From 51bf819c37e5438efea4a0d15f2ecfc44d4794d7 Mon Sep 17 00:00:00 2001
From: GraceSolutions <freedbygrace@users.noreply.github.com>
Date: Thu, 4 Jun 2026 14:26:40 -0400
Subject: [PATCH] Request-InfisicalCertificate + PKI lifecycle, MAML help for
 all 39 cmdlets, chain-store routing fix

Cmdlets added: Request-InfisicalCertificate, Get-InfisicalCertificate, Get-InfisicalCertificates. Request supports BySubscriber/ByCa parameter sets, BouncyCastle CSR generation (RSA/ECDSA/Ed25519), local-key generation, -Install/-InstallChain (chain certs routed to Root vs CertificateAuthority by self-signed status), idempotency reuse with -AllowRenewal/-RenewalThresholdDays, local chain reconstruction with -LocalChainOnly opt-out, Infisical bundle fallback when local stores are incomplete, and private-key protection modes (Exportable/LocalOnly/NonExportable/Ephemeral) via -PrivateKeyProtection plus -PersistKey/-MachineKey/-PrivateKeyPath.

Install-InfisicalCertificate fix: chain certs were previously dumped into CertificateAuthority unconditionally. They are now routed by Subject==Issuer (self-signed -> Root, otherwise -> CertificateAuthority), matching Request-InfisicalCertificate. Routing centralized in InfisicalCertificateRequestHelpers.GetChainCertificateTargetStore and a new InstallChain(IEnumerable<X509Certificate2>,...) overload.

Help: authored Module/PSInfisicalAPI/en-US/PSInfisicalAPI.dll-Help.xml covering all 39 cmdlets (synopsis, description, notes, two examples per cmdlet: one-liner + OrderedDictionary splat with preceding Get- resolvers for IDs/slugs).

Build pipeline: build.ps1 stages the help XML into bin/<culture>/ next to the DLL during publish (hard-fails if missing or has zero <command:command> entries). Test-ModuleImports now enumerates every exported cmdlet via Get-Command, cross-checks against expected names, and asserts non-empty synopsis (rejecting auto-generated cmdlet-name fallback), non-empty description, and at least one example with a non-empty <dev:code> block.

Tests: 230/230 passing (up from 190).
---
 CHANGELOG.md                                  |   99 ++
 Module/PSInfisicalAPI/PSInfisicalAPI.psd1     |    7 +-
 Module/PSInfisicalAPI/bin/PSInfisicalAPI.dll  |  Bin 241664 -> 275968 bytes
 .../bin/en-US/PSInfisicalAPI.dll-Help.xml     | 1531 +++++++++++++++++
 .../en-US/PSInfisicalAPI.dll-Help.xml         | 1531 +++++++++++++++++
 build.ps1                                     |   81 +-
 .../CertificateMapperTests.cs                 |   38 +
 .../CsrAndRequestCmdletTests.cs               |  479 ++++++
 .../PemCertificateBuilderTests.cs             |    5 +
 .../PkiClientParseTests.cs                    |   86 +
 .../PkiEndpointRegistryTests.cs               |   61 +
 .../GetInfisicalCertificateAuthorityCmdlet.cs |    5 +-
 .../Cmdlets/GetInfisicalCertificateCmdlet.cs  |   36 +
 .../Cmdlets/GetInfisicalCertificatesCmdlet.cs |   76 +
 .../InstallInfisicalCertificateCmdlet.cs      |    3 +-
 .../RequestInfisicalCertificateCmdlet.cs      |  204 +++
 .../Endpoints/InfisicalEndpointNames.cs       |    2 +
 .../Endpoints/InfisicalEndpointRegistry.cs    |   44 +
 .../Models/InfisicalCertificateResult.cs      |   23 +
 .../Models/InfisicalSignedCertificate.cs      |   16 +
 src/PSInfisicalAPI/Pki/InfisicalCaDtos.cs     |   21 +
 src/PSInfisicalAPI/Pki/InfisicalCaMapper.cs   |   39 +-
 .../Pki/InfisicalCertificateRequestHelpers.cs |  338 ++++
 src/PSInfisicalAPI/Pki/InfisicalCsrBuilder.cs |  201 +++
 .../Pki/InfisicalLocalCertificateLookup.cs    |   85 +
 src/PSInfisicalAPI/Pki/InfisicalPkiClient.cs  |  182 +-
 .../Pki/InfisicalPrivateKeyProtection.cs      |   10 +
 .../Pki/InfisicalSignCertificateDtos.cs       |   33 +
 28 files changed, 5192 insertions(+), 44 deletions(-)
 create mode 100644 Module/PSInfisicalAPI/bin/en-US/PSInfisicalAPI.dll-Help.xml
 create mode 100644 Module/PSInfisicalAPI/en-US/PSInfisicalAPI.dll-Help.xml
 create mode 100644 src/PSInfisicalAPI.Tests/CsrAndRequestCmdletTests.cs
 create mode 100644 src/PSInfisicalAPI.Tests/PkiClientParseTests.cs
 create mode 100644 src/PSInfisicalAPI/Cmdlets/GetInfisicalCertificateCmdlet.cs
 create mode 100644 src/PSInfisicalAPI/Cmdlets/GetInfisicalCertificatesCmdlet.cs
 create mode 100644 src/PSInfisicalAPI/Cmdlets/RequestInfisicalCertificateCmdlet.cs
 create mode 100644 src/PSInfisicalAPI/Models/InfisicalCertificateResult.cs
 create mode 100644 src/PSInfisicalAPI/Models/InfisicalSignedCertificate.cs
 create mode 100644 src/PSInfisicalAPI/Pki/InfisicalCertificateRequestHelpers.cs
 create mode 100644 src/PSInfisicalAPI/Pki/InfisicalCsrBuilder.cs
 create mode 100644 src/PSInfisicalAPI/Pki/InfisicalLocalCertificateLookup.cs
 create mode 100644 src/PSInfisicalAPI/Pki/InfisicalPrivateKeyProtection.cs
 create mode 100644 src/PSInfisicalAPI/Pki/InfisicalSignCertificateDtos.cs

diff --git a/CHANGELOG.md b/CHANGELOG.md
index da75758..6703ba2 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,6 +6,105 @@ The format follows [Keep a Changelog](https://keepachangelog.com/en/1.1.0/) loos
 
 ## Unreleased
 
+## 2026.06.04.1825
+
+- Build produced from commit 19615363e356.
+
+## Unreleased (carried forward)
+
+## 2026.06.04.1820
+
+- Build produced from commit 19615363e356.
+
+## Unreleased (carried forward)
+
+- `Install-InfisicalCertificate` now routes chain certificates by self-signed status instead of dumping every chain entry into the Intermediate Certification Authorities store. Self-signed roots are installed into `StoreName.Root` (Trusted Root Certification Authorities) and non-self-signed intermediates are installed into `StoreName.CertificateAuthority` (Intermediate Certification Authorities). The leaf continues to use the user-specified `-StoreName`/`-StoreLocation` (default `My`/`CurrentUser`). `Request-InfisicalCertificate` already routed chain certs correctly; the same routing helper is now shared by both cmdlets.
+- `InfisicalCertificateRequestHelpers` exposes a new public `GetChainCertificateTargetStore(X509Certificate2)` classifier and a new `InstallChain(IEnumerable<X509Certificate2>, StoreLocation, bool, IInfisicalLogger, string)` overload. The existing `InstallChain(InfisicalSignedCertificate, ...)` overload now delegates to the new collection-based overload, so PKI chain-installation routing is centralized in one place.
+
+## 2026.06.04.1810
+
+- Build produced from commit 19615363e356.
+
+## Unreleased (carried forward)
+
+- Authored MAML help (`Module/PSInfisicalAPI/en-US/PSInfisicalAPI.dll-Help.xml`) covering all 39 exported cmdlets. Every entry includes a synopsis, description, notes section, and two examples: a one-liner and an `OrderedDictionary` splat (with `OrdinalIgnoreCase`) that includes preceding `Get-` resolver commands wherever IDs or slugs are required.
+- `build.ps1` now stages the cmdlet help XML next to the deployed binary. After the publish step, every culture directory under `Module/PSInfisicalAPI/` (matching `xx` or `xx-XX`) that contains `PSInfisicalAPI.dll-Help.xml` is mirrored into `bin/<culture>/`. The script hard-fails if `bin/en-US/PSInfisicalAPI.dll-Help.xml` is missing or contains zero `<command:command>` entries.
+- `Test-ModuleImports` in `build.ps1` now dynamically enumerates exported cmdlets via `Get-Command -Module PSInfisicalAPI -CommandType Cmdlet`, cross-checks the result against an expected list of 39 cmdlet names (including the previously-missing `Copy-InfisicalSecret`), and for each cmdlet asserts that `Get-Help -Full` returns a non-empty synopsis (rejecting PowerShell's auto-generated cmdlet-name fallback), a non-empty description, and that `Get-Help -Examples` returns at least one example node whose `<dev:code>` block is non-empty.
+
+## 2026.06.04.1808
+
+- Build produced from commit 19615363e356.
+
+## Unreleased (carried forward)
+
+## 2026.06.04.1658
+
+- Build produced from commit 19615363e356.
+
+## Unreleased (carried forward)
+
+- `Request-InfisicalCertificate` reuse path now falls back to the Infisical certificate-bundle endpoint when the local trust stores do not contain the issuing intermediates or root. The cmdlet builds the local chain first; if the result has no intermediates and no root, it fetches `GetCertificateBundle(serialNumber)` and rebuilds the result with the bundle's chain PEM merged in. A new `-LocalChainOnly` switch opts out of the bundle fetch for strict offline behavior. Bundle-fetch failures are logged at verbose level and the cmdlet returns the local-only result.
+- `InfisicalCertificateRequestHelpers.BuildResultFromExistingLocal` adds a second overload that accepts an `InfisicalCertificateBundle`; when supplied, chain certs from the bundle are deduplicated by thumbprint and merged with the locally-resolved chain before classification.
+
+## 2026.06.04.1652
+
+- Build produced from commit 19615363e356.
+
+## Unreleased (carried forward)
+
+## 2026.06.04.1651
+
+- Build produced from commit 19615363e356.
+
+## Unreleased (carried forward)
+
+## 2026.06.04.1634
+
+- Build produced from commit 19615363e356.
+
+## Unreleased (carried forward)
+
+## 2026.06.04.1631
+
+- Build produced from commit 19615363e356.
+
+## Unreleased (carried forward)
+
+## 2026.06.04.1622
+
+- Build produced from commit 19615363e356.
+
+## Unreleased (carried forward)
+
+- **PKI contract fixes and cmdlet expansion**:
+  - `InfisicalPkiClient` no longer auto-injects `connection.ProjectId` into PKI CA list/retrieve calls; only the caller's explicit `-ProjectId` is forwarded so that cert-manager primary routes (which do not accept the query parameter) succeed.
+  - List/single CA and single certificate response parsing now tolerate raw arrays, wrapper objects (`{certificate: {...}}`, `{certificates: [...]}`), and nested `configuration` blocks. `InfisicalCaMapper` reads CA detail fields from `configuration` first, falling back to top-level.
+  - `RetrieveCertificate(connection, identifier)` added on `InfisicalPkiClient`.
+- **New cmdlets**:
+  - **`Get-InfisicalCertificate`** — single-record retrieval by `-SerialNumber`/`-Id` (mandatory positional).
+  - **`Get-InfisicalCertificates`** — listing with light filtering (`-CommonName`, `-FriendlyName`, `-Status`, `-CaId`, `-Limit`, `-Offset`, `-NoAutoPage`). Auto-paginates by default.
+  - **`Request-InfisicalCertificate`** — generates a keypair locally (private key never leaves the device), submits a PKCS#10 CSR to either `pki-subscribers/{name}/sign-certificate` (`-PkiSubscriberSlug`) or `ca/{caId}/sign-certificate` (`-CertificateAuthorityId`), and returns a single `InfisicalCertificateResult` object with the leaf and chain pre-classified. The result exposes `Leaf : X509Certificate2`, `Intermediates : X509Certificate2[]`, `Root : X509Certificate2` (nullable), `Chain : X509Certificate2[]` (ordered leaf → intermediates → root, deduplicated by thumbprint), plus pass-through `SerialNumber`, `CertificatePem`, `CertificateChainPem`, and `PrivateKeyPem`. Supports `-Subject` (`IDictionary` with `CN`/`C`/`ST`/`L`/`O`/`OU`/`E` keys) merged with individual `-CommonName`/`-Country`/etc. parameters (individual params win), `-DnsName`/`-IpAddress` SANs (auto-populated from local FQDN when omitted). Idempotency: scans the local `X509Store` for an existing certificate matching `CN` and an Infisical-known serial number; returns the existing certificate wrapped in an `InfisicalCertificateResult` whose `Intermediates`/`Root`/`Chain` are populated by walking the local trust stores via `X509Chain` (no network calls, revocation checks disabled), and whose `CertificatePem`/`CertificateChainPem` are reconstructed from the resolved certs. Reuse is short-circuited unless `-Force` or `-AllowRenewal` (with optional `-RenewalThresholdDays`, default 30) requests a new one. Installation: `-Install` adds the leaf to `-StoreName`/`-StoreLocation` (default `My`/`CurrentUser`); `-InstallChain` additionally places intermediates into `CertificateAuthority` and self-signed roots into `Root` for the same `-StoreLocation`. `-KeyStorageFlags` is passed through to `X509Certificate2` import.
+  - **Multi-algorithm CSR support** on `Request-InfisicalCertificate` via split parameters: `-KeyAlgorithm` (`Rsa`/`Ecdsa`/`Ed25519`, default `Rsa`), `-KeySize` (`2048`/`3072`/`4096`, default `2048`, applies to RSA only), `-Curve` (`P256`/`P384`, default `P256`, applies to ECDSA only). Signature algorithms are picked automatically: SHA256WITHRSA for RSA, SHA256WITHECDSA / SHA384WITHECDSA for ECDSA P-256/P-384, and Ed25519 (pure-EdDSA) for Ed25519. The underlying `InfisicalCsrBuilder.Build(subject, dns, ip, options)` API was updated to take an `InfisicalCsrOptions` object in place of the prior `keySize` int.
+  - **Sign-certificate endpoint registrations**: `SignCertificateBySubscriber` and `SignCertificateByCa` registered with both `/api/v1/pki/...` and `/api/v1/cert-manager/...` candidate paths and marked `ContainsSecretMaterialInResponse = true`.
+
+## 2026.06.04.1554
+
+- Build produced from commit 19615363e356.
+
+## Unreleased (carried forward)
+
+## 2026.06.04.1512
+
+- Build produced from commit 19615363e356.
+
+## Unreleased (carried forward)
+
+## 2026.06.04.1508
+
+- Build produced from commit 19615363e356.
+
+## Unreleased (carried forward)
+
 - **CI — Gitea artifact upload fix**: Replaced `actions/upload-artifact@v4` and `actions/download-artifact@v4` with the Gitea-compatible forks `christopherhx/gitea-upload-artifact@v4` and `christopherhx/gitea-download-artifact@v4` in `.gitea/workflows/publish-psgallery.yml`. The upstream v4 actions abort on Gitea because Gitea is detected as GHES, which the upstream v4 actions do not support (see [go-gitea/gitea#28853](https://github.com/go-gitea/gitea/issues/28853)).
 
 ## 2026.06.04.0123
diff --git a/Module/PSInfisicalAPI/PSInfisicalAPI.psd1 b/Module/PSInfisicalAPI/PSInfisicalAPI.psd1
index e0de7f0..5ffa120 100644
--- a/Module/PSInfisicalAPI/PSInfisicalAPI.psd1
+++ b/Module/PSInfisicalAPI/PSInfisicalAPI.psd1
@@ -1,6 +1,6 @@
 @{
     RootModule           = 'PSInfisicalAPI.psm1'
-    ModuleVersion        = '2026.06.04.0123'
+    ModuleVersion        = '2026.06.04.1825'
     GUID                 = 'b8a2f3d4-7c51-4d2f-9e6a-1f0c8b3d4e51'
     Author               = 'Grace Solutions'
     CompanyName          = 'Grace Solutions'
@@ -41,7 +41,10 @@
         'Update-InfisicalTag',
         'Remove-InfisicalTag',
         'Get-InfisicalCertificateAuthority',
+        'Get-InfisicalCertificate',
+        'Get-InfisicalCertificates',
         'Search-InfisicalCertificate',
+        'Request-InfisicalCertificate',
         'ConvertTo-InfisicalCertificate',
         'Install-InfisicalCertificate',
         'Uninstall-InfisicalCertificate',
@@ -57,7 +60,7 @@
             LicenseUri   = 'https://www.gnu.org/licenses/agpl-3.0.html'
             ProjectUri   = 'https://prod.git.gracesolution.info/gsadmin/PSInfisicalAPI'
             ReleaseNotes = 'See CHANGELOG.md in the project repository for release history.'
-            CommitHash   = '2cbd5c2008f5'
+            CommitHash   = '19615363e356'
         }
     }
 }
\ No newline at end of file
diff --git a/Module/PSInfisicalAPI/bin/PSInfisicalAPI.dll b/Module/PSInfisicalAPI/bin/PSInfisicalAPI.dll
index e4308f8e79234bfda8890d715ee41923a3fcb18f..634d6d87badd09d7fd2f64c4c144439ae966c096 100644
GIT binary patch
literal 275968
zcmd442b^40`Nw_t&di;*n`E+^-A#dnz=oTh*^oj>LPv`9-i!1OC)@#qgoH?wj-Y^`
zs30JA6bn`m8zL$wDk?+}6}w>l+rs;Oo^zj>yCntXeLwF)=KRj@^mCrm%ia5kw*<K$
z2=e@U<&_|K5LNzm(BHNHti*WS^v{k9K2iSGMh|xE^{tH#I`y>Xj3tRXB{}Y_87CZf
z_Sx>-8ONVABRTKv8K<2+W9NMjoN<;r@uWFjU6oBzulL&}2=?m81%G<z`A=JD&jmAQ
zR6FJd!5m^0dG`Fhz%#(dN=$<ZibEf7A(R#H9uU0z<$_}`7pwArTTQh>@i!BH_Z5J@
z&q+p%{9Bn1I^j0iGano@(rj(|89`9Wn3vGMKBJ#=?nxJ%i~gcUnl4Fe8gH|PlVj&3
z&Ey0KjT><c_&=B{KkdIAD6TolNoP7NN?ZfttbT1i%HB?GR~{WA`O2TfEes05GrM#I
zuP@|+4rO2c&p*SsHwY@Zp=yE`OPYOXmWKI(p=j2My~7~CT*@r$>uoNiXqS`W`7qZk
z6u`tIKNw7%TMS+xSRB{H6Wphs^j~*A^gwU^u7SRsn-c}mU2zdlDpA}|AdPA=BzB*`
zucgh&Faybv5Rsb#u7=Ab;Kacsm-6FY$_G)nOajd%FA6I^#hxA);X!A(OrlnDv(Px=
zQtv9c2Dm(w>#0vDyQu^`FjSmXb{l}AcyoTULHxsl=+3X|pOrN^u!F$=Lg1^X)JSiK
z%I03dMUMvkz>aRp_G&GQ|0Vqe%aS_?&1XrNi(;}Ms`hr)<6`OduCjZMSQMtlq@^-6
zzU+S1);7ZOV5#r0&QkIE)8>D-XE4xmnNLQLE&oHgwBq&sR=h?RRkJRcTX3^P8JBml
zss%?Z+66;W>Rs7<{Rci4lGla7l6V>k8dkoiz$Wrj>?v#ccISNo*YduENmaeOfKJM|
zR**uTSSz?067o=K7H}poiWl&k4HTjBlGGiIDCTd7Nm|SiG56(sRd9V@hnBO*`S#=|
z0{B|wXEA5xJSsm2k|7KWz8W;=OOnV`>I!PXZKi7E=ApKvo=6SP+(qKU8Z!4%%o6!|
ztuyyl{M2F`mATK0Njr0W-rf>izezi9e?%QB{C}IbS;3f^Uvq|?gjpg#*4n7lWnEv0
zp{9I<P<>r^pKe4dm8mm=gCDlGBMb)M=`w5KP}nmVR(h-TiBa+P&XP6=Lt$yK*mqd9
z7*VZ%)ibzZxQsl?56%p8%N0Q2*b@pMXk$I00D^AK6AB>8Mks)&7@+{7YJ>s^x+(96
z0*Edn6l~~w5sBb9Gf)6A-UtO5n>3%^PX*Yl8KEF!bD|k2z-G4*3LtunP>^vt$qW==
zlitpUssMr>%M%LBY4_Y*a1UieCZ=WM2t4h&`a?%JsV0}JkMsI^6so04^N%#m1EC|s
zQ%j}Lk++f95Yj#GEs&d$d%<J!D{{Z^m>h}Ri-IHfYfll~DBeQ&-+F>hG$noyA@VhK
zZW!!=N(jU`iV>0eU~@xS*GlN7ORrk*D@r3-$!W{jS!xuclG_NPC=F(1==oKZVk0WL
zjnO<4xlK^;Sn6vS^adL*3P?l{NS{Xs8X!Kk(Dz)Gi5;sa5#H3|U>FbJZ2Eo^gP0zn
zLJ-YO#h<nfaleCj#Ge<Ouo+`zpwG<~B|ntwt#|ZE2T~d6cXTh6<)k*BYfK2231~K;
zq)Ds{N}A{34-u>7uB8r4^;TlYN@Z1lHDR!_q$urXC7#PqvH4B<jHT^1J_vexf_^&H
zj;WM6W0nA+ujMRV!RkrkEB14#&uHtFRR>g)ZO8I?py+6`D^0qdiu)QtL6BJ~@u-B|
zsV+<HIF&MSqBA6igYh$i#Xx!-@KHW~-K2FPrbtb#i6~I4zL}UA$|#|`SaMs!c12~k
z6{;T)I9ycb|2%SwP@}>5>Tp1H<gd!ieyCJqWTu*2NSgd0P)2iaZRu7l#yR0_ElLz`
zgHp{E-L|Nmt9l|ej<-YCpxfOZ^_kM3mz$YE|Kfn^B65>cxk1uv&HpROP%yWA(|nMR
zmdWq1@WN<y^bf2wcfc<hH`ZrS)=|($j?j=0*JAH=$Y(g%+z}fH_)aL*h0hXB(Y+4b
zSz7c2no^8;)YW`*M-VY&D3qt9<I?0#635sy`LwG2$(K}}oP0yn81Eu?5sq+TL)qln
z)X87lR#uF#(h+%IHxSkPveH{ghM;1i7P(7O=5S$l7UnW#y7P=_mI1x=Rg+V&;Kzdz
zCfH1C>f-)aUU_ABW!(isKRykEzTl5hht^fev&G~YRoLelm6JT%70azW6De!u*`G6c
zb_+3i)p>T6Pg^U`UXqL;n>&lG47p~6l`*pQx)D~!$krRYl}xtYm@@5beXBB>tycmq
zTc;71cDC-;&ep%K9+|DL*K7@Tq%wwN4V^?Vk^Gv?Kh0qD(rz4xO1D*ucZYB8!4KKH
zCrY(GyXf`;bWRN8y-|IY?TJz?%094eUw+b7_&dW2*2;8Zu*GiH{^kN2#efc}mXjgF
z1~Oy_OA~XBs$6MQ%03Jx1+CG;vrG!4{z>~mr&$Yg69aF%l;%ohVz_z|UQR6yMiV>Y
z{qboi!xftczzlZJEd*!a2Nik@KN!PAeb-$<yEV`|y>UmMBU>s1*Pqrr2({YT+f|=l
zD&Ou7Mki(Bqgg5<+J``u`wr_Wml*2&r05Ps-zXN{VW@*T@?nbT`)LJq+{_a_p#Xw5
z+!G2QC^JtefMD|H2?Y>zj-F5eK{x3M1rRfgPyn%!5egt?8leD!-qZV`0D^YP6AB=x
zgq~0UG0O-A5OkT|h5`sWNKYt$psVzR0voqrK(p=*6hI&=o=^Zm_vr}*5Ok%UP>}J9
zUep^Xz$X2uClq9C&NTxC*qmpCf{abNNAHCKY%VZD0R;V}x1k{8lupkZD99Ml?|B0S
zctHo~2?Y=cz9$qw&>wn20R%mqClo-?*Lgw#1ihXo6hP4Zc|t)ZKJ<j%Kmj)C5<Q^+
zVh1A>K<sFQ0tk8_??eFvU56(WK+qp}LIDJQfF~3{(9U~8K_-H<dEP()HfiTPp#Xx0
z%o7SAXw*ERAmi7bW}pC@G<V*n0tnhYPbh$($@7E)2%0}nD1e|P^Mry-Xf#aTKmj&s
zmpq{Wf=0&^3Lt2GJfQ%B2FMc%AZUI(p#XyR#}f)N!P6jl0|gm_!_7beUL0YB0*E7x
zPylh15eguVHbOzh^JC0F0XE-YgaU|TjZgq_oDm8jjyFO9#0f?y$b@#H87RQ!Nk%Au
zIN1mV5T_WS0OC|56l6R<%?uP^^K>H=K%8NO0*Et>P>}KKEHhAm&9jYA0O5>K0I|df
z1rX;Lp#UN=LIFh62n7)58lk}Aqy6jTjv$yMeWT9jrKgLAx<cs(qj)?c5au<N=2!g;
zj!GK2_jpV-jNDxwQ{f_ax5ree$ldEPl_zrdc}z8l;u;>h4|syw5V;QtZU;!aMSwl-
zBTBpby-g%Kav%2?S&iH$JVq*`n6XXdKII97FeM)J1hN*n&w7khMRB*-{=6p;qA2bW
z;)|X@R-$;45D!CyJ&xKJ4Q?4G_b~dJqRW`FejEm*m)WJ{SrnIa&Pudo{6xiJ{M1`?
zM6D8!!>e@4N`0}x($9tsmK<@GDQj!aI&+~PGwl&3PZF$OJ#B=2gS|2y`d{a<VK78k
zeG+#+wA6VpdYK0^0j9R<1elET6JT$I8yQC-fkD5xZLmCWELKQ=S<>%y*O7c(5!yK{
zI<mXc85Nt~le{fCDplkj_n2xExo>++1&Q1f9#aJ(_g(N^Ituij&VL}%F&wQ|FxkSU
zL6ER3K5WrlM+s=y4Z@~mHSEW{ztoe+v9u-ephiUQ8<{Y~@%(Q_vJ!Nj)e;2|=Nq8_
z;*CZqfVjX21rQe+p#Wm35egud8KD5;A|n()EH^>{#0n!6KwNBu0;|s$tTY1!5N|R<
z0mLOnD1f-s2n7(A8KD5;aw8N#Tw#O)h&LOd0OCp`6hK^Mgn~?ruQme(*u2IF1rXO7
zp#b7KBNRYfZ-fGf8;no@@fIT#K-_4A0*IT8Pyq2(BNSv}{5CUCfX$nYPylg@5egt~
zH9`Tz+l^2FahnkeAZ|B80mM6uPyq2xBNRZ~VT1yRcNw7|lZ1DhfdXv4#|Q-wcN(Dp
z;w~c;K)lxo1rT=|p&%35J!YT)oA(-_0OEZ{D1f-n2n7)DH$nl#2aHgV3GIVspa7d6
zGC~2whmBAG@ev~wKz!5)1rYZep#b7zMkvSx|8X-=fXxStPyq1>BNRY<(g+0*pE5#0
z#`8~`fdXtkXoLcY&lsTq;<H95fcTsd3Lrjjgn~?HUoZm&*!-dq3LqXbLIK3XMks*z
zk`W3ro<Cv+3b6TQBNRY<#RvruUo}Dj#Mg{a0P%Gr6hJ&`gaU|f7@+{-F(VW}eA5U8
z5RV(70ODIlD6lmBCS4iM4GeY8%Ir-q{|?r(8`MvT-ZrS86u+j<Ed}i71yktXhVMzs
z8siJH_R~i<wbYiV@~)SmMP{4&=V&X<6R}e*CV#|!6u$sf^c&PEE|!8NZ6Es02iDuz
z=oTMRd(*Ku+4jQS6tg#9><#oMTVOoQ{vwFH+Yoz0#bj?Z^+IwuO7kS*<4)!$?`B{s
z>q)1eYcz_<3F^k!Q(@Qab|!8clZwfka5Ku|O-6Y9fO>4~+C82%!tL|w*4VYX9h68l
z@=nyQ-tK&Ta=Dhjy}M9MI?BP4T0!%&mhU@EmW|3R5k1E~v$#3PtL`+?+#S^$6QlTa
zfyH9djmwEeU2{t|1?xUD#6Fm-f7m@kvg(_w#!ZY?_fBQl=661VaG6L|QpZ)Y8$W(`
zI+uI~oOja*IC&D-Q|yUXq3JG#%S7^O=>dc)1F7yZI^CYuGYG|6*`3c|DV~7+toJXQ
z_ucGPaPpuX@a~n??qSW3X{X5=<R3Z~Z5oaX^l!`Xf{%ph{&XpLFEURe)++PtBohHY
zSgj^E62!0*7+-?$R&@Wl(iZT|a5kcfRJDq9mb8i#HA_ocMGOzGBJ<3L5mls=46h;!
z%-$NRNGbWD#&VG*WT-3eMB~n+G^s7mW2~{syRD$RCg$R^FljW1sk$`wY}oGn#JuiU
z#SUGzl5LIK?!v@^uVq7}#0zwbUb{qZJJPkUN-cWrt~qKjJZxXXTlCso50l<kS_L}t
zI6y8ruquVU1wko{N~ts>pDN9fKWxz{(p;=XUYd(?*rHe~x=TcwWlolr*>mvHp8+V1
zkmj$8NqPpLWanst@X9OO@;edvMa0LD->yz;v-55zf*dWsY>vRwyl)^@pO9^~w(Pzh
zqY<*3k?cLpv@Ms_RtQ5J4D#L;Ezo^iA*5$Fe5H|iX{G6GGH}&>lgM2GsuhavN>$t4
zz+M*SXc>1`tKGcY2Rj<3$hT;+^6jooZAr4-^{Hl8(Yz(q93UEo-$Wqq4iXI`Y&0Ch
zk>V}8E-6?}*0h_PH<2`-!=t6;Nj2LKe-eSE9@g)*@%tad<+pe=wzzEHHB4O6vlC}`
zT=jQ5Gg1mVk(UkDDKCc-V=KCLd)F3@H(<VI;W*Ar|2N@~NTkAXAB7;BYLR31qQb!(
z1+^_4Cs>$c2**3rZr+`QotAKjW|(l?k=i;^449Ot2plaM<{zp#Tr^BIRCAhWm`$kW
z4AC%gK+}>Gx|<P_aw+ALcap5plJY$@J4MU{z9y3Ldy$8iSZL@T*|2OoE-NYiY|*J5
zSH0Yple3VM4c93r?<T&Da^8u0Jq^in{2kel+=|(nW#u+Aebus(hI(3a34Ktf*L4?q
zyQ76v*`QXaMYq!e7Z<G*U2)hB@k6a>mYU2XqJh-hF+Wnxa$=>&InTjw$DByni(wtp
z9@V@_G|X^RbE#;U%&6vaH1RXSd;!KKcu|WOg+(>Q<NDLKKaOqa=1(x{F4an`Hi1Na
zO4XwKfvRoEeg{5j{*58oPpjRM`?0Dm(HlQX^d^l*rex)b0UtxS0f6@1$(|Tw4in~*
zn<4V<4gyU+4eV((S>?2cEBhW!$7>ZvXgXf2_#Un@_IT|lc;p4KI--YLG@&hs)j>+i
z%i`xcZatvg$E`pXr>|2MKSY#87DZi?EZ${#>5ta_9BrmkyW33v3t7}qPivk_#v+TN
z^Rmd|N=6nh^Rk%TR(~@&;Hylj$z)C?NX*^Cspe|YJd$dz6%CV7wRXK|n0Kn?Euwie
z)!ZZ+W|M02HZ)!ynLS4Cypi&Fw8-PHF!J*FEJ)<>r>Yj+^QyMx@m{=JlRUnlcJuB7
z68<k#Q*tk=+7iwQqlEKWvY;fAvrggcu8DBohwsT2z}G}L567dih4TS1Nrzt|oL)8`
z@3{4ZwrqZ@BM4@!Q#L<Mj72s@71{g`K96iCKZ@C!+sTia>3<=c8tQ4yH+tC=oyul?
zcB_%}y<&H%$*@Lch6RJjT`)pY=6|R8XLv6rztK{S-0xH^x<9De7Lx}o!ecaBFR9&<
z`;)3I$*7HzjNK=SWL&r&l5sIM^X`)bn%oI&Nk)3^lys$2)30Kx#XX`W+PJ$_*zI;`
zkB-wn(e4x9L_4(6I?MVi#6ikhR4MCo@OWfdf7UW*%y#JWX1bnb{pnT+dG|%!+Q{v%
zExuhW51Zeki>0$YzI(*mD)~j0uAc6E-aQJ}U1Tjl7Ep#3<lSS#h?#l!_%MP4D&Ni$
zjjfvhro0EdPwuZCizn{y9*cYT50AyE`xm%7-|PZ&sB^WL6kQ-XpHLSHF1frYoO<^r
zlJTzO@z(@b1QVT3)b2vsjTPkBX}x>cOl;d85h5+P)4D4YD{Jc~In9dQC-5@40f@jw
z|MR-W$M9(Erl>lpC7rcQKl!bW+fKH&C?A|o?=lnl)V;B#Qc7|@+6ihd<A>crS@NmY
zhd8T*Wj3gq^ajyDdaO!@DyrEBGe=j(VLlL+b;;*3mV7$0OFniUG^7Pwd_=&2m$eku
z5#LFhxbZsc$=PI`N$Oa0j3t<_xjkfc)0?hm9a+N!R3eeiF+N6m{T$;1Aen%ENY!@T
zIoHA*U3c6^)NbCLkDb;WLo~zY8278KR)g0)s=+&$a?U%6)#xe0J!*D=m<eo65k@s}
z4~ekIxPL?w*WKF^B0Xms1e<mob*XRPy1A?IAmz3R<(7{(VxhG)Fe+#%#H}^jYR)Z2
zlb;y6<%q|us91`BO02kTvjY9l;;D98^iTrCF}IoelRFhpF1Ci%cMVKQz9D3MF|K?I
zNkh}yU06tk4a!_dS&2b+lyjR9TrC<`7#GEJSf%JLhB>tPT5()4{uv=lkK|@zGJ^q7
zFn<%%HSlM%-ZZ)_#+30#4-M8zgS8SB_IYvKT68S*9p;m;I^SLKOBcPXJNUm=c|&7K
ztsFmx^~Ncg$^QnH((hza`U{`ZG(1V>f0UWZVEKNDesyBC-Ll*@FfFO~SvI&oQ*5;|
zi@CX4d1;Lp=~+_E*zJGKLCYG~%z9@f=inl**{6f|<`-n~M$S~y#LE4MTJufh9cR}2
zr9`#~W#x&Azd_Mm3g|3pR^-y1eL2w1$ka{;{AAeafWh>{;WG1My7z<9mh8-@ev~;t
zEq<)(Ne^WHDC>*4o#EZ;+0u;bp^}``%|zkptmB9_%twDh>byYp%v%4|aO)kL%bM?`
zVD@(Y977l!9@H;0d~?wFlHsR<X)k#!=R8>+3T8?B={`kvrg!d!Hja|7liO3><s`3n
zeovJAu&rI4M?C5sz12{QcE-&}+yYKYq*{jF!Gc0@sLe1;4;I8}6EP!7UTpid+4x9T
zg)JmKa3N<Nt|MNX60cUhdId++t59XW!kLNId`@cGX8mG1Idq$liec4l3o-H4O$3J9
z7E)>4$2=D6?g7C$SCE?W8IP-iKj-b}T|o|i>)i>-vo903Smf=WdN#d%ly`Zoht%aa
z*_v>Z-TBeVmv`gwu`!r)Tca{UIs=pD!+5&XQygRemmFhfA+RFn<D=$A5_-W+5GC&;
zH_>B_T#sNbeD#VNEt4=^zj9m&^Y&_zhz&jN7CZyYjY-)VE4n<I!6Q;h?+SDI=1GLD
z8%GQV<qiQky#9BN)_FnndxYBBe`Dg`x*+;}Fne*ufW9Y~O}-A_i({EuoF-qD41HcQ
zRGRs4nK;WOdryXypPuxJXC+)Fo~LWlJ@htJzam|1l!~qzlKbOyZF*eMb)l<sjYZg)
zTa@_P4(b#<)u1}HOKBT?Lk#>B$=_X&n+BKO<nL-pI#}HZ$ifln@HxGv>#TXdkCKhR
z)G5;5jlB8jlYI_miTp%qvME+ccF`|XOd{ExMeQU@db73UCXhV2*;;ZepGWbgBT{=K
zeramEMx^%FV&GF-CQ*JqxFERv!FGBXvdTI0HKljnRGSPmr%NP|Sy2kEUlc@mimC-S
zO;tn|wN;G0Qi9oRIRWq1lr5jcERmlcn&kAtuVhQQ-zM2I;=-?FhQIJD88j+ep2RQB
zmh`@FTM9Ov*2<UmecvO3E1qlT3nTTQvF3bfZy99ncBXRBoF(xpxQ#?1i#ArZ;091z
zMcpT*oXwiEh|`*~<{``y`H6Z;nl+5bBx};8Ey<d0G`h0I#VWZdn@@#?i?aE#rRFD+
z3A)-^7$G)88?>{h(2|>@gR5U`=g*zU4VkbexmjEOWK+#m?KP(QOPD3{WA!8*IJV32
zS&3+C;MnFDY}iTw(QnE9!B_hDa~^?3OMk*w0mKiDPyoSFrMIB~;zvd(fM5~R+fV?(
z8mT7~Ks;lF0tnWsybT2qtBg<p!77%wp#b7JBNRY9Z-fFnN`b-8%s>GIt6SbL1rR?s
zLP5sqFU&vzHh*b^f{aZT$Go2ku*pK4Clq9C{@M%_VDmRdD1i8_5eguFXM_TX-y5MI
z<2kE0K2!zR{G$;HAXu~UHWZjsJ-_>TWJ3P*{BHAI^hk^>e#=<dPwzOW`Fk{Sk5fo@
zwYTs`!Pk2Hvf%4I{<Gk>c>Gsz%agyO5l@74H+c*H5d1ce|0Vbqk2`1^;@SMTw|nA0
z7{-G_-0q22TEsgc^iJgNq+t$qP|nmcZss27n;8W#YrYai&(vNeBNFK@(lfPJqff`X
zBhJ)bgNfA@xd&=zYUS+i>4dYHgd=BIuf-zaO_uPyPA~ot>UEe@>zgqBz8*w~lS{57
z>C!QMCxdp;=`A4a+#vpZ&ri`AET*S2B7Ygk*V&NS-MoYSJpF$?$BRU~Y!aaWg5^9f
zA_^e>Y=i=czZjta;;%+1fcTpc3Lsb;@}4Sy_&*~QK(J!uZ76{Frx6Mu=#;$;1rYx>
zLIK2oj8Fiv+6V;@uNa{Kf^{hGsRFAI7<8C{0tos(Z&Lw8&Ikn%EMR#X3LpwbD1cyX
z%iB-@Q8YpU1S?+Nh60GP5egufR(l%?AgV?vfMA8p+fV?((wip~K#Vg&0R#v1y$uBr
z6O2#*!HIisLjlA@BNRYzB;MOl0MTQF0*FaQD1hMfnRlW9qR$8g5S%XaHWXyaXR;Y6
zz$WL*yiElen^Vm|0XC-@p}=fPT{<ERg1Opu_%%0bW~I50Z)*0EYC6N?eXIgExC2jP
zCVDs1o9!of6Ty)TI-<x8!G!JradV{@&hi!y0-Ke3%aCc0G`xq1#X*k`6Wqx9xFZag
z1X_;fWDOZ#V|Y}{kaV@<GEWVUX&KJX8ZJ=7V_SxsXAQSd!{b|qTV@TnQo|Elh6}TX
zi`4Msmf_;8;bv-hYRhmNHEc|X-1cx)+QhS@O{9%I9ld0y@NT=TA6vtO?o57t2JetH
z+*S?GZW->BHQY@Nm$VFb&KmBbhDpnC*R0|0YIttT@bzLCy7Ps&njg1^CoX6adqE7&
zPp?aaxxvui0oj9oWM0}|P0{}9EhLzp<3<#Hx8No~E`Bo}r5)B=A;x~U;BA=DVac54
zwS2dLO0$7g8U+xX)AaRC0mO786hO={LIK1^Mks)oX@mlZjg3$Mv5651AO?(305Qu5
z1rVDWp#UN_LIDI<n0?e0Knxn80HSV$0tgl%y%PlxLq;fom}7(jh|P>p05R7H1rYO$
zPyjLC2n7%ej8Fivxe*E=wlG2g#Fj=VfY{0i1rQ63Pyn&W2n7&}jZgrwwGj#+wlP8h
z#I{B#fY{Cm1rXaCp#WkBBNRaFXoLcYos3Wb@j4?EK<sRU0*GCVPyn&35elre$6z-z
zPyq3IBNSw8?rsJOG6s8?fdahP(+C9+dl{hsVs9f9K<s0L0*HN$Pyn%?5egvoH$nl#
z0Y)f*IM4_M5C<8d0ODXH6hItegaU{|jZgq_m=Ovf4mUyp#1Td)fH=|!1rSFWp#b7&
zBNRX!V}t^THyEJ+;#eaTWQyZBGf;rd<Bd=Nae@&FAWk$wf%zqCqV)Ir=jTHk`qum!
zY1tpkX;XilwCpm9PX_^_caM9s8w7vb;~ND(;qhAqf7j!i1wZBSt%85x@oj>i_V^uw
zf9&xcf}ipD-GWzne5YVu-IMNzgV2%tnaB4C{<+8R6Z}h$-!J%A9)A!lqZC%Y1?oJ*
z{l=SpxNRoToBht4eN>1)c>FQJFM0fc;6Hi%Nx^^d_|t;_=J96)|DVU76Z}t)zaaSE
z9zP^_wZ~r)9QgeIvf$9;uL{n4{B^;R$KMcK^7xyAD;|GKaHq%L5j@W0Ck0RN_<MpU
zdi;HGyfJZbJ)Zbsi|F;lk6J{(Cw|f*rg-An7BLM%=cm%&&rkdNsoLM)j11A=--4q3
z{jGppJcE$a{{HO{WB2#BVKPR4{|7I$hxthKNgDR^c(ULFJf14}Adfc?d<d93lK<=7
z&?s2WI^hD+*gO|+E8!xhUyRV~WI}QwD^cuxBo~VsZ!STf!cWG=&8dys+BQy88@7*|
zyg#+^QC0hs2ii8z81C0Ysm(99ZJagS#`jYjKWf`>!)^RIwegR(jdO;_XZm!Xrj1o)
z|3*}wwk9^yJ-j0Oppw*dlcE^qoutdZHaJv_3Qi(FE;TNJoWylpY5}6)Bx>xTO3TBR
z+qlR{OxQy;qUa<*-P@79#Qn(o%_)ocb{tfCs_{Ee-8=cIt}4vxsjdoAr)-h!PNa+a
zSkzQ^hxpHCmglCS>s(ciI>k-rs(^h0D0y+KYf?}c$B<KWyYKGtRQ9_bMZX2%vJLYt
z99N<~IgeZ6-Z#I!p}SKQcNf3aY3T;+_;59slY<U9o?8(C+1qF4cn&PgZu66q{gt2M
zJ-KUOs@`((dtz)7+$}!O8z>A-9hV<hNDjqvDY=#3_7TZdbJ--h2YbvL?nP0HUr>vZ
z-i*bf9to~IlfLOx3Lbn|o<<9TUBj5%jdJ+{#TA2yxx6{FJ!V^K{qA5X=srBJ@Jx++
zKcHG{bQj~<*zGKqyu(>iRBk4QL+sc_ydmW;;@I0a)nNAKes7bR!#pexg_8%T5tQy{
z?SZ-#Vf9wRMifq-Q>xF2rW{+T$4?BAUGWF-cKVEKS@`ORKPW*|lb1<d^F!dJ(exR|
zR`QK})PHOx*C<5OCmhQwSv%$Aig?&Rrw~qF-7(lFcg4ftNWvk}cGr7C(!UX_(68sG
z`C;)ZeKTxAa-#58X84a_JP?1BU)zZtAI0~hMcCtyq0S29kE8IiUr#(oa#3V9r0-p*
zd00(u65sl;vb1@+Z>x^*$^&rjc*XGoT)Gp%Jk&KGT+J=Q^C0IAgwvX_7<n`OSFq7t
z@VlI!z?W`>;gg~k>(e+I^(lcIMre%ZtZzvLRSpbSW?}XqDkU{;VsUjZt$4aX$3}MQ
ze!$$9Yvo2i?#pfWY}cXv3_h4g-yP{u^Rt+C_H?!4vz7T*sa4b`FZ1bJsFQ0I6^cfw
zJk(XIbk$2GtYt%Zcw`7HIDU>W+)-o<yZy(YXrK%p#GP#Fm)z$;<wl7MXG+SxzB)P<
z+a);=UFn^hD>sgnbJvybYROXHZ?WyHRcoETR35@gE9ZVXGCJkPxLUQGu^H8>TK(P0
z5<vvrp9452n0>on^9+NJ1@m7p+|jY~E*&&KGT;4Z$G}q_iwv!TTZ9Z{r3OKtOAGuI
zUaRDQe;`;S2mG{P4L9eW5qv5?xuK$FP@OhhD!gi{J)J(y`T9(5QK`gmvmq^v5`|Id
ztW(?tUl@5WH{U1q`K;U^ckRL`wF{#wY!u7BK*~ie4IV5kmwaKA+hw8oqjUW?1e;xN
zXSc`+(!N;gk0vP=d1rv}V^ZULiEUGj7-%}W>NW0)X)^Ls+A2ahAM0Nd>s&V0?TS<N
z@@jr;Vt$YnjXp`eH1b+^8c1fE8L79j%00|mxf?~F60+00;p?q@&kp9j+vDRI)AZ7!
zK8%;4`x3vt5=dJp>+!7W2U|;dOBJd#AK|xJbewFUm-!069?$sW_#kj!6@4hDt}C<X
z(CF3nE4r_vle5=Uqej_%10a>5F@x-Q3{9g?GDeX5CO^%`1xY@Y-M9E1dVKit6;gxj
zY9AT%Fof?HLtZd+%j~R5UgR^_M#`zreH%Y2TAv1zchcm!??B8Ni2C9u0I4o{s%4^;
zM8c5vc{|i?@kif8qid5l(cF``YfJ}x7tmF1@S?EvtCA=$1v$2PThF9DrcaHXWYZx9
z%#ThsLIK1nMks(d)d&R;rx~FD;&dYvK%8NO0*Et>Pylh35egvAHbMb}GeQBx5+f8q
zoMVInh{Om55KSW#K%8rY0*LdBPylhh5egvQXoLcY3ye?zaiI|kAeI`T0AiUD3Lq{r
zLV?XnF}TbO6hK^VgaU{wj8FjaW+N0pTxo;?h^vfH0CBYu3Npc8V+IPad94u&Ag(h)
z!5-lZd6RXyn6@9vz2597z|jpxD6sHUwhIBvpd#Pw=T(!^OdAV??qu37mE#7(5qNK?
z!;u0_HqW9*6LQV(A@P+$6kme2T8Mf5ISS*;`0dQ)<10|RI79OkmS|_ckJ9{sR*~jP
zj5uu^zZuo>`n#N27IRNr4B_iuKA=UAF&}O1d9amemmEZae|z!oV*V|Z6ol@Lm{yCL
zA9H4)cCt;`k4p1BXF_tAq~JbDo~EGrL&6%!6`N0^x*y5UkNKhbyAW^s<`h@_1Z};r
z;u)0A<Uw)xEO4NdYtr#m<laZcJ;%>r^LgQO&7TSLg8Z=0T^ZECe4MY{f%qj~5kJ`J
zt}K-{B^Mk@tT7m#F2-g0v49Ow>l-EihnrTMqNHbIw8`fBdyxK0iq;T_oQZo2-t0&i
z&0i93^F@9t1JR0Kp@!~M5*lC556rKXIX%PtMwv4+4BO?nIy=MsPMIYc=J(2|<fK0T
zL7BwtM9n`!44#}m|IP?L?_Ppou<l+K6X|OT0a+dFB=P<e9Aj^eX8sw(BadbG7eKp>
z9T)Z2^3A`(xxevK_CtM+RhAo!zBYz>CfC?4mpUIzoy$-{r*o5Q1ulC19czto(FV1`
zD4)Ka^@(K_Y|43YJ%L|o{u6Dr`7eG4R{Wda-eU7VD9zRUxK{)*Z>w~!=-{{14Eb&5
z<VTRmx9^W91of@$tmVGJmX~`hV=P9%!RsU+@;InO%>oJo$q2<2<)_4t-nL}2nVH=b
z@!aoGM8S+%ZT~)ke>>w}A-<XtsrY`XA?s7giO5r4r>0fD!|*QR-dXC^8D$R#pxz@1
zDiauIZV#iIt_Um?8#M+U4`Wue<Ct4Vu8LXjynak%1`%IFNZk=9ljUYXr7?w$5~D6K
z_k{VCo8Bz(aVHdi$AgF7UG6Tf;>qFn;ry9eJ1w(<6?gl&q4dd;f4h(thAn-A^7ui8
z&8*y+@^qQ3_K4TAyEPG2pA+-46$X3aZdcs3M_CoTkmIu=V%7SzqKcTt+g?jAF)G&?
zO1et)%<!>Dn%8|nyuFP*3R=H2b2{DdJeUwFQF11EJ=OIPvqmZEcatQ>QIf!}I0qZ@
zXh<bFf0(xQ_UYU^Tpz}R>pVSqqx1>(ddW?qNk6agR_P6-o)rTI$H8vo#qjf!J*i*}
z^)*i<I{xb!nZuqH4p@rs$x@=2T+fdlhvFqB$Xrt21Xg}}q8?Y2!=!q|u<8#|72~%c
z5UJ#q{O3FB9eHy4D%SF{9-o63>ajmy*bXrqXdSfTfT2HMI5#-w&h|Mm+9COl$%u5N
zfmV}C@W3CXPtVca3z43q>!BCZrXid7Li?m^by(u>7l)%xT>5<2Vix%zKT$E851l?A
zO7V^4L)s3u@}baG){V$)K3t3!{>YsFf=D|fqD@;FAtwrboezS8gXQ0C=f&sYcVBZ}
zT!bIP^5SWT*4ff_Sbq|F4Jq9(CZ+NtXXeHz@ta7gFKJzM%_i;wTxsI`nb~%DPm94{
zm{F~sVrOO-1T1Hz-$wCc@;xM7evm@_0%=WhlTrE?u(C8w)_)`UGE2S6`SPB@qFauX
z$??siyBI{KNn3I(c|^OgCcpaTNRxjqEpZ3W_QbP^*;Il!PY78;F1ZaQpki{sFeBy!
z#d2!o6$y(rONK7%7uI3JJoI5r*RbT-{koL7)Z@7wL9qAeGG;_K)|*6IP#moO*{5@E
zN1HAlt?8_B`sti}{C4befK-~3lAA#cI1}0~vn3MSmnbu93VsEV$d7yxL<B<~g%HOy
z^?FEtBfQ}5M)q?nGOc}%qKV>-2#ovSg&{hR>rdlpkb?Ue23%~(ggI_74YT=ftPjx5
zyi?VpdzU!(clz5=JXNfFvEq7*Z#$a7U6btoVlkLWUhXqGFTIpilaJ$puP^B;GI{o!
z7H3QF{x*=mx44e{?W|jUt2XbJsPmM9C@f9C7qyk!Ge_q3pg3GZjl3GOM1Izk@f+h?
zn(gr|1e49uM{wsG9Dhc)oqG!#?c8gh(Y-lHitYSk-YVbGT6f!<wtd;`OPAdnJ>&dm
zO32%H5#+G;DbrRrKO-4caQCM9b)TvQ_W@OTv{coi`-rL~cfYD-_i<G#?h~q3WrMCb
zt{QJbp14mb*Xg-V&pimo8EO&Sq8q>#h0@NHmx$q-%3+5g%0YhQ47F4M>Wg@jo}rdf
z@F%E86~d`F8oSm1wwR<MOsnr@_}Rei<;x)5oBAo$kfGwkMBRPg<If8Ip~s&W{3DOQ
zDEKE}y;C7$g8kN9ew)l0Q66jPFAl@rnsViF%o6#r{-Tw++9=E-SNv6kcqUQH=Jnrj
zG-h{k;%2Q(VP(kY$%5eQbW9-gt%b;?{55;=lbqQ~QvGY`4MMj_@NYfdTJY~Z-d6A*
zJ>FjM%O3A2_|G1{PViqnW^T$oU5|GY{11<J7yK`e_Z0jekM|b*ipTp3?%;>`>@PUy
z@qsAuZ9)`0ad3+$dg9O)QTD{)Eu!j)BU?n5Cys6r<2~^P6j$^3IKkZ>pCEV=KkQrP
z^iA6Rk&W>|ya64c^r*lMrPt+t)pV~Wk5Cr=vegV2>7%6Iqu#9l-5?e%-bOXi?-410
zxY-B=wu*tlJIp`<#5;{pkg<7(87RQ!yNpl(@opm&K)lBY1rT={p#b78BNRZq*9Zj=
zcN?Jq;vORuK-_DDf=rCxX9fzed7lvqAl`3;0*DV7p}_oNoRANgA_oUhe(52(3CY(e
zsw9|8mDXjEF#ak<&G7$gDAjai)fu^sC`Vn8WsLQ8j5?e2k`=cxKV8jD_>~EH)Ep3U
z7C%L|sgO~<kJ)uBkS{URifs$fv!REcW09H%^0sCe<0tFoWJ6+8Y7Syb|5QhD4SwQB
z3AVe?90GTjxQxnNUDlr59I?n3Z$v3H83<Jh&3R&}ysDEerXpsvvdkm(E)oO6FgP{X
z<XT(*emL0lMOiA6aa1UIBj4Ld*SPH{A#+2`5KUCIKABmiq)E<}w=%}B=y&*3ts+%y
zskT$q-ba`g%-YHJ5jymnN(V`KH0R?X6Z{1ztg3G=-q(9e=P_CDU>I58uIs9eQoc0w
zVs@^dY$L_D1umBABtY7}kZE##zRmkX{e}p0&suX!2_};+4Yyj<aJla);da%hmNi^m
zo!2|3TS2FW<)Pt6_<dU|--Vf*enVs`WpEn#c*q*lwMFSX2EmdpuE)|WS0sIfRSQe!
zZ3(TxRw;W~4uoze`_W;^zNDRO8H%KH@M5sX{x$~><vko-|5s6&-hUkn5*@6UEF#P(
zUd*rCnjd*m`T?sn3LrjVgaU|98leE<Q${F&__PrUARaVA0mNsFPyq2+BNRY<&Ikn%
zpEp7Q#21WE0P#g56hJ&=gaU|%jZgsbB_k9-JYs|bh%XzV0OBh~D1i8?5egu_W`qKW
zuN$EN;!z_MKzzdp1rU!Jp#b8WMks)I+z15_-!ei0#J7!50P!6o6hJ&-gaU{sjZgsb
zT_Y4ge9s645KkGQ0OI>bD1i8Z5eguFXoLcYr;Shm@gpM?K>XMU1rR?mLIK1xMku%?
zj9;Lk92lC)zW*;2)j-cHDuTWNLf-Y$tRnZ%nsWsZtBg<p@lzudKs;xJ0*L30Pyq2W
zBNRZqV1xpQpBte7;ul6JfcT{m3LsuILIK3Dj8FjaYa<ju{Kg0c5Wh7-0mSc&Pyq3J
zBNRaV!3YHqe>6e?#7jmffOy#m1rUESLIK2|jZi?L4ai7b3vFXXQfON%l0us<WAjX*
z{l%Osz`ws5p#b7<Mks*zyAcZTYu^!m{-0S;fQx?^p#b8aMks*zmk|me{%wQ;i2oR&
z0AjTf3LsuFLc!T#d^quHbb3{nmg#(t8xhw$pAXidp#pp<7@+_nGC~1F(Fg?)+zRu4
zD4+-&f%uibqSp}cS#Yvg6vk(ah{AYtt^ofg7@+{7W`qI=E)M$;6+m<wp#Y-C2n7(6
zj8Fi<J!tQT0%E-^8*9-JYd#v9#`=vTV%=xX72qEis=a>-ASN530D`O5-i88*sYWP(
z;1agCp#Wk7BNRYzJ=@z*05RPN1rRfgP(Zq_%ce^-r0beix~>|Lu8qvO0{ok4gaQbz
zL;ENwfY`(c1rP&9D1hKXwRfTbVpAg&K*UBUfS7HB0*FB)6hPFCPyo>|LIK2(5egvY
z7@+`SGb0p0Fmm-VRRA&12nAb)@rTK<T)Zh0Yd({b>b7G(HuwXt(>IWmUoptL5CcPf
zvsTOotd3U88xz|wN*Y)xCUGo&(0+VyL=nulAQcdY1x6^yv|gK=fdXu9VT1yREsanB
zv6T@DGJb7s1`4pbjS&hUwlzWl#CAp~fY{y$1$ZvUm$J?64rW0CE_O6R0mM#5D1dmK
z5egu7HbMc!E=DMT*wqLHw1ht+8UsVp6Z~9}G(*p2qbBp}e6WHsE_=x`C*PK0;!W!0
zQHI8T0=^xL?dIh2ykH&93zk$1t@lnkH?+5TreMILFbl)|$%cw2%dya7Wo!MtjKt-I
z9?wrL%4<A>YG(r;Kf4&y!Nu|R1jU;m@n5r1j0Ww$InBRguySun<@v*2;NKjd`~k$}
z`-my&k+p_iRM|i4#m~Rtl=mIPIC47>5SFrb`qslv|42JKj`nBrNIN@?wlif+JHwO2
zQj;ZVUrACo=T?`Hp2JAb@V&Oyp43jQT*$}Md3vSdA9Uh`GKZ7pJtwwhqe77t(lQ$6
zYVDVt#;2MF!EVNfo%!x!1v~zc_@xr|6NG*E`h~5JTJ^|RUzg#->qvi>k4d=|6BhAv
zWftwzxX9Z}nb^pdu*OZJ!@lky-#OI?$y&Z{e)0X-NM6;htj=>hkxw%b+Xhe3R(a1U
zTB=`{_2%1O$g7(?hQ(V>N0C3H-f}uW^McSEzLk7G9_i~s{%Ebr$n&KA2-4nsW#rpC
zb=tFNnf#7;d&iE0PfAViCG1!CG7n!c{_kJrkr=J-%RC}p>B~H%^Z&Q+AT4dz_-NJ&
zX#|$<&rg_Net^^u*~2=OvoA-cGTMHXJ?HrNbJP>>g0!$3@UYa9FT?N%(s&d<U@Lpg
zta>r$YOu4o!iBfVzp>qV4r=0jZQydQ8ynKfZLY**A40#|l@O$n+fHb0)ZEK7JKi|n
z4byYkwqyCg``|;SZisj8^%&E-9*bMIJD6kr^6t<c3QrYwPl4PdBVIFpl|v+1uOG?m
zEli)h$X<!}<%jd^9QfT2<n|Y%qB}s8oa>XMckz>RlLhLA_0jQxn0iKDW#@CvIXAUs
z%pS97h^0pDVDX9XU7YR?5hM?8>ndKk7t$Suj`g!V>t{SABkO0)AsqAO)pQhB=Z9s%
z!?ATPdp#Z91=i!@aj-Zl;Hcmoja3d;Xtwu7?g(5<IozZK&o)S_G5q0WDG#|XkSUK6
zXG3<>r|gcz{dpR?oCWVG@${U;fFs~XVIuY>Cy(H_tPYX_J=;<%HNS$LrJO41U?dZA
zlV;pC9lHJ(2A}GvJnV50yuX7H;*RWt=(oG?qi!9gvf06dT<jEADhpS_Mf&|+IcCD{
zYx@1&Gg4hAD*K3)R$tpy(q_h<f(y$k9`&tD$sdSih89t&Z&FI6*~!pSV(hoNqa}5m
zEJyJ-8y26ZpKQ)tZt!b>)!?Q(Yz;6UNE(hN4Pnl`0jF+b@&SCT-~qw@K+GOQ+090u
zbH|C%@%+e_fM@8bSI4K{BP2<TO6~-)KnYY@r(A!Wb0<Qwv=^6E9GfShrNcmsP8Qpn
z;(pb}S-}eZnHM$4oZ8a+FJW+AF#a;XJ{txn1q;*kFkCuN+KriEZn*-8gN#rBaj+2z
zAPzA?0mPw3D1hK40Pm>+h{KIg0KuC8-i88*BaKjy8JZqt1`4owv=Is*jxj<3#2buI
z0CB7l3eM&Vhh$S2ODQy}UUjFCudU&#9}^x=S?k%OR>PTJK*RY2&X&sfV{u#Ox)^M<
zWRw$N*r|lgQ}J|Qz@3H?#q;3Y>B1D^%><tTc4zX#I84^f-$HoDh-?i-TAG7;(7Mvc
zwMVHeo%JJ2T2thMDeaoFD>|tmjctoV<!JgWcNRX*ip<X0639cC&x)pR+cpyyaoeny
z+YxMySBCCbRVg(XvS@4N&%~v7iu!|7F1C7*(|c2Ikhp5A*+?UtYarE*5QjDnr!R9$
zK)v&OlPk!mFu9js|AM6EU^p1k%u2$l^*z#0a3|sBd=tojhdYVDYQHNgPf1@y+z7*A
z&4H$&J0I~mB0ccMrirHGBg4*?jfzXf{Pv|8rD@zHIOH9+?wt$XNO>IFO5;#2q}7+t
zK~?zX75%RqGOO}9ILs8iht`-@Om#gZoTHG%K0TGDZRTLs=Frrv&7m%DR@BrEM*eQw
zy3eK^k6gFTrkx;~^laLRBJlo93(Z|{9BCLnUbX`kyq4NJz_L(8)(rf~3;*7&7*y>>
z<2dhR_^Y&Hqcc6`Tup}7`bidl7EV9f)jWwD)Q1lT68RKSF-u&@9fDGuV8>sQn`}eD
zC5P~no{*8G=8}hnm7kt+k3O;{CuAf?kP6)lpUr%Gj1w~Z5plBn43w<@Pn-YU{#o00
z$P2e1<n+{lo~`zK<X;LdT<p&c$k>rRn}D{XmJWa!a9xQrFKNu}<R;z%LX`f1!oHnZ
zh^#P;EBIb&XacX0XY>u`BCVd`2|g3AXO*bB!3nQrx%v|SugkT4jOS~uv^I|=l^n!5
zRFtASTolgZ94Tta9gRY%N-32csnQRav~&75cr$MF(Fb4Ni?^h_<wxFL_XW;d+gjiS
zU*L7|&}K?Cy*)0UNIH-}De%)#vITw+Uio7pMSV}N9gX|MBrR||LmLF&3a&V?eOBjI
z$^x-|?dq66SN0l|#qWr{m%FwsX3A$W^=}~Q-%4^?-@)u^o+gFEwKGwQ?nF_z%zLt^
zeAN~uQ?nXcsj~Svs9udaP2~%1DTaysl;!AhBz{o{T4?F3p;~C8zht$BLVFut`9kx@
z)7pjhb1_K^t#yv&Z^0E8wabh_HzT3fu*_bw`qM76^jPh%^7${DPbsx_{%o>vEp_W$
z3={dGOZAOu`gUX6{q>k?&X1@pKNH^PI~6)TKlJP1&>gI8eD&v7PNI3x0jdH9b0-_2
z0OAxQ6hJTq_D&Q)oMwaqh|`Tw0C9#93Lto;$@`%I;w&Q+K%8xa0tjb>g3J(hi5V!!
z7@T7U3Ni+X87RQ-rV$Dt&NV^-#Cb+2fH>a>1sTuZXa)+fd4UlMATBgQ0mM=x6qsMS
zF7#y^Bk9_=+l^Z7M}+;M+r6dX{V~>+L@)1<i6!n9?9w*Q3oZI;^GdotIZM_u<V~%u
z(TEKp-38vlwt|;>yuILyJl;|83c*FUQk2MD;!XC%BtBD&FZ0CSE#e9YdFLvp_Zm*7
zU66Mf8OZQ1<2j7wh;4#Wt@rb60f5Cz=|a+nFV2NYhn>$28+N+$FtM{8y}>4nZEX3!
zzFm<Een7sTLOh#%f0I>C8Fx2{5wnt6i)iz|1!i&Qjh;Gc1QqYbY$ej!#d2P3%X_z-
zy<PPKnj!w_Ii%%0*T(p%RK9)rkfLRxG#a(M0{21k%rBWtPN^Cj9XVUFbB|zN?mMij
zT)O_W`S<1Aa^fPpfW6K0B`ba8+#A8sGKqw)j~C+$B+FVNrZV;>(t4_-HNWPxGSR+}
z0G4ltPd+)a__|xMbbD8`&`Q!gOv{a-awhUzob}q}>;mLz^Hy`=JY9CwH0VNVku*Gz
zi5Bq+^==AL3qmAURzduwvvH_B{F}nR`i9L*h!u}}>hIb5dzt<&k>BK9l+5^GbuY(?
z{04!}6@2kg@s?S|Qvh+15egud8=(MVg%JuME;d2|#7ZL+w6j|C`kTa>b4Rsiam{(%
zlB*w#Ems#(gv)udFD(fDUhGcIl9U3A+|lyQF=92F56CWGpm3Qe4Q`Pss1;U6<zYpT
z{jlt(qh;cCU%b>y(QvWq%!n1Aicn$FbTMC+w@_=^r&66CLOT6@B|#!9gCZ;C26yAW
z){^Xr+<p^X**(gyF4DBb;feO{7Jf_HF_$sL8HBNp+BjwL@CvH6ab*4AD=MUKpwC?-
z3YR-Y>2)i7qNQGI)#>kVUJTXQtdL<;wPL&y?eZ<iq4F~Mb#FrNVR94!yGzjf3Zmb?
zsK2gRm4e}NKzaFAIN&h|3g`CaTPj{A3MCUMsPS5U=kStAzZy}?Q$aqN26<^KNOu`<
z)rOvLR8w<ZTWGH`q-#`H1lQC$q~cJMn!(2hIx2!qJY}Ei*XYlbGVCG_>uU4P94nWj
zrpo3*5;Z&z#-(`>Enl3;gGD|MMA1C(`qk0+wd6tba+1vb7Rl^rnS|u7fN8#&pZH3C
zitZ|Y5!B(5%NlsAR7>Sla{d0?|Esb~gYYJ65EMXMVuS*SON~$fahVYcATBpT0mKzX
zD1dmg5egu#G(rKyRYoX)xY`H>5Z4%?0ODFB6hK^OgaVTuzn&+3=2;>?cTs&9V_YRl
z&RrvlKE2L6N3zE4u4^&Xe0(*f<*t#R8(K7vX<Q34FqEIwQ!jW&H)2}JpSKM8WyfJ}
zwi)h+X)X{C-wJ~GIEuU3<4*{_)noYth`Y_>2L->|<If7dlb`%~>`#XbH~Lwc`>L?-
z5E~`;b-{NCX230L53CypXOqT|=iY|67@XXX943$PlXF*NPgbsU`&v619jxcvl^FQ0
zd}`|8C3T?uTuFco>T~YeQTBSa7LS$B*t-dPa+ICSt~BPRUT&^d&4@Va#nJ&({W@ee
zKDUet=LmJId?uXR#|q~nwQ5Fd4d<O>xxZT7o6%a_>l<YBDS?yxj_(!ELjO#i7n<u-
zM9A;=;AJ%@MjRiJOzjK@hN`oY$KabELeE!mn%85yE7#aCo6R-$<Ro*OH;DYbg&#S8
zEn|;M33rKvd)`GzMk6<U+F*Fzau25hMP3@AkSi4l#}Nau$-_x1rQCGhDe{}WHzG9)
z#E(?}R<ECE`nP#~m+3kFCiW){ZZO!(sA$;@R_hc%yu}CwR6|0L*OPMbO#)`g5eEXP
z3?2~{l)~gb5*p^?51<SlAId73*cf4e-#41y3LtJWLIK2EjZgsbHX{^3+-!sbh+B+M
zK!iUi(U1sB`S=KbSkQlKwCq+3K><O&-3SH$t-ouG=sK@9-%j|g<>PmVCS5*$r$h|-
zlKtdAqq5Mw9&1}qlRN8o0Ww@BK_@RE{YlR@=~4psO(1j0l@R(<Ouw+gEis8)`YDk)
z45~+bO60c$EE9{e`#nhJE_&^Zg~30ekK#O&ootXFupl`W-#;sB(z9)A{elA*>H5W9
z!L?7@ec60)HTjYJPx;Zhu-E=f9A{GE?-5rShQ>M!b!X7v+Jf--vXf(#skRZ82U~;C
z@7j7WXUiBh{V(OzidTDqu)V1J{SI45%zQH?z0cbGmlQz3{Y?}W68}%tg8L_GtMKSo
z<(6x^;Lj$n$5`L>LhvYtiTudLOI;~s{Ys?3*7NBE##+z+6+uREZbX6qPKs47)TYb%
z?MUpgUAw^j9#9b65nQ%Wd!2A|^7Y);CSTu9V16-nR2~i_-^P#+NJ+2Q3}r8ojQmfU
zk*}!AwKn)xhRz$Ap}!FyMlHSi{M>na@>70Zll(jtkH*f=N5mvuc(wezCAf5QJ3o0O
zMxLGdAKH_aoUU(vW~Hukhc#!?$(SYbV=Yg*?%5WXt1)b^d$##s2|se(^Nir&hppXs
z_3NH@AndyCses<%T}CK?c()M>Al_qy0*E_}Pylh45egvQYlH&2AdU;_MV`COKtaaf
z9y3sY7xx;WAY=1=W}pC@_ZgueWApuHpa7d6FhT*u2aQmWarz-MP=L)38=(N=BSt7N
zr@AH}V<_F<_iL9gP|aFvm%nIf{Mx1HWeHL&RhsA1m@t9(QOgpGls`#r2<guB7M>M+
zw#Ppeyu{<@1t)?dcP>i%js5ee8?yGun>DOGGVYSK$D2{~&D~o7Ic?w4rAM}&Z0Yg&
z;Y*Ki$AnJYpJC|@HeTe{9?6l9T8=1yxZel`5Fax_0mR3RPyq3O5egtaVT1yRPa2^B
z;!{Q_u!87j(PV$hLH?Sz5$BaZ!`=${iTi2qJeu4>Q(9<h3r%aG4O(bJkc?qu-GFVS
z;C#tf|E<A^fxDf6hPs<?LfRQ%>PP;VQb97wxlF16?()I$vZTjf*qnrK1Id;<Qq3cU
zM+qz`Tq>}laHYUbg;xt4C$QH|5T(ye^hys(+{cf3`)#qhp5Fd${k@HMT7PeM61(dc
z+oi9<+gsM(+b3Ryx4&C|Z)d%3{WD=_vAcemu<})S`<``si=c|Uy(d3h-ab=qN1pk3
zDsNAVe_r17prn_#Rjp9^Ox{Kb+SvZB9@D@4&XyT#_V2*z`p2*FU;8(9{7zmE|DNm|
zD}EXOGWB%~|JGDrzt^=6Z|{@1`C@q$-pY5Dtr=*Sb|$u;SgW_AO8e&VWBHeno=oZ=
z8J(MJO8wa0W}=z#_7CgtZFg-QvCU-atBCE`-ezK(@%B~3_Tq`_h;62<UPWxj_BIpS
zjJK~Mw(|M-(ULW`B+T3eyV?l0>itMb&~-04e<Xj_iOHv6(=ZMZFGlr^nYQZG5n&AL
z4dvsi>+8|AYx77xM>^W0N5#pg-ul~X^GH74IohL4x1W)rwZ=%khq+ddGQ~TlM`=GX
zGVf){B=z@Cl909K{h0n*A$IP%{vK^Eb~A!9tPo}DzSbCJ8i^0A%_Et!uGOPV-mf)A
zGOt^!N141I)1x)yy&O7B{pAh7wdef=v9P8r<Kc((_Gq8Ac_hc;)*7Qs-mf)Aa#U-r
z9%b@=tud0rL~HdZllNnKw1&KYF=+XF*}C%n`n6@*Q|-K8r$@hAn@6XF>xfY%@7Efm
zOLOb+D3kYVjnPT@b$FD?`!PLA^ZvQq@b<pGNz31zUJqPbo3n>lSd-kp8jr4Bn@93S
zWGZFrjM3*`D~~#NUrW;D$-cG5C?gGftj!~N6mqQ|Wjfany;dImdu<-cvt#QUqht0M
zo<~fDM-5hAjennC5C7!RzO}|Lll6@~*B!rC<KKPj;h#Kax4!Y)YOi(2@74Hs`C9yw
zd+i&uHqq-=>N1F~pKL|d*Yy*>I#$T_?B6@63o~K5meQz3yus_(bgT?{<6P>+{(Z7z
zCSLkAuG8_0dlfam_M)D+ce3!}?%=0d--_#A?-K31`RS~W=eoyxK->V)bs4mGq8<7b
zPebt)o;}&4@;6m*c9$5)heWt<y+_MH7J>Zx&;!A=9qqlU-eBh=JeKvL9fqf`n*4$s
z@+<XgOl2(@*qci&{<zi?Eaxqit-)n4*dmt#h@Tsw0OA)$D1i8-5egt)G(rKyuZ&Ot
z@oOU#K>WrC1rWbALIK3@j8Fjadm|J;{6PrRKbnC8Ia9zrAN{irASDNrbZ(A>@f^xk
zPZXS@On-8ks*}l=;U-g(%hhCR7%#+RsF>_s3YKu6=5Uns^7}Di{9ekiN#RwNOKj5R
zX!arHYtlh*0dlkAB@DPZ5mDlIV|&HR=sR`kGm7tlc*eg+8u9@AgnqlP6b76*3N9SO
zeYjFQ$hx=lnr-*8M!6yGm*PI&p6Ii4j<jn+s>vNB%nOUin#6U7HH4*cZA??8$8Cd0
z3VYomV9)4?__f<oFtmkF$DF1t&##mmkT0~}E1C5^ep;IQM6*vQ=RVx~!9y%qe?YjM
zJoiCxyeokXuCUk3!ogf4N+$0kFXYb%Sb&Q66m#mmPlv9L`+6@QgLRz0l2^7j!$JHZ
z31Ui=?1{#GSTtN@I@C1gZH{}%c|9vxBmeZ1Z=v21YkmYLtZq|_srj3xSHL3bI0v38
zZDk*H@$SURUy^h)(GNX2Y_;3UtUp+=r_Zaq+6fHZLR{qLhTJ&o&AE>fYI2gqUrv%x
zWV-gY7pnZVUUIk`8_0NahpPR_r&XPtJgMrG<oBvhO$z&py=lpGRX0es7Io#Hq>Lop
zkKiXqg4mPhmB)O%56P%R=Mmae4he<D!RWkAX`oompU`(5`7?E(w-oP-rMoaW4iio!
zE{o2i_3apHHt#3u-5gi_n5c#NVy;nqTp)+{8biDQAik@AJQP@LOpwO{)id`1ws@U>
zcjDIk1b8VfH5<RMYErFm-U)cGpOR|7^Otv@#NJ>M?`KZ1GlBU&ui))=doW4zO6o;7
zDko4lhjJnoDx9edIVAEaajRz{IZGOFEG2y>UaB@F{%MS>^({CM1-OUf)*YP`_k(B}
zGg6?Zfob;9eg;0?Z$$Zjc~wu*$D2Lj_Wf$9f@wS_20I?82XQqXPs7taaZbk<ffR?&
zS1X6haoFgM?h&=KG!$tIHK+{~HhKJ7%3@Y|#Wo!2)0bU%S&GBL6Xh%*yYH2Om15#w
zcJXDWZ}7dL`B@D0?wJ-_RG+~;BrP^6r0!aQLXtRXirpdP5awDqKcsM?F$yPn7lp!2
z@z3Egnf+c7V_!Cx1VbP7WkaX?c`>Fz|Ch+3-0@Wa@oys(K>WuD1rV!^Pyq3Y5eguJ
zT<WO;2;N-vp(ua|jZgrQGeQAG-UtN{Jk9F;Pyi7bp#XxnTD=Vg5G5lNNc)=)PRZ#f
zO(<(ezJ~D<{r!Rz12rYNi`?^V*AeJGV!FjE5fO+lwup~=;)xdVb5H!NMa*Os3@3kU
z5&J_d<Y-{f{ENJk(bw607Ih$u50Dam+~d;)f7|0@1V06?E|f!8&EEnm{p)mgtT_9D
z_u_cLPpcREi5D-67nA>6FS^8wKZqAoUX>RoN-TctV|23MXEa7%B+Hs#5$~qHD(~8f
zs;_8%UEELmZ{2U#{JXgCU8nmaB-&44m-0GF@OQ!0h=<JfE{YuO#jkq|j)s7z16F~!
zZ_&9wE#$*80u19XB4h3$ev&g`-NPbs`Q~=`Wg;-(v5LT^g8gYFd{=6=P$gIQwhlsZ
zLmnR@cr%X=6Fkr3Q&Ifc%~BYPCcUKW7KpjNC*-yeSa#15VYijwJ{@vENg8w{A}90X
z9WV>yGx_Z<@?^%Bh<>9KV(<uPRd07GOfDf^$^HD)O7TAA$11)cvg0%gIsMy@x+nh_
zsmM2jI%NE~dl&>Owe6KUsP%73JXO1bSeb|M&okV{mzv@)+z&CnmMn<BjI*H=!dUXa
zYYqux$po+2J!(t}W2s4v?Y!!~B2k}LY;=XOl&ZJ4QL(}JQ%bfmAuVCC*Sor-UhJ#q
zd+Qy2GIY{%_6dDPN>Sb~$wsR&FZt*Jd}L$_&3%uz9siPi<l`F}(TSx#F5iDuVo(fu
zzk%?=<RNh}6&F598E5gqYT;S2FikB;GP4#ARSPeRg$>k#Bt2{4aP(1Q<1i^7h@BZ~
zN3tWe^CFRp-+;cpOR=$2m~14r_*67;k<7{ZbfoB$1!95c60sn;mG$Om)wkt*Z>*}E
z56w;luh<A@*<6uM(B})1l#fpv;l5Q*a4&ep%#rRzFg0IQ63@WBAG76x8co%kkSpzB
zE5nM2d-+mE+MQ;Eh<U1(M9R11Nq8xMly8Za@RIK-KSF#PGgGNU%CsF9X&O2#(qd32
z^*zIp65d#t5lQi1N+b1OMHA1o@lnq(m%>nUE>crxdgskZPJl|bIfx4e`nl`)YlItr
zogY6B;bky=hhVw%nqeXvJ<FxP4C8~Tu`(p!g>&DHDuAdMp#Xv>&%F%=5S>OSfZz>u
zZ$kmZI3pBL|D`X!AN3Ng`xjGkj1LRXz6UCdFF-2~Sx6(p2ZG(f)UtX<Pc?G;gZS!*
zd=oW{mtrmcGS98@tw3#t!uX<$%f@!zqJBKmzI9n^ee2TNE{F%oyCL~V<gia$(x@Tt
zJCT*i)%?g9+Ba%`&ESk+!>jx{0dWp)yDjMTZCWn468)v^HtiEQ_AMB7K0cQi4)!3C
zDlm_=&B|eXK4z8rrm5L;Z8IuOf|<P9DXNp#X6-yJgVlIPNSeoXSJb=~8)Ve2>0`83
zxV%O03q}D2Gr<T25WG<DZ79&W9_NjM%QQW2A{=c71;`r(efmZL@me+!cO`ceIoW!U
z-~}q9lrwn|Fmh(hb-6g>@W1vRn}sX3qeAO=d0W8hXp)SVAEnR-R*FfyfP+reu&8BQ
z9|~7&Kiqn+SpSAv7n68%teYsT>gfuTf0BdAUI%ks*@`Ybx63_<vx6QfFNxpH#P15?
z=bz_!3=eq;PtxPQ39i<UV?E(<5RWm)#m3eHAF}fFE%?U#FuqiBrk0$mfz2fse0B2%
z{R=jX%DIyJHkRFY_^FQ@t|x#epoebpOH>?sO4qJ3bC$l~?908p?GZM4YOb<eqS&st
zd``d@oB~R+#|Q-wd}P4ePyoSq8a$x@qR$8g5dB6dfS7EA0*EO_D1ex1gaU|ZMks*b
zOYJ^b1rQq=p+IHkU$ozER++hmoNZ7!M7^FS;^&yCz*j=rfSY0CeW{mK(cLJz{m^xa
z?yaKRA6=K|ZWY}D=(z9hJv&XmE1i6vGUGW^F@BOl=q}JQBtM3Xzbj=@cs3!#CRnZw
zGp~|C7?oFsZQ@AAbTWcMriHpeDEcJ95@kncFC#gJ-@@Gn*Ik-e@{L>P#PaG%6DjUm
zxgPa351?2bjkQ>O$2u({`eN~pby`G>#p1iyX%T4_i+8TmB0?-LG-O+x??Ewzaz7Cx
znZC}d6}v0F-PQV}TBTOKy}L8ygUT{mtX2CC>#p*B<q8)AU!a+#s!lwFs(M2Y&1_ez
zu4c!MQtI;0#*WNktxcP5(xZU7EOnam?$Qp|;+;rK7~jKhtKr$LNnGV408gPLyApEm
zwKB7Ba+1B`e!x#^bPPs1O1_rYFfztzleDU*lR>XU{8Rk2$GkG%mcL_;@oh{duA5j~
z6(ITpMks)oWrPBVO^r|h5gVZZVzv<qAO?+408uwW0Yt+H1rS3<D1ew_gaY!k5cHA%
zS81L6p=8w4{Dkqx$XWLzApOygQ5v(t_;YZr{<}AMoZN|$A4_I38>lpqkjm09O6DIb
z74HEocju++y@kHty%!t0`ewE7ZgR4x8q!2Qj7?TwN=54A^|0o)mfwY01<OxC(8a$#
z{?#`KBQCst2^aN=!1xhCB|%>X`B7_fED=cV;wMVJ(VNCj&v4TNW6P32_ZI15s?Bu@
zp?CTNoH7C(YpxTJSMtx~RnG7|0d+O`#~w-A#s3oz+Czi)6DCs(9T;Q=4V4@>jxgH4
zeoSiE9yJX0^SUr*a;v4=LmeD&96A0de6^Ua&!&R}1`s0#30*mE2J1Ls|J;6h*g5_T
z4y8nV6IIUbX9KVbP)1-8stm!V=;%woTk|q$yN0y+XUPhS?nPfv%Nl{jlr6VZJh27k
z<DNkX^zE_f760;B7=KzKOgZc5fUA=dgrB}{h*Q<A$*DxyoDLmc&<J~{d*M{ZkMY<}
z>nuf2IgC-Xe+Dh@KVzMKvf6XWK`rx~Us3bV6b!qE`#REht)#z?K}jXbFW-R?Nf>{U
zcnyt<mWgh%ej&Tg)`+lNm+qJG%d_M|yrm3ua>aNRn!&}nG!|Z)X+0KLom4<2-P{NT
z5L+0b0Afoc6hLfcgaU|#MktWA{q}h8s}g;g_6it2-dlvTHH`OOAuq1ecH-+eo3grt
zS@b|-9-l@K?`9|0lAmELW)xZGeFJ@n(l-(MMnz+qccS|hjqzdpEu6?|un5Sk=Ebb5
z41~)hB93PlEACt+)MIzP#}cBuz~gTUUg~kyCwGzOzJq!EJ+ZU`f~HMk7$@M!ox|^{
zA^NGW5%+|be#cCJwp*jenom9%49QsYi(#vsDw9RhOVoS3EDiSQ%NK*qpNa&eoQ?A&
zh3)Qcv6Yts3Xsof`QelTJeB_MCREzUS~^l1S?ifBXfrc`l%x&Nj3RBu_epXX|4=gF
zdYM@9d7pG{wQ5%}SCi{7(T5v)<edf`FZq5wPruHTp65;H|H99nrr>{aDnISn6B&{A
zkIR<%Ia5Z$x3RP+NYk<l>J4j73(@+CMEC}x#e#h?+dIEq!hedNcJJH{f9~8-{WG5<
z^LeR&%-zli1rU6s%-c`^v4ar`Aa*oD0mM#5D1dmK5egu7HbQ}v-^KJDZ&`Dib+r3a
zkxv=>b~aBU?F>t)<T8GHUa|x65d4B*s<z-?2qqzdUldGmf`1K`XJMzG7(a*n`FrU^
zR?L2zn#IqzOh_opoQ~vWUFnk%MW#e=6`ld0_5rn`dk6YOw^N2GzJ3vngK4@;z1`*d
zRK7M<zP-B=)+%0-{L>LU5!21fvo(1o=Gid*y+oxtvFiJ!J<Yq*YWexwp}B)_dgoPT
z(?s!Rv&&^iDQP4%`YjiS`6Nn07Va)jyY@0VP5vapGWQ6CwR6lq{Zz_C{#l=%ky|RZ
zmkI@x=&nX6@OAPal6_;lOp)6^lcIF?lC7cNl{Sa9f|oINPoc@yLz&p_M<kO@4o9{c
z8>>^>Z$C<=ceAJ{APyp5$Dz_jSo=U+{=T-jIJtr<j{wzp^M?r(t93GxZ@uC3YjTiL
z(X|pUIdYmA6}9Wz9(#<c@2|JGDIni=H$nl#9!4mD*wY9FQ#nk)nUUbF!_xAfc3Mc;
zE23-73OlGU>8voD=kqnsOH4HXCAq#iTHT}5mC1CCn-o4KDU|b=nG{;yAA9Vm^zCJl
zRY2_bHbMc!K1L|eaW?bb;BCXwQ;;~fX1PVtwbD~wdwSdgO$o)rJWO71VcJGxtn;w!
z11&NSD~8FxC4F*mRdycnS=R6^eM^>%O5eT~dj+X%u_-TWDjC`8YR5mD=f99CW6`~c
zGE&0l9!Wgpymw2&+j6vM(Qp|TdESpO8Dm<Qqe5}NBoMhnJznlmv-B<*(7G!9TN2M|
z=!p`joK{D?ZLKfus|Zuq_cC>!tqfo16;PCXQ_>R(APz7>0mOkuD1bP~2n7%a8=(N=
z5F->o9BPCDh{KFf0CBhx3Z%Xlf*#tfTU+_l+>zX%aqp&F<okYL>d7Q4CCBEyr}~5v
zQFHT+nk<y8s>rwOysfE1$<m73QmJ?Y!3#Z}4rV5`x|gTt{q)W)_9h!)(wb-ZwGTGS
zC0-kkHrdXb42(9}0h8g2pSl!LbWG=m$(1%yw@Vqz?WA@EHu?U~e|#D5!Iwdhj^&cU
z?Qz!;ma7WL<|B<z0CAKN3LuU)LIK1vMks)IgAocKjx|C7#BoL_fH>X=1rR3~p#b7U
zBNX`ZC(DDkx68kwxk;JNCO@@hk#FAn(yR-mWj@)cA)&O)ry8}HP+I02C>76xu)(>T
z?zsgS&KK}T-e8N2f!o+~TV*(JdB7Vi8fCDlH`p43cn5ymY)@<}xDFmu9$4;K-*M~X
zA|+3jk&@P`e=uw>lQ;+R&&C4s#@BhYLAQ~|dXB06);ot<UO=3x_3g(x)G{cCn&fzk
zu6(3NT4Xvec`3(Rl+PY-`pl}DKi<MtGsCTonfg34Y@K+|;{%Qh1%b)22ufRy87lf#
zN&(_>vJnb!C+(?>RT#5bdy1s&ESc^5pls_(9_UzQC&_x2VTRQ>8LRNDKSOYO%vMWo
z^=*u?$|)8X1!-K4Lw(1vxV(OCad9jJt;blUA@O>VYXa?tfN(5sBgZOd^L8k48|n<h
z=4zG`mW$4FgIDv6sF-z!eqCw$iOnjV?s6f$k(`;!1q1m1PSU|M&+&V)z!X!C4Mg$X
zXbK!rM3L<d);TMKr-!=hm`|Sua&s7!^uz~YUyNkqv1KIZDO01Rq3*P{jOJsc`+eS}
zoXaW%^N2@L;vr%-HRob1`DG$rikyXpr-+oSgu3sVH{S_Z_NrUHH`)QqH*gNaU-|Q2
z+!+e<gZ@2+q1X9@G64~JzK);PH$#q~6y%|C`Ao$U#gln0cS>@;;Py8{3WMY10BTGx
zuIH9cCu{ZGk^+SI3?mdkoN0sth_j4P0CBbv3Lp?)@2LWaB}OQKIL8PD5Qz~AAeu%f
z@O9~P<jEc6H^(O^KHca1Ae3~uM?tVb%x`>#!sGe1g{;Qmqm~JWcIA_KSkdjw&iZuP
zh)+@fyUOuwndsz0X5<<Fq-nu;=xKi@nuVQoUy0)&*?@|n9})Ud{5z#)JjYL_X81kN
z{e#Bx_MYe6cl-WQ#uo+Jfp?KcI|n?T4xjD64sE^UtmNL)rJ(!Ab2NK)o1dKQul$sp
zyOW6CH83^VlvdZ5d?jCK;wLNheeT_;MfV<lIi@LAd);09vL(m*FdN@{hVjXy$d+t}
z*nXF~m1tTHC5$M!m0w+5^3QY}&I)vNG?ec0gsXNhmfSt~RiA*t4jF^FeDj9o%(S+8
zAHSeJ%7;@jJ{F7aeb{@3bpJoRod<MPMc4Od=G;_BNJ5vIeu02=2|e`QJE4b?1PCPb
z5J+euAc7PH1OY`rL69OSU_k}!SOEo8Y+yyfhLmsr_w18gioVaYzV*IYD|7d6&zw1X
z_L+9(%srR;5u<vlE!WW0>^{<`>66Mq^?=u2ZeINDMb`e)bK!mz7hHuN0{0;S4}tOd
z-#rATb#r=9Y`iISWd5A1YG9zdv`g<z!pd$?pgdb2OzG_EE^K%3o*T8k!1kM0pka=z
zK<8VA6==3wx)%Se=gBw!!=q~Kt+eT^9sKCNaxYUR2aVR0%t2Ev7|JHNjg19reG^>;
z3#6FjDp(-JWLLog+NVE{+qf^M?t46yBy*I{#UE7gs4)vJxqSe1Z`Ly?+Gb$96G_ha
zh`RGzZ)-ME*8K9K{K1g?>W(>d|H#jzeeN-)xaP7z_D^*cERbTFt6+f?*{*^Gl#kY>
z`Tm&7Hx=bO>r=i-1?9^wC?6Fh2b6!4ITM5lAnic$d4M1{%{Jelj5<`}JKZ#g4y01!
