3bq1YzOSwSqWOWQU6BQo UEDBdnFO0tSpU3UmLVu2tK2SjPHbGhPnDUQWskbKQuSvWL+zOn36tKK9y4sWLaocPHgwTosU KcIzPrc4r1ixYsztYSs7azu4ht/CJU2Q+Oabb4a7LfPc+iy27YA3kkKAAp2kYGenJEACJEAC JEACMRCgQCcGWCya9gQo0El7Fyc+QPx1H0L84hd97QtQ7QuCiy++WP6VI74c+OGHHxLvzIMW KNDxACqbJAESIAESIAESIIEkEMDimfb/UGynw5RaBObPn6/7T/Njzpw5FQgYYkkdO3Y0teN0 C6aPP/7YVA82RNtSady4caY6F110kbJ//36TuV988YVeJtK2I9u3b5eRDbSx49i8eXPlyJEj pvasF+CmbZPUtGlT2wgzEHxceOGFui1o/9VXX7U2F/X6uuuuM7WRJ08eBQIbu7R3796QLbzQ NwRF+OMOpOnTp8s2r7/+elMzGHu5cuVM/UGEEC26ELa2KlOmjKyH7WwiRd1x04cw/u677zbZ 60QMAnEYtqUy+r5r167KX3/9ZeJhvXjmmWdMdRAJxTr/rHVw7eczEq7/ePISmb/aFnMa30jb wFltSwarWOaQUaCD8d1www3KsWPHrMMwXeOdWqlSJX3u4PmzS8kYv50tieQvW7ZMQXQqbQ7g iPdrpK3gjP1t3bpVwbtEqz9z5kzj7ZjP8dmitaUd8R4/c+ZMTG3h+zhsb6a1oR3DzXHMi2zZ ssmyS5cute3Hrc9i2w54IykEKNBJCnZ2SgIkQAIkQAIkEAMBCnRigMWiaU+AAp20d3FiA3z7 7bcVfAmtfQkQ6YgvYPFl0VdffZVYpy7XpkDHZaBsjgRIgARIgARIgASSRIACnSSBj7NbiFW+ /PJL5bPPPlMmT56slC9fPuzvFRCEIPLM8uXLFQgZEI3FKFzAouPXX3+trFq1SnnhhRcUiHqs v5cMHTpU1kc5Y4QJCDnw+8Ds2bPlHxxY6zVp0kSZO3eu/B3mu+++Cxnp0aNHdXGMVhfbWWkL 5Nh+SNuW58Ybbwypb83AF1JWQQqEJh9++KFpzKi3Z88e5b777tPHWqxYMQVbUBkTyoDZp59+ qvTu3Vsvq9l6ySWXKM8//7z0ATiAR7QEHtoir9YOtq8Kt2UKtpHRIk5gHFbhARbIsS0Y7EBb Tz/9dEj3iGJUq1atENsROebAgQOm8ohoMWXKFD3KT/78+RVEg4iUEvUhxA5YbF+9erWCSD15 8+Y12YrFc2xhBqEWfGEXGQdzE1E5NKY4QtyzZcsWk/lnz56Vc/aWW24xlUX0DfgwXErmMxLO Hqd50eYvnhW8GzDuDRs26GwhuoBP1qxZo7zxxhsKRF1GrjhHlJrPP/9cvjuMoqZksEpkDlkF Ohgb3jnWeaMxB6fGjRvrPKzvpWSMX7PN6yM+Q6wixcsvv9z2uYE9+KwZM2aM6XMl1q2t8Mzj cwvfhUEY8/rrr4f9vIHvIKL44IMP5NzEHHbyh27hIo3hj+es37099thj0u8QAhmFr259Fnvt P7afGAEKdBLjx9okQAIkQAIkQALeE6BAx3vG7CF1CFCgkzq+8tVSfImJLwu1L7kg0sHe5PjS 8aeffpJffuPLVeMXP1pZfGEeKey6rwNRO8OXeZpt+DKXiQRIgARIgARIgARIIDUJUKCTOn4L 9xf62v/JnRyNIpvFixfr/593UhcRU7RUpEgRx3Vr1KihVTMdsU2UVRSEqDINGzbUo6Lky5cv ajQerVFEnLnzzjtDRDCIToo/eMA2WldeeaXJbuQjkoI1hVu8j8QIdjpJiLgRLmoDBE39+vVT 7r33XtMCNKJ1IEIQvnCzRl3V7MH2RRBkhEsQDfTo0SOkT/wRCMQIrVq1ChF4YXu0//znP+Ga C8lLxIcQ5mhjcHKEwMYu7dy5U0H0LyujatWqyYV7bINm3WIsR44cyvDhwyNGAkn2M2I33mj5 sc5fjS0EB058oZWBQFBLyWCVyBwyMipcuLDpvYFt5LCFG76rgYijfv36+lZ4GDueG7xvjCkZ 4zf27/U5on01aNAgZH7guyuIBbFl1CeffKIgOtUdd9wht+LT5gmOEHbZiezsbDf+38TYlpNz RO2JlvB+hNDI2l7VqlWlSAdinIkTJyp4V6DM4MGD9Sbd/CzWG+VJIAlQoBNIt9AoEiABEiAB EiABAwEKdAwweJrxBLKAgPoLHBMJmAiof60o3nnnHZnXpUsXof4FkFC/hDaVwQWmz8iRI8Xo 0aPlubHAP//5T3H//fcbs5Jyrv5VkVC/oJF9qwIdoX6hnBQ72CkJkAAJkAAJkAAJkEBiBNSt IYS6eC0bURe5xfvvv59Yg6ztGQE1Eqfo2bOnUKONyN8j1K1HhLp4KNTILEIVXej94veJc+fO CXXhXaiLnEKNjCGPqhhFqNFGZLklS5YI9Y8HZFuqwES2p7WD+upiqqxz8uRJoS5UiqeeekoM GTJE1lW3hBJqVBNZF7bABlUcIe+hnho9QdZB3dtuu03MmDFDt814okbvEQMHDhT43cKa1Ogw Ql0EFaqoxnor4rUaOUH+HjVr1iw5/nCFS5cuLdTte+TvMEZuWtlXXnlFqAv4+vjwfGhsUEYb I7iCDcZ+/PhxrXrEoxrZRv4eqEYoETgPl9RoFUIV6wg1gpFQ/6hDFsF4+vbtK9ToN/IazNUo HkLdbkuoUYDCNaPnqQIWoS6iC8wfPO/hkiq6Et26dRNPPPGEUCOnhCsSNi9eH6oiIKEu7uuM MY9U8ZKcx+CrzV/wBVvYjTFHSt9++638PVrdds12nPClGl1KqH8YI6644opIzYkgPCMRDbS5 aZy/eLbxntDmrzZ38WziB3NYYwt+qmAhxCeY33gnqFueyfLaO2HSpEnigQcekFYkg1Uic0gV W4jx48fL94saIUaokXPk86aKfmyoClGhQgWhClDEP/7xj5AyyRh/iBE+ZKgiHPmOUCNXOeqt Xr16Qo02Jq6++mpH5Y2FMN9UkZ1QI5zJzyc8u9pc1j5vUF6b05jH2uedKgyVn1HG9sKdqyId OZ4XX3xRvnPClUEe3rVqRDbZP67d/CxGe0zBJaBGXRPq9pBCjaAkDh8+HFxDaRkJkAAJkAAJ kEDGEsB3IOof4MjxY01ZFcdnLAsOnAQo0OEcCCEwZ84c/Yucxx9/XIwaNSqkjDXjzTffFGo4 c1O2+lemAl+C4ouOZCYKdJJJn32TAAmQAAmQAAmQgHsEsKhFgY57PNlS7ATwhRIW29UIP3IB VI14IhfOowkyIvUEgceOHTvEtm3bBNqHwKBkyZJCjUoj6tSpYxI0RWrHq3uwT41YInbv3i1/ Dh06JEqUKCHULZeEujWVgEjHmvCsqltPyWx8AVeoUCFrkYjXEE6BifoXduLHH3+UggsIodSt toQauUgKZCI2EOGmFz6M0F3EW1jYhygJvsdYcQ0RU6lSpQTmVrg/konYIG+mHQHMfzXqi/y+ RRPBYZBqZGMBoRJEIUeOHBHqFnOiSpUq8gvvCy64IO04xDsgNWKQULdaFOoWhvo7FuIYCP3U CESiWbNmol27duKaa65J+rvWyRjhc3WLLKFuHSnHBN/j/0Ww//rrrxf9+/fXxTlO2mMZfwlA ZKdu3Sc/y9zumQIdt4myPRIgARIgARIgAbcJUKDjNlG2l8oEKNBJZe95YDu+SMWXwQcPHpTC GnyRYfyLn0hdquGUQ/7yp2XLlgJfiCQzUaCTTPrsmwRIgARIgARIgATcI0CBjnss2RIJkAAJ kAAJZBoBLcISomClQ4KoDwmRp5iCTwCCTERE69q1q3jkkUcEouS5lSjQcYsk2yEBEiABEiAB EvCKAAU6XpFlu6lIgAKdVPSahzavXbtW/kUiusBfKD700ENiwIABjv5CcdGiRTL0vNE8hGHH Sxd/XZmsRIFOssizXxIgARIgARIgARJwlwAFOu7yZGskQAIkQAIkQAIkQAL+EejVq5d46623 BKKO33zzzXJrNURNSzRRoJMoQdYnARIgARIgARLwmgAFOl4TZvupRIACnVTylg+2vvDCC1KQ Y+yqZ8+eAltYOUnY6/jo0aOmothXvk+fPqY8Py8o0PGTNvsiARIgARIgARIgAe8IUKDjHVu2 TAIkQAIkQAIkQAIk4C0BbE+H7eiwfSQShDp33323GD58uNx2Ld7eKdCJlxzrkQAJkAAJkAAJ +EWAAh2/SLOfVCBAgU4qeMlHG7t16yamT59u6hH7nB84cMDRftzhtrkaOnSoGDt2rKlNPy8o 0PGTNvsiARIgARIgARIgAe8IUKDjHVu2TAIkQAIkQAIkQAIk4D2BVq1aiSVLlpg6yp07ty7U QUTzWBMFOrESY3kSIAESIAESIAG/CVCg4zdx9hdkAhToBNk7SbCtd+/e4o033jD1jL/mOHXq lMiaNaspP9zFHXfcIf71r3+ZbnXp0iVE9GMq4PEFBToeA2bzJEACJEACJEACJOATAQp0fALN bkiABEiABEiABEiABDwhsH37dlGpUiWhKEpI+xDq3HPPPWLYsGGiRIkSIfftMijQsSPDfBIg ARIgARIggaAQoEAnKJ6gHUEgQIFOELwQIBtmzZolOnToYLKoRYsW4rPPPjPl2V00bdpUrFix wnS7e/fuYtq0aaY8Py8o0PGTNvsiARIgARIgARIgAe8IGAU6HTt2FDNmzPCuM7ZMAiRAAiRA AiRAAiRAAh4QwHel77zzjm3LefLkEX369BGISl68eHHbctoNCnQ0EjySAAmQAAmQAAkElQAF OkH1DO1KBgEKdJJBPcB9/v333+LJJ5+UUXROnjwp2rVrJ0aOHOl4H+RChQqJI0eOmEY4ZswY 8eijj5ry/LygQMdP2uyLBEiABEiABEiABLwjQIGOd2zZMgmQAAmQAAmQAAmQgD8EsEBVrVo1 cf78+Ygd5s2bV9x7771iyJAholixYrZlKdCxRcMbJEACJEACJEACASFAgU5AHEEzAkGAAp1A uCE9jNi9e7coXbp0yGDWrFkjGjZsGJLvVwYFOn6RZj8kQAIkQAIkQAIk4C0BCnS85cvWSYAE SIAESIAESIAE/CHQrVs3MX36dEed5cuXT9x3331i8ODBomjRoiF1KNAJQcIMEiABEiABEiCB gBGgQCdgDqE5SSVAgU5S8adX5xMmTBCDBg0yDQoRdfbv3y+yZctmyvfzggIdP2mzLxIgARIg ARIgARLwjoBRoHPrrbeKl19+We8sS5Ys8jzRIxpJtA2tfiJtycHwHxIgARIgARIgARIggbQk sG3bNnH55ZdHjaJjHDyEOn379pVCnSJFiui3KNDRUfCEBEiABEiABEggoAQo0AmoY2hWUghQ oJMU7OnXKba1qlChgjh06JBpcJMmTRIDBgww5fl9QYGO38TZHwmQAAmQAAmQAAl4Q8Ao0PGm h+C0qol8tCMs084TPbrRlhttaONgW7GJy8grtXnRf6ntP763YvMfecXGy+/3A/pjSi6Bzp07 ixkzZsRsRP78+UW/fv3kH0oWLlxYUKATM0JWIAESIAESIAES8JkABTo+A2d3gSZAgU6g3ZM6 xg0bNkyMGzfOZHD16tXFpk2bRPbs2U35fl9QoOM3cfZHAiRAAiRAAiRAAt4QyCSBjjcE2SoJ kAAJkAAJkAAJ/B8BTUAV7YjS0co4ve9GW260odmb7Lbwf9vvv/8eZsSVMI7hw4eL9evXi8WL F4uCBQuKw4cPx9UWK5EACZAACZAACZCAlwQo0PGSLttONQIU6KSaxwJo7/bt20WNGjXEqVOn dOsKFCggVq1aJUO16plJOqFAJ0ng2S0JkAAJkAAJkAAJuEzAKNCpWrWq/GthRVFkL3ZH3LS7 F2s+24rM2srTDV5utKHZxbb8958b7OE3JhIgARIgARIgAXsCOXPmFGfPnqVAxx4R75AACZAA CZAACSSZAAU6SXYAuw8UAQp0AuWO1DPm+PHjomHDhuLbb7/VjccvhYsWLRLXXnutnpfMEwp0 kkmffZMACZAACZAACZCAewSMAp2OHTvGtSWAe9awJRIgAT8IaCIf7Yg+tfN4j260ofXNtlJT +EX/xeY38koPXnxfxeZHP3idPn1aYLEqkXTvvfeKH3/8USxdupQCnURAsi4JkAAJkAAJkICn BCjQ8RQvG08xAhTopJjDgmTu33//LW677TYxf/583axcuXKJ2bNny79m1jOTfEKBTpIdwO5J gARIgARIgARIwCUCFOi4BJLNkAAJkAAJkAAJkAAJJJ0ABOcffPBBzHbg+9devXqJYcOGiVKl SsnvYRcsWECBTswkWYEESIAESIAESMAvAhTo+EWa/aQCAQp0UsFLAbXxkUceEc8884xuXb58 +cS8efNEixYt9LwgnFCgEwQv0AYSIAESIAESIAESSJwABTqJM2QLJEACJEACJEACJEACySfw zTffiBo1agj8AaTTlDt3bl2Yc+mll+rVbrnlFkGBjo6DJyRAAiRAAiRAAgEkQIFOAJ1Ck5JG gAKdpKFP7Y5fe+010adPH30QJUuWFB9//LG48sor9bygnFCgExRP0A4SIAESIAESIAESSIwA BTqJ8WNtEiABEiABEiABEiCBYBDo0KGDmDVrliNjIMzp3bu3GDp0qMB3sNZEgY6VCK9JgARI gARIgASCRoACnaB5hPYkkwAFOsmkn6J9T58+XXTv3l3/C4+GDRuKjz76SBQvXjyQI6JAJ5Bu oVEkQAIkQAIkQAIkEDMBCnRiRsYKJEACJEACJEACJEACASOwdetWUbNmTf27VTvz8uTJowtz LrnkErti3OLKlgxvkAAJkAAJkAAJBIUABTpB8QTtCAIBCnSC4IUUsuHDDz8U7du3F+fPn5dW d+rUSUydOlVg7+OgJgp0guoZ2kUCJEACJEACJEACsRGgQCc2XixNAiRAAiRAAiRAAiQQPAL4 bnX27Nm2hkGYg8jlQ4YMESVKlLAtp91gBB2NBI8kQAIkQAIkQAJBJUCBTlA9Q7uSQYACnWRQ T9E+Fy1aJG699VZx9uxZOYJBgwaJZ599VmTJkiXsiLZt2yY2b94sSpcuLRBlJ1mJAp1kkWe/ JEACJEACJEACJOAuAQp03OXJ1kiABEiABEiABEiABPwlsGXLFlGjRo2wnebNm1cX5sQSqZwC nbA4mUkCJEACJEACJBAgAhToBMgZNCXpBCjQSboLUsOA5cuXi5tuukmcOnVKCnKee+45MXDg wIjGP/jgg2LKlCni7rvvFq+//nrEsl7epEDHS7psmwRIgARIgARIgAT8IwChuBa5sWPHjmLG jBn+dc6eSIAESIAESIAESIAESCBBAvgjxrVr15payZcvn7j33nvF4MGDRbFixUz3nFxQoOOE EsvESgDz9OTJk6Jx48Yie/bssVZneRIgARIgARIwEaBAx4SDFxlOgAKdDJ8AToa/evVq0apV K/Hnn3+KHDlyiLfeekt07do1alX8533VqlViwoQJ4uGHH45a3qsCFOh4RZbtkgAJkAAJkAAJ kIC/BCjQ8Zc3eyMBEiABEiABEiABEnCPAKLn1KpVS/z999+yUQhz7r//foEo5UWLFo27Iwp0 4kbHijYERo4cKUaNGiXv4vyJJ56wKclsEiABEiABEnBGgAIdZ5xYKjMIUKCTGX6Oe5QQt1x/ /fXi2LFjAr80/utf/5JinWgNnj59WhQqVEjg+Mknn4jWrVtHq+LZfQp0PEPLhkmABEiABEiA BEjAVwIU6PiKm52RAAmQAAmQAAmQAAm4SOCOO+6Q363mz59fdOrUSTz11FPi4osvTrgHCnQS RsgGLARuuOEGsXjxYpnbvn178cEHH1hKZMYlIghlyZJF5MmTx/GA8Tsr6uAPnZlIgARIgAT+ R4ACnf+x4BkJUKDDOWBLYOPGjaJFixbi8OHD8pfFhQsXinr16tmWN96YNWuW6NChg8z6+eef RZkyZYy3fT2nQMdX3OyMBEiABEiABEiABDwjQIGOZ2jZMAmQAAmQAAmQAAmQgIcENm/eLLcK QsScgQMHiiJFirjWGwU6saPEH5W6kbJmzSpy5swZd1Ow48CBA+LgwYMhP4cOHRI9e/YU1atX j7v9eCu2bdtWzJ07V1bHd/wzZ86Mt6mUqIeoVtjS6+OPPxZffvml2Lt3r/jtt9/E8ePHpf34 w+WSJUuKRo0ayT9EBp9s2bKFjA11ateuLS699FKxfv160330YfU1fKz5vkmTJkn9I2eTsbwg ARIgAQ8IUKDjAVQ2mbIEKNBJWdd5a/jWrVvFtddeK//TiJ4g1KlUqZJtp4qiCCyYYBusffv2 yf/Qnjp1SkbdwX9koRpPVqJAJ1nk2S8JkAAJkAAJkAAJuEuAAh13ebI1EiABEiABEiABEiAB fwisWLFCVKtWzVVhjmY5BToaCWfHM2fOiNy5czsr7KAUIiIhElL58uVFs2bNZDT6Bg0aOKgp RP/+/cXkyZNty86fP1/cfPPNtve9unHfffeJV155RTY/YMAAMWnSJK+6Smq7f/zxhxg7dqx4 7733BM6dpsqVK4vRo0cLRMUyrntgF4FFixbJ53z//v2m5v7zn/+Ia665xpRnvOjSpYuYPn26 MSvs+apVq8Tq1atFiRIlxE033SQKFy4cthwzSYAESCBoBCjQCZpHaE8yCVCgk0z6Ae37+++/ F02bNpVCm0RNrFOnjvj6668TbSah+hToJISPlUmABEiABEiABEggMAQo0AmMK2gICZAACZAA CZAACZBAQAhQoBObI86dOyeKFy8uI5fEVtN56euvv16KWqJFv8E2ZyNGjLBt2CuBzsqVK8Wo UaPkNkw41q9f32QDxCePP/64zHv22WfF4MGDTffxfT/shthp3LhxIfVNhQN4gT8oHj9+vJg4 caI4ceKEyUIIrVq2bCkjXuE8e/bsYtu2bQJRsDZs2CCWLVsm8MfKSHXr1hVz5syRuwdA0ARh ExJEM4iWY0xuCHSMfkHbBQsWFBDsRJtnRjt4TgIkQALJIkCBTrLIs98gEqBAJ4heSaJNv/zy i1Ry//rrr65Y0bVrV/Huu++60la8jVCgEy851iMBEiABEiABEiCBYBGgQCdY/qA1JEACJEAC JEACJEACySdAgU7sPoB44vfff5dbGO3YsUM8//zzYf/IdMqUKfK78rx585oipSByPNo4efKk 2L17t1i8eLH49NNPBfK1hC2Q+vTpI4UwdluaQSz03//+V9ry8ssvi4ULF2rV5dErgc6VV14p Nm7cKPuAnY8++qh47LHHpBgFmW+88Ybo3bu3vI/v9vEdPxLsHTNmjICwCOdIiMIP0UqqpC1b tojbbrtNwO/GhHEMGjRIbjNljIpjLINzbIHVr18/fQsriL0wf3r16iV3F0CZcAIdzA0sTh87 dkwsXbpURuDBtldaihZBB3OtQIECOnetXqdOncT777+vXfJIAiRAAoElQIFOYF1Dw5JAgAKd JEAPcpd33323ePPNN10z8emnnxbDhw93rb14GqJAJx5qrEMCJEACJEACJEACwSNAgU7wfEKL SIAESIAESIAESIAEkkuAAp3E+UMkU6tWLVNDpUqVErt27TLlRbo4fPiwGDJkiPxuXYuwgvLY /grfT5ctWzZSdSnuQFmjyMcrgQ4irnz77bcmexBFB2KcSpUqSaGQtrXWZ599Jlq0aCEQdb9b t25i3bp1pnrYtglRXFIhIdrNXXfdpQtpYPMFF1wgox1BYOM0QVgDEdPQoUPFkSNHQqqFE+hY C7Vv317Mnj1bz44m0EEUn6pVq+rltZNUE0hpdrt1RCQnPL8QTbVq1cqtZtkOCZCABwQo0PEA KptMWQIU6KSs67wxHMp4/OfSrfTRRx9JRbpb7cXTDgU68VBjHRIgARIgARIgARIIHgEKdILn E1pEAiRAAiRAAiRAAiSQXAIU6CTOf9++fXLbK2NLlStXllsbGfOcnGPLp2HDhpmKQvyDLY7y 5MljyrdeQMSDCPda8kqg88UXX4gHH3xQbtuk9YUjIgVh66cGDRqIOnXqyFvffPONjJAD8ZFR PISbiMSDyD/WLbJkxYD9M23aNNGjRw+TVSVLlhSff/65qFixoinf6QW2+oJ4CVFxjMmJQAdz BHNFS9EEOvhduFChQjJqk1YHx/79+8sIPsa8TDqHaAnipddee02P+pRJ4+dYSSCVCFCgk0re oq1eE6BAx2vCbD/pBCjQSboLaAAJkAAJkAAJkAAJuEKAAh1XMLIREiABEiABEiABEiCBNCJA gU7izty/f78oWrSoqaF4BTpopG7duvoWSFqj0QQYKFelShUZqUar45VAR2sfW1NheyZsrWXc bql27dr6Flj16tUzRc3B9k+IrvPwww+LZs2aaU0F+ghBUsuWLQV+n9TSRRddJFauXCmqVaum ZcV1XL58ubjuuutM/JwIdEaOHCm3P9M6dTI/rOIvRP/B2gfmTaYmiMogHKNAJ1NnAMedSgQo 0Eklb9FWrwlQoOM1YbafdAIU6CTdBTSABEiABEiABEiABFwhYBTodOjQQcycOdOVdtkICZAA CZAACZAACZAACaQqAQp0Evec2wKdKVOmyAg1Vss2bNggIH6xS34LdDQ7tm/fLiZPniymTp0q Tpw4oWWbjhBCYHuoAQMGiMsuu8x0L8gXO3bsEBAZHTp0yGQmIuc0bdrUlBfvBaIRweda8kqg g/Y3btwoFi9eLPLlyyfatGkjypQpo3Wbccc9e/YIbEWHRIFOxrmfA05BAhTopKDTaLJnBCjQ 8QwtGw4KAQp0guIJ2kECJEACJEACJEACiRGgQCcxfqxNAiRAAiRAAiRAAiSQfgQo0Encp24L dP744w9RrFixEMOwTZRxWyNrgWQJdDQ7IHi45pprxK5du7QseYQgB1FoSpQoYcpPhQuIWBCJ yJjc/mMPiJoqVKgg4HckLwU6xnFk+vnYsWPF8OHDJQYKdDJ9NnD8qUCAAp1U8BJt9IsABTp+ kWY/SSNAgU7S0LNjEiABEiABEiABEnCVAAU6ruJkYyRAAiRAAiRAAiRAAmlAgAKdxJ3otkAH FuXOnVucOXPGZNytt94q5s6da8ozXiRLoANBDiLovPHGG+Lo0aNGk/RzbAF23333yZ9w4iO9 YIBOsP1U8+bNTRblypVLbNu2TZQtW9aUn+jFo48+Kp5++mnZDAU6idKMXh9bslWsWFHs3LlT FqZAJzozliCBZBOgQCfZHmD/QSJAgU6QvEFbPCFAgY4nWNkoCZAACZAACZAACfhOgAId35Gz QxIgARIgARIgARIggYAToEAncQd5IdApVKiQOHLkiMm4xo0bixUrVpjyjBd+C3TwvfnEiRPF v/71L3Hu3DndlGrVqolvv/1WXhvPkZEzZ07RqVMnudVVrVq19DpBPLnyyivlllBG27p37y6m TZtmzHLlHCKncuXKCQhHKNBxBWnERrDdNeahlijQ0UjwSALBJUCBTnB9Q8v8J0CBjv/M2aPP BCjQ8Rk4uyMBEiABEiABEiABjwhQoOMRWDZLAiRAAiRAAiRAAiSQsgQo0EncdV4IdHLkyGES vcDKjh07ihkzZtga7JdAZ/369aJ///5i9erVJlvy5MkjsG0QhEQQtyBt3bpVfPTRR2LUqFEh 42natKmYNGmSqF27tqmdIFxs3LhRH4PRnjlz5ojbb7/dmOXaeZ06dcSGDRso0HGNaPiGli1b Jm666SZx+vRpvQAFOjoKnpBAYAlQoBNY19CwJBCgQCcJ0NmlvwQo0PGXN3sjARIgARIgARIg Aa8IUKDjFVm2SwIkQAIkQAIkQAIkkKoEKNBJ3HNuC3R++uknuf2O1bLRo0eLESNGWLP1a78E Og0aNBD4ztyYkPf222+LypUri0WLFonWrVvL2xBDXHvtteLrr78WXbt2Fd9//72xmqhfv75Y u3atKS8IF4899pgYM2aMyRSIpg4ePCguuOACU75bFw8++KCYMmWKLwKdY8eOiQMHDsiIRpde emlcQ9i7d6+MlPTrr7+KEydOiAIFCsgoQFdddZXIkiVLzG0ietDhw4cl44svvlggipQ1IVLT jh07BMRgsDvWfhYuXCg6dOgg/vzzT1PTQRHo+MHANHDLBfrfsmWL2L17t4B/MefxTFetWlUU LFjQUjq2y2SPTVEUOV8RrQpj++uvvwS23itRooT8KVOmTGwDMpR2+1kwNM1TAwEKdAwweJrx BCjQyfgpkP4AKNBJfx9zhCRAAiRAAiRAAplBgAKdzPAzR0kCJEACJEACJEACJOCcAAU6zlnZ lXRboINoMyNHjjR1lz17dilMKFWqlCnfeBGLQAft//jjjyJfvnxS7ICF+KxZswosYmPh+tCh Q6JSpUphBUHYtuq7776TXaPeE088IYYNGyayZcsm86apW0D16NFDnr/33nuic+fO8vzUqVNi 8ODB4p///Ke8xj9BFehUr15d36ZLMxZCIwiOvEqzZs2S4pFLLrlEQPQSKcF/mCda6tKli5g+ fbp2qR+PHz8usC0XhEX4gSgHvoWPkezq6Q2EOcH2UJMnTxZffvmlnC/WIpijaBeCLHAMlyAC efTRR3WbYBtCL4UxAABAAElEQVTEORBxIBkFMzt37hTPPPOMWLdunfQJfq9HgkinQoUKolmz ZuLJJ58MK+hBue3bt0t7V61aFbJlGe4jYbu1smXLynPrP/Xq1ROPPPKINTvhaz8ZRDMW8w0C wLlz54p9+/aFLQ4hC+YSnuGLLroobBktM0hj++OPP6TYDpG89uzZo5kYcoQQCe8tjLF48eIh 98NluPEshGuXeeEJUKATngtzM5SA+h82JhJIawKqgl9RH2/5oyrY03qsHBwJkAAJkAAJkAAJ pDOBM2fO6P+vU/9qLp2HyrGRAAmQAAmQAAmQAAmQgCMCN998s/w/shodwVF5FgoloC4A679n aN8jq4u9oQUd5KjiA6V8+fIh7fXt2zdqbfSp9Y/j/PnzbevkypXLVNZYTztXo+CEra8u4itq xBzlmmuuUTZt2hRS5umnn9bbHj9+fMj9xYsXKw0bNpQ/y5cvD7mf7AxVKKLbr7HAsU+fPp6a duTIEUUVgijvvPNO1H5UUZTJRlUQE7aOKh4zlTOOB+d29cI1pgp7FPwebWzjwgsvVNTtopS7 7rpLadKkiaIKyUz3X3jhhXBNKZgDxnas56pAR1Gj5SgYZ+7cufWymLclS5ZU1Mg5eh7qqpFQ lAULFoTt6+OPPzaVtfYV7bpNmzZh2000008GkWx99913Fbz/jRyKFSumYNzwa6NGjRRVvKff h8/hl5MnT9o2G5SxzZs3T84N49hwrkbLUW688UZFFXcpaqQmfWy4h7mkCoxsx4Ybbj4LETvi TRMBNQKb7itVUGa6xwsSyDQCUMgykUBaE6BAJ63dy8GRAAmQAAmQAAlkEAEKdDLI2RwqCZAA CZAACZAACZCAIwIU6DjCFLGQWwKd8+fPK3feeae+AKktKtepU0c5ffp0RBtwMxaBDhbftfat RzV6hNKpUyflrbfeitpnuALqVk162w8//HC4IoHO27p1q26/kc3jjz8eGLshkDDaZie0Ubee Uh544AEptAgn/LKrZx3o0qVLpTBG6xOCDQiWMPeNSY2spKhbXJlsCyfS2rZtm3L//fdLgZAa MchUHn28+uqrSq9evfT8Vq1aKeo2aYoa+Ud2BxHVHXfcod9HHTWqixROGO3BORb11YhDph91 mzJT3auvvtp031h+48aN1iZdufaTQTiD4bt27dqZOLRt21ZRIxaFFP/ll19CyjZu3FiBqCxc SvbY1MhRpvmD+aFG+JLCIjWKlMlkvHfffPNNEweIwNRoTqZy2oXbz4LWLo/RCVCgE50RS2QO AQp0MsfXGTtSCnQy1vUcOAmQAAmQAAmQQJoRoEAnzRzK4ZAACZAACZAACZAACSRMgAKdhBFK kYImXNCOsUbQ+eqrr2RUGq2+dmzatKkCMYKTFItAZ+/evaYFafRXt25dRd0GxnZh2okNKPOP f/xDbxtCn1RLS5Ys0e3X/IDjiy++GJihOBXoGA2GEKF27dqmsTkR6Pz0009K3rx59XqIXqNu Y2Zs2nSOuVWkSBG9PNghkoldwu/pFStWNJVXt5uS14iYM2PGjLBVEWGnatWqpnoDBw4MW9aa aRUFIWJPMpPfDBCpyzgX4FMI0OxEKWCD+YNIXsZnombNmsrRo0cjovN7bDAGgi6jnRDcrFix wtZOdatHU3nU3bBhQ0h5r5+FkA6ZYSJAgY4JBy8ynAAFOhk+ATJh+BToZIKXOUYSIAESIAES IIFMIECBTiZ4mWMkARIgARIgARIgARKIhQAFOrHQCl82XASdPHnyKHPmzAn7M3v2bOX1119X nnrqKeXee+9VNDGCcUG5RIkSCrYHwu8wTpNTgQ4W2rt27aovSGMLoQkTJsgFeKd9RSp33XXX 6W0jykmqpbffflu33+iTDz74IDBDiUegA+P79+9vGpsTgU7z5s1NdXr06BGVAwQ5RnaIUBMp 9ezZ01Reqztp0qRI1ZQxY8aY6tWoUSNiee1m0AQ6sMtPBogQpDHGEfPJaTJGyEJdJ/PBz7GF e36x5VakVKtWLRMPjAvvb2vy41mw9snr/xGgQOd/LHhGAhTocA6kPQEKdNLexRwgCZAACZAA CZBAhhCgQCdDHM1hkgAJkAAJkAAJkAAJOCZAgY5jVLYFwwl0jIvfsZxDOABhzqlTp2z7s7vh RKCDaBfGaBFVqlRRvvnmG7sm48qH6Egb82OPPRZXG8msNH36dN1+bRw42kVySYat8Qp0ECXF OKZoAh0IyYzlsU3Qb7/95mjIEOUY665Zs8a23kMPPWQqi3qIghIpogsamzt3rqle/vz5bfsw 3giiQMcvBtiyK0eOHDo3RDvCllBO08GDB5V8+fLp9eGrBQsWRKzu19j27dsntzozzjsIBqMl 43ZqqAuBpXX7Lr+ehWi2ZvJ9CnQy2fscu5UABTpWIrxOOwIU6KSdSzkgEiABEiABEiCBDCVA gU6GOp7DJgESIAESIAESIAESsCVAgY4tGsc37AQ6rVu3VqL9IPrE2LFjpdBg27Ztyl9//eW4 X2vBaAIdtA9BjrZ43aZNm6jb01j7cHKN7XP+/e9/yzGdPn3aSZVAlVm5cqXOSGOFI4RTQUnx CnRiqffnn38qBQoUMLFo0aKFYwRWMdCgQYNs6z788MOmfsB74cKFtuW1G6tWrQqpBwFJtBRE gY5fDKzRYiBOiTV17NjRxL1Ro0YRm/BrbMbIYJhD2Lor3FZVVmMh7MHchnCpWrVqytSpU01F /HwWTB3zwkSAAh0TDl5kOAEKdDJ8AmTC8CnQyQQvc4wkQAIkQAIkQAKZQIACnUzwMsdIAiRA AiRAAiRAAiQQCwEKdGKhFb5sOIEOFob9TpEEOohwoYktYBu2uIkWncRv+4PS3+7du03iA02k 88gjjwTFRCUWoY3R6FjqWbepAodnn33W2FzE8y+++MLEsV27drblwwk49u7da1teu7F+/XpT H7DRSb1UEeg4GUssDMKVnTZtmobT8fHFF18M4Q7xhF3yw78Q0SDyjfa84ghBohvJz2fBDXvT tQ0KdNLVsxxXPAQo0ImHGuukFAEKdFLKXTSWBEiABEiABEiABGwJ4C85tS9rOnToYFuON0iA BEiABEiABEiABEggUwhQoJO4p4Ms0IEIZ8yYMUrWrFn134XuuuuuxAedxi2cP3/etAWQ9jvk 3XffHZhRxyK0MRodS71+/frpc0ZjMGfOHOXcuXOOfrAVllYPx9q1axtNMZ1bBRwlSpQw3be7 CCc4cSJqSQWBjhcMrP6HXxAxKtY0f/58k2/Rzrhx42yb8cO/iLhknG84R4QyN5Kfz4Ib9qZr GxTopKtnOa54CFCgEw811kkpAhTopJS7aCwJkAAJkAAJkAAJ2BKgQMcWDW+QAAmQAAmQAAmQ AAlkKAEKdBJ3fFAFOjNmzFDuuOOOkEXr/PnzK999913iA0/jFoxbgWmL/k2bNvV0xJhHRYsW Va677rqo/ViFFl26dIlaBwViqXfLLbeEzB2NRTzHUqVK2dpoFXA0a9bMtqzxRjoLdLxg0L59 +xCfRop8Y2RtPF+xYkVIO3369DEWMZ374d9JkyaF2ARxohvJz2fBDXvTtQ0KdNLVsxxXPARk nEb1w5iJBNKWwFdffSUaNGggxzdlyhShqmXTdqwcGAmQAAmQAAmQAAmkM4G//vpL5MyZUw5R jaAjZs6cmc7D5dhIgARIgARIgARIgARIICoBdeFRqNsfiYIFC4rDhw9HLc8CoQT2798vVGGF 6Ya6jZRQo9eY8ry+UEUlQl3AdNRNtWrVBL73zpcvn6PymVboySefFKqYxTTs7NmzC/gaz4oX acmSJaJVq1ZyLu3bty9iF+oWZWLUqFF6GVWgI6ZPn65f253EUq9+/fpi3bp1pqaKFy8uChcu bMpzcgF21157rVBFFGGLDxw4UEycOFG/17x5c7F06VL92u5kw4YNok6dOqbbagQdATsjpZIl Swo1wo9e5LXXXhO9e/fWr5Nx4geDxo0bi1WrVpmGt2PHDlGuXDlTXrSLTZs2CTUikqkY5u6i RYtMedqFH2MbNmyYUKP4aF3Ko7oVl+jbt68pL54LP5+FeOzLlDo//PCDULdylMMdPXq0GDFi RKYMneMkgVAC8ah6WIcEUokAI+ikkrdoKwmQAAmQAAmQAAnYE2AEHXs2vEMCJEACJEACJEAC JJCZBBhBJ3G/BzWCjrqao6hCIeWRRx5RVMFJSHSJzp07Jz74NG1h165dpm3BwBI/77//vmcj njx5suyjZs2aUfuIJRKOsbFY6ql/tBwyZ7Zv325szrVza4QVVaDjqO10jqDjBYMrr7wyxKdb tmxxxNpYSBX3hbRz6623GouYzv3wryoCCrFJFeiY7Ij3ws9nIV4bM6EeI+hkgpc5RqcEuMWV U1Isl7IEKNBJWdfRcBIgARIgARIgARIwEaBAx4SDFyRAAiRAAiRAAiRAAiSgUKCT+CQIqkDn ggsuUD788EN9gOG2u3JrAVvvJI1ObrjhhpAF/44dO3o2wh49esj+8ExGS7EIbYxtxVIv3HZI X375pbE51879EHAYjb3kkktMvlUj6Bhv6+dr1qxRnn/+eWX58uV6nlcnfjAIt1XTypUrYx7S p59+auIH8Vrbtm1t2/FjbPCTJqTTjhAmupH8fBbcsDdd26BAJ109y3HFQ4ACnXiosU5KEaBA J6XcRWNJgARIgARIgARIwJYABTq2aHiDBEiABEiABEiABEggQwlQoJO444Mq0LGKKU6cOKFU r17dtIitbgGsWMslTiQ9Wli4cKGJFRb9c+XKpXgRRebkyZNKgQIFZH/qVk9RAcYitDE2Fku9 IUOGhIx/1qxZxuZcO/dDwGE01qlA57HHHpMM1G2SjNU9OfeDwQMPPBDi0/nz58c8ntmzZ4e0 g7btkh9jmzt3bohNPXv2tDMppnw/n4WYDMuwwhToZJjDOdyIBCjQiYiHN9OBAAU66eBFjoEE SIAESIAESIAEFIUCHc4CEiABEiABEiABEiABEjAToEDHzCOeq6AKdH799deQ4Wzbtk1BZB0t wgSOpUqVUvbv3x9SlhmK0q1bNxMr8GrTpo3raKZNm6b388svv0RtPxahjbGxWOotWrRIt0mb L9hGKJ6EZ+T48eO2Vf0QcBg7z1SBznvvvRfiU2ytFmsaN25cSDsfffSRbTN++Bfvu2zZspns Kl++vK1NkW7gu6O///5bL+Lns6B3ypMQAhTohCBhRgYToEAng52fKUOnQCdTPM1xkgAJkAAJ kAAJpDsBCnTS3cMcHwmQAAmQAAmQAAmQQKwEKNCJlVho+VQS6MB6REHRBBfasWXLlsr58+dD B5fhOUePHlXKlCkTwuvf//63a2R+/PFHpWDBgrKPdu3aOWo3FqGNscFY6mE+lC5d2jT2atWq GZtzdP71118rWbJkUWrXrm1b3g8Bh7HzkiVLmsb1yiuvGG/r54MGDZLl+vXrp+d5deIHg1On TulzTXv2b7/99piHdOONN5r4QfSHtu2SH2ND39rnmTY2HNevX29nVtj8zZs3K9mzZ1fq1aun 3/fzWdA75UkIAQp0QpAwI4MJUKCTwc7PlKFToJMpnuY4SYAESIAESIAE0p0ABTrp7mGOjwRI gARIgARIgARIIFYC2oImBAJM8RFINYEORhluq5vHH388PgAe1vrrr7+Uhx56SClcuLCSO3du pXXr1goELX6mzz//XMmaNatJkIDnZcOGDQmbgagy2rZjOXLkUH744QdHbcYitDE2GGu95557 zjRuCB4WLFhgbDLqedu2bWUbjRo1si3rl4BDM6BmzZqmcY0dO1a7ZTq2b99elnvyySdN+V5c +MVg8ODBprFj27bff//d8ZAQ4Qlz1SiCefnllyPW92ts4balq1+/fkziQ2yLhbHVqVPHNCY/ noUgvO9Mgw7YBQU6AXMIzUkqAQp0koqfnftBgAIdPyizDxIgARIgARIgARLwngAFOt4zZg8k QAIkQAIkQAIkQAKpRYACncT9hcVt42K1dm7cIiXxXqK3cNlll5ns2L17t22l06dP68IQzV5E OZk3b55tnWTcGD9+vGlMsLVixYrKn3/+6as5c+bMUSBk0FjhWKRIEWXLli1x24H5gYg5WpvY NshpGjFihF4P9Tt16uSoqrVe586dI9Y7d+6cctVVV5n6qly5snL48OGI9bSbEPNgXsHGSCKO AQMGmPpo1qyZ1kTE47p160z10E+4rd2sjWiiIY19hw4drEXktSaewtZQXie/GODZgQ+1sePY vXt305ZOkcaKssa6TrZ882tssBtz2mgfzl966aVIQ9LvrVy5UhfjWev48SwE5X2nAwnYCQU6 AXMIzUkqAQp0koqfnftBgAIdPyizDxIgARIgARIgARLwnoBRoIO/hGMiARIgARIgARIgARIg gUwnQIFO4jMAW6hYF4RxvWfPnsQbd9gCxB4XXnihyQ6IFyKl5cuXm8rD5rx58ypYpA5Kuu66 60JshJ3vv/++7yauWLEiZHsg8Jo0aVJMETpg+HfffWfajufOO++MaTx33323icu1117rqL61 HiISRUvbt2+XYiTjHG/evLly5MiRiFXnz5+v82ratGlERh07djSNp0qVKhHb1m5+/PHHpnqw 0cmWRhBDGcdz0UUXKfv379ealccvvvhCL/PNN9+Y7nlx4ScDvBuwLZWRQdeuXRVEcImUnnnm GVOdEiVKhHALV9/PsWFelitXzmRngQIFokZ+wtZW2nZ2devWDTtfvX4WgvS+C+fHZOdRoJNs D7D/IBGgQCdI3qAtnhCgQMcTrGyUBEiABEiABEiABHwnQIGO78jZIQmQAAmQAAmQAAmQQMAJ UKATm4MghNm0aZPy1VdfKUuXLlVef/11xbpdjrbojcgjb7/9trJs2TIFC+KJRFsJZyUEQGj3 008/VXr37m1akIYNjRs3VubOnStthSDEmPbu3atg2x7NVuMxe/bsSv/+/ZVFixa5brPRBifn N910U1gbISZIRtq6dWtI9BGwwzY6s2bNUvA7Z6SE7dDuv/9+BYw15vfcc0/Ueoh6AuHJ6tWr ZTQQCIO0+jhiC66nnnpKgYjo66+/Vg4dOiTNiFYPdmDrHohRMJfsoj5hYdwqeoCY4cMPPwwR dWBe3nfffbp9xYoVU3bt2mXCcuzYMWnnqlWrlBdeeEHJmTOnXl4b19ChQxWIyDCeffv26fUh pMCazezZs8M+e02aNLGd91ojR48e1cVDWn/4Ix7YhYRtnLQoMzfeeKNWzdVjshmAa9GiRU3c Idiyvqcwp8H7lltuMZVFJCvkh0vJHhuiKNWqVctkL/yM6D8HDhwwmXzw4EFlypQpcgs9lMmf P7+yceNGUxnjhdvPgrHtoL3vjLYF4ZwCnSB4gTYEhQAFOkHxBO3wjAAFOp6hZcMkQAIkQAIk QAIk4CsBCnR8xc3OSIAESIAESIAESIAEUoAABTqxOQlbQ2kL+rEeEeHGzfTggw86tuXyyy83 dQ1RhBP7q1ataqrn98WLL74Y1k6nWyB5YS+2unn33Xd1AYeRY/HixaUI4NVXX5XiEkQjeuut t5SBAwcqN9xwgylqSb58+RSMz0mCMMfYT7Tzd955RzYba71IAiOIuhDpJ1u2bCZbLr74Yjk2 bBN15ZVXmu5hzNgCzpoWL15sKhdtPMbtv7C1WLTy2v0aNWpYu9avsZ2bVRiUJ08epWHDhrqf 4CMnEXn0RmM4CQKDnTt3yu3RIPDSmOFYrVo1GeEJIsPcuXOb7uXIkUMZPny4curUKdvRBmFs EAn16NHDJIbD2LDlGsRXrVq1UsqXL28aG57f//znP7bj0m64+SxobeIYxPed0b5kn1Ogk2wP sP8gEcgCY9SXGhMJpC0B9a8hRIMGDeT4VCWt6NevX9qOlQMjARIgARIgARIggXQmoIZrFuoX cHKI6l/HiQ8++CCdh8uxkQAJkAAJkAAJkAAJkEBUAmpUBLFgwQJRsGBBcfjw4ajlM73A+fPn hSpaEbt37xbqYr5QF6/l7xhqJBKhLnLreNRIJEIVcogzZ84IVdQj1MVsWVbdfkUvk+jJK6+8 IlSRjlCjqQhVSCDbhw3qArRA/6rYQqgRVMTJkydFmzZtTL//TJ48WTz88MOynlZXFV5Ik1AX NqtRRkTp0qXFt99+m6ipCdV/7LHHhCpyEWrkC6FuVSPUrYiEGh1DqFEuEmo30cqYCzNnzhRj xowR27Ztc9ycKnAQvXr1Ek888YRQBQGO6qmiAaFGRJK+hr8x97Q5hyU62II5Bn/j9141apNQ xRXCWg91UU+bI5ij2jw5fvy4nK+wL1L64YcfxOjRo4UaMUjWDVcW82bQoEFyLQV9WdOSJUuE Gq1Fn7sYD+YfymI82hzE3MWY1OhAYsiQIbIZdbssoUb70VnAXu3ZQz2MX5v3t912m5gxY4a1 e/1ajeAjVPGUwBqQNV1yySVC3aZLqKIj6y1XroPCAIPBMz5y5Eihbhkm50C4AeJdp27BJJ5+ +mlxxRVXhCui5wVpbKoISYwdO1ao0cxsx6aKvkS3bt3kM4l3jNPkxrNg7Suo7zurncm4Bm9V XCW7xjtoxIgRyTCDfZJAIAhQoBMIN9AILwlQoOMlXbZNAiRAAiRAAiRAAv4RoEDHP9bsiQRI gARIgARIgARIIDUIUKCTGn6ilf9HAIIKCFXUrWCksCwIXCAKgV1qtBz5s2PHDikmghgLghMs /kPsUaVKFSmUgjAFgrhUTxD3YKwQJ2HhHMKakiVLikqVKok6derIsafKGGE/xEzqVloiV65c UtwEYU40sVKqjM+pnRB6QdACn6rRSqTwS92iTJQqVUoygZAqVRO+D8J8xbh+/PFHOTY8l2XL lhVq1CQpXIt3bF49C0F838XLyI16FOi4QZFtpAsBCnTSxZMchy0BCnRs0fAGCZAACZAACZAA CaQUAQp0UspdNJYESIAESIAESIAESMAHAhTo+ACZXbhG4KWXXhJ9+/aV0Vmee+4519r1oiGI HZC0yERe9ME2SYAE0pdAKr3v/PACBTp+UGYfqUKAAp1U8RTtjJsABTpxo2NFEiABEiABEiAB EggUAQp0AuUOGkMCJEACJEACJEACJBAAAhToBMAJNMExga5du4r33ntPbnnVo0cPx/VYkARI gARSjQDfd2aPUaBj5sGrzCZAgU5m+z8jRk+BTka4mYMkARIgARIgARLIAAIU6GSAkzlEEiAB EiABEiABEiCBmAhQoBMTLhZOIoEDBw7IrXZOnz4t1q5dK+rXr59Ea9g1CZAACXhHgO+7ULYU 6IQyYU7mEqBAJ3N9nzEjp0AnY1zNgZIACZAACZAACaQ5AQp00tzBHB4JkAAJkAAJkAAJkEDM BCjQiRkZKySJwNNPPy0effRRUb16dbFlyxaRJUuWJFnCbkmABEjAWwJ834XypUAnlAlzMpcA BTqZ6/uMGTkFOhnjag6UBEiABEiABEggzQlQoJPmDubwSIAESIAESIAESIAEYiZAgU7MyFgh CQS+//57GTHn2LFjYvr06aJLly5JsIJdkgAJkID3BPi+C8+YAp3wXJibmQQo0MlMv2fUqCnQ ySh3c7AkQAIkQAIkQAJpTIACnTR2LodGAiRAAiRAAiRAAiQQFwEKdOLCxko+Ejh69Kho0KCB wKJ1hQoV5DFbtmw+WsCuSIAESMAfAnzf2XOmQMeeDe9kHgEKdDLP5xk3Ygp0Ms7lHDAJkAAJ kAAJkECaEqBAJ00dy2GRAAmQAAmQAAmQAAnETYACnbjRsaJPBNq0aSPmz58vcuXKJb744gsp 1vGpa3ZDAiRAAr4S4PvOHjcFOvZseCfzCFCgk3k+z7gRU6CTcS7ngEmABEiABEiABNKUAAU6 aepYDosESIAESIAESIAESCBuAhToxI2OFX0gsHv3blG6dGmRJUsWMXXqVNG9e3cfemUXJEAC JOA/Ab7vIjOnQCcyH97NLAIU6GSWvzNytBToZKTbOWgSIAESIAESIIE0JECBTho6lUMiARIg ARIgARIgARJIiAAFOgnhY2UfCEyZMkXUrFlTNGnSxIfe2AUJkAAJJI8A33f27CnQsWfDO5lH gAKdzPN5xo2YAp2MczkHTAIkQAIkQAIkkKYEzp07J3LkyCFH1759e/HBBx+k6Ug5LBIgARIg ARIgARIgARJwRoACHWecWIoESIAESIAESCB5BCjQSR579hw8AhToBM8ntMhlAhTouAyUzZEA CZAACZAACZBAkghQoJMk8OyWBEiABEiABEiABEggsAQo0Amsa2gYCZCAywSOHTsm8ufPL7Jm zepyy2yOBEjAawIU6HhNmO2nEgEKdFLJW7Q1LgIU6MSFjZVIgARIgARIgARIIHAEKNAJnEto EAmQAAmQAAmQAAmQQJIJBE2gg/+zZ8+ePWYq58+fF9myZYu5HiuQAAmkJ4HNmzeLt99+W3z7 7bfil19+kT8nT54UuXPnFuXLlxfVqlUTDz74oGjcuHF6AnBxVHi/HjhwQBw8eFD/OXTokH7e pUsXccUVV7jYoztNKYoizp49K3LlyhVTg3///bfAFunR6sXyuQM7cubMabLj9OnTputYLyA0 s7YZaxt25YP4WUyBjp23mJ+JBCjQyUSvZ9iYKdDJMIdzuCRAAiRAAiRAAmlLgAKdtHUtB0YC JEACJEACJEACJBAngSAJdFasWCGaN28uR5InTx65OIrFRyxCZsmSRR8hFl2xMHrmzBn5c+rU KVG8eHHx448/inz58unleEICQSGwatUqsXr1alGiRAlx0003icKFCwfFtLSyA++E6dOni9df f12sXbs2ZGx4r+B9YUw33HCDmDNnTuDfHcmcQ0uWLBGtWrUyYjOd33vvveLll1825QXh4uef fxblypWTnx8QZuEHnykQgRo/UyDIwfdFmD+YHxDTVK5cWWzbti3iMC677DLx008/ibx588of tKtFZ8LnFEQ+aA9CHLQPkZP27KMv2JNoQkSoIkWKiGLFiom6deuKa6+9VjRt2lTmxdt2UD+L KdCJ16Osl44EKNBJR69yTCYCFOiYcPCCBEiABEiABEiABFKWAAU6Kes6Gk4CJEACJEACJEAC JOARgSAJdBDt4q677op7pPv27RNFixaNuz4rkoAXBEaPHi0ef/xxvemCBQsKiC2qV6+u5/Ek cQIQU3Ts2FH897//1RtDBJTu3buLnj17iipVqogCBQqI48ePi3Xr1om+ffvqAgy8B+fOnauL K/QGAnKS7DmUqgKd/fv3i7JlywpEToo1RRPoQICjiXGctm0U6OD7KQhLEZXI7QS72rZtKwYO HCiuuuqqmJsP6mcxBToxu5IV0pgABTpp7FwO7f8IUKDDmUACJEACJEACJEAC6UGAAp308CNH QQIkQAIkQAIkQAIk4B6BIAl0jh07Jn7//XcZceDEiRPiu+++E+PHjxfff/99yIARhaRXr17i kksuEYggkCNHDlGhQgVucxVCihnJJABhAEQh+F3UmDp16iTef/99YxbPEyCwfft2KUSAAEJL eEe88cYbUgSh5WnHb775RlxzzTXi6NGjWpZYtmyZjD6iZwTkJAhz6M8//xRgDF6LFi0Szzzz jIlOUCPowEh8pvzxxx9SmIXPkueee04XZhkHcfPNN8vPFES5uuCCC2REHIh7IqUvv/xSin/W r18vnn/+efHbb7+ZiiOyzYABA0SDBg1kRBtsA2bcihHzFfZBNLZjxw7Zxtdff21qAxcvvfSS nK/adlaIvoOoPPjZtWuXWLNmjfzZsmWLjC5nbACRj6ZOnSqjdxnzI50H9bOYAp1IXuO9TCNA gU6meTwDx0uBTgY6nUMmARIgARIgARJISwIU6KSlWzkoEiABEiABEiABEiCBBAgESaATbhif fPKJ3BLIeA9RMY4cOeLK9iDGdt0+HzFihIzm0a9fv4jbw7jdL9tzj0CiPkRUl6pVq4YYhG1o IAhhSpwAtieqUaOGgOhGS02aNBGLFy+2fUcMGjRITJgwQSsuj4hyNGrUKFNeEC6COIdat24t hToanyALdDQbtSMERrDfmLDV1OHDh23ni7Gs3TnES+3atdOf63r16gl8fkGk4zQh+lOtWrVM xS+66CLHUXYQjQdzGIIebAOpJdjw3nvviZYtW2pZMR+D8FlMgU7MbmOFNCZAgU4aO5dD+z8C FOhwJpAACZAACZAACZBAehCgQCc9/MhRkAAJkAAJkAAJkAAJuEcg6AKdTZs2idq1a5sGjG1B 9u7da8oL4gWEGVhcf+2110Tv3r2DaCJtikIgUR+ePXtWFCpUKGSLnf79+8toGVG6520HBGbN miU6dOigl7z00kvF1q1bZeQiPdNy0rVrVylYMGY/8MADYvLkycasQJwHcQ5hezCIQLSUSgId Lz9TVq9eLRo1aiSxzJs3T7Rp00ZD5OiIbRrx+WZMlSpVChtFzljGev7uu+/Krd2wDZeW8uXL JxDx5/LLL9eyYjp6yc2pIRToOCXFcplAgAKdTPByho+RAp0MnwAcPgmQAAmQAAmQQNoQoEAn bVzJgZAACZAACZAACZAACbhEIOgCnc2bN4uaNWuaRottrX799VdTXhAv8ubNK7frokAniN5x ZpMbPhw3bpwYNmyY3iG2z8GaQ5UqVfQ8nsRPoFu3bmL69Ol6AyNHjhRPPPGEfh3uBM9knz59 TLdmzpxpEvqYbib5ImhzaODAgWLixIk6lVQS6Hj5mYIINlrEHGynBXFNLGn//v2iaNGipiqV K1cOuyWXqVCYC6uICkUuu+wysW7duojitTBNySwvudn1ac2nQMdKhNeZTIACnUz2foaMnQKd DHE0h0kCJEACJEACJJD2BIwCnX/84x8Cf2nHRAIkQAIkQAIkQAIkQAKZTIACHW+8v2fPHlGq VCnZOAU63jD2ulU3fbhx40a55RKiWCCqRpkyZbw2P2Pab9iwoVi7dq0+XmxtFW0rH0QWgZBn 9uzZImfOnAIRdbDtVZBTkOYQBTrhZ8qxY8d08cuOHTtEuXLlwhe0yXVToPPTTz9JgRC2gDOm sWPHiqFDhxqzHJ1ToOMIEwuRgG8EKNDxDTU7ShYBCnSSRZ79kgAJkAAJkAAJkIC7BCjQcZcn WyMBEiABEiABEiABEkh9AhToeONDLIIOHz5cNk6BjjeMvW6VPvSasDvtIxIRopVoCdtbVa9e Xbvk0QMCFOiEhxokgQ4sRMSc7du3m4xt3bq1+OSTT0x5Ti4o0HFCiWVIwD8CFOj4x5o9JYkA BTpJAs9uSYAESIAESIAESMBlAhTouAyUzZEACZAACZAACZAACaQ8AQp03HchIhZUrFhR7Ny5 UzZOgY77jL1ukT70mrB77VsFOvFsLeSeNZnREgU64f0cNIFOixYtxLJly0zGYou9I0eOiKxZ s5ryo11QoBONEO+TgL8EKNDxlzd7SwIBCnSSAJ1dkgAJkAAJkAAJkIAHBCjQ8QAqmyQBEiAB EiABEiABEkhpAhTouO++mTNnik6dOukNU6Cjo0iZE/owZVwlKNDx31cU6IRnHjSBToMGDQTW N40pW7Zs4syZMwLHWBIFOrHQYlkS8J4ABTreM2YPSSZAgU6SHcDuSYAESIAESIAESMAlAhTo uASSzZAACZAACZAACfw/9s4Efoup/f9X+66QFFLJUpFEKZ4ihaxRliw9IrJVlkiWrGWJosW+ e0QeklCWKGSLUIQsCWnRpiRt8pv/ueb/zJi517nv773P+7xeNWfOnO16n3PPdzmf73VBAAIl QwCBTmaXUr0VHH300bJx40a3YwQ6LoqiyLCGRbFM7iQR6LgocpZBoBMbdSEJdPT3X1tttZVs 2LDBN9kmTZrIggULfGVBbhDoBKFEHQjkjgACndyxZqQ8EUCgkyfwDAsBCEAAAhCAAAQyTACB ToaB0h0EIAABCEAAAhCAQNETCJNAR8MWrV69WlatWiXbbbedbL311lHrpz8z6OFltWrVZKed dpJy5cpF1YlXMGXKFOnZs6f8+eefvirZEOgsXbpUvv76a1m8eLGsW7dOateuLXrwesABB6Q0 Z2ei6lFh5cqVUqVKFalbt65T7F5/+eUXW3TUqFEjqVy5slueLDN//nxZtGiRLFmyxA6rUr9+ fWnatKnssssuoqFWMpksy7KZLFy4UJTPX3/9JfXq1ZMGDRrY/3TuyVK211AP8JWzMtT9lU7S fTx37lzRNVE7K1WqJHvssYc0b95c6tSpk06Xbptsf0bcgTKYSVegs3nzZvt98Ntvv4n+q169 urRu3TrwzPLFKp09tH79evn0009l2bJlts1qZOPGje3PoX4uKlasKMrjqaeekjZt2kjLli0T cggq0NH3yk8//WSzTfV9mnACZXiYTaFJIQl0Ytmp2AYOHCgjR45MmWCs/nbYYQf7a1DKnaXZ 4LvvvrPfddp86NChMmTIkDR7ohkEip8AAp3iX0MsSEIAgU4SQDyGAAQgAAEIQAACRUIAgU6R LBTThAAEIAABCEAAAhDIGYFSFeiogOGaa66xxTgqiFBRjopz9FBdk1c08+OPP8qtt94qs2bN sgUeelCtSUU6Kibp1KmT3HTTTTEFPSpAGTNmjLz33nsye/Zsu13kf/vss499GB5Zrvdt27aV q6++OtajmGUaeknHmzlzpqggJTI1bNhQTj/9dOnVq5fsueeekY/t+8cff1y0H+XisFGRj6ad d95Zfv75ZzuvwppBgwbJ1KlTbQGDFqqwpE+fPjJq1ChbzGNXjPhvxYoV8sADD8i4cePk22+/ jXj6z61y1YN+9TiUihDqnx7+f2758uUybNgweeGFF2wxUORz515FLGeddZb07t1bVCjkpGys 4R9//GGPo/tO/ylnFYGoaEiTrpHySSWpGEsPpSdNmmQLLWK1VTGS2qfrts0228Sq4pbl6jPi DpihzAUXXCC//vqr29ubb75pi9ScgnifN2WvDHUt9F0QKaQ75phj5OWXX3a68V3zwSoTe+i1 116TESNGyIwZM9y95zPM3Gy//fbSt29fefvtt+33WLdu3eTFF1+MrOa7TyTQ+eGHH+Tmm2+W d999V/Td+vfff9tt9X266667ysEHHxz3feobJEs32RSaFJJARz8n999/v4+iCmr065xeU03Z 5BZ0Lgh0gpKiXigImG8CSRAoaQIfffSR/qRj/xs7dmxJ24pxEIAABCAAAQhAoJQJmF/Iud/X nXTSSaVsKrZBAAIQgAAEIAABCEAgEAFzKG1/j2w8bwSqn+tKn3/+ufs9vPM7WnO4mHQar7/+ elQ7p71ejUDHMgJ+6/rrr7eqVq3q1jUeZKwdd9zRMoIRt0zrG08s1uTJk6PGfemll3z1vGME yZvD8Kg+YxUYcYdlvPP4xjLhSywjbrHOPPNM66CDDrKMFwzf89GjR8fqyrrooot89bzzrFGj ht3GCBWsmjVrxq1nRCAx+zaCHMt48nHbmUN5ywhxrPPOO88699xzrQMPPNAyIh/3uY7dokUL yxzkx+wvWaEREthr47VB88YriHXUUUfZYxtPSb7xdC2N4MLtOhtraERKvjEj52cEOu74QTJP PvmkpZ9Rbz9GWGHp/tH179Chg1W+fHn3ue4N3dvGc0rc7nP1GYk7gTQfGO9Lrp1eHmXN67sw XsoHq7LsIX23GTGaj9O//vUv+zNoxDOW8aBiGU8qlvE+5KujDA8//PB4GNxybevlff7551tG iGMZ4Y7vPZTq+9QdIIuZdL+mBJnS77//7nIxntiCNPHVMWJDt73D1wgLfXWC3Nx1111R/RiP ZdacOXOCNI9ZJ5vcYg4Yo1C/vjhcjFgxRg2KIBAeAnjQMW8DUmkTwINOaa8v1kEAAhCAAAQg EB4CeNAJz1pjKQQgAAEIQAACEIBAMAKl6kFHPbeopxlzYCpvvfWWHWLJS0Q9vOjvfR955BG7 uGvXrrbXh1atWtnhXtasWWN7lZgwYYLbTD2SqLcVb2gs/Yv+8ePHu3U0o+FD1PuFk4woRcyh t3Prux533HGiHj8SpenTp8sZZ5zhhhIxQgx7bupNRUN1Oembb76xvdt8+OGHTpHtPUO9XXiT epoxggM7PJJ6H9HwN04yAh3b24YR/NgeRvbff3/bnhtuuEGmTZvmVBMjarJDVmlILCfpz1vq wcfxbqJht9RjifbpTTpPc6Av77zzjlusIa/Uy4cRR7lliTLq8eeSSy5x10/rVqhQwQ55MmDA ANl2223d5uo1Sb0GnX322W6ZjqMhotRzTzbWUL2zXHXVVfY+ULs0bJo3BfWgo96IlNXEiRPd 5t27d5c777wzyiuThva69NJLfXU7duxoe4XRtYhMufqMRI5b1nv9XKsHHCeZP6q2vRQ594k+ b1pnw4YNYoQK9mfAaaPXRB508sGqLHvICDTsUEZql4arUo9h7du319uopHvp8ssvdz1y6btK 3w+JUqQHnXPOOcf2YqSeuTSl+z5NNGamnmXTE0y+Peioty71mnPddde53uKUm4Yt1LXp0qVL 2hizyS3opPCgE5QU9UJBIDxaJCwNKwE86IR15bEbAhCAAAQgAIFSI4AHnVJbUeyBAAQgAAEI QAACECgrgVL1oOPlsmnTJsuEVnH/8t4c3FiNGze279XDgxHYeKu7efVC0bx5c1879RCRLKmH Hx3D+afeetJNJlyMVb16dbcv9exjxCZxu1u6dKllDmPd+joH9TITL6lHBa/nFfV4Yw707fYm RJalHiE0tWnTxteneutxnjl9mxA5vjo6thFCOY99V2Xbrl07X331FGFECb568W6MAMDXVr0e GSFMvOqWEaL56uvcPvvss7j1M7mG6lmkdevWvvGDeNAxodZ87XTtzcG7ZQRHceetY/Xr1883 lhGdRa1VZAe5/oxEjl+We903zmdNr+r9KUg6/vjjfe0SedDx9pcPVqnsISM8c98Z6hEriCeX hx9+2GWRjgcdh3+i96nakM771Ms+E/lseoLJhged3Xff3fb2pu9M7z8jUrTX1oRXtJ599llL vZp5vcE5a6KelExYtzKjyya3oJPDg05QUtQLAwFVVZIgUNIEEOiU9PJiHAQgAAEIQAACISKA QCdEi42pEIAABCAAAQhAAAKBCIRBoKMg+vTp4x5AOweXetVQIInSsGHDfO323nvvRNXtZ5kU d3Tu3Nk3vh62JksqyPHaqGGlEiUNleStr3kNA/XTTz+5zYw3GF8dFTdEpptuuslXR/vp1atX ZDX33njSiQp3FUTM9MQTT0SNoyGIEiXjpSiqjfGOFLdJJtdQB7n44ot94wcR6BivRb42GrIq aIoMYxZk3+TyMxLUjiD10hXoaIgc774PKtDROeWDVdA99J///Me1y3jACoLQFn05oenKItDJ xvs0kAEpVMqm0CQbAh3vHg2a13BW+pk33tRSIJO4aja5JR75n6cIdP5hQQ4CCHTYAyVPAIFO yS8xBkIAAhCAAAQgEBICCHRCstCYCQEIQAACEIAABCAQmEBYBDom9I97aO0ccqoXlkTeSBTi pEmTfO1q1qyZlG2mxB0PPfSQb2wTwslasmRJ0vG1gopyHDv1muigVj00eOtqfsSIEb5x9Gcp LTvxxBOt22+/3Vq2bJnvud54hQFOf7fddltUPW9BpBcdE/LL+zgqr+OaUGO++R566KFR9SIL THgrXxv1FGTCmEVWc+8ztYZOh+r5xmGi12QCndmzZ1uVKlVy26hXJBM2zeku6dWEurHUe4p3 zMmTJydsl8vPSMKJpPgwXYGOCe3k45OKQCcfrILuocGDB7t2bbXVVtby5csDEb3iiivsdukK dIK8TyPFgyokyXXKptAkGwId9XCm77zIf8rO+/n25hs1amR7L1OvRZlK2eQWdI4IdIKSol4Y CCDQCcMqh9xGBDoh3wCYDwEIQAACEIBAyRBAoFMyS4khEIAABCAAAQhAAAIZIhAWgc7AgQOj DjOnTJmSlKKGD/EefGpexQ+JUibEHRrqqXbt2r6xu3TpkmhY37PIw/zLL7/c99x7Eylw0APh RYsWeasEyq9evdoXkkmFPxpyK1E699xzfTYm81CkHnm866FhnxKFqnLGVmGP8lPRS4sWLazH HnvMeRTzmok19Has3m+8804m0In0+KMCo1TTKaec4huzQ4cOCbvI5Wck4URSfBi5f4OGuCqL QCcfrILuoch6++23nzVr1qykVPUzoXu0R48eSevmw/6kkwpYIZtCk2wIdHR/x0s6noYpvPHG Gy0N8+d9x2heBZD6Xs5Eyia3oPNDoBOUFPXCQACBThhWOeQ2ItAJ+QbAfAhAAAIQgAAESoYA Ap2SWUoMgQAEIAABCEAAAhDIEIEwC3SSiUcU8aeffhp16JmsXSbEHZGeJvSwVT3XBE3vvPOO b96JDt0jBQ6HHHJI0GGi6m3cuNF69913E3rs8TYaOXKkb55Nmzb1PvblVbSknm+8h9DNmjXz 1cnUTSbW0DuXSNFEIoFOrD33+OOPe7sLlL/77rt9rJSbHnDHS7FEF8n2uvYVa75B2sWbR6rl kfs3XwKdIDaXhVXQPaTh3ryfESd/7LHHWuPHj7e++OILa/PmzVGY9fclr7zyivXrr79GPYss KNa9onZkU2iSa4GOd13WrVtnnXHGGVFrr8K89evXe6umlc8mt6ATQqATlBT1wkAAgU4YVjnk NiLQCfkGwHwIQAACEIAABEqGAAKdkllKDIEABCAAAQhAAAIQyBCBsAp0GjRoEIhgOgfqmRB3 9O/fP+qgdcKECdaWLVsC/dNQWM7BvF5bt24d195IgUMibztxOwnw4Oeff7befPNNWyQwZswY a8iQIVbHjh1980wk0FGPR16bNH/WWWcFGDn1KplYQ++oQcUV2iayrtqpoqdUkwpVInkNHz48 bjeRootsfkbiTiKNB5H7Nx8CnVywitwX8UReGgqtfv36UWvv3QvqSUrfCZdddpn9mdy0aVNK 5It1r6iR2RSa5FOgo7ZpyEYNE+hda81feOGF+rhMKZvcgk4MgU5QUtQLAwEEOmFY5ZDbiEAn 5BsA8yEAAQhAAAIQKBkC+sts5xcVJ510UsnYhSEQgAAEIAABCEAAAhBIl0BYBTqdOnUKhCxf Ah31duH87JKJa8OGDePaGylwuOuuu+LWTeXBb7/9Zj366KOW7rG6desGsieRQEfnFcli2LBh qUwpcN18CnROPvnkKDsTeb6JZ9SMGTOi+jnvvPPiVbciRRfZ/IzEnUQaDyL3bz4EOrlgFVSg owgnT55saai6yM9LvPvtt9/eeuSRR6y///470AoU615R47IpNMm3QEftW758uVW5cmXf2teq VctS4VZZUja5BZ0XAp2gpKgXBgIIdMKwyiG3EYFOyDcA5kMAAhCAAAQgUDIEEOiUzFJiCAQg AAEIQAACEIBAhgiEVaDTuXPnQATzJdBp27at74BVD9bVK8aee+6Z8r9WrVpZl1xySVx7IwUO zz77bNy6QR4sW7bMUiGIeumIFASop5Hu3btbQ4cOtQUBkUKkRAKdwYMHR/WnYZyykfIp0NGQ NJHcFixYkLKZs2fPjuqna9eucfuJFF1k8zMSdxJpPIjcv/kQ6OSCVSoCHcWoHPTzFrmXEt0f eOCBlopMkqVi3Stql4b4imRQr169ZCYHeq7hwZy+f/zxx0BtvJVUXOO0d666v1NNhx12WFQ/ 48aNS7UbX30EOj4c3EAg7wQQ6OR9CZhAtgkg0Mk2YfqHAAQgAAEIQAACuSGAQCc3nBkFAhCA AAQgAAEIQKB4CCDQSbxW+RLotGvXLuqAdf78+Yknm+bTdAUOsYZ7/PHHra222ipq7u3bt7de fPFFOwSLt93o0aN9dRMJdDQcj3No7VxLUaCz7777Rtk5d+5cL7ZA+Y8//jiqHw1/Ey8Vq+gi 3f175513+vjouzBoygerVAU6asuaNWusESNG2OGsgnrUUbHR5s2bE6LIh/0JJ5TCQ6+IxnmP VKhQIbD3oERDzZkzx91Tq1evTlQ15rNMCXT69u3rzsOxsayhCxHoxFwyCiGQNwIIdPKGnoFz RQCBTq5IMw4EIAABCEAAAhDILgEEOtnlS+8QgAAEIAABCEAAAsVHAIFO4jXLpkDnww8/tEaN GmW99dZbUZOIFeZo5syZUfUyUZCuwCFy7DFjxljlypXzHQzvsssu1vTp0yOruvepCHSUlXPY 7Fxvuukmt69MZoJ60Em0ht75pCKuiPQqpLa+++673u4C5d94440oXuq9KF4qVtFFuvs3DAId 71qrYGTatGnWyJEjrdNOO83SsHfO5yjyqqHpEqVi3SuOTdWqVYuyfcWKFc7jtK+TJk2y+61a tWpafWRKoKMe0yLX9KijjkprTk4jBDoOCa4QKAwCCHQKYx2YRRYJINDJIly6hgAEIAABCEAA AjkkgEAnh7AZCgIQgAAEIAABCECgKAgg0Em8TNkU6Fx77bX2IWq/fv2iJnHFFVdEHbCWNfRU 1CD/K0hX4ODtTz28RHro2Hbbba1vv/3WWy0qn4pAxzn89h489+nTJ6rPTBQEFegkWkPvPFIR 6AwYMCBq7YOGbfKO+dxzz0X1o33HS8Uqukh3/5aqQEeFWYceeqg1derUeEvtlmsYtLPPPttS DzLez9X+++/v1omVKda94tiy1157+exV29XjVFnThRdeaPfbsmXLtLrKlEAnlrexRN7JgkwW gU4QStSBQO4IINDJHWtGyhMBBDp5As+wEIAABCAAAQhAIMMEEOhkGCjdQQACEIAABCAAAQgU PQEEOomXMF8Cnddeey3qAFkPXdNJeuj7xx9/xG2arsDB22G3bt2i5vv+++97q8TM33HHHb52 3kPkZcuWWSeccII1bNgwu+3ixYujhATqoSedpCF8/u///i9u03wKdJ566ikfExUPqHeiVNPw 4cOj+nnhhRfidlOsoot092+pCnScdVSRTtA0ceJEq0qVKu5+UQ8ziT4fzhiOqEfDYgVJ6bxP g/Sbap1IwZzaUVZvXJs2bbJ22mknm6EKLNNJmRLoOMJBZ330qiIsnWO6CYFOuuRoB4HsEECg kx2u9FpABBDoFNBiMBUIQAACEIAABCBQBgIIdMoAj6YQgAAEIAABCEAAAiVJAIFO4mVN50B5 xx13dA+69WD0/vvvjznI5Zdfbtfr379/1PO///7b2nnnnX39tGjRIqpesoJPPvnEDjvVunXr uFXTFTg4HepcNaSL9zC4WbNmzuOE11NPPdXXzivQWbBggf2sRo0abh/OfvWOpWuUSvriiy+s ihUrWm3bto3bLBNr6O08UhBw+umnex/78hs2bLDq1Knj46JCpVSThrTxcqpVq5alfcdLxSq6 SHf/lqpA56KLLrLXXff4b7/9Fm+5o8ojPTetX78+qo5TUKx7xZn/zz//HOXxq02bNs7jtK7X XHON+3nTM8V0UqYEOpF723kPfPXVV+lMy26DQCdtdDSEQFYIINDJClY6LSQCCHQKaTWYCwQg AAEIQAACEEifAAKd9NnREgIQgAAEIAABCECgNAk4ggcVBBRiytShYC4PlFu1auUe1OrB6G23 3RYT7cknn2zXi+e5IdK7jPY1efLkmH3FK+zevbs9RocOHeJVsdIVODgdLly40GevzrN3797O 44TXxo0b+9omE+hMmTLFV1/H0nA8KhIKmjQslrbbb7/94jbJ1Bo6A6Qi0NE2gwYN8tmp3k1+ /fVXp7ukVxUgVKpUydfHfffdl7BdLj8jCSeS4sN092+kiEHfhUFTPlgF3UOOQEf3+MiRI4Oa ZE2YMMHdLw0aNEjYLh/2J5xQGg9PO+00115lpf9effXVNHqyrFmzZtmiP+3jzDPPTKsPbZQp gc6jjz4aZZvOTdc4Vho6dKhVt25d691334312C7L1NfiuAMEeKAhE521DrXSpgAAQABJREFU 0jmTIBBmAgh0wrz6adqu7iNV/Z7KN5RpDpWRZgh0MoKRTiAAAQhAAAIQgEDeCSDQyfsSMAEI QAACEIAABCAAgQIjUOgCndmzZ7sHcs7BXP369VOmeMkll/j66dSpU6A+9ODVGde5aqilRMkR xTj1e/bsGbP6nnvuafetIY1iJf355YADDvCNr2KE1atXx6oeVaZinnLlytntE4kzdtttN98Y L774YlRfiQrUK0ukBx0NeZUszZkzxzeu8tIQMU5yDoQjxWOxDtbvvfdep1nCqx5Aly9f3h43 UZtMraEzmSFDhvhsVRsSpT///DNKOKWip0Rhh7z9aV1n/+k1yHrk8jPinWtZ8+nu3xEjRvgY HXnkkYGnkg9WQfeQV6BTu3ZtS0PFBUmPPfaYy+Pwww9P2CQf9iecUBoP1btQpKcs9fy1bt26 lHrbuHGj5bzL69WrZ61atSql9t7Kembq/dxqftddd/VWCZTXUHaR/ei9rlus5AgSH3nkkViP 7bJMfS2OO0CABwh0AkCiSmgIINAJzVKnb+jatWut22+/3dKYl02aNPHFidVvENSVZK9evaxn nnkm8DeY6c8m9ZYIdFJnRgsIQAACEIAABCBQiAS8Ap0TTzyxEKfInCAAAQhAAAIQgAAEIJBT AoUu0Hn55ZejDhorV65sqYAhlXTKKaf4+gkagumll17ytdNDzmQhlYYPH+5rs80221grVqzw Tfedd95x6yQKOzJ//nzbs4H3sLVz587WmjVrfP1F3ig3J0zSwQcfHNfDjAo+ttpqK3cuOs4D DzwQ2V3Se/3dv3eO1apVs1RgEy8tXbo0KoSXtldB0ZIlS+xm48aNs/s87LDDfN2o7XrO4B1P zxmSeRfS0FaNGjWy22k4m0RedzK5hjr5c845xzffIGIQFYdpWCqvnXqO8tdff/l4RN7ceuut vjbqDSVy/0W20ftcfkZijZ9OWVn2rxNizuGbKAxc5NzywSroHvIKdNS2I444wtIzukRJ36e7 7767u2/0s5co5cP+RPNJ99n06dMt9U7l7AG96vs1USg471hffvmlpe8Sp72ecZYlxQqpqO/x TZs2pdStCn00xJkzL+caa4/r3qhQoYJdd9q0aXHHydTX4rgDBHiAQCcAJKqEhgACndAsdeqG aoxKVfVuvfXW7hcC/aLQsmVLq0uXLtbee+/tljtfIFSpmewb6dRnUrYWCHTKxo/WEIAABCAA AQhAoFAIINAplJVgHhCAAAQgAAEIQAAChUKg0AQ6KlaZOXOm9eabb1pjxoyxdtlll6jfIevv klUQop5n3nrrLTu8iHpj8QoX9NDxk08+sd577z1r9OjRlop6nN9BO9fBgwfb7bWe18uECjn0 d8LPPfec5XgWcNro9aCDDrImTZpkffzxx9a8efOilvL33393xTFOOw1n5RySa/ghJyzPUUcd FdU+skAPJSMFKSo0mThxos9mbbdo0SLrggsucG3dfvvtLQ1B5U1aR8Ufb7zxhtW3b1+3rjPX HXbYwRo1apS9BspBeSRLysM55HX60fBVsUKmaBgZx+OE2hEpPNADcg0LpvPQvm655Zao4dWL 0T777BM1d/Ucs3LlSl999WgxduxY18tPzZo1LfUGkSiVdQ1V8KCH7e+//76lnnqqV6/um6ue k2gIMxVq6VrE84yje1O9cjhM9arinrlz5/qmr1ELdK2OPfZYX131vqHlsVI+PyOx5hO0LNn+ 1c+KvhvU7s8++8xlq6ILXZMPP/zQevjhhy0VdXm5al7Ps95++2373eEVNeWDVbp7KFKgo3bp +yZyzzi8lVHHjh1dFrHeSfmw35lftq/6NSRSpLjXXnvF/dzofPRrzbBhw3xfV1INbaWfef26 pV9HVBjz0EMPxfx6o+unX6f/+9//2ntT9/B3332XFEssT2PqPUzH86Zrr73WXnsVAnmFr5n6 Wuwdq6x5BDplJUj7UiKAQKeUVjODtug3hPqNovMNjsa41S8gkcrTb775xjr++OPdek79VL+Y ZXDqUV3pN3LOvPQbeRIEIAABCEAAAhCAQHESQKBTnOvGrCEAAQhAAAIQgAAEskegkAQ6sf5C 3/m9bJCrV2Tz+uuvu7/TDdJWPaY4qW7duoHb6h+hxkoaJipSFKReZdq3b+96RalRo0ZSbzxO 3+px5owzzogSwWy33Xa2hwwNo7Xvvvv65q2eM9STQmSKdYCfiJHOM0hSrxuxvDaooKl///7W +eef7zuAVo8d6iFID12dsFOR89DwRSrIiJVUNHDWWWdFjaleeFSQ0LVr1yiBl4ZH++CDD2J1 F1VWljVUYU6kLYnu9TwlXvrxxx+tU089NYpRixYt7IN7DYMWGWKsUqVK1lVXXRV1HuMdI9+f Ee9cUsmnun8dtio4SLQGkc9UIOikfLBKdw95+Wy77ba+d4aGkNPwbQMHDrRUwLH//vu7YfDU fv3M6LsmMuXD/sg5ZPNevX21a9cuan+ocEnFghoy6pVXXrHUO5V6Y1aO3v2iwq54Irt489bQ WN4+Usmr155kSd+PKjSK7Ld58+a2SEfFOHfeeael7wqtM2jQILfLTH4tdjvNQAaBTgYg0kXJ ECinlpgPLwkCPgLmi7uMHz9ezDfDYl7yYmIb+p57b4zaVMwPC2LcyXmL5eabb5arr77aV5aP G6MoFfPF2R7aCHTE/DCRj2kwJgQgAAEIQAACEIBAGQkYF+ZifmFs92J+qSLmL2LL2CPNIQAB CEAAAhCAAAQgUNwEjMcNMR7Nxfz1vKxevTqvxjzxxBPSp08fMd5GxIhZxIQeEXN4KMYzi/17 ZmdyeiRhxPdiDt7FHHKK+aNQ+2rEKGK8jdjVpk6dKuYPSO2+jMDE7s/pR9ubw1S7jfECL+ag 0v5d9BVXXGG3NSGhxHg1sdvqXHQORkBiP9N2+vtsbaNtzR+f2r8Hd+bmvRrvPXLZZZeJ/n45 MhnvMGIOQcWIaiIfJbw3nhNk6NCh8uyzz9r2x6q88847iwnfY/8eW38/H5nuv/9+MYf4rn1G 3OFj7NioXNVOtf2PP/6I7CbmvfFsI8YThBgPJaL5WMl4qxAj1hHjwUhM+C+7itrTr18/Md5v 7Htlbjx5iAm3JcYLUKxu3DIjYBFziC66f0woGLfcmzGiK/n3v/8t119/vRjPKd5HCfPprqER AYk53HcZ6z7Sn0V1PZSvs3+Vr7LVeavNidLXX38tN9xwg5iwa3Ht1LU03qXEeB0SE8kgUXdS CJ+RhBOM89C7f/Wzre8J57Pt7F39bOo/3cMOW+VnBAtRa6L7W98J+vsCre+8E+666y4ZMGCA PYt8sEp3DxmhhYwYMcJ+txjvMGI859ifNSP4iUNUpGnTpmLEJ3LSSSfFrJMP+2NOJMuFRoRj vyOM56pAI7Vt21aMtzE58MADA9X3VtL9ZkR2Yjyc2V+f9LPr7GXn643Wd/a07mPn650Rhtpf o7z9xcobkY5tz913322/c2LV0TJ91xqPbPb4ep/Jr8XaX6aSfv0z4ku7O/06aIRRmeqafiBQ dAQQ6BTdkmV/wkb1LkbZ7g50+umni3HjKPqNd7xkVLnSsGFD+5sgp45+s2rU8aI/rOQzIdDJ J33GhgAEIAABCEAAApkjgEAncyzpCQIQgAAEIAABCECgNAgUkkCnNIhGW6GHinrYbjz82Aeg xuOJfXieTJAR3dM/JSrwWLBggRgP9aL9q8Bgxx13FOOVRvbbbz+foOmfVrnL6fyMxxL55Zdf 7H+//fabNGjQQEzIJTGhqWKeFegBtAk9ZU9SD2G33nrrlCaswillYrwsyPfff2+fNejZQuPG jcV4LnL/WCOlTv9XORtrmM48tI3+XKuiJF17tVXvVcSk5yu6t1TcRgovAd37xuOLmNBxrgBO afzwww+iIiUVhKxZs0ZMeDlp1qyZLXioVatWeIHFsNx4DBITalFMCEP3HaviGBX6Ge850qlT J+nRo4f861//yvu7Nsb0o4p03U2EEzGhI22bdP1VEKTzP+yww+Tiiy92xTlRjQMW6HtIhXLZ TAh0skmXvouNAAKdYluxHMz3vvvukwsvvNA3kglZJY899pivLPJGv3nUL3reZNxiigp88pkQ 6OSTPmNDAAIQgAAEIACBzBFAoJM5lvQEAQhAAAIQgAAEIFAaBBDolMY6YgUEIAABCGSHgONh yfHInJ1Rcter/m5MUyYFNepJSEWSejasnq2ykRDoZIMqfRYrAQQ6xbpyWZy3iYUrTz75pG8E VamrqjtRUvd5EyZM8FXRl/k999zjK8v1DQKdXBNnPAhAAAIQgAAEIJAdAgh0ssOVXiEAAQhA AAIQgAAEipcAAp3iXTtmDgEIQAACECgEAqtWrZImTZrYnnk0zFo2hDoIdAphpZlDoRBAoFMo K1FA87j22mtl2LBhvhkdcsghMn36dF9Z5M1xxx1nx0/1lmvcWY2PmM+EQCef9BkbAhCAAAQg AAEIZI4AAp3MsaQnCEAAAhCAAAQgAIHSIIBApzTWESsgAAEIQAAC+SRwzTXXyC233OJO4fbb b8+oUAeBjouWDAQEgQ6bIIrAnDlz7NiF69evd5899dRTctppp7n3sTJt27aVTz75xPdo+PDh csUVV/jKcn2DQCfXxBkPAhCAAAQgAAEIZIcAAp3scKVXCEAAAhCAAAQgAIHiJYBAp3jXjplD AAIQgAAECoWAetGpW7eubzrbbbedZMqjDgIdH1puQk4AgU7IN0A887/++mt5+umnZdOmTXLQ QQeJ/qCXKP3xxx+iL2qt700zZ86Udu3aeYtynkegk3PkDAgBCEAAAhCAAASyQgCBTlaw0ikE IAABCEAAAhCAQBETQKBTxIvH1CEAAQhAAAIFRKB///5yzz33RM0oE0IdBDpRWCkIMQEEOiFe /Eya/swzz8ipp57q67JFixby1Vdf+crycYNAJx/UGRMCEIAABCAAAQhkngACncwzpUcIQAAC EIAABCAAgeImgECnuNeP2UMAAhCAAAQKhYB60WnSpImoU4ZYqSxCHQQ6sYhSFlYCCHTCuvIZ tNuyLGndurV8/vnnbq9Vq1aVDz74wC53C/OUQaCTJ/AMCwEIQAACEIAABDJMAIFOhoHSHQQg AAEIQAACEIBA0RNAoFP0S4gBEIAABCAAgYIhcM0118gtt9yScD7pCHUQ6CREysOQEUCgE7IF z4a5t99+uwwePNjX9cMPPyxnn322ryxfNwh08kWecSEAAQhAAAIQgEBmCSDQySxPeoMABCAA AQhAAAIQKH4CCHSKfw2xAAIQgAAEIFAoBJJ50fHOMxWhDgIdLznyYSeAQCfsO6AM9m/cuFFu vvlmGTZsmNtLuXLl5NJLL5WRI0e6ZfnOINDJ9wowPgQgAAEIQAACEMgMAQQ6meFILxCAAAQg AAEIQAACpUMAgU7prCWWQAACEIAABAqBQBAvOt55BhHqINDxEiMfdgIIdMK+AwLav2LFCpkx Y4YsW7ZMli9fLvPmzZPp06fLypUr3R7atm0rY8aMkfbt27tlhZBBoFMIq8AcIAABCEAAAhCA QNkJINApO0N6gAAEIAABCEAAAhAoLQIIdEprPbEGAhCAAAQgkG8CqXjR8c41kVAHgY6XFPmw E0CgE/YdEND+AQMGyN133x23doUKFWTKlCnSpUsXqVixYtx6+XiAQCcf1BkTAhCAAAQgAAEI ZJ7A//3f/4l+36npxBNPlOeeey7zg9AjBCAAAQhAAAIQgAAEioiAI9CpWbOmvPDCC0U0c6YK AQhAAAIQgEChEnj00Udl/PjxaU1v6623lquuukouvPBCqVGjht0HAp20UNKoRAkg0CnRhc20 WdOmTZMnn3xS9FBEk3rO+fTTT21vOt6xGjZsKKNGjZIePXp4i/OaR6CTV/wMDgEIQAACEIAA BDJGAIFOxlDSEQQgAAEIQAACEIBAiRBwBDolYg5mQAACEIAABCBQIgS8HnUWL14se+yxh23Z 0KFDZciQISViJWZAIHUCCHRSZ0YLD4EFCxZI37597XBXnmI57rjj5Omnn5bq1at7i/OSR6CT F+wMCgEIQAACEIAABDJOAIFOxpHSIQQgAAEIQAACEIBAkRNAoFPkC8j0IQABCEAAAiVKoFq1 anLuuefKlVdeKWvXrkWgU6LrjFmpE0CgkzozWkQQ+Pvvv2XQoEFy1113+Z507NhRXn31Vdd9 me9hDm8Q6OQQNkNBAAIQgAAEIACBLBJAoJNFuHQNAQhAAAIQgAAEIFCUBByBjv6h5L333luU NjBpCEAAAhCAAAQKi8CUKVPKFFr+4osvliuuuEJ22GEH2zBCXBXW+jKb/BJAoJNf/iUz+pYt W6R58+Yyf/58n00aX/Cee+7xleX6BoFOrokzHgQgAAEIQAACEMgOAQQ62eFKrxCAAAQgAAEI QAACxUvAEejUqVNHVq9eXbyGMHMIQAACEIAABAqCwLp166RJkyaycuXKlObjeMzxCnOcDhDo OCS4QkAEgQ67IGME/vOf/0jv3r19/ZUrV05UINOmTRtfeS5vEOjkkjZjQQACEIAABCAAgewR QKCTPbb0DAEIQAACEIAABCBQnAQQ6BTnujFrCEAAAhCAQKESGD58uB2WKuj8EglznD4Q6Dgk uEIAgQ57IIMENNRVzZo1ZePGjb5e+/btKw8++KCvLJc3CHRySZuxIAABCEAAAhCAQPYIINDJ Hlt6hgAEIAABCEAAAhAoTgIIdIpz3Zg1BCAAAQhAoBAJpOI9J4gwx7ERgY5DgisEEOiwB+IQ ULFN+fLlRT3gpJKaNWsm3377ra+JxhdcvHixryyXNwh0ckmbsSAAAQhAAAIQgED2CCDQyR5b eoYABCAAAQhAAAIQKE4CCHSKc92YNQQgAAEIQKAQCQTxnqPCHHXOMHjwYNEz4CAJgU4QStQJ CwFCXIVlpQPaOW/ePLn55ptl0qRJUqlSJenZs6eMHTvWzgfp4sgjj5TXXnvNV1VFPhs2bJAq Var4ynN1g0AnV6QZBwIQgAAEIAABCGSXAAKd7PKldwhAAAIQgAAEIACB4iOAQKf41owZQwAC EIAABAqRQDLvOekIcxw7Eeg4JLhCAA867IEIAi1btpQvv/zSV3r99dfLDTfc4CuLd3PmmWfK E088EfV42bJlUq9evajyXBQg0MkFZcaAAAQgAAEIQAAC2SfgFeiccMIJMmHChOwPyggQgAAE IAABCEAAAhAoYAIIdAp4cZgaBCAAAQhAoIgIDBs2TK699tqoGZdFmON0hkDHIcEVAgh02AMe AqtWrZK6det6Sv5/9sADD5T3338/qjxWwYknnijPP/+871HFihVl06ZNdsgs34Mc3SDQyRFo hoEABCAAAQhAAAJZJoBAJ8uA6R4CEIAABCAAAQhAoOgIINApuiVjwhCAAAQgAIGCI6Dec2rV quWbVyaEOU6HCHQcElwhgECHPeAhsHTp0pixAlMR6LRu3VrmzJnj6VWkWbNmoqGz8pUQ6OSL PONCAAIQgAAEIACBzBJAoJNZnvQGAQhAAAIQgAAEIFD8BBDoFP8a5tuCDRs2iP6sVaNGjaRT 2bhxo1SqVEkqVKiQtC4VIAABCECgeAjcdtttctVVV7kTvuiii2Tw4MExz43dSilkEOikAIuq JU+gnGVSyVuJgYEI6Dfh1atXt73deBvceuutcuWVV3qLYuZ/++032W677exv5r0V1B3aTTfd 5C3KaR6BTk5xMxgEIAABCEAAAhDIGgEEOllDS8cQgAAEIAABCEAAAkVKAIFOkS5cHqf91Vdf ybhx4+S1116TBQsWyNq1a+3ZVK5cWXbaaSfp2LGjHHHEEaLe8tU7vpM+//xzad++vRx33HHy zDPPOMVcIQABCECgyAmo95wmTZrIn3/+KX379s2oMMdBg0DHIcEVAnjQYQ9EENBvrl966SW7 VMU6AwcOlOuvv973jXhEE/dWlZWqsPQmFezoN+4NGjTwFuc0j0Anp7gZDAIQgAAEIAABCGSN AAKdrKGlYwhAAAIQgAAEIACBIiWAQKdIFy4P01bvN/qHtHfccYds2bIl6Qx22WUXu/7pp59u /1Fuu3bt5JNPPrFFOh9++GHS9lSAAAQgAIHiIDB69GhbsJlJjzmRliPQiSTCfZgJ4EEnzKsf w3YVsxx88MGi36y3bNlS3nrrLdl2221j1PQXffPNN7L33nvLX3/95T4oX768rcI/7LDD3LJ8 ZBDo5IM6Y0IAAhCAAAQgAIHME0Cgk3mm9AgBCEAAAhCAAAQgUNwEEOgU9/rlavYzZ86U3r17 ix6Qaqpatar069dP/vWvf0mrVq1km222kYULF8r8+fPl6aeflhdffNEV8fTv319UrKN/zKtJ vegg0LFR8B8EIACBkiCgnnOChDksi7EIdMpCj7alRgCBTqmtaAbsee6556Rnz56i0c8aNWpk q+R79eolKriJlb7//nu7/uzZs32Pr7vuOrnxxht9Zfm4QaCTD+qMCQEIQAACEIAABDJPAIFO 5pnSIwQgAAEIQAACEIBAcRNAoFPc65eL2S9ZssT+49pVq1bZw3Xq1EkefPBB2W233eIOv3jx YunTp49MnTo1qg4CnSgkFEAAAhCAQBICCHSSAOJxqAgg0AnVcgc39t5775XLL79cNmzYYDfS b9b1hz31hqP5WrVq2e7O3njjDbn11lvdelq5Zs2acu2119rt44l6gs+k7DUR6JSdIT1AAAIQ gAAEIACBQiCAQKcQVoE5QAACEIAABCAAAQgUEgEEOoW0GoU3F/0j3K5du4r+Hl9T27Zt5YMP PpCKFSsmnaz+/KVeczT0iTch0PHSIA8BCEAAAkEIINAJQok6YSGAQCcsK52Gnb/++qsMHz5c HnjgAZ8AJ1FXp5xyiowYMUJ23HHHRNVy+gyBTk5xMxgEIAABCEAAAhDIGgEEOllDS8cQgAAE IAABCEAAAkVKAIFOkS5cjqY9ZswYufjii+3RNHyJesFP5Dkncloq8DnmmGPklVdecR8h0HFR kIEABCAAgYAEEOgEBEW1UBBAoBOKZS6bkSrUGT9+vHz77bd2jFoNaaUuLitUqCDbbbedHQar c+fOcvzxx9sK/LKNlvnWCHQyz5QeIQABCEAAAhCAQD4IINDJB3XGhAAEIAABCEAAAhAoZAII dAp5dfI/t6ZNm9qe8HUmPXv2lGeeeSblSS1btsw+A9i0aZPdFoFOyghpAAEIQCD0BBDohH4L AMBDAIGOBwbZ4AS2bNliC3TKlSsXvFGeaiLQyRN4hoUABCAAAQhAAAIZJoBAJ8NA6Q4CEIAA BCAAAQhAoOgJINAp+iXMmgFfffWV7LXXXm7/I0eOtENWuQUpZM444wx58skn7RYIdFIAR1UI QAACELAJINBhI0DgHwIIdP5hQa5ECSDQKdGFxSwIQAACEIAABEJHAIFO6JYcgyEAAQhAAAIQ gAAEkhBAoJMEUIgfv/zyy9KtWzeXwL333isXXHCBe59Kxvs7dgQ6qZCjLgQgAAEIKAEEOuwD CPxDAIHOPyzIlSgB7w8PY8eOlf79+5eopZgFAQhAAAIQgAAESpsAAp3SXl+sgwAEIAABCEAA AhBInQACndSZhaXFI488Iuecc45r7nnnnSf333+/e59qplWrVvLFF18IAp1UyVEfAhCAAAQQ 6LAHIPAPAQQ6/7AgV6IEEOiU6MJiFgQgAAEIQAACoSOAQCd0S47BEIAABCAAAQhAAAJJCCDQ SQIoxI8nTpwoJ5xwgkugdu3aMm/ePGnQoIFblkpmwIABcvfddyPQSQUadSEAAQhAwCaAQIeN AIF/CCDQ+YcFuRIlgECnRBcWsyAAAQhAAAIQCB0BBDqhW3IMhgAEIAABCEAAAhBIQgCBThJA IX786aefSps2bXwEVLDz3HPPSbly5XzlQW4efvhh6du3r3To0EHefffdIE2oAwEIQAACELAJ INBhI0DgHwIIdP5hQa5ECSDQKdGFxSwIQAACEIAABEJHQAU6FStWFMuy7L8EnTBhQugYYDAE IAABCEAAAhCAAAS8BBDoeGmQ9xLYsGGD1K9fX9auXestlm7dusm4ceOkVq1avvJkN0uXLpVr rrlGunTpIqeffnqy6lHPtf3XX38tixcvlnXr1ol69GnSpIkccMABaQmGNm3aJCtXrpQqVapI 3bp1o8b75ZdfZOPGjdKoUSOpXLly1PNCKAgLE/1ZfvXq1bJq1SrZbrvtZOutt47Cv2XLFlmw YIFUq1ZNdtppp7T2RFSn/yvQ8efOnSu6J5R5pUqVZI899pDmzZtLnTp14jULVJ5v2/T3I/q5 WrhwoW3bX3/9JfXq1bM9Zam3LN3/6aZM789050G70iCAQKc01hErMkMAgU5mONJLARNAoFPA i8PUIAABCEAAAhCAQAoEEOikAIuqEIAABCAAAQhAAAKhIIBAJxTLnLaR5557rjz00ENR7Xfe eWc577zz5Kyzzko75FVUp3EKnnnmGRkzZozMnDnT/mOLyGoNGza0BT+9evWSPffcM/Kxff/4 44+L9qOCHP2nQg8V+WhSW37++Wc7v2jRIhk0aJBMnTpVfvvtN7tMxTl9+vSRUaNG2WKe+fPn y+DBg6VmzZr2v6pVq0qFChXsun///beo8OfPP/+U9evXS7t27WTgwIH2s8j/rr76alvwoUIn FZVoHyqW0PYqRlF7unbtGtnMvi80JjEnmWahCmFUyKVr5KyV8tCf5zU9+OCDticmzf/4449y 6623yqxZs2yRyebNm7XY5tm0aVPp1KmT3HTTTTEFPXbFJP+pGGzo0KEyadIkWbZsWczaKmLp 3bu3vW+22WabmHWcwkKybfny5TJs2DB54YUXRPd9vKRCJP2cq40q2AuSMrE/g4xDnXARQKAT rvXG2iQEzDcMJAiUNIGPPvrIMh8D+9/YsWNL2laMgwAEIAABCEAAAqVMwPyy1DKu2O3v64xr 9lI2FdsgAAEIQAACEIAABCAQiMAxxxxjf39svEAEqk+lcBEwwhXLCFHc3487vyd3ruXLl7da tWplXXjhhdZTTz1laf1MJSOQsXr27Okbe6uttrKOPvpo68wzz7QOOuggy3hI9T0fPXp0zOEv uugiXz1n/nqtUaOG3ebll19OaKsRKNj1jBgkbl/efjV/6qmnxpyP/mwaWTfy3ngZimpbqEyi JlqGgtdffz0hGyPQsYy3HOv666+3jDjKrWs8IVk77rij+zO/w9N4g7EmT56c8oyefPJJS9+L Tj963X777S3jQcrefyZUm6X733mue1PnZIRZcccqFNtefPFFS7k4c3euxluOddRRR1lG2GQZ L0W+51rfCIzi2qYPMrk/Ew7Ew1AS+Pbbb909aYRzoWSA0RBwCKiilwSBkiaAQKeklxfjIAAB CEAAAhAIEQEEOiFabEyFAAQgAAEIQAACEAhEAIFOIEyhrmS8z7iHos5BfqKrCS9knXLKKZYK KUx4rLTYTZs2zRZbOOOoEMJ47LGM1w9ff/PmzbNMiCvf/EaMGOGrozcTJ06026u4onr16r76 KtD59NNPbaGOjrf//vtb7777rmVCcfnqqRjEhLyyjFcV68orr7QuuOACy3gX8dVx5rvDDjtY 55xzjjV+/PiouWiB8QZjGa88lgnTFdVe53PyySdHtS1kJjGNTLPwm2++sQVfKlBSjg5T5/rA Aw9YZ599tltuvAxZn3zyiWVCM9kjGm871oknnug+13bGs40tHgkyJd1jPXr08LXv3r27Zbz1 RDVXQVpk3Y4dO1pr1qyJqqsF+bbtjz/+8LFTNsZzky0sMt6KfHPW35888sgjPg4qgNK9Gytl en/GGoOycBNAoBPu9cd6PwEEOn4e3JUgAQQ6JbiomAQBCEAAAhCAQCgJINAJ5bJjNAQgAAEI QAACEIBAAgIIdBLA4ZFLYPjw4VGeSRzBRKKrCd9k9evXz1IhTdD0ww8/+EQ06gVVRULx0tKl S626dev6hATqISRemjNnjs/ziQkvZbVs2dJub0JkWb///rvdtE2bNr4+1VuP88zp24Sjsj35 RDJQgU+Q9MEHH/jGOOKIIywVmESmYmISOfey3CvfXXfd1ceocePG9r16zIkngFIPO82bN/e1 u+yyy5JOxYTIslq3bu2207133XXXxRWlaIf6ewbd4949oF6lIvdK5OC5tk3HVzGTd54quJkx Y0bk1Nx7EwLRV1/bfvbZZ+5zJ5Pt/emMwzXcBBDohHv9sd5PAIGOnwd3JUgAgU4JLiomQQAC EIAABCAQSgIIdEK57BgNAQhAAAIQgAAEIJCAAAKdBHB45CMwYcKEKCGM97A/Ub5y5coJRTbe gTp37uwTBZx11lnexzHzKsjxjn/ggQfGrOcUaqgib33Nawifn376yaliXXXVVb46xx9/vPvM m3n//fd99bSvoOFX1COPM499993XUoFIrFRsTGLZkG6ZehpyGHmvd911V8Iuhw0b5mu39957 J6yvD2+44QZfGw1ZFTRFhlELsm9zadsTTzzhs01ZasitRGmfffaJaqPvgciUi/0ZOSb34SOA QCd8a47F8Qkg0InPhiclQgCBToksJGZAAAIQgAAEIBB6Agh0Qr8FAAABCEAAAhCAAAQgEEEA gU4EEG4TEli3bp01evRoSwUwGnbKK5gIkr/xxhsT9v/QQw/5+tTwO0uWLEnYxnmoc/LO4cMP P3QeRV133313X11tFxkaS0MmaZmGS7r99tutZcuWRfXjFGhYLO/YDRo0iCu2cdro9YUXXnDb xfO6U6xMvHaWJX/ppZe6jBzG6gkmXqglZ6xJkyb52tWsWdN5FPM6e/Zsq1KlSm4b9cqkIaGC plWrVrlh0px5Tp48OWHzXNmme1fDfDnz0uuhhx6acG760BtKTNuot6nI8F252p9JJ0uFkieA QKfklxgDUyCAQCcFWFQtTgIIdIpz3Zg1BCAAAQhAAAIQiCSAQCeSCPcQgAAEIAABCEAAAmEn gEAn7DsgfftXrFhhPfvss9aAAQMs9bQRRLCjIYPiee34888/rdq1a/tEBF26dAk8QQ1F5BUg XH755XHb7rHHHr66OvdFixbFrZ/swVNPPeXrT+cxbty4ZM0sx/OIXmOlYmYSy550ygYOHBjF dsqUKUm7eu+996LaqYgmXor0FqPilFTTKaec4huzQ4cOCbvIlW29evXyzUs/h7FCVUVOVoU9 +hlU4VKLFi2sxx57zFcll/vTNzA3oSSAQCeUy47RcQiU03LzzQYJAiVL4OOPP5Z27drZ9o0d O1b69+9fsrZiGAQgAAEIQAACEChlAuYv7KRixYr6RwZywgkniHHNXMrmYhsEIAABCEAAAhCA AASSEjj22GPFeHmQOnXqyOrVq5PWpwIE4hH4/fffxYR7EuMJRl599VX5/PPPY1Y13mXEHLRK rVq1fM9feuklOe6443xlxnONDBo0yFcW72bGjBly8MEHu4979Oghzz//vHvvzTRr1syeg1N2 yCGHyPTp053blK/G2440btxYjLcft23btm1FzxbipS+//FJatmxpPzbeXqJs1wfFzCSe3amW X3bZZXLnnXf6mi1dulTq16/vK4u8MQIU2W+//XzF8drFqvv4449L7969fe2T3dxzzz1R50e6 143HpphNc2Hb+vXrxXgDkg0bNrhz0P0/b9489z7dTC73Z7pzpF3pEPjuu+/EiCttg0wYQRky ZEjpGIclEEiVQBzhDsUQKBkCeNApmaXEEAhAAAIQgAAEQk7A60HH/LI25DQwHwIQgAAEIAAB CEAAApaFBx12QbYIfPPNN1b37t19njvM+ZN9/+CDD0YNa/4wNqqu+aMKa8uWLYH+aSgsp3+9 tm7dOmoMpyDSg04ibztOm2RXc2DsG1/nYARLcZude+65dv0mTZpY+rNqrFTsTGLZlGpZpJcZ DR8WJH366adR62EEOjGbXn/99VF144Uci9nB/wpffvnlqH6GDx8et0kubFNvQ97PhebPOuus uHNK5UEu92cq86JuaRLAg05pritWpUcADzrmqxmptAngQae01xfrIAABCEAAAhAIDwGvB51E f00ZHiJYCgEIQAACEIAABCAQdgJ40An7Dsi+/TfccIPceOONvoHat28vH374oa+sW7duYgQO vrKy3DRs2FAWLlwYs4tIDzp33XWXXHLJJTHrBi00Ib9Ex9y0aZPb5OSTT5b//ve/7r2TUW9V O+20k6h3k5EjR4oRajiPfNdiZ+IzJs2bSC8znTp1krfeeitpb7G84sTzoNOzZ08x4dp8fSby fOOr6LlR71EHHXSQp0TkvPPOk/vvv99X5tzkwrZRo0bJpZde6gxpX4cNGybXXHONryydm1zu z3TmR5vSIoAHndJaT6wpGwEEOmXjR+siIIBApwgWiSlCAAIQgAAEIACBAAQQ6ASARBUIQAAC EIAABCAAgVARQKATquVOydgffvjBDiFy0kknif6BQ1nSaaedJuPHj3e7KFeunGzcuFEqV67s lu2///4ya9Ys914zGsZo22239ZUFudHQxhq2SoU3sVKkQEfFGWpnWVOfPn3ksccec7vReSxY sMAW7riFJjNixAg7dFeNGjVk0aJFdog573MnXwpMHFvSvUaKWDp37izTpk1L2l0qAp2OHTvK e++95+tT1814N/KVJbuZM2eOGM9Nvmpdu3aV1157zVfm3OTCtiuvvFKMFx9nSPt69913S79+ /Xxl6dzkcn+mMz/alBYBBDqltZ5YUzYCCHTKxo/WRUAAgU4RLBJThAAEIAABCEAAAgEIINAJ AIkqEIAABCAAAQhAAAKhIoBAJ1TLnZKxTzzxhJx55ply9NFHy+TJk1NqG1lZxQ4mrJSYcFXu o++//1523XVX91696nz00UfuvWbmz58vTZs29ZVl4iZSoKOee0y4tzJ3HUugMXjwYLntttvc vvXnUrXpp59+kgsuuEDuvfde91lkphSYRNqU6n0uRCz77befqKDHm+bOnSt77bWXtyhpXgVm KlrxpuOOO04mTZrkLXLzubDNhG+zvTS5g5pMpgQ6udyf3vmTDycBBDrhXHesjk0AgU5sLpSW EAEEOiW0mJgCAQhAAAIQgECoCSDQCfXyYzwEIAABCEAAAhCAQAwCCHRiQKHIJvDwww9L3759 ZffddxcN91PW1KVLF5k+fbrbzYwZM0Q9lzgpVpihmTNnSrt27ZwqGbtmS6CjE9QQTO+88447 12222UZ++eUXqV69ul2mYo3u3bvb+a+//lqaN2/u1o3MlAqTSLtSuc+FiCVWqCYNV9WhQ4dU pipvvvmmHHbYYb42utYTJ070lTk3ubBt9OjRUeHbbrrpJrn22mudaaR9zeX+THuSNCwZAgh0 SmYpMSQTBCwSBEqcgFHtW+azYv8bO3ZsiVuLeRCAAAQgAAEIQKB0Cfz999+WcaVuf19nXLSX rqFYBgEIQAACEIAABCAAgYAEjNcQ+/vjOnXqBGxBtbAQeOihh+y9UalSJWvz5s1lNvuiiy6y +3N+12684/j6vOKKK3zPtZ4JPeWrk6kb483HN5bxoJOpri0jxvD1rXbcf//9bv8mRJP9/PDD D3fL4mVKhUk8+4KUDxw40MdT+QVJn376qa+drsPSpUtjNh0wYEBU3XT2xHPPPRfVj/YdL+XC NiMIi5qTCcUWb0opledyf6Y0MSqXJAEjFHX38tChQ0vSRoyCQFACeNAxX9VJpU0ADzqlvb5Y BwEIQAACEIBAeAjgQSc8a42lEIAABCAAAQhAAALBCOBBJxinMNZyPOio7eoBxPH6ki4Lc5gv d9xxh928du3asnr1ajF/QOF29/rrr8sRRxzh3mtGPYyMGDHCVxbkZsWKFVKtWjWpWbNmzOrZ 9KBj/jDEDt2lIayc1KJFC/nqq6/kyy+/lJYtW9rFGjZMw4clSqXCJJGNyZ7lwsvM008/Laef frpvKmPGjBEjrvGVJbu5/fbbRUOaedMLL7wgxx9/vLfIzefCtiVLlsjOO+8sui+dtMsuu8gP P/zg3Aa+/vXXX1KxYkX3c5vL/Rl4klQsWQJ40CnZpcWwNAgg0EkDGk2KiwACneJaL2YLAQhA AAIQgAAE4hFAoBOPDOUQgAAEIAABCEAAAmElgEAnrCuf3G6vQKdr167y2muvJW+UoMZRRx0l r776ql3j4IMPlrfffttXW39ea9KkiSxcuNAtd4QtbkGAjPGcIm3btpV99tlHPvvss5gtsinQ 0QFHjhwpl19+uW9sFTM8//zz8uCDD9oCHj1s9gqUfJX/d1NKTGLZF6QsFyKWjRs3SoMGDWTN mjXulE444QSZMGGCex8ko4KrV155xa1aq1YtWb58uVStWtUt82ZyYZuO57znvWPr52Tffff1 FiXMz507167funVr0TMzTbncnwknx8NQEECgE4plxsigBIK62qEeBIqVACGuinXlmDcEIAAB CEAAAhDwEyDElZ8HdxCAAAQgAAEIQAACECDEFXsgHgEnxJU5K7LDigwfPjxe1aTla9eutbbZ Zhs3PImGxomVjIcdt44zrvE0E6tq3DLj6cfuo0OHDnHrZDPElQ5qvANZNWrU8NnSvn17q3r1 6nbZqFGj4s4t8kGpMIm0K+h9LsJA6VwGDRrkW68qVapYv/76a9BpWj///LOl4eCcfavX++67 L2H7XNk2ZcoU37x0bvvvv7+lvyMJmjQslrbbb7/9fE1ysT+N5x7r0ksvtbbddlvLiJ2sI488 0vr+++998+Cm9AkQ4qr01xgLgxOQ4FWpCYHiJIBApzjXjVlDAAIQgAAEIACBSAIIdCKJcA8B CEAAAhCAAAQgEHYCCHTCvgPi2x8p0DHeXqxx48bFb5DgiQkV5AoE9JDdeBWJWXvLli3WAQcc 4NZVQYCKaVTwEiSpmEfnmUwcsdtuu/nGePHFF4N0n1KdCy+80DeGzkn/Ga8q1u+//x64r1Ji EthoT8VLLrnEx7FTp06ep/Gzs2bN8rVT9osXL47b4M8//7T3mrNOeu3du7dlvMTEbeN9oHW9 bbt16+Z9HDOfK9t08NNOO803P53rvffeG3NekYXvvvuuVb58ebt9ZJtc7E8T5i5q7rvuuqul a0YKDwEEOuFZayxNTgCBTnJG1ChyAgh0inwBmT4EIAABCEAAAhD4HwEEOmwFCEAAAhCAAAQg AAEI+Akg0PHz4O4fApECHT3QVw8hJuzPP5UC5KZNm+Ye7msfTz75ZMJW8+fPt+rWres7kO/c ubNlwg8lbPfyyy9bderUsduZEFpxvYOo4GKrrbby9f/AAw8k7Dudh/PmzXPFQl7hhoqVUk2l wiRVu7X+Kaec4lsrE54sUDcvvfSSr52ugQnrlLCtinpUQOVdr169elnqwSVRuvXWW31tTLgs a8WKFYma2M9yaZt+fkwIOd88a9eubSXzUPXFF19YjRo1stu1adMm5ucq2/vz0EMP9c3bWZ+n n346KWMqlA4BBDqls5ZYUnYCCHTKzpAeCpwAAp0CXyCmBwEIQAACEIAABAISQKATEBTVIAAB CEAAAhCAAARCQwCBTmiWOmVDYwl0nIPx1q1bW+PHj7fUe0a8pKKG66+/3qpQoYJ7uK6haYIk PYiNFBOoSGDixIlRYolFixZZF1xwgTvG9ttvby1cuNA3jNZR8cUbb7xh9e3b163r2LPDDjtY GnbqzTfftPQ8QEUJmUhdu3b1jaXefdS2dFKpMElmu4ZD++STT6z33nvPGj16tFW5cmUfQ12z wYMHW2+99ZZdb9myZW6Xum66fs8995zVqlWrqHYHHXSQNWnSJOvjjz+2VEAVK+nY9erV87XV fTt37lxf9c2bN9tjHXvssb666tlF5xAr5ds29SC0zz77+OarPNX7z8qVK31TXrVqlTV27Fg7 pJTWqVmzpjV79mxfHe9Npvent++jjz46as46JxVPkcJDQPeYrrv+Gzp0aHgMx1IIxCBQTsvM h4EEgZIlYL5Zk3bt2tn2mW9IpH///iVrK4ZBAAIQgAAEIACBUiZg/lJSKlasqH9kID169JDn n3++lM3FNghAAAIQgAAEIAABCCQlYA6XxXhQEON5REwYoaT1qRAeAg8//LAYMYttcNu2beXB Bx+UM844Q4xQwYVgRDRy2GGHiV4bN24s9evXl59++kmMpxKZPn26fP31127d888/X0aOHCnV q1d3yxJlfv31VzFCDHnqqafE/LGFW3W77baT/fbbT4z3D/n+++/ls88+c58dccQR8vjjj4sR 6bhlmrn44otlzJgxvrJENzVq1JB169YlqhLo2auvvipHHXWUW9cIPeSVV15x71PNlAKTZDZP nTpVjLApWTX3+fDhw+WKK66w73VvGKGJ+yxRZu+995bPP/88ZhXdw1dffbX897//Ff09gpNa tGghu+yyixjxihiximzcuNF5JMa7lFx++eVy3XXXSdWqVd1yb6YQbPvjjz/sz4PxZCVGYOdO z4jHZPfdd7c/x/q5WrBggftMP9dGHCcm/JxbFiuTyf3p7f+ee+6JeS5nwp2JEWp5q5IvYQLf ffedmJCHtoVGoCNDhgwpYWsxDQKJCSDQScyHpyVAAIFOCSwiJkAAAhCAAAQgAAFDAIEO2wAC EIAABCAAAQhAAAJ+Agh0/Dy4+4eAI9DRP3JQwY0KGjZt2mQLXe677z758ccf/6mcIGfC/cgj jzwiKk5JJ+mhrB7GPvvss2K8lsTsYuedd7bFEfrHtSo0iEz333+/XHTRRbY4SAVCKqAwnn3c uvqzovH4Ixs2bJA///xTypcvLypkKGvSPw5RMZGKOTSpaOmQQw4pa7dSzEySGa8iFt0ruk4q lKpWrZq7VspT10qFMevXr7fX6uabb3YFOia0mRhPSe46q2hG11KTs8a6vtr2+OOPF+MFKuF0 VGB2ww03iAmXZe/9WJV1L5kQTHLLLbdIy5YtY1VxywrJNv383nbbbfLEE0/Etc2EmpN///vf Yjxh2YI415AkmUzsz8ghrr32Wnn00UdtAZaK80wIMTHegNzPVmR97kuPAAKd0ltTLEqfAAKd 9NnRskgIINApkoVimhCAAAQgAAEIQCAJAQQ6SQDxGAIQgAAEIAABCEAgdAQQ6IRuyQMbbMI9 iXqkUS82KoLwJv3ZSsUGKjjR359/8803smbNGvug34Qksj3pqLeR4447Tnr27Clbb721t3la efX2oV49dCw9qFWxxo477mh7/VARTCxhTloDZbiRCbdle2Jp1qyZ6Octk6lYmWSSQS76Ug9O KmjRvWfC7NgendRLU8OGDW2vMioiKtakwjT9XKld6jlHbTUh32xPOu3bt7e9EKdrW7b2pwl/ Jh07dhQT+sr2AJfu/GhXXAQQ6BTXejHb7BJAoJNdvvReAAQQ6BTAIjAFCEAAAhCAAAQgkAEC +ktk/Qs6vRLiKgNA6QICEIAABCAAAQhAoOgJINAp+iXMqgF6wK4edIImPezX+oUqlglqB/Ug AIHCJXDvvfdKv379bK9Zd9xxR+FOlJlllAACnYzipLMiJ4BAp8gXkOknJ4BAJzkjakAAAhCA AAQgAIFiIIBApxhWiTlCAAIQgAAEIAABCOSSAAKdXNJmLAhAAAIQKCuBXr16yVNPPWWHvDrr rLPK2h3ti4QAAp0iWSimmRMCCHRygplB8kkAgU4+6TM2BCAAAQhAAAIQyBwBBDqZY0lPEIAA BCAAAQhAAAKlQQCBTmmsI1ZAAAIQCAOBlStX2qHFNm7cKB999JHsv//+YTAbGw0BBDpsAwj8 QwCBzj8syJUoAQQ6JbqwmAUBCEAAAhCAQOgIINAJ3ZJjMAQgAAEIQAACEIBAEgIIdJIA4jEE IAABCBQMgVtuuUWuueYa2XPPPWXu3LmE0yuYlcn+RBDoZJ8xIxQPAQQ6xbNWzDRNAgh00gRH MwhAAAIQgAAEIFBgBBDoFNiCMB0IQAACEIAABCAAgbwTQKCT9yVgAhCAAAQgEIDAt99+a3vM Wbt2rYwbN05OP/30AK2oUioEEOiUykpiRyYIINDJBEX6KGgCCHQKenmYHAQgAAEIQAACEAhM AIFOYFRUhAAEIAABCEAAAhAICQEEOiFZaMyEAAQgUMQEfv/9d2nXrp2oSKdp06b2tUKFCkVs EVNPlQACnVSJUb+UCSDQKeXVxTabAAIdNgIEIAABCEAAAhAoDQIIdEpjHbECAhCAAAQgAAEI QCBzBBDoZI4lPUEAAhCAQHYIdOvWTV5++WWpUqWKvPPOO7ZYJzsj0WuhEkCgU6grw7zyQQCB Tj6oM2ZOCSDQySluBoMABCAAAQhAAAJZI4BAJ2to6RgCEIAABCAAAQhAoEgJINAp0oVj2hCA AARCQuCXX36RnXfeWcqVKyePPfaY9O7dOySWY6aXAAIdLw3yYSeAQCfsOyAE9iPQCcEiYyIE IAABCEAAAqEggEAnFMuMkRCAAAQgAAEIQAACKRBAoJMCLKpCAAIQgEBeCIwdO1ZatWolBx10 UF7GZ9D8E0Cgk/81YAaFQwCBTuGsBTPJEgEEOlkCS7cQgAAEIAABCEAgxwQQ6OQYOMNBAAIQ gAAEIAABCBQ8AQQ6Bb9ETBACEIAABCAQegIIdEK/BQDgIYBAxwODbGkSQKBTmuuKVRCAAAQg AAEIhI8AAp3wrTkWQwACEIAABCAAAQgkJoBAJzEfnkIAAhCAAAQgkH8CCHTyvwbMoHAIINAp nLVgJlkigEAnS2DpFgIQgAAEIAABCOSYAAKdHANnOAhAAAIQgAAEIACBgieAQKfgl4gJQgAC EIAABEJPAIFO6LcAADwEEOh4YJAtTQIIdEpzXbEKAhCAAAQgAIHwEUCgE741x2IIQAACEIAA BCAAgcQEEOgk5lMoT7ds2SIVK1ZMeTp///23VKhQIeV2NIAABIqLgGVZsnnzZqlSpUpKE9ff k/z1119J26XyLtF5VK5c2TePjRs3+u5TvSlfvnxUn6n2Eas+79ZYVAqzDIFOYa4Ls8oPAQQ6 +eHOqDkkgEAnh7AZCgIQgAAEIAABCGSRAAKdLMKlawhAAAIQgAAEIACBoiSAQKfwl23GjBnS uXNne6LVqlWzD9L18FsPrMuVK+caoAf0eoi+adMm+9+GDRukfv368v3330uNGjXcemQgUCgE 3nvvPXn//felQYMGcvTRR8u2225bKFMrunn89NNP0qRJE/udULVqVdF/+p5QYZ/3PaG/F1FR ir4n9B2hYpo99thDvvnmm4Q277bbbvLDDz9I9erV7X/ar76DNOm7R0U+2p8KcbT/lStXuuup Y+l8yppq1qwpdevWle23317atGkjhxxyiBx88MF2WTp9825Nh1r+2iDQyR97Ri48Agh0Cm9N mFGGCSDQyTBQuoMABCAAAQhAAAJ5IoBAJ0/gGRYCEIAABCAAAQhAoGAJINAp2KVxJ/bEE0/I mWee6d6nmlm2bJnUq1cv1WbUh0BWCQwdOlSuu+46d4w6deqICnb23HNPt4xMcAIrVqyQxo0b y/r164M3+l/NZAIdFeA4YpygnXsFOirYUbHgqlWrgjYPXE/n1b17d7nsssvkgAMOCNxOK/Ju TQlX3isj0Mn7EjCBAiKAQKeAFoOpZIcAAp3scKVXCEAAAhCAAAQgkGsCCHRyTZzxIAABCEAA AhCAAAQKnQACnUJfIZG1a9fKr7/+anunWLduncybN09GjBgh3377bdTk1QvJ2WefLTvssIOo t4lKlSpJ06ZNCXMVRYqCfBJQEUnt2rVtTyveeZx66qny9NNPe4vIp0BA3xPLly+XP/74w34/ 3HHHHTE94xxzzDH2e0I9F9WqVcv2iKPinkRp5syZtvjn008/lVGjRsmSJUt81dWzzSWXXCLt 2rWzPdq0bNnS995RwY7OT+e2YMECu663744AAEAASURBVI9PPvnE14fe3HvvvfKvf/3LDWel 3nfUK4/+W7hwoXz44Yf2v7lz59oew7wddO3aVR577DHbI5O3PF6ed2s8MoVZjkCnMNeFWeWH AAKd/HBn1BwSQKCTQ9gMBQEIQAACEIAABLJIAIFOFuHSNQQgAAEIQAACEIBAURJAoFOUyyav vPKKHRLIO/sqVarImjVrMhJKxttvpvNDhgyRzz//XPr37y96oE4qPgJlXUMNp9S8efMowzVk 0fTp06PKKUiPwGuvvSZHHnmkr7GGmlq9enWZ3hO///679OjRw12rtm3b2u8kFekETfoO2Gef fXzVt9lmm8BedtQbz4033mgLejS0n5N0Dk899ZQcfvjhTlFK12J+t6ZkaBFWRqBThIvGlLNG AIFO1tDScaEQQKBTKCvBPCAAAQhAAAIQgEDZCCDQKRs/WkMAAhCAAAQgAAEIlB4BBDrFuaZz 5syR1q1b+yavIWSWLl3qKyvEGxVmqEDjwQcflL59+xbiFJlTEgJlXcPNmzfL1ltvHRWO6eKL L7Y9qyQZnscBCWTzPfH+++9Lhw4d7Jm8+OKL0q1bt4Cz+v/VNPSevrO8affdd4/pGcxbJzL/ 5JNPSu/evUXDcDmpRo0aoh5/9tprL6co8DWbzAJPgooxCSDQiYmFwpASQKAT0oUPk9kIdMK0 2tgKAQhAAAIQgEApE0CgU8qri20QgAAEIAABCEAAAukQQKCTDrX8t/niiy+kVatWvoloWKvF ixf7ygrxpnr16na4LgQ6hbg6weaUiTUcPny4XHnlle6AGmpJz2KaNWvmlpEpG4FsvifUg43j