zyN3lGid*K16K}h(n(h{W1u9XFt6+f?Gh77=q?qX{SRh5Nt6+i3kN1_)vn#$YB|prj
zqGUEDv)tC7<t~&iL`h3gRmC=b3~;E(P~JSH<Xcyp4{d9pXyd(?!}}-<$T&|^&0DX1
zCcJ=e9^dKOPndAqwa;_QzycL&maAZa6ti6g3#6FiDp(-JTvx#YDdxEf7D#cgt6+f?
z^IZiCq`1#jut16hu7U+pEOZqtkYbUmU;*>VCNwFdZrf)*xr!WBu%@vFlwaM}f^2mo
z$36;jpWJiT`2@MrE?Xxari)7304NDI3E&f(1n3S>w2S2_|4v+NT4|u)wm0E{nMd-k
zz26!7vV_XofIEnQjEC_Nh?l_Nnf@dAplA2%@M&}RHlf*N#(Gi|rSti;1^fIv2#-bm
ziw1|&gV6BcqJ?N-k=9)bg%@5;Pr2#YHm|!BrghE2;f2Es;raI&x|vZ_B_ANuGtD5k
zO8T8C!ev-S>Z-JTb18jRp$;58qnW!ACW(aW{$=nWiEf=~-wa}SpLtQgtX|e?WQ?B~
zq>}h$w6wa1plb~|0KcY&BDcp!P)0|aU;`y68X6Jmd)wX_QREHU$P8~hh9pHIirD4Y
z!VzJzlOZgBCqs9ea1&0}ljMKcF+fk;?T!JuGIp~M%|pUXW=(QNCSKGL9_}v3+;k7-
zr8<Rw_a4lr-@M<gfGkjrT<j`XAjJc&f(246aTP4M;{xu1=;CapB4noIUmSDRXI$7p
zad#LO=<4x}5e}sXxEyY$kY3k!d*84aMa4IS@6<QkVO&`18p{G%|Dda2ffUPJ1q*yn
zH;tOgMq8fUWJu=oKIKU%7zg%J+#Sl}j&nFP;{^5e^uU%x_m-cgCG<QVhoXw}_N&V%
z)Cl@=y-%Uset-Dz+xolZuEi`+5mvYg7D%zuRj@#chg<~<q<Gj>u)zJkKjx+CF<b5f
zWMF39!3B+MF2xlT{SfT$OaVV%c@dP~C%p{%mmv^Y2W8yDj(LUT{8<)z2C>#Nyb3jf
zOyD2VC>Rk7<^lKKd)t_}$}JZQRM6F~f(3h@ktWx-pgc!$R$HEc%ys$2HfLMj)OGP-
z7Lf5BwL^O1O2_11)Pjd;bSHltM&m^lcetKCd){_E*SIFKKsG<(Dp(-JT35jWDb~3P
z7D(}^t6+f?>s<v4q}bppSRlnlSHS|t9@<f;=q|x$?0K)iFI3_WK>64CBT)X>a{}a!
zJ-77s^u)u?<b8&tLv#&{_gy*)!x26)98ni5+S`Yt0P6HIgNGDU$+DC<i&lQnH}Awp
zAiffWzIhKmr~`f$pEmalS~{ZrWc2EM`VmIje?!IjlulYSC?d%2qo5%JR{SSBvCdHE
zfRX5JN}t)v$D#$K&zfdWib#A#57v#xM<9On0@h8m2~Oc`ArT?IBgbS!k>OM66TiHK
zePU-wzSUUtAvl5CQbJAUB(ftD?>`C;bq4|8ePPd#v+#e1G2k(`BCtR;<8fEP0x34R
z3KnkdBR_*1p3ZlJIqTC$egPwG!}6U2kRjaX<IoI$0($;RVt#W%`4CsoN1jCS@FIpg
zw5dDvk(*tMS)d|paTP3(VymlQffP@=3KmH5l&fHY6x&<{3#8cYDp(-J)2@OAQtWUQ
zERbTSt6+f?&$tQ}NU_URut194u7U+p>~R$=kYcZ^V1X3Rx(XIZvCmboK#KjYf(24M
z=PFnr#q+L$1yUSv6)ceApsQek6o*^|3#53#Rj@#c7hMGlq<G0yut18JT?GrIIP5A|
zAjK=Lf(25%>MB?u#cQsD1yUSw6)ceAsH<Rs6vtcz3#546Rj@#cH(Uh^WvU0N;xt2{
zl@PbT^sV4DpSNS<_ih8A)rcQSHr}5({Ds3y9R9}P9~}P0;olT`V<-<iful3gAQ_Y~
zg4o`1m7*@fevcuP*0D<9E-E-<Bt`osDwG*Kl)hC}hvKFgdO5np)j)3aeUL=k*H!`2
z{FOVw`jnXZ-*{hLLPR)q-<3$^y^qdNKZ29+n$a4{KYxMpGXh$_qN(!+x+%mmWvyY*
z&@Yl?gpdtI!y>{m+mp(Bfe1^NbxOGlSiI0gBYaglK~dVjRMppj`t-<}ep5bU04=-F
zS3Qel^oI~E!s4ov=>)s!ly)0iY5;z)4$OP?iiU@WCsYd$_t_&?kv2Yrd#lN*@(YsL
znQXHwUa>`KJ+L6+6^aOtDEQ@G{xZ{9Wx|Va_jD$lrq=FqUgoG2b_4Ajp-aeL>tDc{
zQkg6HlfKq};pUjTGN0s_GWG)5B|U!locRJpxZ69QBEM&4lhrh!Y4T6TBr7|Rr&!q!
z@-&nzfY&!~(3$8?ArG2B)Bzg%rW1H;!NI&^Bx43~#u;*{@z#Vkn0~eRV?z2kZ9h)p
zBbXPtiqg$}ainr<Ov3PRQk5i?@s{TBrV8cbMsFOQ$au@$baZ?;4gUYbaq)B<-53UW
z?<Rq^pLk;_3%=O2U9M<Ict}Fa@WL4*$w*rR?h%rN34GdutN9c8)JEO5m$l#<Suw+@
zF1$qbv?}dFtU%|ZJJKqYQ9@vN;bIx1=v?j|ZMp+1YBJFhGF#9=;YHoSmnv;iZ3^g*
z7V=dK`h1T*W9gF~m6K%uuG6C+{JY~a)(~?kiWXAyzms*1E@Oh%c=3rx^CkK9=C-uh
zNYsmJd;TN(FYQ;Hs+RJ`!e9927*=WM>p|3MAf;2#kyI^14=~WJU`mTO573%1<M)LA
z{M~!Z(`d0)Y_a>N{OtZIdb@UgIyN>l4c=-Du|my)JyC@m`Z;*IslxhBvq0Y6lu+M(
z@}{_Ws-m<hj#}#%l*k$xg2oGEOMQQ`=>4;?xGOHWj#J=m`Zgz(h_@5Et<tA5hI;(H
z^C>fTotfqtDrdHeh5zB_R#dhvR5su5oaSG7d<UrvU3r=pq5>FiB!%wQczW{gL*B~v
zBt@%-;P(*uPiDL)$x7KbNRP8@uRy=bkU_U@{*|FXXAnxC7!_#YntsBSP8GyqAr3=0
zEW%+pheavOpj$ov$}gCT^okCZgJGZ6ele!f+Al^@`oQRDDwNN`fL5>+{3a1U5MqIb
zwYOXa3#544Rj@#ccU%Pvq<Gg=ut19Au7U+pyyq%dAjSKxf(251;3`-k#fPqf1yX$E
zDp(-J$F70}Qk-xVERf=)t6+f?r(6XKr1->Dut17WT?GrIIPEG}AjKJ1!2&7Hx(XIZ
z@tLb&ffS#+3Kn?2+<;pAR;p_S_nh>b$9I|<FQN-um>zBprRY0t9;8-N(8g}vxL2@U
zkM5oWscS&{`(N2(IEc*qU)^I!4JQ*X|N4hLhB4$%{QLHs*QD*)UdnNIdESHeQjZ)#
zBWEIH?zN1!0px~O-v}~yVaD48ato_Zg51i=%^|n3a!bhVtlS!M2P?OQ+{w!AA$PGd
zy{X4PqnnjGL+)ecu8{j#xjW=!EBAyv(8|3b54JMB>W6+<*2?`MH?#5p$W2Mc!{46N
zm*5+!)REe@&H^dUxe69Y@ujO^ffQf43KmH5wX0x(6yLZC7D(}}t6+f?=UoL0bWQNw
zb0J-;C%La3O{N;}SPJ=}Ww5_}Xh~02Cz6h46NuuCP}FbR=c4>jl%5Jx1XhcDo{aKS
z#lisz^wkVnxd^UGmzal$+9Rm?Os635mdBZA{KycSxMYo<^j-_(=@;Q=7iU}KPiGI)
zu{52vDY56*OCz`al_kt=k8^bCK+I$PN4oP^JJ}A%2%_P$Xh4-L+D97<F))xH-_q=B
z17*TbZoNMsBFKaXWp<(Cd6q{%B}7SnqzK<qOrmH?b@MY+`hKgg;dsM<{c10rlGek6
ztIjz~-)iNjtTaQR{R!-lCy`Zf{tN~46PmlK2>S0!Zb^r0qz$<r6G(^uf_CPicXY}-
z|GksQ2>E_()gn&DdMaHBdTAN0j|9`W$&VmDq;tv$Sj?uNDODOBC&}o?S1=aS`Z52>
zQRfSeqH#EdlDqktQ3d(YvuujNgI;{HbKPX+3zD^<hxka=(0*oIqh?~K8<ZF^tjWxb
zrf<%VC(AQRkOMO(-Gr5k@zYf_0vcLT^$VKW1-HJlKn>tKSHS`)zIPQYkm3hd!2&6M
zbQLU+C-59Dn?B`v>l89Gvo4j%eGWIgU?7=Bad%i_ao3@7D1G6Z!x<drQke1a9iF<5
zqZ9B?oD?jwxa-g(M%=b;`IBoi3si`oT?GrIxacZaAjL1Pf(26i>MB@}a^pK0bkm3D
z33JHQ%w0a^o?cMy`4m^M2)zK5zc{%F^e>Ch$k%x1Q5cj__aC0do`W~=0@pjOJ>TIw
z8JFC$ut0^o>?&9w#c!^H1ycO(Dp<g?lyOw{oA(4SK~d}yT0rJqsRdP_{T<e(jrTz=
z*>Vn7QkX%v+qXSp?LgUN;+@R-7uvnf{rlf`o&Ru+WPz;y(^arQioaY13#7Q>Dp(-J
z->!lMQe1TvERcd)r5&tTAjNf8!2&66xC$0Xq39VN&t+L4g?1GzkixhM7D(Z^3KqD&
zc~pDq1Zks@&)n>Z0-sYg*#gS1T2F%V*S)ua+;#6eKXYAANwCO`Pb_lNSC?p!h3U@E
zT<7IqWWO`CqOI_fH!LGRh7a0&gO8w$&G?{ux~=%M`FWetEe_ry_fOAUPa*2RdFEOR
zwi@qhGClLKk6E<6mCCS=)OhCl2z}z2D|ki=axuTFpg9TG{mU0Tb485%%yo>l8X0Hw
zvGPX9{UFm#V6xRc4&6Y=0U3kw5tuO)A3+%@Ho?=B;MV7_BM?QNq3@u;Gdq#wU!T9G
z*@U}rve6{}!}C}AHt!vuzy6BWgkLoHhv%=gsea+#9YcMlXdbsdvOpEo&sDHM3V&C@
z0x1Gq1q-AIbQLUcowj3#Jd=Hvij`S8t)S!Z89QE}xI2s;bai=s9*5G_I1ZoZ@F0a5
zeiVJ{u8kgag3Q^DPnVLvU+31b<E~7+{R`uM0Izjyqqdh-fxi#x<g}#H_-7+bh_Ig-
zAJI8^z)mQXIgd_b-xMX0Cnz#MC4k>sRJBm%hxsWp<C>Fg#nNeW8)xkCqc4?KM7{ip
zMtbitItbHdx;(*^@8TDc71*{Nwnd9=ZP+%1I3qr9vaKGS!L^MeUEA`(wQWIu%FJBY
z_72;IWNcf^oo&PT5J>fi_Q%m1uL@;`&?EmW`WAQaG(RG`W<sIB%Qyu`hEj9%kDJkv
zUOz{_&68Ppw5)T|!Uk>IDMWAYAP3Ozb$P2{N>H*yRz14BA)$Uj89$SI=-pe9q>s&<
zj^n~02JnylWJFlG5M`24402#b34Bn?y9=M0ZE1lwqpVF8j#TBXToiIe$nqm@4Je^a
zeHZ3mr6{VXA6AAuknj*JiiC>CsBYH`b&0m-tD5&vfmXsW{&CgJlO#%f(cp;Sf;qdL
zK4Z>pFHjJrilaO;?xF9N@>>`}Y358@Dy5=@JDGuFsKrz#d+ZTzbOUk@y_bSsM?tNi
z3~4LTK_zOGqvwcC;4b>!ohV0pFQR(IQx@R?#WK8<j;u|iY<ZbE>nn15EKT@7<IjMM
zD(=~<22l<mdJP#~g_-dsrwGdUf<B8DJ{w5JCy?={!wXl&Gd`*k>IeD{Cy!jCe_9ga
zKk6F_QI+B$k_A!}b`>m;BE(g&K#EXT!2&6YxC$0X5#}mbAVs*VV1X17u7U+p6m=CW
zxQ&e>in$Rikb)knSc_R8MG05If_o^wM}R?S2Nl~?4aurY?xLTGx|=>Ko2*~R@$@z9
zdY_XYW|XE30+!R8#eOAi$l1biXI>+9+?f|C3`%?sA-_$tsHYxwzESn1LD#-glkW`a
z$#F2hJrp(3-Z-St4I@2y7Bzi`)4pA+BfZ|ON@Lu_U7|?3N|)&)A>JBSl8uX{OIriB
zQfw`J24>WukD@_myN1&mF5V#OpYa<VR&zfY5=C{VemcH*N#9AEI1KBS7`+3+gEOKj
z>NLMXhzqzlwMkJ*catB&>4$E$mx`p~RM6ej-SN6J$#s-J?Nil8wN;ON?Y@W9Uv;3A
zJK+FZ8rqlcc)zA97fj!MA{%+5dP2Nk=0U2$nO{+0=<7}tLEmtqa8Y;4()&A^&P%cW
z8P!QiYsmg;KIQui@=c)5=2c2iqQ?JU-dT01@bs1|oPob=89-0B>XHu4S-xz^FRZQk
z&Dr2$h5d`M%TEVnBvN#Myyvr*syNBM=N5bY-=?~RztZ=k7_lWwu8S>IYF#es&RzFs
zLRBKO&sa6CB6&?^{XvDmX6^a6Xi8-szC}|y^Shfhxp?JWNjJ-|jGMB|#oO)jBYWKv
zi8tGoc8`4g=14N;hg&qIGHZ{!IrnmuK`A!_`j+A?rFr~jO)g$<m!CXh{H@75-K@#Q
z%kJ{cd-di>GVl5=8Zs~QrYv(S`krs#&5@MB%9}O0k(4~&SI2LOjG{;y%<*PYdhdpv
zXY8Unm~{`;85#z2x={lEY=jug@p;o&9+*`ymUE;#mgj>zmUqifndxmt4P!B}&5+0P
zdUU=!&NJ{z)Pi}&ZrIj9Z0pIkA%t!C%s55u(47N4oqtA&{FEZ|QvzJue$P*ti64i{
zY&-$BAw#yU;Xm1i_qP_<wg<K~5!?E(Z3uBjeBR`@!E^?94#bhJ-}1q=ZCifIO#B{R
z=67rxlCf<~|H-zEu<acufxd(D0Tq>|I)x{?=d@$0jj-ct!2s$r#lyQYX>k$lUQ@f@
zi}JOT@(o1!JUK)0kqx+MqUE2Bh?{0x{(kw>tDIr^M`gV0bHQfi8)&o4c+VRCp^qMi
zW>%X-j>w;&(TYzJ%|S3r%NdNE<!H>;{Ij8vNn6ek#LCPqXApo*=kw59w>^CMC-qrg
zn%Y(I&n`Gu{%j=QJMI8mpWdiM895n$(Q*6(1Ux@pN$*u6HNUDmvmcr3<iF<4K8EW|
zU2NrQS=Y$M+)9)(KjUC0U!+W`{Lh)Vmbjn1PDn30=RbP!66KJcKmom!i9&wmoP9fu
zPh5pY^3t4w<OK$2yi2ym<y+;RXQ;`h&2S#aWY@qc?xw(dg`99(LabYkAZwmQ{h3QC
z=%wx({AgIru9a`lJW|tpF-hxWSQ&5lloZd<gJjXBkt?m%n}>NR($aftU_ea@{4@T(
zlLhwsGDD~i?;{)Nr8P)jhl0%clwZay&ZIzTjjK!XH@~1S<LWI5+1~sMdt0<E0_TGw
z{BuH-O03}2FH-76THaFh!W~!v#_MvX+t(wG56n118kuAH7H4HaMg_%rnY?O`xXr@f
zIO^EH8J97e3hlmwu}L;fo_tQok+<?~6@Uuz&vhWtb+cUI+v@<QxUCLA>z!9n2kH}N
z*P}q{K((xJYR<WMb9%l()V8W+6@$8wue!XG@d~-1GJS66Pr1n*NN;1IbftZo0^K*D
z+1`abl6>>vtjj^&{1&y_Uf2gU$QS$34k9UOu)oP^O{r;^ZABl3@47QE5>RIpMG1Hl
zJ}(937lD20r<&7eRpdi&k_(Q_+``QQdD%R$6u`gm9h><AMfnr}caGFza6W&`^Qsi&
zjB5n@XsREc6)X0&v-Y)R`|@wl$-cP%-ah12upIEO_ThZ__GPyx;@dM8=w_#bt6+f?
z9bE+ruFEN+lN-STDLT6f7D&;>Rj@#cuC9WGg1qd?hpo%-)AR6CqWGx?9YoiW-YQ1d
zF@N$yeyac9`w4j!Ott>iPdHz`pTt1-I@0$<!?PNReZ8%Hz1TjUDq#Xd_BH-j`zGF8
z&yH|CLtX{bEwS(99qU;^()`sa+D#+%_2x+aPCC7y;tnM$@cBWMDM`xI&z7k#mnnbZ
zL}hCBuVuPp+d*Ch)3kr}InI~w^K9B?XX_>lRDF_N1q-AY;3`<Sy*}aIk9HC%+C${F
z=kM6hm{#!wNzB3Tg52Jec^<<}xzKG(Q1k)_<l%>vBwmLSMZsbey%7Q_cttAUwgo9k
zUa%@9ivMJ3ieBQ2NnjwaPSF;Pg0(3ZcxkFJy>Wt)**RVQ8dc_1@_;>t-w&VvRJq^*
zubn>AJ1^+yAiGLcAFEXOk&aMW6lhMBz`Ye{GufT`x)HoS<rm>E>r<YLmXsXpQ~q{+
zie9NoNul&zpYjyTXo0$A*QESpP0Ewe+C3MoNm;siO^Uu<ORbGoF9L#ONs87S+%>6F
z)W!no`hP+H?sMg4-P<+Ovi+?v#ZRhTt$MXu)oazDE}Pzjs76z`bD37rGiX!ga;+B4
zqW4F1pOBe4b|fud(0;8FMje|>x}G$RT5R~`aM7)Mw#ELsT;gMsD6ZM)jG;(Oe{{F5
zdso;P6ckEuMc2Y2Jei|Dr2lW}pDvN2>9IOWt9i69jMvX#!_pA0w|GCFTIVQ5w~+k%
zJ2;k-sz~}rndr*U--;yYX=PB2zGv_tfAt54HR{$MSVUbM1pT<We>U(}U)Aw%=daG*
zgRlsP_tk~`1c!@Q(~{+CoWnC?t~K{p7fb+E^iCZizi|)3>vaYX3RcDIo$u(chEZ&=
z`lbQo_cc=1=k!N4QkIx-t$DC&o^rlpuzIWm!ebQrt5FTB%%b!LX+Gza=lQ5p9Hth!
z*1U-tGys<OV@=DZ*P3@1O`(~s>DMWKH}4D~OR6ILt2M%(Y9K7t4&kI>2;1<n+k5|#
zO{HiFP2vEAn<gRrt;MzGp(?W8lHs9hX^Ze#p{iYSR?kq?v1%(PRLvRtpb1sgri~gH
zs&rq-m8wBsb_l|&!&^E2YHI4(vHq%Ozda;-IOpNjQQowcC3^*{YGX?F3RPEX4Waa5
z{gCsy8py46?kIZIe1m2<YDcd<6#IIwx051N*{rxW{%XTi<T-8@!X!@fK~2a@+9Nzj
z>HXDX4N#(GW8uB=ouH|avNy?Jg>d?z{q|CBk5r0l6QSOo8P}$Xx~Cm>S6F}U;PmCw
zaBS(i*P2JDpX(xJ&_JBMZvuQ<VF1G635cyb2KpYX$<A#(B0@cX4>Y@KAU2tgRsE1d
zJJLs}0USG?@`+G;#zIq(a)?lySbt!ImvWvk9bv1Er~_-;!;**&2tR9xFsc*6XQv~a
z*6A>vYeH|xAwv$g30938p%xvd`WCF#^}kG-$s8`8ihA|y0Hl1XX%e-9U;09h<2q2H
zCFFX&5N;TO@GY);Zw-f6&kb%)XZfA$%)aWV8v|>?1CNpi{8bsQ`F)$f&$V(9Hm-{B
zN-d;3I2~b36@)4UVSlcH_i}A~a4K?`NM{UHD+V-54OKTrp(flt>YOK3&0@{9Q8}YR
zRT|4@N%mI<*eBh{a;k5wQQvkqL=CK+fbcPvTa4;Rb!idT($W3iPNF(b^)OV8?$@SS
zu)0#cB>gf%zl1_m1LyQctxM)w_W{?Rw(RX%^<djW)C&An7<=glYGu?qxCWL>fM-5w
z%Kk|~c!KL;>voW9wY!_fx+|3-zsgtV0=NCrTr=l!9V=4>UK*Ub$0?!S?H$p!ggVzh
zqOHGrypw;s2$ek?wdmCWfej+msP?EKD>^|_uM+Cj9~zoNq=`_yXCa(l2VoVirOEA)
zb5lN7!ztG=@lf>akN(iNYuZe3YU1UgiA;D5cwZNgAD&DQC3gjdsxnM#JA=YhMW)am
zpa@0dBBgBA9aLN;s9d7lz99O2GPQxy|J46P8%0!?&*vncXoI+VDvwfj$@?oWQI%E=
znD+E*l?I}3Bvah=E|yv{ecTmPS&d?PuM?=68qc(k<ErC#8|k<&yCJS7cI6<K&Y(K@
zT?V41JwSEw_I{$*yMr3zJ!?dNb6jghyFZCSIhXc|)*^|1;4^ep^eBR;I>+@<?=V&2
z<NB)in1*ql1J!A!k2x+yU0_<r$EB*vOwpWjjJn1?d#NvMnW#cFuF9O5mP#<KW6D)k
znIf|hw?H*x@-Qt|y_p&_J*vhsebyW)H>qr<mzkbY^O;_nhPYkoA*OXq`_x9Jb4-WS
z4yGKY!|HjamXmPYJL&_b<Vo+OCaU+<*HoFp)VVI8k1>}ddbJzq9Nmt99_kAES`}hC
z-5K;PwI;-k>jAo;iZgBL4*E$|G`SSFwJ+!w70+?qx?O1ks=^e~8KiXwro^tG(mKbc
z<hU|=7U$BvFXGDSdpWLU7fTD7HZZl;pEFJ7<JxNa#Y#GRnVv}5PM>E=;J6{Wqyx)_
zbDqO>MW%kEkaD<=ad7=oW?HI4M8D0@;!2aZRgNCP<X<0@#}uZ{j6updLidjVEz}b^
zmpKzbi}iE|ZRLyJpd~tw&-XoBwnWe8ls|CFC3+E4ZKmaV4WI95JDhK&UhkkpP5HPr
zLRZ<JYxO3M8_u5Cte@xeJ;djGO25LnoUh(^_}l6!{W_oFK<&oE6V+~^m3g2ux`GE~
zKa~KwtUEK6o(TF=_a&mYKqey>WzsqBqsfT#Fe&AXL0piT%yDh|Ag+i|`>~*s=01))
zkOhh~k1{RrfNGi}Ouy9!)i!SuDb=wC@~me*<hW$Ex`EJnPTACa?m;j0TA#f%BX4ak
zdf@9`{r5IVB>IhW8IrWO!P`WCa4sKH%0$&s=sTuP<~rvRI_X4Dr8*mW9!|Mb?0ceT
zB9WgT{8EJC5>*#dh-uU`P<K;=DZ3UZ*+lu_><4;-hL~y`clV^PMuKW`o=3ZYhMPpD
zDP2M1Oc$mDok8PGccv~qK$)f&)BNtB$!3Tj>h7|>plp-IXGrQlGaWRB>AilIGW_6|
zABpH!9nE;Q?9-VxE|XLC&$g7sRE2ZNGr3GkXf{)Ep}9<%!{ez<=b8DOXQRHL#pW?T
zP3ODOK0Y-`JzzF7T_8HImzteS-VUIL%!^FV2pwjcE%X{w)s9HH%DlxijN?|BclqpD
zleSS0w#v}HOY%hNuAsH%6jOyRpvTR5rb*pEo6Pr2KXd|ZHW!(m=>ghmXaSRQxzHW7
z&0J;ge%u$d!#Mu9?ibsYBk%4oe*U<&vxk88nG!_wO`}}UIU=N-)UMx%MD?YK;glQu
zfG(OQOzj%K-!W1BYFaSGCtGU6$Guhe?z9|z$#i527<YHtBj%Fn#uSqQ3UV@;KF9<W
zaq^fNFcozcGL`4!Dma^nlsY&1?zFd6MQ1C=jo@5jn5Y#uK-}HVYaACp9(mRhy2^Rh
zcRu2{Hhf$|=ToMQe1=BOXG{-q%9hSAOf5K<*3KVH<2Yp-=WnKyOdTA*0C;IFr|j&6
zF#XDLU7T>HAkMRkQ<N!$Q}%NzF@4Im40oC_z0AjrblL>uQLP(O^X|0g^eCqT$DJLE
z5~Vr4nD%m>6PygD`}nvi&Qzv-e1_@HY^Eqqnddyf^b4QwerGGwB#v9^>}Kl0xh!`M
zFy(SCtDK`uKQgUx-ex+?xjg24#&j>!6VA6xhuF?HojQT=i{iL1oD`;>e7+0L6sCH7
zzMq^qOvCsLmz*U`?=k)1tY+HExp+L!GX31^>DGxV$a9#fT5nLW=e0oeA#V);74jSl
zL_eV^P7%G%Dcer7ac?s9oCqrBIU9%;@LGRRNzd0Dm%@2QdoD0_XNvLsz;u?+9_#s;
zDT(9aJijuP68bIBp*(4!K_#kq&!0?xF?l^#0-eY(^){^>B&tfDs~oqT<EnUWFvT$?
zcythQNu_$9sH)OS=Rh{@ZjZ+&uDZw1C$6R^z$dPjC(tLZjwjeBuCAw$Ph34uh)-Oi
zCp4(Q&IX<^A8O<&$|(=ColQL@ed3ZlrG2Qmr!1$mo@nW*z%+wP)XEd-6W7KQ?GxA5
z6U#Kb7Ruh<6CY%#>{+zzny5N?s`(t(&2x{>aos(MK5;!g4SeEyc^dh|_3<?EiR<f0
zVrs|d>+fmqlX9S^T~OED)l>33k?OBL#VSOqGRdVWtlhU9y?-@2B+sK&n^1&fOCj7E
zfv|f8ggHeJrg9n`1Nob1g!>|+=-3S${!p?q$tO6xJ%?L0k*Z%xwOh_xAsl%gj78X~
zY)y*YRt)kN@d#fmfpC18MACo67Ea@ozV@t%LF{ZU#fHd+B>!Hh1%<YBx7wgpZ_arO
z=X^D)1Es7L-Gf4#zqQ2bXU8Oy-g?05Z5nH#wawZSQ))1!{JO%(|1f<;F5`c4l&>Fd
zKbI}3O=I)?C#!r@+7j98>szj?QR(^i-yZuVU#Y86S^tveYE(AGzE}d@m==q0LnOk}
zg%H|2Pw^GJ%Hc13O^cSsRW4T%-fPdEtmmDbpWfHPk!6uGsU)s=hiK$Ey&~iu6(Qf?
z^M+Kom*ns$<mO>N-(D7*k8gdm$J%^s&h}Vef8L&ttqC?a->Yelz5R;(w>kWK`r9q^
zwc+<d@WVe@a(l|#&t=PXHR=J%=bvKTTCw6^(iD!wwXiw-Cs)5>NnFiUTz@|1`ctAX
zG_c3*&7vo*p?<8OPjmGJnmhG!wtusI!gu9Rm!deV!M%sQn%B#sM)~$I#iQ4g#`Y(^
zIn=ATmGtML5LO7^MPXVD!f%TrXM2`_@{n!LkMdb;4)*NV%c5L1b^zDaU3}~k4*PH$
zndn6hS=?Ve&2snR&|Ko2SCvMe`S)GWoZ#NOBlp-FIkrL=^wx6ge|vU&E_>e5+^g3Q
zhb6xG{JRa-PJ4D=d+d3w4fgE5p8TxrK03=+6%SIlwgSQn-q$ERRtTZ5o%e7lUgQ$_
zaVajbW*&#7*gq-k&n_%C<I&2N#oFNO&q|T-!xI(XptHQpp_G*U)|Bf&RrdB`_V5Ds
z_A!<pD1>9ja=6R(W9;+E+#i<UYjHRpb*4&rT#GawJ)ew*yn(HKlS5xGy~#fJ^-N0S
zdz8L^+$R)XEPjSUU;8(6KWR(%NepuSmBU>;;=In`H4d9|Tf3Y6_V-<AcPF@vlfxmu
zz}BARuwEIID~;<(X_h;(9L(e6NtSDKyR-hh$VY{84?LgK*c$b}W9K=t_GEE{^~xYj
zE03@=%N<$1)lPr^%g!eidePp^?<kDoaI*7V1y^6#`I+<q6l!H_@9izi_69**6ShXd
zKY!o#9i`t?64xcGB#vFr{@hRDKleE)k(VhYuBLnT`3YC(>>FkvoXc`l(iKW$eK?=%
zj18@Aw#Js@bNSXB>+Ki0=KI!X->VbCwHH^-J^K$$ZqRwpwnX?<Ho`L=gll>t>{An=
zf3q88&;NcKL_K_&$NK;KHrS;wYSCB@7jk%%!>t_pmi_;}pY*lFwz!&n^|SNq8~LrI
zr=nJ~B7-QL90&PS8OV1|?_T}u$weym%Dpfg;pY^(SJ`(g+f@#|3TmT!)TNHaDE&)G
z2>VY*c#!2k2N$~~hZnhb`ks4WJ6p50+P6g3x4vhzBcL4<eMjCZJafDKSbLvxr~8G{
zWRE)+Do^t5_Y1zcx%UfElyXC46$*bZRD(j_`vPn2t@jSDX95eACT}=NIPdMA@8)y8
z?wpU?>I<xLbMD#Z9?JQtS_r!}LRhjP!t2TRRIIBKDmSbcsiL!z5YqhT=KiPXAoNk=
zc{FUobBT9&+}vNf71=pC>RyVC;(og>_vH7-Va!@o9O2P$96OfvHjPb>*qhJtPxp`Z
z%KFxXCVY0^`f&Tb<dUfNWZO&Sdr;_mpXHldKOTkuDfVhqUplsI4C>^Ir3O*BqF4%r
zgTqm-;8Lk1$Hbv0f0akBt~@gS!Tw2O`Di$5zAgJ!9@Fcwm*(+k{uZ|j>(6hfMAjQO
z=jrP`-y8~#(yAc0|HhxT1{So<0xylFa#aY=qA)E6p{;4fqo<JU+sf>*|D<_<%iD=P
zV{1!a9y^AYgZBz*NUz*CTIG3q<^ITFaBIlhS-#5Q0S?b_I5!Qk+p-WY<}ioDM>$-;
z;ZzRSaG1(rI3LwuERL$cVK|3XIlRHKt0yCN5{D@q&gU?C6!i7`Agst?Q4Xte*nJrE
zr|Tm;#^DPbzR%(I!O-u?Ls)(&!pXG}UQR&Rsu#jwPoAfSnmII&eET-HCVOWzoBejU
z7{*Q8kJ*0D*7^E;SNnD02k0oj5R5yk!xHJ9r6ae*<z>oOtf3nCEvp!=KAf_W<m1Cf
zQd|4H3F_GUEfJo~M))3`y=(3RJrQ=OiSSAiLagez_S}B<UA8xlL4SyIX*Gk};|p<+
zv$_8Jg+sP$8n#3i<JOSoV)6A9E{)hkq3z!uk7s@4lZY(?xpoZNUDXO0O+KKbBGu|X
zJ4k-G2*&rTJcF|L_4ba>-sxNa*mJcng?uWOM7Syz;m45(OB6;3OWa;@bMyVw2hN<1
zuvxGDh%Jt>&stck1gy1o+Wx0(4AR)rS!=ERgTrslImtOhdEVCoVY@1a=qOvRJM||x
zHn`NG{F2%`6k8&Db}QTYo1LfG8T&mU@QIzV+u8eHY)Lu3M)oKhejbWzYGqrCY>EC!
zV@EyTSl_GZu5VzRx={l5_o#@lLo~vFIx2~;h)pw{)7ztL4j~l|)3J7SMcrmU?!Kun
zqOr-nM!r|4PSK-u?547BQFzg(F5P-{ZtlUXoxc5;ujST1zIWVqUg3Mk?amG0+tVdb
z=dVV+N1<I$^UclId)tb^Z!ug;?aJP*^8wd~Z~6GawxD4?8sF<^W9=EOY;E&hA+hOi
zx5TEu%cq7w<Msn{N}+VUxQ*NVyT*J<_W$R1I`0%kEj`M!FMHRsi0^um`L5^R??j46
z;Mlu4^xTEob^EohUKaXA<#5+?mHU&?91h@q@|)6#ofD0Dh;65(ywKRP{L?+AZCUfU
zeWirLh7!fCCGf`W_rL$iz2xofv`HLtvwe=O&s}*v+_#JceT!DU_2KrB*VYZI_pN)r
zE#1cYt`YrH9ky$X|7}gSwdl_E+14nxUipr9zGKQW|2n4F5yy^tr)jL|#iLc%+&v>c
zr;%<<pRZ{)TW;j{6doUe@LLX3S@RdmJy@>FVK9eD6#ClcEBmV(ZGWlguTGD=w?bVt
z)A_Sv38mFF(a?U&-hPp^S2HV^!h@y=h1<ubP;B4obiYHIVx)O3xU^52Sd#PlRrb-`
zO>)Ly-!!!&ajwM367&OR*QgXToyH_DQq3t`raMylSyMf%??alCl4bzO4cNBK?4gvV
zEIpBd4I@duSu;8kV>h?!GH4g@Bt3tjS%jwDz>u%-3>GuqTaO)oTW*tX(`4Tv|C{qE
z+&-6%YTL9G<sU=6I?0WSRp?TY9-gUrrM3>3OF1mDq!wpC5b3BTksPO<NL(H1r@T>?
zYS!5l8K|a2Tk_V~6&a#FjIng0&P$O+)myaf4exwvFsqAS33ZKWUSM_qbX`*U;lZJr
z7kH0<m@274h4KQ@btzRsXh}dA?SZQx)TdFpF0JB)hBTsG397nKud3<#E>%xx5dH4<
zT`EavS8}>8quL4`Os4%xs+&-cpmbf9wwqd8h6aVHvTB%67TH-&r3=j_JIkpFLR&|t
z>+)*4(7w@Os=S&jbU(#apn0~<a}C8+P%ABwcl}jGwNB#h8uof*MfHSG!m#&=b_fMh
zT%_736i#uG>Lp8@OO!e$agWqL9T}yL3vI9e1<@&?MHCmUz7SeYanb5KOPouL`c>lK
z-57O62;PlRPP{Dxyc??u3BkLus+bVG8>h+&!MkxP))Jo~UR9MioFQJ-5yBbbRbwHX
z!K+#c;S65YSqNvSM0fJm7M!7y8f=NrK)W58R;q<Pzm2S{%6gG<rFw71#mEFThiR$W
z-}8E8HAK+g5x<W01Ec6&tNeGwuXp_-QPtI}oDwadL{tqGRtb^cXr!#Al7*16wz|r+
zQVncaHmZ(lO5eT3`IgOyimI!+2nA1%Cpwr<b))L3t3vySCq>m))f4P-PY&-M)j%z;
z3R<d$)gK<!P<hzYrD|2fNl}edL!sA_W=Azqxo+I_Wl>4$4<_5HnyVW^XjRQsAQy37
zAX-%m6()pM)k2jP3agy1TdGK*@|D9>OI2B@)Z}#CO4StdPNp5Ks)11D*6X8MtL8#=
zTW=xiAhfA^x^AO-2t8drOtn!1gi6my*KO5sq4*hL^wx&4Lc8mw>vn3A&@1)AR68|O
zsBz0M-Co@*)T8D3!tK=(p_Inyx`TRHD64T8z58K<(6LGBx}(}E^vR?!)luydLM!g1
zo)<zZ?xbE3LM!g9-V{PB?yNo(O3Dh;UDRozo>}J$cTrypy+Xe3s(uuDpM2d_{Vo(Z
z?3t);>bg+)u;+;a=$$O+2U9$+Ms-(3geH65CMso#Yk3b<QR2{l_E7kGvfF?5P&I_m
z#(JtmA+)ics+kblSTEI12yLvF>Mn#f)?4)#LL2L?QY`V=`>4?pHzX%r_fZpsQgg!S
z_aAeFn$Y#@tL6%|rR&#MEw;qD^iwM(Za~_JsD5glP-@!eM4N?@(!Y!9uXYG^Out05
z-xBANtX`5hT=!&kObFLKS-mHOx;sFf5<=Y_pw0>5>;u(zLOA<Cb;%N+VUYS;;;Lj_
ziyEYy8rIi!vrP0LRoD`zq@Qk+IE)s9Raqg77K2r+5NsKustUoDA*!wr$}m(l7D5?@
zs@6hiN5fQSA+)1ms*e!bN{SjRgtn5RQiV|GhpX{IsPn_sG@&jH0;5N$Swd+I!iW|M
z?HrgKGEyxQIxw)Z8mS(!#HAgj9+x<jc9hyCgwl>udxcQiRCP!QrA<{wgizWv^^Ooq
zo2E_(p|t7hGa-~VU7Z&~X-BJzLMZKM^_LJzJ4Wf6_8OtIW9WS|mNwm;uE(kfp?!CU
zsj;ez5Im8gqJ`jz43!`RPmEKwh2V*Cs*xr3#CX+G;^2w#s-qA*F<$i&f+sTRyC2pT
zcp_7c6oMzRRE7{dk)@^x!4nfyt`IyiLEUGG&puHtl{oaK6V)mq^rjQlMj`lYl6q1I
zKAWU=3&CfT)d3;+Y_fV)2!5HO-V%aerl^mE;FqcDj1c@XRed9b9&DQWNeDgIH1&ri
zwmMtgkT_VKtpaFo6M8UMovp%zaK)ypQbM?5(^aGpN|d82386$es-_T1G(*)FLWyRm
z=0YgZOx0cpC7P*v2%$u|Dp?36%2n9q<@U*WYK#y{l&2<H;u6hLGb9crnx*Cmp+vLP
z13oEdtA`{G^<}ntR0#EDw%Q_u+2|a#QwX!sIqEqf)TO!VWg*n1x#|re)TMdqeIeAP
zdFoT40coY9?^Rz4rKUv@{a}g9FkfAEk0Z<GtE)n=Y`*fVZ9M_Y?o%N`u<SlnLI{>E
zQ00YS*#Z?W1j`nxyM<ucLRC*Fs7ktCq?!svR0*TIthPb}(h{QYS6zit)9MiQv&2>}
zRzoEY{#>lmgkbezl_dnLA5hssu=)WtM+jCgQHz9N^%Av02v#puYlUF-QuTz;fV3vj
z52~kyQq$TH?X$#|EmJQ_-0pgT(aY3PA*!uJ$Aykf3XEQ^P6|<NCHg`ra9CjU3Uxs!
zd{`LKuR@JIfzd0~6`}T?Fe0Z8Un4&IL#mLaK$QI<Ra6LNe@K-Tsz+siSj7l+qOw1%
zstQF+N!P1X9iggI!qh6&SZEgcWwmN0^bq-FwdySN0>!OSy@gIv+!{4l=m%<JkEl^X
zSE!9WqQ(n_HVTYhtELLYGzue{C3I>=x9D|hfzVGgdJ`?P#HD>yJ;H>U|A6R6)ys9^
ziKVJ<pXO@4I?jaqfZ@>_RK0s_+^f|yqc^G!Lbxk<Of3>hDKs_uadk|n@vu43n^X&W
z#|-l9<5?R0gxbP1kG;ED?G%D{H>>A_P_wqEmxWNXwx~CRP_wqG_k~ciwyIBsnzc^X
zPpU74y0#9ZH;n%vv?DQ0Kcy}U9ZEc3_$hTwsBd~;^fu+k-#DHZI66IyC{*a#L1B8k
zDk1d2p!0>ds|rH7g94+UR`Eh>289t-7rH@pcZaGcR5US+C`o93zje_&Ra^JCew&H9
z38kbYhdiVD35`#wOm9jXW{I!ZE=3#p>2F@(z0}X|QdvSPsh{7arVF9&?pAYz;N9Ko
zej#{wk6IxF@9t6Sgy7x1v`S&m0PpTqJA~lfXVpF-c=uWLk`V4?_Nik+xR=?d-V?%D
zykDIX!dSdtofCqWo>Sim!AsAnOG5DO^XhLQc=vhb;jdTE3&a&Wpb87&iXBkJEwPsl
zs&WzsFCA2|Lh#Z-RZR$^;UQI52&3U4)kFxR;R~v@5JtlnR2Lz5_eIr52;O~B4H1HO
zUs9<;@a{`0QwZLDSxpmycVAYsh2W*bYM~IkbXYAHg6CgRj|jo@uc%Ez7@1#H+l4SP
zzp9=U!pQuZdO-*y^K0s;CHB%0^{&LhOGnfRA$aMC`dkR}iKFVg5ats{)h|Nu;4$@=
z5IlHH8Tx(`>L)z-x(XJ82VYl3h2X(AR2d<7@C_9s1P{Kc5`^HvH&q=Wc<?RNNC+N$
zOSKY$2j5nmgy6xqRc|49@EtWs2p)V#jS_+f-&Ny;;K6s*R3UiqxXKfP2al@-me_;u
zsRtzv9(+%&7J>)gqi=;<PoT8#tEYre+V|BSA(Zw5bx;VU{Xo4YgwlSf-WEb>KU5zJ
zp|l^VvqC8CN9tQ4l=frwvk*%AvHH^zTYW;QhSoAzeL@8a!Riw#TnN|pq$(|hYkN}B
z!b<+NJ*6rO;o6>3wS?f$PgDaT`12FhLJ0o+RCN%7KR;DHg;G50qED*<LX$n4iAGpr
ztIw#h5(lf#s7XSw`iz<>gxY#m-7AFJdR8qFLWw?84-270pQ#N(sI8x?twJc#=W3S_
zO7w+#UI-=nLcJn{5}i|T3ZX>j)Q3VS(U<D95K8o=`q~ng=qvT3#G!_KrG67a4f#r4
z7eWpBTKPA!o<|M&S``sO4f#fu6haO8MpYC-E%;V>g-{E=RW*bLq&*XTUL^{prtK$c
zW{EAkpxQ|sEW4n(3Bj@ps=p8{`%VoLf@R;S(L%87do@7_mVK{sgkaeZYOWA0`#~)h
z!kqR;wNeOk+8@=ULIcuXivCG$7D`P!O0?4wTm7@zFLAK?XZ4a0to~WOE(EJDs`rFo
z^+olG5Ul=1ofCr9zo_qpVD+!+k`S!^Rb3ToIwU#dlJYdR*Qm>o%IcB|vBZ{LR>dU_
zmR(lmgkafa6(>}WEc;DW6T+<WH+7E?W|hCICPJ81{;t{xVOIHv>LP?$<sYiA5N4Hs
zsv$y{RsN~cgfOf8OJxdSR{5987Q(FZikdBiS>+YANGLurF#2z`T&Mw!+JCFHLO;;F
z{Hod{WG06ZJuQ?>^YUxzS)o*#mtRva3T>o$`E_+vXgAHvudCxi@ca#RQV5>Ep}w%h
z-c|ZSKFy7!P3rW;ej0)3*~`1pMwe=4>50Toqdod$3rjWYd>ier16y12*0~fNsH?ZN
zbg0pd=wN-2UoALKJ=3UgOkv%plZ|`5QR$da-J*-7z&g<}Vfw3XprtA=yLwE79^Ku>
zov70!rl^kT38H)8rfp-2>+`)pOV#M1BV)?ym_C-iZIm5TK_3)4(SBA;Mct<_;__6d
zLW^UfbbLRXa!b;qG4Z;o5S|KE*5jG%bEhhLrzI-;&X}rtN`D+Tk7jhw$5hj!k}cJ&
z^J+|Wojbsix6b=9b@lpzmQK|9GNyqZOz)_{7><?FMtYPG*2Ej>@j_S=Z>*;ZVNJZT
zo+X5p(k6O=5LQZ?=w(7!VQs3{2w{b_seW8&XvcJ&q_+uWb_`QVdauyvw&}W=J|vXW
zHjLg(a71Vf+0tCUBQ%+8X|7KQVWe!KKNG@8*+QQes?s)0x72te4@%pt?fJqj^<P3*
z+is<4Ns{BRw%tkx3t?@$wT=+N+IDMQM(9}D_c3jBw9u)v--r?{acym@YfBuw+g3Le
zf_K~MmO}7gJKa$T9&D$33BiNy^*|wbu)Q8>iO<kMXGk0^w#IhQlZ9#y3MR@G`X*Jy
zcGUBQE~N$&Ew#kCbkeINF069#*iL$bQ2EMbh@KSsYfSOj&U%-S-`Fxl2P|<eUGysw
z*O*4;F8WQOPBb!i(H{z-L|yf1A(W`A{#xi^suSJxk3u`BPIS}13*p*!*Vlz`ZM*A$
zA&UOy1%5$wqK7UbbeZZz4_(R<Th>!olsNdhr}hfL*FAL&A=JoTI#CEUvX^cqRHbcT
zbZ^~Gs9D=EqVAUX41IJm6Yj2~V*BWrp|A}1(^X>o>P1XT)s~dR*nYa$FvQuXZ2ff)
zrg?!VU$RaXLiv*Qa3K%H4bWqRic{PGJxS=JYUz5Qo+0#AwJ<eM-z)SK#SPLA2)#sc
zgY?5fZ%v>zc)eceiwU#_ueS;<%%wGW{fy8<xwHnapBEZeht}ZrVWDYtXboP!DfB%Z
zH%xyZ^d}uROrI7yScBH!^;be~)SxwZ{i9HPKU#y=zX{duM{Dr<y3nE~>!U_!{}lLa
zUf{YWTZoDXb!d^UN9vM716qWsk-DPL47$>zv{z_3UFlJ}hENx3jj1|OXb`o=RNYJ{
zw->Ft>vlp*d(o=9?k;psFs-`l{zC17Y1Lh)SmIhRT91}EwD-|^f_ogDVYJQ>!n|ON
zo-2fT!5F<*2=#NUUMYn7IaWU^gj$fHHw&Q_Waynjs6FHKej(JJar$MU57KGXUB51L
zHl0@8_4`6~DhEbq>Q96^RSqNiQV8D7(%%cgyIK0O5WG7<UloFPCuqOn_8OtqP1GSm
zsC5%{2_e+FNxHlcYTYCqFN9h*S>G*$S~pqO6GE+<qMHh#)=klEg;49J>aIelbyIae
zA+(NZdZ-Xu$26TTgqoGDvxHEyvh{Q!)Yj>Gju2|=bbY@NYHN;OA%xnRqt^+c_RP>v
z2%+}O&^v@s>t^bGLa22!^-DsiS-JX{5NcMgeoqLaQ=UF0gwZKapA*99G)sRcgwbi1
zz9h7+P0QHX`fs6~ZQ2ugM({P_+B!!UwiGydaJSewx|q;|gOiEM3H>#oTkKpNE2IY|
z6IHXsxy;jbB`zgzWb8cMSSTlN3{h*LtIo*Sdv#|a$1{egk0s7!z8=hk{&Pa?e0^jT
z>|Cmzshpt~=nt9Do6d+`q#LH%IIKs~n{1fu{N({XM+hVA1Nwd;w74aDg%DcY61`5S
zF<q6V`U#=dblg(CLueG$@(1-kp)9K959*hM%Fz{DrjH3#rYp8gzb90I#-ru>lu#m#
zN6Ym&p=ETw75Y1&4RpR0`jXIFbiS4PZ=ut4zLnaO##b!xQOffnU0CQD%JU&zT&OG6
z@`rUfq2W}^AJ%a~K~(ltx|&cqD*GyZj}Ur>)w+ogdWO}yjSy<`8r?+*HF=HhD}<it
z5j{i*J<%gNO$aS+t<Drei(9L+g$55v*X#6bp)o_k)H=OL=*FP?V;|Mag+d0eAX+O_
zX7K&7>-8p~8Wgu)KP`k_YJ+}O2))z>{i2YE;x_7|LS-m!qdqRQnC6&|>61cF&>ZtI
z{e@5t^-_=P3qotCmwH_PD)bojHk<Snp=YVL*`ytMpAAN*71T>Tp$iE;LA}%yntpqT
z<NWf{^=4gGsB|8!g6mkJaEDgGbycBwhgQLLU7<8XtKhn^&<sPX;JUTYA}28VN!?j!
zg%d{9M`$edZcpjKLOImCJ*88H@@OB+Ha%Ww5$$8yrl$!Fp`LHMo+UJadcN&?q0oh#
zF#WV%CiHjC`NB`@M}+?DxISu!eq1P|(-xxbLg#45#7@0e=o0Oi*r{I-syBLl)HC{s
zP>0c5h~5?2L2YH1J|XlLwUu4^bD;|qw_BeV@=$x&t$z_h@4ZL=C4}C4k2ZL<CtV}-
z-g|Yh5PI*ux~R~2>P?^3WrSu@Z~Cl`5kfD#PbUbW7v87q2%#6=uNw)W7v8U1S>oR9
zIo(O(t`1oj`<(726f$%R(IBB3Qy1yy^+=(nQ#HLGZJZ^}<$#_daly5B#~#qRLU+}E
zj_5w0ln3=vi9<_0s8<Q0r5@B9h0szD=_iHIQV;3fLThN2{(?Rr^aRb)U(l}#q1Sj(
zza@lT<3;_EkeaYQ>Lq<fsL+HhMBfP2rMQ>%PeM&8?q&Ul&<t9iIIM37&8PK=!<v4D
ziLcm$6!(e_6WTy=ujtZ3M=0)99Vv8*;$GF2g;vu_&1<@*(9^V1^O|lTw1C#0j_Bq>
zkJ8%H5#2$kLyP2)qq>LCfEJb2Q9VEiJ<2gXTnIhNF+El&uX1w8>w1#VqRN%k>w2cp
z8?|T^T;D5nq86=!>m@>8QQVvQVWFQX?oGWx=yf{ZTY9U|Cv?8I^e&<9ooE$YKQA=2
z6Rm>lSA;gvaqs9ih4#^L@8}POYSD4;>eE8a>9}|G*Fv+Wr|aYTN1?^j!_;y8yU>(A
zwC=613(f08>)twGti482eu2^N>moum{KAMzS>n3;fvzZV7*{^fULlMtALtrF!L?}>
zTqg?MRhw49bu*z#t!Ncow-ajIidMmOccIlev<j~K3vJDzRdAhRiO+sQk7mN`;-%OV
z`qgo;8uN)aVo&LW@s{GMo{Ifck7BZSXQ%ZRi90^#T<jTLJIki5+VZ^r*Ls`KpEZ7s
z{aP=XVB=P|^2B|wAJ3<vaThghG@-whDxhXu+;2Ke=>1`L$NjEH2#s%EKkhF*MQB0u
z$pL@s&x95?Z5DS;pU<cEao2Ui6q{$r#NKiAdyG>-OI6FE!{Url(=2@%JTA^LWrZfT
zqHoNa<3gpI&x!LhrLt|xCJh(H`J16k_K9tvNfW|+DbQpIp+^Za^c$%3H!l!9N|2c&
zgdQc>ED}PG5^Poop+_lX)(W9VDP*1yLXT3|JS~JCrLfs2gdQctyeNboCBz&PLXQ$^
zjtikj2{osL(4!PFUkIT`DPq18LXQ$=eicHG5@!AuLXQ$|oawfF=uyH=VIlM=5vG_B
zdXxxLP6$0pQ4=eK9;K+MCWIcPn5ip-9;KLRB7`2LxM?kf9;LYHB7`2Lgy|!M9;JjC
zBJ@VB<#8oVs?dpAYl$+2zM{BNW}48?6j#d37J9wK^0?Awq0lES))Flj>fUL2++F4o
zp`o4D5^WONM8}me+lBVgab?W2Lbd3)vgQS$=5$<Hb5saDN;&hc5PFny=A;mMl=9|t
zA@nHa%>^O!C>6{vLg-N{m@AgJO;<D~$6h1Ux{4-P2(_-FDJq0}%1Bd22=|ncCPoPN
zlu;%@2=|mxrj8KqDWgpzA>30&n^r<tos2P^gs?gpV|oj9rkP``86-4<W{$CDl+f%{
z+Wl?D2`x{h-QQ-aB`#6C$&<JaEjGu+oBM<YwAfDcpwQj*7iq6qE!4QaR$lX%&`*hb
z;wqV^gsvn$PqfDppP{ljDsk1Dr|Zh*U7-fe!&GH+Qm7-vRWY9n4WhUz=7J^8CBa-~
zTB(XudO0q^ET4hvuvFDgJ`q>ljGk$!W{WT5YMSFhZK{43SIdmfwQ<X*T#Bo0<_kSN
zG&sJVS(0btPBgnKzP|aKX{Gw8QHA&hX4@>p(XR1?8u3lcS4>OQ>nVxxNv6YWd))4(
z=>g5m4ko)o-rQWYq_z)k9pBO%n}d||)Tz8~@vY5=b1hA-Js`fF*)|W9r#j?}jPGFn
z6pF~njPGbt?zM3-IaA|1nf*-jRQaK~@$^>C`)n?)dM%3YYFaF?6zq98zNb015VTZX
z4Bitz#CR6jxXTHL;)j~kOv}`PsYl~eOvS}E<<XwU<A<AMA*}h2F!wXf3%okyllYNl
zg;2=QFNoF&Vdgl>JRyXc<0!Mk5?`@Yvrpo1C!A_t6hhCQYK{q=8$c^x=D5&z18C*T
zoU+8Zq?<2%Ql^^=J}J}9uR>^zqs<i|w8qiKd4S6vi2J`WrjQWs|HhbNLf<6O%9klC
z^ivY8e3@7w%;z&qRUyphGfZ6}%;(3M#zL6Sk29@>FjkE>orN$~jW>OS5&~(zsTnNP
zG?4b2np7d&i)NYeLbw;rGSh@`FFL`@62iUc1hdc*dugIsCUKa}Of+kRFq@fZ9v8xF
zW|G+^gxSm_vsb7x9XHt=5^7GzO*Th_FngL}-Vws=X^J^viO)XOe9nZnc_DtPq3TC}
zD^>Sazs2X6aZF3qrP|6n!<-bVF*LwC)3kZe*1`Qb5#C&LT<CbE(%wAtH<Mjs$urI}
zdo{7fl4lAFp=Ql8#e`6^W|?wASYw%OVui5AGTT%W!WzpQQ&$LUEOSf~A*`{?HLZoP
z#xmD*5yBeFJkv)AYb^835FxCw+-p*Wu*Pz)$rQpG%X~9U2x~0!&1@m8vD{}C3So`q
zKC@g1Yb*=QBSKhXSztB^VU1;>*)D`NmWAe7A<S(SnHPjGw^?M43gK$rZ{8Kc)x6)F
z6hhryY(5u4-Cb-h2%(KVV15xo8+*W95kebVV$5=TjnKxHm_kA~1|^3qHARI&23J-~
zO<AEbgOfuZG%-RoDDFX1RS0V=%S;_1tg$RJjfF6OS#DYhVg9n*bQZ!I%L>z52x}}W
z%wQp`v8*(sgs{f4(u^0v8p}gwsu0##9x}6pu*UMRSs;WpmWRzUA*`{iGHZme#<I#h
zE`&9f)n=Oz)>u}Xy+T-HSz`_fVU1;tIU<BLmPgDxLRe#Y#GDYq8p~SqnGn`k)|&G|
zSYugdE(&3dWu5s;2x}~l8ok0^BdoDJYJ!EZ#<Jc-2w{z7y(uGvHI@yAwz$&Yyg;n6
zY%mEzSYz2}Y71eFWus{%gf*7OOiLlGu{>rv31N-pannl(Yb=kOK|)w#*<?lvVU1;z
z87I`#Z+YAkW{OZ(zqLepLPIHTv$;<wlj1g;2Zd%)+!nK1Xc@(AF^>ryp}4K)DWMY-
zx7F+sdYs~(GzW$DQrwf~HKrr9>nB}5Wxls@+z&owE=fu}iFwNWErdSnDdVBn^TUJa
zv$mPSLg=%$nc_lt60_Zu6T*|2?IunLZS!eUO$crCX>*Sdp2X}hO@#0yW`}7bguY;>
z=^})_V5jLTgeNi2m?1)V67!5n6GHpjWio}({&tycAv}rMZDtGMNz87uNC;12_L${D
zcoMV6tQEqOn7w9`5T3;BHBSp+*8Hq_RtU4^XU&U3m^JS+M};tJ-e-;rVb;9goD{;W
zdB6EW2z}Ob=7JFVtmn+HLU<DMytyKTCo#_(=OKHIF!moXg@iEnA27v)F!mobWrZ;I
zA2hK-=vxn&szT^n51G0`coOr1X)J^%F)x_bLU<DMqUkJzCowOYK0>IUFPXtYsGl#H
zR3X&Qm(6$~)X$gAG$va=51aKij_c=Pvqe(E&ckM>5bQi`o)b!IM!P}H%R)KLXg8>N
zL+Epgd)2%z^e4r=YCaXh4E{Cqr4VNDubCg1tSv{(WgEw~95GiV<;42a1CJQb!`AaN
z>Q@aoVnT!#3@z_HYKjXzGBlQ`yin(<(*uv0IH5jMs|Fl1cMDx=S>F4)xku<)%UGhO
zLMZziri~EF{)Xu)gtEVB`U;`!Z<?V(DEnI`O$cRw%VY_m>~EWFA(Z`XGl$8R{T;L3
z#&Ox-F<T@h`iXbUP9gLY@0jO=&=<UGUKT=M@UD472>Th1oA-sVpW(RqRH$V8^-=Gc
zFNI>-Zz1|Y2z}4{=CTm_9{NQlCTr&hCVCZL2e$JAQ^gYR)A_*E5`vu{n1({I^Fz}@
z2zGvGIttaJ-C-Y@o<d2qJM1GfP{^S=|FIb%6h?LaW0N6-J#;6`WFhRKJ7IE#P==Fc
zz7WcA(kvB1TRCM`38Af=G8=`^Rz5LL3ZbohVs<mxvVUq$**Gryr{)VuiEH$!xgdnH
ze`<aeLfKE7D?%vyY2&Q6H5u3Fj4339YjnmG6T+^Kv!<*Nc72>Ru|n8a@|meBgncES
znYu#g=RY@%h0xD`ZdwaruhAE#vk>+gePQ|t&7fWX=geTCWwh)6oJkde&%QL{h2XO<
z%`_qS>?<=%2tNDDEM&4i``SEX<Jf0ko984YeD<|@SqMJ++PoozeO=#}_l2;p>l^c_
z5WegDt@%<2-*x`h{2+unao$`OLY+8ot_k7$0T+zl8tZv{Kj4B171~t2s`oonLg?x0
zwTLPRVW;o+CSC|TeZM!=g?87g@BP8l6MCgy6QU#`eAoF$(^d%Ib^g(G6T%+PpG-d?
z?D71`3=_gG;Ga#p5Ox9oY$gcdI$Si<g>W4%nz=%_4!@ZDg>W5yF)M}eUFToTIw5@5
z`B$@9=#_w$-b-eO(E9<MiS`Qx4(sQ=Y+e!yA2x*Ob)ghbs`oeZp3r2^IHFH1smX~`
zyuX|C`83!2hxuLTzC_v$Y7!p7b+9$$Pg9!-t0VsEPt(v+Aikyir)eRCZz=z2Itt-i
z%72-jLim>QUuK{s&gF_3A#tc@SIk%;)UzvQvJl$e-)5!|+TY)1z7X2&RkK70?e?l!
zC4_HUUo#to@J;J$=1EI@_UmSs#9<`4Zk`vyNOIl0B7~9ThIvy6BgqZ(p%6wA<(wA6
zNTQstg_cm9c77DvMseEtT?nI$ajpwtlrc`g+5%rYP7x;SYsV>RiF<FysUQR|IgVEd
zUh+8Ah2SNRlPCl)`8i2K@RFa?P6%G|ce)9|Oa4xOA@tAz&M+bL&;ib9A=L6fXMzxF
zd7zUcgjyct%oRc{4{{bW*}4?$JZa<jIs`i?Io=h~vrTbTKu^^wt_tVJb!${yh2~Sq
zhQ(D_K3z{Pt|FX0oaagvF=ny1nA3P2@?5FXrmymrayl~Q@%hR)J(<4IIA0m3w-C-(
z&gm<J^Hp&A3*mf`&Hy2tFWMQzw6xTY0UN!sPC65=*b_vHBqh!e=j;^18NAMiLO4TZ
z=T9M=A;Bs8D6IZQ;|$gE%NJj1ySKX2nB#DUXT3F?WJ{`Q!Xa->=cG{AriZ-soIUH2
z%To0h?H6wBe8^;X2sd$F-C*Oed$@%&U?T{5e(G)IOlSH=<9uzLQk!hbcSnBdZR?yC
z`nl#W-uBM6C-}I)sWdO|=<E?%Nb~ZJ&LN@KsZZ|Yye9Ms^~s%_cZ7OWqIW(x9}5kt
zMDKiXJ`*b4baF@+=Ubu3rsIe%3T+;_F1oApr_k<^n~C&hYs=~BwExoy68f5+6?AhV
zgdU>%fbPy+LYwJ6pt}<-^v={U-NUIO^y}2~g?l))g;cFD-P36(6kF?j;hs)QOI(+F
zIUObLbmc|5m(x?|`^xk-F=wFA<2C7>56%doy*25b4^D=A99iARnJfgW`#8BmC~aS7
zz7R^=*I6nA%lbL1gkV`eXQL&RK))c^-+93j+u7ea#)Or<zrFpPdRyQ#S|M*(y3!!$
zE1~Xnyp;w!$F?GFsXCaFp@%x{p9G<X%#BQO7FnWQ<FzY|aMU)Aqg~@kmC~FPp_+A)
zDrGnqx7#>xolcb|IFIkJbfQjjrD;ytXF&FCMKhg_Om=-R*Xb#Q-YwS|D1^C2o-;xS
zbB#PFLkPXwEN8M1dbe3lt`O#}vz_@un77V$mI`6sI>%Whgn8>6XQR*niks^^DKwJe
z<~qBDFn^in91z0%WuEh@5PHmeowtP0W8Uk0B!urz&v(uU@wdL6Z-lTv<UZ#oA?y#i
z&-p_L`$HBuH-xZ1WPua7i~Y&hcA*nyDe&)+BP%U*N(lvw8c!7IlX8($N#d^co?dB@
zQ$r}Q&n%+)J}K{ann@h2zTasl1gr0Nx(mS*i=F;L@Wf&#MF>~r0cW%juF3<>L?K+2
zB~FeIuF4W;o{*wdfThl2p-@@{Sn51viA(#S^QgqZvIm{bLa^*XXQvP>TjuN+f@RB`
zmxW;2a_4m+Shn1GUkH}1a6S=&Wh<O7E%Dh`IzKRBFTj13RyqfF<2qn3!179~oR~cz
z`}F@2Cxz)7y?W~7mDW0~_971L$e(@}xC@hwTj!kdiF-7^*T->>I_EiVrK(xysY>ge
z_Rn%IfdkU^RNCNl7fMY#K$I->*63F%ZFEwEPK<t?XpB(3#>Xo?=1deyYWy+LjQ_{p
zyMRei+>QD*J5|dL%S}b`f;tn7GP{dG1O-Itkri35AeRWD_6R5o3j(5op!NV>R!Ke)
zG~T}+(db5_qC_Pc?NJmrQDclzlW3fYB)Uf9C2G8&p88e4$ohGbf4=XWlk=VDAD)ML
z=lxYxS9SHhx2FeNHSp!^P00(fYX`n+?ccD|>U!DV<og~rzwY&JHzz}E?}OgRem{9D
zw*NtY?eYEOy4c*@-jaOKSv<G5B-h+0^RP-?H0Pb{t;x5X#pBYJ{K#2cvMo7wgPU77
zl^-OJcNXXUAUXEO@l=MN|4#O{WSg^iDz_)s#a6S(ei!QY<Ob|Q`(3EplaFl88)NU#
zC4ag#Z;ZV|m;5ER-u^ZIj^uB#$o@6{j^t)6V~-?vCf~&Nw?~pYlOJGD+In{-Kg0fL
z>)n;Ce!$H`%}aImNws7T>`!&}Nws7jOpXtCC-=nU_;7c!KlWpLC3R17AoeqRC3R17
z81`p->{y@7ValF+uTLI<oiZu>#*dQ6Ve=>5YV8DUKYM54-sCjwP<v<L-ee0VNA3HP
z3o$ur-<LcWn`MvM_a`sFmfEBC{mJjf=9bZh<W<hDR1;=w$!<t4eNg88O8c&t>beJ$
zZ~i2<YqGuS9!gGsNNlw#oxfXMl>Cdc3*8bcB|pVviItN2VJT_z>=Jt<*$unUF0n_F
zJI3Z(e>A!KmuByECHMZ)mi6429QdX6t9v|o_?K2!*Pirav&(2@;;H0JOpf7CCFf(Z
zjGj&|#$*{iom_^=GWvP)5=@rS&y%Y$Sw_z!uf=2;J(Ii%ld=9q@^(zd`WML`VKUaw
zCVzs-SU;P5JT^DCzf3;;rP;eU$rrw~Wj&uuR=%`q^?b79OSAW8lJ9+K%X+?$-14PW
zt6wK|<i^^zV85xG?Ea-K>-n2xpV(?-&3Y-hCnjswOUeG2tXVH72V$~jy__5to9p%O
zlDRL<-YZES@ue;6`ATxamsYJR$*EtO{jJgDj4y3j&)+9c|I+MlqbJY)((LzPlfjp^
ztmhw+mwag#WL`@?8Jj(S*}twM`BF*QfAX!jL+bvNT=+<AgN8KK{W<yMqp|fLGNtY>
z$-a-pCU0B(INAGgvH1LDOY$&h@%hVV$)hnjfB7sq36t}e&yy!%a{lsp@-$42M_(jQ
z$K-hQMRE})S9MAUm|WE<-HOTm!GvCg$^F5Ez6O)?kScv6Cg&kl`Zi3Cn@N2SCdbXB
zelRw-jI`cJ-p*&Y)M@=B*8l7U)_&Egq|q;v*Q;)EozZ{5_NY7G+MltH=Pa(P)*oVK
z?)lcfh|RUvMR(ccM%P{6cF{dC8Nn`kXY7et7uMD2H1_LRms!ik=BAR;`;jN(nbN~B
z8PAkH6qE7ns*k{AJiF@gn2cwwJ^_>Qtku(Fb1ih!E#yfH-Sk3CTIi<F#iWJq`T|T^
z=&rwuNeeynm6){9L;rhhu7#fZR%dc{acx~sJ@g3~7dgAQxo$fhI=iq&THit6ib?A`
z=ylll?4GE%-hka?_e8z*BUs(x_E|CgQ|y4l?XzO~mzZ3S?WBK;$@SPydNVf6{>`S3
zeiIvQ|7O!ie}MhW-mBbMe}?_R-mBbMSGUJYQ?9Fa(LFG^uG&TS!Q|>?SG^}DS1-Hj
z{;|1{*i8>~7GGWOrZ0<4J=Jx6-ER5`?8(D7)$Oi_J}K?3QfJQERJVuT{7h`h+Me2f
zHnumcrS(g{jBSURo9Z(9_+P~~dfKMCZ|LWqkFC46sji=nej{e@9?X5AZZG`|cG}$E
z)qPX%@Y^_V=_#+(?W6l*i*tXe>#y%}wn}x&eP(TovkPmo_KG&E^-EIk!kQuWiZ-je
zWAdHlI=v$%-&wBHdtkoJtJiyDXWG1a{VnY2fi?9F`atZr1AAEWFuC(QK##%X&hr30
z4wF5@zIrkydxm}WDVUr!e@oB8<gEEy`V8znduBXPFTrX?+Fu>lE3nti%-a3*O6*g!
zWBq>m3am%<n!N|<>#;qnuebJntY>Yn#Qyq@t$DStciUgzht-~XL%+fLVQ0&0mL4{|
z|6sidTY1<>YtJ}~?<ft?2fge@*R4H6^aN*D*4(jZxB4M^O>C-tQO4SH*pF@A0ouOy
z!T!5aO`UsV{{!??XYpEhfSyU-fdl&6l4oLlgMsx2>Sb7Q_R#vF`bzA+*(2+R>07Xo
z=Z>x)uAjip8G3qRgzo)H+}^{d&G^P4`eJO)AxG7Z)a#wat><*NvXp#W{i*S|`ka2#
z*(!C@#3}WobhnD+tx}gSKDoY8ufa|^Z`XYe(-;3<^5S#h(fYF3+&VZ~Uxmp!I9eAm
zSziv<ZJ4YthwHmBSzpHJA7iq<jM0x`vc5FwpJB4TH0kHC`)s`<^h?-ATki<{2keD2
zhW9^GzlFVi#z<=)VzQ)<(w}3pq>s{FUUhR+bBnzyKU(+1?zLCtN9&!jhnEcRe~eCJ
zo0g2Umc<(FUt5mV`(fkkUt5mV!?Am_!~2ibhhmRrM_M})lfM9r)8jGu3&1!%6_f4u
zI6WPc?e;i52g@yOsUNS;#Ex0Iz*^vJqq;R)ttRMRugM%0)Ej4u&FqLRoGEs}8*Xmh
znmj?Tjjg8Z;KlV5^ljL#gU`3N9(%Om!upB&LG0;<mDV1^<lgoq{S+qmwkPT5u}$Z;
z)PGz54tw$31=e1}E}6Ev{&@X1cEhx*t$l=b8QoGpS=$$N*nbz+>^ypbwQkPh`J19Q
zJ1eNvfD7xV=tXaCo1-Z@h^^+TIqS1i^u^e%a~`m^3Oi+LSbu`P8e1~;`_^v6`q<H(
zs(*m(V@G$YUhgb!{Y3pf_RffEb)sJLmb6|_ea`=3{fT<apSShpBz;0`HP@%6c0Wl^
z!+wyeQzz*bOx~z*vR;VE8#PYW=VJ2K3}0V>$y+mg{atLR-8%C6N=)9;k=Or@$(uM%
z(YIjoCXQ3|U6^cf)AaqAY;n_c36r&Mx^Bm0t(&f&#d;jvQa?lg2HWf41=e20_8Hbv
zf2#fycF?c|*51e7JgcStG`$6@I(vaN^R^qMnyJ%T>SyZiSo5?6)^@^f)GhVRdJpU#
zy}(+3XYq2FrH^`d+gQ)i6Jo28tz(v+ipkb7OV4x`*PE?B>QryGwy#gI|1Pv!z|xx8
zx(3^I@PIC}^>&zS0WEqLOtyd){SE8}yXDN$b=ZA&%bBD1$7Ji6s}I6t>zJz>F}W9X
zx;_e%dqJn`iP)1ZrTTgLMC^r@P1a7uWREgm&&6bqGGCvK$(FM~pO49wvp`>r$<}y=
zz6_JC@eF-6c3NFa{X$*D=GQH-_5)1D^Gtm=CgXXge$ZJwo@ePTe~}R^s7nVwU4NE-
z@%`9dIP}H(v-OJ~#CFcoSL@Hw`+OMN!INICU#bsq79UB@(}%?7w%hacXiT=-^YpQp
z+<Q7-e;bo~Pv>hNlY38ro{7o5r$Eog<la+3FUI8FQ$a7oWZswQOE8)DWqLKX_d$QE
zU#_pk_CM%dYd1NI=Y56VjLE)Wg|;uXvHw=76$gD(zd{dm7SG=WdQ@yR^1SH<`bbQk
zH@!elz+~IJP*25V+q_WEbQZUFk>2@ZX(68GMLHc@jjU%E>He6kXBX+g&f<C(>#I7|
zyI6;ml=d#xw_?)X#d;kk&qTHA4VXL=)v6!C<QcO|^iMH)#_SUPOH7_4yHx)cljq1T
z)tj+Hs;72eso%s7udY)o^#_=IU*<ddGfciO^BrCNiJRLR`JT;pbq`FwXY*a%2Rp95
zrT*Xao>;zqfwlh5;(5PJKlACfF}qB^7+cL__8IHTbQycuK4X2E?!aVRR_S*!8JAUh
zi?eu|m+O`-+opNBUKpEuX76&n6q9<F>x-Sm^;YYe&$iWDt$W2*Gu`%OwcZ&!+xBI(
z&S27)H9CvQG}q`sn4BS9p@(B~hIEA<g~|TqN_`|I`<E;A1ZQzyzNcT0^W2%h_w+lI
zl=i--Kf<KF@9D(n@p6#%uF@$?+Pg|`k4bx1>s>Kv?`pl5v$(x$^b>KOYwsHU3?-$#
zYxIklw0Di(+^OERdh8e5#_U>syt8<k*XoU5$$K(3_fE=d^>dg!uW_w@8I$&|(|^FE
zz3cR!F`2*X^@o_u-}U+nOwQJB&|Or*cILtwIa|9y+rPRyljG*U>zy$<ZvMOdP4_rY
zo;eA17L#XALOlqRXHJTGI3~}W6!j?Vi=i#`H|is?9qcjnMm+%wPHw4RtEXbup1i=?
z3~ci3min8teUG;5S<CDN))qO7$LwZ(Yr^HZ<#4lpAU3z|-mD+RWL$36Phv7I-`CG!
zGA`fOFJm$;x9C4$GA_61KVvd3x9Sfu8JAo27ucQloS{v3sfzpg6FYxxx)&z%@B_Uw
zCiCzEox$$4^M0GoV!yQWew!YI$++CEhhs7>x9d@ujOP#ak(i9<5A_7>;wg!SJM`48
z^`>;OHUpD4q28(IVDcu^JM|)G@p#^)UrNe6tWx`&-=pC!Jx^~N-F13-Y&BQgEqtB6
z6l=3v_&U7?lQr^geH|tvf49EXS=_=sdS|n3n)m2*Y;K9&qx)l0?;btaSzK?uUf-$S
zdi|iY6*WITe%FTe`bF%EGt<_##HKz!YHw=;s-?XZYF=vJhWqpw?2fbdZP=ivVYeT$
zZ^Hw61$N2d`!@VUm#{81`!+nRUvgGZrwl!yp`^VoZklebdrXgU7N2!JrpID(*7ca4
zjLDhR<2sMYnbqTZ7A8l$O?m+)N4!mX3HIiILmHmY%dt-eG+JAUy?XeO4efdj_QB!f
ztX+@EHOWu)&6r%1{8Zn8$(hy9^u3szS^Z2ujLDhRlX?>-XI4+@XD~UtcuK#B$=StI
zx`N4>)zi8IlQXNQ_504^<@a;_VvUSh!M<(!_=cbBEveWpwP&i&>ifIKHgoihhG+HA
zTCw=N;8}f4Z0=s(vw9LH_wt_ACu4Fa@t68EOztH9QqRL=jeJfo!eq^QP8Tq_%lIqZ
zipgEZU+Fc@;$A<m`*+*cm*@4s*j!(p*F!Ps%kw&iNqaBoCQRCUK_7?7zUM_f1(SWx
zi+UO+$DCj5*_a%2eytZei~I5$-M9O;zWhe-6<dwG1MD}t0h4!t{YDSLWL$o$55{C%
zeyc}g@;v5C`WQ@}$9zeD8<S@)U)CpM^33JSdL|}!Kz^s^VR8rLcY3L_xSy|R`!c^T
zm)|S8AvSj$dqoe%<T&<<J{Xg?h?ezXn7l=_tdGHdX`e}~=t)?IeI~J@PsUE1b$Y|^
z^=Vl1taGf*!{oWcSM?%Ho;!S17cf~yn{_KD%V@K{9Ft}A2Yn4D%jge!Ehfi@KkC~s
zIX?VRugB#0@S1)QljFl{`Y}w7jj!vcFgZ59uAj%o9@J9bp?`<XI%t8l*D!e#>KpoP
zOx}e0hW^M|Jl22G{&w5O`cHahY&Ejn|D@+(vfTfq7h`fy{7qfJWZivJUxLXKZg1(!
zF?qu6EqyH}WA<mg7Lzgiv%cL~+?ThtxBa%hysgK?R`Uy6?`=I6d)3x^TTjMhn(yd5
zCewUJ&%$Jn@~&Qh$sXlhz0_IU-g~<D4%^y$Pxp<jW<NX4_q2UYq^yHAhuCSprw3rt
z-e2?(OxpX4J_M8H{=OcK$#Q>RAB)Mh`GNj6Cfnu*+TUunpC9U(nDp~Qz0g_Q&%f${
zy|?xAuX<=~?uhqS?P1cFzv?DT=KUi*4wGqqq^CNIr}?qo9Ot<s(8u~sO3JgnAM5uq
z*~UKBpJDPo)lan9F&-CrpXw*N2PWh4son{bzI>|p#AIBy=zTC5mo0iACfmbjdMGB_
z!)H2&$@cKMZo*`H_*@@{$@cJto`T8t@P(d+$-FBw8<TlgW}&lq-V<hepKarrFfFmw
zjJNxxgjtB4X!lDAb1o+HS7k21Wd5qmcQI)%X|BYiy`%}9#qDV`bmwjDY2(FKGs|vc
z+Kj;hyNzix4x4Z9z8W(bTWRmU8gmLJeW^CHFzHLRIRm?Y&V>zK%o1$loR!vAU~&yx
zV^(5v4O?Tbz~p;GDRVt0-y=$y?_=^kqORr+Ouk3d)!c{4_lRoE!<c-JsMb7z$+z#j
znP)Kh_I)?=YfQd<-`!L&`SyKx^9Cm0zVBh)!{podJ<O-r-rutCiZIDt;&pJ)x9qzj
zOgHTAX8W!P(;JJL?Ykn(?wEW}e>?L{OunbTo!J-bW51`ry*U8uXTPVvy%~x9#(qzK
z2Xi>K*?v!d2QwCv??LxA$7Aw6=-wue$#<c4G|iZN7ived0F&=R?PSiu<hxKindO+=
zOXy=R#pGT>AF~FN??LZuuEXSe&^w!(v3d1VyYFIth@D$sr*<*-Vwc#wUCl$-zuUZB
z&8Dp-b1n6|nV(~=xdql<#N^DeuPI}4=GfPCU~=ZTyLlIrGsoS{CzzZ$?qRBSjhB&}
zIqqR<u?y^(<DO;*>`Hs)xToohU2(+fhP2rWyW@zftqs72oYzvHF+;G%^A=b;1e<Tq
zIKN>=V}U*6{DwIe+he4CJB0Z*wx9h=T0i4sBkjEJWoBYy?Y!@0=40>9UYYo&S&VgU
zNvLm{Wtg1B?rko?<Sce?vl_e2_H!R|E%uP@=RW2pXYszEzuB^fj7vdf^I=1ObFuw>
zOtH^L+}4ma)6=otZAWl`kza<EyjKTrXc%C!8L{}Bc0V&YHg^oz&*U-L7wl(dVX`g_
zG7B(Smj)U69Zfl^$-ZEJvmBFs!Tx3?Chvb4Y}R1%{+Ge#dQ9$T4KX)kazAT`xdW5?
zSqGSVF}a_0fO!~OZSxK^o3NtIJJ39X{d<?G-G`bNv2|VQ)KF8w^7~EgKFoAr3-_y2
z!_0e_yvJp@`2>^qxC}SRZ^ZK_?{PWE)MD};mxD}iOuh#_!t}-Dd(b1yH!*pS%fV&<
zChu`M*c^b#`&bS!hhXwPmP5?pn7of=q&XIo_pyvL$7Aw77SH&YypP2*&6vE8C1>Vi
z@;;WFIR}&Xu^eiaVe&qfL(Qd_ypLs+S&hm2SVo!aFu8ZwXl}yf-eIHpAtv_@4>Lc)
z<lf<7<{?b(9ga4SV{-3sw0Xu^yzU-u2JaQGk(1Bg)Nr^t_?z3-$T8-y*lPZ2|AI5d
z9F0{kwtvGklQ8+KLX$ZOlk3|ia~dYsw?~-MF}c1y!Ysn>pJU&xYyxcK9Q$r%(~8Mn
z>L{}clfBeY<{C`)Qb(H`G1*HUZEnM4D?Y~DgUMEWjCl}~Bl@vsBPK`mW6d+p;*l6@
zuG=RbiD~}R4P(ta*p7?s-!RRU{kM(FICFb!?kskkS&zwC>^SoiOpfTsna42MijOl-
zV{*1V-aL=V+4gwz3MOai6U=LvoTX1N?_hFeI?;TD$(89uqqEYpcpfI1>zu`Vlu72M
z*xcFgBy&3^XTOuok1*-Wx6My5>C3mx<Cx6D@#bkv=HYnr0w!mGlg%rboB>WYuVZp%
zJjJ|&$(ivKv&C85&lAk;_SwL#d%hFQ`q<o_?*#K8CheVI9>b)cQ_WMD^mD3terw62
z?HiiS?=ZP)J<+^|$-ARZGH+w@?&y=uN6zBDoNQLqZ|lp+W@T*d%JgKj29vYqlg;&*
zT$%djW=yV3eRBsUSEhM$FD6%}dGjzPSEi?!O_*Gno?@QC<o7hDnHMqnJ&kFmg2`3u
zbkl*!RqJ%~9wy6ZhWP}OF`HqM4Q`HVWEq`mYB5<xr<&fFoTZ;;`eJgHewz6vCTHn0
z%>Yc!(r20jFgZ(aHiuwxmfma*$K<MYmN^!atJYcOcucNZXB!`rtJc}3#aX-@T1<K0
zZOfs>ydIl7gKshKU~&fEVm`)XTbW}L--_o}wv{=iD<<p9T(dnU>&slT8zxt@r<;D5
zT+yCx8Za5pd1f#s<2lcG&f<Q~H!sF{?ka1(DLeaPO4^%mUXLxY{g4+L=9`5Bx6RQ)
zv(#B!a-mrfn=84{^xAJ*$+OMQ&Q`1Xp?_>R+t>}o{(HQ;v~ccLGt$DjX3YNayvq|(
zff<X*(<y<OjLFh0m^>y+vtVXn@|4LkvjCH)OqQ7?m^@{&+$_iBDU;=9C3c;C%4CIE
zgWYGJGFf4+$K)xK3(U=!JY{l$xdW4@OfEF{V)B&9h2~+b(Vp8}WHw>)l*vWr8BG2r
ze6e{ElfMaHY$~z2<<M$6$dl(^TFtwdJpa;aKEdQ!s!L4O;CRgBS*lA+EoSW5{iS9H
zYzKRGf2rvkn`>dE*~{6L>Sx0~Z&+y-4w0!`sg{kX9q=9VBzDAz-3F{O^A3=__&KC2
zOw&-Yc)4F;#>VEB`xWLTXYu~}Dzmv$$*atpol0J177cT~c73_l1kU1VUTZFn%}w)K
z(|h=~k~f&X&f=0c7`YOX@5jm7bA$ag>1`#8=HyN#i)Lo0l0|doLEB2+WX}DHUEplF
z{bh#7df9I-cFMciTt{Bdg#BxadBj;fF5fp#cPjaP^E@SMRlfW8&96J<-C`=_$y9DJ
zT}Eu{%dMv8S8Qiz%hhmO@>X+tr@S_E_E+ruP9@vSRh{yFV8XB1t({8#!0dYPw$^Vm
z-}s6(IE!1q&0KxRwvxA-;#cf;XK~5f%^oAAWIQfEG<DA6b>fF+khA4#h8>q5njxJ^
z-eGc`O5S0bD0!tCFyIa|4!b@vc)*=za;K7anLK$@65YGsWfnV&TVH1`=u~o@`3@z2
zZ(CnyF6&hCZgX9yl6RY%D0!GIdAGTxQ{Fx1F7ozCj2Li_d8<?2dh-!^>l69z>&@Zb
zwlVvW8S8Ahl6pTf-|3Whuepjmsduk=EzYygIofYun76T&huLpmn2)ee8doOnH};24
z>{wq|Q*&5C-EUHuZ2cR|c9?Aa8_ce;xh?L;<{RXB*<Ohsn>y@>?CafrZ1%_G``Qnf
zgE0BN_5-F7`+?niKWL7^9<axw2hBuGp5FM0IT4emH-2JHjm@?GkeT}xTjVSrmxs)c
zI^{iVBJyNh9yUD>-8P<)+1XiKFESH5<&}(2p42OuN~gR>%$uF+Jz}z>woUU<GuYX3
z`;O;)_eah0IL|GIjpkBJmcvG~29xFRn7Iy<<?xuf8I$GkxcMO_%i(czZ)|QPHkpUM
zVox}eIXZN}CVOm5sJ+fos!DxwynMdo2>HA^_0`WwwV~!eMy@>Aelb8z9;lR2k5B!N
zxu<oJTq$E*nd-k$CZXOsMe1HV?4O;UK2heh;O6x48QVU8wI{uLCDiu@_3BlnHlF!E
z@8Ovvr0y3@lH2+7h9we-(;w8y=kGK~$(ELFpHDjPKYspd>yrDg$iGJ5>mwj*@78rg
z*50k3JC|&*zjl&P8}<J@w{yvVeg6OF2z-6d|G@dOw!}w)&Yu^!y;&UpuYHc!!>>=_
zPv5eyFj3bXF2{@O_m$(t&u1!Ct@<=8)kRG`SNe03Jw{ZiM6Hy3sjEbeKU&i3_m_CL
zBe(TgJ}2FDv}*EXYVj0S+x}N6+21DFqsGUb|2P6$=e_e0@Fds6_;~lYZP%##_LCm&
z{<UMG91XRK%S?7hgwDs)|NiS(yjO|$C%tCNsQ&lw^FOnPozEGPc1x*J7ua<yq5k&y
z!@tJx|BVsoykt8s&CbW!cjw3w|BKy6B~^PMTl#%NWN$E_AbW#{?DpP8ZCI#Ojk?+H
zyAo>IVkuwa%6Azf<(Js=K;zD|tJO`5q|7IFZ&sxwH|cV<%QfW6Z|eN*T$z4C{ox2H
zGv4jl{>|+z<4EI3$-RD*<eua{Uo>1Il2)lc1GasZKEyqV`y7|q`dQ9hx1P2BGq<&W
zW?S)+Juojz;Srl^^~9+%CX!aE8ydHMPADmvP;2b9QkA=MNh-fq%E!HxDO9;BB-GJv
z&mc>G>k^bTN2|+DlPSdOMn88gAirj}bx->rk4Im<7MoiwJ?wmJ+HtbfjgN7i)2|=F
zKX>b))YWRVT`RU8>EdZhM7wp{sB`RGRI3kjvOd3Pk90LEH$|zG+S?x8x~d8Gs8_2d
z`$~0Fhubuv;%y{u@y1CKiO(G3G5P0T-#u}tjJd4&N!82ESI0Ezm3&U9+rF0mGuO0#
zwe_zN_}@DM@tub_{ogy~zdtoOepM-D?`b65(ds|*`8Id&<qW%rNxHiB64gydB2_Mu
z{4Y+qbFcO~<G<3k&Qpl5bY!2rb#ED8t;ltXcGoG!U8hvD2aflFf4@w8<r0_tTURTc
zuWLRzUhY2iK3Vz@_vbEmUh$GUj>IKj9VEGbe|i1aa&z`57GGf{-TZ1dzX{UQ?D<cX
zi`yrI?3quMs<Y|ex}%s>W9&MkIU9*bK#oV9<3?TbwX3SQR(z*1K9l)+-6QREw%%#{
z`(@(XfBsSFZ;k)9GtZ<doh_rc?fi3VB(57T{m!ZUs@y-e+~ZmwyDg&g6ynI=>f3)U
z9&bTw+&OK$w#&WcDs{2DPbHDgpTFAwct0R%m3sRqnY+$Y>%6y#r!Nsr$$zA`U!VRz
z66rkUf291^%l!TGx_B%2;A?Asd_N(+i$4BH8I8_s{s-<{F5WJrOtt!-m-)YOkA2%(
z-Fbcf>ay-Us(<Tq=#CWe9Ul3dQ2$6OW0J6ccc`*!QCxRxMB;y|t^aIXmPJCXowY4J
zIFQey+_jaQjaR8h?fx^Ny4yQQRqDG#<#W8>mbUDbg1au;^(6V+-yQ_F_AUN<!GE?t
z|EJ5}d*Zep{-18^ADh0tC#VLx(U!e>mAk4+el23}AAXs;b%g)^^lv}tzuTPt-|5d1
zcUJcGvFf}}?tDITtX-?O?xX(k&pW%VL&_)Bc)N{gb)uWj*W3NaBmeQ<%Rjc<|MBVn
ztK|QSBM{%c`L6qWx9q*+dnxgKkA(VqJibrz-(gPUdp`f!p6va9?7HAT+mrv5@^Zdf
z<(^VV@|42YBXZ5P^~zClwJX2%UhDhk%YNzWwf<Ln)w%Au?piF~kICnxnq~K3@x9!H
z`djg@_ve3C<iMpezw-~1wDafF-5JQ=N^co0<>M=YIE^DIcTX=)`?@DRer`uNp*nx=
zJQ{!hbLU#|=hw3T-&6b98C}(0Dz6qLPO<-IsFjI%_Lr>Z+y7_U|7Y3%XWRb|*k6Kp
z(EfkK{(sc|-)R3oX8%8K|EE;ji3zoxO{>)|HtnjiHnrarvFVO#nERY_X_HIGxpcBi
z^Db?6X{$}E?Kk@+z1l_It!g`QH#ICN(`mBlH`HXCR;#>C>+D;@C7tiex7pA3TmH$W
zWuxrfQz_HUzF+WI8#!>sOq)K|a;bg$?6_sWR=r(rUsZqN2X?;iSY#5tZON{Q?UJuA
zvF|ucZrH!tmbrCl??ij@z(Ea(c2(McP@=)s>YDh4tNRP}`-43DdHBJjZTjRvM<?EO
zz50b}Jz+v3p=ZpQo+v1J@36Fcx{aJU=e$Hkoib@<VuYJcMeTRw%0!2o+PdV0r`=#b
z51O>rmY+6K;uoG*ZQpbG<S}<9w$r~&-fh#LCGSr(+TRCw%)Slt(87~8@=)^G#8Gw%
zn-de<bf&sFn(pRkf}5iWZZ29}Zi|bwxX3QLFlc#|j8bdWLRV|4tF=Pq&ozk^YUI%M
zHuwHf$Eua;mZ9xcSzX%y_x5K5WdznG2QK`u>N@*5VMld^{ie%xZpzoGee5rfUgxHN
zlWXyIH|6zi$~U<(H@V#H5~cl*Nj~VNw$atvsO}s!H~FOd{G|K*oSVW5n;xs4b9L9K
zYlikptg(GFiEehvk0)QUQ~r%jWvQ)8-g>6}&W$TG!j;MC%SP;=H`^&lKgTUA*w3<*
zH@jBebn!P`<V_cO-$mYck@sDs8~u?fJn7=y+-PiZaapos%@)_&Ew*m8(g|6kx+P?d
z+TzNuOU@a7vFV+VWz^TE)oL$Sroolzn~?tWO~{%yI3c4q*yc{D9^rCFBxJrCU9F>B
ztqCsP=xQ~(T2o!_beG%Wa;Li7sV=ukfAp=_tH<eA{5NfSsQo_Hy5y51->aT%Yw0eN
z6Ppj~Vbd-79lPWb@|~J|V*l)JUFN%A&}-JxpUH{s8uqqjp6WWlruW$GVxenmscS2j
zT-PwA%hicl-<sB?=(fJaTDH@IKK_u|T?%^tfwQ}`>L+K9vTrgP5X|ecN`JQGY}=N+
zOJarXLu=JaH@|D#)K=J5Ug)yM&9!}RvmKe0ZthmPd0CmLX?VHIN;gW2U3_t(A^TdF
ztF?S{=W5+@f_<vo#S4iimmXVF)Cbm2wCPUMr`8k_J+sqnx@y*}nhm=C#CbKXw#Bn*
zRwd-yLb=2sz09U<CthUZGUiw7YZhN#vp8|yz}LF8>pe$YQ!^~_ml?O)^v+T1YT8^Y
z>+JW9pQu@v_{oqbYT9k&>6%~LdAIL5wrPj`e8j?cZ907FM>QS#?yApidaF&}wYl<r
z=e84*sdrtOcU_r;k-90Hc26aY)J+(vyPb{nPF?3(yvd~-5;r72ui23JvrF%E>4PqP
z*QM)RdR4QOX*=;?TUSQ%ri5(Ex4S8<cT4a=H|D>#ksx)uEAy`1DlfF3Wx3z(#=K&4
z|1GuA)#^xWzwhTYS=*l*QyH7K*|_XoJ8bT{RL<;l&gb@fSCU(_ktp@Ct2NF>evuky
zCeL{>l{ZIBc{w%N^f<)sy=@;pOC_rAShTceg==wz9pM-3y0OocWY<*H9*3p6CaPpv
zq^eF{+Sf)pW`Dz`a|cRpLoU^IUGi6UO<tG$<A|a5^9R|3ZMtajsIJ>pZQOsQO>Z8!