MUfD7am4JpW0YsUKqVevnq/JHnvsETMkl69SjJt+/frZnnS8j3bbbTeZNWuWHUrNW54sn01m ycbmeWICCHQS8+FpuAgg0AnXeofSWgQ6oVx2jIYABCAAAQhAoAQJINApwUXFJAhAAAIQgAAE IACBMhFAoFMmfHlrXKyHyIsWLZKGDRva3BDo5G37lGngTK7h7Nmz5fXXXxf1eKIeWBo1alSm udHYTyCb74m1a9e64pcFCxZIkyZN/IMnucukQOeHH36wBUL6Ox9vuu2222Tw4MHeoqT5bDJL OjgVEhJAoJMQDw9DRgCBTsgWPIzmItAJ46pjMwQgAAEIQAACpUgAgU4prio2QQACEIAABCAA AQiUhQACnbLQy1/bYj1E1gPzq666ygaHQCd/+6csI7OGZaGX27bZfE8UkkBHqarHnPnz5/sA H3nkkfLKK6/4ypLdZJNZsrF5npgAAp3EfHgaLgIIdMK13qG0FoFOKJcdoyEAAQhAAAIQKEEC CHRKcFExCQIQgAAEIAABCECgTAQQ6JQJX94aF+Mhsv48tuuuu8qPP/5oc0Ogk7ftk/bArGHa 6PLSMJvviUIT6HTp0kWmT5/u46xh09asWSPly5f3lSe6ySazROPyLDkBBDrJGVEjPAQQ6IRn rUNrKQKd0C49hkMAAhCAAAQgUGIEEOiU2IJiDgQgAAEIQAACEIBAmQkg0Ckzwrx0UIyHyM88 84yceuqpLi8EOi6KosmwhkWzVPZEs/meKDSBTrt27UTP8rypQoUKsmnTJtFr0JRNZkHnQL3Y BBDoxOZCaTgJINAJ57qHymoEOqFaboyFAAQgAAEIQKCECSDQKeHFxTQIQAACEIAABCAAgbQI INBJC1veGxXbIbJ6tjj66KNl48aNLjsEOi6KosiwhkWxTL5JZvM9UUgCnS1btshWW20lGzZs 8NnfpEkTWbBgga8s2U02mSUbm+eJCSDQScyHp+EigEAnXOsdSmsR6IRy2TEaAhCAAAQgAIES JKACncqVK8vff/8tPXr0kOeff74ErcQkCEAAAhCAAAQgAAEIBCeAQCc4q0KqmalDZP0ZafXq 1bJq1SrZbrvtZOutt44yUw+/9ZC7WrVqstNOO0m5cuWi6iQqmDJlivTs2VP+/PNPX7VMC3SW Ll0qX3/9tSxevFjWrVsntWvXFj2gP+CAA1Kes05UPW+sXLlSqlSpInXr1vXNXW9++eUXW3DU qFEj++fMqAoJCubPny+LFi2SJUuW2CF46tevL02bNpVddtlFNCxPJpNlWTaXhQsXijL666+/ pF69etKgQQP7n84/Wcr2GqrYQ1nrz+u6x1JNuo/nzp1rr4naWKlSJdljjz2kefPmUqdOnVS7 89XPxWfEN2AGbzL1nog1pUIS6MSyU+c8cOBAGTlyZKzpxy2L1dcOO+xgv1fiNuJBTggg0MkJ ZgYpEgIIdIpkoZhm+gQQ6KTPjpYQgAAEIAABCECgkAgg0Cmk1WAuEIAABCAAAQhAAAKFQACB TiGsQupzSOcQWQUM11xzjS3GUTGEinJUnKM/J2nyCmZ+/PFHufXWW2XWrFm2uGPz5s12HRXp qJCkU6dOctNNN8UU9GhFFaCMGTNG3nvvPZk9e7bdNvK/ffbZRxo3bhxZbN+3bdtWrr766pjP Igs17JKONXPmTFExSmRq2LChnH766dKrVy/Zc889Ix/b948//rhoP8rFYaMiH00777yz/Pzz z3ZeRTWDBg2SqVOnym+//WaXqaikT58+MmrUKFvMYxfG+G/FihXywAMPyLhx4+Tbb7+NUeP/ Fynbyy67zPY4lKoYytvp8uXLZdiwYfLCCy/YYiDvM29ehSxnnXWW9O7dW1Qo5KRsrOEff/xh j6N7T/8pa+WooiFNuk7KJ2hSMdbQoUNl0qRJsmzZspjNVIiktum6bbPNNjHrOIW5/Iw4Y2bz ms57Iuh8Ckmgc8EFF8j999/vm7qKavT9pddUUjaZpTIP6kYTQKATzYSSEBMw3/CQIFDSBD76 6CP9rt7+N3bs2JK2FeMgAAEIQAACEIBAKRMwnnMsE3vc/r7OeNApZVOxDQIQgAAEIAABCEAA AoEIHHPMMfb3x8bLRKD6VCoMAp9//rn7O2vnd9fmIDrh5F5//fWoNk5bvRqBjmW85VjXX3+9 VbVqVbeu8SBj7bjjjpYRi7hlWt94YbEmT54cc8yXXnrJV9c7TpB8t27dYvbrLTTCDst45vGN Y8LcWCaUlnXmmWdaBx10kFWxYkXf89GjR3u7cPMXXXSRr553jjVq1LDrvfzyy1bNmjXj1jMi ELe/yIwR5FjGm4/b1gidLCPEsc477zzr3HPPtQ488EDLCH3c5zp+ixYtLCOUiuwq0P2LL75o r4/XDs0bbznWUUcdZY9tvCX5xtP1NAIVt/9srKERKfnGjJyfEei44yfLPPnkk5a+t7x9bL/9 9pbuHV3/Dh06WOXLl3ef697Qvb1+/fq4XefyMxJ3Ehl8kM57Iujwv//+u8vWeNgK2sytZwRk bntnDY1YzH0eNHPXXXdF9WO8UFlz5swJ2oWvXjaZ+QbiJmUC+h519ooR5qXcngYQKCUCeNAx bwNSaRPAg05pry/WQQACEIAABCAQHgJ40AnPWmMpBCAAAQhAAAIQgEAwAnjQCcap0Gql4+VB vbaopxlzsC5vvfWWHV7Ja5d6d9HfhT/yyCN2cdeuXeXmm2+WVq1aiRG62KGY+vbtKxMmTHCb qUcS9bQSGRpLPR2MHz/eracZDTWjHlScZEQpcvjhhzu3vutxxx0n6mEnXpo+fbqcccYZbtgZ I8QQnZt6U9FQXU765ptvbO82H374oVMkI0aMsD3UuAUmo15mjDjDDgH15ptvihFxuI+NQEdm zJghRvBjh+naf//9bVtuuOEGmTZtmlvPiJpsRhoSy5s0RJh68fn111/tYg29pZ5ftF9v0rme f/758s4777jFGvJKxzYCKbcsUUa9/lxyySXuGmpd80cqMmTIEBkwYIBsu+22bnP9+Vg9B519 9tlumY6jobvUc0821lDDnF111VX2PlC7NHSaNwXxoKOeiJTTxIkT3abdu3eXO++8M8ojk4b1 uvTSS311O3bsKEZsZYdAczv4XyaXn5HIsbNxn857Iug88u1BRz0wqdec6667zvUCpnPXcHTq DatLly5BTfHVyyYz30DcpEwADzopI6NBKRMoJbURtkAgFgE86MSiQhkEIAABCEAAAhAoPgJ4 0Cm+NWPGEIAABCAAAQhAAALZJYAHnezyzVbvZfXysGnTJmvXXXd1vRGYMyzLhJuy79VjjhHX xJy6ethp3ry5r50JxxSzbmShevjRcZx/6rEnnfTDDz9Y1atXd/tRzz5GaBK3q6VLl1rm0N6t r+Orh5l4ST1veD2vqLebli1b2u1NiCxLPYdoatOmja9P9dbjPPP2/fbbb/vq6fhGDOWt4uaV b7t27Xz11auIEba4dRJljKjK11Y9HxkhTNwmRqDnq69z++yzz+LWz9Qa6gD683nr1q194yfz oGNCrfna6NobgYZlxEZx56zj9OvXzzeOEZ3FXCtvJ/n4jHjHz0S+rO+JRHPIhged3Xff3fbi pZ8D7z8jPLPUS48JmWc9++yzlnqr8nr5ct4pJlSbZcKmJZp20mfZZJZ0cCokJIAHnYR4eBgy AhrTkwSBkiaAQKeklxfjIAABCEAAAhAIEQEEOiFabEyFAAQgAAEIQAACEAhEAIFOIEwFVykT h8h9+vTxiRacQ24NGZMoDRs2zNdu7733TlTdfZYpcUfnzp194+uhfLKkghzHPr1qSKlESUMl eetrXkNA/fTTT24z4wnGV+f44493n3kzN910k6+e9tWrVy9vFV/eeNKJCncVRMz0xBNPRI2j IZsSJeOlKKqN8ZAUt0mm1tAZ4OKLL/aNn0ygY7wW+epryKqgKTKMWZB9k+vPSFBbgtbLxHsi 3ljZEOhEfuaC3Gs4K11L4yUr3lRTKs8ms5QmQuUoAgh0opBQEGICCHRCvPhhMR2BTlhWGjsh AAEIQAACECh1Agh0Sn2FsQ8CEIAABCAAAQhAIFUCCHRSJVYY9TNxiGxC//jEDnoYrh5YEnkj UesnTZrka1ezZs1AUDIh7njooYd8Y5vwTdaSJUsCja+iHO+Bf6IDffXk4a2reRMayzfOX3/9 ZZedeOKJ1u23324tW7bM99y5+c9//hPV12233eY8jnmN9KJjQn7FrOcU6tgm3JhvnEMPPdR5 HPdqwlv52qi3oDVr1sStn4k19Hau3m+8nBMJdGbPnm1VqlTJra9ekUzING93CfMmJJJlwoq5 7XXcyZMnJ2yT689Iwsmk8TAT74l4w2ZDoKOeq3QfR/5TEY53n3jzjRo1sj1S6e97MpGyySwT 8wtzHwh0wrz62B5JAIFOJBHuS44AAp2SW1IMggAEIAABCEAgpAQQ6IR04TEbAhCAAAQgAAEI QCAuAQQ6cdEU9INMHCIPHDgw6tB7ypQpSe3WMDPeA3LNq/ghWSqruEPDPNWuXds3dpcuXZIN 6z6PFINcfvnl7rPIjIaV8tqowoFFixZFVgt0v3r1al9YJhX/aNitROncc8/1jZ/MS5F65PHO V0M/JQpV5Yytwh5lqMKXFi1aWI899pjzKOa1rGsY2al6wPHOO5FAJ9Lbj4qLUk2nnHKKb7wO HTok7CLXn5GEk0njYSbeE/GGzYZARz938ZKOp+HnbrzxRktDt3n3jeZV1KaftbKmbDIr69zC 3h6BTth3APZ7CZTTG/PyI0GgZAl8/PHHYr642/aNHTtW+vfvX7K2YhgEIAABCEAAAhAoZQLm L0GlcuXKYoQ60qNHD3n++edL2VxsgwAEIAABCEAAAhCAQFICxx57rBgvElKnTh0xh5tJ61Oh MAh88cUX0qpVK99kjHhCFi9e7CtLdHPZZZfJnXfe6atihCNSv359X1nkjRF+yH777ecrDtLO HKqL8XbjtjNhm6Rv377ufbLMSy+9JMaTjK+a8VwjgwYN8pXFu5kxY4YcfPDB7uNEPxM2a9ZM zGGwW/eQQw6R6dOnu/epZjZt2iSzZs2SihUrSvv27ZM213XR9XFS06ZNZf78+c6t77p+/Xox 3mRkw4YNbrnOf968ee59pjJlXcPIeZiQVWIEF26xEejIuHHj3HsnE2vPPf7449K7d2+nSqDr PffcE3W+o+tsRFMx2+f6MxJzEmUozMR7It7wa9euFSOYsx8vWLBAmjRpEq9qzPIVK1aICRvn e2YEOmJCvPnKYt0YsZ5ceOGFYrxT+R4bwZVMnTpVjCcoX3kqN9lklso8qBtN4LvvvhPdI5qG Dh0qQ4YMia5ECQRCQgCBTkgWOsxmItAJ8+pjOwQgAAEIQAACpUTAK9Dp3r27TJw4sZTMwxYI QAACEIAABCAAAQikTACBTsrICqJBJg6RI8UHDRo08Alo4hkaSyyRC4HOgAED5O677/ZNa8KE CXL88cf7yuLdLF++XFTE5KT/x955gE9NZX//0KuCiihKtYMUESnuAiIWrBR1xYIirOgqoKJi WayAhVWR4ipiX8HKKghix4aCBUGxrSIoooDA0pTu5r0n7z8xmV4y85vJfO7z/Exyc8s5n5NE ZvKdc1u3bi3qS6wSKdAx2XbkjjvuiNU067qlS5fKt99+KypY0D+18+2335Z3333XHTuRQGfm zJly4oknum11p1+/fvLwww/76oI4KCuBTqSQR31RPirISKeoGFGfed4yatQoueqqq7xV7n6+ 7xF34oB2gnhOxDOlLAU6apPmjtDvdaZNm+YzUYU7KsTKtOSSWaY20e//E0Cgw5UAgT8IIND5 gwV7ISWAQCekgcUtCEAAAhCAAARKjgACnZILOQ5DAAIQgAAEIAABCCQhgEAnCaACPR3ES+RI 8UGXLl3kzTffTOpxWQl0unfvLtOnT09qX6oNGjRoICqOiVUiBTp33323XHbZZbGapl2nmaqm Tp1q/2Bk7ty5snr16qRjJBLojBkzRoYMGeIbY+TIkTJs2DBfXRAHZSXQ6d27tzzzzDM+FxJl vvE19ByoqKdz586eGpELL7xQJkyY4KtzDvJ9jzjzBrUN4jkRz5ayFuioXSpoq1+/vmzbts01 c6eddrKFhjVr1nTr0tnJJbN07KBtNAEEOtFMqCldAgh0Sjf2JeM5Ap2SCTWOQgACEIAABCAQ cgIIdEIeYNyDAAQgAAEIQAACEEibAAKdtJEVRIcgXiJHig+6du0qb7zxRlL/ykqg065dO3uZ KK+BuhzXbrvt5q1KaV+XmtJlq1R4E6tECnRUHPKXv/wlVtOU6zQzzg033GBnttm+fbuvn2Yv 0qWvDj30UDvLjwp4vGKkRAKda665RjQLjLdopqGBAwd6qwLZLyuBTqdOnWT27Nk+HzJZVmnB ggWimZO8pVu3bvLyyy97q9z9fN8j7sQB7SxcuFBatmzpG02XlVq5cqWvLpMDHcNZDm/JkiXS uHHjtIbJZokr70THHnusvPbaa94qe5k0XS4tkxLEszWTeemTnAACneSMaFFCBEwaMQoEQk3g gw8+sMwtbf+NHz8+1L7iHAQgAAEIQAACEAgzgd9//92qUKGC/e86kwo5zK7iGwQgAAEIQAAC EIAABFIicNJJJ9n/Pq5du3ZK7WlUGAQ+/fRT9ztr57trs3xTWsZdfvnlvjGMQCel/vPmzfP1 0/nNEldJ+6p9jq26nThxYtI+3gbt27f39dcxFi1a5G0S2P6BBx7om8uIZbIa+9FHH7V23nln 35hqvxHlWGaJHsv8mMQ3/tixY31tjUDHd957YEQkvrY6rhHoeJsEtp9tDCMNufHGG322G1FF ZBP72AiXfO3URyM+idk2UaX5MXbUOD169IjbJd/3SFxDMjyxYsWKKH/1OxH9biTbYsRO7tgm K1TawxnBmttf46l/et+lWwYMGBA1jlmSLt1h3PZBPFvdwdgJlIDJmuXGesSIEYGOzWAQKDYC us4fBQKhJoBAJ9ThxTkIQAACEIAABEqIAAKdEgo2rkIAAhCAAAQgAAEIpEQAgU5KmAquURAv kfMtPkhV3DFnzhzLLNtkmeW2fNxPP/109+Ws80LfLBHlaxPUQZACnXHjxlnlypXz2b7PPvtY s2bNimtuOgIdZeXwcLbDhw+PO3Y2J7KNYeTcqQp0TKavKB/NclWRwyU9NplWosZJ9OOdfN8j SR3IoEG1atWifDbZazIYyd/FZHmyx61atar/RIpHQQl0zNJzUf6dcMIJKVoR3SyIZ2v0qNQE QQCBThAUGSMsBBDohCWS+BGXAAKduGg4AQEIQAACEIAABIqKAAKdogoXxkIAAhCAAAQgAAEI 5IEAAp08QM7BFEG8RM63+CBVccf1119vv3A3SzT5yF111VVRL+LN0lO+NkEdBCXQ0Swv5cuX 99ltluSy9EVzopKOQMcRSjjiHN32798/0fAZn8s2hpETpyrQGTx4sI+h+phJVqNnn302ahwd O17J9z0Sz45s6ps3bx7ls2YSyrZcfPHF9rgtWrTIaKigBDqxMkglyjiVzNggnq3J5uB8ZgQQ 6GTGjV7hJIBAJ5xxxSsPAQQ6HhjsQgACEIAABCAAgSImgECniIOH6RCAAAQgAAEIQAACOSGA QCcnWHM+aBAvkfMtPshW3PHyyy9HCQ305XwmRcUBGzdujNs1KIFO9+7do2x+77334s7rnLjj jjt8/byCg5UrV1qnnnqqNXLkSLv5Tz/95C7l7Ih0NENPJmXbtm1Ry215x8k2ht6xdD9Vgc7k yZN9PNRPzUyUbhk1alTUOM8//3zcYfJ9j8Q1JIsTkYyVXbYZlrZu3WrVr1/fZqnCuUxKUAId R9DnXPu61WW81MZMShDP1kzmpU9yAgh0kjOiRekQQKBTOrEuWU8R6JRs6HEcAhCAAAQgAIGQ EUCgE7KA4g4EIAABCEAAAhCAQNYEEOhkjbBMBgjiJXK+xQd77723TxwxYcKEmOyuvPJKu92g QYN85/XzXMOGDX1jNGvWzNcmlYOPP/7YXnKqdevWcZsHIdBRe3X5H69w4KCDDoo7p/fEmWee 6evnFegsXrzYPlejRg23i3Mfe+eaN2+eez6Vnc8++8yqWLGi1bZt27jNs41h5MCR4pGzzz47 sol9vHnzZqt27do+JipSSrfo0kdeRjvttJOlY8cr+b5H4tmRTf0PP/wQlcXpsMMOy2ZIa9iw YS5HfX+WSQlKoDN69GjXFm9sv/jii0zMsoJ4tmY0MZ2SEkCgkxQRDUqIAAKdEgp2qbqKQKdU I4/fEIAABCAAAQiEjQACnbBFFH8gAAEIQAACEIAABLIl4LzY15fflOIhEMRL5HyLD1q1auV7 kX777bfHBH766afb7WJl+YjMLKMv5GfMmBFznHiVvXr1ssfv2LFjvCZWEAKdpUuX+vxVW/v2 7Rt3Tu+Jxo0b+/omE+i8+OKLvvY6V7t27Sz9DJxq0WWxtF+bNm3idgkiht7BUxXoaJ+hQ4f6 fKxSpYq1YsUK73AJ91WoUqlSJd8Y9913X8I++b5HEhqTxcmzzjrL57fG+aWXXspoxI8++sgW cukY5513XkZjaKegBDoPP/xwlG9q25QpU2LaNmLECKtOnTrWu+++G/N8EM/WmANTmTUBBDpZ I2SAEBFAoBOiYJalK//73/+sm266yTr//POtTz75pCxNiZobgU4UEiogAAEIQAACEIBAURJA oFOUYcNoCEAAAhCAAAQgAIEcEkCgk0O4ORx6/vz5US+l99xzz7RmvOyyy3xjdOnSJaX++oJe X4B7/3SZpWTFEcY4/Xr37h2zy8EHH2yPrcsaRZYdO3ZYhx9+uG9uFdOsXbs2smnMYxXzlCtX zu6fSJyx//77++aYNm1azPESVWpmlsgMOrrkVbKyYMEC39zKS5cTcoojIIgU1cUSYdx7771O t4RbFSuUL1/enjdRnyBi6DXkuuuu8/mqPsQrv/32W5RwSgVP+m4plaJtnWtPt6nEIt/3SCp+ ZNLmv//9rxWZ/UizOf36669pDbdlyxbLuT/r1q1rrVmzJq3+3sYqrvLGQ/f3228/b5OU9nWJ sshx9FhjF6s4IrOHHnoo1mkriGdrzIGpzJoAAp2sETJAiAgg0AlRMMvSFVXLO/8THTJkSFma EjU3Ap0oJFRAAAIQgAAEIACBoiSAQKcow4bREIAABCAAAQhAAAI5JIBAJ4dwczj09OnT3e/T ne/VK1eubKmIIdVyxhln+MZIdfmlF154wddP509lOaVRo0b5+u26667WqlWrfOa+/fbbbpt4 S9QsWrTIzoDh+K3brl27WuvWrfONFXmgzJxlko444oi42WVU8LHzzju7duj4999/f+RwKR0f ffTRvnGqVatmL6ETr/Py5cujlvHS+VVU9PPPP9vdJk2aZI95zDHH+IZR/5s0aeKbr1atWkkz DOnSVo0aNbL76dJHibLuBBVDx3D9wbY3jscff7xzKuZWxWG6LJW3T58+fazt27fHbO9U3nbb bb4+9erVi7r2nLbebb7vEe/cQe/PmjXL0qxDXnZ63yRa4strw+eff27p9eH0f+qpp7yn097X Z4YzlrPV+3Pr1q1pjaVCH12azRnD2cZawm7Dhg1WhQoV7LZvvPFGzHmCeLbGHJjKrAkg0Mka IQOEiAACnRAFs6xcUUW4fnhw/sd50UUXlZUpMedFoBMTC5UQgAAEIAABCECg6Agg0Cm6kGEw BCAAAQhAAAIQgECOCeRDoLNx48YcexH+4VWsMnfuXOv111+3xo0bZ+2zzz7u9+nO9+q6VUGI Zp558803LRUz6HfvjnhBX05//PHH1uzZs62xY8f6vpN3xrj66qvtvtpu5cqVLlgVcej35M8+ +6zlZKBw+ui2c+fO1tSpU60PP/zQ+uqrr9x+3p3169e7Ahmnry5npXZp0SWInKWlTjjhBG/X qH19URspRlGRyXPPPef663RatmyZpe8cnDn32GMPS5ef8hZto7xee+01a8CAAW5bp89ee+1l jRkzxuavHJRHKkWZOIIAZyxdvirW8jq65JCTnUR9iRSvqJhCf+istuhYt956a5QJmsnokEMO ibJfs8esXr3a116zn4wfP97N8lOzZk07e4ivUcRBtjFUAZkKM9577z1LM/VUr17dZ6sKLXQZ MxVqaTxiZcfRa1Oztzg8davCnoULF/qs3bZtm33Nnnzyyb62mqVFYxirlPU9EsumIOv0uRAp PmvevHlcHjq3Pj9Gjhzpe16ku7SVxlGfRfp8UGHMAw88EPM5orHU/yc9/fTT1ltvvWVfK998 801SBLGyR2lGKJ3PW66//nr7WlAhkCNmDOLZ6p2D/dwRQKCTO7aMXHwEEOgUX8wKymJVw7Zs 2dL3DyQEOgUVIoyBAAQgAAEIQAACoSGAQCc0ocQRCEAAAhCAAAQgAIGACORSoKPLqtxwww3W FVdcEZC1pTlMrIwOXnFCsn1HaPPKK6/4vodP1k+zpTilTp06KffV7/vjFV0qyvtjXbVBs8p0 6NDBzYxSo0aNlDLyaLaZc889N0oAs/vuu1vHHXecpUtoHXrooT67tV4zbkSWSy65xNcuGRu1 MdWiGW9iZfhQUdOgQYOsv/3tbz6xwgEHHGBpliB9Ge0sOxVpjy7BpaKiWEVFJv369YuaU7Pw qACqW7duUQIvXR7t/fffjzVcVF02MVRhTqQviY5VZBOrLFmyxDrzzDOj+DRr1swWeOgyaJHL i1WqVMm69tprE2aMKYR7JJa/QdbpEmnt27ePikOnTp1sAZguGTVz5kxLsw6ddtpp9vJq3hjp smSxhFOJbNSlsbxjpLOvWXuSFb3mVWgUOW7Tpk1tkY6KcUaPHm3pNaBthg4dag8Z1LM1mX2c D4YAAp1gODJKOAiUUzfMA40CgYwIXHPNNWL+oe/rawQ6YtTTvrqyPDAqWzH/YLFNMIpyMf9o LktzmBsCEIAABCAAAQhAIEMC5kskMV8GixHqSK9evcT8ujLDkegGAQhAAAIQgAAEIACBcBAw 2SVkxowZYjIKyNq1awNxSscx2UbEZGmRTZs2iXmpJibbSSBjl+Igjz32mPTv319MthExYhYx y9SIedEsJjOLGNGFi0Rf1ezYsUOMqEHMC3ExS9fYWyNIEZNxRF599VUxmUbscYzAxB7LGUP7 6ucl7acxMy+05ZZbbpGrrrrKHt8sCSUmo4ndV+3Q+Y14xD6n/UyWDbuP9u3Zs6c8+eSTrl2R OyaDjxjRluj37pHFZIcR89JcjLAm8lTcY5NhQ0aMGCHPPPOM7Xushg0bNpQrr7zS/m7fy8xp O2HCBDEiHdc/I+7w8XV8VKbKRn03maGc7km3JrONmKwh8uCDD4ruxyoms4kYsY6YLEZilv+y m6hPAwcOFJP9xj5W7ia7kJglt8RkAoo1jFtnRCxiMu6IXj/mh9JuvXfHCK/knHPOkRtvvFHM cljeUwn3M42hEQGJEYK4nPVaMuIl+zpWxs71q4yVr9qtPscrX375pdx0001ill2L66PG0mSW EpNxSFq0aBFvKLu+UO6RhEYGdNKIcOy4m4xEKY3Ytm1b+7n+pz/9KaX23kb6HYwRT4nJXGU/ dzQm+hzT54/zHNH2zn2mcXeeYUbwZz97vOPF2jciHdufe+65x76OYrXROr1/9LsgnT+oZ2u8 uagPloA+643I0B5Un/lGLBbsBIwGgSIigECniIJVaKbqP+L0H/b6P11vQaDjpcE+BCAAAQhA AAIQgEBQBPTfnfoljH7ph0AnKKqMAwEIQAACEIAABCBQzASCFOg4wpzhw4e7SP7617/aogS3 gh0I/B8Bfdmqgg2T4cf+nGayntjCnESCjETw9HPe4sWL5euvvxYdW0VHe++9t5iMNNKmTRuf mCnROLk8pzaaJXXkxx9/tP9MlimpV6+emGWXxCxNJSrSiSwqVpg/f75drS+nd9lll8gmCY9V PKVcVCj37bff2j9YUSGUWWpLTOYiWyCTcIAEJ4OOYYKpEp5SAYgKkjT26qceq4CpQYMGoteV CtsosQmYrEFils8TszSde++oOEbFW/Xr15cuXbrIKaecIn/+858L4h6K7cUftSraMktkiVkO 0PZp3bp1ooIgtf+YY46RSy+91H7e/NGDvWIhgECnWCKFnfkggEAnH5RDOMevv/4qZq1a+x+G ke4h0IkkwjEEIAABCEAAAhCAQBAEEOgEQZExIAABCEAAAhCAAATCRCAIgY4jzNGMOevXr/fh UWEA2XN8SDiAAAQgULAEVNimAifNbBSGor5o0Ww9lOImgECnuOOH9cESQKATLM+SGe3CCy+U iRMn2orwgw8+WObMmeP6jkDHRcEOBCAAAQhAAAIQgECABBDoBAiToSAAAQhAAAIQgAAEQkEg G4FOImGOwjnrrLNk8uTJoeCEExCAAAQgAAEIlB0BBDplx56ZC48AAp3Ci0nBW/Tiiy/KSSed ZNv5yCOPiKbQe+qpp1y7Eei4KNiBAAQgAAEIQAACEAiQAAKdAGEyFAQgAAEIQAACEIBAKAhk ItBJJsxRMLpMkS41Q/acUFwmOAEBCEAAAhAoUwIIdMoUP5MXGAEEOgUWkEI3Z82aNdK8eXNZ sWKF9OzZU55//nk588wzEegUeuCwDwIQgAAEIAABCISAAAKdEAQRFyAAAQhAAAIQgAAEAiWQ jkAnFWGOY9z5558vDzzwgHPIFgIQgAAEIAABCGRMAIFOxujoGEICCHRCGNRcunT66afLs88+ K3Xr1pXPP/9cdt99dwQ6uQTO2BCAAAQgAAEIQAACLgEEOi4KdiAAAQhAAAIQgAAEIGATSEWg k44wRwclew4XFwQgAAEIQAACQRJAoBMkTcYqdgIIdIo9gnm0X9cb7tOnjz3j1KlTpUePHvY+ GXTyGASmggAEIAABCEAAAiVMAIFOCQcf1yEAAQhAAAIQgAAEYhJIJNBJV5jjTED2HIcEWwhA AAIQgAAEgiCAQCcIiowRFgIIdMISyRz7sWzZMmnRooWsW7dOzjvvPHnkkUfcGRHouCjYgQAE IAABCEAAAhDIIQEEOjmEy9AQgAAEIAABCEAAAkVJIJZAJ1NhjgIge05RXgYYDQEIQAACECho Agh0Cjo8GJdnAgh08gy8GKezLEu6desmr732mjRq1Eg+++wz2XnnnV1XEOi4KNiBAAQgAAEI QAACEMghAQQ6OYTL0BCAAAQgAAEIQAACRUnAK9BZvHixjBkzRoYPH56xL507d5a+fftm3J+O EIAABCAAAQhAwEugZcuW9nvlAw880K4eMWKEXHfddd4m7EOgpAgg0CmpcGfm7D333CODBw+W cuXKyaxZs6RLly6+gRDo+HBwAAEIQAACEIAABCCQIwIIdHIElmEhAAEIQAACEIAABIqWgCPQ qVq1qlSpUkXWr19ftL5gOAQgAAEIQAAC4SNwzTXXSL9+/QSBTvhii0eZEUCgkxm3kumlKcda t24tmzZtkiFDhsjo0aOjfEegE4WECghAAAIQgAAEIACBHBDwCnR69uwpzz//fA5mYUgIQAAC EIAABCAAAQgUDwFHoFO9enXZa6+9ZNGiRcVjPJZCAAIQgAAEIBB6Agh0Qh9iHEyTAAKdNIGV UvMdO3ZIx44d5YMPPpCmTZvKJ598IvpLjMiCQCeSCMcQgAAEIAABCEAAArkggEAnF1QZEwIQ gAAEIAABCECgmAk4Ap3atWvLqlWrZPLkyXLzzTfLkiVLMnJLl7i66aabMupLJwhAAAIQgAAE IBBJoFGjRqLvnMmgE0mG41IlgECnVCOfgt8jR46U66+/XipWrChz586VNm3axOyFQCcmFioh AAEIQAACEIAABAImgEAnYKAMBwEIQAACEIAABCBQ9AS8Ap21a9fa/uhLMBXq6Pe76WbUKVeu nCxYsEBatmxZ9GxwAAIQgAAEIACBwiCgK7Yg0CmMWGBF2RNAoFP2MShICzRbTocOHWT79u32 Ly5uuOGGuHYi0ImLhhMQgAAEIAABCEAAAgESQKATIEyGggAEIAABCEAAAhAIBYFYAh3HsUyF OqeeeqpMmTLFGYYtBCAAAQhAAAIQyIoAAp2s8NE5ZAQQ6IQsoEG4s2XLFjtbzpdffint2rWT 9957z86iE29sBDrxyFAPAQhAAAIQgAAEIBAkAQQ6QdJkLAhAAAIQgAAEIACBMBBIJNBx/EtX qEMWHYccWwhAAAIQgAAEgiCAQCcIiowRFgIIdMISyQD9uOKKK2T06NFSrVo1mT9/vptyLN4U CHTikaEeAhCAAAQgAAEIQCBIAgh0gqTJWBCAAAQgAAEIQAACYSCQikDH8TMdoQ5ZdBxqbCEA AQhAAAIQyJYAAp1sCdI/TAQQ6IQpmgH48tZbb0nXrl3FsiwZN26cDB48OOmoCHSSIqIBBCAA AQhAAAIQgEAABBDoBACRISAAAQhAAAIQgAAEQkUgHYGO43gqQh2y6Di02EIAAhCAAAQgkC0B BDrZEqR/mAgg0AlTNLP0ZcOGDdKyZUv54Ycf5KijjpLXXntN9INYsoJAJxkhzkMAAhCAAAQg AAEIBEEAgU4QFBkDAhCAAAQgAAEIQCBMBDIR6Dj+JxPqdOjQQebMmeM0ZwsBCEAAAhCAAAQy IoBAJyNsdAopAQQ6IQ1sJm5dcMEF8sADD9hdn3nmGWnQoEFKw1x//fXy+uuvu207d+4so0aN co91p2bNmtK8eXNfXb4OPvzwQ2nfvr093fjx42XQoEH5mpp5IAABCEAAAhCAAAQCJIBAJ0CY DAUBCEAAAhCAAAQgEAoC2Qh0HACJhDqffvqp/aNOpy1bCEAAAhCAAAQgkC4BBDrpEqN9mAkg 0AlzdNP07ZBDDhH9wJWLUpa/tkCgk4uIMiYEIAABCEAAAhDIPwEEOvlnzowQgAAEIAABCEAA AoVNIAiBjuOhCnUmTZok/fr1c6rk1FNPlSlTprjH7EAAAhCAAAQgAIF0CSDQSZcY7cNMAIFO mKObpm+aZWbhwoVp9hLZvHmzr0+FChWkcuXKvrp27drJW2+95avL1wECnXyRZh4IQAACEIAA BCCQWwIIdHLLl9EhAAEIQAACEIAABIqPQJACHcd7R6hzyy23yHfffScLFiwgi44Dhy0EIAAB CEAAAmkTQKCTNjI6hJgAAp0QBzdfrpUrV8431UUXXST33nuvr64sDxDolCV95oYABCAAAQhA AALBEUCgExxLRoIABCAAAQhAAAIQCAeBXAh0HDKOUOfrr7+W22+/3almCwEIQAACEIAABNIi gEAnLVw0DjkBBDohD3A+3EOgkw/KzAEBCEAAAhCAAAQggECHa6BUCGiWUr3ea9SokdTlLVu2 SKVKlUQzmVIgAAEIQAACECg9ArkU6Dg0f//9d/6t4cBgCwEIQAACEIBA2gQQ6KSNjA4hJoBA J8TBzZdrCHTyRZp5IAABCEAAAhCAQGkTQKBT2vEPs/dffPGFTJo0SV5++WVZvHixbNiwwXZX lw6uX7++dOrUSY477jg57bTTpGLFii6KTz/9VDp06CA9evSQp556yq1nBwIQgAAEIACB0iGQ D4FO6dDEUwhAAAIQgAAEckEAgU4uqDJmsRJAoFOskSsQu/UlSeQvNS+44AK5//77C8RCEZa4 KphQYAgEIAABCEAAAhDIigACnazw0bkACWj2m+HDh8sdd9whuoREsrLPPvvY7c8++2w7w077 9u3l448/tkU6c+bMSdad8xCAAAQgAAEIhJAAAp0QBhWXIAABCEAAAiEjgEAnZAHFnawIINDJ Ch+dly5dKo0aNfKBOOGEE+TFF1/01ZXlAQKdsqTP3BCAAAQgAAEIQCA4Agh0gmPJSGVPYO7c udK3b1/RL6m0VK1aVQYOHCh//vOfpVWrVrLrrruKft5atGiRPPHEEzJt2jRXxDNo0CBRsc7l l19u99UsOgh0bBT8BwIQgAAEIFByBBDolFzIcRgCEIAABCBQdAQQ6BRdyDA4hwQQ6OQQbhiH /umnn+Tnn3+WjRs3yg8//CATJkywM9RE+jp48GA59thjpXbt2lKjRg3ZbbfdpGHDhpHN8nKM QCcvmJkEAhCAAAQgAAEI5JwAAp2cI2aCPBHQz1QtW7aUNWvW2DN26dJFJk6cKPvvv39cC/Sz WP/+/eXVV1+NaoNAJwoJFRCAAAQgAIGSIYBAp2RCjaMQgAAEIACBoiWAQKdoQ4fhOSCAQCcH UMM65NatW6Vu3bqyYcOGtF0855xz5F//+lfa/YLogEAnCIqMAQEIQAACEIAABMqeAAKdso8B FmRPwLIs6datm7z22mv2YG3btpX3339fKlasmHRwvQc0a87YsWN9bRHo+HBwAAEIQAACECgp Agh0SircOAsBCEAAAhAoSgIIdIoybBidIwIIdHIENozD/vbbb1KzZk079Xq1atXsbZUqVaRC hQpSvnx51+Xff/9dtm/fLiro2bx5s/03YsQIueaaa9w2+dxBoJNP2swFAQhAAAIQgAAEckcA gU7u2DJy/giMGzdOLr30UntCzTY6f/78hJlzIi1Tgc9JJ50kM2fOdE8h0HFRsAMBCEAAAhAo OQIIdEou5DgMAQhAAAIQKDoCCHSKLmQYnEMCCHRyCJehC4MAAp3CiANWQAACEIAABCAAgWwJ INDJliD9C4HAvvvuK4sXL7ZN6d27tzz11FNpm7Vy5Upp1KiR/aMI7YxAJ22EdIAABCAAAQiE hgACndCEEkcgAAEIQAACoSWAQCe0ocWxDAgg0MkAGl2KiwACneKKF9ZCAAIQgAAEIACBeAQQ 6MQjQ32xEPjiiy+kefPmrrl33XWXvWSVW5HGzrnnniuPP/643QOBThrgaAoBCEAAAhAIGQEE OiELKO5AAAIQgAAEQkgAgU4Ig4pLGRNAoJMxOjoWCwEEOsUSKeyEAAQgAAEIQAACiQkg0EnM h7OFT2D69OnSvXt319B7771XLrroIvc4nR3v5xwEOumQoy0EIAABCEAgXAQQ6IQrnngDAQhA AAIQCCMBBDphjCo+ZUoAgU6m5OhXNAS8X1yPHz9eBg0aVDS2YygEIAABCEAAAhCAwB8EEOj8 wYK94iTw0EMPyfnnn+8af+GFF8qECRPc43R3WrVqJZ999hlLXKULjvYQgAAEIACBEBFAoBOi YOIKBCAAAQhAIKQEEOiENLC4lREBBDoZYaNTMRFAoFNM0cJWCEAAAhCAAAQgEJ8AAp34bDhT HASee+45OfXUU11ja9WqJV999ZXUq1fPrUtnZ/DgwXLPPfcg0EkHGm0hAAEIQAACISOAQCdk AcUdCEAAAhCAQAgJINAJYVBxKWMCCHQyRkfHYiGAQKdYIoWdEIAABCAAAQhAIDEBr0CnR48e MnXq1MQdOAuBAiMwb948Oeyww3xWqWDn2WeflXLlyvnqUzl48MEHZcCAAdKxY0d59913U+lC GwhAAAIQgAAEQkYAgU7IAoo7EIAABCAAgRASQKATwqDiUsYEEOhkjI6OxUIAgU6xRAo7IQAB CEAAAhCAQGICCHQS8+Fs4RPYvHmz7LnnnrJhwwafsd27d5dJkybJTjvt5KtPdrB8+XIZNmyY HHXUUXL22Wcna+47r32//PJL+emnn+TXX38VzebTpEkTOfzwwzMSC+ngW7duldWrV0uVKlWk Tp06vvn04Mcff5QtW7ZIo0aNpHLlylHnC6EiaC6FykSfp2vXrpU1a9bI7rvvLrvssksU/h07 dsjixYulWrVqUr9+/Yyvi6iBTYXOv3DhQvuaUOaVKlWSAw88UJo2bSq1a9eO1SXlurL2zbIs +95aunSpqG/bt2+XunXr2pmyNFuWXv+ZlqCvz0ztoB8EIFBYBBDoFFY8sAYCEIAABCAAgWgC CHSimVBTugQQ6JRu7EvGcwQ6JRNqHIUABCAAAQhAIOQEEOiEPMAl4t4FF1wgDzzwQJS3DRs2 lAsvvFD69euX8ZJXUYPGqHjqqadk3LhxMnfuXFEhQWRp0KCBLfbp06ePHHzwwZGn3eNHH31U dCwV5OifCj1U6KNFffnhhx/s/WXLlsnQoUPl1Vdflf/+9792nYpz+vfvL2PGjLHFPIsWLZKr r75aatasaf9VrVpVKlSoYLf9/fffbeHPb7/9Jps2bZL27dvL5Zdfbp+L/M/f//53W/ChQicV legY6qOKZFSMoj5169Ytspt9HASXIJnENDLDShXCqJBLY+TESnnoM1XLxIkT7UxMur9kyRK5 7bbb5KOPPrJFJtu2bdNqm+e+++4rXbp0keHDh8cU9NgNk/xHBWEjRoywM6CtXLkyZmsVsfTt 29e+bnbdddeYbZzKQvLtl19+kZEjR8rzzz8vet3HKypE0vtcfVTBXioliOszlXloAwEIFCcB BDrFGTeshgAEIAABCJQSAQQ6pRRtfE1KwHxZRYFAqAl88MEH+q2z/Td+/PhQ+4pzEIAABCAA AQhAIMwEzIt6q2LFiva/68wSV2F2Fd9CTMAIVywjRHE/ozifVZxt+fLlrVatWlkXX3yxNXny ZEvbB1GMOMbq3bu3b96dd97ZOvHEE63zzjvP6ty5s3t/ObaMHTs27tSXXHKJbyynj25r1Khh 95s+fXpCX41AwW5nxCBxx/KOq/tnnnlmTJv0+RDZNvLYZBmK6hsklyCZRBmaRcUrr7ySkI0R 6FgmW4514403WkYc5bY1mZCsvffe2zLLr7l1ytRkg7FmzJiRtkWPP/64ZbLj+MbaY489LJNB yr4GzVJtll7/Ttz0+lSbjDAr7lyF4tu0adNsLo7tztZky7FOOOEEywibLJOlyPXN4WgERnF9 0xNBXp8JJ+IkBCBQ1AROOukk+/miz1gKBCAAAQhAAAIQKEQC//nPf9zPQ+ZHG4VoIjZBIG8E 9NdkFAiEmgACnVCHF+cgAAEIQAACECghAgh0SijYIXfVZFpxv5hyXuQn2prlhawzzjjDUiGF WR4rbTpvvPGGLbRw5lARhMnWY5mMH76xvvrqK8ssceWz7c477/S1cQ6ee+45ewwVV1SvXt3X RwU68+bNs4U6Ome7du2sd9991zJLcfnaqRjELHllmawq1jXXXGNddNFFlsku4mvj2LzXXntZ 559/vvXkk086Jvi2JhuMZbLyWGaprqj+as/pp58e1TdoLkEy8TmX5cHXX39tC75UoKQcHabO 9v7777f++te/uvUmy5D18ccfW2ZpJntmk23HOu2009zz2s9ktrHFI6mYptfZKaec4uvfq1cv y2TriequgrTItp06dbLWrVsX1VYrytq3jRs3+tgpG5O5yRYWmWxFPpv1/2EPPfSQj4MKoPTa jVWCvj5jzUEdBCAQDgIIdMIRR7yAAAQgAAEIhJkAAp0wRxff0iWAQCddYrQvOgIIdIouZBgM AQhAAAIQgAAEYhJAoBMTC5VFSmDUqFFRmUkcwUSirVm+yRo4cKClYppUynfffecT0Gg2FBUI xSvLly+36tSp4xMRaHaQRGXBggW+zCdmeSmrRYsW9hhmmSxr/fr1dvfDDjvMN65mxHLOOeOb 5ajsbD6RDFTgk0p5//33fXMcd9xxlgpMIkuuuQTJJNL2bI6V73777edj1LhxY/tYM+bEE0Bp hp2mTZv6+l1xxRVJTTFLZFmtW7d2++n1d8MNN8QVpeiA+qzXa9x7DWhWqchrJXLyfPum86uY yWunCm7eeeedSNPcY7MMja+99v3kk0/c885Orq9PZx62EIBAOAgg0AlHHPECAhCAAAQgEGYC CHTCHF18S5cAAp10idG+6Agg0Cm6kGEwBCAAAQhAAAIQiEkAgU5MLFQWMYEpU6ZEiWG8L/sT 7VeuXDmh0MbB0rVrV58goF+/fs6puFsV5Hjn/tOf/hS3rXNClyry9tF9XQrp+++/d5pY1157 ra9Nz5493XPenffee8/XTsdKNQW2ZuRx7Dj00EMtFYjEKvngEiSTWD5kWqeZhhxG3u3dd9+d cMiRI0f6+rVs2TJhez150003+froklWplsglw1K5dvPp22OPPebzTVnqkluJyiGHHBLVR58D kSUf12fknBxDAALFSwCBTvHGDsshAAEIQAACpUIAgU6pRBo/UyGAQCcVSrQpagIIdIo6fBgP AQhAAAIQgAAEXAIIdFwU7ISIwK+//mqNHTvWUhGMLj3lFUyksn/zzTfHpfHAAw/4xtOld37+ +ee47b0n1B7v/HPmzPGejto/4IADfO21b+TyWLpkktbpckn/+Mc/rJUrV0aN41Toslje+evV qxdXbOP00e3zzz/v9ouXdSdfXIJm4vUzm/0hQ4a4jBzGmgkm3lJLzlxTp0719atZs6ZzKuZ2 /vz5VqVKldw+mplJl4RKtaxZs8ZdJs2xc8aMGQm758s3vXZ1mS/HLt0effTRCW3Tk96lxLSP ZpuKXL4rX9dnUmNpAAEIFA0BBDpFEyoMhQAEIAABCJQsAQQ6JRt6HI9BAIFODChUhYsAAp1w xRNvIAABCEAAAhAoXQIIdEo39qXi+apVq6xnnnnGGjx4sKWZNlIR7OiSQbGydvz2229WrVq1 fAKCo446KmWUugyRV3xw5ZVXJux74IEH+tqr7cuWLUvYJ9HJyZMn+8ZTWyZNmpSoi33OyTyi 21gln1yCZhLLn0zqLr/88ii2L774YtKhZs+eHdVPRTTxSmS2GBWnpFvOOOMM35wdO3ZMOES+ fOvTp4/PLr0PYy1VFWmsCnv0PlThUrNmzaxHHnnE1ySf16dvYg4gAIGiJoBAp6jDh/EQgAAE IACBkiCAQKckwoyTKRIop+3MF10UCISWwIcffijt27e3/Rs/frwMGjQotL7iGAQgAAEIQAAC EAgzAZPdQapUqSI7duyQHj16iMnmEGZ38Q0Csn79ejHLPYnJBCMvvfSSfPrppzGpmOwyYr7s kp122sk9/8ILL9j3iVthdkzWGhk6dKi3Ku7+O++8I0cccYR7/pRTTpF///vf7nHkzkEHHWTb 4NQfeeSRMmvWLOcw7a3JtiONGzcWk/HH7du2bVvRz3fxyueffy4tWrSwT+vzQZ8TkSWfXIJm Eun1IP+zAABAAElEQVRLpsdXXHGFjB492td9+fLlsueee/rqIg+MAEXatGnjq47XL1bbRx99 VPr27evrn+zgn//8Z9RneL3WTXaimF3z4dumTZvEZAOSzZs3uzZorL/66iv3ONOdfF6fmdpI PwhAoPAInHzyyWIyjEnt2rVl7dq1hWcgFkEAAhCAAAQgUPIEvvnmGzE/YrE5mCWs5brrrit5 JgAoYQIpCnloBoGiJUAGnaINHYZDAAIQgAAEIAABHwEy6PhwcFCCBL7++murV69evswd5usM +3jixIk+IuaHCVHtpkyZYhmBW0p/uhSWM7ZuW7du7Rs/8iAyW0yyjDuR/WMdmy/tfDaoHUaw FKupXXfBBRfY7Zs0aWLp8yJWySeXXDCJ5VO6dZFZZnT5sFTKvHnzouJhBDoxu954441RbeMt ORZzgP+rnD59etQ4o0aNitslH75ptiHvvaH7/fr1i2tTOifyeX2mYxdtIQCBwiZABp3Cjg/W QQACEIAABCBgWWTQ4SqAwB8EyKBjvkmhhJsAGXTCHV+8gwAEIAABCECgdAiQQad0Yo2niQnc dNNNcvPNN/sadejQQebMmePWde/eXYy4wT3OdqdBgwaydOnSuMNEZou5++675bLLLovbPpUT Zskv0Xm3bt3qNj/99NPl6aefdo+dHc0YUL9+fdHsJnfddZcYoYZzyrfNJ5dcMPE5k+FBZJaZ Ll26yJtvvpl0tFhZceJl0Ondu7eY5dp8YybKfONr6DnQ7FGdO3f21IhceOGFMmHCBF+dc5AP 38aMGSNDhgxxprS3I0eOlGHDhvnqMjnI5/WZiX30gQAECpMAGXQKMy5YBQEIQAACEIDAHwTI oPMHC/YggECHayD0BBDohD7EOAgBCEAAAhCAQIkQQKBTIoEOsZvfffedncb5L3/5i+iSUdmU s846S5588kl3iHLlysmWLVukcuXKdl27du3ko48+cs/rji5htNtuu/nqUjmoWLGi6JJVKrqJ VyLFKCrOUD+zLf3795dHHnnEHUZtWbx4sS3ccSvNzp133mkv31WjRg1ZtmyZvcyH97yzn08u uWLi+JLpNlLE0rVrV3njjTeSDpeOQKdTp04ye/Zs35gaN5PdyFeX7GDBggVisjf5mnXr1k1e fvllX51zkA/frrnmGjFZfJwp7e0999wjAwcO9NVlcpDP6zMT++gDAQgUJgEEOoUZF6yCAAQg AAEIQOAPAgh0/mDBHgQQ6HANhJ4AAp3QhxgHIQABCEAAAhAoEQIIdEok0CF287HHHpPzzjtP TjzxRJkxY0ZWnqrYQddvN0tWueN8++23st9++9nHmlHHLPfrntOdRYsWyb777uurC+ogUoyi 2XvMkhtZDx9LoHH11VfL7bff7o6tzwb16/vvv5eLLrpI7r33Xvdc5E4+ueSKSaRP6R7nQ8TS pk0bUUGPtyxcuFCaN2/urUq6ryIzFa14S48ePWTq1KneKnc/H76Z5dvsLE3upGYnKIFOPq9P r/3sQwACxU0AgU5xxw/rIQABCEAAAqVAAIFOKUQZH1MlgEAnVVK0K1oCCHSKNnQYDgEIQAAC EIAABHwEEOj4cHBQhAQefPBBGTBggBxwwAGiy/1kW4466iiZNWuWO8w777wjmrlES6wlhubO nSvt27d32we5k0sxii7B9Pbbb7vm7rrrrvLjjz9K9erV7ToVa/Tq1cve//LLL6Vp06Zu28id fHLJJZNIv9I5zoeIJdZSTbpcVceOHdMxVV5//XU55phjfH001s8995yvzjnIh29jx46NWr5t +PDhcv311ztmZLzN5/WZsZF0hAAECo4AAp2CCwkGQQACEIAABCAQQQCBTgQQDkubgEWBQMgJ mF+NWuYut//Gjx8fcm9xDwIQgAAEIAABCISXwO+//25VqlTJ/nedyaAQXkfxLLQEHnjgAfv6 1et427ZtWft5ySWXuJ919DOPyZDjjnnVVVf5zul5s+yUez7oHZPNxzefyaAT2BRGjOEbW32Z MGGCO75Zosk+f+yxx7p18XbyySWXTOL5l0r95Zdf7uOp/FIp8+bN8/XTOCxfvjxm18GDB0e1 zeSaePbZZ6PG0bHjlXz4ZgRhUTaZpdjimZRWfT6vz7QMozEEIFDQBEzGOvu5VLt27YK2E+Mg AAEIQAACEChdAuZHSu7nqBEjRpQuCDyHgCFABh3zjRIl3ATIoBPu+OIdBCAAAQhAAAKlQ0Az 6FStWlW2b98uiZY4KR0ieFpsBJwMOmq3ZgBxsr5k6od5mS933HGH3b1WrVqydu1aKVeunH38 yiuvyHHHHecbWrOL3Hnnnb66VA5WrVol1apVk5o1a8ZtnstsMUacZy/dpUtYOaVZs2byxRdf yOeffy4tWrSwq3XZMF0+LFHJJ5dcMknkY7Jz+cgy88QTT8jZZ5/tM2XcuHFixDW+umQH//jH P0SXNPOW559/Xnr27Omtcvfz4dvPP/8sDRs2FL0unbLPPvvId9995xymvNX/n1WsWLHM7tuU DaUhBCBQ0ATIoFPQ4cE4CEAAAhCAAAQMATLocBlA4A8CCHT+YMFeSAkg0AlpYHELAhCAAAQg AIGSI4BAp+RCHjqHvQKdbt26ycsvv5yVjyeccIK89NJL9hhHHHGEvPXWW+54er80adJEli5d 6tY5oha3IoUdkzVF2rZtK4cccoh88skncXvkWoxy1113yZVXXumbX8U2//73v2XixIm2gEe/ 8HMESr6GnoN8csk1E49bae3mQ8SyZcsWqVevnqxbt8617dRTT5UpU6a4x6nsqOBq5syZbtOd dtpJfvnlF1us6VZ6dvLhm07nvAz3TC16rxx66KHeqoT7CxcutNu3bt1a9HsLLfm8PhMax0kI QKCoCDjPJJNBxxbrFpXxGAsBCEAAAhCAQEkQQKBTEmHGyVQJkEcIAmEnwBJXYY8w/kEAAhCA AAQgUCoEWOKqVCIdXj+dJa7M53U7tfOoUaMydnbDhg3Wrrvu6qaI1qVxIovJruOed+Y0WWYi myU8Nll+7DE6duyYsF2ul3My2YGsGjVq+Pzp0KGDVb16dbtuzJgxCe3znswXl1wz8fqUzn4+ loFSe4YOHeqLV5UqVawVK1akbOoPP/zgLmvoXL/33Xdfwv758u3FF1/0+ab2tWvXztL/T6Va dFks7demTRtfl3xcnyZzjzVkyBBrt912s0xmOuv444+3vv32W58dHEAAAsVDgCWuiidWWAoB CEAAAhAoVQIscVWqkcfvWAQkViV1EAgTAQQ6YYomvkAAAhCAAAQgUMoEEOiUcvTD4XukQMdk e7EmTZqUkXNmqSBXIKAv2U1WkahxduzYYR1++OFuOxUDqGhExS6pFBXzqI3aL5kwYv/99/fN M23atFSmSKvNxRdf7JtD7dI/k1XFWr9+fcpj5YtLPpik7LSn4WWXXebj2KVLF8/Z+LsfffSR r5+y/+mnn+J2+O233+zrzYmTbvv27WuZLDFx+3hPaFtv3+7du3tPx9zPl286+VlnneWzT229 9957Y9oVWfnuu+9a5cuXt/tH9snH9WmWuouyfb/99rM0ZhQIQKD4CCDQKb6YYTEEIAABCECg 1Agg0Cm1iONvIgIIdBLR4VwoCCDQCUUYcQICEIAABCAAAQjYmQkqVapkv1Ts0aMHRCBQdAQi BTr6Ql+vabPsT1q+vPHGG+7LfR3j8ccfj9t/0aJFVp06dXwv47t27WqZpYfi9tET06dPt8xS GXY/s3xWwswgKrjYeeedfXPcf//9CcfP5ORXX33lCoa8wg0VK6Vbcs0lX0zS9Vvbn3HGGb5Y maW4UhrmhRde8PXTGJhlnRL2VVGPCqi88erTp4+lGVwSldtuu83XxyyXZa1atSpRF/tcPn3T e8gsI+ezs1atWlayLFWfffaZ1ahRI7vfYYcdFvPeyvX1efTRR/vsduLzxBNPJGVMAwhAoPAI INApvJhgEQQgAAEIQAACfgIIdPw8OCptAgh0Sjv+JeE9Ap2SCDNOQgACEIAABCBQAgTIoFMC QQ65i7EEOs6L8datW1tPPvmkpdkz4hUVNdx4441WhQoV3JfrujRNsqJfhEUKCVQg8Nxzz0UJ JZYtW2ZddNFF7vh77LGHtXTp0qgptJ2KL1577TVrwIABbnvHn7322svSZadef/11Sz+TqSgh iNKtWzffXJrhR/3LpATNpayYJPNdl0P7+OOPrdmzZ1tjx461Kleu7GOoMbv66qutN9980263 cuVKd0iNm8bv2WeftVq1ahXVr3PnztbUqVOtDz/80FIBVayic9etW9fXV6/bhQsX+ppv27bN nuvkk0/2tdXMLmpDrFLWvmkGoUMOOcRnr/LU7D+rV6/2mbxmzRpr/Pjx9pJS2qZmzZrW/Pnz fW28B0Ffn96xTzzxxCib1SYVT1EgAIHiI4BAp/hihsUQgAAEIACBUiOgn2/0M4f+jRgxotTc x18I+AiU0yNzM1AgEFoC5otCad++ve2f+TJMBg0aFFpfcQwCEIAABCAAAQiEmYDJSCFVq1YV I1IQk0FHzEvhMLuLbyEk8OCDD4oRs9ietW3bViZOnCjnnnuuGKGC660R0sgxxxwjum3cuLHs ueee8v3334vJVCKzZs2SL7/80m37t7/9Te666y6pXr26WxdvZ8WKFWJEGDJ58mQxYje32e67 7y5t2rQRk/lDvv32W/nkk0/cc8cdd5w8+uijYkQ6bp2zc+mll8q4ceOcw6TbGjVqyK+//pq0 XbIGL730kpxwwgluMyP0kJkzZ7rH6e4EyaWsmCTz+dVXXxUjbErWzD0/atQoueqqq+xjvT6M 0MQ9l2inZcuW8umnn8Zsotfw3//+d3n66adFn+VOadasmeyzzz5ixCtixCqyZcsW55SY7FJy 5ZVXyg033GA/+90Tnp1C8G3jxo2isTeZrMQI7FzrjHhMDjjgAPs+1ntr8eLF7jm9r41ATswS dG5drJ0gr0/v+P/85z9jfjdiljsTI9TyNmUfAhAoAgJG2Cgme5eYzHdilrEsAosxEQIQgAAE IACBUiPwzTffiFly23bbCHTkuuuuKzUE+AsBlwACHRcFO2ElgEAnrJHFLwhAAAIQgAAESo0A Ap1Si3j4/HUEOhUrVrQFNypo2Lp1qy10ue+++2TJkiUpOW2W+5GHHnpIVJySbtEvxfTLsGee eUZMxpKY3Rs2bGgLI/THDSoyiFUmTJggl1xyiS0OUoGQiudMZh+3vd6vKqbbvHmz/Pbbb1K+ fHlRIUO2RX9jpIIiFXNoUdHSkUceme2wEgSXsmKSzHkVsei1onFSoVS1atXcWClPjZUKYzZt 2mTH6pZbbnEFOmZ5MzGZktw4q2hGY6nFibHGV/v27NlTTBaohOaowOymm24Ss1yWfe3HaqzX klmCSW699VZp0aJFrCZuXSH5pvfv7bffLo899lhc38xyc3LOOeeIyYRli+JcR5LsBHF9Rk5x /fXXy8MPP2wLsFSgZ5YQE5MNyL23IttzDAEIFC4BBDqFGxssgwAEIAABCEDg/xNAoMOVAIE/ CCDQ+YMFeyElgEAnpIHFLQhAAAIQgAAESo6AV6DTvXt3mTZtWskxwOHiJmCWexLNSqOZbFQE 4S16favYQAUn+hnm66+/lnXr1tkv+s2SRHYmHc02otmjevfuLbvssou3e9r7mulDM3roPPpF mQo19t57bzvjhwpg4glz0p4oBx3Mklt2JpaDDjpI9KVkkKWYuQTJIddjaRYnFbTo9WdSndtZ nTRTU4MGDeysMioiKtaiwjS9t9QvzZyjvpol3+xMOh06dBAV6GVacnV9muXPpFOnTmKWvrKz cGRqH/0gAIGyIYBAp2y4MysEIAABCEAAAqkTQKCTOitahp8AAp3wx7jkPUSgU/KXAAAgAAEI QAACEAgJAQQ6IQlkibuhL9jTeUGvL/u1fSELZko8pLgPgaIncO+998rAgQPtzFl33HFH0fuD AxAoNQIIdEot4vgLAQhAAAIQKD4CCHSKL2ZYnDsCCHRyx5aRC4QAAp0CCQRmQAACEIAABCAA gSwJINDJEiDdIQABCEAAAjEI9OnTRyZPnmwvedWvX78YLaiCAAQKmQACnUKODrZBAAIQgAAE IKAEEOhwHUDgDwIIdP5gwV5ICSDQCWlgcQsCEIAABCAAgZIjgECn5EKOwxCAAAQgkGMCq1ev tpcW27Jli3zwwQfSrl27HM/I8BCAQNAEEOgETZTxIAABCEAAAhAImgACnaCJMl4xE0CgU8zR w/aUCCDQSQkTjSAAAQhAAAIQgEDBE0CgU/AhwkAIQAACECgyArfeeqsMGzZMDj74YFm4cCHL 6RVZ/DAXAkoAgQ7XAQQgAAEIQAAChU4AgU6hRwj78kkAgU4+aTNXmRBAoFMm2JkUAhCAAAQg AAEIBE4AgU7gSBkQAhCAAARKmMB//vMfO2POhg0bZNKkSXL22WeXMA1ch0DxEkCgU7yxw3II QAACEIBAqRBAoFMqkcbPVAgg0EmFEm2KmgACnaIOH8ZDAAIQgAAEIAABlwACHRcFOxCAAAQg AIGsCKxfv17at28vKtLZd9997W2FChWyGpPOEIBA2RBAoFM23JkVAhCAAAQgAIHUCSDQSZ0V LcNPAIFO+GNc8h4i0Cn5SwAAEIAABCAAAQiEhAACnZAEEjcgAAEIQKDMCXTv3l2mT58uVapU kbffftsW65S5URgAAQhkRACBTkbY6AQBCEAAAhCAQB4JINDJI2ymKngCCHQKPkQYmC0BBDrZ EqQ/BCAAAQhAAAIQKAwCCHQKIw5YAQEIQAACxU3gxx9/lIYNG0q5cuXkkUcekb59+xa3Q1gP gRIngECnxC8A3IcABCAAAQgUAQEEOkUQJEzMGwEEOnlDzURlRQCBTlmRZ14IQAACEIAABCAQ LAEEOsHyZDQIQAACEChdAuPHj5dWrVpJ586dSxcCnkMgJAQQ6IQkkLgBAQhAAAIQCDEBBDoh Di6upU0AgU7ayOhQbAQQ6BRbxLAXAhCAAAQgAAEIxCaAQCc2F2ohAAEIQAACEIAABEqXAAKd 0o09nkMAAhCAAASKhQACnWKJFHbmgwACnXxQZo4yJYBAp0zxMzkEIAABCEAAAhAIjAACncBQ MhAEIAABCEAAAhCAQEgIINAJSSBxAwIQgAAEIBBiAgh0QhxcXEubAAKdtJHRodgIINAptohh LwQgAAEIQAACEIhNAIFObC7Upk9gx44dUrFixbQ7/v7771KhQoW0+9EBAhAoLgKWZcm2bduk SpUqaRmu/5/avn170n7pPEvUjsqVK/vs2LJli+843YPy5ctHjZnuGPHa83yNR4Z6COSOAAKd 3LFlZAhAAAIQgAAEgiGAQCcYjowSDgIIdMIRR7xIQACBTgI4nIIABCAAAQhAAAJFRACBThEF q4BNfeedd6Rr1662hdWqVbNfpOvLb31hXa5cOddyfUGvL9G3bt1q/23evFn23HNP+fbbb6VG jRpuO3YgUEgEZs+eLe+9957Uq1dPTjzxRNltt90KybyiseX777+XJk2a2M+EqlWriv7pc0KF fd7nhP5/SQUp+pzQZ4SKaQ488ED5+uuvE/q6//77y3fffSfVq1e3/3RcfQZp0WePinx0PBXi 6PirV692Y6lzqT3Zlpo1a0qdOnVkjz32kMMOO0yOPPJIOeKII+y6TMfm+ZopOfpBIDsCCHSy 40dvCEAAAhCAAARyTwCBTu4ZM0PxEECgUzyxwtIMCSDQyRAc3SAAAQhAAAIQgECBEUCgU2AB KVJzHnvsMTnvvPMytn7lypVSt27djPvTEQK5IjBixAi54YYb3OFr164tKtg5+OCD3Tp2UiOw atUqady4sWzatCm1Dp5WyQQ6KsBxxDiebgl3vQIdFeyoWHDNmjUJ+2RyUu3q1auXXHHFFXL4 4YenPQTP17SR0QECgRBAoBMIRgaBAAQgAAEIQCCHBBDo5BAuQxcdAQQ6RRcyDE6XAAKddInR HgIQgAAEIAABCBQmARXoaMYTzVDQvXt3mTZtWmEailUFTWDDhg2yYsUKOzvFr7/+Kl999ZXc eeed8p///CfKbs1A8te//lX22msv0WwTlSpVkn333ZdlrqJIUVHWBFRIUqtWLTvbiteWM888 U5544glvFfspEtDnxC+//CIbN260nw933HFHzMw4J510kv2c0KxFO+20k50RR8U9icrcuXNt 8c+8efNkzJgx8vPPP/uaa2abyy67TNq3b29ntGnRooXvuaOCHbVPbVu8eLE9xscff+wbQw/u vfde+fOf/+wuZ6XZdzQrj/4tXbpU5syZY/8tXLjQzhjmHaBbt27yyCOP2NmYvPWJ9nm+JqLD OQjkjgACndyxZWQIQAACEIAABIIhgEAnGI6MEg4CCHTCEUe8SEAAgU4COJyCAAQgAAEIQAAC RUQAgU4RBavITJ05c6a9HJDX7CpVqsi6desCWUrGO24u9q+77jr59NNPZdCgQaIv1SnFRSCI +OmSSk2bNo1yXJctmjVrVlQ9FekTePnll+X444/3ddSlptauXZvVc2L9+vVyyimnuHFq27at 6DNJRTqpFr3/DznkEF/zXXfdNeUsO5qN5+abb7YFPbq0n1PUhsmTJ8uxxx7rVKW9Lfbna9oO 0wECZUAAgU4ZQGdKCEAAAhCAAATSIoBAJy1cNA45AQQ6IQ8w7okg0OEqgAAEIAABCEAAAuEg gEAnHHEsRC8WLFggrVu39pmmS8gsX77cV1eoByrMUIHGxIkTZcCAAYVqJnbFIRBE/DSz2C67 7BK1JNOll15qZ1eJMzXVaRDI5XPivffek44dO9rWaHY4zRKXTtGl9/SZ5S0HHHBAzMxg3jaR +48//rj07dtXdBkup9SoUUM040/z5s2dqrS2ueSWliE0hkCICSDQCXFwcQ0CEIAABCAQEgII dEISSNwIhAACnUAwMkghE0CgU8jRwTYIQAACEIAABCCQOgEEOqmzomV6BD777DNp1aqVr5Mu a/XTTz/56gr1oHr16vaSXQh0CjVCie0KKn6jRo2Sa665xp1Ml1vSz8MHHXSQW8dO5gRy+ZzQ DDZOxhxdbk/FNemUVatWSd26dX1dDjzwwJhLcvkaxTgYOHCgnUnHe2r//feXjz76yF5GzVuf yn4uuaUyP20gUAoEEOiUQpTxEQIQgAAEIFDcBBDoFHf8sD5YAgh0guXJaAVIAIFOAQYFkyAA AQhAAAIQgEAGBBDoZACNLikRKOYXyMuWLZMGDRrYfiLQSSncBdUo6PjNnz9fXnnlFdGsJ5qF pVGjRgXlbzEbk8vnxIYNG1zxy+LFi6VJkyZpoQpSoPPdd9/ZAiH9f6633H777XL11Vd7q1La zyW3lAygEQRKgAACnRIIMi5CAAIQgAAEipwAAp0iDyDmB0oAgU6gOBmsEAkg0CnEqGATBCAA AQhAAAIQSJ8AAp30mdEjNQLF/AJZX5pfe+21tqMIdFKLdyG1In6FFI3EtuTyOVFIAh2loBlz Fi1a5ANy/PHHy8yZM311qRzkklsq89MGAqVAAIFOKUQZHyEAAQhAAALFTQCBTnHHD+uDJYBA J1iejFaABBDoFGBQMAkCEIAABCAAAQhkQACBTgbQ6JISgWJ9gaz3xH777SdLliyx/USgk1K4 C6YR8SuYUKRkSC6fE4Um0DnqqKNk1qxZPi66ZNq6deukfPnyvvpkB7nklmxuzkOgVAgg0CmV SOMnBCAAAQhAoHgJINAp3thhefAEEOgEz5QRC4wAAp0CCwjmQAACEIAABCAAgQwJINDJEBzd khIo1hfITz31lJx55pmufwh0XBRFsUP8iiJMrpG5fE4UmkCnffv2ot+leEuFChVk69atott0 Si65pWMHbSEQZgIIdMIcXXyDAAQgAAEIhIMAAp1wxBEvgiGAQCcYjoxSwAQQ6BRwcDANAhCA AAQgAAEIpEEAgU4asGiaFoFifIGs2S1OPPFE2bJli+srAh0XRcHvEL+CD1GUgbl8ThSSQGfH jh2y8847y+bNm30MmjRpIosXL/bVpXKQS26pzE8bCJQCAQQ6pRBlfIQABCAAAQgUNwEEOsUd P6wPlgACnWB5MloBEkCgU4BBwSQIQAACEIAABCCQAQGvQEdfRLzwwgsZjEIXCEQTCPIFsl6n a9eulTVr1sjuu+8uu+yyS9SE+gJcX3RXq1ZN6tevL+XKlYtqk6jixRdflN69e8tvv/3maxa0 QGf58uXy5Zdfyk8//SS//vqr1KpVS/Ql/eGHH562zWqoZt9YvXq1VKlSRerUqeOzXQ9+/PFH W3DUqFEjqVy5ctT5eBWLFi2SZcuWyc8//2wvwbPnnnvKvvvuK/vss4/osjxBFsuybCZLly4V 5bN9+3apW7eu1KtXz/5T25OVfMRPBR/KWjnqNZZu0et44cKFdkzUz0qVKsmBBx4oTZs2ldq1 a6c7nK99Pu4R34QBHQT5nIg0qZAEOrH8VHsvv/xyueuuuyJNT3oca7y99trLfq4k7UwDCEAg JQIIdFLCRCMIQAACEIAABMqQAAKdMoTP1AVHAIFOwYUEg4ImgEAnaKKMBwEIQAACEIAABMqG AAKdsuFeCrNm+gJZBQzDhg2zxTgqhlBRjopz9FrV4hXMLFmyRG677Tb56KOPbIHHtm3b7DYq 0lExSZcuXWT48OExBT3aUEUo48aNk9mzZ8v8+fPtvpH/OeSQQ6Rx48aR1fZx27Zt5e9//3vM c5GVuvSSzjV37lxRQUpkadCggZx99tnSp08fOfjggyNP28ePPvqo6DjKxWGjIh8tDRs2lB9+ +MHeV2HN0KFD5dVXX5X//ve/dp2KSvr37y9jxoyxxTx2ZcR/Vq1aJffff79MmjRJ/vOf/0Sc /eNQuV5xxRV2tqF0hVB/jCLyyy+/yMiRI+X555+3xUDec959FbH069dP+vbtKyoUckqu4rdx 40Z7Lr329E9ZK0cVDmnROCmjVIuKsUaMGCFTp06VlStXxuymYiT1T+O26667xmzjVObzHnHm zNU20+dEKvYUkkDnoosukgkTJvjMVkGNPrt0m27JJbd0baE9BMJKAIFOWCOLXxCAAAQgAIHw EECgE55Y4kkABMyXbRQIhJrABx98oN8o23/jx48Pta84BwEIQAACEIAABMJM4Pfff7fMi3v7 33XmRUSYXcW3PBP49NNP3c8MzmcH8yI6qRWvvPJKVD+nv26NQMcy2XKsG2+80apatarb1mSQ sfbee2/LCEbcOm1vMrFYM2bMiDmvyRjla+udJ5X97t27xxzXW2mEHZbJzOObxyx1Y5mltKzz zjvP6ty5s1WxYkXf+bFjx3qHcPcvueQSXzuvjTVq1LDbTZ8+3apZs2bcdkYE4o7n3TGCHMtk 8nH7GZGTZYQ41oUXXmhdcMEF1p/+9Cf3WeHM26xZM8uIpLzDpLw/bdo0OzbOWM7WZMuxTjjh BHtukynJtUfPayyNOMWdI1fxM0Il37yObc7WCHRcG5LtPP7445bJjuMbb4899rD02tH4d+zY 0Spfvrx7Xq8NvbY3bdoUd+h83iNxjQjoRKbPiVSmX79+vcvVZNdKpYuvjRGQuf2d2BuxmK9N Kgd333131DgmC5W1YMGCVLrHbJNLbjEnpBICJUjgpJNOsu9dfYZTIAABCEAAAhCAQCES0M/x zmcV86OQQjQRmyCQNwJk0DFPA0q4CZBBJ9zxxTsIQAACEIAABEqHABl0SifW+fY00wwPmrlF M82Yl+vy5ptv2ksseW3XDC/6eeShhx6yq7t16ya33HKLtGrVSozQxV6OacCAATJlyhS3m2Yk 0WwrkUtj6a/NnnzySbed7uhyM5pBxSlGmCLHHnusc+jb9ujRQzTDTrwya9YsOffcc91lZ4wQ Q9Q2zaaiS3U55euvv7az28yZM8epkjvvvNPOUuNWmB3NNGPEGfYyUK+//roYEYd72gh05J13 3hEj+LGX6WrXrp3ty0033SRvvPGG286ImmxGuiSWU3R5MM3gs2LFCrtKl93SrC86preonX/7 29/k7bffdqt1ySud14ij3LpEO5rx57LLLnPjp20rVKgg1113nQwePFh22203t7s+nzRr0F// +le3TufRZbs0c0+u4qfLnF177bX2daC+6dJp3pJKBh3NRqSsnnvuObdrr169ZPTo0VEZmXRp ryFDhvjadurUSYzYyl4CzR3g/3byeY9Ezh30cabPiVTsKOsMOpp9SbPm3HDDDW4GMLVbl6LT TFhHHXVUKm7EbJNLbjEnpBICJUiADDolGHRchgAEIAABCBQZATLoFFnAMDe3BPImBWIiCJQR ATLolBF4poUABCAAAQhAAAIBEyCDTsBAGc4lEESGh61bt1r77bef+4sw80neMstN2ceaMceI a9z5vDuaYadp06a+fmZJJm+TuPua5Ufncf40Y08m5bvvvrOqV6/ujqOZfYzYJO5Qy5cvt8yL e7e9zq9ZZuIVzb7hzbyiGW9atGhh9zdLZFmaPUTLYYcd5htTs/U455yx33rrLV8bndsIoZzT vq2ybd++va+9ZhUxohZfu3gHRlDl66tZj4wIJl5zSzN7ObFwtp988knc9kHFz5lAn5GtW7f2 2ZAsg45Zas3XR2NvRBqWERw5w0ZtdZ6BAwf65jGis6hYRXYsi3sk0oZsjoN4TsSbPxcZdA44 4AA7g5feB94/IzyzNEuPWS7PeuaZZyzNVOXN8OVcu2apNsssmRbP5JTrc8ktZSNoCIGQEyCD TsgDjHsQgAAEIACBEBAgg04IgogLgRHQ9eQpEAg1AQQ6oQ4vzkEAAhCAAAQgUEIEEOiUULDz 7GpQL5D79+/vEy04L7p12ZhEZeTIkb5+LVu2TNTcPReUwKNr166++fXFfLKighzHP93qslKJ ii6V5G2v+7oM1Pfff+92M5lgfG169uzpnnN2hg8f7muj4/Tp08c5HbU1mXSilrtKRcj02GOP Rc2jyzUlKiZDUVQfkx0pbpeg4ued4NJLL/XZkEygY7IW+drrklWplshlzFK5bvJ9j6TqSyrt gnpOxJorFwKdyPstlWNdzkrjaDJkxTIzo7pccsvIIDpBIIQEEOiEMKi4BAEIQAACEAgZAQQ6 IQso7mRFAIFOVvjoXAwEEOgUQ5SwEQIQgAAEIAABCCQngEAnOSNaZEYgqBfIZukfn9hBX4hr FpZE2UjU4qlTp/r61axZMyVHghB4PPDAA765zRJO1s8//5zS/CrK8b70T/RSX7N5eNvqvlka yzfP9u3b7brTTjvN+sc//mGtXLnSd14P/vWvf0WNc/vtt0e181ZEZtExy315T0ft67xmqTHf PEcffXRUu8gKs7yVr49mClq3bl1kM/c4iPi5g/3fjma/8XJOJNCZP3++ValSJbe9ZkUyS6ZF Dhn32CyLZJmlxdz+Ou+MGTPittcT+b5HEhqT5smgnhOxps2FQEezVul1HPmnIhzvNeLdb9So kZ2RSv9/G1TJJbegbGQcCBQ7AQQ6xR5B7IcABCAAAQiEnwACnfDHGA9TJ4BAJ3VWtCxSAgh0 ijRwmA0BCEAAAhCAAAQiCCDQiQDCYWAEgnqBfPnll0e9+H7xxReT2qlLzXhfkuu+ih+SlWwF HrrUU61atXxzH3XUUcmmdc9HikGuvPJK91zkji4t5fVRxQPLli2LbJb0eO3atb4lmVT4o0tu JSoXXHCBb+5kGYo0I4/XVl32KdFSVc7cKuxRfip6adasmfXII484p2Jus41frEE1A47X9kQC nciMPyowSrecccYZvvk6duyYcIh83yMJjUnzZFDPiVjT5kKgo/dcvKLz6dJzN998s6VLt3mv Gd1XUZvea0GUXHILwj7GgEAYCCDQCUMU8QECEIAABCAQbgIIdMIdX7xLj0A5bW4+fFMgEFoC H374oZgvl2z/xo8fL4MGDQqtrzgGAQhAAAIQgAAEwkzAZCERk5FCtm3bJieffLK88MILYXYX 3/JI4LPPPpNWrVr5ZjTiCfnpp598dckOrrjiChk9erSvmRGPyJ577umrizww4g9p06aNrzqV fubFuphsN24/s3STDBgwwD1OtqP3kMkm42tmMtfI0KFDfXXxDt555x054ogj3NOnnHKK/Pvf /3aPvTsHHXSQmC/k3KojjzxSZs2a5R6ns7N161b56KOPpGLFitKhQ4ekXTUmGhun7LvvvrJo 0SLn0LfdtGmTmEwysnnzZrdebf/qq6/c46B2so1fLDvMklViRBfuKSPQkUmTJrnHzk6sa+7R Rx+Vvn37Ok1S2v7zn/+M+oytcTbCqZj9832PxDQiw8qgnhOxpt+wYYMYsZx9avHixdKkSZNY zeLWrVq1SsyScb7zRqAjZok3X12sAyPUk4svvlhMdirfaSO2kldffdX+/67vRJoHueSWpik0 h0BoCei/i00GM6ldu7YYcV1o/cQxCEAAAhCAAASKl8A333wj+hlFy4gRI+S6664rXmewHAJZ EkCgkyVAuhc+AQQ6hR8jLIQABCAAAQhAAAKpEECgkwol2mRCIKgXyJHig3r16vkENPFsiyWW yIdAZ/DgwXLPPff4zJoyZYr07NnTVxfv4JdffhEVMjmldevWor7EKpECHZNtR+64445YTbOq W7p0qXz77beiggX9Uxvffvtteffdd91xEwl0Zs6cKSeeeKLbVnf69esnDz/8sK8uiIOyFOhE CnnUH2Wkoox0ir4Q1hfD3jJq1Ci56qqrvFXufr7vEXfiAHaCek7EMqUsBTpqj/52r1evXjJt 2jSfeSrcURFWNiWX3LKxi74QCBMBBDphiia+QAACEIAABMJJAIFOOOOKV5kRQKCTGTd6FREB BDpFFCxMhQAEIAABCEAAAgkIINBJAIdTWREI6gVypPigS5cu8uabbya1rawEOt27d5fp06cn tS/VBg0aNBAVyMQqkQKdu+++Wy677LJYTdOq00wBU6dOleeee07mzp0rq1evTto/kUBnzJgx MmTIEN8YI0eOlGHDhvnqgjgoS4FO79695ZlnnvG5kSjzja+h50BFPZ07d/bUiFx44YUyYcIE X51zkO97xJk3iG1Qz4lYtpS1QEdtUkFb/fr17Sx1jo077bSTLTKsWbOmU5X2Npfc0jaGDhAI KQEEOiENLG5BAAIQgAAEQkQAgU6IgokrWRNAoJM1QgYodAIIdAo9QtgHAQhAAAIQgAAEUiOA QCc1TrRKn0BQL5AjxQddu3aVN954I6lBZSXQadeunb1UlNdAXY5rt91281altK/LTemyVSq8 iVUiBToqDvnLX/4Sq2lKdZoZ54YbbrAz22zfvt3XRzMX6dJXhx56qJ3hRwU8XiFSIoHONddc I5oBxls0y9DAgQO9VYHsl6VAp1OnTjJ79myfH5ksrbRgwQLRzEne0q1bN3n55Ze9Ve5+vu8R d+IAdhYuXCgtW7b0jaTLSq1cudJXl8mBjuEshbdkyRJp3LhxWsNks8SVd6Jjjz1WXnvtNW+V vUSaLpWWaQnq+Zrp/PSDQCkQQKBTClHGRwhAAAIQgEBxE0CgU9zxw/qACZg0thQIhJrABx98 YJnbxv4bP358qH3FOQhAAAIQgAAEIBBmAr///rtVuXJl+9915kVEmF3FtzwT+PTTT93PDM5n B7N0U9pWXH755b5xjEAnpTHmzZvn66c2mCWukvZVGx17dTtx4sSkfbwN2rdv7+uvYyxatMjb JLB9s9a8by4jmMl47EcffdTaeeedfeOp7UaUY5kleiwj5vONPXbsWF9bI9DxnfceGAGJr62O awQ63iaB7Wcbv1iG3HjjjT77jbAiVjPLiJd87dRPI0CJ2TZRpflBTNQ4PXr0iNsl3/dIXEMy OLFixYooXytUqGDp/5uyLUbo5I5tskKlPZwRrLn9NZb6p/dcumXAgAFR45jl6NIdxtc+qOer b1AOIAABH4GTTjrJvndr167tq+cAAhCAAAQgAAEIFAoBk7HV/awxYsSIQjELOyBQJgR0nWkK BEJNAIFOqMOLcxCAAAQgAAEIlBABBDolFOw8uxrUC+R8iw9SFXjMmTPHMks3WWa5LR/Z008/ 3f2CzHmpb5aJ8rUJ6iAogc64ceOscuXK+ezeZ599rFmzZsU1NR2BjnJyWDjb4cOHxx07mxPZ xi/W3KkKdFTk6PjnbM1yVbGGTFhnsq1EjdOrV6+4ffJ9j8Q1JMMT1apVi/LXZK/JcLQ/upks T/a4VatW/aMyjb2gBDpm2bko/0444YQ0LIluGtTzNXpkaiAAAYcAAh2HBFsIQAACEIAABAqV AAKdQo0MdpUFAQQ6ZUGdOfNKAIFOXnEzGQQgAAEIQAACEMgZARXoVKlSxX55SAadnGEuyYGD eoGcb/FBqgKP66+/3r5vzDJNvvheddVVUS/jzdJTvjZBHQQh0NEML+XLl/fZbJbjsvSLvkQl HYGOI5RwRCu67d+/f6LhMz6XbfxiTZyqQGfw4ME+jupnJlmNnn322ahxdOx4Jd/3SDw7Mq1v 3rx5lL+aRSjbcvHFF9vjtmjRIqOhghLoxMoglSjjVCrGBvV8TWUu2kCgVAkg0CnVyOM3BCAA AQhAoHgIINApnlhhae4JINDJPWNmKGMCCHTKOABMDwEIQAACEIAABAIigEAnIJAME0UgqBfI +RYfZCvwePnll6PEBvqCPpOiAoGNGzfG7RqEQKd79+5R9r733ntx53RO3HHHHb5+XsHBypUr rVNPPdUaOXKk3fynn36ydNkir0BHM/RkUrZt2xa13JZ3nGzj5x3L2U9VoDN58mSfj+qvZidK t4waNSpqnOeffz7uMPm+R+IakuGJSL7KLdsMS1u3brXq169vc1TRXCYlKIGOI+bzXv96P6iN mZagnq+Zzk8/CJQCAQQ6pRBlfIQABCAAAQgUNwEEOsUdP6wPlgACnWB5MloBEkCgU4BBwSQI QAACEIAABCCQAQEEOhlAo0tKBIJ6gZxv8cHee+/tE0dMmDAhpr9XXnml3W7QoEG+83pPNWzY 0DdGs2bNfG1SOfj444/tZadat24dt3m2Ah21VZf/8QoHDjrooLjzeU+ceeaZvn5egc7ixYvt czVq1HC7OC86vXPNmzfPPZ/KzmeffWZVrFjRatu2bdzm2cYv1sCRApKzzz47VjNr8+bNVu3a tX1cVKiUbtHlj7ycdtppJ3vseOPk+x6JZ0em9T/88ENUFqfDDjss0+HsfsOGDXMZ6vcXmZSg BDqjR492bfHG9YsvvsjELLtPUM/XjA2gIwRKgIDz/y19rlMgAAEIQAACEIBAIRJAoFOIUcGm siKAQKesyDNv3ggg0MkbaiaCAAQgAAEIQAACOSWAQCeneEt68KBeIOdbfNCqVSvfy/Tbb789 ZhxPP/10u12sTB+R2WX0pfyMGTNijhOvslevXvb4HTt2jNfEylags3TpUp+vamffvn3jzuc9 0bhxY1/fZAKdF1980dde52rXrp2lz6BUiy6Lpf3atGkTt0sQ8YscPFWBjvYbOnSoz09dQnDF ihWRQ8Y9VrFKpUqVfGPcd999cdvriXzfIwmNyfDkWWed5fNZ4/zSSy9lNNpHH31kC7l0jPPO Oy+jMbRTUAKdhx9+OMo3tW3KlCkxbRsxYoRVp04d69133415XiuDer7GnYATEICAhUCHiwAC EIAABCAAgUIngECn0COEffkkgEAnn7SLbK5Vq1ZZa9euzchq/aJu06ZNGfUNuhMCnaCJMh4E IAABCEAAAhAoGwIIdMqGeynMOn/+/KiX0nvuuWfarl922WW+cbp06ZLSGPqSXl+Ce/90qaVk xRHGOP169+4ds8vBBx9sj63LGkWWHTt2WIcffrhvbhXTpPpZUMU85cqVs/snEmfsv//+vjmm TZsWaUrCY834EplBR5e8SlYWLFjgm1dZ6XJCTnHEA5FZB2KJMO69916nW8KtihXKly9vz5uo TxDxizTkuuuu8/mrfsQrv/32W5RwSkVP//vf/+J18dVrW+fa020q8cj3PeIzOKCD//73v1Zk 9iPN5vTrr7+mNcOWLVss596sW7eutWbNmrT6exursMobC93fb7/9vE1S2tflySLH0WONW6zi iMweeuihWKftuqCer3En4AQEIIBAh2sAAhCAAAQgAIGCJ4BAp+BDhIF5JIBAJ4+wi22qnXfe 2f4CVL9ke/DBBxP+kk6/wNO05vprvUMPPdT+QmfIkCEF4TICnYIIA0ZAAAIQgAAEIACBrAkg 0MkaIQPEITB9+vSol9KVK1e2VMCQTjnjjDN846S6BNMLL7zg66cvxFNZUmnUqFG+frvuuqul P7TwlrffftttE2+ZmkWLFtlZMLwv5rt27WqtW7fOO1TUvnJzlkk64ogj4maY0c+L+vnSO/79 998fNV6yiqOPPto3RrVq1ezsHPH6LV++PGoJL7VBBUU///yz3W3SpEn2mMccc4xvGPW9SZMm vvlq1aqVNLuQLm3VqFEju58ufZQo605Q8fMafv755/tsPv74472no/ZVHKbLUnlj06dPH2v7 9u1Rbb0Vt912m69PvXr1oq49b3tnP9/3iDNv0NtZs2ZZmnHIy03vGRWSpVI+//xzS68Pp/9T Tz2VSre4bfR54YzlbPXe3Lp1a9w+sU6o0EeXZnPGcLaxlq/bsGGDVaFCBbvtG2+8EWs4uy6o 52vcCTgBAQgg0OEagAAEIAABCECg4Akg0Cn4EGFgHgkg0Mkj7GKaSr+Idr6I8W71C54WLVpY us68frF21FFHWfqlc82aNaPaT5w4sSBcRqBTEGHACAhAAAIQgAAEIJA1AQQ6WSNkgP8joEKV uXPnWq+//ro1btw4a5999on6PKOfg1QQolln3nzzTUuFDJqNxStc0BfU+kOF2bNnW2PHjrVU 1OP9/KT7V199td1f261cudKNgQo59LPKs88+azlZKLx9O3fubE2dOtX68MMPra+++srt591Z v369K5Bx+upyVmqXFs1s6iwtpZ/hEhX9sixSkKJCk+eee87ns46xbNky66KLLnJ93WOPPSxd gspbtI0ye+2116wBAwa4bR0799prL2vMmDF2DJSD8khWlIcjCHDG0eWrYi2vo0sOOdlJ1I9I 4YqKKXRJMLVDx7r11lujptcsRoccckiU7Zo5ZvXq1b72mv1k/PjxbpYf/YysmUMSlSDip5/d VZzx3nvvWZqtp3r16j57VWyhy5ipUEvjESs7jl6bmsHFYapbFfYsXLjQZ/62bdvsa/bkk0/2 tdVMLRrDWKWs75FYNgVVp8+FSOFZ8+bN47LQefX5MXLkSN+zIt2lrTSG+izSZ4MKYx544IGY zxCNoy578/TTT1tvvfWWfZ188803Sd2PlT1KM0LpfN5y/fXX29eBfk/kFTMG9Xz1zsU+BCCQ mABLXCXmw1kIQAACEIAABMqeAAKdso8BFhQOAQQ6hROLgrIknkDH+4Vdon398jPWF39l4SQC nbKgzpwQgAAEIAABCEAgeAIIdIJnWoojxsrmkOizTeQ5r8jmlVde8QkVIttGHmvGFKfUqVMn 5b4tW7Z0ukVtdamoSGGQZpbp0KGDmxmlRo0aKWXk0Ywz5557bpQIZvfdd7eOO+44S5fQcjKm Or5pvWbdiCyXXHJJyv7pWGpjKkUz3sTK8KGCpkGDBll/+9vffGKFAw44wNIMQfploLPslGO7 s9Xlt1RQFKuowKRfv35Rc2oWHhU/devWLUrgpcujvf/++7GGi6rLNn4qzHH8SGWrIptYZcmS JdaZZ54ZxahZs2a2yEOXQYtcYqxSpUrWtddemzBrTCHcI7H8DapOl0hr3759VAw6depkC8B0 yaiZM2damnHotNNOs5dX88ZJlyRL97sTXRrLO0Y6+5q1J1nRa16FRpHjNm3a1Bbp6PdFo0eP tjT+2mbo0KHukEE+X91B2YEABJISQKCTFBENIAABCEAAAhAoYwIIdMo4AExfUATKqTXmAzUF Aj4CmzZtEvMFqa8ulQPzhacMHz5chg0blkrzvLQxv/IS84WZPZf5RaOYL23zMi+TQAACEIAA BCAAAQgES8C8xBSTHULMkh1iMjiIWRYo2AkYrSQIPPbYY9K/f3/7WjJCFjHL1Ih50SwmM4sY 0YXLQD8q79ixQ4ygQcwLcTFL19hbI0YRk23Ebvfqq6+KyTRij6Wfn3Q8Zxztr9es9tXPV+al ttxyyy1y1VVX2X3NklBiMprYffW6Vhv085QW7Wcybdh9tG/Pnj3lySeftM/F+o/J4CNXXHGF 6GefyGIyxIh5aS5GWBN5Ku6xybIhI0aMkGeeecb2P1bDhg0bypVXXml/vvJyc9pOmDBBjEjH 9c+IO1w22sbxUbkqG/V948aNTveEW5PZRkzWEDFLMYvuxyoms4kYsY6YDEZilv6ym6g/AwcO FJP9xj5W5iazkJjltsRkAYo1jFtnBCxiMu6IXj/6DIpVjOhKzjnnHDFLP4tZDitWk5h12cTP CIHEiEFcznotGQGTfS0rY+caVsbKV21Xv+OVL7/8Um666Sb7+RrPT42lyS4lJuuQmAy78Yay 6wvlHkloZAAnjQjHjrvJRpTSaG3bthWTQUr+9Kc/pdTe28iIVcUIp8RkrbKfORoPfY7ps8d5 hmh75x7TODrPMCP2s5873vFi7RuRju3PPffcY19Dsdpond4/JsuWPb8eB/l81fEoEIBAagT0 38UzZswQk9FK1q5dm1onWkEAAhCAAAQgAIE8EtDvGcyPXOwZ9fsG82OFPM7OVBAoLAIIdAor HgVjTboCHf1C1vwazP4Cx6QRLxg/1BAEOv+PvXsLlar64wC+TLOyNPWUJHUKoqKHIKIiUoLo 8lAWpvaQEkaakhRdMcjUUDPvmWnejiUagoX0YCaBvdZDRAVRGF1OqHnrppV5SfE/a/7OeOY4 58y5zGXPzGdD7L3X7L3XWp/f7s+/M9/ZO1HlMBgCBAgQIECAQJcF4peNmYBO6pfC6dBBly/W zokxGNHeF9jtnOojAhUViH/wioGN1FN+0l+Yp556kg7mdPV+juGOn376KWzfvj3Ea8fQ0aWX XhpST6UJN954Y06gqRITj+NLvU4n7Ny5M/3PH3/8EQYPHhxSr1wKqVdThRjSab3EsELq1VPp 5vjHwQEDBrQ+pN39+L8P0ST167/w/fffhxiWiCGo1Ku2QuqpRelwTLsXaOfDYtevna4KfhTn FUNJsfZxrnE/hpgaGxtDvK9iGM1ypkDqiUEh9fq8kHotXfbfmxiOieGtyy67LNx+++1h5MiR YejQoRX/9+fM0Z/ZEgNbqVdkhdTrANNzOnDgQIiBoDj+u+++Ozz99NPZcM6ZZ2shQKBcAgI6 5ZLWDwECBAgQINBVAQGdrso5rxYFBHRqsapFmFPLgE78w2b8hWHqcefpP8plLh9/mZV6xHG4 4447woQJEwr+ci5zXrnXAjrlFtcfAQIECBAgQKA0AqUO6Bw8eDD9RIP4RWp8yoaFAAECBAh0 RyCG2mK4KT7VqBaWOJe4xKf1WAgQSI6AgE5yamEkBAgQIECAQH4BAZ38LlrrU0BApz7rXnDW LQM68VeB8ReI8QuR33//PcRfTMXHdTc0NFTFH2UEdAqW2wEECBAgQIAAgaoQKFVAJ77KY8mS JWHx4sXpJxrEp0bke/JGVSAZJAECBAgQIECAQF0JCOjUVblNlgABAgQIVKWAgE5Vls2gSyQg oFMi2Gq/bL6ATrXOSUCnWitn3AQIECBAgACBXIFiB3T+/vvv8MYbb+S893rmzJlh2rRpuR3b I0CAAAECBAgQIJBQAQGdhBbGsAgQIECAAIGsgIBOlsIGgSCg4ybIKyCgk5dFIwECBAgQIECA QAUFihXQicGcZcuWhUWLFqWfENlySpmnRbZss02AAAECBAgQaVSJMQAADqhJREFUIEAgqQIC OkmtjHERIECAAAECGQEBnYyENYEgoOMmyC8goJPfRSsBAgQIECBAgEDlBLob0Pnnn3/Cm2++ GRYuXBh+++23MyYyefLkMH/+/DPaNRAgQIAAAQIECBBIqoCATlIrY1wECBAgQIBARkBAJyNh TUBAxz3QhoCAThswmgkQIECAAAECBCom0NWAzqFDh8Ly5cvDggULwq+//pp3/P379w/Nzc0h ri0ECBAgQIAAAQIEqkVAQKdaKmWcBAgQIECgfgUEdOq39mZ+poBXXJ1poiUlUCigc+LEifSv jhsaGkKvXr0SbfbZZ5+FW265JT3GpUuXhieffDLR4zU4AgQIECBAgACB/AKdDejE/0+7YsWK 9FNx9u/fn/+ip1qnT58eZsyY0e4xPiRAgAABAgQIECCQNAEBnaRVxHgIECBAgACB1gICOq1F 7NezgIBOPVe/nbm3DuhceeWVYf369eHjjz8O33zzTdi+fXs4cuRIOpxzxRVXhJtuuik88cQT 4bbbbmvnqpX5SECnMu56JUCAAAECBAgUW6CjAZ3Dhw+HlStXhnnz5oV9+/YVHEa/fv3Czz// HAYMGFDwWAcQIECAAAECBAgQSJKAgE6SqmEsBAgQIECAQD4BAZ18KtrqVUBAp14rX2DeLQM6 GzZsCIsXLw6ff/559qyzzjornHfeeSG+LqDlcuutt4Z33303NDY2tmyu6LaATkX5dU6AAAEC BAgQKJpAoYBODOasXr06HczZs2dPh/udOnVqmDVrVoePdyABAgQIECBAgACBpAgI6CSlEsZB gAABAgQItCUgoNOWjPZ6FBDQqceqd2DOLQM6mcPj66yeeeaZMGLEiHDVVVeFc845J+zYsSP9 yoDly5eHkydPpg8dNGhQ2LRpU2KepiOgk6mgNQECBAgQIECgugXaCujEJzs2NTWFuXPnht27 d3dqkn379k0/PWfgwIGdOs/BBAgQIFDfApm/gbReR5XWbV3dd63//52po3617FXLc8vU1xw7 dr/nc3r//ffDjz/+GPr37x/+/PPPeIiFAAECBAgQIJAoAQGdRJXDYCosIKBT4QIktfvWAZ2H Hnoo/aXHBRdckHfI8QuRiRMnZj+Lx3355ZfpIE+2sUIbAjoVgtctAQIECBAgQKDIAq0DOjEU vmbNmjB79uzQmSfmtBzWmDFjwrhx49JNmS+ICq3jwYWOKfR5Ma6R6cO1OvaFFq/OORXTyz3a OXte1eEV62QhQIBAkgQEdJJUDWMhQIAAAQIEWgoI6LTUsF3vAgI69X4HtDH/48ePh969e6e/ eHj88cfDihUr2jjydPPo0aPDxo0bsw0333xz+OSTT8LZZ5+dbavEhoBOJdT1SYAAAQIECBAo vkDLgM51110XDhw4EHbt2lX8jlyRAAECBAgQIECAQJUJCOhUWcEMlwABAgQI1JGAgE4dFdtU CwoI6BQkqt8DZs2aFXr06BFefPHF0LNnz4IQn376aRg6dGjOcfHVV5MmTcppK/eOgE65xfVH gAABAgQIECiNQMuAzuWXXx727t0bjh07VprOXJUAgbwC8b8R49J6na+t9TEd3Xet/MZt+dWy Vy3PLVNPc3S/Z+6FzLoY90QxrlHM8bhW5+7zznqNHTs2bNu2zSuu4o1vIUCAAAECBBIpIKCT yLIYVIUEBHQqBF+L3can7jQ0NIS//vorO70bbrghfPHFF9n9SmwI6FRCXZ8ECBAgQIAAgeIL tAzo3HfffWHZsmXh1VdfDatXr+5yZw8++GAYNmxYScIGcVCZL1i6u3atzn2xxatjXl1xiudY CBAgQIAAgeQI3H///WHLli0COskpiZEQIECAAAECrQQEdFqB2K1rAQGdui5/8Sc/fPjwsHnz 5pwLf/XVV+H666/PaSvnjoBOObX1RYAAAQIECBAonUAM6Jx//vnhyJEjIQZ0Pvjgg3RnO3bs CHPmzAlr164NR48e7dQAYsC8ubk59O3bt1PnOZgAAQIECBAgQIBAEgQEdJJQBWMgQIAAAQIE 2hMQ0GlPx2f1JiCgU28VL/F8J0+eHBYuXJjTy5o1a8L48eNz2sq5I6BTTm19ESBAgAABAgRK J9BWQCfT486dO8PcuXPDW2+91amgzuzZs8OUKVMyl7EmQIAAAQIECBAgUDUCAjpVUyoDJUCA AAECdSsgoFO3pTfxPAICOnlQNHVdYObMmeHll1/OucDUqVPDrFmzctrKuSOgU05tfREgQIAA AQIESidQKKCT6XnXrl3ZoE582k6hxVN0Cgn5nAABAgQIECBAIKkCAjpJrYxxESBAgAABAhkB AZ2MhDWBEAR03AU5Av/99194/vnnw3vvvRcOHToURowYEVauXBn69OmTc1xbOwsWLAgvvPBC zsdjx44N69aty2kr546ATjm19UWAAAECBAgQKJ1ARwM6mRH88ssvYd68eaGpqSn9WqxMe771 K6+8El566aV8H2kjQIAAAQIECBAgkFgBAZ3ElsbACBAgQIAAgVMCAjpuBQKnBQR0TlvYSgks Xrw4PPfcczkWnXnkf3xSzvTp03POf/TRR8Pbb7+d01bOHQGdcmrriwABAgQIECBQOoHOBnQy I9m9e3c2qHP48OFMc8564MCBobm5OfTr1y+n3Q4BAgQIECBAgACBJAsI6CS5OsZGgAABAgQI RAEBHfcBgdMCAjqnLWylBEaPHh02btyYYzFs2LCwZcuWnLa2duLTd1577bWcj73iKofDDgEC BAgQIECAQBcFuhrQyXS3Z8+eMH/+/LBq1aqQL6gTg+YzZszIHG5NgAABAgQIECBAIPECAjqJ L5EBEiBAgACBuhcQ0Kn7WwBACwEBnRYYNkN4+OGHw4YNG3IoYts777yT09bWziOPPBLWr1+f 83F8vVV8zVWlFk/QqZS8fgkQIECAAAECxRXobkAnM5q9e/dmgzr//vtvpjm9PnjwoKfo5IjY IUCAAAECBAgQSLKAgE6Sq2NsBAgQIECAQBQQ0HEfEDgtIKBz2sJWSmDKlClhzpw5WYsLL7ww bN26NQwZMiTb1t7GtddeG7777rvsIb169QrxC5CGhoZsW7k3BHTKLa4/AgQIECBAgEBpBIoV 0MmMbt++fWHBggVh0aJFmaYQX9kanwBpIUCAAAECBAgQIFANAgI61VAlYyRAgAABAvUtIKBT 3/U3+1wBAZ1cj7rfi2Gc+EqruEybNi0d2Dn33HM75PLDDz+Eq6++OufYUaNGhU2bNuW0lXtH QKfc4vojQIAAAQIECJRGoNgBncwo9+/fnw7qrFixIvTu3Ts0NzeHGFS3ECBAgAABAgQIEEi6 gIBO0itkfAQIECBAgICAjnuAwGkBAZ3TFrZSAsePHw+NjY3pp97cddddYdu2bR12mThxYmhq asoeP2jQoPD111+HuK7kIqBTSX19EyBAgAABAgSKJ1CqgE5mhDGoE5+mc8kll4Rnn30202xN gAABAgQIECBAILECAjqJLY2BESBAgAABAqcEBHTcCgROCwjonLawdUpg7dq1Ydy4cem9p556 Krz++uuhR48e7fqsW7cujB8/Ppw4cSJ73Icffhjuvffe7H6lNgR0KiWvXwIECBAgQIBAcQVa BnTiUx+3bNlS3A5OXe3IkSOho0+RLMkAXJQAAQIECBAgQIBABwUEdDoI5TACBAgQIECgYgIC OhWj13ECBQR0EliUJAxp+PDhYfPmzemhjBkzJh3Sufjii/MObdWqVWHSpEnh5MmT2c9jsGfJ kiXZ/UpuCOhUUl/fBAgQIECAAIHiCZQroFO8EbsSAQIECBAgQIAAgdIKCOiU1tfVCRAgQIAA ge4LCOh039AVakdAQKd2alnUmRw9ejSMHDkybN26NX3dPn36hAkTJoR77rknXHPNNekwTnx9 1cqVK8NHH32U7bt///5h/vz54bHHHiv41J3sSSXeENApMbDLEyBAgAABAgTKJCCgUyZo3RAg QIAAAQIECFSNgIBO1ZTKQAkQIECAQN0KCOjUbelNPI+AgE4eFE3/F4ivq4qvu5o+fXrYs2dP QZZRo0aFpUuXhsGDBxc8tpwHCOiUU1tfBAgQIECAAIHSCQjolM7WlQkQIECAAAECBKpTQECn Outm1AQIECBAoJ4EBHTqqdrmWkhAQKeQkM/DoUOHQlNTU4hBl2+//TZs3749HDt2LFx00UWh sbEx3HnnneGBBx4IQ4YMSaSWgE4iy2JQBAgQIECAAIFOCwjodJrMCQQIECBAgAABAjUuIKBT 4wU2PQIECBAgUAMCAjo1UERTKJqAgE7RKOvnQvGLkZMnT4aePXtWxaQFdKqiTAZJgAABAgQI ECgoIKBTkMgBBAgQIECAAAECdSYgoFNnBTddAgQIECBQhQICOlVYNEMumYCATsloXTgpAgI6 SamEcRAgQIAAAQIEuicgoNM9P2cTIECAAAECBAjUnoCATu3V1IwIECBAgECtCQjo1FpFzac7 AgI63dFzblUICOhURZkMkgABAgQIECBQUEBApyCRAwgQIECAAAECBOpMQECnzgpuugQIECBA oAoFBHSqsGiGXDIBAZ2S0bpwUgQEdJJSCeMgQIAAAQIECHRPQECne37OJkCAAAECBAgQqD0B AZ3aq6kZESBAgACBWhMQ0Km1ippPdwQEdLqj59yqEBDQqYoyGSQBAgQIECBAoKCAgE5BIgcQ IECAAAECBAjUmYCATp0V3HQJECBAgEAVCgjoVGHRDLlkAgI6JaN14aQICOgkpRLGQYAAAQIE CBDonoCATvf8nE2AAAECBAgQIFB7AgI6tVdTMyJAgAABArUmIKBTaxU1n+4ICOh0R8+5VSEg oFMVZTJIAgQIECBAgEBBAQGdgkQOIECAAAECBAgQqDMBAZ06K7jpEiBAgACBKhQQ0KnCohly yQQEdEpG68JJERDQSUoljIMAAQIECBAg0D0BAZ3u+TmbAAECBAgQIECg9gQEdGqvpmZEgAAB AgRqTUBAp9Yqaj7dEfgfAAAA//+OVHvyAABAAElEQVTs3QscFXP+//FvV111pZuEIhWSKHZz KZcool0rWasNuUYJhU10sWpJt13Juu5m3folKkRCsSIq2iUrRdJF94vudv7zmf/OmDnXOefM nDOX1zwe/c7MnJnvfL/P78zZfs3b91tG0xfFgkCEBT766CPVvn17o4UTJkxQffv2jXBraRoC CCCAAAIIIBBdgf/+97+qatWqavfu3apr165qxowZ0W0sLUMAAQQQQAABBBBAwIXABRdcYPy9 uGbNmmrz5s0uzuAQBBBAAAEEEECguAL/+c9/VPPmzY2LDh8+XA0ePLi4FeBqCARIoAwBnQD1 BlXxRYCAji+sFIoAAggggAACCBRdQAI61apVU7t27SKgU3R9LogAAggggAACCCAQRAECOkHs FeqEAAIIIIAAAnYBAjp2DdbjLkBAJ+53QAzaT0AnBp1MExFAAAEEEEAgFgIEdGLRzTQSAQQQ QAABBBBAIAcBAjo5YHEoAggggAACCJREgIBOSdi5aEAFCOgEtGOolncCBHS8s6QkBBBAAAEE EECglAIEdEqpz7URQAABBBBAAAEEgihAQCeIvUKdEEAAAQQQQMAuQEDHrsF63AUI6MT9DohB +wnoxKCTaSICCCCAAAIIxEKAgE4suplGIoAAAggggAACCOQgQEAnBywORQABBBBAAIGSCBDQ KQk7Fw2oAAGdgHYM1fJOgICOd5aUhAACCCCAAAIIlFKAgE4p9bk2AggggAACCCCAQBAFCOgE sVeoEwIIIIAAAgjYBQjo2DVYj7sAAZ243wExaD8BnRh0Mk1EAAEEEEAAgVgIENCJRTfTSAQQ QAABBBBAAIEcBAjo5IDFoQgggAACCCBQEgECOiVh56IBFSCgE9COoVreCRDQ8c6SkhBAAAEE EEAAgVIKENAppT7XRgABBBBAAAEEEAiiAAGdIPYKdUIAAQQQQAABuwABHbsG63EXIKAT9zsg Bu0noBODTqaJCCCAAAIIIBALAQI6sehmGokAAggggAACCCCQgwABnRywOBQBBBBAAAEESiJA QKck7Fw0oAIEdALaMVTLOwECOt5ZUhICCCCAAAIIIFBKAQI6pdTn2ggggAACCCCAAAJBFCCg E8ReoU4IIIAAAgggYBcgoGPXYD3uAgR04n4HxKD9BHRi0Mk0EQEEEEAAAQRiIUBAJxbdTCMR QAABBBBAAAEEchAgoJMDFocigAACCCCAQEkECOiUhJ2LBlSAgE5AO4ZqeSdAQMc7S0pCAAEE EEAAAQRKKWAP6HTp0kXNnDmzlNXh2ggggAACCCCAAAIIlFyAgE7Ju4AKIIAAAggggEAWAQI6 WYD4OlYCBHRi1d3xbCwBnXj2O61GAAEEEEAAgegJENCJXp/SIgQQQAABBBBAAIHCBAjoFObH 2QgggAACCCDgvwABHf+NuUJ4BAjohKevqGmeAgR08oTjNAQQQAABBBBAIGACBHQC1iFUBwEE EEAAAQQQQKDkAgR0St4FVAABBBBAAAEEsggQ0MkCxNexEiCgE6vujmdjCejEs99pNQIIIIAA AghET4CATvT6lBYhgAACCCCAAAIIFCZAQKcwP85GAAEEEEAAAf8FCOj4b8wVwiNAQCc8fUVN 8xQgoJMnHKchgAACCCCAAAIBEyCgE7AOoToIIIAAAggggAACJRcgoFPyLqACCCCAAAIIIJBF gIBOFiC+jpUAAZ1YdXc8G0tAJ579TqsRQAABBBBAIHoCBHSi16e0CAEEEEAAAQQQQKAwAQI6 hflxNgIIIIAAAgj4L0BAx39jrhAeAQI64ekrapqnAAGdPOE4DQEEEEAAAQQQCJgAAZ2AdQjV QQABBBBAAAEEECi5AAGdkncBFUAAAQQQQACBLAIEdLIA8XWsBAjoxKq749lYAjrx7HdajQAC CCCAAALREyCgE70+pUUIIIAAAggggAAChQkQ0CnMj7MRQAABBBBAwH8BAjr+G3OF8AgQ0AlP X1HTPAUI6OQJx2kIIIAAAggggEDABAjoBKxDqA4CCCCAAAIIIIBAyQUI6JS8C6gAAggggAAC CGQRIKCTBYivYyVAQCdW3R3PxhLQiWe/02oEEEAAAQQQiJ4AAZ3o9SktQgABBBBAAAEEEChM gIBOYX6cjQACCCCAAAL+CxDQ8d+YK4RHgIBOePqKmuYpQEAnTzhOQwABBBBAAAEEAiZAQCdg HUJ1EEAAAQQQQAABBEouQECn5F1ABRBAAAEEEEAgiwABnSxAfB0rAQI6serueDaWgE48+51W I4AAAggggED0BAjoRK9PaRECCCCAAAIIIIBAYQIEdArz42wEEEAAAQQQ8F+AgI7/xlwhPAIE dMLTV9Q0TwECOnnCcRoCCCCAAAIIIBAwAQI6AesQqoMAAggggAACCCBQcgECOiXvAiqAAAII IIAAAlkECOhkAeLrWAkQ0IlVd8ezsQR04tnvtBoBBBBAAAEEoidAQCd6fUqLEEAAAQQQQAAB BAoTIKBTmB9nI4AAAggggID/AgR0/DfmCuERIKATnr6ipnkKENDJE47TEEAAAQQQQACBgAlI QKd69epq586dqkuXLmrmzJkBqyHVQQABBBBAAAEEEECguAIEdIrrzdUQQAABBBBAIHcBAjq5 m3FGdAUI6ES3b2nZ/wQI6HArIIAAAggggAAC0RAgoBONfqQVCCCAAAIIIIAAAt4JENDxzpKS EEAAAQQQQMAfAQI6/rhSajgFCOiEs9+odQ4CBHRywOJQBBBAAAEEEEAgwAIEdALcOVQNAQQQ QAABBBBAoCQCBHRKws5FEUAAAQQQQCAHAQI6OWBxaOQFCOhEvotpIAEd7gEEEEAAAQQQQCAa AgR0otGPtAIBBBBAAAEEEEDAOwECOt5ZUhICCCCAAAII+CNAQMcfV0oNpwABnXD2G7XOQYCA Tg5YHIoAAggggAACCARYgIBOgDuHqiGAAAIIIIAAAgiURICATknYuSgCCCCAAAII5CBAQCcH LA6NvAABnch3MQ0koMM9gAACCCCAAAIIREOAgE40+pFWIIAAAggggAACCHgnQEDHO0tKQgAB BBBAAAF/BAjo+ONKqeEUIKATzn6j1jkIENDJAYtDEUAAAQQQQACBAAsQ0Alw51A1BBBAAAEE EEAAgZIIENApCTsXRQABBBBAAIEcBAjo5IDFoZEXIKAT+S6mgQR0uAcQQAABBBBAAIFoCBDQ iUY/0goEEEAAAQQQQAAB7wQI6HhnSUkIIIAAAggg4I8AAR1/XCk1nAIEdMLZb9Q6BwECOjlg cSgCCCCAAAIIIBBgAQI6Ae4cqoYAAggggAACCCBQEgECOiVh56IIIIAAAgggkIMAAZ0csDg0 8gIEdCLfxTSQgA73AAIIIIAAAgggEA0BAjrR6EdagQACCCCAAAIIIOCdAAEd7ywpCQEEEEAA AQT8ESCg448rpYZTgIBOOPuNWucgQEAnBywORSDAAjt37lQVKlQw/gS4mlQNAQQQQMBHAXtA 57zzzlOvvvqqj1ejaAQQQAABBBBAAAEEgi9AQCf4fUQNEUAAAQQQiLsAAZ243wG03y5AQMeu wXokBfwM6Ozevbsgs7Jly6qKFSsWVEZYTtY0TW3YsEFt3LjR+LNp0yZrXfYddthh6pprrglL c6hnEQT27dunJk2apF5//XW1ZMkStXLlSlWuXDl16KGHqh49eqhbb71V1a1btwg14RIIIIAA AkERIKATlJ6gHggggAACCCCAAAJBESCgE5SeoB4IIIAAAgggkE6AgE46GfbHUYCAThx7PWZt 9iugs2fPHlWpUqWCNatVq2aEDOrVq6dOPPFE1bFjR3X66adHLnjw+eefq1atWqX1Ov/889X0 6dPTfm//4r333lPvv/++atCggeratauqU6eO/WvWIyAgIyIMGDBAffnll1ZrJNAmL2bN5eij j1bz5s2L3LNiti/XT56LXMU4PigC3LtB6Ylw1IOATjj6iVoigAACCCCAAAIIFE+AgE7xrLkS AggggAACCOQnQEAnPzfOiqYAAZ1o9iutsgn4FdDZv3+/ql+/vjEKjO1ynqxKEKF79+7GCCGn nHKKJ2WWuhCvAjrDhw9XQ4YMsZpTs2ZNJS93M4V/rINZCYXASy+9pH71q19Zda1du7Z69NFH jfDaUUcd5Xjm5F4YOnSodWxcV3gu4trz4W839274+7DYLSCgU2xxrocAAggggAACCCAQdAEC OkHvIeqHAAIIIIAAAgR0uAcQ+FmAgM7PFqxFVMCvgI5wyZRNa9euVdu3b1fLly9XY8eOVR9/ /HGS5MMPP6x++ctfWtNZyeg7Mj2W/JFpez744APjj0zj89NPPznO79y5s3ryySeN0WIcX4Rs Y+/evWrp0qWG1dy5c9W9996rZJ+5uBlBZ+fOnapGjRpKwlH2pWfPnuof//iHfRfrIRVYtmyZ atu2rdq2bZvRApnCav78+app06bqk08+MUaZsjft7LPPVm+88YZ9V+zWeS5i1+WRaTD3bmS6 sqgNIaBTVG4uhgACCCCAAAIIIBACAQI6IegkqogAAggggEDMBQjoxPwGoPkOAQI6Dg42oijg Z0An0evTTz9Vxx9/vGO3jP6xceNGx750G3KcjAYigR57UEdCCs8884w655xz0p0auv19+vRR jz32mFVvNwEdCfi0aNHCOsdckWnB5syZY27ymYPA4MGDldy3ffv2VRIGK/Xyi1/8wgirmfUY PXq0MdWVbK9evVo1atTI/Mr4lHpPmDDBsS9uG2F9LoJ278XtvvGivYX2YVjvXS/sKCN/AQI6 +dtxJgIIIIAAAggggEA0BQjoRLNfaRUCCCCAAAJREiCgE6XepC2FChDQKVSQ8wMvUMyAzrp1 64xpr+woMiXPl19+ad+Vdf3vf/+76tWrl9I0zTq2atWqxkgixxxzjLUvzCv333+/uuuuu6wm uAnoyIg7tWrVUjLqgn3p16+fMXqRfR/r7gQk8CQvyWUKKQlNlXL56quvlDwv5iJ9LaGcSpUq mbvUDTfcoCZOnGhsy6g6r7zyimrZsqX1fRxXwvpcBOnei+N940WbC+3DsN67XthRRv4CBHTy t+NMBBBAAAEEEEAAgWgKENCJZr/SKgQQQAABBKIkQEAnSr1JWwoVIKBTqCDnB16gmAGd9evX q4MPPthh0rx5cyMA4djpYuPGG280RtKxH3rkkUeqBQsWGNM82feHcX3MmDHWyChSfzcBHTlu 1KhR6o477pBVY6levbqSPj766KPNXXzmIFClShW1a9euQAR0JJh2xRVXWLXv0KGDmjdvnrVt rnz77bfGqFRt2rRRZcqUMXfH+jOMz0WQ7r1Y3zwFNN6LPgzjvVsAGad6IEBAxwNEikAAAQQQ QAABBBCIlAABnUh1J41BAAEEEEAgkgIEdCLZrTQqTwECOnnCcVp4BMIa0Pn666+N0UTkRZR9 GTlypBo0aJB9VyjX8w3oSGMXLVqkZs2apWRUoW7duqkmTZqE0qDUlV61apVq3LixUY0gjKCT +KK+d+/e6oknnig1U2iuH6bnImj3Xmg6OUAV9bIPw3TvBqgLYlsVAjqx7XoajgACCCCAAAII IJBGgIBOGhh2I4AAAggggEBgBAjoBKYrqEgABAjoBKATqIK/AmEN6IiKjJizbNkyB9B5552n Xn31Vce+MG4UEtAJY3uDWGcJe915551G1YIQ0Ln33nvV0KFDLap77rlHyT6W6AkE7d6LnrD/ LaIP/TfmCqkFCOikdmEvAggggAACCCCAQHwFCOjEt+9pOQIIIIAAAmERIKATlp6insUQIKBT DGWuUVKBMAd0zjzzTDVnzhyHn0zptGXLFlW2bFnH/rBtENApbY/JC85mzZqpFStWGBUJYkBH wjpDhgwpLRRX91wgiPee542MeIH0YcQ7OODNI6AT8A6ieggggAACCCCAAAJFFyCgU3RyLogA AggggAACOQoQ0MkRjMMjLUBAJ9LdS+NEIMwBnfbt2xv1t/dkuXLl1J49e5R8hnkhoFPa3nvu uedUz549rUoQ0LEoWPFZIIj3ns9Njlzx9GHkujRUDSKgE6ruorIIIIAAAggggAACRRAgoFME ZC6BAAIIIIAAAgUJENApiI+TIyZAQCdiHUpzkgXCGtDZv3+/OvDAA9WuXbscjTr88MPV8uXL HfvCuEFAp3S9JqMyde3aVe3evduqBAEdi4IVHwWCeu/52OTIFU0fRq5LQ9cgAjqh6zIqjAAC CCCAAAIIIOCzAAEdn4EpHgEEEEAAAQQKFiCgUzAhBURIgIBOhDqTpqQWCGtA57PPPlOtW7dO atSAAQPU6NGjk/bnsmPNmjXq888/V99//73asWOHqlGjhpLgzymnnKLKlCmTS1Fpj5Xwh1xH RvuRqZTKly/vONaLgM62bdvUhg0bVMWKFdUhhxziKD/dhtRHzjnggANU3bp1kw777rvvjOBK kyZNjHKTDsiww29XTdOMflu5cqVhu2/fPnXwwQerBg0aGH+kztmWmTNnqh49eqgff/zRcWgU AzryEnfJkiVK+lT6pkKFCqp58+aqRYsWqmbNmo7257rh532Ua10Sj8/nuRCrzZs3q40bN6qD DjpI1apVK7FYJaFBCQdWrlzZeN5y/a0o1r3n9XPoV18vW7ZMrVq1Sq1evdqYtrB+/fqqadOm 6ogjjlAylaGXixe/HVIfv/swn3vX7uTnM1+MZ8TeFtbTC0hfyDOyc+dOdd5556lXX301/cF8 gwACCCCAAAIIIIBADAQI6MSgk2kiAggggAACIRcgoBPyDqT6ngoQ0PGUk8KCKBDWgM7111+v HnnkEQdpw4YN1YIFC5R85rPItCTjx49X8+fPV/LCNnFp3Lix+u1vf6suv/xy1apVq8Svs27P nTtXPfPMM+q1114zQhHmCZUqVVLHHXecatu2rerVq5eSqbtyCehs377dOE/CA/JHAjabNm1S ElCRReo8efJk83LW51NPPaWkzXK8/JFzJZAky6GHHqq+/fZbY11ekt9+++3qjTfeMMqVnRL6 ufLKK9XYsWONMI9xYJr/47frDz/8oEaMGKFeeukl44V+mmoY4ZPevXsbVvKy31wkCCD9/t57 76lFixaZux2fxx9/vDrssMMc+8yNk046Sd11113mpmefcq9MmTLFKu+LL75QX375pbUtKxdd dJFjWzYuvvhio8+TvvjfDgmeDR8+XE2bNk2tW7cu5WESapJ7Ufq9du3aKY8xdxbrPjKv5/Yz 3+dCQkt/+MMfrGdJngsJ58hLb1nsYa0VK1ao+++/3/jdkVDf3r17jWMkpCNhkjPOOEMNGzYs ZaBHDizmvefFc+h3X69fv15NmjTJ+L1KvNcN2P/9H3G99dZbjZGucg1C2csp9LdDyvKjD/O9 d+1ts697/cwX8xmxt4N1dwLyWyUjDErQlICOOzOOQgABBBBAAAEEEIi2AAGdaPcvrUMAAQQQ QCAKAgR0otCLtMEzAf0lPQsCkRb48MMPJYli/JkwYYKvbdVfhlrXMq+pj9iR8zX18EpSOfp/ La4tXrw457LkBD3MoumjpjjK1F9uafo0R9rvf/977bTTTtP0EW4c348bN871taTdeqjHcb60 Xx+ZR5P216lTx/quXLly2tChQ7UHHnjA2ifHnn/++Wmvp7/Udhxr2pqfekAn5bk333xz2vOq Vq1qnDN9+nStWrVqaY/TQxwpy5adfrvKNV5++WVNHyUnqX76aDlaly5dNP1FvqaPduL4Xo7X XzDL6cbyyiuvOL433dx+duvWzSzK00899JNXvfRwSdp6/P3vf9f00XEc5darV0+TNsi93qFD B61s2bLW9/Ic3HPPPZo+EkPaMv2+j9JeOMsX+T4Xs2bNstqf6h7QAzqaPlqO4aKH66xj9VGn tEaNGml6YMTaJ+fL/TZjxoyUtS3Gveflc+hnX+uBHE0fqcyy00NOxvN77bXXatdcc432i1/8 QtODgdb3YtuyZUtND0mltM2204vfDrmGH32Y772bqs1+PPPFfEZStYl9mQV++uknTf43XJ4R PaCT+WC+RQABBBBAAAEEEEAgBgLyb2ry92P59xAWBBBAAAEEEEAgiALy7+Py9xX5o/8H1kGs InVCoGgCjKCj/xKwRFsgTCPoyEgWMmrOkCFDrNEspHdkKiYZHeLMM8/MubPmzJmjrrjiCmM6 KzlZDyeoPn36GCOMyFQ25rJ06VJjxJgPPvjA3KUefPBBYxQHa0eKFRlx4rbbbjNG4zC/limU ZCqudu3ambvUwoULjVFcnn76aWuffUX/xwSlh2Xsu6x1+a/k77zzTiWjLsgoPTLNjn1JN4KO jDijv2g1pjeaPXu2MR2GeZ7+cs8oSw8nGf8VvtRVpg6799571VtvvWUepmT0ny1btiSNouO3 q4z0079/f/X4449bddHDTWrw4MHqpptuUnroydovowlIP1x11VXWPj1IYYxiJKNvSDL52Wef tb6TFWmreJqLHg5Q55xzjrnp+LzwwguVjLDj9SKG8+bNs4p9++231bvvvmttyyg3enjB2jZX 5P5NHEVKRia57rrr1NSpU83DVPfu3dVDDz2UNDKQTBF2yy23OI499dRTjftPpntLXPy8jxKv lct2vs+FjNwiIypt3bpViblMsWRfZIQX+d00773OnTur++67z5hyT6aqk+dB+sA++pGMQiQj rSROjeX3vef1c+hXX8v0YDJC2dq1aw1quc9k1Bf5HbIv8jss97H9OZApr+R3T55pN4uXvx1y PT/6MN97195+P5/5Yj4j9jax7k6AEXTcOXEUAggggAACCCCAQHwEGEEnPn1NSxFAAAEEEAir ACPohLXnqLcvAkWLAnEhBEokUOoRdI466ihjNAoZkcL+R3+JqulBE02fdkh74YUXNBmpxT5a hf7AG0lSfcoiTZ+eKS+9r7/+WqtSpYqVSpWRL/QgR9qy1qxZo+lhIOt4qYOMwpBuSRwFR47P lnzVX+pb/+W72Ub5zDSCjv368l/Ot2nTxlHHdCPo2M+T0YfsI6fI6BXHHnusUY4+nZemhxWM w0888URH2TKykPmdWZ7frnIdPRThqIeMXKK/pDerkPSp/2OM43gx1UNRSceZO/SAi+N4GTWl 1IuMZGO/J9z0q9RZn3bJcU/Ifa6H3DT9JW7aJsl9dOONNzqu17p166S+TizAy/sosexCtvN9 Lvbs2aM1a9bM4aBPdWZsy4g5erArZbXkt6xFixaO8/QpmVIem7jTq3vP7+fQy75+5513HFZy n+tBqEQaY1ts9WkAHcfLSGR6qCXl8Yk7/f7tkOt51YdSVj73bjGf+VI8I+LCkl5A7hlG0Env wzcIIIAAAggggAAC8RNgBJ349TktRgABBBBAIGwCjKATth6jvn4KKD8Lp2wEgiBQ6oCOPXDg dl2ms5Jgjj6aTUGEnTp1crzklTKzLRLIsddTpl1JtXz88ceO6VgkFPGXv/wl1aFJ+55//nnH NeR6bgM6Uli/fv0c57sNcshUR/a2ybpMz/PNN99YddRH6nEcc9FFF1nfmSt+uso19FGGHHWQ esqUK5kWfYSbpHMkDJVu8fIFe7pr5Lo/34COPuqRo+1SjtslcUojN8+IV/eR2zq6PS7f5+LK K690+JnPiEy1l2kZMWKE47zjjjsu0+HWd17de34/h1Jhr/p62LBhDisxlmkB0y36SDqO31c5 3k2Irhi/HVJnr/rQbH+u926xn/liPyOmC5+pBQjopHZhLwIIIIAAAggggEB8BQjoxLfvaTkC CCCAAAJhESCgE5aeop7FECCgUwxlrlFSgVIHdGTUFn36l6Q/EsIxX4QnfjZp0sQYXUFeQuW7 /PWvf3WUr0+PpOlT2bgqTkI59jolBoX0qZG0I4880nFMt27dXJVtHqRPP+Q4P5eAjoyOYq+f 24COjGZkP0/W9Wm8zCoZn/v27TP2XXzxxdqf/vQnbd26dY7v/XSVC8n15H6x1/Oss85y1CHV hj69leMcGSFIn4oo1aHGPq9fsKe9UA5f5BPQWbRokVahQgWr7TIClNyfbhd9WjlrJAbTfMaM GRlP9+I+yniBPL/M97nQp/uy/EwDGYUl0whEUsVp06Y5zqtWrZqrmntx7/n9HJoN8aqv//a3 vzmsxHnkyJHmZVJ+Jo6io081l/I4c2exfjvkel70oVlv+czl3i3FM1/sZ8Ruw3qyAAGdZBP2 IIAAAggggAACCMRbgIBOvPuf1iOAAAIIIBAGAQI6Yegl6lgsAQI6xZLmOiUTKHVAR6YmSbfI 1EkyjcrQoUM1mcLIfDlufsoL2s2bN6c7Pe1+mQqlRo0ajvLOPPPMtMcnfpH4svS2225zHNK3 b19H2VLfN954w3FMto3rr7/eUUYuAZ18ghxSH+kL01Y+JTy1atWqbFW1vvfbVS4ko2rY6ygj E2WaqsqsnLyclz6WsErLli21J5980vwq5afXL9hTXiTHnfn0a+LIQRJUynW59NJLHeYdOnTI WESh91HGwgv4Mh8/udyAAQMc7Zf7b+bMmVlrItPz2e9VWZfAU7al0HuvGM+h2Qav+lp+x+1T 80nwR6YUzLRcc801Dt9sIxQV67dD6lxoHya2O5d7txTPfLGfkUQftp0CBHScHmwhgAACCCCA AAIIIEBAh3sAAQQQQAABBIIuQEAn6D1E/YopQECnmNpcqyQCQQ7o2EF27NihXXHFFY4XsvLC W8ICO3futB+adT1xmiopR0aDcbu8++67jnr86le/sk7du3evVrNmTcf3MppOttE2rAL+txKE gE7Hjh0Tq5Vx209XubAED2TkG3vo4eijj85Yp3y/9PoFe771sJ+Xy0t6Oe+TTz5xWInbU089 ZS/S1fqf//znpHLkL4vplsTQRq73UbpyC92fq595vVThg2zhETk3lb+b8wq99/x+Dk0X+fSy r3fv3q3NmzfP9dSFo0ePdtyXTZs2tVfNsV7M3w65cKF96Ki8vuH23k11zxXjmS/2M5Low7ZT gICO04MtBBBAAAEEEEAAAQQI6HAPIIAAAggggEDQBQjoBL2HqF8xBQjoFFOba5VEICwBHcGR kItMY2IPaMj6DTfckJNdqhFupkyZou3fv9/VH5kKy14HGfnBXGSkHPt3si4jkOS6BCGgkzgy ULY2+Okq15ZRSxJte/funa1aeX3v9Qv2vCqRcJLbl/TmaYnHi50EIHJdpk+fnuQ+atSotMUk hjZyvY/SFlzgF4kebqd+SwwfNGjQwFVNUoUlihHQ8fs5tDe+WH397bffarNnz9aeffZZbfz4 8drgwYO1U0891XFfZgroFPO3Q3y8/v1we+8mHlesZ77Yz4j9HmQ9WYCATrIJexBAAAEEEEAA AQTiLUBAJ979T+sRQAABBBAIgwABnTD0EnUslgABnWJJc52SCYQpoCNIP/zwg1axYkXHi9nq 1atr27dvd214wQUXOM5PDH3kut24cWPr2qlGG7nlllus792uBCGgM2bMGLfVNY7z01UuIPVJ 7JsRI0bkVEe3B3v9gt3tdTMdl/jyPVvA5JJLLknyyjTyTbprz507N6mca6+9Nt3hSaOq5Hof pS24wC9y9TMvlxg+OOOMM8yvMn6WKqDj93Nob3RiQMervt60aZP2xBNPaPKPqHXr1k26/xJ/ B2Q7U0CnmL8d4uP174fbe7dUz3yxnxH7Pch6soA9oHPuuecmH8AeBBBAAAEEEEAAAQRiJkBA J2YdTnMRQAABBBAIoQABnRB2GlX2TYCAjm+0FBwUgbAFdMTt7LPPTnphO3nyZNekJ510UtL5 9evX11q1apXzn9atW2v9+/e3rn3nnXcmlZ3L9FlmQUEI6LzwwgtmdVx9+ukqFRg0aFCSrQSi /Fi8fsHuRR3dvqQ3ryXTvyUGGZYvX25+7fpz0aJFSeV07tw57fmJoY1c76O0BRf4Ra5+5uUS wwedOnUyv8r4WaqAjt/Pob3RXvf1unXrNAl/VahQIemek5GLunfvrg0fPlx7/PHHtcQgUqaA TjF/O8TH698Pt/duqZ75Yj8j9nuQ9WQBAjrJJuxBAAEEEEAAAQQQiLcAAZ149z+tRwABBBBA IAwCBHTC0EvUsVgCBHSKJc11SiYQxoBOnz59kl7e5jKNTvv27ZPOX7ZsmSd9kPiiUgIS+YRI ghDQkamNcln8dJV63HrrrUn9lo+tmzZ5/YLdzTWzHeP2Jb1ZzgknnJDktWTJEvNr158fffRR Ujky1Vy6JTG0ket9lK7cQvfn6mdeL/GZDnpAx+/n0HSRTy/7+qmnntIOPPDApHvt5JNP1l5+ +WVjikP7tceNG+c4NlNAp5i/HVJHr38/3N67pXrmi/2M2O8D1pMFCOgkm7AHAQQQQAABBBBA IN4CBHTi3f+0HgEEEEAAgTAIENAJQy9Rx2IJENApljTXKZlAGAM6MmJN4sggXbp0cW2YahqQ +fPnuz4/04GpplIZNmxYplNSfhfGgI6froI0duzYpH7PxzYleMJOty/YP/jgA6Neb7/9dkIJ 3m+6fUlvXjlxhBF5ZubNm2d+7frzzTffTHKXkUzSLV6GNtJdI5/9ufqZ1yh2+KDQe8/v59B0 kU+v+nr8+PFamTJlHPfZEUccoc2ZM8d+Ocd6LgGdYv52SCUL7UNHQ/UNt/duqZ75Yj8jiT5s OwUI6Dg92EIAAQQQQAABBBBAgIAO9wACCCCAAAIIBF2AgE7Qe4j6FVOAgE4xtblWSQTCGNBJ NRpCptETEmEHDhzoeBEswQWvpuGZOnVqUtk33XRTYhWybocxoOOnq4BNmzYtyfbKK6/MapnP AW5fsN99991GnW688cZ8LpPTOW5f0puFyn2XGGTLZzSbF198MamcTPe0V6ENsx1efebqZ163 2OGDQu89v59D00U+vehrGdWpbNmyjnusTp06mvw/JJmWXAI6xfztkDoX2oeJ7XZ775bqmS/2 M5Low7ZTgICO04MtBBBAAAEEEEAAAQQI6HAPIIAAAggggEDQBQjoBL2HqF8xBQjoFFM7gtfa vXu3tnz5cu2HH34IbOvCGNAxQxH28EG5cuW0PXv2uHJ+/fXXHS+DpRwJ/eSzSN9u377dOvW7 775LetncrVs363u3K2EM6PjpKm7ff/+9Jv1s73cZZSOfZe/evUlT5tjL8foFu73sfNfdvqQ3 y3/mmWccVuImI5XkuowaNSqpnJdeeiltMV6ENtIWXsAXufqZlyp2+KDQe8/v59B0kU8v+lp+ H+3PtKy///779sukXH/ggQcc59lDmuvWrdN+/etfayNGjDDOLeZvh1yw0D5MbLDbe7dUz3yx n5FEH7adAgR0nB5sIYAAAggggAACCCBAQId7AAEEEEAAAQSCLkBAJ+g9RP2KKUBAp5jaEbiW vPR/+eWXtR49emj16tVzTNnRuHFj7aKLLtLuu+8+bceOHYFpbRgDOg899JDjxaz5cvff//63 K1d5eXXooYc6ymjZsqWrc+0Hffzxx0Yft2nTxr5bO/fccx1lH3jggZrcG7ksV199taMM+ccE t4vbl7mJ5RX6st1vV6mv+Y8qZp/L5yeffJLYlIzbn332mVa+fHntpJNOSntco0aNHP6PPPJI ymNvu+0247i+ffum/N7Lnbn2665du7SaNWs62iGhhVwXmT7O7l29enVNyk63FHofpSu30P25 +pnXK3b4oNB7rxjPoWlTaF9LXStVquS4v44++miz+IyfPXv2dJxnD+hIMFbu2apVq1plFOu3 Qy5YaB9alf7fitt7t1TPfLGfkUQftp0C8lzJvS/PgPx9hAUBBBBAAAEEEEAAgbgLmP//oPwb CQsCCCCAAAIIIBBEAQI6QewV6lQqAQI6pZIP4XVlRAkJ4dhfZFepUkWT8Mbpp5+uyZQd5ncn nniitmbNmkC00s+ATuJLfBltxjQwP+UFb67LE088kVSOlDdlypSURQ0fPlyrW7euNm/ePOv7 xNEX5PwZM2ZY37tZ6d69u1GPDh06OA5PNZ3K3/72N8cxmTb++9//am3btnW0MQwBHWmTn65S /syZMx0u0m/t2rXT5IWk20WmxZLzxDjd0rp1a8d1Ro4cmfLQSy65xDhu2LBhKb/3cqfbl/T2 a95+++2OdhxwwAHa2rVr7YdkXP/222+1ChUqOMqYOHFixnMKDW1kLLyAL/Pxk8sVO3zgxb3n 93NodkOhfb1y5UrHvSXPZa9evcziM34edthhjnOzBXSK9dshlfaiD+2Nz+XeLcUzX+xnxG7D erIAAZ1kE/YggAACCCCAAAIIxFuAgE68+5/WI4AAAgggEAYBAjph6CXqWCwBAjrFkg7xdWR6 IxkZR14smn8kMCBhDwlamIu8MJk6dapWv35947gmTZpo27ZtM78u2acfAR2ZXkReEo4ZM8bR LgkGmEbmZ7NmzRzHuNmQMJR5vv2zf//+KU83X5Y+/vjj1vf79+/XTjnlFEc58rJ58+bN1jGZ VqR/y5QpY5yfKrAgI5XY6yYvkzdu3JipSOs7CYPYz5X1M8880/o+28rgwYMd51922WXZTjG+ P/LIIx3nyWhQuS5+u0p9pD2JPg8//LCrqkpIq2zZssb5mc4xw1fmdWRUrFRLq1atjLJkahm/ l8R+lRFEsi0//vhj0jREEoCw/zZlKkOONQ3k0810bV7cR5nqlO93iX5unwv5XbEbnHHGGa6q sGDBAsd5UoZMtZRt8eLeK8ZzKO0otK8lxJk4go6be2zx4sVJtocccohF++mnnxrfJ/7XkcX4 7ZBKeNGHVmP0lVzu3VI888V+Ruw2rCcLENBJNmEPAggggAACCCCAQLwFCOjEu/9pPQIIIIAA AmEQIKAThl6ijsUSIKBTLOmQXkcCFxLGsb+8vffee9O2ZsSIEY5jZaSVUi9eBnTMYI5MrVC7 dm1t69atjubJVER2K1mXF6h79uxxHJdtQ4I+MkVRYlmJU01JORKCKleunHHsW2+95Sh62bJl xsg69nI6deqkbdmyxXFc4sb06dOtqYNkdKRUo7ds2LBBkxfG9rKPPfbYjKOXSGgicSQC8/zD Dz885XUS6ybbidNjnXfeeakOc+yTa8tUXOb15HPSpEmOY9xu+OkqdZD+EQ97XWvUqJF1BCSZ 2kqCcXKejGKVqt/MNo4aNcpRvtzP69evN782Pt99913rGLfTqzkKyHEjsV87duzoqgQJisi0 VHavyy+/XNu3b1/G8++//37HOQ0aNEgySCzAy/sosexCtxP93DwXcs1LL73U4eB2CqZXXnnF cZ74u5mOzat7z+/n0Ku+PuussxxOlStX1iRgk26R0ecSpygUWwlMrl692jht8uTJRplnn322 o5hi/HbIBb3qQ7Pyud67xXzmpY7FfkZMFz5TCxDQSe3CXgQQQAABBBBAAIH4ChDQiW/f03IE EEAAAQTCIkBAJyw9RT2LIUBApxjKIb3Gjh07tOOOO87xYvEvf/lL2tYsXLjQcay8ULzhhhvS Hl+sL7wI6JjBHHsAQKaVklEOPvroI02CMX/961+Tpv0wj5f/R/n555/X3nnnHeMF9n/+85+s zU81EoKMjCLXsy9333234S5BIBlZIHGR/9FLDHtIiENGO0oMMKxatUq7/vrrrX6sV6+eJlO0 pFu++eYbTV7mm+2UTxlxIlWYQwzN6ZLsx9vXZcQUeen//vvvazJdmLlIu+TFv+yXUWFkajX7 eRJmkilvJFAiL27lxbos0h7ZfvPNN7U+ffo4zpHzGzZsqI0dO1abPXu2JveJBFzcLn66Sh1k JJLjjz8+qc4y4ouEo+yLBOkmTJhgjdRRrVo1bdGiRfZDktYlXCb3jN1R+scc9UqmfjKn9+nS pUvS+V7syNavUrd+/foZ035J30ubEkNxZj0+/vhj7eCDD3a0RwIqS5YsMQ8xPvfu3Wv09QUX XOA4Vka6knsg1eLnfZTqem73ZfNL91xIH4vXe++9p40bN06rWLGiw0LcBw0apL399tvGcfLs mos8I+L04osvpvy9O+200zQJZsrv1BdffGGe5vj08t7z+jn0o6/FwwxRms+bjDhmn5LQBHrt tdc0c9Qq+Z1ODK5IwFJGIJPfLinrj3/8o3mq9en3b4dcqNA+zPfetRqpr/j5zJf6GbG3k/Vk AQI6ySbsQQABBBBAAAEEEIi3AAGdePc/rUcAAQQQQCAMAgR0wtBL1LFYAgR0iiUdwutcddVV jpe2v/vd7zK24rHHHnMcLy8PTz311IznFOPLQgI6ZjBHRswxX6yanxIgMddz/ZTRTbIt8oLw mGOOSbpGixYtjJff8oLzoYce0ipUqGAcI1NupVtkRIYrrrgi6SXxQQcdpJ177rmaTG90wgkn OK4l+2Ukn2yLhEV+85vfWNNhmRYy8o5MCyIj5kjAw6ynvKgeNmyYds011ziuZ55nfo4fP966 tIQzzP1uPiWEIcvNN9+c03nSz7ksfrpKPeQe6N27d9JoSjKShoRnOnfurB1xxBGONsoUc//8 5z9dNUOm+EoMZ8joHieffLI1Io2YuBkVxdUFEw7KtV+l72XqtXTLihUrNAl5mVN8mfdKy5Yt NfnHKpnyLXG6Ibkv77zzTk2mIkq3+H0fpbtutv25+pnPxaxZsxz3jOmU7lNGSzGXunXruj5X Ap7pFi/vPS+fQ7/6Wka8STUqmgSa+vbtq1133XWOwNNRRx2lyQhB8v+0JN7PZj9JGFICRakW v3875JqF9GG+925iW/165oPwjCS2le2fBQjo/GzBGgIIIIAAAggggAACIkBAh/sAAQQQQAAB BIIuQEAn6D1E/YopQECnmNohutaUKVMcL2Flep10I1eYzZLRGMwXh+anhAtKveQT0MkUzJG2 DRkyRNu/f78mL1HlhX+tWrU0mR5HRkVo2rSpMYqMvDyVP7It05XIaDTiKIEINwEdcRNzCbmk erFrGsunBGB2796dlVr+B1Cm/kkMZdjLkrpKOMYchSZrof87QEYqkRFY0r1MllDJL3/5S23u 3LnGGfaReuzXN9cTAzpSrowMI6OkiLOMeGL6ykgT4i9TWMl1zCDCxIkTjWCQuMv3MpKQeZ55 rrRXgkoyKo+Un8/ip6vUZ/ny5Uag6YADDkh6xkwvCU7ccsstWacvS2yfjOKROI2dWaaM0uFX OEfqIS/p7f0q/Wh/fqSvpK8ldCR9K+GuTAEds20ygpOExjJ5yXMr/4DlZtSkYt1HZv3dfib6 uX0uJHxgusvvkvm7Jd7iL8+JPC/y3Mhvjz2gI4ESCXHVqVNHa9y4sREQk/Pkj4TFZJ9Mlya+ Mi1QpsXre8+L59DPvpYwzT333KM1atQo7XMs9/nAgQM1GRXLXGT0NXswSkJlF154oasApZ+/ HVK/fPsw33vXNEn89PqZD8ozkthOtv+/AAEd7gQEEEAAAQQQQAABBJwCBHScHmwhgAACCCCA QPAECOgEr0+oUekEysil9ZexLAhYAvqLD6WHF5T+X6Zb+/TpTpQ+rYa1nWpFD3QofVQU9eST TypZb9OmjdKnQVH6C99Uhxdtnz7Vimrfvr1xPX0aIKWPVpD22vqoOOrBBx9U+jRKSh+hJuVx +otppb/0VPqL1JTf+7Hz888/V/pLWqVPxaT0aWPUli1blP4CXOmBF3X22WcrfRogpYcRXF9a DxcZbVi6dKnSp9uSoJ7SXxorPXCk2rZtq/SQi+uyEg/Ug0Lqq6++UlL2119/bdRTD8EY5eoB DOtwfSoXpb9UVXq4SelTLRmfsm7+Ed9C6mFdqIgrfrpKM/QpyYx+0/8iYxjLs6qHaJQesFD6 qDdKD1Pk3Vq5D/SRd5QeTjPuJX20GaWPqqT0MEDeZZb6RPGR3zG5F8VMtvVAitJDJErapwdN Sl1Frq8LeH3v+f0cFtppUj/57fvuu++MP5s2bVJ6IErpISelT2uX8n9b9uzZo/Qp3oxL66Nn Gb+TudTDz98OqYfXfZhL2+zH8szbNaK7Ln/HlL8jyN/T9NH+lPx9ggUBBBBAAAEEEEAAgTgL 6NN4K/0/aDL+fW3z5s1xpqDtCCCAAAIIIBBQAfk3ZPm3bVmGDx+uBg8eHNCaUi0E/BcgoOO/ ceiu8Oyzz6rLLrvMqreEJORFogQ43CwSHtmxY4c65JBD3Bzu+zFuAjpugjlmRe+77z511113 mZsl+ZSXkLLoI4qU5PpcFAEEEEAAAQQQKIUAAZ1SqHNNBBBAAAEEEEAAgSALENAJcu9QNwQQ QAABBBAQAQI63AcI/CxAQOdnC9b+JyAj3yxevNjyOOaYY5Q+fZG1HbaVTAGdXII50u5SjJ4T Nm/qiwACCCCAAAII+CVAQMcvWcpFAAEEEEAAAQQQCKsAAZ2w9hz1RgABBBBAID4CBHTi09e0 NLsAAZ3sRrE6QqZuSpySSqaEkqmhwrqkCujkGswx2x6E0XPMuvCJAAIIIIAAAgjETYCATtx6 nPYigAACCCCAAAIIZBMgoJNNiO8RQAABBBBAoNQCBHRK3QNcP0gCBHSC1BsBqMtjjz2m+vTp 46jJxIkT1XXXXWfsk6mVvvrqK/X5558b017Vq1dPNWvWTB111FHqwAMPdJwXlA17QOePf/yj krmYH374YfXjjz/mVEUZPWfFihWqevXqOZ3HwQgggAACCCCAAALeCBDQ8caRUhBAAAEEEEAA AQSiI0BAJzp9SUsQQAABBBCIqgABnaj2LO3KR4CATj5qET6nZ8+e6rnnnnO08Pnnn1eXXHKJ evnll9Udd9yhli5d6vheNipWrKguvfRS1b9/fyVTZAVpsQd0CqlXjx491EUXXVRIEZyLAAII IIAAAgggUICApmnqyiuvVLt371atW7c2/m5aQHGcigACCCCAAAIIIIBA6AUeeOABtXDhQlWl ShX1+OOPh749NAABBBBAAAEEoiXQokULVblyZdW8eXOjYcOHD1eDBw+OViNpDQI5CBDQyQEr DofKj6OkGO3LG2+8od58800l/8+eLBUqVFAnnniiatWqlfr+++/V7Nmz1b59+6xT+vXrpx58 8EFVvnx5a1+pVtavX68GDBigJk+eXKoqcF0EEEAAAQQQQAABBBBAAAEEEEAAAQQQQAABBBBA AAEEEEAgdgIy+EPv3r0J6MSu52lwOgECOulkYrq/du3axhRQ9ubL6DkvvPCCsUumuho9erTx X2SYx6xcuVJdfPHFasGCBeYudcYZZxgj7pR62qtt27apgQMHqkmTJll1YwUBBBBAAAEEEEAA AQQQQAABBBBAAAEEEEAAAQQQQAABBBBAwF8BAjr++lJ6+AQI6ISvz3yr8f79+42pqmTqgFTL yJEj1aBBg1J9pdatW6dOPvlk9c0331jfy5RQidNlWV8WccU+xdUBBxyg9uzZk9fVZfqvyy+/ PK9zOQkBBBBAAAEEEECgcAH5e6oEw2WKKxnRcejQoYUXSgkIIIAAAggggAACCIRYQP5OLP/+ WbVqVes/sgxxc6g6AggggAACCERMoGnTpqpMmTKMoBOxfqU5+QsQ0MnfLnJnrl27VjVo0CBl u84//3w1ffr0lN+ZO//1r3+pY4891tw0PmXkmmuuucaxr9gb9oCOTNMlL3TGjBmjNm3alFNV atSooVasWKFq1aqV03kcjAACCCCAAAIIIOCNwH//+18lIzT++OOP6txzz1WvvfaaNwVTCgII IIAAAggggAACIRW44IIL1IwZM1TNmjWTRkYPaZOoNgIIIIAAAghETOA///kPAZ2I9SnNyV+A gE7+dpE7U6aqatKkScp2ScjlpJNOSvmdfWfbtm3VwoULrV3169dX3333nSpfvry1r9gr9oDO hAkTVN++fZVMfTV+/PicgzpDhgzhv9QudgdyPQQQQAABBBBA4H8CBHS4FRBAAAEEEEAAAQQQ cAoQ0HF6sIUAAggggAACwRMgoBO8PqFGpRMgoFM6+8BdecuWLSlHh+nYsaOaM2eOq/rec889 atiwYY5jp0yZon7961879hVzI1VAx7x+rkEdRtEx5fhEAAEEEEAAAQSKL0BAp/jmXBEBBBBA AAEEEEAg2AIEdILdP9QOAQQQQAABBJQioMNdgMDPAgR0fraI/Zq88JCRbjRNc1gMHDhQjRo1 yrEv3ca8efPUaaed5vj6wgsvVNOmTXPsK+ZGpoCOWY9cgjp33313UgjJLIdPBBBAAAEEEEAA Af8ECOj4Z0vJCCCAAAIIIIAAAuEUIKATzn6j1ggggAACCMRJgIBOnHqbtmYTIKCTTShm38sI MRJWsS+TJk1S11xzjX1X2vV///vf6phjjnF837x5c7V06VLHvmJuuAnomPVxE9RhFB1Ti08E EEAAAQQQQKC4AgR0iuvN1RBAAAEEEEAAAQSCL0BAJ/h9RA0RQAABBBCIuwABnbjfAbTfLkBA x67Bujr00EPVd99955CYPXu2OvPMMx370m0sX75cNW3a1PF1pUqV1M6dO1WZMmUc+4u1kUtA x6xTtqDOgAED1OjRo83D+UQAAQQQQAABBBAoggABnSIgcwkEEEAAAQQQQACBUAkQ0AlVd1FZ BBBAAAEEYilAQCeW3U6j0wgQ0EkDE9fdHTt2VO+8846j+R9++KFq166dY1+6jdWrV6tGjRol fb1+/XpVt27dpP3F2JFPQMesV6agzqZNm1StWrXMQ/lEAAEEEEAAAQQQ8FmAgI7PwBSPAAII IIAAAgggEDoBAjqh6zIqjAACCCCAQOwECOjErstpcAYBAjoZcOL41cCBA9UDDzzgaHouI+jI 6DsyCk/iUsowSyEBHbMdZlDn7rvvNncpWR82bJi1zQoCCCCAAAIIIICAvwIEdPz1pXQEEEAA AQQQQACB8AkQ0Alfn1FjBBBAAAEE4iZAQCduPU57MwkQ0MmkE8PvpkyZon7zm984Wv7cc8+p Hj16OPal27D/wJrHVKtWTW3fvt3cLPqnFwEds9JmUGfMmDHqp59+UitWrGAUHROHTwQQQAAB BBBAwGcBAjo+A1M8AggggAACCCCAQOgECOiErsuoMAIIIIAAArETsL8/Hj58uBo8eHDsDGgw AqYAAR1Tgk9DINUIOPfdd5+66667XAktXrxYtWnTxnFsq1at1L/+9S/HvmJueBnQMettBnUk fNS/f39zN58IIIAAAggggAACPgoQ0PERl6IRQAABBBBAAAEEQilAQCeU3UalEUAAAQQQiJUA AZ1YdTeNzSJAQCcLUBy/7tixo3rnnXespl9yySXq+eeft7Yzrfztb39TvXr1chxy3XXXqYkT Jzr2FXPDj4COWf99+/apChUqmJt8IoAAAggggAACCPgoQEDHR1yKRgABBBBAAAEEEAilAAGd UHYblUYAAQQQQCBWAgR0YtXdNDaLAAGdLEBx/FqmtOrZs6fV9Lp166rVq1e7CqLIVFgvvPCC da6sfPjhh6pdu3aOfcXc8DOgU8x2cC0EEEAAAQQQQCDuAgR04n4H0H4EEEAAAQQQQACBRAEC OokibCOAAAIIIIBA0AQI6AStR6hPKQUI6JRSP6DX3rt3r2ratKlatWqVVcOXXnpJXXTRRdZ2 qhUZTeaggw5SW7dutb4+55xz1KxZs6ztUqwQ0CmFOtdEAAEEEEAAAQS8FyCg470pJSKAAAII IIAAAgiEW4CATrj7j9ojgAACCCAQBwECOnHoZdroVoCAjlupmB0noZpzzz3XanXDhg2VBF0a NWpk7Utcueuuu9T9999v7a5Zs6b67LPPVOPGja19pVghoFMKda6JAAIIIIAAAgh4L0BAx3tT SkQAAQQQQAABBBAItwABnXD3H7VHAAEEEEAgDgIEdOLQy7TRrQABHbdSMTzuhhtuUBMnTrRa fsIJJ6i5c+eqqlWrWvvMlSeffFJdffXVSl6ayFK5cmVj5JxTTz3VPKRknwR0SkbPhRFAAAEE lXsa7gAAQABJREFUEEAAAU8FCOh4yklhCCCAAAIIIIAAAhEQIKATgU6kCQgggAACCERcgIBO xDuY5uUkQEAnJ654HSwvQCSkM2nSJKvhMhrO4MGDlQRvatSooT7//HPj+ylTpljH1K1bV73w wguqY8eO1r5SrhDQKaU+10YAAQQQQAABBLwTIKDjnSUlIYAAAggggAACCERDgIBONPqRViCA AAIIIBBlAQI6Ue5d2parAAGdXMViePzDDz+shgwZojZu3Ji19TIt1l//+ld1yCGHZD22WAcQ 0CmWNNdBAAEEEEAAAQT8FSCg468vpSOAAAIIIIAAAgiET4CATvj6jBojgAACCCAQNwECOnHr cdqbSYCATiYdvrMEtm7dqp5++mk1c+ZMtXjxYrVhwwZVtmxZ1bRpU9WiRQvjz8UXX6xkGqyg LQR0gtYj1AcBBBBAAAEEEMhPQAI6Morjjh07lATDX3vttfwK4iwEEEAAAQQQQAABBCIiQEAn Ih1JMxBAAAEEEIiwAAGdCHcuTctZgIBOzmScIALyckTTNFWuXLnAgxDQCXwXUUEEEEAAAQQQ QMCVAAEdV0wchAACCCCAAAIIIBAjAQI6MepsmooAAggggEBIBQjohLTjqLYvAgR0fGGl0CAJ ENAJUm9QFwQQQAABBBBAIH8BAjr523EmAggggAACCCCAQDQFCOhEs19pFQIIIIAAAlESIKAT pd6kLYUKENApVJDzAy9AQCfwXUQFEUAAAQQQQAABVwIEdFwxcRACCCCAAAIIIIBAjAQI6MSo s2kqAggggAACIRUgoBPSjqPavggQ0PGFlUKDJEBAJ0i9QV0QQAABBBBAAIH8BQjo5G/HmQgg gAACCCCAAALRFCCgE81+pVUIIIAAAghESYCATpR6k7YUKkBAp1BBzg+8AAGdwHcRFUQAAQQQ QAABBFwJENBxxcRBCCCAAAIIIIAAAjESIKATo86mqQgggAACCIRUgIBOSDuOavsiQEDHF1YK DZIAAZ0g9QZ1QQABBBBAAAEE8hcgoJO/HWcigAACCCCAAAIIRFOAgE40+5VWIYAAAgggECUB AjpR6k3aUqgAAZ1CBTk/8AIEdALfRVQQAQQQQAABBBBwJUBAxxUTByGAAAIIIIAAAgjESICA Tow6m6YigAACCCAQUgECOiHtOKrtiwABHV9YKTRIAgR0gtQb1AUBBBBAAAEEEMhfgIBO/nac iQACCCCAAAIIIBBNAQI60exXWoUAAggggECUBAjoRKk3aUuhAgR0ChXk/MALENAJfBdRQQQQ QAABBBBAwJWAPaDTuXNn9frrr7s6j4MQQAABBBBAAAEEEIiqAAGdqPYs7UIAAQQQQCA6AgR0 otOXtKRwAQI6hRtSQsAFCOgEvIOoHgIIIIAAAggg4FKAgI5LKA5DAAEEEEAAAQQQiI0AAZ3Y dDUNRQABBBBAILQCBHRC23VU3AcBAjo+oFJksAQI6ASrP6gNAggggAACCCCQrwABnXzlOA8B BBBAAAEEEEAgqgIEdKLas7QLAQQQQACB6AgQ0IlOX9KSwgUI6BRuSAkBFyCgE/AOonoIIIAA AggggIBLAQI6LqE4DAEEEEAAAQQQQCA2AgR0YtPVNBQBBBBAAIHQChDQCW3XUXEfBAjo+IBK kcESIKATrP6gNggggAACCCCAQL4CBHTyleM8BBBAAAEEEEAAgagKENCJas/SLgQQQAABBKIj QEAnOn1JSwoXIKBTuCElBFyAgE7AO4jqIYAAAggggAACLgUI6LiE4jAEEEAAAQQQQACB2AgQ 0IlNV9NQBBBAAAEEQitAQCe0XUfFfRAgoOMDKkUGS4CATrD6g9oggAACCCCAAAL5ChDQyVeO 8xBAAAEEEEAAAQSiKkBAJ6o9S7sQQAABBBCIjgABnej0JS0pXICATuGGlBBwAQI6Ae8gqocA AggggAACCLgUIKDjEorDEEAAAQQQQAABBGIjQEAnNl1NQxFAAAEEEAitAAGd0HYdFfdBgICO D6gUGSwBAjrB6g9qgwACCCCAAAII5CtAQCdfOc5DAAEEEEAAAQQQiKoAAZ2o9iztQgABBBBA IDoCBHSi05e0pHABAjqFG1JCwAUI6AS8g6geAggggAACCCDgUoCAjksoDkMAAQQQQAABBBCI jQABndh0NQ1FAAEEEEAgtAIEdELbdVTcBwECOj6gUmSwBAjoBKs/qA0CCCCAAAIIIJCvAAGd fOU4DwEEEEAAAQQQQCCqAgR0otqztAsBBBBAAIHoCBDQiU5f0pLCBQjoFG5ICQEXIKAT8A6i eggggAACCCCAgEsBAjouoTgMAQQQQAABBBBAIDYCBHRi09U0FAEEEEAAgdAKENAJbddRcR8E COj4gEqRwRIgoBOs/qA2CCCAAAIIIIBAvgIEdPKV4zwEEEAAAQQQQACBqAoQ0Ilqz9IuBBBA AAEEoiNAQCc6fUlLChcgoFO4ISUEXICATsA7iOohgAACCCCAAAIuBQjouITiMAQQQAABBBBA AIHYCBDQiU1X01AEEEAAAQRCK0BAJ7RdR8V9ECCg4wMqRQZLgIBOsPqD2iCAAAIIIIAAAvkK ENDJV47zEEAAAQQQQAABBKIqQEAnqj1LuxBAAAEEEIiOAAGd6PQlLSlcgIBO4YaUEHABAjoB 7yCqhwACCCCAAAIIuBSQgE7NmjXV9u3bVefOndXrr7/u8kwOQwABBBBAAAEEEEAgmgIEdKLZ r7QKAQQQQACBKAkQ0IlSb9KWQgUI6BQqyPmBFyCgE/guooIIIIAAAggggIArAQI6rpg4CAEE EEAAAQQQQCBGAgR0YtTZNBUBBBBAAIGQChDQCWnHUW1fBAjo+MJKoUESIKATpN6gLggggAAC CCCAQP4CBHTyt+NMBBBAAAEEEEAAgWgKENCJZr/SKgQQQAABBKIkQEAnSr1JWwoVIKBTqCDn B16AgE7gu4gKIoAAAggggAACrgQI6Lhi4iAEEEAAAQQQQACBGAkQ0IlRZ9NUBBBAAAEEQipA QCekHUe1fREgoOMLK4UGSYCATpB6g7oggAACCCCAAAL5CxDQyd+OMxFAAAEEEEAAAQSiKUBA J5r9SqsQQAABBBCIkgABnSj1Jm0pVICATqGCnB94AQI6ge8iKogAAggggAACCLgSIKDjiomD EEAAAQQQQAABBGIkQEAnRp1NUxFAAAEEEAipAAGdkHYc1fZFgICOL6wUGiQBAjpB6g3qggAC CCCAAAII5C9AQCd/O85EAAEEEEAAAQQQiKYAAZ1o9iutQgABBBBAIEoCBHSi1Ju0pVABAjqF CnJ+4AUI6AS+i6ggAggggAACCCDgSoCAjismDkIAAQQQQAABBBCIkQABnRh1Nk1FAAEEEEAg pAIEdELacVTbFwECOr6wUmiQBAjoBKk3qAsCCCCAAAIIIJC/AAGd/O04EwEEEEAAAQQQQCCa AgR0otmvtAoBBBBAAIEoCRDQiVJv0pZCBQjoFCrI+YEXIKAT+C6igggggAACCCCAgCsBe0Dn nHPOUbNmzXJ1HgchgAACCCCAAAIIIBBVAQI6Ue1Z2oUAAggggEB0BAjoRKcvaUnhAgR0Cjek hIALENAJeAdRPQQQQAABBBBAwKUAAR2XUByGAAIIIIAAAgggEBsBAjqx6WoaigACCCCAQGgF COiEtuuouA8CBHR8QKXIYAkQ0AlWf1AbBBBAAAEEEEAgXwECOvnKcR4CCCCAAAIIIIBAVAUI 6ES1Z2kXAggggAAC0REgoBOdvqQlhQsQ0CnckBICLkBAJ+AdRPUQQAABBBBAAAGXAgR0XEJx GAIIIIAAAggggEBsBAjoxKaraSgCCCCAAAKhFSCgE9quo+I+CBDQ8QGVIoMlQEAnWP1BbRBA AAEEEEAAgXwFCOjkK8d5CCCAAAIIIIAAAlEVIKAT1Z6lXQgggAACCERHgIBOdPqSlhQuQECn cENKCLgAAZ2AdxDVQwABBBBAAAEEXAoQ0HEJxWEIIIAAAggggAACsREgoBObrqahCCCAAAII hFaAgE5ou46K+yBAQMcHVIoMlgABnWD1B7VBAAEEEEAAAQTyFSCgk68c5yGAAAIIIIAAAghE VYCATlR7lnYhgAACCCAQHQECOtHpS1pSuAABncINKSHgAgR0At5BVA8BBBBAAAEEEHApQEDH JRSHIYAAAggggAACCMRGgIBObLqahiKAAAIIIBBaAQI6oe06Ku6DAAEdH1ApMlgCBHSC1R/U BgEEEEAAAQQQyFeAgE6+cpyHAAIIIIAAAgggEFUBAjpR7VnahQACCCCAQHQECOhEpy9pSeEC BHQKN6SEgAsQ0Al4B1E9BBBAAAEEEEDApQABHZdQHIYAAggggAACCCAQGwECOrHpahqKAAII IIBAaAUI6IS266i4DwIEdHxApchgCRDQCVZ/UBsEEEAAAQQQQCBfAQI6+cpxHgIIIIAAAggg gEBUBQjoRLVnaRcCCCCAAALRESCgE52+pCWFCxDQKdyQEgIuQEAn4B0Uw+rt379flS9fPueW //TTT6pcuXI5n8cJCCCAAAIIREWAgE5UepJ2IIAAAggggAACCHglQEDHK0nKQQABBBBAAAG/ BAjo+CVLuWEUIKATxl6jzjkJENDJiYuDfRaYO3eu6tSpk3GVypUrqwMOOEBVrFhRlS1bVpUp U8a6uqZpSgI5e/bsMf7s2rVL1a9fX3311VeqatWq1nGsIBAkgffee0+9//77qkGDBqpr166q Tp06QaoedUEAgQgIENCJQCfSBAQQQAABBBBAAAFPBQjoeMpJYQgggAACCCDggwABHR9QKTK0 AgR0Qtt1VNytAAEdt1IcVwyBp59+Wv3+97/P+1Lr1q1TBx98cN7ncyICfgkMHz5cDRkyxCq+ Zs2aSgI7rVq1svaxggACCBQqQECnUEHORwABBBBAAAEEEIiaAAGdqPUo7UEAAQQQQCB6AgR0 otentCh/AQI6+dtxZkgECOiEpKNiUs1t27aptWvXKhkRZ8eOHeqLL75QDz74oPryyy+TBGQE kquuuko1bNhQVatWTVWoUEE1bdqUaa6SpNhRaoGdO3eqGjVqKJm+zb707NlT/eMf/7DvYh0B BBAoSICATkF8nIwAAggggAACCCAQQQECOhHsVJqEAAIIIIBAxAQI6ESsQ2lOQQIEdAri4+Qw CBDQCUMvxbuOr776qjEdkF1Bpr7asmWLqlSpkn13INcHDx6sPv30U9W3b1/VuXPnQNaRSqUX 8KL/li5dqlq0aJF0kY4dO6o5c+Yk7WcHAgggkK+ABHRq1aqlJPB6zjnnqFmzZuVbFOchgAAC CCCAAAIIIBAJAQI6kehGGoEAAggggECkBQjoRLp7aVyOAgR0cgTj8PAJENAJX5/FrcaLFy9W bdq0cTS7fv36as2aNY59Qd2QYIYENB599FHVp0+foFaTeqUR8KL/9u7da7wwl5F07Eu/fv3U 2LFj7btYRwABBAoSIKBTEB8nI4AAAggggAACCERQgIBOBDuVJiGAAAIIIBAxAQI6EetQmlOQ AAGdgvg4OQwCBHTC0EvxruNnn32mWrdu7UCQaa2+//57x76gblSpUsWYsouATlB7KHO9vOq/ UaNGqTvuuMO6WPXq1ZX8/h599NHWPlYQQACBQgUI6BQqyPkIIIAAAggggAACURMgoBO1HqU9 CCCAAAIIRE+AgE70+pQW5S9AQCd/O84MiQABnZB0VIyrGeaAzqpVq1Tjxo2N3iOgE76b2Ov+ W7RokTHdTNWqVVW3bt1UkyZNwodCjRFAINACBHQC3T1UDgEEEEAAAQQQQKAEAgR0SoDOJRFA AAEEEEAgJwECOjlxcXDEBQjoRLyDaZ4yRnBo3769QTFhwgTVt29fWBAIlECYAzojR45Ud955 p+FJQCdQt5WrytB/rpg4CAEEAiRAQCdAnUFVEEAAAQQQQAABBAIhQEAnEN1AJRBAAAEEEEAg gwABnQw4fBU7AQI6sevy+DWYEXTi1+dha3FYAzrykrRZs2ZqxYoVBjkBnXDdefRfuPqL2iKA wP8XIKDDnYAAAggggAACCCCAgFOAgI7Tgy0EEEAAAQQQCJ4AAZ3g9Qk1Kp0AAZ3S2XPlIgkQ 0CkSNJfJWyCsAZ3nnntO9ezZ02o3AR2LIhQr9F8ouolKIoBAggABnQQQNhFAAAEEEEAAAQRi L0BAJ/a3AAAIIIAAAggEXoCATuC7iAoWUYCAThGxuVRpBAjolMadq7oXCGNAZ86cOapr165q 9+7dVkMJ6FgUgV+h/wLfRVQQAQTSCBDQSQPDbgQQQAABBBBAAIHYChDQiW3X03AEEEAAAQRC I0BAJzRdRUWLIEBApwjIXKK0AgR0SuvP1bMLeBnQkReXmzdvVhs3blQHHXSQqlWrVlIF9u/f r5YvX64qV66sDjnkEFWmTJmkYzLtmDlzpurRo4f68ccfHYd5HdBZs2aN+vzzz9X333+vduzY oWrUqKEOP/xwdcopp+RcZ6nonj171IYNG9QBBxyg6tat66i7bHz33XdG4KhJkyaqYsWKSd+n 27Fs2TK1atUqtXr1arVlyxZVv3591bRpU3XEEUeo6tWrpzstr/2aphkmK1euVOKzb98+dfDB B6sGDRoYf6Tu2ZZi9N+2bdsMa3GUeyzXRe7jJUuWGH0i7axQoYJq3ry5atGihapZs2auxTmO L8Yz4rggGwgg4KkAAR1POSkMAQQQQAABBBBAIAICBHQi0Ik0AQEEEEAAgYgLENCJeAfTvJwE COjkxMXBYRQgoBPGXotXnfMN6EiA4Q9/+IMRxpHgiYRyJJwjLy9lsQdmVqxYoe6//361YMEC I+Cxd+9e4xgJ6UiY5IwzzlDDhg1LGeiRAyWEMn78ePXee++pRYsWGecm/p/jjz9eHXbYYYm7 je2TTjpJ3XXXXSm/S9wpUy/JtebPn68kkJK4NG7cWP32t79Vl19+uWrVqlXi18b2U089paQc cTFtJOQjy6GHHqq+/fZbY12CNbfffrt644031KZNm4x9Eiq58sor1dixY40wj7Ez4f+sX79e TZo0SU2ePFl9+eWXCd/+vCmut956qzHaUK5BqJ9LUeqHH35QI0aMUC+99JIRBrJ/Z1+XEEvv 3r1Vr169jKCQ+Z1f/bd9+3bjWnLvyR+xFkcJDski/SRGbhcJYw0fPlxNmzZNrVu3LuVpEkaS 9km/1a5dO+Ux5s5iPiPmNflEAAF/BewBnbPPPtv4/fb3ipSOAAIIIIAAAggggECwBQjoBLt/ qB0CCCCAAAIIKEVAh7sAgZ8FCOj8bMFaRAUI6ES0YyPUrHwDOhIq6dy5c1oJCehI0EQCD6NG jbKmozJHkJERX+wBGBmJ5YknnjDCJImFTp8+XXXr1i1xt+ttOffll1/OeLyEi66//nr1/PPP W8cdeOCB6tRTTzVGA5JRf/75z38qGQHIXMaNG6duvvlmc9P67NevnxHysXbYVqpWrWqMyDNj xgzVs2dPY932tbUqIRAJ+iQu8hfJc889V0noSRYJObVv394Y4UU8//Wvf6mPP/5YmSEoOaZl y5ZKRq5JF2CSY9Itr7zyiurTp48R0rEfI6PlSEBp586d6tNPPzXCWeb30pdvvfWWOuaYY4xd fvWfBHJkpKZ0Sy4BHQny3HTTTcYoRGZ59erVM2wliCMhI+l/M4Am98Ytt9yiBg0aZPSBeY79 s5jPiP26rCOAgH8CBHT8s6VkBBBAAAEEEEAAgXAKENAJZ79RawQQQAABBOIkQEAnTr1NW7MJ ENDJJsT3oRcgoBP6Lox8A/IN6MjILTLSzNatW9Xbb79tTLFkx5IRXuT+f/zxx43dEua57777 VOvWrVX58uWNIIQEP6ZMmWKdZgYhEqfGkr88Pfvss9ZxsjJ69GglI6iYyy9+8Qt1zjnnmJuO zwsvvFDJCDvpljlz5qgrrrjCmM5KjilbtqwRSpFwkT0AsnTpUiN09MEHH1hFPfjgg8YoNdYO fUVGmpk1a5YxDdTs2bONEIv5vQR05s6dq0477TRjmq527doZbbn33nuNUIt5XKVKlQwjCTSZ i4SDZASftWvXGrtk2i0Z9UXKtC9Sz+uuu069++671m6Z8kqu26hRI2tfphUZ8ad///5W/8mx 5cqVU4MHDzaCLHXq1LFOlxfWEia66qqrrH1yHZm2S0bu8av/ZJqzO++807gPpG0SorIvbgI6 MhqRWE2dOtU6tXv37uqhhx5KCjTJ1F4SyrEfKwEuCSBJXyQuxXxGEq/NNgII+CNAQMcfV0pF AAEEEEAAAQQQCK8AAZ3w9h01RwABBBBAIC4CBHTi0tO005WA/l/7syAQaYEPP/xQ5sgx/kyY MCHSbaVx4RTQRz+x7lHzXm3YsGFOjdmzZ4/WrFkzRzn6aC3Gth4w0fRwTcry9MCJ1qJFC8d5 +pRMKY9N3Cl1NOsrn/qIPYmHuNr++uuvtSpVqlhl6YESTQ+bpD13zZo1Wt26da3j5dr66Dxp j1+8eLGmB36s4/URb7Rjjz3W2NZHoNH0gJNx7oknnmgdI2XqISbrO7Pwd955x3GMHKcHocyv HZ9iq4+s4zhen4JK00MtjuPSbeiBKse5euBG00Mw6Q7X9H+QcxwvdVu4cGHa473qP/MCP/30 k9amTRtHHfSAjvl1yk99lCHHOdL3Q4YM0fQX8CmPl51ynRtvvNFxHT10ltRXiQWU4hlJrAPb CCBQuID8BugjaBm/AfoUV4UXSAkIIIAAAggggAACCIRc4Pzzzzf+flyzZs2Qt4TqI4AAAggg gEBUBfT/mNb6N339P8yOajNpFwKuBGR6ExYEIi1AQCfS3RuJxnkR0BEIfTor6y84Es4w/4wZ Myaj04gRI6xj5Zzjjjsu4/Hml14FPDp16uS4fu/evc1LpP2UQI7ZPvnUR+9Je6x8oU+V5Dhe ztGngdK++eYb6zx9JBjHMRdddJH1nbkybNgwxzFSzuWXX25+nfSpj6SjVaxY0XGOmyDT008/ 7ThHrqOPCJRUvn2HPkJR0jn66Ej2QxzrXvWfvVB9ajFHHbIFdPRRixzH33PPPfbiMq7rU5s5 znVz3xT7GcnYAL5EAIG8BAjo5MXGSQgggAACCCCAAAIRFiCgE+HOpWkIIIAAAghERICATkQ6 kmZ4IsAUV/pbT5ZoCzDFVbT7Nwqty3eKq8S2DxgwQOlhHMdumdbqtddeM6Y5cnxh29DDLkoP o1h7qlWr5pi6yvoiYUWmUFq9erW1Vw+eGNNSWTtcrDz22GOOc2QKJ5mWqUGDBlnP/uUvf6n+ +c9/WsfJtFcnn3yytW1f0UeuMaZ5su9LnBpLpq8aN26cmj9/vpJpr3r16qX0EI/9FPX3v//d mIrLvnPkyJFq0KBB9l2OdamTHhS09sl0X9OmTbO2E1d++OEHpY9qpDZt2mR9ddZZZ6k333zT 2k61cvXVVzumw9JHCjKm+Eo19ZOc70X/JdZDD9goPcRk7c40xZU+spHhvG/fPuN4fVQktWLF CiX3n5tFfA499FBjmjLz+BkzZqiuXbuam0mfxX5GkirADgQQKFiAKa4KJqQABBBAAAEEEEAA gYgJMMVVxDqU5iCAAAIIIBBBAaa4imCn0qS8BQjo5E3HiWERIKATlp6Kbz29CujoU1Ophx56 yAE5c+ZM1aVLF8e+xI33339fdejQwbF748aNqnbt2o59iRuFBjx27typ9FFclD7FlFX0mWee qWbPnm1tZ1pJDIPcdttt6oEHHkh5ytFHH630hLb1nT7llVq5cqURUrF2uljZsmWL0kf8UYsW LTKOPuqoo9S7776r6tevn/bsa6+9Vkl4yVz0EYqUPmqSuZn0+bvf/U5NnjzZ2q9P+6Q++eQT pU8fZe1LtSLBnssuu0zp02CpI488Ut1+++3q97//fapDjX2F9l+qgvURcdTQoUOtrzIFdKQ9 EtIxl6uuukpJYCuXpWfPnuq5556zTpH7eN68edZ24kqxn5HE67ONAAKFCxDQKdyQEhBAAAEE EEAAAQSiJUBAJ1r9SWsQQAABBBCIogABnSj2Km3KV4CATr5ynBcaAQI6oemq2FbUz4DOmjVr MoZHBH3hwoWqbdu2Dn835xUa8HjllVeUjCZjX/70pz8ZwRL7vnTrEkQ5/fTTra9/9atfqf/7 v/+ztu0riQGdjh07qjlz5tgPcb2+Z88etWDBAlW+fPm0I/bYC5PQlARDzKVp06Zq2bJl5qbj U0JLMpLMrl27rP1S9y+++MLa9mql0P5LVQ+3AZ1U99xTTz1ljFqUqtx0+/7yl7+ovn37Or6W IJYEp1ItqQI6bu71VPV1c16qOrAPAQQKEyCgU5gfZyOAAAIIIIAAAghET4CATvT6lBYhgAAC CCAQNQECOlHrUdpTiAABnUL0ODcUAgR0QtFNsa6kXwEdmSbKPgVVOuR8wweFBjxuuukm9ec/ /9lRrSlTpjim23J8mbAhI8bICDzmIiOySFtSLYkBnUyj7aQ63+0+GZXnq6++UuvXrzf+SB1l hB37qC6ZAjqvvvpq0hRNvXv3Vk888YTbKrg+rtD+S3UhtwGdxOOkLDFKHMkp1TXs+2RKK/mH SPsyatQoNXDgQPsuaz0xoOP3M2JdmBUEEPBMgICOZ5QUhAACCCCAAAIIIBARAQI6EelImoEA AggggECEBQjoRLhzaVrOAgR0cibjhLAJENAJW4/Fr75+BXTOOOMM9fbbb2cFLVVAp1u3bmr6 9OlZ6+f2gMaNGxvTVqU6PjGgM2bMGNW/f/9Uh+a0b/PmzWratGlq6tSpav78+WrDhg1Zz88U 0Bk7dqy65ZZbHGWMGDFC/eEPf3Ds82KjlAGdHj16qBdeeMHRjEwj3zgOtG1IqOe0006z7VFK phR75JFHHPvMjcSAjt/PiHldPhFAwDsBAjreWVISAggggAACCCCAQDQECOhEox9pBQIIIIAA AlEWIKAT5d6lbbkKENDJVYzjQydAQCd0XRa7CvsV0OnUqZN66623snqWKqDTrl07Y6ooewXr 16+v6tSpY9/lal2mm5JpqyR4k2pJDOhIOOQ3v/lNqkNd7ZORcYYMGWKMbLNv3z7HOTIqy8kn n6xOOOEEY4QfCfDYg0iZAjp33HGHkhFg7IuMMnTjjTfad3myXsqAzqmnnqree+89RzuWL1+u Dj/8cMe+bBuLFy9WMnKSfencubN6/fXX7bus9cSAjt/PiHVhVhBAwDMBAjqeUVIQAggggAAC CCCAQEQECOhEpCNpBgIIIIAAAhEWIKAT4c6laTkLENDJmYwTwiZAQCdsPRa/+sY1oCMhlg8/ /NDR4cuWLVMSYPF6SQzoSGDm/PPPz+syTz/9tLr55pvVtm3bHOdLe+68805jyqUyZcpY340f P17169fP2s4U0JGpt0aPHm0dKytRDOi0bds2aTqyJUuWqGOOOcbR9mwbCxYsUBL0si8XXnih MaqRfZ+5TkDHlOATgfAKENAJb99RcwQQQAABBBBAAAF/BAjo+ONKqQgggAACCCDgnQABHe8s KSn8AgR0wt+HtCCLAAGdLEB8XXKBqAd0ZOonCeK0bt1ayZRC5pJqmiM5tn379uYhnn16FdCZ MGGCEbbRNM2q2xFHHKEee+wxYwQfa6dtJZeAzrhx45Km3ho2bJi6++67bSV6s+p2BJ10/Zeq Fvfee68aOnSo9dVvf/tbNXnyZGvbXEk1vZlMV9WhQwfzEFefs2fPVmeffbbj2O7duxtTjjl2 /m+DgE4qFfYhEC4BAjrh6i9qiwACCCCAAAIIIOC/AAEd/425AgIIIIAAAggUJkBApzA/zo6Y gP6SkQWBSAvowQB5k2780V+uR7qtNC6cAp9++ql1j5r3asOGDXNuzIABAxzl6NP3uCrjk08+ cZwndVizZk3Wc6WOZn3l89FHH015jh4uMY7Tp2lyfD9w4EDH+VKGPvWU4xivNpo3b+64lj6C Ts5F6yO8aGXLlnWUo0/HpX355ZcZy9JDN45z9BF00h6vT4flOFZMrrzyyrTHF/JFof2X6tr3 3HOPo/56QCfVYdpNN93kOE7amU+fvPjii0nlSNnplmI/I+nqwX4EEMhf4KefftIOPPBA49nX A3r5F8SZCCCAAAIIIIAAAghEREAfIdj4+3HNmjUj0iKagQACCCCAAAJRE5D3KPIeQP4MHz48 as2jPQjkJKByOpqDYyNw++23a/o0IdrUqVND32YCOqHvwsg3IK4Bnddff936C5n5FzN9hJO8 +vuHH37Qtm/fnvZcLwI6+qgvSfV9//33017T/OKBBx5wnGcP6Kxbt0779a9/rY0YMcI4/Pvv v9fKlSvnOF4foccsKqfPvXv3avpIE2nPKWVA55lnnnG0UfpfH2kobV3TfTFq1Kikcl566aV0 h2sEdNLS8AUCoREgoBOarqKiCCCAAAIIIIAAAkUSIKBTJGgugwACCCCAAAJ5CxDQyZuOEyMo wBRX+ltBlmSBgw46SG3YsEHVqlVLXXfdderYY49V+stcpf8Xy6pKlSqqQoUKSn+JnHxihj1N mjTJ8K1/XzHFlX+2lOyNQFinuDrkkEOUHiixEB555BF17bXXWtvmih74Uw8++KDq27evkimi zEWmKTn88MPVypUrzV2qZcuW6t///re17WZFHwFInXTSSer4449XCxcuTHlKoVNcSV2rVq2q du/ebZUvZX7xxRfWdrqVyy67TD377LPW13pARy1btszYXrFihZIpsqTsHTt2GPvMoamtE/QV aeMJJ5xg35VxXR/txzi+TZs2Sn4DUy2F9l+qMt1OcSWODRo0UFu2bLGK0YNKasqUKda2m5Wu XbuqV1991Tq0evXqSg9rqUqVKln77CtMcWXXYB2BcArI73Ht2rXV1q1bjSnu3njjjXA2hFoj gAACCCCAAAIIIOCRgPnvCPoIOmrz5s0elUoxCCCAAAIIIICAdwJMceWdJSVFQCCCoSOaVKCA jESh39qe/5k4cWKBNcvvdEbQyc+Ns4onENYRdFq3bu34nRg5cmRKtEsuucQ4btiwYUnfJ44u I789M2bMSDou047u3bsb5Xfo0CHtYYWOoKOHiBxtlXr26tUr7fXsXxx22GGOc+0j6Cxfvtz4 Tg/oWKfMnDnTcbxcq127dpqMGuF2kWmx5Ly2bdumPcWL/kss3O0UV3KejNQmdTT/HHDAAdra tWsTi0y7/e2332p6WNQ6X8rJ9r8zjKCTlpMvEAiNgPwW1qhRw3j2meIqNN1GRRFAAAEEEEAA AQR8FGAEHR9xKRoBBBBAAAEEPBFgBB1PGCkkIgJMcRWRjvSyGe+++67jhaf58rTQz0cffdTL aroui4COayoOLJHAokWLkp65+vXr51yb/v37O8o544wzXJWxYMECx3nyrMtUS9kWMxhj/jb0 6NEj5SmtWrUyypdpjRKX/fv3a6eccorj+hKm0f+Lr8RDU25LmKdMmTLG+ZnCGUceeaTjGi+/ /HLK8tLt3LVrl6aPyuIoQ6a8yrYsXrzYcY5Y6SPXWKeZ4azEeeL1UXeSznv44Yet8zKtzJs3 TytbtqxxfqZzvOi/xHoMHjzYUW9pR7rlxx9/1BKDUxJ6yjQtl70sOda89+TTTX8U+xmx15d1 BBDwRoCAjjeOlIIAAggggAACCCAQHQECOtHpS1qCAAIIIIBAKQRee+01TZ9VxddLE9DxlZfC QyZAQCdkHVaM6urT1DheetpfgOa7rk8/o+3du7cY1U+6BgGdJBJ2BExg+vTpSc9cxYoVNQkw 5LJceumljnL0KZhcnf7KK684zpPnXJ9SKeu5o0aNcpynTzmirV+/3nGePfCnT13l+M7c0Kd7 0urWresoq1OnTpo+/ZF5SMpPcZNgi9T39NNPTzvCjAQ+9On5HOVPmjQpZZmZdp511lmOMipX rqxJwCbdsmbNGu3QQw91nCN1lUDR6tWrjdMmT55sfJ84CoS0XZ/+y3GujBiRbXQhfbo0TZ9O 0DjvxBNPTGsiF/eq/+ztv/rqqx11Pu+88+xfJ61LOEyflspxzuWXX67t27cv6Vj7jvvvv99x jj5dVtK9Zz/eXC/2M2Jel08EEPBOgICOd5aUhAACCCCAAAIIIBANAQI60ehHWoEAAggggECp BObOnWv8O/1dd93lW1CHgE6pepfrBlGAgE4Qe6XEderXr5/jxWe+oRzzvFq1amkrVqwoWasI 6JSMngunEZCgyvz587XZs2dr48eP14444oiUz5wEQmTUmbfffluTIIOMxmIPLmzbtk37+OOP tffee08bN26cJqEe87kzPwcNGmScL8etW7fOqpEEOeTZePHFF7XEqY7k3NNOO02bNm2a9tFH H2lffPGFdZ59ZevWrVZAxryeTGcl9ZJFpiAyR0jp0qWL/dSkdfnLWWIgRYImU6dOdbRZTly1 apV2/fXXW22tV6+eJlNQ2Rc5RszefPNNrU+fPtaxZj0bNmyojR071ugDcRCPbIt4lCtXzlGW TF8lI9YkLpI4N0cOknYkBlckgCRTgkk9pE5//OMfE4swRjE6/vjjHdeTY2XkmMQ0+8aNG7UJ EyZYo/xUq1ZNk5GZMi1e9J+EyCTM9f7772syWk+VKlUc9S1fvrwm05hJUEv6I9XoOHJvHnzw wY7zJNizZMkSR/Ul5Cl9dcEFFziObdasmbHfcfD/Nkr9jKSqE/sQQKAwAQI6hflxNgIIIIAA AggggED0BAjoRK9PaRECCCCAAALFFpB3FvL+Qf6DWnmnkvgOotD6ENApVJDzoyRQRhqjP3As CPw/9s4E/otp///vNmmhtCkVkaVFijZL0UbWlIuEK0W2IlSWn5QWS9aUa1+yZukqZCuFiiwt 6BJKSUnRnvbc+Z/X/O+MmflsM5/PzHxmPp/XeTxqtrO8z/OcOTPfz3nN+5gEOnfuLFOmTJEy ZcpIjx49RC21IxUqVNCP1bIporw/mHFT7ShRgHlJLSUjaukR8zjsHSUwkNatW+vFqgls6dev X9gmsDwSMAkoDyiiBAbmsdcdJbIRJWbQk+E+xf3qNiiPKXLDDTfo0atXry7qBctV0iOOOEKU p5ikcZX3HTnnnHNEiSfM68qzjCjRjyghkmzevFkfP5QCW4466igzTrKdVatWCcYOJUoSNQFr RoGtzZs3F+VBRhYtWiTz5s0zr5188skybtw4USId8xx2lNBQlPjJdi7dAca4P//8M10U/Rps u/jii0UtzWWLqwRNAk44P3v2bJPXoYceKu+8845en4YNG4oSqNjS4UAtvyVKhCW1a9dOuAZ+ qMvzzz9vKxPjMPJWAiGdyZIlS8y0GLOVsEnU0mHmuVQ7ubbfp59+Kscdd1yq7BPOo5/g2eIM P//8syh1vrzyyis2Ro0aNRIlYBMlQBIlOJLt27ebSZHPwIEDZciQIaKWHzPPW3eicI9Y7eE+ CZBA7gQwjiqPbaJEhqK8j+nvrLnnyhxIgARIgARIgARIgARIIL4E8DsTfm9SXoZFLRke34rQ chIgARIgARIggbwRUB8iC+Y5jKCEOnL11VfL9ddfL1WrVjVOZ7398ccfRX3QracfMWKEDB48 OOu8mJAE4k6AAp24t2AA9qslWWT58uX6pLDyMOG5BOVFQfr27aunw+Sp8p7gOQ8/E1Cg4ydN 5pUrgWeffVZ69+4tytOIQMhStmxZXbCgPLPYxG/QTkLsAUEDRAnbtm3TtxCxWAU6ytOInhcE JsjPyAfpMYmJtFu3bhXl6URuv/12U6CjloQS5dFETwtbIHaAAA8B6ZSnHj0N0nbt2lXGjx+f surKg48MGDBAcK85g/IQI2opqoziHGs6vKjhBe3VV1+1CX+scTBOYXyB4C6ZaFAt1SfXXHON WT8IOAw2yMeoI7iCDeoOMYyb8Ouvv8oTTzwhTz75pGA/WVBLaskVV1yhC44wkYyA+mBsNIRR YK48C4labitBYOTMU3khE+VxR9B/duzY4bysH6tlwuSf//ynDB06VBczJY2U5GQu7QeBTtu2 bU3O6EvKa47eJmBs9GEwBl/YnkygY5j13XffyW233SYQDqWqJ9pSeZcS5XVImjRpYiRNuoVA Jwr3SFLjeJIESCArAhhbKNDJCh0TkQAJkAAJkAAJkAAJFCgBCnQKtGFZLRIgARIgARIImQA+ /sVH4tbgl1CHAh0rVe4XOwEKdIq9BzjqjwlUTCwjYNLWi2cEpIGHA3htwMQq0n700Uf6ZC2u 5StQoJMv8iy32AjgBQuCDbzAQXiEsQBec9IJMtIxgrgDnmG+//57Qd4QHcHLDDzHwKNOMmFO uvz8vgb74CUIgkb8W7dundSqVUvUkkuilqYyx1JruRgbMU4iQC2ulgC0Xs64D+EUmCh3kLrn HHgagggKnnSOPvronMZbv9svY2XSREC9IEpC26OuOIaXpLp16+r9CmI0BhIggeIkQIFOcbY7 a00CJEACJEACJEACJJCaAAU6qdnwCgmQAAmQAAmQgHsCTi861pS5CnUo0LHS5H6xE6BAp9h7 gKP+8KjRqlUr2WOPPXRvB9i6DRD3YNIcS9DAkwMmoevUqeM2eWDxKNAJDC0zJgESIAESIAES IIFQCVCgEypuFkYCJEACJEACJEACJBADAhToxKCRaCIJkAAJkAAJxIRAx44dZfr06SmtzVao Q4FOSqS8UIQEKNApwkZPV2WsV4w/6o488kiZN29euqgJ13r06CEvv/yy7tXi3Xfflc6dOyfE yccJCnTyQZ1lkgAJkAAJkAAJkID/BKwCHSx3N3XqVP8LYY4kQAIkQAIkQAIkQAIkECMCFOjE qLFoKgmQAAmQAAlEnEA6LzpW070KdSjQsdLjfrEToECn2HtAkvrPnTtXKlasqC+/kuRy0lOP P/64XH755fq1wYMHy4gRI5LGy8dJCnTyQZ1lkgAJkAAJkAAJkID/BCjQ8Z8pcyQBEiABEiAB EiABEog3AQp04t1+tJ4ESIAESIAEokYgkxcdq71uhToU6Fipcb/YCVCgU+w9wIf6L1iwQF8W a/v27dK+fXv9S+ZSpUr5kLM/WVCg4w9H5kICJEACJEACJEAC+SZAgU6+W4DlkwAJkAAJkAAJ kAAJRI0ABTpRaxHaQwIkQAIkQALxJuDWi461lpmEOhToWGlxv9gJUKBT7D0gx/rv2rVLWrZs KV9//bXsu+++8tVXX0nNmjVzzNXf5BTo+MuTuZEACZAACZAACZBAvghQoJMv8iyXBEiABEiA BEiABEggqgQo0Ilqy9AuEiABEiABEogvAS9edKy1TCXUoUDHSon7xU6AAp1i7wE51n/IkCHm clbjxo2Tnj175pijv8lHjx4tDz30kPz00096xrVq1ZKqVav6WwhzIwESIAESIAESIAESCI3A woUL5a+//tKXZK1Xr15o5bIgEiABEiABEiABEiABEogigWXLlsnmzZsFHs0bNmwYRRNpEwmQ AAmQAAmQQMwIbNmyRZYuXZq11U6hDgU6WaNkwgIkQIFOATZqWFWC15wWLVrI7t27pWnTpjJv 3jwpWbJkWMW7Kuemm26SUaNGuYrLSCRAAiRAAiRAAiRAAiRAAiRAAiRAAiRAAiRAAiRAAiRA AiRAAiRAAiRAArkTqFu3rnz44Yf6x3aHHXaYnuGIESNk8ODBuWfOHEggpgQo0Ilpw0XB7JNO OkmmTp2qm/Luu+/KySefHAWzbDaMGTNG/vWvfwmUmQh16tSRatWq2eLwgARIgARIgARIgARI ID4EFixYoP9Rjy9x6tevHx/DaSkJkAAJkAAJkAAJkAAJBEBgyZIlsmnTJt2DTpMmTQIogVmS AAmQAAmQAAkUG4E///xTFi9enHW1K1WqJP3795frrrtOKleurM/TUqCTNU4mLDACFOgUWIOG VZ0pU6ZI586d9eL23Xdf+e2336REiRJhFe+pnC+++EJat26tpxk7dqz069fPU3pGJgESIAES IAESIAESiAaB//73v1KlShXZuHGjdOrUyRSLR8M6WkECJEACJEACJEACJEAC4RM444wzZPLk yfrk1/r168M3gCWSAAmQAAmQAAkUHIH27dvLRx995LleTmGOkQGXuDJIcEsCIhTosBdkReDY Y4+V2bNn62l79+4tTz31VFb5hJGIAp0wKLMMEiABEiABEiABEgieAAU6wTNmCSRAAiRAAiRA AiRAAvEiQIFOvNqL1pIACZAACZBA1Al8/PHH0q5dO09mphLmGJlQoGOQ4JYEKNBhH8iCwLff fiuHH364mXLixInStWtX8zhqOxToRK1FaA8JkAAJkAAJkAAJZEeAAp3suDEVCZAACZAACZAA CZBA4RKgQKdw25Y1IwESIAESIIF8EPDiPccQ5lx77bWyzz77pDSXAp2UaHihCAnQg04RNnqu VcZ6gaNHj9azKVmypL7EQMWKFXPNNrD0FOgEhpYZkwAJkAAJkAAJkECoBCjQCRU3CyMBEiAB EiABEiABEogBAQp0YtBINJEESIAESIAEYkIAy1pBoJMpuBXmGPlQoGOQ4JYE6EGHfcAjgZ07 d8p+++0na9eu1VPWq1dPli5d6jGXcKNToBMub5ZGAiRAAiRAAiRAAkERoEAnKLLMlwRIgARI gARIgARIIK4EKNCJa8vRbhIgARIgARKIHoFM3nO8CnOMGlKgY5DglgQo0GEf8Ejg1Vdfle7d u5upTjrpJHn//ffN4yjuUKATxVahTSRAAiRAAiRAAiTgnQAFOt6ZMQUJkAAJkAAJkAAJkEBh E6BAp7Dbl7UjARIgARIggbAIpPOek60wx7CdAh2DBLckQIEO+4BHAqeddpq88847Zqqrr75a xowZYx5HcYcCnSi2Cm0iARIgARIgARIgAe8EKNDxzowpSIAESIAESIAESIAECpsABTqF3b6s HQmQAAmQAAmERaB69eqyZs0aW3G5CnOMzCjQMUhwSwIU6LAPeCCACZF99tlHNm3aZKYaO3as 9OvXzzyO4g4FOlFsFdpEAiRAAiRAAiRAAt4JUKDjnRlTkAAJkAAJkAAJkAAJFDYBCnQKu31Z OxIgARIgARIIg4DTe45fwhzDdgp0DBLckgAFOuwDHgh8++23cvjhh9tSvPzyy7Ylr2wXI3JA gU5EGoJmkAAJkAAJkAAJkECOBCDQqVq1qmzYsEE6deokU6dOzTFHJicBEiABEiABEiABEiCB eBOgQCfe7UfrSYAESIAESCAKBNq3by8Q6UCYc+GFF8qIESN0pw1+2UaBjl8kmU8hECihqVAI FWEdgifw5JNPSp8+fWwFvfXWW3L66afbzkXtgAKdqLUI7SEBEiABEiABEiCB7AhQoJMdN6Yi ARIgARIgARIgARIoXAIU6BRu27JmJEACJEACJBAGAQhzunbtKv3795drr73WV2GOYT8FOgYJ bkmAHnTYBzwQuPTSS+Wpp56ypZg+fbpAVRnlQIFOlFuHtpEACZAACZAACZCAewIU6LhnxZgk QAIkQAIkQAIkQALFQYACneJoZ9aSBEiABEiABIIiMGXKFGnZsmUgwhzDZgp0DBLckgAFOuwD Hggcc8wx8tlnn9lSQPyCQTvKgQKdKLcObSMBEiABEiCBeBLYvn17ToaXLFlS9thjj5zyiEti OOxcs2aNrF27Vv+3bt06cx/n6tWrJ5dddpmr6lCg4woTIxUxAdwj1vsN95j1njv++OPllFNO KWJCrDoJRI8AnpO7du3y9F6we/duvSKlS5f2XCGME3gPSRdgD/IuUaJEumhZX4vTWOXne0zW wJiwYAj89ddfaZ/TF1xwgTRp0sRzfQtVoBMUL8+AmYAESIAESIAESCBnAhTo5IyQGRQQAS5x VUCNGXRVDjnkEFm8eLGtmG+//VYaNWpkOxe1Awp0otYitIcESIAESIAE4k1gx44dsueee+Zc iYoVK0q1atVk3333lRYtWuheCU844QT9XM6ZRyiD7777Tho3bpzSIiyXimVT3YQZM2bIySef LNu2bROwggteBhIggb8JfPrpp3Lcccf9fcKxh4m/F154wXE2+eGsWbPkk08+kVq1aslpp50m VatWTR6RZ0mABHIiMGfOHP3Dp1KlSkn58uWlXLlygn2IaAyBDCapIZqBQBj/INAZNGiQ3H33 3Z7KHjJkiIwYMULKli0rFSpU0LcoCwFl7Ny5U7Zu3ao/Z7///ns57LDDPOXvNnKcxio/32Pc 8olaPD4P/GsRfJ3euXPnlBleccUV8sgjj6S8nupCoQp0guKViiPPkwAJkAAJkAAJBEeAAp3g 2DLn+BGgQCd+bZY3i6tUqSLr16+3lf/DDz/IoYceajsXtQMKdKLWIrSHBEiABEiABOJNAJNi NWvW1L3A+F0TTMZ169ZNBgwYIPBeWAjBr4ktTChiYtEIZcqUkfnz56cV/xhxuSWBYiHg16S3 836rXLmyYII2ndiuWBizniTgNwF8CIUPnyDA8RKyEeh07NhRsFS5mxAHgU4YY5Vf7zFumEcx ThiMo1jvoGwKSnBCgU5QLcZ8SYAESIAESIAE/CJAgY5fJJlPIRCgQKcQWjGEOsD9MNwbw7Wv NVCgY6XBfRIgARIgARIggWIhgCVkVq1aJZs3b5YlS5bI6NGjBV/AO8PDDz+se7MwlrOC9x3j 6/dffvlFZs+erf9bsGCB/uW6NT2+rn3mmWd07xXW83Hbx9f4mOQDK3jAue222/Qv9I16uPGg g6/5K1WqpHsMMNJh26NHD3nppZesp7hPAkVNAN6l8KPXpk2bZNq0abqnDPwtZwQ3HnR4vxm0 uCWB8AjgnQAfRC1btkzGjRsnEydOTFp4r1695Oyzz5Y6dero7wfVq1dPGi/Vyblz58ry5cvl ySeflLfffjshGvKGUBiCIfwz3l8SIuZ4Ik5jlR/vMTniyltyPg/8R79lyxbdO/nGjRvlvffe kzvvvNNWCD3o2HBIULzspfCIBEiABEiABEggDAIU6IRBmWXEhQAFOnFpqTzbCVfHydY2/+mn n+Sggw7Ks3Xpi6cHnfR8eJUESIAESIAESCB3Al9//bU0a9bMlhG8D65du9Z2LtUB4g0bNkwg 6MF7lxGwBNaLL74oJ510knEq9ts+ffroE4NGRdwIdCDwadiwoZHE3LZv3961JwAzEXd0AoMH Dxb02379+qVdaiFMXFG0Kcz6B1HWueeeK6+99pqZtRuBDu83E5e5w75pouBOSASwnOP7779v Kw1LY0J8Zyx7ZbuYxcFZZ51lCoH22msvfR8edvIR4jRWZfMekw+mKDPXsYvPg+Bb7pRTTtGF OkZJFOgYJJJv/eKVPHeeJQESIAESIAESCJIABTpB0mXesSOgPKIwkIArAk2aNIH7HPOfcnOu qSUeXKXNZ6TPP//ctHns2LH5NIVlkwAJkAAJkAAJFCgB5U3HfN8w3pfUMqCea/vcc89pauLN lleFChU05WHHc15RTXDHHXfY6qcEOhlNVZ6HtPLly9vSgXP//v0zpmWE5AQaNGig83z88ceT R8jD2SjalAcMvhZ544032u4bJdDJmD/vt0RE7JuJTHgmWAJffvml7d413i2mTp3qW8H33HOP WUa+nwVxGquyeY/xrdE8ZpTr2MXngUfgWUS/6qqrzPsQ97kS6GSRi6bhfRrp8VttIQe/eBUy I9aNBEiABEiABKJKQK3IYr73qGVUo2om7SKBUAhgySIGEnBFQC3BoB1xxBH6pNEhhxyiKZfL rtLlOxIFOvluAZZPAiRAAiRAAoVP4Pfffzf/yDQm0Q477LCsKu784Rn54d1rw4YNWeUXtUT3 33+/jZUbgQ7qcNddd9nSKe+O2sKFC6NWvdjYU65cOZ1nvidlrcCiaJPVvjjuDx061HbfuBHo oJ7O+0151yjq+419M469P/42t2jRwnb/4n1ALT/lW8WM/DKr0HgAAEAASURBVNu2betbntlm FKexKtv3mGzZ5JLOj7GLz4NcWiBz2uuvv952n1Ogk56ZX7zSl8KrJEACJEACJEACQRCgQCcI qswzrgS4xJX6hYPBG4Fdu3ZJmTJlvCXKY2wucZVH+CyaBEiABEiABIqEwB9//CE1atSw1VYJ dARLA3gNWEJUed+R//73v7akaoJE1BfmtnNxPHjggQdE/bhumu5miSsj8ty5c0VNJMq2bdvk uOOOk1mzZhmXuPVAYMWKFVK3bl09hRLoCJbryHeIok35ZuJH+bfddpu+fJ6Rl5slroy48+fP 15fYUV68pEuXLnLAAQcYl4pqy75ZVM0dqco+/fTTcskll9hswtLjP//8s9SuXdt23uvBnDlz pGXLlnqyCRMmyD/+8Q+vWfgaP05jVS7vMb5Cy5CZn2MXnwcZYOdwecCAAaJEX2YOXOLKRJF0 xy9eSTPnSRIgARIgARIggUAJcImrQPEy87gRiKuyiHaTgFsC9KDjlhTjkQAJkAAJkAAJZEvA Tw86sOHggw+2fU2r/sbQTjnllGzNi1S6XL48/+uvv3TX/eDRsWPHSNUrTsbceeedZv+Kiged KNoUpzZNZWu2XilS5VeM59k3i7HVo1HnLVu2mM88PPeMf7ivcw29e/fW89tvv/009RFWrtnl nD5OY1Uu7zE5g/KQAccuD7DyGNUvjzDFssSVX7zy2OQsmgRIgARIgASKlgA96BRt07PiSQjQ g476hYOhsAnQg05hty9rRwIkQAIkQAJRIOCnBx3UR4lPZPr06baqqSVmRC1zJSVLlrSdj9tB Ll+ew6tQ1apVdQ5g9MEHH8St+nm3FwyVAEyWLl2q2xIFDzpRtCnvDeWTAbl4pfDJhFhnw74Z 6+YrCOP79+8vY8aMsdVFiWpk2bJlAm862QS8S8ADz9atW2XIkCE2L1vZ5OdHmjiNVbm8x/jB yk0eHLvcUIpGHL88wpxxxhkyefJkqVy5sqxfvz4alQvACr94BWAasyQBEiABEiABEshAgB50 MgDi5aIiQIFOUTV3cVaWAp3ibHfWmgRIgARIgATCJOC3QKd169aCdxhrKFWqlOzYsUOwjXPI ZWILE04U6OTW+i+//LL06NHDzCQKAp0o2mQCivlOnCa9o4iafTOKrVJcNi1cuFAaNWqUUOlc lqWC4AfCH7xPYLmsOnXqJOQf9ok4jVW5vMeExZVjV1ikcy/HL8EJBTq5twVzIAESIAESIAES CJYABTrB8mXu8SJAgU682ovWZkGAAp0soDEJCZAACZAACZCAJwJ+CnR2794te++9t2zbts1m w4EHHihLliyxnYvjQS4TWxTo5Nbi8Mp02mmnyfbt282M8i3QiaJNJpwC2InTpHfUcLNvRq1F itee9u3by0cffWQDkIsXOQh+IPzp2rWrTJw40ZZvvg7iNFbl8h4TBl+OXWFQ9q8MCnS8sfSL l7dSGZsESIAESIAESMAPAhTo+EGReRQKAQp0CqUlWY+UBCjQSYmGF0iABEiABEiABHwi4KdA 55tvvpGmTZsmWHb99dfLfffdl3Dey4nffvtNvvvuO/n111/lzz//lEqVKgmEP8ccc4yUKFHC S1Yp40L8gXLg7QdLKTmX4MhlYssq0Dn22GPllVdecf3lP+xZs2aNlC1bVqpVq5Zg//Lly3Xh ygEHHCB77LFHwvVMJ4Jkq5Yq1tvtl19+0dnu2rVLatSoIbVq1dL/weZM4e2335bu3bvLli1b bFHzKdAJ0yb0nQULFgjaGW1VpkwZOeyww6Rhw4b6chA2KHk+8KO9jSr4Mem9adMm/d7BfZGN pw2/7w20JZbvWLt2rVSvXl322Wcfo7rmFkJHCBrLlSun2+x1fAuzb5pGc4cEUhDAs+68886z XUWf/v777+XQQw+1nc908PHHH0u7du30aO+//76cdNJJmZKY1xcvXiwrVqyQlStX6ktN1qxZ U+rXry8HHXSQYBnOXEIUxirD/iDfY4wysA2CZ9BjV67PA9Q7yOdxGM8H1MHP4FZwgvdYeLwq X7580udath50guiHVj5YSm/u3LmyevVqc+mtevXq6eMG3l/xd8LOnTvlxRdflBYtWkiTJk2s yRP2/eKVkDFPkAAJkAAJkAAJBE6AAp3AEbOAOBFQP/4xkEBBE/j88881dU/q/8aOHVvQdWXl SIAESIAESIAE8kPg999/N983jPcONfmflTFXXHFFQl777befpkQ1WeWHROPHj9eUCEdTE3oJ ecPeunXrajfddJP2n//8J6sy1ISfdtlll+n5GPXHds8999RatWqlXXnlldpnn32m533//ffb bDj99NNTlqkmgrRu3bppxx9/vNa4cWNt3333taW94IILkqZ95plntM6dO2vNmzfX1I//WsWK Fc10+++/v5lGiTU0NempValSxbyuRAga2kBN0Jnx0u0EyVZNZmhXX321pkQRpn1WvsY++tpd d92lKSGEzdRFixbp6Y888siU6Zs1a6YpLwpJ/91+++22/Pw4CNsmNZmsXX755Ql9x2CHrRI6 6f1fCT78qGLWeeTa3skKHjp0qK3tU90zSJvsflNCJjN9urTJyvbj3lCCRU1NOmpKkKcpIYKm lrjTSpYsadqkBGZm0UqQo/Xp00dDn8Z9bLSxEulohx9+uNavXz9t3bp1ZnznTth901k+j0kg FQE1MZ90DLvuuutSJUl5Xgk19XtDCWg1JWZIGc+4gPebESNGaHjOGPdUsq0S/WhvvfWWqzyN vK3bfI5VsCOo9xhrHbEfBM8gxi6/nweou9/P4zCfD7A/qKAE+LZ7C++gRlDiGa1Xr14a7le1 JJ0ZD881JWSxPdfwPo17s3LlykbylNsg+qGzsHfffVdTnr4063uEc+zAe/3gwYO1Nm3a6LZ3 6dLFmU3CsV+8EjLmCRIgARIgARIggcAJ/PDDD+b7DP7GYCCBYiYgxVx51r04CFCgUxztzFqS AAmQAAmQQD4J+CXQUd5lzD9WjR+x1Vfp2ldffZVV9TAZbUzGGfmp5bM0tcyRdvHFF+vCF/Xl qq3MBx980HVZqPeFF15oS49ylGcefTIPk+lGuZhYGDZsmHbPPfeY53AtnUBHeSayxTXyMrap BAPXXHNNynQVKlTQ64eJRKtwx8jT2Pbs2TMth6DZvvHGG5rykpNQDwiOTj31VA2TocpziO06 4isvMabdb775pu26UTe3WzcTJWZhLnfCtOn555/XJ6qs9cVkEOqF/o8JIavYA/cGJonV194u a+NfND/aO5k1Xia9s73fnOX6eW8oDx9p+zAEOspbjt5uEAQaba08ZWm1a9dOECXiHpk8ebLT ZP04zL6Z1ACeJIE0BP7v//7P7N9GP8czwMt4tWrVKnOyHM/iTAE/oCsve2a5EAXg2QPRI0S5 EM5ZxXCwSy2fpS1dujRT1gnX8zFWwYig32OsFQ2KZxBjl1/PA6P+QTyPw3w+GPUIYptMcPLX X39pylOMZn1Hz/RccyvQCaofGmzwTIaoyBinsD3uuOP0MQPCb+UNVEOdGzRoYIuDeMqjl5FN yq1fvFIWwAskQAIkQAIkQAKBEaBAJzC0zDiGBCjQiWGj0WRvBCjQ8caLsUmABEiABEiABLwT yFWgo5Ze0kaOHGkTC+CHarUUk/bBBx94N0ilmDZtmj5BbfxADiECJtVgqzUsXLhQ965jxMP2 3nvvtUZJug8vNVYBDtJBDIR3L2tQbu01iF2s+Vv30wl01DJcugcYiCnUEhoJeaQS6Lz++ut6 XSHEUEsB2NJBoAObsIUd8PAzc+ZM/Stfq12Y7E/lRSdItps3b9YuueQSm80QN2HyEv3EGjCB 89RTT9niQpRgeEXAjx9q2RDbPwi+rPXEBKszjnE8f/58a3G+7IdhE/r4WWedZasnPDElmzRe tmxZQty2bdtqGzZs8KW+mTLxs72TleVl0jvb+81art/3hlrCR7vqqqs03OvwJGbtu9h/7LHH bPcLPGfNmTNHU8vA6WappbC0s88+25YOHrOSedIJo29aWXGfBLwQwPhlFRQa98LTTz/tOps7 7rhDvxfwfHM+T5yZ4B5SS1iZ9w6EtxgjnAHvECeccIIZD3bheQ1vKV5C2GMVbAvjPcZgECTP IMYuP54HqHuQz+Mwnw9GOwaxdQpOLr30Ut27o3GPu32uIR7SpPOgE2Q/NNhYPWXCy8/s2bON SwlbiHWs3j2zEehkyyvZe0CCgTxBAiRAAiRAAiTgKwG8txrvOPSg4ytaZhZDAhToxLDRaLI3 AhToeOPF2CRAAiRAAiRAAt4JJBPoYDkWfEXq/IdJDyzFMmvWLO3VV1/VxStWzw/GH6v4+jTT BFoqS3/66SebMAU/fo8bNy5VdH1pJIiBjLKxhUePVMHpBQfxM/1xPWHCBFMUYy0nnUDHWj7E KM6lmlIJdKzp4H3IOqlpLAsAG7Bs1saNG/XoLVq0sNUfXy0b16z5Bc3WmGAxGEFwM2PGDKsJ tn0s/2PENbbz5s2zxbEeOEUO1iWCrPHC3PfTpp07d9r6Cfr+kCFDTNFSsnqhb/Xt29fGsWnT pknbP1n6XM4F3d5eJr2t9cjmfgv63sAyP1jmw+jn2NarV08/hmcBLKmVLGAMbtiwoS0dPBO4 CX72TTflMQ4JpCMA73fW/o/9li1bpktiXsM9bdwvF110kXk+1c5HH32UUBYEcckC7rHWrVvb 4mNJrC1btiSLnvRcmGMVDAj7PSZsnn6OXdk8D8A4zOdxPp4PqKMfwSnQMe7xdM81tInzuWYI 2dMJdILuh1g61hDGQwiPv3cyhSeffNIcO7IR6GTLy+17QCb7eZ0ESIAESIAESMA9AQp03LNi zMInQIFO4bdx0deQAp2i7wIEQAIkQAIkQAKBE0gm0DF+MPayhXcTCHPSfW3qpjIdOnQwf+xG +cgzU4Agx2orPKskC/BOYV3SAgKIf/3rX8miJpx75ZVXbGWgPLcCHWTmXLrKjUAH6bCskbVu 2MdSNz///DMu6+Hmm2+2xenatatxybYNku2zzz5rswF2YgmHdKFZs2YJaSCGShX8nLRLVYbX 837aBO8/1rbGpK/b4Oxfbu4bt3knixdGe2c76Q17+/fvb2OZ6X4L8t4w+PXu3dtmk9HWWB4w XYCHMiMutkcccUS66OY1P/ummSl3SCBLAliezdqPjX08lzMFa1o37xjDhw9PKAtLWqYK8GZi fTeAbV4EoGGOVfl4jwmbp99jl9fnAfpJ2M/jsJ8Pqe4Fr+dTCXS8PtewTCfuu3QCnaD74XPP PWeOG/BQ6SbA66OxlF4uAh2vvNy+B7ipA+OQAAmQAAmQAAm4I0CBjjtOjFUcBCjQKY52Lupa UqBT1M3PypMACZAACZBAKASSCXTgtQVLqTj/OZcYMibYsD3ggAP0JVvwZWy24YknnjB/HEee WB5p5cqVrrKDKMdqj3MSD8vxHHLIIbY4WEbKS8BSQ9YyvAh0br31VlvaTIIBwy54M7KWiX3n Ml5w+49zWA7n7rvv1lavXm0kN7dBskV56CtWOzt16mSWnWrHuRwWPASlW57J70m7VHZ5Oe+X TViSq0yZMiZDeIVCn3Ub1q5dm+DlCZPaQYSw2juXSW94HrL2x3T3W5D3hpX/ddddZ7MJ9sEL kbGsmzWudX/SpEm2dBUrVrReTrnvV99MWQAvkIAHAng3wHuC9b7EPoQJmQKetYgLUaebYJ1o N8q766670iZ1etE588wz08a3XgxrrMrXe0zYPP0eu7w8D9Cu+Xgeh/18sPbfXPaTCXTcPNec wnp4fsS9mk6gE3Q/vPHGG83xCYIh/H3kJtxwww16umwFOtnwwt9jDCRAAiRAAiRAAuESoEAn XN4sLdoEKNCJdvvQOh8IUKDjA0RmQQIkQAIkQAIkkJZAMoEOlndIFbB0EpZeGjZsmIYljIzJ L2OLSa7169enSp7yPJaTqFSpki2/jh07pozvvOCcgBk4cKAtSr9+/Wx5w94pU6bY4mQ6uPLK K215eBHoOO1LJxiw2oG2MNhiC/HUihUrrFEy7gfNFp4JrDbCM1G6paoMgyH0QBtDmNKoUSPt mWeeMS4l3fo9aZe0EI8n/bLJ6U0I4iWv4bzzzrO1Q5s2bbxm4Sp+WO2dy6S327RB3xtWoMkm Mt9++21rlKT7WFLQen9hH4KsTMGvvpmpHF4nAbcEbr/99oS+jCVl0r0zwFucsdRjqmWqnOUj P+uykhC6/vbbb85otuPLLrvMZpsXDxVuxxtbgf878JI2X+8xYfP0e+zywhjNko/ncdjPh2R9 MZtzftqNZ1s6gU7Q/dDZT5o3b659+eWXGbHg3RW2n3XWWRnj+snLzXtARoMYgQRIgARIgARI wDUBCnRco2LEIiBQAnVUL8EMJFCwBL744gtRk1x6/caOHSvqB5mCrSsrRgIkQAIkQAIkkB8C f/zxh6glk2yFK1GIqCUfbOeSHajJbbnqqqtEfdVqu6yEAaLEL6I8otjOpzt48803RX2xboui vMHIoEGDbOdSHcyYMUNOOOEE87L6oVz+/e9/68fKw4xeR+WdxbyuvOmI+gNblJjEPJdpB3V9 5JFHzGhKoCNvvfWWeZxuR/3wL8o9vxlFCXTkhRdeMI9T7TRo0EC307jevn17mT59unHoahsk 261bt4ry9iLbtm0zbYHNCxcuNI/92lGCMFEelczs1BIk0qdPH/M4Hzt+2KTETKImgmzmjxs3 Tnr27Gk7l+lALdeW8PcC+rianM6U1PX1MNtbLTEiSgho2ub2nkECt2mDvDdMw/+3M2DAALn/ /vttp5VoQGrWrGk75zxI1j/cpPOjbzptcXuMMffjjz8WbAsh7N69W7Zv3y7Ke1EhVEevw1FH HSVqCcVQ67Nq1SrZf//9E/rF6NGjRS1DlNSWW265Re644w5RHi308b9ChQpJ4zlP7tixQ9Tk uijPHHL00Uc7Lycc497EPWqE+vXry+LFi43DtFu3402yTNymzfd7TJg8/R673DJG+yQbb8N4 Hof9fEjWF7M556fdKF8JdEQJcVKaEmQ/xN8typtNQtlnnHGGnH/++dK4cWPB+60Sldvi4Pkw depUcTOm+snLzXuAzVAekAAJkAAJkAAJ5ETgxx9/FPxWijBixAgZPHhwTvkxMQnEmkARiJBY xSInQA86Rd4BWH0SIAESIAESCIGAVw86TpOwPAuWglB/WNj+KTGLM2ra42Rfhk+YMEFTP3y7 +oelsKw24Ot5I8BTjvUa9uFtxGuIggcdp2cgN3UIki08gDjZ9urVy41ZnuP4/VW9ZwOSJPDD JudX2+A5c+bMJKWlP6XEYgltMWrUqPSJPF4Ns72dXNx6nUKV3KYN8t5wonV+OV+rVi1nlKTH c+fOTWjXTN5AkJEffTOpQS5Ovvvuuwk2O8cJHtufmWHzmDhxoouW9D/Kueeem9A31KR30oJ2 7typKRGRHr9v375J42RzctmyZdoHH3ygjR8/XhszZoymflzX2rZta7NLCXRcZ+12vEmWodu0 UXiPSWY/zvnN0++xyy1j1MUZN6zncdjPB9TVj+Cn3WCdzoNOJntz7YdYQk4JZm3jgHNchsdH /H2hhDb6GKIEQ5nMsl33k5eb9wBb4TwgARIgARIgARLIiQA96OSEj4kLjAA96Ki/FBgKmwA9 6BR2+7J2JEACJEACJBAFArl40DHsRx516tQRNZlmnJK99tpL/9rdrceBLl26uPZGYxaSZqdu 3bryyy+/6DGSeRa57rrrErxZpMlOvxQFDzoPPPCAXHvttZlMtV0Pki08H4ClNYwcOVLg9cDv 4PdX9X7Y54dN3bt3l1dffdVmTjaeb5SoR44//nhbPpdffrk8+uijtnO5HITZ3l68Hjjr5DZt kPeG0ybnl/Pt2rWTDz/80Bkt4TiZRwc3X8770TcTjHF5YtGiRaKW9XMZO/rR1MSt7vWlSpUq 0TfWpYXojy1atHAZ279oH330kcATnDNMmzZNOnToYDuNcRHjI8J//vMf3YOFLYLLA3jkmDRp krz++uvy2WefyZo1azKmjJoHnSi8xxjQgubp99jl9nmA+uXreRz288Foy1y3ftoNWzJ50LHa G0Q/VCJkwXuB+vjAWlTKfXghg4eviy++WNRSfCnjGRf85OXmPcAol1sSIAESIAESIIHcCdCD Tu4MmUMBESgwwRGrQwIJBOhBJwEJT5AACZAACZAACfhMIFcPOoY5J554YsJXp2oJJ+Nyxm3L li0T0uNLVuVS3vO/pk2bakrEYpZ58803J+Stls8yr7vdiYIHHTVh6dZcM16QbG+88cYEtg89 9JBZtp87fn9V74dtftikloRLYLhkyRLP5s2fPz8hH7Vcg+d80iUIs72dngyC8KAT5L3h5Oj8 cl6JEZxRkh7H0YNO0orwJAn8jwA85qifJm3/zj777AQ+SsSmx4F3m2zC6tWrNSVS1OD1wlke PFh169ZNU+7ptaeeekpTy9jY4kTNg04U3mPC4unHc9XaX7w8S/L1PA77+WDlk8u+n3bjHnXj QSfofghvhBgfnGNGuuNjjz1W27hxY0aUfvKiB52MuBmBBEiABEiABHwlQA86vuJkZjEnIDG3 n+aTQEYCFOhkRMQIJEACJEACJEACORLwS6DTp0+fhB+zvSzH1Lp164T0ixcvzrF2/z+58wdx /MiejYgkCgIdTBx4DUGyVV8DJ7RbNmzd1MnvSTs3ZWaK44dNRx11VALDBQsWZCo64bryvpmQ D5af8zOE2d5eJlWddXSbNsh7w2mTcxyiQMdJiMfFQkB54koYqyCiwVKVRvjuu+/MOC+99JJx 2vV23Lhx2t57723mYUyuH3300dobb7yhYXlOa3jwwQdtcaMm0HGOH2G/x4TJ04/nqrVt3T4P kCZfz2Nn+wb9fLDyyWXfT7vRpzMJdMLqhxs2bNDuvfdefTkr5RnHNjYYY4lzizbDsnzpgp+8 KNBJR5rXSIAESIAESMB/AhTo+M+UOcaXAAU68W07Wu6SAAU6LkExGgmQAAmQAAmQQNYE/BLo wGON88fqU0891bVd5557bkJ6tRSF6/TpIqploRLyHj58eLokSa/FVaATJNtkE63ZsE0K3HHS 7aTd7NmzNdillg9y5OD/oR82OT034D5Sy1V5Nnbq1KkJ/RweIvwMYba3l0lVZx3dpg3y3nDa FPbEnB9901kHHpOAHwTU0jRa+fLlE8Yr67Ojf//++vUaNWpoO3bs8FTsmDFjtBIlStjyP+ig g7Tp06enzCfqAp18vseEzdPvscvt8wCdI1/P47CfDylvBI8X/LQb7z7pBDph90MDBcYrtQSf dt9992nnn3++ppbQtY0t1r99nn76aSNZ0q2fvCjQSYqYJ0mABEiABEggMAIU6ASGlhnHkAAF OjFsNJrsjQAFOt54MTYJkAAJkAAJkIB3An4JdJJ51vDyBfoNN9yQ8IN3Nss5JSPw+uuvJ+R9 9dVXJ4ua9lxcBTpBsp00aVIC2969e6flmO1Ft5N2t956q25T3759sy3KdTo/bEJftE7wYD8b T0mvvfZaQj7Z9PN0lQ+zvb1Mqjptdps2yHvDaVPYE3N+9E1nHXhMAn4RwHPCOe5h4nv37t3a li1b9Il6XL/ppps8FQnvY06PF1WrVtXwg3q6EHWBTr7eY/LB0++xy+3zAP0jX8/jsJ8P6e4F L9f8tBv3eyqBThj9ECLnTp06aVOmTMmIAEuKXnLJJVqpUqVs41irVq3SpvWTFwU6aVHzIgmQ AAmQAAn4ToACHd+RMsMYE6BAJ8aNR9PdEaBAxx0nxiIBEiABEiABEsiegF8CHUMUYZ1www/X br98f++992w/ciMfiH6yCajT5s2bzaTLly9PmLDr0qWLed3tTlwFOkGy/fXXXxMmKOCpIJuA pQGcy45Y8/F70s6ad7b7ftj04osvJvR9fCnuNYwaNSohn4kTJ3rNJm38MNvby6Sq02i3aYO8 N5w2hT0x50ffdNaBxyTgF4FkS/LhuY8x66mnntLHMghtli5d6qlIPNut7yHY/+STTzLmcc89 99jSWQXGq1ev1v7xj39oI0eOTJqP2/EmWWK3afP1HpMPnn6PXW4Zo33y9TwO+/mQrC9mc85P u3GvphLohNEPjbpApOM2QDhXtmxZc+woV65c2vdYowxjjIrLUmZueTAeCZAACZAACRQyAQp0 Crl1WTevBCjQ8UqM8WNHgAKd2DUZDSYBEiABEiCB2BHwS6Bz//33mz9QGz88Y/vtt9+6YvLX X39p+++/vy2PRo0auUprjTRnzhx9aYsjjzzSelo7+eSTbXnvvffeGgQhXsKll15qy+P00093 nXzIkCG2tBdccIGrtIcddpgtXTaeVYJmCw7WNsf+3LlzXdXPiPTNN99opUuX1lq2bGmcStjW rl3bVs6jjz6aEAcnBg4cqMfr169f0ut+nvTDpm3btpneIgyOmAz2GrCknJEe27322ktD3n6H sNrby6Sqs45u0wZ9b1jtCntizo++abWf+yTgN4HmzZvbxiyMWyeddJL+HMC+l2UyYRvu5z33 3NOWZ4MGDVyZ3aNHD1s6q0BnyZIl+rUKFSokzcvteJMssZe0Yb/H5Iun32OXF8b5eh6H/XxI 1hezOeen3bjnkwl0wuqH11xzjX6f41103bp1rnE4vS5t3bo1ZVo/edGDTkrMvEACJEACJEAC gRCgQCcQrMw0pgQo0Ilpw9Fs9wQo0HHPijFJgARIgARIgASyI+CXQOfpp5+2TW7hh3b8mzBh QlLDRowYoVWrVk2bOXOmed35BTvST5482bzuZqdbt256uW3atLFFT7Y0z3PPPWeLk+4Anl2c k4lxEeigXkGyffvttxPaHm7+ManiNhjLnYBxqtC0aVNbOXfddVfSqOeee64eb/jw4Umv+3nS L5sGDRpkqxu+yF61apVrU5ctW6aVKVPGlscjjzziOr2XiGG1t5dJVaf9XtIGeW9Y7Qp7Ys6v vmmtA/dJwE8CTz75pG3MMt4bjK1XQeovv/ySkF/Pnj1dmVyvXj1b2igKdMJ+j8kXT7/HLi/P A3SWfDyPw34+uLopXETy027c98kEOmH1Q0OgAzvuu+8+F7X//1Hwd44xZtWqVSttOj95uRHo 7Nq1S7vuuus0LPMH8eIpp5yiLVq0KK2NvEgCJEACJEACJJCcAAU6ybnwbHESoECnONu9qGpN gU5RNTcrSwIkQAIkQAJ5IQARgPHDsrE9+OCDPduCZSmM9NbttddemzQvYwIGS1kYYffu3dox xxxjywceZNavX29ESbuFmKdEiRJ6+mTiBHglsdqGCbm1a9emzdO4CDGINS32O3bsaFzOuL3l llts6c8///yMaRDhkEMOsaV74403XKVzRgqaLerj5PPwww87zUh6DJEWljJB+nRpDPGVUU73 7t2T5te4cWM9LyxVEXTwy6YtW7ZoTm9JmFhOt+SXtW6Ia3DBNpsl3Kz5ZdoPo70HDx5sqxM8 XLgNzrTp7reg7w3DZoyF1jZq166dcSnt9ssvv7SlQx5YaixT8KtvZiqH10kgWwJ//vmnVqlS pYT+jT6O57MXkSdsgPcTpwcdN2PhV199lWBDnTp1zGp9/fXX+vVk4gFEco43QY1VKCvM95h8 8fR77HK2T7rnARjn43kc9vMB9fQj+Gk37vtk91hY/dAq0MG4hKXt3IRnnnnGHD/gASxd8JOX m/eAe++917TNeP/A33jo4wwkQAIkQAIkQALeCFCg440XYxc2AQp0Crt9WTtFgAIddgMSIAES IAESIIGgCWApIuNHW2OLH8h37NjhqWgIfeAW3sjD2DqXmkKmmzZt0kqVKqXHnTZtmq2cxYsX 6551jPTYdujQQduwYYMtnvMAX9rDbsQ/4YQTkk7srVmzRsOkmzXvJk2apPVUAoGE84tXI/2B Bx6YtBynbTi+5JJLbOXiK9ZMAWVjKS6jPGwfe+yxTMlSXg+SLdoHPKy2YoIjkwckLG11wAEH 6OlatGiRlueoUaNs+VepUkX7448/bPX9+OOPzThul1ezZeDxwE+bIMTAslRWhhdeeKGGL6DT hTvvvNOWBl9wO7mkS5/NtTDa27mkXPv27V2b6kyb6X4L8t4wjD7vvPNs7eR26Z0333zTlg79 w80Scn72TaMO3JKA3wScy8MY498dd9yRVVGdOnWy3S/lypXTILBJFeCFwrm8JmyA2HflypV6 shdeeEHP88QTT0yajXO8CXKsCvs9Jh88/R67nO2T6XmARg77eRz28yFpR87ipJ92475LJtCB WWH0Q6tAB7ZgSTn8vZIuQOhy6KGHmmMOxop0wU9ebt4DnNyM8fWll15KZyavkQAJkAAJkAAJ JCFAgU4SKDxVtAQo0Cnapi+eilOgUzxtzZqSAAmQAAmQQBgEIPjAl+JffPGFBmHME088oRme bIwfbY0tlm965ZVXtI8++kifDP7xxx8zmpjMqwY8o6A8a7j11lv1H7PxQ3yyrzjxh69T7AER x+uvv54gVlixYoV25ZVXmj+O77vvvhrc4acKP//8s4aJcaOe2MJLTTIxB76eNZZLssa37uNL eUygf/LJJxqWCzMC6oUfz3EeXmHKly9vKxNiJiytA0EJJoIMTymoD46nTp2q9enTx5YG5e63 337a6NGjtQ8++EAXc0Pg4iUEyRZf8zZr1izBZnh3waSiNcBz0dixY01vBxUrVtTmz59vjZKw v3HjRlOEZbQB2seYQMEyT4YXmlNPPTUhfRAn/LZpzpw5Wo0aNWwMMZm4YMECm/k7d+7U2/+M M86wxcWX0fgbIozgd3tnumcwltx+++3ajBkzNHBat26dWc1MaVPdb2YGasfvewP9EnbOmjVL e/DBB7U99tjD1lbowzfeeKP24Ycf6vGsX+vjvkY7vvbaa0nH6OOPP17DcjcYWxcuXGithrnv d980M+YOCfhIAM9eYzw3trhXrPeDl+JwXxgCYCM/eOOxLqdp5Pfuu+9qhsc1vGM4hRwQB8N7 Hp67yMsQDWUab4Ieq8J6jwGnMHga7WFscx27MrWPm+cBbAnyeZzv54PB2us2SLtxj1WoUCHp cy2MfugU6MAevFM6378MZvPmzdPatm1rjl/J3juD5OXmPeC0004z7TPGQ2wh/mYgARIgARIg ARLwRoACHW+8GLuwCVCgU9jty9opAhTosBuQAAmQAAmQAAn4SWD79u1Jf6i1/mibah/eTTIF /BB9+OGHJ5TRsGFD/Qd3TJrcf//9WpkyZfQ4gwYNSpklvmq/6KKLEibaqlevrn/ViuWNjjrq KFtZ+NoVnnwyBYhFzjnnHHM5LKPO8LwD9/PwmIMf2g07Mdk3fPhw7bLLLrOVZ6QztmPGjDGL hjDHOO9mC8EFQrIJgnTpMZnhNQTJFn2gV69eCd6U4I0AEx2dO3fWDjroIBubmjVrap9++qmr amCJL6fQAR4Sjj76aNP7DJi4+bLYVYEuIvlt09KlSzUIv4xlv4z2b9SokQbhHJaBcy7jgr56 880360u8uDDZtyh+trfXe+a5554z6+E1rXG/mRn8b8fPe+P999+39XOjHVNt4TXCCNWqVXOd 9ogjjjCSJWz97psJBfAECfhAAM9e630BLxO5BHixSObRDxPa/fr106644gqb8A0eMOBFCz+6 O8ddwy4IeSGgRfA63gQxVoXxHmO0QdA8jXKs21zGLq/tk+p5AHuCeh5H4flg5e12P592B90P re/fVatWtf39Ae+bWHoNfx/gY4RWrVrZ/obAuy3eH5whn7xgy0MPPWQbW43xzO0Sm8768JgE SIAESIAEipkABTrF3Pqsu5MABTpOIjwuOAIU6BRck7JCJEACJEACJJBXArt379ZdsWNyf599 9tGwFA6+LK9fv77uRQYTUPiHYyz5AG80WKYIggg3Ah1UDl8+Q+SSbHLM+GEYWwhgIBjKFPBH ML70dIoyrHnBVohjDC80mfI0ruOrWHhgSTUhB1HJcccdp3vsQBqrpx5r+ca+U6CDfOEZBh5R wNn4qh+CEnytD/5YwgrlGBNEjzzyiC4MAndchycheEVxtg2ESvDKg/yzDUGyXbJkiS5oKlu2 bNLJATCDCOG6667LuHyZs37whIDJEYO7dQtPB2GKcwzbgrAJniUgJEvHEPcyRDtePSkZdvu1 9aO9MalqvWdwjxhjE+4B3AsQc2EZMNTbKupypsX9Ztw3yCPV/Zaq/n7cG5iYM+qDsdQYa2EX bEJ9cI/jXsd4aRXoQEiAcQKThHXr1tVFbUiHfxC44RyWeAOHTGKGIPpmKm48TwLZEBg/frxt PIdnuVwDxDRDhw7Vateubcvb+rzA8/eGG27Q4NHNCPAcaBXIQfx45pln2sS/zvEmn2NVkO8x BhNsg+RpLce6n+3Y5WyfXJ8HsMnv53FUng9W3m72g7Lb8DKJ9+F0z7Ug++HAgQP1sQLif/wt A+93+BvAOmY49/Esf/XVV1OiC4qXl/eAwYMH617A8HcU/nZAHeDtkoEESIAESIAESMAbAQp0 vPFi7MImUALVUy+WDCRQsASUy3Jp3bq1Xj+1BICor70Ktq6sGAmQAAmQAAmQQGER+O6770RN dIlaiknUEiyyYcMGUT+6i/qxW0488UTp37+/KOGB60orcZEoEYB8//33opbbglhf1MSbqC/f pXnz5qJ+1HedlzOiEgrJokWL9Lx/+ukn3U4l+tHzVRNvZnS1HIaoSRpR4iZRy3PpW+wb/9Rk X0o7lHhI1KSfrF+/XtSyGaKWGDPzzfdOkGx37dqlt5v6MUNn/Ndff4kS0YiaMBPl9UaUMCHr 6qMfKJGGqKVQ9L6kPMuImlgRNaGadZ65JgzCJjBTX/Hr/RMccawEH6JEGoI6KyFHrmb7lj7I 9vbNSA8ZBXlveDDDl6hB9E1fDGMmRU8Az0flgUJ/Lp511lkyYcIE35jgHsZze/ny5fo/tTSe KGGcKLGbqElqwXPbGXbs2CFqyUX9tPL8pj/jnXGidhzGewzqnA+eURq74vQ8jlofTWePWq5T Jk+erL9b4z05UwiiH+LvgIkTJ4pa6k6UANY0AX8X4G8atXyu/rcM/i5QS+UKxgYlGDbjxWFH iY5ELcslaukrnXccbKaNJEACJEACJBAVAngnxfMfYcSIEaJEsFExjXaQQOgEKNAJHTkLDJsA BTphE2d5JEACJEACJEACQRHApAaC8iITVBGRzjfKAp1Ig6NxJEACJEACRUEAk+65iDaLAhIr SQIFSMCrQKcAEYRSpYcfflj69u0ryluQ3HPPPaGUyUJIgARIgARIoFAIUKBTKC3JevhBgAId Pygyj0gToEAn0s1D40iABEiABEiABEjANQEKdFyjYkQSIAESIAESIAESIIEiIUCBTjgNrZYM lhdffFGefvpp6dWrVziFshQSIAESIAESKBACFOgUSEOyGr4QoEDHF4zMJMoEKNCJcuvQNhIg ARIgARIgARJwT4ACHfesGJMESIAESIAESIAESKA4CFCgE3w7r1mzRl8aFcvhff7559KqVavg C2UJJEACJEACJFBABCjQKaDGZFVyJkCBTs4ImUHUCVCgE/UWon0kQAIkQAIkQAIk4I4ABTru ODEWCZAACZAACZAACZBA8RCgQCf4tr7jjjvklltukcaNG8uCBQukRIkSwRfKEkiABEiABEig gAhQoFNAjcmq5EyAAp2cETKDqBOgQCfqLUT7SIAESIAESIAESMAdAQp03HFiLBIgARIgARIg ARIggeIhQIFOsG39ww8/6B5zNm3aJC+88IJccMEFwRbI3EmABEiABEigAAlQoFOAjcoqZU2A Ap2s0TFhXAhQoBOXlqKdJEACJEACJEACJJCeAAU66fnwKgmQAAmQAAmQAAmQQPERoEAnuDbf uHGjtG7dWiDSqV+/vr4tVapUcAUyZxIgARIgARIoUAIU6BRow7JaWRGgQCcrbEwUJwIU6MSp tWgrCZAACZAACZAACaQmQIFOaja8QgIkQAIkQAIkQAIkUJwEKNAJrt27dOkib731lpQtW1Y+ /vhjXawTXGnMmQRIgARIgAQKlwAFOoXbtqyZdwIU6HhnxhQxI0CBTswajOaSAAmQAAmQAAmQ QAoCFOikAMPTJEACJEACJEACJEACRUuAAp1gmn758uWy//77S4kSJeSZZ56Rnj17BlMQcyUB EiABEiCBIiBAgU4RNDKr6JoABTquUTFiXAlQoBPXlqPdJEACJEACJEACJGAnAIFO9erVZd26 ddKhQweZNm2aPQKPSIAESIAESIAESIAESKDICFCgE1yDjx07Vpo2bSrHH398cIUwZxIgARIg ARIoAgIU6BRBI7OKrglQoOMaFSPGlQAFOnFtOdpNAiRAAiRAAiRAAnYCFOjYefCIBEiABEiA BEiABEiABCjQYR8gARIgARIgARKIOgEKdKLeQrQvTAIU6IRJm2XlhQAFOnnBzkJJgARIgARI gARIwHcCFOj4jpQZkgAJkAAJkAAJkAAJxJwABToxb0CaTwIkQAIkQAJFQIACnSJoZFbRNQEK dFyjYsS4EqBAJ64tR7tJgARIgARIgARIwE6AAh07Dx6RAAmQAAkUNoGtW7dKmTJl9H+FXVPW jgRIIBcCFOjkQo9pSYAESIAESIAEwiBAgU4YlFlGXAhQoBOXlqKdWROgQCdrdExIAiRAAiRA AiRAApEiQIFOpJojFGN2794tpUuX9lzWX3/9JaVKlfKcjglIgARIIJ8Edu3aJY899pi89957 smDBAvnll1/0sWz//feX7t27y4ABA6RatWr5NJFlkwAJRJAABToRbBSaRAIkQAIkQAIkYCNA gY4NBw+KnAAFOkXeAYqh+hToFEMrs44kQAIkQAIkQALFQIACnWJo5b/rOGPGDOnQoYN+oly5 clK2bFnZY489pGTJklKiRAkzoqZpAkHOjh079H/btm2TmjVryqJFi6RChQpmPO6QQFQIzJo1 Sz755BOpVauWnHbaaVK1atWomEY78kjgnXfekeuvv15++OEH0wqMd3j2GaFBgwYyc+ZMinQM INySAAnoBCjQYUcgARIgARIgARKIOgEKdKLeQrQvTAIU6IRJm2XlhQAFOnnBzkJJgARIgARI gARIwHcCFOj4jjTSGT777LNy8cUXZ23j6tWrpUaNGlmnZ0ISCILAiBEjZMiQIWbWlStXFgh2 GjdubJ7jTvERmDhxopx11llmxatUqSKPP/64tG/fXg499FBZu3ateQ39Z9iwYeYxd0iABEiA Ah32ARIgARIgARIggagToEAn6i1E+8IkQIFOmLRZVl4IUKCTF+wslARIgARIgARIgAR8J0CB ju9II53hpk2bZNWqVQKPOH/++acsXLhQ7r33Xpt3CaMC8EJyySWXyH777ScVK1aUMmXKSP36 9bnMlQGI20gQ2Lp1q1SqVEmwdJs19OjRQ1566SXrKe4XEYHFixdL8+bNBWMeApaw+uyzz/Qx bO7cudKiRQsbjRNPPFGmTJliO8cDEiCB4iZAgU5xtz9rTwIkQAIkQAJxIECBThxaiTaGRYAC nbBIs5y8EaBAJ2/oWTAJkAAJkAAJkAAJ+EqAAh1fccYyMywBAzGONWDpqw0bNsiee+5pPR25 /cGDB8vXX38t/fr1k86dO0fOPhqUmUCubfj9999Lw4YNEwqCl5Tp06cnnOeJ4iBw7LHHyuzZ s83K3nffffpSVzixcuVKqV27tnkNOxhDxo4dazvHAxIggeImQIFOcbc/a08CJEACJEACcSBA gU4cWok2hkWAAp2wSLOcvBGgQCdv6FkwCZAACZAACZAACfhKgAIdX3HGMrOvvvpKjjzySJvt NWvWlN9++812LooHEGZAoIFla/r06RNFE2lTBgK5tuHOnTtln332EXjSsYb+/fvL6NGjrae4 XyQEFi1apC9hZVQX/QOiHKvg8KqrrpJHHnlEjwLPYG+++aY0atTISMItCZAACQgFOuwEJEAC JEACJEACUSdAgU7UW4j2hUmAAp0wabOsvBCgQCcv2FkoCZAACZAACZAACfhOwCrQoccJ3/HG IsNvvvlGmjZtarMVy1r9+uuvtnNRPChfvry+XBcFOlFsHXc2+dGGo0aNkptuuskscK+99hL8 zdqgQQPzHHeKh8Dzzz8vF110kVnhNm3ayMyZM81jY2fZsmWydu1aXaBYokQJ4zS3JEACJKAT oECHHYEESIAESIAESCDqBCjQiXoL0b4wCVCgEyZtlpUXAhTo5AU7CyUBEiABEiABEiAB3wlQ oOM70thlGFeBzooVK6Ru3bo6bwp0YtftdIP9bMP58+fL+++/LxUqVJAuXbrIAQccEE8otDpn Ak7BVq9eveTpp5/OOV9mQAIkUFwEKNAprvZmbUmABEiABEggjgQo0Iljq9HmoAhQoBMUWeYb GQIU6ESmKWgICZAACZAACZAACeREgAKdnPAVROK4CnTuuusuufnmm/U2oEAnnl2RbRjPdou6 1bfddpsMGzbMNHPo0KGCcwwkQAIk4IUABTpeaDEuCZAACZAACZBAPghQoJMP6iwzqgQo0Ilq y9Au3whQoOMbSmZEAiRAAiRAAiRAAnklQIFOXvFHovA4CnTQbw8++GBZunSpzpACnUh0JU9G sA094WJkDwScAh2IdYYMGeIhB0YlARIgAREKdNgLSIAESIAESIAEok6AAp2otxDtC5MABTph 0mZZeSFAgU5esLNQEiABEiABEiABEvCdAAU6viONXYZxFOi8/PLL0qNHD5M1BTomitjssA1j 01SxM5QCndg1GQ0mgUgSoEAnks1Co0iABEiABEiABCwEKNCxwOBu0ROgQKfou0DhA6BAp/Db mDUkARIgARIgARIoDgIU6BRHO6erZdwEOtOnT5fTTjtNtm/fblaLAh0TRSx22IaxaKbYGkmB TmybjoaTQKQIUKATqeagMSRAAiRAAiRAAkkIUKCTBApPFS0BCnSKtumLp+IU6BRPW7OmJEAC JEACJEAChU2AAp3Cbl83tfNToIP+tH79elm7dq1Ur15d9tlnnwQTdu/eLUuWLJFy5cpJnTp1 pESJEglxUp14++23pXv37rJlyxZblCAEOr/99pt899138uuvv8qff/4plSpVkgMPPFCOOeYY TzYbhu7YsUPWrFkjZcuWlWrVqhmnze3y5ct10dEBBxwge+yxh3k+087ixYtlxYoVsnLlStmw YYPUrFlT6tevLwcddJDstddemZJ7uq5pms7kl19+EfDZtWuX1KhRQ2rVqqX/g+2ZQtBtuGnT Jp0zGKJ/ZRPQjxcsWCBoE9SzTJkycthhh0nDhg2lcuXK2WRppgn6HjEL8nknqP5rmOnn/ea3 QMdP21DfIFn6bWu++6sfY47Rx5xbv1k58+dx/AlQoBP/NmQNSIAESIAESKDQCVCgU+gtzPp5 IUCBjhdajBtLAhToxLLZaDQJkAAJkAAJkAAJJBDA5BuEFOvWrZP27dsLPFswFBeBbAU6EDDc csstuhgHwhOIciDOQZ9CsIpmli5dKnfeead8+eWXusBj586dehyIdCAmadeunQwfPjypoAcC lDFjxsisWbNk/vz5ejrnf82aNZN69eo5T+vHLVu2lP/7v/9Lei3ZSSy9hPI+++wzweSwM9St W1cuuOACufDCC6Vx48bOy/rxuHHjBPmAi8EGIh+E/fffX5YtW6bvQ1gzaNAgmTJlin4P4iSE Jb1795bRo0frYh49ouO/P/74Qx577DF54YUX5IcffnBc/fsQXAcMGKB7HPIihPo7h/+/9/vv v8vIkSNl4sSJuhjIed04hoilV69e0rNnT10oZJwPog03b96sl4N+h3/gjHEMoiEEtBH4eAkQ Y40YMUImTZokq1evTpoUYiTUD+1WpUqVpHGMk2HdI0Z5fm2D7r9WO/2431588UWZMGGCme3C hQsT7ouuXbua142ds88+W+8nxrFz64dtYbH0w9Yo9ddcxxxnW1qP/WBlzY/7hUuAAp3CbVvW jARIgARIgAQKhQAFOoXSkqyHLwTUj3gMJFDQBD7//HP8Uq3/Gzt2bEHXlZUjARIgARIgARIg gUIm8Ndff2lqkll/r1MCnUKuKuuWgsDXX39tvtsb7/j77bdfith/n37//fcT0hnpsVUCHU15 y9GGDh2q7bnnnmZc5UFGq127tqYEI+Y5xFeeWLTJkyf/XcD/9t58801bPGsZbva7dOmSkGey E0rcoSnvPLay9t57b00tp6VdfPHF2vHHH6+VLl3adv3BBx9MlpV2zTXX2OJZ7axQoYKe5q23 3tIqVqyYMp4SgSTNWwlyNOXJx0ynRE6aEuJol19+uXbZZZdpxx57rKZEPuZ1lN2oUSNNiaSS 5pfp5BtvvKG3jbUO2FfecrRTTz1VL1t5SrKVh7ZUk/1m1kG0oRIp2cp02qcEOmb5bnaef/55 TXnHseW57777aug/aP82bdpoJUuWNK+jb6Bvb926NWX2Yd0jKQ3I8kKQ/dcwyc/7TQnwzHZx 9oN0x0pgaJhj2/ppW9As/bQ1Kv3VjzHH1qD/O/CTVbL8ea7wCJx++un62IJnAwMJkAAJkAAJ kAAJRJEAfh8w/uZRH5tE0UTaRAKhEcBXdgwkUNAEKNAp6OZl5UiABEiABEiABIqIAAU6RdTY KaqarUDn+++/16666ioNQggIeowfhYyt8vCiXXLJJeb5zp07a3PmzNGUhxPdEuVtR1MeLMzr SAexGCZRrQE/OKkla2z/1NJNtnQQpTjjGMfK6441u6T706ZN00VDhu0QYkDworw42OIrzxya WuLKVva9995ri4OD119/XU8PcUf58uVt8SHQmTt3roYtymvVqpU2c+ZMrWPHjrZ4EDVt377d ljfYqSWszHhq2S1NeeaxxcEB7DzhhBPMeChHLXmlKY89CXFTnVAeamzthzxKlSqli1KUtxpb MowjTz31lK08iLCUNyU9XhBtiHpfffXVungGdTPazti6Feigjc866yxb+m7duiUVNCnPRwlx 27Ztq6mlxWw8jIOw7hGjPL+2QfVfwz6/7zfkZ9zv2Dr7vvJ6ZLtuxFUekwyTzK3ftgXJ0m9b 891f/RxzzAb9347frJz587gwCVCgU5jtylqRAAmQAAmQQCERoECnkFqTdcmVAAU6uRJk+sgT oEAn8k1EA0mABEiABEiABEjAFQEKdFxhKuhI2Qp0rFB27NihHXzwwTaRg1pySj+Gx5zx48db o5v78LDTsGFDWzq1JJN5PdWOUxAEbz3Zhp9++skmooFnH7UsTcrsfvvtN61atWo2m+HxIVX4 6quvbJ5X4PGmSZMmenq1RJa2ceNGPWmLFi1secJbj3HNyPujjz6yxYEYBUKoZAFsW7dubYuv lqDStmzZkix6wjkIqgyxC7YQ3MyYMSMhnnFCLQVii4808+bNMy4nbP1sQ4xjRx55pK18NwId tdSaLR3afsiQIaawKMFodQJl9e3b11ZW06ZNE9rKmTbse8RZfrbHfvZf2BD0/YYyhirPRta+ 66YvhGGbnyyD5piP/hrUmBM0K/QdhsIkQIFOYbYra0UCJEACJEAChUSAAp1Cak3WJVcCFOjk SpDpI0+AAp3INxENJAESIAESIAESIAFXBCjQcYWpoCP5IdABoN69e9smxY0J8gceeCAtv5Ej R9rSHXHEEWnj46Kf4o4OHTrYyu/Vq1fG8iHIMeqHLTz4pAtYKskaH/tYBurnn382k9188822 OF27djWvGTvDhw+3xUE+F154oXE5YQuPGM7lrtyImZ599tmEcrD8TbrQrFmzhDQTJkxImcTP NkQh/fv3t5XvRpQBTyrWdoGww21wLl3kpt+EeY+4rYebeH71X5QVxv2WrUAnDNv8YhmGrWH2 1yDHnDBYubmPGCd+BChjUU24AABAAElEQVTQiV+b0WISIAESIAESKDYCFOgUW4uzvukIUKCT jg6vFQQBCnQKohlZCRIgARIgARIgARLQvUFgWSFMUrdv355EipCAXwKd6667ziZ2QJ+CRwRj maNUaCdNmmRLV7FixVRRzfN+iTueeOIJW9lYwmnlypVmOel2IMqxijtmz56dMvqhhx5qi4t0 zqWxsHwVzmHZr7vvvltbvXp1Qn7PPfdcQj533XVXQjzrCacXnTPPPNN6OWEf5RpjglG/Tp06 JcRznrAuZ4Z08BSUauknpPWrDQ074PnGsBfbTAIdLH1WpkwZMw28ImGJHbdh7dq15jJlRrmT J09OmzzMeyStIR4v+tV/w7rfshHohGWbHyzDsjWs/hrkmBMWK4+3FKPHhAAFOjFpKJpJAiRA AiRAAkVMgAKdIm58Vj2BAAU6CUh4otAIUKBTaC3K+pAACZAACZAACRQrAXrQKdaW/7vefgl0 rr/+elPsYAgW3n777b8LSrE3a9ashHQQP6QLfog7sNRTpUqVbGV37NgxXbG2a05ByMCBA23X rQdYWspggm3JkiW1FStWWKO42l+/fr1tSSZM9mPJrXThsssus5WdyUMRPPJYbcWyT+mWqjLK xiQ7+EH00qhRI+2ZZ54xLiXd+tGG1oy9ijKcHn8gMPIazjvvPBurNm3apM0izHskrSEeL/rR f8O837z2hTBty5VlmLaG1V+DGnPCZOXxlmL0mBCgQCcmDUUzSYAESIAESKCICVCgU8SNz6on EKBAJwEJTxQaAQp0Cq1FWR8SIAESIAESIIFiJUCBTrG2/N/1DlKgk0k8Aivmzp1rEzlAHJIp