z+NS?D=jyJzRNXo1p|11IIZKAtHn{ymgWEr}tGNSb*0$TVeNJtr>K9#?)hxEXtyYUo
z&+Lu0PrCjOvqzu1>}MIn=iIvbk{h>|+<H>5<)5&*vi<H?b$amg+MF$4t@f)b4*RYB
zeCyI>HS6ql@mj5{U2oMk*<AabESvW2Hm+*qoPOO_*(um}eYm!sbFE~n+K2Q?6wQmL
zTvQ|L-Z9<QCGT1~q1$F#X0tsKo#aM9`rNKgUfSGka@F_ux8HTDI{IKqw;y5OlwjA=
zxykq4sAdxf6rS#uO|&e2vD*eSXviyeYTvW_$qh!{37oIW+wachtA2K-JYRg(l7#(y
zlTA06-DkXR%b&CCt!^dr#q_^)Yp!~G`o}hM>M~`2Gxp$Q7n}b4l<wU(82Rm$4fcuZ
z9qi}2LwD{zzv_2G_OPE<?Z3B8<vqlOs>cWI-Tl`__8zwUX`{M#nEOZVs1{efR5z*n
z;;Lmw+joi(_gkjg+&f3*ZTX$;)LQLWo!Y(C>~5#i&HWC_$9BZ#b^qANce*|{@?EZv
z&9Uc8D!(%$`-CgIXA}F5nB8TI8v)q^Khj;h<<hN6_RqcTT4xfvN|vd%%cyrERo!;t
z>)p1i9%A>9vX8o~M_*T7j^mqpw7Ji1RU6KHy<1zA{2oGEResFt-PYOo=RG!54H}Z_
zxuI&tB0G0g_uB75ZK%59EcraaM)q=b_o|YuFKb(=wrS7o;GX+cA3c0{&w@H^zax9*
zlG1KLy>!&Lp2Mo;TQwzHYgW&kEpOkKUzMM6rY$LTCAHs{vFWm&4Q|SV-5iZ@bJXDG
zsKL!qqswiql4EzHYrV1R_otlL>nL0P>|PUW`Sn#>>@jpo^;B1Ps@v8kxO5l&S8sV$
zQ}rEFZtT@m{o%s4UIpDcaI7iXY1%ipyL7wiD`(5E+6@{~t%_AD*wAZT@_@p_HvP+t
z$9l<mg&cGLIO3<hT3k<3$@&w!ZMR+Wjz#^twYYwcb92|?dYefeVYh{0cKfQ|Zog#y
z+<x8mOO71cubZ4>RNLwFIeg4^AG_(yPcE?EOPinEam?)PCRaZ&bN+UFRdqk_g)ZZg
z9gBJ;CRfRRW?k~L>?qZt<UA^y_|}jMwv#DbZPV@Ngxf8&)7hL@>e3Z9ZLPY=jl)Ve
z4lCT$)>O$^)(SUnE8UpLv3|n#ldEPopRj$#o#|zg&-g9dFSc`W_V(AgIhvnbG32W4
z3)MppxncX(>fVRsyRUM`zEy5c*Clt%j_P`oYj>3{o$}oFSKD~C8lgU2xbF^<n#8!|
z%Zt|T&}_%5e!Iz4Pfq=Chxu*|neSSZJ~a2f&Yf?hsxBLm?|z+<edcxQqQ!6bmfVRu
zPEP!C*nlp#yH;*@bJ4D9PX5`B>uu!aF2(8({EzKt**~mGzH;zmz1COB-d;wgW~WuQ
zm0fpw(ADjo7|_r)QLH|+p=qbSZtgZzJz{^+N{)=D?$pCxeZ8?$m3mCo?pdYURrfu6
zsG-TvY~23JRG%94k=fs-Tg*_Ks_KJnT2n2NZq-Bk^iW>)q4x7s7x8VRMoo8RW>!zM
zpYL+<^)7zDi$Cb%QS}s?yRrIYn?6xJ-KM%mrdd-XQ|MMBt@L-11{WFVB7<vWnnP=(
z?q-+!y30+cr0!lRsoOs#bsJJra$stT^f1+I(-o=nY&x{-_iQ@7>s>Z|sp~IoTJHLh
zO*ePlapxZD^{)Hc^v$kKHhrh-beq24wP4eax`sC0()B)@s@msls%zh}X-#eQE<IGY
z+C6RBtJbq=@7lagcdlJ#)4sJuo2F}jY}37Je{IwLweQ=sp|<C)J=DP3I-3rzJ<_H_
zYZusbMC}ze^=j|8X=CkgZ91m*J)0g?+jF-bYHV$Pn@*_B+4T6@DK?#2JKLsy?J}EA
zuf4*iGiz_PX-n+`Hl0_i`u0!@YnyDksCKSRm)2fk)1dYto35z+z@|^u_T9aQdZzY3
zn?6^2s7+t29cR;*YEQ9gx%Ld3Zmzx1rmxptYaiiU(M`tr;%+j|E4#@!M=r9_MV@ex
z-Mja+>(5m^p0Ks{>Q%dko$Frv+H`8K@q5%Lzt=hT^U7Z5+w`(tH`sJduZL}VRj=|M
z_R>}@QD^7uAB^o&Gy8l?xPuz#xSKlGv7b8Lv0jCa`>UTg9;BXi9Hm}yJW{>yI9?4J
zDAPFsPE(@?Ho11r&ow(<oNINwJXf?lLk;cI=KQ)`32%3PORj=<IKMY%FY8_T1WZ{j
zQJZpUJOkyc$xGDpIS-ew&`3K?F8+s{kLO{ti+_|0@B(ag@v1{Zya?M|y!W9IUV`l|
zesQjhS73*W?|!Jg2^9AqrYx7J`wmUx8JKnP<3@RS4mP>??uYt#9yYu9eTN2k0k*pM
z*|`ue!ZsH_KNsO8xY2U99jA7e|K_MN@e1s4@lQwDTS#s`QkF|px5hM{fms*dr7?#$
zIq%o#<9XQZ;)5CkyZ~EWd{kqI7h#)=Pic(s5^Q(zS&bFE!}+G1-Oa}14O5n~UZn91
z%)0owjUJwZO)h?UqmSodvx|R}E8wlpZ)^<lB5ZT<vvUz%g6%GD*Au(~J6!zooPAgz
z?l(+XE>YLz(s%}DUHslg56{6S7k{`hk2gF2X=8vFV5^J2&=}%H*yiGPobeKDckxe0
zmGKJfaPglu+CTEf{e~&aC2DhH8qYxc%6A*TH<!bkoPRnhk2gDir?G&yI=}3&BHreF
zP-6*icV0KTf_FH7YILFt>#5}uwdn8+o^@{9$D5qn_VH%twtc+SxosbBbKZMQ3Eybx
zwi_3>{UF}q{6}LF_AoB{pOobi_0;GLo^`(H@EqRc{N7w1Z+8Car~=;V{GG-SFTyq#
zzwEFGFTr*f@7GwyE3m`G2Q}KqCgbG=Q<h6q-RLx)fms)SYP5&vV3Uh4I^4(eu-V0r
zZwl}NY<2N|jUiryZ7%+!F%e#Z?JnMXOc}4h4i~Q*Z6ElI`wvr=GQMd%1G6r^=x`6u
z!6p|!zRAb)u-V1?H3oPAwz~M1rVuZ}HW$DChzKvib{DtX3toX8F8)rVJ?O^$hbhY?
z>ZgrqJOi^XzNN{-bFj(9uRp@a^RU^)KOGg|1=#B1cKyMNu+7Cs92wyy*zV##Z7kyz
z*x}+^n(PhYxc@L^xkO!mL>kY)tc!m-%ENQ8$;IDk^zl4wcJZG!26zFsx_Iv~Azp-S
zE?ze}!b`B-#h*X2f_FHdca-W*zhTO9iMl11#xpSM;ysS`@EmM%@oygO<9XQZ;<=*(
zyZ~EW{I#P)ya?M|{PJTWyad}_ym(9*ufPr$A9HNNo)pXeBn>mrgE{EKJPcp~7GVTS
zuna3u^<=zY8fIV)`Y;azSb!lc!U&dN8CIa`MY}KqJ(z<&%)<f<VG%~K1k11j?H^#`
z^%<sN26`|DeVB&<EWi*JVFXLC3@cD=Px~-wxm@`J(|88<v%FNDGf=o%Z5Zeg&%seH
z|J{MY)oR3kKJh%9=JKE4Pq<or0gu~1Ain^YyK+|!7Oqz9gNwx1y7)(fg{#%}Ln7iO
zScVn&s^z8XrXj-Bs^$QDkr9tGOv4Q9XL+ewcz}oJ;3yYgb%1cSdf@<{cpgr3`MnPm
zu2zE%42T!ta+iPVfkMd-i5KBomw&;5!qsZ+ff4Z%eAMN?aG+4~%fu`2RhR$afx^|Q
z=TQ4cFeTfm{qvY(((+Pu$WWo=r-^4^KbL>}P~mE|V5mnt2S>U58;1%d-zT1j(_H>f
zh6-hQ1;h(*xyyfks8I4l;zhXD<-apjxLQ>Yi-?!tqb`5YFrnm^iC17^N9NP=Qq?pp
zX({Vpns^5GbNP1+6UsPx#B*?z%m2eLp^TGHJP)V2{652lG7bUp0$lF$j~Fg=^GUo2
z*Sh?0xX{ff@e+L0<^Ozm8Lz-sUHrC#)J`l{n6$jqzBwj?_j5kwU=Pp1Q7(SmAwHgm
z(_DP-k;2vL;*kOI0$lF$9~mih>n-sjT<h{*9VwLYj)<4wqb~n&Pw3WL;uZL+%P)9B
zx8C+){$SGbQgyE<l<`gz&%k~z|4mOQ<Lwd8!BH;%u$)lF+b5of0W81}7GVjNVFjw4
z=_gFX4D?_Q`Y;azSb!lc!U&dN8CKw{(EiCj-p*kXreOy5gIP<t@8aP(I0`no{PS}@
zo`=(5v&+9c7vKfB9Jadri*rSMEo^h~KOY<6kHU5r|Kiv({wnNn@$JSYca7&SWw}J{
z(wN5k!K{n-9qZwvV3Uh)%K7*-*zDrZ=K_2=Y<2O$V?%r`Y;$pY9gUaZqp;oOU!E)D
z75FObaQPSK)NU*%n1m_IC2I88G@gO|VAkbN8tdUXI0`no{5MDC@oBKx#ix%A@B&;8
zTV4MAu_0cBYhjzqKW<cnmteb#FB@CNE3m`GFFQ>2Wj<jNrY!CC-MBQKf&F0C<?nu|
zhv(oZ*yQq`9_QnEI1M(t{L_yM@B&;8TV4JxjUiryYhjzq?=wEaOR(L=v*XKn1-=S9
zT>clwCU$2%wOpcxjZfnln04{ocn{CPCKo?uypQK$vx`q1AK(Sp>f*D;hj<aTx%lGo
z5nh7rE`HJYGG2ilE`H5;wFk=!rYx7J+sCKz49vRt`tcr~gH0~JaeN+ccK-bM058B+
z7q|BV@gi(<@mq2cUV`l|ZnrDE0y|v1&v>;b{e~$^w|~GhFze!PjQ8*yY;y4r$NP95
zHoN#W;|qAJ^V`RVcoDX__!q}UcnP+<_^|P1yaGF1JU3pY={HPSE>XvfPvaSwb@8d=
zJv;}STs%A8$Mdk+#V;Bk;04&~;&y$(i?Geb?fQb3V7rTN9ACyOu*1dIk5?J`4^x)*
zzUKHeo`G2x-<0$49Bgv&=W{-uhs`eDYeIk*V5^Jwn^45toR6GP!rPsXnNYzyoS!lw
z@r}5jDN8xtW$>)?TXH$P$@#1adA!;A!U+Yu)p;<Xh_^Za?t}<0!FCsKn^49pu*1dg
zpP>3NZZKuJM72*y;~AKB@s}oecn&tX_`4H)JP(^){EhJeUVyDGzHxkr7h#)=+x;9~
zg6%GD_j7m!cDQ);M70<FhbhY?s`tb+o`G2x?>EuIbFj(9uNm*-dD!gY!zTuK0k*pM
zaT7zl2-{qI_QVJ;!FCtFWMUbwzz!F`VWRpb{f8;bCF-t;X*>h7F8<g=56{6yOS#Y5
z<nmvd=o8PwW*2{VVgYY;{^`UJFTyq#ubmX(CD`ubeI}Lh3hZ$4`blbU`VUi<OVlBg
z(s%}DU3|hM56{6S7e959kLO{ti!YfJ;04&~;#W@!@gi(<@mb>|yad}_eDU})UV$Ah
z{-a51ANmhdmhSIocm`%&-2VLx&%q`a-#E#~^RU^)pPv-q1=#B1f1DKJMcC%zf1MQJ
zCD`ubSAV;VS73*W4?AA<r~fczxkUZy_za$PK7X=@=U|hIcc0?pdD!gYw@wN00&I2h
zQ743W5w^Mbt0zQw3AVfVMN`Xo1$MZ2!-*<OzhTO9iF)?LG@gN37hiaihv#6Ei}yX*
z$Mdk+#qU2kzzeX|#V7e8UW9Ef{+=J<CD`ubYw~5h0y|uM@F}W}{=<~z67|9<X*>h7
zF1~1*hv#6Ei}#-H<9XQZ;`dAs@B(agal7Bdi?Geb|2V0Hw>uv{ql{Nzhl@AQQ1$d1
zreOwpFb92@hXE|W5EfwsORx+pP&Lp#Ov4QHU=I2)4+B_$AuPfOmS7oHpc+8?Fby-%
zgE{EKJPcp~7GVTSuna3u?Mu5b4KvV#Iq1VY3}69<um~eqf@N5N>RYrA(=Y>b(1&>#
zzyb_m1luj;?*wJM!};PFYGB-6%5sTXJR^-~onQTJ4{vh5Y=)0FJ5Qe);04&~;u}s4
z@gi(<@#9a6@Dgly@xM;0;2q9CJWcJ#IKY(U5_Rp&G@gN37a!j2;W^mk;(wgv<9XQZ
z;^SuocmcM$c%?bSi?GebH;#|+5-h_CRD<IFrlALY7{CGyVG)+0+Mnq_5Be|<16Y6|
zEW!wuU>R1R8qD~@4D?_Q`Y;azSb!lc!U&dN8CIYgLc1^xGth%M=)(Ypung4!j2HBv
z5A!g91sK92j9>|tVFjuK={L+k59Xi`^Duw~7{VfqU<sCC1*)O63)3(IJ(z<&%)<Z{
zU<ivaf+bjn6{v>MK1{<5^k5G9Fb@M*fFUfx2$o<OR-hVA`!EeNFbDIn0E@5$D==|T
zJiQFe!8|O$A}qlQOpKsD%)vY?z#=Tc3QQbKeVBtj%)<Z{U<ivaf+bjn6{rqj++Z4J
zpa*l%hj|#l0t{ghMz93SumaUc+J|YFfga33ALd~I3owL57{L-O!wOVh+<qE*Fn|RZ
z!Xk`d36^06Znl)`IF)1mU>f=`fFX=v1*$`-57RIMJ(z<&%)<f<VG%~K1k11j)hOD9
zX_$c?%t0UKVE_v-ghd#^60AVgNV_l%Gth%M=)*j0wv_uY0bYQuE`EM4#EY=a#V^m5
z@OI~)HdpWt=Vn&ou()3-%Oz@uSs6U*{L@i6yvg}3IUmo%W*5IV7vKfh>f)PnAzp-S
zF8+Kj!b`B-#rK$1#w)PH#p`FO(TpEVS;}*0X*>h7E^eP!!E><5#V^nKcpf&p_<^$m
zyZ~EW{1>xAya?M|{N7xImteb#+vkPw3hZ!k`&{7RjI-qub>OTt?m-{sVE_v-ghd#^
z5-h_CRAU$~n1&hX!5s8q9tN-gLs*0nEWt8VO>w(v=)nMnFoI>Mj-Vd&pbzsffCU)B
zB8*@Owp+?}Q^qT>!^O|fsUsODn6g}=F3+X$49vRt#W@ep!6p}<H`~Yau-V0L$pv@;
zwz~MexezbHHW&YNRD_pcyNlcBdGQMDaPjG5)lu{xrYvQC(|FeT;ISUw<lJrtc(e11
za{=D!{JhyAUW9EfzWbpOUV<Af-Sd+!|F}_Q;uYB8;^)m)N7GN3h8gI=9Q0ux2Cx7_
zScDNQ!7{8sbqwvpG|WH`=AaMrFn|RZ!Xk`d36^06s$*#%reOwpFb92@hXokIB8*@O
zwp(6nkI!Yi0y~JSvGfC`ETwz~&*C1QgH0~px5dZvu$g#(7htQ4AKDV)McC%zeoM^n
zzz5(PaMw8{%C}QK=670RJ^<fnsZg%Nl{;uoVq83bDa&isL31*A*7?vrIlKw?@jPrM
z9^eJo>f+6FLc9puT>P#%5#H|ngE?iq0y|vXo;MxG_`{T?jDH%>z$|eO&%q`a|MpxT
z&%<UHAKE9t3$T@Vh!<g-i=Q`FxK_O|HzHnw?JobVxn;ZpJ6zn($9U!grYzlj;91<m
zn{Xd*#sj<+5Ah;wBOc);*iO8RS6~NmHG%%Yl%?w*o`G579-f0uF8;+_AJ4;P7r$#x
zfEQq^i#MGf;ziiz;;T-N@Dgly@n=pi;}zK9;&07W6X`!pS-Sq?8JH#R;W^ku+{g2<
znRtK~U@P$uFTyq#|MuJnFTr*fx9bO9fgLVx*N;i`AIe)kT>tS5%o6wT9Bd-)<9XQZ
z;_sd=T&s?r7Z5MNR+m4tPly*`n~P7LCtRzppBE7?!FHE#_nUYJuD%`5N6OOmAJ5_*
z-h}&jGalfrc!;;*5#H{6{XF4X_0haC@eUWa<9R&&uyp;vv(DGg6RuS|&i9Bnx%kjN
zKHiK6cq<;_ZFq#Y<7K=9SCi?7<+W<>`6)|T4r$_97hgZm!<(Gje&Ee`fVbiy-iAkb
zJ6^^+a5aT~Si14Rv$%&h;XdAs2Y4$U;%#_@x8r5J1Git2Q|@~qmacs~i+gwz?&HmP
zfVbiy-iAkbyK}o<Sgutk&hH>!O{INH*FNq+ALe1R<+bXIxdpt{x!qskMcC%zbLU5R
z3AVfV&^{Hs16L=;{Yb!+rRxu#fmz}no`X%qeLN4Fi3fNAwh|BVB5ZT<XHJjs5^Q(z
zAI>l171-h8cDp)>akO;(#<R|!Io-pX$oKJPJiuG=5N~t-%<00l>go9r@pc!t`x(3g
zS0~dCOV<xPi+gyJ^Oxqw+;xFZJP(^){s{{LyZ~EW{OScEUW9Ef{+k8DO9l<?6A>@L
zc9(Dai&tO=apkl8Van3=AJ4!naSzYICgMJxht0$TyZ~E?hj<aT5s&Z^Y<F>coW(1!
z!^Q3L&(nXHvUL5&GcZfs!*j67#n;ah%6`x%o`=mY-=3G@1=vbF#EY=a#n;ah%Jd@Q
zCD`ur?ef4Yu!Fcdh53OgOE*7w24;zSc$4$J=L_9@5YNMAmv83-FThq8?|(*!7h#)=
z+x5zFt-A1x67hByxBbT}u!FdoM*m^T()AzDz$|eO&%q|*KAwlo!~?tlTU~tpJfX~Y
zNW2K!T)y2d@Dgk%Ucoz@hi3@as>&Iu>C*2H9M`IS7iOK?=U-qmELh5Mq!lmXZFmW9
z$18XTo|qBWPg%-1W$-MX!<+Ct-i#OUR=kL};U&Bs?{FNkFm<Z5H)3HHHo?55%uh33
zz+3SUFTytB5nh7rE^gNoyaGFjtJ7FdV9L_1CwLb3@EmL+?&EpbOgz8~u$6d-7hxOm
z2rt2Q;$^%7JBX{9^c$uuUBB@R%o6wT9Bd-)<9XOjJirUEm3W93VH@!XFTr-=WxN7A
zh^uD$4^x(||9A#wiF<esHWBynJZvT&;04%9Jj9Ezjd+BYU_0?LUV$CN)hzlCQ<kp(
zcm`&Pdw32u5%=*tY$hJy1=vbF#EY<vxbQYLd0|An1l!3k;}zIJ+}?C^+gSppEZuzI
z8JKnP*$X{92b)~{=L>y251U=Q&zS*UfUPcm;+Y{{gl#Tv_m6l9wi7So71%*swa|Z<
zvUL5&GcfDo_WH(B_Rk*i9Bgv=_WA<P!)D?EUVyE{i+CFz;U(Da;`Y4TQrayOufPtM
z|HJuePCOqeOV@uqi+gwuHWBynJZyIHz2^(1y?}TDwz_<KU5giC8}SG)!FJ+hyaGF1
zeC3%j-#SyxWjVl<<+W<uS!p~2vo3zdSstE)O)mbM1wuK0^oi$Tv&$dar+~NOAzp-S
z#3Q@}+liO)3hW@RPN)AcW$Bg!o`G579-f0u#PfJF9^eJo>f-i1!P1>45HG?umv6TN
zyad~cm+=bRY$^B6JIGJWV?DBz{%7zU%)<gK!V;{&#Qb<V8JL54Sb#-Xf)$upKz*2l
zd02o&*k-vzU3FFoZ+G5yRt4{He*amCGng*SK_BK}01L3yQl=l`McC%zZD&Pz3AVfV
z{byBhwJ>fs0n;!8J(z<&%)<f<VG%~K3@cEbNqaC2Gth%M=)*h=U;&1(2qRd6Wmtjg
zEZT=@n1LS5K_BK}01GgLMHs;nEW-*^XVX5+Ko91i5A!g91sK92j9>|tVFjv1v<uTP
z19LDB3$O@FumTf{<LRYg26`|DeVB&<EWi*JVFXLC3@cEb!+gLr%s>z3pbzsffCU)B
zB8*@OmSF|jjZL}lJ;OB2Ko91i5A!g91sK92j9>|tVFjwCv=7rT13j37KFq@a7GMaA
zFoGpmh83vJrG1!&8R)?r^kE(bumD3?gb^&kGOR##9__<4%s>z3pbzsffCU)BB8*@O
zmSF{|^JyQZVFr3I2Yr}_0W823mU5g6@gj_136^06s(^mLG|WH`=AaMrFn|RZ!Xk`d
z36^06+E-1++W|~N5Be|<16Y6|EW!wuU>R1RT1I;?4KvV#Iq1VY3}69<um~eqf@Nr5
zQsL$^4L#_?0G6RzL3!vw9|kal5iCP>0rjB=eHg$HMz9Rkh17>0^kD!)7{QH}vL2T4
z&A7UV=|K<rFn}S9U>T~5sSiEq!vKabf@P>$sSiEq!#oUN0Ty8imSF{|OXBG!U>ati
z2Ynd85JoV4X*?Yd`Y;azSb!lc!U&e3eW`l9zCjQAFn}S9U>U0K#Pxj`zz{~T4ApmO
z4|>pt0W3rHZ<L1~^kD!)7{M}Bmr);j(1!sGVFc5w;(8wRVE{uI!7@~r(;oDo4+9v&
z2$rFJsYARxpa*>zz%o>8C=Wg8!vKabf@P?#pg#1V4+9v&2$rF`lKRktJ`7+8BUpy&
zd(?*>^kD!)7{M}BSH<-sScdi|8{%<<J`7+8BUpy&8tOq01~7yXEJJ&d7`F#K=)(Yp
zP+doP=s_O_FoY2-Lv=m%p$B~!zz~*;ad~wk^`HlR7{Cxlung_Rc08ZZgFXyk2qRdA
z>ZZ892Ynd85Js>J)y=dEJ?L+Z-@<gE4+9v&2$rF`mFYqc`Y?bYj9?k6HtItU`Y?bY
zjG+1f^`H*}7{M~MHznh7haU7{07DqTGECnd*Y}_g0~o>xmZAD#T+hEFW&lGN!7@~L
z(og6?9|kal5mf7_2R-P+0ERGvWvK3^KJ=gu0~o>xmZ7?b`p|<u3}6T&ScYmn^<f#R
z9}$NhRQD2x9`s=VLm0s_RQFLIdeDdA{c(N-%TR5g-UBf`=)(YpFoI>M9;80>pbrBW
z!U(FLP!IYrfFX>adWiDSgFXyl1j|r8Og-qq0ERGvWvC+R!4O8U3{{D8(1Sh<U<e~v
zhUyXOLl62e*vgG@xe!LM4DAcg<NX2jpbrBW!U&e3dYt;ugFXyk2qRdAY7_OL2Ync9
zjsG+*=fePoFoI>Me#Ug62Ynd85Js>J?T_Qc;{rYC!vKabf@P?lqCWJX4+9u(&3~Ht
zg8>X-1j|tUoasXk`Y?bYOg|Hs_n;307{X|4{x9P40SsXT%TPT_KcEMF7{Cxlung5N
zsSiEq!vKabf@NrbNGV=U(1Rh2w&wpTF6TiX1~7yXEJO7?(}y1PVE{uI!7@}YP#=2G
zhXD*>wAEjX>qW2()vuWz^q>y|7{Umaq54f+KZFr1L-pG@--iJ#L-i8vLl62efFX=v
z8LF454?XC^0ERGv>EFfmJm|v!mZ5ru{=)!<FoI>M%Jc_%FoY2-Lsg+X^k4`h=>I-0
z7r+okung6!Ob>d{hXD*>1j|rurattb4+9v&2&VrK*Yltc0~o>xmZAD1?LiOvFn}S9
zU>T~{s1H5p!vKabg5K+KJs$=zg!ac#;{5=O-iW;n)t|_R9`s=VLm0s_RBuurdeDaf
z3}FPzP`yQcScdA)#Gwa$7{CxlF#UF1&x1Y;U<e~vhU%TTo(}^U!U&e3dYAq|5Be~G
zWvJexJoKOs0~o>xmZAC!^`QrS7{Cxlung7v)Q2AQVE{uI!Sn}lJrDXYfFX=v8LAKC
zdOi$b2qRdA>aUcC0SsXT%TRs9{6G)-Fo0#KKBheMU<e~vhUyc_Ll62efFX=v8LCgI
z4?XC^0G6TJLV4&x9|o`t)n}B49`s=VLm0s_RG(8HdeDaf3}FPzP<=st=s_O_FoY2-
zL;0mr`MX;hdeDaf3}FPzP$j4jJ?O&#hA@I<sH&(BJ?O&#hA@I<sFKu&9`s=VLm0s_
zv_Bvj&p-5_4+9v&2$rET)Q2AQVE{uIZT0H7UIfcfbzyqYgFXyk2qRdAs)qW|gFXyk
z2qRdADn)(hK_3P%gb^&m|H0e2z*$w5{eSIsuH0_|nVJ_eL;^)bMZ5sR0HfSw2Jspk
zW)5&<X3lWV8DKOOGxH@gH8V3aF;i1BGgC7%u`;uZ+SN);%*-sc)Yr@|`u{#_t-a4a
zXYVs$@B4q@Gr#>?_xrP+b=mu<fiApz&UDX}?z!1Lx4P$c_uS#0YLE->o-^HZrF(96
z&#msc-92}>CqD&h+H<peZgtP??zzJ~)ex7Cd(L#vmF~IOJ-52&cK6)jo@%HI@18T=
zbESK#Vb0w>XS(M~_uTBBTitWJd+u;gHQa@F&&}?+)jhYn=MMK&Bb<Ntoavq`-E*^h
zZgo#J()oAKneMsLJvY1OR`=ZQo;%!g<|rF}rF(96&#msc-92}>r`pY>=bkg&bESK3
zcF(Qux!pZ?xThNJ!n@~8_gv|oo85D(dv15n9qy^dxbW^d(>+(Z=XUqp;ht)&^Y5NB
z-E*aTZg$VD?z!DPcev-u-EH{I?zz=Hx4Y*K_f+q8>A2@i_gv|oo85D(dv15n9qy_2
zaN*r^rhBe*&&}?+-92}>r`pqnbI+OXxzas%yw|#`{hdGeoavq`-E*^hZg<Ze?y27A
z!nx;6_gv|oo85D(Z-0RGzu7&vy61NH+~J;Tg7tT>I!&!tSE@VIHny6+r{3+I>h*e`
z^1kRj?!D|CuGi{&^-uK+I-MApn4Vaks3a~*{5i3A@~Gs=$t}sdlfO*<Ejc8$U+Tov
z`Ke1&pG;k!x;ynq>h~#?9*~}q?n-Y;-;#bZ{k!x((uZc+GG}LA&J52^%U+zlK6`ie
z>Fgc@_8qWvzz+sIJ7Cnn2?JXOo<4BH!1D**KJbSFpBk7NwEv(*gW3o64titI;KAbu
z&ltRNaQEOd2j4XKD}&!Zq-Dt2L#`R}(2ySud1=Vshm0M1*wBST&mDTz&|8K+I&{a-
z(Zh}%cH*!V!#+4{%di`VeRbF`hP^s$%J3P(KQsKx!|xpa*zl1f-Zf&%h@~UW9C6u*
z8%Jy(@z98$j(B^-!6S1cKQi(QBfmQG{*h0Nd|~9<BL|L}Hfq+WrK47kDvvsM)Fq>C
z9`&tJkBxeA)JvoOJ!;Hu<93^}+l<|cyPdV$mfddN?RUHVZMUJLcN=}g=+j4EH2SL1
z*N*<lXgy~5nEl2aFlO?YL&q!~bLyDlm~+N_c+5w~Tsr1cV-n2#Ni|TV)L@lXLsdqN
zP(##iu>I9AH9-wm6S0}3Myi9=C^ZF_>1wo^t;VRiYOGqI-lbaA?y60_Tb-=-P%G4)
zszdFi)~dZ#kJ?9_rS?@9sQuI>YMlCvdav3_tT(Fnu{}RteN`QxzD^4FsrT~>h?CSW
z)MWK5br4$y2dgJZ=@~Uu{azia{##8`gT2EL(MPD^-gI@OccePXo1u>Oj#6#jvFapm
zw(9Yk)JAWPI@6o4KIk2%&hd^{o4p0<quyfmac_zGx_5$l)LW{4=C!FOyc5+9Z@K!T
zcanP5J6R?4DJrE;Qv>wrYN%eVM(Z`|J^BnaPOnpwb*DN=cd3JQx0<FaYP#N}j@4(X
z1)8q~>vL3_{*XFRpRZ2WA66gG7pRr`BWjhtQ04U&wN`&j_2`S$+4?edj{b!Dn7&+n
zLVr?Sp|9W<Kd)4u*H@|A^k>wa`f7ET{;axNU!%UIKc}|qYx&L6t?EI2o%+7MUOlY8
zpnj%rP`}kTsvY_!en0e!>RElWdP(1+UeULz*Y%gwKlE)Xo%pgEn7CaHNqj|(Ox&S%
zOMF%BnYdH!o%ot+O5DY-zTeGnzTcx(C%&%MCGJ(l#5dFj6WjO&_;0EYCBCK3Pu#CQ
zoY<}|PJCNkn)r^oEb(3SiNu5I^2GPlClkL_S0tWRpHBQieKw)gw+FUNQtFc#!OM;o
zJoaG0?WYND86bFJT5wyZ;I#%1ZeIvrZ}5&IPlP9D2u5Rw+JsZw??8$3s7-=5&N~(S
z>J;G<&k<~zE_hONJ2>iC;R81chI4XqSzLc<^1r@)4gB(C4`@?~rhbZv`3e*BmNWYB
zxpCcxKpVf!iM4;Vd=d7x?AG4;u{pGPv-#<saVb9U|G=kr(f_uCq!hanDqIiIv}{SO
z9~)<*T!nqw64{mwmut%z*97^Gx;9UgJa0MU#(w;4IpcO*o2E-`4BRNVzFlxzQqab^
z)U@Cf)8bbjBXK@y@GVn&2OKRvUp?pRf&Xw0ub(IWADAvJ-m^}8KE6WuwJU^=HR)b^
z%6;(O4rz;TnR<?v#l{ovZ!WBf$Hr{KhU+sLkL?LIws33Ou+bKIr!n;JKbpgE9xhKx
zJv7Qm)Mqp;Tdpl<e2;h<x%$20$Nl(e%Sl_<7<Q%gk2UR>HvOl|^q+f7|FQWAOAjll
z>=^&XLg^cKv<RMMq=9Xnxh>K|!V)8~?&sLpc)~Fpw&J(gk3K_izXSgWwsi|GHND8D
za;Hhf#ym7DY1tTT>T_G9A6nPljTHUkWbyM|gU?ljKd@Qwj%kALJx}lvBk_(nMfm5B
z6&bj3j_^-U5^OiJ_lgsRFEX;)=G@k&P2Hwt)BW8#@wxOs$w@e#{_|k-X;Tm9$EIuZ
zU{ep*<k#lEOe*)T{BJPz0m0v&_ZGNEQZSs)f+@vDQ=&Fgila>%-C*o@82h`7O~KUF
zzGmLBWwCh(*XR12lyULO<Yc9$8MGyxZtCq8(+93KwfzlK+qan7-pkbX#Ds+XkQTfu
zA+>aasq;(COti_g#oK2~pBb@8+Tsl}4=(8x{+P*a*5or>OXr(8F<dhztQt(-=JbsL
z|8?lQ!EpX>G4re~-Fqq$^BjX8Gcxc7gHIX!su?@i8`-;Yj*KH)#!C+r{=`%%#cKwC
zYs$WQk=SfAe4gQ-_@LN)^d!M)DJie5&wm{%Hp}M<YBML=9`*kxpZib)uT2&F?Hs|?
ziv+hBKF{!IK5d_jju$(|Z#3=u>4M~c<D3b^Hv34a?O{jCPZuBCB=(mWJYm%|Y;0TD
zGQNDexLUNS*dF!jEU^!_tgVeXW~7JvTe$Y-nVPh<`v1SrOS?~7DfoZi=a;3V)ixNs
z(%=&Y?==`M`~SUM3g^VO#l5qoHUDMM_Jj`|c@+8Ix@tCfTA%Ri<_d4*-<BvmM;v#&
zj8@x=!mcM9?Q}OI*_;k(Bv?3CVgKPd%g!U=+3HrKy+p%WEj?CerWC$DuoxcInZvR9
zI&&L7*SCKFygZo)!@9A}ZB&1b*40-+HQXqat+8+(E-`Zcw`Oj=aDuc{^UO~2@bfjI
zw=6$fY;HBu_-}n8jVDYMeCt3N<M$pSuGWwBZ(VKbww7$Gh1+Faq;;a}n(=E(#J}{U
z4}xLMKOEasGp96i-Ezi<2s^TC3wZLemw?wEd<EEhpydDh8CSzUW3=Co&X-dB-N^RC
zO-cV`_*(}`AG2kA)XYjrQyaY}iv3*E18u!+HuV;cEnGk0uwnn<c%n6CTRhy){gPfs
z&i6a;Ca|qr(1uN{yA2*4BaLjnXi9YBJSn?v_Yaua`30k=h1+_%=?_-x>ofjeIrtvZ
zvg5_}C_B~$o6+}n>ONe@rA0=K8zi+oY_;^I?={Pa_|c|sgEr1+4Bt1S^~JLIwEn+g
zddu(65}Rd4mwR!7aJvSyxmx<c?_=|?LmvSrO!_%!N5_+Ai~X<Le*^A0SNNB@q*q*X
z+757{3H9XxBE#)E$gY5_Zfw^?wsba?1CEv$j-4);-YD4BE_hE;(9eTNGn<EPCO<YO
zw*Qap`U9>u|2981hrI_@W3V}l>$l?P`WY{RR*SQFv+-MQ=TJLWTCJv#meN_R#%ehE
zi4xB<W+t_vES?pzv8`$IY+a)^R?3B4!z~i5=}2p=sj+KUNV+}i1RI5V!1%O&9yk7N
zC>O&iuM*a-C~php*2ebgNq@)nT^rs4|8=OeLb(3lnv^_9sW;~h1jGFyTL0nkVq>;r
z(AtM{ZtEw!DzU4N@T$btl3l&NbcFQVEoTfT4|WeB99y{dhykD7Go-HUZbnr8+py1@
z@nX5{fwMz4;a0P*VV^c{;Z>paAI*skn=|@$IED`!{rOTeLaqG^U3*ZvUDp^7J4pKH
zcMDdJ678|sXpbX|_SnB3c<V$7b-lrhXGvW}Tlq6))IWCIzT|5DIpXKTMkXvalB&&w
z8rmsynH_`QHhyeb8foBmOx<8c)?FFN!=@=VCn8IutAkz9w4)<*&pwGQ+>>AE5}R-t
z!*V0s6T*Gi_Fmg78uejYUh5iOK{x8Xc1Pu%_F>z98uetGdKkm=PIz9}X6BJb^Mai<
z?Cdkv%;w=Zqx^f#QmccTr4LyDizdjNWp^g;H!EVRIn?{qDyw9#e*mb>e!r&%vFoqd
z_s?KI1k~*M4}cE?H9P-<;3GiI?*9<@C{S|(FbqB#)SLp0fR6<=Cjq12yMvmOfYI<h
zLCtBvSonKD&56M7@O?qeslXoaaiHc@U@!RlK+Va(-tYrJ&FR3t@B=~3DZx1SBv7l#
zgzz{k*dKl{Aw13t#>1Nl;c+rC0X~nD3s21lwQ3=pr;Y=)I-YPICl?377ZT1>i$JXw
zbKc;oC7@O(aOU8trJ&|~<8XKzsMRt~KRk6JsMT^c1AY>yIr}&oehR47sp?qxX`oi8
zt6A_5fSR+BCiqHFs~kD?)GAP`c5>=*YBCR=C#RlT4QkF%j)xaOt<E5)9&a8lgm;ot
zPj!J>b(2$16+zAUSu4B*YR=4;!7HFv8_21rHiDYh+fRn~fts_KQ{f*3wK|)edg>fd
zt8>Yzr#6FHeTbZT>U>ahj?)hR2&fe&9Ps}Fwc4WAz&{FVbrJdX)W<-rE+)U8`Z%aL
z|LKBX3Tky3`SsK%K&>t(*Pi+$sMV*)wZ|D?8UAV23%?4~oEvR~Ukz&YS@Q0wYe20&
zM+rQ2EvPwHIvai+sMY5wfv2tqwfcfO4}JrvId?iAeiNwG&6LJdw}4vRN@+axB~WuN
zwFUlVP^;T1ji<f>YR;-IhTjQlUYWQAeix|K-IT`TrH0GkU#B!4FDhIP|Ax8(z75ps
zo0Q4pl<P|P{gla5+d-`!piCa8oma!ZLzz7FT~MnBDU-(;=(X^ND3hnY4{FZHu802s
z)ar+n$x}Z9wR(gydFoM6tDjIZPyH0s>SvV9Q$GhaXKS~?e+g>!I3@EqX}cZ%YffA}
zPTcN*KS}vK^%SVpZz-Rro(8qrLHRsR<L-g~j`DfxSx|E}w+;RrsMQ}RpQoM&HCH3=
zhyMxG>d%zYQ!j#Ay+kQJ^)jf{Unr%g{t9aK3Z?YatDxqr?_v1spjLmQl%9G6)avi*
z$M82nt^Pq-J@rpetAA5sPrU_d^)@B;l=6NC_q<=gHK<j>dmNqwwMu!vhNnTTGTsyL
zEU480?<x2|P^&@S)9}F{^38h&J{Cm2dC$Uk2Q}x@&%yTqHAnBy!}kKUdXM)4d~Xn0
z=lvPJFNm!3UV@JUwR*4j7x@05R`2s(fsY5ZI>37kJ^|F~K<{<<L{O_q-W%}ApjHQY
zZ^91-wVLAn6MhJ&)l~1_@IyhZrg?9}4+FJ2+~c1*0?=x@mw+D$YBj@4!H)tp=cpO@
zF`!n*dIR7yL9J$cgWye|R&%@|@Mch}x!y4NJW#9o-UxULsMT@aDERT9Rtvn*@P(jO
zi@dS$#h_M8yxrj^fLbl}_JFs7nseN};LAYds<$`%BoMjk?F&BzM6P<{;HQDeRd0Xz
z2SDViHy*wcM6P-h;HyC7sy7kd0U}quN$}O6R%^V2;A=sx3f>g>8K73{ys7X`5V`72
zgBL-~*)p}L)`MD=yy@^Vs8z+A0q+HovEI?}jUY1CI~LvtB4fQ-@DGB>Sg#3w4v38P
zn&F#4t<Ll2!9N6Qb-vdE|1gNW^^S*s1k~!kyoK;Bpq4Xj_(h;rAM;LtUkqx_xm)3v
zfLdMZErVYMYV`?kIs9@^t513-!><6fx{^B<p87PX)m7f<@Xvr+UG1%ae-_m08ZQU`
z9H`Z`UORj%h>Z2}@asWjthWY!1Bi_E3h<jit-k23gWn8lb&J;pzZKN#OI{Iv8;Fec
z*2BL7YITQKhJO{*>P~Kdc<O7QR(E+D;dg^t-Q)GazYZc}y|dukKxC|UHvB$Nt8aPd
z!tV#Q+U}hPe*o0#+ur%`?|@o;*Si4zAgI;%ybIwEfm(gv+X8<W)anP`MerYjTK&ko
z82)1rdFx#Qe-zZ}G4C??Pe5dycRBn;5LxG40e=}p)_GUL{|X}OysO}^f?B=iT@C+l
zP^;IyYv6wawR*$57XEiot2e#t;Qs)%`lok2{9hn)&$|Ks7Kq&QZh|X)6Wr4`!!@W?
zQr`+sfm)^YZSV|;9;k1J4*-#M`VRPDP^%&OPWVs|-A~^I9|5BK>3iU#K+WBVd*Ne1
zt;XtY@OOb)?XK^GzZ*pN)Az&o1kwHU1Mv5N$V2@d_`V?WP(KJC2O<ykL-74UttRS+
z;qM2Ld-{j)$slr1{}_HSh}_eU!VdwFd-^BvLqX)8{u%r*5V@y+0Y3sn?&-(jM}o*b
z{cHG9AaYMX0Y3&r?&+uCGeNCp>8IhdL9LqfGw?Yex}|;=J{Lr{)X%}^gXos}dH8W4
za!<biUkD=i^q=92LFAr(34Q{I+|z%7w}Qw${R(^;sJTb-8hkmZ)k*qw_{pGFr|37}
zr-E9Yrr(604r=b3{1d(c)M};vH#`Sw?w`C3ZwIyN(4O|VjpAvoR_g?O4Tx^3Q}6<a
zZmBcybs)N>9sutGk%4*;ya*x#^$_@a5E-b4!OI{rP>+E3g2+HU3ce9U2I|r9K2WPO
z^;q~>ATm(z4nGG(2I@WFn?dwUy%+p^P^%B?z2O&t=#zS1_{Tu>Nj(n!aS(k{?+?Ee
zM4!~-;hzA}C-nsQCqd0Un~CsGfyg>N3I1siS*H(ze+ER>=_&Bfg2*~O75+I8S*NGL
zw}M(-rw@mJ9@Of3Jsti9P^%mC4ET+pRyXOR;a>#NE%mYRTR?P6Jq!LN5ZzKY!M_Y5
z_jEJ-D<E=D&x3yzMDFPp_}4(>o<1IaH;CNR3*lb}wYpa?hJORpYMVX*{!LJ;`*bV(
zTOfL-UIyO|qG#&m@Na|Ynfhe-cR}<_eJcEWAbO@g9sYd~JyWlM{{TeK)H(Q%K&^hP
z+u@IZT0N@iQ|d7gol~!Y{}e>$)CKs@L3B>N4*p9Jol|$ge+8m*>LUC%pjJ=l_3$S_
zt)9|l_-{dUPTdQC21Mu78{yA_T0N)x;C}$M`lCJz{sO4gpY+-AKZ9DmsLzGJ1ZwrN
zJ`esEP^-V{^Wm?6TD__-fWHQ!bLtD>uY>5EdJFsw5S>$B1b-7m=hPR&{|RdKFMSF8
z-=J1+>C516gIcM?<!}$wN++&>CqU$I;!1c5L=Gpef@eVFaN=tC0Fd=~;u`oMko9=t
zTKEu<^?2es_%INeoVXr70z@V!Zh(&hS&t`ff{zA~$%&ic?*fs@iCf|C29e2$+u(bG
z$mGQB@b`eo%)}k=!$4$a;!gMxATl#?7yL*NnVGl;eiVqzOxz1U21I5iw!vqD$jroj
z@Yx_TGjTtB4v5T5JOG~yA~O@;fzJn#nTZGC$APTJ6A!@`fUL(855pIMtj7~Sgf9VE
zk0*W%Ukb7wPdo~516hwJegZ!cL~l&|41N-b-kA6W{1gzqG4VM3G!VTp@oV@8K=j7M
z6Y!NFdSl`#_$m;+G4V9K14L#fo`J6ck(r5S;RO(xnRpJq4n$@qo`-jV$jrnG@FIxJ
zO#B(X9z<p)UV@iFt$GuGfo}k{+L(9+z6sQ-FYy}uOi*(#?{)aupjPK3-hiJABCir}
z!aoZluM+=+e-32*oA@{UIuP9~@izQ=5E+#~-B&k)$f!gD{zVWOl}N#F0g+LO4E#$V
zGAc0u{$&sul^6v73W$tK41s?YL`Efs!M_F~qY@+FcZ0~N#3=aJL3FdkX!te|-7GN{
zejkW#me?JBKZtIY*aQ9mh|Eds1^)qv%t`DG{}G7HN$d-M1VrW}#=##0kvWO|;XehD
zIf?P`pM%Jp#02;+L1a#1BK%h%GAA(!{u>aPlQ;<eB#6vOOo9Iv)avQPRQL{1t7j6^
z;J*X4dNy%5{P!U8hug=<A5g336Eom{1X=SYj)wmUL=Q|H3x5$r4@}I0zYL-WCYs=X
z1<?Z&&G1)2^uWYC_<w`wfr%FQ-$3-h#PRUIgXn>Yh46oX=z)pF@PC2mfr%5~Z-MB6
ziB`Buw!*#SGPnj=|0b8ilOXHg<jL?f$oe;VDm)9a{!N|^9|)ooCRe}*gXo0G9DFFK
z)v#ncd^o7ph-4l<64Yu`at(Yp5dAP&fR6!@MagyWcY(;FWEcG1AhIY~gzpJzwRdto
zd>>G&eUoMQexO$4lD+Wvg6s_@H^ScsvNxFQgC790H<&yNejte6m^>T)eh|Gec`kf1
zh~Ahy4}LI+-k3Zeeh7%(n7jafD2NP9UI;%7L<T0ez>fftfys;DM}o+}<i+r#KxAO@
z68JG7GB9}=d?tttOkNJ34I%@RSHS0h$iU>4@VOu|FnJYxK8OrVUJXAEL<T0WfiD1&
zd&z6zOF-ma@;dlZ5V@DU9^M8b_mVfjPXv*5$(!J(fXKS!&G6GeWL@%B_y<5_UGg^g
zN)TC>ydAy@MAjwmfOmkbk&}1ASA(pPlXt<_f~<>^_rN<rt-6x;!n;AOipg#89+17q
z<bCiG$lhb}es~2$z9k=kZvv5T$?w3=1X&j+AB2ApL?=u>1V0BvCrmyJ-wd)YPW}-7
zA&_-(^2hKGgRF~_kHS9!viF$$3H+lVx?=KY@Q;D$ipgKVKMtZRCLf1i3Zg3}e+~Zx
zh_0A?0{%%5T`~C-{8J#hV)AMDr$KbZ<TLQkfXLqDv+&P?=!ePY;9EiT!{qbu&x2ZB
zpL_xS1rXVr{4@MU5ZRl23I0V8*_-?e{1y<|n|uZSB@o%0d=36(5ZRl29sU&%*_(U=
z{#6j!n|u@gH4xdG{3rZw5ZRmjH~i}$`eE{I_%}fG!=%TXZQlgZ50eS_w?Op6WD33=
zWc{1Wz#jrx|0V~(9|n=b$wBZRfym+H5cne?ayU5*{uqcHPL6>86x8bH$x-lMfLi@B
zIU4>rsMW8MW8uFBwfaqRclZ+^`;Eyx;7@_*d&#}v&w%KA$-Uvvg6uIS_k}+Pvd5Sl
z2Y((!_e<^%e*r}IOOA*C8ASI>PJq7zBCk>t;ln}XRcaD^B#6999R%MEL|&z)z{h~d
ztJGBZyFlbsY8w3AAo418IDAhK-6=I4{vHt7m6`$H2V^~)IvPF>WIdZY7QR2o{$6Sp
zd_2hhUaAQ`0c3wK)eN5qB4<+b;75YUnN$n>C=fZ5Iv#!uh@43+gwF(#GpWV!*&uQz
zbpm`2h@45a!smj>nbb1)d=NR4S`I%BM9!p6hA#lowNj_T7lEu#Q>VjE0Fg7P74SBY
zHEAjbUk<V+O|`>M23eD)^6*nZ)}*O5@Y6xoq^SaY1&EwUt%I)uku#|-cn64_NfqI%
zLF7zoJ$x;Q+(?z-6%ZXM)eGMMB12Le;hR8YNU9HhCWs74ody3Ohzv=c4L=8DuPk*g
zd<)24S?WCaMId`+sq^6%gY1>1E`VPGvR9V65PliRURi1j{Bn@JveZTJD?rXBQWwLo
z1UZ{XT>`%f<ZL2!8T@LHvx(H@@M}QMCQ?_xuLaS~Qdh#S1Cax%tKeS*kpro#;kSTV
zeI<1b{0@+_hSat2J3-DGQrE%n0y%3)T@Swp<g6ie1N>ePT`P4Hd>hD`E_E~fdmwAN
z)UELEgXll0+u*+e(SK66!=D7ve^PhAe+#1jr0#_80MUO^cfo%LqW`4sf&U&v|4H2o
z{{zSvOl^a|0HX7x?t{MwqVuHghrbN6=1M&Pe+6XCmHH0+H4r@~^&tFjAbL*fA^6`x
z^qkbg@PB};vr<2V{~KhTmHILKZIE?V`cb$CqR*s%0#AeJGwGkfvmp9R`WNtlAo@)D
zarj^meJ1^D_)rk}kbVL_97H~(pMsABkq_yo;k$v1<@7V~{XxcZ`dRpRkg=S84n6^7
zET^A`PXsxmOuqo11ad~1{xkd_kTc5kOYkY6R)?hj0-p+Mb!hq(_%u+f!_u$84+ph6
zBK<miI;ho=={LX`={K=C3Pc*D{|PQl{~McDkbR`|+wf%|V>ZpUzFH14X447y$sl7k
zor0eVGG@~m_~{^HHa!5o0%RX4JqVry*+)tbfwzO~Bc+GI^B`-Y^a%JGkTp?y6ubbk
zCQ6TnuLD^VrN_d%K-NC#-Qi`B{i5_9@LrJpqV!(yjUf9)>Am57Ap1q>ec@+;tb@|y
z;AeyA1L^(Y9|F+_(&OPD2GIx76W|{K(E-vE;U5Fh0n(G;9|zF^(g(pW1<?W0Q{bNf
z(E-v^;hzN20n*dpp90YV(uc!84Wa|2r^7!3q64I7z&{JJ{z@MW{~U-ukUkc^6+|CM
z&w_s*L<dMW!EXc^@9AdvEg<uLdLH~sAoG5@1^#7_c|UzT{3{^yetIGNt041!dNKTK
zAoG6u1o+(`^M1M&{&kRfKfMh84Ul<1y&V2cka<6SGW=U0@*#aH{CgnsA$>ah`ylJD
z^a}V7K<52)4*nyMc|Y9_e*|RSPv_x}fvmIAYv8{GS!bmS@Lz$*mh?LKlOXaW-38wP
zB2Usq`0qgENqRl}_aO2lU55VwWIdJch5r#`J(b=F{}YI8N%z5D1d%Q2v*0g-tfA6p
z!(RniL#5A!|2K#{NuLM*JIGooeLnnOAZw-c1@N~()=KFM;VN?>+{<i%YY=&oxd@&H
zktdmp;aL!QlDPyv5JZM#E`tvRkrkQC;k$w85}7ODV?cC?%$4wWf#?#MtKjbj(Iqlh
z!}kQyB{J8*-vgpcWUhtp1F{avTnFC|WF3^b9{yfXtNk-Kz~2Y5_Q~7?KM-W?leroG
zevq|K=2rM*khM?dHu%9HYoE;R@Iye>KAAh<hk~qqGIzoc16liI?t&iyqLXCqfgcGX
zc{2CHj{?z2GTY$CfSeCz?t?dhoDXL1hc|<q31%LEw}9-2XTAe2%sdF5n0W~M<sfn?
z^Dz8m5V@53A^cPjxs>@a{B#hxlz9}s0z@ulege;d$feBB;O!uCDf0_>9z-r>9*3_1
zkxQ9h!wVqml*|+G9*}iP<|%jyMBm6f4X=Rc8<}U|8$fi7%(L(_L3E7FbMOy>=op#j
z;pc#?Q!+2WH-pHc%%9;O29ZUXm*5`(xg(MJ3;e%8)+w1+;2#B%QJL4^9|Ms~nb+Z$
zg2<)J8}Ltn$feAi@K1usrOZF!p8}CfnSaAS4I-B^Z^J(WB9}5=8o2}_mof?X=Ro9A
zCI#OLB9}55_~${^DVYKAFMwLzkQoHO5ky91hQMzDkx`jp@GpVLsLTlXmqBDyW)%D@
zAaW@)8vZp9xs(|TzZ*m@Wp;;u9Yhvo_JDsAL>6WCf`1ES4U*X#z8z$bI<qhQ+aP<?
znQ`#%g2<@M{_yXE$f(SC_zytjQf31D5fHhQnFxOjWId9Z1pg_>zEI{M_|HM)Rb~qO
zmmu;gGZp?T5WOff4gMPt*_AmQ{v?R(%1npv0Fhmp8SvkM$ga%M@ZW>TtIV<RKZ3}s
z%q;kyK;%`X3H~C8yvj7gUk2I#$;^ZQ6-0JrTHvpO$ga%s@c#zUi!ux0e*=+YnZ@wG
zgXl$>6X5><k!hJ$_`g78T4oviEfATOVa``7yBzLiPljud{h#cq@Fa+Q%bpHTgUGk+
z3V0SozGZXpfgt))wjDkgMAl{V@S!03Qg#h|IEcQKEx<>D$iVD6_--IFFxv$m10n;n
zMfkfwWMFnZ{M{fjFk6Q22_gftz3}&d$iVDI_&y*qFxv;;4@3rL&w{@fL<VNhhQAMF
zFDQF1`~VPnm^}}EAc#E7o)3RNh&;?*0G|vZ>#`TZ4+D{P*)8xRKxAF^BKVOYvMzfu
z{3sAvm%Rjj42Z^+y$n7RWc`)B96lRl{gu4}J_ls|mAw)^7i9gFy$U`bWc`)B8h#we
z`YU@4d;y45%w7v$1hVIoy$-$vWX~siJ$xz1S}c15ybWZ}Cwmk8M3BAi?9K3#K=yyK
zx57^W+5gGj20smC|0jDp`~x8SKiNCrD?wyt_D*;nL}q61g0BIQnb~{b1rS{>doO$)
zh%T4i2JZsd-_G6#FM{lEXYYrv2hs7e55UVHx?J`<@IDY-F8d(-ED&8T`w;wWkUj0}
z!|-!Ktu|+W2tN<x>@WLc_ywR=AIUxnzYt_im;DKR3&@%-`!o1OAZxnpFW?u0tmCqe
z!!H9_$7O#FzZ_&8mwf_$1;{!s`xN|2khNR(Y53J3Yq#t(@M}QUZrNwy*Mh9wvd_V<
z1KC&4J`cYh<jzC(1^5jhcOJ5ThTjBo=OOzN{AQ3l581!KZw0yYkbMPy8>rQnv#-H#
z2U+)JUx(iTvhK^i0lyPut(Scheh<i6FZ)mUy&!A7?7!jLK=#$MZ^Q2c*;mhUeMj97
za?c@~03Xbzz=yLL@Q2v}xc&%4a%Km?9|4h^*&*=9KqO~&82qOok~2F3{&Nt?nH>fH
zC5YtAj)wmVL~>@w!hZuIIkUUNp9Hx%mfZu+H#OipvU|aw0om2b?hStyL|SI|1z*gL
z1OJlUAAB`C9(+AJ0USSIB0diQ8P@|Q!4Cu(*8>iMzaM06HDC(-Adt1yfT{2)AZx1u
z)8JD<)>Z=!hff0;rvs+L=YWjU0W;upLB{ETqv7+x`P^Z9nVV$$bJyik?>_G-Z!9O!
z6ZJ~{NxfBnNk5>UM3j!>G~tlM+(a&MPU0JhpC-;s-je)5a(=3uIxBTeYFv6^dTM%6
zx+DFG^k>qaPk%T4qx8?yb21Au_h-JBc_j1x0f!Fg98ei>=71{)d~wh{gYF-6^5825
ze{S$yL)Hu}4&6BPn?olJ8$5is;d>5$@9@I#^M_wH{Egvi#PcKmI%4$5y+*!o<k=%1
z8hP31S4JN>Cb?NL+nlEN%_#S8D_><`Z5;f&Z_LLhh+#-z!#gTt{<u(#VSkT~={!g5
z2p;_V)tL9q7sIf?hIcT=^mU8zA?^czpBuRkbMy5F+*<u1-}(3ve?R69=Og?*%AL)}
z`1=X>PJhbZ&$zewbN+t8?ayCwH}Y}rLH>%{mcQl>;cvJ*_ym7Xa!2wh{(j5-!Kc*&
z+&KKUdWOH>aaZtJ{(jHR$mjU`1Ggfd=TH81ah@X2qI;Izv)4V(a?kSzSbw929C1X2
zJFq2guvWNzS|SfKNU2?2=$)zl#P>w@O3dJlZ-%-cQQ?HA!f8c`^MDdN?j?4fOYFmz
z*zYW<SNPj2RbkJj!tP3m-IEeK7KBgFVC_AF)#nUWThsKl1E=Ym`FoJR#|M_wn*%HA
zZJxUis;IpOP1h%;OKLv+^g(BuJe-)WsON{2)S#giHDYK<9Xxb~%E7k|E2)QvRn((A
zUmP|=rH79ka$<VqkbjJrp|*`YQ$0Geq8=Q5rfM2fQoUm;>Yg!F%TdQnU$NrwgI64^
zj+&RREa}V@y4&)bDktVTd-KPv@|})pU$J6Nq1@A%>uc)FmCMGzgq(JWgj`Z8w&%;`
zrTO+^sY60pYw<8u+*>Q9Lid`&>OOHZHuVu&OZ-ncR01@2cepqSCxNVWeW+>Tx8Cy5
z!;LL*9eRYYNan0{eXuFhO~RY<?Y))!tlrAnVySRu-js$&#3J8aDYWM*rdlMAn|g|+
ziewJMvT{DCJ7=}LRH)>atls2|_30hFVoEgcQ;nsq2At!n0qgqAOi_z^J3Di$I`b>1
zsFvpL-mZMfnP#<D3dL@*ZYp+m=6%zW)`j`5Re63!adolAp=D`4*Ri;}v#-{+d3|rL
zvrxgdt0z~=mqO`Oiej3dE3a+MSHylnp=_RhOwPO}Us*Ai*36fB=nR$CwYe#(9Ame*
zv}W?`VsCeQUsJAJ>C8`_RqmdmTJ!BorXF!<$+APH9R_P^eeY4n9I;|WXR$rkStjM~
z%G5*DT!OAVL>-^+GkthTu290*GN)k5o-6fXI%(R$)0^_8N@2BW&_k5Ot(Fk2ie^)6
zqZ#%6E^C{6go@4cWJx9JWNe!|4w*J>%5)ih>Zpaqj^57vF(&Dja?>o6njuYUNh?iM
zD3i_3SxZ`Y8KG&BYV9jm@?Dc#7OPY8rQ+ODK0mv)ZK+yPDYX^tNHb=tthbc67Hvgq
z)ut9NQyXM#uUKKyYs#6_c(fMQbcgC>Hr20|mU;i6y#p+C_w-ig<SIE6YH4m`z!&B#
zxejrVItmO6b3Fl<DkU?ed?m0FzjanYIqU2tbW^dXuO@7bMVFrgM1fk8E9J1rms<0c
z#f6UcXah)pnoJ_5Bujc%br#zFDy??<^5l8>?tBR+(;<qbCF=^UeckQ0Csd8%x~N#0
zonKun<(E~gdyR$jF>5t>3V8_3;=VM$p|~#JF{|QxsId?q%X+Beu#XxG@zGSu*ZQcj
zFg}Xi-AI6NEKRjm;tR1>DCNu5ywq5TkCqPGLpxj#a^|KSMBHftM5QrGJBN(zzL(|2
z(z<d_u08L<hRr65QgL;m(|1LJJCnFArC~PaJLZ;(U7`N!B5LRu3Q5<lj{Vwj^-dBh
z<hd>1#S~ca^A+zRVcK$QT*Q`Dj9FX|70$&nu|sg>OWnCn=MXZA>#Uw0x@b=1xbskJ
zBYu_^D`5{Iqf0Z_T{tuBgT%vDOY`Mo=Z1WpZL!vqM8z<u4icB0db^%FKN4<kv9lvz
zTEx&?TynwctX9|hkU-R3YiIA8AVk<qjRtPwx4C;mp;YYdqUQzn();4<^D%y1;aYoF
zmD@`NnHp^`mvJAqs}`oF7#M5;ASS9(@eIbAA4y<x6-|$J&Z~2sovU)~>#8<Afty5R
zrJ;)_Fo;W2XMw^xm%tz{p)xz?TANV$aW~mDL)Lk=1J=1T<)oK8m%t!lM77wE53HoJ
z>#ST}TwwCx$5|bIPSL9L`6<LZNlYyrqJRZHL&lz5UuQAbp=NdPa$LUB+}&R6$akpr
zT>DxcE#=mH=W3bWFfcDUR<;&B1%zUULLDjbFzJ*7sc7X~$n2)x>JTVTZtcmp7f_DS
z6;*S+_Na=54w;h5`FXvtqv{l(W7e%$F`LFmEt*@%cSby*WJJA)W)QV)%0=z`DKqL)
zJI6-d!}Dv@b#5^KMcu-4U#zP?@kJfOlU~#{JmE!M!;@W%Yt1wlbq`N*QP-A^sGZDi
zQQPWN7j+9waZ$%$hKo8in$a5iteeB4{$i)Cs5hi-Tp7)@74==6w4!b`^HtQjI$K5E
zYG<UVd)?d<^-w#@MBPJkO4KnVHvLH@>Zxvqh<dPDh^xy$=tl$jqCV>4i~6WbD7&$#
zIUyen=nL_vORYqYx*MS$wGMT$kc5x=s|xWLx2oKYI?iQ<7&8Eocx#I>_Dl2Yd-G*k
zf5bX3VM}A9Y+Xd;aWHD5PR-r2#-4++%sgK%_vX6W^HE>O$~f!RVsEUy=m+sGvw8~6
zrBbof#M~B5rWO6KmkNt>V|^JDVo{NnDK5#aiE(4`ysRAS(!8mX?`Cps>|-GtL9szw
zm}pDQo7(d|qRKY(Hk*cJH5_RP(H*0<O}Th`HmfSks=b9WDnPuK6LY14v|zlelgROo
zt!#QU2p5ud@nIMDusI_&(7-vQbI1E&52mY8=sDfx_&`q5#5-D96YsVtzp+1OcBp!a
zh3-mx;JGDK)Q--+cvtq!SoOrUYHNG3C#JF6`r>Rwz{I<>v8e8jcMAGp1Ly7%+hwwt
zh<8UrWE?bb3{;?KcV$nkT<l)5wv;Q!luu%1{}p}JY?iRlq=$C4bR!gcirsM`WD(3x
zOiWyD#d!OWWR7M}#2BN-P6uvtEXJ3=Bh_zQ{#rR2USw5Fj#*~Ony7)R-H?t*1zS~(
z9c2g1)Mf)OCl>tv-N1ur!u`g;rgv|t%t|O)(5Bu}oON@10|$g^E9;18MC`*gbX$<m
zt&WC3t%+I&lUb~*SvJx7(QvKn3Ox&ZJ1d3GLU+Egx5XRsrH!)b-Mq<4-<X(K&PQ!)
zG$>KDqF!3_xl;SusQr>$CC1h^SOYgRzxL;24w^!t+sNqty{*nsDgAj_QYvhquhVw%
zc@f(M`R+AwWmuTo)SvURQXyI!vk@z?4zoHtiyO^KBG(xW*3w<BuniG)Xsg6nhDQC8
zd{;D3oDhli7>cNAEpjj3Q@IptAFA58OvoZ1ji{8L)wza)oXXmmjM6OqxCT;OWNfsQ
zIGdGhysKMKwsc1W+Wums&HO?Kdm2$Mv)bh}&CFg=$0bO#UfB|4AGbe$rb?s1Te{mj
zdpq(CT<e=8F1+b04Z@$8M-&$0iqunR=(fac!JywZ^kMX^1swB;-W1JKpi)Jhm{M04
z*7RD9E9xvNa8s_QK=*h1qftNMC1}*u&076?lI4flRCmXU4ayPf)1_jCxiGf0ON!+}
zyvqW_b7NP;8atat`HmLD>4*LLk^LFl1XhiS#uAK~wqmTK88LBglJiBqav~WG*J`w&
zMy_^o9TSSP*~KOHoTE<u(2ctI8)kD0o#<Xs_c^_GD_$h}?EKo?hC(sM7rTRT)=vDI
zMO-xMrgB_NxpIt8ww_|F-GU|7&1~hwgb6KHV#8Tk73&n}5;4&t{c_zMHt^E?>U=5B
z(m2MSlSNAq8byvjM1Lq1I^uj%-)2D?6G{DwG{#Fvs`<MSg}78~j%BeD6UnSjv&e~Y
zX|7o;#CQm$ALD9v&bsm)1vG^iXWA~tHmLr1XVF^YU8qTsrmWECcE-j`Fj2u`(hO}c
zHSpn1H#+=Pp%dsaan0wN0nHxm-F7_3I5c<V3Z3lmmzWx(!CHD6Iyuo66UerAj6<lT
zF|I9La`7Y1!OpD>-DPRh8xzh+hPJhoZ7s)Ob8>x+eA$EMMjqTLa<qDa&GV>JuyY=D
zV(+ReSBcuU$Yp@VX0;Y|bQ5CK!L>uw!8SwGzNKt-hVxF6L_OG@&_=-*uU^fWR5a9r
zLRTTiIy{5tI+u0F`H7kA8+i>!*B~;pE|uLJb`ql5tS&qodI@#YXn4EB*sqt+LZ@GU
za_gtq9h=LxwanV)LQgaYZ5&E>HnC9~Q@W+aVvKF$4G^<^8%^T4jWMyzDp#*!MK%m%
ztCxY+8;z@#K|Q-KYCpT!5o6oR@p(lK{o<Vwv(cCqav+JK6YEyh{i5L(75j7L>Q#Tv
zc6h|6DcX9u66+?~cBj$u<u+I}PqQlA>08BBIo2uCRii%a&UmpD<77HToP!%+4c$$y
zI0KHR=0Z015SoO2B_JBj?A`*Wux+J67gLy$8*FVwVXbUqDzqheaE9BVSY;nCPdP9)
zXA$mV5S!P=&Ym<FOGm|L%`t>=thMRRS6E$jcjQWBqG&Wld#6$%JgYY>-I2XLvoO*4
z2N=rST0)UnN-V{$z?xettgqcE2j#-t&L?Eca&K^PY57_<ZCd3zj)^(YElku^li4Of
zlQW*;PCtzQSO;58oOl>7=1he95@Hq?E2@l>qqef_QHZe@%|gyaR8uk6$wI~k44;V@
zZ#5Ps>fl_&Mqf3~uT*;Mge<2fCLeN8V!Ro`A|P*w+}NwGeF9H)RtR~yc3>i^o~@YZ
zLPp6G<IO0u#w{?2OT8{@d_*k8r#n8exwR)QCgs>e7UL`41yxs0Yvk$#T?Vo=-&Nco
z-3N|pVD4NX2;?dS7c51=P;!CJ>;lT^2}6Sm7s1^d|4=1-4OK2*vVmPT-sPfb#jv#j
zTU6|3$$<DZ_DuV7!^`lcOdf@<ylleHr$>|Ayu8_Umu(kkBh_IKjZ8Tm4XzW0#=UbQ
zim0ViU7Z*IR*o}rYs9ft=5&f)*tH5tE?q>))ih-UhjbKKJ=i`VL@vbyHukK_*f}a$
zkDOE)4^dn3>({P{QsS<$5Fc(87<dSq#XUH=GO2`2{)v`yf|TWsoX*G<9}}4sES*7N
z<{~))!<-_@xjE1>MGq}2gN)SMNoIn5o4{ACO)-2_W?~L&Rn<UsM`p&SC{6a1%vN~S
z*j}aO;AWSJY^_<87~11sBQ++;tUFq>tz(bbOhQhr4RRAU_t>jk#%*5StRHO{KXwLB
zkbs@2gLpzlNxtSB&Saw2M*J{S1&49QON|9{SJjo=%rBO!iHA?>OwbyO)uD4d8G*sn
z9%SA>%QImEgJg;;t#T68#xQ11LrSvBFXuXq+0Ll4`Qwi$Q$6PR&%|VzL?a@=SQ#QC
zP3B=^F!!qr6OaCJpz$0S0&x)792cApnl!5>8CO-4L|JoKXyUE4nP+7Z^3h$@wrv+=
zsdj_FMo_b7U@xRs&lF9LLT8L7NZ4GF+K{XTJ8s5H)zt0ZNmfhNwU?(HVn(`2#xl3%
zFBir+%9b`Yx?V^ww&hABV4cgx(}Lofxvat2R5wX88^{SdH+?w;5lh+unTOb*SI;_A
zY^wL<<Yb~+KTTbT@`|yOLa<NAc}r)@nr`yKt^d60E%WTkGw)y!FX4kzQ`8y@>%$(B
zDw)`q=T{-n&7rB<7~)HcJ-u>)H*l1YjaMBm2I&zy^%V4M>0wk=Avm^G{w<d}TfetR
zhJy^v%U1$k@{3?zC1EpVRgvmw>J+q7DnqKo*%J2)O)dGy!KQ`+gOt%82OE1wWeA0u
z+k_9BO`)r|F>RB_oDZ8g<Ia4l&24X7h9h5^XZ4Wh_Gl;piY<4L!&Z{>U{Hk}By+J2
zu3v}!O6p;=X!UaorE*vaP{GcwlICNnYhDbYc6pnG{-W##iqy8<FEQ2OA934ib$7$j
zpiDXB@GkIB@g1c^qIFtXW|^@=4`a7KWDz<IH}Si9*#$OHNI<vrbIs$M=HwY)d1d+y
z`dXQneL90TD1xP%2;CmEmy*9~;0*+~s#5_os%l_TbMmWt*Q^octZL^c&{p7movQWX
z-U|CfA_c2<R;tVuL9vl{0ICjt9HLUWZNsP|O>VZNsHt3M#MkWJ&UIGumfK3X?sDKa
z6j5mnFGq24qmjF-Dn@(t*r*!ZzvNgxkymo4g0^DSEs%ayt680e94}J%RcdS7oc%1#
zcjh)37IOEi01cv}x4lvg$YEijgFYj2wHlj|p;fa<e^#lK>#N%NF-pq0?vR7itBrl7
zu!@8IO33v%xua4N?JI2SE;p;$ee|q0bAV}jon<m2Eh}`d<-~^9Osvrj2Wv3vP)q#{
z6uT2_?W_W3xpZz83)aB6o0qpQC7LvCGg~)FIc&DW$-Mhiz4>8>kbNU6WGjB_u7DVy
z^>*T~x*=Chx85$lNe+k#E~g!Nb3?#-CqtZrI2SaeV2{c=Q@lEx4f2|nYRzqsMVS?s
zrtHCm6O+@b$yKyl!5OdSo{8~hnH0m_J~6gF4@9YNAs$(o%54<m(dS}cy^LZr5Zp~+
zDJb`qBn&%?0be9T*4Vaib8yq*)h26lZN-E)q*F{1Ij0ZCR-R%Gb{~9)8Vf6x#mP!#
zVOI1B^J`6bP{JC6)6;Nw7yD%kK8G^0M#+19{#6%~lfWSTEikxMe_)n8$6l8)rHXfP
z4Hv`_<kc>U1N*$Z*C2VTeJOA<Y6aSct+zRd38N2~#j$TI+dQV51-7odP7X|VvQ+$=
zIb(UQ)GY?y8$<&;>`?m_p=vI-=X&y_k#iO@mj={KdsHc!pR;Q#iU-+1tg$YK{kYNx
zAsm?}x~IG~Y_=N~^V*tko|7+yjV8a%oq6--j}2iK<0tgyOB{8XD409Tma!s2vdLDO
zDPE~hRuTSvCDYE4TTG_q;%(W;;($ahnySvCt2#45nwaE}%r?6a=^2rWPR2RL)(>E>
zJ=sXi4JfCG%+6KX*Sbz`x$X9rOPLlLA1!77=~{SUp-hemD~BucqO(j<f#uxJ-tt;m
z3@qy|SuI9tYXfJpB~fQYqg>J|%$7!oj0R&9^jc#g4%s0H{MwObj8%DEb*;OTWeZ$y
z>Gu>Pzk{%$LyWpa;$5U2=2*cT@n3hL%a*d{4wo%&trZ(tj8r4{s~hnqe?5Lx*-KtQ
ztvRD#cOloBTVE!zsEu0)x=>xYO^(sG%gedyq|gyLpENYkN?N5+-P&7J+<GBGCq!Vb
z;W&V{hD$ZE$!)SAPcggeWya3utB?=k-pgNc)fos{*&~#+o7k{3YRg>riW~DocZayR
zz8Kj1yKQzCjb>&+DSgc!mu6F+SGP*#wYg3e%qMobQSGs}X4Rs6MKsLn9;WQsQymqi
zC{r4@>Qw&q1G5PB^IY~-J=NT^7THoFP_bvl0t83f+FbYIl6fQE#1p<-XR4;gA{Z7(
z=>@EKI#s7ZJekmL!D0gXyiUG%;FbN^menlpMUwlI)k$5Q>f{{2V4Gbm@^f#cx>x7f
zPU~(h+l08wXA+TTg}-pmnAhIZlI!ARqf;bz9!iw7gIPd_ZOk#8v)~H?9PT(nB<W>x
zTeQM83*J+o%nd$M*w8Xetfc?fSxGmGTTJ@i8@aVt7n0)DObRinnoSNru29l}eY?Ae
z$g6y^AszD4Rt(}ZR}yXREp4|C$$UrxxDwXdw5~1oc6PM3mwH##I@l~%B@3Z@YE9Uf
z>R~ZyyNi&Zf63~{>O)qnwM1O4judjWN`Q$pdSB8c5o7I3;m8F`6Ay}FaHrD5P-78f
zw#K%N<2Ivj%`SE!BSe4T{DI>u#VSo6QtDu9O9X?7xz@({3GQV2UaA(snor3WGEAg2
zvRun+={CNrCK*lnT(^w)c?<_cq6~WEqfv2;IGVe@qubV8bva@0bDFqpEnA(--11a*
zzfqYLkl9`|p+i?VO}MbxcBi=8p2lnZMbMgYZPO7cV0Rd$bDLyMe>bsMX8Kj=W~gxr
zUlp~Xs)H;PLA|A@e4%k;eY&c%2BV*uS`4RNmOIGRc>SFmlV?+FO1|e1?5-)Z#aK1g
z%x-3<O<A#4^<t`{YFyBf>#3T!N)R&ePK&8BbND7ZGo}LE#ARy7=TddmyQ{`2WHfD9
zcfZy6slW8<cdk%a*56H3Nyw&dVvzj0tt!c(KYiC(OBT#FuGF|(95w0J*~kWO;4UE+
z_Q_1{0=U(}!d!Q5jZw5GlLlu#CN}5Dd^_3AxeRlEo5rNIm<u;dR&(<0ooo@CK#~Og
z(wSr;sG5p_z4)rxiZRjE+PLKBbrx62D$_<^S5f}L)H-r-QsH%);_Av|+3Db0Aa>bm
zU1dg{!$eDQY8@mqQtaCM!X`&C*14!pQ|8cFm93kwh4^s$eBqNW<1x;@SRXj{qOl1c
z?~*fjjD3ZIyPED3K~`K;NA@AroqQ!{K1Q&G?AUL&`#2#xv%xH**DcOMPQg4tQ_3ev
zq*J2C`BbVQG&u%$p-n+z9fAmBU3;oA1RhbA&1o1*fr8xRAqQ;N_|)XU-Ltl-`UY_c
z-?KKZH5Qz7+xS`*2ggKeR_w;3f8V(3kBY1s*bu77NMfdwEC1*tdDg1#1<D{wwpkai
zX2M*<dpEwDk+2Aks!dSvc-yK+Kc}K;R&A@nYh+H?1N&8lj$jmrUEHZy&A5$muNiJt
zcNwEqQ;-okHK|&QCz*IcZ<rd1U3=?+&lrW@K~-$`6gRfzOI_x5A3nlRtiGTc)NeJB
zAZ@E0RvnDe!WL@PCLc6~bQo5m{?&WaU&3Z_mrecNa=k4}Z+RguY;9JIQR|LS{B@#_
zEnd#SSq;_5JX1H-3oO(e^=Gmcu|&aVf5Yq)mkQ!bG92h$ZAB9*Y<BMMuD|c>8)c0_
zJr<QaH8k8TJj_?EjIlcN7-RKQWt@7Is1cSO#(}*Ew@Yn|@-?igK5R8Ge}v7cgq%Y6
zRf6rr8V~;BuPKM#VirL)&LQo_UJHr!RgI*T3hWHd92-T|k1sYY`*F2bru*^WI#NGA
zY-RQ1Ayj4k_zG1_Y?ag<#l`xetg-f?xb3c3tS?&^u}-cQV%=={W1T`Jk9Ds$vwY|-
z)(b^y=w>tA(Aj0Wp}WoaPMk@<rqkI#X0On$7-g;4$cJ4u_UFTHJw|*~E2c*9*Q67w
z++ZXwFXgysS*r18a~vGf1}9wQ8egumLXp-u+eqx~{91?F6Jq)Fox7J=>&>k6f=tAD
zp{8w(#yLi+J<gNu4~-*nWo+!hrqb9wR6C75Q4ZVgaajzNqp>Gjj>hh;9F0BLR2sX7
z%F)<UD66)YHZD(N_ZZ1z_Q7g9M|~fXGY9)6u~3>FOhb{avZhjB5B6L#tXaIv@>F&4
zx2$_3Lqhdd+U3#|%j7QOv25;CS))CO2syVhBL<(1oGiLhb!N0H@2YaYpjcej+v6_+
z&}G-xs|%BjWfOZMC3g#&b$ZF}vQazHZ%0-OZ`1|RkL?S5MjZ$ljrL>KUm<s^2nH6i
zI&%iAj95jFZSE3VmCnHCoMZC&T1Wj213H^I#Hj8W1U4<zibAsutZQ}?0^90_LSPl_
zDFinDwnAXxb`}D2i*2pI9J--p^mZzg(u8`QZ);2Mn}Uq9ukG9UDs;Z&+XTLN!O*u`
zCAZv3MJnHpQ`0PtTB+a+c4#?+9U{))pRPJ%kdALI+ubnMFztDHsY$v?J4<`>Ql?2-
zUbwI(QERKFqP(`LR;=n>&8vgeZrf_F$k<H?n|V3;6fZ&I&O+8M^>#~I?X5HCg|Eh%
zuyZ&~G;cE5OIoW7#K(CT7k~^6Vqw{2k2c6z!JKh~vSx1To3qt$hMRH>X=bu&5khTR
z?}Wsyx3V=^Z%en4RYASAm2~yCAtC9U!s<L(Yu#AjG%z>|;IOri_mNQf+u5S6T8DM|
z8jW6cyZ7Kti<&)bA~j0}XJF&UF*>zlGDIESC|5;nYx=r6s{yf+PElvoEFa3OR%i9X
z4;sb>1R9Q^68o2<?P^T|2CW%bk-Mm+Yym}WWr-QJCB3L+U_)oKgWWHqoL@*z$Z(~^
z?hE>&Tza#mjaUYEAZc_uQpJ2oM?Q;H8#YKTRQMp`ma0q$RY1tHrd%QW6=nYlN2tpE
zTRSCAh*(OqHE#Mzfq5b5IZXwQ%u2q!be%wF!qR_l+O%)1Lr|PpSBa0Uq@rJC!rG0w
zel>4KrRkUM1xsro{i?>I?k40R?gQE^GlRDngwK-~9n7b-#Z<q$6><uFYdU1>KKbmb
z#nm1WH8(}9><t_Fa&^_)WLfsA$?fLBR!c9p!DO=z%Y{WYuz1#7Gqtz1ur>8ncD2P5
zwVW?STkBlev;wzm88_S^VP!5um(NX?6`v)kwU86-kh|M=om0qhZI=(G5G116m`^Rs
z^cHn8wkB`#I=jn;FtMY%ua<oR=MXZAE27eOaa3$WFBtf)bynibib>x?)x`NKh9W2E
zYDEPti@OoNS%L+N6PweJ(N%+gk;W`~iaiXY4FztQ_)3-UEZZm)j2qI<T_Q&qan5D)
zQhi<CR7nFT3DxN3c@wUoqrJY#euTWnWGkEQXWy+iA*&{vwc5|U+2Yr~kwj;y`z%~p
ztqWoeZljPM^D6g#ZMvb!ko|M{+`b$a+n!KWPQy;J%rzCv?av0GCDTq=N@Vl$m6j#;
zXrR_MBq{xAqO9cdl<3f{l|J4va}v(H<x;j+6Wlu>Wz}I{0I>zJEhpRJHuqt(<j4PV
zfGJvF$hq$cRHrk4OWMX{s=wwf0ay8Tb_M^<cT#tqkqmGhqtZ9ot}NEDdRW_MK1Uy_
zwMZjGs-F1FouisSqFHlyp~lYb?3=T@8V5Ph3vN^(1JLV2W*R4ClJc6y^*@E+Ix;h7
zU}F?mrl9Kj->yN(klac&?QO{-dZc9%uQ{$L+YjHD>u<gwLu_3bBC|ta6O8k~sn!Oa
z%DDI^Z^j_KG>Abihz5ZJgG?R_G&zIIxeqZIxmRx|nW?vP6MHktvH1XV1NVAsd4(fL
zi(UF|^Z5rejd7A`zxBo;h_#h;qqY^Ps6d@-&6|sFWhMGURc#2YQ6HQKX#wiMd^5r{
zYG4qT&`7NMh*(n75j%vbyo4w7Qn~(CkaT8QH<nSgg0~o54-c6o1MV_d<i3#g%}rhB
zAsmmn{S)a)B2!7x^wK%}C_w>(RHe~7e2YN4sj=;F-s7jxrmnKQJ7s<YK=#?hWLIX^
zgbIxv(n+pZ$?4OEyjho))dGG)V>vTAcYAo_!7x!Db7CdE(1>z5-?l@*b*{(<JbcL_
ziu+`GJ1^02QqohhOR_-lRFC)~bwjG|c#jIo$(>TC7&8|wHXkLTsr)?))~ddpT}!lb
zy{_V0x%MC%+$MHGi|$GNg}!S~*FbzwHiW<Z-g;o;e?>R2uu>Z%t05Q4-Ej-dq01Rn
zyWq1`fmQgk6oF-^_Xc)7enQd>Wk;pVH_P3nIXj~4wufySd%$XYl+S&2+&7EH)8`x3
zn)9$oOW0+ljnn7SOMUJOGv6%o%;!{6{c4%`QShR+)yAw&=58l!e!i2{OpH=!=c~!V
zy0fg1+~y9Ugyig}BjhBNCO;GtwxdR?i&>Of`!g%ZLZ?X6(L*s9)jQUO{XO$u6>~Zr
zC{l%H=r+!OptZ}e<Bb^enKnK#FE_vFiE{f`wJdQTtTBQ={BavAGD2UwQTebziXD9I
z#`vw8>dyXLueVJd7^JNOgWuSJg|v2H2<BP)+D@b%?2byr+72a~tj{G?pZkgWW=YfM
zZYTt|2Bg2Qk-OcIR6--lCRJl$<Zku7^m1@JrpA|~Tw{?B2dS%0Uq54%%C!d3bZo-z
zgFm)0?8kvjt2!;b#<}JbLG`ML-Ij2rk&kG~x~$B7xZvE=T#5B<>B>}0y_?jaJy13o
za+KaCUkx((a;sl?*&+DekntPqKpMP_-&yNh5;4B3A0(>A5V8}0XlIN-vn24-cONQp
zL41>Vwv!w$q8YcUN!;v|=et!+%q?70GDWkKiV5pzoE)<CT<@XAcD1>|#2a$VNu@5D
zkj)x(oE394n<JtPJ1QBJ3Bwu9_Lk#;cI3>Q==)nM&c@&8YAZSmi7oV*B~zfVS=`-?
zAmirqg?ZlE^$pdcmrK4~*}hk3D$9*?6M@fdjr%5B$G*w#|N16>1K2kQsreSXqS|g}
zeR*$kUcTaM5vW?`;<CMFWnS=T#fq(1d4$HJzcjPrM{%v4a#Q<O?x5_*M`43>LrV|m
z!QCP3#|QiT_T#7h_@NKT=3-m1A3v0?A6MJ6`tjf<#(sP_<<HlUP@!EJ?FT!8kX46p
zma4W~1c~uW5k)%-TwL7M7OZ!v%Z}9#;&W8v7S2?SLpWbG4&e}?7B0KQ!p@X3&e}#7
z=i+*5oRgc6Tq<=9SnC+hLa6ilvDQ_UOEbQ%Y8}H7*SdsjtJbA1HJj7;#A@8aY1KG{
zld5r$)ojo$YFz5_5UP{-j6^+za}#w9XDR9$9j-QW)n5Q~xd<l`>RJAdQ=jv;qTRe{
zYb2(P$x2*v8^GAseW=a~>)MakRbMc7QPf}8XVus#FRQQx74l&vuCwq3t~1uvy}eoP
z+}6l!X?`EdS%^ARXVG3lmWoIFp*)joNBxa3XY9<cuBcLB%~~Y5EW}JG^BFx8$g&nT
zp>1@bC7As>o{c(cEs48%DZFkA1#0YCjE^oH53=2A5fMwYsEX_jnth?gCAXjqzkU>2
zi-wmk@@7)3Q*b4z#)EVvG&J|?Z7i<E)vU35<;JPA2pW=Qud|ZHK1(D{9PKAISnn?=
zZVX#UgUb7~-4!l1nupl1TTz;|Ml6F!Mf97VP_^RyE@vezAeRGtA3>;)<%+c-5B~h)
zM08!mwzHM}*nH2vgsSr$9=g`4-9C)&gtqN24oA*f?4}=zZK>jWF<r@wNV)JR6(H4N
z^W)oy9}!x$wq|5RY{hRVe<rrD*`#M)Pz>9eG$XcF9ESbbaUQm@13hfxkM>$Sb6Oa-
z^52~c+Xbx{wlv*tL!Ng%%WSz+SHb2*yXvaP3}F;h{|orxD5Q7|obsU<{N|feY&RcU
z2sKw=W!u7iR?^h29F3TdO!_xW0&{!7Oep&vJ;TWC2sAlkE1SuVu3-0@MT?b2yd_ii
zc?%y(teUEyt~BX~jIOFeHa5F_jLcL|^~07nWbmC!<0_xFH1+|J4S*gaa26m*srm{E
zaiPm}VAYO%VQ4aNSzoY~>ZULE0$TNJHs;Ea{g{oVb~D_lz)pQM$rHZ8kBHb{w!io9
zM|O0k&#DBQgMR#CKjq-+Txn#OjW+0W^)j!{Sp<t8T@WTX=yd`l;-P-F<P&jq@zzhD
z@jk-yY1D@us5TFg1j2K3#4#Li#L+5`zIDmv9Er{XAHnXg{kTqMY&ykST1k$gIES=-
ziG`*aSH7kBL0;3~TrV<S<Z0fM5)zDW#)X&{@=-rI6Y-Z|vXL8{ofrdC2X}SsuYa3(
zL!VJK@rTVO9TQAO#*&=<rmFE47?2z$9zFoJsJKzt)wVFRacdLj=dq0+`|VW|-qCsf
z`~K#WCRCIElzmdmgCqDQMP9z{GZC3HsE}E{&T67HL^A7dnVJu`+7!c|a+R8sk5AcK
z&L)(#sj2}XCqJ@~znnCpF|U%eB}sNaOhWP$bM-s0#yVu|3ce6)JXYUkF&;xk*?0&U
zCD!m)VvYA23-Q6{R6=2-i`ClrqQlRp9SMH!t0swSN$~Aho3*M@wsxrk3AT<uyMfPd
zzpI*G^$s6Ra`kZ?*W>M%B2;r%Po*y~nahgu1qo9j_UfYSz8NbiLY)-{McfdxzJu*c
z_l;VU(}-mcqL`lr5C25CJHiQmGMw&bi&0%eD1X@UIjyQc$<PV1cWh&@G!S!D!HJG9
zTNici(sP^ytaI^|0qbfV*PC=GZxd?<e&nQ2nQiI76eMfqPrfvlEiCaS{nF>sl)(m~
zsh_He8ClNPLKbFuQZ;w@Z(~>utvW)QIp*&R-3X#DSSzGaz^m0}-6SjS!@njYJ{Nnp
z4)Cp{n(M6E<vY_PS}nDE!OLzo<0A2x&ceyKNgyzUQV8rqNd$JC@=at3&3nPk>w5#<
z(v3{FCK`zCTH9IdEATeqP}2wNOIylntyLX@Lc|91J3~KLA^K!>)31Bo-nPlN6pgjg
z<eGsRxYS)PuqTT0=~fx9!MB91X-O+@1m)5D5eBZdF>JycFSuDo25pRijT*gHRrued
znpCGMsJ!aNq(--^BCH#8J7zvJ0aufjs1oc9XWODW)IPYC!4h`sRWBxC9cr>tqk1B~
z)u=Ybui4k8)jrGQAg_4&-lWCrPQ+LtrF~4E%J6+u3prSAQY(<B94_KVVk?u{K57Xz
zdCXjR!L%G!z<sj$uSP5|A({GJ2z7Gf_`<15X;_C7I<GbmR#M$)QrU-;ddW#UE*zMU
zw_aQ+cgues^J<f8DTk@S!)<OQrA}g(S}Bqjsq=noeq3wdzhUdN^jGWcrWJFPT<WsF
z@{CvBxbZu!e{WP%C`MZ<wXnZ<t2wZJZ>P0>^gD~KuBP|5dD=;j9#k>CM|`P%>#vud
z+=1U+s=raoLcU$y^xKDOW8X<{oZer()W%d-C;gVNgPtM%bk|BaC**rqTE80m|3>Ra
zW2-Ca;m4^~wOB2puZ#4M(Jmvspw2XH=;t9E>PY;m8P#x-#ybkTyZCNrREvaZbuvaI
zpBj?GK9ISiTa7;}hZd2aF3f5`z%s{U?nBy!{W-g_VY?GenR+Gkpb+09?57F&(q&RG
zv%s)A^TbxQj#}wa3yrLkJW4IeEYS?goY7&-Qi|$`Dl4`5!e)|hS8J)ZRVMH{H3_p6
z%O56o>M2o}eaJ#D)hS|MqHj0iOsaSvHJ-|nimR=V@wgn|gyVP`(pJ-WbrAk-WsFx7
z5L4bBiwM0jHV!q+y7{3SWV&|D{GVic;!#wb$b6}SZYpjSl{CpzP3??$jPgeG;D?*X
zR7SUHaWzQhWwE1|jNND|X&vr8ra|~XFtMt!67L3Ll=;28+5<+H3F%k%64O*`l}a2$
zf0G8V{kKfG4Vcs*86kY}NcaGmHBE2ZtF{SSh`q<;f+e(4Q)*q85H_6q#U|zwc2a&B
zV`@@fZ8Ev%>j5<lxfJ)+CcKo!&dX|VDOG)whx-2rE7ScMllVu;2oqZ?!E@?VN_@If
zH6x{5tHZ4CZ#K1E)z={!&8Xp;-UW?jtgq38hXc9aTWX=Iv50J`wjl1yTd14bUSp-6
z-^#u=SB+zrw4QnYX}n>niuQC+IKTc->_^M2>7l-V>3x0l5&GefGGix4{}G)^4U>K<
z{mW^zt^d32CgRE4tG^ad%XU^zR+oN<wcq@o#adVQ!=#q1v=HH|ri9y~I%fK5jVaBs
za-^RSi~DPV+6iLkWu*3ZZ!&FdCzWviRqM{fSJU(7{GDi5P5()pb+z7a4b;vyJ5Nn&
zU>QB%*FI}%VDZkw*QU3V(jWUy<EtzAENOdLZP|63aG8BXLY6^aBK6aImhD`vkX4|p
zE$i2)BIm-j<I4_|glYZt$wumn*Al-{3YX*n$|Y*ZPFAb?&UPwN!@fLjXFibhr^mI9
zpZoe6e#bpOcJ;RFvDfv4*mkV#i~s-Hu{IqqsQrfHD5(8LKB)cJ{e?#LQ=5aGjJnvh
z;jYD8SL?^`>i82)QnaFeM&d4x8PVaY>&9wb&k5OwN2Lntx{;4}+S98!*hLxtj(U1D
z_PRQ6Zd~W#a*I~pPi-IFilmgaqiDJBc+Q<CbtyA^0co2vPm#OtIG!o}$;l4#*F#&|
z-8#EZp!S{<u??46?c2Y5qj43MvHMVSwJGmnJI9WzU5mM{jr*O^t36~_Rsu$&++Ets
zA2l`gwF^2;HN9P|hh5NVqH)&MK+7Wfr!3>8cgeC}dYbHC%F3*Reo-_wGULl$uGq=?
zPJBzPtj1mTInidu%hG-$t`%b0N6jK^L7j-Nsuq8=_)Ezyq&HgnaBcj!jg>fRHGdQL
zB(WEr*Wb~WHG*tV$QFdOe9489%>}P{f|`N7l#~w&oBT_OR$*>uU&P<B7X4)txs59s
z>zie>OlT>|64u_)d`0U+G!=<c)-iTl#O5<pOT+dv<ydc4^ZT*R+0W!&R`Vr=d2H=o
zyuaF22gT_Ke$J$3Dx_GVPHl=RB{iW^qQj^mvnaR7AKA56`{sCt$Gh!q2T`|nFG8Ix
zyGiwD3Nl)Y#35zm+pn(P#GkCdrPu7k(_(e6-PZLw!gWhd_NYCVs5!}4*Po1%R<zqp
zarIDJXS=W_-`!u6*X9SQmD_pz|HD&<6aMEZ)Qw?!s+<hPpUc?3v9mpm+8Q)tF0wyS
zTUYV>6ZP@brv9JrPwYy(b+t03HoyL=p`W?>g#PNWs&_Y<4eIlVJli9@E~w2<{Qg3H
z9Mx2JaZZTcU)Xu9b#>QoP1NeZyV9GbCYB*{{CT6UCU$8=)TX)<&3o3a<f=BtcTxk@
zS@oUtg|Kc=R|BzoP4%r-P4$1XFGORltBF(-+w^L*f5IRV-ycgV(ZmcUF1^^wP8d7a
zsaDQzRic$$=2kN|h-6ZU1xn6#i$;qOX)gPIDzR9p-4_#XjhQ=Y&v8_0v0A3o{*By4
znk*w-iAyD#Nw1mnj#<pCq_umq(P`w|V;23cgEVCBLc%AQhZ3ie&wXUS_}C`wOT<tx
zd#y63Tg^sdmoT!sELw)NhQuH<ndl4!o}4W0FPetThcf$BPlN1<cQEfwmHsI6m&7Xi
zp=d8MBgds|&(qa;`$s#mbQ{^ix0$r(CAKR`rmM+MW{J>)8X{AIBw_`x6rg(aFBAD>
znzEVZ+J{YYQ9z_SPsR3No?@1%&ZZ^&02HAjDxSpHYGRkd?4u4>6WwOXGE+hO&;Wiz
zFQ(v~rUGqzqHf9pMh*tVMyh0$sS>-TBo_jtYDL-DNNlnJ6PM;Raydm*ii6_o#BL<n
zLv?>*>=XZcNJB>JQ2eNI{=rE<lf(cyju91C4Y1o`tCc!@5{EqY|7^-Ok1n`~oHxOj
zQoAi`E`LpQ#5QbvpOcg~waS|bF=to843o<Ys{%z>9ot%Co@`oDjt0X6wV(1VUP>+J
z+}T?zHFKuv1=VxCRmOY>ed17cgnB=DoC-f&9b&j`)kCqFt`3v>9af}e{X<cP8-ucm
zlC@HLHC2YI<X;p}+xm7W*q%I#ez3;a+eJi|X|Gl_pRk9hX~e&rdThhI)W)}WoLeY8
z=RTEu9~y)WxesfmpGnNq=u6X;%7~~t8qsht{Zl25<c}dfYKb{atx;AtUp<RLHqyEJ
z*H)!_OGwey?Z9j#31k%^T}`S=szlDmc0s#s_O)9PAmNnaW!<dURMh56qVmUzy>OI`
z#aMmjMTk}_Mr6%9JUTh||2jW)6XCcfnrkQ9Jp*I{5kG44`Tg~f+Tu6TBL4H9B9)ES
z)v~mvn&k}nKj{(7)SEB(->?1JO0Yv=CyHI~|4lCHTK-gNQ9JQlH9-ci%!hXC!CpcU
zHJ}%{EAmoYtz?wVk_ng^Uhgv3OJsOU`4@#^P^bUTJ5VFRLf05y-!<ZegIW<+<Bj6|
z4_Y+#sOz1?U)NR>;=|SpIZ;$)tg5l`{?*3*YG2x2j;ifFnO(1;T@c>;w}#?wGJUCD
zIb~LjJ+z1~iQOQp=5{9|EOv8s*J7?~iNmdC!UrMD^kv6|zjWwlMC{wd?7p<WF|(J|
zf#PFUEBbFaeyxp>+IZfQYbZI~<I*rfm2%lQ;#+4n+HPFQRjll4T(dTf0(q6qOOZ9A
z_tlnJB+E|PGr#M-Q_8%nsn)gi3C)BQRmIA_Hn^+|tPB*Lzk&|88no{9+NJ2^Mb<SU
zEkz?lkL-7A-p}XGTT!%b(`w^)-fA+xtN&qrNqW1`DzOXxUGEEiDs`<eRb)rpT++{I
zEB7~AYUOz&HKkF$<)~9ua<WdUIVzYi51R_>0?BQ?bekOtrMlip@2yR*Ht)NnUBn*5
z?^@~NQmbp7L{X{f@nx1(u54cP(@uNE=R>aHv2rz6_i8VT$*oOWzh1M9z{X=mjwftO
zN%|ritGVfBr6!9IMx=|ScKy5$Ya_YVYTI`gVwv8DZ}~ro@-75rb4J#5^VN}*qzja7
zn#o9u@c&ad9I~rNxh&RBKBcrGD^!AQoI$6PgGv0Is=NU{_lC3+pY4Ba5$!G-T=>Yz
zpNr&*xZTMRDI}$p{wmsm_!pU!Gj_5Yv6JH+E;Y%zTVfELM9J*+HgCpK?5bC`_F?O4
zDe8Fm2CZFb$H>Cb^NB0+>c_tEBX>S&w*9~Mz6Lg~>q_s=@Mne;IpREt`msrwjwM^R
zCF+NiEHzRhiqsEn{m>@m$c<cc#Ca4a9&+fJp)JJ@FmLE=W7OVtP-*J~b{lo$t%Yv3
zPU`?Eu*PPAO}i<)3$;kLNYMZakQ7MZpc|lD>|(Rse&4z8&U<g>&5*L4bW*H-X5PC$
z=bU@)x#ygF&V6q%gV?!tm{ga#dl2^xAH0a2fCM6N*FOR4RlDkRs!6T!LEl9l@fb3b
zNnFo*FYl!Qb-;^>DRNFd==J4l@$<sJQslsPuZ|?;!NC#OKh4d^zN454`d+uiy+@8!
z%{x<BJb+4B*V}5&*{WvZE-ymF@#?W_=@2XPX_Kf7#@QG%ViZmvSmmlDN2sqDN@Vy@
zAEwf=HI9$g-lXZYMU1pO4_W^l4*L-YQ;dYc6-RC|b(fVSC_{@3A?n~GS5jp2ajE5~
z^U%87g=>zgOt=iK=8+z1jjV8zqgheDD#u{`w7`=M-Cy`&f5@mo=>Fn%;QM70TJW%+
ze$JgaaO3Uw8ffu*jLvD$rlIHKC4?v?wd+*tVKXlxlYxVle(J*yS_XOJ;ag?WA@oqf
zN-(Q<{Ggvo?!6muE9r;Lwv9c<VA5xG{5yx0Xl#I=GPMfX3gTPAR}Vd==^r20yGM&Y
z;=mNgYJ6s{exs*XD>-AnK7o;k9%l(s>f!t7B&QZ;mE`R6XBNDJq|}c(X+xb!z0Vv9
z^`PuEMm((^9;flVSH|fd2MqcFCWZ~I@R0URI6J0PTSI?414SRU5j!`!dd%J<On#Wa
zeH+xDhsSlQmio2aH|Uivk9yn&RZqY^hr&bxjt_%SE1m?e%|0M62|fC7w1*~75R_!$
z%spOzot@GTqtH&$vywJ<`P-aE4LwIbXlm>FZJx(rQjyvhp_fKk5-4|@V>Etfffn5i
zs1via?`1}cJ5WQtl-}RSZ(=^qa6@ei_hTtjrVVBl;}3h#Ct$rB?%ljtdzh9Z7i%9Q
zT7@0Io4nv^3a1YiJ+pdzAJVpmM!~{Iwi2c)J@P~&zsR$R^=xoG8W49y7J>en_8G%@
z7=9qU9!!s#RqEN$W3sD<Ud1VB+%QR6!D`<bj!*1&L*57N-|a{md4CSt*;w*$y2B%@
z;nY@J;}xuXXk>MDkgIs!kVBr0{2<af2H7-TLLCl;MoH?8!=vVxA)U3*t2iaPRzLK}
zT?%c!$pr9>!X?q`s^64x6x8b6`y1`9+MY#rSanR`!DBhvGP(=3Jlwhq8gvgnO{Q~~
z?8buFcKT|w6^xPoDO~Fvn!)X(=i~J;cssi~kT*Y!h%lqAI(6)W`cQqSpOHRwAl`Wv
zV@-o6AutcthslG(>{SoyDOrh&w+WRy8*;x6RLtaOF>-3y5NaFnHC5?X2l8DfFc$ny
zAh6Ge!EV6aOVYCrTu9e29tQREaTqeiD2LA@L#rXB?(?@As%f<g<4$2FRbW<Xq3u%7
z2jH7MDPjvFtHaO$!kP(iX9`h<lQ?)h1~1{1#FcP7>p?&4FsgV!TOUGKL;kj5BlX%=
zMjhxA2EY1o0~||BPJn0Li&Egd+~dd0)m{4_wyKe%+BW2nj^vpm>$Gj)FlKUZ6_&l>
zSl~g2Sys?kle-OXsg_nAOFcSwLH@$AvqyNHJHm6n46JIcfBy*{1Xc{^$-nzVea*wY
z{{CuTHI2dE9HYO)9a+Z|B$ThQQOBzLuU-OnLB?Gu8y^EFy;CqY)(vaahvJ}t&N1j~
zm-?7K#}r)S<ebS9?1X0HPEGHi@=}w+C-**#cA5iAkzLiJUz8J4gcR0Zovm(vyBIkZ
z!qy{+9Il4f7=N(0O4arb>HxM6Te}{of`>&5;1Tt;$+6dt*Q1YIq-VkCv-UE$Yb8cP
z2+Q3;XVg&Kh<_ghL*&U?p6~@CjYiyv;$0HkHhX@RtA_qj(;vhadA=H-;lKXg30~Lc
z(#<T?)_C@j^Q<%EUUn@wmyyyd)yV4)_E$j8>1t{WEA&$JFRN7y?x|{M^~d&s;D3^a
z%%7t32iR9}XkZsZD^KG;j|?-VLqin~Pl7g8=Kru#5q0N4ozMnqH|kK7_iPk{d?<fj
zCs@r1a6Z8n9%5y}%<HYUL`<EGLV4&EBm+-gi=A~s{CxilgD`xO?$byl9>Wpa5kTPq
z<1zIljyb2?4FCghRp;vQb}X~`;9EC5M^oLU-@?W;D$Np;OGZhh33a2twfCM0<-Q|{
zZg){V<px*foidweFfNmBn)Ktk(_izHs6XTIs*U6%Ws3nlZ>yv>`^%pKuF5#>H12-L
zc)O1R5|uMmqbmL27;f~*Exp%eR*n{q=T&C$xfA<5k1328SBoCc2Qf43owz4>X2G{h
zw3Dwgq3zWt+j(aCEb6&iB@t;%QEgwg3M)S(6U|BFNuV8pyHCg&Y%+ZYq9E^0TKX{5
zlX>1_e2hk>WK^0jwIenMk|QlUkc0P4)Y{-KR3)qTkbD?K@8rzHsdcq`H`N=q>*5J7
zy}Q-(W-O_RFpy5>jHm`UtJ;>+`=>~G<MTw!pD{)3wKweHRkbs?G;3o|qmYxzX#;sI
z##_h=4?r>7Y#wg)M<P_|KQ{_DQe?dJE`^Z+SQ;XIG^~~ootXEK8^(mEp=UA8Oyg^9
zSsN7QldlwS9*ffgy^1jLT9c|jCp}d^7eLrkK6L4L#NO|MN!do)f?8_S#t}?oh;B&w
zL*oJgiO)K^C-AN|lY&vD|N0nM?PcyML%}%@SI4z%)vpinB(OT0uVv84D5uoye9fd%
zvTFw)HWfSpsP&4@FHvcyB~$S{p33+fO+*`Yi#nmlq9u?o*vy3(mr;RL?V$!F`~F%u
z;k{JvahcY66*$vXDW#S*9<Ra~1ucdX5H#k8ICadqs7Gt@)r!1dV~1(czzFWEg&5XH
z;q?oQH<J=$2K8xLW2pS@31@5uJSG42Zi$*++>HKUFC!g0)h947k%z*t)Q&I+1AEXR
zj$#q|xwfsJ8-bB;9Eal2qbF}^zeuIJhvVnjQor-T8Y-r9_&)=DVQp%02k`ZV^-<l&
zfsIjSIiK(;o@b#xq@pvA+cC$f^GrtB@VpCc@lHHVMLVT+Ib8tSZ7tQ$i9B&kkouj+
zd^y_sr{DBB8a3i?9X2Y;YQuFg<cC1s)yJu+W=6u_r_L(6%dCt#^#{GD$ZqH9vrb4}
zC%9?;uJ#Eu^gC!&X1#M6Cev-cwSI#RI_Mv7EtmarOF8x1Q-4o9JJ-Q;)}rQ5>(ivQ
z(8Bp;d<V)9bGTQ6cy={9n_Amfef;*Y2gcOj2$wp1dyuR6g?Kgn!f+lyd(@>n-0TME
zu1i^X-zv)X)Ek#SLKna{w3;4OSnBo(x*7pI`|9Bd_Nl^DcRYS+4&bRvo4-dDmIv$6
zrelTy_&Xc7t%BUkm7`DYb3JIy#mA$epSDpqdk$jIKA7!mM9zG1JE}Lat6hl!n&oL{
z4@S7$s)O{<Xpy;tqy4Zeb|QmOT&k;c)qSMOgI`ZK^MtmxL*zvGCO+IZQy)Kr9?ykX
z<M34x82zr5vHIiDYEL~}b=T0Il`-gjlF3)7p?Wxit06EBXl1@!{b}r>g8qv3dDO>E
zef2wqYh@<bzn~(k;86iHV0^RsJo2xy0QK-}SDJerQCAPv<4wqF6q)7o*!9CgbtGzp
z(r$Xza%eSj<%bY1%>lW3$ltyeV}0rJ_Y22UC0zlo)M9ENV?G(m`}h-%)h`j0p_S?M
z_fRYFqrN1qjK`IvJ^q%pd<c=J(r-;-k$JBGFvsJnANi-U=3+G4Ool@ABL)maQN86M
zTp6fEt@8CDJ-umVD2nRRgucDU%=9#JYf30`d~%dS@Q(A>4kBEc2bSI>VeoJs>7g25
ztzu`$Z3^Z~KYB~*2%*TR>_%>T8JYDze1`ItC8Y`mUt>p|VM6nEEAq4YVF%AN){a^q
z@Ha^igq2Favr;44S{=>fE7Z6$8IQ}mtf4((tbxzjv6h7Cv%h45w$0q3@Hu3Dl8xTe
z7(9K#U2GN}KX-ZhtsLF}@0Y!5<n9T)3xdz3gyl%YCs?x`y_pEOAAuYC2b#*tlXg;O
zXxDF4(Cf|<5egY?WnC-0?^75xCr*!<lWN|2;yrO>o>HpprtZ@3k(fk3(xmg4$1zej
z-?}X*sNrJiz1E-lI{f(r>IjqV^X5q}34KnLlrtW{m@s)vyTn(|`DaaH1DoqUFFHc)
zVzAUoPB`^}MRh{Q9Q}UJ2ZG~1`BfXGq7PQPE9Nep^RFXO`n)yve%SSUWolno)T=%`
z$}?b$>*q`w#R9lmjLp<>g)DmN2)2GgmG2dah%9*R!ZE8MN{ngMXh-iU0(E~a*Td&Z
zt@Gx-;&q8Ugef$2CtKHnv{CPdt6vze4*E|#hFi#bzK6eOt<<c>_wYjq$4x1rfua=g
z483<cvlb(z$FvPd`5u42a6Hw%hrdTHrq%f#OFnADvHCp;`W}9)EB9E5AN75YmGKzg
z!{4%&4<Wt>&JJ_7Xkc~hg!d~)fxOHPU#F>aH!z5w)LEhr-2WaAu7RrO&bTL#D!g3o
zgHU_|D~-=kj)Pu4muujI>e1Cw-2le6u)J0c?Heyb=K1=u<FEsa)zYfr%@w&u>7ta&
zUo%Ty<XYRw+IiMGm7WCkDlP7(aK-s`f0S#p8GSWOHBt+WI=4}F&Tj$1&0Rd1Z%*QB
zUnlq~Q@v-eJVlzSZO@-bp+}=>PlIy5%WM21<Hpg=C5>JZsVe&y`Z~hKV_M<l_kH2o
zlD5T5>_Jw=DfLP?3Z28DJ-yu|9euUuaX$HT_@;mOJkA|{4p%zL&kT#?i+2sG2O#BV
z<Q-*v@|S+xDa`x>_~wgmdBtayb(uO?zx`44n8X1D(_=e&zkq(k^MF$K)$e)IJzFj9
zw$*RvqvKfpR%b!&35<9IqZ(KL5Z`<U8-F(He)UPAWgOcZ!F9Sm6u#~5G4y&EBjUk|
z7qBV_`4NnfXI%MqH$Acnv=jBA>F37C5yCtJox+l-3PooCk!3>Fhk!E)exJkW1<uDm
zI6Z2pe&12x7<cK{tz2%-*YC3(RB<*QM?d}cHX~!_z=f0GE??cqQ^S-+%?I*TbBS+#
zd!m}#4MtZ@A*FH@c=?1oX;e$U3QB9RHds3xJ0)roe@WXEq~sA9z0kX_KD{I0EIAm`
z>;C$^s^C9Vzh(6(^!aX$uaP$3+#Sc9o`bY#t_ONH!0726BQ1LMl1Bb$;|H<l4`cOC
zLHij?2FrsVh2xVFD|;UyeeVjMZ>h1|*m=<!=@YX&U$iooQ;>F!JV4_KX4;td)aQ#=
z<7<V&xx4zbO%275d@#PA#d;ls<OZldyjsqN_P)FNtWXWDOCt?!c<p(u+VdCOc`&vz
zg>U^FPGi3X@`7^+-f<FgYvnoBJ3*bB)=wV=`1FJyqTiqY(2yUj#cU+MhMPF5qvH&e
zSM0I-{gm*jTJ9F~Q*$Zo;{CNMSySIj@5}g!%&wACD)t#!YbwbQpMPB_{0v@D!c}sn
ziqGni+R=D?tn~*Q`j4NxJy;*HZ>iLOJacFM%m3-ikNoEP|M2@?`m-MuRqH?`632T+
zBW<`yCV87^8;C{{iFOt^OEG-)Th4XX_b04aTcX!G98DxF=XI+G6~$H+i6+{0VGKRj
zsdbUo&WP2sCf1r@gE;@I7W7FvKUg1&833CE#(IK4^G)rlC4oP@Uhiww7iiVj5sSM0
z+hZ;LiFl$V76DZ)z1E`<K<c%gj96W`Xzz)r{w=Bv(41n-tp$}&pgKOF*lwM|J)5@<
zsCCFVMo<DyM3H;!U#B`_(WKp*OhuA*yZ&lZ%5r|(ty-fX=_g6&XFW+<xOPsn>gW3F
zFZpFTf7=F1t@-E{)vlt6J}U#zi8fp&67g8e7G*tS&BuEps83iK40;Q3$J>Z19*ebF
zONn?3W}_v}DQUrAHzl^HX#1u%71?Ahf$51&7}k|2N`Y`4Xb14<rcJ1cY-)=|tmQro
z5A_&NG}5=Jr85%U9zzlMRC<*I@3l$}$O(R-4*xX6O0TXV!`ueAuJow@y6P*e26WXb
zU3CFny@NAEv61%4(&u@pzsS~dcPB>KYn782heoO^HBx;Yb31UlB480`KLG?Xiugb@
zx=!`1i*&?V5>aw7D!hz>`_V*Cv`Yl{(MW>5ItHTsiT;*kxxbD4pbSMTGBiyRtzpZV
z7U7xJLvW_G@C<928Sa93lwK0SD7^&AASb1l;(`koAOey<7q<>*h93}6bC8yGDy}Qj
zaqEz-JS3Ir!Ppvb=h28eN*Mx)#r-QDx47(%0QNLEQ)#;f0?k%jdgKz@>$1;F8Q0X2
z`(hn>3aYWh<ARHjPXaKciSo@pCpX4AIAyZlPbI8VrVT4k`70+9)`Y)uVj$MVo)EV4
zRvK!c^lF@<m9EgQ$9_KAE-OCmwZCA^vHexFziQ1@wZA~jbL%u&06uMHWk#*6hBwXn
z>>Wf76}4y;!9IwBK#7xWtS@eG^~IqeZ`a1!E2EuCSW|2}wJp{K5&L4qDsOcMRNiVi
z@5ga(m97!6^L{k0g`~U{s}uC}x$CUFRb&Y*egDuDN~pXQ-;lHN)>i0=C=_R$>JgF{
zkH@0c@_^;M2I2f%B+(UXA(qlNLH-4bO6i-)SgSiJtoQ>{{s(JgZC2@9qA<PEZ}pNI
znZnW^SJnM-Jcd=rx^+f{UJ$ZMZ@WO93$Fb08+4c6)^wwR?m_wd63XAfKi#zS4s;FH
z7-jNH6nN7DD%C2z#|ep7&>hj}Zd%R}Sq4X3bo?f|n=ZPWl^%z5k6V_b7tSHK2fx|l
zmfPbNm7o)EgFZ+kS`?Kp6wUqMbd;RNDzr*pvr1p5Ho)S2Gg-PJ3cS1%1_0%q18DH|
zWO+|tR5W_&>-y{ZS`HjjSGtaW=;-3T?&7@;yvfox;tJTWC(8$8(D}IPqsmUSv-BC-
z0o;tlx-I9VERxc7_X{9{1rWY}A2CcOM)U7oTwr2Z3(VB&*A1s>tg-MrM5jK1DFEeG
z>D|QLv33t3+8a!I1_^nqu@I;eyc)1OgD&pPF;SanZk7J1Lie|=(s#(Y@}ruK+A5Zx
zz#XO?B%$g_VePl&QyQ19L!0-vf!;`eTWbs-@HhI~lI0Y1X@VD-c&v?TurC2a812JH
zUtf}P{ynSoeXH~XtMo&w^kYJFdV2=ipu14!fchWe6O){D6g0_CFzpfaiOU?8pAiba
z-`b8EPCvd-DRum6i2xm^(SaKf;Q~Pe!{wjEO~HEfgw1+|-GR`NR-0q)Z2ZhB{oE@3
zB}Ik0sPxyS9L#$HPL@>AHpdg%Zm<dYV3mH>>7ua8U(^JDiS$RU@*4@6Q;iF?72<!`
z&c*e&;<Z`juYpaGJ`S?{waqaQ%((;&koW7B1A4FHMyAAxpjFao>wxLP7yd#0=nJeD
zTmU~lyAu?8EfE|K;3wiB9wWot!IrM0N~##71RcL4n<yvR==*9=0hOjJurLl$-8mgr
z>ASKvIsi{4%in0*9Z_3UM<*Ce(Y`5)@4E>&Mri9`-S8i1!)-$9Zmyx8bnB$#)}1gD
z8jn?aUu(V}fv!VvNC%|F`||mtb<q26J7>GJa~4_SY?sg7aC%Mk4!3%358ahV;k9ux
zT|aY&FiA8m^s+N1(EkEbowOn4NgH!WzxgLSVx5+glz}-(%Br(j-}Lvl=#|D|{JYys
z(q=6?PQOTllXP#B?t*ucy1aJ{Mb|3-5k}e1Ys)#<4=wgRSzj$3DCuuYKsl|~x*Onq
z_-H+xZI*L?pCH#T%io4u+PBVK@g%C!g383bfoOam18Jl6YvYP;fo6j530JojA_4(w
zg)rHiB4al1;5yNEwc4CgUd7<zqWnGDNHK}qVG{evx;>V&4<@l6<Q}w~!<bHRdjwY$
zVjAVrHSi;mEPtO$xC|9>jq4!_fksb$mVYb^EB{3EP0E~ca0%>T(@riO=U_}27Kfmt
z%g;7Y#Nh%5yjRLUDt`|Dl3GeAI)<WT`LD?bStw#*q-I?3m9DW*>DnepbLrh^El{*V
zMaxF<S!*%EAz6m_X*xhIHVW_|65uF!O-XXAgfG7bSvW6p{Cl0^m7WK`&Ra3~&Y<=k
zEzhv_y3IS%^6gD@uqtcfn^ldzxdDWkY9GFei9XLES<YJq>UmdQ`3)28yoGOR&;yZM
z-eEc8AaXixE$_xYk&4P0mzrT+>`YtB2a*uC<wLA;+a7_E#89bV`e<YOlFrY2jAMj0
zaIl^9hFA<eEa#l%JYg-5xm{1{X&;A)hnOsPCzq3J6tvKjGD+t)qSNvz4cUiqLc39-
zR+l$}?}<LqIq*c@x17J?oH{gT)(FH^yqtJvtTpM_*!?-F&Vkm5HG-vJ_X+mpyTw0w
zza5G_VU29?>7duGa*tJB4`L@c9c8nVp1_DEFd{QCWxazgW525#Zj$C*{w8|+>@~qs
zhVF$*btYsE%7iJCKH*LhzcEQ=`m}UV;}AFSSUQ!rcF-Q8dwJ{KTI1uYH|fk*8fb+g
z{w}v5mXnb!NVi-WD6%<0CvI4}1KnMX2KPAD(g%aLyIo=T+7oS6FlZ3-z9`vN-YwjI
zhFe}SMo|VW67l%Gv5vles1I&zt<oEo^LZ^Ky1;p<PYPd&n>KnErP~Y0mt<DH=u`RE
zlFpYP1+Pf;wGBX!h+0c7WK;mA^9nQ%7X<7&mX1~aE35pAq;tSphE$bzW72O}BkaGt
zQ(_Mk+0IxyXonWSR*k`t<no>#+{HA1;V1%Ne?kHVeefwPXN)ErkTip}A2<T54}HH|
zuWYO!XL>zF?uNEk@(Ef;ph&MkzNZt|0?Gv<2#~C$UU$8~jEN73m4-%`cu=^-IPT80
z>9s}O6C*k-ezNzgTuwp}wphF-ertq*oW4FR6V44N<LI3)S|gnlhvj{UOdO=!ljs9g
z`W9;&j2zSBOP0^O%+f47)=g~#td@f%euJi<^e!&2$!Lk;X88h~MzJ<9J)O|tlo*(y
zZu$y0lg<?JkMx3t0s`&_NIe2lkANf^Bmh2SjobrgTpD0tztCG^v>8BK`U{5y2o^3R
zRw1y3rl5Gj8tH*r!Zn)7>a<3>bpe$a#sNLcYVn7(;vK2<zF>{e<d%1%^9A6*Jv<TI
zTcwgPHY-SBukekC7;9d@C7QdO_U!{HrI5o4@S>kI3Bie4vK(lulvaPKO~6(yQrOQ}
zBVDlCmTZoIj_fCD2q5m@QM-3LV-|{CQFswFq04Ke&Cr*0H~_u>9-$!jL0<~zQ0!xr
z+}#yh>q4_iZ&{_60qiTNpiKoFYve#|y%0ft2Dw4d2BhN}y06D_7U9$29-ABZu8_8q
z@Hi+?BOD8yH#hDB?-=g(It2yqg7}4RiXnA$`EO`R0Bk6WdXmr=Tca5SZ|Vj&j}T1b
zSdYXMot{J@z@aZ_4!vHVL(pr>b0W#scJ4l`<;88>Azrq$&qUYsHQMy$%UHRLIN9-}
z4IM-Ey?hzoOVaMXD<&$<a=sH!I;Tb3i2_T&y1oDbk%6-oo>A!yG!aBE2+3Hq9he}r
zL+}yKDr}?kZK*HG=NIJjRr!2fR7%2NSK4p`o{1<x!7&CVRv5uK+0*G!W#jbfp<(oG
zQQ*BOpD)Yj)q$97fWSgC;@3h({963I=hyw+pYHs@qw(EeJNrNW?eG5n&*HJc|Ng(;
z-22jj_?|yJ@c7sEpV=3GfAg{5I@J4b{*h(Q6M0#bJN(H6K9=IE(s>GVF3w-os_>^Z
z!jC9EtO;arGJ(#mh&HHJwrj=WRjuv#SReKh^-aN3WghxX$B+!+k&Eirmwqh#EQg=I
zt+gozlYH@B$JXa%o@y&M1=EXOuRE%9W4@~D6rWesS9?y%tK1TH6v?aJa0<NT8Jyr$
z_3`kE|J6nQ>P`OVC;}D!180GXF@Q7g9rRZWm<LAcfvhyB2fEUr9*Qls&)@nf*kl+G
z6v%?wQq6*3gFE~bS5^6Gt*Y`<8LS#GgoI0ALET$TP<X?S`3bAj#7|(ICVoQ0n^Z){
zzsL%zMs)nu0nrIm_(=*>_zCe>^ca3=y;D#ds`;ZUEI&WoB0n;>$d5)BjTr<y1gD>;
z;LEeJP(@5}RzECkmN|6_57+6JXPm4i>VpBhqP9|K&2jN?3PMCAyy15J0AYBg|6%_9
zlNbhnPpMwh@ZUnZcja!Q7|R{?6=|oZJ`+J@*;B0|AqT-XjaaqnaDA8(+%XFM@4ZE%
z_Nb%(81hlhqxXbESmQ9E@PqhREnQjzJPRhLMW(if(OKQ--tgr}0=>h9d00?b&n-db
zRfB@g3G%L{K{dCl8$3{d4y&6+A`#V^7JCh!tEJuAj_|Pasv8jRLIMA0+9ewtkG4nM
zngj0lA@_UO{T@T>Vcj~~(%zqNi_g2?7u@e@G+X4gI7ID;{=VAA&#T1#avT+mf4*Zb
z-e$~NKHf7$H(7KOnCRx3!dubyILmJVw780`?TBXcqm|&DL%iI|j{|IWU2tCK{V9G-
z@gob;mH?3bOD{>cIr&VpwuFApi~QJ02-jT9&RZ;cOWIBI@=-QE&8u;Ilu1>2z1z4P
z@75!iQI@y1v?uLodmo$ZX15#c22$b6;}%I3%?_mT+ObXKhoJZdE8pbDjgEG+wMVbg
z8z_Sd+ulz{m&5)J*@UDTDwieK!5}4DzDpzow!DKM!)pYS%nHd_79yVH6(~V;h#z2*
zwS2w<E%oNQ(_CS9jT(UlRv{L^+c|zL@}tC$FYx14d?2O*R~vH;sq2KJjPnZI2{HYo
zuM%AY*vv>FJmT&F5Nd7`aYV3W-z0GbNJ^JZ`tXXOs4hl+apHl|t)kVH=vIP2B0OD*
z4!plhgd@?u8|OZ7k^o;gkihME6yZ`t2oi8(@hJxt;Da-$yG3;>5R4lzGO3ubz<Gko
zIRRaQg8`M29-z@77Wb<Qn?d)oKe1NnbiG@UKxMzFO~jZ*M7}VNVYn9vB4Bg}D&st0
zhJL70bjTD9SBi#B(O9Kuj0_qU1`WG-q6QBxG@kR7=I2e(g-X!{Q#4&EnkLXi0lF9i
z0}&7z?jnzzX<_;>vK&}h3B1R`T~`<|tLOBv^i5iB^f0IwG<aUMBd831yNRM#_3c&n
z_UamupK0!tU%)l7OE|%I{i5&s3te9O(rf;k*F`4T_bdM5uO>K^U_X+unl1<eTfN*r
zfDjb|mkbE#I<|8I(Fq)^k#0<gn_M~=0RrEbz$@aX=(`p9I}HTa*xz4E^dKDUheJky
zR~LW>1nLXDB3J~}iG;v#@5o`M)@6w>Ax+Xt@9488a#<;S+bev#4O3WpTY@B|x8t0|
z3%Ku=X+nCON#?iL;0^;7AkzLl-Tu7_#G4+(o6_Q@ZgCT_LI$5oHxmh2jYl-dn<DIh
zh()cFOBk(7@+}Y6ErE4Q!@4D~4nfVkurM!@15XIqh^YO=T7|#_GN5k=caV!w?Vz7|
zYiLUlav43_Fhqn<^sR+k4F!#K5r8o+RJz`&TA+ntIHFO6+!1Tp8Wlt*Q70403n**f
z^&%u%^9dD;GU=u3zA_}Sku^d$=qP->fryV@^GUnIUGzL=g%}vK*jPJ!Hw3JhzG>}M
zi1Hx<gm46cukwMQ5b-l3)y1qX!8=fa81@g)a06TqO%Rf{I<spby9+ghoUsR`72W!h
zfNprDfpgd-7SaGwMpjjNbjmt9LKzgjEmxR6@b{1|bWz@9f|gS+U$<~d2Tcah1fixi
z0~pGpmg74I5ZH3B^~8CU3C9;LM=yafc96ln4;awsa^eMt)~G0)Lox7--)m$f0EPLZ
z?h(nouFoSRMH{iiN$Qebs(mE!MA=-|FeG0L)ukDqrJh?7J-0+L)jooVslL?s=Un`A
z`Zn#}rn|(@xaLI5JB&#u0%u7Zt_2c@2qMb`Vkr@#gqwkOR1eN;`W`w5rto!Pm}@-9
zB%^a=-8+{tQ?#yo+!k0c8pz>(a^xESiB{4_;k@o-qz4TGMZG3zgsy>BaP+*MD6!4%
zwbn%D29khvrL~e-$j)1pg$x%79CY5&V|fcJi!hzH5|Bg&&X7ZsRGB`AiAc6g`=7uy
z)2y6!Svf7s0fk%}Qvy>CV8HQ`n$x=GwA75R;nY)e!!&ddB@~A>qM33Tcb!-TP6}~T
z=T?k{%0@V!Nis|b@>lp`7@sc01V<*aE>~LZ>Pr#8c#@Oj7U&XEP<9Vs=#=Vu8GL!Y
zVNW?;VNW?Osto{;s1!Ace3hi75*DUV1|dQ$nWnXh8WZDki`uc+VM3r%aP|*ZGHloI
zbSNlQLfUH90a^;H4ro>#pj1QWD3FWv6GX4P8_WPh;l%U%nSQPkUg)n!B})T;34CST
z6bT`x5Bj68PxPEgMhOmm#>lxL({V_~k8@0vgfV?H#%85&@CIMf=ak$yr`BQ7$S8U0
zKwM57JV5L6d1+9luL9i!Z8(OR5v7Vt3FM+!T2AYh(;`gcaGz0XIf4yeKItH47zg=$
znR#$dJwQqNCpMr1+yq&AQ<M6p-00zzZgimsaB3@KrWf`D3dLPTYcN1_O)RB12nSz;
z<7^e6&Q{0+rxfBE?}mD$ap|MvVX29-bnnm_%8!N<N45}{Pr!Lz#`Gb)Pq%ubg0HPG
z0#hLD+fL8RT7E$<wC}8C)ZV=YzRT48OQwJczstbFbrS;?+=6wu-A>ei-LhRJ;@h>k
z?rPl*&pU=Yx~`~+nwkUV;*hx*HWy>;H0*YY;s%D$g?HXuTrd~YY`iFU;uNAaoWgeb
zy4vA(E4@>>db<tnOZxM@O6g50y-A$pai#ngNRCV0Eux@4w{c6;%g<K91F0p<>l*2G
zsmYS8CBkuS010yDbo;clzh<yN|DiGTpR}2l{!>!)s9c|x>v4XTg&3#_cVKeQjVq|J
z+u~fN(&dJ95xQ{r29;PpB={6R%je~jh#=|md09SRW_jsN`Ml8yYFq(jC8Uu6w#Fk!
zaPZHT2;R{=72WWud}{GbZsFMF8GEsq$t_IH<#W#!B522)0N!>PQJV+P9GjXfrWVqv
ze0s;@cD{giho9X$h?7lIiS@_xsd@XkT>j~?Okpvbx^f1$Np=}9eFo69FQPg}bMy0=
z;>lEDu4~W1{d@Ke?H{s-_U%VbA)?lv$fsuPfyrEUiDcl-YF!Z(d(6(-se-Lr?A^V0
z|KR@J!-IPc?A<rGTdBhlbwCPt?;muFAM^tr-nVCH_kme^=HUMQLl=ka)V>3I?b(^s
zLwojI#5*@4DlsuRzA&39WM)#?k%@8qwrxbM50(v1*@YsgK}`v%67sBjB%94WcX}yX
z%q(VY^$E~9np;?~XNnyaXynYsF?%+JRud_5sA%UW?IM}eeQqK1EVu}qOU1c|I1x$>
zR-ttvk`;p$s9vE`4@Xo7?g6Mcm0RyM!F^^H11j2$Xy`hg&&^L{7VT_i!7ja~X(;{X
z<ds6vo*$gFXO{Ar;+4VC{FTLG?h<5V?#kf#eY+2idf*Gy1$%c4EZD_@5tIQVDVTl!
z-7zo<W-R6H!wdFOF`vrr7?@bPn9a;QVqclcJ#8->o|$>*;+~<|*_rg-bUM8czZSIJ
zKgi9ML4v-#T^!5IP*hTRJj(4ns)yj5aECCO%Vsen!oL&tf}PLI40;`=_kQ}*W~{}0
zX5rFDP5P5ND)0?2g{k)BF9+R|AN2sh(xWa*4>TQ1e{FcU7m?V}+~SqBRiaBZ(mT1d
zxR}cq3zKuXrEGd4pPR7@g~*`h`nD>4a5|T^vp!Xzmw@P{PAJ})Y6YZJ=~Z`C|Asq%
zr&9~5OZL3IP#lEf$<3#@I-qyXUi=JJ%8r3X&305)^U!Kn^U$7)vqJ~=?N6nL_76kP
zD>V~Q?Z+;2%%S=!TAwNPmFZe4GM`p@S`Yf7JDBmagU2&j8|=@0^eY55%^goq)%?O>
z9E+%y6Lzt`QsX0%dOt@6+ek&Xp2`%8hxBlUR*;4;*x2`K5<;1c_YiB)53C-vcnus>
zZ`hzP<{E^@7M{)Ia|@KYRU-`aftwOU=&J?7O}g4!UdMCUw2fClta25Z=CJNW<4vQk
z&~`sqgLTT~f;Vnx{@uF*|0?b8&^VG6-nlhl!|<){Aa-4WF1;FBR|VQs>Jok%Ow;tS
z6=;&S8#IJ&KLh|y!<`vlfECYXLj~s}S*81d`;7gZhrl<j4Rqrk-K~1M8}xtzCL(WQ
zU8Xnaa;_SQ=J^L2cgI9Fm06gwFBc(@BqT6j4TvcHH|Unf?D^cYb|{k?QFE^JPa3K6
zL3oX`nf(0t{9@`?p!T~1=y;&0^u5a1s%P@odRTv68CH$B{aTOfe^<ukO_yF1Ee$Mo
zvrA!pm!f?V8-lD|`Y)An2UhK`^IWE6PyNgi_OzZ_@i`BT##VPf+jaEH<kH2$Og?kb
z&L7kkX!i;h$cOVWyMTS6QUhT3q@Bvo%!QIB?qdhG&L6dH0{K&OOY;{Ou@5YQ{PuH;
zY3!aoB35UchATb2RieF!25Np^rBjW{Xwd6?rI&~5BQa92ukPpr65oK77~({kv{Hx{
zwLHa(4(xae*(LZQyjnoGL#fV)YMaSrbMVU&*w8O(4{98(dm?HLLq`ReBAW%Q$KD?N
zPme$*c)KLiA-7gUbyu3hiGjO9EJe9WMpT!-QWJ$bSR4d6gcgkC+_NylMTAvyv&F%O
z3)lgjS;}S~Pi2?vlL&Dk9)e&%RTFRbvuE|&pWUhS@T|T6;@;H$lx?SzHE0<2!E?nf
zZ<>!ZGL2K&bd*slDl@Hx$o6kE7&&Bs4cl8+K&~u84B4$9kt0N$bT@q~ldlvU;-s(O
zWG0=q0bng6m%4Z&Rh(0bLa6T<&y<}F<CmGjW4R*bc2ZF2et8yw42m}6jk@1yyO@HC
zNofgvn#6F4JWCnWaZlY2;?1FC<|RykUk1bS)HM*Ce;y#K>E=k5ToHV4KFY3FPhj(r
zcq5{E3r}YjCCJPW?XiWKTpFsW`AGdTgc3@2JY8r$+WrO1i(W9Y#G8*misFL(+@z=s
z<_4ON#D7_%wwjMd&U3{ej3a{4Y*zjan4XH;(|qL7($6En+?<rry=y+oUPmSsSv@i2
zO-G%$GP$Mv3=D@a0()mfZAfG9mst?6Bv4oSYDD!Eq>old^mdwVU?o~c-w>LZRL|Xn
zZG^-2CfrMe^YYIj@NXZxjNpD#+H;CQs)!8R#igQMn94DI)pTOOeIuj*AqP3MpcFTM
zx%{QnLgup~+S;Q=2|e$P5oM*2@fuAnW)Rn|G+`&-#sQN=U%z5VaNmtZ?&@vV8F%mW
z_QAcO;l>32F3`9oV;*fy$GZ|Ox}R6gXfSEfeG}Y#Oyp$O%2d<QNfDpTXKVyE<Y0~#
z@fmDfa|>E*8NtcnmwdR>oXIUM6nUJ&mHTHi3p0>x-eq$*BZG{k-bOFvibw6)T;8q3
z?Z_++xaiICeCjf7$0>W^68Fm_0ejq$>?Ni==jQPiQ=m+{JL|<%9$V<q6xS(R7I0D{
zl|6%a9KmtVj3fn)%Z#QNGGr^+1!G&igcZ3N=XLCb)WxhlmdPV4H(n?#rG#eg(vcLO
z&0Jc_yBdMkZ^k>nVv?{K8-N(Unn}43LmFY+q<RK>c1E0LgkDlIlhSM?k7g<~BG=dJ
zgED2$<78B^65)cDm}OQPqoF2qZ#5tio?2YQxtL1ifZ+vSk#5Jr#iuh~<dx7!MJg+&
zj4&2jAaMR%0cn5S(kVbD3bJ6Q5dks9)Q*MBCAb7Qo8z0MO%b)Ouq0;#&IU9qa<ZF4
zDpFYlXA!fLIEU^xYUD{~R+r&WSP^1F@?9XODxyUSXJHlXyaZz>=Tdvk@vvYqjs|fW
zGKJ9*EzyfUffE4{M@AE4FXV9;h>@Bpi35?tbE(2aKJzR{0VgDz+LO1R1tE;qJccu8
z3>}ebNT>Z=Dtj!SXZVs-ONo~LvD6jt6<P01QfQ~E4kK_%D0Ob_(JPc;_jDHPI6*}F
zw2pQXpHFH4n)axO7*bX^sino&0!HU6=;L4DO{ak*P~|C{=A(}RjDqAHnv^!tb<Igz
zZg#d{7n_eZM%A+!95!uE(r7-Ka7)XOa>X<?A$@dQeRi-ZdH6f95J7{}gpA}Kui6u6
zzLi4L=64*Mk3wz&YF(%1qf<<rctp)d8{=rRIKw#xU#$74lk7&WIcekiFgq_gp3TQS
z8Wcm}RId5xlk|(($~Gqp83?KDwwsZMTDRnjN1HE7SYq0xfaB(8^EedTeB#IDfgs8R
zcJWsha5%onvQ{`^+~eD9j?UpItGnCwZJi}@Qo!E0L``mj4^20i(mz9lr&!E3A7K>I
z$_j5j@;IwThc_Q}bhi-&^Pcu<#$YyQxDtnJJ{~eLRlOT%zD)~5y%~ge5gydBU^kAY
zBY}+nxnXMwC^NdoGgV0M@RGspS$Q-BK{dt)^$nC3Q{U{|eA7ayNlR2amv27X%1HBK
zu8?88)Ybjww&_^8jc1al5<QI{#O<%ss!bkF-GS&oPP=#DAvzr0<BWs=j6M8Zk!gjU
zt7#lRn@P{G_26n+cZ__N;dwOQwVLLgCuSDMQ}b*;P-k56Q|Z*=>ZvuYkHe0JF*EQ)
zagb5bq#VDZgKZu;j*Qg-)5%sxmyoZrR|b;8;tiukfJ{mzDF`GUpQy;J!gStML)g(P
z6ZzaC!t|0Zi`-kw?6A?C7eWHkQH?5u2dlsjAB@l8N5|70`ly4PB|xG80_{gPUWc94
zk4FYNO@$5RL>)-ooEYy}F+cK9IG?BkXBBh9gVB)M>h%`n=%?$<ee2OH<LTfqgB@4F
zbyx_}0IuU_%4HmZ;odep<h9&c>>S6LVy1wY-3$S}vP4b=vG<WYyqb9u2em=(n!uSJ
zBo~Rdl^H`B%zn+)6~(>^iGkxHQGDk?s1jJk<bs~YlS|ISy6{T~m-jsINh81R4Kg7_
z6?;$K9a(V#Yb`?;78}&9epvr-BLF1xgQKt0JAnT5in^ti{??;Q*{4I7<&(A0Zd>L;
z#_K*a1t*OH*G7RWbZU)-1S^~_Jqxvz1|A-2G{@_-NOXD$Z>0{@5ku&J(NrT~M!xj9
z1FWG?|3JV%*K$ZLslrSvPo&6mNTF6I@E}nm?5of~b+vFHha5x_rp=Gl;m{grN%Q8D
zm7!=4rFQZ<<jF5S4jq6o{mYRtZ%HFof*A-XgpWdq1IzC2Izr)5v9(T%02rR{NX_ug
z4&p}YoWFf}5srOf9G)|e02KN56MZ%TlBU#8|1j}m6*)aYxm(8n%a63G%R5_HC4Z<j
z*5Uts`2RPk`x{>!8}#tQ_vf+6vB`h;)ph^+{k1*EuKsDV<6jM2J4+a&|KP$ooVO`l
z7|AZqrR=4`;OSh^zVMhWo;*(L*o6xxa9A;QA^0@kg+hL&x+r(?Gw3L9>#3?5Tufh7
zlP5=bl*6TB>ANl!7^(f|fAYZR|LjxG|Koo;n*HsEPkEzE^LoHH4BzGBzIIAIHJZzh
zWwWOlpPI+3F!HuNn9gS1_J6kxP^wwtgZ1~9|8F>e=pqnr!saoEU+a0i-l?XX?M~wV
z`RP{mBE25>&x<X?xOyBvt?(2+kEzFSrGM)FDSV$%$JJSB`EKj~{6Bn!(}n0yV@lyS
zB-Kx2`0*$8Nf!=fk895VXACzHK;;|ZkK_H}{BZ^SQu3TM+X_tt4*<0(yyLup`jotr
zo^L$Yf8K8W5r9TOlm4BD1-$6J7Sgw*&2DA>4y%i}hTR00B6ux)PR%R+#P<Sz3j7Sd
z=RpVmoDj@2xElb59Plqy@Wbo^6J9A;!N-^H7u1ZrIe)Rzj&LS~XA5c;V=UnR3~*%C
z2+HwVEd0@Q7`h(^oV>I%<J=2s_p1GB5dU|pVSMjV2T-yPR~*N2Xsn2E&i{sgZzPTI
z58~zNS^VW6yn_yKP67WVp^%(e1W))|0GHGp#-v1PoDqCy-SQ0h#_<^Xd8awJTD+eS
zKI&Jkr@`YHVDhM6nSZ~n4ubAr|7tFJJlrju4D#_oaP%O`_kgEE_#OfehH$+f+}?-M
zA@KPC=FbLgY{wQCrBw>`oC_PZoY#lYdJpRO=cLHj2<EbY`gxRQ!Oa0kd~k+6+QR2o
ZfUWd#q*ZmH&E-QYHT?Vf{~tN<e*q0<PAUKZ

literal 241664
zcmd442b^6+`Nw_s+<VV$yGicuW;d0Dz=p#XN@z*wO(66pz1I-PgmVcBA)!kz7C=B$
zKoC@Hh+sh}A|N6~5mAVsC}KlI^lu@&-{+b0+<UfU1Iqh;-i4g`&2Q$+net3~rrcc*
zyfVlIL6GO)+iwTKJ(%*hl|Dy*oQ3n4Y2O?Ze69TW>i4wl^7!ie96!H4eNp0$OO7~c
z`cX$LT<A`je&jLJlf?_C&tEuwyWRJmev&)-n04CPDr=@e@3DOl?9!48zO(V4Bsl$h
zF_<yE+Ol2{+(yhI&;9iK;OXEOCAPsh#i5V45E6g=n+}4Pzg%$m`QlanZ<?u9DE`hN
z+}#Bbt`Ax)*}r_yiuJsQa=|`XdR2IO5R@{0O4xVI*w;Dbm=B(U{rOwdbV*v%c$+s~
zIeeX@o*V_Cag&E6^mCY*zpW^)b&_LFba<4wswWBSi^KeFqt2Pf*Ck*1lemRJA?Tmh
z66}9#7_=z+?jQdO<E|j6<OZq<K`g3wV>vy{_Y6ccmleYxzm$08!|ty7Y>IX%-_D1*
z`jL4s3Cs5elh-Q-zvi>NT$4a}KMiEUWye7GbmedA>CU-J3PE&JTqKZ66i?tI{ncbZ
z{0`u7dVL~HPjV1M<R*cu;S%|9;$V_<dAMEqX1GK?noC|0RvyL9PInXzt>F@hTFIS@
z#SxdjwvxLDTpq}E_KhpM$$YqHpg6Parh=k)L!Q}B{L?<skzYPxX4Ylz7CycwL9Lin
zBfTvuo4W*OJQ7R*wsfqQ4=&cS_+Qdruq?TOulXzqb5TqdMAfd=zPMPruC44gCl-at
zF=?p`j4it@o7VoY+*|72zqM4neEzJbJ9`5ymsw;4+44V>OCw&-G~zY9sOo)^xdk^<
zj4^o^t66ZwqFFE`rLQfUum2>(Lb7cbEQ+U)ph4w(9Bd+wVrN;)w<GThxR&=NOse`i
z3fQEKYXvFf_FBPBmoE>LW&&pbqj&?J*^eSrUXnVZA;tWtxTM7#5p!S87X_Dhw`e(w
zoNq~fB7pBjein09&cpJvCmF!8;HyD>mL!QxrLJHW+`4K;Zhg##)Dx+}nL9^9SV`ud
zi(4X(_d0X0AxtgCVVV1qxHL1@=k3+O<!d(c_BrZM;s4vb%?ifk{K_-z7~B$hSZkwF
zmwo#*95v-bgz918eYz2;RHhaL``%}5M;P?L(`DAefv~eTtaMfT+N0uittD*`2EtNr
zv3vh&F``=kuCsTwa0z*o@0}6mmMVbYWlt!8ppEr}0tmV_Pbh#W8=(NAVuS*Ssu2nx
z=%#!a3Lx5yP_UZsMI?e_%s~OfSR)i<eA0aSFcsjlW`u%_&vtWAfX@yi6hL$up&;|>
zcymyIPkKB5RRs|ASe{T|uXe1L3vQuo$i%d493M}+t_h*zJE<j?>l@?keNm{MD)n7x
zmU==*hNqrNp(Af2@gbz!!h0Y$Be#{u<X7aj@t7Qm+;)N^_dZV%-6-Bj_#Hh#Cz=xT
zAVj_<uNMaMF!=&;j$%ZlueZJ$t!pK8)1+7J>n=(oS;=Y3*jnl@MkTj8L{S>d%D_v@
zE5-h(=+?mUeB{=|AYiGlVbB$<F()7qK_Gn|9cX~~)I#5LRoYutjOTlki@jmo!)w#_
zXb)m~gbJUiuO;C$eaQP;NkII0!3pazUV6IS+G6Afa$S8b-O_<ndL}r!m&#I7o6q%+
z3zrC}_d`jOSm~8CuR}OQtd_f!IxyLLi6JYM<rAt&p+L=*cC!+%$D>#$U!v2SZF~@P
zb_NsZR9hxf=BE-CLSM^Sx`GwsB~<+9(vY$CRhI8nO*S7X<es9V&92nxdMa)WJ_SK$
zr9_W>yH(#THRDvu#EH(391h0L2<8Imali-r_;rxh*|;J#wK}3evHE6WMku3%j$+Ae
z4BHl!-6oiRK;U?zGVA5Y&B2U%XX%SQY9oJDX7<3O8Y45+<TTRc2Z1u0`)I?qY%Z_!
zy-mf4;>|FsxuV+~vvqlAq|Wgc*!t;qx5RwD)a&JDMlfM+Ky?wh$*J5R>9zXnMHvd_
zmVPA{<fA3>9Q3^~S`qyfFZHbmOU8|TGb!sR=q5*KNQi5(>oVjs?5%H&4+MN0jOy$c
z_)gJn3vMmVc@j%0#yx7QU(gan3>gaLN$I#Wxsk*%HcjqUb3$^zniG>p#f%9qa%b=o
zuh>vFc_Dq}&8C-SL%g&^KGdmV`cTgDUXlT*n5aeWoRm30nC*l)PnnK9W11yEFMZYI
zI6V0AV1x@k)0#SW!rO1ZJ-D)NkE0)-hCz4mTGXO-Rq|{uc}5lXc}C?V&)$dUMxKe3
zHS+9@OrBj$Ox|^#UF6f&$g{slMv%>|#YTo)GQ`UW*?QR!FC%2@72ZoGTR)sK&20Us
zGMcRy0xeso5SM1Q?$FHEH&+bJ)*UrlgRQBIAz4Ew5ww$EYx7St7`wC^dt=gV)#9Dt
z>+^V!y*p!6`_?YHT>!1^VZ1A*ud<y{YQ@+M*6q$CZH1p0RIpa2?ZHMnSo@m`XcPlF
zq*_jf3{z#u5SH3=j;dVguax~am=rWd4=*q&koqU>2c2du%(VyJcPY)4N_)6sJV8z_
z^+xS2@t%Y<kl~8;y<mDf)++=H2!jeeLKuu;qVCHU({A;2P3ym*+mS7mp3CRg_ra{T
zcD40QE0wQv`(l$a@zE?55$*RwmAm(EE0-AR{G#ag!`@#ky8SVGb>zbo(f88|=(w3D
zdO`sNZMY{CKu~6$PyoT?&l3tD=o~$v0D^AP6AB=v8=(MVbt4o&%rHU$1ihyZLjeTs
zlqVEGPzgPu0Ai*Q3Lxk*y$=Ntbda7<06|yj2?aK8!GUJoJ1BraRy?5qg6`833Lxl8
zJ)s~I7QLu<P=HVRQBNqy_*~B%6yS4xBNSwO(mnbh6yS3MBNRZ;UwR)3GOyC<c?Sg<
z2l_qlpnxFg06n1q0>Sr$0tos;Pbh$(hx3F22>LotD1e~X^MnEjx<5}S$i#=9&^su=
zCtac^6hLfcgaU}IjZgqV59D7_072K`2?Y@J2cA#>K_B1=1rW6Jo=}j9AZ?y^P=HU`
zIZr5npds^w0tgy4PbkQQwX-=Wz$eX}_o)DacFz+EAZYSDp#XyB&l3tDXvsXGAoDdE
zChwpCpR`M!Pyj)r;|T>2v_76t06_!f2?Y=|Kb}wkLHpwg1)0y&AbAG`8HWSRK><M=
zXoLcYgN#rBaj+2zAPzA?K_>7+%|QV^4>Ljm#NkFLfH=Yk1rSFXp#b72BNSx5cC<Mt
zz~?bWD1bQD2n7(w8KD5;cq0^K0-tXV3h;S?5egs{7@+{-L?aYr!aB(u6yS5A5eguj
z5egs{8KD5;WFr(nBt|HJs2iaG;uIqkSbVg9o!Alt<E3xZ`MmUW(Lh@${a_T2Wdy>!
zrcz(W&)}$}kt=&lHH=)<V=7$a+B~L8MQ*IeRG!GyJf@mNag6|7hbO2FksB|#`9az(
zKG^BHm39-oPb4~WC_H3_imXO%s>euW6f?Go+%!)hgekGQCy=$st>H0J6~!ImyT=m<
zQ51Iyv6d&0l_(xB#M%&Hr=#{oy&H$gEsVY<sTx!C$6-KvnO#brMR7^ztVB!3PgESn
zPhCYv)GF~9f=Z{X)E65p{c6x)$q{FnvNq<dGiLiS)4VWwiqCrOX@A(=+a=?n|8*W4
z1_OMnTjK7AmO2l{F7sd}z|>Zq0F!Zk0_>f5N5)Y|U@$@6?MFRuI9^D9S<>%qm(hBv
zMrgaR=*aF$YgDXnCV5+ORI12r<T2GIa+`Qe1!1P=F;yUPn}ToBQJ@cW)}4`#;b^^r
ziS}(81o?Kwe_L#qA$R)ie!fk~>bE!W;Zjc`N7hL^s1cEymHCFeJnOMYG(n54mMDNY
z)d&R;A231z#0QN~0CAcT3Ls85LIK1QBNRZKVT1yRrA8=#SZ0I*h%=2)VD%Y?v&=yO
z#MwqDfH=np1rX;Np#b7MBNRZKZ-fGf4;i5V;sPTSKwM~q0*H%@P>_l7#pa*@pO+Y+
z0OC?36hK^NgaU}mjZgq_g%JuMt~5dc#D|Sg0Pztc6hM5`2nCrKf6N>d;PWaY6hK^U
zgaU|bj8FjaaU&E!Tx)~^i0h0{0CBw$3LrjVgaU{gj8FjaNh1_wlJF^WP=L=*8=(N=
zMk5qJ++>6Th?|X20Pz_k6lA`3i#aI3=dDI4fcUHt3LtJXLIK3>Mks*zoDm8#U;Df{
zD8T0zj8Fh^hY<=OzG#F3h%XtT0OHF=D1i8i5ehP&|Ef7Cz~`MtD1i8y5egvgGC~2w
z*Nsq+3H)wzP=L>Sj8Fja4I>mleA5U85Z^LF0mQeBP>}iBz2=|*pWiV;0mOHWPylhC
z5egvgH$p)s@CVF60X`ozLIK40j8FjakP!+XzHfvAh=+|(0P%<s3LqXeLIK1Nj8Fja
zm=OvferSXOh{ugkU}^e&su|Ap47AS7tW7U{0`J)c>L<l+3)D|ZSd-T)1+3=<ljz?D
zuStuJ@z<jJ>86`H-BeV0*Tv8xvrPRm)=K?o{8Wp{Yxs}iUqcoB0(FXurC?Drgb5bH
zWoUSBiY0{9-!%M9w6$<I$^2a*{(2@P8{s_2{~U<CTMd5$#bj43eTC!zjQTOe#~sTf
z@22A_`lREq_4gN(qx2nPkB43PyEAyVe|#}Hn|Fo<yylRA@6>>e9X;TgL*9K!-!*ph
zcY7sL{dp&5TUSTEZ(_NYzpkTDOj^ppqFO=ovX<}OU(`lrR75Yb&Mfcj<4rf8G<QUO
z{q0eFg1}-i>EO-wqUzj|wZOX046z&T8XkTZNLD?zd`x?^qH8k4Hox)_giA!Kl0M!_
zcHrSxr*p|Sz<D=?4<}CnJByw1ax5LCaEVA>E!}`nWgyj2#-_{Dx(A_HE4xz}EXCvS
zpAG(X3%-NZ3U(eeKfF_=v3gkZW7;XAgZy*LoVCI+f&OhAe(;N7x;|YBZbs%w#HcdQ
zN-`1fgVk#CVLmZv2gdyn-ixk3SDFI8F0T!#B2}#-ttG7@Ma|NZRuRL4tH}Bm!jLLb
zN(NVv4b0z4sz@n$R%1EG5;D-1cVclTQkvA3mvGkD<lQFFZSA@EBwYIYiK)J6>_XU%
ze0yG3tYU{PTgf)%-Ht+g!Pl~ZQsM==L60ucn-6{4SEU9$`rB+Z82oKt!yEKyZx52*
zw;KgIbUQ#U*}E!*y%C>M7?o0KMm|-VBfr_ARiwFCi@Y=!WwS-GR&?ixG|QYUE3+pP
zq~8Nj8Y0aPi%Yr(pk(`Kg7Cr%oATR^{37Bb$ZuP#wb^;M4WAq?zbuZx)4Wd=uezzI
zDZ4x3G(>hYl0DB{n{rugd|`l%K|Z*meRTK67t*~OzS2m%w9>TJ8Mx}YN#s5Rsuhav
zLN%M+z%KU9;WF+nR=;_-8-DbgBHv=k%D1~T^(D!6m#3EZiRH@FvX@vGeiMPb+ea*n
zu(7ZWM~b)X+N5CFS<`HC&L(L-hlfkcQ|h({;Uoe}o#^ki@%tad<qrfjvbb#7Hb`93
zy%P&tF8YV<87T#=$jj7K%FBMl*ov;%-Zh2eFx*!z97mYz|0Wy~iBvdlqYz|KEpp6W
zR5+NUU^a#0DEsCJ!g0O&&AVgp(-01^3=)nTQeOv&1CtUJfkVW?{6j4Vh=r+!TIP#|
z*@Rjah=qv*mWHIz-3*bGb19#^lVlB-lpm|xapETMJ&}|@i9E<2z>c8}%jRRUlH&Ik
z9p7@%>rFX12{~D9m2&ba;@e-&J25Y(Az4beLmQH7a9g>oTx+iHT2|7p&aW?`4{G(c
zjzU*QG@B|L)C#reI$Gf3oU_DM9JE6G-9|J^b><OKPwMWNAE{+2vC{3FClj_~PNeLa
zu#RbuTFw>=GaR*?D;6d*YB?WE{Jb#t!nlMWY7wKbsD^l4K7Y$2Scb0u0;i5rtrWSZ
zL1O+y&7%9MnoY^Ro{%*EMv&~Eso#?Oxta~p8#_$&#*am&MDxUek0D$SK>O}wXB;w{
z33JI+5P5e4A5HECb~c)<a@xa{eGjMOwF)CN9j{e<4_6s^y!HzM@`6|$(!<Re*A&ER
zFD2z=@mnp|?A7e!mLZGNRw;{LAj%?(Vy;XUZ?e4fTWep&n(5R&W3K;&Eb3S1*H0m1
zkwvk2Swy*#k;U`8EM}M0FCYhel_}Mk%&7#4ySp#7Tr8FcQp=@cVKS=TE*A^)PPJSq
zmPb;{N5sNxQe8fV#mghJ$H*-nDvyVVJpK+RFOM&PL>_;sX3@Q*W>X$-CAgKz<FD0k
z-hEEK{~NWG+$(A}gmc_5;e3HCD2e2(QaC$mBAmAoda@DlJrT|W2xw&Cyi;7#;g<-f
zm(3rxTys=YHXm;Zg6XT2&AW-Q$flSgn{N^F(01}mxUIaM{EE5$7qY2eonQZemrb#$
zZ1%0)Xe52F*iou8tWlXkVGy|w4v~~uPt@Ol_hRyUE!D{VQO%<JvzkpYxzi#%LbLT3
z^;>d(RkI-(wPBL6Q@cpUY41QX&ctWl-Ni?f8-WeUNcWwRu5@bp5UyI>Lt3IWIvR!D
zY=`Exoba_~pLjOy(CVu!>+cZ<DQhvMtWPH3p=JF|%bXG0p>Lb(J1pzF8(+w~@9?gT
z+}>>P&0@LF!X92Mt<CY>1KwB3D_Pn)JMww=2wX=IU4ST11~$mM9}FU9<lPSk5o}QT
zQI_c6r2ZeuyT^y*-t<@kasTjG-gp1>SYCDi26yD^ZD2Nat`L`^3&iFV>O#RKmlvb#
zBJUy@?@AtjUvNb*(P_o(D5Tw3LAIUtbqtz`ZQdzDqy;y>qtad(t)FB!D}J9O$m9wj
z0vG+ydX29T(8x_ub$mlQYnguX@s?|kwYDf9oIvj~1NqdovD2lLWPh|1RA0h_)j?7D
zRQm?ltAuA3sOt0vQBS(9N`@+G*$p>GSH@;O5S~@#^8-{qEm@V1?FS8M0p}hVFyKX(
zf*$b`w25o1vYsp?>r7Hdnqw@&edX;T+D-5J4(rHDCZH0DbdK>A((C6Kp99GR^b2Y>
z>&_|m&Ea*&eNp}9-KqF#%rV3=XpZq^_0?$bI)*iP`%=z%C$SnnMYu)XJ}7Pi8&iZ~
zP26`ySY+Hkq>1b3Y6y|;GYx{ZS`I$fw{IPs)wqXpTa$9j$IDQ(HU>roErs(NI@)T^
zU4tdx9=fH7$IPf$ihoJ0IBl~G`@r1Ewp(;RKFG_QW}1-PsCZ(rF|59+XHxR0knx$k
z<y%M^ny!w*Y$|L}=0M6>ICMlgcQ&7^MPmwMqWBV-&J@EO)_kovrWpT<FH4W)&ctOp
z1E65mnr7=KoOQd>=%S1{mT+{_V6D_!D^X!zl9wAw$3pl1J_#%G9Tl&-=vvXj|Fz0t
z{flbl_(i<;AD5Z@PqmajkxA)qd`i>rNiyG3W-^22He%3GZLc<4mYaH}Bz@hM4Q>xo
zQ7fa&&DF}M*NBnsCDn}G@>Mok);MO?H8VMxH}aZ&I(V;7BHYtuPbE#PoR6s0&nEBK
zvpzveWV28-PgMM=MRzWswWL{*OIP+~Lpvi=+a2(WLAwKb(;bIPER1PB3`$$FGoOZ0
zW&^c^vAi?gkojCT6nl5Ne^>XGX5Jns$xhu&6n>U{Iid~o(I1z-UZ8qrz5i~o_m&Ms
z=Q}=FdkephAq)-(`pz?aRnULG;hzLk{^GIh^F%!q%#`-ib&#_3%-z5mQSvakJ=vX4
z^15bqM#-~H>xw+$(bv*d4Yg>eUxmbNz)p$O%FsL5pimrWG7Qs$4dS$km>wmsG{ahV
zY@}LY`;u<BkUbBV5wEp~SEF9N%}dm)P-VWto{7eMPHNh^6U235=*~u#235C>#Kl)P
z5g7KeNTqROJQnY6oZy^062o<Qe7xWZf<r&`>jcXfN%HJL%vj{@4c(jG+{(N3tGY>D
zp2?<sH`$4YR=&JDkpTL8bME7qjF1-KQlAPw-BWC1|C?-MM-f<&{qa$KnWUuPP7)*U
zBj-HU$ek>h17CG9qb2f9w^+G?`+)bikl-ChA?5u=f;o#Babi+d#@H!>rT4&8(%ZsZ
zzNynDp>l?R9De6#j#ha<^v8U)vHr%yzi~kH88B;c#elviSetwuycUO=T3$^ak_>%G
zGE|!RaEZK@OLm<IE050fh-W2SB7vtm=}vl^s@F&t`%6Vv4axm6s+%5DbZyxBIL0Du
z%qdDjZGP%F0@Y8oYM0V<cvKwx6v>}mkdp@Ie#D>El60Wm2*|=A>F_zdvg53IzmAfP
zz~o8N-VHtZ=#zaiZizgiG}#oZB%8*9%yHvMc56{P$&#LIExB<dPfoU$9P0BZUTa8d
zKTKGf+O{F7eN`NMYRe?b&j&XM&cCObUWTl)&wOR+U4ODo2I|u!5-g*NQE(H)K!hi$
zS#VR-jNEFNjbiMQ63k}HQ3SWLY`F`!L>`?q$?1V#$(D4zO|oUkfnUiCf8bX#Xjry9
zMOd0G>3QF#6s$F+kuS~jz6S;$da;==jMRhvmFG)y$slvKGnIq-Oo>;)tu6*xw1%1m
z*Mr$8>TW6JY}TAaoK}`K-^DGFN7Px;tYJhZS(B=^Bx^dbsAh|URdP@^p9&2JW%DCT
z%`YSqRNGn@A~pk4o7q!n$ju?a#jiB;=SJj)Ojw!RjFvyyRC82&rK!Fjw?rORPtt*7
zvm9TLh&Bd}O@4#b8VMl!4Y}X<LLYzjBcQbOJA4&DJZppk2vn8chXRP_j8Fi964U!o
z0D+Fw6AB=nH$njfx+?EO0mO166hNTG@;($myl8|1h?k5|U|T70_?0;*fIz$D!%_h8
zvJnb0ul~jy6yWo>MkvVmL^<ZeRDe$uah_0+@%gGbD8T3MjZgsb2O|_f{Lu&n5Pvd4
zK_+mtH~y;%@cEh%3LwzgcpnPvRUHF-8<~(l-M?Ee(&#c$_yc2QKfPn4=AW?0IZh$n
z8#(pxn&3A*eqHcCJbpv)KRtdE+z8|!SR@c3-M_tue+quf<9`c&+v676hInlruEj^^
zEga)sA#$F0yFnBn^i1SVq+uQEpzNt-+{`)93mAbgYrYUe_tah_BNFK@(mk~oV^7Ds
zL-y2Of{WD^IR|QcYGv>434CW=`Ht*iy%djpZ=!t9+w|ZMU%d>MYTuenzb^;z#fc?X
zl62{qzLi0{*z^<-ey)&ke(a~{3>MQ}8IeB><m+r0tQoAoub-#?ulsnBh}TUb6hNTP
z^CF@E;teAdK>W=J1rTo<p#b9VMks(lH{=6V0P%lDD1bm?<b5cB_?Hn1An2664+Rka
zF+u^vTSh2=SYd<$h_{VU0D&IL2dV&~#Rvru^m*Qg0*IUu3LsEic^?WO3Pvb^K&Rz>
zD1ay$p}^`P4rsi*PX!QVBNSwOGQIXb72vaKgaY%ab(=jR`seHRqrP_aiQHZ9@qkHW
zKZm-honm)4c(-*0f6C+a1>flL27+()cq75Lc)W?=&w4yZ@a-OND){prZ!Y)_kGB;3
zC6Bij%#m1Wdl)B1?oN-l7krn;I|#np<DCS5!{eO=f6L=t1>fuO?t;JT@t%V3_jqr?
z4|=>WI6hVgZqJdA@7Ew6hLASE&X}*4wk?yiZMl*POD+Gf)^g66e*}<=kLK;Parr33
z$Y;zyh6@49`18FyV~!-CBK4x700P~sClo-8F+u?ZCp5ed1rXzmPyoS^3-3b#M7t3R
zAUG4@eJFtFG(rKycq0@*u>H`#q5z`X2n7&qFZ4bXKuk130R$Thy$=NtlZ{XSF~tZ4
z5L1m%0Kuk1ABF;mX+|i3m~Mmuh}Dfy05QV|1rTc(p#Wk{BNRaN7@+`SrV$Dt)-pl?
zL~Mit2+rgBs4IZzH9`SIpAiZm(5U%W6hI6Zp#WkXBNRZaYlH%b^^8yevAz)sAZ8h%
z0Ad3p6hLffgaU|-j8I@r7!Dhog93<6j8KsAIoli*WE^M%eWDc*#9Sj3Kx}G+0*K9w
zPyn&H5egu-FhT*umPROm*vbe65L+9e0Ad>>6hLfigaU}|j8Fivy%7o^-e-gYh#ibj
z0I{PH3LtheLIK1)BNRaFY=i=cU5rowv8xdZAa*lC0mSY`D99AY9_F9`pL-gi0AepA
z6hQ24gaQjo^jEut+5YWX--L6GQslPxc)m2}GU7`6H?g}NyxRi7J9&JP;GI2of_L@!
zWWl?8To=5j$BPB;?ePZ$@9Xhtg7@>7tCu2ofX7@a7P*5wK2z`^9-l4vFptj_e1ym6
z3qH!@3&1jsMN27A$As<}?{-nsO`vx>&bwVA#C(r06THCVD+Hh9@rMOFk3TB-WRI^B
zT=)1I!HYe<R`3TrzFzQY9^W8%iN~K3ywu|x1)u5h&4SPN_!hxj$s}FwX9b_{@$G^y
z@c8qBFY@>f!IyaaCBc_@{1tHgwh&i%;?4%~VNcxEAU^7eyBow+p7=(CxCTP!67vwN
z_0#@-viA2^Aw%@{S7Yd%GS>id@qc(V?e9MhF>-%@EiNPU_kZ?-vLE|Myg^9rF^}IA
z{J6*e5d4J4{}lWbnDcD^+c`ce)jn3K6hQ22gaU~78=(MVKO+=C>~Dkuhy#pJ0CAuZ
z3Lp+LLIK3VMks(d#0UithZ>;(;xHo=Kpbv_0*E7wPylhH5eguVGC~2w(MBkMIK~JC
z5XTy!0OB|!6hItrgaU~9Mks(d!3YHq3ye@;ZQCkU&?oU)Lj}E1Ea@GEPQqi%S`1!9
zhG!wegLTl2T>_cK+1ZFxr8C_DJkYIs+|#QGo0{}0+H3i0avJKS<TBAIdF{1)F_-jC
zgOvv-1l-Zg$x-J?yi$GT6e`gWedU2jv)5N142t4ocxFGbh`_Q6%jU;hrZ*H?C@j4m
zcc<Wthno7h9P^$HhNZosw?3Ny{E}s=ue=4Kp|@^+=u1Km(_8xlZ@4-MmWSx$B*7>%
zCBdoQdMXJXqPIRQO>oH_0ctA`v=4e?HOZpJ#XEl4)^9M8^3kb9HhY%w>5;RiFe95i
z4SnBTziZ|XV>h{%XozgA?5q%1DrVR6Rb0|ub@VGO^YO;K+K_~4lEQ2nxJYEM6ukkF
z$U|=GlT4M(+LEiNZFM<dIzh0en!N_G$ZF!ZRf68)$v(}(0L#sn&u7bi!F@-lV)mO8
z*GRuv-<-Jhu+BSI&7#{3Gu><36oI;UPj`{o8c994X}s+#DhA)8o^3QdFa4;an%qkO
zgJkV>h!JG1y5`Dd?M&Pfd5kP;tCJ~yi6mY@db6p$otIQf{L)V|UEMv6bT!T<Y!EEG
z(aVV5o0IAe>VG9ny6KSYaSwT%7yPitk>E!?E(w0j<BH(NJ#H2JgvVn9KjrZ_!9Vu6
zUGOs=cM5*i<1WF^c|1YzFFc+k_yv!r2>zwVtAXQ9gm}pl(;LLEJu#y}{KgY&Hi%a|
zF|$Fu>WR2P{J|5w5bjSN_X~c_<8=hT4yKRJ=~?-Wk&UrId>x|z+0g^M9w_U+pYUd~
zn6mJTz&H4z!n<Fyq$gQKHPL$#6+oP9gaYeY=o|6@>bYPO;+3A^AD5g)6p}l6)IUiS
zP7mX)NJk|fZ;eq+Z-#5tjrEoKrzMiPcpIEr>o;O?H}Pnz-^^3?21NDG2zd*SqPtbd
zsIQxC%byj<%}2Fj(*yKv&;u{}18L}3Qq^ZUd5YMS>bK)cb^jcO`#g_$TRz)SsDA<6
zQDXB)tx&&19KXneog-foqfq}cMxp){o*m`otu?Ow!)*<$&)0PAkNzkOjt|zn)az5j
z;J#q3SNzq)qVL&@{FzPu)W6Cr>78@^AzK+VLo`v<zKQ5<B~7Bs{S>BVjBG-eJy)8l
z<zAuNOjUEw)s$f7Hn!)gMei`2Bjr*5ntU*---S^vy02rj_H~sOuZ_N_t=wN=Z^`o2
zQ@%9t%JNFY?Q=e1$!k)4ck{;SvW%DNmx@8(EWbxW(zQ3~nk(tLM?RC5zNAaPTP^B$
z*<T{xZR?v{*6&K0_Uj&xZ$PJx<$=K}bGx&vJ6JEhvuiS)%zVDL=}ObJQE9QnlXS5i
z<(q^p=_@RsU0O_zwdiN7lsye>1-hB+M+PN(qnV9l%ko?!-ShUey&<9OKMyvObc?7=
zn{e4Oyj3FiZER6|FHiR!9&&}l=~ihJKrAsr0mK<bD1caMgaU|VMks(d(+C9+XBnXY
z;%p-nK%8TQ0*G^sPylhB5egvAH$nl#hm24Fae)yEATBgQ0mMZ{D1f-w2n7(A7@+{-
zQX>>VTxNs<h|7&o0C9y83LvgDLIK2wjZgsb5hD~peAEa95Fax_0mM~CD1f-y2n7(=
z7@+{-<3=cexYh^-5Z4)@0OEQh6hM5!2n7%~7@+{-lSU|j_>>U}AU<t`0*D)pPylh0
z5egt~HbTMGVSFeJWzWFmnPGgmq8jL6MMcndAmm-ILKnIJjJ>V^;ua$mK-_AC0*KEV
zp#b7GBNRZ~ZiE7e&l#Zr;`2r*fcSzD3Lx$<LIK1VjZgsbB_k9-eAx&E5MMDu0mN60
zPylhK5egu_W`qKWyNpl(@pU5<K-_JF0*HHzPyq1_BNRY<(+C9=+NT?Z_Q^(}eZ5g=
z*9|GOZ`tb#2=CiQD1f-v2n7(|F+u?X@Pi>?K4=~k@W%IyPyq3e5egu_Z-fGfhmBA`
zvVO)#{K99^Tj)uD+DO(<hD6~<_PPSXd%_3>5KkJR0OBbl6hJ&}gaU{k8=(N=Cq^iM
zc*Y0?#QNoIti?jCf7OWfi$h}lQ+r(j;XP}F0*Id(p#b7JBNRaV+z15_zc4}p#Pdcd
zfOx?O1rW=PPyq2uBNULXzh~1W7Si>%M!NnwBwa7s>k0_(B_k9-{K^Og5WhA;0mREj
zD1i8l5eguFYlH%bSBy{q@jD|FK)h;%0*K!mp#b6!Mks*zqY(-q{$zv#h(8;l0OB<x
z6hQpN2n8F{gfdUf#WR?Man)C9+k*Xuy+8Ff-N&!|vahkXv1g!r=CV5hE24kMKFRMg
z^5{8BTw(^OebOj*5@NP-e%(H)fH?fs2nCsD{0(zZfX}}fp#b7dBNRaV-3SGlu>NHZ
z3h?=FBNRaV#|Q-wZyBKgVucY3Al^1Y0R-c4KW$O4FpRe(@jV05TWzgKdMo)Ih(?Am
zmJ|IaW4K^*#&k@m?jsAi^C00;(R3npKMd0s(fkkO^4ySc7f#heV?S-{YPR?LaU9Tv
zq2QR1Jf(QzSk6i8$ppbY!0WOD-1C!*vfKLw^)r>jHD}`5J2!q1gFUD5UfDQCz4qTa
z^?h(St0>7l)%Uldzv1N-Lh{$LEM+T*4B2(fz6-NRy1EE+Z(e2ppg8NnLD3`2ywd!1
zzXLxLhWdF(;ypN=i9`K-f4HAXBl;PfBvb~Lq_QNbgS(g)kshkUP+gPhN8W7YLOwo&
zt-Te0V1NSxV+wj+pvv!p6p9=kIF`&{Zqhs{FgCUH^VxOz;Q;RSJq|zq5|Y#9+fVZC
zE#KL<_0UA8+$z3=5FRG|Z9XRDModsf<;p0Z(zwXp{!DCYX4B~8YK30z(bfowPRj3K
z?cQHcc~(~B`^RvAfuC52`Z?-c<-9<2y53&y-M2iAQ=J^P;H<#dwL~u@M=dgE1y0TE
zP+y0;_~l@N?p|Nf(%YSu?MtM6E7D&7zoC1(*-ya*<nkP{x0@W-8Z$n1J%De&yPe<v
z{9kr{ON`#>&TkQ~bmuqe{QvDfdo(H3RoVw_d883oTICVumvWVZ-z$E67zA6VGTOZL
zBj*x?qceV#x7lgU4+<=*Pp6dGWPc(KzMRV5GPAFka|>Z-vKfeAlP}@Baope`EUN5Z
zgb!)uUQuGA|H1@0XsnIg>q2Xz=61uUca9&!^%PXaOqX*`LhxUvZivPG5NBG~ju>s?