nR/iDucyVSgXnmvcho8//thm91lnnZUyqXNSPhdvVdu3b9dmzpyppfPYYzXkvvvus9lZv359 62XbPia04fnGKtBp0KCBLY5fB360odUWL6KMZH1u3Lhx1uxc7T/00EM2VuCGH0hThWSCh0x9 HXkls9dNulR2eD3vR/8N837z0hfAIkzbcmUZpq1h9Ncgx5wwWXm9pxg/HgQo0IlHO9FKEiAB EiABEihmAhToFHPrs+5OAhToOInwuOAIUKBTcE3KCpEACZAACZAACRQpAQp0irThLdUOSqBT q1YtSympd7MRH/gh7ujXr1+CuGLChAna7t27Xf3DUlhWIcuRRx6ZspLOSfl03nZSZuLiwrJl y7QPPvhAGz9+vDZmzBht8ODBWtu2bW12phPowOORtU7Y79Wrl4uSvUfxow2tpXoRZTjjop4Q PXkNb731VgKvUaNGpczGKXgI8h5JaUQWF/zov2Heb872zbTcWZi25coyTFvD6K9Bjjlhssri tmKSGBCgQCcGjUQTSYAESIAESKDICVCgU+QdgNW3EaBAx4aDB4VIgAKdQmxV1okESIAESIAE SKAYCVCgU4ytbq9zUAKddu3a2QtKcZQvgc4ZZ5yRIK5wilO8HNetWzdFDTXNOSn/wAMPpIzr 5cK6deu0p59+WsMkYrVq1VzVJ51AB3Y56zxy5EgvJrmOm0+BzrnnnptQz3Seb1JVasaMGQn5 XH755amia07BQ5D3SEojsrjgR/8N837zKtAJ07ZcWYZpaxj9NcgxJ0xWWdxWTBIDAhToxKCR aCIJkAAJkAAJFDkBCnSKvAOw+jYCJXCkftRiIIGCJfDFF19I69at9fqNHTtW1JdJBVtXVowE SIAESIAESIAECpnAf//7X6levbqoiX5Ry+7I9OnTC7m6rFsSAt988400bdrUdkWJJ+TXX3+1 nct0MGDAALn//vvNaB06dJBp06aZx6l25s2bJ82bN7ddVsv3SM2aNW3nrAe1a9cW5cHGPPX4 449Lnz59zGM3O61atZIvv/zSFhVlVq1a1XbOzUHp0qX1+0dNNieNrpaJEvXDmXnt1VdflXPO Occ89rrz+++/y5AhQ0SJc2TXrl225Morixx99NFy1FFHCdpx0qRJojy9mHGUQEcWL15sHlt3 brrpJlEeYKynRC3jJH379rWd8+PAjza02nHbbbfJsGHDzFPKa4q88MIL5rF1R3kVklmzZllP yZIlS+TAAw+0nct08NVXX4nynGSL1rlzZ3nvvfds54yDMO8Ro0w/tn703zDvNy99AXzCtC1X lmHaGkZ/DXLMCZOVH/cZ84geASXyksmTJ0vlypVl/fr10TOQFpEACZAACZAACRQ9gR9//FHU RwA6hxEjRojyolv0TAigiAnY5Do8IIECJEAPOgXYqKwSCZAACZAACZBAURKgB52ibHZbpYPy oKMEOrZyUh3ky4OO+uAgwfuJEq6kMjOn806vGVgaKdswbtw4be+9906wXYlytDfeeENTojtb 1g8++KAtbjoPOmpC3hZX/ayjKYGOLT+/DvLpQUeJlxLquWDBAs9VUx+uJORz5plnpszH6ZEk yHskpRFZXPCj/4Z5v3n1oBOmbbmyDNPWMPprkGNOmKyyuK2YJAYE6EEnBo1EE0mABEiABEig yAnQg06RdwBW30aAS1zZcPCgEAlQoFOIrco6kQAJkAAJkAAJFCMBCnSKsdXtdS5kgc7s2bO1 0aNHax9++KG90uoo2TJHn332WUI8P07kOilv2DBmzBitRIkSNlHIQQcdpCnPV0aUhK0XgQ5Y QZRj/Td8+PCEPP044Vagk64NrXZ4EWUkW/pm5syZ1uxc7U+dOtXGCty6deuWMm0YgoeUhedw wY/+G+b95qUvAEuYtuXKMkxbw+ivQY45YbLK4fZi0ggToEAnwo1D00iABEiABEiABHQCFOiw I5DA3wQo0PmbBfcKlAAFOgXasKwWCZAACZAACZBA0RGgQKfomjyhwoUs0Ln11lt1AYVaoimh 3jfccEOCuEItPZUQz48TuU7KwwZ4eClZsqTNZrUcl4Yf5NIFLwIdtRyWLX8ITnr37p0u+6yv uRXopGtDa+FeRBlXX311Qj2z8Wr02muvJeSDvFOFMAQPqcrO5bwf/TfM+81LXwCXMG3LlWWY tobRX4Mcc8Jklcv9xbTRJUCBTnTbhpaRAAmQAAmQAAn8fwIU6LAnkMDfBCjQ+ZsF9wqUAAU6 BdqwrBYJkAAJkAAJkEDREaBAp+iaPKHCxSrQee+99xLEFVhuJZvw+++/a5s3b06ZNNdJeWTc pUuXBHs/+eSTlGUaF+655x5bOusSV6tXr9b+8Y9/aCNHjtSj//rrr1qpUqVs8eGhJ5uwc+fO hOW2rPnkU6Dz4osv2uoIIRK8E3kNo0aNSshn4sSJKbMJQ/CQsvAcLvjRf8O837wKdMK0LVeW YdoaRn8NcswJk1UOtxeTRpgABToRbhyaRgIkQAIkQAIkoBOgQIcdgQT+JkCBzt8suFegBCjQ KdCGZbVIgARIgARIgASKjgAFOkXX5AkVjqNAp3bt2jZhxKOPPppQL5wYOHCgHq9fv34J19H3 999/f1s+jRo1SoiX6cScOXP0ZaeOPPLIlFFznZSHrXvuuafN1gYNGqQsz3qhR48etnRWgc6S JUv0axUqVDCTGBOS1mWu5s6da153s/PNN99opUuX1lq2bJkyuh9taM3ciyhj27ZtWuXKlW1c IFTyGk499VRbHnvttZeGvFOFMAQPqcrO5Xyu/Rdlh3m/eekLYduWK8swOYbVX4Mac8Jklcv9 xbTRJWD0TTwvGEiABEiABEiABEggigQo0Iliq9CmfBGgQCdf5FluaAQo0AkNNQsiARIgARIg ARIggUAJYAKrSpUq+iRz+/btAy2LmUeTQBwFOk2bNrUJI+66666kcM8991w93vDhw5Ned3qX gShl8uTJSeOmOtmtWze9jDZt2qSKouU6Kf/LL7/Y6gs7e/bsmbI864V69erZ0mYS6Lz99tu2 +CirVatWusDCmm+6fSyLhXTNmzdPGc2vNjQK8CrKGDRokK2eZcuW1VatWmVkl3G7bNkyrUyZ MrY8HnnkkbTpwhI8pDUii4u59l+jyLDuN699AfaFZZsfLMOyNaz+GuSYExYro49zW1gEKNAp rPZkbUiABEiABEigEAlQoFOIrco6ZUuAAp1syRV5Orj2xY98mCSJeqBAJ+otRPtIgARIgARI gARIwB0Bq0CnXbt27hIxVkERmD9/vk1kAGFFzZo1Pdfx2muvteXjtj99+eWXtnQoH38bpQuG KAZx8a979+5Jozdu3Fi/jiWNkoXdu3drxxxzjK18TKCvX78+WfSEcxDzlChRQk+fTpxxyCGH 2Mp44403EvJKdwJeWZwedLDkVabw1Vdf2coFqzp16pjJDHGW0zvA+eefn5Du4YcfNtOl25k5 c6ZWsmRJPX26NH61oWHL4MGDbTajDunCli1bEoRTED3997//TZfMvIa4Rv/D1k17hHmPmIb6 sJNr/zVMCOt+c/YFeJHKFMKyzQ+WYdkaZn8NaswJi1Wm/sXr8SRAgU48241WkwAJkAAJkEAx EaBAp5ham3XNRIACnUyEeF0nMG/ePO2KK67Q8KWl1b02vtzDD8lwsf3OO+9EkhYFOpFsFhpF AiRAAiRAAiRAAp4JUKDjGVnBJXjrrbdsQgOIDfbYYw8NAgYv4bzzzrPl43YJpjfffNOWDuVn WlJp1KhRtjTwAvXHH3/YzP3444/NON9++63tmvVg8eLFWrVq1cy4KL9Dhw7ahg0brNES9sHN +DvuhBNOSPmhBQQfe++9ty3/xx57LCG/TCc6depky6NcuXIaBDapwm+//ZawhBfqBkHRypUr 9WQvvPCCnueJJ55oywZ1P/DAA23lVapUKaN3ISxtdcABB+jpWrRokZIJCvOzDZHfpZdearP3 lFNOwem0AeIwLEsFLsa/Cy+8UNu1a1fadHfeeacZH+lq1aqV0P+SZRDmPZKs/GzO+dV/jbKD vt9QjrMvuPUOF7RtfrIM2lZwDLO/BjnmhMEKvBgKjwAFOoXXpqwRCZAACZAACRQaAQp0Cq1F WZ9cCFCgkwu9Ikj7+++/a5dddpn5VSF+0Ntnn320o446SmvYsKFWunRp2499+GETP/5GKVCg E6XWoC0kQAIkQAIkQAIkkD0BCnSyZxfXlBCrfPbZZ9oHH3ygjRkzRjvooINsf38YQgUIQuB5 5sMPP9QgZIA3FqtwYdOmTdqcOXO0WbNmaQ8++KAu6jHSGtsbb7xRT494q1evNpFByIG/KV57 7TXNudQR0h5//PHapEmTtC+++EJbuHChmc7Y2bhxoymOMcrCclawCQGeSY2lZE499VQjWcot ftRyClIgNHn99ddtdUYGK1as0K688kqT2b777qthCSprQBwwmzp1qtanTx8zrmHrfvvtp40e PVpvA3AAj0wBPEqVKmXLC8tXwWONM7z77rv6Rx8oD/VwChYgQMKyYLADce644w5nFroXo2bN mtnKQ1x4jlmzZo0t/tq1a7WxY8eaXn4qVqyowTNTupBrG0JABiHXJ598osFTT/ny5W224u9q LG8DoRbaIpVnHPTNGjVq2NJC3LNgwQKb+Tt37tT77BlnnGGLe/DBB+vnbZH/d5DPeySZPW7P BdF/rWX7fb9l6gvot/3799ewlBL6C/om+l+y4LdtQbL029Z891d4TgtqzPGbVbK+w3OFR4AC ncJrU9aIBEiABEiABAqNAN5z8fcO/o0YMaLQqsf6kIAnAhToeMJVXJH/85//mD8k44tH/LC7 aNEiG4QdO3Zo06ZN0wU7xsCK7eOPP26Ll88DCnTySZ9lkwAJkAAJkAAJkIB/BCjQ8Y9lHHJK 5i3H+jdHpn2ryOb99983fwjKlA7X4THFCE6PNenSH3HEEUYy2xbLRMHTjzUt/sY6+uijTa8o FSpUyOiNx8gUHmcuuuiiBBFM9erVtZNPPllfRgsfVVjLw/lVq1YZWZjba665xhbPmibZPux0 E+DxxvlBB/KDoKlfv366h1ar4OnQQw/V4D0CP9oZy045y8eSOxARJAuYsO/Vq1dCmfDCAwFU 586dEwReWB7t008/TZZdwrlc2hBCC2dd0h1DYJMqLF26VMMySE5GjRo10jBBi2XQnEuMlSlT Rrv55ps1LD+WKuT7HkllV6bzQfVfa7l+3m9e+wL6CZanSxX8tC1oln7aGoX+GuSY4yerVH2H 5wuLAAU6hdWerA0JkAAJkAAJFCIBCnQKsVVZp2wJlEBC9Qc/AwnYCKgfGqRly5by448/ivrR UtSXfKJ+MLXFsR6oL/zkgQcekIEDB+qn1deS8u9//1vOPPNMa7S87KsvWaV169Z62epLSVE/ BufFDhZKAiRAAiRAAiRAAiSQGwG8cyoBgqxbt07atWsnyltKbhkydaQJPPvss9K7d29R3kZE iVlELa8rSmgg+FtDiS5M2/En7e7du0WJGmT79u2iRAj6VolRRHkb0eNNmTJFlKcRPS8lMNHz M/JBevQtpN26dasoDxdy++23yw033KCnVUtCifJqoqeFLbBBiSP0a0inPPXoaZC2a9euMn78 eNM2647y3iMDBgwQ/H3iDMo7jChBkihRjfNS2mP8vaa+PJNXX31Vr3+yyPvvv7/+dxr+DrJy M+I++uijoibmzfopcYeNsVFHcAUb1H3z5s1G8rRb5WVCnnjiCXnyyScF+8mCWlJL1HLKojwY iVr+S4+C+vTt21eU9xv9GMyVdyFRy22J8gKULBvznBKwiPK4I+g/6oMS87x1R4mu5J///KcM HTpU1HJY1ktp97NtQyUCkrZt25qM0Y+UeElvD/A1+i/4gi3sRp3The+++05uu+02Ucuupawn 2lJ5lxLldUiaNGmSLjuJwj2S1sAUF4Psv84i/bjfnH0BYxv6gjGmGOOZdTxS4jA57bTTnObY jv2wLSyWftgapf4a5JjjBytbR+FBwRJQHtNEiflELWcp69evL9h6smIkQAIkQAIkQALxJYB3 W/XxjF4B/I4xePDg+FaGlpNAjgQo0MkRYKEmP+ecc2TChAn6D4j4MVp9jeeqqsrLjuBHHQTl KlxWrlwpe+21l6u0QUUKSqCjvuAW5TpfmjdvHpTpzJcESIAESIAESIAESMBCABPZFOhYgHA3 lgTwoxQm6ZWHH110pDye6MKcTIKMdJWFwGPJkiXy/fff6x9ZYJK/du3a+kcW+HslmTAnXX5+ X4N9arkyWb58uf4PIrtatWqJWnJJ1DIxApGOM0Ckopb30U/jRzy11LIzStpjCKfARH2lJ8oT rODvNwih1FJbojwX6aKItBmkuRhEG6YpLu0l1AsCAbQ96opjiJjq1q0r6FsQgDD4SyDK91uU bXO2Qpxsddqe7DjIMafQWCXjx3O5EaBAJzd+TE0CJEACJEACJBA8AQp0gmfMEuJDgAKd+LRV aJbiK0VMfCDgKy18geE24KtVfKGJH5sRnnnmGbn44ov1/Xz957dABz94vvTSSzJy5Ej9y8xu 3brlq2oslwRIgARIgARIgASKigAFOkXV3KwsCZAACZAACZAACZCACwIU6LiAxCgkQAIkQAIk QAJ5JUCBTl7xs/CIEaBAJ2INEgVz4CLbWJpq2LBhMmTIEE9mnX322fryVkg0aNAgufvuuz2l 9zuyXwIdCHPGjRun1wcPkqZNm+pfdOb7a1S/eTE/EiABEiABEiABEogqAQp0otoytIsESIAE SIAESIAESCBfBCjQyRd5lksCJEACJEACJOCWAAU6bkkxXjEQoECnGFrZYx1vvPFGU1Rz/vnn y4svvugph1tuuUVf4x6JevfuLU899ZSn9H5HzlWgY/WYgweIEV5//XWh9xyDBrckQAIkQAIk QAIkEDwBCnSCZ8wSSIAESIAESIAESIAE4kWAAp14tRetJQESIAESIIFiJECBTjG2OuucigAF OqnIFPH5Cy+80BTllCpVSmbMmCHHHnusayIQ9YwfP16Pf88998jAgQNdpw0iYrYCnVTCHNhY unRpwXJe9J4TRIsxTxIgARIgARIgARJIToACneRceJYESIAESIAESIAESKB4CVCgU7xtz5qT AAmQAAmQQFwIUKATl5ainWEQoEAnDMoxK2P48OEydOhQ0+ry5cvLa6+9Jqeeeqp5LtXOpk2b 5OCDD5Y//vhDjwJxT9u2bVNFD+W8V4FOOmGOYTC95xgkuCUBEiABEiABEiCB8AhQoBMea5ZE AiRAAiRAAiRAAiQQDwIU6MSjnWglCZAACZAACRQzAQp0irn1WXcnAQp0nER4LJMmTUpYugke Y66//noZMmSIVKhQISUlxHnggQf063Xr1hUMuHvuuWfK+GFccCvQcSPMgb3NmjWTefPm0XtO GI3HMkiABEiABEiABEjAQoACHQsM7pIACZAACZAACZAACZCAIkCBDrsBCZAACZAACZBA1AlQ oBP1FqJ9YRKgQCdM2jEpa/369boXnHXr1iVYXKdOHbnvvvvk3HPPTbj27LPPyiWXXCIQumDp pylTpkinTp0S4oV9IpNAx60wx7Cb3nMMEtySAAmQAAmQAAmQQLgEKNAJlzdLIwESIAESIAES IAESiD4BCnSi30a0kARIgARIgASKnQAFOsXeA1h/KwEKdKw0uG8SePzxx+Xyyy83j507HTt2 lIceekgaNGggmCiB15xBgwaJpml6VHjaGTZsmDNZXo5TCXS8CnNgPL3n5KUJWSgJkAAJkAAJ kAAJ6AQo0GFHIAESIAESIAESIAESIAE7AQp07Dx4RAIkQAIkQAIkED0CFOhEr01oUf4IUKCT P/aRLhmTH+3bt5cZM2aktLNMmTLSs2dP+frrr+XLL7/U4+Hcww8/LJdeemnKdGFfcAp0rrzy SnnppZdk5MiR+hJcXuyh9xwvtBiXBEiABEiABEiABPwlQIGOvzyZGwmQAAmQAAmQAAmQQPwJ UKAT/zZkDUiABEiABEig0AlQoFPoLcz6eSFAgY4XWkUWd8OGDfpSVlOnTnVV8zZt2siDDz4o Rx11lKv4YUWyCnT++c9/yueff+5ZmANb6T0nrBZjOSRAAiRAAiRAAiSQnAAEOjVq1JC1a9dK u3bt5MMPP0wekWdJgARIgARIgARIgARIoEgIUKBTJA3NapIACZAACZBAjAlQoBPjxqPpvhOg QMd3pIWVIZaseuSRR+Tmm2+WTZs2pa1c9+7d/x979wE2NZW2cfx56YIKKiCIiGKj2LCxIs22 WBGwK66iawVlFbEtgooNRVRYu2vv8CmKFRVpdrHhigqKgNKkKArS3Hx5siZOpmcmyWQy/1wX O5nk5OSc38m8vsvcnGMFdDbffPOs5cI++e6778o+++xT9G21jmbNmhVdDxUggAACCCCAAAII FCagv5uOGzdO1q5dK40aNZIuXboUVhFXIYAAAggggAACCCAQE4G33npLFixYIDqz+ZFHHhmT XtENBBBAAAEEEIiLQI8ePWSvvfaSHXfc0erS0KFDZdCgQXHpHv1AwLMAAR3PZJV3weLFi+W0 006TF198MWfnGzRoIDfffLNVPmfhEAp88803cuCBB8p3330Xwt24BQIIIIAAAggggAACCCCA AAIIIIAAAggggAACCCCAAAIIIICAClx66aXSp08fAjo8Dgj8IUBAh0cho4D+y+QRI0bIdddd J7/88otVrmHDhqL/clmXFci2HXroofLII4/Ipptumq1YKOeefPJJOeGEE4q+V+3ataWqqqro eqgAAQQQQAABBBBAoHCBNWvWWL+PVqtWTWrVqlV4RVyJAAIIIIAAAggggEAMBPTvcHUpWP17 S/37SzYEEEAAAQQQQCBKAhdddJGcfPLJBHSiNCi0paQCBHRKyh/dm//666/Ss2dPef31161G 1qhRQy6++GL55z//aX0Rcuutt8qVV14pK1euzNiJXXbZRd577z2pU6dOxjJhnHj//felffv2 1q123313+eSTT6z/0+r13kcffbSMHj3a62WURwABBBBAAAEEEPBJQL94aNy4sRUW79q1q7z5 5ps+1Uw1CCCAAAIIIIAAAgiUp8ARRxwhL7zwgujM5suXLy/PTtBqBBBAAAEEEIi1wNdff01A J9YjTOe8CBDQ8aJVIWX1/8gdcsghVrhGu6z/8uLpp5+W7t27uwTmzZsn559/vowdO9Z1PPHN gAEDZPjw4YmHQt9PDOiMGjVK9ttvP7n66qtlzJgxnoI6+q+0Ndyz8847h94HbogAAggggAAC CCAg1u9uBHR4EhBAAAEEEEAAAQQQ+FOAgM6fFuwhgAACCCCAQDQFCOhEc1xoVWkECOiUxj3S dz311FPloYcestqoM+e89NJLctBBB2Vs87hx4+S8886TOXPmpJTRUMsHH3wgOnNNqbbkgE6/ fv2spvznP//xHNRhFp1SjSL3RQABBBBAAAEECOjwDCCAAAIIIIAAAgggkCxAQCdZhPcIIIAA AgggEDUBAjpRGxHaU0oBAjql1I/gvT/99FMrTKPLB+h2wQUXyIgRI3K2VJe6Gjx4cNqyZ555 ptx999056wiqQKaAjn0/L0EdZtGx1XhFAAEEEEAAAQTCF2CJq/DNuSMCCCCAAAIIIIBAtAUI 6ER7fGgdAggggAACCIgQ0OEpQOBPAQI6f1qwZwr07NnTWbKqUaNGMnPmTKlfv37eNo8//ric dtppsmbNGuea5s2by9y5c533Ye/kCujY7ck3qMMsOrYYrwgggAACCCCAQLgCBHTC9eZuCCCA AAIIIIAAAtEXIKAT/TGihQgggAACCFS6AAGdSn8C6H+iAAGdRA32pVmzZjJ//nxL4vTTT5f7 7rvPs8pzzz0nPXr0cK7TWWdWr14tNWvWdI6FuZNvQMduU66gTlVVlehMQzvvvLN9Ca8IIIAA AggggAACIQgkBnS6dOkiEydODOGu3AIBBBBAAAEEEEAAgegKENCJ7tjQMgQQQAABBBD4nwAB HZ4EBP4UIKDzp0XF761YscI1W87IkSPlvPPOK8jl4IMPlldffdW5dtGiRdK4cWPnfZg7XgM6 dtuyBXU0nPPZZ5/ZRXlFAAEEEEAAAQQQCEGAgE4IyNwCAQQQQAABBBBAoKwECOiU1XDRWAQQ QAABBCpSgIBORQ47nc4gQEAnA0wlHp43b55stdVWTtfvv/9+6dOnj/Pey86IESNkwIAB1iU6 g44ueVWjRg0vVfhWttCAjt2ATEEdDegwi46txCsCCCCAAAIIIBC8AAGd4I25AwIIIIAAAggg gEB5CRDQKa/xorUIIIAAAghUogABnUocdfqcSYCATiaZCjy+bt06qVOnjugXH7qde+65cvvt txckMXz4cBk4cKB1rYZ+5syZU1A9flxUbEDHboMGdXr37i2ffPKJdejoo4+W0aNH26d5RQAB BBBAAAEEEAhYgIBOwMBUjwACCCCAAAIIIFB2AgR0ym7IaDACCCCAAAIVJ0BAp+KGnA5nESCg kwWnEk+1bt1avvzyS6vrbdu2lc8//7wghsMPP1xefPFF69rzzz9fbrvttoLq8eMivwI6dlvs GXWeeeYZ+eijj5hFx4aJ8athGKIBtlq1auXdy/Xr11tlC5k5Sr981Jmnsm3aHq27qqoqW7GC z2kblixZIkuXLnX+LFu2zNnv3LmzHHLIIQXX7+eFOj6JbU1sp7Z/6623ljPPPNPPW1JXjAV+ //131/Okz1DiM3XSSSfxcz9h/PFKwGA3FAECOqEwcxMEEEAAAQQQQACBMhIgoFNGg0VTEUAA AQQQqFABAjoVOvB0O60AAZ20LJV78MYbb5RLLrnEAdD39kw4zsEcO7Nnz7a+vFy5cqU1I8+0 adOkTZs2Oa4K7rTfAR27pRrU0WWuTjjhBPsQrzEV+PDDD2WvvfaS6tWrS926dWWDDTaw9jVE Ywdk9EtqDc2sXr3a+qMBHf3s6GfIyzZ48GAZOnSo1K5dW+rVq2e96n1103usXbtWVq1aJb/9 9psVpttxxx29VJ932bffflv23XffjOU1pPDoo49mPJ94YurUqfLWW29J06ZN5bDDDpPNNtss 8XTR+1988YVooDDTpoHBcePGZTodm+NBO8cGKkdHxo8fL926dctY6uyzz5Y777wz4/lKO4FX pY146ftLQKf0Y0ALEEAAAQQQQAABBKIlQEAnWuNBaxBAAAEEEEAgVYCATqoJRypXgIBO5Y59 2p7/8ssvojNj2Ms4aTDg1VdflQMOOCBt+eSDCxYskI4dO8q3335rnXrggQfk1FNPTS4W6vug AjqhdoKblVRg1qxZVshMAzhetkICOvpZmzBhQl630dmuoh7Q0bCRho7srUGDBqJBkmyBGrts vq8EdMQKdQXtnO94lHs5AifeRhAvb16ULl6AgE7xhtSAAAIIIIAAAgggEC8BAjrxGk96gwAC CCCAQBwFCOjEcVTpU6ECBHQKlYvxdYsWLbJmzvjmm2+sXtapU0cGDBggl112mTWjR7qu6xIz uqTVRRddJF999ZVV5JxzzpE77rgjXfFQjxHQCZU7tjebO3euLF++XObMmSMPPvigPPvss2n7 2qdPHzn66KNlyy23tGaMadSoUdpymQ7qjFPz5s2T++67z1kmLrGs1t2zZ08rMKQzU3lZdiux nlz7OkOP/sK0YsUKeeONN6wAiH4pam/5zKCjM/3Ur19f7OW+7Gt11qnHH3/cflv0q84qpGEl DRhOnjxZrrzySmumIbviuM+gE5az7Rn3V539TUN5P//8s7zyyity/fXXu7rMDDouDsHL7cG7 4AUI6ARvzB0QQAABBBBAAAEEykuAgE55jRetRQABBBBAoBIFCOhU4qjT50wCBHQyyVT4cQ3n 6EweGkawN12e5qyzzpJddtnFCgfoEjxabsaMGXLvvfdayz1pWZ11R7/AvOWWW6RmzZr25SV7 JaBTMvpY3/jggw+2ZpdK7OSGG25oBVrsZa8SzxWy36tXLycItNFGG1n7+c5mVcj9sl1z7LHH yujRo50i+QR0NDTTunVr5xp7Z7/99st7liD7Gi+vZ5xxhhVwsq+JckBn0KBB8umnn0q/fv2y Lqtk9yXda6mc07UljscOOeQQK6hj942Aji2R/hWv9C4c9U+AgI5/ltSEAAIIIIAAAgggEA8B AjrxGEd6gQACCCCAQJwFCOjEeXTpm1cBAjpexSqovM5KoTOFDBs2zFmyKlf3u3XrJiNGjLAC PLnKhnWegE5Y0pV1nw8//FD22muvlE6/9tprcuCBB6YcL+TA8OHDRZfJ0u2ee+4RDZ6Uarv0 0kutnwX2/fMJ6OjPkE022UR0hpfErX///nLrrbcmHvJ1X2c8ufzyy506oxzQ0QCTBmyKGd9S OTvAMd/p27evazY4AjrZBxyv7D6cLV6AgE7xhtSAAAIIIIAAAgggEC8BAjrxGk96gwACCCCA QBwFCOjEcVTpU6ECBHQKlaug63R5Gp0545133pGZM2daf7777jtrdpxWrVpJ27ZtrT8dOnSQ Ll26RE6GgE7khiQ2DdKAjgZ1EjddfuqZZ55JPFTwvl1/p06drKWbCq7Ihwt12airrrrKqSmf gI4W1oCfhnvsTWcC0s+k/uwIatPZuy688EKn+igHdOrWrSu6nFgxAR3taCmcHeCY7+gSjxo8 tTcCOrZE+le80rtw1D8BAjr+WVITAggggAACCCCAQDwECOjEYxzpBQIIIIAAAnEWIKAT59Gl b14FCOh4FaO8JfD777+LLuNTrVq1yIsQ0In8EJVtA++//345/fTTXe2vUaOGaICtWbNmruNe 3yTO0DNmzBg56qijvFbha/lCAzraiI8//thaDqxevXrSvXt3adGiha9tS66sXAI633//vTRv 3txqfrEBHa0kbOdk97i+J3DibWTx8uZFae8CBHS8m3EFAggggAACCCCAQLwFCOjEe3zpHQII IIAAAnEQIKATh1GkD34JENDxS5J6IitAQCeyQ1P2DdOlmzSI89NPP7n6MmTIENFASzGbBn80 ALTFFlvInDlzRIM/pdyKCeiE3e5yCejccMMNctlll1k8fgR0wnaulPsROPE20nh586K0dwEC Ot7NuAIBBBBAAAEEEEAg3gIEdOI9vvQOAQQQQACBOAgQ0InDKNIHvwQI6PglST2RFSCgE9mh iUXD+vfvLyNHjnT1pdhQjQZ+NPijAaDBgwe7lpZy3SjENwR0/MXWL5i32247mT17tlUxAR1/ ff2sjcCJN028vHlR2rsAAR3vZlyBAAIIIIAAAgggEG8BAjrxHl96hwACCCCAQBwECOjEYRTp g18CBHT8kqSeyAoQ0Ins0MSiYTNmzJA2bdqk9KWYZak08KPBn+rVq1vLZW255ZYp9Yd9gICO v+JPPvmknHDCCU6lBHQcisjtEDjxNiR4efOitHcBDehsvvnmsmTJEunSpYtMnDjReyVcgQAC CCCAAAIIIIBAjAQI6MRoMOkKAggggAACMRUgoBPTgaVbBQkQ0CmIjYvKSYCATjmNVnm2db/9 9kv5gvCAAw6Q119/vaAOaeBHgz89evSQZ599tqA6/L6IgI5/ohMmTJDDDjtMVq9e7VRKQMeh iNwOgRNvQ4KXNy9KexcgoOPdjCsQQAABBBBAAAEE4i1AQCfe40vvEEAAAQQQiIMAAZ04jCJ9 8EuAgI5fktQTWQECOpEdmtg07KmnnpLjjz/e1Z+qqir58ssvZYcddnAdz/Vm0qRJ0rVrV6vY q6++Kn/9619zXeKcnzVrlnz//fcyf/580WWymjRpIttuu620bNlSNtpoI6dcITt+BHRWrFhh zXhQq1YtKWZWIA22LFiwQNasWWMtE1WjRg1Xl2655Ra58MILnWOHH364jBs3znmf704Qni++ +KIcd9xxsnLlSlcz/AzoFOusX35Pnz5d5s2bZznXrFlTdtxxR2ndurU0aNDA1W6vb7Tu5cuX y9KlS6VRo0ayySabpFSxfv16+fbbb2WDDTawnhP9LJVyyzdwos/jd999J3Xr1vW13UE8h4me upTetGnTZNGiRdbY6Lmtt97a+rnRokUL0c/X2rVr5bHHHpM999xTdt5558TLU/ZL7ZXSIA7E ToCATuyGlA4hgAACCCCAAAIIFClAQKdIQC5HAAEEEEAAgcAFCOgETswNyknAYEMg5gLvvfee YX4mrT+jRo2KeW/pXikEzC/mDXO5Dec5s5+3Cy64wHNzzPCGVc92221nmF9C5rx+8eLFxtCh Qw0zQJFyf7sd+mqGfgwzpJJXneluOmTIEFf9J510Urpi1jEzIGL07NnT6Ny5s9G2bVvLxgx5 ONdnuzZTpWZwyTjzzDON5s2bO/Vov+rUqWPsvffexjnnnGO8++671uUjRoxwlTEDOpmqTTke hOfMmTON8847z2jXrp2rXYnjs9tuuxnmjElp/1x77bUp7dQDfjub4S7jrLPOSvss221t2rSp cemllxpmwCZtmxIPfvbZZ4b5l4RGhw4dDDOoZmy22WZGtWrVHAMzlOQUNwM5xhlnnGGogxng csqYIR1jp512Mvr162csW7bMKR/mjhn2ctqjDmeffbZzezM8Y/Tp08fQz6u5JJ1TTtttBlkK bncQz6HT6D92Xn75ZcOc6ctI/Gza42y/6s+1QYMGGR07drT61r179+RqUt6XwiulERyItcDv v/9uNGzY0HomzSWuYt1XOocAAggggAACCCCAQD4C+vce+v/jzH9Uk09xyiCAAAIIIIAAAqEL fPXVV87fn+t3WmwIVLKAVHLn6XtlCBDQqYxxLnUvL7/8cueXC/vLbXN2EMOcnSLvpi1cuND5 svymm27KeZ3+QrPNNts499VQgAZxNGShYRYNRiSGHbRd5vJZxuzZs3PWnVzAS0Dnxx9/dNpk WyS+egnoaFChd+/eKfXVr1/fCiVp6MOuWwMSV111laF29jF9zTegE5Tn888/72pPYtvy2c8U ivDT+ZFHHrH+Ii+xPRrO0HufeuqpVkAjMVyz8cYbG/pMZHu+zRmgsvZbAzrmbDlWPRq0su9d u3Zto1mzZoY5c45zTM81btzYeOGFF5IfzcDfpwucaEDAnCnGMGeXcdroV7uDeg5tKDXXUJHt ra/77ruv9TNDw2A333yzoX1u1aqVq4yWM2f0sqvJ+Bq2V8aGcCK2AgR0Yju0dAwBBBBAAAEE EECgQAECOgXCcRkCCCCAAAIIhCZAQCc0am5UBgIEdMpgkGhicQIEdIrz4+r8BDT0khhgsL/8 vv/++/OrwCx13XXXWV+Ia1hhyZIlWa9bt26dYS5h5XyBroGVX3/9NeWaGTNmGDrDgN0efTWX vDJ0thQvm4YxEuvIFrLRduiMMRrs0HslXqf72a5NbNMDDzxgzbqSeL3OMKSf6cTNXJ7HOOWU U1LuY1+XT0AnSE/9xdNcIsz1x1xyzNVeDVMll7Hff/zxx4nddfb9cNYAVK9evVxt0dmP0oW4 5syZk1K2U6dOhrmcmtOmxB1ziTfj3HPPtcZ7iy22cN1Dx+buu+82Tj/9dOd4t27djA8//NDQ sdDNXArLOProo53zes2mm24a+kw6yYGTv//974a5pJ3TLj/bHeRzaI9N4gxTOsvPO++8Y59K edWwTmJQqpCATpBeKQ3mQEUIENCpiGGmkwgggAACCCCAAAIeBAjoeMCiKAIIIIAAAgiURICA TknYuWlEBQjoRHRgaJZ/AgR0/LOkpuwChx12mPOlvR0O2WuvvbJf9MdZ/cJx6623tq7/29/+ lvOaiRMnptxLAw/pNp0xo3379q7yuiTWypUr0xVPe8xLQCexAu1X8tJO+QR0kmfBUc9c0x6O GTPGqFevnqufel0+AZ2wPZMDK4nLPSX65btfiPPatWtdY6NBjMGDB2ddBk3v07dvX5fxrrvu avz8889Zm6rLwOkyUPbnQl/t511nnnniiSfSXq/PbuvWrV3X6cw1YW7JAR27D9narU6FtDvo 53DevHlG3bp1LU/9rOjSYrm2++67z/EvJKATpFeutnM+ngL6+WKJq3iOLb1CAAEEEEAAAQQQ KEyAgE5hblyFAAIIIIAAAuEJENAJz5o7RV+AgE70x4gWFilAQKdIQC7PW0CX37G/jE581VlB cm2J12ab0cKu5+qrr065ly4FlWnT2UySl7vyEgopNKCj7enfv7+rrbkCOuqV2FYNjtx+++2Z uuY6/tRTT7nupeOQT0AnbE+/AzqFOOsMPYnPqY5xvtv555/vulaXTMq1nXbaaa5r7Hvfcsst WS+95pprXNftsssuWcv7fTJTQCeIdgf9HD788MOO5d57750X1X//+19nKb1iAjpBeOXVAQrF ToCATuyGlA4hgAACCCCAAAIIFClAQKdIQC5HAAEEEEAAgcAFCOgETswNykiAgE4ZDRZNLUyA gE5hblzlXUC/NGzRooXzBbgdQNBgQq7N/suU3XbbLVdR63ziF+32fW644Yas1ybPonPkkUdm LZ94spiAjs7KYrdRX7MFdH755Rdj++23d5Xv3r17YlNy7usSTYn3yyegE7ZnEAEdL866bFbN mjUdJ52NQu3z3ZYuXZoyW5GGzLJtF1xwgXM/e3x0eSgNgGTbxo4d67puww03zFbc93PpAjr5 tPu5555ztVuXNcu1Bf0cXnLJJU6bNt54Y0OXOMtnu/jii63rCg3oBOWVT9spEz8BAjrxG1N6 hAACCCCAAAIIIFCcgP13Sg0aNCiuIq5GAAEEEEAAAQQCEiCgExAs1ZalAAGdshw2Gu1FgICO Fy3KFitw7bXXOl+A2yEEXVJm+fLlGav+7rvvjGrVqlnXZVqmKvlirS9x6agddtjBWLBgQXIx 1/szzzzT1TYvM5EUE9Dxcm2/fv1cbVTD8ePHu/qR680555zjqiOfgE7YnkEEdLw4axDMfj71 9fTTT8/FmnL++OOPd9XRsWPHlDKJB9IFXV588cXEImn3p06d6rqPtlcDQmFtYbY76Ocw+RnZ Y489jA8++CAn5QMPPGCNQa9evXKWDdMrZ2MoEEsBAjqxHFY6hQACCCCAAAIIIFCEAAGdIvC4 FAEEEEAAAQRCESCgEwozNykTAQI6ZTJQNLNwAQI6hdtxpXcBDckkzkxihyBuvfXWjJVdfvnl 1pffOqPFr7/+mrFc8onVq1cbU6ZMMfJZEkuvvfnmm11Bh2233Ta5yozvk7/YzzYLTnIl+V67 du1aQ/+1l22mrzqbTq4ZVpLvV0hAR+sI07OUAZ1p06a5jNX5wQcfTGbM+f5f//pXSj36S3am LV1wI1eoTOtK1958rsvUDq/Hw253kM/hq6++mjJmOv5HHHGE8cQTTxifffaZoZ/D5G3dunXG Sy+9ZCxcuDD5VMr7sL1SGsCB2AsQ0In9ENNBBBBAAAEEEEAAAY8CBHQ8glEcAQQQQAABBEIX IKATOjk3jLBAlbbN/HKGDYHYCrz//vtiLu1j9W/UqFFiztAR277SsWgIHHfccfL000+7GtOq VSuZMWOG65i+Mb/4lubNm8uiRYukb9++YoYeUsoUcmDu3Lkyc+ZM+fHHH60/5lI2MmnSJDED PU51ZkBHZs2a5bzPtnPllVfKVVdd5RQxAzry6KOPOu+z7eR77WuvvSbmEjquqsxZWsQMDriO 5Xpz7rnnyp133ukUM/+iSsaNG+e8L2THb89mzZrJ/Pnznabcc889csYZZzjvC9nJ1zm5nN5L nwtzBhxPtzWXtBIz2OG6ZtiwYWIuh+Q6Zr8ZMGCAjBgxwn4rTZs2dRk4J5J2PvroIzFnenEd NQM60qRJE9exoN5Eqd3FPodmAFDM0JuYQZuMXGbAUHbaaSfZf//95ZBDDpFOnTpJrVq1MpZP PhElr+S28T4eAmZoUzbffHNZsmSJdOnSRSZOnBiPjtELBBBAAAEEEEAAAQQKFND/b67/H938 R09izsxaYC1chgACCCCAAAIIBCfw9ddfy4477mjdYOjQoTJo0KDgbkbNCERdIMLhIZqGgC8C zKDjCyOVeBB48803085S8cYbb6TU8tRTTzllP//885Tz+R5YtmyZcf/99xv6r6YaNmzo1Gn+ NyjjftRm0Ek3I8sFF1yQL4FTrtAZdJwKzJ2gPUs5g86xxx6b8kxkm/km0SVxf/LkySn1nHXW WYlFXPvJM6t07drVdT7Tm6jNoBNmu4N4Ds2/tHWW1Mv288E+ZwYhjH//+9+GzlqSz1au45xP 3ygTDQFm0InGONAKBBBAAAEEEEAAgegIMINOdMaCliCAAAIIIIBAegFm0EnvwtHKFGCJq8oc 94rqNQGdihruyHTWnDEnJbxw9NFHp7RPv+zXL8LNWSpSzuVzwJx5x9BQRLpltcwZSoyePXsa ZhrZ+oJdl7Gxv3TX16gFdC677DJX+7SNN954Yz4MrjLFBHTC8ixlQMecKSfF+dtvv3UZ5vPm 448/TqmnW7duGS9NDm6YM7RkLJt4ImoBnTDaHfRzaM4oZejPh8SfB7n2O3ToYPz888+JQ5N2 v1zHOW1nOBhJAQI6kRwWGoUAAggggAACCCBQQgECOiXE59YIIIAAAgggkJcAAZ28mChUIQIE dCpkoCu5mwR0Knn0S9f3W2+9NeXLbw3RmMsaOY364osvnDKPP/64czzfnQcffNDYeOONnTrs L9j/8pe/GM8995xhLgPiquq2225zlY1aQCf5i33tj86q43UrNKATpmcpAzq777676zlQ5+nT p3tlNszlA1PqOfLIIzPWkzy+YQRdMjbGw4mw2x3Wc/jTTz8Zw4cPN9q1a5f3jDo6ZmvXrs2q F7ZX1sZwMpYCBHRiOax0CgEEEEAAAQQQQKAIAQI6ReBxKQIIIIAAAgiEIkBAJxRmblImAgR0 ymSgaGbhAgR0CrfjysIFzDW/jbp166YEGK6++mqn0v79+1vnGzdubKxZs8Y5ns/OyJEjjaqq Klf9LVu2NCZMmJDx8qgHdG655RZXfzQ4kuiVsWNJJwoJ6ITtmW9A55133jE07KXLpuXahgwZ 4vI76aST0l6SPJOSOk+ZMiVt2WwHX3vtNdf9tB6dsSnTVq7BjTDbHfZzaI+V/rzSJfhuvvlm 48QTTzSaN2+eMrY6vvpHl9LLtoXpla0dnIuvAAGd+I4tPUMAAQQQQAABBBAoTICATmFuXIUA AggggAAC4QkQ0AnPmjtFX4CATvTHiBYWKUBAp0hALi9Y4LTTTkv5klu/+F6/fr2xcuVKo0GD Btb5Sy+91NM9dLaTatWquerebLPNDP0FJ9sW9YDOM8884+qThgHOO++8bF1Ke85rQKcUnvkG dK644grLpG/fvmn7mngw34COmtphC/tVlzzyuo0ePTqlnmzjVa7BjbDaHcZzqKGqAw880Bg/ fnzO4dYlzE4//XSjevXqrnHee++9s14bllfWRnAy1gIEdGI9vHQOAQQQQAABBBBAoAABAjoF oHEJAggggAACCIQqQEAnVG5uFnEBAjoRHyCaV7wAAZ3iDamhMIF0SwBpIOLZZ581/v3vf1tf emvQZvbs2Z5u0L17d9cX5lrnW2+9lbOOm266yXVd4hJXixYtMo466ijjmmuuSVtPvuGPdBfn e+28efNSgkfaV6+b14BOKTxLGdB57LHHXM+BPj86c4vXbdiwYSn16LOdaSvX4EZY7Q7jObT7 oiGdfDcNztWuXdsZ6w022CBl+bzEuux72OGvclnKLLEP7EdbgIBOtMeH1iGAAAIIIIAAAgiE L0BAJ3xz7ogAAggggAAC3gQI6HjzonS8BQjoxHt86Z0pQECHx6CUAnvssYfzxbb9hfVf//pX Y6+99rKOH3rooZ6ap19M1qlTx1Vnq1at8qrjhBNOcF2XGND59ttvrXP16tVLW1e+IZt0F3u5 9uCDD3a1ceONNzbWrl2brtqMx/7+97+76tC/qMq0lcqzWbNmrjbeddddaZt40UUXWeX69euX 9nziwXydf/vtN2f2JvuZ1HCW102fXft6fd1oo40MrTvTVq7BjTDaHdZzeP7551tjVqNGDWPZ smWZhirlePKsS6tWrUopYx8Iw8u+F6+VKUBApzLHnV4jgAACCCCAAAIIZBYgoJPZhjMIIIAA AgggEA0BAjrRGAdaEQ0BAjrRGAdaEaAAAZ0Acak6p8B9993nCjEkBhp03+vSQnPnzk2p75RT TsnZDi2w9dZbu66NYkBn7Nixrjaq0cMPP5xX/7TQf//7XyM5FJUtoFMqz1133dXVzxtuuCFt H4899lir3NVXX532fOLBfAM6es3AgQNd99cZUhYuXJhYXdb9OXPmGDVr1nTVceedd2a9plyD G2G0O6zn0A7o6Ofq5ptvzjpeiSfHjBnjjHXTpk0TT6Xsh+GVeNN169YZF1xwgaHL/Gl48ZBD DjFmzpyZWIT9mAkQ0InZgNIdBBBAAAEEEEAAgaIFCOgUTUgFCCCAAAIIIBCwAAGdgIGpvqwE COiU1XDR2EIECOgUosY1fgn8+uuvRv369Z0vtxMDOhqY0S8avWw6Q0nyDDr5LAP1ySefpLRh yy23dG796aefWucbNGjgHEvcGTRokOt6nY0n3y352hNPPDHrpTqbS7LT0qVLs15jn9SgS+K1 un/AAQfYp1NeS+XZs2dPVzuPO+64lLbpgbZt21rldFmqXJsX55UrVxo77rijqw0a9NKAUz6b lk10zucZ/Mc//uG6pmvXrvncyvjggw9c1+l9f/jhh7yu9aNQGO0O6zlMDOjozyVd2i6f7YEH HnDGQGcAy7aF4ZV4/+HDhztts5/J7bbbztBnnC2eAgR04jmu9AoBBBBAAAEEEECgcAECOoXb cSUCCCCAAAIIhCNAQCccZ+5SHgIEdMpjnGhlEQIEdIrA41JfBJKXh7G/RL7uuusKqv/AAw90 fSG9wQYbGBqwybQtWLDA2GqrrVzXaBuqqqqM+fPnW5c9+uij1vmDDjoobTXJy0btt99+acul O5h8rc5wkW1bsmSJoeEh20lfd95556wzvGiwJHnmDvv6bbbZJmsQqhSew4YNc/Vv2CQL8wAA QABJREFU0003NX788UcXy6RJk5wy//nPf1zn0r3x6qzBF12WynbS1969exs6I0m27frrr3dd ozOqJLc93fXHH3+867p8l2Z7/vnnXddpO6dNm5buFoEcC6vdYTyHiQEdddQl5VasWJHVTYMu O+ywgzMG+rMi2xaWl92GZDf7eX788cftIrzGTICATswGlO4ggAACCCCAAAIIFC1AQKdoQipA AAEEEEAAgYAFCOgEDEz1ZSVAQKeshovGFiJAQKcQNa7xU0DDFfaXxvZrrVq18p69IrktugxU 9erVXXXqbDxTpkxJLmq8/PLLziwsLVq0MJJDHPvvv7+hs85sscUWVn12aEi/lNcQxFtvvWXc cccdRt26dV33q1atmnHttdcakydPNj788ENj2bJlzr1zXVujRg3jpptuMjSAoiGRdLO2fPfd d4YGOGwvfd1+++2NdEEVnQXEXgoqsXzivs74o0EP7c/ixYudtupOGJ6uG5pvfv75Z0NnK0ps o/bBDkvoElL2DDeHHnpo8uXWez+cdewaN27saocGqKZPn+6659q1aw39WXrEEUe4yupMJXo8 3aZ90fqnTp1q3HbbbYY+84n91f1LLrnEePPNN61yibO5fPbZZ1a9o0ePNpKXA9PrOnfubI3b +++/b8yYMSPd7Qs+Vqp2h/EcJgd01FKfs+TxtvE++ugjo1OnTs64pXsWS+Vlt/Gwww5z2pf4 fGnYjC2eAgR04jmu9AoBBBBAAAEEEECgcAECOoXbcSUCCCCAAAIIhCNAQCccZ+5SHgJV2kzz Cw02BGIrYH6BK+3bt7f6N2rUKOnXr19s+0rHoitgLucjZiDFaaA5y4Q88cQTznuvO+aSR3Lq qafK+vXrXZeawQXZZZddrOPvvPOOmDPrWOfNGTDkpZdeEvOLTWndurWYoRjXdfrGDMCIGZaQ Zs2aydtvvy377rtvSplMBx5++GE5+eSTrdNerzXDH1KzZs2Uqs1lreScc86RMWPGaJjUOd+l Sxdp166dmCEh+fLLL+W1114Tc9YXMUNLMmTIEPn+++/lnnvuccon74wcOVLMWY1ch4P2dN3s jzdmYEiOOeYY0f7bmzkbkpiBFDGDSPLLL79IvXr1xAxBye67724XcV79cjbDUHL55ZfLU089 5Xou2rRpIy1bthQdh48//lhWr17t3FvH66KLLpLBgweLueSaczxxZ/z48dKtW7fEQ1n3zVmF 5OKLL7bKNGrUSMyZlLKWt0/q824/5/axYl5L2e6gn8P+/fuLPv+6bbbZZvLTTz9ZPxP0vTlr ley1115izjglCxculFmzZokZoHM+ezqWDz74oDRp0kSLO1spvbQRt99+e9r/ruvPXP15xhY/ Af3v1+abb279jND/HkycODF+naRHCCCAAAIIIIAAAgh4EDD/MY288MILYv5DIFm+fLmHKymK AAIIIIAAAgiEI/D111+L+Y9FrZsNHTpUBg0aFM6NuQsCERQgoBPBQaFJ/goQ0PHXk9oKE3jy ySfFnMXFuVjDOhqmKWb74Ycf5N5775X77rtPdD/dtvHGG8vZZ58t5kwlYi6jZBV5+umnpW/f vk4AQsMW5swYcvfdd1tfemohDX+YM2eIOXOO9UeDI+bMN1YoRsMyGvT57bffxJzFxQrHTJgw QfbZZx+r/uRrtQ691lxSywqAaKhIQyl6rYZQ1qxZkzagY1Vm/s/nn38u+gubBnXSBYu03g4d Ooi59JLV5nPPPVfuvPNO+/KU13QBHS0UpGdKI/44YM4uIwMGDBD9OZW8mbMaybhx49KGc7Ss 385ffPGFXHnllaLBIR2TdJuGccwlhcScaUnMZcfSFXGOaXDDnI3Hen40aKTPkIaodLz0GdKx 1NDPqlWrrGfBnJHJCejol+4aDrGfP31GNZClm16ngSx9fvTaHj16FBV2cxr8x06p2x3kczhw 4EAZPny49UxpeMWcOcf62WDOLJXM4Lzfdtttrc+WhsnSbaX20jZdccUVcv/991s/0+rXry/m kmuy2267WcGydG3mWHkL6M8ADYrpOBPQKe+xpPUIIIAAAggggAAC/ggQ0PHHkVoQQAABBBBA IDgBAjrB2VJz+QkQ0Cm/MaPFHgUI6HgEo3ggAvqFos5A8cYbb0ivXr2ssIlfN9LAi864Mm/e POuPudyUNG3aVMzlh6wvqTWkk7xpAENnRdFNU8ubbLJJcpHIvdcwx8yZM61Zc7755htr5pat ttpK9thjDzGX73Laay7rZXlon/Rfj+lr4h/10JBIpq0UnvrLqQZuzGWepHbt2lbYSWfNSTez UKZ2+3Vcw1ezZ8+2nM1pJ60wls5W0bx5c6tdGrRhC14giOdQPz/PPvusmEvdOYE97Yl+njSg NXfuXGtWHf08mUvMWT8bNtpoo+A76+MdNPSm4UJz6SvrX5D6WDVVRUSAgE5EBoJmIIAAAggg gAACCERGgIBOZIaChiCAAAIIIIBABgECOhlgOFyRAgR0KnLYK6vTBHQqa7yj3lv90l1nk2FD AAEEEPBf4I477rBmCNMl2G666Sb/b0CNJRcgoFPyIaABCCCAAAIIIIAAAhETIKATsQGhOQgg gAACCCCQIkBAJ4WEAxUsQECngge/UrpOQKdSRpp+IoAAAghUukDv3r3lscces5a86tOnT6Vz xLL/BHRiOax0CgEEEEAAAQQQQKAIAQI6ReBxKQIIIIAAAgiEIkBAJxRmblImAgR0ymSgaGbh AgR0CrfjSgQQQAABBMpFYMmSJdZSbLoc3nvvvSd77713uTSddnoQIKDjAYuiCCCAAAIIIIAA AhUhQECnIoaZTiKAAAIIIFDWAgR0ynr4aLzPAgR0fAaluugJENCJ3pjQIgQQQAABBPwWuO66 6+Sf//yntG3bVqZPny5VVVV+34L6IiBAQCcCg0ATEEAAAQQQQAABBCIlQEAnUsNBYxBAAAEE EEAgjQABnTQoHKpYAQI6FTv0ldNxAjqVM9b0FAEEEECgMgW++uora8acFStWyKOPPionnXRS ZUJUQK8J6FTAINNFBBBAAAEEEEAAAU8CBHQ8cVEYAQQQQAABBEogQECnBOjcMrICBHQiOzQ0 zC8BAjp+SVIPAggggAAC0RP4+eefpX379qIhnW233dZ6rV69evQaSot8ESCg4wsjlSCAAAII IIAAAgjESICATowGk64ggAACCCAQUwECOjEdWLpVkAABnYLYuKicBAjolNNo0VYEEEAAAQS8 CXTv3l3GjRsntWvXlkmTJllhHW81ULqcBAjolNNo0VYEEEAAAQQQQACBMAQI6IShzD0QQAAB BBBAoBgBAjrF6HFt3AQI6MRtROlPigABnRQSDiCAAAIIIBALgXnz5slWW20lVVVV8sADD8gp p5wSi37RicwCiQGdzp07W6GszKU5gwACCCCAAAIIIIBA/AUI6MR/jOkhAggggAAC5S5AQKfc R5D2+ylAQMdPTeqKpAABnUgOC41CAAEEEEDAF4FRo0bJrrvuKhrWYIu/AAGd+I8xPUQAAQQQ QAABBBDwJkBAx5sXpRFAAAEEEEAgfAECOuGbc8foChDQie7Y0DKfBAjo+ARJNQgggAACCCCA QIkFCOiUeAC4PQIIIIAAAggggEDkBAjoRG5IaBACCCCAAAIIJAkQ0EkC4W1FCxDQqejhr4zO E9CpjHGmlwgggECUBVatWiU1a9a0/kS5nbQNgagLENCJ+gjRPgQQQAABBBBAAIGwBQjohC3O /RBAAAEEEEDAqwABHa9ilI+zAAGdOI8ufbMECOhE40FYv3691KhRw3Njfv/9d6levbrn67gA AQQQKKXAunXr5O6775ZXXnlFpk+fLnPnzrV+lm211VZy3HHHyYABA6Rhw4albCL3RqAsBQjo lOWw0WgEEEAAAQQQQACBAAUI6ASIS9UIIIAAAggg4IsAAR1fGKkkJgIEdGIykHQjswABncw2 YZ2ZPHmy7L///tbtNthgA6ldu7bUqlVLqlWrJlVVVU4zDMMQDeSsWbPG+vPbb79JkyZNZObM mVKvXj2nHDsIRElg6tSp8tZbb0nTpk3lsMMOk8022yxKzaMtJRB46aWX5MILL5SvvvrKubv+ vNNggb21atVKpkyZQkjHBuEVgTwFCOjkCUUxBBBAAAEEEEAAgYoRIKBTMUNNRxFAAAEEEChb AQI6ZTt0NDwAAQI6AaBSZbQECOiUfjweeughOfXUUwtuyKJFi6Rx48YFX8+FCAQlMHToUBk8 eLBTfYMGDUQDO23btnWOsVNZAs8++6z06tXL6fSmm24q99xzj+y3336yww47yNKlS51z+uxc ddVVznt2EEAgtwABndxGlEAAAQQQQAABBBCoLAECOpU13vQWAQQQQACBchQgoFOOo0abgxIg oBOULPVGRoCATumHYsWKFbJw4ULRGXF+/fVXmTFjhgwfPtw1u4TdSp2B5PTTT5cttthCNtxw Q6lZs6Zsu+22LHNlA/EaGYFVq1ZJ/fr1RZdvS9xOOOEEefzxxxMPsV8hArNmzZI99thD9Gee brqE1bvvvmv9DJs2bZrsueeeLomDDjpIxo8f7zrGGwQQyC5AQCe7D2cRQAABBBBAAAEEKk+A gE7ljTk9RgABBBBAoNwECOiU24jR3iAFCOgEqUvdkRAgoBOJYUhphC4Bo2GcxE2Xvvrpp5+k Tp06iYcjuT9o0CD59NNPpV+/ftKtW7dItpFGZRbwY/y+/PJLad26dcpNdKaUCRMmpBznQPwF OnToIO+8847T0Ztvvtla6koPzJ8/X5o1a+ac0x39+TFq1CjXMd4ggEB2AQI62X04iwACCCCA AAIIIFB5AgR0Km/M6TECCCCAAALlJkBAp9xGjPYGKUBAJ0hd6o6EAAGdSAxDSiM++eQTadeu net4kyZNZMGCBa5jUX2jwQwNaOjSNWeccUZUm0m7Mgj4MX5r166VTTbZRHQmncStf//+cuut tyYeYr8CBGbOnGktYWV3VZ8NDeUkBg7PPfdcufPOO60iOjPY888/L23atLEv4RUBBPIQIKCT BxJFEEAAAQQQQAABBCpKgIBORQ03nUUAAQQQQKAsBQjolOWw0eiABAjoBARLtdERIKATnbFI bMlnn30mu+66a+Iha1mrH374wXUsqm/q1q1rLdlFQCeqI5S9XX6N37Bhw+TSSy91brbRRhuJ /sxp1aqVc4ydyhB45JFH5G9/+5vT2Y4dO8qUKVOc9/bOnDlzZOnSpVZAsaqqyj7MKwII5ClA QCdPKIohgAACCCCAAAIIVIwAAZ2KGWo6igACCCCAQNkKENAp26Gj4QEIENAJAJUqoyVAQCda 42G3ppwDOt9//700b97c6goBHXtEy+fV7/H7+OOP5dVXX5V69epJ9+7dpUWLFuWDQUt9E0gO a/Xp00fuv/9+3+qnIgQQ+J8AAR2eBAQQQAABBBBAAAEE3AIEdNwevEMAAQQQQACB6AkQ0Ine mNCi0gkQ0CmdPXcOSYCATkjQHm9TzgGdG264QS677DKrxwR0PA58BIozfhEYhBg24corr5Sr rrrK6dmQIUNEj7EhgIC/AgR0/PWkNgQQQAABBBBAAIHyFyCgU/5jSA8QQAABBBCIuwABnbiP MP3zIkBAx4sWZctSgIBONIetXAM6+sXgdtttJ7Nnz7ZgCehE8/nK1CrGL5MMx4sVSA7oaFhn 8ODBxVbL9QggkCRAQCcJhLcIIIAAAggggAACFS9AQKfiHwEAEEAAAQQQiLwAAZ3IDxENDFGA gE6I2NyqNAIEdErjnuuu5RrQefLJJ+WEE05wukdAx6Eoix3GryyGqSwbSUCnLIeNRpehAAGd Mhw0mowAAggggAACCCAQqAABnUB5qRwBBBBAAAEEfBAgoOMDIlXERoCATmyGko5kEiCgk0mm tMfLMaAzYcIEOeyww2T16tUOHgEdhyLyO4xf5IeorBtIQKesh4/Gl5GABnSaNm0qixcvls6d O8ukSZPKqPU0FQEEEEAAAQQQQAAB/wUI6PhvSo0IIIAAAggg4K8AAR1/PamtvAUI6JT3+NH6 PAQI6OSBVIIifgZ09Mu65cuXy9KlS6VRo0ayySabpPRo/fr18u2338oGG2wgW265pVRVVaWU yXbgxRdflOOOO05WrlzpKuZ3QGfBggXyxRdfyA8//CC//vqr1K9fX7bZZhvZZ599PLdZG7pm zRpZsmSJ1K5dWxo2bOhqu76ZN2+eFThq0aKF1KpVK+V8pgOzZs2S77//XubPny8//fSTNGnS RLbddltp2bKlbLTRRpkuK+i4YRiWydy5c0V91q1bJ40bN7a+oNUvabXtubYwxm/FihWWtTrq M+Z10+d4+vTp1phoP2vWrCk77rijtG7dWho0aOC1Olf5MD4jrhv69Cao59dunp+fN78DOn62 TfsbpKXfbS318+rHzxz7GUt+9dsquf5KeK/PBwGdShhp+ogAAggggAACCCCQrwABnXylKIcA AggggAACpRIgoFMqee4bRQECOlEcFdrkqwABHV85faus0ICOBhj++c9/WmEcDZ5oKEfDOfqF nW6JgZnZs2fL9ddfLx988IEV8Fi7dq1VRkM6Gibp2rWrXH311WkDPVpQQygjR46UqVOnyscf f2xdm/w/u+22m2y99dbJh633e+21l1x++eVpzyUf1KWX9F7vvvuu6JfDyVvz5s3lpJNOkt69 e0vbtm2TT1vvH3zwQdF61MW20ZCPbltttZXMmTPH2tdgzcCBA2X8+PGybNky65iGSk477TS5 9dZbrTCPdTDpf3788Ue5++675dFHH5Wvvvoq6eyfb9V1wIAB1mxDXoNQf9Yi1uwI11xzjTz7 7LNWGCjxXOK+hlj69Okjp5xyihUUss8FNX6//PKLdS999vSPWqujBod003FSo3w3DWMNHTpU xo4dK4sWLUp7mX4Zrf3Tcdt0003TlrEPhvkZse/px2vQz29iG/34vD322GMyZswYp9oZM2ak fC569OjhnLd3jj76aOsZsd8nv/rRtrAs/WhrlJ5XnZGlmJ85yWOZ+N4Pq8T6KnmfgE4ljz59 RwABBBBAAAEEEEgnQEAnnQrHEEAAAQQQQCBKAgR0ojQatKXkAuYXwWwIxFrgvffe07SD9WfU qFGx7ms5de7TTz91xsUeny222CJnF1599dWU6+zr9dUM6BjmbDnGkCFDjDp16jhlzRlkjGbN mhlmYMQ5puXNmViMF154Ie19n3/+eVfZxPvks9+9e/e09SYeNIMdhjkzj+s+G2+8sWEupWWc euqphrl8h1GjRg3X+dtuuy2xCmf//PPPd5VLbGO9evWscuPGjTM23HDDjOXMEIhTX+KOGcgx zJl8nOvMkJNhBnGMs846yzjzzDONDh06GGbIxzmv927Tpo1hhqQSq8l7/7nnnrPGJrEPum/O lmMceuih1r3NmZJc99OxNL/sd+4R1PiZQSXXfZPbaAZ0nDbk2nnkkUcMc3YcV32bb765oc+O jn/Hjh2NatWqOef12dBne9WqVRmrDvMzkrERBZwI8vm1m+Pn580M3znjkvwMZHtvBgzt5rhe /Wxb0JZ+tjUqz6sfP3NcA/rHGz+t0tVficd+//13578P+t9INgQQQAABBBBAAAEEKl3g8MMP t/7/qf79AhsCCCCAAAIIIBBFAf2Oyf57c/MfLEexibQJgdAEdKYGNgRiLUBAJ5rDW2hA58sv vzTOPfdcQ0MQGuix/4Nuv5ozvBinn366c7xbt27Ghx9+aJizm1gQ5mw7hjmDhXNerzNnJDH0 S9TkTX9hMJetcf0xl29yXavBlOQy9ntz1p3kKl3v33jjDSs0ZLddgxgaeDFncXCVM2fmMMwl rlz3HT58uKuMvnnmmWes6zXcUbduXVd5DehMmzbN0Fe93957721MmTLFOOCAA1zlNNS0evVq V91qZy5h5ZQzl90yzJl5XGX0jbazS5cuTjm9j7nklWHO2JNSNtMBc3Ya1/hpHdWrV7dCKeZM Na7L9Evaf//73677aQjLnF3BKhfU+GnfzzvvPCtAo/2zx89+zSego2Pcq1cv17U9e/ZMG2gy Zz5KKdupUyfDXFrM5WG/CfMzYt/Tj9egnl+7bX5/3rQ++7Our8nPvjnrkeu8XdacMclukvPq d9uCtPS7raV+Xv38meMM6B87flsl11+p7wnoVOrI028EEEAAAQQQQACBTAIEdDLJcBwBBBBA AAEEoiJAQCcqI0E7oiBAQCcKo0AbAhUgoBMob8GVFxrQSbzhmjVrjO22284VcjCXm7Le64w5 TzzxRGJxZ19n2GndurXrOnNJJud8tp3kUJDO2FPI9s0337hCNDqzj7ksTcaqFixYYDRs2NDV Zp3xIdP2ySefuGZe0Rlvdt55Z+t6c4ks4+eff7Yu3XPPPV116mw99jm77okTJ7rKaBBFg1Dp NrVt3769q7y5BJWxcuXKdMVTjmmgyg666KsGbiZPnpxSzj5gTuPsKq/XfPTRR/bplFe/xs+u WL8obteunasNuQI65lJrrmt07AcPHuwEi+y6E1/1Pn379nXdZ9ddd00Zq8RrdL8Un5HkNhTy 3s/nV+8f9OdN7zHEnNko8dnN9RzoNboF3TY/LYNuayme16B+5gRt9b+npzL/l4BOZY47vUYA AQQQQAABBBDILEBAJ7MNZxBAAAEEEEAgGgIEdKIxDrQiGgIEdKIxDrQiQAECOgHiFlG1HwEd vf1pp53m+lLc/oL8lltuydq6a665xnXdLrvskrW8fdKvgMf+++/vun+fPn3sW2R81UCO3T99 1dl7sm26VFJied3XZaC+++4757LLLrvMVaZHjx7OOXvn6quvdpXRenr37m2fTnnVGTGSl7vK J8j00EMPpdxHl7/Jtu22224p14wZMybjJX6NX+IN+vfv72pDrmCGzqSSOC4a7Mh3S166KJ/n JuzPSL59yVXOr+dX7xPG563QgE4YbfPLMoy2hvm8BvkzJwyrXJ+huJ4noBPXkaVfCCCAAAII IIAAAoUKENApVI7rEEAAAQQQQCAsAQI6YUlzn3IQIKBTDqNEG4sSIKBTFF9gF/sV0Lngggtc YQcNPuiMCPYyR5k6MHbsWNd1G264YaairuN+BDzuvfde1711Caf58+e77pPpjYZyEsMd77zz Tqaixg477OAqq9clL42ly1fpMV3268YbbzQWLVqUUt/DDz+cUs8NN9yQUi7xQPIsOkceeWTi 6ZR9va8uNZbYtwMPPDClXPKBxOXM9FqdKSjT0k96rR/jl9wGnf0msd3ZAjq67FnNmjWd8jor ki6xk++2dOlSZ5ky+54vvPBC1svD/oxkbYyHk349v2F93goJ6ITVNj8sw2prWM9rkD9zwrLy 8HGKVVECOrEaTjqDAAIIIIAAAggg4IMAAR0fEKkCAQQQQAABBAIVIKATKC+Vl5kAAZ0yGzCa 612AgI53szCu8Cugc+GFFzphBzuw8OKLL+bswtSpU1Ou0/BDrq3YgIcu9VS/fn3XvQ844IBc t3XOJ4dBLrroIudc8o4uLWWb6Gu1atWM77//PrlYzvfLly93LcmkX/brklvZtjPPPNN171wz FOmMPIlt1WWfsi1VZd9bv2RXPw29tGnTxnjggQfsU2lfix2/dJV6CWYkz/ijASOv2/HHH++y 6tixY9Yqwv6MZG2Mh5N+PL9hft68PAfKEGbbirUMs61hPa9B/cwJ08rDxylWRQnoxGo46QwC CCCAAAIIIICADwIEdHxApAoEEEAAAQQQCFSAgE6gvFReZgIEdMpswGiudwECOt7NwrgiyIBO rvCI9m/atGmukIOGQ/K5rtiAR/IyVXpfnbkm323SpEmudvfq1Svjpclfyu+3334Zy+Y6sXr1 amPKlClGthl7Euu4+eabXe3cdtttE0+79vULbZ35JjGg06pVK1cZv94UO37p2pFvMCPdM/fg gw+mqzLrsX/9618uK3XTX24zbekCD/k86+nam891mdrh9bgfz2+Yn7d8nwPbIcy2FWsZZlvD eF6D/JkTppX9LFXaKwGdShtx+osAAggggAACCCCQS4CATi4hziOAAAIIIIBAqQUI6JR6BLh/ lAQI6ERpNGhLIAIEdAJhLbrSoAI6TZs2zatthYYPig149OvXLyVcMWbMGGP9+vV5/dGlsBKD LO3atcvY3+Qv5bPNtpOxkjxOzJkzx3j99deNJ554whg5cqQxaNAgo1OnTq52Zgvo6IxHiX3S /T59+uRxZ+9Fih2/dHfMN5iRXE77qaEnr9u4ceNSvIYNG5axmuTAQ9CfkYwN8XjCj+c3zM9b 8vhmW+pMKcJsW7GWYbY1jOc1yJ85YVp5/EjFpnhiQEf/W8OGAAIIIIAAAggggEClCxDQqfQn gP4jgAACCCAQfQECOtEfI1oYngABnfCsuVOJBAjolAg+x22DCuh07do1x53/d7pUAZ0jjjgi JVyRHE7x8r558+YZ+5v8pfwtt9ySsayXE8uWLTPuv/9+Q/8CqGHDhnn1J1tAR9uV3OdrrrnG S5PyLlvKgM6xxx6b0s9sM99k6tTkyZNT6jnrrLMyFTeSAw9Bf0YyNsTjCT+e3zA/b14DOmG2 rVjLMNsaxvMa5M+cMK08fqRiU5yATmyGko4ggAACCCCAAAII+CRAQMcnSKpBAAEEEEAAgcAE COgERkvFZShQpW02vxhlQyC2Au+//760b9/e6t+oUaPE/Nftse1rOXXss88+k1133dXVZDM8 IT/88IPrWK43AwYMkBEjRjjF9t9/f3njjTec95l2PvroI9ljjz1cp83le6RJkyauY8lvmjVr JuYsNs7he+65R8444wznfa6dvffeWz744ANXMb3nZptt5jqWz5saNWqIuWyVmF82py1uLhMl 5i89zrmnn35ajjnmGOe9153FixfL4MGDxQznyLp161yXm7OyyF/+8hfZfffdRcdx7NixYs70 4pQxAzoya9Ys533izqWXXirmDDCJh8Rcxkn69u3rOubHm2LHL10brrzySrnqqqucU+bMKfLo o4867+0dc6YHmTp1qv3Wev32229lm222cR3L9eaTTz4Rc+YkV7Fu3brJK6+84jpmvwn7M2Lf t9hXP57fMD9v+T4HtkuYbSvWMsy2hvG8BvkzJ0wr+1mqtNf//ve/ov/N0f8m6c9VM7RYaQT0 FwEEEEAAAQQQQAABl4D5DwXkhRdekAYNGsjy5ctd53iDAAIIIIAAAghEQeDrr78W8x+SWk0Z OnSomCsxRKFZtAGB0giUYaiIJiPgSYAZdDxxhVY4qBl0zIBOXn0o1Qw6ZlgsZfYTM7iSV5u9 FkqeNUOXRip0e/DBB42NN944pe1mKMd47rnnDPMLU1fVt912m6tsthl0zC/kXWXN/xoaZkDH VZ9fb0o5g44ZXkrp5/Tp0z13zQwdptRz5JFHZqwneUaSoD8jGRvi8YQfz2+YnzevM+iE2bZi LcNsaxjPa5A/c8K08viRik1xZtCJzVDSEQQQQAABBBBAAAGfBJhBxydIqkEAAQQQQACBwASY QScwWiouQwGWuCrDQaPJ3gQI6HjzCqt03AM677zzjnHrrbcab775pos03TJH7777rquMX2+K /VLebsfIkSONqqoqVyikZcuWxoQJE+wiKa9eAjrqpKGcxD9XX311Sp1+HMg3oJNp/NK1Id9g Rrqlb6ZMmZKuyqzHXnvtNZeVuvXs2TPjNWEEHjLevIgTfjy/YX7e8n0ObJIw21asZZhtDeN5 DfJnTphW9rNUaa8EdCptxOkvAggggAACCCCAQC4BAjq5hDiPAAIIIIAAAqUWIKBT6hHg/lES IKATpdGgLYEIENAJhLXoSuMe0LniiiusEIW5TJPL6uKLL04JV5hLT7nK+PWm2C/ltR06w0u1 atVcbTaX4zL0l6lsm5eAjrkclqt+DZycdtpp2aov+Fy+AZ1M45fuxvkGM84777yUfhYyq9Ho 0aNT6tG6M21hBB4y3buY4348v2F+3vJ9DmyTMNtWrGWYbQ3jeQ3yZ06YVvazVGmvBHQqbcTp LwIIIIAAAggggEAuAQI6uYQ4jwACCCCAAAKlFiCgU+oR4P5REiCgE6XRoC2BCBDQCYS16Eor NaDzyiuvpIQrdLmVQrbFixcbv/zyS8ZLi/1SXivu3r17SnvfeuutjPe0T9x0002u6xKXuFq0 aJFx1FFHGddcc41V/IcffjCqV6/uKq8z9BSyrV27NmW5rcR6ShnQeeyxx1x91CCSzk7kdRs2 bFhKPc8++2zGasIIPGS8eREn/Hh+w/y8eQ3ohNm2Yi3DbGsYz2uQP3PCtCri41XWlxLQKevh o/EIIIAAAggggAACAQgQ0AkAlSoRQAABBBBAwFcBAjq+clJZmQsQ0CnzAaT5uQUI6OQ2KkWJ cg3oNGvWzBWOuOuuu9LyXXTRRVa5fv36uc7rF4tbbbWVq442bdq4yuTz5sMPP7SWnWrXrl3G 4sV+Ka9trVOnjqutrVq1yni/xBMnnHCC67rEgM63335rnatXr55zif2XSYnLXE2bNs05n8/O Z599ZtSoUcPYa6+9MhYvdvzSVZxvMOO3334zGjRo4HLRoJLX7dBDD3XVsdFGGxlad6YtjMBD pnsXc7zY51fvHebnLd/nwDYJs23FWobZ1rCe16B+5oRpZT9Llfaqxo0bN7Z+Dnbq1KnSuk9/ EUAAAQQQQAABBBBIEbD//43+nQMbAggggAACCCAQRQECOlEcFdpUKgECOqWS576hCRDQCY3a 043KNaCz6667usIRN9xwQ9p+H3vssVa5q6++OuV88uwyGkp54YUXUsplO9CzZ0+r/o4dO2Ys VuyX8nPnznX1Vdt5yimnZLxf4omtt97adW2ugM6LL77oKq/32nvvva2ARWK92fZ1WSy9bo89 9shYzI/xS67cSzBj4MCBrn7Wrl3bWLhwYXKVGd/PmTPHqFmzpquOO++8M2N5PRFW4CFrIwo4 Wezza98yrM+bl+cg7Lb5YRmWY1jPa5A/c8Kysp+jSnsloFNpI05/EUAAAQQQQAABBHIJENDJ JcR5BBBAAAEEECi1AAGdUo8A94+SAAGdKI1GmbRlzZo1hn5J/M0332RdXicq3SGgE5WRcLfj 448/doUMNFjRpEkTd6E83v3jH/9w1dO1a9c8rjKMDz74wHWd3l+XPcm12cEYLa9/jjvuuLSX tG3b1jqvyxolb+vXrzf22Wcf1/31C/Tly5cnF037XsM8VVVV1vXZwhnbb7+96x7PPfdc2voy HdRZWZJn0NElr3Jtn3zyieu+6rTllls6l9nhrOR/2XXiiSemXHfHHXc412XbmTJlilGtWjXr +mzX+DF+ye0YNGiQq93aj0zbypUrjeSwhIae/vvf/2a6xHVcy9rPnr7mMx5hf0ZcDS7iTbHP r33rsD5vyc+BziKVawurbX5YhtXWMJ/XoH7mhGWV6/mK63kCOnEdWfqFAAIIIIAAAgggUKgA AZ1C5bgOAQQQQAABBMISIKATljT3KQcBAjrlMEoRaOO7775rnHPOOUbyrBj6BXHTpk2Ns846 y9Ald6K4EdCJ4qgYxrhx41xBA32WatWqZWiAwct2/PHHu+rJdwmm559/3nWd3j+fJZWGDRvm um7TTTc1fvzxR1eTJ02a5JT5z3/+4zpnv5k1a5bRsGFDp5zef//99zd++uknu0jaV3Wzl0nq 0qVLxhlmNPCx8cYbu+q/++6709aZ7eCBBx7oqmODDTYwNGCTaVuwYEHKEl7aNw0UzZ8/37rs 0Ucfteo86KCDXNVo37fZZhvX/erXr59zdiFd2qpFixbWdXvuuWdGE72ZX+OX2PC///3vrjYf csghiadT9jUcpstSqYv9p3fv3sa6detSyiYeuP76653yep3+7E1+9hLL2/thf0bs+xbz6tfz a7ch6M+b3if5Odhvv/3s22d9DbptfloG3VaFCvN5DfJnThhWWR+sGJ8koBPjwaVrCCCAAAII IIAAAgUJENApiI2LEEAAAQQQQCBEAQI6IWJzq8gLENCJ/BCVtoErVqww+vbt68zWYX+ZrMEC XbLGnsVDj+u+fkH5yy+/lLbRSXcnoJMEUqK3GlTRoNfrr79ujBw50mjZsqUrbGA/WxoI0Vln 3nzzTWuWG52NJTG4oM+khsGmTp1q3HbbbVaox77Wfr3kkkus67XcokWLnB5rkEOfh9GjRxvJ Sx3ptZ07dzbGjh1rvP/++8aMGTOc6xJ3fv75ZycgY99Pl7PSdumms0vZM6QceuihiZem7Osv JMmBFA2aPPPMM64+64Xff/+9FZKz77n55psbugRV4qZlNPzx2muvGWeccUaK7xZbbGHceuut 1hiog3rk2tSjevXqrro0qKcz1iRvL7/8smHPHKT9SA4saABJlwTTdmg/rrvuuuQqrFmMdttt N9f9tKzOHLNkyRJX+aVLlxqjRo1yZvnZcMMNDZ2ZKdvmx/hpiEzDXG+99Zahs/XUrVvX1d4a NWoYusSNBrV0PNLNjqPPZuPGjV3XabBn+vTpruavXbvWemaPOOIIV9ntttvOOu4q/MebUn9G 0rUpn2NBPL+J9/X785brOdDntn///oYupaTPij6b+vyl2/xuW5CWfre11M+rzpwW1M8cv63S PTuVeIyATiWOOn1GAAEEEEAAAQQQyCZAQCebDucQQAABBBBAIAoC+nel9vdbQ4cOjUKTaAMC JRMgoFMy+ujfWL9UbN68ufMDUwM4V111lfHFF184Xzjr7A3nnXeeU0Z/uHbo0CHjl5Cl6DUB nVKou++ZbrYc+z/E+bwmhmxeffVV1/OW63qdMcXekmesyXbtLrvsYl+W8qpLRelsP4nX68wy f/nLX5yZUerVq5fXjDw648zf/va3lBBMo0aNjIMPPthaQmv33Xd33UuPL1y4MKVd559/vqtc YvvS7Wsb89l0xhsNnSTXoYGmfv36GWeffbYr8LTDDjsYOnuE/sJlLzuVfK0uuaMhgnSbfmHf p0+flHvqzyANP3Xr1i0l4KXLo7399tvpqks5Vuz4adgiuT/Z3mvIJt02e/ZsQ5dBSjZq06aN oX+5psugJS8xVrNmTeOyyy4zdPmxTFsUPiOZ2pbteFDPb+I9/fy8eX0O9BnR5ekybX62LWhL P9sahec1yJ85flplenYq7TgBnUobcfqLAAIIIIAAAgggkEuAgE4uIc4jgAACCCCAQKkFCOiU egS4f5QEqrQx5pdGbAi4BMzZScRcPkfMmR+s4+YMGvLAAw/IySef7Cpnv7nzzjvl3HPPtd9K 165dZcKECWJ+oe4cK9WOORuKtG/f3rq9OduGmIGCUjWlYu/70EMPyWmnnSbmTCNiBlmkdu3a YgYNRJ+rxGdEfxytX79ezECDrF69WswQgvVqhlHEnG3E8hs/fryYM41YdZkBE6s+ux69Xp9Z vXbVqlViznAh1157rVx88cXWtfpMmzOaWNdqW7QNZjjCOqfXmTP1WNfotT169JAnnngi45jp Z2TAgAGiz1fyZs4QI2YoScxgTfKpjO+//vprMVPD8vTTT1v9T1dwq622kosuush6hhPd7LJ3 3XWXmF/MO/0zwx0uY7uP6qo22ndzxiv78qyv5iwTcu+998p9990nup9uM5fUEjOsI+YMRmIu /WUV0f6Ys3CJOfuN9V7NzZmFxFxuS8xZgNJV4xwzAyxizrgj+vysWbPGOZ64Y4aurJ9LQ4YM EXM5rMRTWfeLGT8zCCSdOnVynPVZMgNM1rOsxvYzrMbqq23XfmfazNCjXHnllWIuu5axnzqW 5uxSYs46JDvvvHOmqqzjUfmMZG1kmpNBPr/Jt/Pj85b8HOjPNn0O7J8p9s+zxJ9HZjhMDjvs sOTmuN770bawLP1oa5Se1yB/5vhh5XpQKviN/pw1l/iTxYsXWz+LJ0+eXMEadB0BBBBAAAEE EEAAARFz1l0x/0GImEuiy/LlyyFBAAEEEEAAAQQiJ6B/P2r+A2yrXfpd2KBBgyLXRhqEQFgC BHTCki6j+5j/klzM5X/ku+++c1qtX8qffvrpzvt0O+ZMEPLkk086pzS0o1/Wl3ojoFPqEYj3 /fWXCv2i3pzlxwoembOeWMGcbIGMbCIa7vj222/lyy+/FK1bv+Rv1qyZmLPSyB577OEKNGWr J6hz2j5zuTKZN2+e9WfZsmXWF6XmkktiLhMjGtJJ3jSgYi7vYx3WX8A22WST5CJZ32twSk3M hLXMnDlTzNkTRENQ5lJbYs5aZIUislaQ5aTf45flVjlPab80IKBjr33V9xpiMmcyE32uNADC 5q9AlD9vUW5b8iiUU1uT257ufZA/c+Jmlc4v6GMa0NH/Buh/dzUsSUAnaHHqRwABBBBAAAEE EIi6AAGdqI8Q7UMAAQQQQAABAjo8Awj8KUBA508L9v4QOPXUU60ZK2yQnXbaST777LOcwQD9 Url169b2ZdZsFvqluj2ThnMi5B0COiGDczsEEEAAAQQQqHiBESNGWEHKnj175vwd0gsWAR0v WpRFAAEEEEAAAQQQqAQBAjqVMMr0EQEEEEAAgfIWIKBT3uNH6/0VIKDjr2fZ1zZp0iRrearE juiSKpdddlnioYz7OsuHznBhb1FYUoqAjj0avCKAAAIIIIAAAuEI6O+Dbdq0kbZt28rgwYPF r6AOAZ1wxo+7IIAAAggggAACCJSPAAGd8hkrWooAAggggEClChDQqdSRp9/pBAjopFOp4GPn nnuu6NJUidvEiROlS5cuiYcy7p955ply7733OufbtWsnH330kfO+FDsEdEqhzj0RQAABBBBA oNIFTjnlFHn44Ycdhv/7v/8rOqhDQMfhZAcBBBBAAAEEEEAAAUuAgA4PAgIIIIAAAghEXYCA TtRHiPaFKUBAJ0ztMrjX1ltvLXPmzHG19PPPP7f+9bPrYIY3N998s1x00UWus1999ZXozDql 2gjolEqe+yKAAAIIIIBAJQvoLDrJvwPuuuuuRc2oQ0Cnkp8o+o4AAggggAACCCCQToCATjoV jiGAAAIIIIBAlAQI6ERpNGhLqQUI6JR6BCJ0/99//11q164t+pq4zZ49WzS4k8/2zDPPyFFH HeUq+sgjj0jv3r1dx8J8Q0AnTG3uhQACCCCAAAII/CmgszBOnjz5zwN/7GlQZ8iQIdKjRw+p qqpKOZ/pAAGdTDIcRwABBBBAAAEEEKhUAQI6lTry9BsBBBBAAIHyESCgUz5jRUuDFyCgE7xx 2dxhwYIFssUWW6S0d/HixdKoUaOU4+kOTJo0Sbp27eo6dcEFF8iIESNcx8J8Q0AnTG3uhQAC CCCAAAII/Cmgs+i0adNG1q9f/+fBhD2vQR0COgl47CKAAAIIIIAAAgggYAoQ0OExQAABBBBA AIGoCxDQifoI0b4wBQjohKkd8XvNnz9fmjVrltLKJUuWyGabbZZyPN2Bjz76SPbYYw/Xqc6d O4sGd0q1EdAplTz3RQABBBBAAAEERE455RR5+OGHs1LkG9QhoJOVkZMIIIAAAggggAACFShA QKcCB50uI4AAAgggUGYCBHTKbMBobqACBHQC5S2vyvULjw022EDWrl3ravi8efNkyy23dB3L 9Oa1116Tv/71r67TLVq0kO+++851LMw3BHTC1OZeCCCAAAIIIICAWyDXLDqJpXMFdQjoJGqx jwACCCCAAAIIIIAAM+jwDCCAAAIIIIBA9AUI6ER/jGhheAIEdMKzLos7bb/99jJr1ixXW7/6 6ivZYYcdXMcyvbn77rvl7LPPdp3eZJNNZNmyZa5jYb4hoBOmNvdCAAEEEEAAAQRSBfKZRSfx qkxBHQI6iUrsI4AAAggggAACCCBAQIdnAAEEEEAAAQSiL0BAJ/pjRAvDEyCgE551Wdzp6KOP lv/7v/9ztfXdd9+V9u3bu45lejNw4EAZPny463T16tVl/fr1rmNhviGgE6Y290IAAQQQQAAB BFIFvMyik3h1clAnMaDTsWNHmTJlSmJx9hFAAAEEEEAAAQQQqDgBlriquCGnwwgggAACCJSd AAGdshsyGhygAAGdAHHLseqXX35ZDj30UFfT77jjDjnnnHNcx9K9+f3336Vly5Yyd+7clNO/ /PKLbLjhhinHgz7w448/ysSJE+XYY4+1bnXFFVfISSedFPRtqR8BBBBAAAEEEEAgSeDSSy+V sWPHJh3N760d1Onevbs0a9ZMFi1aJAR08rOjFAIIIIAAAggggEC8BQjoxHt86R0CCCCAAAJx ECCgE4dRpA9+CRDQ8UsyJvXov0rWkM2cOXOcHh100EEyfvx4532mnTFjxsgxxxyT9vTChQtl 8803T3suyIP6RdCwYcOCvAV1I4AAAggggAACCIQkoEEd/T31p59+IqATkjm3QQABBBBAAAEE EIi2AAGdaI8PrUMAAQQQQAABEQI6PAUI/ClAQOdPC/b+EHjuueekR48eLo9JkyZJ586dXccS 36xevdr6kmTatGmJh539Us2gQ0DHGQJ2EEAAAQQQQACBsheoVq2a1KpVS+zfPVniquyHlA4g gAACCCCAAAIIFClAQKdIQC5HAAEEEEAAgcAFCOgETswNykiAgE4ZDVaYTf3HP/4ht912m3PL TTbZRCZPniw77bSTc8ze0S9IjjzyyIyz7NSuXdv6EsUuH+brhAkT5Omnn5a7777buu3hhx8u 7du3D7MJ3AsBBBBAAAEEEEDAFNAwTT6zMmbCOv7442XQoEFywAEHsMRVJiSOI4AAAggggAAC CFScAAGdihtyOowAAggggEDZCRDQKbsho8EBChDQCRC3nKteu3atnH322fLAAw843dhiiy3k 9ttvl/3220/q169vHf/qq6+kX79+8vrrr0vNmjXluuuuk4EDBzrX6E6zZs3k+++/dx0L8837 77/vhHJGjRpltTfM+3MvBBBAAAEEEECg0gV+/fVXaxnVH3/80ROFzphz7LHHyuDBg6V169ai y7Hq76SLFi1iiStPkhRGAAEEEEAAAQQQiKsAAZ24jiz9QgABBBBAID4CBHTiM5b0pHgBAjrF G8a6Bg3kaODmt99+c/pZvXp1adKkiTRo0EC++OILMQzDCuc8/vjj1vFOnTo5ZXWnXbt28tFH H7mOhfmGgE6Y2twLAQQQQAABBBBIFbjxxhvlkksuST2R4UhyMMcuRkDHluAVAQQQQAABBBBA AIH/CRDQ4UlAAAEEEEAAgagLENCJ+gjRvjAFCOiEqV2m91q6dKncc889cu+998rs2bNdvdDl q3r06GHNnNOyZUt54YUXRP9PYeJ21llnyV133ZV4KNR9AjqhcnMzBBBAAAEEEEDAJeBl9hw7 mHPFFVdImzZtXPXoGwI6KSQcQAABBBBAAAEEEKhwAQI6Ff4A0H0EEEAAAQTKQICAThkMEk0M TYCATmjU8bjRqlWr5JtvvpHFixdLixYtZJttthGdUcfeRo4cKf3797ffWq+PPfaYnHjiia5j Yb4hoBOmNvdCAAEEEEAAAQTcAsOGDZNLL73UfTDpXa5gjl2cgI4twSsCCCCAAAIIIIAAAv8T IKDDk4AAAggggAACURcgoBP1EaJ9YQoQ0AlTuwLuddJJJ4kudZW4zZs3T7bccsvEQ6HuE9AJ lZubIYAAAggggAACjkCu2XPyDebYFRLQsSV4RQABBBBAAAEEEEDgfwIEdHgSEEAAAQQQQCDq AgR0oj5CtC9MAQI6YWpXwL222247a4Ydu6sdOnSQt956y35bklcCOiVh56YIIIAAAggggIBk mj3HazDHpiSgY0vwigACCCCAAAIIIIDA/wQI6PAkIIAAAggggEDUBQjoRH2EaF+YAgR0wtQu o3utX79e3nnnHdl0002lTZs2UlVVlbP1uvSVBnQSt6eeekqOPfbYxEOh7xPQCZ2cGyKAAAII IIAAAqKz52y00UYuiUKDOXYlBHRsCV4RQAABBBBAAAEEEPifAAEdngQEEEAAAQQQiLoAAZ2o jxDtC1OAgE6Y2mVyr7ffflu6d+8uS5cutVp82GGHydixY6VGjRpZezBw4EAZPny4U0aXtZo9 e3bO65wLAtohoBMQLNUigAACCCCAAAJZBJJnzzn++OPliiuusMLfWS7LeoqATlYeTiKAAAII IIAAAghUoAABnQocdLqMAAIIIIBAmQkQ0CmzAaO5gQoQ0AmUtzwr79Wrlzz77LOuxk+dOlX2 3Xdf17HEN/ovpLfeemsn1KPnnn76aTnmmGMSi5Vkn4BOSdi5KQIIIIAAAghUsID+btiyZUvr d0OdTbHYYI5NSUDHluAVAQQQQAABBBBAAIH/CRDQ4UlAAAEEEEAAgagLENCJ+gjRvjAFCOiE qV0m99p7773lgw8+cLX28ccflxNOOMF1LPHNGWecIffdd59zSIM5GtCJwkZAJwqjQBsQQAAB BBBAoJIEdFbFadOm+RbMse00oNOsWTNZuHChdOzYUaZMmWKf4hUBBBBAAAEEEEAAgYoUIKBT kcNOpxFAAAEEECgrAQI6ZTVcNDZgAQI6AQOXY/X9+vWT22+/3Wl6tWrVRH9wbrvtts6xxJ1H H31UTj75ZOfQ9ttvL7pMVsOGDZ1jpdwhoFNKfe6NAAIIIIAAApUosGjRItl888197zoBHd9J qRABBBBAAAEEEECgzAUI6JT5ANJ8BBBAAAEEKkCAgE4FDDJdzFuAgE7eVJVT8Pnnn5cjjzzS 6XCmpar0C5IRI0bIxRdfLIZhWOW32247mThxovUvm50KSrxDQKfEA8DtEUAAAQQQQAABnwQI 6PgESTUIIIAAAggggAACsREgoBOboaQjCCCAAAIIxFaAgE5sh5aOFSBAQKcAtLhfsnLlSuna tat8+OGHVle7d+8uvXv3lj333FMaNGggX3zxhbVkgS5pNX36dIejc+fOokth6bIDUdoI6ERp NGgLAggggAACCCBQuAABncLtuBIBBBBAAAEEEEAgngIEdOI5rvQKAQQQQACBOAkQ0InTaNKX YgUI6BQrGNPrV61aJSeeeKI899xzOXuooZ2hQ4dK3759paqqKmf5sAsQ0AlbnPshgAACCCCA AALBCBDQCcaVWhFAAAEEEEAAAQTKV4CATvmOHS1HAAEEEECgUgQI6FTKSNPPfAQI6OSjVKFl 9AuQF198UUaPHi0aclm4cKH8/PPPUqdOHWnRooW0atVKjj/+eOnRo4d1LKpMBHSiOjK0CwEE EEAAAQQQ8CZAQMebF6URQAABBBBAAAEE4i9AQCf+Y0wPEUAAAQQQKHcBAjrlPoK0308BAjp+ alZAXevWrZMaNWpEcqacTPwEdDLJcBwBBBBAAAEEECgvAQI65TVetBYBBBBAAAEEEEAgeAEC OsEbcwcEEEAAAQQQKE6AgE5xflwdLwECOvEaT3qTRoCAThoUDiGAAAIIIIAAAmUoQECnDAeN JiOAAAIIIIAAAggEKkBAJ1BeKkcAAQQQQAABHwQI6PiASBWxESCgE5uhpCOZBAjoZJLhOAII IIAAAgggUF4CBHTKa7xoLQIIIIAAAggggEDwAgR0gjfmDggggAACCCBQnAABneL8uDpeAgR0 4jWe9CaNAAGdNCgcQgABBBBAAAEEylAgMaCz7777ytSpU8uwFzQZAQQQQAABBBBAAAH/BAjo +GdJTQgggAACCCAQjAABnWBcqbU8BQjolOe40WoPAgR0PGBRFAEEEEAAAQQQiLAAAZ0IDw5N QwABBBBAAAEEECiJAAGdkrBzUwQQQAABBBDwIEBAxwMWRWMvQEAn9kNMBwno8AwggAACCCCA AALxECCgE49xpBcIIIAAAggggAAC/gkQ0PHPkpoQQAABBBBAIBgBAjrBuFJreQoQ0CnPcaPV HgQI6HjAoigCCCCAAAIIIBBhAQI6ER4cmoYAAjhTVowAAEAASURBVAgggAACCCBQEgECOiVh 56YIIIAAAggg4EGAgI4HLIrGXoCATuyHmA4S0OEZQAABBBBAAAEE4iFAQCce40gvEEAAAQQQ QAABBPwTIKDjnyU1IYAAAggggEAwAgR0gnGl1vIUIKBTnuNGqz0IENDxgEVRBBBAAAEEEEAg wgIEdCI8ODQNAQQQQAABBBBAoCQCBHRKws5NEUAAAQQQQMCDAAEdD1gUjb0AAZ3YDzEdJKDD M4AAAggggAACCMRDgIBOPMaRXiCAAAIIIIAAAgj4J0BAxz9LakIAAQQQQACBYAQI6ATjSq3l KUBApzzHjVZ7ECCg4wGLoggggAACCCCAQIQFCOhEeHBoGgIIIIAAAggggEBJBAjolISdmyKA AAIIIICABwECOh6wKBp7AQI6sR9iOkhAh2cAAQQQQAABBBCIhwABnXiMI71AAAEEEEAAAQQQ 8E+AgI5/ltSEAAIIIIAAAsEIENAJxpVay1OAgE55jhut9iBAQMcDFkURQAABBBBAAIEICxDQ ifDg0DQEEEAAAQQQQACBkggQ0CkJOzdFAAEEEEAAAQ8CBHQ8YFE09gIEdGI/xHSQgA7PAAII IIAAAgggEA8BAjrxGEd6gQACCCCAAAIIIOCfAAEd/yypCQEEEEAAAQSCESCgE4wrtZanAAGd 8hw3Wu1BgICOByyKIoAAAggggAACERYgoBPhwaFpCCCAAAIIIIAAAiURIKBTEnZuigACCCCA AAIeBAjoeMCiaOwFCOjEfojpIAEdngEEEEAAAQQQQCAeAgR04jGO9AIBBBBAAAEEEEDAPwEC Ov5ZUhMCCCCAAAIIBCNAQCcYV2otTwECOuU5brTagwABHQ9YFEUAAQQQQAABBCIsQEAnwoND 0xBAAAEEEEAAAQRKIkBApyTs3BQBBBBAAAEEPAgQ0PGARdHYCxDQif0Q00ECOjwDCCCAAAII IIBAPAQI6MRjHOkFAggggAACCCCAgH8CBHT8s6QmBBBAAAEEEAhGgIBOMK7UWp4CBHTKc9xo tQcBAjoesCiKAAIIIIAAAghEWEADOltuuaUsWLBA9t13X5k6dWqEW0vTEEAAAQQQQAABBBAI XoCATvDG3AEBBBBAAAEEihMgoFOcH1fHS4CATrzGk96kESCgkwaFQwgggAACCCCAQBkKENAp w0GjyQgggAACCCCAAAKBChDQCZSXyhFAAAEEEEDABwECOj4gUkVsBAjoxGYo6UgmAQI6mWQ4 jgACCCCAAAIIlJcAAZ3yGi9aiwACCCCAAAIIIBC8AAGd4I25AwIIIIAAAggUJ0BApzg/ro6X AAGdeI0nvUkjQEAnDQqHEEAAAQQQQOD/2bsTsKmpu+/jh30XBFSQTUQty6WI7BQXUItiVcAF ba0KVrGCWkWtWAqyPFVarQh9arVvXbFapYIsrbigsiugCK2gUBBkEZVFFJTF5s0/TxOTmcyS mSSTZL65Lpwkk5zlczLjfc/87hMEYihAQCeGg0aTEUAAAQQQQAABBAIVIKATKC+FI4AAAggg gIAPAgR0fECkiMQIENBJzFDSkUwCBHQyybAfAQQQQAABBBCIlwABnXiNF61FAAEEEEAAAQQQ CF6AgE7wxtSAAAIIIIAAAsUJENApzo+zkyVAQCdZ40lvXAQI6LigsAsBBBBAAAEEEIihAAGd GA4aTUYAAQQQQAABBBAIVICATqC8FI4AAggggAACPggQ0PEBkSISI0BAJzFDSUcyCRDQySTD fgQQQAABBBBAIF4CBHTiNV60FgEEEEAAAQQQQCB4AQI6wRtTAwIIIIAAAggUJ0BApzg/zk6W AAGdZI0nvXERIKDjgsIuBBBAAAEEEEAghgIEdGI4aDQZAQQQQAABBBBAIFABAjqB8lI4Aggg gAACCPggQEDHB0SKSIwAAZ3EDCUdySRAQCeTDPsRQAABBBBAAIF4CRDQidd40VoEEEAAAQQQ QACB4AUI6ARvTA0IIIAAAgggUJwAAZ3i/Dg7WQIEdJI1nvTGRYCAjgsKuxBAAAEEEEAAgRgK 2AM6PXr0UAsXLoxhL2gyAggggAACCCCAAAL+CRDQ8c+SkhBAAAEEEEAgGAECOsG4Umo8BQjo xHPcaLUHAQI6HrA4FAEEEEAAAQQQiLAAAZ0IDw5NQwABBBBAAAEEECiJAAGdkrBTKQIIIIAA Agh4ECCg4wGLQxMvQEAn8UNMBwnocA0ggAACCCCAAALJECCgk4xxpBcIIIAAAggggAAC/gkQ 0PHPkpIQQAABBBBAIBgBAjrBuFJqPAUI6MRz3Gi1BwECOh6wOBQBBBBAAAEEEIiwAAGdCA8O TUMAAQQQQAABBBAoiQABnZKwUykCCCCAAAIIeBAgoOMBi0MTL0BAJ/FDTAcJ6HANIIAAAggg gAACyRAgoJOMcaQXCCCAAAIIIIAAAv4JENDxz5KSEEAAAQQQQCAYAQI6wbhSajwFCOjEc9xo tQcBAjoesDgUAQQQQAABBBCIsAABnQgPDk1DAAEEEEAAAQQQKIkAAZ2SsFMpAggggAACCHgQ IKDjAYtDEy9AQCfxQ0wHCehwDSCAAAIIIIAAAskQIKCTjHGkFwgggAACCCCAAAL+CRDQ8c+S khBAAAEEEEAgGAECOsG4Umo8BQjoxHPcaLUHAQI6HrA4FAEEEEAAAQQQiLAAAZ0IDw5NQwAB BBBAAAEEECiJAAGdkrBTKQIIIIAAAgh4ECCg4wGLQxMvQEAn8UNMBwnocA0ggAACCCCAAALJ ECCgk4xxpBcIIIAAAggggAAC/gkQ0PHPkpIQQAABBBBAIBgBAjrBuFJqPAUI6MRz3Gi1BwEC Oh6wOBQBBBBAAAEEEIiwAAGdCA8OTUMAAQQQQAABBBAoiQABnZKwUykCCCCAAAIIeBAgoOMB i0MTL0BAJ/FDTAcJ6HANIIAAAggggAACyRAgoJOMcaQXCCCAAAIIIIAAAv4JENDxz5KSEEAA AQQQQCAYAQI6wbhSajwFCOjEc9xotQcBAjoesDgUAQQQQAABBBCIsAABnQgPDk1DAAEEEEAA AQQQKIkAAZ2SsFMpAggggAACCHgQIKDjAYtDEy9AQCfxQ0wHCehwDSCAAAIIIIAAAskQIKCT jHGkFwgggAACCCCAAAL+CRDQ8c+SkhBAAAEEEEAgGAECOsG4Umo8BQjoxHPcaLUHAQI6HrA4 FAEEEEAAAQQQiLAAAZ0IDw5NQwABBBBAAAEEECiJAAGdkrBTKQIIIIAAAgh4ECCg4wGLQxMv QEAn8UNMBwnocA0ggAACCCCAAALJECCgk4xxpBcIIIAAAggggAAC/gkQ0PHPkpIQQAABBBBA IBgBAjrBuFJqPAUI6MRz3Gi1BwECOh6wOBQBBBBAAAEEEIiwAAGdCA8OTUMAAQQQQAABBBAo iQABnZKwUykCCCCAAAIIeBAgoOMBi0MTL0BAJ/FDTAcJ6HANIIAAAggggAACyRAgoJOMcaQX CCCAAAL5Cezbt09VqVLF+JffGRyFAALlKEBApxxHnT4jgAACCCAQLwECOvEaL1obrAABnWB9 KT0CAgR0IjAINAEBBBBAAAEEEPBBgICOD4gxK+LQoUOqcuXKnlv97bffqkqVKnk+jxMQQACB UgocPHhQPfzww+qll15Sq1atUps2bTLey5o3b64GDhyohg8frho2bFjKJlI3AghEUICATgQH hSYhgAACCCCAgEOAgI6Dg40yFyCgU+YXQDl0n4BOOYwyfUQAAQQQQACBchAgoFMOo/xdH+fN m6d69+5t7KhRo4aqVq2aqlq1qqpYsaKqUKGCdaCmaUoCOfv37zf+ff3116pRo0Zq7dq1qlat WtZxrCAQFYEFCxaohQsXqsaNG6vzzjtPNWjQICpNox0lFPj73/+ubr31VvXBBx9YrZD3O/l/ n7m0bt1azZ8/n5COCcIjAggYAgR0uBAQQAABBBBAIOoCBHSiPkK0L0wBAjphalNXSQQI6JSE nUoRQAABBBBAAAHfBQjo+E4a6QKfeOIJdfXVVxfcxu3bt6sjjzyy4PM5EYEgBMaNG6dGjRpl FV2vXj0lgZ127dpZ+1gpP4Fp06apAQMGWB2vX7++euSRR1SvXr3UCSecoHbs2GE9J9fPmDFj rG1WEEAAAQI6XAMIIIAAAgggEHUBAjpRHyHaF6YAAZ0wtamrJAIEdErCTqUIIIAAAggggIDv AgR0fCeNdIF79uxRn3zyiZIZcb766iu1evVqdd999zlmlzA7ILOQXHPNNeroo49WtWvXVlWq VFGtWrXiNlcmEI+RENi3b5+qW7euklu32ZfLL79c/eUvf7HvYr2MBNatW6c6duyo5D1PFrmF 1ZIlS4z3sOXLl6tOnTo5NM4++2z18ssvO/axgQAC5S1AQKe8x5/eI4AAAgggEAcBAjpxGCXa GJYAAZ2wpKmnZAIEdEpGT8UIIIAAAggggICvAgR0fOWMZWFyCxgJ49gXufXV7t27VfXq1e27 I7c+cuRI9d5776lhw4apPn36RK59NCi3QLFjuGbNGtWmTZu0imSWlLlz56btZ0d5CPTo0UMt XrzY6uz9999v3OpKdmzdulU1adLEek5W5D1k8uTJjn1sIIBAeQsQ0Cnv8af3CCCAAAIIxEGA gE4cRok2hiVAQCcsaeopmQABnZLRUzECCCCAAAIIIOCrAAEdXzljWdiKFStUhw4dHG1v1KiR 2rZtm2NfFDckmCEBDbltzbXXXhvFJtKmHALFjuGBAwfU4YcfrmQmHfty8803q4kTJ9p3sV4m AmvXrjVuYWV2V64PCeXYA4c33HCDeuihh4xDZGawGTNmqLZt25qn8IgAAggoAjpcBAgggAAC CCAQdQECOlEfIdoXpgABnTC1qaskAgR0SsJOpQgggAACCCCAgO8CBHR8J41dgStXrlTt27d3 tFtua7VlyxbHvihu1KxZ07hdFwGdKI5Ofm3yYwwnTJig7rzzTqvCOnXqKPmdtXXr1tY+VspH 4KmnnlJXXnml1eGePXuq+fPnW9vmysaNG9WOHTuMgGKFChXM3TwigAAChgABHS4EBBBAAAEE EIi6AAGdqI8Q7QtTgIBOmNrUVRIBAjolYadSBBBAAAEEEEDAdwF7QKd79+5q0aJFvtdBgdEW iGtAZ/PmzapZs2YGLgGdaF9jmVrn5xi+++67as6cOapWrVrqggsuUC1atMhULfsTLpAa2Bo0 aJB69NFHE95ruocAAn4LENDxW5TyEEAAAQQQQMBvAQI6fotSXpwFCOjEefRoe14CBHTyYuIg BBBAAAEEEEAg8gIEdCI/RIE3MK4BnXvvvVeNGDHC8CGgE/hlEkgFjGEgrGVf6N13363GjBlj OYwePVrJPhYEEEDAiwABHS9aHIsAAggggAACpRAgoFMKdeqMqgABnaiODO3yTYCAjm+UFIQA AggggAACCJRUgIBOSfkjUXkcAzpy3R533HFqw4YNhiEBnUhcSp4awRh64uJgDwKpAR0J64wa NcpDCRyKAAIIKEVAh6sAAQQQQAABBKIuQEAn6iNE+8IUIKATpjZ1lUSAgE5J2KkUAQQQQAAB BBDwXYCAju+ksSswjgGdZ599Vl1++eWWNQEdiyI2K4xhbIYqdg0loBO7IaPBCERSgIBOJIeF RiGAAAIIIICATYCAjg2D1bIXIKBT9pdA8gEI6CR/jOkhAggggAACCJSHAAGd8hjnbL2MW0Bn 7ty56rzzzlPffPON1S0COhZFLFYYw1gMU2wbSUAntkNHwxGIlAABnUgNB41BAAEEEEAAARcB AjouKOwqWwECOmU79OXTcQI65TPW9BQBBBBAAAEEki1AQCfZ45tP7/wM6Mj1tGvXLrVjxw51 xBFHqMMPPzytCYcOHVLr169XNWrUUE2bNlUVKlRIOybTjtmzZ6uBAweqvXv3Og4JIqCzbds2 9f7776stW7aor776StWtW1e1bNlSde/e3VObzYbu379fff7556patWqqYcOG5m7r8eOPPzZC Ry1atFBVq1a19udaWbdundq8ebPaunWr2r17t2rUqJFq1aqVOvbYY1WdOnVyne7peU3TDJNN mzYp8Tl48KA68sgjVePGjY1/0vZcS9BjuGfPHsNZDOX6KmSR63jVqlVKxkT6WaVKFfW9731P tWnTRtWrV6+QIq1zgn6NWBX5vBLU9Ws208/Xm98BHT/bJv0N0tLvtpb6evXjPce8xlIf/bZK LZ/t+AsQ0In/GNIDBBBAAAEEki5AQCfpI0z/vAgQ0PGixbGxFCCgE8tho9EIIIAAAggggECa gHz5Jl9iyxdVEjxYtGhR2jHsSLZAoQEdCTD88pe/NMI4EjyRUI6Ec+SaksUemtmwYYO65557 1NKlS42Ax4EDB4xjJKQjYZIzzjhDjR071jXQIwGUSZMmqQULFqh3333XOC/1PyeffLI65phj Uncb2507d1Z33XWX63NuO+XWS1LfkiVLlHw5nLo0a9ZM/fjHP1ZXXHGFateuXerTxvbjjz+u pBxxMW0k5CNL8+bN1caNG411Cdbcfvvt6uWXX1Y7d+409kmwZPDgwWrixIlGmMfYmfKfzz77 TD388MNqypQp6oMPPkh59rtNcR0+fLgx45CXINR3Jfzf2qeffqrGjx+vpk2bZoSBUp83tyXE MmjQIHXVVVcZQSFzfxBj+OWXXxr1yHUn/8RZDCU0JIuMkfh4WSSMNW7cODV9+nS1fft211Ml jCT9k3GrX7++6zHmzrBeI2Z9fj0Gff3a2+nH6+3pp59WU6dOtYpdvXp12uuiX79+1vPmysUX X2xcJ+Z26qMfbQvL0o+2Rul6LfY9J3Us7dt+WNnLYz25AgR0kju29AwBBBBAAIGkCBDQScpI 0g9fBPQP8VgQSLTAW2+9JZ9UG/8mT56c6L7SOQQQQAABBBBAIMkC3377raZ/4Wz8XKcHdJLc VfqWQeC9996zfrY3f8Y/+uijMxz93e45c+aknWeeL496QEfTZ8vRRo8erVWvXt06Vp9BRmvS pImmB0asfXK8PhOLNmvWrO8q+O/ajBkzHMfZ68hn/YILLkgr022HHu7Q9Nl5HHUddthhmn47 Le3qq6/WTjvtNK1y5cqO5x988EG3orSbbrrJcZy9nbVq1TLOmTlzpla7du2Mx+khENey9UCO ps/kY52nh5w0PYijDRkyRLvuuuu0Hj16aHrIx3pe6m7btq2mh6Rcy8u188UXXzTGxt4HWddn y9H69u1r1K3PlOSoT8ZS/7LfKjqIMdRDSo46U9unB3Ss+vNZeeqppzR9dhxHmUcddZQm14+M f8+ePbWKFStaz8u1Idf2vn37MhYf1mskYwMKfCLI69dskp+vNz2AZ41L6nWQbVsPGJrNcTz6 2bagLf1sa1SuVz/ecxwD+t8NP63cymdf8gR++MMfGu8t8v8GFgQQQAABBBBAIIoC8vmA+TuP /scmUWwibUIgNAH5KzsWBBItQEAn0cNL5xBAAAEEEECgjAQI6JTRYGfoaqEBnTVr1mg33HCD JkEICfSYHwqZj/oML9o111xj7e/Tp4+2bNkyTZ/hxGiJPtuOps9gYT0v5+kzkmjyJap9kQ+c 9FvWOP7pt25ynCehlNRjzG191h17ca7rr732mhEaMtsuQQwJvOizODiO12fm0CTIZh4nj/fd d5/jGNl44YUXjPMl3FGzZk3H8RLQWb58uSaPcn6XLl20+fPna2eeeabjOAk1ffPNN46yxU6/ hZV1nH7bLU2fmcdxjGxIO08//XTrOKlHv+WVps/Yk3Zsph36DDWO8ZMyKlWqZIRS9NlqHKfJ +8if//xnR30SwtJnUzKOC2IMpd833nijEZ6Rvkn77P/yDejIGA8YMMBxbv/+/V0DTfrMR2nH nnrqqZp+azGHh7kR1mvErM+vx6CuX7N9fr/epDzz9S6Pqde+hFDtz5vr+oxJZpOsR7/bFqSl 320t9fXq53uONaD/XfHbKrV8tpMpQEAnmeNKrxBAAAEEEEiSAAGdJI0mfSlWgIBOsYKcH3kB AjqRHyIaiAACCCCAAAII5CVAQCcvpkQfVGhAx46yf/9+7bjjjnOEHPRbThnbMmPOM888Yz/c WpcZdtq0aeM4T78lk/V8ppXUQJDM1lPo8u9//9sRopGZffTb0mQsTr8dnNawYUNHm2XGh0zL ihUrHDOvyIw3J554onG+foss7YsvvjBO7dSpk6NMma3HfM4s+4033nAcI4EUCUK5LWLbtWtX x/H6Lai0vXv3uh2etk8CVfbAiwRu5s2bl3acuUO/FYjjeDn3nXfeMZ9Oe/RzDOV9rEOHDo76 8wno6Ldac5wnYz9q1CgrWJTWaH2H1DV06FBHXe3bt08bq9Rzw36NpNZf6Laf16+0IejXm9Qx Wp/ZyH7t5nMthNE2Py2DdizF9RrUe07QVnLtsCRTgIBOMseVXiGAAAIIIJAkAQI6SRpN+lKs AAGdYgU5P/ICBHQiP0Q0EAEEEEAAAQQQyEuAgE5eTIk+yI+AjgANHjzY8aW4+QX5Aw88kNVv /PjxjvNOOumkrMfLk36GO3r37u2of9CgQTnrl0CO2T95lBl8si1yqyT78bIut4H66KOPrNNG jBjhOKZfv37Wc+bK2LFjHcdIOVdccYX5dNqjzIiRerurfMJMTzzxRFo9cvubbMvJJ5+cds7U qVMznuLnGEolN998s6P+fEIZMpOKfVwk2JHvknrronyumzBfI/n2I5/j/Lp+pa4wXm+FBnTC aJtflmG0NczrNcj3nDCs8nkdcUz8BAjoxG/MaDECCCCAAALlJkBAp9xGnP5mEyCgk02H5xIh QEAnEcNIJxBAAAEEEEAAAWM2CLn9h3xJLbfuYSk/Ab8COrfccosj7CDXlMyIYN7mKJPs9OnT HefVrl0706HWfr/CHX/6058cdcstnLZu3WrVk21FQjn2cMfixYszHn7CCSc4jpXzUm+NJbev kn1y26/f/OY32vbt29PKe/LJJ9PKuffee9OOs+9InUXnwgsvtD+dti71yq3G7H0766yz0o5L 3WG/nZmcKzMFZbr1k5zr1xia7ZCZb+xtzhXQkVufValSxTpHZkWSW+zku+zYscO6TZlZ76xZ s7KeHuZrJGtDPD7p1/Ub1uutkIBOWG3zwzKstoZ1vQb5nhOWlceXFIfHRICATkwGimYigAAC CCBQxgIEdMp48Ol6mgABnTQSdiRNgIBO0kaU/iCAAAIIIIBAuQowg065jvx3/fYroHPrrbda YQczsDB79uzvKsqwtmDBgrTzJPyQbfEj3CG3eqpbt66j7jPPPDNbtY7nUgMht912m+N5+4bc Wso0kceKFStqmzdvth+S1/quXbsct2SSL/vlllvZluuuu85Rd64ZimRGHntb5bZP2W5VZdYt X7KLn4Re2rZtqz322GPmU66PfoyhvWCvoYzUGX8kYOR1ueyyyxxWPXv2zFpEmK+RrA3x+KQf 12+Yrzev10KYbSvWMsy2hnW9BvWeE6aVx5cUh8dEgIBOTAaKZiKAAAIIIFDGAgR0ynjw6Xqa AAGdNBJ2JE2AgE7SRpT+IIAAAggggEC5ChDQKdeR/67fQQZ0coVHpBXLly93hBwkHJLrPD/C Ham3qZJ6ZeaafJc333zT0e4BAwZkPDX1S/levXplPDbXE9988402f/58LduMPfYy7r//fkc7 W7VqZX/asS5faMvMN/aATuvWrR3H+LXhxxja2+IllOF2zT3++OP24vJa//3vf++wEjf5gDTT 4hZ4yHWtS1lu7c3nvEzt8Lrfj+s3zNebl2tBLMJsW7GWYbY1jOs1yPecMK28vqY4Ph4CBHTi MU60EgEEEEAAgXIWIKBTzqNP31MFCOikirCdOAECOokbUjqEAAIIIIAAAmUqQECnTAfe1u2g Ajpy67R8lkLCB36EO4YNG5YWrpg6dap26NChvP7JrbDsQZYOHTpk7G7ql/LZZtvJWEgeT2zc uFF79dVXtWeeeUabNGmSNnLkSO3UU091tDNbQEdmPLL3SdYHDRqUR83eD/FjDO21egllpB4r /ZTQk9dl5syZaV4TJkzIWExq4CHI10jGRhTwhB/Xb5ivt9TxzXW7szDbVqxlmG0N43oN8j0n TKsCXlacEgMBAjoxGCSaiAACCCCAQJkLENAp8wuA7jsECOg4ONhIogABnSSOKn1CAAEEEEAA gXIUkICO+UV59+7dy5Gg7PscVEDnjDPOyMu2VAGd888/Py1ckRpO8bLdrFmzjP1N/VL+gQce yHislyd27typPfroo5p8idiwYcO8+pMtoCPtSu3z+PHjvTQp72PN9x2zvkceeSTvc90O9BLK uPTSS9P6mW3mG7f6ZN+8efPSyhkyZEimw7XUwEOQr5GMjSjgCT+u3zBfb16uBeEIs23FWobZ 1jCu1yDfc8K0KuBlxSkxECCgE4NBookIIIAAAgiUuQABnTK/AOi+Q6CCbOkfMrEgkFiBt99+ W3Xt2tXo3+TJk5X+l0mJ7SsdQwABBBBAAAEEkizwn//8R+nBAqXPBqL0gI5atGhRkrtL31wE Vq5cqdq3b+94Rg9PqC1btjj25doYPny4+t3vfmcd1rt3b/Xaa69Z25lW3nnnHdWxY0fH0/rt e1SjRo0c++wbTZo0Ma5Zc58e7lDXXnutuZnXY5cuXdTSpUsdx0qdDRo0cOzLZ6Ny5cpKv22V 0r9sdj1cv02U0j84s5577rnn1CWXXGJte1359NNP1ahRo5QezlEHDx50nK7PyqK6deumTjnl FCXjOH36dKXP9GIdowd01Lp166xt+8qdd96p9Blg7LuUfhsnNXToUMc+Pzb8GEN7O+6++241 ZswYa5c+a4qaMmWKtW1f0WcVUgsWLLDvUuvXr1ctW7Z07Mu1sWLFCqXPnOQ4rE+fPuqll15y 7DM3wnyNmHX68ejH9Rvm683LtSA+YbatWMsw2xrG9Rrke06YVn68zigjegJ6yEvNmjVL1atX T+3atSt6DaRFCCCAAAIIIFD2Ah9++KHS/wjAcBg3bpzSZ9EtexMAyljAEddhA4EECjCDTgIH lS4hgAACCCCAQFkKMINOWQ67o9NBzaCjB3Qc9WTaCHIGncWLF2sTJ07UXn/99bTq3WZRWbJk SdpxfuxInTVDbo1UyCK3rapQoYJj1pZjjz1Wmzt3bsbiHnzwQcfx2WbQESv9oxzHv7Fjx2Ys u5gn8p1BJ9sY2uv3MmuK28wahdzi6pVXXnFYiV3//v3tzXKsp85IEuRrxFFxkRt+XL9hvt68 XAtCE2bbirUMs61hXK9BvueEaVXkS4zTIyrADDoRHRiahQACCCCAAAKWADPoWBSsIKBxiysu gsQLENBJ/BDTQQQQQAABBBAoEwECOmUy0Fm6meSAzq9+9SsjQKHPAJMmcMcdd6SFK/SZbdKO 82NHsV/KSxtWrVqlVaxY0dFmfbYfLdetmbwEdPTZdhzlS+Bk8ODBfhCklZFvQCfbGNoL9RLK uPHGG9P6WUho6vnnn08rR8rOtIQReMhUdzH7/bh+w3y9ebkWxCXMthVrGWZbw7heg3zPCdOq mNcX50ZXgIBOdMeGliGAAAIIIIDA/wkQ0OFKQOA7AQI631mwllABAjoJHVi6hQACCCCAAAJl J0BAp+yGPK3D5RrQ0W9DlBau0G/pkuaTzw79llPal19+mfHQYr+Ul4IvuOCCtPYuXLgwY53m E7/97W8d59ln0Nm+fbt20UUXaePHjzcO129rplWqVMlxvMzQU8hy4MABTb+FXsZTSxnQefrp px19lCCSzE7kddFvB5ZWzrRp0zIWE0bgIWPlRTzhx/Ub5uvNa0AnzLYVaxlmW8O4XoN8zwnT qoiXF6dGWICAToQHh6YhgAACCCCAgCFAQIcLAYHvBAjofGdR1mv6/Ym1tWvXavv37w/EYe/e vdr69eu1devWabt37w6kjkyFEtDJJMN+BBBAAAEEEEAgXgIEdOI1XkG0No4BnSZNmjiCEX/8 4x9daW677TbjuGHDhqU9L9d+8+bNHeW0bds27bhcO5YtW2bcdqpDhw4ZDy32S3lpa/Xq1R1t bd26dcb67E9cfvnljvPsAR35fVLCKbVq1bJOMb+QlP3mP7kNmZdl5cqVWuXKlbXOnTtnPM2P MbQX7iWU8fXXX2v16tWz+if9lKCS16Vv376OMurUqaNJ2ZmWMAIPmeouZn+x16/UHebrzcu1 EHbbirUM0zGs6zWo95wwrYp5fXFudAXMa1P+f8GCAAIIIIAAAghEUYCAThRHhTaVSoCATqnk I1Sv/CVjo0aNjA/rhgwZ4lvL5s+fr1155ZXakUce6fggUD5QlA9ar7nmGk0+YA96IaATtDDl I4AAAggggAAC4QjIF1jmTBbdu3cPp1JqiZRAHAM67du3d/w+dO+997qaXnrppcZxY8eOdX0+ dXYZ+b1q1qxZrsdm2tm/f3+jjp49e2Y6RCv2S/lNmzY5+ivtvOqqqzLWZ3/imGOOcZybK6Az e/Zsx/FSV5cuXYyAhb3cbOtyWyw5r2PHjhkP82sMzQq8hjJuv/12Rz+rVaumffLJJ2ZxOR83 btyoValSxVHGQw89lPW8sAIPWRtRwJPFXr9mlWG93rxeC9K+sNrmh2VYbQ3reg3yPScsK/Ma 5zFZAgR0kjWe9AYBBBBAAIEkChDQSeKo0qdCBQjoFCqXgPM2b96s3XTTTVrVqlWtD+ouueSS onv2xRdfaNdff73xl5nyQaf8q1ChgtasWTOtcePGjv3yXL9+/TSZwSeohYBOULKUiwACCCCA AAIIhCtAQCdc7yjW9u6771q/u5i/a8gfG3hdfv7znzvKOeOMM/IqYunSpY7zpA1y25NsixmK Mds7cOBA18PbtWtnlC23NHJbDh06pEkwzSxHHuUL9Hx/l5Iwj/xeJudlC2ccf/zxjjpefPFF t+Zk3CezsqTOoCO3vMq1rFixwlGvtLNp06bWaWY4K3V2gB/96Edp5/3hD3+wzsu2In9UUrFi ReP8bOf4NYZmW0aOHOlos/Qh2yIz0qaGJST0lO22XPby5Fj7dZPPeIT5GrG3tdj1Yq9fs/6w Xm+p14LMIpVrCattfliG1dYwr9eg3nPCssp1ffF8PAUI6MRz3Gg1AggggAAC5SRAQKecRpu+ 5hIgoJNLKAHPHzhwwPjrutWrV2tvvvmmJn+xec4552jyV3f2D+lk/eKLLy6qx3ILK/kQ1SxX /krvzjvv1DZs2GCVK1OT33LLLY6/4JMPftasWWMd4+cKAR0/NSkLAQQQQAABBBAonQABndLZ R6XmmTNnWr9rmL9zyB8cSIDBy3LZZZc5ysn3FkwzZsxwnCdtyHVLpQkTJjjOqV+/vvbZZ585 miu/p5n9+de//uV4zr4hv281bNjQOlbO6d27d87bCIubeZuk008/PeMMMxL4OOywwxzlP/zw w/Ym5LV+1llnOcqoUaNG1tlTt23blnYLL+mbBIq2bt1q1DllyhSjzLPPPtvRBrmFcsuWLR31 1a1bN+fsQnJrqxYtWhjnderUKaOJVObnGEp5P/3pTx3tPffcc2V31kXCYXJbKvM6kccrrrhC O3jwYNbz7rnnHsc58kczqdefWwFhvkbc6i9kn1/Xr1l30K83qSf1WujVq5dZfdbHoNvmp2XQ bRWoMK/XIN9zwrDKemHxZGwFCOjEduhoOAIIIIAAAmUjQECnbIaajuYhQEAnD6S4HzJ06FDH B3L2D/RS14sJ6MjMOW3atLHqkr+azDbluvwlpn32HgnpeP1gPZ+xIaCTjxLHIIAAAggggAAC 0RewB3S6desW/QbTwqIFJKyyZMkS7dVXX9UmTZqkHXvssdbvG/bfZSQQIjPPvP7665oEGWQ2 FntwYc+ePdqyZcu0BQsWaA8++KDj9xCznF/84hfG+XLc9u3brbZLkEN+p3j++ee11Fsdybmn nXaaNn36dO3tt9/W5I8iUhf5PckMx5h1ye2spE2yyO2HzNlR+vbtm3p62rZ8qJUaSJGgyQsv vODos5wos6b+7Gc/s8yOOuooTW5BZV/kGDF75ZVXtGuvvdY61myr3FZu4sSJxhiIg3jkWsSj UqVKjrLk9lUyY03q8o9//EMzZw+SfqQGFiSAJH9kYt7e7te//nVqEcYsRieffLKjPmm/zBzz +eefO47fsWOHNnnyZGuWn9q1a2syM1O2pdgxlN9zJcglt5eWmXpq1qzpaGvlypWN2xZJUEvG ItPMOHJtpt5CWsI9q1atcjRf/khHxur888931HPccccZ+x0H/3ejlK8Rt/bkuy+I69det9+v t1zXgly3N998sya3UpLrRa5Nuf7cFr/bFqSl320t9fUqM6cF9Z7jt5XbtcO+5AkQ0EnemNIj BBBAAAEEkiYgP+eanzOMGzcuad2jPwh4EiCg44krngenBnTkQ22ZNvlvf/ub1rFjR+sNUd4Y i7nFlXzIbL65yuPUqVNzgv35z392nCNt9XshoOO3KOUhgAACCCCAAAKlESCgUxr3UtXqNluO /feNXOv2kM2cOXMcv3fkOldmTDGX1Blrsp170kknmac5HlP/OEHKkFllJGhmzopSq1atnLPx mIXKjDNXXnllWgjmiCOOMGZLldtonXLKKY4+yyyqn3zyiVmE9Si3Pc7Wp9TnpJ35LDLjjQRP Us+XQNOwYcOM2yLbA08nnHCCJrNHyId25m2nUs+VP+qQEIHbIl/YDxo0KK1OmYVHAlB9+vRJ C3jJ7dEWLVrkVlzavmLGUIIWqX3Jti0Bm0yLzE4rv8+nGrVt21aTL2jlNmiptxiTmW1HjBih ye3HMi2lfo1kaleu/UFdv/Z6/Xy9eb0W5DrJ9odPfrYtaEs/2xqF6zXI9xw/rezXMuulFZg3 b54mIdEgFgI6QahSJgIIIIAAAgj4KUBAx09Nyoq7QAXpgP4LP0uCBfRf7JU+Ba/S/0pP6X8x qfQP66zefv/731f6B5LWth7QUc8995y1ne+K/iGT6tmzp3W4/qGgo1zriZQV/a9aVbNmzZT+ 4bnxjP7hqdL/slB16NAh5cjCN/W/ZFVdu3Y1CtD/UlLpHwYXXhhnIoAAAggggAACCJRMQJ9V wvjZUb/ljdKDDWrx4sUlawsVBy/wxBNPqMGDBxu/x+hhFqXfolfpQQOlz8yi5PcGc5FfaQ8d OqT0UIP65ptvlB5CMB71MIrSZxsxDnv55ZeVPtOIUZYeMFFSnlmOnC/Xlpy7b98+pc9wof7n f/5H3XHHHca5+i2hlD6riXGu/E4lbdDDEcZzcp78TiPnyLn9+vVTzzzzjNk0x6M+e48aPny4 kt9PUhd9dhilB5KUHqpJfSrr9ocffqj0vzwzfoeT/rstzZs3V7fddpvxe5DdzTz2j3/8o9K/ mLf6J78vmjZyjNlHcZV+St+//PJL8/Ssj/osE+pPf/qT+n//7/8pWXdb9Ftqqeuvv17pMxgp /fZfxiHyO6n+xxtKn/3G2BZzfXYhpd9uy/id1q0cc58eYFH6jDtKrp/9+/ebux2PeuhK/eQn P1GjR49W+u2wHM9l2yh0DOV37lNPPdUylutIDy8Z17H4mtev+IqttFv6nG15//331d133630 265l7KeMpT67lNJnHVInnnhituJUFF4jWRuY4ckgr9/UKv14vaVeC/JeJNeC+Z5ivp/Z34/0 cJg677zzUpvj2PajbWFZ+tHWKF2vQb7n+GHluFDYKKnAe++9p+RnCvlc8tZbb7X+n+dHo/QZ 05Qe5lP6jH1q165dfhRJGQgggAACCCCAgK8C8rOt/sczRpnyOcbIkSN9LZ/CEIiTAAGdOI1W AG1NDejot7hS+tTtnmvS7/et/vrXv1rn6dPPqxtvvNHazrbyq1/9So0fP9465Oqrr1aPPfaY tV3sCgGdYgU5HwEEEEAAAQQQiIaAfJEt4W4COtEYD1pRmIB8KCVf0ssfKUjoSP64QYI5uQIZ 2WqTgMf69evVmjVrlJQvX/I3adJE6bPSKH3WVEegKVs5QT0n7dNvV6Y+/vhj49/OnTtV48aN lX7LJaXfJkZJSCd1kZCKfnsfY7d8iHf44YenHpJ1W4JTYqL/lZ5au3at0mfgUhKE0m+1ZQT8 JBRR6BLEGBbaFumXBARk7KWvsi1/mCPvlXJtSQCExV+BKL/eoty21FGIU1tT2+62HeR7TtKs 3PzKZd9FF12k9FtSGv/fk6Do2LFjfQnqENAplyuIfiKAAAIIIBBfAQI68R07Wu6/AAEd/01j VaIfAR19Wl+lTw1u/KWq2fmVK1fm/As981j5cFraYS7yV37ypYvXD2DN81MfCeikirCNAAII IIAAAgjEU4CATjzHjVYjgAACCCCAAAIIKCWz6Mis4RKklUUCqvIHjsXOqENAh6sLAQQQQAAB BKIuQEAn6iNE+8IUIKATpnYE6/IjoCNTh8usN/ZFplOVaVXzWeSvKGXadfsydepUJX9V4sdC QMcPRcpAAAEEEEAAAQRKL0BAp/RjQAsQQAABBBBAAAEEChfo0qWLcetMewnFBnUI6Ng1WUcA AQQQQACBKAoQ0IniqNCmUgkQ0CmVfETq9SOgM2TIEPXII49YPapZs6bau3evtZ1rRabqland 5QsXc7nhhhvU//7v/5qbRT0S0CmKj5MRQAABBBBAAIHICBDQicxQ0BAEEEAAAQQQQACBAgRk Fh25vaPbUmhQh4COmyb7EEAAAQQQQCBKAgR0ojQatKXUAgR0Sj0CJa7fj4BOt27d1FtvvWX1 5Pjjj1fyRutladq0qdqyZYt1SseOHdWyZcus7WJWCOgUo8e5CCCAAAIIIIBAdAQI6ERnLGgJ AggggAACCCCAQGECMmv4Cy+8kPFkr0EdAjoZKXkCAQQQQAABBCIiQEAnIgNBMyIhQEAnEsNQ ukYUG9CReybXrl1b7du3z+rE6aefrt544w1rO5+Vrl27KgnSmEuDBg3U559/bm4W9UhApyg+ TkYAAQQQQAABBCIjQEAnMkNBQxBAAAEEEEAAAQQKFJBZdDp06KDkc9VsS75BHQI62RR5DgEE EEAAAQSiIEBAJwqjQBuiIkBAJyojUaJ2FBvQ2blzp5IwjX3p27evmj17tn1XzvVevXqlhXq+ +uorVatWrZzn5jqAgE4uIZ5HAAEEEEAAAQTiIUBAJx7jRCsRQAABBBBAAAEEsgvkmkXHfnau oA4BHbsW6wgggAACCCAQRQECOlEcFdpUKgECOqWSj0i9xQZ07G+oZpfkl8IZM2aYm3k9nnXW Weq1115zHLtu3TrVqlUrx75CNgjoFKLGOQgggAACCCCAQPQECOhEb0xoEQIIIIAAAggggIB3 gXxn0bGXnCmoQ0DHrsQ6AggggAACCERRwP598rhx49TIkSOj2EzahEAoAgR0QmGObiXFBnQW L16sevTo4ehgv3791LRp0xz7cm2cc845as6cOY7D/vnPf6p27do59hWyQUCnEDXOQQABBBBA AAEEoidAQCd6Y0KLEEAAAQQQQAABBAoT8DKLjr2G1KAOAR27DusIIIAAAgggEEUBAjpRHBXa VCoBAjqlko9IvcUGdN544w0lt6eyLxdffLF6/vnn7btyrv/whz9Muy3WsmXLVMeOHXOem+sA Ajq5hHgeAQQQQAABBBCIh4A9oFOnTh1fwtzx6DmtRAABBBBAAAEEEEiawL59+9TKlSsL7lbF ihXViBEjlHyGKn/4WK9ePbVr166Cy+NEBBBAAAEEEEAgKAECOkHJUm4cBQjoxHHUfGxzsQGd V155Rf3gBz9wtGjgwIHq2WefdezLtXHhhRem3RbrrbfeUl26dMl1as7nCejkJOIABBBAAAEE EEAgFgL2gE4sGkwjEUAAAQQQQAABBBAIWKBq1arqwIEDBHQCdqZ4BBBAAAEEEChcgIBO4Xac mTwBAjrJG1NPPYpyQEf+guTEE0/01B+3gwnouKmwDwEEEEAAAQQQiJ+APaBTvXp11bRp0/h1 ghYjgAACCCCAAAIIIKALSKhm06ZNRVkMGTJErVu3Tr322msEdIqS5GQEEEAAAQQQCFKAgE6Q upQdNwECOnEbMZ/bW2xAx+0WV5dccol67rnnPLX0ggsuUDNnznScs3jxYtWtWzfHvkI2COgU osY5CCCAAAIIIIBA9AQkoNO8eXO1ZcsW4+dE+XmRBQEEEEAAAQQQQACBOAr85Cc/UVOmTPHc dJkxZ9CgQequu+4yfjY+//zz1axZswjoeJbkBAQQQAABBBAIS4CATljS1BMHAQI6cRilANtY bEBn0aJFSsqwL/369VPTpk2z78q5fu6556qXXnrJcZzcP7ljx46OfYVsENApRI1zEEAAAQQQ QACB6AkQ0InemNAiBBBAAAEEEEAAAe8CH3zwgWrXrp369ttv8z45NZhjnkhAx5TgEQEEEEAA AQSiKkBAJ6ojQ7tKIUBApxTqEaqz2IDOP//5z7TbUPXt21fNnj3bUy/PPPNMNXfuXMc5a9eu Vccdd5xjXyEbBHQKUeMcBBBAAAEEEEAgegIEdKI3JrQIAQQQQAABBBBAwLuAl9lzMgVzzFoJ 6JgSPCKAAAIIIIBAVAUI6ER1ZGhXKQQI6JRCPUJ1FhvQ2blzp2rQoIGjR7169UoL2zgOcNno 0aOHSr1FwZ49e1SdOnVcjva2i4CONy+ORgABBBBAAAEEoipAQCeqI0O7EEAAAQQQQAABBPIV yHf2nFzBHLM+AjqmBI8IIIAAAgggEFUBAjpRHRnaVQoBAjqlUI9QncUGdKQr1atXV/v377d6 dcopp6jly5db2/mstGnTRq1Zs8Y6tEaNGmrfvn3WdjErBHSK0eNcBBBAAAEEEEAgOgIEdKIz FrQEAQQQQAABBBBAoDCBXLPn5BvMMWsnoGNK8IgAAggggAACURUgoBPVkaFdpRAgoFMK9QjV 6UdA58QTT1RyqytzOfbYY9W///1vczOvx0aNGqnt27dbx3bq1EktXbrU2i5mhYBOMXqciwAC CCCAAAIIREeAgE50xoKWIIAAAggggAACCHgXkNlzWrdu7Xqi12COWQgBHVOCRwQQQAABBBCI qgABnaiODO0qhQABnVKoR6hOPwI6119/vXr44YetXsmMOjL7TYUKFax92VZk9p2aNWsq+cLF XKTMhx56yNws6pGATlF8nIwAAggggAACCERGgIBOZIaChiCAAAIIIIAAAggUIHD66aerefPm Oc4sNJhjFkJAx5TgEQEEEEAAAQSiKkBAJ6ojQ7tKIUBApxTqEarTj4DOU089pa688kpHrzZv 3qyaNGni2Jdp4/3331ft2rVzPP3YY4+pq6++2rGv0A0COoXKcR4CCCCAAAIIIBAtAQI60RoP WoMAAggggAACCCCQv4DMniOfgX777bfGSVWqVFGDBw9Wd911l2revHn+BaUcSUAnBYRNBBBA AAEEEIicAAGdyA0JDSqhAAGdEuJHoWo/AjpbtmxRLVq0sH65lH7Nnj1b9e3bN68uPvPMM+pH P/qRdazMwLNt2zZVr149a18xKwR0itHjXAQQQAABBBBAIDoCBHSiMxa0BAEEEEAAAQQQQMCb wE9+8hM1ZcoUJTPmnHPOOWry5MlFBXPM2gnomBI8IoAAAggggEBUBQjoRHVkaFcpBAjolEI9 QnX6EdCR7lx22WXqr3/9q9WzG2+8UU2aNMnazrYiM+U88cQT1iES1nn66aet7WJXCOgUK8j5 CCCAAAIIIIBANATsAZ2uXbuqJUuWRKNhtAIBBBBAAAEEEEAAgSwCMntOhw4djFnIi50xJ7Ua AjqpImwjgAACCCCAQNQECOhEbURoTykFCOiUUj8CdcsXGxJgMZf+/furF154wdzM+9EegpGT 6tevrzZu3Khq166dtYxdu3YZs+98+eWXxnEVK1ZUixYtUtIuvxZ72+QvU4YNG+ZX0ZSDAAII IIAAAgggEKIAAZ0QsakKAQQQQAABBBBAwDeBV155RX3ve9/zZcac1EYR0EkVYRsBBBBAAAEE oiZAQCdqI0J7SilAQKeU+iWue//+/aply5bG7aTMppx00klqxYoVqkKFCuauvB/lllb/+Mc/ rOOHDh2qfv/731vbbitDhgxRjzzyiPXUL3/5SzV+/Hhr248VAjp+KFIGAggggAACCCBQegEC OqUfA1qAAAIIIIAAAgggEC0BAjrRGg9agwACCCCAAALpAgR00k3YU74CBHTKYOxldpr169cr TdPUoUOHlGzLtKrPPvusevPNN9MEzjvvPDVgwADVqlUrVatWLVW5cmUjsCN/5VG9evW0480d O3fuNGa+WbdunbnLCNtI6MZtGT16tBo7dqz1VLdu3dT8+fON+qydPqwQ0PEBkSIQQAABBBBA AIEICBDQicAg0AQEEEAAAQQQQACBSAkQ0InUcNAYBBBAAAEEEHARIKDjgsKushUgoFMGQy+z 2sjsNsUuMrNO+/btsxazevVqo66PPvrIOk7qvuOOO1T37t2NoM/ChQvV/fffr2bNmmUdI/dg nj59eiDTvBLQsZhZQQABBBBAAAEEYi1AQCfWw0fjEUAAAQQQQAABBAIQIKATACpFIoAAAggg gICvAgR0fOWksJgLENCJ+QDm0/z3339fyew0ctuqGjVqqCpVqhiz1FSsWFHJP/vtrGSWHfni Q/4dPHjQ+Pf111+rvXv3qnfeeSdnQEfas2fPHnXTTTepJ5980pi1x95GqUvqMBep/xe/+IUa M2aM0S5zv5+PBHT81KQsBBBAAAEEEECgdAIEdEpnT80IIIAAAggggAAC0RQgoBPNcaFVCCCA AAIIIPCdAAGd7yxYQ4CADtdAYAIbNmxQjz76qHr99dfVv/71L7V7924jENSgQQN1/PHHq/79 +6uLLrpItWzZMrA2SMEEdALlpXAEEEAAAQQQQCA0AQI6oVFTEQIIIIAAAggggEBMBAjoxGSg aCYCCCCAAAJlLEBAp4wHn66nCRDQSSNhR1AChw4dMmbrqVSpUlBVuJZLQMeVhZ0IIIAAAggg gEDsBAjoxG7IaDACCCCAAAIIIIBAwAIEdAIGpngEEEAAAQQQKFqAgE7RhBSQIAECOgkaTLri LkBAx92FvQgggAACCCCAQNwECOjEbcRoLwIIIIAAAggggEDQAgR0ghamfAQQQAABBBAoVoCA TrGCnJ8kAQI6SRpN+uIqQEDHlYWdCCCAAAIIIIBA7AQI6MRuyGgwAggggAACCCCAQMACBHQC BqZ4BBBAAAEEEChagIBO0YQUkCABAjoJGky64i5AQMfdhb0IIIAAAggggEDcBAjoxG3EaC8C CCCAAAIIIIBA0AIEdIIWpnwEEEAAAQQQKFaAgE6xgpyfJAECOkkaTfriKkBAx5WFnQgggAAC CCCAQOwECOjEbshoMAIIIIAAAggggEDAAgR0AgameAQQQAABBBAoWoCATtGEFJAgAQI6CRpM uuIuQEDH3YW9CCCAAAIIIIBA3AQI6MRtxGgvAggggAACCCCAQNACBHSCFqZ8BBBAAAEEEChW gIBOsYKcnyQBAjpJGk364ipAQMeVhZ0IIIAAAggggEDsBAjoxG7IaDACCCCAAAIIIIBAwAIE dAIGpngEEEAAAQQQKFqAgE7RhBSQIAECOgkaTLriLkBAx92FvQgggAACCCCAQNwECOjEbcRo LwIIIIAAAggggEDQAgR0ghamfAQQQAABBBAoVoCATrGCnJ8kAQI6SRpN+uIqQEDHlYWdCCCA AAIIIIBA7AQkoNOiRQu1efNm1bVrV7VkyZLY9YEGI4AAAggggAACCCDgpwABHT81KQsBBBBA AAEEghAgoBOEKmXGVYCATlxHjnbnLUBAJ28qDkQAAQQQQAABBCItQEAn0sND4xBAAAEEEEAA AQRKIEBApwSxy84YAABAAElEQVToVIkAAggggAACngQI6Hji4uCECxDQSfgA0z2lCOhwFSCA AAIIIIAAAskQIKCTjHGkFwgggAACCCCAAAL+CRDQ8c+SkhBAAAEEEEAgGAECOsG4Umo8BQjo xHPcaLUHAQI6HrA4FAEEEEAAAQQQiLAAAZ0IDw5NQwABBBBAAAEEECiJAAGdkrBTKQIIIIAA Agh4ECCg4wGLQxMvQEAn8UNMBwnocA0ggAACCCCAAALJECCgk4xxpBcIIIAAAggggAAC/gkQ 0PHPkpIQQAABBBBAIBgBAjrBuFJqPAUI6MRz3Gi1BwECOh6wOBQBBBBAAAEEEIiwAAGdCA8O TUMAAQQQQAABBBAoiQABnZKwUykCCCCAAAIIeBAgoOMBi0MTL0BAJ/FDTAcJ6HANIIAAAggg gAACyRAgoJOMcaQXCCCAAAIIIIAAAv4JENDxz5KSEEAAAQQQQCAYAQI6wbhSajwFCOjEc9xo tQcBAjoesDgUAQQQQAABBBCIsAABnQgPDk1DAAEEEEAAAQQQKIkAAZ2SsFMpAggggAACCHgQ IKDjAYtDEy9AQCfxQ0wHCehwDSCAAAIIIIAAAskQIKCTjHGkFwgggAACCCCAAAL+CRDQ8c+S khBAAAEEEEAgGAECOsG4Umo8BQjoxHPcaLUHAQI6HrA4FAEEEEAAAQQQiLCAPaDTpUsX9dZb b0W4tTQNAQQQQAABBBBAAIHgBQjoBG9MDQgggAACCCBQnAABneL8ODtZAgR0kjWe9MZFgICO Cwq7EEAAAQQQQACBGAoQ0InhoNFkBBBAAAEEEEAAgUAFCOgEykvhCCCAAAIIIOCDAAEdHxAp IjECBHQSM5R0JJMAAZ1MMuxHAAEEEEAAAQTiJUBAJ17jRWsRQAABBBBAAAEEghcgoBO8MTUg gAACCCCAQHECBHSK8+PsZAkQ0EnWeNIbFwECOi4o7EIAAQQQQAABBGIoQEAnhoNGkxFAAAEE EEAAAQQCFSCgEygvhSOAAAIIIICADwIEdHxApIjECBDQScxQ0pFMAgR0MsmwHwEEEEAAAQQQ iJcAAZ14jRetRQABBBBAAAEEEAhegIBO8MbUgAACCCCAAALFCRDQKc6Ps5MlQEAnWeNJb1wE COi4oLALAQQQQAABBBCIoQABnRgOGk1GAAEEEEAAAQQQCFSAgE6gvBSOAAIIIIAAAj4IENDx AZEiEiNAQCcxQ0lHMgkQ0Mkkw34EEEAAAQQQQCBeAgR04jVetBYBBBBAAAEEEEAgeAECOsEb UwMCCCCAAAIIFCdAQKc4P85OlgABnWSNJ71xESCg44LCLgQQQAABBBBAIIYCBHRiOGg0GQEE EEAAAQQQQCBQAQI6gfJSOAIIIIAAAgj4IEBAxwdEikiMAAGdxAwlHckkQEAnkwz7EUAAAQQQ QACBeAkQ0InXeNFaBBBAAAEEEEAAgeAFCOgEb0wNCCCAAAIIIFCcAAGd4vw4O1kCBHSSNZ70 xkWAgI4LCrsQQAABBBBAAIEYChDQieGg0WQEEEAAAQQQQACBQAUI6ATKS+EIIIAAAggg4IMA AR0fECkiMQIEdBIzlHQkkwABnUwy7EcAAQQQQAABBOIlQEAnXuNFaxFAAAEEEEAAAQSCFyCg E7wxNSCAAAIIIIBAcQIEdIrz4+xkCRDQSdZ40hsXAQI6LijsQgABBBBAAAEEYihAQCeGg0aT EUAAAQQQQAABBAIVIKATKC+FI4AAAggggIAPAgR0fECkiMQIENBJzFDSkUwCBHQyybAfAQQQ QAABBBCIlwABnXiNF61FAAEEEEAAAQQQCF6AgE7wxtSAAAIIIIAAAsUJENApzo+zkyVAQCdZ 40lvXAQI6LigsAsBBBBAAAEEEIihAAGdGA4aTUYAAQQQQAABBBAIVICATqC8FI4AAggggAAC PggQ0PEBkSISI0BAJzFDSUcyCRDQySTDfgQQQAABBBBAIF4CBHTiNV60FgEEEEAAAQQQQCB4 AQI6wRtTAwIIIIAAAggUJ0BApzg/zk6WAAGdZI0nvXERIKDjgsIuBBBAAAEEEEAghgIS0Dnm mGPUxx9/rLp06aLeeuutGPaCJiOAAAIIIIAAAggg4J8AAR3/LCkJAQQQQAABBIIRIKATjCul xlOAgE48x41WexAgoOMBi0MRQAABBBBAAIEICxDQifDg0DQEEEAAAQQQQACBkggQ0CkJO5Ui gAACCCCAgAcBAjoesDg08QIEdBI/xHSQgA7XAAIIIIAAAgggkAwBAjrJGEd6gQACCCCAAAII IOCfAAEd/ywpCQEEEEAAAQSCESCgE4wrpcZTgIBOPMeNVnsQIKDjAYtDEUAAAQQQQACBCAsQ 0Inw4NA0BBBAAAEEEEAAgZIIENApCTuVIoAAAggggIAHAQI6HrA4NPECBHQSP8R0kIAO1wAC CCCAAAIIIJAMAQI6yRhHeoEAAggggAACCCDgnwABHf8sKQkBBBBAAAEEghEgoBOMK6XGU4CA TjzHjVZ7ECCg4wGLQxFAAAEEEEAAgQgLENCJ8ODQNAQQQAABBBBAAIGSCBDQKQk7lSKAAAII IICABwECOh6wODTxAgR0Ej/EdJCADtcAAggggAACCCCQDAECOskYR3qBAAIIIIAAAggg4J8A AR3/LCkJAQQQQAABBIIRIKATjCulxlOAgE48x41WexAgoOMBi0MRQAABBBBAAIEICxDQifDg 0DQEEEAAAQQQQACBkggQ0CkJO5UigAACCCCAgAcBAjoesDg08QIEdBI/xHSQgA7XAAIIIIAA AgggkAwBAjrJGEd6gQACCCCAAAIIIOCfAAEd/ywpCQEEEEAAAQSCESCgE4wrpcZTgIBOPMeN VnsQIKDjAYtDEUAAAQQQQACBCAvYAzqdO3dW8nMeCwIIIIAAAggggAAC5SxAQKecR5++I4AA AgggEA8BAjrxGCdaGY4AAZ1wnKmlhAIEdEqIT9UIIIAAAggggICPAgR0fMSkKAQQQAABBBBA AIFECBDQScQw0gkEEEDAEti3b5+qUqWK8c/ayQoCMRcgoBPzAaT5vgoQ0PGVk8KiKEBAJ4qj QpsQQAABBBBAAAHvAgR0vJtxBgIIIIAAAggggECyBZIY0Dl06JCqXLmy54H79ttvVaVKlTyf xwkIIIBAKQUOHjyoHn74YfXSSy+pVatWqU2bNhnvZc2bN1cDBw5Uw4cPVw0bNixlE6kbgaIF COgUTUgBCRIgoJOgwaQr7gIEdNxd2IsAAggggAACCMRNgIBO3EaM9iKAAAIIIIAAAggELZC0 gM68efNU7969DbYaNWqoatWqqapVq6qKFSuqChUqWJyapikJ5Ozfv9/49/XXX6tGjRqptWvX qlq1alnHsYJAVAQWLFigFi5cqBo3bqzOO+881aBBg6g0jXaUUODvf/+7uvXWW9UHH3xgtULe 7+TzD3Np3bq1mj9/PiEdE4THWAoQ0InlsNHogAQI6AQES7HRESCgE52xoCUIIIAAAggggEAx AgR0itHjXAQQQAABBBBAAIEkCiQtoPPEE0+oq6++uuCh2r59uzryyCMLPp8TEQhCYNy4cWrU qFFW0fXq1VMS2GnXrp21j5XyE5g2bZoaMGCA1fH69eurRx55RPXq1UudcMIJaseOHdZzcv2M GTPG2mYFgbgJENCJ24jR3iAFCOgEqUvZkRAgoBOJYaARCCCAAAIIIIBA0QIEdIompAAEEEAA AQQQQACBhAkkLaCzZ88e9cknnyiZEeerr75Sq1evVvfdd59jdglzCGUWkmuuuUYdffTRqnbt 2qpKlSqqVatW3ObKBOIxEgL79u1TdevWVXLrNvty+eWXq7/85S/2XayXkcC6detUx44dlbzn ySK3sFqyZInxHrZ8+XLVqVMnh8bZZ5+tXn75Zcc+NhCIkwABnTiNFm0NWoCATtDClF9yAQI6 JR8CGoAAAggggAACCPgiQEDHF0YKQQABBBBAAAEEEEiQQNICOm5DI7eAkTCOfZFbX+3evVtV r17dvjty6yNHjlTvvfeeGjZsmOrTp0/k2keDcgsUO4Zr1qxRbdq0SatIZkmZO3du2n52lIdA jx491OLFi63O3n///catrmTH1q1bVZMmTaznZEXeQyZPnuzYxwYCcRIgoBOn0aKtQQsQ0Ala mPJLLkBAp+RDQAMQQAABBBBAAAFfBAjo+MJIIQgggAACCCCAAAIJEiiHgM6KFStUhw4dHKPW qFEjtW3bNse+KG5IMEMCGnLbmmuvvTaKTaRNOQSKHcMDBw6oww8/XMlMOvbl5ptvVhMnTrTv Yr1MBNauXWvcwsrsrlwfEsqxBw5vuOEG9dBDDxmHyMxgM2bMUG3btjVP4RGB2AkQ0IndkNHg AAUI6ASIS9HRECCgE41xoBUIIIAAAggggECxAgR0ihXkfAQQQAABBBBAAIGkCZRDQGflypWq ffv2jqGT21pt2bLFsS+KGzVr1jRu10VAJ4qjk1+b/BjDCRMmqDvvvNOqsE6dOkq+t2jdurW1 j5XyEXjqqafUlVdeaXW4Z8+eav78+da2ubJx40a1Y8cOI6BYoUIFczePCMRSgIBOLIeNRgck QEAnIFiKjY4AAZ3ojAUtQQABBBBAAAEEihEgoFOMHucigAACCCCAAAIIJFGAgE50R3Xz5s2q WbNmRgMJ6ER3nLK1zM8xfPfdd9WcOXNUrVq11AUXXKBatGiRrWqeS7BAamBr0KBB6tFHH01w j+kaAkoR0OEqQOA7AQI631mwllABAjoJHVi6hQACCCCAAAJlJ0BAp+yGnA4jgAACCCCAAAII 5BAgoJMDqIRP33vvvWrEiBFGCwjolHAgiqiaMSwCj1MzCtx9991qzJgx1vOjR49Wso8FgSQL ENBJ8ujSN68CBHS8inF87AQI6MRuyGgwAggggAACCCDgKkBAx5WFnQgggAACCCCAAAJlLEBA J5qDL7+7HHfccWrDhg1GAwnoRHOcsrWKMcymw3PFCKQGdCSsM2rUqGKK5FwEIi9AQCfyQ0QD QxQgoBMiNlWVRoCATmncqRUBBBBAAAEEEPBbgICO36KUhwACCCCAAAIIIBB3AQI60RzBZ599 Vl1++eVW4wjoWBSxWWEMYzNUsWsoAZ3YDRkN9kGAgI4PiBSRGAECOokZSjqSSYCATiYZ9iOA AAIIIIAAAvESIKATr/GitQgggAACCCCAAALBCxDQCd7Yaw1z585V5513nvrmm2+sUwnoWBSx WGEMYzFMsW0kAZ3YDh0NL0KAgE4ReJyaOAECOokbUjqUKkBAJ1WEbQQQQAABBBBAIJ4CEtBp 2bKl2rRpk+rcubOSn/NYEEAAAQQQQAABBBAoZwECOt5GX36n2LVrl9qxY4c64ogj1OGHH55W wKFDh9T69etVjRo1VNOmTVWFChXSjsm0Y/bs2WrgwIFq7969jkOCCOhs27ZNvf/++2rLli3q q6++UnXr1jV+X+revbunNpsN3b9/v/r8889VtWrVVMOGDc3d1uPHH39shI5atGihqlatau3P tbJu3Tq1efNmtXXrVrV7927VqFEj1apVK3XssceqOnXq5Drd0/Oaphkm8juj+Bw8eFAdeeSR qnHjxsY/aXuuJegx3LNnj+EshnJ9FbLIdbxq1SolYyL9rFKlivre976n2rRpo+rVq1dIkdY5 Qb9GrIp8Xgnq+pVm+v1a8zug43f74mRZ6uvVj/ecTC8Fv8c1Uz1h7SegE5Y09cRBgIBOHEaJ NhYlQECnKD5ORgABBBBAAAEEIiMgH7wQ0InMcNAQBBBAAAEEEEAAgQgIENDJPAgSYPjlL39p hHEkeCKhHAnnyO8VsthDMxs2bFD33HOPWrp0qRHwOHDggHGMhHQkTHLGGWeosWPHugZ6JIAy adIktWDBAvXuu+8a56X+5+STT1bHHHNM6m5jW/744K677nJ9zm2n3HpJ6luyZImSL4dTl2bN mqkf//jH6oorrlDt2rVLfdrYfvzxx5WUIy6mjYR8ZGnevLnauHGjsS7Bmttvv129/PLLaufO ncY+CZYMHjxYTZw40QjzGDtT/vPZZ5+phx9+WE2ZMkV98MEHKc9+tymuw4cPN2Yc8hKE+q6E /1v79NNP1fjx49W0adOMMFDq8+a2hFgGDRqkrrrqKiMoZO4PYgy//PJLox657uSfOIuhhIZk kTESHy+LhLHGjRunpk+frrZv3+56qoSRpH8ybvXr13c9xtwZ1mvErM+vx6CvX7OdfrzWpKyn n35aTZ061SxWrV69Ou110a9fP+t5c+Xiiy82rhNzO/XRj/bFyTJK12ux7zmpY2nf9mNc7eVF ZZ2ATlRGgnZEQkD/AY4FgUQLvPXWW/JbivFv8uTJie4rnUMAAQQQQAABBJIs8O2332r6h8XG z3X6h9hJ7ip9QwABBBBAAAEEEEAgL4Ef/vCHxs/H+qwZeR0fx4Pee+896/Nd83Peo48+OmdX 5syZk3aeeb486gEdTZ8tRxs9erRWvXp161h9BhmtSZMmmh4YsfbJ8fpMLNqsWbPS6p0xY4bj OHsd+axfcMEFaWW67dDDHZo+O4+jrsMOO0zTb6elXX311dppp52mVa5c2fH8gw8+6FaUdtNN NzmOs7ezVq1axjkzZ87UateunfE4PQTiWrYeyNH0P6ywztNDTpoexNGGDBmiXXfddVqPHj00 PeRjPS91t23bVtNDUq7l5dr54osvGmNj74Os67PlaH379jXq1mdKctQnY6l/2W8VHcQY6iEl R52p7dMDOlb9+aw89dRTmrzO7eUcddRRmlw/Mv49e/bUKlasaD0v14Zc2/v27ctYfFivkYwN KPCJIK9faZKfrzUpTw/gWeNiH79c63rAUE5PW/xsX5wso3K9+vGekzao+g4/x9Wt/FLvk/83 mNe8HjQsdXOoH4GSCkjCmgWBRAsQ0En08NI5BBBAAAEEECgjAQI6ZTTYdBUBBBBAAAEEEEAg LwECOpmZ1qxZo91www2aBCEk0GN+MWg+6jO8aNdcc421v0+fPtqyZcs0fYYTo1B9th1Nn8HC el7O02ckMb5EtdcqXzrqt6xx/NNv3eQ4T0IpqceY2/qsO/biXNdfe+01IzRktl2CGBJ40Wdx cByvz8yh6be4ctR93333OY6RjRdeeME4X8IdNWvWdBwvAZ3ly5dr8ij1denSRZs/f7525pln Oo6TUNM333zjKFvs9FtYWcfpt93S9Jl5HMfIhrTz9NNPt46TevRbXmn6jD1px2baoc9Q4xg/ KaNSpUpGKEWfrcZxmvwu+ec//9lRn4Sw9NmUjOOCGEPp94033miEZ6Rv5tiZj/kGdGSMBwwY 4Di/f//+roEmfeajtGNPPfVUTb+1mMPD3AjrNWLW59djUNevtM/v15pZpvl6l8fUa1+f9cj1 /UGfMSmNzO/2xcmy1Nern+85qQPr97imlh+FbQI6URgF2hAVAQI6URkJ2hGYAAGdwGgpGAEE EEAAAQQQCFWAgE6o3FSGAAIIIIAAAgggEAMBAjr5DdL+/fu14447zhFy0G85ZWzLjDnPPPOM a0Eyw06bNm0c5+m3ZHI91r4zNRAks/UUuvz73/92hGhkZh/9tjQZi9u2bZvWsGFDR5tlxodM y4oVKxwzr8iMNyeeeKJxvn6LLO2LL74wTu3UqZOjTJmtx3zOLPuNN95wHCNhFAlCuS1i27Vr V8fx+i2otL1797odnrZPAlVm2EUeJXAzb968tOPMHfrt4BzHyznvvPOO+XTao59jKL/LdujQ wVF/PgEd/VZrjvNk7EeNGmUFi9Iare+QuoYOHeqoq3379mljlXpu2K+R1PoL3fbz+g36tWb2 UWY2sl+7+VwLcm7Q7YuTZSmu16Dec4IeV/O6K/UjAZ1SjwD1R0mAgE6URoO2BCJAQCcQVgpF AAEEEEAAAQRCFyCgEzo5FSKAAAIIIIAAAghEXICATv4DNHjwYMeX4uYX5A888EDWQsaPH+84 76STTsp6vDzpZ7ijd+/ejvoHDRqUs34J5Jj9k0eZwSfbIrdKsh8v63IbqI8++sg6bcSIEY5j +vXrZz1nrowdO9ZxjJRzxRVXmE+nPcqMGKm3u8onzPTEE0+k1SO3v8m2nHzyyWnnTJ06NeMp fo6hVHLzzTc76s8nlCGzrdjHRYId+S6pty7K57oJ8zWSbz/yOc6v6zeM15r0p9CAThjti5Nl mNdrkO85YYxrPq+joI8hoBO0MOXHSYCATpxGi7YWJEBApyA2TkIAAQQQQAABBCInQEAnckNC gxBAAAEEEEAAAQRKLEBAJ/8BuOWWWxxhBwk+yIwI5m2OMpU0ffp0x3m1a9fOdKi1369wx5/+ 9CdH3XILp61bt1r1ZFuRUI493LF48eKMh59wwgmOY+W81Ftjye2rZJ/c9us3v/mNtn379rTy nnzyybRy7r333rTj7DtSZ9G58MIL7U+nrUu9cqsxe9/OOuustONSd9hvZybnykxBmW79JOf6 NYZmO2TmG3ubcwV05NZnVapUsc6RWZHkFjv5Ljt27LBuU2bWO2vWrKynh/kaydoQj0/6cf2G 9VqTrhUS0AmrfXGyDOt6DfI9J6xx9fiSCuRwAjqBsFJoTAUI6MR04Gh2/gIEdPK34kgEEEAA AQQQQCDKAgR0ojw6tA0BBBBAAAEEEECgFAIEdPJXv/XWW62wgxlYmD17ds4CFixYkHaehB+y LX6EO+RWT3Xr1nXUfeaZZ2ar1vFcaiDktttuczxv35BbS5km8lixYkVt8+bN9kPyWt+1a5fj lkzyZb/ccivbct111znqzjVDkczIY2+r3PYp262qzLrlS3bxk9BL27Zttccee8x8yvXRjzG0 F+w1lJE6448EjLwul112mcOqZ8+eWYsI8zWStSEenyz2+g3ztSZd83othNm+OFmGdb0G9Z4T 5rh6fEkFcjgBnUBYKTSmAgR0YjpwNDt/AQI6+VtxJAIIIIAAAgggEGUBAjpRHh3ahgACCCCA AAIIIFAKAQI6+au7fZmbKzwipS9fvtwRcpBwSK7z/Ah3pN6mSuqVmWvyXd58801HuwcMGJDx 1NQv5Xv16pXx2FxPfPPNN9r8+fO1bDP22Mu4//77He1s1aqV/WnHunyhLTPf2AM6rVu3dhzj 14YfY2hvi5dQhts19/jjj9uLy2v997//vcNK3ORL8kxLmK+RTG0oZH+x12+YrzXpn5drQY4P s31xsgzjeg3yPSfMcZXrqNQLAZ1SjwD1R0mAgE6URoO2BCJAQCcQVgpFAAEEEEAAAQRCFyCg Ezo5FSKAAAIIIIAAAghEXICATv4DlPplbuPGjfM62S0sEUZAZ9iwYWnhiqlTp2qHDh3K65/c CsseZOnQoUPG/qZ+KZ9ttp2MheTxxMaNG7VXX31Ve+aZZ7RJkyZpI0eO1E499VRHO7MFdGTG I3ufZH3QoEF51Oz9kFIGdFIDHNJPCT15XWbOnJnmNWHChIzFhPkaydiIAp4o9voN87Um3Usd 31y3OwuzfXGyDON6DfI9J8xxLeBl5fspBHR8J6XAGAsQ0Inx4NH0/AQI6OTnxFEIIIAAAggg gEDUBQjoRH2EaB8CCCCAAAIIIIBA2AIEdPIXT/0y94wzzsjr5FIFdM4///y0cEVqOMXLdrNm zTL2N/VL+QceeCDjsV6e2Llzp/boo49qcp02bNgwr/5kC+hIu1L7PH78eC9NyvvYUgZ0Lr30 0rR+Zpv5JlOn5s2bl1bOkCFDMh2uhfkaydiIAp4o9voN87Um3fMa0AmzfXGyDON6DfI9J8xx LeBl5fspBHR8J6XAGAtUkLbrP9CwIJBYgbffflt17drV6N/kyZOVnkpNbF/pGAIIIIAAAggg kGSB//znP6ply5Zq06ZNqnPnzkp+zmNBAAEEEEAAAQQQQKCcBfQv+NSsWbNUvXr11K5duxJJ sXLlStW+fXtH3/TwhNqyZYtjX66N4cOHq9/97nfWYb1791avvfaatZ1p5Z133lEdO3Z0PK3P oKMaNWrk2GffaNKkidJnsLF2PfLII+raa6+1tvNZ6dKli1q6dKnjUKmzQYMGjn35bFSuXFnp t61S+pfNrofrt4lS+pen1nPPPfecuuSSS6xtryuffvqpGjVqlNLDOergwYOO0/WZi1S3bt3U KaecomQcp0+frvSZXqxj9ICOWrdunbVtX7nzzjuVPgOMfZfSb+Okhg4d6tjnx4YfY2hvx913 363GjBlj7dJnTVFTpkyxtu0r+qxCasGCBfZdav369cbvw46dOTZWrFih9JmTHEf16dNHvfTS S4595kaYrxGzTj8ei71+w3ytSX+9XAtyfJjti5NlGNdrkO85YY6rXEelXj788EOlB8CMZowb N07pM6iVuknUj0DpBGIcLqLpCOQlwAw6eTFxEAIIIIAAAgggEHkBZtCJ/BDRQAQQQAABBBBA AIGQBZhBJ3/w1NkW9IBOXieXagYd/Y9O02Y/0YMrebXZ60Gps2bIrZEKXR5//HHtsMMOS2u7 HsrRXnzxRU3/wwtH0Q8++KDj2Gwz6OhfyDuO1b9Z0/SAjqM8vzZKOYOOHl5K6+eqVas8d03/ o5a0ci688MKM5YT5GsnYiAKeKPb6DfO1Jt3zOoNOmO2Lk2UY12uQ7zlhjmsBLyvfT2EGHd9J KTDGAtziKsaDR9PzEyCgk58TRyGAAAIIIIAAAlEXIKAT9RGifQgggAACCCCAAAJhCxDQyV88 jC9zzdbkG+5YvHixNnHiRO311183T7Ue3W5ztGTJEut5P1eK/VLebMukSZO0ChUqOEIhxx57 rDZ37lzzkLRHLwEdsZJQjv3f2LFj08r0Y4cfY2hvh5dQhtutb+bPn28vLq/1V155xWElbv37 9894bpivkYyNKOCJYq/fMF9r0j0v14IcH2b74mQZxvUa5HtOmOMq11GpFwI6pR4B6o+SAAGd KI0GbQlEgIBOIKwUigACCCCAAAIIhC5AQCd0cipEAAEEEEAAAQQQiLgAAZ38ByiML3PN1uQb 7vjVr35lBCj0WzSZp1qPd9xxR1q4Qr/1lPW8nyvFfikvbZEZXipWrOhos347Lk2+lM22eAno 6LfDcpQvgZPBgwdnK77g5/wYQ3vlXkIZN954Y1o/C5nV6Pnnn08rR8rOtIT5GsnUhkL2F3v9 hvlak/55uRbk+DDbFyfLMK7XIN9zwhxXuY5KvRDQKfUIUH+UBAjoRGk0StgW/f7E2tq1a7X9 +/cH2oqw6rF3goCOXYN1BBBAAAEEEEAgvgIEdOI7drQcAQQQQAABBBBAIBgBAjr5u4bxZa7Z Gj/CHS+99FJauEJut1LI8umnn2pffvllxlOL/VJeCr7gggvS2rtw4cKMdZpP/Pa3v3WcZ7/F 1fbt27WLLrpIGz9+vHH4li1btEqVKjmOlxl6ClkOHDiQdrstezl+jKG9PC+hjKefftrRRwki yexEXpcJEyaklTNt2rSMxYT5GsnYiAKeKPb6DfO1Jt3zci3I8WG2L06WYVyvQb7nhDmuch2V eiGgU+oRoP4oCRDQidJolKgt8kNyo0aNjB/UhgwZElgrwqontQMEdFJF2EYAAQQQQAABBOIp QEAnnuNGqxFAAAEEEEAAAQSCEyCgk79tGF/mmq1p0qSJIxjxxz/+0XzK8XjbbbcZxw0bNsyx Xzbsv/+Yt3Rq27Zt2nG5dixbtsy47VSHDh0yHlrsl/LS1urVqzv63Lp164z12Z+4/PLLHefZ Azrr1683nqtVq5Z1innNmybyuHz5cuv5fFZWrlypVa5cWevcuXPGw/0YQ3vhXkIZX3/9tVav Xj2HiwSVvC59+/Z1lFGnTh1Nys60hPkaydSGQvb7cf02b97cYRXUa0365+VakOPj9l4QlmVY 12tQ7zlhjqtcR6VeCOiUegSoP0oCBHSiNBoht2Xz5s3aTTfdpFWtWtX6weOSSy7xvRVh1ZOp 4QR0MsmwHwEEEEAAAQQQiJeA/cOLbB+kxqtXtBYBBBBAAAEEEEAAgcIFzC8O5cv8pC7vvfee 9fm1GcqQ2U28LmF9mSvtat++vaPN9957r2tzL730UuO4sWPHuj6fOruM9H/WrFmux2ba2b9/ f6OOnj17ZjpEKzbgsGnTJkd/pZ1XXXVVxvrsTxxzzDGOc3MFdGbPnu04Xurq0qWLEWKwl5tt XW6LJed17Ngx42F+jaFZgddQxu233+7oZ7Vq1bRPPvnELC7n48aNG7UqVao4ynjooYeynhfm ayRrQzw+Wez1K9WF9VqTurxeC2G2L06WYV2vQb7nhHndyXVUyoWATin1qTtqAgR0ojYiAbRH pmqUH9xWr16tvfnmm5r8MnDOOedo8gOd/BBq/3fxxRcX3IKw6vHaQAI6XsU4HgEEEEAAAQQQ iKYAAZ1ojgutQgABBBBAAAEEECidQDkEdN59913HZ9jyebbMCO91+fnPf+4o54wzzsiriKVL lzrOk/rltifZFjMUY372PnDgQNfD27VrZ5QttzRyWw4dOqR1797dUb98gb5r1y63w9P2SZin QoUKxvnZwhnHH3+8o44XX3wxraxsO2RWltQZdOSWV7mWFStWOOoVr6ZNm1qnmeGs1ADaj370 o7Tz/vCHP1jnZVuZP3++VrFiReP8bOf4NYZmW0aOHOlos/Qh27J379604JSEnv7zn/9kO816 To41rz95zGc8wnyNWA31YaXY61eaENZrTepKvRZkFqlcS1jti5NlmNdrUO85YY1rrusrjOcJ 6IShTB1xESCgE5eRKqKdQ4cOdfwgZv+hLHW9mIBOWPV4pSCg41WM4xFAAAEEEEAAgWgKENCJ 5rjQKgQQQAABBBBAAIHSCZRDQGfmzJlpn2/LrPASYPCyXHbZZY5y8r0F04wZMxznyWfquW6p NGHCBMc59evX1z777DNHc+WPac3P5//1r385nrNvrFu3TmvYsKF1rJzTu3dvbffu3fbD0tbF zbxN0umnn55xhhkJfBx22GGO8h9++OG08nLtOOussxxl1KhRQ5OATaZl27ZtWuqtcKRvEija unWrcdqUKVOMMs8++2xHMdL3li1bOuqrW7duztmF5NZWLVq0MM7r1KlTRhOpzM8xlPJ++tOf Otp77rnnyu6si4TD5LZU5nUij1dccYV28ODBrOfdc889jnMaN26cdv25FRDma8St/kL2+XX9 St1Bv9bM/qVeC7169TKfyvoYdPviZhnm9Rrke07Q45r1ovrvkxKeCXohoBO0MOXHSYCATpxG q8C2pgZnjj32WE0SuX/729+MKRztP9wVc4ursOrxykBAx6sYxyOAAAIIIIAAAtEUIKATzXGh VQgggAACCCCAAAKlE0hiQEfCKkuWLNFeffVVbdKkSZp8nm3/DNtcl0CIzDzz+uuvaxJkkNlY 7MGFPXv2aMuWLdMWLFigPfjgg5qEesxzzcdf/OIXxvly3Pbt262BlCCHfK78/PPPp92uSs49 7bTTtOnTp2tvv/22MXO9deJ/V7744gsrHGPWJbezkjbJIrcfMm8l07dv3/+elflBvthMDaRI 0OSFF15w9FlK2Lx5s/azn/3M6utRRx2lyS2o7IscI2avvPKKdu2111rHmm2VW4hNnDjRGANx EI9ci3hUqlTJUZbcvkpmrEld/vGPf2jm7EHSj9TAggSQ5E4A0g5p069//evUIoxZjE4++WRH fXKszBzz+eefO47fsWOHNnnyZGuWn9q1a2syM1O2pdgxlACZBLkWLlyoyUw9NWvWdLS1cuXK xm2VJKglY5FpZhy5No888kjHuRLuWbVqlaP5cocDGavzzz/fcexxxx1n7Hcc/N+NUr5G3NqT 774grl+zbr9fa1JurmtBrtubb75Zk1spyfUi16Zcf26L3+2Lk2Wpr1eZOS2o9xy/x9Xt2sm2 78knnzRma5szZ062w4p6Tvpo/j9m3LhxRZXFyQjEXYCATtxHMI/2S9r8/fff1z766CNNppq0 Lz169LDeEOWNsZiATlj12NufzzoBnXyUOAYBBBBAAAEEEIi+AAGd6I8RLUQAAQQQQAABBBAI VyBpAR232XLML/TyebSHbOSLxnzOMY+RGVPMJXXGGvMYt8eTTjrJPM3xKLeJSg0Fyawy3bp1 s2ZFqVWrVs7ZeMxCZcaZK6+8Mi0Ec8QRR2jnnHOOJrfROuWUUxx9lv2ffPKJWYT1eNNNNzmO c+uXfZ+0M59FZryR4In9XFmXQNOwYcO066+/3hF4OuGEE4xZS+SLW/O2U6nnyi13JETgtsgX 9oMGDUqrU2bhkQBUnz590gJecnu0RYsWuRWXtq+YMZSgRWpfsm1LwCbTsmHDBuOPrlON2rZt q8l7gNwGLfUWY1WqVNFGjBiR9p2QvY5Sv0bsbfGyHtT1a7bBz9ealOn1WpDrRG5Pl2nxs31x sozC9Rrke46f45rp2sm0X261Je/Hcu3J+4mEKP1eCOj4LUp5cRYgoBPn0fOh7akBnWJucZWt OWHV49YGAjpuKuxDAAEEEEAAAQTiJ0BAJ35jRosRQAABBBBAAAEEghVIWkDn8ccfN4IaMsOJ BE+aNm1qzBwjs4BIUMP8J9syO4vMsCK3j5Lgi4QyUgM6EmiQsmQWGTm+VatWmpwrjzIjjdz6 R26NJKESe0BHAiVSZoMGDbRmzZoZIQ85T/7JjD6yT+qVUITcZiXTIrPHdOnSxTWoIW3Pdass t3LlS065zVFq+Mce/pBbR8nsQ5lmZXnooYc0CXBI38VALKRvpq/4SBkyBjLzixjmu0iYZvTo 0VqTJk1c+y3tlFtq3XHHHZrMbGMuf/3rXx238pL2XXjhha4BI/Mc83H9+vXaddddp1WrVi1j nRK6uuWWW3LeGsws03wsdAwllGFefzIDjlx/prH4ysxBYi8Wcu1mC+iYbZHZpeSPrLP1U65J eV/IZ9YjCTyYbSzVa8Tsm5fHIK9fezv8eK1JeanXgoy9XAPm602uC7k+JDwm14PMRJUtoGO2 0Y/2xckyStdrkO85foyreY14eZRZdOz/H5Ggjpj7tUi/zPKZQccvVcqJq0AFabj+gmApU4Hv f//7Sk+LW73XAzpKn7bT2vZrJax63NqrTzOqunbtajylT2Op9KS+22HsQwABBBBAAAEEEIi4 gP7hstI/OFb69Oyqc+fOSn7OY0EAAQQQQAABBBBAoJwF9NvZKP2LXFWvXj21a9eucqaIdN8/ /PBD43N4PUCk9HCF0r/4VPpsN0oPoRTcbn3GA6V/SazWrFmjpHz5qkcPxSh9FgTVsWNHpYc+ Ci7bjxOlfXqgRH388cfGv507dyo9kKL0MILSbxOj9CBCWjX79+9X+u19jP36DDjq8MMPTzsm 2w79FmeGif5FsFq7dq3S/8hD6UEopYcflD5zkdKDWNlOz/pcEGOYtcIsT0q/9Fl1jLGXvsq2 HrBRenDMuLb0cFmWs3nKq0AcXmtRfi+we0fd0t7WfNaDfM8J20reR9zeI+X/V3fffbf6wQ9+ kA9JxmPkPVTe12XRAzpq5MiRGY/lCQSSLkBAJ+kjnKN/YQVnwqrHrbsEdNxU2IcAAggggAAC CMRPQAI6+l+rqo0bNxLQid/w0WIEEEAAAQQQQACBAAQI6ASASpEIIIAAAgiUocBTTz2l9Fsp uvZcv1OK0mdHKzioQ0DHlZWdZSpAQKdMB97sdljBmbDqMftlfySgY9dgHQEEEEAAAQQQiK8A AZ34jh0tRwABBBBAAAEEEAhGgIBOMK6UigACCCCAQLkJyCw6bdu2NWZly9T3QoM6BHQyibK/ HAUI6JTjqNv6HFZwJqx6bF2zVgnoWBSsIIAAAggggAACsRYgoBPr4aPxCCCAAAIIIIAAAgEI ENAJAJUiEUAAAQQQKFOBbLPo2Em8BnUI6Nj1WC93AQI6ZX4FhBWcCaset+EkoOOmwj4EEEAA AQQQQCB+AgR04jdmtBgBBBBAAAEEEEAgWAECOsH6UjoCCCCAAALlJJDPLDp2j3yDOgR07Gqs l7sAAZ0yvwLCCs6EVY/bcBLQcVNhHwIIIIAAAgggED8BAjrxGzNajAACCCCAAAIIIBCsAAGd YH0pHQEEEEAAgXITyHcWHbtLrqAOAR27FuvlLkBAp8yvgLCCM2HV4zacBHTcVNiHAAIIIIAA AgjET4CATvzGjBYjgAACCCCAAAIIBCtAQCdYX0pHAAEEEECg3AS8zqJj98kU1CGgY1divdwF COiU+RUQVnAmrHrchpOAjpsK+xBAAAEEEEAAgfgJENCJ35jRYgQQQAABBBBAAIFgBcyATrVq 1dRPf/rTYCujdAQQQAABBBAoC4EPPvhAvfrqqwX3NTWoQ0CnYEpOTKAAAZ0EDqqXLoUVnAmr Hre+E9BxU2EfAggggAACCCAQPwECOvEbM1qMAAIIIIAAAv+/vXuBlqsq7wC+EwIkEgQxyKOA BCQpQR4xlMTyCgqi4EKgVbRQAbtosQoUymNRgwYRbJBCG3UpaiHUKpFqBCKkIq8SCukKJsEs gRQMj6CByFNIQkJY1D11JjP3zr135t55nLPPb9aKc84+j72/3zd1Nea/ziFAoL0C5YBOe2dx dwIECBAgQIBA8wIxqPNv//ZvIT6VZ/z48aUbXHLJJWHatGnN38wVBBIRENBJpJGDLaNTwZlO zVPPQUCnnooxAgQIECBAgED+BAR08tczKyZAgAABAgQIEGivgIBOe33dnQABAgQIEBicwKGH HhqmT58epk6dGjxBZ3CGrkpTQEAnzb42XFWngjOdmqde4QI69VSMESBAgAABAgTyJyCgk7+e WTEBAgQIECBAgEB7BcoBna222io8+eST7Z3M3QkQIECAAIFCCPzt3/5t+P73vz+oWquDOeUb COiUJXwTCEFAp+C/gk4FZzo1T712CujUUzFGgAABAgQIEMifQHVAZ//99w8LFy7MXxFWTIAA AQIECBAgQKCFAuWAztZbbx1efPHFFt7ZrQgQIECAAIEiCjz22GNhzz33DBs2bGiq/HrBnPIN BHTKEr4JCOgU/jfQqeBMp+ap11ABnXoqxggQIECAAAEC+RMQ0Mlfz6yYAAECBAgQIECgvQIC Ou31dXcCBAgQIFA0gVNPPTXMmjWr4bL7C+aUbyKgU5bwTUBAp/C/gU4FZzo1T72GCujUUzFG gAABAgQIEMifgIBO/npmxQQIECBAgAABAu0VENBpr6+7EyBAgACBIgk08/ScRoI5ZTsBnbKE bwICOoX/DXQqONOpeeo1VECnnooxAgQIECBAgED+BAR08tczKyZAgAABAgQIEGivgIBOe33d nQABAgQIFEnglFNOCdddd12/JTcTzCnfSECnLOGbgIBO4X8DnQrOdGqeeg0V0KmnYowAAQIE CBAgkD8BAZ389cyKCRAgQIAAAQIE2isgoNNeX3cnQIAAAQJFERjo6TmDCeaU7QR0yhK+CQjo FP430KngTKfmqddQAZ16KsYIECBAgAABAvkTENDJX8+smAABAgQIECBAoL0CAjrt9XV3AgQI ECBQFIFDDjkkzJ8/v1e5QwnmlG8moFOW8E1AQKfwv4FOBWc6NU+9hgro1FMxRoAAAQIECBDI n4CATv56ZsUECBAgQIAAAQLtFRDQaa+vuxMgQIAAgSIIxKfn7LHHHjWltiKYU76hgE5ZwjcB AZ3C/wY6FZzp1Dz1GiqgU0/FGAECBAgQIEAgfwICOvnrmRUTIECAAAECBAi0V0BAp72+7k6A AAECBIogcMopp4TrrruuVOro0aPD3Llzw9SpU1tWuoBOyyjdKAGBYW/+/pNAHUoYpECngjOd mqceg4BOPRVjBAgQIECAAIH8CQjo5K9nVkyAAAECBAgQINBeAQGd9vq6OwECBAgQSF0gPj1n zz33DPHfcqdPn97SYE7ZTkCnLOGbgCfoFP430KngTKfmqddQAZ16KsYIECBAgAABAvkTENDJ X8+smAABAgQIECBAoL0CAjrt9XV3AgQIECCQusA111wTdtttt7YEc8p2AjplCd8EBHQK/xuY PHlyiAGW8ue4444Lc+bMKe+27LtT89RbsIBOPRVjBAgQIECAAIH8CQjo5K9nVkyAAAECBAgQ INBeAQGd9vq6OwECBAgQIDB0AQGdoRu6QzoCXnGVTi+brmTdunVh7NixYeXKlZVr99lnn7Bk yZIwbNiwythQNzo1T1/rFNDpS8Y4AQIECBAgQCBfAgI6+eqX1RIgQIAAAQIECLRfQECn/cZm IECAAAECBIYmIKAzND9XpyUgoJNWP+tW88orr4Tly5eHN998M2zYsCHE/WXLloXZs2eH//qv /+p1zdFHHx2OP/74sPvuu4ctttgijBgxohTYGT9+fBg5cmSv88sDnZqnPF+j3wI6jUo5jwAB AgQIECCQbQEBnWz3x+oIECBAgAABAgQ6LyCg03lzMxIgQIAAAQLNCQjoNOfl7LQFBHTS7m+p unnz5oWjjjpqyJXGJ+vsu+++fd6nU/P0uYA+Dgjo9AFjmAABAgQIECCQMwEBnZw1zHIJECBA gAABAgTaLiCg03ZiExAgQIAAAQJDFBDQGSKgy5MSENBJqp31i3nooYfClClTSk/BGTVqVNh0 001LT8UZPnx4iH+qX2cVn7IT/+Ej/nn99ddLf9auXRtWr14dFi1a1G9Ap1Pz1K+y71EBnb5t HCFAgAABAgQI5Ekg/v+o8SmPTzzxRNh///3DwoUL87R8ayVAgAABAgQIECDQcgEBnZaTuiEB AgQIECDQYgEBnRaDul2uBQR0ct0+i29EQECnESXnECBAgAABAgSyLyCgk/0eWSEBAgQIECBA gEBnBQR0OuttNgIECBAgQKB5AQGd5s1cka6AgE66vVXZHwQEdPwUCBAgQIAAAQJpCAjopNFH VRAgQIAAAQIECLROQECndZbuRIAAAQIECLRHQECnPa7umk8BAZ189s2qmxAQ0GkCy6kECBAg QIAAgQwLCOhkuDmWRoAAAQIECBAg0BUBAZ2usJuUAAECBAgQaEJAQKcJLKcmLyCgk3yLFSig 4zdAgAABAgQIEEhDQEAnjT6qggABAgQIECBAoHUCAjqts3QnAgQIECBAoD0CAjrtcXXXfAoI 6OSzb1bdhICAThNYTiVAgAABAgQIZFhAQCfDzbE0AgQIECBAgACBrggI6HSF3aQECBAgQIBA EwICOk1gOTV5AQGd5FusQAEdvwECBAgQIECAQBoCAjpp9FEVBAgQIECAAAECrRMQ0GmdpTsR IECAAAEC7REQ0GmPq7vmU0BAJ599s+omBAR0msByKgECBAgQIEAgwwICOhlujqURIECAAAEC BAh0RUBApyvsJiVAgAABAgSaEBDQaQLLqckLCOgk32IFCuj4DRAgQIAAAQIE0hAQ0Emjj6og QIAAAQIECBBonYCATuss3YkAAQIECBBoj4CATntc3TWfAgI6+eybVTchIKDTBJZTCRAgQIAA AQIZFhDQyXBzLI0AAQIECBAgQKArAgI6XWE3KQECBAgQINCEgIBOE1hOTV5AQCf5FitQQMdv gAABAgQIECCQhkB1QGfSpEnhgQceSKMwVRAgQIAAAQIECBAYpICAziDhXEaAAAECBAh0TEBA p2PUJsqBgIBODppkiUMTENAZmp+rCRAgQIAAAQJZERDQyUonrIMAAQIECBAgQCArAgI6WemE dRAgQIAAAQJ9CQjo9CVjvIgCAjpF7HrBahbQKVjDlUuAAAECBAgkKyCgk2xrFUaAAAECBAgQ IDBIAQGdQcK5jAABAgQIEOiYgIBOx6hNlAMBAZ0cNMkShyYgoDM0P1cTIECAAAECBLIiIKCT lU5YBwECBAgQIECAQFYEBHSy0gnrIECAAAECBPoSENDpS8Z4EQUEdIrY9YLVLKBTsIYrlwAB AgQIEEhWQEAn2dYqjAABAgQIECBAYJACAjqDhHMZAQIECBAg0DEBAZ2OUZsoBwICOjlokiUO TUBAZ2h+riZAgAABAgQIZEVAQCcrnbAOAgQIECBAgACBrAgI6GSlE9ZBgAABAgQI9CUgoNOX jPEiCgjoFLHrBatZQKdgDVcuAQIECBAgkKyAgE6yrVUYAQIECBAgQIDAIAUEdAYJ5zICBAgQ IECgYwICOh2jNlEOBAR0ctAkSxyagIDO0PxcTYAAAQIECBDIioCATlY6YR0ECBAgQIAAAQJZ ERDQyUonrIMAAQIECBDoS0BApy8Z40UUENApYtcLVrOATsEarlwCBAgQIEAgWQEBnWRbqzAC BAgQIECAAIFBCgjoDBLOZQQIECBAgEDHBAR0OkZtohwICOjkoEmWODQBAZ2h+bmaAAECBAgQ IJAVAQGdrHTCOggQIECAAAECBLIiIKCTlU5YB4H8C7z22mvhueeeC88//3yvPy+88EL41Kc+ Ffbaa6/8F6oCAgQ6LiCg03FyE2ZYQEAnw82xtNYICOi0xtFdCBAgQIAAAQLdFhDQ6XYHzE+A AAECBAgQIJA1AQGdrHXEelIU+NGPfhS++93vdq20YcOGhTlz5oT43c7PWWedFWbOnNnnFHPn zg0f/vCH+zzuAAECBPoSENDpS8Z4EQUEdIrY9YLVLKBTsIYrlwABAgQIEEhWQEAn2dYqjAAB AgQIECBAYJACAjqDhHMZgSYEzj333PBP//RPTVzR+lPjk23e/va3t/7GVXe89NJLw7Rp06pG ajcFdGo97BEg0LiAgE7jVs5MX0BAJ/0eF75CAZ3C/wQAECBAgAABAokICOgk0khlECBAgAAB AgQItExAQKdllG5EoE+BT37yk3WfoBNf9zRu3Liw0047hbe85S1hs802C8OHDw/r168Pd999 d7j//vt73TOec9JJJ4UddtghjBgxIrz++uth3bp14cUXXwyPP/54WLx4cXjppZd6XffLX/4y TJgwodd4Kwc2bNgQHnzwwfDMM8+Eb3zjG+GWW26pub2ATg2HHQIEmhAQ0GkCy6nJCwjoJN9i BQro+A0QIECAAAECBNIQENBJo4+qIECAAAECBAgQaJ2AgE7rLN2JQF8CRx55ZLjtttsqh089 9dRw0UUXhbFjx1bGem7Ev7++853vDE8//XTNofgKqTPOOKNmrHonBnZuvfXW0jkrVqyoHLrr rrvC1KlTK/vt3li9enXYdtttw9q1aytTCehUKGwQINCkgIBOk2BOT1pAQCfp9iouCgjo+B0Q IECAAAECBNIQENBJo4+qIECAAAECBAgQaJ2AgE7rLN2JQF8CEydODEuWLCkdvvDCC8Nll13W 16k145MnTy79+0T14I9//ONw7LHHVg/V3V61alXYZ599wrPPPls6Pnv27HDCCSfUPbddg7vu umt48sknK7cX0KlQ2CBAoEkBAZ0mwZyetICATtLtVVwUENDxOyBAgAABAgQIpCEQAzrvete7 So/9njRpUnjggQfSKEwVBAgQIECAAAECBAYpIKAzSDiXEWhCYMcddwwrV64Mu+yyS3jsscfC pptu2tDVf/qnf9rrNVc333xziP9328hn1qxZIT6tJ34GevJOI/dr9pw//uM/DsuWLatcJqBT obBBgECTAgI6TYI5PWkBAZ2k26u4KCCg43dAgAABAgQIEEhDQEAnjT6qggABAgQIECBAoHUC Ajqts3QnAvUE3nzzzbDZZpuFDRs2hPPPPz/MmDGj3ml1x4Ya0Hn11VfDdtttF9asWRM+97nP hS996Ut152nXoIBOu2Tdl0DxBAR0itdzFfctIKDTt40jiQgI6CTSSGUQIECAAAEChRcQ0Cn8 TwAAAQIECBAgQIBADwEBnR4gdgm0WOD5558PY8aMKd31Zz/7WTj88MMbnmGoAZ040fvf//5w 5513htNOOy1861vfanjuVpwooNMKRfcgQCAKCOj4HRDYKCCgs9HCVqICal05jwAAMvlJREFU AjqJNlZZBAgQIECAQOEEBHQK13IFEyBAgAABAgQIDCAgoDMAkMMEhijw8MMPhwkTJpTusmrV qrDttts2fMdWBHTOOeeccNVVV4Vjjjkm3HTTTQ3P3YoTBXRaoegeBAhEAQEdvwMCGwUEdDZa 2EpUQEAn0cYqiwABAgQIECicgIBO4VquYAIECBAgQIAAgQEEBHQGAHKYwBAF7r777nDYYYeF bbbZJsSn6TTzaUVA59vf/nb467/+6zBlypRw//33NzP9kM8V0BkyoRsQIPAHAQEdPwUCGwUE dDZa2EpUQEAn0cYqiwABAgQIECicgIBO4VquYAIECBAgQIAAgQEEBHQGAHKYwBAFbrjhhnDC CSeEvffeO/ziF79o6m6tCOjceuut4eijjw5jx44Ny5cvb2r+oZ4soDNUQdcTIFAWENApS/gm EIKAjl9B8gICOsm3WIEECBAgQIBAQQQEdArSaGUSIECAAAECBAg0LCCg0zCVEwkMSuCOO+4I H/jAB0p/5s2b19Q9WhHQWbJkSZg4cWJ461vfGl5++eW688e/Ky9dujSsWLEirFy5Mmy66aZh /PjxYc899wxbb7113WsaGexWQCfW8NBDD4Vf//rX4dVXXw1bbbVVKaD03ve+NwwbNqyRpdec E31efPHF0hOQ4ivK3va2t9UcjzsbNmwoBaBGjRoVdtppp0HN0+umBggQqAgI6FQobBAQ0PEb SF9AQCf9HquQAAECBAgQKIaAgE4x+qxKAgQIECBAgACBxgUEdBq3ciaBTgu0IqDT35pjgOWS Sy4JN954Y3j22WfrnrrDDjuEk08+OZx33nml13TVPamPwWYCOtOnTw+PPvpo2GKLLUIMucSQ 0PDhw8Obb74ZXn/99fDCCy+EcePGhWnTpvUxWwizZ88OM2fODAsWLChd1/PEnXfeOZx44onh pJNOCnvttVfPw6X9GFT63Oc+VwrjPPfcc6XvGM6J/3tC/HzrW98Kp512Wmn78ccfD1/+8pfD woULS4Gg9evXl8bj+nffffcwderU8MUvfrFuoKd0ov8gQKBhAQGdhqmcWAABT9ApQJOLXqKA TtF/AeonQIAAAQIEUhEQ0Emlk+ogQIAAAQIECBBolYCATqsk3YdA6wXaGdD593//93DGGWeE l156qbLw7bbbLkyePLkUxHnsscfCfffdVwmmxCfwnH322eGCCy4oBWgqF/Wz0UxAZ+TIkWHd unX93C2ED33oQyG+sqvnJwZoPv3pT4cf/OAHlUNxvQcffHCIT7yJr/aKtcSn3JQ///Iv/xLO PPPM8m7l+7bbbgtHHnlkZb/nRgzofOpTnyoFm2bMmBFee+210imbb755GDNmTPjNb35TEw56 xzveEa655prSa8Z63ss+AQKNCwjoNG7lzPQFBHTS73HhKxTQKfxPAAABAgQIECCQiEB1QOc9 73lP+PnPf55IZcogQIAAAQIECBAgMDgBAZ3BubmKQCcE2hHQ+e1vfxtOP/30MGfOnEoJxx13 XLjyyivDrrvuWhmLG0899VQplFN9bgy9zJ07t/TaqJqT6+w0E9D5yEc+Em6++eY6dwlh++23 D4cddlg44ogjwqmnnlpzzp133hk++clPll5nFQ/Ep+7EJ9zEJwPFcE7588gjj5SCNffff395 KFxxxRXh7//+7yv7cWPZsmWlp/DE14HdddddpcBN9QlXX311iP9m9K//+q+l4RjmufTSS8O+ ++4bRowYUQo8xfl/+MMfVi7bZpttQgw81Xs1VuUkGwQI9CsgoNMvj4MFExDQKVjDi1iugE4R u65mAgQIECBAIEUBAZ0Uu6omAgQIECBAgACBoQgI6AxFz7UE2ivQ6oBOfFVUfELO4sWLSwsf NmxYuOiii0J8vVTcrveJf4+OT5r5+te/Xjkcwyj33HNPiE+p6e/TTEDnmWeeCfF1WtWf/fff v/S6qRjeqbe++GScvffeO6xZs6Z0WTzn2muvLb2Sq/o+5e04Rzw/vrqq/LnpppvCMcccU96t +Y6vrIqvworhmvInhpieeOKJEJ+YM2vWrPDxj3+8fKjy/cYbb5TmefjhhytjMQgUA0E+BAgM TkBAZ3BurkpTQEAnzb6qqkpAQKcKwyYBAgQIECBAIMcCAjo5bp6lEyBAgAABAgQItEVAQKct rG5KoCUCrQ7oXHzxxaUwTnlxX/jCF2r2y+P1vs8666zSk2XKx+KTbOKrm/r7NBrQiX9XP/nk k0N87Vb8xNddxafS/N3f/V3piTh9zfH+978/xCfolD+NrCk+pScGfsqfaPzf//3f5d1e33/1 V39Vt86rrrqqtL5eF/xhIK5/2rRplcP77LNPePDBByv7NggQaE5AQKc5L2enLSCgk3Z/Vfd7 AQEdPwMCBAgQIECAQBoCAjpp9FEVBAgQIECAAAECrRMQ0GmdpTsRaLVAKwM6S5YsCQcccECI T9GJnzFjxoTHH388jB49uqFlv/DCC2GXXXYJq1evrpz/k5/8JBx99NGV/Z4bjQR0fve734WT Tjqp9NqseH285kc/+lGYMGFCz9vV7H/nO98pvcqqPLjJJpuEFStW9HoKT/l49feBBx4Y7rvv vspQfO3VlClTKvvVG+ecc06IYZzqT3yt1bx58+o+1ad8Xnwyz7HHHlveLTm/8sorlX0bBAg0 JyCg05yXs9MWENBJu7+q+72AgI6fAQECBAgQIEAgDQEBnTT6qAoCBAgQIECAAIHWCQjotM7S nQi0WqCVAZ2JEyeGGNIpf+KTYWLIpZnPJz7xiTB79uzKJQcddFCYP39+Zb/nxkABnWXLlpVC LI888kjp0viqqe9+97sDvjorvtJqxx13DC+//HJlyvg0ndtvv72y399GfHLQF7/4xcop5557 bvjKV75S2a/eiK+muvLKK6uHwi233BKOOuqomrGeO/GpPNGn+vP888+HbbbZpnrINgECDQoI 6DQI5bRCCAjoFKLNxS5SQKfY/Vc9AQIECBAgkI6AgE46vVQJAQIECBAgQIBAawQEdFrj6C4E 2iHQqoDOokWLwqRJk2qWOGvWrNJrpWoGB9j5+te/Hj772c/WnBVDNuPGjasZK+/0F9CJIZcT TzyxFLIZNmxYiKGZz3/+8/0+laZ8356vqYrjl19+eTjvvPPKp/T7fc8994RDDz20cs7xxx9f empPZaBqo15AZ+XKlWH77bevOqv3Zj3zRq7rfScjBAhEAQEdvwMCGwUEdDZa2EpUQEAn0cYq iwABAgQIECicgIBO4VquYAIECBAgQIAAgQEEBHQGAHKYQBcFWhXQmT59erj44otrKolPvun5 hJeaE+rsxFdaxf/OqP7MmDEjnH/++dVDle16AZ34SqzLLrusFMaJf0ePn1NOOSVce+21lesG 2jjjjDPC1772tZrTfvjDH9a8UqrmYI+dVatWlZ7AUx6OTxeKgZp6n54BnR122CH85je/qXdq zZiATg2HHQJDFhDQGTKhGyQkIKCTUDOVUl9AQKe+i1ECBAgQIECAQN4EBHTy1jHrJUCAAAEC BAgQaLeAgE67hd2fwOAFWhXQOeGEE8INN9xQs5D+nnxTc2LVTgz1HHLIIVUjIfzN3/xN+OY3 v1kzVt7pGdC5/vrrS0+qiWGa6s/o0aPDwoULQzy/kU98FdbcuXMbObWhc3beeefw1FNP1T23 Z0Bn6tSp4a677qp7bvWggE61hm0CQxcQ0Bm6oTukIyCgk04vVdKHgIBOHzCGCRAgQIAAAQI5 ExDQyVnDLJcAAQIECBAgQKDtAgI6bSc2AYFBC7QqoHPwwQeHe++9t2Ydy5cvD2PHjq0ZG2hn yZIlIT5tpvpz5JFHhv/8z/+sHqps9wzoVA7U2ZgwYUKI/xazxRZb1DlaO3TAAQeUAj3Vo/GV U29/+9urhxraHjFiRDjssMPCVVddVff8ngGd973vfeGOO+6oe271oIBOtYZtAkMXENAZuqE7 pCMgoJNOL1XSh4CATh8whgkQIECAAAECORMQ0MlZwyyXAAECBAgQIECg7QICOm0nNgGBQQu0 KqAzadKkXq9wWrp0aXj3u9/d1NriU25iOKb685GPfCTceOON1UOV7XoBnWHDhoULL7wwjBw5 svSaq8rJv9/4i7/4i/C9732veqju9pQpU8L//M//1Bx77LHHwu67714z1oodAZ1WKLoHgaEL COgM3dAd0hEQ0EmnlyrpQ0BApw8YwwQIECBAgACBnAkI6OSsYZZLgAABAgQIECDQdgEBnbYT m4DAoAVaFdCp90qo+Lqqgw46qKm13X777eGII46ouea4444Lc+bMqRkr7/QM6Gy55Zbhuuuu C/Ga+PnoRz8aer7u6mtf+1r4zGc+U75F3e96r+xasGBBmDx5ct3zhzIooDMUPdcSaJ2AgE7r LN0p/wICOvnvoQoGEBDQGQDIYQIECBAgQIBATgQEdHLSKMskQIAAAQIECBDomICATseoTUSg aYFWBXTOPPPM8NWvfrVm/rlz54YPf/jDNWMD7cQwTQzVVH/OOOOMMHPmzOqhynbPgE7PEM3q 1atLoZpf/vKXlWs222yzcM899/QbtrngggvC5ZdfXrkmbtxwww291lZzwiB3BHQGCecyAi0W ENBpMajb5VpAQCfX7bP4RgQEdBpRcg4BAgQIECBAIPsCAjrZ75EVEiBAgAABAgQIdFZAQKez 3mYj0IxAqwI63//+98OJJ55YM3UM1cRwTTOfGIqJ4Zjqz49//ONw7LHHVg9VtnsGdH7961+H HXfcsXI8bixbtiz8yZ/8SXjllVcq4zvvvHPplVxjxoypjFVv/PSnPw0f/OAHq4dCDNJcccUV NWON7Pz2t78No0aNCqNHj657uoBOXRaDBDouIKDTcXITZlhAQCfDzbG01ggI6LTG0V0IECBA gAABAt0WENDpdgfMT4AAAQIECBAgkDUBAZ2sdcR6CGwUaFVA57XXXgs77LBDeOmllyo3/7M/ +7Ner5eqHOxj4+ijjw633npr5Wh8ZdWqVavCyJEjK2PVG40EdOL5//Ef/xE+9rGPVV8aPvCB D4R58+aF4cOH14zHnfh3+7Fjx4annnqqcmzChAmh+kk8lQP9bPz85z8vhYP222+/UiCo3qkC OvVUjBHovICATufNzZhdAQGd7PbGylokIKDTIki3IUCAAAECBAh0WUBAp8sNMD0BAgQIECBA gEDmBAR0MtcSCyJQEWhVQCfe8Pzzzw9f+cpXKvfefPPNw5NPPhm22267ylh/GzEM8653vSu8 /vrrldO+8Y1vhNNPP72y33Oj0YBOvK7ea7g+//nPh4svvrjnbUv78Wk55513Xs2xn/zkJyGG iBr9HH/88SE+Aeiggw4K8+fPr3uZgE5dFoMEOi4goNNxchNmWEBAJ8PNsbTWCAjotMbRXQgQ IECAAAEC3RYQ0Ol2B8xPgAABAgQIECCQNQEBnax1xHoIbBSYPHlyiP8+Uf3p75VS1ef13F6z Zk14z3veU3qlVPnYySefHK699towbNiw8lCf36ecckq47rrrKsePOeaYcNNNN1X2622MGzcu PProo5VDK1asCDvttFNlv3pj3bp1YdKkSTVPwYnruvHGG0Ocq+fnjTfeCAcffHC4//77K4fG jx8fFixYELbeeuvKWF8bt9xyS4j//ffmm2+G/oJGZ599dvjnf/7nym2mTp0a7rrrrsp+XxsP PPBA6ek81cfrveKr+rhtAgT6FhDQ6dvGkeIJCOgUr+eFq1hAp3AtVzABAgQIECCQqICATqKN VRYBAgQIECBAgMCgBQR0Bk3nQgJtFYivpdptt93CypUra+aZMWNG6Wk4NYMN7sTQyPve977w yiuvVK446aSTSiGdESNGVMZ6bvzjP/5juPDCCyvD8XVZv/jFL8KYMWMqYz03YvAlBmV+97vf VQ4tXLgw7L///pX9nht33313OOyww2qG3/KWt4Sf/vSnpafc1Bz4/c6vfvWrMGXKlPDcc89V DsX65syZE7baaqvKWM+N+KSdv/zLvyy98uvQQw8Nd955Z91XacXrPvGJT4TZs2dXbhGfCvTw ww9X9vvamDt3bq9gUXylVgxJ+RAg0LyAgE7zZq5IV0BAJ93equwPAgI6fgoECBAgQIAAgTQE BHTS6KMqCBAgQIAAAQIEWicgoNM6S3ciMBiB5cuXlwIz8e+r8fVRL7/8cukpMjfccEPN02HK 946Blfjkm/gklx133DGMHDkybLrppqXDu+++exg9enT51LrfMSRy1FFHhVWrVlWOf+hDHwqX X355ePe7310Zi2tZvHhx+NKXvhRi2KT8ia+5+t73vhcOOOCA8lDlOz4hJgaKXnrppRDX/+1v f7tyLG7EJ97EV0bFdW+55ZYhhl3Kn2eeeaZ0fnytVc9PDA995jOfCXGdf/RHf1SzzviP9h/8 4AfD448/Xrnsne98Z7jqqqtKT8ipDh7F9V166aWlJ+bEk+PrvWJoaOedd65cG8NL8Z4xIBWt 4mu01q9fXzkeNy644ILSnLGGeO073vGO0vGlS5eGtWvXhvg6sOj24IMP1lx3yCGHhHPOOadu /TUn2iFAoJeAgE4vEgMFFhDQKXDzi1K6gE5ROq1OAgQIECBAIHUBAZ3UO6w+AgQIECBAgACB ZgUEdJoVcz6B1gocccQR4fbbb2/JTe+4447SE3IGutkTTzwR/uEf/iH84Ac/CPHvyeXPhAkT Sk/tef7550vhnBhSKX9iCOjcc88NMUATQ0H1PmeddVaYOXNmvUO9xmIYKAZayp94Xbx+oM+e e+4ZHnrooZrTYrgnhmZicCi++qr82XbbbUuvzYpP04mv2lq0aFH5UClgM2vWrFJIpzL4+43b brstHHnkkdVD/W5XP9Eozlf9NJ/+Ltxnn316BXj6O98xAkUXENAp+i9A/dUCAjrVGraTFBDQ SbKtiiJAgAABAgQKKCCgU8CmK5kAAQIECBAgQKBfAQGdfnkcJNB2gRhKufrqq8MWW2wRNtts s9LTcDbZZJPSK5eGDx8ehg0bVllDfG1U+U8MomzYsKH01J341JZ4XnyF1R577FE5f6CNGHSZ Pn16uPnmm8O6devqnh7DOIcffni47LLLwt577133nPLgN7/5zXDmmWeG+JSfWE+8tlxD/Pt4 fBLN6tWrw5o1a0qvf4oBofInBnTi02XideVro0P8xGtjWCg+XWiXXXbpFdAp3yP+A/4ll1xS enpPz6felM+J18eg0Wc/+9ka2/LxGNCJT+op1zBq1KgQ1xF9o315LbGGWEt8Is/5559fujy+ Lis+kSdeG//EUFOsP37idfGpROX6jz322HD99deXjvkPAgQGFhDQGdjIGcURENApTq8LW6mA TmFbr3ACBAgQIEAgMYH4P4jFx3HHR1/H977Hx1X7ECBAgAABAgQIECiygIBOkbuvdgL/LxDD PvHvyY888khYtmxZ6Sk08fVP8fVN733ve0MMqeTpE4NL8dVhsZ74j/oxWBNfjTVu3LjSE3Wq Q095qstaCRRZQECnyN1Xe08BAZ2eIvaTExDQSa6lCiJAgAABAgQKKiCgU9DGK5sAAQIECBAg QKBPAQGdPmkcIECAAAECBDIiIKCTkUZYRiYEBHQy0QaLaKeAgE47dd2bAAECBAgQINA5AQGd zlmbiQABAgQIECBAIB8CAjr56JNVEiBAgACBIgsI6BS5+2rvKSCg01PEfnICAjrJtVRBBAgQ IECAQEEFqgM6EydODIsWLSqohLIJECBAgAABAgQI/L+AgI5fAgECBAgQIJB1AQGdrHfI+jop IKDTSW1zdUVAQKcr7CYlQIAAAQIECLRcQECn5aRuSIAAAQIECBAgkHMBAZ2cN9DyCRAgQIBA AQQEdArQZCU2LCCg0zCVE/MqIKCT185ZNwECBAgQIECgVkBAp9bDHgECBAgQIECAAAEBHb8B AgQIECBAIOsCAjpZ75D1dVJAQKeT2ubqioCATlfYTUqAAAECBAgQaLmAgE7LSd2QAAECBAgQ IEAg5wICOjlvoOUTIECAAIECCAjoFKDJSmxYQECnYSon5lVAQCevnbNuAgQIECBAgECtgIBO rYc9AgQIECBAgAABAgI6fgMECBAgQIBA1gUEdLLeIevrpICATie1zdUVAQGdrrCblAABAgQI ECDQcgEBnZaTuiEBAgQIECBAgEDOBQR0ct5AyydAgAABAgUQENApQJOV2LCAgE7DVE7Mq4CA Tl47Z90ECBAgQIAAgVoBAZ1aD3sECBAgQIAAAQIEBHT8BggQIECAAIGsCwjoZL1D1tdJAQGd TmqbqysCAjpdYTcpAQIECBAgQKDlAgI6LSd1QwIECBAgQIAAgZwLCOjkvIGWT4AAAQIECiAg oFOAJiuxYQEBnYapnJhXAQGdvHbOugkQIECAAAECtQICOrUe9ggQIECAAAECBAgI6PgNECBA gAABAlkXENDJeoesr5MCAjqd1DZXVwQEdLrCblICBAgQIECAQMsFBHRaTuqGBAgQIECAAAEC ORcQ0Ml5Ay2fAAECBAgUQEBApwBNVmLDAgI6DVM5Ma8CAjp57Zx1EyBAgAABAgRqBQR0aj3s ESBAgAABAgQIEBDQ8RsgQIAAAQIEsi4goJP1DllfJwUEdDqpba6uCAjodIXdpAQIECBAgACB lgsI6LSc1A0JECBAgAABAgRyLiCgk/MGWj4BAgQIECiAgIBOAZqsxIYFBHQapnJiXgUEdPLa OesmQIAAAQIECNQKCOjUetgjQIAAAQIECBAgIKDjN0CAAAECBAhkXUBAJ+sdsr5OCgjodFLb XF0RENDpCrtJCRAgQIAAAQItFxDQaTmpGxIgQIAAAQIECORcQEAn5w20fAIECBAgUAABAZ0C NFmJDQsI6DRM5cS8Cgjo5LVz1k2AAAECBAgQqBUQ0Kn1sEeAAAECBAgQIEBAQMdvgAABAgQI EMi6gIBO1jtkfZ0UENDppLa5uiIgoNMVdpMSIECAAAECBFouEAM6e+yxR1i+fHmYOHFiWLRo UcvncEMCBAgQIECAAAECeRIQ0MlTt6yVAAECBAgUU0BAp5h9V3V9AQGd+i5GExIQ0EmomUoh QIAAAQIECi0goFPo9iueAAECBAgQIECgjoCATh0UQwQIECBAgECmBAR0MtUOi+mygIBOlxtg +vYLCOi039gMBAgQIECAAIFOCAjodELZHAQIECBAgAABAnkSENDJU7eslQABAgQIFFNAQKeY fVd1fQEBnfouRhMSENBJqJlKIUCAAAECBAotIKBT6PYrngABAgQIECBAoI6AgE4dFEMECBAg QIBApgQEdDLVDovpsoCATpcbYPr2CwjotN/YDAQIECBAgACBTggI6HRC2RwECBAgQIAAAQJ5 EhDQyVO3rJUAAQIECBRTQECnmH1XdX0BAZ36LkYTEhDQSaiZSiFAgAABAgQKLSCgU+j2K54A AQIECBAgQKCOgIBOHRRDBAgQIECAQKYEBHQy1Q6L6bKAgE6XG2D69gsI6LTf2AwECBAgQIAA gU4ICOh0QtkcBAgQIECAAAECeRLodkBn/fr14b777gtTp07NE5u1EiBAgAABAh0UENDpILap Mi8goJP5FlngUAUEdIYq6HoCBAgQIECAQDYEBHSy0QerIECAAAECBAgQyI5AtwI6MZhzzTXX hC9/+cthxowZ4eMf/3h2UKyEAAECBAgQyJSAgE6m2mExXRYQ0OlyA0zffgEBnfYbm4EAAQIE CBAg0AkBAZ1OKJuDAAECBAgQIEAgTwKdDujEYM5Xv/rVMHPmzPDUU0+FCRMmhKVLl4bhw4fn ic1aCRAgQIAAgQ4KCOh0ENtUmRcQ0Ml8iyxwqAICOkMVdD0BAgQIECBAIBsC1QGd/fbbLyxe vDgbC7MKAgQIECBAgAABAl0S6FRAp/qJOTGYU/5cf/31np5TxvBNgAABAgQI1BUQ0KnLYrCg AgI6BW18kcoW0ClSt9VKgAABAgQIpCwgoJNyd9VGgAABAgQIECAwGIF2B3T6CuaU1/rGG294 ek4ZwzcBAgQIECBQV0BApy6LwYIKCOgUtPFFKltAp0jdVisBAgQIECCQsoCATsrdVRsBAgQI ECBAgMBgBNoV0BkomBPX6uk5g+mYawgQIECAQPEEBHSK13MV9y0goNO3jSOJCAjoJNJIZRAg QIAAAQKFFxDQKfxPAAABAgQIECBAgEAPgVYHdBoJ5sQlTJgwISxdutTTc3r0wy4BAgQIECDQ W0BAp7eJkeIKCOgUt/eFqVxApzCtVigBAgQIECCQuICATuINVh4BAgQIECBAgEDTAq0K6DQa zCkv0NNzyhK+CRAgQIAAgYEEBHQGEnK8SAICOkXqdkFrFdApaOOVTYAAAQIECCQnIKCTXEsV RIAAAQIECBAgMESBoQZ0mg3mxOV6es4Qm+ZyAgQIECBQMAEBnYI1XLn9Cgjo9MvjYAoCAjop dFENBAgQIECAAIEQBHT8CggQIECAAAECBAjUCgw2oDOYYE55Zk/PKUv4JkCAAAECBBoRENBp RMk5RREQ0ClKpwtcp4BOgZuvdAIECBAgQCApAQGdpNqpGAIECBAgQIAAgRYINBvQGUowJy7X 03Na0DS3IECAAAECBRMQ0ClYw5Xbr4CATr88DqYgIKCTQhfVQIAAAQIECBDwBB2/AQIECBAg QIAAAQI9BRoN6Aw1mFOed6+99grbbbddedc3AQIECBAgQGBAgTVr1oQFCxaUztttt93Crrvu Wrnm05/+dPjzP//zyr4NAqkLCOik3mH1BQEdPwICBAgQIECAQBoCnqCTRh9VQYAAAQIECBAg 0DqBRgI6Tz/9dDj88MPDsmXLWjexOxEgQIAAAQIEWiBw5ZVXhrPPPrsFd3ILAvkQENDJR5+s cggCAjpDwHMpAQIECBAgQCBDAgI6GWqGpRAgQIAAAQIECGRCoJGATlzoM888E2bMmBGuvvrq sHbt2kGvfcyYMWHzzTcf9PUuJECAAAECBIonsGHDhvDss8+WCn/rW98attxyywrCF77whXDa aadV9m0QSF1AQCf1DqvPE3T8BggQIECAAAECiQgI6CTSSGUQIECAAAECBAi0TKDRgE55wqEG dQ466KAwf/788u18EyBAgAABAgQGFPjf//3fMH78+NJ5l1xySZg2bdqA1ziBQKoCAjqpdlZd FQFP0KlQ2CBAgAABAgQI5FpAQCfX7bN4AgQIECBAgACBNgg0G9ApL2EoQZ2f/exnpVdmle/l mwABAgQIECDQn4CATn86jhVNQECnaB0vYL0COgVsupIJECBAgACBJAUEdJJsq6IIECBAgAAB AgSGIDDYgE55ysEEdTxFp6znmwABAgQIEGhEQECnESXnFEVAQKconS5wnQI6BW6+0gkQIECA AIGkBAR0kmqnYggQIECAAAECBFogMNSATnkJzQZ1PEWnLOebAAECBAgQGEhAQGcgIceLJCCg U6RuF7RWAZ2CNl7ZBAgQIECAQHICMaAzbty48Ktf/Srst99+YfHixcnVqCACBAgQIECAAAEC zQi0KqBTnrPRoM6BBx4Y7r333vJlvgkQIECAAAECfQoI6PRJ40ABBQR0Ctj0opUsoFO0jquX AAECBAgQSFVAQCfVzqqLAAECBAgQIEBgsAKtDuiU19FIUMdTdMpavgkQIECAAIH+BAR0+tNx rGgCAjpF63gB6xXQKWDTlUyAAAECBAgkKSCgk2RbFUWAAAECBAgQIDAEgXYFdMpL6i+oM3Lk yLB27dryqb4JECBAgAABAnUFBHTqshgsqICATkEbX6SyBXSK1G21EiBAgAABAikLCOik3F21 ESBAgAABAgQIDEag3QGd8ppWrlwZLr/88nD11VfXhHI8Racs5JsAAQIECBDoS0BApy8Z40UU ENApYtcLVrOATsEarlwCBAgQIEAgWQEBnWRbqzACBAgQIECAAIFBCnQqoFNeXgzqnHXWWeGm m24K69evDwceeGC49957y4d9EyBAgAABAgR6CQjo9CIxUGABAZ0CN78opQvoFKXT6iRAgAAB AgRSFxDQSb3D6iNAgAABAgQIEGhWoNMBnfL6qp+oc/PNN4fDDz+8fMg3AQIECBAgQKBGQECn hsNOwQUEdAr+AyhC+QI6ReiyGgkQIECAAIEiCAjoFKHLaiRAgAABAgQIEGhGoFsBnfIaY1Bn /vz54WMf+1h5yDcBAgQIECBAoEZAQKeGw07BBQR0Cv4DKEL5AjpF6LIaCRAgQIAAgSIICOgU octqJECAAAECBAgQaEag2wGdZtbqXAIECBAgQKCYAgI6xey7qusLCOjUdzGakICATkLNVAoB AgQIECBQaAEBnUK3X/EECBAgQIAAAQJ1BAR06qAYIkCAAAECBDIlIKCTqXZYTJcFBHS63ADT t19AQKf9xmYgQIAAAQIECHRCoDqgs++++4YlS5Z0YlpzECBAgAABAgQIEMisgIBOZltjYQQI ECBAgMAfBAR0/BQIbBQQ0NloYStRAQGdRBurLAIECBAgQKBwAgI6hWu5ggkQIECAAAECBAYQ ENAZAMhhAgQIECBAoOsCAjpdb4EFZEhAQCdDzbCU9ggI6LTH1V0JECBAgAABAp0WENDptLj5 CBAgQIAAAQIEsi4goJP1DlkfAQIECBAgIKDjN0Bgo4CAzkYLW4kKCOgk2lhlESBAgAABAoUT ENApXMsVTIAAAQIECBAgMICAgM4AQA4TIECAAAECXRcQ0Ol6CywgQwICOhlqhqW0R0BApz2u 7kqAAAECBAgQ6LSAgE6nxc1HgAABAgQIECCQdQEBnax3yPoIECBAgAABAR2/AQIbBQR0NlrY SlRAQCfRxiqLAAECBAgQKJyAgE7hWq5gAgQIECBAgACBAQQEdAYAcpgAAQIECBDouoCATtdb YAEZEhDQyVAzLKU9AgI67XF1VwIECBAgQIBApwUEdDotbj4CBAgQIECAAIGsCwjoZL1D1keA AAECBAgI6PgNENgoIKCz0cJWogICOok2VlkECBAgQIBA4QQEdArXcgUTIECAAAECBAgMICCg MwCQwwQIECBAgEDXBQR0ut4CC8iQgIBOhpphKe0RENBpj6u7EiBAgAABAgQ6LSCg02lx8xEg QIAAAQIECGRdQEAn6x2yPgIECBAgQEBAx2+AwEYBAZ2NFrYSFRDQSbSxyiJAgAABAgQKJyCg U7iWK5gAAQIECBAgQGAAAQGdAYAcJkCAAAECBLouIKDT9RZYQIYEBHQy1AxLaY+AgE57XN2V AAECBAgQINBpAQGdToubjwABAgQIECBAIOsCAjpZ75D1ESBAgAABAgI6fgMENgoI6Gy0sJWo wAMPPBCmTp1aqu6KK64Ip59+eqKVKosAAQIECBAgkLZADOjsu+++Yfny5WHvvfcOCxYsSLtg 1REgQIAAAQIECBAYQOCjH/1omDdvXth6663D008/PcDZDhMgQIAAAQIEOi/w6KOPhokTJ5Ym vuiii8IFF1zQ+UWYkUBGBAR0MtIIyyBAgAABAgQIECBAoH+BGNBZsWJF6aTNN988bL/99v1f 4CgBAgQIECBAgAABAgQIECBAgAABAgQIEMiIgIBORhphGQQIECBAgAABAgQIDCzw6quvlk7a ZJNNwqhRowa+wBkECBAgQIAAAQIECBAgQIAAAQIECBAgQCADAgI6GWiCJRAgQIAAAQIECBAg QIAAAQIECBAgQIAAAQIECBAgQIAAAQIECKQrIKCTbm9VRoAAAQIECBAgQIAAAQIECBAgQIAA AQIECBAgQIAAAQIECBAgkAEBAZ0MNMESCBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAg QIAAAQIE0hUQ0Em3tyojQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBDIgICA TgaaYAkECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQLpCgjopNtblREgQIAA AQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECGRAQEAnA02wBAIECBAgQIAAAQIECBAg QIAAAQIECBAgQIAAAQIECBAgQIAAgXQFBHTS7a3KCBAgQIAAAQIECBAgQIAAAQIECBAgQIAA AQIECBAgQIAAAQIEMiAgoJOBJlgCAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAg QIBAugICOun2VmUECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIZEBDQyUAT LIEAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQCBdAQGddHurMgIECBAgQIAA AQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAgQwICOhkoAmWQIAAAQIECBAgQIAAAQIECBAg QIAAAQIECBAgQIAAAQIECBAgkK6AgE66vVUZAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAA AQIECBAgQIBABgQEdDLQBEsgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBBI V0BAJ93eqowAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQCADAgI6GWiCJRAg QIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECKQrIKCTbm9VRoAAAQIECBAgQIAA AQIECBAgQIAAAQIECBAgQIAAAQIECBAgkAEBAZ0MNMESCBAgQIAAAQIECBAgQIAAAQIECBAg QIAAAQIECBAgQIAAAQIE0hUQ0Em3tyojQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAA AQIECBDIgICATgaaYAkECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQLpCgjo pNtblREgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECGRAQEAnA02wBAIECBAg QIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAgXQFBHTS7a3KCBAgQIAAAQIECBAgQIAA AQIECBAgQIAAAQIECBAgQIAAAQIEMiAgoJOBJlgCAQIECBAgQIAAAQIECBAgQIAAAQIECBAg QIAAAQIECBAgQIBAugICOun2VmUECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAA AQIZEBDQyUATLIEAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQCBdAQGddHur MgIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAgQwICOhkoAmWQIAAAQIECBAg QIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgkK6AgE66vVUZAQIECBAgQIAAAQIECBAgQIAA AQIECBAgQIAAAQIECBAgQIBABgQEdDLQBEsgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAg QIAAAQIECBBIV0BAJ93eqowAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQCAD AgI6GWiCJRAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECKQrIKCTbm9VRoAA AQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgkAEBAZ0MNMESCBAgQIAAAQIECBAg QIAAAQIECBAgQIAAAQIECBAgQIAAAQIE0hUQ0Em3tyojQIAAAQIECBAgQIAAAQIECBAgQIAA AQIECBAgQIAAAQIECBDIgICATgaaYAkECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAg QIAAAQLpCgjopNtblREgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECGRAQEAn A02wBAIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAgXQFBHTS7a3KCBAgQIAA AQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIEMiAgoJOBJlgCAQIECBAgQIAAAQIECBAg QIAAAQIECBAgQIAAAQIECBAgQIBAugICOun2VmUECBAgQIAAAQIECBAgQIAAAQIECBAgQIAA AQIECBAgQIAAAQIZEBDQyUATLIEAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAg QCBdAQGddHurMgIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAgQwICOhkoAmW QIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgkK6AgE66vVUZAQIECBAgQIAA AQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIBABgQEdDLQBEsgQIAAAQIECBAgQIAAAQIECBAg QIAAAQIECBAgQIAAAQIECBBIV0BAJ93eqowAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAA AQIECBAgQCADAgI6GWiCJRAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECKQr IKCTbm9VRoAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgkAEBAZ0MNMESCBAg QIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIE0hUQ0Em3tyojQIAAAQIECBAgQIAA AQIECBAgQIAAAQIECBAgQIAAAQIECBDIgICATgaaYAkECBAgQIAAAQIECBAgQIAAAQIECBAg QIAAAQIECBAgQIAAAQLpCgjopNtblREgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAA AQIECGRAQEAnA02wBAIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAgXQFBHTS 7a3KCBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIEMiAgoJOBJlgCAQIECBAg QIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIBAugICOun2VmUECBAgQIAAAQIECBAgQIAA AQIECBAgQIAAAQIECBAgQIAAAQIZEBDQyUATLIEAAQIECBAgQIAAAQIECBAgQIAAAQIECBAg QIAAAQIECBAgQCBdAQGddHurMgIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAA gQwICOhkoAmWQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgkK6AgE66vVUZ AQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIBABgQEdDLQBEsgQIAAAQIECBAg QIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBBIV+D/ANfXYPtShVLNAAAAAElFTkSuQmCC --------------B9F4A2494F7205517F9FB028-- From nobody Sat Jun 5 07:52:09 2021 Return-Path: X-Original-To: txauth@ietfa.amsl.com Delivered-To: txauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 855D73A214B for ; Sat, 5 Jun 2021 07:52:07 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.496 X-Spam-Level: X-Spam-Status: No, score=-1.496 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, KHOP_HELO_FCRDNS=0.398, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VvD83dyr1UNE for ; Sat, 5 Jun 2021 07:52:03 -0700 (PDT) Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B85763A230B for ; Sat, 5 Jun 2021 07:52:02 -0700 (PDT) Received: from [192.168.1.49] (static-71-174-62-56.bstnma.fios.verizon.net [71.174.62.56]) (authenticated bits=0) (User authenticated as jricher@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 155EpxC5024019 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sat, 5 Jun 2021 10:51:59 -0400 From: Justin Richer Message-Id: <429623E4-5C45-474C-801A-6953E803BAE6@mit.edu> Content-Type: multipart/alternative; boundary="Apple-Mail=_5521F8C5-E851-4234-B4E7-28181A01EBDA" Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.6\)) Date: Sat, 5 Jun 2021 10:51:59 -0400 In-Reply-To: <3950725f-26e5-0eb5-92bb-5e2ed977ac85@verifiablecredentials.info> Cc: txauth@ietf.org To: David Chadwick References: <3950725f-26e5-0eb5-92bb-5e2ed977ac85@verifiablecredentials.info> X-Mailer: Apple Mail (2.3608.120.23.2.6) Archived-At: Subject: Re: [GNAP] Mix Up Attack against GNAP X-BeenThere: txauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: GNAP List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 05 Jun 2021 14:52:08 -0000 --Apple-Mail=_5521F8C5-E851-4234-B4E7-28181A01EBDA Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 Hi David, I think it=E2=80=99s similar to message forwarding, but there=E2=80=99s = one important difference =E2=80=94 the AAS already is modifying the = message to HAS. It doesn=E2=80=99t need to forward the complete message = from (2), it creates a brand new message in (3) and signs it with its = own key. So the client knows it=E2=80=99s talking to AAS and vice versa, = and AAS knows it=E2=80=99s talking to HAS and vice versa. What=E2=80=99s = different is that AAS is able to take pieces out of the (valid) message = from the client and make its own message out of those parts, and then = get value out of that. But that does raise an interesting question: what if ASS :did: simply = forward the signed message from the client to HAS? The signature method = would need to protect the target of the HTTP request, but I think that = should already be covered in most of the signature methods. We need to = put some focus on these signature methods directly in the near future, = so that=E2=80=99s something to keep in mind here. =E2=80=94 Justin > On Jun 5, 2021, at 8:26 AM, David Chadwick = wrote: >=20 > This attack is similar to surreptitious forwarding (message 3). One = solution is for the sender (Client) to identify the recipient in message = 2 so that it cannot be altered by the AAS when it creates message 3. The = grant endpoint of the AS that the client instance is talking to would = seem to fit this solution >=20 > Kind regards >=20 > David >=20 > On 04/06/2021 15:59, Justin Richer wrote: >> This week, some researchers reached out to the editors to describe an = attack against GNAP in the front channel that=E2=80=99s inherited from = OAuth 2. I will describe the attack, list out its preconditions, and = then describe a proposed solution space. We=E2=80=99re looking for input = and feedback from the group on managing this solution. >>=20 >> But first, many thanks to =C3=85ke Axeland and Adam Omar Oueidat for = doing this analysis, putting together the diagram below, and bringing it = to the group=E2=80=99s attention. >>=20 >> The attack is largely the same as one of the =E2=80=9CAS Mix Up=E2=80=9D= attack cases in "Comprehensive Security Analysis of OAuth 2.0=E2=80=9D = by Daniel Fett and colleagues. It=E2=80=99s a kind of in-the-middle = and/or phishing attack at its core.=20 >>=20 >> The attacker has their own authorization server (AAS) which can also = act as a client instance. An uncompromised client (UC) instance and an = uncompromised authorization server (HAS) are assumed. There is no = compromise of secret keys or breaking of TLS in this attack. >>=20 >> 1. UC is a client of AAS, and might also be a client of HAS. User = wants to authorize at HAS but tells UC to use AAS. >> 2. UC starts a request at AAS, signed with UC=E2=80=99s key. AAS is = imitating HAS. >> 3. AAS forwards UC=E2=80=99s request parameters (Client nonce, = interaction finish URI) to HAS, but signed with AAS=E2=80=99s key. >> 4. HAS responds with an interaction start URL and server nonce to AAS >> 5. AAS forwards the interaction start URL and server nonce to UC >> 6. (Note) HAS is functionally telling the user to show up and = interact, but doesn=E2=80=99t realize that the request is being proxied = in this way. >> 7. UC launches interaction start url, which is a function of HAS >> 8. HAS returns the verification hash and interaction reference to UC >> 9. UC validates the hash (which is correct) and sends the interaction = reference to AAS >> 10. AAS forwards the interaction reference to HAS=20 >> 11. AAS receives an access token for calling an RS protected by HAS. = The client receives no access token. >>=20 >> The diagram from the researchers is attached here. I=E2=80=99ll be = using the numbers in the text list here like (1) to refer to specific = steps. >>=20 >> >> Some preconditions and analysis: >>=20 >> Step (1) is made easier if the client has choice over which AS to = talk to for a given request, since that=E2=80=99s how it starts talking = to AAS instead of HAS. The danger of allowing a client to choose its AS = at runtime has been discussed, but it=E2=80=99s a known pattern that we = can=E2=80=99t expect to go away. >>=20 >> AAS is treated as a legitimate client of HAS and UC is a legitimate = client of AAS. While dynamic clients can exacerbate this problem at = runtime, at no time does HAS always knows the requests are coming from = AAS and UC always knows it=E2=80=99s talking to AAS. There is no = cryptographic impersonation and no theft of keys.=20 >>=20 >> The attack occurs because the user and client think they=E2=80=99re = dealing with different AS=E2=80=99s, and you can=E2=80=99t expect a user = to always be able to tell them apart, especially when the backend calls = like (2) are hidden. It=E2=80=99s assumed that the user actually wants = to authorize UC for HAS, but UC talks to AAS instead because of = configuration (1). AAS can imitate HAS to the user to facilitate (1), = and imitate UC to HAS, but only for human-facing portions (7). Static = pre-registration makes this more difficult, assuming that all = registrations are reviewed by humans. If HAS has no idea that UC exists, = it wouldn=E2=80=99t necessarily know that AAS is impersonating anyone. >>=20 >> The token at the end (11), assuming it=E2=80=99s a bound token, is = only good with AAS=E2=80=99s key and not UC=E2=80=99s key. This is great = for the attacker until UC starts to act funny and raise suspicion, since = the process didn=E2=80=99t ever complete. With the OAuth attack, and = with bearer tokens in GNAP, the token can be passed through to the UC = making UC none the wiser.=20 >>=20 >> The hash validation (9) does not protect against this specific = attack. Since AAS sits in the middle, it has access to the Client nonce = from UC, the server nonce from AAS, and the interaction reference at the = appropriate times. AAS doesn=E2=80=99t need to generate the hash, but = can force HAS to generate an appropriate hash. >>=20 >> The proposed mitigation(s):=20 >>=20 >> In OAuth 2, the accepted mitigation is to provide another query = parameter with the =E2=80=9Cissuer=E2=80=9D URL of the AS. We could do = that here, but that would have the same downsides: the client has to = check this value explicitly. Therefore we=E2=80=99re proposing that = instead we use the existing validation hash algorithm and add an = additional field. This would need to be something known to UC and HAS = that can=E2=80=99t be impersonated by AAS, even if it=E2=80=99s known. = Therefore, it makes sense to use something that=E2=80=99s derived. There = are a few ideas of what to do here, each with benefits and drawbacks: >>=20 >> - The grant endpoint of the AS that the client instance is talking = to. >> - The continuation endpoint that the client instance will send the = interaction reference to. (This might be different from the above) >> - The continuation access token value >> - A key hash for the AS the client is talking to (TLS key to one of = these endpoints? Some other external key added to the mix?) >>=20 >> The important thing here is that it=E2=80=99s a value that=E2=80=99s = known but not a shared-secret that=E2=80=99s passed between parties. The = client doesn=E2=80=99t need to check anything new, just needs to do the = hash validation that it should be doing anyway. >>=20 >> Requested feedback: >>=20 >> The editors are requesting feedback and discussion on the attack and = the proposed mitigation strategy. As a group, we would also benefit from = additional formal analysis of the protocol with and without the = mitigation in place. Additionally, we need to be sure we aren=E2=80=99t = accidentally cutting off a legitimate use case, like AS bridges and = proxies that aren=E2=80=99t trying to hide their presence. >>=20 >> =E2=80=94 Justin >>=20 >>=20 > --=20 > TXAuth mailing list > TXAuth@ietf.org > https://www.ietf.org/mailman/listinfo/txauth --Apple-Mail=_5521F8C5-E851-4234-B4E7-28181A01EBDA Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8 Hi = David,