z<KW1P%a0UJ7WN5&Y)v6v(|?x>f&(3uatQO3Fx_&Nz7qeKN440`NyVRl+%w{&$Lb{l
zr$_`&(Ab^Yh|3}Ivv|rmVcgGvZTS3P!@1-w#8S^NJSPEipVA3(>>eG!FL;Woq1*-O
zp2vp1D388~t;$%QuU||^oT)fNLcfp)YOoh@I0gM#OGg3yQ@j9{mkPX8@Gp&24s*y2
z>1f<?-j;IMUJ14ZN{cr5V83)ai^aKF9;J@r@~!o#)Gv8|v3|W=EBAMnINBsJ;C#}H
zxQM@r$!WZd#*2N5{x=|MrTXe3J+)$QODwvtr7dGFX=$bEfWO{SxzFPuxV>e`n&H;7
zNt>KULW>n_qq5n;fsdUDtup&8xJd7JucGJLRlcB&#)8z=in$wXqpxi%X)|L-jl!}M
z@#x#Ml-xorGqi|G-<qXFnw<<SCC0jeqd}{b%I;Sfk^Xqc+{OBn08JHG`uhvj;3GGf
z&MU8J*p@VeIrnQ`b!U-RU^e|$+&O}qr(WELu;=9Hd&RNUw<0&qPuH8~-TAm6N#dku
z;?wKv?Wbyfo^!v$2~}2HR&lJqij@unG5S5ooyYsj*T@Q1xa{PHL#5o$2`rVj-j*p+
zCX0iy=Xrf(7#tJKPSeA9sZH7q`8gZ~5Mzu`05R4G1rVGE@UJL<s2QOEg0lnOhXRNW
zBNRY%8leDUyb%gA!$yuo_^=e<v)c#-5S*6qJ`_MqG(rIc=P0}n1q;K@Sn@B7r4;(B
z-gJK;`!a(<8516fY|7Y)7t)6FTZounevx(1*PAwX0`;LGqxtwUg06)1KN4t9kNXow
z6kiS}N8>9!h4@mzuYuiPc+kg+KJ`kzx1D@%Akxz8t-p?ArJJo9QdwI24k~F)kqfz+
zHRXNSq=xiwUK}V#(`L#^dJbZmpEt0%zbQ3s^QN1;5jWksswJ%i12-(Ml=>O6sPyPv
z6P2_cObCuU)9OJkc!aoaFLBlC+Mh-^*N;@cNzempgwvL|zk|AFbtRjx9V`lyLwNd8
z$AB~*AwSpTTY+ldy!0m?l5gNAJ%OCuYySB`mPzS}yVcX5duU{}rlBJraowF99k1A~
zi7yU11~@D(_gmP$G@~?)+XwHz-t@e=-~*)beT_5@<U(3~xo)uH`(LSWRW6@^ndJTt
zOaGK&YWt_y#ze(#_b-tCZccC3=fLEw&w)1YR@B_-jf(z-RW934L9QFi_EW`@F57cZ
zNG1TXZoe<1*&Rs3s@LtW5|On9eZOGr&r^#-)lNQ-@jpj6_|&ubXdPh<ccd%7jwVBT
z{H2i1?EpQATy<B>5^qpKr6$2juOv5l3p!y?YAd~x)Le2lgg!dU{s#?ZrB`wUsnC_)
zHAi0Qy@QC8-H%{o!@t(TPk)K6`Q?9#OS*uo`+5C-f%}8g=GximLhyd%W=HZo9RM@n
z+Nsal4d!-*G5PpPz9{_xh0TwZInn-%v7aU!S8}2kGJAjaN6enI-zHp0x$g8{ma8xE
z|GHdBll0r9^@2uP>-UmME^GLj7%Vf1!I`al#4NdQVo<75N@dq0<wKb@bNcfHGiLa9
z318m-#xaqH-0k6i;gGu=w7?6#z-LN;HdCtUjyJi2@5_9Y0_TV21{L`D{#2kC?#LyQ
z&1lRQm$bl()G1%yj|U&xySZk64P`O!y(|mAKjJ+oi#v$DZ{eD<m?@u$S{I+glbklh
z(pLYz6b>8R#VES_#o$*H9~86X9>U1fthKaKWpnEf8q}~oF22w<9iY(UQSM}9dz6Gl
zA!wncr&6`hhToL9l0w^;p!}W{f2CQo&~6cz#x{$z%>EvH=!|BW9YC4UslIpZ;(Jzq
znq`)5CmK{f|7G(zxNiN1{8?$;+Grh$Ngi~mzA;VD1~&6|cU(2+hg6oEh4=YRRY~*x
z)nLD^tZjUkXQvsvO{00x0jdIs=|(7kSltK(5HpNW0I`M<3Lw@rLIFgN5egtUX6iqy
z0Aej86hOpAD1cbo2nCrTEGNx;SPC)@edeGb<Iryo3J80^2n7)97@+`ST_Y4gFrM^Z
zRgejMeREKN&sjz&fY`tY1rQq=p}@jY-Qj~aM)LQ|e1=->I|6>=@z#dL|Hh-(<yeq-
zV)yG!P3OGOVz1U;m!$)?#x@)|7x!^2;zLOHlJ{_(;9q<E3BkYd_>+QP5nObyiV?X#
zc$eF7i60f`KY8MF4dOKj+2@#(HX+!Bc0tbl#k6m|^?%bY65Ib^RQo0r-CF>Zm(qo#
zn{`*fq?>hL95n27Z{uQn8M=Zs=i1ovf7@>>I@_NTPv!u%`oBaUr{nG?i4n7sSEz*b
zUa#EwiKnKnJD7?;gL9;_i>0gw=5tQom7f>etNw4o(|tEf@4=;(=l8~z-mPef82$aV
zyaLzBD_Yb86H}_jBE)}8W#{^EZ~P+JZ8`UI?6O0%s~)tFl{qJob1mR#iA2IZAlVp)
z5QFAnx!`Ql%6z3(e{1DwWupC4!duEIt~5EKeBD8Q__@BKktEJ_<;(p8<xJ$KqpVTu
z(r=2Rq~YyBX=wZ|^qrY#A^TylAMujEaQlKh`B&oK82)wgkN!01Tdn>}V%1xJS)Y&T
z^Cf*gF3;pJN@i@ZqKhHAUm(z-zb`&2-bPmO6hLfjgaU|7j8FhE+Xw{^bBs^`G1mwM
zjoR#W_>U3m-6gL{%PQsSnvvxyM-eXlcB3HlKJsnqEd;1{DlPpEPH3~apnNHZ>wrtd
z=%1K^T46;L;#u$fP%+A0Tz+@7M1t;)^InPui&bkzthkCug-P2f>PoPOq)Wy;ROguN
zACSFDibPg=^+&?{r<L8hxOvHLM~@=5vRj|0-dNHQhbITEAxYb@9%G6<`Nk@0<1a?a
zwW0N+QZJA`e$h1&BXUJCy5uUeK~-nMgnAjOwVorx`0>ADT*11ObBg)$5_!5Rb`O)O
z>(M>8V)yl3?^o*Eww{-QVUufl>HWOG#iW$TbxZG4yhIF2CQ?x2HkQKRl1XnRs^u@A
zKkKgalWmPpx-r1zt9ib^n!2lQp{Zp^byOb;E~&Lh#i1tEgRl0qR0NxNN}GogO!m^%
z>Jf2RRhu_JVzbR)+UBWjK0u-d=K<4C&4Xy^_cD3#pw9y_G!MLeMN}Fk59(t{GCzAD
znH?>WFS&6r^%@WPbtrm@4xR|=V97-X-e?d@<y3Ngo&0}Qc4-heQtO8b3LrK!LIK3)
zMks*T!UzQrTN<GNVk;vQKx}P<0*GylPyn&55egu-GeQBx_C_dxc%KmpAa*c9fk}_#
zV_y4A_AJ)wZ&R5WWBgVORIOs@)gDn^b=>av4W^oxpX92z@$&d%gXYTnE|{Ky{LIci
z{ZaXf`!lYU{NfXlUsfD;Wtl<N(fsci{{=UQu@LUB9@hl_&11P@%KhDAeg!&m|M9q6
z@CtB#u_IW98xv5?%@Fqg#7D`kDfnN48F0(G)zP#;`;f+vBWeRJy<u`Pa+qAgBj;Yh
zpD50B`C2;~9jv2=#=$pulhYTzqAw`F9t~#d@6}=co>70wXZ*c}KiQIe60i2Jmj?N!
zdNrqoIElueiNC*nI2)fghJ9!9`jP<UGvE2gNZ;99y_(ag-}&cA@9(Vdo6{)o>$#~D
zXp{Dp{El-JMJ4n{>%7o(tB8=_M-XH+Cr)hbkW6h2dj_gAlS|<1W!~e~wfY2nx8?d*
z%eiJY*I1JiTYaL)-y|Ng-&n>T=ki_jOto+^nM`3%o6;LDCb9x214Ul?Lm^R9f`nV-
zow<=rrIg*i+wePie17_ek(v!8jMV;7Z*MpI$GpAG?Emog@x4>|9XM*;PFCv_K+H2j
z0o8CaahG{qJVn4v+2Sx&(1Bq=DO~uW@hHs4MU37fL(!6nk0B0(y|aa_0Ad#-6hQ21
zgaU}&j8FivyAcW?_Ao*L5iUtIB*IcYKEf42|E<%KJ?#q$_~c$jDEM!~U1>yDsXpF^
z?>E%P`-&x1AHQEBhJ1<sm?Z)k=e`3y$wuT(dQaZUF7xu&YjU(nKAn68=}(^Fp{fK<
z2twwPoo2zxqnO^{#epA*Tzd3tZ3fjtj(+XPhyBs7c_5j)NKKO^*WIy4@ew?;pIkuT
zUT@?tXUarITvELeyT84zZ<pZGpV>K<d~h-OvH$;+AAVN^S=79SlszdiZFeNY&{&6|
zPIfVxLU?T1$(F~|+Rx8YHwK|kn?86mYUBa$O}v^4!lqL9nHE|qUAD>G$(0soeSf0P
zom_j1fg*8VH4AP(%tqlMPjXtTnb+%XFrp613&BM=Ci0MzTdFBUH!M<M`uskE8{y;@
z6EO<>aGu#u-9bRU!2K<#%}7)?Y!<j*0}6s0g7a2y>IpX_Uk`k5^7Q~dwvs&TNv^=L
zpgP!U{V>hIygN|Mf;(8v$Q_E=$k6_w8Txq%VVLUG=VxIf@>3q~Nq(+PKqKepx#E&m
zAj{9IgL5Y~^Yc0C53}X}p*?BTpLd#{Sy6bL2(B!X*4mg%l83cCsot|GE<59>30J*m
zlfPZ~p?c2+!M^udyYcSzp8Fx}s`petZ?V4-3Lp+JLIK2qMks(d$Or`x2OFUP;t(Sg
z&;@ld9Fq?HP;*d_aX8Ez6yWo4BNSwO9$^j&@Oh*W3Nk*AG6x0tJlY5a5XTsyAoJ?6
z=AZzd#~Gmjf(=nVBNf=IsuPegl&<f4-Q`wPuZHe&n})^fF2yb?Nbyvu|I#ZEH*R=B
zNjW?9A*6f8dzdTuS&ugp{G7*I2>yj&w*O%G-|?MCd=8>+i0*NK>fKvkjR6qKifI^n
zPr!6QPTRLs^|(63$oB-yz=cLv`mpT1K;+1L%Mk?-Cm5jsVu29~AWk$w0mMm0D1caK
zgaQa>gaU{~Mkug?=s;<L&P4y}YY^wNuEXCldBls!C67*Rpbs?A2OH?L20FcgmVijU
zmNT72aIoa7zst5gaBK3RfsXpwNIL^ey+oGZVTMGFc%D=N-edoVsPy;?>j|OtB>#|V
zew4zgn*fhdxT(P76mBhWzQUaaE)dw|P7<TrId7bd5ud`tg1th#zQbVec;~^s`YwXa
z&3?zR-Bi53!`SZk&V&8%y9oA<cOL93?;_a3oOhfFTZ`9sm<dO$I#>i%<n7b>!SW`*
zmS|sL@|?=swGy6}H{B@d<?U0AuXLNd4HLAH!~5=t;XU*Y!js>>d#CaH(|;Y_$njfi
zF5lMrwes}J&#VoPUnaaveH|gZmDN}IO|DUcoiB0o#qutKm3#b04R-OU!44~J`SGUV
z;bo*JllpUq=jO^%KXR}mXX=;Ud9d<pKBLAqld10_wj&3diESp>cM)6pg_%)fn<=Yz
z5!;c2&BQhn?7N7q{5;91vCT-ruUB1Us`rxpNAhQ#m|QiUexrL+;IO_i(^jo59x`=z
zP;V%gcfZqsb{#Dsx$b&+Ko`j?!+Ps0Mhi$ThaMhKrrXcR(5Nwz`<6!yC{w&629)*_
zL-Ss=C26>KN<v1<`w_#nLVR4__TAbl1A23`ER(7Gr~zdpZoy{wU70k<oORTIGI>90
zjAULnYCxI1A2Fbn<h|@XOvAlj5;9ueKQ&rPUl&K8_p1zO?B@7gS(eGRxKRVj<o&2I
zlC4^!29(MBQDY>ViAD`5llLPAw357kh4W!)xZ6vPjF$JikCtUuiKEZ^RR(m&XaO<l
z96g{+-j5oib91W*D3kZ2#^{**Dgw&n{fGhC*mTHTNG|6}vn;m-aJ0Oyiieen>$?eP
z*U<vnP_D4@g}BNXEq$*7dVI8i-jEBaMvGBK8me24l1C?r<7fe8I@hb-tAKtpT0nAr
z)H{vQ4qFXQ8dKq6gVlEv-YuhqCugS5Vs72#&eCbT&i^-IoTBr8uiYu+I`{1ARmDP>
z>H_+!5qHw~pRDrExipA9yJf{kg7i9?6A0@NbO~N}pn<rVC=T3OJgR-0u%sD_b!{H4
zePcPU&<o-OgX$Hq_F*0P9as5;E4sFBTu{Vo9Q3RV+~@E3*{b0nN(_I7rze=QwcRh&
z6>OLO#+vMlz;`x%)nxqErfFVjDr?EUcnbY?BUS9n($<peO-Z8w;uA(FfVja31rVP!
zLIK35j8FjaX(JRs+-QUXh?|U10CBSs3LrjXgaU|Lj8Fh^s}Pu<H3tQ<CVm+CBY#uu
zl=k@~ox^isd<o^ME8^EEGa<QF&52=r*<hDR$zAF)IgGEuWuTbs%7F#WgB*a79^O7Q
zj0Y&g`aC3Wsl+B#r|Q`r4j=@FA~(x!!-1Xu5hcD3zL(vOy;XM&M)A53&-;7fLiS&c
zo8b2g%Gn_H%t$(hy&s+>0c78|{f5o=MaQ-p?;p<l@h6BrE5As)CZw7?PQvUIjI8;E
zDo-PQOXJ!<MU75(EdeR)a#sU8heyQg9!tT%Mm`<u)J45~mgGS1EJRN-YkeLK%Pg_%
z7RtT_w*hzng)0j%mELVUw-GqLnUD1@v)iV^-dsP&M7IeR^@h^}6e#g+;!eHy=}`Ty
zulHe&VA-C*jabQHyby0JpO_RSOR%_2#KJ+G3(R7{=D5Q(uY3J!<ey%%%I{7POno-5
zpq<?rT<u#cJ;D@G$Jww`X&Sp>i*F@Xx_>Oy);=|8qo|eHgkXc6eO}$vOdzUdLddNb
za$<@fu$#kIldB~DvJ-;lL3Ky$S=GPBO$2x00~t>qSCezPYEDdAwiSL-GF8pV$wq2U
zNp@FrYO+Agvpy$fB<X&DP>&$pdC`&Q<Ij_fO0;+z1cgm5VX-$_jJUU;jULy18Tm80
zr>hiy0Z%vKLdM8-TuY+G$AAXv^|?e{eoSXmF$;ZjIR?PGB{#a&qW%F+uuJF~p8QyM
z|2VnaO#^eA<EyWloJQR0TY&jBJU4^X58S(ae66sU{BDuMteJb+@@`A~^(OmoXRqK#
zb>VvlJ6y*P!tp2dq670tDc8jm6UUMV$mPgwCGYBf;Q6>8CH02GHoj_8;#=cf?c0b;
z9s#%P!HcaF_cmDir>DS?ankH#-4;H+V@UZw$dBXsc(bP2JRht&Yah?{VC%hgBdNyY
zXT;-ZiDy~_QXD>CtsG7v8vR|-En>Eo1|n^tdbNSV=TunAVrF^S_t}!Bw}w0fSP@la
zFWYyCY|mNZ;%^P{Wv6$h9ai6t`0HA$7F*OeopUr=Y*I)a{BCej<D@CpUm(F<3+Gu1
zCmNw}k{?khoOIrvfXQshsr3BaIl;h}eA&?HzE7NK(C-vklryRdAiidV0*JeePyq3D
zBNRZ~ZG-}ddyG&3@eLysKz!2(1rXmdLIK3LjZgq_uMr9$zGH*}i0>Mq0OCF)6iEA<
z54dqVpvF+vKSXN6_;G#iAjLpUNuDP6eA{&(w&iA<dln)B@#hA?b%R21PSg9J`?4q6
z8w86);$vom*b`#*r9A3?lD*d5t@WQ`_Jr}5M1CLg_+h~hd;BfIkAthTWz$goWng8(
zDqp)-UVFj^@m;}BX%Krz5WkloCjPfUu=zBozal|QdRIZ*FR}QskI{pIpV1h7hb*h#
zE5S{ESHU$C)wisEpS(ZizkPp;`d{Szu2sH&w?z9<{8C=u5d0Xp8gWV1$0CuVkMeX6
z!qE_L^!-^7=LI&S@cl0?hVhQbnA?d*@(EZsPed+Xzn-v61kUkTMc_Qaezy&wEA=6v
zO724M>nj-UVvp|>e5uEG3BKIphcNu!!%`TFB|T*8t`zt9K^h155rJj*91(UO6Wpys
z4k$^3jznZ<d3*zIVf-jh{c-A@i9SE8gu^bN<y{@6F!?I!N?znqE5%olAIteg!mT+Y
zZ-0AG_v9ZVm4NP|MaGXig+Xwv)<>y>TK^`+lZhC2UMlk!!t)HL$)%?F1LFgXuO$oO
zU3qQbs4$j1@Rs+7v1Ed`>=gBn4`ZoG{abj`?IuxQzu4av#!{-@-|EGF#-CEM{o~RS
z7Ju@qqs8vNd{<vfw+x-MoP9!D-$yCR{Ttb6^{=1&5`NidXzn|`@A#MGV{6HOroGh7
z;ql!i2F0)(f0^%v$!qe)Exh5AlzA=ws(NVK0S~vT2T5ku!`IZq>f+(E>Oqp8_3(A<
zQU4lYGDrM;PW?!Bq<&r`a`CsZ_ibP7-zH4<6koTgFUg#2NcV_6IZ8a-t{x<}vcY^)
z?M*pfidU8MfwdFC%RbL**<6uM(B})1l#jnZ<o!lH;eEl&zA*HC5lj^TmBdGQ-;ddH
z0b9a@<B%)uVUeY#<S-xAGScoeBSgYWNu+#3o`jbINco0n2`~Ac@<YV8e?}^GNSU_d
zB25GPM_LT}O5e`IB)oriMkFPCDUCFI6-@%u#zzCgT?#|p`6&zPOxOC;laE3rC+^4w
zdHsorm}b8c)Agjk{LIZ(dX9dn^qOHJOIAyzzYOC~P-A6CaKH7M3LqXZLIK2sMks*z
zo)HQl9x_4!#P^L*K>e4#_{*5bYu$gIl4E>Wc;VAfVf+kMxrjj;8Gf_aJ;^qXz83Di
zcRvIbBljbWFn$(q@fN_=u%yjU7(bVJvwsWkG2Rj{ZZE>(=bme9FW*~W!P+i}edIg8
zMLm#T(X}0M^EWims3GqOS($v32V>~8QS&;31;J_;d7S}q4z9g6=<;n^F1QdoV_U`;
zDikmCvTwnt^YK%}u(#7%w|_O=%3=It+$w!*rSFZ~sqr3_<_X;TTfOPzc2L_7%3wAA
zB#tzX&911vK0e5(jW8(GM&Uke<)DCqdBg|>5RV$6K<9e1NY4qHp5=T;n?V6`#=cw6
z*b}cMKj6KRLlsmh+EpvRrZP%7pUe9T^!;DSYiwTE-ecWx*&|eF9WOr&SP_kp@$$YD
zM$cK|60gHXooZOrvh5oPmpwYz`&jY*e)TRc@w#|7QCQyD7AC#qU~&eJvK3vr?=%P&
zE(|)Qyd-{C5kKax={#gV0^}w)NsrqfT<tpoeFA5i<>$ORY402NV~FPIK=}SyVf>=x
zOfC70er!E*!B6|W!-Nf1i^{o@I|$G2U><#A2HW|-A<zR?dll7=4H?YLS-OLT=X-gZ
z7uMO1T3ISlY!>ZfR&WX^$sZb_0OD~Y6hQpQ2n7&N7@+{-Nh1_MJY|Feh^LKE0P$lZ
z6hQpM2n7(&7@+{-r$#7HnfW*EH@oktL%$<u`>7maUQQG7GA=6cm5?^zudwmeG+kA(
z{aI|+U~3iIU&QutY;9uuo7k?!#(8ZY*!)XBfCMCeq|Czj_u_mgg`h1%QkloV{xB(%
z!V8HEd!OcaEIIc2Eip>&UNQVj?z@7^?tV}Gk#O9D9!r$nLxR~``;_PY4%bm?FZsr;
zwY|Jzd^^QmEB8g+bxvSa+{51E|E<#Fqu%4cR_XCE@9{sY^!T{<xMGzapTHxnW46Wl
zF%(lM_X}~7>Fdl|v7^$}QSBRFtJJF3b+m@HR;|jlYWMyf)mpVy;b7aZX=bUa+mPSM
z6)dLL+8T8=J9d;(mwz^P%(Q9Gn)E23E=!%RV{&Ap7JrJggmFl@HyWND>W5RXT-tsF
zMsg}&?z&WF_VpvNyQ6rdPM3=i$SC<zPBvzo(<W(oXDfqViTH1MG{?N6W01c?5A|(K
zCa%w0TooYtFBqW!V!06tAbx3t0*DulPyq3g5eguFWrPBVUmKwS;$<TgK>WrC1rWbA
zLIHVN2)fCC&c0A5kCu!&hDR8WA!psOK>DNOF#2brU6VRz{dZULA95#3Dm#;z%mym;
z<MDQS7$rx-gz-47lG62FK;N$#3)Q|^?fVQl*;x%~BB$aL?MtahoxB{@-mT@gXI2p~
zlL*@Q*Ui7asbR!{&DD6LuN@dq6I2p39pp!?$(2MPd74MmytYyIAcyfJd|49c-Xc||
z+FYj)`d6b}RM#@nT!(Ymh)h#nWe?huP>aYv)=1JWzLx-+LxYHKGQ}7=XsF~kF@w{d
zeTSxw%~8X^gfOn)CZ{qwJk-Gf+iBxg_-cAhkPQ+TKnxiqwB<P2s^f$`b9?A!-MEVv
zJMxT+bo^D$?O_A33Q$I15vB~mCh6!)e?Q}O(snXw^Vez>=G=<Cpq_OCI`?YqQA*G~
z_PO~8f!>`pt>SOa;xb){Fy*YH1CIX5C;aqvHC|QQ%3hTy+p7Zy6g0yA)m?a1#*ZRX
zBYd?FRrEYcA-%>c-|bEyV%_lqi{8vAIj`ZK^BOgO%zn^0(rrm!BIzH;prjJzmvUP-
z{Y*RY8W<BT5!*x!x{sw1VL9$wlkv-md?;R@xK(q-_#`a7b8~4dyfxE${K4v^0xIbr
zjZgsbCnFR<{MiTv5U&}b0OBu3C=lI#bG$c0qA$~40fWbTuk+eU#(Qs*7qq{$6KnF?
zq!lg9qI>$+5965<+}g>v$xrV_k!8;3>qUybiRh)(KD~d6e?`|T`p2@|$NQoU76F-A
ze_qC7{5&!daV#5F+*3;EN8OJ-mM^+zJdOoF>v1+D_nhbYagVu*mM#o}rcGiWKLKVQ
z!E^Zl{nX!yd$QiHBPT%Ht>I(Mr=AK1#?cylCv3D+WwHn==<D>d)Z48$H}uvQiUg#b
zjq@ah&2ipet-KUafNvO~fIy}HyB3o^t=1eVZ78YnBc-8j0Ih;HI$M#hv^knwq6L}7
zD@C^fwFj-1=qps$vt0>t7NkGqK3>nXGZ<ikB<{8Bv32R)i(xX4fRm5&K%Z@`B^e?)
zz~4FN__<R?(*I^@Qa~c#G(v$-<37B*cu*SWj-1AIktR{q&BocSk41L)r*lS~C_EzZ
zlO0-(!n3$-x#h4v{O=YO1;jz}`v}Za2gPNJ(c<FhPW4id8h3y&AVvEjdDpnp<5lvF
zUM9aA@scfQ=sAYx+q`+h^6eiMHwEO|{~4hG;-5w+fcTdY3MNwl7!}LEjO=XJObcT1
zKCv}M**l8OkFv9Jb%oTMVu^wKHh6F!#;R)`s_9WV(iCnZDU|(LnG{;yAAb0-^!?i+
ztAN=5#|Q-wZyBLL$1RL2f)5T#&n|<~v)iEb>@j+J+?ARVBG0&1ZgUu2@=uZUo!vV~
z@-2Of77a_^3X8phRJK?>3r-sp|9zVA&*u4WWC&h#uV4(7@Y^IFvj4Lo;m!ItXU<?5
z7kS=;Z=T-#=CH50-|`VTQ#n@7RHjWs<LKlc5MQ)Q&&x+;_bTFTx|6id^G(&4Wa|9e
zmUaacWk9E?i&F|9T8vNt5gMTYB4>mGh`bRBAPPn(fQXDx08unT0Yu3N1ybJ&K__Fo
zC5`;4vuY{x!2>B5w~k`!$-!1ij>S-%p$-*Fs*Ynl-cyGQCG|&^<2`kxP%>3@ETc=f
zM+;_2T=21AMy4yeSef<1WyjjDxEzm5W8CKFlB^|)%L&6>Sn3s*6NkI7Ks!X4q*J@1
zdj^NBTxkVv-<>j+(+bTBZ1VlqTfU6vg|VY?TPhjc?8nNMs|v{GiV+GRszxY)Xf;9s
zM4J%`AjTM>0Aj2W3LwTAp#Y+0gaQbD-p-4i0*DSH6!`Kd%Y!qT<=?NlNdYe+Ked;2
z%$CSts6;3&b8Z^&)G0z~nNK$ARH3xYIhijd^Fat3?8qrK;ZDzRzJOQv4rgQ>+!~%+
zmf^hT9`A70Fo(6g!#Oy_7x0iRR`R{`1owdlD;HCF_z4br0a2&iH`LUqX0H_b4J`p$
z)a^t{o+=|H4J|5nsb|)Ph;tzSY<@3y{?NAvOUYy17cyv*z#_z{+PCFMn*@4glZb2=
z(3xbqML?!Ul9$^WpWQC<jpa4JU4TIj8of0bN<KeG@3!-i0oyOQhccC85tODJcbar4
zKwQQfp@8?KJ(aP_vWC2fSX?5RJ$yVy9_U!*BFTEDwS#J$C^bJQSt+|}8!frjw-LrF
zT^1JwX<UxLJabT7t{5#Yj*0a<7^{3n;`ItM+-5_-cPws0$0`fCZJM|Zw1#2*AbQlL
zV)I<@#auisZXKbYr%yY&e!O@Q(mTl>q+HNL_-Bz0u6>OI##0R0Wf?Y#Td)+OIK&Y3
z@yV2W?+Kx<;^fn-LY!<*>x{3*zc|T4PQyv|r=?D(hq`jraJm8~T|e<}%08EZ{Qk6_
zb=9CJ=iK>t(#faX*nBP)t|n2k66!iu-a_ZYvf|VT{i5cF<u@_*CtUeUe;p;v_ol!4
zu&qxhO^e7g4Nax-8v;*L3i2BQa&7(Z6i?*#%t^_g1vl@gFZ7O)4SjK4vId!*NY-js
zs{n%E?DT{Jh{;AMfS6*00*I+bD1cba2n7(+j8FhE-3SE`s~e#JVule4d|mn~d2+V2
z3-O&4pROC-1SOT~W{5Dpg=hR#g}3uG#X$ca!_+PVn}_k&@S@8@{C*>C#NK2H0~+=z
zHiCiGC8C%7*3#w@5$lTC@Qb0J0{PKT=N?pu{dqJ;Khy`>ypU75Yn;+tJG%aQ-%rZ8
zqCovWhqT##%CU6x+>y|tt(ojOTSkBs?pU_CvIt=O#N-_1C-KV*#Q&zA$;n!@w!XwG
z`9gg$Y?V8+PsJ>{5AbBWn|SSVALPl>#%W?%pGC<#NRp|(23W?FI+bW*F60|g@(53z
zrTgRh2cXIOvrwun50~#$EV<JOt8W|*@t#eG_4w_JB{*b5+ynQhIq&x&7K`o-{5>yg
zxzc`w+yZplTT;dRe!MSYo~z}rv(~{%v>S-+%GTFz#I4fDV%nzwvY003yIV{{|A;P)
zonpM%7;6obN~R*?{uI%Wl}qUw<!ABdwPX_aoXp9C^O|uVtjUw;q?)`&%tVu?@lKnR
zNPp>c6-$1yN6q{5@z5pE-uH)-mr7*~yO&B8ZFXU6SS3?Hty|Lw1rR+(D1ex0gaWCT
zk@nXzAE(*Ahm<7eWeWeWrXu2-k|o1CKAWU}9cLdv7=Ih=X3;8Uhn><1eutp-5|c(J
zNWNNM!@N<~_A+yewJf>{h<|K^0*JMZPyo?ugaS$5rF=u?#iZ{(N#DOR={vQVz6YA=
zBO%`tTVt~PeX+^FkCpt7VfeaGPbbSh+_L+~N+!#_dy#56gVgL|EzOG;51UW*SppQ0
zqJAS3Knxh60Ad{@6hN$NgaXnp_ZD4*Df3bC;RmE4Ihbf!?XRc#5I-#`oxoU1wnIzD
zCW0*F;Gv{WS$#Nc$<rM9kv^Z~S#-Z+h&i<EFPB`96Nn>~{VAsmD|>34@5&UADAvY3
zp#TD9mM0WIpz`vB0*DQbPyoTgy7!>~Vq+r|Kx|@!0*Kj0D1ew_gaU}UMks*T)CdJK
zj@**L*!kprQ`}x8qtfa`4*yDQ4RL!}Y+l@O`>oh)1yq~P2gpjV@SF1hg&M}s<3$!*
z#gxTXM*1mxdAeHqLn-W~G|%k#s+E#oHOjv5!mW6&-zYPOqWicQC3l?|W%mg&SOfi}
zm_GD)OGcIM(-0keFH;wEa=}mJ{7jrGH5Qa=m5ypxM=Sc4YOVD;Rts4pR83<m>xiwj
z)>>885no^u6Cjd5CF;p)dz(lWUKp!s_&M|d+u(kN*+&B|_GL8He*eK^fE7`vDCGTq
zU2%z-3UCvWY%!2nOTdm91Su)F?LD_#II>cb%-%jpGRkR5GTV~mrQhM9V@&&)>~x*&
zUz!{2$`LQW7cXPm$J&bUxO7E$Tw_I;A&GeWqkN3*5i47H{i!&~$}1(~H%%}QsfEdI
zWJV$f_G>j$!wi~x#mJQWv$<EM-Q3IsPyrITxe*E=*ni_If&vJ3+jv5O^$Rlhp>X~}
z5|XnTg%d8%^b3E-ZG?V-($fi%yvlmNKL5tk<wuwteNK{kTsU&uFhakul|@zovESMV
z1rXa9p+M(y=*5B$`SkpYh$KJFr03{n#rzL$Bc#XrIeFD>NW&P$D}XlDXIK)(;^vj@
z(%FsMheXLC+f0LJ?fx;x3~TSUwHPZP3ELT=0AhP16hOSs2n7&37@<Jh{V4b(Cc0E9
z$B=D<$zH_ER%vOIGP^SJva9fF5}~^?BC$2vq>|W1=>jF_vilfaAnTdn#wbg3MqGW)
zsP^d`$r?EW+w2jW<A4h;7}h85Xz5ZwLU%GkfuCQn*GbE_S(Ibst3Ex&<eQCThs(Dg
z)O2ZQR&>9o9<nygJB>muG7VLwx0L4}CDL+WeT4Gdci&;<InSb~fH?1LgaU|Nj8Fiv
zs}Twyb~8c&#O_8YfY`$b1rU20p+NecN2rSIZOimM6Po!#iYJM!QO;Au*64dy6Pxut
zLt1+@M}GY&(;eMQ8F0pnx1>7~Q@SIX*pwaK9TjQxl9~H9MRE$B>)(*3v*^AoM#+6u
zjI#Th7<5Np7t@FC?g4YorNFAJ`#G33Pd?gFZZG@wXu1rE#XH&2^1@9LdDgS>pB$Nq
z(Z%p}=0@^SadfCfC3Yw%BzAQ%%8sd;c$h9<Yin=I_8iRHG~&$F<Vs~C%N<wXp^=p~
zL_T0OWlWfSgm@%!4@zx}bpl!a+gHde`8Przu$Kvf0wiN^BNRaFV}ydCZRAYJh95Mt
zAzYqmBV&oAuUOeJ01?qPUtV<)7S?`&jp`)n6Sroa`kN$A4rGr|r$%Ta_q7-+APMg`
zLIK2nMks*T-v|W|2N<CM;y@!5KpbR*0*Hf+Pylg=5egs<H9`TzVMZu`INS&Y5JwoH
z0OCj^6hIthgaU}8jZgq_j1dYTjx|C7#BoL_fH>X=1rYO%Pylg)5ej_Ux+z7={2|kZ
ztTVC*Fg9lwUok!i=eDwImG$PRJ(_lOyi5k4@@oSA{^vHCZkJsp^$?$lvv;XN(My!*
zP8hc9&}feAOQ{tdBkpL<bxnNvoXeV)j#5`gxo>if-)p?CqY~CCDrV`rHcPY}{F-B}
z#F+DiFy5c&byVA{e(<()8uaD!Yx!AQU}4-Ib**2OgItQ&U3+L$8*l92jP&fC<mVC@
z@`lOG_aoPD%%Iw~TD2WCc3YGDlz&!lMaS?KNs+%gST5mi5rZ?KMAhXyo+Y^8@rHtn
z9&aqT?D1^DV?CZLxaRR@f;&9kLhyKxw-Vg#@iu}ddc2+B$sWH?@Kld?6ugGV^91*J
zyo=zqJl;+4+8*yAxX<Ig1T$-ubnPQpqyYSW!BXzoP0tHV4izAnCmNvu;v^#!KrA#u
z0faL`0mLFB6hNG8gaU}f2nCdf==Uz6tmp>NT^>VJ!}vI!s+^ObRTbqND#V3w%#y`P
z7y26dKUMzuH)T|m(EzGGu9cC0QT2EOWQD5jju-LyGLO;_wcQJ%X!M@D*WWjc=ku|S
zLVLl>@pcV;^51zEwWIer^rufJB>DZsd16Ua%yR{+in)F_^ZwI|?kuUP#lAW+ezw3;
zN!66}u%dZX4P|_eIF!R$IXRE_bvVh@*?2h@hioc7hcmw9$5xx#$1q-yjkwHw{80ct
zc^&}_oVT1^@TyIuKB0ft3|THgRhso_L%M6qr=5QXkSz-&Yrxq*A{@xSW<ARXJKzC-
zl%*pQ>3;lyu{p0^<&p!@tTJxUsdj09n`-xWdLL{AJBs&GZ(KGkbywOX`AgrL(tL~k
zD~I6S!rQp%f<p5!TtuNMre>~r+pFnqyD&aNylv)9_d%+O-y?@-aZx5Yfj9gQp8kVU
zOcoBZ_I9ckQ7QpiL=pX_7O`&fu7C<~iV+GR78{`e;#4CPKzzUm1>}S1n^<SpeLi&h
zClk#iAxfriI;J^Duj4ktSi<I8@@g0_*5?QGc^Xf*!3f&LFYp1q(ziL7u=&=p#||5x
zlaGGFtAIqDW`qKW(~VF7vBU@k5N8;nAWip2FjIZwQlgstIg{=)n(00px8`K)T(LC<
z;pdBOl*yKa8^&kyEW3}cMC-WP0px~USTxccYsr#fbF8J776l}3nGp&g&NM;+#92lt
z5S_sy(mr_4%SDnDn}fZdIGG5rWRaOr_&FHMtD3UQ^mzqO_bTJ$p{m3SC24X8S)-t>
zoDVu^SUI0<kyJpe&oM#)#JNT&fH=<x1rX;Op#b7TMks)|zz78p7aE}e;vypyKwNBu
z0*FhDPylhM5egtKGeUvNTRzyCM(~nBW3x{+^Bgg`QEUy-x>;<E`Q0sIv-#b~y2Wep
zB9l2WWit0mn$y%avTpH#Mj;noVCELozbMn6qPtm)lDkEWviqzUOy+JE(}x#t#gxI_
z0kIO@;&bBkZgh(qNL=ZSh<dUj6D_uHkcMlZMYnhrrsx*MzU)V2v7T*u9IztlZt51r
zB~EpV?D&;fOTcp4NbvQ74-|}^@nFy0ARMPtB>9JnQF0tskmMijJ$x1qL-ma8%GaD>
zzrBQeyLcH@&&bwi@%VZ9*ookkobY&7oJP<yu5%!@NpA35iJoyo<V*fpADYoKUT*TJ
z00F(i2n7&V8leE<!$v58_=ph-RHl93k?J15M6!}&iK8_fnZDz0+(zg-C|#Y0%Bvg|
z)#si1yo;wR;5@WRxl%HL`rm9)8tYO+`;JLTJEvNu-!IBO23cRK)hFow@!ZlUNKLdv
zp8f6KbU)&oeo3X8JiurC$@0|kNgNwK#iHk&IfFj#AoH2XjlIbp*!?^C0-Mk$id>%0
zKqbDPmt@#X@l<*z>BR-jxG_Dd)u*I!ds^crPx+#lgW`5d<BO@I#Z7%?<M#cA&qS{M
zO)3XV+{By4ZR*Hzlm4NE9B~GO6Y|xh4b^tNTZWtkY?N7Q8za{B2+})_p*lu0mlfG&
z$X(RQjyR-;J<ebZP|dsVkpbLKA74U8*xKDypH1<$jVYAfhsYkz>Mw)uN$!#NP7+wu
z%dH)XXu-!5h&x#@njA4`lRhA3veN|KIL-T7D880>yh!j;!RZe_Y>G$kdlIQ}i*f2G
zaK_mkAxM-xX9A`_f~?FMV>Y&)1+z9GK~GD><fi;w(s>A#(EIMFv{zzw%J^Rb^228t
zb9><_<Lg{raqRi;(>gtdk@Ix&-3wYRmuyE^y0P8AVa}V9Ih<qT_!_lfGVBaq>RNv)
z`mzW4n#_q)^2GQ85wEpiYsF5tI{t{_tpuytUw?sY?_t3IGc}8DP5b&lnGnRrwFL{f
zp2j_|KFaRrm>sRlOGN%6BL94?wO4dmh(z#5{?*8lxA<2A%O7pSRfv@CZ&3howGj#+
zt}#LZ#K(<L0CBAm3LvgCLIK3}Mks*zgb@lLZZJZDRW=+xX$}e?K4pXgh))}#z+RPo
za?%N1L9)Yvw)(nc7uTZ47`<WrLNcCX8?#>|7na>j0L71S6TwBWZOdC{zVHzA%okYj
z3d(c7Ay2)1rz1aGR(KKL&G4vK@aW7?Hr45ELn4WO;&3z*M%h#6X}Sb|8h=-=gXr5r
zCUF<zNGUPvt@N+uBiF5w>!E0SC9b&ki&=8(V04t1?^$CTvD`Ssl@`1<>mDL91KF9o
zK$Ifvx%Ri-Nbg;&RUG|j<#|1FtO>k){+1p18<Y<<e%PrcCP~4}puBDn9mx`b;*I_v
z-rfVes-o-ro<=zIP^G0OfB^!bCiLEW2qlEx2@t8GfCQwefFK<K0Y!?UH0eqa=}Hj<
zq)3rolqMbDwPyZF4sv^c&vSj(`{Lzf|Mr@)W=)^HXCL9ynXVQ6+V|W`$=@yV;om3~
zli2_+H}u|>E_9ZvTzcA;ARUYHi&#Yprs@BPs&N0nc61hm_9aL_I}+qhs6bH`nn<eK
zuS3xG1>L0YJ^Aq7xtPN77NO3DkMQS;{QnpCfYOwCIu*|;@Gp#JrT6U<%h0{VvgEkK
z1oi`0B`%*$pChAB4r}t$wEacmwD>Mi3lTWjeHV-0W&4pV!~gP3<ZOh!_S*cg+_~o`
zaox!~u_NEg)qfggIgqR-227$%@JmTM|8XaG{}=zblc#@y_AiA>`i!D{Ejh{t{}3+r
z7Jl>(;pZgGlN|Eg%R*A7P=}Wiq8H)bc==A!5{e*qas*$#ETjm|y?iHWskiq=9bb<9
zwf^tFd?#s{w|b(}KfRax#~o7d<vU5sz0;fXvXIm}^75UeFUWg}Av1P<DZQjGNl1e^
zf60i>>A86Ztt+z*C{A^ThQZ;d$%D^Oc6lu4zb}pDH7LI1d4?4xkL4+lJkOYv;<G>h
zJVO6{#4bWRmPb;0|8brnUYY|<W!*|ax8JO8?6PkBH}MFy!{j;8^^_DLJW9e8pA5;m
zmFSY3i~js$2>stCc44e;rT<Mg{@zpS9B3Nr76sidSl!s=6#4H<cAJ}$B816yvp&7&
zKvz?I_UGS!=wF~K>&D)!Zqfgy+Y#37C;NM-2PmsF)u}@vU0Jy?RVT8*jjO2xsMi#a
zzpWGQ-eHy0?x%D9sw00_Ie%vOP5v{K;iZX|&rlY;G~4n?lQO*;ek&zZ;vP~Vxxl_l
zQP4%1xX&r>+bvmfpP?MIe=oX`IzjWXzYbD}XKBN)bIb_M^EIELd<T=Z;Wt={ncMJd
z3|4iU4$XCIuq{8NKC4hkn(la~l`<Piu}<;;TTTsKMG@)5$rR3hu++|vXQ-j8>9+l}
zU;i1Tu1@(Zgq<we7tF&W2K+@jCaoc#DG{gFDVG$<H~-&}Bx{oV*X|S2_y6oa`q~=B
zV1MM9zQjhC_7fHEG^>{^pdt?0rg~3RIB^PPtw4%a$?0^W@3c{bn!e7)No*vi&`0F+
z6_31c*^RWB!S#pUw&9OJE=)tiqW$e*r;sn*_UV6y?rQs+tv>d>YWT>@Gf?N_b26p7
zTj*@^UHaA=E3kzepTw#ENdxy@Xh*8UGf4;fh7J4QN>2Zs6rcTFUhkVuxosqW`GX#b
z(<pLpk5=E5f_+6ioZcFz&&+W=oP~e)$hm?R);Iq`ax^tJfzZr+ympxToJv2B*Y6~E
z@mA<aYDB4d+)h??Azsn&ffYsmH{}vDQKpl>*;08ZO`g0Gw8DS#D;0n;^6z!v`(!ht
zgkP-#*2gP#fbSN%NSfPl^pPQA`<uV00}%t#Q*%!Gfo`WLL~Sc#KqkJu+xs^C?q?B-
zD4hQ0vVXD2ZAYJZA%A(in!<FhUJ(Pba~%7<<FHZZ;@iBR<DFu1d$Bg)vjDTW9poji
z>3!7j!{nQW*+cY)zOO=VB6t4O8Ra7n_GPm|G=(jk5}~za8d0787Ug*I&{Qp~|L?Y0
za9l19-U_h4XcyN135mQiz$-_p!<-(yUi4DTTt=+lY>w9-`W<DDdic-uhd$;)ZnAy>
z|9ky7uGH;-|EeFSm!jX$V?=g&W-n;5^Gos#dqFpjC*QCa$tEYkiDZGjpc^NXZ`cdE
z@oVx8dqFo&CEu_Ysd2fT4_BAjPV_7$>wprl(^(2cb~;0Ul$$1@983Q1?Zk1VPPP84
zojAP|J3+zZa{QR}D+B$`JN?dC{p?hUCqPus%KlgV=zVSPdZxN_kH&GOPPd?64iddu
z&r-dn>`oQU=Y#tCvd|8RYA9>?&m5)Nd@kpy9P;$L%hN@hr<92k<*EFC&C`EuI~-T)
zH0{6IoYPCuaOfo>TQ}_mRiDerH|z!7xRQLsUc6eLc<pzC#-@3kH`ksESUdBy%1)4=
z&XsEa$;5UZW1Dh@SGJ&(o&I?3L*Yj1W|SJrlOnexMF&54B=Fjhg7?&2Dcty<Y)#Qe
zzjzYpvAa|Bibm?*R5IADsY>)!3i9UWbSZmO{iDbNE{y%2<Ue+(Xg3EtRB9;aKb_m9
zqV;ZJdx|_W?@mx9NS;}arr5AQ1%ch4N|Vh8`%@;d5_#wSDId2#MW0}zIQXXb{*=j)
zSdr_N+mlLzJt>n|B{?nHlXCR(o|KQ<lS+3sZ8~g8(Vj!{p43TdV;(C1^Ynl6bLDC=
z^=LnZZqUDs^#9;e5yc})7B3kY&3Dr9_sGNv+S?DI&FdOnrI<?}-U*2r*uQ7r?(}I5
zA<i9@!t|hfu`%NJ3d(*=BBXX~T{@d2?h|+ENwR9a6KSu*{-f2pY#Fd9UAoMKPh?5n
zgy+<k(*MWke<~tD(_`_R-m2vz+B6P|4)oWMa#U}{Ncz7l`Jto9g3qIKSlaj#LG(Z8
ziAsk4osQ!Bv@<9s7q8UJN92oSH?~;Grdh;K&G`PbVjq>F-P>YGm3@SYWVd8-c30Rt
z`>eat-sx$to7s3ewH;iJ{HPknN0h0?*SCwa8(geXv-Bc5@=!G&(Uhd=MN%ogJ|fv?
zIqQG7WS_-54=$Hp=oW{nr57JmWp^dHKH_1iD0;zchGIYGtj{lPsCm}Sm40x!%3?_q
z*1V3r;}<o!Tnz4PQdOJ#h}p4Kn`agyiwd1t>}>dL-OOTU;aW{Ii>`fYHT4mFqibj%
zF}Gd~lCG<lBRaEK(fHfCKB8=SPO(_{;BwhSnNAlg`iMWf|JBw<3{PZtpbZsQgs-Pn
zVRsqD;3MYL_o1WQ6-%+3u^q?Ix;o##6Z<U6M^v$)9yELwl}&sbda+_Q@wE5Fij~DG
zdeuIQbh(&m{a26Uuoa7O>e-94Pt}xli0-|;rH{x_klj&D*bOYmey+r`bgsQKyU+HP
z*~D22<s<qPW@%C}j$v&>cKh1cMp|hRiYJ>W+Kzp;E5x>1SCQRM3$y!C<*LoIiIWs_
zHnG?G@7{#(2en#6>Au&C-H2*jIt#0?wok0vxHMm<ug>oNUhH<NUbm8u=vbexH^$Vh
zlwQm)&E?yRYC?LEwee88bG;F}XS#EV-)O=<TSo;@&0O4&uM60cZDmWOYCXP_wiUaR
zZLQE$-!hAS^|?&nrZUYeel6!uT5Yo>5?Pgfwv1%=Tsd~ncW2kv#`!+g79Vlnmh9yM
zT#iGc*nO`ByX|cGZm-POD=ME$M`ddLtg?BzX6x{pl3dn(ZK-`(kjuJg0d{|FT|?&*
zTk6lQluN`mo=p~*P(7(~HWA#Ct^H$@MJ0ViWZ4=zo9JDIEj+wB-)|kt<@HeVoyBw~
zo9L3r?&=73Lv0=CP=(_kS(MA7mMy72T5>LawVGU@+D_7Nb}tp?8uDGY!R5Hk=cV3(
z`vv-s9-<HE@>*=PC4T(XuqIO)-jOE?ti_aB<g+xU1{2-2G_DR)HbLV7`P^EYDW@nR
zl88z*WTNl*i-qLBW8-#}1W_5A-e4k@MTwE*vu$4=+T+Y4%3CVYC?SrCngPjn)O1wS
z(wtgM;rty^l5MQc6e0Rq8fs<5`MWM8d$%^rO7Pn#M3-wYmFBaWMCt1?mEn^)MAhmr
zRpRw9(LgJ!EtXk2V&kkYR$E$Wsi~kXc=CDQQY-P3rO#|Et;JzWr)}!(#A!>7ZJb@i
zHA|JOtf#ndX|AO{^cG+er{0it86+}GE|t~29p$ogz*3SZYN=vRmc1{kSqii?O|-NW
zXXz8s*HWu;>~pagYN?#1FT{9Dr+ct$wU}vXlcn`yk);=wz7=0vnr&%^*ktLqE*$PB
z@w27By4-6WEslswRGECm=QWvr;W-phm)cAhXd2GcrWVsBk-^f=8cbKH^|9<)9j0p{
zr==iEw?&{zB3avpEW0BLTG@l@N6Io4w)DIvlSjr`Dp!Lky=-s8rESQRQFgJiqSj|d
zNheMy&aRfq$Ss!I+i+2GyQOJ$Ib5{dX(@-5HIeshoOx`V&E+%2W%N;R_Sswt%`~<P
zQ*Rk*>3nCVH)OQtT0XiyQ-4{BWJ0VCztrLfq8ircgQAyOM2ojUpY~<?OwO^g76q9$
z%Y8Q7!^RwLt2}CDExWPodrLxWiD%g!dCtm$8?fvr(9dm|evx;r>{utJbJAm2>zkVC
zjx1*B!;(z*WGNz=?G)xXAIgeWHp<GL5OJHH)u1sgS*2=dIDbbQH7-Sch-zlTZHsDL
z>Ib6cHrz7u87<O+zP030ZEP${y9CvvhgpiAnsO`+g6c&Rb#mcIMy08GSQ_1fDU<4L
zNfl+vrAFA)m)2*>r#`T<y<G}ZeaWZjq$b7rK~1IrHN#ScT1??;g{4nxFcnrSE$ywt
zR79<@BrQd%?+n+$+6`G&TJ5$eY;82I4bwhLjX?)&juMDyj-`IGnx*UGd>*tu-|Xq=
zkfmidTzPfI(mSAYmZpL(Sjy9KC#7CqU9xfBX~0xR@d0#Saiz-6)>Y}-?8eezqAz8A
zmC2HCRi>sYzoprr080s=U`sixvCkOwx~2M77Nd%!;Tn>u>sD&-F^b;KBRW%)sii7o
zDXpb;s-~q}wOQ6))v<K6I#Wm0&{B9^rp~IFrA~F2x~bM_*t+jGWa_Cp*!1pKE>70%
zsXC?Mnx&dE^-}|ggt*d&X$}!<cC7NzmeJy4HPZSV)PQNJnro?VnN8KA#d5XK(wxSQ
z7Ta)t7Hb|CB)?G0EmdjXJg$}cLVay%UOT4k>Y$}t9hr8kvzB5l?N?VVwY1@mE9E0e
zvybDO$NeBqC?6tUvE9aU+L90vrC4@F1zTCw4jktVP_9l)cU1{1TV+$Yuc9oqvp)Y)
zl`Ji@={;1{EZw#AR5h@)-uir@np?_f>2KA_QizT7Zxv^$pp~W5Z&=D<W67c4vvkT*
zF8!g;NUB-)3pbDJC|}c4t*oWZQ64?d(m@+%h+b!DhYeRyZ?kmRrchY#vsA(QEUtgC
z6mET1(0^K*Y-LsS6H61Vth!cd*@AOyEOm5dOKGjodOC-tr&gC{x`3rJmSS~;rME04
z=(d&;ZMXrtpQU~_g&}&lrQtS(;rcyGH!O|RQ!QPvu}somTRL4Yp<=X{syAE8SD$H`
z{w^)o-D6Fdrt9r#xmUbRK50d!cUYfYdpOxnOR5Xge0@AE*XyXpObhi{D{E@wT%j*m
zs$%IYeaX^(oBG%Ks-*}kTd8kYN&~u`R#Tkx2C9e_tMna9k1eg%_tNShUr~%!i_v0@
zeqd!Qtn3^8$Wj4I>+};#J*hTFi}m`cmu#bc?j_r#UwFxAv){w1yKvuXY01U8RckNV
zHf_9QJG76N?0cQold9(r^r_QS+O0EMpF6Cc`?Rl@Y`@OtML+7C)~B<?L7m$Y9YdiU
z9nyKdWJh#<FWJx9-_p$@?DLoo^eD<vU>Bwnx}aCM)4I4<xHGzhm+UuP%1d@mm+_Ka
z&{1Bpi@Kbp!#2H3x`LO_tGc?UX;Q}SBTbMv&|q-hATg=&P;##}7?D?sLm5UIDIR2G
z_eD;2@A<MjJ0H90GP9e@O4kP1`_|p-H=4q(vF@;(6X?3TbzhC)pLc>p-WHSpk?y-$
zIOh66?4Ha$jihI?@pYvTcK79AH!}CfbiZ0IzD{R-dh63Dkfp^lv2=~!e7gQL{paMm
z-2GDrx*u$P+L({|e?>ks2CO63#qTt6_sax+NB5lt+<oWAY3Ou=J~?-=&-{D;hyI(|
zJg)s8gz~n-t7*BMIzKMXf78m_r^}HmU+;V!^ZzkL|5v58ZQVHLf9${bIp%+cr2BHP
zHPQvKyT*^*_tM)twnp`^CHR4L+u1TrvTh@5y;IgEtwSzx4A#H5hIeyw*)_<?B_0;Q
zajwYE*JJYYb$S~%Cf_x>4)N!*C~fWhZ}E87Hy75$<6?GUz3usGJgz1<t-MRqg?+U|
z{<kswcmJ<y=&i%2>Ddndrpc>5Uro#9>zMx?is#>?$+hC)fALe%kITZv@INX2!nPa>
z+4^(U)}QZf{b7BQd$Vu5Jg0svwNFdFpL*v%^>VI%bA3Ybyj+(i<ze@%?d4o)_R7OG
z%DacT?XU7B_b1*l^vs`u?r-*I_uVWx$n^_kH@B^IE|rEh6&G^@+ef(=T<X2@aJ_Xs
zm9vkNPO>q$P&I9@J3kBi-257A8<dsZU#)v3kgsRh-tryWryaD{&#d%vF78oBXJ<dr
zwpYJu^?71@{x59%^3G{azdWS>Px;tQ9~w;Vp!Do|Yxuhjo6g2R#m2C}TCb#aJK6hL
zZBFOd>!0kk%Y{qb<<4ms=f}Do&tH&IxocgQ$C);#U)s{yV)OX5&DV6B$7}YwLV6CH
z&${hx4cTY&d&-U}wQa5gLbx>h<z+jpv=(R^z}JnewnMDzZJ&3nwY_aJ-7kW4yB<`Q
z+@Kug$o1AghwZyu?j{Cu%!{piF(23YC)SOyJ=;Lr3f{84=;qg0>hgFh3t#_XwM}Pp
z_sHgbr7fwG_Ij$le%Fp%{x%oqZGN3SgKVhvwr{*-{kXdHe@D;CWPx-!*nRXGyDRgu
zd(vJ{wb%dD^WWR%bidjZmTl|flcdY$Ymv0GY(sJ%m$z<Db}JipFV$uDx5Dg3M>nKU
z|M%-8m&;vScK`3|<n#1w)qEM)jk4}Q>$b42ci#Ws_ZZ%qxEff}*3ua34k0(WG&?qF
zM&;GNCA&SzO)fR>Ui48OZZ%wElS7@V){^|Ejb`_aUhHan{aH-Qf5cG4w!SyL<_WIm
zdu!-y<(;DIdtGnr-RD=dbB0&Lx*76+nyJQ<KFOnSN4kD>rs^GA@=UcW`CQ}Im)uX&
z4<y%nM(VWv=d3l^G8@yylQkAbak~H6XYx3knr?DfQR!_8TcRktt4p)Hsua5&o4lQ`
zjA$4(B43cG*l9GmJhr~vX74oR-fy$*&)=|PQwiJ0rg`l>y8oX4H7dc6ZO_x)_G3Q5
z-0Oauo!!E|9QG4?-}!O=S^9D+|F$-9W#?Vi`(G*XSJx?v{3lVmKKW*n>ph3}j%}zN
zNB&KE%zrM0Js7~Xu1Ky$<nGG0gxsB3IA3#eeo5DB>^!!y9j89FeS0CB)3x@xurJqb
zm-kHe&MIrA19m*hW?g5`dSp*$jhEx}ww`wksiCAujqQJ9PgloMTVJY`R#Cp*&9aVM
zzd&|fO}p*CnXbLtkqi58ckbC5a?*}UuC{cs<J4h0ze=qkEs~~J7-?E0ZLsb!>khH*
zZtIS<?o#V6k7J*^I<dRdx-+f2(Yl{mcdB*2vF^LpEn`D{-<CryvF>c^eq-HiZTNov
zZtOnl%I;<Brnh%`wdOn78?gJhKD#%q>tpW>j^#UpOS0R^x~;6++q#J{e1CgicBeFF
zcU4h#`xP8%BE`w(JIS7TZ3}WU?aa0o-OI+Ko9mriZ{}7&OKe~FQHCQVU2R8!7nwiK
z8zkD>*4I3D$9$1ui1{U7R#B__NxE*`axb;74Q07r-70V0p6r%1?4GR4?$3qUEgH=(
z?-C^I^J?mqY>P__<X(=`lH!8BQ#P2dzqEZq&n$fH*2peLJ%i8EouC{S$vx$Jm0UMo
z$Pm7-{BMyvJ2zin3E;LiARmtr4JcHQ=+odXU594oQP`~(-8#{&Al%B)*~g`IDksNN
z*t&&+`1-0JyWgj0mo-W52?NVLrG9T(FLvwKdrH!v9D=?Z<TR{gwRL*BKIdQn`*FE*
z+B*GrX8C8#PgR=yEs~CuW4BC!G!&=H*MI6mIP9F9Y4RuM6!U6p)n#_h>~iPa-d=ZH
zeQ>&Y*AVYJZdCG?dY4P`%9qEH^wwfy^0Pi+0qp);s0P-j^RvSGccEMiG5OL{e%-oz
zf|s@~HeQ#}h(IGtvbDYKJR)lr3R^r+4syL~#Xs%*a{uFE_U?teHFwtVUW>VL-+L{V
zJa%)<zmkJ%?=k;8q=VaO@s7>gdS|k+-PT%bxILeLj@QXHY-LN+#pBw-A6}O6E=MQz
z_UUx<UOPMguWI7L?zU?g?-<<mzpVm(&%iCKWJY$gW@5K?c6R@5h4Md{?Yp&)TL-oE
z<+}8f9Uoo$awTr;YR<dFQ`?ag-WGdxWO3GW_g(J1ZRqYesrUN&-%8o-&-`!8+S&O(
zm$>UiU+zm?@8sQo_WQ5>r|Vr^51%PJj~CoCH%-dhDkOiTsMVlQ{xV`{s|a!<tXtE%
zyRF;Ox~r}GfpvRW_Y-oxb@RUV5pPv4mET8%w7!<NjL4<S=g&oNa8$t^AMsQDI&_`A
zb3<~IR5Nl5v|Eyo{D;$wo$j=xJJZs|d->@>*MB$c<8`M$T}Q@v`+1Y}&!vY^TJe+?
zUyr2g31Td{Q{`mxf1<mv_dljPC*WrRU6;4IP3pOr{Cr5e*{s8Ix_<f2*VKxe+qp-s
z+&uqeOVWDE&fM16c}NXAo8=kZKf|tlCAN*P-1+W5#Q$<UzE!@bP(e}eQT*RgzejI#
zl^&e8NgzFV5My(%ZnB4BnCwV=+Ve<$EhYz9nb=q2O#U>YP_U!;h^ur0dq{|*W)Tna
zXA(z49X*ZEe%ZwVdToZ!7}iN_k|vjUZfUHiPnrbznn=SBPsCWyz%;(}6M30I-}xlS
z+#(m~M;~8$hb92Dp>%@GBMO4Hm-eN1Xo`c@6-<zMMHFajL0^$qR0ZX1k|6Vmx}bn2
zzVxO~Gf-<!g3K@CK;1pQBERSiT1k5Pi3HF#($h~21a*o}kp5yA=#6+^;V;I3YLP5J
zOawJ2S%8?~h^$NRu!;GQRgBH(7brdlHIB_m^fjn3$%4dsP$`lHiEWN-EWu(AWMxVQ
z_yvnYpxPxviB5tFkSs);2St!9L|k`dV+j>^A!F-?iYFkpZm7_7NSe!tts5pXfY`cW
z^j4mev2_cG{2;b&0TJfNrch86g^W`uC`yAkg@U3Ih*KyeYJoU~LZUH<Q+Qpp1aS(l
ziw=%#3iP&=r5WN_-EhBfk-rdYHbbQCUDB_J7;R~aQ1z<%MX-SW?Mm~aM18+v4v0J@
zoB0(NJFQP{0j>Qah41SuzAV{iNf8fXpQXezOEbi+Qtkapiz;+xjnjLa(ABSuXaWl8
z)r)9L3cckQC7yw5wjAwOP86r-VjQk)%Nc&<#WXrz!EGf+$)$c3gt4kl5rs-`^s6W;
zfHFq!@~bS8KwtIx#jmP(Xvwvz>f&z@x2o#&UMt5r*2Ar;hVTV(tEwULfFi>ZWK9tS
zsvPD^2Oz^ibGjzTTA~DKc~@UiOOyv)sc_M+wx|xeSK$Ux15jdkf~+H&gNB6riaMe#
zXlX)%tSh>L)+PATY3IJ6<B<uno)`?e66q`Ii4mX<<$Yy+F%C4i{6kNDF&Q+hOoD76
zW`RB^<4b3z7lP_h9vX^epm@qdL$Mmft+<ic1mafQNPG|CR@_+Z2XQNIERKTObn=x=
z#A#4sr-z;<;u1)tO^{8+El`%UzVzz~e}M|e-uG)JUVuu)J|{|B+?CNTotC~5odtAK
z`x51LWNUeI5eOOgpUnjy>r3uGn~O*gx3O3e4dONyE2@FGjkOT<K-|V!h!_yJv6i9@
zh}&38(Z!KXy_M(<Ssp6CR$?G1h{~^(7!K-8<=0w_0rjEsYb_=@va!U88IX;N%j+K}
z=7T21g%B+P)ooMMzm51B6x*f@(FR90mUyuZGA{Rcu?NKE9xo1qxbC(UCqZ0y+lmVy
zPQ9JD4&v0?iF=N03hl*H$ZB?~;@@8ANN4LNooW(gbYy+fr~M)0(V~N(iI6Q79xXbE
zFc9m~Q4|HSE*(V~5a*$js089XbP}~e+>Sbn#vpD-okc4Ux0NoU1Bly77ts^Mb-t_U
z2jV*4RlE(lUb4P_H!%uiO2rU;0GiY^AzgPd6*RkPxacnCI<mR#AwGkQbK66F3F6%L
z5Z{0}w>`zTAkJ-1u?xhx?InH!ac+Bw;~>s$g7^)@xlIsPL7dy(;!hCgwzqf;;@tKT
zl0F&2?SXUKhrZL`X!h#~vaiSn`r>t8(O2XHu_Y2k2#76_D2jmC5^so7AhyICqM{>f
ziGHFcWNe9kq9KSa(NDAhu_gM8b|AJyf6*PpmKY%TLno{?TVjA10%A)H6iFbq#6a<$
zBb)jlF$FU2O$UkDAnr{EiA5l`*<i68#5Nl&)_~Y%Z;H(zw%MCvCy4DbL>vIIU51Eb
zAhyd};tYuG@|L&^;vVd6aT~-v*xTZvBdhgL@i%0w^-z(PPCawpS?i&~7sMqtOymY}
zi47A$AkNWn@j8feG+dMbagN>*<v^UHcSLm%=V*ke58@n+5Y0iHqa+az;v6N3t{~3Q
zNYMwxIT|SjJF+<%CEkIIb2Lhf1#yl>i4VPezAI)z#`Wc0@d=3Q%e!JJh-agt#Yzy*
zMn{W{Ag)Ve#C8zZr7>b3i0jf=aRkJ5X{<N}8Wk7sKTcc(O^WMEbkmW|!+3EYGS+Oo
zcm`t4#)~xc{wtReYxbVV1Y*tJ6S+XF+55sD#G1V?3W8X(4@5B#YxaSN0_7`^ASZ|_
zpwI%ow92Xr8Wor5KT$LVO^O>r6z9llJxO$ejJ2Lbrz@PEto0-@0K{5<D29Sq>kq|f
z5NkbIOaQUglf`rpYduBG1F_aq#OI(<aijb{5?_HP#eG1u-jUU8s@MwI@yPoAQ^ju3
zmB<*PL!f$H>-$d=CqVICV~Ea!3dh#>pDwO}O2x(y-32Ys_5EjvC!iHNhDh7PPCRe*
zq4VY$9N7|^DYAn&?=wYy&?d_JED;JiM0uYjih`zfOOUfgY0%f*eCd2{CD0tQ%N$WF
zSw?o5BN~H#A=$^GCFoC*eJnbF_E8&~D|&!VP#c>o`hohEuJ1ojyagIvI)-QzC`<3@
z{`1BApwQlPh^9KSx&1`UwZt?31^%Ci?Pa(YOc5m-R2K`xAxpdtSn9t}MA0{BST-sA
z8~;V30f<)xpNa{ftm(J-e<t>TI>zqyUo2|SXSX=qCVkZZbFtKtYY$7rN)TIjiP#9@
znzdAH2XW0>D)xc6W-Sv(KwPtyiBq7zD<sI};vy(>MPIR8+ywnx!dHGF?t{*kc<A{;
zJO_1bQ{Vqfk;b0XqxE!~7^2LeY0Z4)3Xu!6s@X%&3K0Nm*Q~z(SE3;3t!6Pq#X%t@
z>id5!qCjO!#1PRZ(dge;k58lX{wqaYP@YEDiJE~zTO_1gCFn(G>oc-NxL74RJF+FV
zS|mU=l=}JAVgTrU>gQLBVIXd|Ys6>}TX&6^2x9B571Kd%-L+yqh^_mL_#DL6{YHEZ
zV(YFG>p^VYbz&Qc*D~wH9uTi(){Da+9*Z}KlOP_8H;4-$w$es%9mH1JDDHvSx|_sP
z5L<VXF!p59SPz%jW|0xZCAL}QbY!ixMbPrlT9B=@MTCLaN?Sw(h)2V3MHvu}hTn?H
zARZ0B6SYA+8h$65fY`cQMJo_ncdO_KV(V@bJwa^UZK6Mjt-D>k4PxtV7w>}DN;|{{
zAhyyDF%86)|6a@mvE{!Pi$Odx?-VOQJTmVT>p(m*{~*2t@yPsx*zL$#X_q(%8Cz+W
zI1XYf?V{6f&VoFj*e$Mtcs{XP+ySu#_lU<Jw%{J2=%g;!a<<@Jksibr+$*w!*n;~+
zJ`h`Qp9lr91^0_0AhzIsQ5wV+JRmB9*n$T{Ef8DqN6`qx7W`4P1hEBw674~3!JkAA
z5L@t|cmu>1JSg4*u>}u_ks!9<A@RN=Yr(_fBgoi-hs7KaTkx>>6vVkbBEA4|ZjXqy
zAkOX2Vhf0K`?L4~#JN2x=x5BWJvp~W#V;Vv?J;o{#JN2tu7EhVzlc9ToZDZ-BS%*2
z<3dz$akAFOg$Kl19~W6cT(&1f9uSx92@wq9vOOunL0q;cMM)6b^H)(G#P<AE)Bv$P
zPl*N~w&y7k3)-d6`=1tVK_~TfqHd0?)@MXt$XM$$VlarcJ|jkexVD}Z<3L<n&x*+)
z&e3mT7Kn57n^*|q9Gw%(K%Ap<Vl{|!bY5%%agNT5??IfS3t~Trb96x*1#ylpiqjy@
z(M55|k<HQX;ud6FLw*+zKwLw97cW3uLoNv)Ix)blifhOvkp;vx<g$1T#5Lry2n2C0
zxFQOHxE5Ryk)Tm=_x-PmXwam%r$p5pS<SAAdXTYZ*F-ZAYj#bv0kLM+MQ0Fec3t!a
zv1T{KKoDzoLktJ8W;ewc5Nmc*Oak$o_Li6d;yLXt@d;>DoDR4xmVhS3r6*eH$ZGwE
z*Z>)8{fF2FVy*uWdqJ%ApW-lxwf<B53SzDAhzlUr`i{5(Vy*9rdmz^Ou6PF86O)kc
zo-lNNmCNWvOt`owGC8uE-4{6_W6kahKM-qnUlagsBF!F%2oTRIABeIbo>l%ODuZ}d
z`Io2z;#uWG(Ii<$T0a!6K|HH`Bszk4R{2Qu0`aW!vFH!tS><Cf6vVU2C*oZY&nlmY
z384BkYCjdzK<#PNek$fAhogD<GqE^19L>w0iLXE-XkPwYtOHG;dHHj(6=Y0({}*C6
zD5r@bIs{_N|1C~{*z$ji^Ny@_g}jzRd-4kzN(Y0f9O&6gwg4q_S97$lgnxjMCu%r~
zj|dO&k)GO)nnjce@W|qI9o;EiEg-$zVn4|>R$MCGI3S~J)yT=7myQp}ENe7zR3f5V
zfUo?$8PgOoqvwEtY_fNZlRb?X6_8zq#xji*Rih>Z<dj!iFijD=nlBH?FGE{7%39{T
zfB?A#w6)3)0fDkrYnF`^f2TVf5G)JEIiG(-T?i;BtAO~aP`K=8$vt-}ELS?Byx$8b
zDu=Y;aAWDY)AN7`*(2Ujd_>y7;xehNqh=8~1Ix$-?HoOgC=gg)c4%+OK542bdw_UP
zyrS#};yv+7@+}bWiC2=NK)h30S-ubAozlv3Du{PjtH_T*yu(^Weg>*nEkRb5UxMPQ
z`HHIY8_>N<39_2}7Gx^Zxoo)$w48LQE`I{8C0(k^;~*X>YslX~JW|$>S3#>Q`O2E|
zPte{<4?Q*IV-W9c*OIg)N&m)rcyGIwOb_C{?b<RMi1)T@%Y2|yaS?%aWC-YHToh3e
zN4B=sm8Br#edxNf0*I|!SJniv1?$O%AhuvV*#g8CtS{Sv*n;(CcSkmb1~L&c*{phC
z1NkP%w^>7?Bv6L9>VXaAcu?-RhD1{w*;pFM*^otswF+z`7lJB>wIf;%8rim0U}L!&
zG_h?vqRozMEKTJ1kd>p6xry8lsz)Pp6L}QGIch3TgE&V`<t0!O)rn^E7HB5biDvRI
z5SML?d;#LJjge_P3i>zJ<4?~Kn#(Mp$h5w620OPSt68iJgp6$+D+__x*0C}Y#5J;o
zj0SOyY$2<GR#&R;-%{2C?X46;6ywOI&`QQz;?;H6z*aJ}6Klrn>Ar!j<pfJpM2{B3
z0^?+k&Mb3J+1kkFmfSO`co`4k8WJzNf_NlpEBk<WBxx%LgE&X+<U1hFQ9C&fbd$=V
zz5EdLoXVlSoCRWgc907|Y|jpI8R%3S+Jl#?K$qLl9=zNHY7ti7zmwbnN(_r3+7J4o
z9PPo&pFvy7(H^`!4LVDDc9Fk>?vtKf<So$2LbL}jAAoKbqCI%|0<@rWg6t-Jy0Fd0
zdcNuGE4s-npk;j$WOw;mvaFA<=q~w;9{ZdVLA&m<5a_cA+I5$aAla98-DNZ=b6-BI
zSPi7fX1!!RP&TqzFBt>sQud->f@}jCT=oW07tqkcwCgT=gWfAlyY6xj=u|`6b(h0I
zR~yo<yBrJZQ;&At<s{HM^=Q{!&IC=QUL#R{0-8&8B2g{{RY;d0-;gUojnnzkw*@wW
zxIgPBw}ZGp>nHbtxIgPJkAS#8>n~3^vNd^tya-uz%=o|o@<y`Hn2(6=gYGsNA2?7x
z13hW-5mB11*77!%K{AsgPrttN0td;Qp!fTJO5_h3ujd60mh{zBTVfyTPl<{-va!4=
zqbzZ&S|0eOOzOryxmB$Vd`n)n<l50tS*W{<g?rjzvN(v_(J&be;&wD#Rt0f88ZPUB
zhElk9WHZoc3ipm|1KLA%cZBQ=`kCtP2-zDHOy!Uy2ZD-GIV8#9pm-XqM#?du!8BHl
zl#@V*D7{f~2IwrMH%fj2DnjkyUAY8Qf!f2nawX_A#W`AT0NtiIN6YP?5fpBW+zXmY
z;l{`#pv;u_vGP|?Fy(!$ya?j<K2F{MaeE&p?}NC0j+f6sTtCOlG(DWHxqo?2W&&~l
z@}A5E;&$}D^apV}dS4a<U5%lgZdnZUAcl6jWfbU4v+n~Z$SR;4&Gr-31wAI&MA;OS
zC1yWS9Ekg#NwO1&`<_WM0W_RsAIbrsX(anl4g=+^OncjMG^i-eH73i6pf1$+Op((;
zqp0thBIkp)Q{VHE{2X+Y`ks&E*PyM`_e_=RL5HaCnJTw|@=@P2P3{2|qrPXFJPg{e
z66ADw5_Deq(zm=WfLf7khP)2yO|lvC9w>x%x@XF#pdz%>JyV*Vu8e9?pEXNn1jSOH
zHB06M%?+ddYv~7C5=Q&ivH&QM`m;GQ0#uUvvpKRXXh?#u{8&~7y`S*V^RcW0I#=zY
z-(1-Q^q|@eqSm0A^yGY=><DT>PtNDbUZ6W|F8a-v{XuEsZx9Uy-K4hiiF_B7j_Uj;
zassFTwTA_A8mKDC7RY%Z?voeF#USpJ7s{_d+$S%R>p<KmFOpk9;nYWdDtCjTsE_<q
z9s+US`k6cd;=c7Wc^<@l>tcBg#C_{xdDoHc&pww=AWLk1H1Kn&dbu)6YJQd|1L)K4
z6XX(^9kjZ;6iZ}&M>dwFG8D2YMXv=el|?`ci~d1W+RNuMSrIaBsmo+d5VzE2vJr?|
z>T=lv#4UBXY!5m}v$Zc|chIjiTl+%30peccOF0C@y~dYvBq(p^i+(HQd!Vq+H;6t0
zH6htoat<htWM9coLGiRs{aStj>PG9-ujN|M8zfsPw}3{FY^D4G^cl%k$sa-MNw!M<
z0?N}oA>C?u7F4u(xL7T(fZ_|#?z#K})UN>Tp36rd>QU0ImGoep{*Co)DHkr*%5)&^
zQNEE`LENK!BlCi&Ri#@egF#Ee!o@mS7}T_Af?O|4g4z}J73*aMPy)#|$Qq!*B-<bx
zf-;m(kQ-$zD1UkS-j!?zDqlT8Zj#+V^{V^QcbO7FS4hvz@=efV(sQ#+0_CG{TjY39
zVG6fJP65s8Mf>G)Ht5q{v|lb4ftog;{c^b+)V=}jm&-NDL~Hx4ax<tet?jqUosMkX
z-6jt}#^cI1c@)Is$~JihG=(g&U0wn$Bui|Uw?PFe(C)eX3sk-W?ViiOL9f%3<?m(M
z-mb)==*jZ;($|qqeW%QAiRTl41@4q@^kttspAbR2<O$HUf?0z0$Q+3*bF+)RvbiPq
zENh>P2k{JIpX>_aHnv~(0dX7KF9(CTjUABhfVhnvkmEqy#(tC^g1C+SC})AVjr}AS
zfVhqQB$t7>jUAM$K-|U-%1t0{V~6Ap5Vx^IazBXM*kSoIh}+m<c^brR?1=mw#BJ<|
zyanPm_OpBd;x_iPd;#J%c2xSj!8RM~;Wl<uW&v><J0@QPaT_}(13}!zevySh+{S*9
zksxkk$7M8#+t_hg4a9BigscbRHg-bBfSMM~9duH*0kta{MAQY8K(b$DZ_r?p{VE56
zGL+99bV?2f<u4yZG!|68dhVdpauTRs^&p~|peyBa2c40hfF73%B3cT{N8!%Om7u~D
z?yTGh;x_i1+z#S4_M6-X;x=|p9szM1J10*i6ScAP@*;@a*m-%=k*(zy<oy)dlmCJ&
z)z6lSNQ@~Q^t&wH-_hm1Wr8ltCIcKzX<jwxnw&e(QNMx>gKo%ygP5j@^gUVz-I5yy
zGffd$>vagaE$@SPU+NDT_9n~5dJ>!W3i?wP1tm4_M^pyHquL!=3B;q?9a-Cv)%vb%
zVrhmb9{N_$UHQfkj&p`+QejNcU-F!#DZ(#ea?nFr=Pi~^5uY`m8T3eQ0M$-d6!chD
zdE3eEgf0tuA`>jR)%6oO0K}_;Cvq5wR|QYyXb`vQr*a~QR|U`HbP%r!p2_(jUKKo-
zpM!W+@LYZk;#I*5xgNx;f){cdh*t%F%RL}o75ps^gLqXS)JYJp3WT}<;#GlE*Fn50
zkm??YR|QHv1@WptDKnHUG1kMY0<AKFcvYZPP7tpOjPe8Vs=%lMAntq8s0a}EJ!w=~
z5cl3bsxpXsZy!|$#Qk7e)da--U|Q80#QmU0bp&xg=uy2uyedei`h$2?kdA(C)8*kz
zvxIc%)w`e@&BEzBa1%g}NtQuP17)Ed`3!0vh*t#})nX8@3Nos%K-|A%QtLq6zhqKd
zLA)x+tagKVRghU70`aOKi#h?~RY4YY9>l8xUv&+{s{&tj7sRWAtm+AfR|Q#>9_I4L
ztAcDQ1Bh1z*;Eb?uL`oO{2*QxWLIGzUKQj}MM1nO$f3%BcvX;7RRZy<Ag8Jg;#EN|
z)fmL9f?TQ<h*t%#sSY4s6}+Z;f_PPsTlE9+svx&|8^o)EJZcn(R|R?02OwS*<W*Ba
zyei16=7M-tkWYOE;#EODwF1Peg8b?m5U&dItM5R(D)3XgK)fpOQwKr3D)3jwLA)yP
zSLZ;(P41uobrm$p1QFc<eL}K8^%(Ru$pV!c?#gH@$%0gR&>@lqsq7$~CU;P<$_L7k
zCWt5$be_V6s3M@d6fQ)SwzNwG(AXcU+Bli*2SZh7_~f08P?Z4UJ}XoW1aY4griOvI
z&k9pxK)fSZKurYkj$i>b1H^5!pqdZjwpmau0r8GtA@wzgcLWQm4Iu6dURT>d+!wsA
z_JVjvFkBr5@s41)`W3|OuduoR;`Ucq-2m~9U=ei>#5;mT)H4w82-1&rz2hv;JAy@3
zCJ^rkMyQ-1-VuyY{vh5FET#%1%c%VoQ^i2MBUoIO1@Vqxaa9GxJA#p_4v2RIBUMun
z_gN)WYY_KYB~&L6?+BJuy+FJpSW*oD@#?b_{e-T|1Ft?ysnH-_eU?@eK)m`at)_#x
zZ!M$dfw*riqdo`mj$m2!6^M5P%c}Jt-VuyaTS2@d7^U`rxPC^fLm;l7(ds0K>t{K2
z9>n#toVsqw)z9+EcZAJ@t)JypZbu&0v%Crfv7Y7C>!6|039^EU1Wk(e6%|xD&_<F~
zRMkL-NmfzS2i+xEB^3iQR9`BocuP)~%BqW#SzRit-tft7rLr0b;<i#*4F_?1sG`Pz
zxII)+lR*45qN<t!;-?W+)hD2QRWABfQ%gXFs@x!23F7uwU2Ony`>U?DTXK5VP*<GH
z>RChm0iUdA4fPPjde%@P$<+|nv!?QZSkIa&D=40x?bcFxKwatCZY>oI@=&?gR^gzW
zRPMD^Nf18)ucOL?_z5_D3mwFHsH+-)I1hDIEQsq%J=GS(^`)Nb2IBfsU-boXeW|bB
zwB+*MK+SV9oA(B4F?@2~8>kf^&U*v34#atHsJ;Vn-W#gjATFau>L7^AsF6AW;%7FE
z)j1G9vuUiZf%vIV6Lkl~PlcMOCm`<YnkqF?(7&-B?(3SW3?P0|*i2;y@sq-4DnF<a
zy|WjiLP0U~&R&cv3SyfzSEWI0v*xN2h;0_DYJu2hv8u5pXR{V+kds-PwNS(1lWo>Q
zjRCRETBu1Nek$8i%>eOJ*_P@PP-GaLJW)$Pd{U{ES_$Gh(OPW)ah+(bwuAWXzBsiP
z#BcY-sUx7o@UMc}s9!-t!q*aA1o3-1@#+SM-_wa#_d&-aHwU#<&p=lqw-Kco<t)!9
zmD;IHAU>(oPUQme8yfAEKZxJZXs-%__#K`Osu+mh;pw2FKwJ(TRTU7ILq}B?#O2UQ
zH3e}wbW(93KB?4Mbpr88rOqk=B+~8*>Y@gKvZOskGz?TY_Eb<;H5ybZ_5#sF&@O#F
zsGFJ&I;rmv&37a|F7Y_1yZSPPe1dzZO`sJe=n0kj(~_$pJ=G&8vo)lrqF3Q<-Q_bz
zJ(UN<XN-EPtROyP)Jx?7@fo9DD%g>YB|(KJ%c!0us1hKqX9=o2h}&OpRUO3bueWLd
z;&$6dH3xCK?W5X)_?%Q<)fE&#^SZvOuOpj!q8bbt*YZU54v14vRO3LL`Wxy)5U2iz
zng!z2`>6#WPQ9O62IAEFt5qOQy}#N7;+}7S+5zI8Z-Ckl;@UG%{S4yTGf<rdaqStT
zeg|>w8KiDma%D7Fr5kNa#pZ9Y;%h!ZDJta@sZ^q9PBA1!wz_mq@pcNWDwR_VOQDWU
za*B6U4jbnTu|GabaFUu28qq6n@MyKd(ny=$IQ5OC%k<&RoMN0>590LRQyW2?-Un(k
zh|`;>z6Ei5AF8dErsUqxBqVr>+HZ;9IVnhV6FxbGkCg8i&fjIpDNIwPK%Bx1)e6KZ
z%u>TZoWh)x{M8AK2%f9vTN$TNHh7-e;z;~epi=OB6*ZPq7%Re}Dg}S0a*Sh|B0}gb
zn&qmLCHLOU7b<kTlkqz>E7iA_IL`Rs)#|jR%aYSutA>2weCBH1CHNavVS=N<MfwM?
zR~aWVjrA;{`R7KJ1GJImpBt4Q=v(URHmNYsPt@0KQW2m*p|szs%7BtWX}?uf2Hhz;
zHr*Cg8}zvB2%;vS+pW&~f2&%7p0v77)Dd*J7wxyIo}gcQ(SEDy4{AYk%&qEeP&b-m
zZdLDs{CfDxZR!J1)gBK$+tf7BxFWvvb^E!XFN-|%Y*&jN*}Aktt$^%y*aW#leFJ(P
zCdCf*9jI^-+HY06KoyG6eychNVy$<o;~>_0r#c7X-2R}hf;hK7s5>CmY?pcrV$F6b
zHOZEWC|%D->{kActe(47Axpe#G%R?xngyy^dQR|uRpUbrH$x1MSQdOh6`IU6MGR|^
zD1TC4SaR=D9a1+P(YsXN1RqfyK4PEzF4d0UU(`-ee8i66Q>w`{Cu<gQF!-D@GaNmQ
zI1_wX4V%g2&hXz*D=fLar<>{<5ch63)psBs!*8iwARfbSse>Ty-EOPnAnx66t8*Zp
z5B{O9f_Ogohq?pe`QV@GF^K1be=0T0>gnl3vO6k0s5i;(sO%t~7u;3(Ks+zFt3pBC
zW8PCmK-^>AQ>8&GsrSCGDuVb_(S215#81l}s74@uTJ}J-1o6|dzf^k=KP~%9^>Ad%
z_Mv(MvTCib20v6oK#f}8B^v4F^O1TFvR~>y4}PSkfX>&~A&=A?FQ1RqBFI?l$7(r<
zwSKJDfY=gG)MgM{;)&V`;!=644uH5+o~mOYE|q8M42VnRnYs*$pq1%!bsJQHR;JI@
zLq|5ZFVx?Vv1Tt++S#teShE+(7sQ(Vt#X4{v%ggkh&2=Xbr5SNbO{h^CUrRwYbJGd
zM>ch(8(88eBk4nw&Oe7!=O-gML(=HcmfW)tkKSqNvb@$kEF_)&{9~)9jU~NaY01gb
z>xy$zWf?SI^JvK7GUz&1HbcZm6bZ?wzi>W1qvA@3WYTLulj156Z2^smuMv`2?*vVb
zuSfJFD85Y7kSzKbsB4*)L}x*5!rO)T>dVQp@GeAufX0XU%B=b!=%cWQo~+vbXcmnD
z+e#*cWYeB`to2yWk0rx0WYbw4+1zH=`7OEJX4m&EO%YLT`-SAt4d>f%)@M%L%98V$
zQ?L9aRhCO{u;gU9^vVS+qj$x6_X~MVr(2lnGq=v_$n&Hd?ZW9iAWwJNh10>H5PEkq
zj}8Y#R-!L|=#rqZ1?bBkx;*Hk0`%n%T?2HERz&%91JGSs5#`gdp!pOozitcKK;iQ1
zZlK#?7ybNnU(oZg8$@q{czp2JBS1Vp`0MeY17Y;#4?P)lCXBxPp=X0G(%2EG7lIzp
z*b%6ggBsVn=oh3{gWA=*L9`iEnpW(=`g>3<TCoS~10Wu?L-bJ)kJ=&n4Cn(IwL|qK
z&^#KoL-lP(w*12MBTF;H(-y-+!u07yTq-lfn!@8k3h4%)IocdLB_v$$v@})x(R*$P
z?YS<t<!4K*sBQz|5-X~^fVjjWbZ-!sScD$r$fjOQ4^JW5&(dR4Xk~`tdU6VV7E(el
zNue)7O6zToJUoU+>pdVI!=v?K5SLLoeG<fFR8C(2aT%4@*FjuH<@G%fmr(`%6vSmz
zL7UHAZrRoqbw&`|x}werVp~_zejv7WC0)Rg&242JkwUbKqsyky$_!O>)fDm()pXqy
zqBn$fvlLpHp}LMwAs<mwcS#}IRndJ?Xk~_4`b|e3u32^T2oTq-I(j^aYgS!78N@ZK
zuAc44YF$q+Od)!IS1(VYl^N>mwJGEy8tN@6M7tdNhZI_wp^-kALO!C2KAu9fccIUv
z(8>%=_4O3mlRrimSz;|u^Ov<DvAV)iNBc@_4QZ*5g5o3gg~aJ1%bl!Q#Ho<>de|3^
z_!~rB^}sKg-2A17UTn$DUwY~lAfCVU)ayVzf9a*a1M&Q&m);HH@hCwb1o3#3pihA8
zno^$w*)^rU2I76UKKc%b_ucyFCm^1O^wnyG)!M`JkiI$th{w%DogKvEW}?pT$d=I?