I think = it=E2=80=99s similar to message forwarding, but there=E2=80=99s one = important difference =E2=80=94 the AAS already is modifying the message = to HAS. It doesn=E2=80=99t need to forward the complete message from = (2), it creates a brand new message in (3) and signs it with its own = key. So the client knows it=E2=80=99s talking to AAS and vice versa, and = AAS knows it=E2=80=99s talking to HAS and vice versa. What=E2=80=99s = different is that AAS is able to take pieces out of the (valid) message = from the client and make its own message out of those parts, and then = get value out of that.

But that does raise an interesting question: what if ASS = :did: simply forward the signed message from the client to HAS? The = signature method would need to protect the target of the HTTP request, = but I think that should already be covered in most of the signature = methods. We need to put some focus on these signature methods directly = in the near future, so that=E2=80=99s something to keep in mind = here.

 =E2=80= =94 Justin

On Jun 5, 2021, at 8:26 AM, David Chadwick = <d.w.chadwick@verifiablecredentials.info> = wrote:

=20

This attack is similar to surreptitious = forwarding (message 3). One solution is for the sender (Client) to identify the recipient in message 2 so that it cannot be altered by the AAS when it creates message 3. The grant endpoint of the AS that the client instance is talking to would seem to fit this solution

Kind regards

David

On 04/06/2021 15:59, Justin Richer wrote:
=20 This week, some researchers reached out to the editors to describe an attack against GNAP in the front channel that=E2=80=99s = inherited from OAuth 2. I will describe the attack, list out its preconditions, and then describe a proposed solution space. We=E2=80=99re looking = for input and feedback from the group on managing this solution.

But first, many thanks to =C3=85ke Axeland and = Adam Omar Oueidat for doing this analysis, putting together the diagram below, and bringing it to the group=E2=80=99s attention.

The attack is largely the same as one of the =E2=80=9C= AS Mix Up=E2=80=9D attack cases in "Comprehensive Security = Analysis of OAuth 2.0=E2=80=9D by Daniel Fett and colleagues. It=E2=80=99s a kind = of in-the-middle and/or phishing attack at its core. 

The attacker has their own authorization server (AAS) which can also act as a client instance. An uncompromised client (UC) instance and an uncompromised authorization server (HAS) are assumed. There is no compromise of secret keys or breaking of TLS in this attack.

1. UC is a client of AAS, and might also be a = client of HAS. User wants to authorize at HAS but tells UC to use = AAS.
2. UC starts a request at AAS, signed with UC=E2=80=99= s key. AAS is imitating HAS.
3. AAS forwards UC=E2=80=99s request parameters = (Client nonce, interaction finish URI) to HAS, but signed with AAS=E2=80=99= s key.
4. HAS responds with an interaction start URL and server nonce to AAS
5. AAS forwards the interaction start URL and = server nonce to UC
6. (Note) HAS is functionally telling the user to show up and interact, but doesn=E2=80=99t realize that the = request is being proxied in this way.
7. UC launches interaction start url, which is a function of HAS
8. HAS returns the verification hash and = interaction reference to UC
9. UC validates the hash (which is correct) and sends the interaction reference to AAS
10. AAS forwards the interaction reference to = HAS 
11. AAS receives an access token for calling an RS protected by HAS. The client receives no access token.

The diagram from the researchers is attached here. I=E2=80=99ll be using the numbers in the text list here like (1) = to refer to specific steps.

<PastedGr= aphic-2.png>
Some preconditions and = analysis:

Step (1) is made easier if the client has choice over which AS to talk to for a given request, since that=E2=80=99s= how it starts talking to AAS instead of HAS. The danger of allowing a client to choose its AS at runtime has been discussed, but it=E2=80=99s a known pattern that we can=E2=80=99t expect to go = away.

AAS is treated as a legitimate client of HAS and = UC is a legitimate client of AAS. While dynamic clients can exacerbate this problem at runtime, at no time does HAS always knows the requests are coming from AAS and UC always knows = it=E2=80=99s talking to AAS. There is no cryptographic impersonation and no theft of keys. 

The attack occurs because the user and client = think they=E2=80=99re dealing with different AS=E2=80=99s, and you = can=E2=80=99t expect a user to always be able to tell them apart, especially when the backend calls like (2) are hidden. It=E2=80=99s assumed that the = user actually wants to authorize UC for HAS, but UC talks to AAS instead because of configuration (1). AAS can imitate HAS to the user to facilitate (1), and imitate UC to HAS, but only for human-facing portions (7). Static pre-registration makes this more difficult, assuming that all registrations are reviewed by humans. If HAS has no idea that UC exists, it wouldn=E2=80=99t necessarily know that AAS is impersonating anyone.

The token at the end (11), assuming it=E2=80=99s a = bound token, is only good with AAS=E2=80=99s key and not UC=E2=80=99s = key. This is great for the attacker until UC starts to act funny and raise suspicion, since the process didn=E2=80=99t ever complete. With = the OAuth attack, and with bearer tokens in GNAP, the token can be passed through to the UC making UC none the wiser. 

The hash validation (9) does not protect against this specific attack. Since AAS sits in the middle, it has access to the Client nonce from UC, the server nonce from AAS, and the interaction reference at the appropriate times. AAS doesn=E2=80=99t need to generate the hash, but can force HAS to = generate an appropriate hash.

The proposed = mitigation(s): 

In OAuth 2, the accepted mitigation is to provide another query parameter with the =E2=80=9Cissuer=E2=80=9D URL of = the AS. We could do that here, but that would have the same downsides: the client has to check this value explicitly. Therefore we=E2=80=99re= proposing that instead we use the existing validation hash algorithm and add an additional field. This would need to be something known to UC and HAS that can=E2=80=99t be impersonated = by AAS, even if it=E2=80=99s known. Therefore, it makes sense to use = something that=E2=80=99s derived. There are a few ideas of what to do = here, each with benefits and drawbacks:

- The grant endpoint of the AS that the client instance is talking to.
- The continuation endpoint that the client = instance will send the interaction reference to. (This might be different from the above)
- The continuation access token value
- A key hash for the AS the client is talking to (TLS key to one of these endpoints? Some other external key added to the mix?)

The important thing here is that it=E2=80=99s a = value that=E2=80=99s known but not a shared-secret that=E2=80=99s passed between = parties. The client doesn=E2=80=99t need to check anything new, just needs to = do the hash validation that it should be doing anyway.

Requested feedback:

The editors are requesting feedback and discussion on the attack and the proposed mitigation strategy. As a group, we would also benefit from additional formal analysis of the protocol with and without the mitigation in place. Additionally, we need to be sure we aren=E2=80=99t accidentally cutting off a legitimate use case, like AS bridges and proxies that aren=E2=80=99= t trying to hide their presence.

 =E2=80=94 Justin

--
TXAuth mailing list
TXAuth@ietf.org
https://www.ietf.org/mailman/listinfo/txauth

= --Apple-Mail=_5521F8C5-E851-4234-B4E7-28181A01EBDA-- From nobody Sat Jun 5 09:40:01 2021 Return-Path: X-Original-To: txauth@ietfa.amsl.com Delivered-To: txauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1C58B3A2863 for ; Sat, 5 Jun 2021 09:39:59 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.194 X-Spam-Level: X-Spam-Status: No, score=-4.194 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eK_uIA5SOwkC for ; Sat, 5 Jun 2021 09:39:54 -0700 (PDT) Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F38EC3A2861 for ; Sat, 5 Jun 2021 09:39:53 -0700 (PDT) Received: from [192.168.1.49] (static-71-174-62-56.bstnma.fios.verizon.net [71.174.62.56]) (authenticated bits=0) (User authenticated as jricher@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 155GdpVU022706 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sat, 5 Jun 2021 12:39:52 -0400 From: Justin Richer Message-Id: Content-Type: multipart/alternative; boundary="Apple-Mail=_F2412324-C9A6-4A6E-89C3-0AB2046BC90D" Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.6\)) Date: Sat, 5 Jun 2021 12:39:51 -0400 In-Reply-To: <7deb4b8f-6d2e-c386-23d6-7286a5077cc6@verifiablecredentials.info> Cc: txauth@ietf.org To: David Chadwick References: <3950725f-26e5-0eb5-92bb-5e2ed977ac85@verifiablecredentials.info> <429623E4-5C45-474C-801A-6953E803BAE6@mit.edu> <7deb4b8f-6d2e-c386-23d6-7286a5077cc6@verifiablecredentials.info> X-Mailer: Apple Mail (2.3608.120.23.2.6) Archived-At: Subject: Re: [GNAP] Mix Up Attack against GNAP X-BeenThere: txauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: GNAP List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 05 Jun 2021 16:39:59 -0000 --Apple-Mail=_F2412324-C9A6-4A6E-89C3-0AB2046BC90D Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 But that=E2=80=99s what I=E2=80=99m saying =E2=80=94 the client knows = it=E2=80=99s talking to AAS and not HAS so with this kind of solution it = would just create a message cryptographically tagged to AAS. And then on = the next step, AAS creates a message cryptographically bound to HAS. So = even if the client already says =E2=80=9Cthis message is for AAS=E2=80=9D = explicitly, the attack surface doesn=E2=80=99t change. Only if the = client thought it was talking to HAS would this make a difference, but = that=E2=80=99s not what=E2=80=99s happening here. This, I believe, is = what makes this kind of attack much more subtle than a simple message = relay. =E2=80=94 Justin > On Jun 5, 2021, at 11:09 AM, David Chadwick = wrote: >=20 > Hi Justin >=20 > the point I am making is that the message created by the Client must = be received by the ultimate recipient, knowing that the Client created = it and that the ultimate recipient is the intended recipient. In the = current flow both recipients know they are the intended recipients, but = also know that different clients are talking to them. Thus any solution = must have the message originator cryptographically protecting both the = sender and recipient addresses. Once you do this, you thwart the current = vulnerability. >=20 > Kind regards >=20 > David >=20 > On 05/06/2021 15:51, Justin Richer wrote: >> Hi David, >>=20 >> I think it=E2=80=99s similar to message forwarding, but there=E2=80=99s= one important difference =E2=80=94 the AAS already is modifying the = message to HAS. It doesn=E2=80=99t need to forward the complete message = from (2), it creates a brand new message in (3) and signs it with its = own key. So the client knows it=E2=80=99s talking to AAS and vice versa, = and AAS knows it=E2=80=99s talking to HAS and vice versa. What=E2=80=99s = different is that AAS is able to take pieces out of the (valid) message = from the client and make its own message out of those parts, and then = get value out of that. >>=20 >> But that does raise an interesting question: what if ASS :did: simply = forward the signed message from the client to HAS? The signature method = would need to protect the target of the HTTP request, but I think that = should already be covered in most of the signature methods. We need to = put some focus on these signature methods directly in the near future, = so that=E2=80=99s something to keep in mind here. >>=20 >> =E2=80=94 Justin >>=20 >>> On Jun 5, 2021, at 8:26 AM, David Chadwick = > wrote: >>>=20 >>> This attack is similar to surreptitious forwarding (message 3). One = solution is for the sender (Client) to identify the recipient in message = 2 so that it cannot be altered by the AAS when it creates message 3. The = grant endpoint of the AS that the client instance is talking to would = seem to fit this solution >>>=20 >>> Kind regards >>>=20 >>> David >>>=20 >>> On 04/06/2021 15:59, Justin Richer wrote: >>>> This week, some researchers reached out to the editors to describe = an attack against GNAP in the front channel that=E2=80=99s inherited = from OAuth 2. I will describe the attack, list out its preconditions, = and then describe a proposed solution space. We=E2=80=99re looking for = input and feedback from the group on managing this solution. >>>>=20 >>>> But first, many thanks to =C3=85ke Axeland and Adam Omar Oueidat = for doing this analysis, putting together the diagram below, and = bringing it to the group=E2=80=99s attention. >>>>=20 >>>> The attack is largely the same as one of the =E2=80=9CAS Mix Up=E2=80= =9D attack cases in "Comprehensive Security Analysis of OAuth 2.0=E2=80=9D= by Daniel Fett and colleagues. It=E2=80=99s a kind of in-the-middle = and/or phishing attack at its core.=20 >>>>=20 >>>> The attacker has their own authorization server (AAS) which can = also act as a client instance. An uncompromised client (UC) instance and = an uncompromised authorization server (HAS) are assumed. There is no = compromise of secret keys or breaking of TLS in this attack. >>>>=20 >>>> 1. UC is a client of AAS, and might also be a client of HAS. User = wants to authorize at HAS but tells UC to use AAS. >>>> 2. UC starts a request at AAS, signed with UC=E2=80=99s key. AAS is = imitating HAS. >>>> 3. AAS forwards UC=E2=80=99s request parameters (Client nonce, = interaction finish URI) to HAS, but signed with AAS=E2=80=99s key. >>>> 4. HAS responds with an interaction start URL and server nonce to = AAS >>>> 5. AAS forwards the interaction start URL and server nonce to UC >>>> 6. (Note) HAS is functionally telling the user to show up and = interact, but doesn=E2=80=99t realize that the request is being proxied = in this way. >>>> 7. UC launches interaction start url, which is a function of HAS >>>> 8. HAS returns the verification hash and interaction reference to = UC >>>> 9. UC validates the hash (which is correct) and sends the = interaction reference to AAS >>>> 10. AAS forwards the interaction reference to HAS=20 >>>> 11. AAS receives an access token for calling an RS protected by = HAS. The client receives no access token. >>>>=20 >>>> The diagram from the researchers is attached here. I=E2=80=99ll be = using the numbers in the text list here like (1) to refer to specific = steps. >>>>=20 >>>> >>>> Some preconditions and analysis: >>>>=20 >>>> Step (1) is made easier if the client has choice over which AS to = talk to for a given request, since that=E2=80=99s how it starts talking = to AAS instead of HAS. The danger of allowing a client to choose its AS = at runtime has been discussed, but it=E2=80=99s a known pattern that we = can=E2=80=99t expect to go away. >>>>=20 >>>> AAS is treated as a legitimate client of HAS and UC is a legitimate = client of AAS. While dynamic clients can exacerbate this problem at = runtime, at no time does HAS always knows the requests are coming from = AAS and UC always knows it=E2=80=99s talking to AAS. There is no = cryptographic impersonation and no theft of keys.=20 >>>>=20 >>>> The attack occurs because the user and client think they=E2=80=99re = dealing with different AS=E2=80=99s, and you can=E2=80=99t expect a user = to always be able to tell them apart, especially when the backend calls = like (2) are hidden. It=E2=80=99s assumed that the user actually wants = to authorize UC for HAS, but UC talks to AAS instead because of = configuration (1). AAS can imitate HAS to the user to facilitate (1), = and imitate UC to HAS, but only for human-facing portions (7). Static = pre-registration makes this more difficult, assuming that all = registrations are reviewed by humans. If HAS has no idea that UC exists, = it wouldn=E2=80=99t necessarily know that AAS is impersonating anyone. >>>>=20 >>>> The token at the end (11), assuming it=E2=80=99s a bound token, is = only good with AAS=E2=80=99s key and not UC=E2=80=99s key. This is great = for the attacker until UC starts to act funny and raise suspicion, since = the process didn=E2=80=99t ever complete. With the OAuth attack, and = with bearer tokens in GNAP, the token can be passed through to the UC = making UC none the wiser.=20 >>>>=20 >>>> The hash validation (9) does not protect against this specific = attack. Since AAS sits in the middle, it has access to the Client nonce = from UC, the server nonce from AAS, and the interaction reference at the = appropriate times. AAS doesn=E2=80=99t need to generate the hash, but = can force HAS to generate an appropriate hash. >>>>=20 >>>> The proposed mitigation(s):=20 >>>>=20 >>>> In OAuth 2, the accepted mitigation is to provide another query = parameter with the =E2=80=9Cissuer=E2=80=9D URL of the AS. We could do = that here, but that would have the same downsides: the client has to = check this value explicitly. Therefore we=E2=80=99re proposing that = instead we use the existing validation hash algorithm and add an = additional field. This would need to be something known to UC and HAS = that can=E2=80=99t be impersonated by AAS, even if it=E2=80=99s known. = Therefore, it makes sense to use something that=E2=80=99s derived. There = are a few ideas of what to do here, each with benefits and drawbacks: >>>>=20 >>>> - The grant endpoint of the AS that the client instance is talking = to. >>>> - The continuation endpoint that the client instance will send the = interaction reference to. (This might be different from the above) >>>> - The continuation access token value >>>> - A key hash for the AS the client is talking to (TLS key to one of = these endpoints? Some other external key added to the mix?) >>>>=20 >>>> The important thing here is that it=E2=80=99s a value that=E2=80=99s = known but not a shared-secret that=E2=80=99s passed between parties. The = client doesn=E2=80=99t need to check anything new, just needs to do the = hash validation that it should be doing anyway. >>>>=20 >>>> Requested feedback: >>>>=20 >>>> The editors are requesting feedback and discussion on the attack = and the proposed mitigation strategy. As a group, we would also benefit = from additional formal analysis of the protocol with and without the = mitigation in place. Additionally, we need to be sure we aren=E2=80=99t = accidentally cutting off a legitimate use case, like AS bridges and = proxies that aren=E2=80=99t trying to hide their presence. >>>>=20 >>>> =E2=80=94 Justin >>>>=20 >>>>=20 >>> --=20 >>> TXAuth mailing list >>> TXAuth@ietf.org >>> https://www.ietf.org/mailman/listinfo/txauth = >>=20 --Apple-Mail=_F2412324-C9A6-4A6E-89C3-0AB2046BC90D Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8 But = that=E2=80=99s what I=E2=80=99m saying =E2=80=94 the client knows it=E2=80= =99s talking to AAS and not HAS so with this kind of solution it would = just create a message cryptographically tagged to AAS. And then on the = next step, AAS creates a message cryptographically bound to HAS. So even = if the client already says =E2=80=9Cthis message is for AAS=E2=80=9D = explicitly, the attack surface doesn=E2=80=99t change. Only if the = client thought it was talking to HAS would this make a difference, but = that=E2=80=99s not what=E2=80=99s happening here. This, I believe, is = what makes this kind of attack much more subtle than a simple message = relay.

 =E2=80=94= Justin

On Jun 5, 2021, at 11:09 AM, David Chadwick = <d.w.chadwick@verifiablecredentials.info> = wrote:

=20

Hi Justin

the point I = am making is that the message created by the Client must be received by the ultimate recipient, knowing that the Client created it and that the ultimate recipient is the intended recipient. In the current flow both recipients know they are the intended recipients, but also know that different clients are talking to them. Thus any solution must have the message originator cryptographically protecting both the sender and recipient addresses. Once you do this, you thwart the current vulnerability.

Kind regards

David

On 05/06/2021 15:51, Justin Richer wrote:
=20 Hi David,

I think it=E2=80=99s similar to message = forwarding, but there=E2=80=99s one important difference =E2=80=94 the AAS = already is modifying the message to HAS. It doesn=E2=80=99t need to forward the = complete message from (2), it creates a brand new message in (3) and signs it with its own key. So the client knows it=E2=80=99s = talking to AAS and vice versa, and AAS knows it=E2=80=99s talking to HAS = and vice versa. What=E2=80=99s different is that AAS is able to take = pieces out of the (valid) message from the client and make its own message out of those parts, and then get value out of that.

But that does raise an interesting question: what = if ASS :did: simply forward the signed message from the client to HAS? The signature method would need to protect the target of the HTTP request, but I think that should already be covered in most of the signature methods. We need to put some focus on these signature methods directly in the near future, so that=E2=80= =99s something to keep in mind here.

 =E2=80=94 Justin

On Jun 5, 2021, at 8:26 AM, David Chadwick <d.w.chadwick@verifiablecredentials.info> wrote:

=20

This attack is similar to = surreptitious forwarding (message 3). One solution is for the sender (Client) to identify the recipient in message 2 so that it cannot be altered by the AAS when it creates message 3. The grant endpoint of the AS that the client instance is talking to would seem to fit this solution

Kind regards

David

On 04/06/2021 15:59, = Justin Richer wrote:
= This week, some researchers reached out to the editors to describe an attack against GNAP in the front channel that=E2=80=99s inherited from OAuth 2. I = will describe the attack, list out its preconditions, and then describe a proposed solution space. We=E2=80=99re = looking for input and feedback from the group on managing this solution.

But first, many thanks to =C3=85ke = Axeland and Adam Omar Oueidat for doing this analysis, putting together the diagram below, and bringing it to the group=E2=80=99s attention.

The attack is largely the same as one = of the =E2=80=9CAS Mix Up=E2=80=9D attack cases in = "Comprehensive Security Analysis of OAuth 2.0=E2=80=9D by = Daniel Fett and colleagues. It=E2=80=99s a kind of in-the-middle = and/or phishing attack at its core. 

The attacker has their own = authorization server (AAS) which can also act as a client instance. An uncompromised client (UC) instance and an uncompromised authorization server (HAS) are assumed. There is no compromise of secret keys or breaking of TLS in this attack.

1. UC is a client of AAS, and might = also be a client of HAS. User wants to authorize at HAS but tells UC to use AAS.
2. UC starts a request at AAS, signed with UC=E2=80=99s key. AAS is imitating HAS.
3. AAS forwards UC=E2=80=99s request = parameters (Client nonce, interaction finish URI) to HAS, but signed with AAS=E2=80=99s key.
4. HAS responds with an interaction start URL and server nonce to AAS
5. AAS forwards the interaction start URL and server nonce to UC
6. (Note) HAS is functionally telling the user to show up and interact, but doesn=E2=80=99t realize that the request is being proxied in this way.
7. UC launches interaction start url, which is a function of HAS
8. HAS returns the verification hash = and interaction reference to UC
9. UC validates the hash (which is correct) and sends the interaction reference to = AAS
10. AAS forwards the interaction reference to HAS 
11. AAS receives an access token for calling an RS protected by HAS. The client receives no access token.

The diagram from the researchers is attached here. I=E2=80=99ll be using the numbers in = the text list here like (1) to refer to specific steps.

<PastedGraphic-2.png>
Some preconditions and analysis:

Step (1) is made easier if the client has choice over which AS to talk to for a given request, since that=E2=80=99s how it starts talking = to AAS instead of HAS. The danger of allowing a client to choose its AS at runtime has been discussed, but it=E2=80=99s a known pattern that we can=E2=80=99t = expect to go away.

AAS is treated as a legitimate client = of HAS and UC is a legitimate client of AAS. While dynamic clients can exacerbate this problem at runtime, at no time does HAS always knows the requests are coming from AAS and UC always knows it=E2=80=99s talking to AAS. There is no = cryptographic impersonation and no theft of keys. 

The attack occurs because the user and client think they=E2=80=99re dealing with different = AS=E2=80=99s, and you can=E2=80=99t expect a user to always be = able to tell them apart, especially when the backend calls like (2) are hidden. It=E2=80=99s assumed that the = user actually wants to authorize UC for HAS, but UC talks to AAS instead because of configuration (1). AAS can imitate HAS to the user to facilitate (1), and imitate UC to HAS, but only for human-facing portions (7). Static pre-registration makes this more difficult, assuming that all registrations are reviewed by humans. If HAS has no idea that UC exists, it wouldn=E2=80=99t necessarily know that = AAS is impersonating anyone.

The token at the end (11), assuming = it=E2=80=99s a bound token, is only good with AAS=E2=80=99s key = and not UC=E2=80=99s key. This is great for the attacker = until UC starts to act funny and raise suspicion, since the process didn=E2=80=99t ever complete. With the OAuth = attack, and with bearer tokens in GNAP, the token can be passed through to the UC making UC none the = wiser. 

The hash validation (9) does not = protect against this specific attack. Since AAS sits in the middle, it has access to the Client nonce from UC, the server nonce from AAS, and the interaction reference at the appropriate times. AAS doesn=E2=80=99= t need to generate the hash, but can force HAS to generate an appropriate hash.

The proposed = mitigation(s): 

In OAuth 2, the accepted mitigation is to provide another query parameter with the = =E2=80=9Cissuer=E2=80=9D URL of the AS. We could do that here, but that would have the same downsides: the client has to check this value explicitly. Therefore we=E2=80=99re = proposing that instead we use the existing validation hash algorithm and add an additional field. This would need to be something known to UC and HAS that = can=E2=80=99t be impersonated by AAS, even if it=E2=80=99s known. Therefore, it makes sense to use something that=E2=80=99= s derived. There are a few ideas of what to do here, each with benefits and drawbacks:

- The grant endpoint of the AS that = the client instance is talking to.
- The continuation endpoint that the client instance will send the interaction reference to. (This might be different from the above)
- The continuation access token = value
- A key hash for the AS the client is talking to (TLS key to one of these endpoints? Some other external key added to the mix?)

The important thing here is that = it=E2=80=99s a value that=E2=80=99s known but not a shared-secret = that=E2=80=99s passed between parties. The client doesn=E2=80=99t = need to check anything new, just needs to do the hash validation that it should be doing anyway.

Requested = feedback:

The editors are requesting feedback = and discussion on the attack and the proposed mitigation strategy. As a group, we would also benefit from additional formal analysis of the protocol with and without the mitigation in place. Additionally, we need to be sure we aren=E2=80=99t accidentally = cutting off a legitimate use case, like AS bridges and proxies that aren=E2=80=99t trying to hide their = presence.

 =E2=80=94 Justin

--
TXAuth mailing list
TXAuth@ietf.org
https://www.ietf.org= /mailman/listinfo/txauth


= --Apple-Mail=_F2412324-C9A6-4A6E-89C3-0AB2046BC90D-- From nobody Sat Jun 5 09:40:23 2021 Return-Path: X-Original-To: txauth@ietfa.amsl.com Delivered-To: txauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 56D213A25DE for ; Sat, 5 Jun 2021 08:09:42 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.999 X-Spam-Level: X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, MIME_HTML_ONLY=0.1, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=verifiablecredentials.info Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fBLFpJFR9v61 for ; Sat, 5 Jun 2021 08:09:36 -0700 (PDT) Received: from client-mail2.aiso.net (client-mail2.aiso.net [199.19.158.252]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CDBE53A25E1 for ; Sat, 5 Jun 2021 08:09:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=verifiablecredentials.info; s=mail; h=Content-Transfer-Encoding: Content-Type:In-Reply-To:MIME-Version:Date:Message-ID:From:References:Cc:To: Subject:Sender:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=l+o2YMN4f8mu2BbiG+0lBZGILeFsgZwQvvHWsCTHxMM=; b=WC41kUGEeroQyXCBaxN3aRXfdx Ql06ZZUxzT+bTpxU2hMY3VegtMvgI1qpLuAh4kqV+o6oV6yqe5a4lzWGL17fKpXEOgne0XeJQLy+g RMhzp8Tf+Ug2JRXTd4u1OPkubAHapwf72AddQM5tpqm1wB60IpTlqGrsYdcRYgYKhdHo=; Received: from [146.200.52.122] (helo=AdministorsMBP2.lan) by client-mail2.aiso.net (envelope-from ) with esmtpsa (TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.94.2) id 1lpXvX-0009pg-A3; Sat, 05 Jun 2021 08:09:35 -0700 To: Justin Richer Cc: txauth@ietf.org References: <3950725f-26e5-0eb5-92bb-5e2ed977ac85@verifiablecredentials.info> <429623E4-5C45-474C-801A-6953E803BAE6@mit.edu> From: David Chadwick Organization: Verifiable Credentials Ltd Message-ID: <7deb4b8f-6d2e-c386-23d6-7286a5077cc6@verifiablecredentials.info> Date: Sat, 5 Jun 2021 16:09:28 +0100 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.10.2 MIME-Version: 1.0 In-Reply-To: <429623E4-5C45-474C-801A-6953E803BAE6@mit.edu> Content-Type: text/html; charset=utf-8 Content-Language: en-GB Content-Transfer-Encoding: 8bit X-AISO-Id: info@verifiablecredentials.info X-AISO-Outbound-SA-Spam-Score: 0.7 X-AISO-Outbound-SA-Spam-Score-Int: 7 X-AISO-Outbound-SA-Spam-Report: BAYES_00=-1.9, HTML_MESSAGE=0.001, KAM_INFOUSMEBIZ=2.5, MIME_HTML_ONLY=0.1, NICE_REPLY_A=-0.001 X-AISO-Report-Abuse: abuse@aiso.net Archived-At: X-Mailman-Approved-At: Sat, 05 Jun 2021 09:40:23 -0700 Subject: Re: [GNAP] Mix Up Attack against GNAP X-BeenThere: txauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: GNAP List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 05 Jun 2021 15:09:42 -0000

Hi Justin

the point I am making is that the message created by the Client must be received by the ultimate recipient, knowing that the Client created it and that the ultimate recipient is the intended recipient. In the current flow both recipients know they are the intended recipients, but also know that different clients are talking to them. Thus any solution must have the message originator cryptographically protecting both the sender and recipient addresses. Once you do this, you thwart the current vulnerability.

Kind regards

David

On 05/06/2021 15:51, Justin Richer wrote:
Hi David,

I think it’s similar to message forwarding, but there’s one important difference — the AAS already is modifying the message to HAS. It doesn’t need to forward the complete message from (2), it creates a brand new message in (3) and signs it with its own key. So the client knows it’s talking to AAS and vice versa, and AAS knows it’s talking to HAS and vice versa. What’s different is that AAS is able to take pieces out of the (valid) message from the client and make its own message out of those parts, and then get value out of that.

But that does raise an interesting question: what if ASS :did: simply forward the signed message from the client to HAS? The signature method would need to protect the target of the HTTP request, but I think that should already be covered in most of the signature methods. We need to put some focus on these signature methods directly in the near future, so that’s something to keep in mind here.

 — Justin

On Jun 5, 2021, at 8:26 AM, David Chadwick <d.w.chadwick@verifiablecredentials.info> wrote:

This attack is similar to surreptitious forwarding (message 3). One solution is for the sender (Client) to identify the recipient in message 2 so that it cannot be altered by the AAS when it creates message 3. The grant endpoint of the AS that the client instance is talking to would seem to fit this solution

Kind regards

David

On 04/06/2021 15:59, Justin Richer wrote:
This week, some researchers reached out to the editors to describe an attack against GNAP in the front channel that’s inherited from OAuth 2. I will describe the attack, list out its preconditions, and then describe a proposed solution space. We’re looking for input and feedback from the group on managing this solution.

But first, many thanks to Åke Axeland and Adam Omar Oueidat for doing this analysis, putting together the diagram below, and bringing it to the group’s attention.

The attack is largely the same as one of the “AS Mix Up” attack cases in "Comprehensive Security Analysis of OAuth 2.0” by Daniel Fett and colleagues. It’s a kind of in-the-middle and/or phishing attack at its core. 

The attacker has their own authorization server (AAS) which can also act as a client instance. An uncompromised client (UC) instance and an uncompromised authorization server (HAS) are assumed. There is no compromise of secret keys or breaking of TLS in this attack.

1. UC is a client of AAS, and might also be a client of HAS. User wants to authorize at HAS but tells UC to use AAS.
2. UC starts a request at AAS, signed with UC’s key. AAS is imitating HAS.
3. AAS forwards UC’s request parameters (Client nonce, interaction finish URI) to HAS, but signed with AAS’s key.
4. HAS responds with an interaction start URL and server nonce to AAS
5. AAS forwards the interaction start URL and server nonce to UC
6. (Note) HAS is functionally telling the user to show up and interact, but doesn’t realize that the request is being proxied in this way.
7. UC launches interaction start url, which is a function of HAS
8. HAS returns the verification hash and interaction reference to UC
9. UC validates the hash (which is correct) and sends the interaction reference to AAS
10. AAS forwards the interaction reference to HAS 
11. AAS receives an access token for calling an RS protected by HAS. The client receives no access token.

The diagram from the researchers is attached here. I’ll be using the numbers in the text list here like (1) to refer to specific steps.

<PastedGraphic-2.png>
Some preconditions and analysis:

Step (1) is made easier if the client has choice over which AS to talk to for a given request, since that’s how it starts talking to AAS instead of HAS. The danger of allowing a client to choose its AS at runtime has been discussed, but it’s a known pattern that we can’t expect to go away.

AAS is treated as a legitimate client of HAS and UC is a legitimate client of AAS. While dynamic clients can exacerbate this problem at runtime, at no time does HAS always knows the requests are coming from AAS and UC always knows it’s talking to AAS. There is no cryptographic impersonation and no theft of keys. 

The attack occurs because the user and client think they’re dealing with different AS’s, and you can’t expect a user to always be able to tell them apart, especially when the backend calls like (2) are hidden. It’s assumed that the user actually wants to authorize UC for HAS, but UC talks to AAS instead because of configuration (1). AAS can imitate HAS to the user to facilitate (1), and imitate UC to HAS, but only for human-facing portions (7). Static pre-registration makes this more difficult, assuming that all registrations are reviewed by humans. If HAS has no idea that UC exists, it wouldn’t necessarily know that AAS is impersonating anyone.

The token at the end (11), assuming it’s a bound token, is only good with AAS’s key and not UC’s key. This is great for the attacker until UC starts to act funny and raise suspicion, since the process didn’t ever complete. With the OAuth attack, and with bearer tokens in GNAP, the token can be passed through to the UC making UC none the wiser. 

The hash validation (9) does not protect against this specific attack. Since AAS sits in the middle, it has access to the Client nonce from UC, the server nonce from AAS, and the interaction reference at the appropriate times. AAS doesn’t need to generate the hash, but can force HAS to generate an appropriate hash.

The proposed mitigation(s): 

In OAuth 2, the accepted mitigation is to provide another query parameter with the “issuer” URL of the AS. We could do that here, but that would have the same downsides: the client has to check this value explicitly. Therefore we’re proposing that instead we use the existing validation hash algorithm and add an additional field. This would need to be something known to UC and HAS that can’t be impersonated by AAS, even if it’s known. Therefore, it makes sense to use something that’s derived. There are a few ideas of what to do here, each with benefits and drawbacks:

- The grant endpoint of the AS that the client instance is talking to.
- The continuation endpoint that the client instance will send the interaction reference to. (This might be different from the above)
- The continuation access token value
- A key hash for the AS the client is talking to (TLS key to one of these endpoints? Some other external key added to the mix?)

The important thing here is that it’s a value that’s known but not a shared-secret that’s passed between parties. The client doesn’t need to check anything new, just needs to do the hash validation that it should be doing anyway.

Requested feedback:

The editors are requesting feedback and discussion on the attack and the proposed mitigation strategy. As a group, we would also benefit from additional formal analysis of the protocol with and without the mitigation in place. Additionally, we need to be sure we aren’t accidentally cutting off a legitimate use case, like AS bridges and proxies that aren’t trying to hide their presence.

 — Justin

--
TXAuth mailing list
TXAuth@ietf.org
https://www.ietf.org/mailman/listinfo/txauth

From nobody Sat Jun 5 12:43:51 2021 Return-Path: X-Original-To: txauth@ietfa.amsl.com Delivered-To: txauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6F85C3A2DBC for ; Sat, 5 Jun 2021 12:43:49 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.999 X-Spam-Level: X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, MIME_HTML_ONLY=0.1, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=verifiablecredentials.info Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4CQ_RoMtBf4x for ; Sat, 5 Jun 2021 12:43:44 -0700 (PDT) Received: from client-mail2.aiso.net (client-mail2.aiso.net [199.19.158.252]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CCA533A2DBA for ; Sat, 5 Jun 2021 12:43:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=verifiablecredentials.info; s=mail; h=Content-Transfer-Encoding: Content-Type:In-Reply-To:MIME-Version:Date:Message-ID:From:References:Cc:To: Subject:Sender:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=KggaDhHiO+lg0VC0IQIhY+3++OW9mxNw/ZBNOs33ljU=; b=BYgdZkPvgp3LCYqkmXgL8ObWHk RKNIuHzGeBeYAgH3X7M5EJEcASaig+yJJqlQoliZcZciMm2OvPRmF1wkcFXNlM5jIZ8Kia5CS6E1b pMkiLxT9J0d8Xml46UO/tbE+4UOn9Idoh37OKl3gFG58VyfFC3eN0lmgrN3g2hsTpDg0=; Received: from [146.200.52.122] (helo=AdministorsMBP2.lan) by client-mail2.aiso.net (envelope-from ) with esmtpsa (TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.94.2) id 1lpcCs-0009Pk-19; Sat, 05 Jun 2021 12:43:44 -0700 To: Justin Richer Cc: txauth@ietf.org References: <3950725f-26e5-0eb5-92bb-5e2ed977ac85@verifiablecredentials.info> <429623E4-5C45-474C-801A-6953E803BAE6@mit.edu> <7deb4b8f-6d2e-c386-23d6-7286a5077cc6@verifiablecredentials.info> From: David Chadwick Organization: Verifiable Credentials Ltd Message-ID: Date: Sat, 5 Jun 2021 20:43:39 +0100 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.10.2 MIME-Version: 1.0 In-Reply-To: Content-Type: text/html; charset=utf-8 Content-Language: en-GB Content-Transfer-Encoding: 8bit X-AISO-Id: info@verifiablecredentials.info X-AISO-Outbound-SA-Spam-Score: 0.7 X-AISO-Outbound-SA-Spam-Score-Int: 7 X-AISO-Outbound-SA-Spam-Report: BAYES_00=-1.9, HTML_MESSAGE=0.001, KAM_INFOUSMEBIZ=2.5, MIME_HTML_ONLY=0.1, NICE_REPLY_A=-0.001 X-AISO-Report-Abuse: abuse@aiso.net Archived-At: Subject: Re: [GNAP] Mix Up Attack against GNAP X-BeenThere: txauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: GNAP List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 05 Jun 2021 19:43:50 -0000

But the start URL has HAS in it (message 5), when the client was talking to AAS. So this should be sufficient should it not to determine that something is wrong? Especially if SOP is being enforced, then the url of HAS and AAS wont have the same origin

Kind regards

David

On 05/06/2021 17:39, Justin Richer wrote:
But that’s what I’m saying — the client knows it’s talking to AAS and not HAS so with this kind of solution it would just create a message cryptographically tagged to AAS. And then on the next step, AAS creates a message cryptographically bound to HAS. So even if the client already says “this message is for AAS” explicitly, the attack surface doesn’t change. Only if the client thought it was talking to HAS would this make a difference, but that’s not what’s happening here. This, I believe, is what makes this kind of attack much more subtle than a simple message relay.

 — Justin

On Jun 5, 2021, at 11:09 AM, David Chadwick <d.w.chadwick@verifiablecredentials.info> wrote:

Hi Justin

the point I am making is that the message created by the Client must be received by the ultimate recipient, knowing that the Client created it and that the ultimate recipient is the intended recipient. In the current flow both recipients know they are the intended recipients, but also know that different clients are talking to them. Thus any solution must have the message originator cryptographically protecting both the sender and recipient addresses. Once you do this, you thwart the current vulnerability.

Kind regards

David

On 05/06/2021 15:51, Justin Richer wrote:
Hi David,

I think it’s similar to message forwarding, but there’s one important difference — the AAS already is modifying the message to HAS. It doesn’t need to forward the complete message from (2), it creates a brand new message in (3) and signs it with its own key. So the client knows it’s talking to AAS and vice versa, and AAS knows it’s talking to HAS and vice versa. What’s different is that AAS is able to take pieces out of the (valid) message from the client and make its own message out of those parts, and then get value out of that.

But that does raise an interesting question: what if ASS :did: simply forward the signed message from the client to HAS? The signature method would need to protect the target of the HTTP request, but I think that should already be covered in most of the signature methods. We need to put some focus on these signature methods directly in the near future, so that’s something to keep in mind here.

 — Justin

On Jun 5, 2021, at 8:26 AM, David Chadwick <d.w.chadwick@verifiablecredentials.info> wrote:

This attack is similar to surreptitious forwarding (message 3). One solution is for the sender (Client) to identify the recipient in message 2 so that it cannot be altered by the AAS when it creates message 3. The grant endpoint of the AS that the client instance is talking to would seem to fit this solution

Kind regards

David

On 04/06/2021 15:59, Justin Richer wrote:
This week, some researchers reached out to the editors to describe an attack against GNAP in the front channel that’s inherited from OAuth 2. I will describe the attack, list out its preconditions, and then describe a proposed solution space. We’re looking for input and feedback from the group on managing this solution.

But first, many thanks to Åke Axeland and Adam Omar Oueidat for doing this analysis, putting together the diagram below, and bringing it to the group’s attention.

The attack is largely the same as one of the “AS Mix Up” attack cases in "Comprehensive Security Analysis of OAuth 2.0” by Daniel Fett and colleagues. It’s a kind of in-the-middle and/or phishing attack at its core. 

The attacker has their own authorization server (AAS) which can also act as a client instance. An uncompromised client (UC) instance and an uncompromised authorization server (HAS) are assumed. There is no compromise of secret keys or breaking of TLS in this attack.

1. UC is a client of AAS, and might also be a client of HAS. User wants to authorize at HAS but tells UC to use AAS.
2. UC starts a request at AAS, signed with UC’s key. AAS is imitating HAS.
3. AAS forwards UC’s request parameters (Client nonce, interaction finish URI) to HAS, but signed with AAS’s key.
4. HAS responds with an interaction start URL and server nonce to AAS
5. AAS forwards the interaction start URL and server nonce to UC
6. (Note) HAS is functionally telling the user to show up and interact, but doesn’t realize that the request is being proxied in this way.
7. UC launches interaction start url, which is a function of HAS
8. HAS returns the verification hash and interaction reference to UC
9. UC validates the hash (which is correct) and sends the interaction reference to AAS
10. AAS forwards the interaction reference to HAS 
11. AAS receives an access token for calling an RS protected by HAS. The client receives no access token.

The diagram from the researchers is attached here. I’ll be using the numbers in the text list here like (1) to refer to specific steps.

<PastedGraphic-2.png>
Some preconditions and analysis:

Step (1) is made easier if the client has choice over which AS to talk to for a given request, since that’s how it starts talking to AAS instead of HAS. The danger of allowing a client to choose its AS at runtime has been discussed, but it’s a known pattern that we can’t expect to go away.

AAS is treated as a legitimate client of HAS and UC is a legitimate client of AAS. While dynamic clients can exacerbate this problem at runtime, at no time does HAS always knows the requests are coming from AAS and UC always knows it’s talking to AAS. There is no cryptographic impersonation and no theft of keys. 

The attack occurs because the user and client think they’re dealing with different AS’s, and you can’t expect a user to always be able to tell them apart, especially when the backend calls like (2) are hidden. It’s assumed that the user actually wants to authorize UC for HAS, but UC talks to AAS instead because of configuration (1). AAS can imitate HAS to the user to facilitate (1), and imitate UC to HAS, but only for human-facing portions (7). Static pre-registration makes this more difficult, assuming that all registrations are reviewed by humans. If HAS has no idea that UC exists, it wouldn’t necessarily know that AAS is impersonating anyone.

The token at the end (11), assuming it’s a bound token, is only good with AAS’s key and not UC’s key. This is great for the attacker until UC starts to act funny and raise suspicion, since the process didn’t ever complete. With the OAuth attack, and with bearer tokens in GNAP, the token can be passed through to the UC making UC none the wiser. 

The hash validation (9) does not protect against this specific attack. Since AAS sits in the middle, it has access to the Client nonce from UC, the server nonce from AAS, and the interaction reference at the appropriate times. AAS doesn’t need to generate the hash, but can force HAS to generate an appropriate hash.

The proposed mitigation(s): 

In OAuth 2, the accepted mitigation is to provide another query parameter with the “issuer” URL of the AS. We could do that here, but that would have the same downsides: the client has to check this value explicitly. Therefore we’re proposing that instead we use the existing validation hash algorithm and add an additional field. This would need to be something known to UC and HAS that can’t be impersonated by AAS, even if it’s known. Therefore, it makes sense to use something that’s derived. There are a few ideas of what to do here, each with benefits and drawbacks:

- The grant endpoint of the AS that the client instance is talking to.
- The continuation endpoint that the client instance will send the interaction reference to. (This might be different from the above)
- The continuation access token value
- A key hash for the AS the client is talking to (TLS key to one of these endpoints? Some other external key added to the mix?)

The important thing here is that it’s a value that’s known but not a shared-secret that’s passed between parties. The client doesn’t need to check anything new, just needs to do the hash validation that it should be doing anyway.

Requested feedback:

The editors are requesting feedback and discussion on the attack and the proposed mitigation strategy. As a group, we would also benefit from additional formal analysis of the protocol with and without the mitigation in place. Additionally, we need to be sure we aren’t accidentally cutting off a legitimate use case, like AS bridges and proxies that aren’t trying to hide their presence.

 — Justin

--
TXAuth mailing list
TXAuth@ietf.org
https://www.ietf.org/mailman/listinfo/txauth


From nobody Sat Jun 5 13:35:45 2021 Return-Path: X-Original-To: txauth@ietfa.amsl.com Delivered-To: txauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8D94D3A2F69 for ; Sat, 5 Jun 2021 13:35:35 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.496 X-Spam-Level: X-Spam-Status: No, score=-1.496 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, KHOP_HELO_FCRDNS=0.398, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5L9-uMicrksR for ; Sat, 5 Jun 2021 13:35:31 -0700 (PDT) Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1F49B3A2F77 for ; Sat, 5 Jun 2021 13:35:30 -0700 (PDT) Received: from [192.168.1.49] (static-71-174-62-56.bstnma.fios.verizon.net [71.174.62.56]) (authenticated bits=0) (User authenticated as jricher@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 155KZQ8w023904 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sat, 5 Jun 2021 16:35:27 -0400 From: Justin Richer Message-Id: <9259F10A-7E27-4D1B-BF3C-32905928F847@mit.edu> Content-Type: multipart/alternative; boundary="Apple-Mail=_5C852970-5BE3-48D5-9114-A9D5E2D8065A" Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.6\)) Date: Sat, 5 Jun 2021 16:35:26 -0400 In-Reply-To: Cc: txauth@ietf.org To: David Chadwick References: <3950725f-26e5-0eb5-92bb-5e2ed977ac85@verifiablecredentials.info> <429623E4-5C45-474C-801A-6953E803BAE6@mit.edu> <7deb4b8f-6d2e-c386-23d6-7286a5077cc6@verifiablecredentials.info> X-Mailer: Apple Mail (2.3608.120.23.2.6) Archived-At: Subject: Re: [GNAP] Mix Up Attack against GNAP X-BeenThere: txauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: GNAP List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 05 Jun 2021 20:35:45 -0000 --Apple-Mail=_5C852970-5BE3-48D5-9114-A9D5E2D8065A Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 It=E2=80=99s completely reasonable for any legitimate AS to split the = hosting of its user-facing stuff from its backend stuff. Google already = does this with OAuth/OIDC today, and expecting this to change to = something more constrained would be a non-starter for many deployments. = Additionally, we can=E2=80=99t assume that everything is web-based and = that things are happening within a browser. Furthermore, relying on the = client to do some kind of comparison between the URL it starts the = transaction with and the URL used for interaction is going to lead to = misbehaving clients simply being more susceptible to this and related = attacks. I=E2=80=99m of the school of thought that we should expect the = minimum number of very specific things from the client in order to = enforce security principles. =E2=80=94 Justin > On Jun 5, 2021, at 3:43 PM, David Chadwick = wrote: >=20 > But the start URL has HAS in it (message 5), when the client was = talking to AAS. So this should be sufficient should it not to determine = that something is wrong? Especially if SOP is being enforced, then the = url of HAS and AAS wont have the same origin >=20 > Kind regards >=20 > David >=20 > On 05/06/2021 17:39, Justin Richer wrote: >> But that=E2=80=99s what I=E2=80=99m saying =E2=80=94 the client knows = it=E2=80=99s talking to AAS and not HAS so with this kind of solution it = would just create a message cryptographically tagged to AAS. And then on = the next step, AAS creates a message cryptographically bound to HAS. So = even if the client already says =E2=80=9Cthis message is for AAS=E2=80=9D = explicitly, the attack surface doesn=E2=80=99t change. Only if the = client thought it was talking to HAS would this make a difference, but = that=E2=80=99s not what=E2=80=99s happening here. This, I believe, is = what makes this kind of attack much more subtle than a simple message = relay. >>=20 >> =E2=80=94 Justin >>=20 >>> On Jun 5, 2021, at 11:09 AM, David Chadwick = > wrote: >>>=20 >>> Hi Justin >>>=20 >>> the point I am making is that the message created by the Client must = be received by the ultimate recipient, knowing that the Client created = it and that the ultimate recipient is the intended recipient. In the = current flow both recipients know they are the intended recipients, but = also know that different clients are talking to them. Thus any solution = must have the message originator cryptographically protecting both the = sender and recipient addresses. Once you do this, you thwart the current = vulnerability. >>>=20 >>> Kind regards >>>=20 >>> David >>>=20 >>> On 05/06/2021 15:51, Justin Richer wrote: >>>> Hi David, >>>>=20 >>>> I think it=E2=80=99s similar to message forwarding, but there=E2=80=99= s one important difference =E2=80=94 the AAS already is modifying the = message to HAS. It doesn=E2=80=99t need to forward the complete message = from (2), it creates a brand new message in (3) and signs it with its = own key. So the client knows it=E2=80=99s talking to AAS and vice versa, = and AAS knows it=E2=80=99s talking to HAS and vice versa. What=E2=80=99s = different is that AAS is able to take pieces out of the (valid) message = from the client and make its own message out of those parts, and then = get value out of that. >>>>=20 >>>> But that does raise an interesting question: what if ASS :did: = simply forward the signed message from the client to HAS? The signature = method would need to protect the target of the HTTP request, but I think = that should already be covered in most of the signature methods. We need = to put some focus on these signature methods directly in the near = future, so that=E2=80=99s something to keep in mind here. >>>>=20 >>>> =E2=80=94 Justin >>>>=20 >>>>> On Jun 5, 2021, at 8:26 AM, David Chadwick = > wrote: >>>>>=20 >>>>> This attack is similar to surreptitious forwarding (message 3). = One solution is for the sender (Client) to identify the recipient in = message 2 so that it cannot be altered by the AAS when it creates = message 3. The grant endpoint of the AS that the client instance is = talking to would seem to fit this solution >>>>>=20 >>>>> Kind regards >>>>>=20 >>>>> David >>>>>=20 >>>>> On 04/06/2021 15:59, Justin Richer wrote: >>>>>> This week, some researchers reached out to the editors to = describe an attack against GNAP in the front channel that=E2=80=99s = inherited from OAuth 2. I will describe the attack, list out its = preconditions, and then describe a proposed solution space. We=E2=80=99re = looking for input and feedback from the group on managing this solution. >>>>>>=20 >>>>>> But first, many thanks to =C3=85ke Axeland and Adam Omar Oueidat = for doing this analysis, putting together the diagram below, and = bringing it to the group=E2=80=99s attention. >>>>>>=20 >>>>>> The attack is largely the same as one of the =E2=80=9CAS Mix = Up=E2=80=9D attack cases in "Comprehensive Security Analysis of OAuth = 2.0=E2=80=9D by Daniel Fett and colleagues. It=E2=80=99s a kind of = in-the-middle and/or phishing attack at its core.=20 >>>>>>=20 >>>>>> The attacker has their own authorization server (AAS) which can = also act as a client instance. An uncompromised client (UC) instance and = an uncompromised authorization server (HAS) are assumed. There is no = compromise of secret keys or breaking of TLS in this attack. >>>>>>=20 >>>>>> 1. UC is a client of AAS, and might also be a client of HAS. User = wants to authorize at HAS but tells UC to use AAS. >>>>>> 2. UC starts a request at AAS, signed with UC=E2=80=99s key. AAS = is imitating HAS. >>>>>> 3. AAS forwards UC=E2=80=99s request parameters (Client nonce, = interaction finish URI) to HAS, but signed with AAS=E2=80=99s key. >>>>>> 4. HAS responds with an interaction start URL and server nonce to = AAS >>>>>> 5. AAS forwards the interaction start URL and server nonce to UC >>>>>> 6. (Note) HAS is functionally telling the user to show up and = interact, but doesn=E2=80=99t realize that the request is being proxied = in this way. >>>>>> 7. UC launches interaction start url, which is a function of HAS >>>>>> 8. HAS returns the verification hash and interaction reference to = UC >>>>>> 9. UC validates the hash (which is correct) and sends the = interaction reference to AAS >>>>>> 10. AAS forwards the interaction reference to HAS=20 >>>>>> 11. AAS receives an access token for calling an RS protected by = HAS. The client receives no access token. >>>>>>=20 >>>>>> The diagram from the researchers is attached here. I=E2=80=99ll = be using the numbers in the text list here like (1) to refer to specific = steps. >>>>>>=20 >>>>>> >>>>>> Some preconditions and analysis: >>>>>>=20 >>>>>> Step (1) is made easier if the client has choice over which AS to = talk to for a given request, since that=E2=80=99s how it starts talking = to AAS instead of HAS. The danger of allowing a client to choose its AS = at runtime has been discussed, but it=E2=80=99s a known pattern that we = can=E2=80=99t expect to go away. >>>>>>=20 >>>>>> AAS is treated as a legitimate client of HAS and UC is a = legitimate client of AAS. While dynamic clients can exacerbate this = problem at runtime, at no time does HAS always knows the requests are = coming from AAS and UC always knows it=E2=80=99s talking to AAS. There = is no cryptographic impersonation and no theft of keys.=20 >>>>>>=20 >>>>>> The attack occurs because the user and client think they=E2=80=99re= dealing with different AS=E2=80=99s, and you can=E2=80=99t expect a = user to always be able to tell them apart, especially when the backend = calls like (2) are hidden. It=E2=80=99s assumed that the user actually = wants to authorize UC for HAS, but UC talks to AAS instead because of = configuration (1). AAS can imitate HAS to the user to facilitate (1), = and imitate UC to HAS, but only for human-facing portions (7). Static = pre-registration makes this more difficult, assuming that all = registrations are reviewed by humans. If HAS has no idea that UC exists, = it wouldn=E2=80=99t necessarily know that AAS is impersonating anyone. >>>>>>=20 >>>>>> The token at the end (11), assuming it=E2=80=99s a bound token, = is only good with AAS=E2=80=99s key and not UC=E2=80=99s key. This is = great for the attacker until UC starts to act funny and raise suspicion, = since the process didn=E2=80=99t ever complete. With the OAuth attack, = and with bearer tokens in GNAP, the token can be passed through to the = UC making UC none the wiser.=20 >>>>>>=20 >>>>>> The hash validation (9) does not protect against this specific = attack. Since AAS sits in the middle, it has access to the Client nonce = from UC, the server nonce from AAS, and the interaction reference at the = appropriate times. AAS doesn=E2=80=99t need to generate the hash, but = can force HAS to generate an appropriate hash. >>>>>>=20 >>>>>> The proposed mitigation(s):=20 >>>>>>=20 >>>>>> In OAuth 2, the accepted mitigation is to provide another query = parameter with the =E2=80=9Cissuer=E2=80=9D URL of the AS. We could do = that here, but that would have the same downsides: the client has to = check this value explicitly. Therefore we=E2=80=99re proposing that = instead we use the existing validation hash algorithm and add an = additional field. This would need to be something known to UC and HAS = that can=E2=80=99t be impersonated by AAS, even if it=E2=80=99s known. = Therefore, it makes sense to use something that=E2=80=99s derived. There = are a few ideas of what to do here, each with benefits and drawbacks: >>>>>>=20 >>>>>> - The grant endpoint of the AS that the client instance is = talking to. >>>>>> - The continuation endpoint that the client instance will send = the interaction reference to. (This might be different from the above) >>>>>> - The continuation access token value >>>>>> - A key hash for the AS the client is talking to (TLS key to one = of these endpoints? Some other external key added to the mix?) >>>>>>=20 >>>>>> The important thing here is that it=E2=80=99s a value that=E2=80=99= s known but not a shared-secret that=E2=80=99s passed between parties. = The client doesn=E2=80=99t need to check anything new, just needs to do = the hash validation that it should be doing anyway. >>>>>>=20 >>>>>> Requested feedback: >>>>>>=20 >>>>>> The editors are requesting feedback and discussion on the attack = and the proposed mitigation strategy. As a group, we would also benefit = from additional formal analysis of the protocol with and without the = mitigation in place. Additionally, we need to be sure we aren=E2=80=99t = accidentally cutting off a legitimate use case, like AS bridges and = proxies that aren=E2=80=99t trying to hide their presence. >>>>>>=20 >>>>>> =E2=80=94 Justin >>>>>>=20 >>>>>>=20 >>>>> --=20 >>>>> TXAuth mailing list >>>>> TXAuth@ietf.org >>>>> https://www.ietf.org/mailman/listinfo/txauth = >>>>=20 >>=20 --Apple-Mail=_5C852970-5BE3-48D5-9114-A9D5E2D8065A Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8 It=E2=80=99s completely reasonable for any legitimate AS to = split the hosting of its user-facing stuff from its backend stuff. = Google already does this with OAuth/OIDC today, and expecting this to = change to something more constrained would be a non-starter for many = deployments. Additionally, we can=E2=80=99t assume that everything is = web-based and that things are happening within a browser. Furthermore, = relying on the client to do some kind of comparison between the URL it = starts the transaction with and the URL used for interaction is going to = lead to misbehaving clients simply being more susceptible to this and = related attacks. I=E2=80=99m of the school of thought that we should = expect the minimum number of very specific things from the client in = order to enforce security principles.

 =E2=80=94 Justin

On Jun 5, 2021, at 3:43 PM, David Chadwick <d.w.chadwick@verifiablecredentials.info> = wrote:

=20

But the start URL has HAS in it (message = 5), when the client was talking to AAS. So this should be sufficient should it not to determine that something is wrong? Especially if SOP is being enforced, then the url of HAS and AAS wont have the same = origin

Kind regards

David
=

On 05/06/2021 17:39, Justin Richer wrote:
=20 But that=E2=80=99s what I=E2=80=99m saying =E2=80=94 the client = knows it=E2=80=99s talking to AAS and not HAS so with this kind of solution it would just create a message cryptographically tagged to AAS. And then on the next step, AAS creates a message cryptographically bound to HAS. So even if the client already says =E2=80=9Cthis message is for = AAS=E2=80=9D explicitly, the attack surface doesn=E2=80=99t change. Only if the = client thought it was talking to HAS would this make a difference, but that=E2=80=99s not what=E2=80=99s happening here. This, I believe, = is what makes this kind of attack much more subtle than a simple message relay.

 =E2=80=94 Justin

On Jun 5, 2021, at 11:09 AM, David Chadwick <d.w.chadwick@verifiablecredentials.info> wrote:

=20

Hi Justin

the= point I am making is that the message created by the Client must be received by the ultimate recipient, knowing that the Client created it and that the ultimate recipient is the intended recipient. In the current flow both recipients know they are the intended recipients, but also know that different clients are talking to them. Thus any solution must have the message originator cryptographically protecting both the sender and recipient addresses. Once you do this, you thwart the current vulnerability.

Kind regards

David

On 05/06/2021 15:51, = Justin Richer wrote:
Hi = David,

I think it=E2=80=99s similar to = message forwarding, but there=E2=80=99s one important = difference =E2=80=94 the AAS already is modifying the message to HAS. It doesn=E2=80=99t need to forward the complete message = from (2), it creates a brand new message in (3) and signs it with its own key. So the client knows it=E2=80=99s talking to AAS and vice versa, and AAS knows it=E2=80=99= s talking to HAS and vice versa. What=E2=80=99s = different is that AAS is able to take pieces out of the (valid) message from the client and make its own message out of those parts, and then get value out of = that.

But that does raise an interesting question: what if ASS :did: simply forward the signed message from the client to HAS? The signature method would need to protect the target of the HTTP request, but I think that should already be covered in most of the signature methods. We need to put some focus on these signature methods directly in the near future, so that=E2=80=99s something to keep = in mind here.

 =E2=80=94 Justin

On Jun 5, 2021, at 8:26 AM, = David Chadwick <d.w.chadwick@verifiablecredentials.info> wrote:

This attack is = similar to surreptitious forwarding (message 3). One solution is for the sender (Client) to identify the recipient in message 2 so that it cannot be altered by the AAS when it creates message 3. The grant endpoint of the AS that the client instance is talking to would seem to fit this = solution

Kind regards

David

On 04/06/2021 15:59, Justin Richer wrote:
= This week, some researchers reached out to the editors to describe an attack against GNAP in the front channel that=E2=80=99s inherited from OAuth 2. I = will describe the attack, list out its preconditions, and then describe a proposed solution space. We=E2=80=99re = looking for input and feedback from the group on managing this solution.

But first, many thanks to =C3=85ke Axeland and Adam Omar Oueidat = for doing this analysis, putting together the diagram below, and bringing it to the group=E2=80=99s attention.

The attack is largely the same as one of the =E2=80=9CAS Mix Up=E2=80= =9D attack cases in "Comprehensive Security Analysis of OAuth 2.0=E2=80=9D by = Daniel Fett and colleagues. It=E2=80=99s a kind of in-the-middle and/or phishing attack at its core. 

The attacker has their own authorization server (AAS) which can also act as a client instance. An uncompromised client (UC) instance and an uncompromised authorization server (HAS) are assumed. There is no compromise of secret keys or breaking of TLS in this attack.

1. UC is a client of AAS, and might also be a client of HAS. User wants to authorize at HAS but tells UC to use AAS.
2. UC starts a request at AAS, signed with UC=E2=80=99s key. AAS = is imitating HAS.
3. AAS forwards UC=E2=80=99s= request parameters (Client nonce, interaction finish URI) to HAS, but signed with AAS=E2=80=99s key.
4. HAS responds with an interaction start URL and server nonce to AAS
5. AAS forwards the interaction start URL and server nonce to UC
6. (Note) HAS is functionally telling the user to show up and interact, but doesn=E2=80=99t = realize that the request is being proxied in this way.
7. UC launches interaction start url, which is a function of = HAS
8. HAS returns the verification hash and interaction reference to UC
9. UC validates the hash (which is correct) and sends the interaction reference to AAS
10. AAS forwards the interaction reference to HAS 
11. AAS receives an access token for calling an RS protected by HAS. The client receives no access token.

The diagram from the researchers is attached here. I=E2=80=99ll= be using the numbers in the text list here like (1) to refer to specific = steps.

<PastedGraphic-2.png>
Some preconditions and analysis:

Step (1) is made easier if the client has choice over which AS to talk to for a given request, since that=E2=80=99s how it starts talking to = AAS instead of HAS. The danger of allowing a client to choose its AS at runtime has been discussed, but it=E2=80=99s a known = pattern that we can=E2=80=99t expect to go = away.

AAS is treated as a legitimate client of HAS and UC is a legitimate client of AAS. While dynamic clients can exacerbate this problem at runtime, at no time does HAS always knows the requests are coming from AAS and UC always knows it=E2=80=99s talking = to AAS. There is no cryptographic impersonation and no theft of keys. 

The attack occurs because the user and client think they=E2=80=99re dealing with different AS=E2=80=99s, and = you can=E2=80=99t expect a user to always be = able to tell them apart, especially when the backend calls like (2) are hidden. = It=E2=80=99s assumed that the user actually wants to authorize UC for HAS, but UC talks to AAS instead because of configuration (1). AAS can imitate HAS to the user to facilitate (1), and imitate UC to HAS, but only for human-facing portions (7). Static pre-registration makes this more difficult, assuming that all registrations are reviewed by humans. If HAS has no idea that UC exists, it wouldn=E2=80=99t necessarily know that = AAS is impersonating anyone.

The token at the end (11), assuming it=E2=80=99s a bound token, is = only good with AAS=E2=80=99s key and not = UC=E2=80=99s key. This is great for the attacker until UC starts to act funny and raise suspicion, since the process didn=E2=80=99t ever = complete. With the OAuth attack, and with bearer tokens in GNAP, the token can be passed through to the UC making UC none the wiser. 

The hash validation (9) = does not protect against this specific attack. Since AAS sits in the middle, it has access to the Client nonce from UC, the server nonce from AAS, and the interaction reference at the appropriate times. AAS doesn=E2=80=99t need to = generate the hash, but can force HAS to generate an appropriate hash.

The proposed mitigation(s): 

In OAuth 2, the accepted mitigation is to provide another query parameter with the =E2=80=9Cissuer=E2=80=9D= URL of the AS. We could do that here, but that would have the same downsides: the client has to check this value explicitly. Therefore we=E2=80=99re = proposing that instead we use the existing validation hash algorithm and add an additional field. This would need to be something known to UC and HAS that = can=E2=80=99t be impersonated by AAS, even if it=E2=80=99= s known. Therefore, it makes sense to use something that=E2=80=99s derived. There = are a few ideas of what to do here, each with benefits and drawbacks:

- The grant endpoint of = the AS that the client instance is talking to.
- The continuation = endpoint that the client instance will send the interaction reference to. (This might be different from the above)
- The continuation access token value
- A key hash for the AS = the client is talking to (TLS key to one of these endpoints? Some other external key added to the mix?)

The important thing here = is that it=E2=80=99s a value that=E2=80=99s = known but not a shared-secret that=E2=80=99s passed = between parties. The client doesn=E2=80=99t need = to check anything new, just needs to do the hash validation that it should be doing anyway.

Requested feedback:

The editors are requesting feedback and discussion on the attack and the proposed mitigation strategy. As a group, we would also benefit from additional formal analysis of the protocol with and without the mitigation in place. Additionally, we need to be sure we aren=E2=80=99t accidentally = cutting off a legitimate use case, like AS bridges and proxies that aren=E2=80=99t trying = to hide their presence.

 =E2=80=94 = Justin

--
TXAuth mailing list
TXAuth@ietf.org
https://www.ietf.org/mailman/listinfo/txauth<= br class=3D"">



= --Apple-Mail=_5C852970-5BE3-48D5-9114-A9D5E2D8065A-- From nobody Sun Jun 6 01:21:06 2021 Return-Path: X-Original-To: txauth@ietfa.amsl.com Delivered-To: txauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2020D3A1042 for ; Sun, 6 Jun 2021 01:20:58 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.999 X-Spam-Level: X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, MIME_HTML_ONLY=0.1, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=verifiablecredentials.info Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IPmKtBhV2zIS for ; Sun, 6 Jun 2021 01:20:53 -0700 (PDT) Received: from client-mail2.aiso.net (client-mail2.aiso.net [199.19.158.252]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 02B983A104A for ; Sun, 6 Jun 2021 01:20:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=verifiablecredentials.info; s=mail; h=Content-Transfer-Encoding: Content-Type:In-Reply-To:MIME-Version:Date:Message-ID:From:References:Cc:To: Subject:Sender:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=6GhxEaTlT9DahXYcyCMfP9WAkk90aDkeW+COqpVdchM=; b=edHcmp+YaWsOYgUsg8UoniDri8 9F0sA8IAcYVX83jB4uVjKY8mPEFis5s+41ym0wPEyBCWdMTdFaKyRwIs+6G9hqe5X5By9pPBpdKzR SBLtIBOxAXwFN412EwXNXDaEQ5kU6/ZqR8nvSnhbpDJ4JOvAXaWv8GKESliF/LiEUdfw=; Received: from [146.200.52.122] (helo=AdministorsMBP2.lan) by client-mail2.aiso.net (envelope-from ) with esmtpsa (TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.94.2) id 1lpo1X-0008Xc-5Y; Sun, 06 Jun 2021 01:20:51 -0700 To: Justin Richer Cc: txauth@ietf.org References: <3950725f-26e5-0eb5-92bb-5e2ed977ac85@verifiablecredentials.info> <429623E4-5C45-474C-801A-6953E803BAE6@mit.edu> <7deb4b8f-6d2e-c386-23d6-7286a5077cc6@verifiablecredentials.info> <9259F10A-7E27-4D1B-BF3C-32905928F847@mit.edu> From: David Chadwick Organization: Verifiable Credentials Ltd Message-ID: <9482fcaa-80ae-83e6-eec9-0b757df4b900@verifiablecredentials.info> Date: Sun, 6 Jun 2021 09:20:44 +0100 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.10.2 MIME-Version: 1.0 In-Reply-To: <9259F10A-7E27-4D1B-BF3C-32905928F847@mit.edu> Content-Type: text/html; charset=utf-8 Content-Language: en-GB Content-Transfer-Encoding: 8bit X-AISO-Id: info@verifiablecredentials.info X-AISO-Outbound-SA-Spam-Score: 0.7 X-AISO-Outbound-SA-Spam-Score-Int: 7 X-AISO-Outbound-SA-Spam-Report: BAYES_00=-1.9, HTML_MESSAGE=0.001, KAM_INFOUSMEBIZ=2.5, MIME_HTML_ONLY=0.1, NICE_REPLY_A=-0.001 X-AISO-Report-Abuse: abuse@aiso.net Archived-At: Subject: Re: [GNAP] Mix Up Attack against GNAP X-BeenThere: txauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: GNAP List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Jun 2021 08:21:04 -0000

So effectively you are saying that a client can be redirected to anywhere in the world and not know whether this is correct or not, or, it has to assume that it is correct regardless of where it is. In this case I suggest that these two locations should share a secret that they can both give to the client so that it knows these two endpoints are collaborating together. If you use something like the OIDC PKCE scheme then the first endpoint can send the hash of the secret, and the second endpoint can send the secret itself for the client to hash.

Kind regards

David

On 05/06/2021 21:35, Justin Richer wrote:
It’s completely reasonable for any legitimate AS to split the hosting of its user-facing stuff from its backend stuff. Google already does this with OAuth/OIDC today, and expecting this to change to something more constrained would be a non-starter for many deployments. Additionally, we can’t assume that everything is web-based and that things are happening within a browser. Furthermore, relying on the client to do some kind of comparison between the URL it starts the transaction with and the URL used for interaction is going to lead to misbehaving clients simply being more susceptible to this and related attacks. I’m of the school of thought that we should expect the minimum number of very specific things from the client in order to enforce security principles.

 — Justin

On Jun 5, 2021, at 3:43 PM, David Chadwick <d.w.chadwick@verifiablecredentials.info> wrote:

But the start URL has HAS in it (message 5), when the client was talking to AAS. So this should be sufficient should it not to determine that something is wrong? Especially if SOP is being enforced, then the url of HAS and AAS wont have the same origin

Kind regards

David

On 05/06/2021 17:39, Justin Richer wrote:
But that’s what I’m saying — the client knows it’s talking to AAS and not HAS so with this kind of solution it would just create a message cryptographically tagged to AAS. And then on the next step, AAS creates a message cryptographically bound to HAS. So even if the client already says “this message is for AAS” explicitly, the attack surface doesn’t change. Only if the client thought it was talking to HAS would this make a difference, but that’s not what’s happening here. This, I believe, is what makes this kind of attack much more subtle than a simple message relay.

 — Justin

On Jun 5, 2021, at 11:09 AM, David Chadwick <d.w.chadwick@verifiablecredentials.info> wrote:

Hi Justin

the point I am making is that the message created by the Client must be received by the ultimate recipient, knowing that the Client created it and that the ultimate recipient is the intended recipient. In the current flow both recipients know they are the intended recipients, but also know that different clients are talking to them. Thus any solution must have the message originator cryptographically protecting both the sender and recipient addresses. Once you do this, you thwart the current vulnerability.

Kind regards

David

On 05/06/2021 15:51, Justin Richer wrote:
Hi David,

I think it’s similar to message forwarding, but there’s one important difference — the AAS already is modifying the message to HAS. It doesn’t need to forward the complete message from (2), it creates a brand new message in (3) and signs it with its own key. So the client knows it’s talking to AAS and vice versa, and AAS knows it’s talking to HAS and vice versa. What’s different is that AAS is able to take pieces out of the (valid) message from the client and make its own message out of those parts, and then get value out of that.

But that does raise an interesting question: what if ASS :did: simply forward the signed message from the client to HAS? The signature method would need to protect the target of the HTTP request, but I think that should already be covered in most of the signature methods. We need to put some focus on these signature methods directly in the near future, so that’s something to keep in mind here.

 — Justin

On Jun 5, 2021, at 8:26 AM, David Chadwick <d.w.chadwick@verifiablecredentials.info> wrote:

This attack is similar to surreptitious forwarding (message 3). One solution is for the sender (Client) to identify the recipient in message 2 so that it cannot be altered by the AAS when it creates message 3. The grant endpoint of the AS that the client instance is talking to would seem to fit this solution

Kind regards

David

On 04/06/2021 15:59, Justin Richer wrote:
This week, some researchers reached out to the editors to describe an attack against GNAP in the front channel that’s inherited from OAuth 2. I will describe the attack, list out its preconditions, and then describe a proposed solution space. We’re looking for input and feedback from the group on managing this solution.

But first, many thanks to Åke Axeland and Adam Omar Oueidat for doing this analysis, putting together the diagram below, and bringing it to the group’s attention.

The attack is largely the same as one of the “AS Mix Up” attack cases in "Comprehensive Security Analysis of OAuth 2.0” by Daniel Fett and colleagues. It’s a kind of in-the-middle and/or phishing attack at its core. 

The attacker has their own authorization server (AAS) which can also act as a client instance. An uncompromised client (UC) instance and an uncompromised authorization server (HAS) are assumed. There is no compromise of secret keys or breaking of TLS in this attack.

1. UC is a client of AAS, and might also be a client of HAS. User wants to authorize at HAS but tells UC to use AAS.
2. UC starts a request at AAS, signed with UC’s key. AAS is imitating HAS.
3. AAS forwards UC’s request parameters (Client nonce, interaction finish URI) to HAS, but signed with AAS’s key.
4. HAS responds with an interaction start URL and server nonce to AAS
5. AAS forwards the interaction start URL and server nonce to UC
6. (Note) HAS is functionally telling the user to show up and interact, but doesn’t realize that the request is being proxied in this way.
7. UC launches interaction start url, which is a function of HAS
8. HAS returns the verification hash and interaction reference to UC
9. UC validates the hash (which is correct) and sends the interaction reference to AAS
10. AAS forwards the interaction reference to HAS 
11. AAS receives an access token for calling an RS protected by HAS. The client receives no access token.

The diagram from the researchers is attached here. I’ll be using the numbers in the text list here like (1) to refer to specific steps.

<PastedGraphic-2.png>
Some preconditions and analysis:

Step (1) is made easier if the client has choice over which AS to talk to for a given request, since that’s how it starts talking to AAS instead of HAS. The danger of allowing a client to choose its AS at runtime has been discussed, but it’s a known pattern that we can’t expect to go away.

AAS is treated as a legitimate client of HAS and UC is a legitimate client of AAS. While dynamic clients can exacerbate this problem at runtime, at no time does HAS always knows the requests are coming from AAS and UC always knows it’s talking to AAS. There is no cryptographic impersonation and no theft of keys. 

The attack occurs because the user and client think they’re dealing with different AS’s, and you can’t expect a user to always be able to tell them apart, especially when the backend calls like (2) are hidden. It’s assumed that the user actually wants to authorize UC for HAS, but UC talks to AAS instead because of configuration (1). AAS can imitate HAS to the user to facilitate (1), and imitate UC to HAS, but only for human-facing portions (7). Static pre-registration makes this more difficult, assuming that all registrations are reviewed by humans. If HAS has no idea that UC exists, it wouldn’t necessarily know that AAS is impersonating anyone.

The token at the end (11), assuming it’s a bound token, is only good with AAS’s key and not UC’s key. This is great for the attacker until UC starts to act funny and raise suspicion, since the process didn’t ever complete. With the OAuth attack, and with bearer tokens in GNAP, the token can be passed through to the UC making UC none the wiser. 

The hash validation (9) does not protect against this specific attack. Since AAS sits in the middle, it has access to the Client nonce from UC, the server nonce from AAS, and the interaction reference at the appropriate times. AAS doesn’t need to generate the hash, but can force HAS to generate an appropriate hash.

The proposed mitigation(s): 

In OAuth 2, the accepted mitigation is to provide another query parameter with the “issuer” URL of the AS. We could do that here, but that would have the same downsides: the client has to check this value explicitly. Therefore we’re proposing that instead we use the existing validation hash algorithm and add an additional field. This would need to be something known to UC and HAS that can’t be impersonated by AAS, even if it’s known. Therefore, it makes sense to use something that’s derived. There are a few ideas of what to do here, each with benefits and drawbacks:

- The grant endpoint of the AS that the client instance is talking to.
- The continuation endpoint that the client instance will send the interaction reference to. (This might be different from the above)
- The continuation access token value
- A key hash for the AS the client is talking to (TLS key to one of these endpoints? Some other external key added to the mix?)

The important thing here is that it’s a value that’s known but not a shared-secret that’s passed between parties. The client doesn’t need to check anything new, just needs to do the hash validation that it should be doing anyway.

Requested feedback:

The editors are requesting feedback and discussion on the attack and the proposed mitigation strategy. As a group, we would also benefit from additional formal analysis of the protocol with and without the mitigation in place. Additionally, we need to be sure we aren’t accidentally cutting off a legitimate use case, like AS bridges and proxies that aren’t trying to hide their presence.

 — Justin

--
TXAuth mailing list
TXAuth@ietf.org
https://www.ietf.org/mailman/listinfo/txauth



From nobody Sun Jun 6 01:31:42 2021 Return-Path: X-Original-To: txauth@ietfa.amsl.com Delivered-To: txauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6C9693A107E for ; Sun, 6 Jun 2021 01:31:40 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.797 X-Spam-Level: X-Spam-Status: No, score=-2.797 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=mnot.net header.b=Zolc+dyf; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=F7bGVPmH Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pULpVdNGGN5H for ; Sun, 6 Jun 2021 01:31:34 -0700 (PDT) Received: from wout1-smtp.messagingengine.com (wout1-smtp.messagingengine.com [64.147.123.24]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3B9493A1079 for ; Sun, 6 Jun 2021 01:31:34 -0700 (PDT) Received: from compute6.internal (compute6.nyi.internal [10.202.2.46]) by mailout.west.internal (Postfix) with ESMTP id F1A0418A5 for ; Sun, 6 Jun 2021 04:20:17 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute6.internal (MEProxy); Sun, 06 Jun 2021 04:20:18 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mnot.net; h= content-type:mime-version:from:to:subject; s=fm2; bh=uwdlUVlc4vC oRtdNNPH3N03oAVbw0EEmymnAaIWR+ps=; b=Zolc+dyfNRqMMZUVXAaYFDCAvsO pj8TWl1wriMlQu8wT10BuQycv2HsmmrTUQulgPCa/7X8GIhGN4YLR8rGPPbMnPQ9 Z21y1epCQNSKIHWnxLDwRY3XFHX9YM/Zua3hSydagmoVcVczxvVhyJZYcA+zsVKk qUdKm9Y6souSWu2yRT3IRyKGAZW+BrPMcrVpf3WwbmKAgSotJIowePOK5k49jOzW XDL5dPecSz4ngIpmlbdXsSYC4ikt9jhGgY/HdCRuprcbBMel8nRB6vj6zB84TQO6 bYJUIrFgVhLrA/5gsraylcma4GodMNC0wy72Nl2OSt+qaERZJWX+AeMhf0Q== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:from:mime-version:subject:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm3; bh=uwdlUVlc4vCoRtdNNPH3N03oAVbw0EEmymnAaIWR+ps=; b=F7bGVPmH WEvpUvGwe2LQCsVECaibIgy0EYeUjl/4T9iZF+t+9tLkFlhX4uZU6K4m6aBcThSg vHoSY9Yj8RJJkUhG2XvmlvFXUu9L9XRZoF/CyXNpWvX/Ux4SEODY4rtPZyA+W9sq eAzPC2Or4thfn/k7GzyLSDScZZ01IsTdgLIHfo5gVI3Znc+XzNEzAPFSG/EABKmy CzmT0Hy8fo3H1lnNb8BTcycpT9a+37yqGd49lJIpPLH7oqgPRZR8A4XKSm0k1lGD jXMkS5gOfvhGha8DWpjSQfDc1ZFfT8WDzMkhBxl+zv8C0X0QUdZoemBqAoRkjgcC x1C13iL4hQWXYw== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduledrfedthedgtdefucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucfpohcuuggrthgvuchfihgvlhguucdlgeelmdenuc fjughrpegtggfhvffusegrtddtredttdejnecuhfhrohhmpeftvghpohhsihhtohhrhicu tegtthhivhhithihucfuuhhmmhgrrhihuceuohhtuceoughopghnohhtpghrvghplhihse hmnhhothdrnhgvtheqnecuggftrfgrthhtvghrnhepkeefvdduteejvdefkeehieevuefg fefhteetveegffekffefteffvdelheduieetnecuffhomhgrihhnpehgihhthhhusgdrtg homhenucevlhhushhtvghrufhiiigvpedvnecurfgrrhgrmhepmhgrihhlfhhrohhmpegu ohgpnhhothgprhgvphhlhiesmhhnohhtrdhnvght X-ME-Proxy: Received: by mail.messagingengine.com (Postfix) with ESMTPA for ; Sun, 6 Jun 2021 04:20:17 -0400 (EDT) Content-Type: multipart/alternative; boundary="===============0762553474261754699==" MIME-Version: 1.0 From: Repository Activity Summary Bot To: txauth@ietf.org Message-Id: <20210606083134.3B9493A1079@ietfa.amsl.com> Date: Sun, 6 Jun 2021 01:31:34 -0700 (PDT) Archived-At: Subject: [GNAP] Weekly github digest (GNAP Weekly GitHub Activity Summary) X-BeenThere: txauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: GNAP List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Jun 2021 08:31:41 -0000 --===============0762553474261754699== MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8"; format="flowed" Events without label "editorial" Issues ------ * ietf-wg-gnap/core-protocol (+0/-3/=F0=9F=92=AC3) 3 issues received 3 new comments: - #265 What kind of control may a client have about the content of a retu= rned access token ? (1 by jricher) https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/265=20 - #263 Negotiation of the token format by the client should be mentioned = in section 1.4 (1 by jricher) https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/263=20 - #262 Should the reader understand that a RS can only be protected by a = single AS ? (1 by jricher) https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/262=20 3 issues closed: - What kind of control may a client have about the content of a returned = access token ? https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/26= 5=20 - Should the reader understand that a RS can only be protected by a singl= e AS ? https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/262=20 - Negotiation of the token format by the client should be mentioned in se= ction 1.4 https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/263=20 * ietf-wg-gnap/gnap-resource-servers (+1/-3/=F0=9F=92=AC6) 1 issues created: - The access token verifications to be perfomed by the RS should be descr= ibed (by Denisthemalice) https://github.com/ietf-wg-gnap/gnap-resource-servers/issues/30=20 3 issues received 6 new comments: - #30 The access token verifications to be perfomed by the RS should be d= escribed (4 by Denisthemalice, jricher) https://github.com/ietf-wg-gnap/gnap-resource-servers/issues/30=20 - #28 Examples about Macaroons and Biscuits are currently inappropriate = (1 by jricher) https://github.com/ietf-wg-gnap/gnap-resource-servers/issues/28=20 - #27 Access Token Formats Negotiation (1 by jricher) https://github.com/ietf-wg-gnap/gnap-resource-servers/issues/27=20 3 issues closed: - The access token verifications to be perfomed by the RS should be descr= ibed https://github.com/ietf-wg-gnap/gnap-resource-servers/issues/30=20 - Examples about Macaroons and Biscuits are currently inappropriate http= s://github.com/ietf-wg-gnap/gnap-resource-servers/issues/28=20 - Access Token Formats Negotiation https://github.com/ietf-wg-gnap/gnap-r= esource-servers/issues/27=20 Repositories tracked by this digest: ----------------------------------- * https://github.com/ietf-wg-gnap/core-protocol * https://github.com/ietf-wg-gnap/gnap-resource-servers --===============0762553474261754699== Content-Type: text/html; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Weekly github digest (GNAP Weekly GitHub Activity Summary)

Sunday June 06, 2021

Events without label "editorial"

Issues

ietf-wg-gnap/core-protocol (+0/-3/=F0=9F=92=AC3)

3 issues received 3 new comments:

3 issues closed:

ietf-wg-gnap/gnap-resource-servers (+1/-3/=F0=9F=92=AC6)

1 issues created:

3 issues received 6 new comments:

3 issues closed:

Repositories tracked by this digest:

--===============0762553474261754699==-- From nobody Sun Jun 6 02:34:05 2021 Return-Path: X-Original-To: txauth@ietfa.amsl.com Delivered-To: txauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 625F83A12E7 for ; Sun, 6 Jun 2021 02:34:02 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.087 X-Spam-Level: X-Spam-Status: No, score=-2.087 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rhosys.ch Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IRDhF_2xwT5q for ; Sun, 6 Jun 2021 02:33:56 -0700 (PDT) Received: from mail-yb1-xb2e.google.com (mail-yb1-xb2e.google.com [IPv6:2607:f8b0:4864:20::b2e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 858CC3A12E4 for ; Sun, 6 Jun 2021 02:33:56 -0700 (PDT) Received: by mail-yb1-xb2e.google.com with SMTP id b13so20396064ybk.4 for ; Sun, 06 Jun 2021 02:33:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rhosys.ch; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=N686vVvkcBLocBd8LBXMopUDgsmsV/SH66sRamiVQnY=; b=YrvPpi0Ic5+u+++ba207wGiTSsljJ8xByjGw25NmedsxS+5iCR2Y0ZO2r9P44X9mc7 5t3zLRDBGsf+zireIGGTwQkJ+7/AIKzWRo31NuxdRy085miVfw4Gzacjp4bNcMoru+yA a0yh4omCW9BsHnU/EcBdf/CaSEdUYEFBIbuQteN0G7xt9MXaI51Nrd9P5u5Wk0gtix1K Zfvnb8KbnI3qClVNvU4USuxTE0nP2nWjrCNiivXRMDhpl4RbezeGo6NdRcemO5GL3Ppv j0hCsz01r35GEFoYvpgBIlZm6L5j6Ogjn+igJb8J0wEtjt0f3OOHi47rugFyuLcq7LGT YzwA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=N686vVvkcBLocBd8LBXMopUDgsmsV/SH66sRamiVQnY=; b=Y1p6Hqi9muCvn+5KPrG50S7WcUeZMmmvpnbU3yW81lw2+u5nsFkuFM0K7WdZvEOz3I JIjwNvxz+Ux2XvDsmH70zFt+clWMyOGA/cVQSGuax3CYc+5C9Ph1r8w7zeyGvBZVUwEd v2XC/l8w+91o5FesdRMv/+s2lv/551hcV7j8AG4N9g40WwMcJ1vp5OM+ZE3oSnXnzNvT 4DVmxT3Qjrj6JlbZ2mme/iTnL5WEG4ndf7VV6nXr2RnPk9skG+PDcXN8ArDxR+Me7BRB U3YQVghNLkC4LS4X229+4QXHSrBanIX2hxYC6JlHb3FDTaiuF0Mn723YxVWnHNg0gteT NwiQ== X-Gm-Message-State: AOAM530Ej3Yr8koLcclr8q8lSMOCkFx4FKEqGy1w7bC3YPPSz1i1GogL 9LMZVAhBOd/XF5nMb47ScELOHfEwQU8ZqvrewIPk1EUbMA== X-Google-Smtp-Source: ABdhPJztwlyo6WqtyYuyKWI+IVIn4uoeK0lPR6S1GOF2vMLhQv3/MMnntr1yNmc01XPtaIkBxv978bRk2fBDZbVAFpE= X-Received: by 2002:a25:aa66:: with SMTP id s93mr5539143ybi.260.1622972034619; Sun, 06 Jun 2021 02:33:54 -0700 (PDT) MIME-Version: 1.0 References: <3950725f-26e5-0eb5-92bb-5e2ed977ac85@verifiablecredentials.info> <429623E4-5C45-474C-801A-6953E803BAE6@mit.edu> <7deb4b8f-6d2e-c386-23d6-7286a5077cc6@verifiablecredentials.info> <9259F10A-7E27-4D1B-BF3C-32905928F847@mit.edu> <9482fcaa-80ae-83e6-eec9-0b757df4b900@verifiablecredentials.info> In-Reply-To: <9482fcaa-80ae-83e6-eec9-0b757df4b900@verifiablecredentials.info> From: Warren Parad Date: Sun, 6 Jun 2021 11:33:43 +0200 Message-ID: To: David Chadwick Cc: Justin Richer , GNAP Mailing List Content-Type: multipart/alternative; boundary="0000000000009abcb305c4159f0e" Archived-At: Subject: Re: [GNAP] Mix Up Attack against GNAP X-BeenThere: txauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: GNAP List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Jun 2021 09:34:03 -0000 --0000000000009abcb305c4159f0e Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable I don't think that would solve the problem, although it might give the user client a second chance to avoid the vulnerability, it isn't a fix so far as I understand it. I like Justin's writeup, and knowing that it took me some time to appreciate the challenge, perhaps reframing the problem might help make it more clear. (And a real case that has happened) 1. An app network exists, and anyone can register an app. A malicious app registers a client with which itself is granted AS-like capabilities to the app network. The app pretends to be Google Drive, and the login screen is a perfect match for google's login. 2. Through a phishing attack, users are sent an email and directed to login to this malicious app. 3. The user navigates through the flow and returns to a legit application with an auth code 4. All along this malicious app has been intercepting the data the user has been providing and using it to authenticate itself as a valid app. If the user completes the flow the malicious app, will have a valid token for the HAS with the privileges the user thought they were granting the honest app. At this point the users client only has two* pieces of information: * Where the initial request to start the flow was sent * The Auth Code To break the vulnerability it must intentionally be so that the user client does NOT send the auth code to the same place where the initial request to start the flow was sent. Which means that the only available piece of information in the auth code. In OAuth, it has been introduced to create a third piece of information, the ISS url. Which can be used to look up where to send the auth code. It doesn't matter what endpoints or secrets are shared, none of them will be of any use, because the client is intentionally always communicating with the malicious app. The user may not want to, but they are anyway. the PKCE prevents interception or vulnerabilities in the flow, but this isn't a vulnerability in the flow, it is a malicious proxy. The only way to avoid this attack is one of: * Trust a third party for verification * include data in the auth code that the client can use to identify where to send the auth code * include data adjacent to the auth code which identifies how to handle the auth code Hope that helps. Warren Warren Parad Founder, CTO Secure your user data with IAM authorization as a service. Implement Authress . On Sun, Jun 6, 2021 at 10:21 AM David Chadwick < d.w.chadwick@verifiablecredentials.info> wrote: > So effectively you are saying that a client can be redirected to anywhere > in the world and not know whether this is correct or not, or, it has to > assume that it is correct regardless of where it is. In this case I sugge= st > that these two locations should share a secret that they can both give to > the client so that it knows these two endpoints are collaborating togethe= r. > If you use something like the OIDC PKCE scheme then the first endpoint ca= n > send the hash of the secret, and the second endpoint can send the secret > itself for the client to hash. > > Kind regards > > David > On 05/06/2021 21:35, Justin Richer wrote: > > It=E2=80=99s completely reasonable for any legitimate AS to split the hos= ting of > its user-facing stuff from its backend stuff. Google already does this wi= th > OAuth/OIDC today, and expecting this to change to something more > constrained would be a non-starter for many deployments. Additionally, we > can=E2=80=99t assume that everything is web-based and that things are hap= pening > within a browser. Furthermore, relying on the client to do some kind of > comparison between the URL it starts the transaction with and the URL use= d > for interaction is going to lead to misbehaving clients simply being more > susceptible to this and related attacks. I=E2=80=99m of the school of tho= ught that > we should expect the minimum number of very specific things from the clie= nt > in order to enforce security principles. > > =E2=80=94 Justin > > On Jun 5, 2021, at 3:43 PM, David Chadwick < > d.w.chadwick@verifiablecredentials.info> wrote: > > But the start URL has HAS in it (message 5), when the client was talking > to AAS. So this should be sufficient should it not to determine that > something is wrong? Especially if SOP is being enforced, then the url of > HAS and AAS wont have the same origin > > Kind regards > > David > On 05/06/2021 17:39, Justin Richer wrote: > > But that=E2=80=99s what I=E2=80=99m saying =E2=80=94 the client knows it= =E2=80=99s talking to AAS and not > HAS so with this kind of solution it would just create a message > cryptographically tagged to AAS. And then on the next step, AAS creates a > message cryptographically bound to HAS. So even if the client already say= s > =E2=80=9Cthis message is for AAS=E2=80=9D explicitly, the attack surface = doesn=E2=80=99t change. > Only if the client thought it was talking to HAS would this make a > difference, but that=E2=80=99s not what=E2=80=99s happening here. This, I= believe, is what > makes this kind of attack much more subtle than a simple message relay. > > =E2=80=94 Justin > > On Jun 5, 2021, at 11:09 AM, David Chadwick < > d.w.chadwick@verifiablecredentials.info> wrote: > > Hi Justin > > the point I am making is that the message created by the Client must be > received by the ultimate recipient, knowing that the Client created it an= d > that the ultimate recipient is the intended recipient. In the current flo= w > both recipients know they are the intended recipients, but also know that > different clients are talking to them. Thus any solution must have the > message originator cryptographically protecting both the sender and > recipient addresses. Once you do this, you thwart the current vulnerabili= ty. > > Kind regards > > David > On 05/06/2021 15:51, Justin Richer wrote: > > Hi David, > > I think it=E2=80=99s similar to message forwarding, but there=E2=80=99s o= ne important > difference =E2=80=94 the AAS already is modifying the message to HAS. It = doesn=E2=80=99t > need to forward the complete message from (2), it creates a brand new > message in (3) and signs it with its own key. So the client knows it=E2= =80=99s > talking to AAS and vice versa, and AAS knows it=E2=80=99s talking to HAS = and vice > versa. What=E2=80=99s different is that AAS is able to take pieces out of= the > (valid) message from the client and make its own message out of those > parts, and then get value out of that. > > But that does raise an interesting question: what if ASS :did: simply > forward the signed message from the client to HAS? The signature method > would need to protect the target of the HTTP request, but I think that > should already be covered in most of the signature methods. We need to pu= t > some focus on these signature methods directly in the near future, so > that=E2=80=99s something to keep in mind here. > > =E2=80=94 Justin > > On Jun 5, 2021, at 8:26 AM, David Chadwick < > d.w.chadwick@verifiablecredentials.info> wrote: > > This attack is similar to surreptitious forwarding (message 3). One > solution is for the sender (Client) to identify the recipient in message = 2 > so that it cannot be altered by the AAS when it creates message 3. The > grant endpoint of the AS that the client instance is talking to would see= m > to fit this solution > > Kind regards > > David > On 04/06/2021 15:59, Justin Richer wrote: > > This week, some researchers reached out to the editors to describe an > attack against GNAP in the front channel that=E2=80=99s inherited from OA= uth 2. I > will describe the attack, list out its preconditions, and then describe a > proposed solution space. We=E2=80=99re looking for input and feedback fro= m the > group on managing this solution. > > But first, many thanks to =C3=85ke Axeland and Adam Omar Oueidat for doin= g this > analysis, putting together the diagram below, and bringing it to the > group=E2=80=99s attention. > > The attack is largely the same as one of the =E2=80=9CAS Mix Up=E2=80=9D = attack cases in > "Comprehensive Security Analysis of OAuth 2.0=E2=80=9D by Daniel Fett and > colleagues. It=E2=80=99s a kind of in-the-middle and/or phishing attack a= t its > core. > > The attacker has their own authorization server (AAS) which can also act > as a client instance. An uncompromised client (UC) instance and an > uncompromised authorization server (HAS) are assumed. There is no > compromise of secret keys or breaking of TLS in this attack. > > 1. UC is a client of AAS, and might also be a client of HAS. User wants t= o > authorize at HAS but tells UC to use AAS. > 2. UC starts a request at AAS, signed with UC=E2=80=99s key. AAS is imita= ting HAS. > 3. AAS forwards UC=E2=80=99s request parameters (Client nonce, interactio= n finish > URI) to HAS, but signed with AAS=E2=80=99s key. > 4. HAS responds with an interaction start URL and server nonce to AAS > 5. AAS forwards the interaction start URL and server nonce to UC > 6. (Note) HAS is functionally telling the user to show up and interact, > but doesn=E2=80=99t realize that the request is being proxied in this way= . > 7. UC launches interaction start url, which is a function of HAS > 8. HAS returns the verification hash and interaction reference to UC > 9. UC validates the hash (which is correct) and sends the interaction > reference to AAS > 10. AAS forwards the interaction reference to HAS > 11. AAS receives an access token for calling an RS protected by HAS. The > client receives no access token. > > The diagram from the researchers is attached here. I=E2=80=99ll be using = the > numbers in the text list here like (1) to refer to specific steps. > > > *Some preconditions and analysis:* > > Step (1) is made easier if the client has choice over which AS to talk to > for a given request, since that=E2=80=99s how it starts talking to AAS in= stead of > HAS. The danger of allowing a client to choose its AS at runtime has been > discussed, but it=E2=80=99s a known pattern that we can=E2=80=99t expect = to go away. > > AAS is treated as a legitimate client of HAS and UC is a legitimate clien= t > of AAS. While dynamic clients can exacerbate this problem at runtime, at = no > time does HAS always knows the requests are coming from AAS and UC always > knows it=E2=80=99s talking to AAS. There is no cryptographic impersonatio= n and no > theft of keys. > > The attack occurs because the user and client think they=E2=80=99re deali= ng with > different AS=E2=80=99s, and you can=E2=80=99t expect a user to always be = able to tell them > apart, especially when the backend calls like (2) are hidden. It=E2=80=99= s assumed > that the user actually wants to authorize UC for HAS, but UC talks to AAS > instead because of configuration (1). AAS can imitate HAS to the user to > facilitate (1), and imitate UC to HAS, but only for human-facing portions > (7). Static pre-registration makes this more difficult, assuming that all > registrations are reviewed by humans. If HAS has no idea that UC exists, = it > wouldn=E2=80=99t necessarily know that AAS is impersonating anyone. > > The token at the end (11), assuming it=E2=80=99s a bound token, is only g= ood with > AAS=E2=80=99s key and not UC=E2=80=99s key. This is great for the attacke= r until UC starts > to act funny and raise suspicion, since the process didn=E2=80=99t ever c= omplete. > With the OAuth attack, and with bearer tokens in GNAP, the token can be > passed through to the UC making UC none the wiser. > > The hash validation (9) does not protect against this specific attack. > Since AAS sits in the middle, it has access to the Client nonce from UC, > the server nonce from AAS, and the interaction reference at the appropria= te > times. AAS doesn=E2=80=99t need to generate the hash, but can force HAS t= o generate > an appropriate hash. > > *The proposed mitigation(s): * > > In OAuth 2, the accepted mitigation is to provide another query parameter > with the =E2=80=9Cissuer=E2=80=9D URL of the AS. We could do that here, b= ut that would have > the same downsides: the client has to check this value explicitly. > Therefore we=E2=80=99re proposing that instead we use the existing valida= tion hash > algorithm and add an additional field. This would need to be something > known to UC and HAS that can=E2=80=99t be impersonated by AAS, even if it= =E2=80=99s known. > Therefore, it makes sense to use something that=E2=80=99s derived. There = are a few > ideas of what to do here, each with benefits and drawbacks: > > - The grant endpoint of the AS that the client instance is talking to. > - The continuation endpoint that the client instance will send the > interaction reference to. (This might be different from the above) > - The continuation access token value > - A key hash for the AS the client is talking to (TLS key to one of these > endpoints? Some other external key added to the mix?) > > The important thing here is that it=E2=80=99s a value that=E2=80=99s know= n but not a > shared-secret that=E2=80=99s passed between parties. The client doesn=E2= =80=99t need to > check anything new, just needs to do the hash validation that it should b= e > doing anyway. > > *Requested feedback:* > > The editors are requesting feedback and discussion on the attack and the > proposed mitigation strategy. As a group, we would also benefit from > additional formal analysis of the protocol with and without the mitigatio= n > in place. Additionally, we need to be sure we aren=E2=80=99t accidentally= cutting > off a legitimate use case, like AS bridges and proxies that aren=E2=80=99= t trying > to hide their presence. > > =E2=80=94 Justin > > -- > TXAuth mailing list > TXAuth@ietf.org > https://www.ietf.org/mailman/listinfo/txauth > > > > > -- > TXAuth mailing list > TXAuth@ietf.org > https://www.ietf.org/mailman/listinfo/txauth > --0000000000009abcb305c4159f0e Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
I don't think that would solve the problem, although i= t might give the user client a second chance to avoid the vulnerability, it= isn't a fix so far as I understand it.

I like Justi= n's writeup, and knowing that it=C2=A0took me some time to appreciate t= he challenge, perhaps reframing the problem might help make it more clear. = (And a real case that has happened)

1. An app netw= ork exists, and anyone can register an app. A malicious app registers a cli= ent with which itself=C2=A0is granted AS-like capabilities to the app netwo= rk. The app pretends to be Google Drive, and the login screen is a perfect = match for google's login.
2. Through a phishing attack, users= are sent an email and directed to login to this malicious app.
3= . The user navigates through the flow and returns to a legit application wi= th an auth code
4. All along this malicious app has been intercep= ting the data the user has been providing and using it to authenticate itse= lf as a valid app. If the user completes the flow the malicious app, will h= ave a valid token for the HAS with the privileges the user thought they wer= e granting the honest app.

At this point the users= client only has two* pieces of information:
* Where the initial = request to start the flow was sent
* The Auth Code

=
To break the vulnerability it must intentionally be so that the = user=C2=A0client does NOT send the auth code to the same place where the in= itial request to start the flow was sent. Which means that the only availab= le piece of information in the auth code.

In OAuth= , it has been introduced to create a third piece of information, the ISS ur= l. Which can be used to look up where to send the auth code. It doesn't= matter what endpoints or secrets are shared, none of them will be of any u= se, because the client is intentionally always communicating with the malic= ious app. The user may not want to, but they are anyway. the PKCE prevents = interception or vulnerabilities in the flow, but this isn't a vulnerabi= lity=C2=A0in the flow, it is a malicious proxy.

Th= e only way to avoid this attack is one of:
* Trust a third party = for verification
* include data in the auth code that the client = can use to identify where to send the auth code
* include data ad= jacent to the auth code which identifies how to handle the auth code
<= div>

Hope that helps.
Warren

Warren Parad

Founder, C= TO

Secure your user data with IAM authorization as a service. Implement= =C2=A0Authress.
=


On Sun, Jun 6, 2021 at 10:21 AM David Cha= dwick <d.w.ch= adwick@verifiablecredentials.info> wrote:
=20 =20 =20

So effectively you are saying that a client can be redirected to anywhere in the world and not know whether this is correct or not, or, it has to assume that it is correct regardless of where it is. In this case I suggest that these two locations should share a secret that they can both give to the client so that it knows these two endpoints are collaborating together. If you use something like the OIDC PKCE scheme then the first endpoint can send the hash of the secret, and the second endpoint can send the secret itself for the client to hash.