zIux=wU2lcFp^Jc)cfChc+RJA@T@kX#uqPq?bWKp@FcI2MHv)}p`y`~lZULIuR)qG~
z?H$?l2I%gP@%navP6V+92k0T7Q*miS2kIoy&A6;Y?>Vxu4AN5|V|xzLvq5anL3$C0
z?KxO42eCZ|>op*@=bL&ni0%2N-s#AuFhn1Kj8hn*kAgUbA^Hr6Q+P{X0&xm&>DwSq
z;cfjFh*Nl5|Lw@8FjRZK;u7Q8MgGvCdKM^c?*gI2wfNeVCZ|3^dqAA}2%QzQntGxn
zohMmFJyDVl23?^yLPqLv&^>x1WTY+$;`P`lT^_{iu~E7Ps53necvm+7y+O|d-qo?7
znw5R!Xx$dnzVbuQXx$CO>#8xjFNoJwWAvLKUcHRfBS5@*8LP)TvX&U9CtGr>>v8%|
zM`CWe(xKyYp_OcjDdN3~bwc0MvsOEr6IUnneO+U{qcEZm^tKI-o)b;b6*f7FYh5RF
zqTaCCQP0>qp_6o}ZyjAKTPO5GeQqn$3~{$@tI)~%PtYH2+lNlkCAT@*FU@;|PSq7a
zC!z+1PSb}hO%cnZ-XY4roqdk=$f&XDrt45prl=7_ML~R$XNE2f;*&fxbS02q#RNH1
z*8-Iw*-YISG%NhQ&{?`AXmR+5L>)l9qdQyo0P&9QY~2sUJ;NOR7KnR>IeHX`XU!k$
z_dz^s{#Z{1r7xQx=jx9^fn|NgT>Tj+EKN+>dHPFGRGJx~^Yk~M`m|3pUw;dVr+uRN
zdKYM0I$!yT{t0v_-9yhO`Z#Dz%k%yV^lz5l^~@~4IcR~t0$Ngj8_}PZ+>X*h-DZci
zwXHo1^*~EAJb~TkhAz}=9f|VY7ZKeD6(QLo9r!(mn<0L08xp)o53}TI-6B06vc(0L
zk<aO%dVN-feySINmbKX!`k7t_+S+DY=wiJalr~{^=;!(>XnrKUm99(ebm{rDUh218
zF9p?&_%ZYgebkameT6Ra1N+=1ikAO5bcN2ii)o6uUH4Sz*SZMkeD`yqEA?8?o`hSW
ztMt;{?2}jQK4P_A>B!c>)p`Sn>)>j=9mMrzjou65`m#nJ0daj<tA7P?eOaq7g1EkX
zqi=w?zI>zagSJq(b@~}-FNIsD)9kUDdG2)D9JF3%0;$g1h;o6rq&H}P5SR1@T@W;w
zR^=OYG0+%Vm2cEhprbuE2W`?-K&N|dBdQC^Omp_lx+y3h&Dl5WIMDIX%|TmqC(!Sq
z+lUfCytDqT9suH<^>6hs5Vza!^k@*b+wb&5P>Wu7L$~Vbpw7J>5iPK^Q|t}(5!-a}
z18j+rqIWl@@jp2l+?r|eL2D&je%ti-jyzL}{vEna?*}a`nkH<UJ_@Q*Fk{$ueHv81
zU^b#lAb$F|L*D}N)5jh9FHnnwyP@Cf7ohG5kBHJ9vZ;Gk#O4Xxsk4B##|9AP2AK+X
zLx0eLpqv#R5f!oI^0!Ny!!Ac-NwZygmL*pscj*O=JayZa4%wxbf?Bt&K(q?<L*oKr
zyY)uU*~UePc7TeIb@%9fpbBK&J^H96m-=3v;|Qm|lfD(=BlhaGmPU%2y-SAe)jfW;
z`LovDr-wT7Eb=6z+o#_JeeDSs`}715pEKRBrzOj}`HKB|9*ED99?*+He3tZp{tC2-
zTE~xi9f;4a{;0Qt_<ZV5dN=563ip#f1mYHVP@e#Ci#w>#gSgfm($_#->kjF=puVN=
zh91^WK%+}PBGN}~Zawu&+zmaVGl1Hcctn%~)VJ&1(4TdF(CDs@h{8Z4V(*3?)kQ%Q
zVjmHe0U2{Q^q8&$%4r@E)v@Ht;TPTemsDH-q6a$iaO?O*4+C-Q_(hMm<iZ`-xsRuY
zJFWvAQ46S(^|&qsT3ED??{OUo;udg1M}xQpoY2)kC#dC|)b&7jsO6m0F(7Uozv?z1
zZXLhsE+F0uI;DGqcrWOb9t0W_Upwry9uAru-;ii5h<lVXdJ>3xlrwrJh+EEC{RxO$
z&RM+_#I5l+y%NN&@i)B@G(PNZ=sCR|^ikL&qJ7EX$e!o*5fIz+ygqHo+4F+Vf0FGv
zQv6V~dDsR02(&V~UD!qa=vOEEuvgEp%ewX{N44tp47;jZSaR+5x^Cylw%hBv8;INO
zb)5*}y{8-cO%U%r-Ox!O-g~;K$Aft9>873n;=QL^dUmpm_MUF(MIg@mZM_`CdB3gK
zfVP$F7xstV4EnL;n?yS;xxD|W&1ue&>kIzWfoGVe(3hp&3HwtwvE=f1M|XDQ;ddGD
z=mZeI%Xmi*1aaHEtA~NOZQj-6ExGjW=_+SA1sCT%UB{7UAC0j0bQ9188e#A0)*z1a
zzU~O(IPdG;mRy_<^l2xvebxj0yH~ge`leU72l|m$xWDv}-%@q?OD8$<^dw#W(&ItH
zNSD9#6cFq3P|pUjE)Vr05Rdkc^l}i7_K)-$5Vw`bdNYXI%45CLlFP#r-RfMbE>Cm^
zNA`<SPjn9ur}sqn195s!^;;lL@2MUI;`E;B_d#|CSx>X%(tEC>&I|hI%Hg@L;>f1=
zT-O0{de3!pOD^0Cz0E7!3%%zhS*Z)DalX(M9C`Se{tI0L#Lx6!=!PJ+=ifRO#OeL5
z+krTL!gK?1{)9;c@ytV-H$gn}kR}PlV}LT_K|BU1GX=!&C1^7n#P20&vk1iRB^a|D
z#P1~-vj!AG<3k#=8B~_Whcsp<s9m$Wp+4pS=&fdth>n3ewz(Uc)|>$iZ1afdswHPn
zkIDUes?9v6up?Uz9#ay;cJY`BAht_7Qv<|yNoN{@*e>Z!EQsxr-n0X;T{4(%Aht^e
zlL-2m@|V%P2|7>t%V?57oQF(iJc#p<$xH!Fqr7J}vq7sU@0raa5Zfh-Sq@^mWHD<%
zY)@aa8N~MVH9J8*jmCv#H3vX>8cifR2I6mBWiw|${H?2O=Bg!U&+MkbWwz%O5!-uO
zSax&HlB?x8%soe*`P9O5n5UqxsD<Y+=87!`Yx$feBZw`Z)8w|~Qpjb-JDKfma+%3q
z;c}T-Ug2_?&%DCDW<sx~mh@|;h^5h<i47Kny=LlwW_S6VsJA0=x$2ih^FV_<Ys2!I
z4WQ!P)`sObKZACbSsUhW?t^MqTpJc>BCm0JqeYFhYr}#~14|>t*vKtmp=PC%**p|7
z8!U~rGl)WF8;EBRh0I<M&k|lYhe13`c-{O8;#oqtxd7r>Lb$mBYEWorSYdMy6jx{;
z(KFD3iig9B7<1iOes#s;M43Q5zb<NWf_Q#i)cAvVmJneIfOwV=VTyrxmQc);1@SDQ
zn5hEdk+Qg{1LBdgxM`Xkj%EpwrZtFX36Z9YC0FhxOqCm~=SY!0;%rz6)8(e4A86K9
z+63Nm)V0Emu+nCMC0FZ8n{|%t7rjfH??AjSRod(Z@vc}Ia}dP4Vr9$;5ciQ~%{dU)
z$g<`dh<D7Q%pDN#m_?aqmYmknX7X*;%;^$sW;wFDM4JU5)+O33195ug%qkG4SI%q#
zao<zk>;Q4!Q{L<c@t9M={0!nTr-C_c$>~zjjQ%54mx^YBBM*P&p`w`v;;%eZH1j}g
zmr7<ai0x9ze3k5z-r1{c)`9q)y~<`Qh~LYrVs?Z0y}T;s5QtavRm}+yujZ?o-z_;k
ztC<OZrs`SEOmk$%v1(>6h{v&NW-*Ar6II=;0P%OCs+)D7hxFcB4f7o+Q;BUvyFsJk
z9)#622SJnKM1h*-1c={Ft7XoC_}#Qx<{F60sJ6KS;xejjo`ATF>KJv$=D~jbsgB72
z;_;!b$qwT2p{~gf;_;!L2?g=^P|p+v@z_}3lm_wGSl?6vT`zezw1KGwGNm37H3spw
zt{R$_ApX`>L({>Mvvni0=U%F<8<|6nJY4RL%n1;edn0om#QVFA%{36$-NxoFh~L&~
zVxE8k=xwbgM&EaqV4F2H89;2arY46ar%N-l)X8kG*vzbi&tE89GqVA7mBKYM+d&*>
zjM)p~IAhEa5U=B!n_ofPqck_aTXN~enqd!8^B!wPJMxsFIAhHOP<4tk)=UR+dM(U6
z5U1C|d=BDrZ)v^)aocQZ)`PfhwlZ5m+%{X8Js{SzwK)W0JzJa8mYkk(X4YS+dd8Ur
zj_gPoXO@CkmpHQu#BsJU8$ldr8?)1ri!<Idc$gYzylL*pwy}5<53=unnyw)JVpdzz
z2gF~@YHJ3A*e>nNJ0RAjof!vWyR<hSg4izY%`6bNhYn@|h}%O4vkb)Tp`%#^;`Y$d
zYyxq6=wx<)xIJ_-`$3%d&gN$j=e@HzZOP@mi#hN(HSb-_QAeK1^bD+vISraa&%nBv
zOCZi)S91%*`Ri)_0&#lX%nJ~w*UfmIa0)KH?q-1{HwJV!OC8zr>uy$pIL_{7BZ$v;
z^f22&e7>WH*$3it3_Z;e5T9e{X-<Lo3~DcP5yWRudzqUcKKqei?t}R3M}m0{qBUi@
z-X_gcYZuSxG~uGR$qYI~vOXpk=q$<lm;ex+S4-E|6a?M&2^W1$aS)v`N|$J&KqU)@
zi$qfu#Aiw0Fm*wEmh=tN48&(i`<XZppC#>QI)nJESAUZL;<H};%|H;JB^_Xff%q)x
z05b-}XF>;>i6A}`I?&7j@tM#;W<H3|gbp%GKzt^2u=yIqXF>;?4In-f`li_i;xnOd
zn!O-C6FS5k2JxBDA?8;Qp9y`-TmbQz(6`JD5TEyb+uQ^3dEd9qGZ3E>9%{@pS4MnJ
zc&Nz)s#M@^=rEHL)Ud!KqCiWo4h}b?pL4j8VqEWx1%{i6FKjHfr+vpvcjW2WoxYu7
z=7ENEr*Eg2&q2JqHNt!a;<@PvvmV5A(<HMM#B<Xmvj^0(Ej`sUhd_hc(o;Qi62x=U
zQRX~|=cc2~br8=@-!*qZJU4yUJO%MQa<tKZJ4^69a<s_^;?_9E<N$GN9Ag44IZKQ+
zH-)s82#d*HV63Sk9gU;Bk29Aoxt2Q4JagpX5onw-ihYjt@CY={WCC%|Fy7<@aVs8g
z{6RcYzGn)6c%*#K6a(=H`@Sg);t}?JQw7Ac$`4E(5YH+<FwHHwJWMb*oy?Zs1alug
zdE}a4o`HDenqbmsr#0&`(PRR#E)z{I5a(f%@dt4pCYgdD?!7-W#X#J9e`umWJgQAL
zRX{wdO*RcIIX$PCXHI7IoMMb|x^Q|^Ohyo=H^t-xv7R3pKM?ErktqP;QzBDM1c+yx
zQ%zYAf7xrAsSM&TdrdQSEID1Ko1;!<b(wBX!zb^KOgF!Sc*L7-Zh?4KIm0{v@vL%&
zc>&^C<xJy~#^s1-l`~Bi5YH-Snb$x(tDI#5LHxDT*`^SPzjiv?M1pw6ImbkUc*Z%$
zR0FZiJ~s70Y_pF|42a8Uu4x0}GMa0;fOv$RXL^Hpgq>#wfp~<SZ-#?-gq?53f_Q}e
z#7qM52>Xed3E~;&0`m!oXPgVnQV`EL7n+qIo^dWTTP(S9SY(QOtj%mWEHY7!?C875
zQ~~kmyU5f9aa;M+GzD>6`P9ULxW0U5I)S*pd}b0rJR4nX27m%+HoDjh1F=0nH={vp
z&(F<dOHR)vrck<6J(rl`mM*8`^p=<?N3udh{sK$PPA{L!%>gf;%gs?QpUX{$^r>;K
zFg+|yrC&QKTwsOa-i)57X5tjqBvTqrVU3xU(bY44QoqhD0P$1Ob!HieOLM(h1>(|N
zZ#IGWY3ByB1H?}|H<<k(e%iUw{0!o!og2+*(0Y2>xyk$vIzmr7H<?=?e%iU&JOJ_2
z&dufph@W<DF+Q1`*8H?{i^&4wr=8!L*FgNV^IH=L;%5`znL;3bHu0T_bY$zxRuc^w
zKZo6Fs)G1A>{e3`#Lx7%nPwn<roYX!0qvyJ{||fT0VYM2xBGvcs&1x-3?>xU?j>jo
zh#-gqgH(fo5g1TFC22JSVhe~E)_|_nVw%N_iN#R8n8uvLx@z^Jt7BZVuDDi<uFjeR
zMqKZEPQ6^)<zuh=-EY5pzvo$=hxhls|4OGqpFUMRGhKF?n4ZJd%g%y0nJxU@IohO)
z<)gu4`u^T|xRc(8i>2$(Nqtv4Jv+zg)gfNrN1f25`19~5oE2U5wD<~n!U^JJu8=33
z{@u)xFk5)q8DdgA=hIGooXnh0JC9Y(`K<HDsyUx^Ua6Y%S!Yi7AJ+MTv%sWyoi8{?
z#mTJm1?SqTIbU{eshaa;=iaJ0Uv?hZ?1y#!$$9EW=|z*4;_qgD*5OaiTUFCubKd8)
z&K5p}a=LA<*AgF>HO|jWir-V$IDJi8D(&Tn)EXySHSKk05U1(2yzU%OHSN#N!9Ple
za?atH^UuyhRny*Z9{o{zrfSYNoOi3HMb5`RN?%pY899e-@xzg*I7j{{ooLch(Oa)L
zZCm~@=bO$aKT7LOisyXOIee=hj>}r-1e4<9ver4pq^0=Qq9amkoztr3e9Jk%YR<Qu
z6`b>8IkN9tPKoJq>-fHJJ1tdn{>8bC)23TJQ-5(<O^VOTJI;$$bH3xe&N<)2*57fW
zsyW|v-mjYTUFUPoxhLj)*ZHz)TAL$1^!_cC?X6<pHfN+s@&5hQ8Ov#RT1TY*>ReJa
z?L8-`TJAmP^{Q#_JMUI4_r5c1Yjdpe^EUW>3uhG5wIlHR7S33v`VnVYA3Bqm_8DQx
zht4!6{p$b7$usF!|3}VYaWb#XkDVhqE#JF~^|5mT)BN6F)_m+NWzxTo_ldKNN&i0H
zCyxGZaXmV$-2tD#IhQeQvjaYXbFOC6pCW$d+{82&pCW$d+#M&g_0OFLf0Q0GDL$T`
zJBe+~7R;RMoGvCU#ow|zBDKyrxN6!L&Y_&9&%+na)m78JbZ)I$?n`G-&mY$Ll~Zq0
zyuGiS<Ey59?VQSKdV60x&&SiudHBY8jY*$}Z=AQ7^m+K!d7nw2hi{#AO!_>mcfMoN
z=V85*-1djIeCKrfQQFER-Lf<Keuwu)3*X|2KdB;5jn}?yl=hd_{Mg&_V7tGsJU$d3
zV&U6TMG}&o^!HP*O6sY4o`jhvxruo!=`vL>`_SP3ZoRKT@9F7gPbVMnga2_$x^%JR
zXZ^c$QF0KD(tp%W2m7e-U9);>wST&xE3rP(NBiO1>pA<({K4zL1Gb?a`yX#zPyKi0
z-$!8MBcQL|4cCUgdN=s$Io~(0tiI+oUS0pU|MwAykHE$~f7=3mEyeEw)&3mQo5l72
zoR6==jo0u-7Qd7y(?;s|izjx_?-y536G_UQ&~~z!=^^i(qI=HUQ+m!Dpq99!we}vM
z>s{O*+N`~8*5lwis`c99HC%`GE75(d%^o#=-}(C^uwmb;-vOta7RK*)H)FdA`9(k7
z!s#2mC+c@YN8)*+-G69Ryte=Uue!KbiTjgYGj#j^|8H~L!k_kT{y%At{-+%Ie?>bt
zbvEPc^Ix&W|NC|ReNXb^QS=Q7-SbrUD%HK~x%-&D!t}jyOEw-Am+Ev6w#9J0o;G+#
zUNrCT+M_2#{m1%$zeoRG!@rNff7KC)?~h{ruUcoko-O9-*Tr*v_4WVH`gILvS&S2G
zv#i7Q=x^A>YYl6*|C4L3ZprSm|1)i?UPC<M(ml+E@ku;t(&Ht^jF%E-yp-f<Cmv<}
z<9Xr{R6OUVMorb@tEa~6yWmgv)oqB|^SwFpy)aJOFcLegzxMyN=Qmzk4|7K1cIxq=
zWA@jgp1+emU%GC|s3z_AfNtu^hAodDqSvtNFg;Iv1a!|_T~Ell8;$PbrQ#<Zn_6}f
z*0bS>$3LDYp1N^A|F1ZDKV_Xiyyx072FJ&eAD)VAsKo1u&wjN&XP#;Nl&!=|bvI|H
zdJS>qr>x<p&lA6bMqwOo^L{};<5Duv+%N0vzuN!!x{do2tx8_b>7!A-w(8y{Ucat5
zob#u&aO3s=luGrQf6DwD&-0H*De<e|n~kpg_`W87ns-3e-4^G^HNW9Wpq?iw|M5Kk
zFP`=Na8*}d&p$rb)kk$x{;%epBEHkq-jbi9`nXwm{;6;k#mjD}==!F%_0QII4`#{T
z(|^zz3$?#(d#(EZS4kfIrzIKO$>KhGkoIxEt+%D**QO`zj=o*tcartgxDD}h%YU{#
z|ML0G)8>EqR&ZoC9EbnYwiM>P!W?bgt1EeBp6+x0zG9hooOtR_Tk~E+etH}JXUw^)
zIZ7KJ&+6W_dSr5xIScW7^iTKw&2_Hlx8+z|?T!@xiL?11A4z>ql^lu@mn{$DY1L0V
zgB$PZzbpT*jzE0({m*XwCOqr=pMS3PSWB5t`fPsEw{b<^FKoE$(Ni5Wf5Ob4l%JdT
zl#Q4AXOHKm=6~%#eVqH7HfV3lIe5)FZ0)A%8@K1bsxtmC-JY{XXs!0k&AaEO^vHTW
ze>|FvHLmPpp76wa?nFJ$TR6g&RQpXGnT_k!OU1s%e8N~=-*~CFXV*$^*-z@N$@srN
zzJW9^XIZoH{}BA2hyRD-e~a9zuE+md@&7jbza9VY!2dh(KP9(MvZO0CDLtUIl7-?g
z!$UWhI^%Oj8;tI2behq;(Sp%tXcE8Krgep>)T!GiZG*qbs@Jmu`g3W4CgnEhj`)j=
zS{Ix7@t4l9#jL&mqA}9JR65{q#Y{xy&-)(={pHMM_*-5FEqYZpGgEuYIg{35zti&)
z)@GQq*2=5z3SICQg53eQUzP_B+sw+@5BBSCwaVB5gRTBpsutg7uebiJoH)dV|Mk$l
zpoa{ZU=^@+U0>fg1%LZzi&=9l{2m&90$Xo)5h{IW{nDz)#C^`P>dks8GSoc_-yyD-
z%Gz%ocm@23eO6)q5yN!-{rO4!ZJs;F++sD`^X=QAGi-e075>)iBlrtG6Ayn9l}7tH
zYdqHQmNmt!XQtVsIcAThm_3?e_F{pVy1-Nxn9BKfP5-4zAEjn>v{~vzv(%~5V}8Oq
zRhkCfiK&BzPn5Idi9xNZWRD&2rn(UG*P?~{G<~5igSXJ~r|{F_mzgzRCM)p0HJ6$7
zUuCv<qgnHvX3bZbd9E^3yINxhG}^y2YkSx%^|0(P{BZk8<DWGC1+#`zp%di=v+RZP
z;Gizng=kyC>VP%>!Cr$k{|TzkTGk#t2fv$T=BYRH+-Gk$w7c^b)}Y&Y(4r!|KFe>J
zt-NpQ@0-f|rt-O|d~PbAn@R_^N3Y>YQ}1Ao#(GoNXLeFzy=m=wESnU^(pOXmOJ7mz
z&HP#WXS<x4*v!)Bs3$Zjz0ExR%{)CV-JYJ7zS4$R`sfY8)al83Gqv8*`?ZHzYP?x$
zimC5mmfFKCHPcL;W2P=JQ)il~GtJcg=4kXcN267C+i`NcR(y-bf$hq;RyW7DDhH{v
z+tpzW7qn|NS8uDmbMH&r9c|W`hh77(TX>>r)v0Fvr<zthi}@eKRNeAv*4YamX;&~y
zy=vAo&3a_;v#309*xBu}sJw2rvbNn>W*%H4Sm$DR{8T=4>zd=Ok7s6T+Ayd722y>L
zPBioEYkja&7kn#dWvB5qU)$eKxuBip+&AQanymfEVY6y3#GG&8wYkHNN7kHg>HS)4
zz9Xbnjy~+TnibZ70s1={Z^BQquCQ(#f}hv5^fh*sInG&Y%;B%sWUVLXy;IY}nYq)4
zSmz*IKRq1%cdttLmQby8=io0wIyV(8`1_zeoQL<vH?=rtELvZaajw~4rCO|u_peFy
zaE@BkIrXabrP>1e>6D(R=)W)A!#Q)<&*5j)ZI5r<Qv(OUZ#7^jRR685vNfUq&{Ul>
z9KB5s=feZ{OEoxyhHozSSs(V9o4U_B3_poo$9j*M^D%XY;YVQpaada`_WhVt#oit3
z>0tiW?=<K3NhhbKIr`_tr#brP#HTqYEzqj}mh!Xas6J~==zVo6YdtpPMpP#BzAbfQ
zd^B*CzMjh3Tl9GodeyKGpf?%af9N`Vub)06zcbg^!{!>e)0~|<&Dk$tyI<BUc8<i)
zWF7BxJM6*QC(Zo24_sIKiSeJ{TY<l<`NYzH7xWXW1HL8TYt;L<x75s?hC$ysB#G~5
z+6_NbZK)mRYX1@{FPLRtuyikUKDL7Q1!w2pv)iw5{x<l~_C;~}9pC<ZrMFv@hjS;l
zFFE?BdQ*5uxU_u>=GWheRCB;8%&C{vir<TX-r9bRS@T<FkKQ+Xw8rew8nZ{Ao2j2$
zy5IZUZ2fa9F?Cso^_c(a4vtFCyHl-4|1&+=0UmvkdDn1^o^M~Y+fsF#)4%bL9d2_T
zZ+f}Iea_?^CnegjPW?SFS{FN4%s_vIeNRf8wbR0PI%MrJhkpP)@qo`d=ssEZSNjkB
zszXoApTsu~oHJ>7$2_)`sp+ZoYo~1XuBXzkzQyWWymt1*JkvTBRgd|ZnxbkNl&R7E
zvwmlJv;G$yb7nndbqIbgzO0@bxuRpMbN;j|JHB9DHvhVgB{gGS7i)!8JL~3-=&$;W
z5xf)OJt%8U+v!16-mHHP`ozpvJDz3wf!=1Xdz=03k2SxAZ*I|A4{cUgnIp4@nWtXq
z^^aHjJqzD(g7dhCSxWbu7k64=y*=&nPK!<37OM*;-`uGU`*mNZDe*q4n|JzCr%!M_
zN1eWQcH8xc)bY*>GscLOFh|nfwYSwdg};y6uCwkFI(MFF+Hkz{)|3IAGngkSB{gy0
zqn+<FM`ndJaMIRY7Mp9PY_?cu>EFb86@HH{ud44yG(s0mncAhIru3fCr7od+<5$(6
z`W}M%WvPWw{W{ex|819gd8X-SU9~2x3f4cm>(|)dv0e4l#;&ibF9$E|^0nF1Ii^)}
z%n@jnzwG;P*9EA2+BKIbO<oVLd!&?|+V!&z3zXiXKF;mCrO*>@+wEwx>}J*%eKG2=
z#_o7qDwp`K@Az&{nrqckgYmcH^${p^>x9wp2i=rBA`7=x(khF#?j*a}(!G<6wYP!Z
zn%K2_jXarXfc`Pj2z?<j8Tv}%K<JvpENGON4Sg#y4=U~SoK8DEXH7djXKz#4!BqO2
z%FgZdvP0ULWzE#L;`wXzvK?ylvR!KQvYXZDIk&2rg_i74vjDoFrU*@^ehnR;x&!)f
z>Luu7sc)fArncIwll(C?2>L>5JoJ^+Jm{L#sn9633i?*+x6pS}FGJr?eGL6LmD;?M
ze4hF_^sCeu==#(gsMMYYb!xAI*3>=#?NGZ0+NJhO=w`Luw&)~V)eeC6tZjs*Ymb5U
zuDukxL+$<0{<VLG?p(VLI;6JSmN>Sx{h;-=dqCaVS<pRd4~LGeJq<d(_EPAi+8dx#
zY9E9iSZi<9NoLlLhkCV(p>t|4h2B_OhTdAc26|`hJJ5S;zkvR(wq1`-64q`7eYmzC
z^s!pEM~ysHyLjswnbTe$;X~W&BfOx!KEi>iTxBZPp@KGaT8O14bvh4vYNxxf?3ta`
zz~9-a0=>7B;0pO&rwlagG<s{?TFDZ5pbj6F;Ah77-a)gwOfuX?78&-E;|%*rXt;~K
zZa6|dH5?<~8;+CiS-t#Z+1GFe*(7tb4Q4x!)ZqpP+k3jM+3=OR5_ps}c5gBH&AKvk
ztH~eKRhZjMUSEgXBQwAL)iJ%C{`HR~(s6j2IYVYmz2|V3IY%~_dcWZwbDqRoJl3=O
zaG$wIHk<m`;Q@1rY%%re!$amW*=p)f*G0?~vdz?+hT~>BZa<j<m&kX+)65w%YwDMd
zaG7&tgQ+(S_n7k}zUjoQ$7e2*&8Gf9UBFx-TTK0tx{$d{J`B#sacwoz2iHfeSI9O~
z&(-5rJU;&564|dl&72{#rhagJj=90)LcPbFCkv*2T)od+B%4jWxjtYnku9bk)Q8Mv
zvendYt*<b*ncQ(Wy2to<lPPeC^c<dM&X8GCUtRAq=g0<Af2H1I&XWaG-+g$Ix!L4*
z>jUNz*<$Js)P>AtvendaoiJC(HdBA44j&lC?Iu&;5_z*O&72{#roO)3WzLZerk)s?
zXD*oBWu(tsB%4ir+mQitiEJ@-9B1Y-*=p*!`iQwgwwZdDk@%n|Za0|%m&lGI)65w%
zYwGLka?A}T=j!v!1(SCjS!8ZD`K6I1<`$EWt1mORnta6W73MaRyN|Nk@j3;U$b+LY
z%vqDMedY#}v3=%($=E(~v&q;#bBoE--7@pTpn2VxI@-Z{o5|n07T#J-e+4d)?xQly
zS(6_em1Ax&d3{};xnOdxzR28c@~$HT<`UUr>MxB9nagCWsTb-a<_g(n>c`bfisy?=
zflK6w-P6n&GHdGHN4d;7vcc3J9OW_R$%3h0k@K00WV5Lk>I3Ey*<$M7x*>C!Y&G@i
zZp2(6+f4n4-KCc8CsUw4zG>zRnKktXN4d;7vcc4^$a&0pvS8|kdY`#SHk<nB(E)Rb
zY%%q<qeJF0*=p)|y)akEHdEhqB;Iu6*9(~fmq?e9Y32->HTBV>UFICwVCri}d(3&V
zVCuPgpSegjn>wx^<`UUr>ZgnenagCWsdpI}F;~boQy)DVkK5w*lPPeCtR0<Z&X8GC
z&(*ukIkLgjcOB_5=gESpqrYM<lFg<*-3^#aWQ(aEv3tl|CR<It=N=X2Hk0q(LprkE
zWC~m&AJnCpGi27(r|ju6=g0<ApTDQaoF@yWe#V|YbCGN|^#OYY%q6nL)L+>vWG<7f
zrvA=e5p#uXGxc-!wlKWa{Yje4kS>`cJu*-FWRWb9Az3CPvO-E{9xpOYX2=}rk$KW5
zi)28S$dD|P5m_On3%5&V$X?)5IXUYx=g2YOGFg$;TrRI<J=XIiz6KT3yX>gBTxRT8
zWPPcruiH^`x%{kO%*Fi!PA`$G%zSqZ&|EI>4hUH<ldH}2EqBsfE`xT8Sg(+HP#(Wt
zNE=)xt9Q~|F53@Gvz{ScGDnU9m&x*h9&?^-GWA;rYA%;A2KuZQ$)#rcE<0;3mwk5*
zSTB*Q%=FWC*3{EO*30B-GySTaHJ8f+J4dWn$hBtr`#Wpu>C%n+N!s8tNe<FnF6lvO
z)-z-;Gkww^O+DRZJx7i))8`M;)W_XpJx?~7>8B3T)YE;|i{w%>{fa@F%jM2NCDvD&
zdNfE=*F)CJWJFfTwcs-Oa*(FJesHrCpHI>Tm&we*n)*1VS<jHY%=G1hHT7|FS<jJU
z%=AYFYwF|Rv7RTJ%=E7YYnuIJy+|%K(;Iiu)cX^#ULseS=_l<HGMCBKrao;*#9SfQ
zn)=Q|@u7(5{steH7~0@6so6EnoFRLex(sufbL1FPe_@#Ba#=UbV?9qcnd#ZxH1%=y
zSuc`H&GfT((=^vF>m_oPnf~Z*n)<kgte45vX8QWwH1%<fSg(+4&Gf-_n)<j}n{z+G
zWwNZ!2KDhwvz{ScGDmu3p7hBg8IUD1B+Fz(R!G@`$DPcOE}0`eGEe$skqpQZxrz+Q
zGP#<J$O^fZlr7mF(k9bnhU`VUWR4s|dSsq#B7L$*E+qr9M6M#s<Z3b^E96>Iwqm<U
zn@p1#vKQ%+IdTl?k$JL-^vNQ*lnlrcxrz+QGP#<J$O^fZ#7C>~>yNa_G?^iLky%hb
z*KwJ1<QTHSOn;=#W6qOJWWh{-rOszAlFg?6bX|$L#pEGlL*~_FtEulfHey~&wwd|?
zW9_Zu{YimK<ly==b1yP$>a)kX%wxy~Q|~z3V{Re~rrvY7&)jVC31b81Rb-2)<9?jE
zOtzZ(D|Hcbg={nRr|V=J9)B_gE|IgwrkOKj*3>T>>oVua22&qgpJy(ZeEnFTxkxsf
z`aNR<<`UUr>X(iPnagCWsXsP0Vy=*FrvB1M>B)AJDG>K}4Qb{KnKkvM;VyHIY%ulB
z_VJkWWWm($+Q(-ulFg=$=S|Edvc=Rts0*3PWUHy;xHDJCHdCK9&f1pO323ep<_wuN
z^+n@c<{a5z>PyCX%z3h4>KBdknTuqzsb4!TU@nm@roQLckhx5@n))r{BIXL&X6pBh
zlb`XplPPeCJUlMVoFTKO{@gg1IY%~_dNeN2Trm0LaXxdAY&La!e85~HTTH#%_>j3w
zwwii+e8gNK+f04%c-fBaCR5-N89hGDoFTKO-f_6goFf}dz2|U`IZqZ$egE-A=4O+R
z93L>3$QDyyGCpK3ldYzH(fEkDLbjRu19g&SyU7%2?&p{@WY*L#AMY~f$OcotcD%=&
zCkv*2$9SK)NH&{#d3?ZJB3n#-&G?YHOtzZ(d*dVK3fX4r>&Hum?I%;<66ri4&72{#
zrrvvk%bX({OnuQfk2y~kOg%l`XD*V>rao(2iMhq(Xk3}O)#SPf73MaR_nu(=JZ@(S
zTq65V$S`M3zGz&IxxwUx6Y|UjlTVvaWNtS3iU}p=7Ly;C5Hgp^R#Sg=Ld0Al+f04!
z1nI@&My9|e^3{YibB4^Cdgn%$IY%~_dhbS$IZqZ$eWymBxkxsf`tFSZbBSy*^?e#c
z<}%r8>IXGO%oVcD)E75OZ?>OIflK6!#x!$=%$oX&MwdB9HkkU&jUIEJESUO}jXrac
zY&LcD7tAHH#njPXFqg?zQ-8NHVy=*FrjF<9eb|071)AsU%o#Fk>R&dx%sFxoP(L?q
zFw;{LJ=XJN!PI+9EHXEnyyL`xxkR>@`jZnw<}%r8>I)`C%oVcD)NA&YzHC340++~D
z`=*&QWY*N({aof8*<k9g?dLJ)$%3i>VzSR%B%4irizxwfiEJ_T-%bgc%VevmA3QZ;
zu8?h}p4eZuXZy(%xJ0hqKh2yWv!*`r0GByOHkkT*2YAeRvS8}X2l~uKvf0%8ObeJx
zWQ(akIxS=_ldYycZ+gUBA=^y7c82W0_LC`aiQF(F!<;pF@0l)hj%+aXzs&TQ^JKx)
z(cdu_$!1gUF)?5+ku9cv`mB(-OtzZ(WwRpY3MpB(mrRox(j{}GN9IYNERq3PB15uF
zMr4JQ9l3onO=d`!%#j|MCw;O=24smWlMz`Vr60FTrpXNHk~z{N^Q2D}$$%`8Az3CP
zvO-FKZl6q(8PX+lq(|mSpDdCASt3KSOh#mdlmXm6nI<!&OXf(A%#%JDk`XC8alK@k
z%#beWkv<uaAsLY}FkWAp%#j|MCw;O=24sm0$ub#{6;gI)yU8?}Azd;@dSssT$s!q$
zB{C$-WQCML+%B0WGo(xANRP~uK3OCKvP6btnT*H^DTBFvGEHVkm&}nKnJ0a+NCsqy
zERzvgA!QeCmrRox(j{}GN9IYNERq3PB15uFMr4JQA>2NhAzd;@dSssT$s!q$B{C$-
zWJFd-8OrUFX);5)WRCR6Jn54~G9XK2nT*H^DZ6sJWSY#7E}0`eGEe$skqpQZ8Iol(
zA}gc}<Mzo6>5@6pBlDzB7Ri7tks(<oBT{yYx0fbe(j)VvPZr65ERi8uCL^*!N*%XD
zx}-<?WI%>wnT*H^DZ_c3$TXQDb7Y<@k|nZCR!D0^yuJ*XBlBdDERkihLR$4)p3ISX
zvPhQ5GFc(5kzAh4g8DgLj=8~PJhx-clLb@9^E&1t*=*`J&I*`IWQ(caJu74`ldY!y
z@T`crLcRs+aeAAXo~xJLdEChqXzsU}Gi27(*VnnsIkLgj@f?piPZmra&+(XxWV5M1
zGb>;&ku9daW>&~tCR<H?eO<)dW-{76DsFcQTq3X3rJ1uPzdOri&XEnKe#$`}bDk`i
z`uaMbxkxsfdagcTE|D#!{z_fQTqavh{oPp+bA=R_$Cpf#F6om28Ilnxxp?_B>5)De
zkR>uC%VdR=(QF5qCNre|y-fYNP>%G-JXs_IvP6btnT*H^DPy=@GEHVkm&}nK>66W%
ze%%DjEhgjV-I!ZVex<I$+-5SK^X|dzk|}VBWDZU<XUMFne^BQ#=g0<AUti}j=gESp
z=jwgtBH3)}gX;t464_$v*N-hTx0?JwU4^;L<P*kPd&ccef%<yRFlSAEx-Q4uVDi9&
zJ?1=FF!iS4K68<5HuXzK1k5F}#ncBL95R>5h^&yZ7mp*ECNrc<=17mslRjA_1F}Sh
zWSNY}3MqSY`(&ETkS>`cJu*-FWRVQW5*d<ZG9oLajOF&pG?^h?GDmu3p7hBg*$l44
z>nva{ku9u;%w@8b^@zDbwy`b^yl%ji^3=g;<_xKSU{}{&<{a5z>Yp9#G3UvGsdx2a
z?oKWsSCUV7KIboz&0H?#?q19V<Vr8#d?m8Q%>TX@GMC9#)+6Q$*=FjE-DMx14>ASn
z<C$j8kXhDU<{a5z>RabM=7P!jywBWh@-_K@xy9th?jdt4bHrRB+gO)zY#*5dS4z$7
z40G1x#_le2j%;AvW6qNWQy(~6bCsMq+h@H<Hk;{J%nq1KWQ(acb}uuxGDpl6vW;~a
z&vuh3&>UCh44Gx!WzLZetml~v%thvA<`Q!YbD6o7IbyDmZLG@#wvSAKE9KVNY32->
zHT8VnWzLZervA-rk2y~kOnr2d&s-#%O}*F@Fqg;{Q@>(%$Xq5{O}(*u#9SfUSeHh&
zpG<+~_%dgiUFHU6kGWuS&1|2!*<_q|<`$E2oievFN6c-^GBIukeyKLzK6BRO-!y5i
zlD{>%tT&i?V|S0aU~=so%~jGk$7j9S)X}dow=jpyttQvb(Of0-=R~ZxnL1wAlh`iM
z92aK&*Qa%MnH!ir<^r?N+{_#>x0rn598JAnA?vNCUOOjZZZjF}*q7}9O*@#g%r0{S
zv&URu_L-ZR1LhXykhzsPVs2x`uW*}jSPC@TXU;Oa%ni&QbAj1sZe|XcTbM)UR_2Jg
zjTyi65pN$f+h@))yUY#D9&?^7m^!WxaFyIK$7j7rHk;|VPMAw%3+o|snT*H^DO2M1
zS!4<{{Qz@@%$oW)vt8yK*<k7q&+(Y^WWm%MyZg*VvYGXOxkR?G9x|87R@Nit3facG
zOy%(f&GBW<GP}$TCKsDL=7P!gT%WnwWE@B47Uqz-)#PGR#N5W|vOl*En(Z@ZnO)`v
zlZ#E7tEBf_kM%rRFw=3on2TgH>j86#Y+*fQE|aaSN6Zzn&D00ajd{deIe_P#Oo1!q
zwz+BM44F0ckLJ3}IkLgjcRob($N`Pr^Q;$49s9vtB%4_em`h{}>mhTQY-K%Su8?i4
zTL<#EgXXw1XUHt;E_04-U_H-VFuB;|GZ)EbQ^)ndTq0Xo51GqkE9((+g={nR+BurK
zzm#b_?qmuy?Pt!AS=L?V29s;&XzKNNtmnysnU3SmTqK)W513123+o|snQUb}Vy=*F
zrheiaO|u`<xgTT-H2cAvA+x6b%R^k|9NA#%xPHJ@vgQzv^*mWH)3HCyMY5UofVo7r
zupTm($yU}Q<_g)yy3F8p1e*3UXHBl1qpA1TWxc`F@&3(RVD_1dWHajlbBSzWJ!CGE
zt*l4P6|#+WnaSf#ra;qP<_wu--DS>^4Xk_2d9uK|&s-#%Sr3>?WDDydbD3;qJz{QS
zmRUT$plL62mf2-)VD^~v<Qz~xUn_9B&w7z;W<6joku9u;%w@8bb<G>(i$fyTD`Xp|
z%RxNeWC}FxXU;O`m>W#4nddR*$%3gbnCCMW$!1f(b6&t)B3n%Tn|UE~nQS$6jE9*k
zWE<;pFxyL}K+|6444Gx!WzLZerjGsv)Yp5S^@6E4b}uqFGnbfKn9Izq%oXM~lhOZy
zrr+?`PBI0q6nk!(IYVYm9phBy9NECS$DAh%tozJGvf0#6oTI6?AFy5`Tg-Hf^O?(J
zE9((+g=}M8^4t$H1+J9rp)r4TXqxp5nKjctJk({*kqxHarQk8=$%3ixe2AugfAv`}
zlFep1-k+FDWDDydbD3;qJz}nqZLG^|?hly)&Go~aA+xNz%sH}wb&oku7FhS0i)1tF
z0dt9LG4<Lxn)-Z&te44FGaau3<~C+&irb$8O}m*hWR`W8IY)YAp7hBg8IUD1B+Fz(
zR!Et{<4C5-4C#_N(j)VvPZr65ERi8uCL^*!%3N-rOp_VXC3B=l=1HF{k^xyFL$XY^
zf=gs*A!4qOZKl3g!8(NJ1zaLi3mN7dnJ0^6iEIJ&ddtkMCht|KFt?dJwP4MQ*PkXc
zq)X;VkIa)kStLtjnXHi3q4D}NWRA>}K3OCKvP6btnT*H^DFvP{GEHVkm&}nKnJ0a+
zNCsqy49PMXkrh%7<MzoknIT;=M|xzQ^vNO_kR>uC%Vb1WNW8g=`TZF(O=d`!%#j|M
zCw;O=24sm0$ub#{6;c*(`(&ETkS>`cJu*-FWRVQW5*d<ZG9oLaEadh{2h`)8G;@Y@
z$sFmCdD16~WI&e4kSvoCSs~?cwu4NQ8PX+lq(|mSpDdCASt3KSOh#mdlttV=nI<!&
zOXf(A%#%J@Bm=TUhGdzH$O<V(aQkGM%#bdbBRw)t`ecy|$PyWnWilcwq%7w4$uyZE
zT{1^{WS;cNA{me+G9=4nL{>;SlG`WKWQKIf9O;oh8IUD1B+Fz(R!HlpczYSrC3B=l
z=1HF{k^xyFL$XXpWQCNYxqoDubjdwH{krp*=P>)s0U44JDaXX?O_MI^kv<uaAsLbK
z3ocK(q(}N>K!#*Q%CTIYbV-l&$$$*Wh?L{FJn51i>5~B&k`d`1A208bJ{gc98If`V
zw@3P9K$ggmERzvgAu%`*^S(i*$qea|InpEZq)!H<oXB>OF6ogz8IUD1B+Fz(R!BLC
z>m^;%BYiR;Loy=WU&hOOq)!H9NJgZb%<Yjb>5)DekRch7;&XY@B|Xw70}_8e&YXud
z>5?AllK~l$5h<r|dD104(kBBlBqI{P>>h8QbV-l&$$$*Wh?G;gJn51i>5~B&k`XDV
zad|Q#<#g6bm-NYi49SR;Gq@b-k{%h5AsLZ!CYK{!(j$E`AVV@DrJ2i<F6o~g*8?&n
zBT~-ca->Uoq)!H9NJgZb%jHRz^hlo!$cU8lxE$${9_f<-8Ilo+Kd5W2oA82|5s6=B
zj;|-uB|Xw712QBdQZD53q)U3FPX=U2Mx<QC<w=+H$bbw<d_{QNUeY6dG9W`TBIOb;
zN4lg(`eaB(q+H77NSE|TpA1O(HRmT?(j$E`AVV@DaWfz9AL)`F8C(`m56Os>%efrs
zk{;=k0U44JDOYfL(j`68Cj&AhBT}y9@}x_8q)!H9xS<}z%LQaeMjPs-czQ@ir2K~4
zBVE!XeKH_JG9vM?#T;k%s+b<>lK~lC6Hkvwxt7}{UD6|cG9W`TBIP<RPr9T>24qM|
z3+E?Y(jx;hBqLI;kC$^vkMzla49SR0-@xTakMzla3`zIKcz%!c$$$*Wh?JYSKcq`~
zq)!H9NJgaG%;h)mR<@V)NS_SIkc>#Vjq4#@(j$E`AVV@D<#sMlx}-<?WI%>wM9Ljp
zo{a8_v)s)(>5?AllK~l$5h?d@dD104(kBBlBqLJp<?^IUdZbSVWJpG&+{fifmyAgH
zEvJ(%>5)DekRch7azB?RT{0viQhvwzNSE|Td4SVNm-I-V49Jj-NO_RUlP>9zJ{gc9
z8Ikf3mnU7)BYiR;Loy=WFkapxLoy<z%=MEl>5)DekRch7@_Q~%x}-<?WI%>wM9OL|
zPr9VHAwSIalRg=cAsLbQ!?yAJBI%MI>65{R>3`t*NuLZzd6erTUD6{%GTJcxF|LpF
z$$$*Wh{T`ZjoVB5WI%>wM9SlwpY+Lqbf4h%NuLbJkc>$DvHE!Xq)U3FPX=U2Mx;E&
z<w=+HNS_Qyd7AT+F6ogz8IU0vk@5_eCtcDbeKH_JG9u-VT%L4EkMzlaOg|gX?~)$r
zlMyM;#q$Nv#|+7c#1|99$C-3VkMzla49SR;7r8v?k{;=k0U44JDKD{IWJJo#TrcU8
z9_f<-DX(yT(j`68Cj&AhBhq~}Ufv^pG9W`TBIQrq9_f-E8IlnxuW^3TB|Xw712QBd
zQr2*J(j`68Cj&AhBT`=H@}x_8q)!H<{F(EUF6ogz8IU0vk?tGu@*e4v0U44J=|-HN
z^vQq>$%vE++ef;jM}}lX%A1^@^vQq>$%vG-oS$?_kMzla49SR;x41m%k{%h75h-tT
ze$pj9G9)8X{=)f5m-I-V49Jj-NO_0LlP>9zJ{gc98IkfXmnU7)BYiR;Loy=q2m0fF
zhjdAg^vQq>$%vG{a(U7vJ<=xwG9)8X-sAFQK!#*Q%KMy;bV-l&$$$*Wh?EbwJn51i
z>2H|+VLYEpdZbSVWJpG&e8lyWE*X#^8Ikfa=O<m#BYiR;Lo)pd+edn&PX=U2Mx=Zi
zFXxdy8IU0vk@6YaN4lg(`eZ<cWJJp6T%L4EkMzla49SR;bzGiwNssi&h?FllKk1Sl
z>5~B&k`XCi#>@L(#SF-hj7a&K+aX=jBYiR;Loy=e8!k_}q(}N>Kt`l|%jHOy^hlq?
z7YD_!XVN7-(kBBlA|=7)NSE|TpA5)wL%m(RTtJ3oL`n_UOYST)WwBf$x8Vlt_wonX
z+L~b<V_j@rXT5BFXbn?`s{7P)s!b*BTD#6Zz&_euX1`}|=hQpXoMz{4=OyP0r(@#h
ziTx8x6Xzu^Osq=Wop?I&Rzi}g<cQ?L<dw;1lOHF$wySH`*v@PBLA%<TJ~eeU`_&X`
zPO53Hxx40}nh~i3Q)i{_O}(4?Cbdm%-`YKE=hQB#y{Y!m+E;47tL@Z&O#6lHPi=p8
z`|I1^)Bc6_QG2^Xy2HU83LPHnu%<($!{0i%9rx;Za7Vx69UUL<_(n(7Db;DSPPtA;
zc3Rcxu}**K^m(VPIuGeQy7RQob36Z{^QoOL>Ab4*9i5-*{ATCRJ4=_YT{2yUbve4r
zDP7L$5_WmA%b&V@)1^<>{kxvp^@6UKc742SqFeWFeY*AQHmKXMZd1D*)a}S_#cpSG
zJG<NRZY#RkVu>TQl8_FPlupu4x=Kgc46cuKmaKG<ey9wPZnCp<mqD0PC!5P?*+TY`
zEoHoHC6lFxOp&c+nrwp~d+RB4WLr5@wv!_yE%=>8Jd*#poGZQL*V0=8to0h{D>upZ
za=Yvx_hJhVNPlU?7G9K{<P{kxf5Mj5U`rL*Mc$GjxI~A_cQQ=Am)#_5)k!~Vxb(M1
z$QWy+>}`#bgRRk$x5mgaYY+L2wU=CDjg=d$2D!u9M;@@o$<x+&`J>f{Z|gZgUb7CA
zx2zfXR-2jfxiw4HSqI4%*1__vHCMj33X)LsrJGtHo2f;zwK__As-vZsI!1b{Ur1kd
ztn8qUlYZ(1*-4!wyQ*Kx7<CH1F=nakr%sgv)oC(Aoi6j#nR2N5l^ms($?@teS)$IC
zlhir#OLeZCqRx}k)CF?7S}y0Q3uUFcNG?|w%N6Pp3Dl)>y;>nRt6$6QYNgzxE|b;j
za(Pr;A&;vo<rx*ov#KPos^7>OwMsr!SIIZ(YWZGWBaVHo)Y#X_=5~v0ZC@|j*f&Z~
z`zG1ezFGR(x8hr2Zj&AD+ohj<hxE7almYgWvXlLk46<L4p|;5RsdM^@Je$<|$WX1R
z9kuqFr1hK{tq&)(9z9d*fkr1!y#W3~qvLj234evrjn}YorFx5F`sj5&c!<`fk@{~A
zE$*lNZ|7^BH(2WlBd&w?8>anPbG25t<fz$tYWH@!e&N&`q3i6spz&5V-g;=(e4knK
z&C?&moF~tC6dJETZb@A4(DX;t<9(0o@jP)0<F>`^sTuMj=Dd90*MH*tw`6r|f67wT
z$6@1b#d{jh6R&eqt*V|g-lO=;R`1u%)8G8x?caFnpuW1zH&1`>AIx*}^v^MM-e7$+
z&YG+B!l_!fb+pFoe8HT-JIoosV^_V-&yB7zNAJv`dd?jdeD}ZSuWq3?QqTYPV134q
zo1y2tYd`Hz+E4otX1m)qs_jLF?yt|q?dCXdyf5*3s;{?r*?2win&V}wkLSkgiLZos
zZPjNpUUuU%^3Sf}AJ4yW3#;3(&eq3aQ!Uwe&W*Pf@7K-K+haYOn!4et==KlhSu<Im
zi+Bw`<?J_^^LVDYe$F%3PY-kb#O<l>J>s4!evSWTw7xcW8>RJL)0@R-=c(QG6;j<}
zY%!w;S{tvYdJUWH*9-OG)3uK2GXT0~mexjd6~$XwX|@utd7SBU;x)uue`<Gq9mZ>p
z_cxwunI1J>>aR0&3y<of=M0By|JC+dKixs=eN9^5Sg7^2owN==T<aF54JQoKJ>=P@
zhkSp6uAj1x*1+`7lT+GP@9C1syP*Alo22!V!$(4w+ghtzc#T>1Wz&XfW(_BpqxYt%
zyQWp2n#v`{_ciYb@m|DRkM}Na;n$OO8@8D|23zTFG~UNc&7KZ2XXkXYkFS`0e8KGF
zE@mI!R(jbZjP7jf<8zYP-y8bq`Y^NC=gik<^Xt+2I7~P1P^p>PcQh^B(`fbasW<Od
z)yL$9DdW(#yXQ@X_T6b3w7UI&Ht&G(-tE?;*L;xC!%XkA)ad<22Tjpe^)Y>Q+rr`6
z$NP9gAMIxk(Df6HrblSsI7aJt<~R&A{@TNIrD?p@Bh3{aAJ4w#m`thH_4CcUReUY|
zYub4*j=%{6w5CUBZ5*TZyWv^~8ozNnZ<ul@rpCwcUw<v><JsNxA^-i?(glt_4tE%R
z!RS^AUHQWJ>V5z3f2CKqB))PksMFWXi$-hAl@_<Kx|eHo^;I2TQPooinekN*(*wls
zx$!*JTdAJEy4Q_+!s`BZzIp%Mc-eTI`5%q?7U8IFct<-1e&bPJ_1ZR!`cA-{7fwAD
zy3Sq(tsdRQt=)J8xT*Ta`}=_D@t!k%?{&TPvE6pJ3$T@Krs?<A&gQjwnCX}HJXH5f
zxAxcCrLXQ=-2Qt0c%FFvcxt@$_&CJprTWMpvC;A0c<g=nv`ex6e&c@wtsb3LuWet`
zyKZXg&C{>LvQNys1v+ThUC_dg_d_r4quW1ni2mD{9p>rw58Yks<EEGU!n}+9&iF2U
z^;Hz_W5x8(Uz^@+_CC74kGaO;<5n`qt$J<M$ESMP>iMhJv+)s&&uR6QykSotMa#$Z
zc?!B_mezRLEoM9qzwxVJQ<c?bkDAPAGd}NUnm)N{ls-Py=en!89^#S7u4exGcYGb&
zieC}&6&1gldYji*ePS)9dZrI~A*I*We1N`|DkJnYzx%v*q47F5Uc*!7oj2K}=ZxoX
zHdo8n1zp+BoSlw+w2$vo;#SQ&>_b%g?({kIlI_2N#(l;7`MUndRNRV7k9zHA&C*we
zOiH5Snx*cj(S2_`R*y&N9KV?nd%Sn?R?Zx%*U&Ur>zQ-4o;Ou1zB?GYp$#3d=C}>(
z2I%(0Es3xHCuVlT)VTd|d*T*e+~<ci#4Y@fu3J6N$RS%{4e@v;ZrfkX2rc%p`c;+q
zyu@3Nr*2${d!*{A)yH<j9fa<?Mwop+X+PbP<7Q~x)KYJoIpcZmGV{kv#cSBM@n_fz
z-oI3}HeTB!<9lQ3?Q?d7_T5Pz&*~$2&<;DJa`(txq19)0<0Dyp<;QD|Urlkny5;fl
zsU8EzW8La8aD0^Fd!?>}^%Z#Y^m?=*zGJOkTlLXf+)p33nj!jF#rMt|_to*T@0%+>
z_VKl}cU7hOti@BS=ZxD{eGd}Pzi~_AWv?(}$m%u3ep92bYZCf3@}|*GliCmKr*%^!
z!=EzBipQMs_;cUB=2|knarGHLewOZ;tIv4#E2a8~RiEqlEXPN0Q|CI~-*{^Eea)uM
za(tir&z|e}IB)8V$6K$~>Ylc`Cw$5DoSW(i<9;&kZ(lM!Wc4~X_LX?7K4L1a$$0)n
zy>%}gKQG$Oj0fWP%D<meNsZ_yswt>4PgN~xk7uh2PgmQa-Vv(sY&8Yn8LIGnwLN@S
zsKPVWj_}=~3eQ<P!*32%c-Gn#eoLsr^VaV0J)jEDTQ`UA2~~LJx+VP2pbF1jd%$O)
z3eR4*f$s%Xc=oz2d|#--^VjX*cYrE9gU!J22vv9%+Y5dGRN;ASANYY#g=ezc!w-Tg
z*%M1xc>bG(-y6?|Eg1_{(tzbG*$1j*9G0{2e0U)I1T1GsBUH&mJk_;i5>&~)c(QBB
zeo%#{$iv{LK$T3zGiFQnhblQhM!+8kRd~WY5`H>V$qX3<KNG5CmgL|Mf+{?L#y4<_
z2UU_sOD&lVRnml(T6i|SH~d_*)RIG>3QwxX!55%P4ns>V{NBj~_yuUGB@3ZS4o6EZ
zSp-%1lwmUbkx+$CM5e+Y4OQ|BwA7Mgp-PTJOD#Dbs_+DS2K<RoB`2Y!mi!W`<Ycte
z5+ADM6tvWmrBH>Z<xTLXLzSF?mRfQqRN)80=fVF9s_;!u1^Ba|O3p@mEjb6O@RWTa
z{CQA?AE;gge*sj<a<tl#3!zFbMyoA+QgRghrE(1X3aG-<`D5W%LX}*Gwp(&JRLK?C
z152)iDm=YE3BCkX@*C`dg&$Kr8U89M!e0$lc)Gt7{#vM#7VM2B*F%-ufW5KgMySHm
z|7Q4`p-OJS-dJ)gRN)hWv*GW6D!CJTW651mC3j<QEV&1&@QJ~4`1_zrek&Kj-w##z
zfx1iJAAl-(2>WD72vt(XK3VuoXeIn=?2{!AL-jY2UkU#QsFFvqPnJ9e)!$9N3jT4Z
zk|(fFmOKen@-+6zl4qbwp2eP7_|cmd_~)@_mb?H}_ypr7_?MtcUdEnT_&nnl_*e0{
zl!ebVZi8Qg{j=nCsFFWp|15a}swBexS@_K39{4x0f0nF;DtrQRKm6NJC4a&GS@I54
zNgMXklD|R~KI|^TzYkUTKzcR&hfpOSVJ|KD7^>tG?4>22LX~`uy|iQ<RLK|EOA8-U
zJ^}xgJO%$XRLM8kR|}uLJOlq7_SllYK@~oQc^+P@=ix2uMR)~OVp}i6J5VJF>s9z9
zR7pGQHTW8+l9cs2d@WQ-d+QDO4p8)ORt0`bDEc>REqo8C!l!s|!*2ss($jheep{%L
zpIL42+d<LSS?|GTpy=zY58!)2mGrhgg6{)W(%1R~etW2r9jwpbvrr{FTI=BZL6r=!
zzJ%Wis$`(`HT=#{C4;PQ;Ri#N>|%WfKLn~|sP#Sku23bzEc}z*AWG^i8-6%c$p|X}
zUk_C>(rO34J5<RiD+TXDm5jF9!;gU~*~97xzb915URG!Ly`f6RT3z8Api1_!y2Foy
zDj9EW4nF~^q|w?Eej-%KB&!GfzECCmS=+!*hANq2Z3{mYihkAF4*ozW`c*3fKOKsG
z)#?R56N-M->H~ie6#c5TJ-i1+ziMUSXG77iTK(YXK+&&S1K<yVDw$^ugg+Fjq+kt#
zKMbm5zO@Vd0x0@bYbg98sFEWr97S0SRdS?N2Y(b)$<fvb_+y~xW37?!$3oG^TBG2P
zhoX<Qa_}cY(Z^b2;C~54A8YLi??aUot-aw-fht*QHNc+=MSp9JgFhXr<V<S<d^1$Z
zudIpi%b-fmvi5~P8>-|SYcl+~P$lPCQ{m5tD!ITq0Dd`C$%WQ5_=})QF2N_!mRt%|
zvcj4L|7)m{mDa)VmqC?WZsp;xfGWAtYJv}-=wq$9@T;KcW374cS3}XqS_SxPp-Qf^
z=EJu@m0WKvguel*<VI@|{7q2wvDRYvTcJvBvyOtl9jfpN=`rwkLY3TQ9SeUqRLMQo
z@$mOT(Z^a#;O~c`kF`#Me*miFLF;7rhoDMAs|a6)D*3&&6n-^S$-~xZ@Q*;1{J}Z{
z{!yrs$E;@fR;ZH4t!3~}K$SdcoelpK6#cDrF8ni4g->tKhkq7|zRp?>|2`CbopllX
zhfwr&)+O*CL($h+E8stcD*4P>3I91%;nUvB;lF??`O>-){wt`GudNdNH&BI7f>*(>
zhoaxJu7>{`6#brcExf2};Vsnyub@gCbpw0?swAmyf^P@KI8faJpMs*VQ@6o)fGX*z
z?tt$E#n?~X1>Y5lv7fpJzB^RO=ITE9Euc!aRQJPg1y#~RJpjKo6k|X25PVN4#(t^{
z|1&81L$w+{14VzR9)a%#MSrLsh3^AZ_yoHZzCRTGo_Yd)Cn)+o^%VThQ1pB18Ti3a
z^n2=A_#sgAd+K@kU7_gr)Qj-DLDBE2m*Iy)(eJ5O;p?I3_tb0fyF=0Msn_9MsFIv|
z1Aa7A;ZyVq{2ow@E!A51y`UIds<+|CLNT^f@4)W^#n@7{!H<VxY^mOZZ-ioOsXl<8
z1jX1=eFVQB6k|*E3H%f&#+K?c`2C^i1JyeC1EET$t1sbaK$Xl?U&GIWqTf^B!h2Bk
zd+Iy**--Rv>U;P@q3GX~rO>}Y(Z4AhegRa;LY06&9I9lIY6pJ=6k|x0f<F?9F{Ek_
ze>7CdF{&f{FQ7_}Rh{9FgDU(KL09+_py=yVclZ;b=<C$x@V|tjuTxvX`%v_Cst5cj
zQ1o?b8~9V9=<C$B@TWsDwp81}p9#g-Qf1(O1;yA>^@2YOim|2Y1Ah(_V@tI?{CQA}
zEmao&0w~6osvrD?P$d_s0q_??(eJ5&@Rvf-@2NrXzlNgUQ@g-l21UQ8hQeO~MZc$p
z!3R(!B~=Ii8>o_1Y6SdMP$gHZk?_|*m0YVv!Cwc(I8)`|uZLossm8$H2*o&4?FoM~
z6n&uD8~#=(`asnHe>)U?pc)5%Clr04ngD+{6n&tY2!AhB$$e^H_}@a&2dc^N4?xie
zs;Te~K{3u$2f+UxihfT`gMS2yeoxJSe-w&-PtAgFg`(e62g5%BMZc%=@J~U}@2MvE
zXQ1f!)Li&yp-P@p^WdL{DtSTSijx<iN?ua);a`R-c||RRe-*0aPihhTYfy|i)nfS9
zp%`<jqu}3wV$7+Ifv-R@=2XYRuZ3dFsg8$#8;UWfS_1zLRLQ&QB=|O{lE12x;opNQ
zd0!RbKY%LvP%VZ32&&{`bsGF9Q1rv<4EWEX=!aD^{1;I4!)h7)S5WlB>TLLLpi0C(
z7v6#@QTF-pHWdA>y&OIPMSp8w1m6yd{?@((J_W^nx4i<sJrwud_DcAUP~3Ohm&134
zqVKh@gzpMP-)ooPyF+o`ZLfmg9Ex$NeKq`+P>f6MYvFr9F)p=R;J1NdTx#C{zbzEw
zQu`+O?Vw81_AT%kDEeXhHuzpp^uzWY@O_{dm)dv1Zx6+|)V>Ek3&pt9z7M`16!+uy
z{qO^zxF5G4fFB4&e``MkKOBnw)-J=>LotT5SHtfK#Te3l1b%NQ#*p@-@C{ImA?;T9
zaZrpQ?I++TKrx22pMswV#Te3l27X^C#*p^2@ROk!L)y>7PlYPk-+mGP0H~4!?U&)F
zLD84muforOqA#^ygP#Rea*+Kx{J~Hqp8W=V9;#%vU4d_cDw$)ig`W#ma)|vl{5&Y`
z)9rWQ3sBsr+imdkp}0@C--BNW#dy;G0Dch^<4OA?_{C6+C+$z*kAh-6X@3TP3>4!@
zdma3-P>d(-FX4}eDmlUa8h!~>$%*#2@Fzi){L=mo{$!{U-~JxH2*v%ojp4p5g(^AK
zw&72MDmmRwz@Gud*wStX-wegr(oVrIgJNuHw}(F)im|2L5&m2##+G(x`17F{TiRXW
zmqRhOw7bJ!1jW6)y*d0PP~5-UTf(n|;{M(40e?9Z_wV*L@K-`{|88#!UxH$6X>SL=
z3W~9%oq@j^im|2L3;tRt#+G&;_!cO}miG4WH$XAAw6pLxL6zKW_k+I$s^nIC0Q_xG
z+{@bo;qQRrUfv!Ae-{+@^7bz9_dszkZx4mP4~lW7Jq-SSDEe6Zj3)Y6DEe4?1pGr#
zj5F<#@MS2*nf567)ll@eb`Jg#DEeD_4E&=|^s)Ay@J~R|$J%?tKLte}Yd63@14SQe
zkAr^}ihk9e0RJKs{i;0?{$(ioReN9fSE1-v?aA=3LD8?;Q{i8SqA$fym7*_&qA#_l
z!LNm)FSTdDzYRrSYR`gy2a3MbJ{Z0YioVp&!@mbbUurkOe*i^aYR`rL2&&{$dmj8}
zP~5-U1^9JP+`rrN;lG69{@q>(|1}i%@Ae}2Z=p)o+l%49gDUx(eH8rnQ1r3RG4K`?
zeXMgVybVPk>l_cCfTCY@mcXZ==vSSS;M+sduR15gcZ8x}b&Bwvq3BngrSM&$=vST7
z;JZW7uR3SIZw^Jj>NLY|2}Qr^EQ9X>MZfBt4ZjT({i<^={I*c^tIqlG+d-A2o#pTu
zDEd|BBKTfV^sCM#@O_}@SDh8`+e6W>IxFF`P>gS#%i(v1Vtngd2|pOBWQbFO9|~2n
ztFsDz7*xq_&eiaBP$k2iYvD&gF{X7|;CF{&OzYeL??N%Ab#8(m4aJz&xdna?D8{tT
zZSZ?RF{X9yfFBFRnAW)qejh0MG3Ormg;4Zk&VBHUpy<b(`{5Tu(T_O~z#j!gKju6H
ze+(4;m{W#77K(n%Sq*<Y6#ba<2>cQ#`Z4EG_>-U*D>|+4J``g`=Lz^zpcpGUPr;uG
z#aPjK2L5y?#){6f@Ml8N=Qz*9UjoJRL+3^K6;Sj)&dcyCq3C~{SK%**qW^JTgTE4r
z{>OP8z63@8<GcaC3X1;6slZ<iMgQZhg})Yx{>OP6z6FZ@$9V_-1}MgLP8<BqQ1m&@
zd+@hGF_v>afWH%pv7GY}{M}HD<(yC8?}cJ4=X?hLTd0!zoptcPgQA~tzJz}WihjoV
z8omrgKjVB0zZ!~u#`zBZ5h(f%=X>~Pp%|Mv7JlCSc_{i2$A*6qiax|iz`qPdAL6uw
ze-(;8#7V)w237L5(;ogWP$lm;9pT@F;`yG_8UC+O-19nJ;opbip4aIP{~;9jyw2wE
zA474^>ud@CDHLNZrw9D!P>i*lZQ#FvVyxwC3;z`qV=ZSp_-~-N=XEmh>!G;kb$Y@7
z4T^ps(FZ;O#aJt`J$yST?qL&I_)btIofG}wyFit6O$>nV2368MF%W(;DDGzygW$J-
z;(j)<3;b44ynYiy;d?>x`b`Xj?*qkaFi{6T42suaVg!606tBU=Nca&@CH09>@FSs0
zc2DHsM?saii81gwD4wk)_Jkh;#cMFJH~d~ujD->n@C{Img%ac7$3bx~nV10I2*tf*
zVj}z`D8@gDec>lVG5$$RhMx+>_$M(H{s1VRp(PH0pAN+{w8S*{nNU1KOU!^j2#Rq|
zVitT86yu!4!SHjT80RGN@bjP;=Omio3s8)65_93_L(xAZ=D{z7qJKyf;1@yBKP2YE
zFNWf^oLC5d3KXy9#3J}pp?EDP7Q>$o#cMfn6#SV`-1jApf&Ud0_kD?D;m?BNzAte+
z{5eqE_a&CVp9jT#U*aVA3!u2~OPmaUAr$w0i6Z>PP~7(=mO?L0oQBE@D0+j$8PHo2
z&8XZ8#r;=e8T{=~yk-+;!`}(TYc_E%{M}HzW)tVb-wVZSHnAN3w@|!h6Boh%4yxpV
z#3k?#Lh;N$u>wAX;$AGV68`s4Jo8Un4*xI|&-@ct!v6t^Xa0#2{9{l&^G~dTe;lgh
znZ(ube}v*Wf8tvB=b(7bpJ;)90gC7Ri5uWwg5o)U;wJc4pm@%oxCQ=CP~2xFZi9aV
zim^fB4)_WbV}rz9@N1zM10?Q&Z-ZhCkhl;2Jt)QiiTmL{fMN`gcmVz*DDI~c55a!|
z#dsi5hW`wT@jzlV{5mMc1BplAzl35uka!gSYbeG8iB|Y;p%@P&o`C-jit#|=DfsW9
z7y~4qfw!S}y(gcAZwJK~Ao)Ce3W_m6@<sUeP>cbRFT;0)VhoUc6}~eRV}Rsq@Li!8
z10-LE?+(QnAo&LT=1`0Qk`?$Zp%?=s*TVOJVhoUc8-5!o`iJB@@V%huAChhGeV}-M
zPre7gJrwWn$q(SOP~0~qKZ5TE#eGxq6Zip8C4-Zn!S4dadwp^p{7@+RmgJZ4bx`yz
z$*<u@K+&Hhzl9$KMIVy<4t@+2_g2a8;rE2%-YSX5`m#3^{Ylb>Z-C-{Dw%+v0LA@O
zvK{<HDDJ0{DfoS%=tGk2;ip1zuaxWvKLd(;rDSLLSy0?7CA-2O48^@tvO9bpiasQ{
zIeZfoeMoXk__<K@A;})_^PuQMlH0%+py)%A+rrO>q7O-K2fq-Cej}NIUkt^#BH0W6
zC@97i$v*JMKryaJZV!Jf6yu6y7XElB#udqa@JpZ=S0o3(p9IDIQF0*s$xz%MB?rM5
zp}0Rv?gGCQiu<GFQ25iJ=zo&K;C}^0|C6kPKMRUJCpiNCJSh5^<Vfg+$x+bDlR4C{
zfZ};katwR`#q*-%p76hcDp{4>8~!RNo);w>;IDz=c~Np4{B=+~FG@~;zaEO`MahZq
zH$pM4NbU=NGZg(*ax(m_P~5X5r^4R@#XU>%0Qmc$|Es<C0gvmr?n7q*0v9AfkXVW$
zX^|3SNfBj{;D3>fDA^zYl92cZB0&9#q)^M<3u4X1?rQ&#gk-n7l-<N_(zvg36E{&B
zH&zm-btAV<YPU%oH%asPMQ-fGesLQ4tMih)%8uPWf3;tdugS~%{m#tXJNM5nAX>?X
ze6O;3cjnBQGiT16IdkUB+zaek`kz4h-{XlrOaGHd{}P_?ANrq0`qOyAf9St}^snLx
z|DivJ^snQIeM)~G>EFN;`;>kk>EFZ?`;`7mNPiYj>{I%SNdFd|@HhG|BmH?i;cxUW
zApJXd!pG>ZApN^|!pG=;7U|!^6Fx?N9qHf46Z@3@CemNV6LzWpD$@T2PuQjYMWp`#
zPuQjY=aK$HJh5l#e>c*9j3@Ri{eKtf|B5H<Reu}lui^=N)&Bz0e}X6MRsVaD{sx|~
zQT^YC^f&Q@jp~0N(*FZb*r@)0fb_TVgpKO|L8Si_PuQjYA42+n;t9Ld|BsOVOFUth
z`u{P~e}yOPlJ^0md+~%%;{7nveR#q~c^^dD!xJ{j`%$D<;|Uw(y@d2yJYko-e}?pW
zJYko-4<S8_Cv1`TlSpsE6Sl~E8R^Y<!WMZyjr3MLVT-(vAbks-*pGPs0_p8|Vn5=2
z6zSXW#D2v4IizpL6ZXpc7}9s(2^;188>H{X6E@2Gd8F^b6E@2Gw@BZMC*nEYCz0Nb
zC+=5x{~qbRc*0(Jzl8LDJYlcAPa%B}PxwXNr;$E{Cv2DZt4JTg6Sm9yb)@gd6Mm8R
z8%RHZC+wK_8KmEiC;TGsH<2F06E@BJEYjn6!lrq@h4dtzuxZ}skv@SZY?}8wNKfGj
zAIbY7(huVa`{w;F(x>r+ee-?~>9cskzInfo^doq}U-G_;^bDS`b>4qL`aGWSm%Kkf
z`Y}8aFY^8n=_l}nkL3L^(%*|G;_cplMfw>$5pVatiu6T1dsN>06Qm1x_9)-`2GVnQ
zA`b8Uccka>L>%7xCerW36LEO&e;{4L6Y+NM+ep{&M7-VmQ=}VsBHr%(Inr0~M7-Vm
zpGaTB6Y+NMFOhx@PsG^0ze4)&;E8>cm+8m82~YT1UN6$u@r1AC^&$NpJmG739@2jg
zPuMqaHPU|{PuMqaEz&=LC;TgK9n$|0PuMzdJ<{*T6SmG9M*2lO;Zu1Vk^U!m!l&{!
zA^jtGB9`uLM*5%PiCDU~73m+t6SmR21?eBh6SmRYj`UC93ESx1hV(zj6SmR29qA9_
z*`r?e?m+sd@Puvj?n3%!@Puvj?ne4&@q}&k?m_xr;t6}`-HY@qc*1}4b|L+*@r3{8
z?MC|Jc*1}4_9FcYc*1}4_9OiXJmIr>2l4!6?+~8<!8?NIuX*>Q^w;r(CG;LZ`Zw@I
zgxq^O(x1T-R?!<n`Zw`}RrJP@{w$ubirysBzlA5PqK6e&eI8F(MQ;k}-@y~RFz;cc
zzlbM1H19OhU&0d}ns*lI|BPpk`hD*aq+i1m*3X;4^N+prc)spEhUcGnPvH6AyeIJ-
z8F(6)x8sR9K5zl)JMe^0GLS?1E<ACcY9NpF4m@$6YQRVOZFu6WZQv5pJMqL>+dvWN
zQ9LnE2QDN10G^nq0}DvM9Z$^DfeO-Nc%H<4kN<{S7kA-Y`2Cq*%6vJq8K*V(_B_+`
zV$V<X{L7wC_q>K{7k41?wy*a%Vn=_c_uuvYcJFhmes<OWzUpLOz3=(Hm-_DLzqfyX
z|C#<m|M&I(Q2!72f3pA6{h#Uoaqpwv&wD)s7Y9B(@X>+Kt^UB8m)5+z=4)%7T>IUF
z#|9r7JU95mgC86G)Zks~M%VrMx_gH94Lvq=VQ7BnQ$r)`|NijTh9AhTYAN+K@2Q^W
zaaCCV$G1okQ40S1mF&;m$;`R{qSR-ypF75^i}%~v-@Z&3st5o5e)bO^U}k*)QR<Jf
zcvTnw{XA~U{Q~Z){af5K`vh)YeNyFc4=9KGF&A+M=pydM%&A|-zfa+&)UV**r*XsU
zKj7c5sy1%^ya#t-z8|-KeiZj$ei}D^K7u<iAHi*(pT+%`pT$j|e}TI%KZm<Mui)Ox
zE9!H&vGaNS`)%Az`W^iH0&XRJ5&!t#0;0kEt(f1s`E8ot=gsf=0gd<BwNLGB;C5II
zce@(6msP`EsQYp2C$GLQ^PKt`-e=z4dq1Mw_ak=PK%}sNXjn}h!oOMkdk_A74F5il
zf8WHv?R^dGr5f13)Uea2!MjKO{`=LV_}9k2f79Q<3f;gu*}ytjQ@ilHAOB8z&q;fa
zqHNQenmV$kq27+)?_G1h`XQwM)7qN))3putm-v0l;Qi{r;HzsN?SFOc(V_d*Uk*K|
zcC2rxUmku=9naR(wQNKEyDVj(jy`zg!i7V7F6>c9Pxy`LQm$B@^{+J^&6S$|gBNYl
zgZT>=CW`fHDYrOY%GK+F&zcAKvF3EGlK1QNbAG;3E3lRZ6JbBgXBxF)`BHIik!1pj
z6VyQ9?>)c@ljVY;iF&N0!SPxLi5mwVI3!TeI&he&1alf3ueSGyG<?m^Hyi#~voT+(
z6`%8^Hy}cQUv3ohxrT^^JYK6-Y7H`n%=x+>$j*Qss}&pm^xQR*jkmYw!rmnB`vs`Q
zfZ{YU032s#uR7B#m2wwL{xf^k)MUB2;MYuUEZ-<r$^?&BN+sXsre{w33m5&`RC%rv
zDVRFv=L%=brNt<8^4VstRBQmcP|el+n$u3BA~{>{RI%Pb=_S8$;W)<5uT?ShjhXq}
zUR6(ljnCY9^ufayE|e<yT&WH=%Z>f})bVCH|I9x1u)ipJIGrojke!++3jev<B65!(
z+;e2yuQiHuGAR2}n%sBrzLZ7@C41**j~`ZNYnMikRnXkxc&^?k`J*JuNuiFOt`wRj
z|3Sf>s*jHeDM?JvKyJl4+AWPuPpO&3dc$8BojR+&$FEh6*L?rj%<MTe-Kfo0wB}2G
z2AWm#HDI<PpjmZ=^X$R}X=FSnP2i_kt~MJJxkgUlr~O8*zzhW#WKQR*L7LqG`I_Gd
zK*WuK0;Xed)*i1^7bA5efCb9|CYzeh)p7v%wHd#0wphs9{)ZY<A3foh{aP_E>>sbx
zrY{#~7Rz}(7-5zTpQ$vC`E!+;f4-s1BLIUjHizaMgdorIbN-deWxp`ium}+VG0s;Z
zJ{KbbAjWvjk77gsf>9}#F@0Pr<53W?U=xZpzaH`u0T5%Vp!KL=hTP=Gb4aip(uJLo
zEQip^<}J!&mD=TcHJA5IT{kZzYL&TS$(F+WnH<Z`VPLNMh2yo#f-`vxp^k-4&0~ul
z>&1&$%R!#?7qEUbEMMs*tTUUtWEj$^hU8g-*=kC3iZECVzgEtbOo5YS=~%T|qJ4l7
zGzd`$an4m5E`pOaZRX0w=Ufal?t;$w^-AfAAA?q+NF;T<QY!ehGnhSRYlfQ`XfBGu
zN|3=!sd*`=;pQQkpp3Ya<txQnrMv(Q3gFbDG`OFFOB$T3&5QMXt;qF3Yik@9b|%sd
zWON6R5K^_uJ27W0ksxOT2F*0ZbGcIKVlIC<gj9nv64D0C&<Qdu87~#lSyK{ZSmN~A
z6h|RW|4}aN%G5K+dg7Uq@f@|)lmr>p;re>T4?q-l3}kpQmBE9dIaQ!P(O5JEPPUp`
zELCy^HCDho4}N2^oUau8g39Oe^Z2P2VTcL}D{2itq>eSoS|V**oV;0^T-!WT_47rn
z=5TJ*WZd1Mb+7v;n#F=T8e6{~ynNxpF$@w`_2Wgqlt93`nndAxnS_q#k}$jaBuk>p
zRkGY&s*<JQ@{=rc*P7H)yU-*H-9;u@>Mk(JQg?AlDYb(st4OlkT~d;zQ-vgqt4R_X
zE-lG2XGuvG1}jRksM8A45i_=CB=J(0i6k1VVp<<%nMh)Xi$t<4vOXk>!_^^K7F_|7
z<xyjwEO$(Mve2<!*0v{+Vum`2pjk*0RbYFQm8`{0mRO6MEOFRPZOz!)WJPOBlO<8Z
znk*OFngoZIHKi;xmC3^6*cYVC8yKqjN(%g(|7_E*(*sW}p2oKMD!0c8Ga5{`WYJ`q
z`?v}ClvqaV^=7V|_mfyKacSV0N;4JC<u|=#tXiC`)he}dEI7$#X5c0@A+WSEY?e}L
zoT*@|TA9vWN-3MX*6_<%*RaVuUr)t2jgUfW!4y`&+T^voU!`By5$za;4;#3Iyy<`?
zq2sx9IKmzcEP2gh9jk9T%A>hjk>iwJYRqMN;S9FV9qKuTD8264Dz^EQK!;+-0Zqri
zZhoOtZDS77D{6y~UUtU6+N~HNjcTP>ZlqT}UV}SVC@rR!BFF+yKW*@4@|9}Jn9eSy
zK^Z<tFPX(gvYcKNs9T5Pat-knI^OB!@X(;{9SQ?CB&n4MtJEvy>G@i&p3*;3MZm6Z
zJS1$cpopcZGG=(SQckPEjUNIFDYRxQ>2PNOPO=w-6uM&BonNv(O-c$c*nn_n(4kbv
zCKJ<I3!!r%gD(;z>45TR(Q0l71p1j>DIosYtktm}NOlxUdlDEJ{?t<O`x*XB_VjYG
zdb(L^6idaj-x=-f6~A_sLCDE#+J>c2!p<@U>gQ_t`6PTg*GPeCk#s1Ng{B+E1eVNV
zS<F~>w7DF5+zo{sobt<;(s(?byVkAve65)5?J-Qb)B;D>r~QRwMW=jx9@8@wX}VUt
z0^P^zms&hiyab^@WyeaF5QuKfr?i8*T}lI^!YQ9*62-E)NiQ{fjHz<6q8<X7A}5Ol
zY+{orV|ktih%rqTPGcH28I?gOtsCA{IbUiPe34+1N?gWCj7NP;#Y!4?)ndo8Y1v%E
z4eE#?3-&2QtGVzdTMgFaWD#AV@m#go;NH7ab!W{^QZQ!G-DV__=!QxR(i~xQXlc4q
zFQ#|l6pTveQp{I`hQ#qowr!k-t~lH{Yw78=ElDNN+}TQMq3CT|896`G<he$&-i$1b
zol5n#D5Vxoc+S=kv`ZG*36w0ck&NTT5*FlS`9xF4Bsuwy`SZCe#YzemLN;k&*<t5O
z;-)7_;}9baI8{gi8^1KQOt#Z0bsV2GwVpN(sYStJmqHfiCRZ-#%IEw!zvg3~lY(b#
z!ZfCK1tDK9aJ6C~4b$!_Qi#Mi9w{h}b)mCJ16)jNMRQDNHHFAnNu1o2lF5j(n1bN6
zpHhm!Nr49PO)sYNl3oH)(Wqgkb-a{H8PynZNNLmA<afX@q27XZ`;A>qp>+}mj~Lga
z`s%rvQedo2N{Jqqlmdt0l+vjMp6I3(=(VV0x!xHkS(nMGkGCdriz$SIC}Og15JF5A
z1@XgV5kdhAxkeH`#S_J|;#DUL&AO5-FcMA{XaOhTQ+0`t`DQLB5p=+)Q}wfRbBLfP
zYn>`C6jQ({>tU{RzMO{Yu9@i=nkR0Fu}@2~5IX-IQ5@w;*4M$9t|*Qx+!c?9@Rf2Z
zm$UO&{^Z0x$-yj+xk}@RX{GkA(?(KaT1jFLT}`1fRuAt$BsMLKf6dO<nn_wSm~_V$
zlkj7eLJD*SM{f-tUZfYpnk6ZP&UUiwOr=}t$y~i#u~wSYHpd#c^l}k*N#F=md6F&b
zuwJE>QY6EaR$x@VV>vxjUerjoW@>gua26fA=q1S<YZh_xGg~Vzz@jT&`k1XSHG{B?
zf_K0loEsGsc1{oTmj_f5NHvH5h{*{|he-u!lEjR}P^B;mDf^9j1Fk}@1|}-v1nEmh
z3Z^Q&f@F^Kbih@}*yyX0n+e!>odcE1LIB3eG&X7`M2mhQpU1bx>bzKUw)WUOcF{9D
zau>?MQY)mx+*Fy&8Kkt(t>C8?XfYvND<~4sm8P`W5THqFG3f}dz->5J@ZAWmltuuo
ztJf+<aW&N-sH;vk8day1$PDWWnk3-R`jUVJ<(Z_k7{+)7(aDlP+}RSG1W=mN(O%t}
zNfVwL>=mr^68K__8e<F>DpxqnNMpg2(^l9&9-`uw5wDCuX>qt3oS54vu6u)uca9KB
zt24T*U<>9Ol9~@v<WR?%g(Z_r3yYbe6Mn;)Xa;D!B$LC<9+SE#5o`s6e-T?7ieK?A
zhn73MPHB_wr$BTBTVN(h?h^59K}bT0YegU=d6pdk5W{R50t7eD@*tiqtvERw=N3+n
zV^#%hJ9~<NY#c_?!PYv!ib5)GI9!@>7yYo3v&9a0;F_)@;aYrQc3#|4L9E(~PeC=~
z9|g4Cd{y6I2yty~Xk7r*>qk)E$+E|hP`WS{g%AhEH;AVTN(2CN9F`K@4X_J(1V9WM
zWS7z)BPESIL&UR1=-X@sHUQhNdafjSZTh(Zx7sQrAaQx2q*Elr0J(r9!TWYxFeD?F
z4<toI8>biKAQQ~303t+f<X%$_ax9C4?xj2mIpIrO9#+9z>eIsz@DbgvX#$ZQoW6?~
zM)>t?bn=`^&Iy2OPy}Qx2z3b6FgJZUU*Ee=rjHQUsX8Z-I#s!JJXb6sHYg-u%Xs{R
zJ7b8C5(pu}A|UbrMH_pLknr{gW13+<#}{xu)({w(L7)SX*wWOcGMYgo!B@>XeiwXL
zO=O7T9!Chv5rD?fM-Q@^Jmz1tM-l3(lb)_ro4g7Z6td=0hZ)k|l1PDCQavE5VsIFu
z>_Ko0YDb;RU%=1_zY(Ns<}^jgjb7|vFIFIq@e-eUdBA+AEsFArl<Xmka2#aVM}5d5
zaFdK(W0m^O0--w{UUS8=2Dj43m7@quE}*#}HWui!TR>GzEfD9WRC00Y-W@O2>h6lA
zg6Nf^gs}^e>$ea9F41C0mEN~fAbOiBJ+dc2y65I1Ao?PFGcq3_G;ASzKyM^;Q?v@s
zV0}mERTl}8b66zwji(!87!O`JnX>-8n((3gz8+LHR<GkibSbz48+h+DXH~4ZHS0Ly
zqN#E0RgjVc>>vlq7n_$Z(NhRvwt?9qZW)K*v&{xJ<}@`SY&KUzzm9VjU&U3=u)xxw
zBVYn4$wCaS!~h_pTq%KdtXaCO&0Br8mMhl-T!&EY5-yPAtg=(N5f!H5T=7y<A3=xJ
z?cJLCqqrdr5zJP?vcNQjps`Xhhx@Wtq*~e%vp(mSa@Qo~lv@#Cr7bk`jj$pPB#H%S
z3yoe#O$=O^m-feMwcKI|vlQ8KuIv<?!%i7XoxmH#i#Tj+IHeEqShhx=!-bmrbn4h5
zG;3B4Nkr>(igQn=isgC4qj8&9XU#;=8QF^Hq}}W4*qDZCheW5T{_sk51~cx2uV37d
zHuW&;GPdmIW!~uf=;4v5o;(RCabstrf*FSqFN~6e?Z#pLHHN>7hSP#C2YVVF$EOJW
zniBXPK{!DdqkA#P6<(iLGr24D_qAb^z6U3<!fBW@f;O82Yyfy(j$i_&EbbPV^cl_{
zfllFq%C)m|LK0C>A;w>JHQ4sqf(SrcK^AE%$dooXOj%x;4vcXmV_XoFn;V=6oxmF7
zI9Tz$1$*c#oCFz;a*#25v>;EOXVMOi^{}Uw7;yzO0$vfYN6;pK`@Et`-lA_tjAEt5
z0<7gWfypUL<Vozjad54n++WM!22j&qGy6u31tY#JzmMf=WoGaO1)P%m4(RtO)MP!M
ztNLgoX8?wE$Ppfpfz4L9qVesP2)ORz*m_VVX~k59>Y0>qF<J8ElC{Q?pvWUlzlK1%
zRKp5X*C}}8uo8?+kQ~P#aVjtJPlxJgF0UV{QpE^B78jw!kh>l{N$??qET{LnKqs{_
z9?LcI^F|$YS}UYZPt{LL`BdFV{B*I7NHS_Lrps5NXs81q<Z-@S)9W{Tcm>BWH7?|I
zccy2U5@sYpy_7_tKS8<H^8m}qN>^gn2Xv?6Ks#h&$pXqwG}WO>R?<t@-h?(r3H;dI
z168%%)AtR6o|>%fuTvVifFRvSLd*`q)LO`0Gb!j${V`ktQ1EDQJR!+oC7t0wn4K6M
zviKCljZm1IOSk}n@j;s1L~Kr2;4ky$rh~w2`XXi*%bWP8!zFBY9CKHe+2iKMK1^u2
zz!IZ10sJ)Xk<aH!DxZ2qNuBW<^liex3<HMfR0B3xcru$2WzYH$xWij9ruDjYGD7PK
zQ*#P#aY>crIaVsgB~btfSL&zcu+5^`v6l7mg_3$AhX-0XR;l2x2h?KkgdxsQo~eVN
zv$HypuTJF_5bG?_y7)+<Iy6!4UAYhmpc?>Qx<k0vWGH#Z+r~8z8GsllANu*k5bMK4
zthT*q5+@PB^X4XsR18Dfw$&)4>RwJ!Rny!Qd~=~MiC`|%rPLNi&zoeaUILv`ZR3TN
z<V6>0A_dGIBhnsRc@ew_U>0F%Ssss77ND54{5s4lEd{%4nkcCpg^)fV!L1mJ5&{B`
zSn(Z8AsSqi5$rHWMe=iH-Nn$w(l=%VSBpcheR7XRiQ^}?W~7>PJ4PzFdGeZmkw#EE
z6uJ7V+o5JlWA1GmArS$jDVtz9$|{-$Q<E#C0QLTqDyVy@_~Kx&Lst@}2(uA`CcAZ|
zr(1|3?1$M?g<Lhv;c&{y;I^rB(O4+q+osvE@V1W>Ia!f%>_(8_#IFgV+tNd)E;a_^
zu#pZV<{ObivwOx?EwIrsFj<h`kG*mv?Z+St3kBt@ae9#^Ti>#=X6|&ZjIcPpmQl1(
z!P?GdF^lbPQ7E6qK`RX6gr6_L*a->=LQhPNYg?GB1aRZFohVf<(s$NXV_mlHwk||0
zvw=&hmAS?!H&dh0Qd;B*7;3)}D<C`UK=dk=9=aqrmjp?FoFK67w+kSK2_m>5WG#9f
zZHT~$pL*>|YNVIs<W*)nIJop;Ue4CB#L(#P3xjuxabhtT4h$hSy*qSZfoX<E!IxG!
z&{&6UGAM>)A<<#DJw+a>0u9?Sn`E!-JuvA=kYR~?OH4{5034ZUdQ)eESgRUK4J_E(
zQXw9?6lSpDYfwdDnR#sxyAHn)mWt<%ITk{K&ZR>`M9U3bfe;#2k4#S&0ejA3A(#Sg
zi3uM=>S16cr97hOVL2y3m<t$TSTY0?i8j`G|H0UA_mv2|Kpx3r^H{k$>(>_KrY+vz
ztAwvl1j7<G60~i$dG<{Uy`~}z5~BJ+8I=N_wY?lDI^pJ7&X8QQ9*1K4z}wy~SUl(?
zxZu!_*%pLpaDoHBGGbIjHt`#WW>#7Q32{QGaIU#^lW0$^NB|iQJcQYb)N=Et+}uXA
z#WqXF5OS<26PA~>c#HD20Lg|%TC(9M84y;kK_c)Kr2zXW6KRqxzcLUyzS@tlvuL8>
z6gh{RL2x31VBP5Pob_BI#m+*m4<u8uLLxH|U?~XdcOumV3n7p$rTQXR7X+h7T`;t;
zx*#|r>w@J7CRHTpM=IQ@HzQl~R4m=k)FRWv)H2<-)FP)>spa7i^79?3DCknhGR<(u
zV#9RDa?SV>#b`gGP`Z-DF7)Pu+m22cdIQo8Lx(~V7>?kA8T42!hkGuyl(vGSks!KU
zk6;-=I7B1Gx=Z?!VM;+j-CT)@pg=rY3~7Z4S*0QALF`P#Fy9$Lx6--X>2_x%^g|C;
z8jDUpIwR?RbS^jj=!~FS>0Ivgqcf7js#dMe{pnnuVlE__z>zQDUm{R3UR$gJjteA_
zSOs@SY61Vwm#;#3RkM-jp?$rPTM)#$oayVV4mmo-GgxziZ{3X28^O^hjF-9Xg>7F=
zM<u|mteJEK^*wu86P>KM0M0#pDc9amP=P^slhG@(_I9{DBgkShh+3Ewzg1<Dc1wu?
zmS|+Ss|+AhVPD|h1>nejGk}I$&HxnbIs=H^cm@Eo_YCq=TA)GRIoTKI6+%OAoRPLr
z-Fur07)O}Q!mJ<Z*DT~BZ|9j|(DOh<Y?6A`nT%FllhG<@GWKx7WP_G%zOI89aLn`m
zynL@j$>k1tPeL?+7dmy0eq5NlaIrau%l)qJB4@dJYihIyM+QU*n&lY+0Cdyiu<03n
zgTbKSBT~9<ps>}V4qevNg`!;fa@v;5gL3NNax|X9<bib$d31&*UIb$m2WcV2p%{I7
zxN)#H5^<<wUrdqfnu4{Nt3|}+gJ2HMt`~7>8SZNy(XbHg`lk`^RAGZJam1Rs%0oyk
zc<VvJM<s|O7XwZ5OFN-p!lPttc&=c_ib98Xdv#3jAy_dOz5oP9l0feKlTdDal2Ejl
z1O^c3g`R!FH@Ixnu<eF>!_W2TE+&A%eHV-w^q?WHBJ(Q&(Yiq!PLBh^Q{l{XdhGxs
zopIn7>h=)Qk+VGnhQ$pAdc0W00kRBtQ4e3>9RO%wDw07=EeP08Ev4oloKUeMVk$5B
z_(oDDk=bOG{i`|sUXrvc?><;S?3T+u^Nl*}aDv;GOrPL|O!<19l!V`VbD*Q#7pc*_
z{9rHM#F0N^Cjg$VAc{ef=F>VD|01^32m}kX+`uQ<gjw8Y5+3<Gi4PN&u~p;t51(|a
zE4)G)1@K78DL0X>iDC{HrSS49sw5U-T6xnFUWPJlF-6frv*x%vGzCtUr7$YC#3TuI
zE=1bW7>HQfpjd=3hhq<9DmX_{7kH-u=Xo~IYJqF3Id!tJ!&uoTRI1R}D@B}X2GJ{h
zQ(}~xXLJk~&rCUqW3uDeM)MNB+a)6DP{dlD-t>}s9Silv8|*@POIZsW(?M?M=&pr1
z&06#m6dEUfJGm|w+U0Z<G!Z|={VOxLVVI6#Tl1Qj9_{oZZgPUnRyqn9Gq#8AoJhT+
zTvt3!r<XR<SS%TKw2T=f)E#m2q-tMC69$7!U<zzBP!kaOL~c16>BL}0L(mpZ3LA@~
z+6BD?H*<bbKBnlbp9!gHk`WBOFOGod-{Cwj0z+s$JPpMBgV*EaAv7l^YaIyiQjQ2z
zC(gii)G78=;;ME1J;r+c=nxZ8^DYT4jR7Q>EJ0Bef+bu^>=~?Ns0INA-j4|?2N_yS
zXe%TA2;0k>d15@`Ffx;Xxs?#9EbHnG_99sOXZ!{)7St6Nqi_uhz*vh60>uLc<qbd4
zogkx?B)CBzVmPa!20{!87|aE)wbQ)T@qN<Zj=s?fC(m}w*?i*QSYzX|kU?<i$Y)Cv
zqe<gXsw;7tC-7y<A~F=CEM^uEP78hz$3hDR9oL`bo01F|)NvO@d(%1xj|woHi!%g%
z#g{!pU7f<`MIXZo17m^<m6D=Ukt2xRGtNWeMM-O8xzQPg65-w~Vz<?rz6BYW;4u21
z=q{Quk$?0#$2&8|DZ=QVl^3}|MS`C*xR}+jAR|sRi7QYB%{}#)Dq!H?Sb=|-EBztA
z0Ajxj6#%p?LKc3jsby{&1bOFtGlT_i;s+r24Z;BE=vDx$+J-1zZd0|O^=XM7ahtX-
zmd$f%U9_2b3AZQ2sy%&8)269KHf<-o&2!G%G>nbhqF_(}kzPpBT-ny-_(571hMt7(
zeqA93Ah(TS=pp|EW1_~?Gu$(k4=mtYft6;--b0GpHZyp-<sieJ1R2|v0KmQknIPDu
z@2w{I(R;K6SZjoC)~4C2P1{Coo^9H6-M_?x%mhtG4K(2hK<0S(zE3?kbB$oJoe02p
ztHe$n?3$@tGw%nBF|lbXpYc~Lh<wCAak6r~&UAqvZ=su7$90C_TtGhQVxdqUNF!dx
zmi2*)Fl3V2*1%T}UrUx^an~If@vvrMX{oEreCUeiQ@f^$&9O`yMBI*+vM|RoZ60k|
zn1gA;A+?a!Hc9H5WMF}vg<tO+;|LMxoSbLl+BTv9wFSr=TR!N#e)kzejthYD8nm=Z
z8)UNLC75)u9GX0irtHSdK<w6dwqgM6rt^}ubi~cG+?**(nN1UJrjo#IS_{zTw8(5u
zhih!k#%pXokedbI9fiDJ19&U{gx|1h3f5A&`J~U;(>CvVN-Nwu1D}whp37L=_<^9H
zA!mRLf_a&s3kG6td|T29>LjUP3>jCLt#qNI$G!`KS*UGH2)>KqQNJJ<)C>zCp%f@i
z7E_>Lk&A0kVrYjVkC(*Q(JMkaN0Bm@sYrp#SERtLfzH)UBQ99ur<EApNh>l&*pQ3K
zKU(Ov<=RwJHzo_yX1Xw<g)ZS}i7Sq1Nvt)^X?kOkGPkWrf!kE1fKGfc?vauh4~|UI
z8A&3z+$2j~mXf8(`J|Z(<1B^?w-IMr+D-1FLA#Kb_bbGbYD(I)$$dA0#=Zxktzz^W
z5#b9(hD7{6AsqD*FN(^`9r+sU5CPf-nkv==nruw=`pTIpyTs*4J{oNRT#aJ@X@rRS
zdlbU8N!o3<$(H=NhN=}W&BLbBd6rJg*D9ovPLWc|bt3(#3N5kZr6N-*TsU`=U^evv
z>$>6sgh$X|v_LkpXR%|EOUq%n))~j(>=|zih6o&8xDn=S>DZ63RJJ8eUJWt;?tBmz
zMO<CKb%@Q+smfIspxqmW;BXB^eh9$^tu}Uvz+iM}ab+Yz5N;?N5IfGpCW{f&a)1}+
z9RzFOjSY+u)`MNQ)GV^K5HW0b>gXcz4&d#Xi~st>3oaF2g3zx5IFo=^QP@#-TeoW=
z>{R$VjD?B@!ek_I9X^Dbn<uTrM@4j-azWn3)n><q==tPA^n`LDc2-4U5<GW7_T%j?