Kind regards

David

On 05/06/2021 21:35, Justin Richer wrote:
=20 It=E2=80=99s completely reasonable for any legitimate AS to split the hosting of its user-facing stuff from its backend stuff. Google already does this with OAuth/OIDC today, and expecting this to change to something more constrained would be a non-starter for many deployments. Additionally, we can=E2=80=99t assume that everythi= ng is web-based and that things are happening within a browser. Furthermore, relying on the client to do some kind of comparison between the URL it starts the transaction with and the URL used for interaction is going to lead to misbehaving clients simply being more susceptible to this and related attacks. I=E2=80=99m of th= e school of thought that we should expect the minimum number of very specific things from the client in order to enforce security principles.

=C2=A0=E2=80=94 Justin

On Jun 5, 2021, at 3:43 PM, David Chadwick <d.w.chadwick@verifiablecredentials.info> wrote:

=20

But the start URL has HAS in it (message 5), when the client was talking to AAS. So this should be sufficient should it not to determine that something is wrong? Especially if SOP is being enforced, then the url of HAS and AAS wont have the same origin

Kind regards

David

On 05/06/2021 17:39, Justin Richer wrote:
But that=E2=80=99s what I=E2=80= =99m saying =E2=80=94 the client knows it=E2=80=99s talking to AAS and not HAS so with thi= s kind of solution it would just create a message cryptographically tagged to AAS. And then on the next step, AAS creates a message cryptographically bound to HAS. So even if the client already says =E2=80=9Cthis mes= sage is for AAS=E2=80=9D explicitly, the attack surface doesn= =E2=80=99t change. Only if the client thought it was talking to HAS would this make a difference, but that=E2=80=99s not what=E2=80=99s happening here. This, I believe, is what m= akes this kind of attack much more subtle than a simple message relay.

=C2=A0=E2=80=94 Justin

On Jun 5, 2021, at 11:09 AM, David Chadwick <d.w.chadwick@verifiablecredentials= .info> wrote:

Hi Justin

the point I am making is that the message created by the Client must be received by the ultimate recipient, knowing that the Client created it and that the ultimate recipient is the intended recipient. In the current flow both recipients know they are the intended recipients, but also know that different clients are talking to them. Thus any solution must have the message originator cryptographically protecting both the sender and recipient addresses. Once you do this, you thwart the current vulnerability.

Kind regards

David

On 05/06/2021 15:51, Justin Richer wrote:
Hi David,

I think it=E2=80=99s similar to message forwarding, but there=E2=80=99s one important difference =E2=80=94 the AAS alre= ady is modifying the message to HAS. It doesn=E2=80=99t need to forward the complet= e message from (2), it creates a brand new message in (3) and signs it with its own key. So the client knows it=E2=80=99s talki= ng to AAS and vice versa, and AAS knows it=E2=80= =99s talking to HAS and vice versa. What=E2=80= =99s different is that AAS is able to take pieces out of the (valid) message from the client and make its own message out of those parts, and then get value out of that.

But that does raise an interesting question: what if ASS :did: simply forward the signed message from the client to HAS? The signature method would need to protect the target of the HTTP request, but I think that should already be covered in most of the signature methods. We need to put some focus on these signature methods directly in the near future, so that=E2=80= =99s something to keep in mind here.

=C2=A0=E2=80=94 Justin

On Jun 5, 2021, at 8:26 AM, David Chadwick <d.w.c= hadwick@verifiablecredentials.info> wrote:

This attack is similar to surreptitious forwarding (message 3). One solution is for the sender (Client) to identify the recipient in message 2 so that it cannot be altered by the AAS when it creates message 3. The grant endpoint of the AS that the client instance is talking to would seem to fit this solution

Kind regards

David

On 04/06/2021 15:59, Justin Richer wrote:
This wee= k, some researchers reached out to the editors to describe an attack against GNAP in the front channel that=E2=80=99s inherited = from OAuth 2. I will describe the attack, list out its preconditions, and then describe a proposed solution space. We=E2=80=99re looking for = input and feedback from the group on managing this solution.

But first, many thanks to =C3=85ke Axeland and Adam Omar Oueidat for doing this analysis, putting together the diagram below, and bringing it to the group=E2=80=99s attention.

The attack is largely the same as one of the =E2=80=9CAS Mix Up=E2=80=9D= attack cases in "Comprehensive Security Analysis=C2=A0of OAuth 2.0=E2= =80=9D by Daniel Fett and colleagues. It=E2=80=99s a kind of in-the-m= iddle and/or phishing attack at its core.=C2=A0

The attacker has their own authorization server (AAS) which can also act as a client instance. An uncompromised client (UC) instance and an uncompromised authorization server (HAS) are assumed. There is no compromise of secret keys or breaking of TLS in this attack.

1. UC is a client of AAS, and might also be a client of HAS. User wants to authorize at HAS but tells UC to use AAS.
2. UC starts a request at AAS, signed with UC=E2=80=99s key. AAS is imitat= ing HAS.
3. AAS forwards UC=E2=80=99s request parameters (Client nonce, interaction finish URI) to HAS, but signed with AAS=E2=80=99s key.<= /div>
4. HAS responds with an interaction start URL and server nonce to AAS
5. AAS forwards the interaction start URL and server nonce to UC
6. (Note) HAS is functionally telling the user to show up and interact, but doesn=E2=80=99t realize that the request is being proxied in this way.
7. UC launches interaction start url, which is a function of HAS
8. HAS returns the verification hash and interaction reference to UC
9. UC validates the hash (which is correct) and sends the interaction reference to AAS
10. AAS forwards the interaction reference to HAS=C2=A0
11. AAS receives an access token for calling an RS protected by HAS. The client receives no access token.

The diagram from the researchers is attached here. I=E2=80=99ll be using the numbers in the text list here like (1) to refer to specific steps.

<Pas= tedGraphic-2.png>
Some preconditions and analysis:

Step (1) is made easier if the client has choice over which AS to talk to for a given request, since that=E2=80=99s how it sta= rts talking to AAS instead of HAS. The danger of allowing a client to choose its AS at runtime has been discussed, but it=E2=80=99s a known patter= n that we can=E2=80=99t expect to= go away.

AAS is treated as a legitimate client of HAS and UC is a legitimate client of AAS. While dynamic clients can exacerbate this problem at runtime, at no time does HAS always knows the requests are coming from AAS and UC always knows it=E2= =80=99s talking to AAS. There is no cryptographic impersonation and no theft of keys.=C2=A0

The attack occurs because the user and client think they=E2=80=99re de= aling with different AS=E2=80=99s, an= d you can=E2=80=99t expect a user to always be able to tell them apart, especially when the backend calls like (2) are hidden. It=E2=80=99s assumed th= at the user actually wants to authorize UC for HAS, but UC talks to AAS instead because of configuration (1). AAS can imitate HAS to the user to facilitate (1), and imitate UC to HAS, but only for human-facing portions (7). Static pre-registration makes this more difficult, assuming that all registrations are reviewed by humans. If HAS has no idea that UC exists, it wouldn=E2=80=99t necessarily kn= ow that AAS is impersonating anyone.

The token at the end (11), assuming it=E2=80=99s= a bound token, is only good with AAS=E2=80=99s key and not = UC=E2=80=99s key. This is great for the attacker until UC starts to act funny and raise suspicion, since the process didn=E2=80=99t ever complete. W= ith the OAuth attack, and with bearer tokens in GNAP, the token can be passed through to the UC making UC none the wiser.=C2=A0

The hash validation (9) does not protect against this specific attack. Since AAS sits in the middle, it has access to the Client nonce from UC, the server nonce from AAS, and the interaction reference at the appropriate times. AAS doesn=E2=80=99t need to generat= e the hash, but can force HAS to generate an appropriate hash.

The proposed mitigation(s):=C2=A0=

In OAuth 2, the accepted mitigation is to provide another query parameter with the =E2=80=9Ciss= uer=E2=80=9D URL of the AS. We could do that here, but that would have the same downsides: the client has to check this value explicitly. Therefore we=E2=80=99re proposing that in= stead we use the existing validation hash algorithm and add an additional field. This would need to be something known to UC and HAS that can=E2=80=99t be impersonated by AAS, even if it=E2=80=99s known. Therefore, = it makes sense to use something that=E2=80=99s derived. There a= re a few ideas of what to do here, each with benefits and drawbacks:

- The grant endpoint of the AS that the client instance is talking to.
- The continuation endpoint that the client instance will send the interaction reference to. (This might be different from the above)
- The continuation access token value
- A key hash for the AS the client is talking to (TLS key to one of these endpoints? Some other external key added to the mix?)

The important thing here is that it=E2=80=99s= a value that=E2=80=99s known but = not a shared-secret that=E2=80=99s pa= ssed between parties. The client doesn=E2=80=99t need to check anything new, just needs to do the hash validation that it should be doing anyway.

Requested feedback:

The editors are requesting feedback and discussion on the attack and the proposed mitigation strategy. As a group, we would also benefit from additional formal analysis of the protocol with and without the mitigation in place. Additionally, we need to be sure we aren=E2=80=99t accidentally cutting off a legitimate use case, like AS bridges and proxies that aren=E2=80=99t trying to hide t= heir presence.

=C2=A0=E2=80=94 Justin

--
TXAuth mailing list
TXAuth@ietf.org
https://www.ietf.org/mailman/listinfo= /txauth



--
TXAuth mailing list
TXAuth@ietf.org https://www.ietf.org/mailman/listinfo/txauth
--0000000000009abcb305c4159f0e-- From nobody Sun Jun 6 04:10:51 2021 Return-Path: X-Original-To: txauth@ietfa.amsl.com Delivered-To: txauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1B10B3A1690 for ; Sun, 6 Jun 2021 04:10:49 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.989 X-Spam-Level: X-Spam-Status: No, score=-1.989 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, MIME_HTML_ONLY=0.1, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=verifiablecredentials.info Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1HwV4ZFtl83B for ; Sun, 6 Jun 2021 04:10:43 -0700 (PDT) Received: from client-mail2.aiso.net (client-mail2.aiso.net [199.19.158.252]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 993EB3A168D for ; Sun, 6 Jun 2021 04:10:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=verifiablecredentials.info; s=mail; h=Content-Transfer-Encoding: Content-Type:In-Reply-To:MIME-Version:Date:Message-ID:From:References:To: Subject:Sender:Reply-To:Cc:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=scWwE1k8Jzx9UeUhQCpFEgp91wh2siFZiCRXzvjaXyc=; b=NjdT1KPmShSOFr789d6cmcjkFw 1l0k0GmtfuWfIvJraUokN5p9PS6U4l2kixcHgbirMs4cDFfH8wFQbyRWFO7tzRO9Ozz1rS8O0GAw3 09/dYWcjNnW0srNZdv9jK4TaKQcswI6h9cpMBx4yfNv1YPFHTFBcDTjbxS5RRen0HaDE=; Received: from [146.200.52.122] (helo=AdministorsMBP2.lan) by client-mail2.aiso.net (envelope-from ) with esmtpsa (TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.94.2) id 1lpqfw-0002dH-Nt for txauth@ietf.org; Sun, 06 Jun 2021 04:10:43 -0700 To: txauth@ietf.org References: <3950725f-26e5-0eb5-92bb-5e2ed977ac85@verifiablecredentials.info> <429623E4-5C45-474C-801A-6953E803BAE6@mit.edu> <7deb4b8f-6d2e-c386-23d6-7286a5077cc6@verifiablecredentials.info> <9259F10A-7E27-4D1B-BF3C-32905928F847@mit.edu> <9482fcaa-80ae-83e6-eec9-0b757df4b900@verifiablecredentials.info> From: David Chadwick Organization: Verifiable Credentials Ltd Message-ID: <265bc1a1-a28a-d1ad-d0b4-3cae341ccc6c@verifiablecredentials.info> Date: Sun, 6 Jun 2021 12:10:37 +0100 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.10.2 MIME-Version: 1.0 In-Reply-To: Content-Type: text/html; charset=utf-8 Content-Language: en-GB Content-Transfer-Encoding: 8bit X-AISO-Id: info@verifiablecredentials.info X-AISO-Outbound-SA-Spam-Score: 2.2 X-AISO-Outbound-SA-Spam-Score-Int: 22 X-AISO-Outbound-SA-Spam-Report: BAYES_00=-1.9, HTML_MESSAGE=0.001, KAM_INFOUSMEBIZ=2.5, MIME_HTML_ONLY=0.1, NICE_REPLY_A=-0.001, T_KAM_HTML_FONT_INVALID=1.5 X-AISO-Report-Abuse: abuse@aiso.net Archived-At: Subject: Re: [GNAP] Mix Up Attack against GNAP X-BeenThere: txauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: GNAP List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Jun 2021 11:10:49 -0000

My understanding is that all these types of federated systems with redirections: SAML, Oauth, OIDC, are open to phishing attacks. To counteract this you should remove redirections from the protocol. OIDC SIOPv2 with verifiable credentials/presentations should solve this type of attack I believe. Also it is using a TTP for verification, which is one of your proposed solutions.

Your proposed solution of adding data to the auth code is what I have already suggested: the message should  cryptographically contain the identity of the sender and receiver and then all parties know who the intended recipient and originator are. And if you want to add a redirection in the response then that should also be inside the protected message.

Kind regards

David

On 06/06/2021 10:33, Warren Parad wrote:
I don't think that would solve the problem, although it might give the user client a second chance to avoid the vulnerability, it isn't a fix so far as I understand it.

I like Justin's writeup, and knowing that it took me some time to appreciate the challenge, perhaps reframing the problem might help make it more clear. (And a real case that has happened)

1. An app network exists, and anyone can register an app. A malicious app registers a client with which itself is granted AS-like capabilities to the app network. The app pretends to be Google Drive, and the login screen is a perfect match for google's login.
2. Through a phishing attack, users are sent an email and directed to login to this malicious app.
3. The user navigates through the flow and returns to a legit application with an auth code
4. All along this malicious app has been intercepting the data the user has been providing and using it to authenticate itself as a valid app. If the user completes the flow the malicious app, will have a valid token for the HAS with the privileges the user thought they were granting the honest app.

At this point the users client only has two* pieces of information:
* Where the initial request to start the flow was sent
* The Auth Code

To break the vulnerability it must intentionally be so that the user client does NOT send the auth code to the same place where the initial request to start the flow was sent. Which means that the only available piece of information in the auth code.

In OAuth, it has been introduced to create a third piece of information, the ISS url. Which can be used to look up where to send the auth code. It doesn't matter what endpoints or secrets are shared, none of them will be of any use, because the client is intentionally always communicating with the malicious app. The user may not want to, but they are anyway. the PKCE prevents interception or vulnerabilities in the flow, but this isn't a vulnerability in the flow, it is a malicious proxy.

The only way to avoid this attack is one of:
* Trust a third party for verification
* include data in the auth code that the client can use to identify where to send the auth code
* include data adjacent to the auth code which identifies how to handle the auth code

Hope that helps.
Warren

Warren Parad

Founder, CTO
Secure your user data with IAM authorization as a service. Implement Authress.


On Sun, Jun 6, 2021 at 10:21 AM David Chadwick <d.w.chadwick@verifiablecredentials.info> wrote:

So effectively you are saying that a client can be redirected to anywhere in the world and not know whether this is correct or not, or, it has to assume that it is correct regardless of where it is. In this case I suggest that these two locations should share a secret that they can both give to the client so that it knows these two endpoints are collaborating together. If you use something like the OIDC PKCE scheme then the first endpoint can send the hash of the secret, and the second endpoint can send the secret itself for the client to hash.

Kind regards

David

On 05/06/2021 21:35, Justin Richer wrote:
It’s completely reasonable for any legitimate AS to split the hosting of its user-facing stuff from its backend stuff. Google already does this with OAuth/OIDC today, and expecting this to change to something more constrained would be a non-starter for many deployments. Additionally, we can’t assume that everything is web-based and that things are happening within a browser. Furthermore, relying on the client to do some kind of comparison between the URL it starts the transaction with and the URL used for interaction is going to lead to misbehaving clients simply being more susceptible to this and related attacks. I’m of the school of thought that we should expect the minimum number of very specific things from the client in order to enforce security principles.

 — Justin

On Jun 5, 2021, at 3:43 PM, David Chadwick <d.w.chadwick@verifiablecredentials.info> wrote:

But the start URL has HAS in it (message 5), when the client was talking to AAS. So this should be sufficient should it not to determine that something is wrong? Especially if SOP is being enforced, then the url of HAS and AAS wont have the same origin

Kind regards

David

On 05/06/2021 17:39, Justin Richer wrote:
But that’s what I’m saying — the client knows it’s talking to AAS and not HAS so with this kind of solution it would just create a message cryptographically tagged to AAS. And then on the next step, AAS creates a message cryptographically bound to HAS. So even if the client already says “this message is for AAS” explicitly, the attack surface doesn’t change. Only if the client thought it was talking to HAS would this make a difference, but that’s not what’s happening here. This, I believe, is what makes this kind of attack much more subtle than a simple message relay.

 — Justin

On Jun 5, 2021, at 11:09 AM, David Chadwick <d.w.chadwick@verifiablecredentials.info> wrote:

Hi Justin

the point I am making is that the message created by the Client must be received by the ultimate recipient, knowing that the Client created it and that the ultimate recipient is the intended recipient. In the current flow both recipients know they are the intended recipients, but also know that different clients are talking to them. Thus any solution must have the message originator cryptographically protecting both the sender and recipient addresses. Once you do this, you thwart the current vulnerability.

Kind regards

David

On 05/06/2021 15:51, Justin Richer wrote:
Hi David,

I think it’s similar to message forwarding, but there’s one important difference — the AAS already is modifying the message to HAS. It doesn’t need to forward the complete message from (2), it creates a brand new message in (3) and signs it with its own key. So the client knows it’s talking to AAS and vice versa, and AAS knows it’s talking to HAS and vice versa. What’s different is that AAS is able to take pieces out of the (valid) message from the client and make its own message out of those parts, and then get value out of that.

But that does raise an interesting question: what if ASS :did: simply forward the signed message from the client to HAS? The signature method would need to protect the target of the HTTP request, but I think that should already be covered in most of the signature methods. We need to put some focus on these signature methods directly in the near future, so that’s something to keep in mind here.

 — Justin

On Jun 5, 2021, at 8:26 AM, David Chadwick <d.w.chadwick@verifiablecredentials.info> wrote:

This attack is similar to surreptitious forwarding (message 3). One solution is for the sender (Client) to identify the recipient in message 2 so that it cannot be altered by the AAS when it creates message 3. The grant endpoint of the AS that the client instance is talking to would seem to fit this solution

Kind regards

David

On 04/06/2021 15:59, Justin Richer wrote:
This week, some researchers reached out to the editors to describe an attack against GNAP in the front channel that’s inherited from OAuth 2. I will describe the attack, list out its preconditions, and then describe a proposed solution space. We’re looking for input and feedback from the group on managing this solution.

But first, many thanks to Åke Axeland and Adam Omar Oueidat for doing this analysis, putting together the diagram below, and bringing it to the group’s attention.

The attack is largely the same as one of the “AS Mix Up” attack cases in "Comprehensive Security Analysis of OAuth 2.0” by Daniel Fett and colleagues. It’s a kind of in-the-middle and/or phishing attack at its core. 

The attacker has their own authorization server (AAS) which can also act as a client instance. An uncompromised client (UC) instance and an uncompromised authorization server (HAS) are assumed. There is no compromise of secret keys or breaking of TLS in this attack.

1. UC is a client of AAS, and might also be a client of HAS. User wants to authorize at HAS but tells UC to use AAS.
2. UC starts a request at AAS, signed with UC’s key. AAS is imitating HAS.
3. AAS forwards UC’s request parameters (Client nonce, interaction finish URI) to HAS, but signed with AAS’s key.
4. HAS responds with an interaction start URL and server nonce to AAS
5. AAS forwards the interaction start URL and server nonce to UC
6. (Note) HAS is functionally telling the user to show up and interact, but doesn’t realize that the request is being proxied in this way.
7. UC launches interaction start url, which is a function of HAS
8. HAS returns the verification hash and interaction reference to UC
9. UC validates the hash (which is correct) and sends the interaction reference to AAS
10. AAS forwards the interaction reference to HAS 
11. AAS receives an access token for calling an RS protected by HAS. The client receives no access token.

The diagram from the researchers is attached here. I’ll be using the numbers in the text list here like (1) to refer to specific steps.

<PastedGraphic-2.png>
Some preconditions and analysis:

Step (1) is made easier if the client has choice over which AS to talk to for a given request, since that’s how it starts talking to AAS instead of HAS. The danger of allowing a client to choose its AS at runtime has been discussed, but it’s a known pattern that we can’t expect to go away.

AAS is treated as a legitimate client of HAS and UC is a legitimate client of AAS. While dynamic clients can exacerbate this problem at runtime, at no time does HAS always knows the requests are coming from AAS and UC always knows it’s talking to AAS. There is no cryptographic impersonation and no theft of keys. 

The attack occurs because the user and client think they’re dealing with different AS’s, and you can’t expect a user to always be able to tell them apart, especially when the backend calls like (2) are hidden. It’s assumed that the user actually wants to authorize UC for HAS, but UC talks to AAS instead because of configuration (1). AAS can imitate HAS to the user to facilitate (1), and imitate UC to HAS, but only for human-facing portions (7). Static pre-registration makes this more difficult, assuming that all registrations are reviewed by humans. If HAS has no idea that UC exists, it wouldn’t necessarily know that AAS is impersonating anyone.

The token at the end (11), assuming it’s a bound token, is only good with AAS’s key and not UC’s key. This is great for the attacker until UC starts to act funny and raise suspicion, since the process didn’t ever complete. With the OAuth attack, and with bearer tokens in GNAP, the token can be passed through to the UC making UC none the wiser. 

The hash validation (9) does not protect against this specific attack. Since AAS sits in the middle, it has access to the Client nonce from UC, the server nonce from AAS, and the interaction reference at the appropriate times. AAS doesn’t need to generate the hash, but can force HAS to generate an appropriate hash.

The proposed mitigation(s): 

In OAuth 2, the accepted mitigation is to provide another query parameter with the “issuer” URL of the AS. We could do that here, but that would have the same downsides: the client has to check this value explicitly. Therefore we’re proposing that instead we use the existing validation hash algorithm and add an additional field. This would need to be something known to UC and HAS that can’t be impersonated by AAS, even if it’s known. Therefore, it makes sense to use something that’s derived. There are a few ideas of what to do here, each with benefits and drawbacks:

- The grant endpoint of the AS that the client instance is talking to.
- The continuation endpoint that the client instance will send the interaction reference to. (This might be different from the above)
- The continuation access token value
- A key hash for the AS the client is talking to (TLS key to one of these endpoints? Some other external key added to the mix?)

The important thing here is that it’s a value that’s known but not a shared-secret that’s passed between parties. The client doesn’t need to check anything new, just needs to do the hash validation that it should be doing anyway.

Requested feedback:

The editors are requesting feedback and discussion on the attack and the proposed mitigation strategy. As a group, we would also benefit from additional formal analysis of the protocol with and without the mitigation in place. Additionally, we need to be sure we aren’t accidentally cutting off a legitimate use case, like AS bridges and proxies that aren’t trying to hide their presence.

 — Justin

--
TXAuth mailing list
TXAuth@ietf.org
https://www.ietf.org/mailman/listinfo/txauth



--
TXAuth mailing list
TXAuth@ietf.org
https://www.ietf.org/mailman/listinfo/txauth

From nobody Sun Jun 6 05:42:49 2021 Return-Path: X-Original-To: txauth@ietfa.amsl.com Delivered-To: txauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 82F3E3A1996 for ; Sun, 6 Jun 2021 05:42:47 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.195 X-Spam-Level: X-Spam-Status: No, score=-4.195 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CjKVUkFQDIDo for ; Sun, 6 Jun 2021 05:42:42 -0700 (PDT) Received: from outgoing-exchange-3.mit.edu (outgoing-exchange-3.mit.edu [18.9.28.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6C8F43A1994 for ; Sun, 6 Jun 2021 05:42:41 -0700 (PDT) Received: from oc11exedge2.exchange.mit.edu (OC11EXEDGE2.EXCHANGE.MIT.EDU [18.9.3.18]) by outgoing-exchange-3.mit.edu (8.14.7/8.12.4) with ESMTP id 156Cgdc1001089; Sun, 6 Jun 2021 08:42:39 -0400 Received: from w92expo18.exchange.mit.edu (18.7.74.72) by oc11exedge2.exchange.mit.edu (18.9.3.18) with Microsoft SMTP Server (TLS) id 15.0.1497.18; Sun, 6 Jun 2021 08:42:10 -0400 Received: from oc11expo18.exchange.mit.edu (18.9.4.49) by w92expo18.exchange.mit.edu (18.7.74.72) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Sun, 6 Jun 2021 08:42:38 -0400 Received: from oc11expo18.exchange.mit.edu ([18.9.4.49]) by oc11expo18.exchange.mit.edu ([18.9.4.49]) with mapi id 15.00.1497.015; Sun, 6 Jun 2021 08:42:38 -0400 From: Justin Richer To: David Chadwick , "txauth@ietf.org" Thread-Topic: [GNAP] Mix Up Attack against GNAP Thread-Index: AQHXWVI9kDl2iW5Nh0G/gRYQcS4T1KsFnH+A///liICAAEfxAP//1jKAgAB2aYD//8tqAAAhA6YAAAKMhoAAA2JagP//1W3Z Date: Sun, 6 Jun 2021 12:42:38 +0000 Message-ID: <700c3b99bf4b43b4a0ec8dcc28e8136a@oc11expo18.exchange.mit.edu> References: <3950725f-26e5-0eb5-92bb-5e2ed977ac85@verifiablecredentials.info> <429623E4-5C45-474C-801A-6953E803BAE6@mit.edu> <7deb4b8f-6d2e-c386-23d6-7286a5077cc6@verifiablecredentials.info> <9259F10A-7E27-4D1B-BF3C-32905928F847@mit.edu> <9482fcaa-80ae-83e6-eec9-0b757df4b900@verifiablecredentials.info> , <265bc1a1-a28a-d1ad-d0b4-3cae341ccc6c@verifiablecredentials.info> In-Reply-To: <265bc1a1-a28a-d1ad-d0b4-3cae341ccc6c@verifiablecredentials.info> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-exchange-transport-fromentityheader: Hosted x-originating-ip: [71.174.62.56] Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Archived-At: Subject: Re: [GNAP] Mix Up Attack against GNAP X-BeenThere: txauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: GNAP List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Jun 2021 12:42:48 -0000 David,=20 A key difference with GNAP is that it doesn't rely only on redirects. Inste= ad they are just one of many extensible options for interaction. Presenting= VC's can happen using VCHTTPAPI or CHAPI or even DIDCOMM and the user neve= r redirects. Redirects are inherently phishable even with the mitigation yo= u describe, and so if you want to avoid them and use something else, that's= great and GNAP has space for that explicitly. It's one of the most importa= nt breaks from OAuth core: don't start with the assumption the user is in a= browser. But redirects aren't going away for everyone and so it's importan= t that when people do choose to use them, they are as secure as they can be= . You still have to deal with the trade-off and that's why security analysi= s like this is so important!=20 - Justin ________________________________________ From: TXAuth [txauth-bounces@ietf.org] on behalf of David Chadwick [d.w.cha= dwick@verifiablecredentials.info] Sent: Sunday, June 6, 2021 7:10 AM To: txauth@ietf.org Subject: Re: [GNAP] Mix Up Attack against GNAP My understanding is that all these types of federated systems with redirect= ions: SAML, Oauth, OIDC, are open to phishing attacks. To counteract this y= ou should remove redirections from the protocol. OIDC SIOPv2 with verifiabl= e credentials/presentations should solve this type of attack I believe. Als= o it is using a TTP for verification, which is one of your proposed solutio= ns. Your proposed solution of adding data to the auth code is what I have alrea= dy suggested: the message should cryptographically contain the identity of= the sender and receiver and then all parties know who the intended recipie= nt and originator are. And if you want to add a redirection in the response= then that should also be inside the protected message. Kind regards David On 06/06/2021 10:33, Warren Parad wrote: I don't think that would solve the problem, although it might give the user= client a second chance to avoid the vulnerability, it isn't a fix so far a= s I understand it. I like Justin's writeup, and knowing that it took me some time to appreciat= e the challenge, perhaps reframing the problem might help make it more clea= r. (And a real case that has happened) 1. An app network exists, and anyone can register an app. A malicious app r= egisters a client with which itself is granted AS-like capabilities to the = app network. The app pretends to be Google Drive, and the login screen is a= perfect match for google's login. 2. Through a phishing attack, users are sent an email and directed to login= to this malicious app. 3. The user navigates through the flow and returns to a legit application w= ith an auth code 4. All along this malicious app has been intercepting the data the user has= been providing and using it to authenticate itself as a valid app. If the = user completes the flow the malicious app, will have a valid token for the = HAS with the privileges the user thought they were granting the honest app. At this point the users client only has two* pieces of information: * Where the initial request to start the flow was sent * The Auth Code To break the vulnerability it must intentionally be so that the user client= does NOT send the auth code to the same place where the initial request to= start the flow was sent. Which means that the only available piece of info= rmation in the auth code. In OAuth, it has been introduced to create a third piece of information, th= e ISS url. Which can be used to look up where to send the auth code. It doe= sn't matter what endpoints or secrets are shared, none of them will be of a= ny use, because the client is intentionally always communicating with the m= alicious app. The user may not want to, but they are anyway. the PKCE preve= nts interception or vulnerabilities in the flow, but this isn't a vulnerabi= lity in the flow, it is a malicious proxy. The only way to avoid this attack is one of: * Trust a third party for verification * include data in the auth code that the client can use to identify where t= o send the auth code * include data adjacent to the auth code which identifies how to handle the= auth code Hope that helps. Warren [https://lh6.googleusercontent.com/DNiDx1QGIrSqMPKDN1oKevxYuyVRXsqhXdfZOsW5= 6Rf2A74mUKbAPtrJSNw4qynkSjoltWkPYdBhaZJg1BO45YOc1xs6r9KJ1fYsNHogY-nh6hjuIm9= GCeBRRzrSc8kWcUSNtuA] Warren Parad Founder, CTO Secure your user data with IAM authorization as a service. Implement Authre= ss. On Sun, Jun 6, 2021 at 10:21 AM David Chadwick > wrote: So effectively you are saying that a client can be redirected to anywhere i= n the world and not know whether this is correct or not, or, it has to assu= me that it is correct regardless of where it is. In this case I suggest tha= t these two locations should share a secret that they can both give to the = client so that it knows these two endpoints are collaborating together. If = you use something like the OIDC PKCE scheme then the first endpoint can sen= d the hash of the secret, and the second endpoint can send the secret itsel= f for the client to hash. Kind regards David On 05/06/2021 21:35, Justin Richer wrote: It=92s completely reasonable for any legitimate AS to split the hosting of = its user-facing stuff from its backend stuff. Google already does this with= OAuth/OIDC today, and expecting this to change to something more constrain= ed would be a non-starter for many deployments. Additionally, we can=92t as= sume that everything is web-based and that things are happening within a br= owser. Furthermore, relying on the client to do some kind of comparison bet= ween the URL it starts the transaction with and the URL used for interactio= n is going to lead to misbehaving clients simply being more susceptible to = this and related attacks. I=92m of the school of thought that we should exp= ect the minimum number of very specific things from the client in order to = enforce security principles. =97 Justin On Jun 5, 2021, at 3:43 PM, David Chadwick > wrote: But the start URL has HAS in it (message 5), when the client was talking to= AAS. So this should be sufficient should it not to determine that somethin= g is wrong? Especially if SOP is being enforced, then the url of HAS and AA= S wont have the same origin Kind regards David On 05/06/2021 17:39, Justin Richer wrote: But that=92s what I=92m saying =97 the client knows it=92s talking to AAS a= nd not HAS so with this kind of solution it would just create a message cry= ptographically tagged to AAS. And then on the next step, AAS creates a mess= age cryptographically bound to HAS. So even if the client already says =93t= his message is for AAS=94 explicitly, the attack surface doesn=92t change. = Only if the client thought it was talking to HAS would this make a differen= ce, but that=92s not what=92s happening here. This, I believe, is what make= s this kind of attack much more subtle than a simple message relay. =97 Justin On Jun 5, 2021, at 11:09 AM, David Chadwick > wrote: Hi Justin the point I am making is that the message created by the Client must be rec= eived by the ultimate recipient, knowing that the Client created it and tha= t the ultimate recipient is the intended recipient. In the current flow bot= h recipients know they are the intended recipients, but also know that diff= erent clients are talking to them. Thus any solution must have the message = originator cryptographically protecting both the sender and recipient addre= sses. Once you do this, you thwart the current vulnerability. Kind regards David On 05/06/2021 15:51, Justin Richer wrote: Hi David, I think it=92s similar to message forwarding, but there=92s one important d= ifference =97 the AAS already is modifying the message to HAS. It doesn=92t= need to forward the complete message from (2), it creates a brand new mess= age in (3) and signs it with its own key. So the client knows it=92s talkin= g to AAS and vice versa, and AAS knows it=92s talking to HAS and vice versa= . What=92s different is that AAS is able to take pieces out of the (valid) = message from the client and make its own message out of those parts, and th= en get value out of that. But that does raise an interesting question: what if ASS :did: simply forwa= rd the signed message from the client to HAS? The signature method would ne= ed to protect the target of the HTTP request, but I think that should alrea= dy be covered in most of the signature methods. We need to put some focus o= n these signature methods directly in the near future, so that=92s somethin= g to keep in mind here. =97 Justin On Jun 5, 2021, at 8:26 AM, David Chadwick > wrote: This attack is similar to surreptitious forwarding (message 3). One solutio= n is for the sender (Client) to identify the recipient in message 2 so that= it cannot be altered by the AAS when it creates message 3. The grant endpo= int of the AS that the client instance is talking to would seem to fit this= solution Kind regards David On 04/06/2021 15:59, Justin Richer wrote: This week, some researchers reached out to the editors to describe an attac= k against GNAP in the front channel that=92s inherited from OAuth 2. I will= describe the attack, list out its preconditions, and then describe a propo= sed solution space. We=92re looking for input and feedback from the group o= n managing this solution. But first, many thanks to =C5ke Axeland and Adam Omar Oueidat for doing thi= s analysis, putting together the diagram below, and bringing it to the grou= p=92s attention. The attack is largely the same as one of the =93AS Mix Up=94 attack cases i= n "Comprehensive Security Analysis of OAuth 2.0=94 by Daniel Fett and colle= agues. It=92s a kind of in-the-middle and/or phishing attack at its core. The attacker has their own authorization server (AAS) which can also act as= a client instance. An uncompromised client (UC) instance and an uncompromi= sed authorization server (HAS) are assumed. There is no compromise of secre= t keys or breaking of TLS in this attack. 1. UC is a client of AAS, and might also be a client of HAS. User wants to = authorize at HAS but tells UC to use AAS. 2. UC starts a request at AAS, signed with UC=92s key. AAS is imitating HAS= . 3. AAS forwards UC=92s request parameters (Client nonce, interaction finish= URI) to HAS, but signed with AAS=92s key. 4. HAS responds with an interaction start URL and server nonce to AAS 5. AAS forwards the interaction start URL and server nonce to UC 6. (Note) HAS is functionally telling the user to show up and interact, but= doesn=92t realize that the request is being proxied in this way. 7. UC launches interaction start url, which is a function of HAS 8. HAS returns the verification hash and interaction reference to UC 9. UC validates the hash (which is correct) and sends the interaction refer= ence to AAS 10. AAS forwards the interaction reference to HAS 11. AAS receives an access token for calling an RS protected by HAS. The cl= ient receives no access token. The diagram from the researchers is attached here. I=92ll be using the numb= ers in the text list here like (1) to refer to specific steps. Some preconditions and analysis: Step (1) is made easier if the client has choice over which AS to talk to f= or a given request, since that=92s how it starts talking to AAS instead of = HAS. The danger of allowing a client to choose its AS at runtime has been d= iscussed, but it=92s a known pattern that we can=92t expect to go away. AAS is treated as a legitimate client of HAS and UC is a legitimate client = of AAS. While dynamic clients can exacerbate this problem at runtime, at no= time does HAS always knows the requests are coming from AAS and UC always = knows it=92s talking to AAS. There is no cryptographic impersonation and no= theft of keys. The attack occurs because the user and client think they=92re dealing with = different AS=92s, and you can=92t expect a user to always be able to tell t= hem apart, especially when the backend calls like (2) are hidden. It=92s as= sumed that the user actually wants to authorize UC for HAS, but UC talks to= AAS instead because of configuration (1). AAS can imitate HAS to the user = to facilitate (1), and imitate UC to HAS, but only for human-facing portion= s (7). Static pre-registration makes this more difficult, assuming that all= registrations are reviewed by humans. If HAS has no idea that UC exists, i= t wouldn=92t necessarily know that AAS is impersonating anyone. The token at the end (11), assuming it=92s a bound token, is only good with= AAS=92s key and not UC=92s key. This is great for the attacker until UC st= arts to act funny and raise suspicion, since the process didn=92t ever comp= lete. With the OAuth attack, and with bearer tokens in GNAP, the token can = be passed through to the UC making UC none the wiser. The hash validation (9) does not protect against this specific attack. Sinc= e AAS sits in the middle, it has access to the Client nonce from UC, the se= rver nonce from AAS, and the interaction reference at the appropriate times= . AAS doesn=92t need to generate the hash, but can force HAS to generate an= appropriate hash. The proposed mitigation(s): In OAuth 2, the accepted mitigation is to provide another query parameter w= ith the =93issuer=94 URL of the AS. We could do that here, but that would h= ave the same downsides: the client has to check this value explicitly. Ther= efore we=92re proposing that instead we use the existing validation hash al= gorithm and add an additional field. This would need to be something known = to UC and HAS that can=92t be impersonated by AAS, even if it=92s known. Th= erefore, it makes sense to use something that=92s derived. There are a few = ideas of what to do here, each with benefits and drawbacks: - The grant endpoint of the AS that the client instance is talking to. - The continuation endpoint that the client instance will send the interact= ion reference to. (This might be different from the above) - The continuation access token value - A key hash for the AS the client is talking to (TLS key to one of these e= ndpoints? Some other external key added to the mix?) The important thing here is that it=92s a value that=92s known but not a sh= ared-secret that=92s passed between parties. The client doesn=92t need to c= heck anything new, just needs to do the hash validation that it should be d= oing anyway. Requested feedback: The editors are requesting feedback and discussion on the attack and the pr= oposed mitigation strategy. As a group, we would also benefit from addition= al formal analysis of the protocol with and without the mitigation in place= . Additionally, we need to be sure we aren=92t accidentally cutting off a l= egitimate use case, like AS bridges and proxies that aren=92t trying to hid= e their presence. =97 Justin -- TXAuth mailing list TXAuth@ietf.org https://www.ietf.org/mailman/listinfo/txauth -- TXAuth mailing list TXAuth@ietf.org https://www.ietf.org/mailman/listinfo/txauth From nobody Mon Jun 7 11:08:45 2021 Return-Path: X-Original-To: txauth@ietfa.amsl.com Delivered-To: txauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 272113A4044 for ; Mon, 7 Jun 2021 11:08:42 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.486 X-Spam-Level: X-Spam-Status: No, score=-1.486 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, KHOP_HELO_FCRDNS=0.398, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PmB46315y_0V for ; Mon, 7 Jun 2021 11:08:37 -0700 (PDT) Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1277C3A4043 for ; Mon, 7 Jun 2021 11:08:36 -0700 (PDT) Received: from [192.168.1.49] (static-71-174-62-56.bstnma.fios.verizon.net [71.174.62.56]) (authenticated bits=0) (User authenticated as jricher@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 157I8XAn011068 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 7 Jun 2021 14:08:34 -0400 From: Justin Richer Message-Id: <279FA04F-0F41-415A-9521-724CC1823D85@mit.edu> Content-Type: multipart/alternative; boundary="Apple-Mail=_DD9B9147-785E-4614-A2FB-1DCCE33005B1" Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.6\)) Date: Mon, 7 Jun 2021 14:08:33 -0400 In-Reply-To: <265bc1a1-a28a-d1ad-d0b4-3cae341ccc6c@verifiablecredentials.info> Cc: txauth@ietf.org To: David Chadwick References: <3950725f-26e5-0eb5-92bb-5e2ed977ac85@verifiablecredentials.info> <429623E4-5C45-474C-801A-6953E803BAE6@mit.edu> <7deb4b8f-6d2e-c386-23d6-7286a5077cc6@verifiablecredentials.info> <9259F10A-7E27-4D1B-BF3C-32905928F847@mit.edu> <9482fcaa-80ae-83e6-eec9-0b757df4b900@verifiablecredentials.info> <265bc1a1-a28a-d1ad-d0b4-3cae341ccc6c@verifiablecredentials.info> X-Mailer: Apple Mail (2.3608.120.23.2.6) Archived-At: Subject: Re: [GNAP] Mix Up Attack against GNAP X-BeenThere: txauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: GNAP List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Jun 2021 18:08:43 -0000 --Apple-Mail=_DD9B9147-785E-4614-A2FB-1DCCE33005B1 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 David, I=E2=80=99m not sure that we=E2=80=99re on the same page yet, and I want = to make sure that I am (personally) not missing something important in = this discussion. Can you please lay out in more detail what your = proposed mitigation to this attack would look like, given the = diagram/flow at the top of the thread? What pieces of information would = each party need access to, and how does it stop the vulnerability? Thank you, =E2=80=94 Justin > On Jun 6, 2021, at 7:10 AM, David Chadwick = wrote: >=20 > My understanding is that all these types of federated systems with = redirections: SAML, Oauth, OIDC, are open to phishing attacks. To = counteract this you should remove redirections from the protocol. OIDC = SIOPv2 with verifiable credentials/presentations should solve this type = of attack I believe. Also it is using a TTP for verification, which is = one of your proposed solutions. >=20 > Your proposed solution of adding data to the auth code is what I have = already suggested: the message should cryptographically contain the = identity of the sender and receiver and then all parties know who the = intended recipient and originator are. And if you want to add a = redirection in the response then that should also be inside the = protected message. >=20 > Kind regards >=20 > David >=20 > On 06/06/2021 10:33, Warren Parad wrote: >> I don't think that would solve the problem, although it might give = the user client a second chance to avoid the vulnerability, it isn't a = fix so far as I understand it. >>=20 >> I like Justin's writeup, and knowing that it took me some time to = appreciate the challenge, perhaps reframing the problem might help make = it more clear. (And a real case that has happened) >>=20 >> 1. An app network exists, and anyone can register an app. A malicious = app registers a client with which itself is granted AS-like capabilities = to the app network. The app pretends to be Google Drive, and the login = screen is a perfect match for google's login. >> 2. Through a phishing attack, users are sent an email and directed to = login to this malicious app. >> 3. The user navigates through the flow and returns to a legit = application with an auth code >> 4. All along this malicious app has been intercepting the data the = user has been providing and using it to authenticate itself as a valid = app. If the user completes the flow the malicious app, will have a valid = token for the HAS with the privileges the user thought they were = granting the honest app. >>=20 >> At this point the users client only has two* pieces of information: >> * Where the initial request to start the flow was sent >> * The Auth Code >>=20 >> To break the vulnerability it must intentionally be so that the user = client does NOT send the auth code to the same place where the initial = request to start the flow was sent. Which means that the only available = piece of information in the auth code. >>=20 >> In OAuth, it has been introduced to create a third piece of = information, the ISS url. Which can be used to look up where to send the = auth code. It doesn't matter what endpoints or secrets are shared, none = of them will be of any use, because the client is intentionally always = communicating with the malicious app. The user may not want to, but they = are anyway. the PKCE prevents interception or vulnerabilities in the = flow, but this isn't a vulnerability in the flow, it is a malicious = proxy. >>=20 >> The only way to avoid this attack is one of: >> * Trust a third party for verification >> * include data in the auth code that the client can use to identify = where to send the auth code >> * include data adjacent to the auth code which identifies how to = handle the auth code >>=20 >> Hope that helps. >> Warren >>=20 >>=20 >> Warren Parad >> Founder, CTO >> Secure your user data with IAM authorization as a service. Implement = Authress . >>=20 >>=20 >> On Sun, Jun 6, 2021 at 10:21 AM David Chadwick = > wrote: >> So effectively you are saying that a client can be redirected to = anywhere in the world and not know whether this is correct or not, or, = it has to assume that it is correct regardless of where it is. In this = case I suggest that these two locations should share a secret that they = can both give to the client so that it knows these two endpoints are = collaborating together. If you use something like the OIDC PKCE scheme = then the first endpoint can send the hash of the secret, and the second = endpoint can send the secret itself for the client to hash. >>=20 >> Kind regards >>=20 >> David >>=20 >> On 05/06/2021 21:35, Justin Richer wrote: >>> It=E2=80=99s completely reasonable for any legitimate AS to split = the hosting of its user-facing stuff from its backend stuff. Google = already does this with OAuth/OIDC today, and expecting this to change to = something more constrained would be a non-starter for many deployments. = Additionally, we can=E2=80=99t assume that everything is web-based and = that things are happening within a browser. Furthermore, relying on the = client to do some kind of comparison between the URL it starts the = transaction with and the URL used for interaction is going to lead to = misbehaving clients simply being more susceptible to this and related = attacks. I=E2=80=99m of the school of thought that we should expect the = minimum number of very specific things from the client in order to = enforce security principles. >>>=20 >>> =E2=80=94 Justin >>>=20 >>>> On Jun 5, 2021, at 3:43 PM, David Chadwick = > wrote: >>>>=20 >>>> But the start URL has HAS in it (message 5), when the client was = talking to AAS. So this should be sufficient should it not to determine = that something is wrong? Especially if SOP is being enforced, then the = url of HAS and AAS wont have the same origin >>>>=20 >>>> Kind regards >>>>=20 >>>> David >>>>=20 >>>> On 05/06/2021 17:39, Justin Richer wrote: >>>>> But that=E2=80=99s what I=E2=80=99m saying =E2=80=94 the client = knows it=E2=80=99s talking to AAS and not HAS so with this kind of = solution it would just create a message cryptographically tagged to AAS. = And then on the next step, AAS creates a message cryptographically bound = to HAS. So even if the client already says =E2=80=9Cthis message is for = AAS=E2=80=9D explicitly, the attack surface doesn=E2=80=99t change. Only = if the client thought it was talking to HAS would this make a = difference, but that=E2=80=99s not what=E2=80=99s happening here. This, = I believe, is what makes this kind of attack much more subtle than a = simple message relay. >>>>>=20 >>>>> =E2=80=94 Justin >>>>>=20 >>>>>> On Jun 5, 2021, at 11:09 AM, David Chadwick = > wrote: >>>>>>=20 >>>>>> Hi Justin >>>>>>=20 >>>>>> the point I am making is that the message created by the Client = must be received by the ultimate recipient, knowing that the Client = created it and that the ultimate recipient is the intended recipient. In = the current flow both recipients know they are the intended recipients, = but also know that different clients are talking to them. Thus any = solution must have the message originator cryptographically protecting = both the sender and recipient addresses. Once you do this, you thwart = the current vulnerability. >>>>>>=20 >>>>>> Kind regards >>>>>>=20 >>>>>> David >>>>>>=20 >>>>>> On 05/06/2021 15:51, Justin Richer wrote: >>>>>>> Hi David, >>>>>>>=20 >>>>>>> I think it=E2=80=99s similar to message forwarding, but = there=E2=80=99s one important difference =E2=80=94 the AAS already is = modifying the message to HAS. It doesn=E2=80=99t need to forward the = complete message from (2), it creates a brand new message in (3) and = signs it with its own key. So the client knows it=E2=80=99s talking to = AAS and vice versa, and AAS knows it=E2=80=99s talking to HAS and vice = versa. What=E2=80=99s different is that AAS is able to take pieces out = of the (valid) message from the client and make its own message out of = those parts, and then get value out of that. >>>>>>>=20 >>>>>>> But that does raise an interesting question: what if ASS :did: = simply forward the signed message from the client to HAS? The signature = method would need to protect the target of the HTTP request, but I think = that should already be covered in most of the signature methods. We need = to put some focus on these signature methods directly in the near = future, so that=E2=80=99s something to keep in mind here. >>>>>>>=20 >>>>>>> =E2=80=94 Justin >>>>>>>=20 >>>>>>>> On Jun 5, 2021, at 8:26 AM, David Chadwick = > wrote: >>>>>>>>=20 >>>>>>>> This attack is similar to surreptitious forwarding (message 3). = One solution is for the sender (Client) to identify the recipient in = message 2 so that it cannot be altered by the AAS when it creates = message 3. The grant endpoint of the AS that the client instance is = talking to would seem to fit this solution >>>>>>>>=20 >>>>>>>> Kind regards >>>>>>>>=20 >>>>>>>> David >>>>>>>>=20 >>>>>>>> On 04/06/2021 15:59, Justin Richer wrote: >>>>>>>>> This week, some researchers reached out to the editors to = describe an attack against GNAP in the front channel that=E2=80=99s = inherited from OAuth 2. I will describe the attack, list out its = preconditions, and then describe a proposed solution space. We=E2=80=99re = looking for input and feedback from the group on managing this solution. >>>>>>>>>=20 >>>>>>>>> But first, many thanks to =C3=85ke Axeland and Adam Omar = Oueidat for doing this analysis, putting together the diagram below, and = bringing it to the group=E2=80=99s attention. >>>>>>>>>=20 >>>>>>>>> The attack is largely the same as one of the =E2=80=9CAS Mix = Up=E2=80=9D attack cases in "Comprehensive Security Analysis of OAuth = 2.0=E2=80=9D by Daniel Fett and colleagues. It=E2=80=99s a kind of = in-the-middle and/or phishing attack at its core.=20 >>>>>>>>>=20 >>>>>>>>> The attacker has their own authorization server (AAS) which = can also act as a client instance. An uncompromised client (UC) instance = and an uncompromised authorization server (HAS) are assumed. There is no = compromise of secret keys or breaking of TLS in this attack. >>>>>>>>>=20 >>>>>>>>> 1. UC is a client of AAS, and might also be a client of HAS. = User wants to authorize at HAS but tells UC to use AAS. >>>>>>>>> 2. UC starts a request at AAS, signed with UC=E2=80=99s key. = AAS is imitating HAS. >>>>>>>>> 3. AAS forwards UC=E2=80=99s request parameters (Client nonce, = interaction finish URI) to HAS, but signed with AAS=E2=80=99s key. >>>>>>>>> 4. HAS responds with an interaction start URL and server nonce = to AAS >>>>>>>>> 5. AAS forwards the interaction start URL and server nonce to = UC >>>>>>>>> 6. (Note) HAS is functionally telling the user to show up and = interact, but doesn=E2=80=99t realize that the request is being proxied = in this way. >>>>>>>>> 7. UC launches interaction start url, which is a function of = HAS >>>>>>>>> 8. HAS returns the verification hash and interaction reference = to UC >>>>>>>>> 9. UC validates the hash (which is correct) and sends the = interaction reference to AAS >>>>>>>>> 10. AAS forwards the interaction reference to HAS=20 >>>>>>>>> 11. AAS receives an access token for calling an RS protected = by HAS. The client receives no access token. >>>>>>>>>=20 >>>>>>>>> The diagram from the researchers is attached here. I=E2=80=99ll = be using the numbers in the text list here like (1) to refer to specific = steps. >>>>>>>>>=20 >>>>>>>>> >>>>>>>>> Some preconditions and analysis: >>>>>>>>>=20 >>>>>>>>> Step (1) is made easier if the client has choice over which AS = to talk to for a given request, since that=E2=80=99s how it starts = talking to AAS instead of HAS. The danger of allowing a client to choose = its AS at runtime has been discussed, but it=E2=80=99s a known pattern = that we can=E2=80=99t expect to go away. >>>>>>>>>=20 >>>>>>>>> AAS is treated as a legitimate client of HAS and UC is a = legitimate client of AAS. While dynamic clients can exacerbate this = problem at runtime, at no time does HAS always knows the requests are = coming from AAS and UC always knows it=E2=80=99s talking to AAS. There = is no cryptographic impersonation and no theft of keys.=20 >>>>>>>>>=20 >>>>>>>>> The attack occurs because the user and client think they=E2=80=99= re dealing with different AS=E2=80=99s, and you can=E2=80=99t expect a = user to always be able to tell them apart, especially when the backend = calls like (2) are hidden. It=E2=80=99s assumed that the user actually = wants to authorize UC for HAS, but UC talks to AAS instead because of = configuration (1). AAS can imitate HAS to the user to facilitate (1), = and imitate UC to HAS, but only for human-facing portions (7). Static = pre-registration makes this more difficult, assuming that all = registrations are reviewed by humans. If HAS has no idea that UC exists, = it wouldn=E2=80=99t necessarily know that AAS is impersonating anyone. >>>>>>>>>=20 >>>>>>>>> The token at the end (11), assuming it=E2=80=99s a bound = token, is only good with AAS=E2=80=99s key and not UC=E2=80=99s key. = This is great for the attacker until UC starts to act funny and raise = suspicion, since the process didn=E2=80=99t ever complete. With the = OAuth attack, and with bearer tokens in GNAP, the token can be passed = through to the UC making UC none the wiser.=20 >>>>>>>>>=20 >>>>>>>>> The hash validation (9) does not protect against this specific = attack. Since AAS sits in the middle, it has access to the Client nonce = from UC, the server nonce from AAS, and the interaction reference at the = appropriate times. AAS doesn=E2=80=99t need to generate the hash, but = can force HAS to generate an appropriate hash. >>>>>>>>>=20 >>>>>>>>> The proposed mitigation(s):=20 >>>>>>>>>=20 >>>>>>>>> In OAuth 2, the accepted mitigation is to provide another = query parameter with the =E2=80=9Cissuer=E2=80=9D URL of the AS. We = could do that here, but that would have the same downsides: the client = has to check this value explicitly. Therefore we=E2=80=99re proposing = that instead we use the existing validation hash algorithm and add an = additional field. This would need to be something known to UC and HAS = that can=E2=80=99t be impersonated by AAS, even if it=E2=80=99s known. = Therefore, it makes sense to use something that=E2=80=99s derived. There = are a few ideas of what to do here, each with benefits and drawbacks: >>>>>>>>>=20 >>>>>>>>> - The grant endpoint of the AS that the client instance is = talking to. >>>>>>>>> - The continuation endpoint that the client instance will send = the interaction reference to. (This might be different from the above) >>>>>>>>> - The continuation access token value >>>>>>>>> - A key hash for the AS the client is talking to (TLS key to = one of these endpoints? Some other external key added to the mix?) >>>>>>>>>=20 >>>>>>>>> The important thing here is that it=E2=80=99s a value that=E2=80= =99s known but not a shared-secret that=E2=80=99s passed between = parties. The client doesn=E2=80=99t need to check anything new, just = needs to do the hash validation that it should be doing anyway. >>>>>>>>>=20 >>>>>>>>> Requested feedback: >>>>>>>>>=20 >>>>>>>>> The editors are requesting feedback and discussion on the = attack and the proposed mitigation strategy. As a group, we would also = benefit from additional formal analysis of the protocol with and without = the mitigation in place. Additionally, we need to be sure we aren=E2=80=99= t accidentally cutting off a legitimate use case, like AS bridges and = proxies that aren=E2=80=99t trying to hide their presence. >>>>>>>>>=20 >>>>>>>>> =E2=80=94 Justin >>>>>>>>>=20 >>>>>>>>>=20 >>>>>>>> --=20 >>>>>>>> TXAuth mailing list >>>>>>>> TXAuth@ietf.org >>>>>>>> https://www.ietf.org/mailman/listinfo/txauth = >>>>>>>=20 >>>>>=20 >>>=20 >> --=20 >> TXAuth mailing list >> TXAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/txauth = >>=20 > --=20 > TXAuth mailing list > TXAuth@ietf.org > https://www.ietf.org/mailman/listinfo/txauth --Apple-Mail=_DD9B9147-785E-4614-A2FB-1DCCE33005B1 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8 David,

I=E2=80=99m not sure that we=E2=80=99re on the same page yet, = and I want to make sure that I am (personally) not missing something = important in this discussion. Can you please lay out in more detail what = your proposed mitigation to this attack would look like, given the = diagram/flow at the top of the thread? What pieces of information would = each party need access to, and how does it stop the = vulnerability?

Thank you,
 =E2=80=94 Justin

On Jun 6, 2021, at 7:10 AM, David Chadwick <d.w.chadwick@verifiablecredentials.info> = wrote:

=20

My understanding is that all these types = of federated systems with redirections: SAML, Oauth, OIDC, are open to phishing attacks. To counteract this you should remove redirections from the protocol. OIDC SIOPv2 with verifiable credentials/presentations should solve this type of attack I believe. Also it is using a TTP for verification, which is one of your proposed solutions.

Your proposed solution = of adding data to the auth code is what I have already suggested: the message should  cryptographically contain the identity of the sender and receiver and then all parties know who the intended recipient and originator are. And if you want to add a redirection in the response then that should also be inside the protected message.

Kind regards

David

On 06/06/2021 10:33, Warren Parad wrote:
=20
I don't think that would solve the = problem, although it might give the user client a second chance to avoid the vulnerability, it isn't a fix so far as I understand it.

I like Justin's writeup, and knowing that = it took me some time to appreciate the challenge, perhaps reframing the problem might help make it more clear. (And a real case that has happened)

1. An app network exists, and anyone can = register an app. A malicious app registers a client with which itself is = granted AS-like capabilities to the app network. The app pretends to be Google Drive, and the login screen is a perfect match for google's login.
2. Through a phishing attack, users are sent an = email and directed to login to this malicious app.
3. The user navigates through the flow and = returns to a legit application with an auth code
4. All along this malicious app has been = intercepting the data the user has been providing and using it to authenticate itself as a valid app. If the user completes the flow the malicious app, will have a valid token for the HAS with the privileges the user thought they were granting the honest = app.

At this point the users client only has two* = pieces of information:
* Where the initial request to start the flow = was sent
* The Auth Code

To break the vulnerability it must intentionally = be so that the user client does NOT send the auth code to the same = place where the initial request to start the flow was sent. Which means that the only available piece of information in the auth code.

In OAuth, it has been introduced to create a = third piece of information, the ISS url. Which can be used to look up where to send the auth code. It doesn't matter what endpoints or secrets are shared, none of them will be of any use, because the client is intentionally always communicating with the malicious app. The user may not want to, but they are anyway. the PKCE prevents interception or vulnerabilities in the flow, but this isn't a vulnerability in the flow, it is a = malicious proxy.

The only way to avoid this attack is one = of:
* Trust a third party for verification
* include data in the auth code that the client = can use to identify where to send the auth code
* include data adjacent to the auth code which = identifies how to handle the auth code

Hope that helps.
Warren
Warren Parad
Founder, = CTO
Secure = your user data with IAM authorization as a service. = Implement Authress.


On Sun, Jun 6, 2021 at = 10:21 AM David Chadwick <d.w.chadwick@verifiablecredentials.info> wrote:

So effectively you are saying = that a client can be redirected to anywhere in the world and not know whether this is correct or not, or, it has to assume that it is correct regardless of where it is. In this case I suggest that these two locations should share a secret that they can both give to the client so that it knows these two endpoints are collaborating together. If you use something like the OIDC PKCE scheme then the first endpoint can send the hash of the secret, and the second endpoint can send the secret itself for the client to hash.

Kind regards

David

On 05/06/2021 21:35, Justin Richer wrote:
It=E2=80=99s = completely reasonable for any legitimate AS to split the hosting of its user-facing stuff from its backend stuff. Google already does this with OAuth/OIDC today, and expecting this to change to something more constrained would be a non-starter for many deployments. Additionally, we can=E2=80=99t assume that = everything is web-based and that things are happening within a browser. Furthermore, relying on the client to do some kind of comparison between the URL it starts the transaction with and the URL used for interaction is going to lead to misbehaving clients simply being more susceptible to this and related attacks. I=E2=80=99m of = the school of thought that we should expect the minimum number of very specific things from the client in order to enforce security principles.

 =E2=80=94 Justin

On Jun 5, 2021, at 3:43 PM, David = Chadwick <d.w.chadwick@verifiablecredentials.info> wrote:

But the start URL = has HAS in it (message 5), when the client was talking to AAS. So this should be sufficient should it not to determine that something is wrong? Especially if SOP is being enforced, then the url of HAS and AAS wont have the same origin

Kind regards

David

On 05/06/2021 17:39, Justin = Richer wrote:
But = that=E2=80=99s what I=E2=80=99m saying =E2=80=94 the client knows it=E2=80=99s = talking to AAS and not HAS so with this kind of solution it would just create a message cryptographically tagged to AAS. And then on the next step, AAS creates a message cryptographically bound to HAS. So even if the client already says = =E2=80=9Cthis message is for AAS=E2=80=9D explicitly, the = attack surface doesn=E2=80=99t change. Only if the = client thought it was talking to HAS would this make a difference, but that=E2=80=99s not what=E2=80=99= s happening here. This, I believe, is what makes this kind of attack much more subtle than a simple message relay.

 =E2=80=94 Justin

On Jun 5, 2021, at 11:09 = AM, David Chadwick <d.w.chadwick@verifiablecredentials.info> wrote:

Hi = Justin

the point I am making is that the message created by the Client must be received by the ultimate recipient, knowing that the Client created it and that the ultimate recipient is the intended recipient. In the current flow both recipients know they are the intended recipients, but also know that different clients are talking to them. Thus any solution must have the message originator cryptographically protecting both the sender and recipient addresses. Once you do this, you thwart the current = vulnerability.

Kind regards

David

On 05/06/2021 15:51, = Justin Richer wrote:
= Hi David,

I think it=E2=80=99s= similar to message forwarding, but = there=E2=80=99s one important difference =E2=80=94= the AAS already is modifying the message to HAS. It doesn=E2=80=99t= need to forward the complete message from (2), it creates a brand new message in (3) and signs it with its own key. So the client knows it=E2=80=99s talking to AAS and = vice versa, and AAS knows it=E2=80=99s talking to HAS and vice versa. What=E2=80=99s different is that = AAS is able to take pieces out of the (valid) message from the client and make its own message out of those parts, and then get value out of that.

But that does = raise an interesting question: what if ASS :did: simply forward the signed message from the client to HAS? The signature method would need to protect the target of the HTTP request, but I think that should already be covered in most of the signature methods. We need to put some focus on these signature methods directly in the near future, so that=E2=80=99s something to keep = in mind here.

 =E2=80=94 = Justin

On Jun 5, = 2021, at 8:26 AM, David Chadwick <d.w.chadwick@verifiablecredentials.info> wrote:

This attack is similar to surreptitious forwarding (message 3). One solution is for the sender (Client) to identify the recipient in message 2 so that it cannot be altered by the AAS when it creates message 3. The grant endpoint of the AS that the client instance is talking to would seem to fit this solution

Kind regards

David

On = 04/06/2021 15:59, Justin Richer wrote:
This week, some researchers reached out to the editors to describe an attack against GNAP in the front channel that=E2=80= =99s inherited from OAuth 2. I will describe the attack, list out its preconditions, and then describe a proposed solution space. We=E2=80=99re = looking for input and feedback from the group on managing this solution.

But = first, many thanks to =C3=85ke Axeland and Adam Omar Oueidat for doing this analysis, putting together the diagram below, and bringing it to the group=E2=80=99s = attention.

The = attack is largely the same as one of the =E2=80=9CAS= Mix Up=E2=80=9D attack = cases in "Comprehensive Security = Analysis of OAuth 2.0=E2=80=9D = by Daniel Fett and colleagues. It=E2=80=99s a kind = of in-the-middle and/or phishing attack at its = core. 

The = attacker has their own authorization server (AAS) which can also act as a client instance. An uncompromised client (UC) instance and an uncompromised authorization server (HAS) are assumed. There is no compromise of secret keys or breaking of TLS in this = attack.

1. UC = is a client of AAS, and might also be a client of HAS. User wants to authorize at HAS but tells UC to use = AAS.
2. UC = starts a request at AAS, signed with UC=E2=80=99= s key. AAS is imitating HAS.
3. AAS = forwards UC=E2=80=99s request parameters (Client nonce, interaction finish URI) to HAS, but signed with AAS=E2=80=99s = key.
4. HAS = responds with an interaction start URL and server nonce to AAS
5. AAS = forwards the interaction start URL and server nonce to UC
6. = (Note) HAS is functionally telling the user to show up and interact, but doesn=E2=80=99t = realize that the request is being proxied in this = way.
7. UC = launches interaction start url, which is a function of = HAS
8. HAS = returns the verification hash and interaction reference to = UC
9. UC = validates the hash (which is correct) and sends the interaction reference to = AAS
10. = AAS forwards the interaction reference to = HAS 
11. = AAS receives an access token for calling an RS protected by HAS. The client receives no access = token.

The = diagram from the researchers is attached here. = I=E2=80=99ll be using the numbers in the text list here like (1) to refer to specific steps.

<PastedGraphic-2.png>
Some preconditions and = analysis:

Step = (1) is made easier if the client has choice over which AS to talk to for a given request, since that=E2=80=99s = how it starts talking to AAS instead of HAS. The danger of allowing a client to choose its AS at runtime has been discussed, but = it=E2=80=99s a known pattern that we can=E2=80=99t = expect to go away.

AAS is = treated as a legitimate client of HAS and UC is a legitimate client of AAS. While dynamic clients can exacerbate this problem at runtime, at no time does HAS always knows the requests are coming from AAS and UC always knows it=E2=80=99= s talking to AAS. There is no cryptographic impersonation and no theft of = keys. 

The = attack occurs because the user and client think = they=E2=80=99re dealing with different AS=E2=80=99s= , and you can=E2=80=99t = expect a user to always be able to tell them apart, especially when the backend calls like (2) are hidden. It=E2=80=99s = assumed that the user actually wants to authorize UC for HAS, but UC talks to AAS instead because of configuration (1). AAS can imitate HAS to the user to facilitate (1), and imitate UC to HAS, but only for human-facing portions (7). Static pre-registration makes this more difficult, assuming that all registrations are reviewed by humans. If HAS has no idea that UC exists, it wouldn=E2=80=99t = necessarily know that AAS is impersonating anyone.

The = token at the end (11), assuming it=E2=80=99s a bound = token, is only good with AAS=E2=80=99s key = and not UC=E2=80=99s key. = This is great for the attacker until UC starts to act funny and raise suspicion, since the process didn=E2=80=99t ever complete. With the OAuth attack, and with bearer tokens in GNAP, the token can be passed through to the UC making UC none the wiser. 

The = hash validation (9) does not protect against this specific attack. Since AAS sits in the middle, it has access to the Client nonce from UC, the server nonce from AAS, and the interaction reference at the appropriate times. AAS doesn=E2=80=99t = need to generate the hash, but can force HAS to generate an appropriate = hash.

The proposed = mitigation(s): 

In = OAuth 2, the accepted mitigation is to provide another query parameter with the =E2=80=9Cissuer=E2=80=9D= URL of the AS. We could do that here, but that would have the same downsides: the client has to check this value explicitly. Therefore we=E2=80=99r= e proposing that instead we use the existing validation hash algorithm and add an additional field. This would need to be something known to UC and HAS that can=E2=80=99t = be impersonated by AAS, even if it=E2=80=99s = known. Therefore, it makes sense to use something that=E2=80=99= s derived. There are a few ideas of what to do here, each with benefits and drawbacks:

- The = grant endpoint of the AS that the client instance is talking to.
- The continuation endpoint that the client instance will send the interaction reference to. (This might be different from the = above)
- The continuation access token value
- A = key hash for the AS the client is talking to (TLS key to one of these endpoints? Some other external key added to the = mix?)

The = important thing here is that it=E2=80=99s a value = that=E2=80=99s known but not a shared-secret = that=E2=80=99s passed between parties. The client doesn=E2=80=99t need = to check anything new, just needs to do the hash validation that it should be doing anyway.

Requested = feedback:

The = editors are requesting feedback and discussion on the attack and the proposed mitigation strategy. As a group, we would also benefit from additional formal analysis of the protocol with and without the mitigation in place. Additionally, we need to be sure we aren=E2=80=99t = accidentally cutting off a legitimate use case, like AS bridges and proxies that = aren=E2=80=99t trying to hide their presence.

 =E2=80=94 Justin

--
TXAuth mailing list
TXAuth@ietf.org
https://www.ietf.org/mailman/listinfo/txauth
=



--
TXAuth mailing list
TXAuth@ietf.org
https://www.ietf.org/mailman/listinfo/txauth
=

--
TXAuth mailing list
TXAuth@ietf.org
https://www.ietf.org/mailman/listinfo/txauth

= --Apple-Mail=_DD9B9147-785E-4614-A2FB-1DCCE33005B1-- From nobody Mon Jun 7 13:02:57 2021 Return-Path: X-Original-To: txauth@ietfa.amsl.com Delivered-To: txauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5EF4D3A0C2B for ; Mon, 7 Jun 2021 13:02:55 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.989 X-Spam-Level: X-Spam-Status: No, score=-1.989 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, MIME_HTML_ONLY=0.1, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=verifiablecredentials.info Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CJFRpCvKpUXT for ; Mon, 7 Jun 2021 13:02:50 -0700 (PDT) Received: from client-mail2.aiso.net (client-mail2.aiso.net [199.19.158.252]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B5F7B3A0C19 for ; Mon, 7 Jun 2021 13:02:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=verifiablecredentials.info; s=mail; h=Content-Transfer-Encoding: Content-Type:In-Reply-To:MIME-Version:Date:Message-ID:From:References:Cc:To: Subject:Sender:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=ERB5DCIlnU8ZLjcqBwaliAT5eFhasvUtRaJGMXoLqVs=; b=mrvVHH+X+ACWnohsRlT9TLIJBx HURu2LgYobG3m4p0jYtG9/ms5e+A0nmHOU1mH6v3b7eLzfoZY70XBadmuEgG8Gc6xUdXSPawvuXDc ycHyGfIaDXscuT57wcsONySmwcPAUqe+lVDLeoD1C0ZKU+Js2dqPJOBhfOyjaNouOigY=; Received: from [146.200.52.122] (helo=AdministorsMBP2.lan) by client-mail2.aiso.net (envelope-from ) with esmtpsa (TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.94.2) id 1lqLSR-0000jQ-5r; Mon, 07 Jun 2021 13:02:49 -0700 To: Justin Richer Cc: txauth@ietf.org References: <3950725f-26e5-0eb5-92bb-5e2ed977ac85@verifiablecredentials.info> <429623E4-5C45-474C-801A-6953E803BAE6@mit.edu> <7deb4b8f-6d2e-c386-23d6-7286a5077cc6@verifiablecredentials.info> <9259F10A-7E27-4D1B-BF3C-32905928F847@mit.edu> <9482fcaa-80ae-83e6-eec9-0b757df4b900@verifiablecredentials.info> <265bc1a1-a28a-d1ad-d0b4-3cae341ccc6c@verifiablecredentials.info> <279FA04F-0F41-415A-9521-724CC1823D85@mit.edu> From: David Chadwick Organization: Verifiable Credentials Ltd Message-ID: Date: Mon, 7 Jun 2021 21:02:44 +0100 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.10.2 MIME-Version: 1.0 In-Reply-To: <279FA04F-0F41-415A-9521-724CC1823D85@mit.edu> Content-Type: text/html; charset=utf-8 Content-Language: en-GB Content-Transfer-Encoding: 8bit X-AISO-Id: info@verifiablecredentials.info X-AISO-Outbound-SA-Spam-Score: 2.2 X-AISO-Outbound-SA-Spam-Score-Int: 22 X-AISO-Outbound-SA-Spam-Report: BAYES_00=-1.9, HTML_MESSAGE=0.001, KAM_INFOUSMEBIZ=2.5, MIME_HTML_ONLY=0.1, NICE_REPLY_A=-0.001, T_KAM_HTML_FONT_INVALID=1.5 X-AISO-Report-Abuse: abuse@aiso.net Archived-At: Subject: Re: [GNAP] Mix Up Attack against GNAP X-BeenThere: txauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: GNAP List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Jun 2021 20:02:56 -0000

Hi Justin

I thought that a resolution had been reached, which is why I did not respond to Warren's message. If the auth code contains the sender, recipient and the redirection destination, all cryptographically protected, then it should be watertight.

Kind regards

David

On 07/06/2021 19:08, Justin Richer wrote:
David,

I’m not sure that we’re on the same page yet, and I want to make sure that I am (personally) not missing something important in this discussion. Can you please lay out in more detail what your proposed mitigation to this attack would look like, given the diagram/flow at the top of the thread? What pieces of information would each party need access to, and how does it stop the vulnerability?

Thank you,
 — Justin

On Jun 6, 2021, at 7:10 AM, David Chadwick <d.w.chadwick@verifiablecredentials.info> wrote:

My understanding is that all these types of federated systems with redirections: SAML, Oauth, OIDC, are open to phishing attacks. To counteract this you should remove redirections from the protocol. OIDC SIOPv2 with verifiable credentials/presentations should solve this type of attack I believe. Also it is using a TTP for verification, which is one of your proposed solutions.

Your proposed solution of adding data to the auth code is what I have already suggested: the message should  cryptographically contain the identity of the sender and receiver and then all parties know who the intended recipient and originator are. And if you want to add a redirection in the response then that should also be inside the protected message.

Kind regards

David

On 06/06/2021 10:33, Warren Parad wrote:
I don't think that would solve the problem, although it might give the user client a second chance to avoid the vulnerability, it isn't a fix so far as I understand it.

I like Justin's writeup, and knowing that it took me some time to appreciate the challenge, perhaps reframing the problem might help make it more clear. (And a real case that has happened)

1. An app network exists, and anyone can register an app. A malicious app registers a client with which itself is granted AS-like capabilities to the app network. The app pretends to be Google Drive, and the login screen is a perfect match for google's login.
2. Through a phishing attack, users are sent an email and directed to login to this malicious app.
3. The user navigates through the flow and returns to a legit application with an auth code
4. All along this malicious app has been intercepting the data the user has been providing and using it to authenticate itself as a valid app. If the user completes the flow the malicious app, will have a valid token for the HAS with the privileges the user thought they were granting the honest app.

At this point the users client only has two* pieces of information:
* Where the initial request to start the flow was sent
* The Auth Code

To break the vulnerability it must intentionally be so that the user client does NOT send the auth code to the same place where the initial request to start the flow was sent. Which means that the only available piece of information in the auth code.

In OAuth, it has been introduced to create a third piece of information, the ISS url. Which can be used to look up where to send the auth code. It doesn't matter what endpoints or secrets are shared, none of them will be of any use, because the client is intentionally always communicating with the malicious app. The user may not want to, but they are anyway. the PKCE prevents interception or vulnerabilities in the flow, but this isn't a vulnerability in the flow, it is a malicious proxy.

The only way to avoid this attack is one of:
* Trust a third party for verification
* include data in the auth code that the client can use to identify where to send the auth code
* include data adjacent to the auth code which identifies how to handle the auth code

Hope that helps.
Warren
Warren Parad
Founder, CTO
Secure your user data with IAM authorization as a service. Implement Authress.


On Sun, Jun 6, 2021 at 10:21 AM David Chadwick <d.w.chadwick@verifiablecredentials.info> wrote:

So effectively you are saying that a client can be redirected to anywhere in the world and not know whether this is correct or not, or, it has to assume that it is correct regardless of where it is. In this case I suggest that these two locations should share a secret that they can both give to the client so that it knows these two endpoints are collaborating together. If you use something like the OIDC PKCE scheme then the first endpoint can send the hash of the secret, and the second endpoint can send the secret itself for the client to hash.

Kind regards

David

On 05/06/2021 21:35, Justin Richer wrote:
It’s completely reasonable for any legitimate AS to split the hosting of its user-facing stuff from its backend stuff. Google already does this with OAuth/OIDC today, and expecting this to change to something more constrained would be a non-starter for many deployments. Additionally, we can’t assume that everything is web-based and that things are happening within a browser. Furthermore, relying on the client to do some kind of comparison between the URL it starts the transaction with and the URL used for interaction is going to lead to misbehaving clients simply being more susceptible to this and related attacks. I’m of the school of thought that we should expect the minimum number of very specific things from the client in order to enforce security principles.

 — Justin

On Jun 5, 2021, at 3:43 PM, David Chadwick <d.w.chadwick@verifiablecredentials.info> wrote:

But the start URL has HAS in it (message 5), when the client was talking to AAS. So this should be sufficient should it not to determine that something is wrong? Especially if SOP is being enforced, then the url of HAS and AAS wont have the same origin

Kind regards

David

On 05/06/2021 17:39, Justin Richer wrote:
But that’s what I’m saying — the client knows it’s talking to AAS and not HAS so with this kind of solution it would just create a message cryptographically tagged to AAS. And then on the next step, AAS creates a message cryptographically bound to HAS. So even if the client already says “this message is for AAS” explicitly, the attack surface doesn’t change. Only if the client thought it was talking to HAS would this make a difference, but that’s not what’s happening here. This, I believe, is what makes this kind of attack much more subtle than a simple message relay.

 — Justin

On Jun 5, 2021, at 11:09 AM, David Chadwick <d.w.chadwick@verifiablecredentials.info> wrote:

Hi Justin

the point I am making is that the message created by the Client must be received by the ultimate recipient, knowing that the Client created it and that the ultimate recipient is the intended recipient. In the current flow both recipients know they are the intended recipients, but also know that different clients are talking to them. Thus any solution must have the message originator cryptographically protecting both the sender and recipient addresses. Once you do this, you thwart the current vulnerability.

Kind regards

David

On 05/06/2021 15:51, Justin Richer wrote:
Hi David,

I think it’s similar to message forwarding, but there’s one important difference — the AAS already is modifying the message to HAS. It doesn’t need to forward the complete message from (2), it creates a brand new message in (3) and signs it with its own key. So the client knows it’s talking to AAS and vice versa, and AAS knows it’s talking to HAS and vice versa. What’s different is that AAS is able to take pieces out of the (valid) message from the client and make its own message out of those parts, and then get value out of that.

But that does raise an interesting question: what if ASS :did: simply forward the signed message from the client to HAS? The signature method would need to protect the target of the HTTP request, but I think that should already be covered in most of the signature methods. We need to put some focus on these signature methods directly in the near future, so that’s something to keep in mind here.

 — Justin

On Jun 5, 2021, at 8:26 AM, David Chadwick <d.w.chadwick@verifiablecredentials.info> wrote:

This attack is similar to surreptitious forwarding (message 3). One solution is for the sender (Client) to identify the recipient in message 2 so that it cannot be altered by the AAS when it creates message 3. The grant endpoint of the AS that the client instance is talking to would seem to fit this solution

Kind regards

David

On 04/06/2021 15:59, Justin Richer wrote:
This week, some researchers reached out to the editors to describe an attack against GNAP in the front channel that’s inherited from OAuth 2. I will describe the attack, list out its preconditions, and then describe a proposed solution space. We’re looking for input and feedback from the group on managing this solution.

But first, many thanks to Åke Axeland and Adam Omar Oueidat for doing this analysis, putting together the diagram below, and bringing it to the group’s attention.

The attack is largely the same as one of the “AS Mix Up” attack cases in "Comprehensive Security Analysis of OAuth 2.0” by Daniel Fett and colleagues. It’s a kind of in-the-middle and/or phishing attack at its core. 

The attacker has their own authorization server (AAS) which can also act as a client instance. An uncompromised client (UC) instance and an uncompromised authorization server (HAS) are assumed. There is no compromise of secret keys or breaking of TLS in this attack.

1. UC is a client of AAS, and might also be a client of HAS. User wants to authorize at HAS but tells UC to use AAS.
2. UC starts a request at AAS, signed with UC’s key. AAS is imitating HAS.
3. AAS forwards UC’s request parameters (Client nonce, interaction finish URI) to HAS, but signed with AAS’s key.
4. HAS responds with an interaction start URL and server nonce to AAS
5. AAS forwards the interaction start URL and server nonce to UC
6. (Note) HAS is functionally telling the user to show up and interact, but doesn’t realize that the request is being proxied in this way.
7. UC launches interaction start url, which is a function of HAS
8. HAS returns the verification hash and interaction reference to UC
9. UC validates the hash (which is correct) and sends the interaction reference to AAS
10. AAS forwards the interaction reference to HAS 
11. AAS receives an access token for calling an RS protected by HAS. The client receives no access token.

The diagram from the researchers is attached here. I’ll be using the numbers in the text list here like (1) to refer to specific steps.

<PastedGraphic-2.png>
Some preconditions and analysis:

Step (1) is made easier if the client has choice over which AS to talk to for a given request, since that’s how it starts talking to AAS instead of HAS. The danger of allowing a client to choose its AS at runtime has been discussed, but it’s a known pattern that we can’t expect to go away.

AAS is treated as a legitimate client of HAS and UC is a legitimate client of AAS. While dynamic clients can exacerbate this problem at runtime, at no time does HAS always knows the requests are coming from AAS and UC always knows it’s talking to AAS. There is no cryptographic impersonation and no theft of keys. 

The attack occurs because the user and client think they’re dealing with different AS’s, and you can’t expect a user to always be able to tell them apart, especially when the backend calls like (2) are hidden. It’s assumed that the user actually wants to authorize UC for HAS, but UC talks to AAS instead because of configuration (1). AAS can imitate HAS to the user to facilitate (1), and imitate UC to HAS, but only for human-facing portions (7). Static pre-registration makes this more difficult, assuming that all registrations are reviewed by humans. If HAS has no idea that UC exists, it wouldn’t necessarily know that AAS is impersonating anyone.

The token at the end (11), assuming it’s a bound token, is only good with AAS’s key and not UC’s key. This is great for the attacker until UC starts to act funny and raise suspicion, since the process didn’t ever complete. With the OAuth attack, and with bearer tokens in GNAP, the token can be passed through to the UC making UC none the wiser. 

The hash validation (9) does not protect against this specific attack. Since AAS sits in the middle, it has access to the Client nonce from UC, the server nonce from AAS, and the interaction reference at the appropriate times. AAS doesn’t need to generate the hash, but can force HAS to generate an appropriate hash.

The proposed mitigation(s): 

In OAuth 2, the accepted mitigation is to provide another query parameter with the “issuer” URL of the AS. We could do that here, but that would have the same downsides: the client has to check this value explicitly. Therefore we’re proposing that instead we use the existing validation hash algorithm and add an additional field. This would need to be something known to UC and HAS that can’t be impersonated by AAS, even if it’s known. Therefore, it makes sense to use something that’s derived. There are a few ideas of what to do here, each with benefits and drawbacks:

- The grant endpoint of the AS that the client instance is talking to.
- The continuation endpoint that the client instance will send the interaction reference to. (This might be different from the above)
- The continuation access token value
- A key hash for the AS the client is talking to (TLS key to one of these endpoints? Some other external key added to the mix?)

The important thing here is that it’s a value that’s known but not a shared-secret that’s passed between parties. The client doesn’t need to check anything new, just needs to do the hash validation that it should be doing anyway.

Requested feedback:

The editors are requesting feedback and discussion on the attack and the proposed mitigation strategy. As a group, we would also benefit from additional formal analysis of the protocol with and without the mitigation in place. Additionally, we need to be sure we aren’t accidentally cutting off a legitimate use case, like AS bridges and proxies that aren’t trying to hide their presence.

 — Justin

--
TXAuth mailing list
TXAuth@ietf.org
https://www.ietf.org/mailman/listinfo/txauth



--
TXAuth mailing list
TXAuth@ietf.org
https://www.ietf.org/mailman/listinfo/txauth

--
TXAuth mailing list
TXAuth@ietf.org
https://www.ietf.org/mailman/listinfo/txauth

From nobody Mon Jun 7 13:15:21 2021 Return-Path: X-Original-To: txauth@ietfa.amsl.com Delivered-To: txauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 58FB53A0CCC for ; Mon, 7 Jun 2021 13:15:14 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.486 X-Spam-Level: X-Spam-Status: No, score=-1.486 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, KHOP_HELO_FCRDNS=0.398, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D6XEsv5BEaKk for ; Mon, 7 Jun 2021 13:15:10 -0700 (PDT) Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9A2D43A0CB8 for ; Mon, 7 Jun 2021 13:15:09 -0700 (PDT) Received: from [192.168.1.49] (static-71-174-62-56.bstnma.fios.verizon.net [71.174.62.56]) (authenticated bits=0) (User authenticated as jricher@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 157KF6BK031720 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 7 Jun 2021 16:15:07 -0400 From: Justin Richer Message-Id: Content-Type: multipart/alternative; boundary="Apple-Mail=_0C9342CA-C0BC-4F4D-AF04-84F24284A478" Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.6\)) Date: Mon, 7 Jun 2021 16:15:06 -0400 In-Reply-To: Cc: txauth@ietf.org To: David Chadwick References: <3950725f-26e5-0eb5-92bb-5e2ed977ac85@verifiablecredentials.info> <429623E4-5C45-474C-801A-6953E803BAE6@mit.edu> <7deb4b8f-6d2e-c386-23d6-7286a5077cc6@verifiablecredentials.info> <9259F10A-7E27-4D1B-BF3C-32905928F847@mit.edu> <9482fcaa-80ae-83e6-eec9-0b757df4b900@verifiablecredentials.info> <265bc1a1-a28a-d1ad-d0b4-3cae341ccc6c@verifiablecredentials.info> <279FA04F-0F41-415A-9521-724CC1823D85@mit.edu> X-Mailer: Apple Mail (2.3608.120.23.2.6) Archived-At: Subject: Re: [GNAP] Mix Up Attack against GNAP X-BeenThere: txauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: GNAP List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Jun 2021 20:15:20 -0000 --Apple-Mail=_0C9342CA-C0BC-4F4D-AF04-84F24284A478 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 Thank you for clarifying, and thanks for the feedback and discussion on = the attack and proposal! =E2=80=94 Justin > On Jun 7, 2021, at 4:02 PM, David Chadwick = wrote: >=20 > Hi Justin >=20 > I thought that a resolution had been reached, which is why I did not = respond to Warren's message. If the auth code contains the sender, = recipient and the redirection destination, all cryptographically = protected, then it should be watertight. >=20 > Kind regards >=20 > David >=20 > On 07/06/2021 19:08, Justin Richer wrote: >> David, >>=20 >> I=E2=80=99m not sure that we=E2=80=99re on the same page yet, and I = want to make sure that I am (personally) not missing something important = in this discussion. Can you please lay out in more detail what your = proposed mitigation to this attack would look like, given the = diagram/flow at the top of the thread? What pieces of information would = each party need access to, and how does it stop the vulnerability? >>=20 >> Thank you, >> =E2=80=94 Justin >>=20 >>> On Jun 6, 2021, at 7:10 AM, David Chadwick = > wrote: >>>=20 >>> My understanding is that all these types of federated systems with = redirections: SAML, Oauth, OIDC, are open to phishing attacks. To = counteract this you should remove redirections from the protocol. OIDC = SIOPv2 with verifiable credentials/presentations should solve this type = of attack I believe. Also it is using a TTP for verification, which is = one of your proposed solutions. >>>=20 >>> Your proposed solution of adding data to the auth code is what I = have already suggested: the message should cryptographically contain = the identity of the sender and receiver and then all parties know who = the intended recipient and originator are. And if you want to add a = redirection in the response then that should also be inside the = protected message. >>>=20 >>> Kind regards >>>=20 >>> David >>>=20 >>> On 06/06/2021 10:33, Warren Parad wrote: >>>> I don't think that would solve the problem, although it might give = the user client a second chance to avoid the vulnerability, it isn't a = fix so far as I understand it. >>>>=20 >>>> I like Justin's writeup, and knowing that it took me some time to = appreciate the challenge, perhaps reframing the problem might help make = it more clear. (And a real case that has happened) >>>>=20 >>>> 1. An app network exists, and anyone can register an app. A = malicious app registers a client with which itself is granted AS-like = capabilities to the app network. The app pretends to be Google Drive, = and the login screen is a perfect match for google's login. >>>> 2. Through a phishing attack, users are sent an email and directed = to login to this malicious app. >>>> 3. The user navigates through the flow and returns to a legit = application with an auth code >>>> 4. All along this malicious app has been intercepting the data the = user has been providing and using it to authenticate itself as a valid = app. If the user completes the flow the malicious app, will have a valid = token for the HAS with the privileges the user thought they were = granting the honest app. >>>>=20 >>>> At this point the users client only has two* pieces of information: >>>> * Where the initial request to start the flow was sent >>>> * The Auth Code >>>>=20 >>>> To break the vulnerability it must intentionally be so that the = user client does NOT send the auth code to the same place where the = initial request to start the flow was sent. Which means that the only = available piece of information in the auth code. >>>>=20 >>>> In OAuth, it has been introduced to create a third piece of = information, the ISS url. Which can be used to look up where to send the = auth code. It doesn't matter what endpoints or secrets are shared, none = of them will be of any use, because the client is intentionally always = communicating with the malicious app. The user may not want to, but they = are anyway. the PKCE prevents interception or vulnerabilities in the = flow, but this isn't a vulnerability in the flow, it is a malicious = proxy. >>>>=20 >>>> The only way to avoid this attack is one of: >>>> * Trust a third party for verification >>>> * include data in the auth code that the client can use to identify = where to send the auth code >>>> * include data adjacent to the auth code which identifies how to = handle the auth code >>>>=20 >>>> Hope that helps. >>>> Warren >>>>=20 >>>>=20 >>>> Warren Parad >>>> Founder, CTO >>>> Secure your user data with IAM authorization as a service. = Implement Authress . >>>>=20 >>>>=20 >>>> On Sun, Jun 6, 2021 at 10:21 AM David Chadwick = > wrote: >>>> So effectively you are saying that a client can be redirected to = anywhere in the world and not know whether this is correct or not, or, = it has to assume that it is correct regardless of where it is. In this = case I suggest that these two locations should share a secret that they = can both give to the client so that it knows these two endpoints are = collaborating together. If you use something like the OIDC PKCE scheme = then the first endpoint can send the hash of the secret, and the second = endpoint can send the secret itself for the client to hash. >>>>=20 >>>> Kind regards >>>>=20 >>>> David >>>>=20 >>>> On 05/06/2021 21:35, Justin Richer wrote: >>>>> It=E2=80=99s completely reasonable for any legitimate AS to split = the hosting of its user-facing stuff from its backend stuff. Google = already does this with OAuth/OIDC today, and expecting this to change to = something more constrained would be a non-starter for many deployments. = Additionally, we can=E2=80=99t assume that everything is web-based and = that things are happening within a browser. Furthermore, relying on the = client to do some kind of comparison between the URL it starts the = transaction with and the URL used for interaction is going to lead to = misbehaving clients simply being more susceptible to this and related = attacks. I=E2=80=99m of the school of thought that we should expect the = minimum number of very specific things from the client in order to = enforce security principles. >>>>>=20 >>>>> =E2=80=94 Justin >>>>>=20 >>>>>> On Jun 5, 2021, at 3:43 PM, David Chadwick = > wrote: >>>>>>=20 >>>>>> But the start URL has HAS in it (message 5), when the client was = talking to AAS. So this should be sufficient should it not to determine = that something is wrong? Especially if SOP is being enforced, then the = url of HAS and AAS wont have the same origin >>>>>>=20 >>>>>> Kind regards >>>>>>=20 >>>>>> David >>>>>>=20 >>>>>> On 05/06/2021 17:39, Justin Richer wrote: >>>>>>> But that=E2=80=99s what I=E2=80=99m saying =E2=80=94 the client = knows it=E2=80=99s talking to AAS and not HAS so with this kind of = solution it would just create a message cryptographically tagged to AAS. = And then on the next step, AAS creates a message cryptographically bound = to HAS. So even if the client already says =E2=80=9Cthis message is for = AAS=E2=80=9D explicitly, the attack surface doesn=E2=80=99t change. Only = if the client thought it was talking to HAS would this make a = difference, but that=E2=80=99s not what=E2=80=99s happening here. This, = I believe, is what makes this kind of attack much more subtle than a = simple message relay. >>>>>>>=20 >>>>>>> =E2=80=94 Justin >>>>>>>=20 >>>>>>>> On Jun 5, 2021, at 11:09 AM, David Chadwick = > wrote: >>>>>>>>=20 >>>>>>>> Hi Justin >>>>>>>>=20 >>>>>>>> the point I am making is that the message created by the Client = must be received by the ultimate recipient, knowing that the Client = created it and that the ultimate recipient is the intended recipient. In = the current flow both recipients know they are the intended recipients, = but also know that different clients are talking to them. Thus any = solution must have the message originator cryptographically protecting = both the sender and recipient addresses. Once you do this, you thwart = the current vulnerability. >>>>>>>>=20 >>>>>>>> Kind regards >>>>>>>>=20 >>>>>>>> David >>>>>>>>=20 >>>>>>>> On 05/06/2021 15:51, Justin Richer wrote: >>>>>>>>> Hi David, >>>>>>>>>=20 >>>>>>>>> I think it=E2=80=99s similar to message forwarding, but = there=E2=80=99s one important difference =E2=80=94 the AAS already is = modifying the message to HAS. It doesn=E2=80=99t need to forward the = complete message from (2), it creates a brand new message in (3) and = signs it with its own key. So the client knows it=E2=80=99s talking to = AAS and vice versa, and AAS knows it=E2=80=99s talking to HAS and vice = versa. What=E2=80=99s different is that AAS is able to take pieces out = of the (valid) message from the client and make its own message out of = those parts, and then get value out of that. >>>>>>>>>=20 >>>>>>>>> But that does raise an interesting question: what if ASS :did: = simply forward the signed message from the client to HAS? The signature = method would need to protect the target of the HTTP request, but I think = that should already be covered in most of the signature methods. We need = to put some focus on these signature methods directly in the near = future, so that=E2=80=99s something to = keep in mind here. >>>>>>>>>=20 >>>>>>>>> =E2=80=94 Justin >>>>>>>>>=20 >>>>>>>>>> On Jun 5, 2021, at 8:26 AM, David Chadwick = > wrote: >>>>>>>>>>=20 >>>>>>>>>> This attack is similar to surreptitious forwarding (message = 3). One solution is for the sender (Client) to identify the recipient in = message 2 so that it cannot be altered by the AAS when it creates = message 3. The grant endpoint of the AS that the client instance is = talking to would seem to fit this solution >>>>>>>>>>=20 >>>>>>>>>> Kind regards >>>>>>>>>>=20 >>>>>>>>>> David >>>>>>>>>>=20 >>>>>>>>>> On 04/06/2021 15:59, Justin Richer wrote: >>>>>>>>>>> This week, some researchers reached out to the editors to = describe an attack against GNAP in the front channel that=E2=80=99s = inherited from OAuth 2. I will describe the attack, list out its = preconditions, and then describe a proposed solution space. We=E2=80=99re = looking for input and feedback from the group on managing this solution. >>>>>>>>>>>=20 >>>>>>>>>>> But first, many thanks to =C3=85ke Axeland and Adam Omar = Oueidat for doing this analysis, putting together the diagram below, and = bringing it to the group=E2=80=99s attention. >>>>>>>>>>>=20 >>>>>>>>>>> The attack is largely the same as one of the =E2=80=9CAS Mix = Up=E2=80=9D attack cases in "Comprehensive Security Analysis of OAuth = 2.0=E2=80=9D by Daniel Fett and colleagues. It=E2=80=99s a kind of = in-the-middle and/or = phishing attack at its core.=20 >>>>>>>>>>>=20 >>>>>>>>>>> The attacker has their own authorization server (AAS) which = can also act as a client instance. An uncompromised client (UC) instance = and an uncompromised authorization server (HAS) = are assumed. There is no compromise of = secret keys or breaking of TLS in this attack. >>>>>>>>>>>=20 >>>>>>>>>>> 1. UC is a client of AAS, and might also be a client of HAS. = User wants to authorize at HAS but tells UC to use AAS. >>>>>>>>>>> 2. UC starts a request at AAS, signed with UC=E2=80=99s key. = AAS is imitating HAS. >>>>>>>>>>> 3. AAS forwards UC=E2=80=99s request parameters (Client = nonce, interaction finish URI) to HAS, but signed with AAS=E2=80=99s = key. >>>>>>>>>>> 4. HAS responds with an interaction start URL and server = nonce to AAS >>>>>>>>>>> 5. AAS forwards the interaction start URL and server nonce = to UC >>>>>>>>>>> 6. (Note) HAS is functionally telling the user to show up = and interact, but doesn=E2=80=99t realize that the request is being = proxied in this way. >>>>>>>>>>> 7. UC launches interaction start url, which is a function of = HAS >>>>>>>>>>> 8. HAS returns the verification hash and interaction = reference to UC >>>>>>>>>>> 9. UC validates the hash (which is correct) and sends the = interaction reference to AAS >>>>>>>>>>> 10. AAS forwards the interaction reference to HAS=20 >>>>>>>>>>> 11. AAS receives an access token for calling an RS protected = by HAS. The client receives no access token. >>>>>>>>>>>=20 >>>>>>>>>>> The diagram from the researchers is attached here. I=E2=80=99l= l be using the numbers in the text list here like (1) to refer to = specific steps. >>>>>>>>>>>=20 >>>>>>>>>>> >>>>>>>>>>> Some preconditions and analysis: >>>>>>>>>>>=20 >>>>>>>>>>> Step (1) is made easier if the client has choice over which = AS to talk to for a given request, since that=E2=80=99s how it starts = talking to AAS instead of HAS. The danger of allowing a client to choose = its AS at runtime has been discussed, but it=E2=80=99s a known pattern = that we can=E2=80=99t expect to go away. >>>>>>>>>>>=20 >>>>>>>>>>> AAS is treated as a legitimate client of HAS and UC is a = legitimate client of AAS. While dynamic clients can exacerbate this = problem at runtime, at no time does HAS always knows the requests are = coming from AAS and UC always knows it=E2=80=99s talking to AAS. There = is no cryptographic impersonation and no theft of keys.=20 >>>>>>>>>>>=20 >>>>>>>>>>> The attack occurs because the user and client think = they=E2=80=99re dealing with different AS=E2=80=99s, and you can=E2=80=99t= expect a user to always be able to tell them apart, especially when the = backend calls = like (2) are hidden. It=E2=80=99s assumed that the user actually wants = to authorize UC for HAS, but UC talks to AAS instead because of = configuration (1). AAS can imitate HAS to the user to facilitate (1), = and imitate UC to HAS, but only for human-facing portions (7). Static = pre-registration makes this more difficult, assuming that all = registrations are reviewed by humans. If HAS has no idea that UC exists, = it wouldn=E2=80=99t necessarily know that AAS is impersonating anyone. >>>>>>>>>>>=20 >>>>>>>>>>> The token at the end (11), assuming it=E2=80=99s a bound = token, is only good with AAS=E2=80=99s key and not UC=E2=80=99s key. = This is great for the attacker until UC starts to act funny and raise = suspicion, since the process didn=E2=80=99t ever complete. With the = OAuth attack, and with bearer tokens in GNAP, the token can be passed = through to the UC making UC none the wiser.=20 >>>>>>>>>>>=20 >>>>>>>>>>> The hash validation (9) does not protect against this = specific attack. Since AAS sits in the middle, it has access to the = Client nonce from UC, the server nonce from AAS, and the interaction = reference at the appropriate times. AAS doesn=E2=80=99t need to generate = the hash, but can force HAS to generate an appropriate hash. >>>>>>>>>>>=20 >>>>>>>>>>> The proposed mitigation(s):=20 >>>>>>>>>>>=20 >>>>>>>>>>> In OAuth 2, the accepted mitigation is to provide another = query parameter with the =E2=80=9Cissuer=E2=80=9D URL of the AS. We = could do that here, but that would have the same downsides: the client = has to check this value explicitly. Therefore we=E2=80=99re proposing = that instead we use the existing validation hash algorithm and add an = additional field. This would need to be something known to UC and HAS = that can=E2=80=99t be impersonated by AAS, even if it=E2=80=99s known. = Therefore, it makes sense to use something that=E2=80=99s derived. There = are a few ideas of what to do here, each with benefits and drawbacks: >>>>>>>>>>>=20 >>>>>>>>>>> - The grant endpoint of the AS that the client instance is = talking to. >>>>>>>>>>> - The continuation endpoint that the client instance will = send the interaction reference to. (This might be different from the = above) >>>>>>>>>>> - The continuation access token value >>>>>>>>>>> - A key hash for the AS the client is talking to (TLS key to = one of these endpoints? Some other external key added to the mix?) >>>>>>>>>>>=20 >>>>>>>>>>> The important thing here is that it=E2=80=99s a value = that=E2=80=99s known but not a shared-secret that=E2=80=99s passed = between parties. The client doesn=E2=80=99t need to check anything new, = just needs to do the hash validation that it should be doing anyway. >>>>>>>>>>>=20 >>>>>>>>>>> Requested feedback: >>>>>>>>>>>=20 >>>>>>>>>>> The editors are requesting feedback and discussion on the = attack and the proposed mitigation strategy. As a group, we would also = benefit from additional formal analysis of the protocol with and without = the mitigation in place. Additionally, we need to be sure we aren=E2=80=99= t accidentally cutting off a legitimate use case, like AS bridges and = proxies that aren=E2=80=99t trying to hide their presence. >>>>>>>>>>>=20 >>>>>>>>>>> =E2=80=94 Justin >>>>>>>>>>>=20 >>>>>>>>>>>=20 >>>>>>>>>> --=20 >>>>>>>>>> TXAuth mailing list >>>>>>>>>> TXAuth@ietf.org >>>>>>>>>> https://www.ietf.org/mailman/listinfo/txauth = >>>>>>>>>=20 >>>>>>>=20 >>>>>=20 >>>> --=20 >>>> TXAuth mailing list >>>> TXAuth@ietf.org >>>> https://www.ietf.org/mailman/listinfo/txauth = >>>>=20 >>> --=20 >>> TXAuth mailing list >>> TXAuth@ietf.org >>> https://www.ietf.org/mailman/listinfo/txauth = >>=20 --Apple-Mail=_0C9342CA-C0BC-4F4D-AF04-84F24284A478 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8 Thank= you for clarifying, and thanks for the feedback and discussion on the = attack and proposal!

 =E2=80=94 Justin

On Jun = 7, 2021, at 4:02 PM, David Chadwick <d.w.chadwick@verifiablecredentials.info> = wrote:

=20

Hi Justin

I thought = that a resolution had been reached, which is why I did not respond to Warren's message. If the auth code contains the sender, recipient and the redirection destination, all cryptographically protected, then it should be watertight.

Kind regards

David

On 07/06/2021 19:08, Justin Richer wrote:
=20 David,

I=E2=80=99m not sure that we=E2=80=99re on the = same page yet, and I want to make sure that I am (personally) not missing something important in this discussion. Can you please lay out in more detail what your proposed mitigation to this attack would look like, given the diagram/flow at the top of the thread? What pieces of information would each party need access to, and how does it stop the vulnerability?

Thank you,
 =E2=80=94 Justin

On Jun 6, 2021, at 7:10 AM, David Chadwick <d.w.chadwick@verifiablecredentials.info> wrote:

=20

My understanding is that all = these types of federated systems with redirections: SAML, Oauth, OIDC, are open to phishing attacks. To counteract this you should remove redirections from the protocol. OIDC SIOPv2 with verifiable credentials/presentations should solve this type of attack I believe. Also it is using a TTP for verification, which is one of your proposed solutions.

Your proposed = solution of adding data to the auth code is what I have already suggested: the message should  cryptographically contain the = identity of the sender and receiver and then all parties know who the intended recipient and originator are. And if you want to add a redirection in the response then that should also be inside the protected message.

Kind regards

David

On 06/06/2021 10:33, = Warren Parad wrote:
I don't think that would = solve the problem, although it might give the user client a second chance to avoid the vulnerability, it isn't a fix so far as I understand it.

I like Justin's writeup, and knowing that it took me some time to appreciate the challenge, perhaps reframing the problem might help make it more clear. (And a real case that has happened)

1. An app network exists, and anyone can register an app. A malicious app registers a client with which itself is granted AS-like capabilities to the app network. The app pretends to be Google Drive, and the login screen is a perfect match for google's login.
2. Through a phishing attack, users are sent an email and directed to login to this malicious app.
3. The user navigates through the = flow and returns to a legit application with an auth code
4. All along this malicious app has been intercepting the data the user has been providing and using it to authenticate itself as a valid app. If the user completes the flow the malicious app, will have a valid token for the HAS with the privileges the user thought they were granting the honest app.

At this point the users client only has two* pieces of information:
* Where the initial request to start the flow was sent
* The Auth Code

To break the vulnerability it must intentionally be so that the user client does = NOT send the auth code to the same place where the initial request to start the flow was sent. Which means that the only available piece of information in the auth code.

In OAuth, it has been introduced to create a third piece of information, the ISS url. Which can be used to look up where to send the auth code. It doesn't matter what endpoints or secrets are shared, none of them will be of any use, because the client is intentionally always communicating with the malicious app. The user may not want to, but they are anyway. the PKCE prevents interception or vulnerabilities in the flow, but this isn't a vulnerability in the = flow, it is a malicious proxy.

The only way to avoid this attack is one of:
* Trust a third party for = verification
* include data in the auth code that the client can use to identify where to send the auth code
* include data adjacent to the auth code which identifies how to handle the auth = code

Hope that helps.
Warren
Warren Parad
Founder, = CTO
Secure your user data with IAM authorization as a service. Implement Authress.


On Sun, Jun 6, 2021 at 10:21 AM David Chadwick <d.w.chadwick@verifiablecredentials.info> wrote:

So effectively you = are saying that a client can be redirected to anywhere in the world and not know whether this is correct or not, or, it has to assume that it is correct regardless of where it is. In this case I suggest that these two locations should share a secret that they can both give to the client so that it knows these two endpoints are collaborating together. If you use something like the OIDC PKCE scheme then the first endpoint can send the hash of the secret, and the second endpoint can send the secret itself for the client to hash.

Kind = regards

David

On 05/06/2021 21:35, Justin = Richer wrote:
It=E2=80=99s= completely reasonable for any legitimate AS to split the hosting of its user-facing stuff from its backend stuff. Google already does this with OAuth/OIDC today, and expecting this to change to something more constrained would be a non-starter for many deployments. Additionally, we can=E2=80=99t assume that = everything is web-based and that things are happening within a browser. Furthermore, relying on the client to do some kind of comparison between the URL it starts the transaction with and the URL used for interaction is going to lead to misbehaving clients simply being more susceptible to this and related attacks. I=E2=80= =99m of the school of thought that we should expect the minimum number of very specific things from the client in order to enforce security principles.

 =E2=80=94 Justin

On Jun 5, 2021, at 3:43 PM, David Chadwick <d.w.chadwick@verifiablecredentials.info> wrote:

But the = start URL has HAS in it (message 5), when the client was talking to AAS. So this should be sufficient should it not to determine that something is wrong? Especially if SOP is being enforced, then the url of HAS and AAS wont have the same = origin

Kind regards

David
=

On 05/06/2021 17:39, Justin Richer wrote:
But that=E2=80=99s what I=E2=80=99m = saying =E2=80=94 the client knows it=E2=80=99s talking = to AAS and not HAS so with this kind of solution it would just create a message cryptographically tagged to AAS. And then on the next step, AAS creates a message cryptographically bound to HAS. So even if the client already says =E2=80=9Cthis message is for = AAS=E2=80=9D explicitly, the attack surface doesn=E2=80=99t change. Only if = the client thought it was talking to HAS would this make a difference, but that=E2=80=99s not what=E2=80=99s = happening here. This, I believe, is what makes this kind of attack much more subtle than a simple message relay.

 =E2=80=94 = Justin

On Jun 5, 2021, at 11:09 AM, David Chadwick <d.w.chadwick@verifiablecredentials.info> wrote:

Hi Justin

the point I am making is that the message created by the Client must be received by the ultimate recipient, knowing that the Client created it and that the ultimate recipient is the intended recipient. In the current flow both recipients know they are the intended recipients, but also know that different clients are talking to them. Thus any solution must have the message originator cryptographically protecting both the sender and recipient addresses. Once you do this, you thwart the current = vulnerability.

Kind regards

David

On 05/06/2021 15:51, Justin Richer = wrote:
Hi David,

I = think it=E2=80=99s similar = to message forwarding, but there=E2=80=99s = one important difference =E2=80=94 the AAS = already is modifying the message to HAS. It doesn=E2=80=99t need = to forward the complete message from (2), it creates a brand new message in (3) and signs it with its own key. So the client knows it=E2=80=99= s talking to AAS and vice versa, and AAS knows it=E2=80=99s = talking to HAS and vice versa. What=E2=80=99s different is that AAS is able to take pieces out of the (valid) message from the client and make its own message out of those parts, and then get value out of that.

But = that does raise an interesting question: what if ASS :did: simply forward the signed message from the client to HAS? The signature method would need to protect the target of the HTTP request, but I think that should already be covered in most of the signature methods. We need to put some focus on these signature methods directly in the near future, so that=E2=80=99s = something to keep in mind = here.

 =E2=80=94 Justin

On= Jun 5, 2021, at 8:26 AM, David Chadwick <d.w.chadwick@verifiablecredentials.info> wrote:

This attack is similar to surreptitious forwarding (message 3). One solution is for the sender (Client) to identify the recipient in message 2 so that it cannot be altered by the AAS when it creates message 3. The grant endpoint of the AS that the client instance is talking to would seem to fit this solution

Kind regards

David

On 04/06/2021 15:59, Justin Richer = wrote:
This week, some researchers reached out to the editors to describe an attack against GNAP in the front channel that=E2=80=99s inherited from OAuth 2. I will describe the attack, list out its preconditions, and then describe a proposed solution space. We=E2=80=99= re looking for input and feedback from the group on managing this solution.

But first, many thanks to =C3=85= ke Axeland and Adam Omar Oueidat for doing this analysis, putting together the diagram below, and bringing it to the group=E2=80=99s attention.

The attack is largely the same as one of the =E2=80=9CAS = Mix Up=E2=80=9D = attack cases in "Comprehensive Security = Analysis of OAuth 2.0=E2=80=9D= by Daniel Fett and colleagues. It=E2=80=99s a = kind of in-the-middle and/or phishing attack at its = core. 

The attacker has their own authorization server (AAS) which can also act as a client instance. An uncompromised client (UC) instance and an uncompromised authorization server (HAS) are assumed. There is no compromise of secret keys or breaking of TLS in this attack.

1. UC is a client of AAS, and might also be a client of HAS. User wants to authorize at HAS but tells UC to use = AAS.
2. UC starts a request at AAS, signed with UC=E2=80=99= s key. AAS is imitating = HAS.
3. AAS forwards UC=E2=80=99s = request parameters (Client nonce, interaction finish URI) to HAS, but signed with AAS=E2=80=99s = key.
4. HAS responds with an interaction start URL and server nonce to AAS
5. AAS forwards the interaction start URL and server nonce to UC
6. (Note) HAS is functionally telling the user to show up and interact, but doesn=E2=80=99t realize that the request is being proxied in this = way.
7. UC launches interaction start url, which is a function of HAS
8. HAS returns the verification hash and interaction reference to UC
9. UC validates the hash (which is correct) and sends the interaction reference to AAS
10. AAS forwards the interaction reference to = HAS 
11. AAS receives an access token for calling an RS protected by HAS. The client receives no access = token.

The diagram from the researchers is attached here. I=E2=80=99ll = be using the numbers in the text list here like (1) to refer to specific steps.

<PastedGraphic-2.png>
Some preconditions and = analysis:

Step (1) is made easier if the client has choice over which AS to talk to for a given request, since that=E2=80= =99s how it starts talking to AAS instead of HAS. The danger of allowing a client to choose its AS at runtime has been discussed, but it=E2=80=99s a = known pattern that we can=E2=80=99t= expect to go away.

AAS is treated as a legitimate client of HAS and UC is a legitimate client of AAS. While dynamic clients can exacerbate this problem at runtime, at no time does HAS always knows the requests are coming from AAS and UC always knows it=E2=80=99s = talking to AAS. There is no cryptographic impersonation and no theft of = keys. 

The attack occurs because the user and client think they=E2=80=99re dealing with different AS=E2=80=99s, = and you can=E2=80=99t = expect a user to always be able to tell them apart, especially when the backend calls like (2) are hidden. It=E2=80= =99s assumed that the user actually wants to authorize UC for HAS, but UC talks to AAS instead because of configuration (1). AAS can imitate HAS to the user to facilitate (1), and imitate UC to HAS, but only for human-facing portions (7). Static = pre-registration makes this more difficult, assuming that all registrations are reviewed by humans. If HAS has no idea that UC exists, it wouldn=E2=80=99t= necessarily know that AAS is impersonating anyone.

The token at the end (11), assuming = it=E2=80=99s a bound token, is only good with AAS=E2=80=99= s key and not UC=E2=80= =99s key. This is great for the attacker until UC starts to act funny and raise suspicion, since the process = didn=E2=80=99t ever complete. With the OAuth attack, and with bearer tokens in GNAP, the token can be passed through to the UC making UC none the = wiser. 

The hash validation (9) does not protect against this specific attack. Since AAS sits in the middle, it has access to the Client nonce from UC, the server nonce from AAS, and the interaction reference at the appropriate times. AAS doesn=E2=80=99t = need to generate the hash, but can force HAS to generate an appropriate hash.

The proposed = mitigation(s): 

In OAuth 2, the accepted mitigation is to provide another query parameter with the = =E2=80=9Cissuer=E2=80=9D URL of the AS. We could do that here, but that would have the same downsides: the client has to check this value explicitly. Therefore we=E2=80=99re proposing that instead we use the existing validation hash algorithm and add an additional field. This would need to be something known to UC and HAS that can=E2=80=99t = be impersonated by AAS, even if it=E2=80=99s = known. Therefore, it makes sense to use something that=E2=80=99s derived. There are a few ideas of what to do here, each with benefits and = drawbacks:

- The grant endpoint of the AS that the client instance is talking = to.
- The continuation endpoint that the client instance will send the interaction reference to. (This might be different from the = above)
- The continuation access token value
- A key hash for the AS the client is talking to (TLS key to one of these endpoints? Some other external key added to the mix?)

The important thing here is that it=E2=80=99= s a value that=E2=80= =99s known but not a shared-secret that=E2=80=99s = passed between parties. The client = doesn=E2=80=99t need to check anything new, just needs to do the hash validation that it should be doing anyway.

Requested = feedback:

The editors are requesting feedback and discussion on the attack and the proposed mitigation strategy. As a group, we would also benefit from additional formal analysis of the protocol with and without the mitigation in place. Additionally, we need to be sure we = aren=E2=80=99t accidentally cutting off a legitimate use case, like AS bridges and proxies that aren=E2=80=99t = trying to hide their = presence.