zEEp{pD7tjT$2$adY(2w05AWl;c<dQGF8f(Pw}_(ZP~?Yhx*i>j)<h*Qud+GA6@c_u
zm@lb_+%O*cyDA8F+mvAGw~{ayWVbeMvNH%WndAiozvzOC65#S}-KP1rVVDcQ&LZtO
zStA+;qS-@WRcMCaZqYS^Pq|2z+q|kw{!_3=5Nt!`;WtTS$Jl&)>794y!nbneAX&eZ
ztCJEAv6exDG!I?B3}Xb>9VgI+xQWrt1jU@%=A1k<3Bd`4nZgN#_<DgqLlmPMUqI3^
z+!ZB>p{J1MA<=-lIwcBSx`{$PEEZfdoX=M5{sKq++>ojgAJl%vd=b8vG&eJ1m@H8K
zZj2}lj-dsGzjCjfiD1e>b(uen4`eV3YWD+-G3lv-ou6c2wQ<g?|0I;qbw2SU^xeF)
zBh{!l(>eXUA3+N;n9M>4f2-w8<*L#<Ii@7eq#MWIOcEUZT_CA%k|*q2Sn>`hmLB`d
z@QzNiX?__<s!4(n8{m<T25E}!XN2$uq5i0lRJh3MtcA_5;PRLG@FfWWJ6Vo|lO?kI
zT_Hh_0EiL!wveDiA(*-nAGFPD<+DtMxyxWr2k`J0wp8S=8M)DTTno93%X#_*I5oLY
zZ7c>kglBOGuX`E9bIgZ}gtG+D`D08bk{bMRCX9<_C-f_o)n~l*9^z4-A7L;{Q_#u4
z8YCQ+Sh*7rij~-fON&SsJ}d2@pX2Z&@k!N1C2_JK7c{G9q+dIZxB=0q4K~eD3&JcS
zmoSIbgVF2|P_TD6<5#*TafGz!9Ohy~H3-u(NQYw5Wo+7f^+_7GX~K<jX+acg3>5ax
zT=~|~HL$_@_M1>bILJ7Z1DHcPfK{p&Ce5D*Q%FyhVZ;#MY(OcU7c0;6YsG*`KawY3
zdZIZ)9_%&3l_0g$j&+w)wMDwcUCU$PH{qMiCeC$(lGw4Aj_RMm1#V8O;JZ;eH$8)E
z!#-S1xlbTMM&=sOaMN9<z@VlWK=`-$HqGPj4Z?n_aaB@9<*PDsYEvG6xv-4?`S=Tj
z@UbPQc1`2&5?0hZ4RlHs)CkJzc-8=WRyC1hs-Q-d+E`6stBtexTa0*L*=;L7CLH+q
zn~7Cv3)iASv4NIG1h0<th?)X7bJAK7JmpYA98#;JwGlN9h>tvuPmy~JsUpfp<$r4U
zl+<h}-F{uECpyz}TV-#s`$BDBT`{d*l~zX3QWKoyQG!T6cx!?K^n2>YDbESl?1xD3
zkmi;xl|Y?Rsel*CysPBzm<jMZj?Pp!spn-BbLcr`*{wf!tIQpDFDd`b#&L(D?v*;-
zjc&++*1Zw6gw!8+W7J}jzDx78ght~pUsB(QrMk+m2~92lcUkh=c;3M_vgxWrQR+*`
z<w!TVL@C8&(zS;LXa@Ckc|DwPu$MFXA@w(7^pn(LJw5c0no(!f8R$B#2WLC&OHn;1
zV`zDBYkfCx)%{^Tw(*AQZY6devziuW#@HBIKD90fcwlok%?O^hLubIx0`h8gkn$cz
zei7Ez#WS$YF6>e1Q<JsVI_X<noN?Hf1!+N6f%UQcy))`Eq*7I<#nzEWN{Oq)B%WL|
z3X*3p!Wji?+xosqG@r*G+8x0k;iaLxtac&KZrN#~m!29rGXfTx5GTz($>)LJ1Zf(h
zyCEzJE-H|_QL@7r$Gb6*T1<DV-N4tvxLe%=GnKjJ3~FCZrJ>gAGF!U?)6qHeH^TJ2
zM<F=ce2Sn9!Ci!qc8O@BE8>GHGh77@F4aL8Wf^g`mg_QM(2~tpMM#%XUX=mCm%2bz
zZ6@6-pvd*T9BRO(I%-;BPs>ov<Bu`#hQ4tCwEosn?+S8iEoVqc=7CzxRa3NWdvpk=
zK)otlVE3rh-e~Exa2j%dRw&m%i~Z*uQ@eb1O}NLKgpq+fhw?e8&)(>DS>487#fRL{
z|6y&@?TQKd8#%)W)fPObo<xtIRw^=6>QNu&*>0<;R#odmbXrkeNiV~r*=#);cRGOk
z+bD(5W1(#cM-b(YO+hwMt<hG`j<WUULK@oFT4J3!aierys|xRFx67}cie0?Sh=y8x
zYTqJs1Uk8{j=7VA{?MmV>#3)l9mb=bd2`2&<|(ti+X$%hOUX(5(r-}ulQ%{+Cj0f2
zlC~B!zG|;K7U7)fG8%g)Q|(BX8fUwWKy-mvx{r|l)^QnYy{NeStC^+ihwa%le+jK0
zzY&@-sdtq?bhTN!HA>(-G~ark5eb}Kx_-31C3^q%H%c$o^D&M+cUyYj#xz$STF5${
z)*^M$p7Tq)72E}KZyDdC($2Zkv9<$F!ohAj*~xv$Or`IX+@9<}zvzZ6v0J_U7*<ZY
zNF8<gj-@bQ>7Py;9m{=O!f#mfQ+IF6rykRU)NzdJ;$Po5M%&2*((gEr0_k_cfb>)2
z3!UT><zR_fm%2Ax9_5(SA71YKqbEtPsLM=T=A5Aq7w#KFSx-1{cUG!E)}1iksHTS;
zEYrrnAx%$GkI8(pv&`Lo(<|>H?FVLHDY<u~m-~j-+!K@~SNI~VZBBk^ci%9bz1{3&
z0sK`l);e0J;{@uqi3HT`wYt4~d8c{h+Sn0DF52=k$2oOgEst_+jJvMrp@uAHCm<f>
zR*sjQH4%9&!>0+`Tc#YA;nO5(#w0Lx2KvcuJhhA4erg)ym)x1*?~9|95U%))<r2pI
z9kD5uIg~Tb32)|ZZtbt4v;it3Y7BLY>QP{YUi<^Z>thr$vxzz!rH``Bq!IP}h4wDO
z>GRr%Hune&P%s3+k*}Fr3@&6Q?@{*y&Yt26aKb-(bP@SH)@mEErvGxSL(j0kIX@<~
z*^_DPy_0+;<v~w{G`Ww_VG+%zBc=6km3}-cyZN_bpYvAXp1b*)LVj~J7H@aEYImBC
zU^$~?8fdWwnd%l*A0?ss=)<UWW9T>S52N<#_8flQ`L4BXH)N}K^Xdsklj3IzoUIkm
zU?0m!X^kKrci_~K5&Y_B7;D$EzKnWha&k-bTq1J1aJid};wb7cQ<@y2GF!%;e5>7)
zNBM!($}LU*J3MuG<U4O6Hix09JQ+$qm(jYhR7@i(L78)j_(W7z>G6p;ooMSf9-mka
z-I!GNM)|e7hAwOMBi-Z}`rVyYgE)_{XScZff+#=f@r5{zu+?R*390dgrK!eb*Hscx
zA9y+1Oi7%F&9Uo7OcKkQ5z$tc@Vv*C!&Q{x8<9Y`s=g6jaD9WA1X5#7@lgv~eKU0-
zNi`;kjni_L5V6&*AMG|(x*O}FEE!y~>C*CWm`hU)2COLIPA;q3x!@v7XM#&3-3o?>
zmtou|t#PLkkdkd_Jhh#%)K*mMhthQD#+j$55(?%9?Bd`3o8~8`2X~BPV3yeJtmfbm
zN3~w)rXkVpcbY`snXqAWrp{r+!vHOhP;Nvca2(Tm@0&0Es1TO5Ha7oexQLDX)ow#c
z@0(G3ePo!%U;6Z3#zel0J19##ee!nNXQsEQ_X?Kck~bAn_nFJ19FyRF_Jl@^qkIMi
zX92qrLb`Y(a_*c~N7cKHM^vjiO|4G7V04Q6GVWm`ySsZ%0MbC5GtE>Vb84xD<?8_V
zWNv#=-j_8aQe&sf>s?xFv2p9ID0L*g&x{OD;(Wc!2yRd3gD0m8O37(!^n8y8?OMK>
zNxd((`S{Yv9i^5W+vlz;<OW|=Mj3BZDMN*x1W$hL!pi*^*P~@pIkE_B{%;rhdm2xk
zZ_lce_}_P<CkuG;Ueze*x&Qkf?B~yeH=bbgj6nB6PWO6oQoHtPaIg#io>ZCDHl10Q
z2R*HS*sE@hM<J{i&s#m*+cPRaNoa@RhIZsQhtj)Pw$%Vfv*;-~&fI?v&+wFOM4eaX
zu!Ojm9yp6ffK4uVeob#mZiH<*30jHUdbg*~+>>Z?79)t8DywaDLfyXP>4SFy8aNA0
zn#TD^a@OhSfLiNN-%V$WH%GYt=X}=Df-q{sJvOz3(F<_X3mv*Qtj`(a%EO&4a?fVd
zdDNo@??Tk%5>k|C=HM~VB>W9Y@Zm|+jz)+mUCx*?{?Q%exGifmZnHNcC|$izE(Nmz
zj>3~RzQo??o0054Z(h{!Pv0|OzX+wxV)TPi5Pb%A6*MUut}onG=;(^pgiP=AkmI{?
zM$0xB86pkNUDja4r6jQ{#<O^nQpZX-n=-4}J{@4S^|;`%|F!6ShGM!#E$2=qXMagF
zmi<~%+k$%xE-zSrFC;ZjTNX?EJM?=~&q7_^m!j`#DfIaPmw%3;Juz9{jZJHTy4d}$
zQRQ$)PkmWhcF@kqNx92?`bl|IHeq{qzAUkKPK_!rMKdPjdtEM<*fR{fv}NzmResT3
z`|{*>9y8L$9$e1UGIT52-V(A)J!g0O$C)4UqGQy&n`c&yu00QT>dV)h2~f6{KGO5l
z^N1*?VS8_$<|JvxH0R)?+!^Csq>YWQIQo_}R{(l5+)vADI~Lma^n28yFFOhU`%zHV
zchht`unLE?r^3;(ci!~c=;B!_`m{t=yz%9?9Ns~7X`<~n!2RR!zfL8&U(fx8p6PN|
z?+tME1Xk))np-C!eSI!*60)|tf|^oyorR3J5^;61y5WwaNal{P{s`7A?RDrClU{+~
z+~(q(22J{ryt(b`^1DLcV+M6X&xG`-OG4##dk*4Ki(sr{NQi5-;BT5nZQd-i+za%c
zZeG+VJS{5?byvDqOP#Vf7*+H??WSfVj@ET27e<THtQ>u-<UP=3tmC&+7WDJd`NN7{
zTz-2?t-VXw%hbCU={;MjC0G9-{U^HlMd6y*$&z;B0jn|MV6;lq#ZD*s={I^h(G0n<
zb7={wrQUN`KJ}QSU~$tlX^B<)mh|>y{q8FJ==%3YG>x)956fd$@^rq_@AIT{8()o=
zkb7!8XnB-lGVdy(aE-hX?VNyC+7-Wpgi>QBo%#`S^VgxBN$N34iLKSQ*11dJnr{R4
zr(ne|iCtIQEsVXORo90Inq$>>MeW7TdKzzz%y7Rvz8iFSJ7G60=w3YSLBnp@mqlCK
z<&>6!7Bkytk=A=P+qT2c{heC~_jnyBZ+!^2C>m+KJk*)$JEcwsinp9aUki{)3a3Xp
z)8x$$*6Kv{l+48H8>GrzA*J7eDn{}-i~=oe3b$S4nhWZ6pnTg2^rea&7x#N9w7W?6
zlGN-#7ut0IxA|Q;9)M0U-r;y;z}m0W-7ePt1lDf!JBN`}kx@xf+pV6D(6@V1L>b1G
z*FqNxYo{TdS$J$GadTt>UcxDfGEE{9<kC*#iZ^WZEh4qw#ZBvJh#T}eQYVdm{Jt38
z8W@hAq{4f-!)=+fJNYJ!O6XA%hZ2gOz;bPagfWu)Vy)~;Zv`H7+R6$Z?>-0Za1W-^
zF;#QvzI5VqH(E$<oi)<SOb^fhb+oG1yZcYbATnb(PVVj#<%zd5-1_QZoX2Qw_R)oy
zo~@pRhVngRH5sqJd=1!*kuy{_$H!6ASKpBYEp_%mrw#X>K8cUcaZ1jf66}Iy<4#TQ
zplVW*!;^a-daL#zJhMCA`>LGrlTsSKIvdA-qb;&8_H6jwD)T^`UibE+wN)-zoBLFI
zH?WQ#r_bF`Qql7i)}Xz%CxglPIWE$pXTkWh_AX$35^@RqL21YFHD_!o?OYGGCDF5P
za=wukGEXOE$2Ud0Nk*?V=^XEloZzWSocf#1f3&^K+i5qWX9Qt9H+(g<<0;K<?&L4y
zUj?fK&k|@C)9Fc!Ahy~(pj1ZPGSXoujnd6J@)6#pWK0S0=k@8HeSerYUeja2Jgo_9
zYk!uJ`f=#0KL28zBgEL%A)?GP4et4Q^Y%%cVoj<Etn%Yn=b3sMH#2kay28sg?)%gV
zZ_`^}mv8BXevP_Kf3<;UcwEhRs$u6wfmAoU*x`F=%DhueFR!64m{^{?gSwTk5ZkX?
z%(!jc;+9;9_&;hhB}rXl{3!Iy)m9gN0c{2SxW#&ai~vU8A6M&+ff8*2XP9bzc@i0Y
zy+LoScpOB7%9o(#@Z1%7J&DIVan;KK#*5S8>*6HOBiJ2qvv?%Lk9*`WnYeY^3HVu*
zb8|!{3K*hfU1FudkAj+ZEqIZ8XC(Ka(5BGyPz8C<y7`@OPvM2vei{7ANw2hAl0CLJ
zxH7#vaRBTL)cWYAM-9ifEc`Ht-Z<ESQyY_81+^*7$yXO_9X)Q=fZGi%`Q-5%%>YML
zyM1&vsZwG8LKSn5>JV(&ly=!&?TSv#WT;~tdJ-IU%PaihL{_*k$zx7?8Q$Ias@CVb
zMYpIj;khD}k?}spJN3=}BqRD%IBeVsCjI<#4#Ui7uC|uR7$k4XQ@wfHMJx0&qLS<F
z8S#0kskU<hTml6O!L>&8g%s{2x+}iGHghdVa-%knVHi_v!>}8P6$&_K>tK5#-*&JO
zf7SZka}afSWK123j(NH{PKs5(ZWwA{{1{p5pw&?hsoiMVL8WFVJD)Zby!NE+iaySu
z(Jn|}{CTwp8yqYVeY7p=gzk&hKz@)1e@qm((JL$CLM!g*L^S)JB%SnHYSVEU)&&*0
zP!vG999TDmN8(xyr=cJ`j^NNS#IGJnwwL7FU0TwtXru>sCn=`YQFvX8;Z1U4m%;e!
zo1uHc5z9lSl)rY)Y3aqy*dDEAwPTlh5aW_Ll-5eJhfx~X^6Y0Xs<6*VTvr;Ao^PIl
z;n2OOY`K1sOLYhPUl;yEv%wM?rt|ohM|){F$+jcyZAz=7)*VM{Tp8uXgvWT1g7%Px
zjvs&EI?5w8eXL=P4OdmJ#k&+Yj`{^Wd%1>}b*M{M@sGzqKDB<=WaQ|PCL`&>vt?3M
zV=i`DuhMEq`nunxK-qP^2~EdE`i?^-eo}+|>2w)S-DYP-hgo)H7i6OUcMR^|3FyNa
zP#;J79A^0x<TZsHgFur3<}S4cnzzQu^B{F%dG(H1liBIgggscbzuLY*%17M(CZ+7^
zE%nr0Pu-fkaGB<qXg+lJw7$xiq?Rr(>pM{9)Ro0(JG;AGj7-*5_jhVNeff&?>47&^
zHztw2ooc&*l}LO0ms2CwO2<0UB|Fm2!A|W&>%>~>*dJFbBJFhK&8-n@<=#%b=}=FE
z{;ux0G0K~$f%9Tzv<;#K;EQ`W=(>wGE_AfGPK0*WZUZxNRfpcb-V82Rqa!@u#abba
z^f{n<pAyb+ZS(Ev7)gsvFPe@h*ExFCMf{?Fck$IsdfKcJ?uTfZbLKz=9`zA=R$NJm
zL%Z(>_MLPt0YZ4vKC8Q<{ppCeKZ>^;`^&4qdd=aAk-lM1_ruivXHes6%F4TpS-*Sf
zR^3pi+S{qEj`Mu)(k*Z_!w{R=->Hr0jE!g-EU^AqhT0VMO|*Zb?ziRf?~QS!qF!gT
zeqCjjAtP#{J&@@vBi9l{xQ7?J)Ywyl@j<nFJIN-+Vu+qEK(d`fKpiw{j5Ea6OiE}u
zdgW3`*XD>`9dhxLEq2x}w_bWXG3|;-CD~FJ9dmT3=Ex_#RaYaZLre4N)=*2xqq8P0
z-Hy?uy)I@_4k`LH##U_@J6R*$c1QI5gpND7Yr+lDF|QsZcdF@jn?5zQP47m7)dHS>
z2vY~scD|kI74?cU#egY2(9ZjTsIJ)1s*YkYD9V|J9l~AicywM_T&!+heYn1>dy-O5
zA1k$ye(Vh7bTK&aP+JL`1)uuGBF-lEy@9YUOFB^6tUcnmZB@PBjSK7az1_<;=`*O4
zZE|ZSwP!iD$)%9qcGNbx_{kPK+a|YOdOLC3<km>Gv^?9?gl}W7F{QWaS{m9Wx7DR<
z@H%VQLXykQw#luR-j20RE@rZY6x)PrYm8`9FZDi(`K5P+VU(Aj;?Rc_@DSgwBgQve
z|BjHZrK-n{Q8XQSS9me~MmRo!8ON7-roiuM{95|pdVINDccF1tT8ulv`{s+VoQ#be
z7ay7t1o^ONrCaDYXXI-~DU4$22t;z6wQXf=hW3?S@ncAFe9Z^Fx7yyvX{xa#HSP)Y
z2uHDPKst6gY&S23+Dl;ivUv0}D0*KLyv~$M;`8M+?yWTM1sVG=4y*TF)cB&TB};zb
zB=u7U-TSn}rNg@?(Q-1f%QYqp^5dAQ9))mb>3FWYkEB$Sw31O`?m?f&)wp-#muFPZ
z<I2msk<t-AMqB0VX!odk8?^k4M2z?f8ly(1F!FE1FF%^Y6knRtFm<Fe{xQ^;LA=S<
z*n!&bLOr(gHl^<FT=S&4)+cy(b;fh}nCy&o7TlgdkH^rfDfK=0WkighoW4iBU3i&7
z)Jxhr-I>Y`^!^-bJ%k?dko8@d6{P$y`pD~5jJ4^W1=LP-rlwz6phQUX3~UM^vjInE
zK#?%v>N}t_19_iE?}g6&H_ngR-?{EM+L$u@Yb+zph0b+$fGdv1qo{Wd5)5_hJfv_E
z(mgFQJqesMMh=v#meLe(o`_4kOYh<wQY**NE?>1IkE;1M!D*t^E^~+aM2(uk|H#`c
zwB%vwz3_XmGrwbyEG3vy>z>ZFV)PGn#*FtuUoF(_b+ZN>yW<$s^UxM8^+?SwErxc-
zYKxw|<dJ{y;YQZ;hcJ6*Vg2k%hIJetl;<VgrM-`oy0=Box)Uomc3@nM^kuDXA9J+P
z@)1ah*E#5OI6R)PdmeqYZ8^SHDxKToC+`W4AHFfUp2d8ffaXTHeqgzhO|5-<{N6x<
z*XEd6$-_fo_cT9wcO!Wg%bf@BJ@7<SUjgs#w?JQTCK(<rQ(8-Fj@}Wv=l>BoJ>gPx
z{rT^h^1aEHtyU$ZiDP>mZ=k+n&$!*?gfDc_chWnZ9Ig|)rD`})zNwfpKb7}RnQLm8
zFQvQlLg5qodRK2XTn*=Aa#jx~dlSkr=?`}GAK(4PXuZk4rBYA*N&8bTJ@O+D{cpS0
zzjgDLotM<AkxXU)d-Y5o62rsH4)u-nWQK<N321Ni@UuPJo?`j-p{&<8v?=>Q&(Kh|
z{Y-WP3J$MQnVzA34fIfRquQ8RwI-9@u-02OM1%qUQ@yA&-2UKAo@WVc5gIp<1kkti
ztKK2}$Mj7O*0u=Nw$)ybso(GQZXX&L>h&_<s&`ZNkqjtp%08XR4kFRNA)~h6s`@~!
zeb_Ul;PMF+4~!_{ZB)n;ebtECh*OgcAdo~4&QG>)RBODRVSm$bE;H=+>z_WQvh5G8
zQ>%Kw(#yl`k8BwBMQZ1@s6MKHKE|JH`;&d(G`rAqtLj%hL))@NkRIwoa%gD4>%CQF
zpUo}|Y{;N|C|g9QZ)Mv9eQavL^Hyb>Lj%1SjotwcNiRCPW$0Gb)4!!pWwvCS5c<#-
zbZfB(P&Bv^yn}epmMtjBZ0Ykd+3R0G_fU@h^klYe>0OiQ+2H{MIkn!;j&I7g+F&R8
zgEIVI3#|42wG@~^Ksu-s5PH!8#tFTcZM|p+z4#W65Y<NThg<JuQvZlpKeGnC+>~v9
z7X8qT>O$S9PJ5;ThbsdSarB4Kfb?Quq^D=2+ORRR+Up(ap%i;WmOYSu&(MaRK~daC
zGDEDjdZcIj(DvTp_V4vk9@L?pK!<ja#q5D>dxt2`4&8<J4y`-~w9XtDgnG2zCyLQ}
zA2@@awB9!$Z6N_Bp!s_SvWK<64-2V1(3XvAKo{;D$R5>&N2PG*sJ9l<c_d?cDP175
z$p2s{El#_4fc6eZCcs?_g(eoK9;HNl4STP^IH%rmx3^jkLA;fL0cnerPl7PCiTcet
zCpUYmIb<^5PYq>HSsWIgato)2veRzi^oTdenozdKvjv!e*82yjT7`gr-S@|P`enu!
zLj0$)^TdA<_%CMXWB5<8<@t@8Ef9YuTappYmNdO*SYCPy8;6OiW*ZP6R6(c=P;4x3
z+-&T{(Wq?Kd;LLgXNR)0#GSp%8-$AeBh2X6O^4dAXWOs9sJ)(TeSn19uk;KUC3zjQ
z6Z~v5^Q`^4=n^Z0{|73JQ2TZKLeJW-uY#TEf#DpWd4who40t`+>tD*YpMr9}J2N!s
z^|F=LC&2!lRF&2zhP_p0P+0Jb7XFLty}oSgSHxh3&|ld^Ze$2szZNU|wE+*aj%6FI
z3B6O;YQ18Jw(m4u<1hGby`uRBg04aR{2<^T$Nx2I>*KIBm}At*4^rVRM$iT%imta_
z&9(<c_XkZI{AC-jnl@eyY7FQauVvc<Qo{<IzpU|^sqxwtGtbc`ZH!3nbC8@g)cV{_
z9)v2gpya*~^3eK%i1yW6pjuX1uj}exLG=M><6j8I>+<}{kTqzc0UHGP^;I5L3z(;2
zALGf!U*74h$+ljWdC+<}+xkeh^--Pq*!Er{7J%{ppU<{lLe1@cTv7N`Kt-o$t@Vo1
zdf8-OwgP=wR+`pF){gXY%6=8I=3`7}Tfes*I`a)7)w>#y?R`VTtq<K~#<=y8)3hP_
zlIYGSv#np+Cj4mH?QddH+P0BGBO~B5!0`Hm40`ox^i6pF2xI{EISu;QpI+!579p&8
zt1u&nTb}_Io~!WQmA{snZD!G1JTRiCS$uY3>~#SW*ZVkSWQKeNGh{o(`}u6^ix`FN
zedu?#^<~UV4DBBvwHoG_bF}pV+O*;8s|OU8#dXMYP3`H!dfxgXpVv2uB(HDP0u@+`
z;)C3Xx<<P8d!9&gV1T*n+i&J1#EPgD&HN0(c|zgsSZ-*$g`+<PX!!a)lm@8{arxmG
zWn16S?R`MVe_#t%{nl4|l0<=pg5FgSD!nqKhc=6vCtJtNy1v))gvJJXvHC;sG%`a_
z${rdSGBE&w1I}?ZtcxO7q3a`5=5}?BtYIS%=SbGWN(&9UCKICFusGKQv$2Kd*v^{v
zyJAT1x*5FMVyC@eZjZ>^ZkH_85v`JK{$g&oOZcUwENy^!yZ%QI8<^ZNkiGsoyh?}!
z04e#p2Df))um9h}P|xe%Vv)i9vo+E*=l(X24%u+~qZ_Ol1rC<u_RgC<4>hu_KhL)Q
zGJE|mbk!H=UqR^KScBn*7L5&GpIoc3r06mH^UbLAg0{!-Rc(VW3}~afP4wY3MZQh+
z{lif2Z2K1pZcjlcvSZL@E>Z&nYrIv%?bYxV+kI<BR%Nnd7_8OXr1k6P>C&}d>8ER+
z9lIGTRcOcBU&yw<1ZKC$aD2h|-CNM3E$C5z_?jM=&soIR1pRX^%2#42UkL_jiyi}*
zY~2c-Pnd)@e>q6TWVc_1213TV@b%SPUWoSk?Uc2oHVwCj0|ae|WOby&l5MXOhh?3l
zEEREOP>Jr%x=3|n39*=Zz1uJ(--5T7*|wnvQzf$vI=`()#P%(b_9i;Wm<l7<uW(ij
z41AZjdfRqb7rMdO_C4A5F7g-v_F^OeJUC!+w9lpSh2&l#e+0WCI~orRx5q&1pcFrF
zGa4A`$u<pT6p-dY7$#1LC+Nek&R%~dd;R0X?N!<9pI{d-=#ON_SpT{&I~A%dY!SK-
z)-&7Ic>U-Gj2L`8?y82b7dIg1X;BYB0z+^?WT&xhD|EBH0mv_bsFro>CFG!VHrLN>
zO8Z-SwqsVccicoZd_;Fhp5Pz&Fykm3f)gnT>_K2Anw!iVx>c|Cz#tNo0$kr}m;Uw+
zTkBSJhsWk%5IAu^%qb?U!AaB84Ftxx72LKBo#uFfGfJd=Bs;c-Dsp`RM*LZBYKFFP
zMUX7!JIF!~?C9|IZAO5LBF1;GqXj~%+18(-n5#$Yt4P32fqBGA)r(E;_P*ikbl|aW
z4PXC34>&K}w7m}<!Rm#jYz+{oTu85joo>H4+=dCkK;7&?X0$Ya1}6hu7({k3JBCRp
z;P#g6*ajFQpm2tw5P)?WK%PdjW3a9)#;75SBtSv!JF{b4nA_h%*_|juexp>*wpt>(
z1HuFrG5liJ49x7ikOaDnWp>Q*6{(xhzJT~)mo?d@i!sW!VWaxQ?6mtf(WOji&mdOw
zY<nTweim(UIU8>K!|fvL3}2V!to<y^CCjgWa9fY2^{o7~UgBtwPbem9W51?zySywC
zMl;?+HOjVrgdMS+8E&(;+Myq#f^UOK6)^+sNL6yTdFu_eZ0l#TtselfpFjauWzflv
z-QlfcImfN_ExiSzkB7G4>$L}j1{j9TQQN$=y0fTRl%75Uly^feFvT*_-_2+1B~Q`G
z85)Z8<ok6`eynp(VA)^bVuyLPV~7^zg&lX1yQ9WCf*{&Yae01W4<;P9n*PAB4|72S
z{sMQE!~VM4Jh4vM_In40Ti+DJ#qoycm3;x5*@K`@^ZVY_7$ce<_~r11+V=oinmi!P
zW7e&PNKpgv2lxwE@Y-!DKP=C8$n&H;XT>HA89uImLa)Z4XEzlvRon*4(u)1L%rM=*
zI|tU7eTPumDbJ(woRH_K5f2MCYzXIw?)!8~-=_y&eSYI#eRkKE9~s#5(X;>8zy7Iz
z^^E~<^tErjyzhO72ljsI@S`8S@65r0uWz0Fp`)9A?t8QLN<kP%eTy4U<n3CgNQWxz
zJHc*IR=-B=f>tT~w<^O&4<EgJ5V#6+Q?2U9<EFF^dTxncED4+6GKqL7Z%o$Y{l4(y
zS#M20&UKl&GZ|&H@z?MZBiq8@bFy$t^n@X-^_F;e+$oAj`NN`Z$*U4!;jL-65yIk|
zPvPjC$MDgi+Q!pr_X7xS@fP>0Wu(Bpa}p_-06F{B8@FJ@-YM-wGC=4=IzZ^u#I4EK
zaa<0zSOG*8vaW88iy(^d7MJ5#k;`kW$mKFxG-4S^*TA~^t~f*Kh;MZn>ww}i*a5|5
zG#w>S9e0w|RYG;#;)v=*3S5>V1ui3Q!3HZYZFlPG=D2)xLDrRr0lAGCklTy~P1pu_
z4@SQM#<#;tuwy*sh`&>3r@4I(MZZgXGS1YE5nEJuQfckY(R2<{R3sg7hkg$tz0iHP
z?=788-I~zA4Mok_hPV;KNJU=_&L$1kO=)IoXY|ds<b5RfX6##&MD+yYg_?p4*_~;P
z#F4%$UE4X1?uDLJ8LULNMtdG7g()5Fcmg3VsyM>iIuAe`HIvDxRRviN;oS80XLqcE
zV?1kurGo(QU$I}#TLyaidrZk;^Ly0%9x%TXz&@a{dwTn~4;k>|=JzS{`wY;kOw*m{
z>qnIA{qlT~txt2G4#%kVahrGr;MOZP_bPL*q7fhsS>S6u{R4!*2CCwYkzN}h?Be*i
ziH~i396;MmR3ldFeS)?}o;z7OK@Lum(r5YjfT7<m5nd8Jim3H%Ah*8B)Hhf{p4wls
z$gi%`UDN*E>%INMeosFdhj+_19$|{ywl|Q<hio+v#y$yf#2t~klNe94g3m{Bb-&&8
zGK=lNb~=je=6fj&#HCT;It9QD5;Lu@k_7p^{zrU#eXR&h#LjlEgB=7-nEDGmUVx;s
zFAVarVYN`9pS;GVu)Rdd7Cxl%$C(=8gDt#pn2&exaT1UA>k?9H;|SvD8aSFb@}qAr
zI}k|?4US+FrISNL>qbz;W`+h3){&ipY__2agW5%Ait(92_}4r%WXR`mc5rB&k_IH~
zF*vjupTiIp80z1Hqf;El;Rk1W+@JO!#E32O5ZpjK<*W}rEai18-i1UA5E%$^7=K3^
zI!S^i^q?U)TMHl?&`jjGZV=la1KB>bUg;Ar0~kW#c3X<5AGYQUFVXSW3GAZLyTd_0
z58JLE4M0aN=s*BEU_lcBXo3PdAObpI+Uc?FAfelNJV1Zkf}RRMPg&420q7YLtqReq
z$34o9?14ebsJ%mkexP4rzj<H?uala2g$}cLkM5Sv?39e|1}DBI&s0AGv5>bu*lxXF
zXJ0hg7uSmZ?0`mO--R?=XW*daq~GJDzke{qZ~cgy`7y1NsQVKx_`^dSN{IicHb?>1
z4{RU7_8rGb+yd(|;+g2|5YDEh8qbvMaTEjr249hAB!Y^l`}zhdI*A~S&Fu$<HXugo
z(xD(At2=>$rgcKk2!gnK9TFNQM+x(EN~Q?UbjW(^<NCN(k^%6Q5co<ThOmWbB?G6g
z3~&(dL}Hx`)15MkEwGIX1%_Tg<kgVKt3u>eP2^R?%otc{y*e}`6A*DmIVuwU22+^F
z+}I)!(0VPT^_tLnP1AZ!XkoYinxTb_tQ;Z@38#o6eVtk<(^}L<QrfT#Qb=N0B!y#E
z1e5-P@@{E)ZXg2bv~aTVEtm&6fy5;OYF!(9YPn7^uvQ`1{}O}^lT1YxvA%@p9V)&o
zsx6S0HRL0-A=?qGLYU_OJAoh0lBUd(CVNaCTkn$|>!faQk7;m^&h9kXor7Ygj4{%p
zgDF~r0LCyPITHvQAO<H1>|`@qZl497DA!YxZ%=QhA=MfiSSOe)eIkN^q1GH7fWbtk
zK5sA}dm+;L@^*^g1N^_}w7!cFR;T1>05vt}IA?`~Y6nMFL6jp}UB$ASwAN#r!7%Z(
zNOaojM7tE|1Qu9GuwBx9DXmcmSD|WY2<DVwixE)@<~7EPq8vYfg<XqshY{rt85ICI
zDu`J^@xLuKTHj_#>zh)7#gir9Sj(}d6@p<|%_cvL<d_x;;yoW;LpAS1P_X@Bk7jN)
zqM<x@z<}UL06&a^ask@Ho{1t#N>5sy6pb4g=HM8BhLD4{o=<I=T<tFjqwOyR;t8i;
zThBNUurm%v021jR%3=tm6QZ>eykD<4`Oq%|q8`HlVbR3p3#6pm#%!%tup*@Nx>bB&
zQdI3#BC7T(YBlcGD6or&K5R()TM!213LlSzH*M#%U_yQ%Xle&mTRa)H+LmqKwQZHk
zY}<ylz$gtuU4Sr>&QPgt=n;{~05h1HlG&g$8;I8Wkf60bBz11mb#B^-nIm0A$eSU%
z_6}S#0`_&S0@t^}WMFEe*BdZAIITgry}dzVX-Ep@okHsRonj`w0p|-)cwf5dryUh}
zS_+QJbDGDG9Dk5v#1!*OM;l494f{g<!-XVdbRf1}97GMYDIv?E9plzZ2%}r)ZY^rr
zG$_Dg(T*Z+i-6}40=U;dk-h$Lc*&T@n-x5_Pk;dnklyd$+KYIh9?|!%X9U!w!Q|0l
z%<-lL@EqhQTA}WHXa!kJ9%OmvgtU8isG)%!dW{)ewFADFhaAk=07`mn$zhu~Y7+-+
zVuF<pm`Xj!Alz%{J#G_E*~BwMu1Zea0${@}=$D@tSDR|Bj|Zt&`heehCCI-j`B&MR
zEIYQwYhZRj%3dRJSv-U)RBQ)E=K$Mnl8iCbY_YvZqwJK5AFz$UNC6o}N^o{a{cVEs
zZKh#W$kR9Y#FXaqOF>oUxgo*R?;AkTw*>Hrpb3NR4TM0yiFgy?P*9|=vk9st2|g{)
zqw<_497@J#aSeDflWQP@Xfpr1HG}Wj&Gy{<SS?pQQz=hg%lp+vu~MF$uT`$rGr(hX
z6ki6)sI8-CCTC|FxpE;_E9`vKuhoI~z?FTYdq836rsK8Tf`7GAyF5{>S4+9YGsq6J
z%80Eq0@Q68wPw7suuyEA%+==y_vJ4Z4(9jm*>iaAAOfx#wf;mcm-k0zDy1gbz&C6L
zGs-*Xm;7Aa$5)^-YG~h{efN#tx97m<-hKN=_bBy1MjaN|p8G}t-2?EwF5SZ1fdhpj
zbBFFbbl~Ely$28F{lcOB`;Y9+6%OMozN9!kGgY1|){FUEX>585e|smRZi>Q2XZ?Bu
z%%G%&m@!4RZmd+QTs_?^HHy`euO0-O<CSvR&o@>F)F_zE6aHKdSkpNQsNvUU{03#S
z?tHm;1wurd&Bpv8j)PL8v1ScLN@6si8UmGiD5F**4?>OE%1t2(^2IrHsNr|xVeojZ
zvM^n&`lVvoZ~choq4f`E7V8avVRXjNH*3Yl;^=s7vD&Cyf{M&9jy`^H&yn$vd_4}>
zw{xWIH|kbTMy#S>@cF-;BjXT8v*tfg_M44buC#Mxx_Plw%s=ce&Q>n_<p=WlLl^h%
zpPS1U_7w_+gZPg34!4tAgHD3Kn%|fx=BX*U8vbTu`w`uR_6gI4@k*(L5fS;F@XLO!
zm>&%*JhSh~Cv9IFwPN|wo6Y*uI|KSwmLgPt=C7x@r{C-jK%~cvNDr?#k^Zfb;XZ`X
z#w*pu^)c0@8QC<`tX3<vMtx?!(kvCGYn8lTuV+TJ)bEPfgVU9QUvf-=o&sW**1+!O
z;|55n*89z@{(ENpPUp(GOa6jiZj8e4R2Fia9k4rRFTN8qW#>pYw4K3hhUHz}Y~H{3
z;@tkj2k*-j_TP8F-w!LF&#3;%YwUBXz3S;Kl+MO<Jq?*-l`iW}Uo@SWIy-v2Sn?tM
z%9}q!u%wy(Y>167KRTUJy(j#}_MpUJl6JpB1KZ6+uR2w%H;(G=>|a6~(r9BFs#yqy
zJz2g|tX0ZX0erGelYZM0q$73UG_X^ff=)T5=<^m`9BTXVN~z%Eh1F#$wMEBb%Vt8U
z>H@tCM@ukmsJ%+<*4_E8CAt&fzeTq(9CXE$q;<oYY|++r0jg}$)CL1;v$;$7I*jJ&
ztxNDExHoGG>s$&TT!42mRmP%PDuv_d4ELKdY3@VYXZ)*S1J1B^F;#nYwfJy%sR4V)
zhQfh0Lhn-Le7q4Y^Bd~->giIhSf2H-HK34WBr;xIm}vcHO!agALgk8|Dx_}QoNxVu
zZkBZvPTX9vwlK9&&HW8n;dPPbc=w_8#h`ETk^EcTt^XtFRzltWR`=`w3HlWdm!1>7
zT^7)lu7#af`2HFA=Ow@O+d;o0v-WTESdO4eGk&g?pAW5yW80U#Mn~$v%UX>c=9|4{
z3?5sYoo_B&tYW*=I0DAcR}0u=hKw(7%{UO$47FFU?p@69!JtxNDtD>%cu*^B>P=ZZ
zu<n`OM>MeuD;}aL#e!0Zs`Or9Vl_4f^->c)0#ju~1(aHoQGNMJsRDm#2xC~)p3M}n
z@rLAD23YD?B76c^jx8|cUl@b$!)#NAL$cY7S{I<hxqutNRvMBT&Zt4RP&0)xtOSSy
z2ruZ#`72l+8;Cws<{G09)v-}H(=3%9&6S$|Nd$rrHo%@ah7xWP_AY;yuqRhIFz4TQ
zabNDfobMNg6U{I>g13{5Y*rp?6dH$e#c@Wh2u4~fk?(E*7++%?3cEm~Ad6L~A*<CT
zz=FVxuBNjx_)5W19d-aGi-m#@0_zdq)8Oe`V;%<rP(qz&)K7LCjPe!h=PC{A?Tj>`
z>(vMX8&qwE<#fH%ej^7HlhYb{napsCT%iu?=%B`fdb2CV1=&sGZw+92>Jli<k4M;A
zabqM?t^v8PJkCB8AHbEz;zu%SQ~h$WDzR8bGAGOVN&%*6<+1utp_DMPQ-%7<<L#ee
zdC?O_rufQZkg8brug-|cU<iHXvG~suW^3i~$Z-x9gegQ8R@y565|*C8?OA#3aiw2C
z9Cl@LM)z*zarR?4Z^Yr3EaWSWJ8@+y%~~D{hZ7mSC8KUG;MlKN7Ox~y*7|TpZKz8f
zZI0;ethkP~xH39jSi!7@?k3hoIBYM&y+oL;b`|k)fASh);45-HryArMIEcE~Z20xr
z3Qu`foEmW72rbChigL8C6gPjB+NE5%_?)P=_NW1&=e;?jvN;?KjpwRG#G3;YR&q8D
z7$o}o!9s%kI!tn7w~aGya(eq<GF-SZz(0j%3}hnYZN<s1#TDI^)k<72xuQD*yz+#|
z!A|PbisO?iK36OH2yDpp6|;%NuCxh-#&Oh5emQrs<WCf9IBc4#*PFR=9?Hym*qDx$
zF7Y^TenBZldJ5PM^S9E}JJWonS#I!_f|(~*ic*=mQUzB}a1f~HR31C!N?Fen?w=QO
z*SNf#^2?XFrKYJYR~pCsxk?R<vp%w8bGTZfS*hciL#}iNQ9436ORKpWw%+48yR*g-
z1MZ%T=NK_0j7wcUywhP1CW}70&0tkNXZoLl1g6=`JT~YIFXg2XZocz5-32n351PV(
z+a`y~tiOQELX9At1(PtxlUguEvt_cOEOON<?urCq0>%;?kj5jhdbv2$yhxh|A&?rm
z$d%;g4f;YEV#LnZaTJa$JpddBVc`7&!W|Y&Q&=xv!upT<D$eL`$*7I>rkt0bjhIm!
zjBZUS$dwR@MSxC%8oJ)NRR-#gse*e_4GbvRH;_|-UXa5%EP;MaBCj*^xqS!k)3{ME
z|Li@6p;#Xuvtu8sj>JU7YthX3<r*%?Ff21GK_6<{e6BuSD_#LBkc1p*Zm9WJzz9P#
z=Wq>+aUyaJmGZCVN|Uu3W0mAuAX+aca*L2Fj-Iy&&@aRe=&jb7(qoHMMRQ|`WgH+j
zds&Az*`A{{AWgMyAYfDyNos9zFtEb>1nRi6dBvF<iAsf&edY1TXhmHPCRQkKVwqPa
zZ<V>Zy5CrNyfK7cD&qd-%4Chp#|qrPGJYH^O)HQ;da2GjxFTivlUO053(g7@BsX+%
zPhjQE6fSM9!@2S}q{p9homL*7vc!o;wDNdk&}<I(8Yke3tvv4JD5J76dE@-Bdm=iX
zD^Ge{P%MYDm6gYzoVD0Z=E@WyqaMLNcqPhE+m>46*vbnDws^);#}(|eHQdZydFsdM
zf$+vOcJYg4TxD8eM^w1yyTRFPj?d#hso8BiTW9XWt8xp1!3Q0K;og?l7Z6Ehk~bFS
z<aRW+wA`KR40f+PWn$$O*LP8!f<(Y7wUwvYBI-)L$Y=$`$ThTTvMWxMckyEQ?9hhp
zuZAIrl8V(QuS@Mj><t$_SL3w~+>+slq!9ETy4qk+Z`X2=2hJ7?d18+)2YdC{a}16F
zefM(E*PO^#r*aF#AL-Dqfm4NCb@|*{?Bj@2rU^6hj$2evJ;QR-fy<kH2`)3yfy^3W
z9cv;q>@Q6uhsm49ix8QS@NAUGz`%5%vkJp`TY|A;i_^7A6+tqIOlQ6;DeSb~JT8nx
zv?JbBiVT*~J}e+#4DFdJtk$QBa%_h%9aPnAZmNSg<1g$)D$S;K<wOTc>o_ps>k@9`
zsdOIfKxY|a!#jx3+W35nO7zJNW54Ry;#48p&1l7CNF6H#d4SaMcLk*%(e5s(HnY(t
zw~+?Eb~uBJiy*o-a>kALyL=guL3L^IKHc><+K8oN8c}>zHg%>hV+6o#_Yt6YumtdD
zl|Bu4AStJ)5K`=A_=d<kZlLxcW&~`ae#f(G^JMeJo9|FN(){Tq4M1}FS#_*gx|}+9
zo=#F*+Em4KE~UTbZa)s#sBnE8xB41wR&WLZ&j@yfCB3<NeiaWo<t4&Y3mdtg{vFP?
zjut0!S`lp|&2mk4(D${l2==}6rK#xEI5}FYk1fvVGo=WPXa0JIDx4Yc$}s}pnf*!8
zg^2dv&Y7Ho6moHA2aE_Ao+Re-e6LnqCVjf(U#r52txv&A<Y7~T@1E;ZFld_k)!je&
z3o3JZnrim~{(b4!d)1eIn#NN9$GNu=|L(@WC;wxwdh%z&GGc7t!};&r%*4#+fAHo{
z^!}$~5B>a+hj0JNTmCVe1X%I!e(F5VYwJ&qm8$bOzgZtWU1|7Fo%6+M#c{G<f9eFT
zz~r8azCHL<y_S!IDi`00it?p|SkY*;a8b>i9OIdx;o_a&He8^m_r2{GAO8C9zx=^>
z9{%<xKmW7njs5S}m>#jY=<hE$cuHLuuhb?=rPJI9E#N)mn(vPmN+na}ukHesxJaVp
z{#PzV0@!8(x&`}~XrW%<@a>BPoOmbk@A0qns_WrEB7FeRNAXSG3wY{3s;U1>;syB=
zn#b`6B>CSjt@`i(FTZc`RL|Eug+Bt@ufFCzkBR<vDaE3SU(N~lzX@bApvq5)9><q4
z`Bh&1Va<x5-6^$ZQOZB2TSs|LK6T1J!mIy#W!3))q8V_fKM-72mr^MGvf%7d_J0TP
z2hkw|^$tiWgHNbd@F&~(=i$ou6Ub-q%Ri*Z|4vBDdE`dWLIv&f4-V@;FpR|oE#YfO
zL3{jaEC1*%|Dbv`z$2Y$)J}ddRR8%&mOmJw^C;-lKuNd5@_pcTpSll!dh<S{4&Zk$
z^84}2UXYKC;3NJu*RUtu+8@PdK}+}_|HG$uK<5<NzXU1p<FXa>WKnu_34bykHxXn~
zpON;?8h8<MBeoqu=ClNt+pg}v{)lJ+GR~u=ko%?O_fOOj@ExrmmtrWxJt9dh$2~@p
z_d=d|XhlIC#4mC8sKaUwxdNUC@V^4um{W&P_YiUy@!X5jL%{Y?b_k=f9~gVl_X28i
w&RG2z!&ugVwSZbBNOJ@lA06S4xAgH9VoN=KrB@9C=S#TU@xT82|DOc@KVCw9g#Z8m

diff --git a/Module/PSInfisicalAPI/bin/en-US/PSInfisicalAPI.dll-Help.xml b/Module/PSInfisicalAPI/bin/en-US/PSInfisicalAPI.dll-Help.xml
new file mode 100644
index 0000000..dc9fb90
--- /dev/null
+++ b/Module/PSInfisicalAPI/bin/en-US/PSInfisicalAPI.dll-Help.xml
@@ -0,0 +1,1531 @@
+<?xml version="1.0" encoding="utf-8"?>
+<helpItems schema="maml" xmlns="http://msh">
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Connect-Infisical</command:name>
+      <maml:description><maml:para>Establishes an authenticated session with an Infisical server and stores it for use by subsequent cmdlets.</maml:para></maml:description>
+      <command:verb>Connect</command:verb>
+      <command:noun>Infisical</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Authenticates against an Infisical instance using one of the supported auth providers (UniversalAuth, Token, JWT, OIDC, LDAP, Azure, GCP IAM) and stores the resulting connection in the module-level session manager. Subsequent cmdlets pick up the connection automatically. If parameters such as BaseUri, OrganizationId, ProjectId, Environment, ClientId, or ClientSecret are not supplied, the cmdlet attempts to resolve them from a curated list of environment-variable name patterns across Process, User, and Machine scopes.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Use -PassThru to emit the resulting InfisicalConnection object; by default the connection is stored silently. SecureString-typed parameters such as ClientSecret, AccessToken, Jwt, and Password are never logged.</maml:para>
+        <maml:para>The cmdlet pins the API version to the bound value when -ApiVersion is supplied explicitly; otherwise the default 'v4' is used and remains overridable per-call.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Connect-Infisical -BaseUri 'https://app.infisical.com' -ClientId $ClientId -ClientSecret $ClientSecret -OrganizationId $OrgId -ProjectId $ProjectId -Environment 'dev'</dev:code>
+        <dev:remarks><maml:para>Performs a Universal-Auth machine-identity login and stores the resulting session for subsequent cmdlets.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$ConnectInfisicalParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$ConnectInfisicalParameters.BaseUri        = 'https://app.infisical.com'
+$ConnectInfisicalParameters.OrganizationId = $OrganizationId
+$ConnectInfisicalParameters.ProjectId      = $ProjectId
+$ConnectInfisicalParameters.Environment    = 'dev'
+$ConnectInfisicalParameters.ClientId       = $ClientId
+$ConnectInfisicalParameters.ClientSecret   = $ClientSecret
+$ConnectInfisicalParameters.SecretPath     = '/'
+$ConnectInfisicalParameters.ApiVersion     = 'v4'
+$ConnectInfisicalParameters.PassThru       = $True
+$ConnectInfisicalParameters.Verbose        = $True
+
+$ConnectInfisicalResult = Connect-Infisical @ConnectInfisicalParameters</dev:code>
+        <dev:remarks><maml:para>Builds an ordered parameter dictionary, splats it onto Connect-Infisical, and captures the returned InfisicalConnection for later reuse.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Disconnect-Infisical</command:name>
+      <maml:description><maml:para>Clears the current Infisical session from the module-level session manager.</maml:para></maml:description>
+      <command:verb>Disconnect</command:verb>
+      <command:noun>Infisical</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Removes the cached InfisicalConnection so subsequent cmdlets that require an active session will fail until Connect-Infisical is invoked again. The cmdlet does not contact the Infisical server.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Use -PassThru to receive a status object that includes the disconnect timestamp; by default the cmdlet returns no output.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Disconnect-Infisical</dev:code>
+        <dev:remarks><maml:para>Clears the active Infisical session silently.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$DisconnectInfisicalParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$DisconnectInfisicalParameters.PassThru = $True
+$DisconnectInfisicalParameters.Verbose  = $True
+
+$DisconnectInfisicalResult = Disconnect-Infisical @DisconnectInfisicalParameters</dev:code>
+        <dev:remarks><maml:para>Disconnects and captures a status object that includes IsConnected and DisconnectedAtUtc for logging.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Get-InfisicalSecret</command:name>
+      <maml:description><maml:para>Retrieves a single Infisical secret by name from the active session's project and environment.</maml:para></maml:description>
+      <command:verb>Get</command:verb>
+      <command:noun>InfisicalSecret</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Fetches a single secret by name. Project, Environment, SecretPath, and ApiVersion default to the values pinned on the active InfisicalConnection but can be overridden per call. Optional flags request reference-expansion, import inclusion, or a specific historical version.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>The returned InfisicalSecret stores the value as SecureString; call .GetPlainTextValue() to materialize the cleartext value only when strictly required.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Get-InfisicalSecret -SecretName 'DATABASE_URL'</dev:code>
+        <dev:remarks><maml:para>Retrieves the DATABASE_URL secret from the project and environment pinned by Connect-Infisical.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalSecretParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$GetInfisicalSecretParameters.SecretName             = 'DATABASE_URL'
+$GetInfisicalSecretParameters.ProjectId              = $ConnectInfisicalParameters.ProjectId
+$GetInfisicalSecretParameters.Environment            = $ConnectInfisicalParameters.Environment
+$GetInfisicalSecretParameters.SecretPath             = "/Windows/$($CallingScriptPath.BaseName)"
+$GetInfisicalSecretParameters.ExpandSecretReferences = $True
+$GetInfisicalSecretParameters.IncludeImports         = $True
+$GetInfisicalSecretParameters.Verbose                = $True
+
+$GetInfisicalSecretResult = Get-InfisicalSecret @GetInfisicalSecretParameters</dev:code>
+        <dev:remarks><maml:para>Retrieves a single secret from a script-specific subpath with secret-reference expansion and folder imports enabled.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Get-InfisicalSecrets</command:name>
+      <maml:description><maml:para>Lists Infisical secrets within a project, environment, and optional folder path.</maml:para></maml:description>
+      <command:verb>Get</command:verb>
+      <command:noun>InfisicalSecrets</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Enumerates secrets under the active session's project and environment, optionally recursing through subfolders. Supports metadata-based filtering, tag-slug filtering, secret-reference expansion, and personal-override inclusion.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Use -Recursive together with -SecretPath to walk an entire folder subtree. Pipe the result into ConvertTo-InfisicalSecretDictionary for hashtable-style lookup.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Get-InfisicalSecrets -SecretPath '/Windows' -Recursive</dev:code>
+        <dev:remarks><maml:para>Lists every secret under /Windows in the active project and environment.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalSecretsParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$GetInfisicalSecretsParameters.ProjectId                = $ConnectInfisicalParameters.ProjectId
+$GetInfisicalSecretsParameters.Environment              = $ConnectInfisicalParameters.Environment
+$GetInfisicalSecretsParameters.SecretPath               = "/Windows/$($CallingScriptPath.BaseName)"
+$GetInfisicalSecretsParameters.Recursive                = $True
+$GetInfisicalSecretsParameters.ExpandSecretReferences   = $True
+$GetInfisicalSecretsParameters.IncludeImports           = $True
+$GetInfisicalSecretsParameters.IncludePersonalOverrides = $True
+$GetInfisicalSecretsParameters.Verbose                  = $True
+
+$GetInfisicalSecretsResult = Get-InfisicalSecrets @GetInfisicalSecretsParameters</dev:code>
+        <dev:remarks><maml:para>Lists secrets under a script-specific subpath with imports, personal overrides, and reference expansion enabled.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>New-InfisicalSecret</command:name>
+      <maml:description><maml:para>Creates a new Infisical secret, with support for SecureString values and bulk creation.</maml:para></maml:description>
+      <command:verb>New</command:verb>
+      <command:noun>InfisicalSecret</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Creates one or many secrets. Three parameter sets are supported: PlainText (SecretName + SecretValue), SecureString (SecretName + SecureSecretValue), and Bulk (an array of hashtables piped or supplied via -Secrets). Honors -WhatIf and -Confirm.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Pass -SkipMultilineEncoding when the value already contains literal newlines that the server should preserve verbatim. Use -TagIds to attach tag references at creation time.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>New-InfisicalSecret -SecretName 'API_KEY' -SecretValue 'super-secret-value'</dev:code>
+        <dev:remarks><maml:para>Creates a single shared secret in the active project/environment.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalTagsResult = Get-InfisicalTags -ProjectId $ConnectInfisicalParameters.ProjectId
+
+$NewInfisicalSecretParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$NewInfisicalSecretParameters.SecretName    = 'API_KEY'
+$NewInfisicalSecretParameters.SecretValue   = 'super-secret-value'
+$NewInfisicalSecretParameters.SecretComment = 'Issued by deployment pipeline'
+$NewInfisicalSecretParameters.ProjectId     = $ConnectInfisicalParameters.ProjectId
+$NewInfisicalSecretParameters.Environment   = $ConnectInfisicalParameters.Environment
+$NewInfisicalSecretParameters.SecretPath    = "/Windows/$($CallingScriptPath.BaseName)"
+$NewInfisicalSecretParameters.TagIds        = @($GetInfisicalTagsResult[0].Id)
+$NewInfisicalSecretParameters.Verbose       = $True
+
+$NewInfisicalSecretResult = New-InfisicalSecret @NewInfisicalSecretParameters</dev:code>
+        <dev:remarks><maml:para>Looks up tags to attach, then creates a single secret with a comment and tag association under a script-specific subpath.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Update-InfisicalSecret</command:name>
+      <maml:description><maml:para>Updates an existing Infisical secret value, comment, name, or tags.</maml:para></maml:description>
+      <command:verb>Update</command:verb>
+      <command:noun>InfisicalSecret</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Updates one or many secrets. Supports PlainText, SecureString, and Bulk parameter sets. Use -NewSecretName to rename a secret, -SecretComment to update its comment, and -TagIds to replace tag associations. Honors -WhatIf and -Confirm.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Only the parameters you bind are sent; omitted scalar parameters are not modified server-side. The Bulk parameter set accepts pipeline input of hashtables containing SecretName/SecretValue/etc.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Update-InfisicalSecret -SecretName 'API_KEY' -SecretValue 'rotated-value'</dev:code>
+        <dev:remarks><maml:para>Rotates the API_KEY secret in the active project/environment.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$UpdateInfisicalSecretParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$UpdateInfisicalSecretParameters.SecretName    = 'API_KEY'
+$UpdateInfisicalSecretParameters.NewSecretName = 'API_KEY_V2'
+$UpdateInfisicalSecretParameters.SecretValue   = 'rotated-value'
+$UpdateInfisicalSecretParameters.SecretComment = 'Rotated by scheduled job'
+$UpdateInfisicalSecretParameters.ProjectId     = $ConnectInfisicalParameters.ProjectId
+$UpdateInfisicalSecretParameters.Environment   = $ConnectInfisicalParameters.Environment
+$UpdateInfisicalSecretParameters.SecretPath    = "/Windows/$($CallingScriptPath.BaseName)"
+$UpdateInfisicalSecretParameters.Verbose       = $True
+
+$UpdateInfisicalSecretResult = Update-InfisicalSecret @UpdateInfisicalSecretParameters</dev:code>
+        <dev:remarks><maml:para>Rotates the value, renames the secret, and updates its comment in a single call.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Remove-InfisicalSecret</command:name>
+      <maml:description><maml:para>Deletes one or many Infisical secrets by name.</maml:para></maml:description>
+      <command:verb>Remove</command:verb>
+      <command:noun>InfisicalSecret</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Deletes a single secret (Single parameter set) or a batch of secrets by name (Bulk parameter set). High ConfirmImpact triggers prompts by default. -PassThru emits the removed secret names.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Removal is irreversible from this cmdlet's perspective; rely on Infisical's audit log or secret-version history for forensics. Honors -WhatIf and -Confirm.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Remove-InfisicalSecret -SecretName 'API_KEY_V1' -Confirm:$False</dev:code>
+        <dev:remarks><maml:para>Deletes a single secret without prompting.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$RemoveInfisicalSecretParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$RemoveInfisicalSecretParameters.SecretNames = @('LEGACY_KEY_1','LEGACY_KEY_2','LEGACY_KEY_3')
+$RemoveInfisicalSecretParameters.ProjectId   = $ConnectInfisicalParameters.ProjectId
+$RemoveInfisicalSecretParameters.Environment = $ConnectInfisicalParameters.Environment
+$RemoveInfisicalSecretParameters.SecretPath  = "/Windows/$($CallingScriptPath.BaseName)"
+$RemoveInfisicalSecretParameters.PassThru    = $True
+$RemoveInfisicalSecretParameters.Confirm     = $False
+$RemoveInfisicalSecretParameters.Verbose     = $True
+
+$RemoveInfisicalSecretResult = Remove-InfisicalSecret @RemoveInfisicalSecretParameters</dev:code>
+        <dev:remarks><maml:para>Bulk-deletes three legacy secrets and returns the removed names for audit logging.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Copy-InfisicalSecret</command:name>
+      <maml:description><maml:para>Duplicates one or more secrets into a different environment or secret path.</maml:para></maml:description>
+      <command:verb>Copy</command:verb>
+      <command:noun>InfisicalSecret</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Server-side duplicates an array of secret IDs into a destination environment (and optional destination path), with switches that control whether the value, comment, tags, and metadata are copied. Use Get-InfisicalSecrets followed by selection of the desired Id values to feed -SecretId.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Set -OverwriteExisting to replace same-named secrets at the destination. Without -CopySecretValue, the destination secrets are created with empty values, preserving only metadata.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Get-InfisicalSecrets | Select-Object -ExpandProperty Id | Copy-InfisicalSecret -DestinationEnvironment 'staging' -CopySecretValue</dev:code>
+        <dev:remarks><maml:para>Copies all secrets from the active environment into 'staging', including their values.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalSecretsResult = Get-InfisicalSecrets -SecretPath '/Windows' -Recursive
+
+$CopyInfisicalSecretParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$CopyInfisicalSecretParameters.SecretId               = $GetInfisicalSecretsResult.Id
+$CopyInfisicalSecretParameters.ProjectId              = $ConnectInfisicalParameters.ProjectId
+$CopyInfisicalSecretParameters.SourceEnvironment      = $ConnectInfisicalParameters.Environment
+$CopyInfisicalSecretParameters.SourceSecretPath       = '/Windows'
+$CopyInfisicalSecretParameters.DestinationEnvironment = 'staging'
+$CopyInfisicalSecretParameters.DestinationSecretPath  = '/Windows'
+$CopyInfisicalSecretParameters.OverwriteExisting      = $True
+$CopyInfisicalSecretParameters.CopySecretValue        = $True
+$CopyInfisicalSecretParameters.CopySecretComment      = $True
+$CopyInfisicalSecretParameters.CopyTags               = $True
+$CopyInfisicalSecretParameters.CopyMetadata           = $True
+$CopyInfisicalSecretParameters.Verbose                = $True
+
+$CopyInfisicalSecretResult = Copy-InfisicalSecret @CopyInfisicalSecretParameters</dev:code>
+        <dev:remarks><maml:para>Promotes every Windows secret from the active environment into staging with full value/comment/tag/metadata propagation.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>ConvertTo-InfisicalSecretDictionary</command:name>
+      <maml:description><maml:para>Converts a stream of InfisicalSecret objects into a name-keyed Dictionary of SecureString or plain text values.</maml:para></maml:description>
+      <command:verb>ConvertTo</command:verb>
+      <command:noun>InfisicalSecretDictionary</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Aggregates an incoming pipeline of InfisicalSecret objects into a case-insensitive Dictionary keyed by SecretName. By default values are SecureString; pass -AsPlainText to materialize string values. Duplicate keys are handled via the -DuplicateKeyBehavior parameter (Error, FirstWins, LastWins).</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Use this conversion before splatting secrets into another process (-AsPlainText) or before passing them to libraries that expect SecureString-keyed lookups (default).</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Get-InfisicalSecrets | ConvertTo-InfisicalSecretDictionary -AsPlainText</dev:code>
+        <dev:remarks><maml:para>Builds a plain-text dictionary of every secret in the active environment.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalSecretsResult = Get-InfisicalSecrets -SecretPath "/Windows/$($CallingScriptPath.BaseName)" -Recursive
+
+$ConvertToInfisicalSecretDictionaryParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$ConvertToInfisicalSecretDictionaryParameters.InputObject          = $GetInfisicalSecretsResult
+$ConvertToInfisicalSecretDictionaryParameters.DuplicateKeyBehavior = 'LastWins'
+$ConvertToInfisicalSecretDictionaryParameters.AsPlainText          = $True
+$ConvertToInfisicalSecretDictionaryParameters.Verbose              = $True
+
+$ConvertToInfisicalSecretDictionaryResult = ConvertTo-InfisicalSecretDictionary @ConvertToInfisicalSecretDictionaryParameters</dev:code>
+        <dev:remarks><maml:para>Aggregates recursive secret results into a plain-text dictionary, with the last value winning on key collisions.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Export-InfisicalSecrets</command:name>
+      <maml:description><maml:para>Exports InfisicalSecret objects to disk or environment variables in a chosen file format.</maml:para></maml:description>
+      <command:verb>Export</command:verb>
+      <command:noun>InfisicalSecrets</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Buffers an incoming pipeline of InfisicalSecret objects and writes them to a file in the requested format (DotEnv, Json, Yaml, EnvironmentVariables, etc.) or sets them as environment variables on the chosen scope (Process, User, Machine). -Encoding controls text encoding for file outputs.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>EnvironmentVariables format does not require -Path; all other formats do. User/Machine scopes require appropriate privileges (Machine scope requires elevation on Windows).</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Get-InfisicalSecrets | Export-InfisicalSecrets -Format DotEnv -Path '.\.env' -Force</dev:code>
+        <dev:remarks><maml:para>Writes the active environment's secrets to a .env file.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalSecretsResult = Get-InfisicalSecrets -SecretPath "/Windows/$($CallingScriptPath.BaseName)" -Recursive
+
+$ExportInfisicalSecretsParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$ExportInfisicalSecretsParameters.InputObject = $GetInfisicalSecretsResult
+$ExportInfisicalSecretsParameters.Format      = 'EnvironmentVariables'
+$ExportInfisicalSecretsParameters.Scope       = 'Process'
+$ExportInfisicalSecretsParameters.Force       = $True
+$ExportInfisicalSecretsParameters.Verbose     = $True
+
+$ExportInfisicalSecretsResult = Export-InfisicalSecrets @ExportInfisicalSecretsParameters</dev:code>
+        <dev:remarks><maml:para>Projects the recursive secret result into Process-scope environment variables for the current PowerShell session.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Get-InfisicalProjects</command:name>
+      <maml:description><maml:para>Lists Infisical projects accessible to the current identity.</maml:para></maml:description>
+      <command:verb>Get</command:verb>
+      <command:noun>InfisicalProjects</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Returns every project the active session can see. The cmdlet requires an active InfisicalConnection but takes no parameters; project visibility is governed by Infisical's role assignments.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>The result is an array of InfisicalProject objects; pipe into Where-Object or Select-Object to filter by Slug, Name, or Id.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Get-InfisicalProjects</dev:code>
+        <dev:remarks><maml:para>Lists every project the current session can see.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalProjectsParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$GetInfisicalProjectsParameters.Verbose = $True
+
+$GetInfisicalProjectsResult = Get-InfisicalProjects @GetInfisicalProjectsParameters | Where-Object { $_.Slug -ilike 'platform-*' }</dev:code>
+        <dev:remarks><maml:para>Lists projects and filters down to those whose slug begins with 'platform-'.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Get-InfisicalProject</command:name>
+      <maml:description><maml:para>Retrieves a single Infisical project by its identifier.</maml:para></maml:description>
+      <command:verb>Get</command:verb>
+      <command:noun>InfisicalProject</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Retrieves one project by Id. If -ProjectId is not supplied, the cmdlet falls back to the ProjectId pinned on the active InfisicalConnection.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>The cmdlet accepts pipeline input by property name; objects emitted by Get-InfisicalProjects can be piped in directly to refresh a single record.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Get-InfisicalProject</dev:code>
+        <dev:remarks><maml:para>Retrieves the project pinned by the active session.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalProjectsResult = Get-InfisicalProjects
+
+$GetInfisicalProjectParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$GetInfisicalProjectParameters.ProjectId = $GetInfisicalProjectsResult[0].Id
+$GetInfisicalProjectParameters.Verbose   = $True
+
+$GetInfisicalProjectResult = Get-InfisicalProject @GetInfisicalProjectParameters</dev:code>
+        <dev:remarks><maml:para>Looks up the first project in the list and retrieves its full record.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>New-InfisicalProject</command:name>
+      <maml:description><maml:para>Creates a new Infisical project in the active organization.</maml:para></maml:description>
+      <command:verb>New</command:verb>
+      <command:noun>InfisicalProject</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Creates a project with the supplied name and optional slug, description, type, and organization id. If -OrganizationId is not supplied, the active session's organization is used. Honors -WhatIf and -Confirm.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Slug must be unique within the organization; if not supplied, the server derives one from the project name.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>New-InfisicalProject -ProjectName 'Platform Telemetry'</dev:code>
+        <dev:remarks><maml:para>Creates a new project named 'Platform Telemetry' in the active organization.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$NewInfisicalProjectParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$NewInfisicalProjectParameters.ProjectName    = 'Platform Telemetry'
+$NewInfisicalProjectParameters.Slug           = 'platform-telemetry'
+$NewInfisicalProjectParameters.Description    = 'Secrets for platform telemetry pipeline'
+$NewInfisicalProjectParameters.Type           = 'secret-manager'
+$NewInfisicalProjectParameters.OrganizationId = $ConnectInfisicalParameters.OrganizationId
+$NewInfisicalProjectParameters.Verbose        = $True
+
+$NewInfisicalProjectResult = New-InfisicalProject @NewInfisicalProjectParameters</dev:code>
+        <dev:remarks><maml:para>Creates a project with an explicit slug, description, and type bound to a specific organization id.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Update-InfisicalProject</command:name>
+      <maml:description><maml:para>Updates the name, description, or auto-capitalization flag on an existing project.</maml:para></maml:description>
+      <command:verb>Update</command:verb>
+      <command:noun>InfisicalProject</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Updates mutable attributes on a project. -ProjectId defaults to the pinned session project when omitted. Only parameters that are bound are sent to the server. Honors -WhatIf and -Confirm.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>AutoCapitalization controls whether secret names submitted in mixed case are stored uppercase server-side; setting it false preserves the literal case supplied by clients.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Update-InfisicalProject -Name 'Platform Telemetry (v2)'</dev:code>
+        <dev:remarks><maml:para>Renames the session-pinned project.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalProjectsResult = Get-InfisicalProjects | Where-Object { $_.Slug -eq 'platform-telemetry' }
+
+$UpdateInfisicalProjectParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$UpdateInfisicalProjectParameters.ProjectId          = $GetInfisicalProjectsResult.Id
+$UpdateInfisicalProjectParameters.Name               = 'Platform Telemetry (v2)'
+$UpdateInfisicalProjectParameters.Description        = 'Migrated to v2 pipeline'
+$UpdateInfisicalProjectParameters.AutoCapitalization = $False
+$UpdateInfisicalProjectParameters.Verbose            = $True
+
+$UpdateInfisicalProjectResult = Update-InfisicalProject @UpdateInfisicalProjectParameters</dev:code>
+        <dev:remarks><maml:para>Locates the project by slug, renames it, updates the description, and disables auto-capitalization.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Remove-InfisicalProject</command:name>
+      <maml:description><maml:para>Deletes an Infisical project.</maml:para></maml:description>
+      <command:verb>Remove</command:verb>
+      <command:noun>InfisicalProject</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Deletes a project by Id. Defaults to the session-pinned project when -ProjectId is omitted. High ConfirmImpact prompts unless -Confirm:$False is supplied. -PassThru emits the removed project id.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>This is destructive and removes all secrets, environments, folders, and tags within the project. Honors -WhatIf and -Confirm.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Remove-InfisicalProject -Confirm:$False</dev:code>
+        <dev:remarks><maml:para>Deletes the session-pinned project without prompting.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalProjectsResult = Get-InfisicalProjects | Where-Object { $_.Slug -eq 'sandbox-temp' }
+
+$RemoveInfisicalProjectParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$RemoveInfisicalProjectParameters.ProjectId = $GetInfisicalProjectsResult.Id
+$RemoveInfisicalProjectParameters.PassThru  = $True
+$RemoveInfisicalProjectParameters.Confirm   = $False
+$RemoveInfisicalProjectParameters.Verbose   = $True
+
+$RemoveInfisicalProjectResult = Remove-InfisicalProject @RemoveInfisicalProjectParameters</dev:code>
+        <dev:remarks><maml:para>Finds the sandbox project by slug, removes it without confirmation, and emits the removed project id for logging.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Get-InfisicalEnvironments</command:name>
+      <maml:description><maml:para>Lists environments defined on an Infisical project.</maml:para></maml:description>
+      <command:verb>Get</command:verb>
+      <command:noun>InfisicalEnvironments</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Returns all environments configured on a project. -ProjectId defaults to the session-pinned project id when omitted.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Each InfisicalEnvironment carries both Id and Slug; downstream cmdlets accept either form on -Environment-like parameters.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Get-InfisicalEnvironments</dev:code>
+        <dev:remarks><maml:para>Lists environments for the session-pinned project.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalProjectsResult = Get-InfisicalProjects | Where-Object { $_.Slug -eq 'platform-telemetry' }
+
+$GetInfisicalEnvironmentsParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$GetInfisicalEnvironmentsParameters.ProjectId = $GetInfisicalProjectsResult.Id
+$GetInfisicalEnvironmentsParameters.Verbose   = $True
+
+$GetInfisicalEnvironmentsResult = Get-InfisicalEnvironments @GetInfisicalEnvironmentsParameters</dev:code>
+        <dev:remarks><maml:para>Resolves a project by slug and lists every environment defined on it.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Get-InfisicalEnvironment</command:name>
+      <maml:description><maml:para>Retrieves a single Infisical environment by slug or id.</maml:para></maml:description>
+      <command:verb>Get</command:verb>
+      <command:noun>InfisicalEnvironment</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Returns one environment record by slug or id (-EnvironmentSlugOrId). -ProjectId defaults to the session-pinned project when omitted.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Accepts pipeline input by property name so InfisicalEnvironment objects from Get-InfisicalEnvironments can be refreshed directly.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Get-InfisicalEnvironment -EnvironmentSlugOrId 'dev'</dev:code>
+        <dev:remarks><maml:para>Retrieves the 'dev' environment from the session-pinned project.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalEnvironmentsResult = Get-InfisicalEnvironments | Where-Object { $_.Slug -eq 'dev' }
+
+$GetInfisicalEnvironmentParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$GetInfisicalEnvironmentParameters.EnvironmentSlugOrId = $GetInfisicalEnvironmentsResult.Slug
+$GetInfisicalEnvironmentParameters.ProjectId           = $ConnectInfisicalParameters.ProjectId
+$GetInfisicalEnvironmentParameters.Verbose             = $True
+
+$GetInfisicalEnvironmentResult = Get-InfisicalEnvironment @GetInfisicalEnvironmentParameters</dev:code>
+        <dev:remarks><maml:para>Looks up the dev environment by slug and re-fetches the canonical record by slug or id.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>New-InfisicalEnvironment</command:name>
+      <maml:description><maml:para>Creates a new environment on an Infisical project.</maml:para></maml:description>
+      <command:verb>New</command:verb>
+      <command:noun>InfisicalEnvironment</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Creates an environment with the supplied display name and slug, optionally setting its sort -Position. -ProjectId defaults to the session-pinned project when omitted. Honors -WhatIf and -Confirm.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Slugs must be unique within the project and are used as the canonical -Environment value across all other cmdlets.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>New-InfisicalEnvironment -Name 'Staging' -Slug 'staging'</dev:code>
+        <dev:remarks><maml:para>Adds a Staging environment to the session-pinned project.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalProjectsResult = Get-InfisicalProjects | Where-Object { $_.Slug -eq 'platform-telemetry' }
+
+$NewInfisicalEnvironmentParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$NewInfisicalEnvironmentParameters.ProjectId = $GetInfisicalProjectsResult.Id
+$NewInfisicalEnvironmentParameters.Name      = 'Staging'
+$NewInfisicalEnvironmentParameters.Slug      = 'staging'
+$NewInfisicalEnvironmentParameters.Position  = 20
+$NewInfisicalEnvironmentParameters.Verbose   = $True
+
+$NewInfisicalEnvironmentResult = New-InfisicalEnvironment @NewInfisicalEnvironmentParameters</dev:code>
+        <dev:remarks><maml:para>Adds a Staging environment at sort position 20 on the resolved project.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Update-InfisicalEnvironment</command:name>
+      <maml:description><maml:para>Updates the name, slug, or sort order of an existing Infisical environment.</maml:para></maml:description>
+      <command:verb>Update</command:verb>
+      <command:noun>InfisicalEnvironment</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Updates an environment identified by -EnvironmentId. -ProjectId defaults to the session-pinned project when omitted. Only bound parameters are sent to the server. Honors -WhatIf and -Confirm.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Changing -Slug can break downstream automation that pins to the previous slug. Coordinate slug rotation with consumers.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Update-InfisicalEnvironment -EnvironmentId $EnvId -Name 'Pre-Production'</dev:code>
+        <dev:remarks><maml:para>Renames an environment in the session-pinned project.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalEnvironmentsResult = Get-InfisicalEnvironments | Where-Object { $_.Slug -eq 'staging' }
+
+$UpdateInfisicalEnvironmentParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$UpdateInfisicalEnvironmentParameters.EnvironmentId = $GetInfisicalEnvironmentsResult.Id
+$UpdateInfisicalEnvironmentParameters.ProjectId     = $ConnectInfisicalParameters.ProjectId
+$UpdateInfisicalEnvironmentParameters.Name          = 'Pre-Production'
+$UpdateInfisicalEnvironmentParameters.Slug          = 'preprod'
+$UpdateInfisicalEnvironmentParameters.Position      = 25
+$UpdateInfisicalEnvironmentParameters.Verbose       = $True
+
+$UpdateInfisicalEnvironmentResult = Update-InfisicalEnvironment @UpdateInfisicalEnvironmentParameters</dev:code>
+        <dev:remarks><maml:para>Locates the staging environment, renames it to Pre-Production, rotates its slug, and updates its sort order.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Remove-InfisicalEnvironment</command:name>
+      <maml:description><maml:para>Deletes an Infisical environment from a project.</maml:para></maml:description>
+      <command:verb>Remove</command:verb>
+      <command:noun>InfisicalEnvironment</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Removes an environment by Id. -ProjectId defaults to the session-pinned project when omitted. High ConfirmImpact prompts unless -Confirm:$False is supplied. -PassThru emits the removed environment id.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Removing an environment deletes every secret and folder scoped to it. Honors -WhatIf and -Confirm.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Remove-InfisicalEnvironment -EnvironmentId $EnvId -Confirm:$False</dev:code>
+        <dev:remarks><maml:para>Deletes an environment without prompting.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalEnvironmentsResult = Get-InfisicalEnvironments | Where-Object { $_.Slug -eq 'sandbox' }
+
+$RemoveInfisicalEnvironmentParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$RemoveInfisicalEnvironmentParameters.EnvironmentId = $GetInfisicalEnvironmentsResult.Id
+$RemoveInfisicalEnvironmentParameters.ProjectId     = $ConnectInfisicalParameters.ProjectId
+$RemoveInfisicalEnvironmentParameters.PassThru      = $True
+$RemoveInfisicalEnvironmentParameters.Confirm       = $False
+$RemoveInfisicalEnvironmentParameters.Verbose       = $True
+
+$RemoveInfisicalEnvironmentResult = Remove-InfisicalEnvironment @RemoveInfisicalEnvironmentParameters</dev:code>
+        <dev:remarks><maml:para>Removes the sandbox environment without prompting and emits its id for the audit trail.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Get-InfisicalFolders</command:name>
+      <maml:description><maml:para>Lists Infisical folders at a given secret path.</maml:para></maml:description>
+      <command:verb>Get</command:verb>
+      <command:noun>InfisicalFolders</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Enumerates folders directly under the supplied -Path within the active project and environment. -ProjectId, -Environment, and -Path default to the session-pinned values when omitted.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>This is a non-recursive listing of immediate subfolders. To enumerate secrets across a folder subtree use Get-InfisicalSecrets -Recursive.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Get-InfisicalFolders -Path '/Windows'</dev:code>
+        <dev:remarks><maml:para>Lists every folder directly under /Windows in the active project and environment.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalFoldersParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$GetInfisicalFoldersParameters.ProjectId   = $ConnectInfisicalParameters.ProjectId
+$GetInfisicalFoldersParameters.Environment = $ConnectInfisicalParameters.Environment
+$GetInfisicalFoldersParameters.Path        = "/Windows/$($CallingScriptPath.BaseName)"
+$GetInfisicalFoldersParameters.Verbose     = $True
+
+$GetInfisicalFoldersResult = Get-InfisicalFolders @GetInfisicalFoldersParameters</dev:code>
+        <dev:remarks><maml:para>Lists folders under a script-specific subpath using the session-pinned project and environment.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Get-InfisicalFolder</command:name>
+      <maml:description><maml:para>Retrieves a single Infisical folder by name or id.</maml:para></maml:description>
+      <command:verb>Get</command:verb>
+      <command:noun>InfisicalFolder</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Returns one folder record by name or id (-FolderNameOrId) under the supplied -Path. -ProjectId, -Environment, and -Path default to the session-pinned values when omitted.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Accepts pipeline input by property name so InfisicalFolder objects from Get-InfisicalFolders can be refreshed directly.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Get-InfisicalFolder -FolderNameOrId 'Deployments' -Path '/Windows'</dev:code>
+        <dev:remarks><maml:para>Retrieves the Deployments folder under /Windows in the active project and environment.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalFoldersResult = Get-InfisicalFolders -Path '/Windows' | Where-Object { $_.Name -eq 'Deployments' }
+
+$GetInfisicalFolderParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$GetInfisicalFolderParameters.FolderNameOrId = $GetInfisicalFoldersResult.Id
+$GetInfisicalFolderParameters.ProjectId      = $ConnectInfisicalParameters.ProjectId
+$GetInfisicalFolderParameters.Environment    = $ConnectInfisicalParameters.Environment
+$GetInfisicalFolderParameters.Path           = '/Windows'
+$GetInfisicalFolderParameters.Verbose        = $True
+
+$GetInfisicalFolderResult = Get-InfisicalFolder @GetInfisicalFolderParameters</dev:code>
+        <dev:remarks><maml:para>Locates the folder by name first, then re-fetches it by id to refresh the canonical record.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>New-InfisicalFolder</command:name>
+      <maml:description><maml:para>Creates a new Infisical folder under the supplied parent path.</maml:para></maml:description>
+      <command:verb>New</command:verb>
+      <command:noun>InfisicalFolder</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Creates a folder with the supplied -Name beneath the supplied -Path. -ProjectId, -Environment, and -Path default to the session-pinned values when omitted. Honors -WhatIf and -Confirm.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Folder names are case-sensitive and must be unique within a parent path; the cmdlet does not create intermediate folders.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>New-InfisicalFolder -Name 'Deployments' -Path '/Windows'</dev:code>
+        <dev:remarks><maml:para>Creates the Deployments folder under /Windows in the active project and environment.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$NewInfisicalFolderParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$NewInfisicalFolderParameters.Name        = $CallingScriptPath.BaseName
+$NewInfisicalFolderParameters.ProjectId   = $ConnectInfisicalParameters.ProjectId
+$NewInfisicalFolderParameters.Environment = $ConnectInfisicalParameters.Environment
+$NewInfisicalFolderParameters.Path        = '/Windows'
+$NewInfisicalFolderParameters.Verbose     = $True
+
+$NewInfisicalFolderResult = New-InfisicalFolder @NewInfisicalFolderParameters</dev:code>
+        <dev:remarks><maml:para>Creates a script-named folder under /Windows using the session-pinned project and environment.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Update-InfisicalFolder</command:name>
+      <maml:description><maml:para>Renames an existing Infisical folder.</maml:para></maml:description>
+      <command:verb>Update</command:verb>
+      <command:noun>InfisicalFolder</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Renames a folder identified by -FolderId to the supplied -Name. -ProjectId, -Environment, and -Path default to the session-pinned values when omitted. Honors -WhatIf and -Confirm.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Renaming a folder rewrites the path component for every secret beneath it; coordinate with consumers that pin to the previous path.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Update-InfisicalFolder -FolderId $FolderId -Name 'Deployments-Archive'</dev:code>
+        <dev:remarks><maml:para>Renames a folder in the session-pinned project/environment.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalFoldersResult = Get-InfisicalFolders -Path '/Windows' | Where-Object { $_.Name -eq 'Deployments' }
+
+$UpdateInfisicalFolderParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$UpdateInfisicalFolderParameters.FolderId    = $GetInfisicalFoldersResult.Id
+$UpdateInfisicalFolderParameters.Name        = 'Deployments-Archive'
+$UpdateInfisicalFolderParameters.ProjectId   = $ConnectInfisicalParameters.ProjectId
+$UpdateInfisicalFolderParameters.Environment = $ConnectInfisicalParameters.Environment
+$UpdateInfisicalFolderParameters.Path        = '/Windows'
+$UpdateInfisicalFolderParameters.Verbose     = $True
+
+$UpdateInfisicalFolderResult = Update-InfisicalFolder @UpdateInfisicalFolderParameters</dev:code>
+        <dev:remarks><maml:para>Resolves the folder by name and renames it to Deployments-Archive.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Remove-InfisicalFolder</command:name>
+      <maml:description><maml:para>Deletes an Infisical folder and all secrets it contains.</maml:para></maml:description>
+      <command:verb>Remove</command:verb>
+      <command:noun>InfisicalFolder</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Removes a folder by Id from the supplied -Path. -ProjectId, -Environment, and -Path default to the session-pinned values when omitted. High ConfirmImpact prompts unless -Confirm:$False is supplied. -PassThru emits the removed folder id.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>This is destructive and removes every secret and subfolder under the target folder. Honors -WhatIf and -Confirm.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Remove-InfisicalFolder -FolderId $FolderId -Confirm:$False</dev:code>
+        <dev:remarks><maml:para>Deletes a folder from the session-pinned project/environment without prompting.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalFoldersResult = Get-InfisicalFolders -Path '/Windows' | Where-Object { $_.Name -eq $CallingScriptPath.BaseName }
+
+$RemoveInfisicalFolderParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$RemoveInfisicalFolderParameters.FolderId    = $GetInfisicalFoldersResult.Id
+$RemoveInfisicalFolderParameters.ProjectId   = $ConnectInfisicalParameters.ProjectId
+$RemoveInfisicalFolderParameters.Environment = $ConnectInfisicalParameters.Environment
+$RemoveInfisicalFolderParameters.Path        = '/Windows'
+$RemoveInfisicalFolderParameters.PassThru    = $True
+$RemoveInfisicalFolderParameters.Confirm     = $False
+$RemoveInfisicalFolderParameters.Verbose     = $True
+
+$RemoveInfisicalFolderResult = Remove-InfisicalFolder @RemoveInfisicalFolderParameters</dev:code>
+        <dev:remarks><maml:para>Resolves the script-named folder under /Windows and removes it without prompting, returning its id for logging.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Get-InfisicalTags</command:name>
+      <maml:description><maml:para>Lists Infisical tags defined on a project.</maml:para></maml:description>
+      <command:verb>Get</command:verb>
+      <command:noun>InfisicalTags</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Returns every tag configured on a project. -ProjectId defaults to the session-pinned project id when omitted.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Tag Ids returned here are the values to pass on -TagIds when creating or updating secrets.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Get-InfisicalTags</dev:code>
+        <dev:remarks><maml:para>Lists every tag defined on the session-pinned project.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalProjectsResult = Get-InfisicalProjects | Where-Object { $_.Slug -eq 'platform-telemetry' }
+
+$GetInfisicalTagsParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$GetInfisicalTagsParameters.ProjectId = $GetInfisicalProjectsResult.Id
+$GetInfisicalTagsParameters.Verbose   = $True
+
+$GetInfisicalTagsResult = Get-InfisicalTags @GetInfisicalTagsParameters</dev:code>
+        <dev:remarks><maml:para>Resolves a project by slug and lists every tag defined on it.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Get-InfisicalTag</command:name>
+      <maml:description><maml:para>Retrieves a single Infisical tag by slug or id.</maml:para></maml:description>
+      <command:verb>Get</command:verb>
+      <command:noun>InfisicalTag</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Returns one tag record by slug or id (-TagSlugOrId). -ProjectId defaults to the session-pinned project when omitted.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Accepts pipeline input by property name so InfisicalTag objects from Get-InfisicalTags can be refreshed directly.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Get-InfisicalTag -TagSlugOrId 'critical'</dev:code>
+        <dev:remarks><maml:para>Retrieves the 'critical' tag from the session-pinned project.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalTagsResult = Get-InfisicalTags | Where-Object { $_.Slug -eq 'critical' }
+
+$GetInfisicalTagParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$GetInfisicalTagParameters.TagSlugOrId = $GetInfisicalTagsResult.Slug
+$GetInfisicalTagParameters.ProjectId   = $ConnectInfisicalParameters.ProjectId
+$GetInfisicalTagParameters.Verbose     = $True
+
+$GetInfisicalTagResult = Get-InfisicalTag @GetInfisicalTagParameters</dev:code>
+        <dev:remarks><maml:para>Filters tags to the critical slug and refetches the canonical record.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>New-InfisicalTag</command:name>
+      <maml:description><maml:para>Creates a new Infisical tag on a project.</maml:para></maml:description>
+      <command:verb>New</command:verb>
+      <command:noun>InfisicalTag</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Creates a tag with the supplied -Slug, optional -Name and -Color. -ProjectId defaults to the session-pinned project when omitted. Honors -WhatIf and -Confirm.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Tag slugs must be unique within the project and are the canonical reference used by tag-filtered secret lookups.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>New-InfisicalTag -Slug 'critical' -Name 'Critical' -Color '#FF0000'</dev:code>
+        <dev:remarks><maml:para>Creates a red Critical tag in the session-pinned project.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$NewInfisicalTagParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$NewInfisicalTagParameters.Slug      = 'critical'
+$NewInfisicalTagParameters.Name      = 'Critical'
+$NewInfisicalTagParameters.Color     = '#FF0000'
+$NewInfisicalTagParameters.ProjectId = $ConnectInfisicalParameters.ProjectId
+$NewInfisicalTagParameters.Verbose   = $True
+
+$NewInfisicalTagResult = New-InfisicalTag @NewInfisicalTagParameters</dev:code>
+        <dev:remarks><maml:para>Creates a red Critical tag against an explicitly supplied project id.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Update-InfisicalTag</command:name>
+      <maml:description><maml:para>Updates the slug, name, or color of an existing Infisical tag.</maml:para></maml:description>
+      <command:verb>Update</command:verb>
+      <command:noun>InfisicalTag</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Updates a tag identified by -TagId. -ProjectId defaults to the session-pinned project when omitted. Only bound parameters are sent to the server. Honors -WhatIf and -Confirm.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Changing -Slug breaks tag-filtered automation that pins to the previous slug. Coordinate slug rotation with consumers.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Update-InfisicalTag -TagId $TagId -Color '#FFA500'</dev:code>
+        <dev:remarks><maml:para>Changes the display color of a tag in the session-pinned project.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalTagsResult = Get-InfisicalTags | Where-Object { $_.Slug -eq 'critical' }
+
+$UpdateInfisicalTagParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$UpdateInfisicalTagParameters.TagId     = $GetInfisicalTagsResult.Id
+$UpdateInfisicalTagParameters.Slug      = 'critical-v2'
+$UpdateInfisicalTagParameters.Name      = 'Critical (v2)'
+$UpdateInfisicalTagParameters.Color     = '#FFA500'
+$UpdateInfisicalTagParameters.ProjectId = $ConnectInfisicalParameters.ProjectId
+$UpdateInfisicalTagParameters.Verbose   = $True
+
+$UpdateInfisicalTagResult = Update-InfisicalTag @UpdateInfisicalTagParameters</dev:code>
+        <dev:remarks><maml:para>Locates the critical tag and rotates its slug, display name, and color.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Remove-InfisicalTag</command:name>
+      <maml:description><maml:para>Deletes an Infisical tag from a project.</maml:para></maml:description>
+      <command:verb>Remove</command:verb>
+      <command:noun>InfisicalTag</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Removes a tag by Id. -ProjectId defaults to the session-pinned project when omitted. High ConfirmImpact prompts unless -Confirm:$False is supplied. -PassThru emits the removed tag id.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Removing a tag detaches it from every secret it was applied to but does not delete the secrets themselves. Honors -WhatIf and -Confirm.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Remove-InfisicalTag -TagId $TagId -Confirm:$False</dev:code>
+        <dev:remarks><maml:para>Deletes a tag from the session-pinned project without prompting.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalTagsResult = Get-InfisicalTags | Where-Object { $_.Slug -eq 'critical-v2' }
+
+$RemoveInfisicalTagParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$RemoveInfisicalTagParameters.TagId     = $GetInfisicalTagsResult.Id
+$RemoveInfisicalTagParameters.ProjectId = $ConnectInfisicalParameters.ProjectId
+$RemoveInfisicalTagParameters.PassThru  = $True
+$RemoveInfisicalTagParameters.Confirm   = $False
+$RemoveInfisicalTagParameters.Verbose   = $True
+
+$RemoveInfisicalTagResult = Remove-InfisicalTag @RemoveInfisicalTagParameters</dev:code>
+        <dev:remarks><maml:para>Resolves a tag by slug and removes it without prompting, returning its id for the audit trail.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Get-InfisicalCertificateAuthority</command:name>
+      <maml:description><maml:para>Lists or retrieves Infisical internal Certificate Authorities.</maml:para></maml:description>
+      <command:verb>Get</command:verb>
+      <command:noun>InfisicalCertificateAuthority</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>When -CaId is supplied (ById parameter set) returns a single CA. Otherwise (List parameter set) returns every internal CA visible in the project. -ProjectId defaults to the session-pinned project when omitted.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Only internal CAs are surfaced; external/ACME issuers are not enumerated by this cmdlet. CA Ids returned here are the values to pass on -CertificateAuthorityId to Request-InfisicalCertificate.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Get-InfisicalCertificateAuthority</dev:code>
+        <dev:remarks><maml:para>Lists every internal CA visible in the session-pinned project.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalCertificateAuthorityListResult = Get-InfisicalCertificateAuthority | Where-Object { $_.FriendlyName -eq 'Issuing CA - Platform' }
+
+$GetInfisicalCertificateAuthorityParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$GetInfisicalCertificateAuthorityParameters.CaId      = $GetInfisicalCertificateAuthorityListResult.Id
+$GetInfisicalCertificateAuthorityParameters.ProjectId = $ConnectInfisicalParameters.ProjectId
+$GetInfisicalCertificateAuthorityParameters.Verbose   = $True
+
+$GetInfisicalCertificateAuthorityResult = Get-InfisicalCertificateAuthority @GetInfisicalCertificateAuthorityParameters</dev:code>
+        <dev:remarks><maml:para>Filters the CA list by friendly name and then re-fetches the canonical CA record by id.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Get-InfisicalCertificates</command:name>
+      <maml:description><maml:para>Lists Infisical certificates in a project, with optional filters and automatic paging.</maml:para></maml:description>
+      <command:verb>Get</command:verb>
+      <command:noun>InfisicalCertificates</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Enumerates certificates with optional filters for -CommonName, -FriendlyName, -Status, and -CaId. -Limit and -Offset drive a single page; pages are walked automatically until exhausted unless -NoAutoPage is supplied. -ProjectId defaults to the session-pinned project when omitted.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>For advanced filtering (validity window, key algorithm, extended key usage, etc.) use Search-InfisicalCertificate instead.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Get-InfisicalCertificates -Status 'active'</dev:code>
+        <dev:remarks><maml:para>Lists every active certificate in the session-pinned project.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalCertificateAuthorityListResult = Get-InfisicalCertificateAuthority | Where-Object { $_.FriendlyName -eq 'Issuing CA - Platform' }
+
+$GetInfisicalCertificatesParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$GetInfisicalCertificatesParameters.ProjectId    = $ConnectInfisicalParameters.ProjectId
+$GetInfisicalCertificatesParameters.CommonName   = $env:COMPUTERNAME
+$GetInfisicalCertificatesParameters.FriendlyName = 'web-tier'
+$GetInfisicalCertificatesParameters.Status       = 'active'
+$GetInfisicalCertificatesParameters.CaId         = @($GetInfisicalCertificateAuthorityListResult.Id)
+$GetInfisicalCertificatesParameters.Limit        = 100
+$GetInfisicalCertificatesParameters.Verbose      = $True
+
+$GetInfisicalCertificatesResult = Get-InfisicalCertificates @GetInfisicalCertificatesParameters</dev:code>
+        <dev:remarks><maml:para>Resolves the issuing CA, then lists active certificates scoped to that CA, the local hostname, and the 'web-tier' friendly name.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Get-InfisicalCertificate</command:name>
+      <maml:description><maml:para>Retrieves a single Infisical certificate by serial number.</maml:para></maml:description>
+      <command:verb>Get</command:verb>
+      <command:noun>InfisicalCertificate</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Returns one certificate record by -SerialNumber. Accepts pipeline input by property name so InfisicalCertificate objects from list/search cmdlets can be re-fetched directly.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>This returns metadata only. To obtain certificate and chain PEM material use ConvertTo-InfisicalCertificate or Export-InfisicalCertificate.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Get-InfisicalCertificate -SerialNumber '7A:F2:1B:...:9E'</dev:code>
+        <dev:remarks><maml:para>Retrieves the certificate record for the supplied serial number.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalCertificatesResult = Get-InfisicalCertificates -Status 'active' | Where-Object { $_.CommonName -eq $env:COMPUTERNAME }
+
+$GetInfisicalCertificateParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$GetInfisicalCertificateParameters.SerialNumber = $GetInfisicalCertificatesResult[0].SerialNumber
+$GetInfisicalCertificateParameters.Verbose      = $True
+
+$GetInfisicalCertificateResult = Get-InfisicalCertificate @GetInfisicalCertificateParameters</dev:code>
+        <dev:remarks><maml:para>Selects the active certificate whose common name matches the host and refetches its canonical record.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Search-InfisicalCertificate</command:name>
+      <maml:description><maml:para>Searches Infisical certificates with advanced filters and automatic paging.</maml:para></maml:description>
+      <command:verb>Search</command:verb>
+      <command:noun>InfisicalCertificate</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Performs a server-side search across certificates with filters for friendly name, common name, free-text search, status, CA/profile/application/enrollment scope, key/signature algorithm, source, and validity window (-NotBeforeFrom/-NotBeforeTo/-NotAfterFrom/-NotAfterTo). Results are paged automatically unless -NoAutoPage is supplied. -ProjectId defaults to the session-pinned project when omitted.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Use -SortBy together with -SortOrder ('asc'/'desc') to control result ordering. Pair with Get-InfisicalCertificate or Export-InfisicalCertificate to drill into specific hits.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Search-InfisicalCertificate -Search $env:COMPUTERNAME -Status 'active'</dev:code>
+        <dev:remarks><maml:para>Finds active certificates whose searchable fields contain the local hostname.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalCertificateAuthorityListResult = Get-InfisicalCertificateAuthority | Where-Object { $_.FriendlyName -eq 'Issuing CA - Platform' }
+
+$SearchInfisicalCertificateParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$SearchInfisicalCertificateParameters.ProjectId     = $ConnectInfisicalParameters.ProjectId
+$SearchInfisicalCertificateParameters.CommonName    = $env:COMPUTERNAME
+$SearchInfisicalCertificateParameters.Status        = 'active'
+$SearchInfisicalCertificateParameters.CaId          = @($GetInfisicalCertificateAuthorityListResult.Id)
+$SearchInfisicalCertificateParameters.KeyAlgorithm  = @('RSA')
+$SearchInfisicalCertificateParameters.NotAfterTo    = (Get-Date).AddDays(30)
+$SearchInfisicalCertificateParameters.SortBy        = 'notAfter'
+$SearchInfisicalCertificateParameters.SortOrder     = 'asc'
+$SearchInfisicalCertificateParameters.Limit         = 100
+$SearchInfisicalCertificateParameters.Verbose       = $True
+
+$SearchInfisicalCertificateResult = Search-InfisicalCertificate @SearchInfisicalCertificateParameters</dev:code>
+        <dev:remarks><maml:para>Searches for RSA certificates from a specific CA, scoped to the local hostname, that expire within the next 30 days, sorted soonest-first.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Request-InfisicalCertificate</command:name>
+      <maml:description><maml:para>Requests a new Infisical certificate (local CSR + sign) or reuses a still-valid existing one.</maml:para></maml:description>
+      <command:verb>Request</command:verb>
+      <command:noun>InfisicalCertificate</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Generates a keypair locally, builds a CSR, and submits it for signing either via a PKI subscriber (-PkiSubscriberSlug, default parameter set) or by direct CA signing (-CertificateAuthorityId). On subsequent runs an existing certificate whose CN matches and whose remaining lifetime exceeds -RenewalThresholdDays is reused; pass -Force to always issue or -AllowRenewal to allow rotation inside the threshold. Optional flags install the leaf (-Install) and chain (-InstallChain) into a Windows certificate store, and control private-key protection (-PrivateKeyProtection, -PersistKey, -MachineKey, -PrivateKeyPath, -KeyStorageFlags). Honors -WhatIf and -Confirm.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Default -PrivateKeyProtection is 'LocalOnly': the leaf is loaded into memory without persisting the private key and PrivateKeyPem is scrubbed from the emitted result unless -PrivateKeyPath or an explicit -KeyStorageFlags binding overrides it. The reuse path completes its chain from the Infisical bundle when local stores are incomplete; pass -LocalChainOnly to suppress that fetch entirely.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Request-InfisicalCertificate -PkiSubscriberSlug 'web-tier' -Install</dev:code>
+        <dev:remarks><maml:para>Requests (or reuses) a certificate for the 'web-tier' subscriber and installs it into CurrentUser\My.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$RequestInfisicalCertificateParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$RequestInfisicalCertificateParameters.PkiSubscriberSlug    = 'web-tier'
+$RequestInfisicalCertificateParameters.ProjectId            = $ConnectInfisicalParameters.ProjectId
+$RequestInfisicalCertificateParameters.CommonName           = ([System.Net.Dns]::GetHostEntry($env:COMPUTERNAME)).HostName
+$RequestInfisicalCertificateParameters.DnsName              = @(([System.Net.Dns]::GetHostEntry($env:COMPUTERNAME)).HostName, $env:COMPUTERNAME)
+$RequestInfisicalCertificateParameters.KeyAlgorithm         = 'Rsa'
+$RequestInfisicalCertificateParameters.KeySize              = 3072
+$RequestInfisicalCertificateParameters.Install              = $True
+$RequestInfisicalCertificateParameters.InstallChain         = $True
+$RequestInfisicalCertificateParameters.StoreName            = 'My'
+$RequestInfisicalCertificateParameters.StoreLocation        = 'LocalMachine'
+$RequestInfisicalCertificateParameters.PrivateKeyProtection = 'NonExportable'
+$RequestInfisicalCertificateParameters.MachineKey           = $True
+$RequestInfisicalCertificateParameters.PersistKey           = $True
+$RequestInfisicalCertificateParameters.AllowRenewal         = $True
+$RequestInfisicalCertificateParameters.RenewalThresholdDays = 30
+$RequestInfisicalCertificateParameters.Verbose              = $True
+
+$RequestInfisicalCertificateResult = Request-InfisicalCertificate @RequestInfisicalCertificateParameters</dev:code>
+        <dev:remarks><maml:para>Issues (or renews within 30 days) a 3072-bit RSA certificate for the local FQDN, installs the leaf and chain into LocalMachine\My with a non-exportable machine-bound persistent key.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>ConvertTo-InfisicalCertificate</command:name>
+      <maml:description><maml:para>Materializes an X509Certificate2 from an Infisical certificate record, bundle, or serial number.</maml:para></maml:description>
+      <command:verb>ConvertTo</command:verb>
+      <command:noun>InfisicalCertificate</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Fetches the certificate bundle (when given an InfisicalCertificate or -SerialNumber), or accepts an already-fetched -Bundle, and constructs an X509Certificate2 from the PEM material. Use -NoPrivateKey to omit the private key, -KeyStorageFlags to control how the key is loaded, and -IncludeChain to additionally emit each chain certificate as a separate X509Certificate2 in the pipeline.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>The bundle for any given certificate is typically retrievable only once after issuance; -SerialNumber and pipeline modes will fail with a bundle-not-available error for older certificates. Use -KeyStorageFlags Exportable when callers need to re-export the resulting cert as PFX.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Get-InfisicalCertificate -SerialNumber $Serial | ConvertTo-InfisicalCertificate -IncludeChain</dev:code>