 =E2=80=94 Justin

--
TXAuth mailing list
TXAuth@ietf.org
https://www.ietf.org/mailman/listinfo/txauth
=



--
TXAuth mailing list
TXAuth@ietf.org
https://www.ietf.org/mailman/listinfo/txauth
=

--
TXAuth mailing list
TXAuth@ietf.org
https://www.ietf.org= /mailman/listinfo/txauth


= --Apple-Mail=_0C9342CA-C0BC-4F4D-AF04-84F24284A478-- From nobody Sun Jun 13 00:40:06 2021 Return-Path: X-Original-To: txauth@ietfa.amsl.com Delivered-To: txauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 276F83A0D6D for ; Sun, 13 Jun 2021 00:39:55 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.097 X-Spam-Level: X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=mnot.net header.b=B3DJI2Nr; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=v4oevFH2 Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wFo9Bii_Lq_4 for ; Sun, 13 Jun 2021 00:39:50 -0700 (PDT) Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CD3B73A0D9D for ; Sun, 13 Jun 2021 00:39:48 -0700 (PDT) Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.nyi.internal (Postfix) with ESMTP id 6B28D5C010C for ; Sun, 13 Jun 2021 03:39:47 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute5.internal (MEProxy); Sun, 13 Jun 2021 03:39:47 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mnot.net; h= content-type:mime-version:from:to:subject; s=fm3; bh=FxRlaB94Nq+ Bogh6mOlbYaskXykv9KxjrcJomOP+6yA=; b=B3DJI2NrVazmNSvwicsXyfv9VAU YHtb20b8E0l9TGd2Lv4PR8k4mzY213OpYKziIjXGjukAsl0DMM8U/N5d0zuRi/Mg PCIAWd5THi+XXJDDlsibIv0eMf96n/NpLz/k3X5A8KdXP3vEuv/M7nKdm+hwC6lh O3L0ZqXN6Lqfw7xUVVEpGZo0iSVQp5JDZuyveH5i1i5r7K5V88s1KdDDtlaiY5a2 QmZnp7II45ypCr7EGuEeiOCpykSbVvDPRHkR4xIyjK/9Rim/Lg+WkY0bo1VIhQW5 Jv7B+102rRQhxOFb3M5bjIMTRm0EvLaIWjDaAk1EnYzxweYQfE64YRLZC4A== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:from:mime-version:subject:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm3; bh=FxRlaB94Nq+Bogh6mOlbYaskXykv9KxjrcJomOP+6yA=; b=v4oevFH2 2ZMpfhKC8Y+Ht3MIWn1e34p2iK3HQUulVruSKSCF+hFk0TgSdNBBL0fFlGVgzTEX 7OCKKEZ/mWjtFMJvqfJ1cx4GqOEamqUTQqtumpYi3ynfGTjkkhL72C1ugG4sycX6 bljCayn5/aU6z8+9k4kSw2UTD/CuGPo1m0SBGkrHQO4OaqGk3pvBt781CFmBs+CT opalHa76ZsMMqhodILK+bp85NZxEmj1U/OqsbMPFDazPtnBtzakdICmc6oivhOtG XLI8c+g467T4pPIrxi7dSH5EnloSGPYr/CmXBC+gP0KfzuIqv2UG+Dc8k5kYIw90 RMJGzBAAcf9xTg== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduledrfedvvddgvddtucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucfpohcuuggrthgvuchfihgvlhguucdlgeelmdenuc fjughrpegtggfhvffusegrtddtredttdejnecuhfhrohhmpeftvghpohhsihhtohhrhicu tegtthhivhhithihucfuuhhmmhgrrhihuceuohhtuceoughopghnohhtpghrvghplhihse hmnhhothdrnhgvtheqnecuggftrfgrthhtvghrnhepkeefvdduteejvdefkeehieevuefg fefhteetveegffekffefteffvdelheduieetnecuffhomhgrihhnpehgihhthhhusgdrtg homhenucevlhhushhtvghrufhiiigvpedvnecurfgrrhgrmhepmhgrihhlfhhrohhmpegu ohgpnhhothgprhgvphhlhiesmhhnohhtrdhnvght X-ME-Proxy: Received: by mail.messagingengine.com (Postfix) with ESMTPA for ; Sun, 13 Jun 2021 03:39:46 -0400 (EDT) Content-Type: multipart/alternative; boundary="===============3459121343899932976==" MIME-Version: 1.0 From: Repository Activity Summary Bot To: txauth@ietf.org Message-Id: <20210613073948.CD3B73A0D9D@ietfa.amsl.com> Date: Sun, 13 Jun 2021 00:39:48 -0700 (PDT) Archived-At: Subject: [GNAP] Weekly github digest (GNAP Weekly GitHub Activity Summary) X-BeenThere: txauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: GNAP List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Jun 2021 07:40:04 -0000 --===============3459121343899932976== MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8"; format="flowed" Events without label "editorial" Issues ------ * ietf-wg-gnap/core-protocol (+0/-2/=F0=9F=92=AC0) 2 issues closed: - Move client-facing sections back from RS draft https://github.com/ietf-= wg-gnap/gnap-core-protocol/issues/260=20 - RS www-authenticate response https://github.com/ietf-wg-gnap/gnap-core-= protocol/issues/118=20 Pull requests ------------- * ietf-wg-gnap/core-protocol (+2/-1/=F0=9F=92=AC3) 2 pull requests submitted: - add grant endpoint URL to interaction hash to close mix-up proxy vulner= ability (by jricher) https://github.com/ietf-wg-gnap/gnap-core-protocol/pull/268=20 - add role diagram (by aaronpk) https://github.com/ietf-wg-gnap/gnap-core-protocol/pull/267=20 2 pull requests received 3 new comments: - #268 add grant endpoint URL to interaction hash to close mix-up proxy v= ulnerability (1 by netlify) https://github.com/ietf-wg-gnap/gnap-core-protocol/pull/268=20 - #267 add role diagram (2 by aaronpk, netlify) https://github.com/ietf-wg-gnap/gnap-core-protocol/pull/267=20 1 pull requests merged: - re-import rs-first discovery method from gnap-rs, closes #260 https://github.com/ietf-wg-gnap/gnap-core-protocol/pull/261 [Pending Me= rge]=20 * ietf-wg-gnap/gnap-resource-servers (+0/-1/=F0=9F=92=AC0) 1 pull requests merged: - move client-facing rs-first discovery back to gnap core, addresses ietf= -wg-gnap/gnap-core-protocol#260 https://github.com/ietf-wg-gnap/gnap-resource-servers/pull/26 [Pending = Merge]=20 Repositories tracked by this digest: ----------------------------------- * https://github.com/ietf-wg-gnap/core-protocol * https://github.com/ietf-wg-gnap/gnap-resource-servers --===============3459121343899932976== Content-Type: text/html; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Weekly github digest (GNAP Weekly GitHub Activity Summary)

Sunday June 13, 2021

Events without label "editorial"

Issues

ietf-wg-gnap/core-protocol (+0/-2/=F0=9F=92=AC0)

2 issues closed:

Pull requests

ietf-wg-gnap/core-protocol (+2/-1/=F0=9F=92=AC3)

2 pull requests submitted:

2 pull requests received 3 new comments:

1 pull requests merged:

ietf-wg-gnap/gnap-resource-servers (+0/-1/=F0=9F=92=AC0)

1 pull requests merged:

Repositories tracked by this digest:

--===============3459121343899932976==-- From nobody Mon Jun 14 11:58:05 2021 Return-Path: X-Original-To: txauth@ietfa.amsl.com Delivered-To: txauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 773EF3A2E0D for ; Mon, 14 Jun 2021 11:58:03 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.497 X-Spam-Level: X-Spam-Status: No, score=-1.497 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, KHOP_HELO_FCRDNS=0.398, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=no autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MGLPUqbloWvG for ; Mon, 14 Jun 2021 11:57:59 -0700 (PDT) Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B59C83A2E44 for ; Mon, 14 Jun 2021 11:57:59 -0700 (PDT) Received: from [192.168.1.49] (static-71-174-62-56.bstnma.fios.verizon.net [71.174.62.56]) (authenticated bits=0) (User authenticated as jricher@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 15EIuvwo006646 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Mon, 14 Jun 2021 14:57:58 -0400 From: Justin Richer Content-Type: multipart/alternative; boundary="Apple-Mail=_C6A84F83-38E6-46D5-A4AF-3E4B14074902" Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.6\)) Message-Id: Date: Mon, 14 Jun 2021 14:57:58 -0400 To: GNAP Mailing List X-Mailer: Apple Mail (2.3608.120.23.2.6) Archived-At: Subject: [GNAP] Interim Agenda X-BeenThere: txauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: GNAP List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Jun 2021 18:58:04 -0000 --Apple-Mail=_C6A84F83-38E6-46D5-A4AF-3E4B14074902 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 Hi everyone, As a reminder, we=E2=80=99ve got an interim meeting tomorrow afternoon. = The editors are planning on the following agenda for discussion: Core draft update Mix-up attack Signature methods What topics to focus on before IETF 111 =E2=80=94 Justin --Apple-Mail=_C6A84F83-38E6-46D5-A4AF-3E4B14074902 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8 Hi = everyone,

As a = reminder, we=E2=80=99ve got an interim meeting tomorrow afternoon. The = editors are planning on the following agenda for discussion:

  • Core draft update
  • Mix-up attack
  • Signature methods
  • What topics to focus on before IETF = 111



=E2=80=94 Justin

= --Apple-Mail=_C6A84F83-38E6-46D5-A4AF-3E4B14074902-- From nobody Tue Jun 15 05:32:35 2021 Return-Path: X-Original-To: txauth@ietfa.amsl.com Delivered-To: txauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 52CC93A2DFC for ; Tue, 15 Jun 2021 05:32:33 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.095 X-Spam-Level: X-Spam-Status: No, score=-2.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, MALFORMED_FREEMAIL=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hQawSs_eJ9nP for ; Tue, 15 Jun 2021 05:32:27 -0700 (PDT) Received: from mail-il1-x131.google.com (mail-il1-x131.google.com [IPv6:2607:f8b0:4864:20::131]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C49553A2DFE for ; Tue, 15 Jun 2021 05:32:27 -0700 (PDT) Received: by mail-il1-x131.google.com with SMTP id w14so15149900ilv.1 for ; Tue, 15 Jun 2021 05:32:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=user-agent:date:subject:from:to:message-id:thread-topic:references :in-reply-to:mime-version; bh=tpKw5YTClgor5pJCF5scjWD0by/rU4yBGhjlK2jnxX8=; b=IrUeLemso6GVFs9zFSSDbvsZF6QJqws3tbPMPQAHIjrQ/SLimY/OP9buHau1XCV7li 27m8mZwixa+ryt07fODyQ8FJUe0JqeAGY3/YVtpgieI+q8PK9asVvq6gJmcQAfV4nc9y SIfUdf3l3cE4B7btUCAgSfwdTEKk8w0IviWnO9T6xzItB9SI6X6IgRDnpNT8D0qaMbwO 40AIeUuzJfQX1nN8Q+cjZF+7HY8lM8GLgbEeCDUiLDmiYnsLSLsc+R69VtvjhZlKhrDo rPTMuCC8RI0EdiRhyScxMFTtOuogPXEM18oooZm3/GSt6j4iRD2QII3tTgcbcdP1iSh7 RPJQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:user-agent:date:subject:from:to:message-id :thread-topic:references:in-reply-to:mime-version; bh=tpKw5YTClgor5pJCF5scjWD0by/rU4yBGhjlK2jnxX8=; b=OKqtn5FjAVm7Z1mZQA5mW15WJqcx9fupxaZWLmjwA3YbjVNnsiJ9DLJYufx8HMnf0N WTkmhGFGKO8W02milZhYHn6OOXom6U+Pi3DuzDzthKOV5zQeXgqHvXefLtrUEkaPm+0K mvCv84WeYEKAxiZkjiZ2L1uYAiQH0QJwtY0CxQz69NLuZyMM/1T1lDeIHddr8bHVkCNz 5cEcjhNekwkG1e5753Yx1nOIz854CIaFL3oytYRjQMCE/XGp5m/3Bpf/cOIvmoxQ//cZ s1YgQDDRUPrsrpVh5XQn9jPm/A/aAAoea0nBw1l09JJgxA2J9TCwa54ergKGo5dXTQDu w0TQ== X-Gm-Message-State: AOAM532PUkxd8JLp9k4Sn/PhqYNiBQXhkhTTi7l/g+GsF2cabfyqzK/J j3+T8jbXieIJI/5S7NrCzdc= X-Google-Smtp-Source: ABdhPJwAHCi/8jrMUCIQHSqOgdL+zMDS156jmuW2E1PSRm2tyZjVCmTdlJPkhWuUHEFyPCLWaTo0Vg== X-Received: by 2002:a92:c7b0:: with SMTP id f16mr17746992ilk.169.1623760344282; Tue, 15 Jun 2021 05:32:24 -0700 (PDT) Received: from [192.168.68.107] (bzq-79-182-62-6.red.bezeqint.net. [79.182.62.6]) by smtp.gmail.com with ESMTPSA id r6sm9088436ioh.27.2021.06.15.05.32.22 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 15 Jun 2021 05:32:23 -0700 (PDT) User-Agent: Microsoft-MacOutlook/16.49.21050901 Date: Tue, 15 Jun 2021 15:32:21 +0300 From: Yaron Sheffer To: Justin Richer , GNAP Mailing List Message-ID: <3E7A28D4-E2FF-4B98-9D71-2D0BDEB782E8@gmail.com> Thread-Topic: [GNAP] Interim Agenda References: In-Reply-To: Mime-version: 1.0 Content-type: multipart/alternative; boundary="B_3706615943_383264491" Archived-At: Subject: Re: [GNAP] Interim Agenda X-BeenThere: txauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: GNAP List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jun 2021 12:32:33 -0000 > This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. --B_3706615943_383264491 Content-type: text/plain; charset="UTF-8" Content-transfer-encoding: quoted-printable The agenda, slides and a Meetecho link are available at https://datatracker= .ietf.org/meeting/interim-2021-gnap-04/session/gnap =20 See you there! =20 =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Yaron =20 From: TXAuth on behalf of Justin Richer Date: Monday, June 14, 2021 at 21:58 To: GNAP Mailing List Subject: [GNAP] Interim Agenda =20 Hi everyone, =20 As a reminder, we=E2=80=99ve got an interim meeting tomorrow afternoon. The edito= rs are planning on the following agenda for discussion: =20 Core draft update Mix-up attack Signature methods What topics to focus on before IETF 111 =20 =20 =E2=80=94 Justin -- TXAuth mailing list TXAuth@ietf.org https://www.ietf.org/mailman/listinf= o/txauth=20 --B_3706615943_383264491 Content-type: text/html; charset="UTF-8" Content-transfer-encoding: quoted-printable

The agenda, s= lides and a Meetecho link are available at https://datatracker.ietf.org= /meeting/interim-2021-gnap-04/session/gnap

 

See you there!

 

=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Yaron

 

From: TXAuth <txauth-bounces@= ietf.org> on behalf of Justin Richer <jricher@mit.edu>
Date: = Monday, June 14, 2021 at 21:58
To: GNAP Mailing List <txaut= h@ietf.org>
Subject: [GNAP] Interim Agenda

 

Hi everyone,

 

As a reminder, we=E2=80=99ve got an interim meeting tom= orrow afternoon. The editors are planning on the following agenda for discus= sion:

 

  • = Core draft update
  • = Mix-up attack<= o:p>
  • Signature methods
  • What topics to focus on before IETF 111

 

 

=E2=80=94 Justin


-- TXAuth mailing list TXAuth@ietf.org https://www.ietf.org/mailman= /listinfo/txauth

--B_3706615943_383264491-- From nobody Tue Jun 15 08:08:28 2021 Return-Path: X-Original-To: txauth@ietfa.amsl.com Delivered-To: txauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 336153A334B for ; Tue, 15 Jun 2021 08:08:27 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.118 X-Spam-Level: X-Spam-Status: No, score=-1.118 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_NEUTRAL=0.779, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yHcx1RnpCNNM for ; Tue, 15 Jun 2021 08:08:23 -0700 (PDT) Received: from smtp.smtpout.orange.fr (smtp01.smtpout.orange.fr [80.12.242.123]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 37F753A3347 for ; Tue, 15 Jun 2021 08:08:22 -0700 (PDT) Received: from [192.168.1.11] ([90.79.65.81]) by mwinf5d77 with ME id HT8E250071lBGHW03T8ESM; Tue, 15 Jun 2021 17:08:20 +0200 X-ME-Helo: [192.168.1.11] X-ME-Auth: ZGVuaXMucGlua2FzQG9yYW5nZS5mcg== X-ME-Date: Tue, 15 Jun 2021 17:08:20 +0200 X-ME-IP: 90.79.65.81 To: txauth@ietf.org References: <3E7A28D4-E2FF-4B98-9D71-2D0BDEB782E8@gmail.com> From: Denis Message-ID: <065bbf3b-f656-f750-bfe3-2719d4bdb86c@free.fr> Date: Tue, 15 Jun 2021 17:08:13 +0200 User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.10.1 MIME-Version: 1.0 In-Reply-To: <3E7A28D4-E2FF-4B98-9D71-2D0BDEB782E8@gmail.com> Content-Type: multipart/alternative; boundary="------------6DC562C4984BF926ADF3654F" Content-Language: en-GB Archived-At: Subject: Re: [GNAP] Interim Agenda X-BeenThere: txauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: GNAP List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jun 2021 15:08:27 -0000 This is a multi-part message in MIME format. --------------6DC562C4984BF926ADF3654F Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit *Important issues still need to be solved and have been left aside. * A time slot to address the items indicated in this email would be appreciated. If not at this session, then at the IETF session. A short list is below: *Trust relationships #214* https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/214 Three weeks after the opening of this thread, the very first comment unfortunately remains true. At the moment, there is no text in the draft to describe the relationships and/or the trust relationships between the various components of the system. /*Without a clear definition of these relationships, we might continue to argue for ever.*/ The last message was on April 2, 2021 * * *User choice and consent, and user notice **#215* https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/215 The *User choice and consent*, as well as the *user notice* should be made available in the preferred language of the end-user. /These two steps which are fundamental from a privacy point of view are currently unsupported/missing in the draft./ Still open. * * *Refactoring the internals of access request **#244**** ***https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/244 Denis: Switching the meaning of the words back and forth does not allow to progress. access token is defined as a data artifact representing a set of /*rights*/ and/or /*attributes */attribute is defined as characteristics related to a subject. It is the time now to define a data structure able to request attributes within an access token. An RS would be able to tell to a client that if needs one or more attributes types (and optionally values) /*and/or*/ some capability and /*if the end-user first accepts to request them to a given AS*/ and if AS is able to provide them, then the access token can be generated and is very likely to be accepted by the RS. No agreement between them would then be necessary. Last message was on May 15, 2021 * **Unlinkability **#241* https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/241 Denis: This topic falls under Privacy considerations but has consequences on the access token request protocol, hence it is opened as a separate thread. An end-user identifier present into an access token may be either: 1. a globally unique identifier (e.g. an email address, a social security number), or 2. an identifier locally unique to that AS for all the RSs, or 3. an identifier unique for every AS - RS pair, or 4. a temporary identifier for a single access (i.e. a large random identifier). Justin: Since access tokens are opaque to clients, clients do not have any input into the contents of the access token itself,              including any inclusion or format of user identifiers. *Closed* by Justin on April 21 , 2021 *How can an AS determine "what is needed" to fulfill the request ? **#264**** ***https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/264 Denis : In section 1.4, the text states: ( 3) The AS processes the request and determines what is needed to fulfill the request. How can the AS "*/determine what is needed to fulfill the request/*" ? Shall the AS have established some prior relationship ? If yes, what such relationships consist of ? If no, can "other means" be used ? Up to now, there is no response from anyone. *What kind of control may a client have about the content of a returned access token ? **#265* https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/265 This issue has been opened on a Saturday and closed immediately the day after on a Sunday by Justin. It is questionable whether it is fair to close an issue during a week-end without allowing even _a single working day_ for other people to comment or respond. This issue has been *closed in less than 24 hours*, without any intermediary status like "*Pending Closed*". IMO, such a practice should be changed. Since then, you may have noticed that discussions with WG members are not taking place any more, except between the three editors. *The access token verifications to be performed by the RS should be described **#30**** ***https://github.com/ietf-wg-gnap/gnap-resource-servers/issues/30 Denis: A key issue is whether the GNAP core is a *framework* or is able to define *at least one interoperable protocol*. The main reason of the existence of the IETF is to define *interoperable protocols* *Closed* by Justin on June 5 , 2021 Denis > The agenda, slides and a Meetecho link are available at > https://datatracker.ietf.org/meeting/interim-2021-gnap-04/session/gnap > > > See you there! > >                 Yaron > *From: *TXAuth on behalf of Justin Richer > > *Date: *Monday, June 14, 2021 at 21:58 > *To: *GNAP Mailing List > *Subject: *[GNAP] Interim Agenda > Hi everyone, > As a reminder, we’ve got an interim meeting tomorrow afternoon. The > editors are planning on the following agenda for discussion: > > * Core draft update > > * Mix-up attack > > * Signature methods > > * What topics to focus on before IETF 111 > > — Justin > > -- TXAuth mailing list TXAuth@ietf.org > https://www.ietf.org/mailman/listinfo/txauth > --------------6DC562C4984BF926ADF3654F Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 8bit
Important issues still need to be solved and have been left aside.

A time slot to address the items indicated in this email would be appreciated. If not at this session, then at the IETF session.

A short list is below:
  
Trust relationships #214
  https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/214
Three weeks after the opening of this thread, the very first comment unfortunately remains true.

At the moment, there is no text in the draft to describe the relationships and/or the trust relationships between the various components of the system.

Without a clear definition of these relationships, we might continue to argue for ever.
The last message was on April 2, 2021


User choice and consent, and user notice #215
 https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/215
The User choice and consent, as well as the user notice should be made available in the preferred language of the end-user.
These two steps which are fundamental from a privacy point of view are currently unsupported/missing in the draft.
Still open.

Refactoring the internals of access request #244
 https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/244
Denis: Switching the meaning of the words back and forth does not allow to progress.

access token is defined as a data artifact representing a set of rights and/or attributes attribute is defined as
characteristics related to a subject.

It is the time now to define a data structure able to request attributes within an access token.

An RS would be able to tell to a client that if needs one or more attributes types (and optionally values) and/or some capability
and if the end-user first accepts to request them to a given AS and if AS is able to provide them, then the access token
can be generated and is very likely to be accepted by the RS. No agreement between them would then be necessary.
Last message was on May 15, 2021

Unlinkability #241
 https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/241
Denis: This topic falls under Privacy considerations but has consequences on the access token request protocol,
            hence it is opened as a separate thread.

An end-user identifier present into an access token may be either:
  1. a globally unique identifier (e.g. an email address, a social security number), or
  2. an identifier locally unique to that AS for all the RSs, or
  3. an identifier unique for every AS - RS pair, or
  4. a temporary identifier for a single access (i.e. a large random identifier).
Justin:  Since access tokens are opaque to clients, clients do not have any input into the contents of the access token itself,
             including any inclusion or format of user identifiers.
Closed by Justin on April 21 , 2021

How can an AS determine "what is needed" to fulfill the request ? #264
 https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/264
Denis : In section 1.4, the text states:

( 3) The AS processes the request and determines what is needed to fulfill the request.

How can the AS "determine what is needed to fulfill the request" ?

Shall the AS have established some prior relationship ?

If yes, what such relationships consist of ?
If no, can "other means" be used ?
Up to now, there is no response from anyone.

What kind of control may a client have about the content of a returned access token ? #265
 https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/265
This issue has been opened on a Saturday and closed immediately the day after on a Sunday by Justin.
It is questionable whether it is fair to close an issue during a week-end without allowing even a single working day
for other people to comment or respond.
This issue has been closed in less than 24 hours, without any intermediary status like "Pending Closed".

IMO, such a practice should be changed.
 
Since then, you may have noticed that discussions with WG members are not taking place any more, except between the three editors.


The access token verifications to be performed by the RS should be described #30
 https://github.com/ietf-wg-gnap/gnap-resource-servers/issues/30
Denis: A key issue is whether the GNAP core is a framework or is able to define at least one interoperable protocol.

The main reason of the existence of the IETF is to define interoperable protocols
Closed by Justin on June 5 , 2021
 

Denis  


The agenda, slides and a Meetecho link are available at https://datatracker.ietf.org/meeting/interim-2021-gnap-04/session/gnap
 
See you there!
 
                Yaron
 
From: TXAuth <txauth-bounces@ietf.org> on behalf of Justin Richer <jricher@mit.edu>
Date: Monday, June 14, 2021 at 21:58
To: GNAP Mailing List <txauth@ietf.org>
Subject: [GNAP] Interim Agenda
 
Hi everyone,
 
As a reminder, we’ve got an interim meeting tomorrow afternoon. The editors are planning on the following agenda for discussion:
 
  • Core draft update
  • Mix-up attack
  • Signature methods
  • What topics to focus on before IETF 111
 
 
— Justin

-- TXAuth mailing list TXAuth@ietf.org https://www.ietf.org/mailman/listinfo/txauth


--------------6DC562C4984BF926ADF3654F-- From nobody Tue Jun 15 09:12:03 2021 Return-Path: X-Original-To: txauth@ietfa.amsl.com Delivered-To: txauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F115A3A3524 for ; Tue, 15 Jun 2021 09:12:00 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.096 X-Spam-Level: X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, MALFORMED_FREEMAIL=0.001, MIME_QP_LONG_LINE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zCMMLxje4e7B for ; Tue, 15 Jun 2021 09:11:58 -0700 (PDT) Received: from mail-il1-x131.google.com (mail-il1-x131.google.com [IPv6:2607:f8b0:4864:20::131]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3DB223A3523 for ; Tue, 15 Jun 2021 09:11:58 -0700 (PDT) Received: by mail-il1-x131.google.com with SMTP id p14so2733897ilg.8 for ; Tue, 15 Jun 2021 09:11:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=user-agent:date:subject:from:to:message-id:thread-topic :mime-version; bh=Ql+pwrLZn1pDB8+09ZRWnAE+DEQI4OXDcO5x6567DK0=; b=WyEwZ0go+5hjM02tHnCjmLogiSJaearmSzVRduVTvs85dKgvlr+Y+FXRS+jpefb0XM oM23CTW/qq3ynMGVwF3RqZVZaxODGF4uUXVkXMnymMJ5sllVxylyHRK6DBnVFUcidUin 0uEGSQaJWCXQHpIY7HaveD2PsahnvxLHGm4fHzPJyrEg/hWKZTPme61m6l/zW8jlA6m0 ck27O1XrFYM5m/tMv5gyAtYy4o9R4hBGlArE61568Ydl9Kmk9Uv6EQ+VKTYXKdvBVdl+ jpT+4adS8v84huaP+2iEVY+NX1K7lfrI91y8uk2LG5h3RtUek4z7Ag8Wo5XTCsAh6zWE lSog== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:user-agent:date:subject:from:to:message-id :thread-topic:mime-version; bh=Ql+pwrLZn1pDB8+09ZRWnAE+DEQI4OXDcO5x6567DK0=; b=DVmPR9+LtNxDoqL8PWtyGnB7rlu/OVcrNiGvfLz2IOYOlGYuJ0Psdm6w8F1hOEdi8B O2jsYET+CVLgtJ5S2MVW3ZNncJUcsFv9RzxhDM3HysAclIabi3vWzFGeBotJp6CVYCzc el4mpX8UdXYfc2xb3Hua3IiM7B5vFsIz9QzZs1TIYTK1KwFB3YIHz1hm4qfZ4/S3Hf0M rSm9QOjfi1RH9txfCL1stEXxoW4Mu1t7enIxIZf5TXvGBK0QpJG/XZIN8deAzRxyuT9y s+hdCRmnzeKiptHvgKNUnJQDhsdaxC92/862iFzqQa3/x3oIc0KKpbEivyNmwA5NxqCd 6/mg== X-Gm-Message-State: AOAM530aZmJXObJanFCM/wZTzttUsYmGCrPirF6zdU0m+AJx9I/RFkQM XcarbhZ2esLYhfIjeQpPQh5NAn/ANt0= X-Google-Smtp-Source: ABdhPJxiceCl7DjpBsgGm9rnknWlXGXmeMXtVvOzYMbMJILbjUoBG5SP7kcT6ZwITabPhA+80WJzRg== X-Received: by 2002:a92:da4f:: with SMTP id p15mr209941ilq.200.1623773516272; Tue, 15 Jun 2021 09:11:56 -0700 (PDT) Received: from [192.168.68.107] (bzq-79-182-62-6.red.bezeqint.net. [79.182.62.6]) by smtp.gmail.com with ESMTPSA id a18sm9627219ilc.31.2021.06.15.09.11.54 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 15 Jun 2021 09:11:55 -0700 (PDT) User-Agent: Microsoft-MacOutlook/16.49.21050901 Date: Tue, 15 Jun 2021 19:11:52 +0300 From: Yaron Sheffer To: GNAP Mailing List Message-ID: Thread-Topic: Today's interim meeting Mime-version: 1.0 Content-type: multipart/alternative; boundary="B_3706629114_2051056074" Archived-At: Subject: [GNAP] Today's interim meeting X-BeenThere: txauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: GNAP List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jun 2021 16:12:01 -0000 > This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. --B_3706629114_2051056074 Content-type: text/plain; charset="UTF-8" Content-transfer-encoding: quoted-printable Dear WG, =20 Unfortunately we had too few people joining the interim meeting, and decide= d we cannot have the meeting given the quorum. =20 Document editors, can you please raise the questions you wanted to discuss = on the mailing list. =20 Thanks, =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Yaron --B_3706629114_2051056074 Content-type: text/html; charset="UTF-8" Content-transfer-encoding: quoted-printable

Dear WG,

 

Unfortunately we had too few people joining the inte= rim meeting, and decided we cannot have the meeting given the quorum.

 =

Document = editors, can you please raise the questions you wanted to discuss on the mai= ling list.

 

Thanks,

=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Yaron

<= /body> --B_3706629114_2051056074-- From nobody Tue Jun 15 09:33:25 2021 Return-Path: X-Original-To: txauth@ietfa.amsl.com Delivered-To: txauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F40583A35F6 for ; Tue, 15 Jun 2021 09:33:14 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.097 X-Spam-Level: X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1sRSFBgvIb4S for ; Tue, 15 Jun 2021 09:33:10 -0700 (PDT) Received: from mail-io1-xd2e.google.com (mail-io1-xd2e.google.com [IPv6:2607:f8b0:4864:20::d2e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BBE393A35DD for ; Tue, 15 Jun 2021 09:33:10 -0700 (PDT) Received: by mail-io1-xd2e.google.com with SMTP id k5so34273741iow.12 for ; Tue, 15 Jun 2021 09:33:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=W593bnWyH2MkhUJ1JowadmeuFwPtIgpC3CBpn0X4tNc=; b=Sa5nuKuWYbh4xILQ+SqrP/zsrWLrsfKo4QZceLWfdDxla5vKK5H9auPUWjh6Ue2ozj hSWpWLTxsoZKtmp662UrNl4ts47IbIc4wDGlTCTM99OOQfZN5dNK2J0E034o5ah6UMff Ae2eugG/4tKJS+MWeQqFAh9ike6hqX4LaWs460b+3t5fAW0xsPwXNFAkDddE9wmWsNjl zl8DIwILufMLhxalf2ODudTNyD2KRPvt9c94qYV+3Vu/9fsjy7kgA5eSi5ccoTIeZMOn 95Qc1yJiXl4dbU3dywbQQzA152+y1yk14FgC4WN9n1YZfz9qvw2Y9LXgd8nDfT77DTzY JNOA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=W593bnWyH2MkhUJ1JowadmeuFwPtIgpC3CBpn0X4tNc=; b=GbPW0ttmcn4xzWq8O4FXYzA/zVVWT9mFQpmQ83U6z5l94d5tWM2hZiEJLX1bf+ecAj 2LwHk9b0WDOgTNXR6uEWBhQAKgJdTjENEH3LQv3+QEV0BX4vv0ZHn0c4gVOPWi0J7YbN /tVQL8qylKkg273cd0LkfTMEo86n25wiexTDQL89DUMEwwr+uMUDxO9sgnYnyQjQCjy2 dfaHCyI5h2qmXKO1OEFjlsEoQZ1QttjFO0ZMbOvjC7iHa49qtq5xLDmXimpHUN0uV9y7 uUJ9IiUbcdeEnMpN74bKislB54mWAJO1V7J2FRVMz/Jr9sGxIXomC7nPLt3Q6DsELdPt RyPA== X-Gm-Message-State: AOAM530Xidzz/2JOGkAFHZkwVTUudI1Ftzbmrv7ni8ftJ/Cm0pJ1pj0m ZhPY/osGnfOx3WOMNbGCq4YHg2YRcw8AyHNh/F4= X-Google-Smtp-Source: ABdhPJxKNFiWdi4pAgjzX+R5qNZUXcTI6jNUbM5yixiVX7bGbtgpBXmgWVtds+zllR6ZLX3t6CfpB28NsfIvN8lnpAM= X-Received: by 2002:a05:6638:f11:: with SMTP id h17mr138223jas.47.1623774788665; Tue, 15 Jun 2021 09:33:08 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Fabien Imbault Date: Tue, 15 Jun 2021 18:32:56 +0200 Message-ID: To: Yaron Sheffer Cc: GNAP Mailing List Content-Type: multipart/alternative; boundary="00000000000079438205c4d08787" Archived-At: Subject: Re: [GNAP] Today's interim meeting X-BeenThere: txauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: GNAP List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jun 2021 16:33:23 -0000 --00000000000079438205c4d08787 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Sorry I couldn't join, due to an happy event (just had a baby / a bit difficult but going back to normal). Thanks to the chairs, Aaron and Justin for the great content. Looking forward for the next event (the official ietf meeting I guess). Cheers, Fabien Le mar. 15 juin 2021 =C3=A0 18:12, Yaron Sheffer a =C3=A9crit : > Dear WG, > > > > Unfortunately we had too few people joining the interim meeting, and > decided we cannot have the meeting given the quorum. > > > > Document editors, can you please raise the questions you wanted to discus= s > on the mailing list. > > > > Thanks, > > Yaron > -- > TXAuth mailing list > TXAuth@ietf.org > https://www.ietf.org/mailman/listinfo/txauth > --00000000000079438205c4d08787 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable

Sorry I couldn't join, due to an happy event (just had a baby / = a bit difficult but going back to normal). Thanks to the chairs, Aaron and = Justin for the great content.=C2=A0

Looking forward for the next event (the official ietf meeting I= guess).=C2=A0

Cheers,= =C2=A0
Fabien=C2=A0

Le mar. 15 juin 2021 =C3=A0= 18:12, Yaron Sheffer <yaronf.ietf@gmail.com> a =C3= =A9crit=C2=A0:

Dear WG,<= /span>

= =C2=A0

Unfortunately we had too few people joining the interim meeting, and d= ecided we cannot have the meeting given the quorum.

=C2=A0

Docume= nt editors, can you please raise the questions you wanted to discuss on the= mailing list.

=C2=A0

Thanks,

=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Yaron

--
TXAuth mailing list
TXAuth@ietf.org
https://www.ietf.org/ma= ilman/listinfo/txauth
--00000000000079438205c4d08787-- From nobody Tue Jun 15 10:49:31 2021 Return-Path: X-Original-To: txauth@ietfa.amsl.com Delivered-To: txauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BA11F3A3802 for ; Tue, 15 Jun 2021 10:49:20 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.498 X-Spam-Level: X-Spam-Status: No, score=-1.498 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, KHOP_HELO_FCRDNS=0.398, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=no autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HWfesH6HiCdF for ; Tue, 15 Jun 2021 10:49:16 -0700 (PDT) Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 36FA23A36DE for ; Tue, 15 Jun 2021 10:49:15 -0700 (PDT) Received: from [192.168.1.49] (static-71-174-62-56.bstnma.fios.verizon.net [71.174.62.56]) (authenticated bits=0) (User authenticated as jricher@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 15FHnEkK011453 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 15 Jun 2021 13:49:14 -0400 From: Justin Richer Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.6\)) Message-Id: Date: Tue, 15 Jun 2021 13:49:13 -0400 To: GNAP Mailing List X-Mailer: Apple Mail (2.3608.120.23.2.6) Archived-At: Subject: [GNAP] Signature Methods X-BeenThere: txauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: GNAP List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jun 2021 17:49:30 -0000 In GNAP, most requests are signed in some way, or at least bound to a = key being presented or referenced with the request. This is true for = connections from the client instance to the AS and to the RS, as well as = introspection requests from the RS to the AS. GNAP has always sought to = be flexible with regard to cryptographic binding mechanisms, but = there=E2=80=99s a question as to what should remain defined in the core = document. Right now, core has six methods defined. The editors are = proposing that we keep at least two and drop two, and the others could = either both be kept, both be dropped, or one kept. The rationale for = each proposal is discussed below: Proposed to keep: - HTTP Method Signatures: general purpose mechanism, being defined in = HTTP WG. Can be bound to symmetric and asymmetric keys. Usable for = native, web, and SPA clients. Suggested MTI for the AS (but not = mandatory to use) for interoperability. Side note, possible use for AS = to sign responses (but not explored here yet =E2=80=94 that=E2=80=99s = another topic). - Mutual TLS: based on OAuth MTLS, ties the keys at the TLS layer to the = application protocol (GNAP).=20 Proposed to drop: - OAuth PoP: expired draft, due to be replaced with new draft based on = HTTP Message Signatures. - OAuth DPoP: only works for asymmetric keys, requires key be presented = in the header (duplicating information from GNAP messages). It was never = meant to be a general purpose signing mechanism, though the FAPI group = in OIDF is considering it as an option in current proposed work.=20 This leaves the two JWS based methods, detached and attached. Since = attached JWS depends on the detached JWS method to handle body-less = requests like GET, DELETE, OPTIONS, etc., if we remove the detached = method then we have to remove both. The methods could be pulled to an = extension, left in core, or removed entirely.=20 The editors would appreciate feedback on this proposal, including = specific feedback on the JWS methods from implementors who are targeting = them. =E2=80=94 Justin= From nobody Tue Jun 15 10:51:40 2021 Return-Path: X-Original-To: txauth@ietfa.amsl.com Delivered-To: txauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0B63A3A3807 for ; Tue, 15 Jun 2021 10:51:31 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.498 X-Spam-Level: X-Spam-Status: No, score=-1.498 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, KHOP_HELO_FCRDNS=0.398, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=no autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mu-EdwALCh1g for ; Tue, 15 Jun 2021 10:51:28 -0700 (PDT) Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A0DD93A3837 for ; Tue, 15 Jun 2021 10:51:28 -0700 (PDT) Received: from [192.168.1.49] (static-71-174-62-56.bstnma.fios.verizon.net [71.174.62.56]) (authenticated bits=0) (User authenticated as jricher@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 15FHpQvn012440 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 15 Jun 2021 13:51:27 -0400 From: Justin Richer Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.6\)) Message-Id: Date: Tue, 15 Jun 2021 13:51:26 -0400 To: GNAP Mailing List X-Mailer: Apple Mail (2.3608.120.23.2.6) Archived-At: Subject: [GNAP] Key Rotation X-BeenThere: txauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: GNAP List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jun 2021 17:51:39 -0000 In the GNAP protocol, most requests are bound to a key. There are pretty = solid mechanisms for establishing those keys as part of the request, = both dynamically and as part of some pre-registration step. However, over time those keys could be rotated out by the parties that = control them, and GNAP needs to be able to handle this. =E2=80=A2 Access tokens are bound to keys =E2=80=A2 We allow rotation of the token value at client = instance request... =E2=80=A2 Should we allow rotation of the key also? =E2=80=A2 Grant transactions are also bound to keys =E2=80=A2 Specifically: the continuation access token is = bound to a key =E2=80=A2 The key is initially the client instance=E2=80=99= s key =E2=80=A2 Should the client be able to rotate this key = separately? =E2=80=A2 Some client instances have registered keys =E2=80=A2 What happens when a client=E2=80=99s = registered key rotates? Secure rotation of a key would require some way for the presenter to = prove possession of both the old and new keys simultaneously. It could = be a matter of signing the request with the new key and include some = artifact signed by the old key in the request, or the inverse of that. = There are likely other methods out there, but this seems simplest. What situations are people looking at for handling key rotation?=20 =E2=80=94 Justin= From nobody Sun Jun 20 01:06:12 2021 Return-Path: X-Original-To: txauth@ietfa.amsl.com Delivered-To: txauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 08CC33A2029 for ; Sun, 20 Jun 2021 01:06:06 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.897 X-Spam-Level: X-Spam-Status: No, score=-0.897 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=mnot.net header.b=Wyn4iOqK; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=kZLEAC0Q Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HRIh0Hxk_S09 for ; Sun, 20 Jun 2021 01:06:00 -0700 (PDT) Received: from wout2-smtp.messagingengine.com (wout2-smtp.messagingengine.com [64.147.123.25]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B6AC33A202B for ; Sun, 20 Jun 2021 01:06:00 -0700 (PDT) Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.west.internal (Postfix) with ESMTP id D7A41FA3 for ; Sun, 20 Jun 2021 03:38:54 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute5.internal (MEProxy); Sun, 20 Jun 2021 03:38:54 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mnot.net; h= content-type:mime-version:from:to:subject; s=fm3; bh=WyyxZQMPYwV IezwQipiqk8S2Z1upJmadF9LEv4777S0=; b=Wyn4iOqKCRA0LK4ZEQnJ/MBF1Zm yGpp1sZqBZBw1DB266jju0uU619ag62D/cAkXu1gJVg3NHW2kETELB35Mt1+Qiel GsKB8VPLnVgHs50Oa+k/bZHmFdQhorY+gLV/ijVTFtxFJOJjTS3tcgXlSZ/9yKkk hXemYo316h6u0iZAvYd70CkOE1RorDPh7cduujUd+L0HCea/o4pzVJErIHXxXw/A jqXJrdlARKcYJbXBDEM7sko61goV8TtRLsa1IdXYROk9z8y4EY7iGiFrkgfhfEA7 hH3Y0sO9OHy+Sf9WaokLM2meHqLhwOq/51NEn1j8I8MVewDj9NZSRdpNTbg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:from:mime-version:subject:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm3; bh=WyyxZQMPYwVIezwQipiqk8S2Z1upJmadF9LEv4777S0=; b=kZLEAC0Q fu6DCT+UKMaMXx1P4kl9vSdVhPubbAzs51+BfIud1QxeqyxiefbruzD+zG9ZEFSm 3U8kWlRBfPgWDV12lZlYGMVtXQvK491zgNb4DGTIR8W9vV6RJIfqEO5TnkXqMh+p xpR7OZmB3ZBjIJ8MrHtE0mK7eT8diMT7CSvZ1qnKhMeYxwSanHvIdRNQ+0WkVhWf mXa9sQiHaEMRqbicjDGflPsjFgZKMEn6YR+vHSREW7kaeEAZYd6JglSWP3w0LlRA e9s4Gf4bag36Qx97zLTr468xTsYk34oIp8dVCJ9xNBRKMprl85tB/d6m3yrIgFHv /gka4yDml33jFQ== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduledrfeefiedgudegvdcutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecupfhoucgurghtvgcufhhivghlugculdegledmne cujfgurheptggghffvufesrgdttdertddtjeenucfhrhhomheptfgvphhoshhithhorhih ucettghtihhvihhthicuufhumhhmrghrhicuuehothcuoeguohgpnhhothgprhgvphhlhi esmhhnohhtrdhnvghtqeenucggtffrrghtthgvrhhnpeekfedvudetjedvfeekheeiveeu gfefhfetteevgeffkefffeetffdvleehudeiteenucffohhmrghinhepghhithhhuhgsrd gtohhmnecuvehluhhsthgvrhfuihiivgepvdenucfrrghrrghmpehmrghilhhfrhhomhep ughopghnohhtpghrvghplhihsehmnhhothdrnhgvth X-ME-Proxy: Received: by mail.messagingengine.com (Postfix) with ESMTPA for ; Sun, 20 Jun 2021 03:38:54 -0400 (EDT) Content-Type: multipart/alternative; boundary="===============6580629459087350586==" MIME-Version: 1.0 From: Repository Activity Summary Bot To: txauth@ietf.org Message-Id: <20210620080600.B6AC33A202B@ietfa.amsl.com> Date: Sun, 20 Jun 2021 01:06:00 -0700 (PDT) Archived-At: Subject: [GNAP] Weekly github digest (GNAP Weekly GitHub Activity Summary) X-BeenThere: txauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: GNAP List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 20 Jun 2021 08:06:06 -0000 --===============6580629459087350586== MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8"; format="flowed" Events without label "editorial" Pull requests ------------- * ietf-wg-gnap/core-protocol (+0/-0/=F0=9F=92=AC3) 2 pull requests received 3 new comments: - #268 add grant endpoint URL to interaction hash to close mix-up proxy v= ulnerability (2 by jricher, yaronf) https://github.com/ietf-wg-gnap/gnap-core-protocol/pull/268=20 - #267 add role diagram (1 by yaronf) https://github.com/ietf-wg-gnap/gnap-core-protocol/pull/267 [Pending Me= rge]=20 Repositories tracked by this digest: ----------------------------------- * https://github.com/ietf-wg-gnap/core-protocol * https://github.com/ietf-wg-gnap/gnap-resource-servers --===============6580629459087350586== Content-Type: text/html; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Weekly github digest (GNAP Weekly GitHub Activity Summary)

Sunday June 20, 2021

Events without label "editorial"

Pull requests

ietf-wg-gnap/core-protocol (+0/-0/=F0=9F=92=AC3)

2 pull requests received 3 new comments:

Repositories tracked by this digest:

--===============6580629459087350586==-- From nobody Sun Jun 20 06:16:28 2021 Return-Path: X-Original-To: txauth@ietfa.amsl.com Delivered-To: txauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4BF043A1491 for ; Sun, 20 Jun 2021 06:16:27 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.537 X-Spam-Level: X-Spam-Status: No, score=-0.537 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.338, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=babelouest.org Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IwxMgGy2Wgss for ; Sun, 20 Jun 2021 06:16:22 -0700 (PDT) Received: from perceval.babelouest.org (perceval.babelouest.org [IPv6:2001:41d0:8:bc0f::1]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1A1A43A1492 for ; Sun, 20 Jun 2021 06:16:21 -0700 (PDT) Received: from [192.168.1.50] (bras-base-qubcpq0634w-grc-13-70-50-158-193.dsl.bell.ca [70.50.158.193]) by perceval.babelouest.org (Postfix) with ESMTPSA id 14BD71FF1C for ; Sun, 20 Jun 2021 09:16:16 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=babelouest.org; s=mail; t=1624194977; bh=gYHTLbqHG3LVmSHVhnJm1JCnhostxl3ZvMO7/vRympY=; h=To:References:From:Subject:Date:In-Reply-To:From; b=rz108cPCG+hz2FuVQK9IT5y5BKEC/8Kxe78JFoidxlPmmNTR/b0q5B/B7Zuj8hsmU JCj/y8jIMgpl6Grynzkc4mNFruXmPYZO80SdtRLv8PRD9MEoeBl0if7ezg2dJ3LuCz K1rkkiCt0MgZXvUr/UNQwdKm4b30PjNRpNDaoFLd0FcBWqkCQlOKDCEfYjGTnLn/+m 1PrOQjoLxhYVOkLMCAm2oTxxo1AEu+3oci5E5UGgiiyy64PJdMX1A1E1Gzo80OYYYB hOWoI4vt52Gw0GsCV/YSrAF8gY2pPd2d/sDMbAJ1EznCp2kUztLeysaI6BxxnwCDyN anzbTh845MEQQ== To: txauth@ietf.org References: From: Nicolas Mora Autocrypt: addr=nicolas@babelouest.org; keydata= xsFNBFmJqr8BEADBhkCFzusIdcIn8V8+Maee1V+GhD/sNS/GuqDL5WwVlrdv6TDrEiiIGvX7 6fs+F1/wP9z/8P2QVm6pxZG+MGpARmWyYkMyklMpqjuXN8JMutjAM9ymouEtVcb3CV20AgXU 7Qe1M2Dofmg4waRM5vHsLI0gvARgo5Rxxc+DoKS8GApE2nbXB8imFLJ48L1FnDVbQWpIW+mz O7dtMY6XQkpvqtRkYrEfxvVDHD06fG4SIzVF8QL1iiRHncG+5u24AU1FxKxxFNYUTcQxCQZ5 JNHsANmgsWCcheEL15B0eDYrJ7jDPaGiN2Ullh4csO9zlYyfWA84I4CGi3En5C69M7uvOxvy g7LL9GsrAaH51ksR1ksDH41OMSBVkeLSpU8RPudy8bpIsGXNtqpAOFjhGoJz6POggY/HmAJe qRDF1HfjPFFm3dZ7E0dLR0aPvxTwuzIERRcjKrzMqslLTjgOVUXSfjhCtWPmcRbwCHWR2k/i cho20wnEVJsVrbNld/0fMvxenrWSmuwawnDHTSwK5Sy5ec2JQy6qvQ2zJIYrdg0eHur/sURi SbAyNmfoOII9GBTAFm13XkHWbBysppGQVAyowYO2h0JC+6MVxQRndBsCC4jRNiT9wptl4rOh o4GYW4d/smGlCbki/bYdSItbtk4rjHAyl+WYM6Jpy1sZXe7SDQARAQABzSVOaWNvbGFzIE1v cmEgPG5pY29sYXNAYmFiZWxvdWVzdC5vcmc+wsF3BBMBCAAhBQJZiaq/AhsDBQsJCAcCBhUI CQoLAgQWAgMBAh4BAheAAAoJEP6CE5RAvSK5ZTkP/3PN+SPKLKOcgG/C3ZI9KxM93y4AKZ0z UCBtr2QJDt8viFKq3jPsSo6+Rw1UuY2oDx4wWUXqlsp3NKnvoKWMip6UVVH0XB48iLe4Tiu0 PVqIfHB/MIdE/QSYLFZzX0n4AgTlrho7Hd+S7TZMtf15FKF4/8y5lLVXK86cbZhaOEPcJyb9 taT4IVkU5M22aNfuZAUjexeCsn/em4pjEyREilht8Fo9tND9Nr/w2SOJNAKWZp+JlKR1ok3z sFvEN5rAEsdA9gvQ/5ubs8iXM0KfBHLa0wp/YWRLRrDFoCEqrkZdBetGxJn4G+wNdhb4TTsX HTfb/0Je179uF2jcFawr/DhJb/bKJUB236u2+0e53QufYq8brBqA4aONDCfOVAHVNjazruCK Wli2E2lHvJLVQeFkBP2Mo9IiWO8uNdXpK5QUjcipW5t6fxN1beNzJdZLiHVjjVKskVueoLDY tHt0TzPY75I6Bgy/oRz5e1sP6UjYsZs5+ZUFOw7Zii5kXcPDrhXb1sEd9ZvB4f9XdvxtE91h aUz9EW63XIvsUYsnjqdTznojBVeLVVnZJKp3RlWFw0o0xT90JuOkA5Pw8oL0GpBRA9vaPi1p hs2DCbCRe/U188HkNmhiH1C9dY+J/4h8IvicjIgTI0+27FPFxp6nMlkH4OgjUHZrbvE9E8Sr zonrzsFNBFmJqr8BEADrI5lstjLaS6IXxH37GWvfPLdjLyTFK5kJqyZkhGNMWHmwmRU3BVrz 0M0Tva/a3Z1B+fXJGzKevQhKMBsrpYhkbKkbMg7vreiWhZjQyy5nvbKA4aMhZ1ckmYWExOk2 QiUpTDoLDBN7VEZG+FV9Hw5ZVeH1k5LnbIxxxIGdzK1mxcCBgJodvzHsp1SZefVIKBKLH+y+ scAZDbnDfSUo/1pPgruogskpg67XrtDP/mZxgf7GB0wlrQrrJt9eBuCD5NXIjtl8KvEIPKTx AlYf/Gu8ZCuu0cwHLl/79WUH6wT35XByAsBMtuG8dHDidj50/XkpP2L6GE52KYTNoQVv5XoA IzpuwXDxcTML0JjE1EKAfRFeyuuiMncX9dgtRdJGMgN/4HYzIiSvWsjYkgVUFrh/ZlENbE6D hy4NLqDEBQb5RMIWrO7VVaAKosRysY72G3Z1FmS2m2dPAlNNLGHESlcLp3nwnNFFneQif4Kf 1ZdFMZJCy8D6n+TbuZmY8eMC624Ot5h18an0yBWFE8E/XU4yQR6savhhinY1Yc4EKjcNiP4c Trphh4cE7XgMitX+0yc1D9s7umuiBdqw9VAsyA20NfLZCMxieiGYcgda1WPA5V7jQc3m8G+C Jyg762Tb3XyPGBPy4TDfghpw1RqYf8wYAi8e74wKHck/uAP6R1lc7wARAQABwsFfBBgBCAAJ BQJZiaq/AhsMAAoJEP6CE5RAvSK5Y4AP/Rb0F2lmB6uDu66BhCYX7Z2hcnt4/LZK1hYb6fRO 3mnW8XClntYOGbKoAGAQDS3PrIx2EJkUr5FiWMpnneQPcwfNuL7VlSqlcFfwN+kkjTcsIjrw 3KMgGNbjjQ83jCUzidyQ4eg18AKKaxb0NrA8UNRTvtK0ozSThxnzLZ20nu/mU9NJhcMVx2Qz IEUiJK5ag3uXli/r52ILle5Wq9LPxjPEsl0oGlqNMGcCZLr20tHXm0XLrSVEenWKL8hjaEud PNdcKMLBWVsp0VIS/di1fsQgwhuJ9C+fwhtqaGsL5DsKDYhrUo1iKi4avX0f8IdzenQSKFso Jf+t+kHIm5/ZdZ8jMN081RznIvz8p8BxWOzbg+BZCCkOIsCxypmU9WgMMJ3hXgRa2OIhQZQ3 AnBc/U843uU/7HVRMhd4efzjNw/v1joDd4KEJEHnS/jT/s9jxEyikOtQW9otJBLgZpoEG+9R FCKPu4TV8RB9kZCHOM5lwSwq7CIwwVltF1pMRokm6X7lyclZ4iCEtfZAM6ZuvN/fh1GbIJxf t+hIWqDPiG9bPtoXZMArUi1zCaSmFdzba/15+P+B3EyaadYiSjVn9WBhe6syxZ8WYo0ehvJE e42BLGcGRcQl+l2Jt57D3FPDYYJEUkl72sGhhKbrg4YBVfCoWuchD0wXvR9ARXtLK5H4 Message-ID: Date: Sun, 20 Jun 2021 09:16:13 -0400 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="5kc5pInPSxaZ9Jwrv5A4ZT5Ro9fBTOEOE" Archived-At: Subject: Re: [GNAP] Signature Methods X-BeenThere: txauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: GNAP List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 20 Jun 2021 13:16:27 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --5kc5pInPSxaZ9Jwrv5A4ZT5Ro9fBTOEOE Content-Type: multipart/mixed; boundary="XgmTOToDc51h2kGs66S0I0b0rjZQRUiBr"; protected-headers="v1" From: Nicolas Mora To: txauth@ietf.org Message-ID: Subject: Re: [GNAP] Signature Methods References: In-Reply-To: --XgmTOToDc51h2kGs66S0I0b0rjZQRUiBr Content-Type: multipart/mixed; boundary="------------2B6F7F64B505C8289F3267D5" Content-Language: en-US This is a multi-part message in MIME format. --------------2B6F7F64B505C8289F3267D5 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: quoted-printable Hello, Le 2021-06-15 =C3=A0 13 h 49, Justin Richer a =C3=A9crit=C2=A0: >=20 > Proposed to keep: >=20 > - HTTP Method Signatures: general purpose mechanism, being defined in H= TTP WG. Can be bound to symmetric and asymmetric keys. Usable for native,= web, and SPA clients. Suggested MTI for the AS (but not mandatory to use= ) for interoperability. Side note, possible use for AS to sign responses = (but not explored here yet =E2=80=94 that=E2=80=99s another topic). >=20 > - Mutual TLS: based on OAuth MTLS, ties the keys at the TLS layer to th= e application protocol (GNAP). >=20 >=20 [...] >=20 > This leaves the two JWS based methods, detached and attached. Since att= ached JWS depends on the detached JWS method to handle body-less requests= like GET, DELETE, OPTIONS, etc., if we remove the detached method then w= e have to remove both. The methods could be pulled to an extension, left = in core, or removed entirely. >=20 > The editors would appreciate feedback on this proposal, including speci= fic feedback on the JWS methods from implementors who are targeting them.= >=20 If I may, I'd like to keep the detached and attached methods in GNAP. The attached method is easy to understand and implement, you have=20 zillions of JOSE implementations in various languages and contexts, and=20 from the point of view of the client, the detached method looks like this= : - step 1: build the request as a JSON object - step 2: serialize a JWS in compact mode using the private key - step 3: send the request to the AS This makes it simple to implement on both sides, also, the signing and=20 encryption capabilities adds a pretty good security layer to the request.= Also, this methods allows client without a secret or a private key, such = as the public clients in OAuth2, because one can build an unsigned JWS. If GNAP only uses HTTP Message Signing and Mutual TLS, it may be harder=20 to implement, therefore lead to less implementation and adoption. I wasn't there at that time but I've read that OAuth1 and SAML had this=20 problem, and OAuth2 was made to avoid too much complexity. /Nicolas --------------2B6F7F64B505C8289F3267D5 Content-Type: application/pgp-keys; name="OpenPGP_0xFE82139440BD22B9.asc" Content-Transfer-Encoding: quoted-printable Content-Description: OpenPGP public key Content-Disposition: attachment; filename="OpenPGP_0xFE82139440BD22B9.asc" -----BEGIN PGP PUBLIC KEY BLOCK----- xsFNBFmJqr8BEADBhkCFzusIdcIn8V8+Maee1V+GhD/sNS/GuqDL5WwVlrdv6TDrEiiIGvX76= fs+ F1/wP9z/8P2QVm6pxZG+MGpARmWyYkMyklMpqjuXN8JMutjAM9ymouEtVcb3CV20AgXU7Qe1M= 2Do fmg4waRM5vHsLI0gvARgo5Rxxc+DoKS8GApE2nbXB8imFLJ48L1FnDVbQWpIW+mzO7dtMY6XQ= kpv qtRkYrEfxvVDHD06fG4SIzVF8QL1iiRHncG+5u24AU1FxKxxFNYUTcQxCQZ5JNHsANmgsWCch= eEL 15B0eDYrJ7jDPaGiN2Ullh4csO9zlYyfWA84I4CGi3En5C69M7uvOxvyg7LL9GsrAaH51ksR1= ksD H41OMSBVkeLSpU8RPudy8bpIsGXNtqpAOFjhGoJz6POggY/HmAJeqRDF1HfjPFFm3dZ7E0dLR= 0aP vxTwuzIERRcjKrzMqslLTjgOVUXSfjhCtWPmcRbwCHWR2k/icho20wnEVJsVrbNld/0fMvxen= rWS muwawnDHTSwK5Sy5ec2JQy6qvQ2zJIYrdg0eHur/sURiSbAyNmfoOII9GBTAFm13XkHWbBysp= pGQ VAyowYO2h0JC+6MVxQRndBsCC4jRNiT9wptl4rOho4GYW4d/smGlCbki/bYdSItbtk4rjHAyl= +WY M6Jpy1sZXe7SDQARAQABzSVOaWNvbGFzIE1vcmEgPG5pY29sYXNAYmFiZWxvdWVzdC5vcmc+w= sF3 BBMBCAAhBQJZiaq/AhsDBQsJCAcCBhUICQoLAgQWAgMBAh4BAheAAAoJEP6CE5RAvSK5ZTkP/= 3PN +SPKLKOcgG/C3ZI9KxM93y4AKZ0zUCBtr2QJDt8viFKq3jPsSo6+Rw1UuY2oDx4wWUXqlsp3N= Knv oKWMip6UVVH0XB48iLe4Tiu0PVqIfHB/MIdE/QSYLFZzX0n4AgTlrho7Hd+S7TZMtf15FKF4/= 8y5 lLVXK86cbZhaOEPcJyb9taT4IVkU5M22aNfuZAUjexeCsn/em4pjEyREilht8Fo9tND9Nr/w2= SOJ NAKWZp+JlKR1ok3zsFvEN5rAEsdA9gvQ/5ubs8iXM0KfBHLa0wp/YWRLRrDFoCEqrkZdBetGx= Jn4 G+wNdhb4TTsXHTfb/0Je179uF2jcFawr/DhJb/bKJUB236u2+0e53QufYq8brBqA4aONDCfOV= AHV NjazruCKWli2E2lHvJLVQeFkBP2Mo9IiWO8uNdXpK5QUjcipW5t6fxN1beNzJdZLiHVjjVKsk= Vue oLDYtHt0TzPY75I6Bgy/oRz5e1sP6UjYsZs5+ZUFOw7Zii5kXcPDrhXb1sEd9ZvB4f9XdvxtE= 91h aUz9EW63XIvsUYsnjqdTznojBVeLVVnZJKp3RlWFw0o0xT90JuOkA5Pw8oL0GpBRA9vaPi1ph= s2D CbCRe/U188HkNmhiH1C9dY+J/4h8IvicjIgTI0+27FPFxp6nMlkH4OgjUHZrbvE9E8Srzonrz= sFN BFmJqr8BEADrI5lstjLaS6IXxH37GWvfPLdjLyTFK5kJqyZkhGNMWHmwmRU3BVrz0M0Tva/a3= Z1B +fXJGzKevQhKMBsrpYhkbKkbMg7vreiWhZjQyy5nvbKA4aMhZ1ckmYWExOk2QiUpTDoLDBN7V= EZG +FV9Hw5ZVeH1k5LnbIxxxIGdzK1mxcCBgJodvzHsp1SZefVIKBKLH+y+scAZDbnDfSUo/1pPg= ruo gskpg67XrtDP/mZxgf7GB0wlrQrrJt9eBuCD5NXIjtl8KvEIPKTxAlYf/Gu8ZCuu0cwHLl/79= WUH 6wT35XByAsBMtuG8dHDidj50/XkpP2L6GE52KYTNoQVv5XoAIzpuwXDxcTML0JjE1EKAfRFey= uui MncX9dgtRdJGMgN/4HYzIiSvWsjYkgVUFrh/ZlENbE6Dhy4NLqDEBQb5RMIWrO7VVaAKosRys= Y72 G3Z1FmS2m2dPAlNNLGHESlcLp3nwnNFFneQif4Kf1ZdFMZJCy8D6n+TbuZmY8eMC624Ot5h18= an0 yBWFE8E/XU4yQR6savhhinY1Yc4EKjcNiP4cTrphh4cE7XgMitX+0yc1D9s7umuiBdqw9VAsy= A20 NfLZCMxieiGYcgda1WPA5V7jQc3m8G+CJyg762Tb3XyPGBPy4TDfghpw1RqYf8wYAi8e74wKH= ck/ uAP6R1lc7wARAQABwsFfBBgBCAAJBQJZiaq/AhsMAAoJEP6CE5RAvSK5Y4AP/Rb0F2lmB6uDu= 66B hCYX7Z2hcnt4/LZK1hYb6fRO3mnW8XClntYOGbKoAGAQDS3PrIx2EJkUr5FiWMpnneQPcwfNu= L7V lSqlcFfwN+kkjTcsIjrw3KMgGNbjjQ83jCUzidyQ4eg18AKKaxb0NrA8UNRTvtK0ozSThxnzL= Z20 nu/mU9NJhcMVx2QzIEUiJK5ag3uXli/r52ILle5Wq9LPxjPEsl0oGlqNMGcCZLr20tHXm0XLr= SVE enWKL8hjaEudPNdcKMLBWVsp0VIS/di1fsQgwhuJ9C+fwhtqaGsL5DsKDYhrUo1iKi4avX0f8= Idz enQSKFsoJf+t+kHIm5/ZdZ8jMN081RznIvz8p8BxWOzbg+BZCCkOIsCxypmU9WgMMJ3hXgRa2= OIh QZQ3AnBc/U843uU/7HVRMhd4efzjNw/v1joDd4KEJEHnS/jT/s9jxEyikOtQW9otJBLgZpoEG= +9R FCKPu4TV8RB9kZCHOM5lwSwq7CIwwVltF1pMRokm6X7lyclZ4iCEtfZAM6ZuvN/fh1GbIJxft= +hI WqDPiG9bPtoXZMArUi1zCaSmFdzba/15+P+B3EyaadYiSjVn9WBhe6syxZ8WYo0ehvJEe42BL= GcG RcQl+l2Jt57D3FPDYYJEUkl72sGhhKbrg4YBVfCoWuchD0wXvR9ARXtLK5H4 =3D1rnn -----END PGP PUBLIC KEY BLOCK----- --------------2B6F7F64B505C8289F3267D5-- --XgmTOToDc51h2kGs66S0I0b0rjZQRUiBr-- --5kc5pInPSxaZ9Jwrv5A4ZT5Ro9fBTOEOE Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="OpenPGP_signature" -----BEGIN PGP SIGNATURE----- wsF5BAABCAAjFiEEhAWwL8wo75dEyPJT/oITlEC9IrkFAmDPP50FAwAAAAAACgkQ/oITlEC9Irms Xw//eCk6yZrbepNVjErI7eX/toyY20pQAnIxunxrhxuWdkOxXMda+N5xg8GigTy/XGfqhn0RTfwA ko4Jj56pcu+fZxTAMuE/5SxQXO5aOazlD/YFXE/Qi+TkDvMER/iQy+TkgCHH3qDNRQMjLoD4dzhg vdThKmhypuKLwIo77u3VgvmIlacLDS0qJgAtiJYHlmILsEcguFaWylsWTQDQcgE0KlOMDC9rPmS7 kTEX16GAzltJb7DFXAZWjLQ2KlSNYm1CbDaqspM8N/mgx8Fav17NLUm8nGNV+IUBxQi4NBtdxFlT XtfmD/kpKLScgDFpWFfgYn4IPuVspP7BPLoQEYWUabfzadcFXzzrzYWj7bcZw6d8tNBADd1aUbfG yCIBaBCs3j6sj1pMxiF41D07sTJ7mPa77oZg7HofTVdqKymTFv9SozDiO+s9TuQYCuetqrwae+E/ 3HW8/TuOxYRbKvEI+cxaih86SIpQkygDqCErjiK276kQ2iwBAjXrXhdm7H0Rz1dR48ASw4ol0Mso axl8lhNQreIUFIQqDi7yYNPC5CA0ieXIB+Xovw3wWnUwWCV34fCO6iIJpSAbJaeot113nEx/VQbr plzOnhLyUyylFVmzad0NLQ8vqoKd42n8UF6sDI9BtRTpHhfAEfTD1KgOh8SXjYScjMFSPHbSBhgv MPk= =EOJY -----END PGP SIGNATURE----- --5kc5pInPSxaZ9Jwrv5A4ZT5Ro9fBTOEOE-- From nobody Mon Jun 21 06:51:36 2021 Return-Path: X-Original-To: txauth@ietfa.amsl.com Delivered-To: txauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AC5843A1038 for ; Mon, 21 Jun 2021 06:51:34 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.295 X-Spam-Level: X-Spam-Status: No, score=-2.295 tagged_above=-999 required=5 tests=[RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rUZsxHd0hpS9 for ; Mon, 21 Jun 2021 06:51:30 -0700 (PDT) Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E3AC63A106E for ; Mon, 21 Jun 2021 06:51:29 -0700 (PDT) Received: from [192.168.1.49] (static-71-174-62-56.bstnma.fios.verizon.net [71.174.62.56]) (authenticated bits=0) (User authenticated as jricher@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 15LDpOlo001922 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 21 Jun 2021 09:51:24 -0400 Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.6\)) From: Justin Richer In-Reply-To: Date: Mon, 21 Jun 2021 09:51:23 -0400 Cc: txauth@ietf.org Content-Transfer-Encoding: quoted-printable Message-Id: <20CF0679-B898-442F-89D3-902644A4C85A@mit.edu> References: To: Nicolas Mora X-Mailer: Apple Mail (2.3608.120.23.2.6) Archived-At: Subject: Re: [GNAP] Signature Methods X-BeenThere: txauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: GNAP List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Jun 2021 13:51:35 -0000 Hi Nicolas, thanks for the feedback! Some comments below. > On Jun 20, 2021, at 9:16 AM, Nicolas Mora = wrote: >=20 > Hello, >=20 > Le 2021-06-15 =C3=A0 13 h 49, Justin Richer a =C3=A9crit : >> Proposed to keep: >> - HTTP Method Signatures: general purpose mechanism, being defined in = HTTP WG. Can be bound to symmetric and asymmetric keys. Usable for = native, web, and SPA clients. Suggested MTI for the AS (but not = mandatory to use) for interoperability. Side note, possible use for AS = to sign responses (but not explored here yet =E2=80=94 that=E2=80=99s = another topic). >> - Mutual TLS: based on OAuth MTLS, ties the keys at the TLS layer to = the application protocol (GNAP). > [...] >> This leaves the two JWS based methods, detached and attached. Since = attached JWS depends on the detached JWS method to handle body-less = requests like GET, DELETE, OPTIONS, etc., if we remove the detached = method then we have to remove both. The methods could be pulled to an = extension, left in core, or removed entirely. >> The editors would appreciate feedback on this proposal, including = specific feedback on the JWS methods from implementors who are targeting = them. > If I may, I'd like to keep the detached and attached methods in GNAP. >=20 > The attached method is easy to understand and implement, you have = zillions of JOSE implementations in various languages and contexts, and = from the point of view of the client, the detached method looks like = this: >=20 > - step 1: build the request as a JSON object > - step 2: serialize a JWS in compact mode using the private key > - step 3: send the request to the AS The attached method is deceptive like that. While it seems that simple = on the surface, there are a couple of major drawbacks to this approach: - It only works for requests to JSON-based APIs. What about XML, Form, = CBOR, or anything else? JWS would still work but you=E2=80=99d need a = different encoding for the body. - It only works when you have a message body, so it only works for POST = and PUT in practice. You need a detached method for GET, HEAD, OPTIONS, = and DELETE anyway. - The receiving end needs to be able to handle application/jose instead = of application/json. For most application frameworks, this means putting = in a filter that translates the incoming JOSE object to a JSON payload = that the underlying system can then parse into native objects for the = API to consume. While of course it=E2=80=99s possible to do all the = parsing by hand inside your handler methods, it=E2=80=99s not a good for = adoption if we presume everything will need to be special-cased by hand. These aspects alone are incredibly limiting for the attached method, but = there=E2=80=99s even more than that. You have to replicate parts of the = HTTP message inside the JWS somewhere in order to have them covered by = the signature. The GNAP definitions currently do this inside the JWS = header, but other proposals use the JWS payload itself. This is extra = work for the client and leads to error cases that the server needs to = explicitly detect by looking for information in multiple places (ie, a = signed POST request was sent with a GET). =20 >=20 > This makes it simple to implement on both sides, also, the signing and = encryption capabilities adds a pretty good security layer to the = request. >=20 > Also, this methods allows client without a secret or a private key, = such as the public clients in OAuth2, because one can build an unsigned = JWS. Unsigned JWS is explicitly forbidden, as is =E2=80=9Calg:none=E2=80=9D. = If you=E2=80=99re going to send an unsigned request, just send the plain = JSON. For token presentation, GNAP still allows bearer tokens to be requested = by the client and granted by the AS. >=20 > If GNAP only uses HTTP Message Signing and Mutual TLS, it may be = harder to implement, therefore lead to less implementation and adoption. Other methods will still be available, but this discussion is about what = goes in the core document. The registry will allow for extension of = other signing methods, and the core spec will put parameters on what any = new signing methods need to cover. >=20 > I wasn't there at that time but I've read that OAuth1 and SAML had = this problem, and OAuth2 was made to avoid too much complexity. The complexity is part of the story, for sure =E2=80=94 but OAuth 2 is = currently adding higher levels of protection through MTLS, DPoP, and = HTTP Signatures, among a bunch of others. It=E2=80=99s really awkward in = OAuth 2 because we need to work around an infrastructure that didn=E2=80=99= t anticipate things. We :tried: to anticipate them, but it=E2=80=99s = still a bit awkward. Avoiding complexity is actually one of the reasons = the editors are suggesting dropping the GNAP-specific methods from the = core and keeping the general-purpose methods of HTTP Message Signing and = MTLS, which will find implementation and use elsewhere. OAuth 1 used a = very fiddly custom signature scheme based around URL parameters, and it = was really hard to get it right. That scheme also assumed shared = secrets, which made it hard to secure properly.=20 =E2=80=94 Justin >=20 > /Nicolas > --=20 > TXAuth mailing list > TXAuth@ietf.org > https://www.ietf.org/mailman/listinfo/txauth From nobody Mon Jun 21 12:02:20 2021 Return-Path: X-Original-To: txauth@ietfa.amsl.com Delivered-To: txauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6B2073A15E8 for ; Mon, 21 Jun 2021 12:02:19 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.537 X-Spam-Level: X-Spam-Status: No, score=-0.537 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.338, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=babelouest.org Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ruAQIsviBh8k for ; Mon, 21 Jun 2021 12:02:14 -0700 (PDT) Received: from perceval.babelouest.org (perceval.babelouest.org [5.135.181.15]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1C10F3A1614 for ; Mon, 21 Jun 2021 12:01:55 -0700 (PDT) Received: from [192.168.1.50] (bras-base-qubcpq0634w-grc-13-70-50-158-193.dsl.bell.ca [70.50.158.193]) by perceval.babelouest.org (Postfix) with ESMTPSA id AE6831FE1A; Mon, 21 Jun 2021 15:01:52 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=babelouest.org; s=mail; t=1624302113; bh=qqCEMzz1JchFCcnkl0tGXicWhLWqyF4FtNcEP6Nh88E=; h=To:References:From:Cc:Subject:Date:In-Reply-To:From; b=HqP2lSIhWOKdbpFIMUef/CNBbvp7Mq9rhTnmuhPxFbmQScb8DHvAA67geOsswYtJs 4VN8cRHFypp78nrHDLX0Ks+SaVdrPqEJ958zi6sNrCVVYhQC9KWgfp6PS+YRToP7jR JhsAR0ZiEMI1eA6/XwKRZvoWpfQDe/oGzcINc8PKh75WyzP0uX3KobjEyR1z8dBSXz KW+7xrq7ZX8KrHzlsCFcxHTxJ9Yz1HBfCUtEuTWb88Zsboi7m2v+o9he1IxSHL+qlw Vn377YWzAzKjghJFmzSd6LkCM5bbizON7MPsrPKp6I3k71No5A1gHrlt7whomHJAzZ uI4yCM2ADcgjA== To: txauth@ietf.org References: <20CF0679-B898-442F-89D3-902644A4C85A@mit.edu> From: Nicolas Mora Autocrypt: addr=nicolas@babelouest.org; keydata= xsFNBFmJqr8BEADBhkCFzusIdcIn8V8+Maee1V+GhD/sNS/GuqDL5WwVlrdv6TDrEiiIGvX7 6fs+F1/wP9z/8P2QVm6pxZG+MGpARmWyYkMyklMpqjuXN8JMutjAM9ymouEtVcb3CV20AgXU 7Qe1M2Dofmg4waRM5vHsLI0gvARgo5Rxxc+DoKS8GApE2nbXB8imFLJ48L1FnDVbQWpIW+mz O7dtMY6XQkpvqtRkYrEfxvVDHD06fG4SIzVF8QL1iiRHncG+5u24AU1FxKxxFNYUTcQxCQZ5 JNHsANmgsWCcheEL15B0eDYrJ7jDPaGiN2Ullh4csO9zlYyfWA84I4CGi3En5C69M7uvOxvy g7LL9GsrAaH51ksR1ksDH41OMSBVkeLSpU8RPudy8bpIsGXNtqpAOFjhGoJz6POggY/HmAJe qRDF1HfjPFFm3dZ7E0dLR0aPvxTwuzIERRcjKrzMqslLTjgOVUXSfjhCtWPmcRbwCHWR2k/i cho20wnEVJsVrbNld/0fMvxenrWSmuwawnDHTSwK5Sy5ec2JQy6qvQ2zJIYrdg0eHur/sURi SbAyNmfoOII9GBTAFm13XkHWbBysppGQVAyowYO2h0JC+6MVxQRndBsCC4jRNiT9wptl4rOh o4GYW4d/smGlCbki/bYdSItbtk4rjHAyl+WYM6Jpy1sZXe7SDQARAQABzSVOaWNvbGFzIE1v cmEgPG5pY29sYXNAYmFiZWxvdWVzdC5vcmc+wsF3BBMBCAAhBQJZiaq/AhsDBQsJCAcCBhUI CQoLAgQWAgMBAh4BAheAAAoJEP6CE5RAvSK5ZTkP/3PN+SPKLKOcgG/C3ZI9KxM93y4AKZ0z UCBtr2QJDt8viFKq3jPsSo6+Rw1UuY2oDx4wWUXqlsp3NKnvoKWMip6UVVH0XB48iLe4Tiu0 PVqIfHB/MIdE/QSYLFZzX0n4AgTlrho7Hd+S7TZMtf15FKF4/8y5lLVXK86cbZhaOEPcJyb9 taT4IVkU5M22aNfuZAUjexeCsn/em4pjEyREilht8Fo9tND9Nr/w2SOJNAKWZp+JlKR1ok3z sFvEN5rAEsdA9gvQ/5ubs8iXM0KfBHLa0wp/YWRLRrDFoCEqrkZdBetGxJn4G+wNdhb4TTsX HTfb/0Je179uF2jcFawr/DhJb/bKJUB236u2+0e53QufYq8brBqA4aONDCfOVAHVNjazruCK Wli2E2lHvJLVQeFkBP2Mo9IiWO8uNdXpK5QUjcipW5t6fxN1beNzJdZLiHVjjVKskVueoLDY tHt0TzPY75I6Bgy/oRz5e1sP6UjYsZs5+ZUFOw7Zii5kXcPDrhXb1sEd9ZvB4f9XdvxtE91h aUz9EW63XIvsUYsnjqdTznojBVeLVVnZJKp3RlWFw0o0xT90JuOkA5Pw8oL0GpBRA9vaPi1p hs2DCbCRe/U188HkNmhiH1C9dY+J/4h8IvicjIgTI0+27FPFxp6nMlkH4OgjUHZrbvE9E8Sr zonrzsFNBFmJqr8BEADrI5lstjLaS6IXxH37GWvfPLdjLyTFK5kJqyZkhGNMWHmwmRU3BVrz 0M0Tva/a3Z1B+fXJGzKevQhKMBsrpYhkbKkbMg7vreiWhZjQyy5nvbKA4aMhZ1ckmYWExOk2 QiUpTDoLDBN7VEZG+FV9Hw5ZVeH1k5LnbIxxxIGdzK1mxcCBgJodvzHsp1SZefVIKBKLH+y+ scAZDbnDfSUo/1pPgruogskpg67XrtDP/mZxgf7GB0wlrQrrJt9eBuCD5NXIjtl8KvEIPKTx AlYf/Gu8ZCuu0cwHLl/79WUH6wT35XByAsBMtuG8dHDidj50/XkpP2L6GE52KYTNoQVv5XoA IzpuwXDxcTML0JjE1EKAfRFeyuuiMncX9dgtRdJGMgN/4HYzIiSvWsjYkgVUFrh/ZlENbE6D hy4NLqDEBQb5RMIWrO7VVaAKosRysY72G3Z1FmS2m2dPAlNNLGHESlcLp3nwnNFFneQif4Kf 1ZdFMZJCy8D6n+TbuZmY8eMC624Ot5h18an0yBWFE8E/XU4yQR6savhhinY1Yc4EKjcNiP4c Trphh4cE7XgMitX+0yc1D9s7umuiBdqw9VAsyA20NfLZCMxieiGYcgda1WPA5V7jQc3m8G+C Jyg762Tb3XyPGBPy4TDfghpw1RqYf8wYAi8e74wKHck/uAP6R1lc7wARAQABwsFfBBgBCAAJ BQJZiaq/AhsMAAoJEP6CE5RAvSK5Y4AP/Rb0F2lmB6uDu66BhCYX7Z2hcnt4/LZK1hYb6fRO 3mnW8XClntYOGbKoAGAQDS3PrIx2EJkUr5FiWMpnneQPcwfNuL7VlSqlcFfwN+kkjTcsIjrw 3KMgGNbjjQ83jCUzidyQ4eg18AKKaxb0NrA8UNRTvtK0ozSThxnzLZ20nu/mU9NJhcMVx2Qz IEUiJK5ag3uXli/r52ILle5Wq9LPxjPEsl0oGlqNMGcCZLr20tHXm0XLrSVEenWKL8hjaEud PNdcKMLBWVsp0VIS/di1fsQgwhuJ9C+fwhtqaGsL5DsKDYhrUo1iKi4avX0f8IdzenQSKFso Jf+t+kHIm5/ZdZ8jMN081RznIvz8p8BxWOzbg+BZCCkOIsCxypmU9WgMMJ3hXgRa2OIhQZQ3 AnBc/U843uU/7HVRMhd4efzjNw/v1joDd4KEJEHnS/jT/s9jxEyikOtQW9otJBLgZpoEG+9R FCKPu4TV8RB9kZCHOM5lwSwq7CIwwVltF1pMRokm6X7lyclZ4iCEtfZAM6ZuvN/fh1GbIJxf t+hIWqDPiG9bPtoXZMArUi1zCaSmFdzba/15+P+B3EyaadYiSjVn9WBhe6syxZ8WYo0ehvJE e42BLGcGRcQl+l2Jt57D3FPDYYJEUkl72sGhhKbrg4YBVfCoWuchD0wXvR9ARXtLK5H4 Cc: Justin Richer Message-ID: <30079bea-b511-a208-8db1-51af3a04de4f@babelouest.org> Date: Mon, 21 Jun 2021 15:01:51 -0400 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0 MIME-Version: 1.0 In-Reply-To: <20CF0679-B898-442F-89D3-902644A4C85A@mit.edu> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="Be1qIcDrVtgCNeg35IKp1MP3GpSPDvaVw" Archived-At: Subject: Re: [GNAP] Signature Methods X-BeenThere: txauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: GNAP List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Jun 2021 19:02:20 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --Be1qIcDrVtgCNeg35IKp1MP3GpSPDvaVw Content-Type: multipart/mixed; boundary="iaJgmIYex3WPhYoYXIS4kLSfIoQkHdox6"; protected-headers="v1" From: Nicolas Mora To: txauth@ietf.org Cc: Justin Richer Message-ID: <30079bea-b511-a208-8db1-51af3a04de4f@babelouest.org> Subject: Re: [GNAP] Signature Methods References: <20CF0679-B898-442F-89D3-902644A4C85A@mit.edu> In-Reply-To: <20CF0679-B898-442F-89D3-902644A4C85A@mit.edu> --iaJgmIYex3WPhYoYXIS4kLSfIoQkHdox6 Content-Type: multipart/mixed; boundary="------------E205F5B5C4633FE4427834AE" Content-Language: en-US This is a multi-part message in MIME format. --------------E205F5B5C4633FE4427834AE Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: quoted-printable Hello Justin, thanks for your comments, If I wasn't clear, my point is to keep attached and detached methods in=20 the core GNAP protocol, in addition to the other available signatures=20 methods mentioned. Although, DPoP and PoP signatures can be dropped from the core specs,=20 their complexity and security levels are covered with other methods. My objective is to have an easy-to-use signature method in GNAP core, to = allow more app and services to adopt GNAP. Although there might have drawbacks in such methods, it would be the=20 administrator's responsibility to allow or not some methods with some=20 resources and some clients. Le 2021-06-21 =C3=A0 09 h 51, Justin Richer a =C3=A9crit=C2=A0: >> >> - step 1: build the request as a JSON object >> - step 2: serialize a JWS in compact mode using the private key >> - step 3: send the request to the AS >=20 > The attached method is deceptive like that. While it seems that simple = on the surface, there are a couple of major drawbacks to this approach: >=20 > - It only works for requests to JSON-based APIs. What about XML, Form, = CBOR, or anything else? JWS would still work but you=E2=80=99d need a dif= ferent encoding for the body. You can specify a header typ or cty for that, and state some typ/cty=20 values that are acceptable for GNAP requests for example. > - It only works when you have a message body, so it only works for POST= and PUT in practice. You need a detached method for GET, HEAD, OPTIONS, = and DELETE anyway. I concur, and yes, I don't see detached method usable for every use case.= > - The receiving end needs to be able to handle application/jose instead= of application/json. For most application frameworks, this means putting= in a filter that translates the incoming JOSE object to a JSON payload t= hat the underlying system can then parse into native objects for the API = to consume. While of course it=E2=80=99s possible to do all the parsing b= y hand inside your handler methods, it=E2=80=99s not a good for adoption = if we presume everything will need to be special-cased by hand. >=20 That will the responsibility of the client or client library. I can only speak for myself but I don't see it more difficult to call a=20 parse method with the JWS payload and a JSON library than calling a=20 getClaims() method on a JWT. Also, an advantage of using a JWS is that you can compress its payload.=20 The "ZIP: def" header is defined in the JWE RFC only, not the JWS RFC,=20 but the JWS RFC doesn't explicitly forbids it. I didn't even thought of it before I saw it in the smarthealth JWS=20 format specification [1]. Now I would like it everywhere! :-) > These aspects alone are incredibly limiting for the attached method, bu= t there=E2=80=99s even more than that. You have to replicate parts of the= HTTP message inside the JWS somewhere in order to have them covered by t= he signature. The GNAP definitions currently do this inside the JWS heade= r, but other proposals use the JWS payload itself. This is extra work for= the client and leads to error cases that the server needs to explicitly = detect by looking for information in multiple places (ie, a signed POST r= equest was sent with a GET). > =20 I agree with you, but then I have a question regarding that: why does=20 the HTTP parameters must be part of the header or the payload in=20 addition to the HTTP request? I asked myself this question when I read an earlier GNAP specification.=20 I assumed the goal is to add entropy and another check for the client to = make before sending a request, i.e. are you sure you're asking the=20 proper question? Isn't is a duplicate from a previous request? I told myself such parameters (uri and htm) could be replaced by a jti,=20 but, again, this idea is from a limited point of view and I'm pretty=20 sure I don't see the big picture. > Unsigned JWS is explicitly forbidden, as is =E2=80=9Calg:none=E2=80=9D.= If you=E2=80=99re going to send an unsigned request, just send the plain= JSON. >=20 My bad, thanks for the clarification >=20 > Other methods will still be available, but this discussion is about wha= t goes in the core document. The registry will allow for extension of oth= er signing methods, and the core spec will put parameters on what any new= signing methods need to cover. >=20 That's what I'm afraid of: having attached and detached signatures=20 methods in an extension. I'd rather have those methods in the core document. So the core GNAP=20 spec would cover most use cases: SPA, website, app, fridge, TV, embedded = sensor, satellite, etc. All those use cases will have the same goal, but can choose one=20 signature method that fit its needs, and its security requirements. >> >> I wasn't there at that time but I've read that OAuth1 and SAML had thi= s problem, and OAuth2 was made to avoid too much complexity. >=20 > The complexity is part of the story, for sure =E2=80=94 but OAuth 2 is = currently adding higher levels of protection through MTLS, DPoP, and HTTP= Signatures, among a bunch of others. It=E2=80=99s really awkward in OAut= h 2 because we need to work around an infrastructure that didn=E2=80=99t = anticipate things. We :tried: to anticipate them, but it=E2=80=99s still = a bit awkward. Avoiding complexity is actually one of the reasons the edi= tors are suggesting dropping the GNAP-specific methods from the core and = keeping the general-purpose methods of HTTP Message Signing and MTLS, whi= ch will find implementation and use elsewhere. OAuth 1 used a very fiddly= custom signature scheme based around URL parameters, and it was really h= ard to get it right. That scheme also assumed shared secrets, which made = it hard to secure properly. I agree, I chose to implement all those oauth2 client authentication=20 schemes, and it's quite complex. The most difficult part is that all those methods are extensions, so=20 they know the core specs but not each other, therefore I have to make=20 choices for all of those to work together. That's the reason I prefer the detached and attached methods in the core = specs. /Nicolas [1] https://spec.smarthealth.cards/#health-cards-are-small --------------E205F5B5C4633FE4427834AE Content-Type: application/pgp-keys; name="OpenPGP_0xFE82139440BD22B9.asc" Content-Transfer-Encoding: quoted-printable Content-Description: OpenPGP public key Content-Disposition: attachment; filename="OpenPGP_0xFE82139440BD22B9.asc" -----BEGIN PGP PUBLIC KEY BLOCK----- xsFNBFmJqr8BEADBhkCFzusIdcIn8V8+Maee1V+GhD/sNS/GuqDL5WwVlrdv6TDrEiiIGvX76= fs+ F1/wP9z/8P2QVm6pxZG+MGpARmWyYkMyklMpqjuXN8JMutjAM9ymouEtVcb3CV20AgXU7Qe1M= 2Do fmg4waRM5vHsLI0gvARgo5Rxxc+DoKS8GApE2nbXB8imFLJ48L1FnDVbQWpIW+mzO7dtMY6XQ= kpv qtRkYrEfxvVDHD06fG4SIzVF8QL1iiRHncG+5u24AU1FxKxxFNYUTcQxCQZ5JNHsANmgsWCch= eEL 15B0eDYrJ7jDPaGiN2Ullh4csO9zlYyfWA84I4CGi3En5C69M7uvOxvyg7LL9GsrAaH51ksR1= ksD H41OMSBVkeLSpU8RPudy8bpIsGXNtqpAOFjhGoJz6POggY/HmAJeqRDF1HfjPFFm3dZ7E0dLR= 0aP vxTwuzIERRcjKrzMqslLTjgOVUXSfjhCtWPmcRbwCHWR2k/icho20wnEVJsVrbNld/0fMvxen= rWS muwawnDHTSwK5Sy5ec2JQy6qvQ2zJIYrdg0eHur/sURiSbAyNmfoOII9GBTAFm13XkHWbBysp= pGQ VAyowYO2h0JC+6MVxQRndBsCC4jRNiT9wptl4rOho4GYW4d/smGlCbki/bYdSItbtk4rjHAyl= +WY M6Jpy1sZXe7SDQARAQABzSVOaWNvbGFzIE1vcmEgPG5pY29sYXNAYmFiZWxvdWVzdC5vcmc+w= sF3 BBMBCAAhBQJZiaq/AhsDBQsJCAcCBhUICQoLAgQWAgMBAh4BAheAAAoJEP6CE5RAvSK5ZTkP/= 3PN +SPKLKOcgG/C3ZI9KxM93y4AKZ0zUCBtr2QJDt8viFKq3jPsSo6+Rw1UuY2oDx4wWUXqlsp3N= Knv oKWMip6UVVH0XB48iLe4Tiu0PVqIfHB/MIdE/QSYLFZzX0n4AgTlrho7Hd+S7TZMtf15FKF4/= 8y5 lLVXK86cbZhaOEPcJyb9taT4IVkU5M22aNfuZAUjexeCsn/em4pjEyREilht8Fo9tND9Nr/w2= SOJ NAKWZp+JlKR1ok3zsFvEN5rAEsdA9gvQ/5ubs8iXM0KfBHLa0wp/YWRLRrDFoCEqrkZdBetGx= Jn4 G+wNdhb4TTsXHTfb/0Je179uF2jcFawr/DhJb/bKJUB236u2+0e53QufYq8brBqA4aONDCfOV= AHV NjazruCKWli2E2lHvJLVQeFkBP2Mo9IiWO8uNdXpK5QUjcipW5t6fxN1beNzJdZLiHVjjVKsk= Vue oLDYtHt0TzPY75I6Bgy/oRz5e1sP6UjYsZs5+ZUFOw7Zii5kXcPDrhXb1sEd9ZvB4f9XdvxtE= 91h aUz9EW63XIvsUYsnjqdTznojBVeLVVnZJKp3RlWFw0o0xT90JuOkA5Pw8oL0GpBRA9vaPi1ph= s2D CbCRe/U188HkNmhiH1C9dY+J/4h8IvicjIgTI0+27FPFxp6nMlkH4OgjUHZrbvE9E8Srzonrz= sFN BFmJqr8BEADrI5lstjLaS6IXxH37GWvfPLdjLyTFK5kJqyZkhGNMWHmwmRU3BVrz0M0Tva/a3= Z1B +fXJGzKevQhKMBsrpYhkbKkbMg7vreiWhZjQyy5nvbKA4aMhZ1ckmYWExOk2QiUpTDoLDBN7V= EZG +FV9Hw5ZVeH1k5LnbIxxxIGdzK1mxcCBgJodvzHsp1SZefVIKBKLH+y+scAZDbnDfSUo/1pPg= ruo gskpg67XrtDP/mZxgf7GB0wlrQrrJt9eBuCD5NXIjtl8KvEIPKTxAlYf/Gu8ZCuu0cwHLl/79= WUH 6wT35XByAsBMtuG8dHDidj50/XkpP2L6GE52KYTNoQVv5XoAIzpuwXDxcTML0JjE1EKAfRFey= uui MncX9dgtRdJGMgN/4HYzIiSvWsjYkgVUFrh/ZlENbE6Dhy4NLqDEBQb5RMIWrO7VVaAKosRys= Y72 G3Z1FmS2m2dPAlNNLGHESlcLp3nwnNFFneQif4Kf1ZdFMZJCy8D6n+TbuZmY8eMC624Ot5h18= an0 yBWFE8E/XU4yQR6savhhinY1Yc4EKjcNiP4cTrphh4cE7XgMitX+0yc1D9s7umuiBdqw9VAsy= A20 NfLZCMxieiGYcgda1WPA5V7jQc3m8G+CJyg762Tb3XyPGBPy4TDfghpw1RqYf8wYAi8e74wKH= ck/ uAP6R1lc7wARAQABwsFfBBgBCAAJBQJZiaq/AhsMAAoJEP6CE5RAvSK5Y4AP/Rb0F2lmB6uDu= 66B hCYX7Z2hcnt4/LZK1hYb6fRO3mnW8XClntYOGbKoAGAQDS3PrIx2EJkUr5FiWMpnneQPcwfNu= L7V lSqlcFfwN+kkjTcsIjrw3KMgGNbjjQ83jCUzidyQ4eg18AKKaxb0NrA8UNRTvtK0ozSThxnzL= Z20 nu/mU9NJhcMVx2QzIEUiJK5ag3uXli/r52ILle5Wq9LPxjPEsl0oGlqNMGcCZLr20tHXm0XLr= SVE enWKL8hjaEudPNdcKMLBWVsp0VIS/di1fsQgwhuJ9C+fwhtqaGsL5DsKDYhrUo1iKi4avX0f8= Idz enQSKFsoJf+t+kHIm5/ZdZ8jMN081RznIvz8p8BxWOzbg+BZCCkOIsCxypmU9WgMMJ3hXgRa2= OIh QZQ3AnBc/U843uU/7HVRMhd4efzjNw/v1joDd4KEJEHnS/jT/s9jxEyikOtQW9otJBLgZpoEG= +9R FCKPu4TV8RB9kZCHOM5lwSwq7CIwwVltF1pMRokm6X7lyclZ4iCEtfZAM6ZuvN/fh1GbIJxft= +hI WqDPiG9bPtoXZMArUi1zCaSmFdzba/15+P+B3EyaadYiSjVn9WBhe6syxZ8WYo0ehvJEe42BL= GcG RcQl+l2Jt57D3FPDYYJEUkl72sGhhKbrg4YBVfCoWuchD0wXvR9ARXtLK5H4 =3D1rnn -----END PGP PUBLIC KEY BLOCK----- --------------E205F5B5C4633FE4427834AE-- --iaJgmIYex3WPhYoYXIS4kLSfIoQkHdox6-- --Be1qIcDrVtgCNeg35IKp1MP3GpSPDvaVw Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="OpenPGP_signature" -----BEGIN PGP SIGNATURE----- wsF5BAABCAAjFiEEhAWwL8wo75dEyPJT/oITlEC9IrkFAmDQ4h8FAwAAAAAACgkQ/oITlEC9Irm6 1hAApE5icvzJjLG5UEmuQP5jv2274r2jCM5mH+cODIeeY/DQrnfI5s1KuqVHrMS9BPiQbIAKWq/a /NI8FTYJA+tNlfVDqnSXwwgta9VKUkQwzAY5cAXWyp4Ic1AxQkqm32fCX+1YY2CZL4wSUT1+uJD6 Cuk+bDzGE8HdEmghIVkmdRMhckKpJ5PzEomaVR4OqfbJ39GOslljR1XEM0ItKMxNCjXLyRor367T a4AKMwJOsxKK9Oa7wsIZ0uzguRQnddJ9XdlQcP8ZXyeE3qmRB5vsX+gXy9Cqgx5u0knfK3PzSKcr eRgBbVcYjAfm/dv2vZhOLEa6mX4VsGhxcwr7cI541PBno1Rf5+vuyoL85Wtz5EWuaArYRXVumPxo 7XK4SAafXJ716Lb22AjaGacFeGzhW3nleh5iiu0GkVwzXMUgh7JB2WJDStFmUywIdu+Uaip+FTAS VzA0vjwP0i4409KqE2PqiqsriwVxid8oGHPmAq02DQiwAKTJxnCwNlQEnQhxJ2shHeIXuVN2qMk2 S10um7zeBikub3oUD5X5g4LKE78zzQotdxsZnTKAI1lTMf4D3WJsrjUykRuww+iOr0N9NWFHb3uI BRRbRrJqMDrUXn/3Qf3tbqsYXh1xguXlBrKi/otV1BwMW3z/rF9j+gA324ACtyNCp1FK7/Nuvg51 jkQ= =324C -----END PGP SIGNATURE----- --Be1qIcDrVtgCNeg35IKp1MP3GpSPDvaVw-- From nobody Mon Jun 21 14:03:29 2021 Return-Path: X-Original-To: txauth@ietfa.amsl.com Delivered-To: txauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 458A03A199C for ; Mon, 21 Jun 2021 14:03:27 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.188 X-Spam-Level: X-Spam-Status: No, score=-0.188 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=moneyhub.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FjGzWe24bfUb for ; Mon, 21 Jun 2021 14:03:22 -0700 (PDT) Received: from mail-ed1-x52a.google.com (mail-ed1-x52a.google.com [IPv6:2a00:1450:4864:20::52a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AA2783A199A for ; Mon, 21 Jun 2021 14:03:21 -0700 (PDT) Received: by mail-ed1-x52a.google.com with SMTP id t3so20822435edc.7 for ; Mon, 21 Jun 2021 14:03:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=moneyhub.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=0q0dixV1vwYU6khRPoycx/1ZQ+9UZW3hAMfMpvDP6Bw=; b=GLAMdMxMwm0qGjV941cDbdR2HTWLRtCaxArCd1gyBaPJEG4O7rBUkZb6bHsKdlzTQo HmcQ3pagGEx1MubbZt4lzhJ3kPBlutV57xPZ1D0pVL4rGiLoWDDdZzbRjVDrPHtIvRcK iRfLEBCAMznwQ/oKhzpGoB4YOYqrH5KTv/f10= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=0q0dixV1vwYU6khRPoycx/1ZQ+9UZW3hAMfMpvDP6Bw=; b=UnTALhxUM7K8BU27pC35oPrlcXH8j+brjdSIHo4FT171yGTtlHAbEznhs2m790xsND /QJNGYJdHNxVmT6CvDoZhCXG/8kY0tPqrJqE6wQ39Ot3zOdKGcyCIZd1NDMVaj91qH8d jxHNj+BTLRhke1BuZijbzys4/q9YeYatR1OC5yh8zUHBNv8IsUil4DiraVMA3d7FEc1S PDslpDnBxK06TF4O/rdlTIVrwXZ09z4ssPXjygsGFWu2F8r6HWJ3Aejd8uowKEc6dRWZ 35HBTz8dgVZkW0mJ17JPXRS3lRI+SaAECkir+ILGJ83VRG+IOHbYX+fVsHfm3h4Hc8Ya IcdA== X-Gm-Message-State: AOAM531Q996IyhD3b3cLr2YyxLvN6xwFIBa4UaeZJtfwtgPQFNLd4lAZ QkNQ4BlVVcfh1um3+zbV5s/DywnEu28tIk93F1WxHn9MjQ8tE1A5tyO0vWXkijIWH4A0Tu+249P KJwo+vnGi4jJ76GM= X-Google-Smtp-Source: ABdhPJxIGZbbn9Icvsm8B2QJoC3y3VCJvWote4rU+QY57Z4C/t9qRsYjlMiONpEAFUe64pafZ7oSiRoqAtriDOp/ipo= X-Received: by 2002:a05:6402:b6a:: with SMTP id cb10mr379779edb.275.1624309394897; Mon, 21 Jun 2021 14:03:14 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Dave Tonge Date: Mon, 21 Jun 2021 23:03:03 +0200 Message-ID: To: Justin Richer Cc: GNAP Mailing List Content-Type: multipart/alternative; boundary="0000000000007d0e9e05c54d00fe" Archived-At: Subject: Re: [GNAP] Signature Methods X-BeenThere: txauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: GNAP List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Jun 2021 21:03:27 -0000 --0000000000007d0e9e05c54d00fe Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable I'm definitely in favour of simplification. Mutual TLS is an interesting one. I would prefer that it isn't included in core as it mixes the transport and application layers and in my experience is fairly brittle (not the spec, but how it is implemented in a lot of places). Purely in terms of aesthetics, I don't like the http signatures spec, but if it is going to become mainstream then it makes sense to make it the primary signing mechanism. As you mentioned the good thing about it is that it can work for all HTTP requests, and can also be used for signing responses. I think some work will need to be done to get the http signature spec supported by standard HTTP client libraries in popular languages. This will make it a lot easier for implementers (i.e. I can call ``` myHttpClientLibary.post({ body: {...}, uri: "https://example.com/continue", sign: { key: {} // reference to key to use to sign, digest: "SHA-256" additionalHeaders: ["authorization", "content-type"] } }) ``` So my suggestion would be to only have the http signature spec in core. GNAP is a new protocol - I see no need to add unnecessary optionality. Dave On Tue, 15 Jun 2021 at 19:50, Justin Richer wrote: > In GNAP, most requests are signed in some way, or at least bound to a key > being presented or referenced with the request. This is true for > connections from the client instance to the AS and to the RS, as well as > introspection requests from the RS to the AS. GNAP has always sought to b= e > flexible with regard to cryptographic binding mechanisms, but there=E2=80= =99s a > question as to what should remain defined in the core document. Right now= , > core has six methods defined. The editors are proposing that we keep at > least two and drop two, and the others could either both be kept, both be > dropped, or one kept. The rationale for each proposal is discussed below: > > Proposed to keep: > > - HTTP Method Signatures: general purpose mechanism, being defined in HTT= P > WG. Can be bound to symmetric and asymmetric keys. Usable for native, web= , > and SPA clients. Suggested MTI for the AS (but not mandatory to use) for > interoperability. Side note, possible use for AS to sign responses (but n= ot > explored here yet =E2=80=94 that=E2=80=99s another topic). > > - Mutual TLS: based on OAuth MTLS, ties the keys at the TLS layer to the > application protocol (GNAP). > > > Proposed to drop: > > - OAuth PoP: expired draft, due to be replaced with new draft based on > HTTP Message Signatures. > > - OAuth DPoP: only works for asymmetric keys, requires key be presented i= n > the header (duplicating information from GNAP messages). It was never mea= nt > to be a general purpose signing mechanism, though the FAPI group in OIDF = is > considering it as an option in current proposed work. > > > This leaves the two JWS based methods, detached and attached. Since > attached JWS depends on the detached JWS method to handle body-less > requests like GET, DELETE, OPTIONS, etc., if we remove the detached metho= d > then we have to remove both. The methods could be pulled to an extension, > left in core, or removed entirely. > > The editors would appreciate feedback on this proposal, including specifi= c > feedback on the JWS methods from implementors who are targeting them. > > > =E2=80=94 Justin > -- > TXAuth mailing list > TXAuth@ietf.org > https://www.ietf.org/mailman/listinfo/txauth > --=20 Dave Tonge CTO [image: Moneyhub Enterprise] t: +44 (0)117 280 5120 Moneyhub Enterprise is a trading style of Moneyhub Financial Technology Limited which is authorised and regulated by the Financial Conduct Authority ("FCA"). Moneyhub Financial Technology is entered on the Financial Services Register (FRN 809360) at *https://register.fca.org.uk/ *. Moneyhub Financial Technology is registered in England & Wales, company registration number 06909772 . Moneyhub Financial Technology Limited 2019 =C2=A9 DISCLAIMER: This email (including any attachments) is subject to copyright, and the information in it is confidential. Use of this email or of any information in it other than by the addressee is unauthorised and unlawful. Whilst reasonable efforts are made to ensure that any attachments are virus-free, it is the recipient's sole responsibility to scan all attachments for viruses. All calls and emails to and from this company may be monitored and recorded for legitimate purposes relating to this company's business. Any opinions expressed in this email (or in any attachments) are those of the author and do not necessarily represent the opinions of Moneyhub Financial Technology Limited or of any other group company. --=20 Moneyhub Enterprise is a trading style of Moneyhub Financial Technology=20 Limited which is authorised and regulated by the Financial Conduct=20 Authority ("FCA"). Moneyhub Financial Technology is entered on the=20 Financial Services Register (FRN 809360) at https://register.fca.org.uk/=20 . Moneyhub Financial Technology is registered= =20 in England & Wales, company registration number 06909772. Moneyhub=20 Financial Technology Limited 2020 =C2=A9 Moneyhub Enterprise, Regus Buildin= g,=20 Temple Quay, 1 Friary, Bristol, BS1 6EA.=C2=A0 DISCLAIMER: This email=20 (including any attachments) is subject to copyright, and the information in= =20 it is confidential. Use of this email or of any information in it other=20 than by the addressee is unauthorised and unlawful. Whilst reasonable=20 efforts are made to ensure that any attachments are virus-free, it is the= =20 recipient's sole responsibility to scan all attachments for viruses. All=20 calls and emails to and from this company may be monitored and recorded for= =20 legitimate purposes relating to this company's business. Any opinions=20 expressed in this email (or in any attachments) are those of the author and= =20 do not necessarily represent the opinions of Moneyhub Financial Technology= =20 Limited or of any other group company. --0000000000007d0e9e05c54d00fe Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
I'm definitely in favour of simplification.

<= /div>
Mutual TLS is an interesting one. I would prefer that it isn't inc= luded in core as it mixes the transport and application layers and in my ex= perience is fairly brittle (not the spec, but how it is implemented in a lo= t of places).

Purely in terms of aesthetics, I don't lik= e the http signatures spec, but if it is going to become mainstream then it= makes sense to make it the primary signing mechanism. As you mentioned the= good thing about it is that it can work for all HTTP requests, and can als= o be used for signing responses.

I think some work will = need to be done to get the http signature spec supported by standard HTTP c= lient libraries in popular=C2=A0languages. This will make it a lot easier f= or implementers (i.e. I can call=C2=A0

```
myHttpClie= ntLibary.post({
=C2=A0 body: {...},
=C2=A0 uri: "https://example.com/continue",
=
= =C2=A0 sign: {
=C2=A0 =C2=A0 key: {} // reference to key to use to sig= n,
=C2=A0 =C2=A0 digest: "SHA-256"
=C2=A0 =C2=A0 additi= onalHeaders: ["authorization", "content-type"]
=C2=A0 }
})
```

So my suggestion would be to only= have the http signature spec in core.

GNAP is a new protoco= l - I see no need to add unnecessary optionality.=C2=A0

Dave=



On Tue, 15 Jun 2021 at 19:50, Justin Richer <<= a href=3D"mailto:jricher@mit.edu">jricher@mit.edu> wrote:
<= blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-l= eft:1px solid rgb(204,204,204);padding-left:1ex">In GNAP, most requests are= signed in some way, or at least bound to a key being presented or referenc= ed with the request. This is true for connections from the client instance = to the AS and to the RS, as well as introspection requests from the RS to t= he AS. GNAP has always sought to be flexible with regard to cryptographic b= inding mechanisms, but there=E2=80=99s a question as to what should remain = defined in the core document. Right now, core has six methods defined. The = editors are proposing that we keep at least two and drop two, and the other= s could either both be kept, both be dropped, or one kept. The rationale fo= r each proposal is discussed below:

Proposed to keep:

- HTTP Method Signatures: general purpose mechanism, being defined in HTTP = WG. Can be bound to symmetric and asymmetric keys. Usable for native, web, = and SPA clients. Suggested MTI for the AS (but not mandatory to use) for in= teroperability. Side note, possible use for AS to sign responses (but not e= xplored here yet =E2=80=94 that=E2=80=99s another topic).

- Mutual TLS: based on OAuth MTLS, ties the keys at the TLS layer to the ap= plication protocol (GNAP).


Proposed to drop:

- OAuth PoP: expired draft, due to be replaced with new draft based on HTTP= Message Signatures.

- OAuth DPoP: only works for asymmetric keys, requires key be presented in = the header (duplicating information from GNAP messages). It was never meant= to be a general purpose signing mechanism, though the FAPI group in OIDF i= s considering it as an option in current proposed work.


This leaves the two JWS based methods, detached and attached. Since attache= d JWS depends on the detached JWS method to handle body-less requests like = GET, DELETE, OPTIONS, etc., if we remove the detached method then we have t= o remove both. The methods could be pulled to an extension, left in core, o= r removed entirely.

The editors would appreciate feedback on this proposal, including specific = feedback on the JWS methods from implementors who are targeting them.


=C2=A0=E2=80=94 Justin
--
TXAuth mailing list
TXAuth@ietf.org https://www.ietf.org/mailman/listinfo/txauth


--
Dave = Tonge
CTO
3D"Moneyhub<= /div>
t:=C2=A0+44 (0)117 280 5120

Moneyhub Enterprise is a trading style of Moneyhub Financial Technology = Limited which is authorised and regulated by the Financial Conduct Authorit= y ("FCA").=C2=A0Moneyhub Financial Technology is entered on the F= inancial Services Register=C2=A0(FRN=C2=A0809360) = at https://register.fca.org.uk/. Moneyhub=C2=A0Financial Technology is registered in England & Wal= es, company registration number=C2=A0=C2=A006909772=C2=A0.=
= Moneyhub=C2=A0Finan= cial Technology Limited 2019=C2=A0=C2=A9

DISCLAIMER: This email (including any attachments) = is subject to copyright, and the information in it is confidential. Use of = this email or of any information in it other than by the addressee is unaut= horised and unlawful. Whilst reasonable efforts are made to ensure that any= attachments are virus-free, it is the recipient's sole responsibility = to scan all attachments for viruses. All calls and emails to and from this = company may be monitored and recorded for legitimate purposes relating to t= his company's business. Any opinions expressed in this email (or in any= attachments) are those of the author and do not necessarily represent the = opinions of Moneyhub Financial Technology Limited or of any other group com= pany.

Moneyhub Enterprise is a trading style of Moneyhub Financi= al Technology Limited which is authorised and regulated by the Financial Co= nduct Authority ("FCA"). Moneyhub Financial Technology is entered= on the Financial Services Register (FRN 809360) at https://register.fca.org.uk/. Moneyhub Financial Technology is registered in England & Wales,= company registration number 06909772. Moneyhub Financial Technology Limite= d 2020 =C2=A9 Moneyhub Enterprise, Regus Building, Temple Quay, 1 Friary, B= ristol, BS1 6EA.=C2=A0

= DISCLAIMER: This email (including any attachments) is subjec= t to copyright, and the information in it is confidential. Use of this emai= l or of any information in it other than by the addressee is unauthorised a= nd unlawful. Whilst reasonable efforts are made to ensure that any attachme= nts are virus-free, it is the recipient's sole responsibility to scan a= ll attachments for viruses. All calls and emails to and from this company m= ay be monitored and recorded for legitimate purposes relating to this compa= ny's business. Any opinions expressed in this email (or in any attachme= nts) are those of the author and do not necessarily represent the opinions = of Moneyhub Financial Technology Limited or of any other group company.


--0000000000007d0e9e05c54d00fe-- From nobody Fri Jun 25 13:30:15 2021 Return-Path: X-Original-To: txauth@ietfa.amsl.com Delivered-To: txauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 288D23A0DBB for ; Fri, 25 Jun 2021 13:30:14 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.497 X-Spam-Level: X-Spam-Status: No, score=-1.497 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, KHOP_HELO_FCRDNS=0.398, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=no autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WpH5IVwa6ALy for ; Fri, 25 Jun 2021 13:30:12 -0700 (PDT) Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 23DE93A0DBA for ; Fri, 25 Jun 2021 13:30:11 -0700 (PDT) Received: from [192.168.1.49] (static-71-174-62-56.bstnma.fios.verizon.net [71.174.62.56]) (authenticated bits=0) (User authenticated as jricher@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 15PKU9b1022807 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 25 Jun 2021 16:30:10 -0400 From: Justin Richer Content-Type: multipart/alternative; boundary="Apple-Mail=_313C52DC-D6F3-4B0D-997F-5F4F8696639D" Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.7\)) Message-Id: <9490FCC5-44EF-493F-9D19-05B577C044CA@mit.edu> Date: Fri, 25 Jun 2021 16:30:09 -0400 To: GNAP Mailing List X-Mailer: Apple Mail (2.3608.120.23.2.7) Archived-At: Subject: [GNAP] Trimmed Features X-BeenThere: txauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: GNAP List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Jun 2021 20:30:14 -0000 --Apple-Mail=_313C52DC-D6F3-4B0D-997F-5F4F8696639D Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 In the past, we=E2=80=99ve discussed the need to trim down some of the = advanced features included in GNAP core. After a discussion this week, = the editors have targeted two features for removal and have pushed a PR = to take these out of the spec. Namely, these are: - the =E2=80=9Ccapabilities=E2=80=9D array, which was intended to be a = holding place for extension identifiers and additional functionality. = However, no extensions have shown up that needed this field, and so the = editors are recommending that we remove it. - the =E2=80=9Cexisting_grant=E2=80=9D field, which was a way to allow = a client to reference an existing grant request and create a new request = based on it. This was born out of a few early use cases, but now that = there=E2=80=99s no longer an explicit identifier for the grant itself, = there is less to hold on to here. Additionally, the continuation = =E2=80=9Cupdate=E2=80=9D function might be able to fit most of the = identified use cases.=20 The PR that removes these is here: https://github.com/ietf-wg-gnap/gnap-core-protocol/pull/270 = If you have a compelling reason to keep either of these in the core = document, please start that discussion now and help us understand why = they should stay. Keep in mind that either or both of these could be = added back in by a separate extension document, given GNAP core=E2=80=99s = highly extensible nature. =E2=80=94 Justin= --Apple-Mail=_313C52DC-D6F3-4B0D-997F-5F4F8696639D Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8 In = the past, we=E2=80=99ve discussed the need to trim down some of the = advanced features included in GNAP core. After a discussion this week, = the editors have targeted two features for removal and have pushed a PR = to take these out of the spec.

Namely, these are:

 - the =E2=80=9Ccapabilities=E2=80=9D= array, which was intended to be a holding place for extension = identifiers and additional functionality. However, no extensions have = shown up that needed this field, and so the editors are recommending = that we remove it.
 - the =E2=80=9Cexisting_gran= t=E2=80=9D field, which was a way to allow a client to reference an = existing grant request and create a new request based on it. This was = born out of a few early use cases, but now that there=E2=80=99s no = longer an explicit identifier for the grant itself, there is less to = hold on to here. Additionally, the continuation =E2=80=9Cupdate=E2=80=9D = function might be able to fit most of the identified use = cases. 

The= PR that removes these is here:

https://github.com/ietf-wg-gnap/gnap-core-protocol/pull/270=

If you have a = compelling reason to keep either of these in the core document, please = start that discussion now and help us understand why they should stay. = Keep in mind that either or both of these could be added back in by a = separate extension document, given GNAP core=E2=80=99s highly extensible = nature.

=E2=80=94= Justin
= --Apple-Mail=_313C52DC-D6F3-4B0D-997F-5F4F8696639D-- From nobody Sun Jun 27 00:41:07 2021 Return-Path: X-Original-To: txauth@ietfa.amsl.com Delivered-To: txauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1F3FC3A1F48 for ; Sun, 27 Jun 2021 00:41:02 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.799 X-Spam-Level: X-Spam-Status: No, score=-2.799 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=mnot.net header.b=HKl/naQU; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=rW3CBrk2 Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id swlYtsvt2zal for ; Sun, 27 Jun 2021 00:40:56 -0700 (PDT) Received: from wout1-smtp.messagingengine.com (wout1-smtp.messagingengine.com [64.147.123.24]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 72D553A1F47 for ; Sun, 27 Jun 2021 00:40:56 -0700 (PDT) Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.west.internal (Postfix) with ESMTP id C9DE7320090A for ; Sun, 27 Jun 2021 03:33:14 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute3.internal (MEProxy); Sun, 27 Jun 2021 03:33:14 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mnot.net; h= content-type:mime-version:from:to:subject; s=fm3; bh=/VavvKFyzFB VZX5albOXDtvYDkXp1ixef/pbfB9tMVs=; b=HKl/naQUZdt4VClTLewm9IhCLzB CBZ7XPYeLF0rde1m9XYWyVhEy8RkEUTpmL9ys05TxCR2/X7KeOPrUVxCWreJYN8W lQ6cDciux7cn1kxnhWmmntgT+z92DpphOBB+GgPDDUr/PfXDINsNEJJRpLPN7GnE V6M4fe4AfHgvrTc5OhhoaQb0TgF0P3q2Zbqlct6HydSH6TfauEErQKBqeLfqWB0L m6tXjZ3CFQ3xlcEQVDMTeOrdo33e+ASLUHQDGB6zanodWXG80X3kJss33EGKPmYD 9jO9gGXjqqn/ESHL8ZMzqknF9U236/Gx6MwtmkwtBGQiU1AzgKL7mgVvAzw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:from:mime-version:subject:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm3; bh=/VavvKFyzFBVZX5albOXDtvYDkXp1ixef/pbfB9tMVs=; b=rW3CBrk2 /3EVEc3dNhFOtaxysrAdnN3iztDNjcGdo2jmlrfcPD/ksXMo7d4JWKknjXAk7YgE +PAiSJ65DpPne8+P7t9zSw66yjRloAUutXAhWc8FU7wicobCvrISVVG/wD0/obb+ hhFK2m3QTf21UEMDpZuyhSNUTj7/JbE83v3RHk3ywc80/R1g7snfYPteHse+Mhqb 7v/E3NqGnw63f81xVVowwansHGfZM281Go1nvT/LHRNDbM719bjewfQa1uhbCxoG 8ZTzHRgVdgs/2HDddfrJ8gtwFqD7lHDjKlw4QU2araMJgTxVPc/UjGx8zsp6QMMs P5dvUtrziutE5w== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduledrfeehuddguddtvdcutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecupfhoucgurghtvgcufhhivghlugculdegledmne cujfgurheptggghffvufesrgdttdertddtjeenucfhrhhomheptfgvphhoshhithhorhih ucettghtihhvihhthicuufhumhhmrghrhicuuehothcuoeguohgpnhhothgprhgvphhlhi esmhhnohhtrdhnvghtqeenucggtffrrghtthgvrhhnpeekfedvudetjedvfeekheeiveeu gfefhfetteevgeffkefffeetffdvleehudeiteenucffohhmrghinhepghhithhhuhgsrd gtohhmnecuvehluhhsthgvrhfuihiivgepudenucfrrghrrghmpehmrghilhhfrhhomhep ughopghnohhtpghrvghplhihsehmnhhothdrnhgvth X-ME-Proxy: Received: by mail.messagingengine.com (Postfix) with ESMTPA for ; Sun, 27 Jun 2021 03:33:14 -0400 (EDT) Content-Type: multipart/alternative; boundary="===============0964447512347853911==" MIME-Version: 1.0 From: Repository Activity Summary Bot To: txauth@ietf.org Message-Id: <20210627074056.72D553A1F47@ietfa.amsl.com> Date: Sun, 27 Jun 2021 00:40:56 -0700 (PDT) Archived-At: Subject: [GNAP] Weekly github digest (GNAP Weekly GitHub Activity Summary) X-BeenThere: txauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: GNAP List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 27 Jun 2021 07:41:02 -0000 --===============0964447512347853911== MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8"; format="flowed" Events without label "editorial" Issues ------ * ietf-wg-gnap/core-protocol (+0/-1/=F0=9F=92=AC0) 1 issues closed: - Add Roles Diagram https://github.com/ietf-wg-gnap/gnap-core-protocol/is= sues/217=20 Pull requests ------------- * ietf-wg-gnap/core-protocol (+2/-1/=F0=9F=92=AC2) 2 pull requests submitted: - removed 'capabilities' and 'existing_grant' (by jricher) https://github.com/ietf-wg-gnap/gnap-core-protocol/pull/270=20 - split interaction methods discovery value (by jricher) https://github.com/ietf-wg-gnap/gnap-core-protocol/pull/269=20 2 pull requests received 2 new comments: - #270 removed 'capabilities' and 'existing_grant' (1 by netlify) https://github.com/ietf-wg-gnap/gnap-core-protocol/pull/270=20 - #269 split interaction methods discovery value (1 by netlify) https://github.com/ietf-wg-gnap/gnap-core-protocol/pull/269=20 1 pull requests merged: - add role diagram https://github.com/ietf-wg-gnap/gnap-core-protocol/pull/267 [Pending Me= rge]=20 Repositories tracked by this digest: ----------------------------------- * https://github.com/ietf-wg-gnap/core-protocol * https://github.com/ietf-wg-gnap/gnap-resource-servers --===============0964447512347853911== Content-Type: text/html; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Weekly github digest (GNAP Weekly GitHub Activity Summary)

Sunday June 27, 2021

Events without label "editorial"

Issues

ietf-wg-gnap/core-protocol (+0/-1/=F0=9F=92=AC0)

1 issues closed:

Pull requests

ietf-wg-gnap/core-protocol (+2/-1/=F0=9F=92=AC2)

2 pull requests submitted:

2 pull requests received 2 new comments:

1 pull requests merged:

Repositories tracked by this digest:

--===============0964447512347853911==-- From nobody Mon Jun 28 13:00:47 2021 Return-Path: X-Original-To: txauth@ietfa.amsl.com Delivered-To: txauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7BCB23A0D4A for ; Mon, 28 Jun 2021 13:00:45 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.893 X-Spam-Level: X-Spam-Status: No, score=-1.893 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T3axn_ngzLdN for ; Mon, 28 Jun 2021 13:00:41 -0700 (PDT) Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1547C3A0D38 for ; Mon, 28 Jun 2021 13:00:40 -0700 (PDT) Received: from [192.168.1.49] (static-71-174-62-56.bstnma.fios.verizon.net [71.174.62.56]) (authenticated bits=0) (User authenticated as jricher@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 15SK0cIT008092 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Mon, 28 Jun 2021 16:00:39 -0400 From: Justin Richer Content-Type: multipart/alternative; boundary="Apple-Mail=_38720C92-AAA3-4DF5-AE98-8980519C55FA" Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.7\)) Date: Mon, 28 Jun 2021 16:00:38 -0400 References: <9490FCC5-44EF-493F-9D19-05B577C044CA@mit.edu> To: GNAP Mailing List In-Reply-To: <9490FCC5-44EF-493F-9D19-05B577C044CA@mit.edu> Message-Id: X-Mailer: Apple Mail (2.3608.120.23.2.7) Archived-At: Subject: Re: [GNAP] Trimmed Features X-BeenThere: txauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: GNAP List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Jun 2021 20:00:46 -0000 --Apple-Mail=_38720C92-AAA3-4DF5-AE98-8980519C55FA Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 I just pushed another commit to this PR that removes the separate = =E2=80=9Cinstance_id=E2=80=9D field from the client request. Previously = it was possible to send this both as a field within a restricted object = as well as a separate string value on its own. Now, only the latter = remains as an option, and this change would close = https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/45 = in the = process. =E2=80=94 Justin > On Jun 25, 2021, at 4:30 PM, Justin Richer wrote: >=20 > In the past, we=E2=80=99ve discussed the need to trim down some of the = advanced features included in GNAP core. After a discussion this week, = the editors have targeted two features for removal and have pushed a PR = to take these out of the spec. >=20 > Namely, these are: >=20 > - the =E2=80=9Ccapabilities=E2=80=9D array, which was intended to be = a holding place for extension identifiers and additional functionality. = However, no extensions have shown up that needed this field, and so the = editors are recommending that we remove it. > - the =E2=80=9Cexisting_grant=E2=80=9D field, which was a way to = allow a client to reference an existing grant request and create a new = request based on it. This was born out of a few early use cases, but now = that there=E2=80=99s no longer an explicit identifier for the grant = itself, there is less to hold on to here. Additionally, the continuation = =E2=80=9Cupdate=E2=80=9D function might be able to fit most of the = identified use cases.=20 >=20 > The PR that removes these is here: >=20 > https://github.com/ietf-wg-gnap/gnap-core-protocol/pull/270 = >=20 > If you have a compelling reason to keep either of these in the core = document, please start that discussion now and help us understand why = they should stay. Keep in mind that either or both of these could be = added back in by a separate extension document, given GNAP core=E2=80=99s = highly extensible nature. >=20 > =E2=80=94 Justin > --=20 > TXAuth mailing list > TXAuth@ietf.org > https://www.ietf.org/mailman/listinfo/txauth --Apple-Mail=_38720C92-AAA3-4DF5-AE98-8980519C55FA Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8 I = just pushed another commit to this PR that removes the separate = =E2=80=9Cinstance_id=E2=80=9D field from the client request. Previously = it was possible to send this both as a field within a restricted object = as well as a separate string value on its own. Now, only the latter = remains as an option, and this change would close https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/45 in the process.

 =E2=80=94 Justin

On Jun = 25, 2021, at 4:30 PM, Justin Richer <jricher@mit.edu> wrote:

In the past, we=E2=80=99= ve discussed the need to trim down some of the advanced features = included in GNAP core. After a discussion this week, the editors have = targeted two features for removal and have pushed a PR to take these out = of the spec.

Namely, = these are:

 - the =E2=80=9Ccapabilities=E2=80=9D array, which was = intended to be a holding place for extension identifiers and additional = functionality. However, no extensions have shown up that needed this = field, and so the editors are recommending that we remove it.
 - the =E2=80=9Cexisting_grant=E2=80=9D field, which was = a way to allow a client to reference an existing grant request and = create a new request based on it. This was born out of a few early use = cases, but now that there=E2=80=99s no longer an explicit identifier for = the grant itself, there is less to hold on to here. Additionally, the = continuation =E2=80=9Cupdate=E2=80=9D function might be able to fit most = of the identified use cases. 

The PR that removes these is = here:

https://github.com/ietf-wg-gnap/gnap-core-protocol/pull/270=

If you have a = compelling reason to keep either of these in the core document, please = start that discussion now and help us understand why they should stay. = Keep in mind that either or both of these could be added back in by a = separate extension document, given GNAP core=E2=80=99s highly extensible = nature.

=E2=80=94= Justin
--
TXAuth mailing list
TXAuth@ietf.org
https://www.ietf.org/mailman/listinfo/txauth

= --Apple-Mail=_38720C92-AAA3-4DF5-AE98-8980519C55FA--