+        <dev:remarks><maml:para>Materializes the certificate and emits each chain element individually.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalCertificatesResult = Get-InfisicalCertificates -Status 'active' | Where-Object { $_.CommonName -eq $env:COMPUTERNAME }
+
+$ConvertToInfisicalCertificateParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$ConvertToInfisicalCertificateParameters.SerialNumber    = $GetInfisicalCertificatesResult[0].SerialNumber
+$ConvertToInfisicalCertificateParameters.NoPrivateKey    = $False
+$ConvertToInfisicalCertificateParameters.IncludeChain    = $True
+$ConvertToInfisicalCertificateParameters.KeyStorageFlags = [System.Security.Cryptography.X509Certificates.X509KeyStorageFlags]::Exportable
+$ConvertToInfisicalCertificateParameters.Verbose         = $True
+
+$ConvertToInfisicalCertificateResult = ConvertTo-InfisicalCertificate @ConvertToInfisicalCertificateParameters</dev:code>
+        <dev:remarks><maml:para>Selects the active certificate whose CN matches the host and materializes it (with private key and chain) as exportable X509Certificate2 objects.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Export-InfisicalCertificate</command:name>
+      <maml:description><maml:para>Exports an Infisical certificate to disk in PEM, PFX, or CER format.</maml:para></maml:description>
+      <command:verb>Export</command:verb>
+      <command:noun>InfisicalCertificate</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Writes a certificate to -Path in the supplied -Format. Accepts an X509Certificate2, an InfisicalCertificateBundle, an InfisicalCertificate (refetches bundle by serial), or a -SerialNumber. -Password (SecureString) supplies the PFX password. -IncludeChain appends chain certificates (PEM only). -NoPrivateKey omits the private key. -Force overwrites an existing file. Honors -WhatIf and -Confirm.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>PFX export requires the cert to have been loaded with X509KeyStorageFlags.Exportable; bundle/serial modes import with Exportable automatically. CER and PFX formats ignore -IncludeChain.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Export-InfisicalCertificate -Path 'C:\Temp\web-tier.pem' -Format Pem -SerialNumber $Serial -IncludeChain</dev:code>
+        <dev:remarks><maml:para>Exports a certificate, its chain, and private key (when available) as a single PEM bundle.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalCertificatesResult = Get-InfisicalCertificates -Status 'active' | Where-Object { $_.CommonName -eq $env:COMPUTERNAME }
+
+$ExportInfisicalCertificateParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$ExportInfisicalCertificateParameters.SerialNumber = $GetInfisicalCertificatesResult[0].SerialNumber
+$ExportInfisicalCertificateParameters.Path         = "C:\Temp\$($env:COMPUTERNAME).pfx"
+$ExportInfisicalCertificateParameters.Format       = 'Pfx'
+$ExportInfisicalCertificateParameters.Password     = (Read-Host -AsSecureString -Prompt 'PFX password')
+$ExportInfisicalCertificateParameters.Force        = $True
+$ExportInfisicalCertificateParameters.PassThru     = $True
+$ExportInfisicalCertificateParameters.Verbose      = $True
+
+$ExportInfisicalCertificateResult = Export-InfisicalCertificate @ExportInfisicalCertificateParameters</dev:code>
+        <dev:remarks><maml:para>Resolves the active host certificate by serial and exports it as a password-protected PFX, overwriting any existing file and emitting a FileInfo for downstream use.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Install-InfisicalCertificate</command:name>
+      <maml:description><maml:para>Installs an Infisical certificate (and optional chain) into a Windows certificate store.</maml:para></maml:description>
+      <command:verb>Install</command:verb>
+      <command:noun>InfisicalCertificate</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Adds a certificate to the supplied -StoreName and -StoreLocation. Accepts an X509Certificate2, an InfisicalCertificate (refetches bundle by serial), or a -SerialNumber. -KeyStorageFlags controls private-key loading. -IncludeChain installs each chain certificate to the CertificateAuthority store of the same -StoreLocation. -Force replaces an existing thumbprint. -PassThru emits the installed certificate. Honors -WhatIf and -Confirm.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Installing into LocalMachine stores typically requires elevation. -IncludeChain only fires for serial/InfisicalCertificate inputs because the X509Certificate2 input has no associated bundle to walk.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Install-InfisicalCertificate -SerialNumber $Serial -StoreLocation LocalMachine -IncludeChain</dev:code>
+        <dev:remarks><maml:para>Installs the leaf into LocalMachine\My and each chain element into LocalMachine\CertificateAuthority.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalCertificatesResult = Get-InfisicalCertificates -Status 'active' | Where-Object { $_.CommonName -eq $env:COMPUTERNAME }
+
+$InstallInfisicalCertificateParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$InstallInfisicalCertificateParameters.SerialNumber    = $GetInfisicalCertificatesResult[0].SerialNumber
+$InstallInfisicalCertificateParameters.StoreName       = 'My'
+$InstallInfisicalCertificateParameters.StoreLocation   = 'LocalMachine'
+$InstallInfisicalCertificateParameters.KeyStorageFlags = [System.Security.Cryptography.X509Certificates.X509KeyStorageFlags]::MachineKeySet -bor [System.Security.Cryptography.X509Certificates.X509KeyStorageFlags]::PersistKeySet
+$InstallInfisicalCertificateParameters.IncludeChain    = $True
+$InstallInfisicalCertificateParameters.Force           = $True
+$InstallInfisicalCertificateParameters.PassThru        = $True
+$InstallInfisicalCertificateParameters.Verbose         = $True
+
+$InstallInfisicalCertificateResult = Install-InfisicalCertificate @InstallInfisicalCertificateParameters</dev:code>
+        <dev:remarks><maml:para>Resolves the active host certificate and installs the leaf (with a machine-bound persistent key) plus its chain into LocalMachine, replacing any existing thumbprint match.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Uninstall-InfisicalCertificate</command:name>
+      <maml:description><maml:para>Removes a certificate from a Windows certificate store by thumbprint, subject, or pipeline input.</maml:para></maml:description>
+      <command:verb>Uninstall</command:verb>
+      <command:noun>InfisicalCertificate</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Removes matching certificates from the supplied -StoreName and -StoreLocation. Accepts -Thumbprint, -Subject, an X509Certificate2 (-Certificate), or an InfisicalCertificate (-InfisicalCertificate, uses FingerprintSha1). -Force allows removing multiple matches in one call; -PassThru emits each removed certificate. Honors -WhatIf and -Confirm.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>When more than one certificate matches -Subject and -Force is not supplied the cmdlet throws to prevent accidental bulk removal. Uninstalling from LocalMachine stores typically requires elevation.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Uninstall-InfisicalCertificate -Thumbprint $Thumbprint -StoreLocation LocalMachine</dev:code>
+        <dev:remarks><maml:para>Removes the certificate with the supplied thumbprint from LocalMachine\My.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalCertificatesResult = Get-InfisicalCertificates -Status 'revoked' | Where-Object { $_.CommonName -eq $env:COMPUTERNAME }
+
+$UninstallInfisicalCertificateParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$UninstallInfisicalCertificateParameters.InfisicalCertificate = $GetInfisicalCertificatesResult[0]
+$UninstallInfisicalCertificateParameters.StoreName            = 'My'
+$UninstallInfisicalCertificateParameters.StoreLocation        = 'LocalMachine'
+$UninstallInfisicalCertificateParameters.Force                = $True
+$UninstallInfisicalCertificateParameters.PassThru             = $True
+$UninstallInfisicalCertificateParameters.Verbose              = $True
+
+$UninstallInfisicalCertificateResult = Uninstall-InfisicalCertificate @UninstallInfisicalCertificateParameters</dev:code>
+        <dev:remarks><maml:para>Picks the revoked host certificate and removes it from LocalMachine\My using its SHA1 fingerprint, emitting the removed object for the audit trail.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+
+
+</helpItems>
diff --git a/Module/PSInfisicalAPI/en-US/PSInfisicalAPI.dll-Help.xml b/Module/PSInfisicalAPI/en-US/PSInfisicalAPI.dll-Help.xml
new file mode 100644
index 0000000..dc9fb90
--- /dev/null
+++ b/Module/PSInfisicalAPI/en-US/PSInfisicalAPI.dll-Help.xml
@@ -0,0 +1,1531 @@
+<?xml version="1.0" encoding="utf-8"?>
+<helpItems schema="maml" xmlns="http://msh">
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Connect-Infisical</command:name>
+      <maml:description><maml:para>Establishes an authenticated session with an Infisical server and stores it for use by subsequent cmdlets.</maml:para></maml:description>
+      <command:verb>Connect</command:verb>
+      <command:noun>Infisical</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Authenticates against an Infisical instance using one of the supported auth providers (UniversalAuth, Token, JWT, OIDC, LDAP, Azure, GCP IAM) and stores the resulting connection in the module-level session manager. Subsequent cmdlets pick up the connection automatically. If parameters such as BaseUri, OrganizationId, ProjectId, Environment, ClientId, or ClientSecret are not supplied, the cmdlet attempts to resolve them from a curated list of environment-variable name patterns across Process, User, and Machine scopes.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Use -PassThru to emit the resulting InfisicalConnection object; by default the connection is stored silently. SecureString-typed parameters such as ClientSecret, AccessToken, Jwt, and Password are never logged.</maml:para>
+        <maml:para>The cmdlet pins the API version to the bound value when -ApiVersion is supplied explicitly; otherwise the default 'v4' is used and remains overridable per-call.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Connect-Infisical -BaseUri 'https://app.infisical.com' -ClientId $ClientId -ClientSecret $ClientSecret -OrganizationId $OrgId -ProjectId $ProjectId -Environment 'dev'</dev:code>
+        <dev:remarks><maml:para>Performs a Universal-Auth machine-identity login and stores the resulting session for subsequent cmdlets.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$ConnectInfisicalParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$ConnectInfisicalParameters.BaseUri        = 'https://app.infisical.com'
+$ConnectInfisicalParameters.OrganizationId = $OrganizationId
+$ConnectInfisicalParameters.ProjectId      = $ProjectId
+$ConnectInfisicalParameters.Environment    = 'dev'
+$ConnectInfisicalParameters.ClientId       = $ClientId
+$ConnectInfisicalParameters.ClientSecret   = $ClientSecret
+$ConnectInfisicalParameters.SecretPath     = '/'
+$ConnectInfisicalParameters.ApiVersion     = 'v4'
+$ConnectInfisicalParameters.PassThru       = $True
+$ConnectInfisicalParameters.Verbose        = $True
+
+$ConnectInfisicalResult = Connect-Infisical @ConnectInfisicalParameters</dev:code>
+        <dev:remarks><maml:para>Builds an ordered parameter dictionary, splats it onto Connect-Infisical, and captures the returned InfisicalConnection for later reuse.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Disconnect-Infisical</command:name>
+      <maml:description><maml:para>Clears the current Infisical session from the module-level session manager.</maml:para></maml:description>
+      <command:verb>Disconnect</command:verb>
+      <command:noun>Infisical</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Removes the cached InfisicalConnection so subsequent cmdlets that require an active session will fail until Connect-Infisical is invoked again. The cmdlet does not contact the Infisical server.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Use -PassThru to receive a status object that includes the disconnect timestamp; by default the cmdlet returns no output.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Disconnect-Infisical</dev:code>
+        <dev:remarks><maml:para>Clears the active Infisical session silently.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$DisconnectInfisicalParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$DisconnectInfisicalParameters.PassThru = $True
+$DisconnectInfisicalParameters.Verbose  = $True
+
+$DisconnectInfisicalResult = Disconnect-Infisical @DisconnectInfisicalParameters</dev:code>
+        <dev:remarks><maml:para>Disconnects and captures a status object that includes IsConnected and DisconnectedAtUtc for logging.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Get-InfisicalSecret</command:name>
+      <maml:description><maml:para>Retrieves a single Infisical secret by name from the active session's project and environment.</maml:para></maml:description>
+      <command:verb>Get</command:verb>
+      <command:noun>InfisicalSecret</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Fetches a single secret by name. Project, Environment, SecretPath, and ApiVersion default to the values pinned on the active InfisicalConnection but can be overridden per call. Optional flags request reference-expansion, import inclusion, or a specific historical version.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>The returned InfisicalSecret stores the value as SecureString; call .GetPlainTextValue() to materialize the cleartext value only when strictly required.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Get-InfisicalSecret -SecretName 'DATABASE_URL'</dev:code>
+        <dev:remarks><maml:para>Retrieves the DATABASE_URL secret from the project and environment pinned by Connect-Infisical.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalSecretParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$GetInfisicalSecretParameters.SecretName             = 'DATABASE_URL'
+$GetInfisicalSecretParameters.ProjectId              = $ConnectInfisicalParameters.ProjectId
+$GetInfisicalSecretParameters.Environment            = $ConnectInfisicalParameters.Environment
+$GetInfisicalSecretParameters.SecretPath             = "/Windows/$($CallingScriptPath.BaseName)"
+$GetInfisicalSecretParameters.ExpandSecretReferences = $True
+$GetInfisicalSecretParameters.IncludeImports         = $True
+$GetInfisicalSecretParameters.Verbose                = $True
+
+$GetInfisicalSecretResult = Get-InfisicalSecret @GetInfisicalSecretParameters</dev:code>
+        <dev:remarks><maml:para>Retrieves a single secret from a script-specific subpath with secret-reference expansion and folder imports enabled.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Get-InfisicalSecrets</command:name>
+      <maml:description><maml:para>Lists Infisical secrets within a project, environment, and optional folder path.</maml:para></maml:description>
+      <command:verb>Get</command:verb>
+      <command:noun>InfisicalSecrets</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Enumerates secrets under the active session's project and environment, optionally recursing through subfolders. Supports metadata-based filtering, tag-slug filtering, secret-reference expansion, and personal-override inclusion.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Use -Recursive together with -SecretPath to walk an entire folder subtree. Pipe the result into ConvertTo-InfisicalSecretDictionary for hashtable-style lookup.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Get-InfisicalSecrets -SecretPath '/Windows' -Recursive</dev:code>
+        <dev:remarks><maml:para>Lists every secret under /Windows in the active project and environment.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalSecretsParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$GetInfisicalSecretsParameters.ProjectId                = $ConnectInfisicalParameters.ProjectId
+$GetInfisicalSecretsParameters.Environment              = $ConnectInfisicalParameters.Environment
+$GetInfisicalSecretsParameters.SecretPath               = "/Windows/$($CallingScriptPath.BaseName)"
+$GetInfisicalSecretsParameters.Recursive                = $True
+$GetInfisicalSecretsParameters.ExpandSecretReferences   = $True
+$GetInfisicalSecretsParameters.IncludeImports           = $True
+$GetInfisicalSecretsParameters.IncludePersonalOverrides = $True
+$GetInfisicalSecretsParameters.Verbose                  = $True
+
+$GetInfisicalSecretsResult = Get-InfisicalSecrets @GetInfisicalSecretsParameters</dev:code>
+        <dev:remarks><maml:para>Lists secrets under a script-specific subpath with imports, personal overrides, and reference expansion enabled.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>New-InfisicalSecret</command:name>
+      <maml:description><maml:para>Creates a new Infisical secret, with support for SecureString values and bulk creation.</maml:para></maml:description>
+      <command:verb>New</command:verb>
+      <command:noun>InfisicalSecret</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Creates one or many secrets. Three parameter sets are supported: PlainText (SecretName + SecretValue), SecureString (SecretName + SecureSecretValue), and Bulk (an array of hashtables piped or supplied via -Secrets). Honors -WhatIf and -Confirm.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Pass -SkipMultilineEncoding when the value already contains literal newlines that the server should preserve verbatim. Use -TagIds to attach tag references at creation time.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>New-InfisicalSecret -SecretName 'API_KEY' -SecretValue 'super-secret-value'</dev:code>
+        <dev:remarks><maml:para>Creates a single shared secret in the active project/environment.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalTagsResult = Get-InfisicalTags -ProjectId $ConnectInfisicalParameters.ProjectId
+
+$NewInfisicalSecretParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$NewInfisicalSecretParameters.SecretName    = 'API_KEY'
+$NewInfisicalSecretParameters.SecretValue   = 'super-secret-value'
+$NewInfisicalSecretParameters.SecretComment = 'Issued by deployment pipeline'
+$NewInfisicalSecretParameters.ProjectId     = $ConnectInfisicalParameters.ProjectId
+$NewInfisicalSecretParameters.Environment   = $ConnectInfisicalParameters.Environment
+$NewInfisicalSecretParameters.SecretPath    = "/Windows/$($CallingScriptPath.BaseName)"
+$NewInfisicalSecretParameters.TagIds        = @($GetInfisicalTagsResult[0].Id)
+$NewInfisicalSecretParameters.Verbose       = $True
+
+$NewInfisicalSecretResult = New-InfisicalSecret @NewInfisicalSecretParameters</dev:code>
+        <dev:remarks><maml:para>Looks up tags to attach, then creates a single secret with a comment and tag association under a script-specific subpath.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Update-InfisicalSecret</command:name>
+      <maml:description><maml:para>Updates an existing Infisical secret value, comment, name, or tags.</maml:para></maml:description>
+      <command:verb>Update</command:verb>
+      <command:noun>InfisicalSecret</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Updates one or many secrets. Supports PlainText, SecureString, and Bulk parameter sets. Use -NewSecretName to rename a secret, -SecretComment to update its comment, and -TagIds to replace tag associations. Honors -WhatIf and -Confirm.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Only the parameters you bind are sent; omitted scalar parameters are not modified server-side. The Bulk parameter set accepts pipeline input of hashtables containing SecretName/SecretValue/etc.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Update-InfisicalSecret -SecretName 'API_KEY' -SecretValue 'rotated-value'</dev:code>
+        <dev:remarks><maml:para>Rotates the API_KEY secret in the active project/environment.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$UpdateInfisicalSecretParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$UpdateInfisicalSecretParameters.SecretName    = 'API_KEY'
+$UpdateInfisicalSecretParameters.NewSecretName = 'API_KEY_V2'
+$UpdateInfisicalSecretParameters.SecretValue   = 'rotated-value'
+$UpdateInfisicalSecretParameters.SecretComment = 'Rotated by scheduled job'
+$UpdateInfisicalSecretParameters.ProjectId     = $ConnectInfisicalParameters.ProjectId
+$UpdateInfisicalSecretParameters.Environment   = $ConnectInfisicalParameters.Environment
+$UpdateInfisicalSecretParameters.SecretPath    = "/Windows/$($CallingScriptPath.BaseName)"
+$UpdateInfisicalSecretParameters.Verbose       = $True
+
+$UpdateInfisicalSecretResult = Update-InfisicalSecret @UpdateInfisicalSecretParameters</dev:code>
+        <dev:remarks><maml:para>Rotates the value, renames the secret, and updates its comment in a single call.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Remove-InfisicalSecret</command:name>
+      <maml:description><maml:para>Deletes one or many Infisical secrets by name.</maml:para></maml:description>
+      <command:verb>Remove</command:verb>
+      <command:noun>InfisicalSecret</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Deletes a single secret (Single parameter set) or a batch of secrets by name (Bulk parameter set). High ConfirmImpact triggers prompts by default. -PassThru emits the removed secret names.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Removal is irreversible from this cmdlet's perspective; rely on Infisical's audit log or secret-version history for forensics. Honors -WhatIf and -Confirm.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Remove-InfisicalSecret -SecretName 'API_KEY_V1' -Confirm:$False</dev:code>
+        <dev:remarks><maml:para>Deletes a single secret without prompting.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$RemoveInfisicalSecretParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$RemoveInfisicalSecretParameters.SecretNames = @('LEGACY_KEY_1','LEGACY_KEY_2','LEGACY_KEY_3')
+$RemoveInfisicalSecretParameters.ProjectId   = $ConnectInfisicalParameters.ProjectId
+$RemoveInfisicalSecretParameters.Environment = $ConnectInfisicalParameters.Environment
+$RemoveInfisicalSecretParameters.SecretPath  = "/Windows/$($CallingScriptPath.BaseName)"
+$RemoveInfisicalSecretParameters.PassThru    = $True
+$RemoveInfisicalSecretParameters.Confirm     = $False
+$RemoveInfisicalSecretParameters.Verbose     = $True
+
+$RemoveInfisicalSecretResult = Remove-InfisicalSecret @RemoveInfisicalSecretParameters</dev:code>
+        <dev:remarks><maml:para>Bulk-deletes three legacy secrets and returns the removed names for audit logging.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Copy-InfisicalSecret</command:name>
+      <maml:description><maml:para>Duplicates one or more secrets into a different environment or secret path.</maml:para></maml:description>
+      <command:verb>Copy</command:verb>
+      <command:noun>InfisicalSecret</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Server-side duplicates an array of secret IDs into a destination environment (and optional destination path), with switches that control whether the value, comment, tags, and metadata are copied. Use Get-InfisicalSecrets followed by selection of the desired Id values to feed -SecretId.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Set -OverwriteExisting to replace same-named secrets at the destination. Without -CopySecretValue, the destination secrets are created with empty values, preserving only metadata.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Get-InfisicalSecrets | Select-Object -ExpandProperty Id | Copy-InfisicalSecret -DestinationEnvironment 'staging' -CopySecretValue</dev:code>
+        <dev:remarks><maml:para>Copies all secrets from the active environment into 'staging', including their values.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalSecretsResult = Get-InfisicalSecrets -SecretPath '/Windows' -Recursive
+
+$CopyInfisicalSecretParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$CopyInfisicalSecretParameters.SecretId               = $GetInfisicalSecretsResult.Id
+$CopyInfisicalSecretParameters.ProjectId              = $ConnectInfisicalParameters.ProjectId
+$CopyInfisicalSecretParameters.SourceEnvironment      = $ConnectInfisicalParameters.Environment
+$CopyInfisicalSecretParameters.SourceSecretPath       = '/Windows'
+$CopyInfisicalSecretParameters.DestinationEnvironment = 'staging'
+$CopyInfisicalSecretParameters.DestinationSecretPath  = '/Windows'
+$CopyInfisicalSecretParameters.OverwriteExisting      = $True
+$CopyInfisicalSecretParameters.CopySecretValue        = $True
+$CopyInfisicalSecretParameters.CopySecretComment      = $True
+$CopyInfisicalSecretParameters.CopyTags               = $True
+$CopyInfisicalSecretParameters.CopyMetadata           = $True
+$CopyInfisicalSecretParameters.Verbose                = $True
+
+$CopyInfisicalSecretResult = Copy-InfisicalSecret @CopyInfisicalSecretParameters</dev:code>
+        <dev:remarks><maml:para>Promotes every Windows secret from the active environment into staging with full value/comment/tag/metadata propagation.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>ConvertTo-InfisicalSecretDictionary</command:name>
+      <maml:description><maml:para>Converts a stream of InfisicalSecret objects into a name-keyed Dictionary of SecureString or plain text values.</maml:para></maml:description>
+      <command:verb>ConvertTo</command:verb>
+      <command:noun>InfisicalSecretDictionary</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Aggregates an incoming pipeline of InfisicalSecret objects into a case-insensitive Dictionary keyed by SecretName. By default values are SecureString; pass -AsPlainText to materialize string values. Duplicate keys are handled via the -DuplicateKeyBehavior parameter (Error, FirstWins, LastWins).</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Use this conversion before splatting secrets into another process (-AsPlainText) or before passing them to libraries that expect SecureString-keyed lookups (default).</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Get-InfisicalSecrets | ConvertTo-InfisicalSecretDictionary -AsPlainText</dev:code>
+        <dev:remarks><maml:para>Builds a plain-text dictionary of every secret in the active environment.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalSecretsResult = Get-InfisicalSecrets -SecretPath "/Windows/$($CallingScriptPath.BaseName)" -Recursive
+
+$ConvertToInfisicalSecretDictionaryParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$ConvertToInfisicalSecretDictionaryParameters.InputObject          = $GetInfisicalSecretsResult
+$ConvertToInfisicalSecretDictionaryParameters.DuplicateKeyBehavior = 'LastWins'
+$ConvertToInfisicalSecretDictionaryParameters.AsPlainText          = $True
+$ConvertToInfisicalSecretDictionaryParameters.Verbose              = $True
+
+$ConvertToInfisicalSecretDictionaryResult = ConvertTo-InfisicalSecretDictionary @ConvertToInfisicalSecretDictionaryParameters</dev:code>
+        <dev:remarks><maml:para>Aggregates recursive secret results into a plain-text dictionary, with the last value winning on key collisions.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Export-InfisicalSecrets</command:name>
+      <maml:description><maml:para>Exports InfisicalSecret objects to disk or environment variables in a chosen file format.</maml:para></maml:description>
+      <command:verb>Export</command:verb>
+      <command:noun>InfisicalSecrets</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Buffers an incoming pipeline of InfisicalSecret objects and writes them to a file in the requested format (DotEnv, Json, Yaml, EnvironmentVariables, etc.) or sets them as environment variables on the chosen scope (Process, User, Machine). -Encoding controls text encoding for file outputs.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>EnvironmentVariables format does not require -Path; all other formats do. User/Machine scopes require appropriate privileges (Machine scope requires elevation on Windows).</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Get-InfisicalSecrets | Export-InfisicalSecrets -Format DotEnv -Path '.\.env' -Force</dev:code>
+        <dev:remarks><maml:para>Writes the active environment's secrets to a .env file.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalSecretsResult = Get-InfisicalSecrets -SecretPath "/Windows/$($CallingScriptPath.BaseName)" -Recursive
+
+$ExportInfisicalSecretsParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$ExportInfisicalSecretsParameters.InputObject = $GetInfisicalSecretsResult
+$ExportInfisicalSecretsParameters.Format      = 'EnvironmentVariables'
+$ExportInfisicalSecretsParameters.Scope       = 'Process'
+$ExportInfisicalSecretsParameters.Force       = $True
+$ExportInfisicalSecretsParameters.Verbose     = $True
+
+$ExportInfisicalSecretsResult = Export-InfisicalSecrets @ExportInfisicalSecretsParameters</dev:code>
+        <dev:remarks><maml:para>Projects the recursive secret result into Process-scope environment variables for the current PowerShell session.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Get-InfisicalProjects</command:name>
+      <maml:description><maml:para>Lists Infisical projects accessible to the current identity.</maml:para></maml:description>
+      <command:verb>Get</command:verb>
+      <command:noun>InfisicalProjects</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Returns every project the active session can see. The cmdlet requires an active InfisicalConnection but takes no parameters; project visibility is governed by Infisical's role assignments.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>The result is an array of InfisicalProject objects; pipe into Where-Object or Select-Object to filter by Slug, Name, or Id.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Get-InfisicalProjects</dev:code>
+        <dev:remarks><maml:para>Lists every project the current session can see.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalProjectsParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$GetInfisicalProjectsParameters.Verbose = $True
+
+$GetInfisicalProjectsResult = Get-InfisicalProjects @GetInfisicalProjectsParameters | Where-Object { $_.Slug -ilike 'platform-*' }</dev:code>
+        <dev:remarks><maml:para>Lists projects and filters down to those whose slug begins with 'platform-'.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Get-InfisicalProject</command:name>
+      <maml:description><maml:para>Retrieves a single Infisical project by its identifier.</maml:para></maml:description>
+      <command:verb>Get</command:verb>
+      <command:noun>InfisicalProject</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Retrieves one project by Id. If -ProjectId is not supplied, the cmdlet falls back to the ProjectId pinned on the active InfisicalConnection.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>The cmdlet accepts pipeline input by property name; objects emitted by Get-InfisicalProjects can be piped in directly to refresh a single record.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Get-InfisicalProject</dev:code>
+        <dev:remarks><maml:para>Retrieves the project pinned by the active session.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalProjectsResult = Get-InfisicalProjects
+
+$GetInfisicalProjectParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$GetInfisicalProjectParameters.ProjectId = $GetInfisicalProjectsResult[0].Id
+$GetInfisicalProjectParameters.Verbose   = $True
+
+$GetInfisicalProjectResult = Get-InfisicalProject @GetInfisicalProjectParameters</dev:code>
+        <dev:remarks><maml:para>Looks up the first project in the list and retrieves its full record.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>New-InfisicalProject</command:name>
+      <maml:description><maml:para>Creates a new Infisical project in the active organization.</maml:para></maml:description>
+      <command:verb>New</command:verb>
+      <command:noun>InfisicalProject</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Creates a project with the supplied name and optional slug, description, type, and organization id. If -OrganizationId is not supplied, the active session's organization is used. Honors -WhatIf and -Confirm.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Slug must be unique within the organization; if not supplied, the server derives one from the project name.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>New-InfisicalProject -ProjectName 'Platform Telemetry'</dev:code>
+        <dev:remarks><maml:para>Creates a new project named 'Platform Telemetry' in the active organization.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$NewInfisicalProjectParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$NewInfisicalProjectParameters.ProjectName    = 'Platform Telemetry'
+$NewInfisicalProjectParameters.Slug           = 'platform-telemetry'
+$NewInfisicalProjectParameters.Description    = 'Secrets for platform telemetry pipeline'
+$NewInfisicalProjectParameters.Type           = 'secret-manager'
+$NewInfisicalProjectParameters.OrganizationId = $ConnectInfisicalParameters.OrganizationId
+$NewInfisicalProjectParameters.Verbose        = $True
+
+$NewInfisicalProjectResult = New-InfisicalProject @NewInfisicalProjectParameters</dev:code>
+        <dev:remarks><maml:para>Creates a project with an explicit slug, description, and type bound to a specific organization id.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Update-InfisicalProject</command:name>
+      <maml:description><maml:para>Updates the name, description, or auto-capitalization flag on an existing project.</maml:para></maml:description>
+      <command:verb>Update</command:verb>
+      <command:noun>InfisicalProject</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Updates mutable attributes on a project. -ProjectId defaults to the pinned session project when omitted. Only parameters that are bound are sent to the server. Honors -WhatIf and -Confirm.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>AutoCapitalization controls whether secret names submitted in mixed case are stored uppercase server-side; setting it false preserves the literal case supplied by clients.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Update-InfisicalProject -Name 'Platform Telemetry (v2)'</dev:code>
+        <dev:remarks><maml:para>Renames the session-pinned project.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalProjectsResult = Get-InfisicalProjects | Where-Object { $_.Slug -eq 'platform-telemetry' }
+
+$UpdateInfisicalProjectParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$UpdateInfisicalProjectParameters.ProjectId          = $GetInfisicalProjectsResult.Id
+$UpdateInfisicalProjectParameters.Name               = 'Platform Telemetry (v2)'
+$UpdateInfisicalProjectParameters.Description        = 'Migrated to v2 pipeline'
+$UpdateInfisicalProjectParameters.AutoCapitalization = $False
+$UpdateInfisicalProjectParameters.Verbose            = $True
+
+$UpdateInfisicalProjectResult = Update-InfisicalProject @UpdateInfisicalProjectParameters</dev:code>
+        <dev:remarks><maml:para>Locates the project by slug, renames it, updates the description, and disables auto-capitalization.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Remove-InfisicalProject</command:name>
+      <maml:description><maml:para>Deletes an Infisical project.</maml:para></maml:description>
+      <command:verb>Remove</command:verb>
+      <command:noun>InfisicalProject</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Deletes a project by Id. Defaults to the session-pinned project when -ProjectId is omitted. High ConfirmImpact prompts unless -Confirm:$False is supplied. -PassThru emits the removed project id.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>This is destructive and removes all secrets, environments, folders, and tags within the project. Honors -WhatIf and -Confirm.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Remove-InfisicalProject -Confirm:$False</dev:code>
+        <dev:remarks><maml:para>Deletes the session-pinned project without prompting.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalProjectsResult = Get-InfisicalProjects | Where-Object { $_.Slug -eq 'sandbox-temp' }
+
+$RemoveInfisicalProjectParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$RemoveInfisicalProjectParameters.ProjectId = $GetInfisicalProjectsResult.Id
+$RemoveInfisicalProjectParameters.PassThru  = $True
+$RemoveInfisicalProjectParameters.Confirm   = $False
+$RemoveInfisicalProjectParameters.Verbose   = $True
+
+$RemoveInfisicalProjectResult = Remove-InfisicalProject @RemoveInfisicalProjectParameters</dev:code>
+        <dev:remarks><maml:para>Finds the sandbox project by slug, removes it without confirmation, and emits the removed project id for logging.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Get-InfisicalEnvironments</command:name>
+      <maml:description><maml:para>Lists environments defined on an Infisical project.</maml:para></maml:description>
+      <command:verb>Get</command:verb>
+      <command:noun>InfisicalEnvironments</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Returns all environments configured on a project. -ProjectId defaults to the session-pinned project id when omitted.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Each InfisicalEnvironment carries both Id and Slug; downstream cmdlets accept either form on -Environment-like parameters.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Get-InfisicalEnvironments</dev:code>
+        <dev:remarks><maml:para>Lists environments for the session-pinned project.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalProjectsResult = Get-InfisicalProjects | Where-Object { $_.Slug -eq 'platform-telemetry' }
+
+$GetInfisicalEnvironmentsParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$GetInfisicalEnvironmentsParameters.ProjectId = $GetInfisicalProjectsResult.Id
+$GetInfisicalEnvironmentsParameters.Verbose   = $True
+
+$GetInfisicalEnvironmentsResult = Get-InfisicalEnvironments @GetInfisicalEnvironmentsParameters</dev:code>
+        <dev:remarks><maml:para>Resolves a project by slug and lists every environment defined on it.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Get-InfisicalEnvironment</command:name>
+      <maml:description><maml:para>Retrieves a single Infisical environment by slug or id.</maml:para></maml:description>
+      <command:verb>Get</command:verb>
+      <command:noun>InfisicalEnvironment</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Returns one environment record by slug or id (-EnvironmentSlugOrId). -ProjectId defaults to the session-pinned project when omitted.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Accepts pipeline input by property name so InfisicalEnvironment objects from Get-InfisicalEnvironments can be refreshed directly.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Get-InfisicalEnvironment -EnvironmentSlugOrId 'dev'</dev:code>
+        <dev:remarks><maml:para>Retrieves the 'dev' environment from the session-pinned project.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalEnvironmentsResult = Get-InfisicalEnvironments | Where-Object { $_.Slug -eq 'dev' }
+
+$GetInfisicalEnvironmentParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$GetInfisicalEnvironmentParameters.EnvironmentSlugOrId = $GetInfisicalEnvironmentsResult.Slug
+$GetInfisicalEnvironmentParameters.ProjectId           = $ConnectInfisicalParameters.ProjectId
+$GetInfisicalEnvironmentParameters.Verbose             = $True
+
+$GetInfisicalEnvironmentResult = Get-InfisicalEnvironment @GetInfisicalEnvironmentParameters</dev:code>
+        <dev:remarks><maml:para>Looks up the dev environment by slug and re-fetches the canonical record by slug or id.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>New-InfisicalEnvironment</command:name>
+      <maml:description><maml:para>Creates a new environment on an Infisical project.</maml:para></maml:description>
+      <command:verb>New</command:verb>
+      <command:noun>InfisicalEnvironment</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Creates an environment with the supplied display name and slug, optionally setting its sort -Position. -ProjectId defaults to the session-pinned project when omitted. Honors -WhatIf and -Confirm.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Slugs must be unique within the project and are used as the canonical -Environment value across all other cmdlets.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>New-InfisicalEnvironment -Name 'Staging' -Slug 'staging'</dev:code>
+        <dev:remarks><maml:para>Adds a Staging environment to the session-pinned project.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalProjectsResult = Get-InfisicalProjects | Where-Object { $_.Slug -eq 'platform-telemetry' }
+
+$NewInfisicalEnvironmentParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$NewInfisicalEnvironmentParameters.ProjectId = $GetInfisicalProjectsResult.Id
+$NewInfisicalEnvironmentParameters.Name      = 'Staging'
+$NewInfisicalEnvironmentParameters.Slug      = 'staging'
+$NewInfisicalEnvironmentParameters.Position  = 20
+$NewInfisicalEnvironmentParameters.Verbose   = $True
+
+$NewInfisicalEnvironmentResult = New-InfisicalEnvironment @NewInfisicalEnvironmentParameters</dev:code>
+        <dev:remarks><maml:para>Adds a Staging environment at sort position 20 on the resolved project.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Update-InfisicalEnvironment</command:name>
+      <maml:description><maml:para>Updates the name, slug, or sort order of an existing Infisical environment.</maml:para></maml:description>
+      <command:verb>Update</command:verb>
+      <command:noun>InfisicalEnvironment</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Updates an environment identified by -EnvironmentId. -ProjectId defaults to the session-pinned project when omitted. Only bound parameters are sent to the server. Honors -WhatIf and -Confirm.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Changing -Slug can break downstream automation that pins to the previous slug. Coordinate slug rotation with consumers.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Update-InfisicalEnvironment -EnvironmentId $EnvId -Name 'Pre-Production'</dev:code>
+        <dev:remarks><maml:para>Renames an environment in the session-pinned project.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalEnvironmentsResult = Get-InfisicalEnvironments | Where-Object { $_.Slug -eq 'staging' }
+
+$UpdateInfisicalEnvironmentParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$UpdateInfisicalEnvironmentParameters.EnvironmentId = $GetInfisicalEnvironmentsResult.Id
+$UpdateInfisicalEnvironmentParameters.ProjectId     = $ConnectInfisicalParameters.ProjectId
+$UpdateInfisicalEnvironmentParameters.Name          = 'Pre-Production'
+$UpdateInfisicalEnvironmentParameters.Slug          = 'preprod'
+$UpdateInfisicalEnvironmentParameters.Position      = 25
+$UpdateInfisicalEnvironmentParameters.Verbose       = $True
+
+$UpdateInfisicalEnvironmentResult = Update-InfisicalEnvironment @UpdateInfisicalEnvironmentParameters</dev:code>
+        <dev:remarks><maml:para>Locates the staging environment, renames it to Pre-Production, rotates its slug, and updates its sort order.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Remove-InfisicalEnvironment</command:name>
+      <maml:description><maml:para>Deletes an Infisical environment from a project.</maml:para></maml:description>
+      <command:verb>Remove</command:verb>
+      <command:noun>InfisicalEnvironment</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Removes an environment by Id. -ProjectId defaults to the session-pinned project when omitted. High ConfirmImpact prompts unless -Confirm:$False is supplied. -PassThru emits the removed environment id.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Removing an environment deletes every secret and folder scoped to it. Honors -WhatIf and -Confirm.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Remove-InfisicalEnvironment -EnvironmentId $EnvId -Confirm:$False</dev:code>
+        <dev:remarks><maml:para>Deletes an environment without prompting.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalEnvironmentsResult = Get-InfisicalEnvironments | Where-Object { $_.Slug -eq 'sandbox' }
+
+$RemoveInfisicalEnvironmentParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$RemoveInfisicalEnvironmentParameters.EnvironmentId = $GetInfisicalEnvironmentsResult.Id
+$RemoveInfisicalEnvironmentParameters.ProjectId     = $ConnectInfisicalParameters.ProjectId
+$RemoveInfisicalEnvironmentParameters.PassThru      = $True
+$RemoveInfisicalEnvironmentParameters.Confirm       = $False
+$RemoveInfisicalEnvironmentParameters.Verbose       = $True
+
+$RemoveInfisicalEnvironmentResult = Remove-InfisicalEnvironment @RemoveInfisicalEnvironmentParameters</dev:code>
+        <dev:remarks><maml:para>Removes the sandbox environment without prompting and emits its id for the audit trail.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Get-InfisicalFolders</command:name>
+      <maml:description><maml:para>Lists Infisical folders at a given secret path.</maml:para></maml:description>
+      <command:verb>Get</command:verb>
+      <command:noun>InfisicalFolders</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Enumerates folders directly under the supplied -Path within the active project and environment. -ProjectId, -Environment, and -Path default to the session-pinned values when omitted.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>This is a non-recursive listing of immediate subfolders. To enumerate secrets across a folder subtree use Get-InfisicalSecrets -Recursive.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Get-InfisicalFolders -Path '/Windows'</dev:code>
+        <dev:remarks><maml:para>Lists every folder directly under /Windows in the active project and environment.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalFoldersParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$GetInfisicalFoldersParameters.ProjectId   = $ConnectInfisicalParameters.ProjectId
+$GetInfisicalFoldersParameters.Environment = $ConnectInfisicalParameters.Environment
+$GetInfisicalFoldersParameters.Path        = "/Windows/$($CallingScriptPath.BaseName)"
+$GetInfisicalFoldersParameters.Verbose     = $True
+
+$GetInfisicalFoldersResult = Get-InfisicalFolders @GetInfisicalFoldersParameters</dev:code>
+        <dev:remarks><maml:para>Lists folders under a script-specific subpath using the session-pinned project and environment.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Get-InfisicalFolder</command:name>
+      <maml:description><maml:para>Retrieves a single Infisical folder by name or id.</maml:para></maml:description>
+      <command:verb>Get</command:verb>
+      <command:noun>InfisicalFolder</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Returns one folder record by name or id (-FolderNameOrId) under the supplied -Path. -ProjectId, -Environment, and -Path default to the session-pinned values when omitted.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Accepts pipeline input by property name so InfisicalFolder objects from Get-InfisicalFolders can be refreshed directly.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Get-InfisicalFolder -FolderNameOrId 'Deployments' -Path '/Windows'</dev:code>
+        <dev:remarks><maml:para>Retrieves the Deployments folder under /Windows in the active project and environment.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalFoldersResult = Get-InfisicalFolders -Path '/Windows' | Where-Object { $_.Name -eq 'Deployments' }
+
+$GetInfisicalFolderParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$GetInfisicalFolderParameters.FolderNameOrId = $GetInfisicalFoldersResult.Id
+$GetInfisicalFolderParameters.ProjectId      = $ConnectInfisicalParameters.ProjectId
+$GetInfisicalFolderParameters.Environment    = $ConnectInfisicalParameters.Environment
+$GetInfisicalFolderParameters.Path           = '/Windows'
+$GetInfisicalFolderParameters.Verbose        = $True
+
+$GetInfisicalFolderResult = Get-InfisicalFolder @GetInfisicalFolderParameters</dev:code>
+        <dev:remarks><maml:para>Locates the folder by name first, then re-fetches it by id to refresh the canonical record.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>New-InfisicalFolder</command:name>
+      <maml:description><maml:para>Creates a new Infisical folder under the supplied parent path.</maml:para></maml:description>
+      <command:verb>New</command:verb>
+      <command:noun>InfisicalFolder</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Creates a folder with the supplied -Name beneath the supplied -Path. -ProjectId, -Environment, and -Path default to the session-pinned values when omitted. Honors -WhatIf and -Confirm.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Folder names are case-sensitive and must be unique within a parent path; the cmdlet does not create intermediate folders.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>New-InfisicalFolder -Name 'Deployments' -Path '/Windows'</dev:code>
+        <dev:remarks><maml:para>Creates the Deployments folder under /Windows in the active project and environment.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$NewInfisicalFolderParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$NewInfisicalFolderParameters.Name        = $CallingScriptPath.BaseName
+$NewInfisicalFolderParameters.ProjectId   = $ConnectInfisicalParameters.ProjectId
+$NewInfisicalFolderParameters.Environment = $ConnectInfisicalParameters.Environment
+$NewInfisicalFolderParameters.Path        = '/Windows'
+$NewInfisicalFolderParameters.Verbose     = $True
+
+$NewInfisicalFolderResult = New-InfisicalFolder @NewInfisicalFolderParameters</dev:code>
+        <dev:remarks><maml:para>Creates a script-named folder under /Windows using the session-pinned project and environment.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Update-InfisicalFolder</command:name>
+      <maml:description><maml:para>Renames an existing Infisical folder.</maml:para></maml:description>
+      <command:verb>Update</command:verb>
+      <command:noun>InfisicalFolder</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Renames a folder identified by -FolderId to the supplied -Name. -ProjectId, -Environment, and -Path default to the session-pinned values when omitted. Honors -WhatIf and -Confirm.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Renaming a folder rewrites the path component for every secret beneath it; coordinate with consumers that pin to the previous path.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Update-InfisicalFolder -FolderId $FolderId -Name 'Deployments-Archive'</dev:code>
+        <dev:remarks><maml:para>Renames a folder in the session-pinned project/environment.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalFoldersResult = Get-InfisicalFolders -Path '/Windows' | Where-Object { $_.Name -eq 'Deployments' }
+
+$UpdateInfisicalFolderParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$UpdateInfisicalFolderParameters.FolderId    = $GetInfisicalFoldersResult.Id
+$UpdateInfisicalFolderParameters.Name        = 'Deployments-Archive'
+$UpdateInfisicalFolderParameters.ProjectId   = $ConnectInfisicalParameters.ProjectId
+$UpdateInfisicalFolderParameters.Environment = $ConnectInfisicalParameters.Environment
+$UpdateInfisicalFolderParameters.Path        = '/Windows'
+$UpdateInfisicalFolderParameters.Verbose     = $True
+
+$UpdateInfisicalFolderResult = Update-InfisicalFolder @UpdateInfisicalFolderParameters</dev:code>
+        <dev:remarks><maml:para>Resolves the folder by name and renames it to Deployments-Archive.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Remove-InfisicalFolder</command:name>
+      <maml:description><maml:para>Deletes an Infisical folder and all secrets it contains.</maml:para></maml:description>
+      <command:verb>Remove</command:verb>
+      <command:noun>InfisicalFolder</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Removes a folder by Id from the supplied -Path. -ProjectId, -Environment, and -Path default to the session-pinned values when omitted. High ConfirmImpact prompts unless -Confirm:$False is supplied. -PassThru emits the removed folder id.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>This is destructive and removes every secret and subfolder under the target folder. Honors -WhatIf and -Confirm.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Remove-InfisicalFolder -FolderId $FolderId -Confirm:$False</dev:code>
+        <dev:remarks><maml:para>Deletes a folder from the session-pinned project/environment without prompting.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalFoldersResult = Get-InfisicalFolders -Path '/Windows' | Where-Object { $_.Name -eq $CallingScriptPath.BaseName }
+
+$RemoveInfisicalFolderParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$RemoveInfisicalFolderParameters.FolderId    = $GetInfisicalFoldersResult.Id
+$RemoveInfisicalFolderParameters.ProjectId   = $ConnectInfisicalParameters.ProjectId
+$RemoveInfisicalFolderParameters.Environment = $ConnectInfisicalParameters.Environment
+$RemoveInfisicalFolderParameters.Path        = '/Windows'
+$RemoveInfisicalFolderParameters.PassThru    = $True
+$RemoveInfisicalFolderParameters.Confirm     = $False
+$RemoveInfisicalFolderParameters.Verbose     = $True
+
+$RemoveInfisicalFolderResult = Remove-InfisicalFolder @RemoveInfisicalFolderParameters</dev:code>
+        <dev:remarks><maml:para>Resolves the script-named folder under /Windows and removes it without prompting, returning its id for logging.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Get-InfisicalTags</command:name>
+      <maml:description><maml:para>Lists Infisical tags defined on a project.</maml:para></maml:description>
+      <command:verb>Get</command:verb>
+      <command:noun>InfisicalTags</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Returns every tag configured on a project. -ProjectId defaults to the session-pinned project id when omitted.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Tag Ids returned here are the values to pass on -TagIds when creating or updating secrets.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Get-InfisicalTags</dev:code>
+        <dev:remarks><maml:para>Lists every tag defined on the session-pinned project.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalProjectsResult = Get-InfisicalProjects | Where-Object { $_.Slug -eq 'platform-telemetry' }
+
+$GetInfisicalTagsParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$GetInfisicalTagsParameters.ProjectId = $GetInfisicalProjectsResult.Id
+$GetInfisicalTagsParameters.Verbose   = $True
+
+$GetInfisicalTagsResult = Get-InfisicalTags @GetInfisicalTagsParameters</dev:code>
+        <dev:remarks><maml:para>Resolves a project by slug and lists every tag defined on it.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Get-InfisicalTag</command:name>
+      <maml:description><maml:para>Retrieves a single Infisical tag by slug or id.</maml:para></maml:description>
+      <command:verb>Get</command:verb>
+      <command:noun>InfisicalTag</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Returns one tag record by slug or id (-TagSlugOrId). -ProjectId defaults to the session-pinned project when omitted.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Accepts pipeline input by property name so InfisicalTag objects from Get-InfisicalTags can be refreshed directly.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Get-InfisicalTag -TagSlugOrId 'critical'</dev:code>
+        <dev:remarks><maml:para>Retrieves the 'critical' tag from the session-pinned project.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalTagsResult = Get-InfisicalTags | Where-Object { $_.Slug -eq 'critical' }
+
+$GetInfisicalTagParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$GetInfisicalTagParameters.TagSlugOrId = $GetInfisicalTagsResult.Slug
+$GetInfisicalTagParameters.ProjectId   = $ConnectInfisicalParameters.ProjectId
+$GetInfisicalTagParameters.Verbose     = $True
+
+$GetInfisicalTagResult = Get-InfisicalTag @GetInfisicalTagParameters</dev:code>
+        <dev:remarks><maml:para>Filters tags to the critical slug and refetches the canonical record.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>New-InfisicalTag</command:name>
+      <maml:description><maml:para>Creates a new Infisical tag on a project.</maml:para></maml:description>
+      <command:verb>New</command:verb>
+      <command:noun>InfisicalTag</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Creates a tag with the supplied -Slug, optional -Name and -Color. -ProjectId defaults to the session-pinned project when omitted. Honors -WhatIf and -Confirm.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Tag slugs must be unique within the project and are the canonical reference used by tag-filtered secret lookups.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>New-InfisicalTag -Slug 'critical' -Name 'Critical' -Color '#FF0000'</dev:code>
+        <dev:remarks><maml:para>Creates a red Critical tag in the session-pinned project.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$NewInfisicalTagParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$NewInfisicalTagParameters.Slug      = 'critical'
+$NewInfisicalTagParameters.Name      = 'Critical'
+$NewInfisicalTagParameters.Color     = '#FF0000'
+$NewInfisicalTagParameters.ProjectId = $ConnectInfisicalParameters.ProjectId
+$NewInfisicalTagParameters.Verbose   = $True
+
+$NewInfisicalTagResult = New-InfisicalTag @NewInfisicalTagParameters</dev:code>
+        <dev:remarks><maml:para>Creates a red Critical tag against an explicitly supplied project id.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Update-InfisicalTag</command:name>
+      <maml:description><maml:para>Updates the slug, name, or color of an existing Infisical tag.</maml:para></maml:description>
+      <command:verb>Update</command:verb>
+      <command:noun>InfisicalTag</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Updates a tag identified by -TagId. -ProjectId defaults to the session-pinned project when omitted. Only bound parameters are sent to the server. Honors -WhatIf and -Confirm.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Changing -Slug breaks tag-filtered automation that pins to the previous slug. Coordinate slug rotation with consumers.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Update-InfisicalTag -TagId $TagId -Color '#FFA500'</dev:code>
+        <dev:remarks><maml:para>Changes the display color of a tag in the session-pinned project.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalTagsResult = Get-InfisicalTags | Where-Object { $_.Slug -eq 'critical' }
+
+$UpdateInfisicalTagParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$UpdateInfisicalTagParameters.TagId     = $GetInfisicalTagsResult.Id
+$UpdateInfisicalTagParameters.Slug      = 'critical-v2'
+$UpdateInfisicalTagParameters.Name      = 'Critical (v2)'
+$UpdateInfisicalTagParameters.Color     = '#FFA500'
+$UpdateInfisicalTagParameters.ProjectId = $ConnectInfisicalParameters.ProjectId
+$UpdateInfisicalTagParameters.Verbose   = $True
+
+$UpdateInfisicalTagResult = Update-InfisicalTag @UpdateInfisicalTagParameters</dev:code>
+        <dev:remarks><maml:para>Locates the critical tag and rotates its slug, display name, and color.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Remove-InfisicalTag</command:name>
+      <maml:description><maml:para>Deletes an Infisical tag from a project.</maml:para></maml:description>
+      <command:verb>Remove</command:verb>
+      <command:noun>InfisicalTag</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Removes a tag by Id. -ProjectId defaults to the session-pinned project when omitted. High ConfirmImpact prompts unless -Confirm:$False is supplied. -PassThru emits the removed tag id.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Removing a tag detaches it from every secret it was applied to but does not delete the secrets themselves. Honors -WhatIf and -Confirm.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Remove-InfisicalTag -TagId $TagId -Confirm:$False</dev:code>
+        <dev:remarks><maml:para>Deletes a tag from the session-pinned project without prompting.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalTagsResult = Get-InfisicalTags | Where-Object { $_.Slug -eq 'critical-v2' }
+
+$RemoveInfisicalTagParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$RemoveInfisicalTagParameters.TagId     = $GetInfisicalTagsResult.Id
+$RemoveInfisicalTagParameters.ProjectId = $ConnectInfisicalParameters.ProjectId
+$RemoveInfisicalTagParameters.PassThru  = $True
+$RemoveInfisicalTagParameters.Confirm   = $False
+$RemoveInfisicalTagParameters.Verbose   = $True
+
+$RemoveInfisicalTagResult = Remove-InfisicalTag @RemoveInfisicalTagParameters</dev:code>
+        <dev:remarks><maml:para>Resolves a tag by slug and removes it without prompting, returning its id for the audit trail.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Get-InfisicalCertificateAuthority</command:name>
+      <maml:description><maml:para>Lists or retrieves Infisical internal Certificate Authorities.</maml:para></maml:description>
+      <command:verb>Get</command:verb>
+      <command:noun>InfisicalCertificateAuthority</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>When -CaId is supplied (ById parameter set) returns a single CA. Otherwise (List parameter set) returns every internal CA visible in the project. -ProjectId defaults to the session-pinned project when omitted.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Only internal CAs are surfaced; external/ACME issuers are not enumerated by this cmdlet. CA Ids returned here are the values to pass on -CertificateAuthorityId to Request-InfisicalCertificate.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Get-InfisicalCertificateAuthority</dev:code>
+        <dev:remarks><maml:para>Lists every internal CA visible in the session-pinned project.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalCertificateAuthorityListResult = Get-InfisicalCertificateAuthority | Where-Object { $_.FriendlyName -eq 'Issuing CA - Platform' }
+
+$GetInfisicalCertificateAuthorityParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$GetInfisicalCertificateAuthorityParameters.CaId      = $GetInfisicalCertificateAuthorityListResult.Id
+$GetInfisicalCertificateAuthorityParameters.ProjectId = $ConnectInfisicalParameters.ProjectId
+$GetInfisicalCertificateAuthorityParameters.Verbose   = $True
+
+$GetInfisicalCertificateAuthorityResult = Get-InfisicalCertificateAuthority @GetInfisicalCertificateAuthorityParameters</dev:code>
+        <dev:remarks><maml:para>Filters the CA list by friendly name and then re-fetches the canonical CA record by id.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Get-InfisicalCertificates</command:name>
+      <maml:description><maml:para>Lists Infisical certificates in a project, with optional filters and automatic paging.</maml:para></maml:description>
+      <command:verb>Get</command:verb>
+      <command:noun>InfisicalCertificates</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Enumerates certificates with optional filters for -CommonName, -FriendlyName, -Status, and -CaId. -Limit and -Offset drive a single page; pages are walked automatically until exhausted unless -NoAutoPage is supplied. -ProjectId defaults to the session-pinned project when omitted.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>For advanced filtering (validity window, key algorithm, extended key usage, etc.) use Search-InfisicalCertificate instead.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Get-InfisicalCertificates -Status 'active'</dev:code>
+        <dev:remarks><maml:para>Lists every active certificate in the session-pinned project.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalCertificateAuthorityListResult = Get-InfisicalCertificateAuthority | Where-Object { $_.FriendlyName -eq 'Issuing CA - Platform' }
+
+$GetInfisicalCertificatesParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$GetInfisicalCertificatesParameters.ProjectId    = $ConnectInfisicalParameters.ProjectId
+$GetInfisicalCertificatesParameters.CommonName   = $env:COMPUTERNAME
+$GetInfisicalCertificatesParameters.FriendlyName = 'web-tier'
+$GetInfisicalCertificatesParameters.Status       = 'active'
+$GetInfisicalCertificatesParameters.CaId         = @($GetInfisicalCertificateAuthorityListResult.Id)
+$GetInfisicalCertificatesParameters.Limit        = 100
+$GetInfisicalCertificatesParameters.Verbose      = $True
+
+$GetInfisicalCertificatesResult = Get-InfisicalCertificates @GetInfisicalCertificatesParameters</dev:code>
+        <dev:remarks><maml:para>Resolves the issuing CA, then lists active certificates scoped to that CA, the local hostname, and the 'web-tier' friendly name.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Get-InfisicalCertificate</command:name>
+      <maml:description><maml:para>Retrieves a single Infisical certificate by serial number.</maml:para></maml:description>
+      <command:verb>Get</command:verb>
+      <command:noun>InfisicalCertificate</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Returns one certificate record by -SerialNumber. Accepts pipeline input by property name so InfisicalCertificate objects from list/search cmdlets can be re-fetched directly.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>This returns metadata only. To obtain certificate and chain PEM material use ConvertTo-InfisicalCertificate or Export-InfisicalCertificate.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Get-InfisicalCertificate -SerialNumber '7A:F2:1B:...:9E'</dev:code>
+        <dev:remarks><maml:para>Retrieves the certificate record for the supplied serial number.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalCertificatesResult = Get-InfisicalCertificates -Status 'active' | Where-Object { $_.CommonName -eq $env:COMPUTERNAME }
+
+$GetInfisicalCertificateParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$GetInfisicalCertificateParameters.SerialNumber = $GetInfisicalCertificatesResult[0].SerialNumber
+$GetInfisicalCertificateParameters.Verbose      = $True
+
+$GetInfisicalCertificateResult = Get-InfisicalCertificate @GetInfisicalCertificateParameters</dev:code>
+        <dev:remarks><maml:para>Selects the active certificate whose common name matches the host and refetches its canonical record.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Search-InfisicalCertificate</command:name>
+      <maml:description><maml:para>Searches Infisical certificates with advanced filters and automatic paging.</maml:para></maml:description>
+      <command:verb>Search</command:verb>
+      <command:noun>InfisicalCertificate</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Performs a server-side search across certificates with filters for friendly name, common name, free-text search, status, CA/profile/application/enrollment scope, key/signature algorithm, source, and validity window (-NotBeforeFrom/-NotBeforeTo/-NotAfterFrom/-NotAfterTo). Results are paged automatically unless -NoAutoPage is supplied. -ProjectId defaults to the session-pinned project when omitted.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Use -SortBy together with -SortOrder ('asc'/'desc') to control result ordering. Pair with Get-InfisicalCertificate or Export-InfisicalCertificate to drill into specific hits.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Search-InfisicalCertificate -Search $env:COMPUTERNAME -Status 'active'</dev:code>
+        <dev:remarks><maml:para>Finds active certificates whose searchable fields contain the local hostname.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalCertificateAuthorityListResult = Get-InfisicalCertificateAuthority | Where-Object { $_.FriendlyName -eq 'Issuing CA - Platform' }
+
+$SearchInfisicalCertificateParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$SearchInfisicalCertificateParameters.ProjectId     = $ConnectInfisicalParameters.ProjectId
+$SearchInfisicalCertificateParameters.CommonName    = $env:COMPUTERNAME
+$SearchInfisicalCertificateParameters.Status        = 'active'
+$SearchInfisicalCertificateParameters.CaId          = @($GetInfisicalCertificateAuthorityListResult.Id)
+$SearchInfisicalCertificateParameters.KeyAlgorithm  = @('RSA')
+$SearchInfisicalCertificateParameters.NotAfterTo    = (Get-Date).AddDays(30)
+$SearchInfisicalCertificateParameters.SortBy        = 'notAfter'
+$SearchInfisicalCertificateParameters.SortOrder     = 'asc'
+$SearchInfisicalCertificateParameters.Limit         = 100
+$SearchInfisicalCertificateParameters.Verbose       = $True
+
+$SearchInfisicalCertificateResult = Search-InfisicalCertificate @SearchInfisicalCertificateParameters</dev:code>
+        <dev:remarks><maml:para>Searches for RSA certificates from a specific CA, scoped to the local hostname, that expire within the next 30 days, sorted soonest-first.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Request-InfisicalCertificate</command:name>
+      <maml:description><maml:para>Requests a new Infisical certificate (local CSR + sign) or reuses a still-valid existing one.</maml:para></maml:description>
+      <command:verb>Request</command:verb>
+      <command:noun>InfisicalCertificate</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Generates a keypair locally, builds a CSR, and submits it for signing either via a PKI subscriber (-PkiSubscriberSlug, default parameter set) or by direct CA signing (-CertificateAuthorityId). On subsequent runs an existing certificate whose CN matches and whose remaining lifetime exceeds -RenewalThresholdDays is reused; pass -Force to always issue or -AllowRenewal to allow rotation inside the threshold. Optional flags install the leaf (-Install) and chain (-InstallChain) into a Windows certificate store, and control private-key protection (-PrivateKeyProtection, -PersistKey, -MachineKey, -PrivateKeyPath, -KeyStorageFlags). Honors -WhatIf and -Confirm.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Default -PrivateKeyProtection is 'LocalOnly': the leaf is loaded into memory without persisting the private key and PrivateKeyPem is scrubbed from the emitted result unless -PrivateKeyPath or an explicit -KeyStorageFlags binding overrides it. The reuse path completes its chain from the Infisical bundle when local stores are incomplete; pass -LocalChainOnly to suppress that fetch entirely.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Request-InfisicalCertificate -PkiSubscriberSlug 'web-tier' -Install</dev:code>
+        <dev:remarks><maml:para>Requests (or reuses) a certificate for the 'web-tier' subscriber and installs it into CurrentUser\My.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$RequestInfisicalCertificateParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$RequestInfisicalCertificateParameters.PkiSubscriberSlug    = 'web-tier'
+$RequestInfisicalCertificateParameters.ProjectId            = $ConnectInfisicalParameters.ProjectId
+$RequestInfisicalCertificateParameters.CommonName           = ([System.Net.Dns]::GetHostEntry($env:COMPUTERNAME)).HostName
+$RequestInfisicalCertificateParameters.DnsName              = @(([System.Net.Dns]::GetHostEntry($env:COMPUTERNAME)).HostName, $env:COMPUTERNAME)
+$RequestInfisicalCertificateParameters.KeyAlgorithm         = 'Rsa'
+$RequestInfisicalCertificateParameters.KeySize              = 3072
+$RequestInfisicalCertificateParameters.Install              = $True
+$RequestInfisicalCertificateParameters.InstallChain         = $True
+$RequestInfisicalCertificateParameters.StoreName            = 'My'
+$RequestInfisicalCertificateParameters.StoreLocation        = 'LocalMachine'
+$RequestInfisicalCertificateParameters.PrivateKeyProtection = 'NonExportable'
+$RequestInfisicalCertificateParameters.MachineKey           = $True
+$RequestInfisicalCertificateParameters.PersistKey           = $True
+$RequestInfisicalCertificateParameters.AllowRenewal         = $True
+$RequestInfisicalCertificateParameters.RenewalThresholdDays = 30
+$RequestInfisicalCertificateParameters.Verbose              = $True
+
+$RequestInfisicalCertificateResult = Request-InfisicalCertificate @RequestInfisicalCertificateParameters</dev:code>
+        <dev:remarks><maml:para>Issues (or renews within 30 days) a 3072-bit RSA certificate for the local FQDN, installs the leaf and chain into LocalMachine\My with a non-exportable machine-bound persistent key.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>ConvertTo-InfisicalCertificate</command:name>
+      <maml:description><maml:para>Materializes an X509Certificate2 from an Infisical certificate record, bundle, or serial number.</maml:para></maml:description>
+      <command:verb>ConvertTo</command:verb>
+      <command:noun>InfisicalCertificate</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Fetches the certificate bundle (when given an InfisicalCertificate or -SerialNumber), or accepts an already-fetched -Bundle, and constructs an X509Certificate2 from the PEM material. Use -NoPrivateKey to omit the private key, -KeyStorageFlags to control how the key is loaded, and -IncludeChain to additionally emit each chain certificate as a separate X509Certificate2 in the pipeline.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>The bundle for any given certificate is typically retrievable only once after issuance; -SerialNumber and pipeline modes will fail with a bundle-not-available error for older certificates. Use -KeyStorageFlags Exportable when callers need to re-export the resulting cert as PFX.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Get-InfisicalCertificate -SerialNumber $Serial | ConvertTo-InfisicalCertificate -IncludeChain</dev:code>
+        <dev:remarks><maml:para>Materializes the certificate and emits each chain element individually.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalCertificatesResult = Get-InfisicalCertificates -Status 'active' | Where-Object { $_.CommonName -eq $env:COMPUTERNAME }
+
+$ConvertToInfisicalCertificateParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$ConvertToInfisicalCertificateParameters.SerialNumber    = $GetInfisicalCertificatesResult[0].SerialNumber
+$ConvertToInfisicalCertificateParameters.NoPrivateKey    = $False
+$ConvertToInfisicalCertificateParameters.IncludeChain    = $True
+$ConvertToInfisicalCertificateParameters.KeyStorageFlags = [System.Security.Cryptography.X509Certificates.X509KeyStorageFlags]::Exportable
+$ConvertToInfisicalCertificateParameters.Verbose         = $True
+
+$ConvertToInfisicalCertificateResult = ConvertTo-InfisicalCertificate @ConvertToInfisicalCertificateParameters</dev:code>
+        <dev:remarks><maml:para>Selects the active certificate whose CN matches the host and materializes it (with private key and chain) as exportable X509Certificate2 objects.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Export-InfisicalCertificate</command:name>
+      <maml:description><maml:para>Exports an Infisical certificate to disk in PEM, PFX, or CER format.</maml:para></maml:description>
+      <command:verb>Export</command:verb>
+      <command:noun>InfisicalCertificate</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Writes a certificate to -Path in the supplied -Format. Accepts an X509Certificate2, an InfisicalCertificateBundle, an InfisicalCertificate (refetches bundle by serial), or a -SerialNumber. -Password (SecureString) supplies the PFX password. -IncludeChain appends chain certificates (PEM only). -NoPrivateKey omits the private key. -Force overwrites an existing file. Honors -WhatIf and -Confirm.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>PFX export requires the cert to have been loaded with X509KeyStorageFlags.Exportable; bundle/serial modes import with Exportable automatically. CER and PFX formats ignore -IncludeChain.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Export-InfisicalCertificate -Path 'C:\Temp\web-tier.pem' -Format Pem -SerialNumber $Serial -IncludeChain</dev:code>
+        <dev:remarks><maml:para>Exports a certificate, its chain, and private key (when available) as a single PEM bundle.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalCertificatesResult = Get-InfisicalCertificates -Status 'active' | Where-Object { $_.CommonName -eq $env:COMPUTERNAME }
+
+$ExportInfisicalCertificateParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$ExportInfisicalCertificateParameters.SerialNumber = $GetInfisicalCertificatesResult[0].SerialNumber
+$ExportInfisicalCertificateParameters.Path         = "C:\Temp\$($env:COMPUTERNAME).pfx"
+$ExportInfisicalCertificateParameters.Format       = 'Pfx'
+$ExportInfisicalCertificateParameters.Password     = (Read-Host -AsSecureString -Prompt 'PFX password')
+$ExportInfisicalCertificateParameters.Force        = $True
+$ExportInfisicalCertificateParameters.PassThru     = $True
+$ExportInfisicalCertificateParameters.Verbose      = $True
+
+$ExportInfisicalCertificateResult = Export-InfisicalCertificate @ExportInfisicalCertificateParameters</dev:code>
+        <dev:remarks><maml:para>Resolves the active host certificate by serial and exports it as a password-protected PFX, overwriting any existing file and emitting a FileInfo for downstream use.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Install-InfisicalCertificate</command:name>
+      <maml:description><maml:para>Installs an Infisical certificate (and optional chain) into a Windows certificate store.</maml:para></maml:description>
+      <command:verb>Install</command:verb>
+      <command:noun>InfisicalCertificate</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Adds a certificate to the supplied -StoreName and -StoreLocation. Accepts an X509Certificate2, an InfisicalCertificate (refetches bundle by serial), or a -SerialNumber. -KeyStorageFlags controls private-key loading. -IncludeChain installs each chain certificate to the CertificateAuthority store of the same -StoreLocation. -Force replaces an existing thumbprint. -PassThru emits the installed certificate. Honors -WhatIf and -Confirm.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>Installing into LocalMachine stores typically requires elevation. -IncludeChain only fires for serial/InfisicalCertificate inputs because the X509Certificate2 input has no associated bundle to walk.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Install-InfisicalCertificate -SerialNumber $Serial -StoreLocation LocalMachine -IncludeChain</dev:code>
+        <dev:remarks><maml:para>Installs the leaf into LocalMachine\My and each chain element into LocalMachine\CertificateAuthority.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalCertificatesResult = Get-InfisicalCertificates -Status 'active' | Where-Object { $_.CommonName -eq $env:COMPUTERNAME }
+
+$InstallInfisicalCertificateParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$InstallInfisicalCertificateParameters.SerialNumber    = $GetInfisicalCertificatesResult[0].SerialNumber
+$InstallInfisicalCertificateParameters.StoreName       = 'My'
+$InstallInfisicalCertificateParameters.StoreLocation   = 'LocalMachine'
+$InstallInfisicalCertificateParameters.KeyStorageFlags = [System.Security.Cryptography.X509Certificates.X509KeyStorageFlags]::MachineKeySet -bor [System.Security.Cryptography.X509Certificates.X509KeyStorageFlags]::PersistKeySet
+$InstallInfisicalCertificateParameters.IncludeChain    = $True
+$InstallInfisicalCertificateParameters.Force           = $True
+$InstallInfisicalCertificateParameters.PassThru        = $True
+$InstallInfisicalCertificateParameters.Verbose         = $True
+
+$InstallInfisicalCertificateResult = Install-InfisicalCertificate @InstallInfisicalCertificateParameters</dev:code>
+        <dev:remarks><maml:para>Resolves the active host certificate and installs the leaf (with a machine-bound persistent key) plus its chain into LocalMachine, replacing any existing thumbprint match.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
+    <command:details>
+      <command:name>Uninstall-InfisicalCertificate</command:name>
+      <maml:description><maml:para>Removes a certificate from a Windows certificate store by thumbprint, subject, or pipeline input.</maml:para></maml:description>
+      <command:verb>Uninstall</command:verb>
+      <command:noun>InfisicalCertificate</command:noun>
+    </command:details>
+    <maml:description>
+      <maml:para>Removes matching certificates from the supplied -StoreName and -StoreLocation. Accepts -Thumbprint, -Subject, an X509Certificate2 (-Certificate), or an InfisicalCertificate (-InfisicalCertificate, uses FingerprintSha1). -Force allows removing multiple matches in one call; -PassThru emits each removed certificate. Honors -WhatIf and -Confirm.</maml:para>
+    </maml:description>
+    <maml:alertSet>
+      <maml:title>Notes</maml:title>
+      <maml:alert>
+        <maml:para>When more than one certificate matches -Subject and -Force is not supplied the cmdlet throws to prevent accidental bulk removal. Uninstalling from LocalMachine stores typically requires elevation.</maml:para>
+      </maml:alert>
+    </maml:alertSet>
+    <command:examples>
+      <command:example>
+        <maml:title>EXAMPLE 1</maml:title>
+        <dev:code>Uninstall-InfisicalCertificate -Thumbprint $Thumbprint -StoreLocation LocalMachine</dev:code>
+        <dev:remarks><maml:para>Removes the certificate with the supplied thumbprint from LocalMachine\My.</maml:para></dev:remarks>
+      </command:example>
+      <command:example>
+        <maml:title>EXAMPLE 2</maml:title>
+        <dev:code>$GetInfisicalCertificatesResult = Get-InfisicalCertificates -Status 'revoked' | Where-Object { $_.CommonName -eq $env:COMPUTERNAME }
+
+$UninstallInfisicalCertificateParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
+$UninstallInfisicalCertificateParameters.InfisicalCertificate = $GetInfisicalCertificatesResult[0]
+$UninstallInfisicalCertificateParameters.StoreName            = 'My'
+$UninstallInfisicalCertificateParameters.StoreLocation        = 'LocalMachine'
+$UninstallInfisicalCertificateParameters.Force                = $True
+$UninstallInfisicalCertificateParameters.PassThru             = $True
+$UninstallInfisicalCertificateParameters.Verbose              = $True
+
+$UninstallInfisicalCertificateResult = Uninstall-InfisicalCertificate @UninstallInfisicalCertificateParameters</dev:code>
+        <dev:remarks><maml:para>Picks the revoked host certificate and removes it from LocalMachine\My using its SHA1 fingerprint, emitting the removed object for the audit trail.</maml:para></dev:remarks>
+      </command:example>
+    </command:examples>
+  </command:command>
+
+
+
+</helpItems>
diff --git a/build.ps1 b/build.ps1
index ae27921..b928622 100644
--- a/build.ps1
+++ b/build.ps1
@@ -129,7 +129,10 @@ function Write-Manifest {
         'Update-InfisicalTag',
         'Remove-InfisicalTag',
         'Get-InfisicalCertificateAuthority',
+        'Get-InfisicalCertificate',
+        'Get-InfisicalCertificates',
         'Search-InfisicalCertificate',
+        'Request-InfisicalCertificate',
         'ConvertTo-InfisicalCertificate',
         'Install-InfisicalCertificate',
         'Uninstall-InfisicalCertificate',
@@ -193,15 +196,50 @@ if (`$null -eq `$manifest) {
 
 Import-Module -Name '$($ModuleDirectory.FullName)' -Force
 
-`$cmds = @('Connect-Infisical','Disconnect-Infisical','Get-InfisicalSecrets','Get-InfisicalSecret','New-InfisicalSecret','Update-InfisicalSecret','Remove-InfisicalSecret','ConvertTo-InfisicalSecretDictionary','Export-InfisicalSecrets','Get-InfisicalProjects','Get-InfisicalProject','New-InfisicalProject','Update-InfisicalProject','Remove-InfisicalProject','Get-InfisicalEnvironments','Get-InfisicalEnvironment','New-InfisicalEnvironment','Update-InfisicalEnvironment','Remove-InfisicalEnvironment','Get-InfisicalFolders','Get-InfisicalFolder','New-InfisicalFolder','Update-InfisicalFolder','Remove-InfisicalFolder','Get-InfisicalTags','Get-InfisicalTag','New-InfisicalTag','Update-InfisicalTag','Remove-InfisicalTag','Get-InfisicalCertificateAuthority','Search-InfisicalCertificate','ConvertTo-InfisicalCertificate','Install-InfisicalCertificate','Uninstall-InfisicalCertificate','Export-InfisicalCertificate')
-foreach (`$c in `$cmds) {
-    if (-not (Get-Command -Name `$c -Module PSInfisicalAPI -ErrorAction SilentlyContinue)) {
-        throw "Cmdlet not found: `$c"
+`$cmds = @(Get-Command -Module PSInfisicalAPI -CommandType Cmdlet)
+if (`$cmds.Count -eq 0) {
+    throw "No cmdlets were exported by the PSInfisicalAPI module."
+}
+
+`$expectedCmds = @('Connect-Infisical','Disconnect-Infisical','Get-InfisicalSecrets','Get-InfisicalSecret','New-InfisicalSecret','Update-InfisicalSecret','Remove-InfisicalSecret','Copy-InfisicalSecret','ConvertTo-InfisicalSecretDictionary','Export-InfisicalSecrets','Get-InfisicalProjects','Get-InfisicalProject','New-InfisicalProject','Update-InfisicalProject','Remove-InfisicalProject','Get-InfisicalEnvironments','Get-InfisicalEnvironment','New-InfisicalEnvironment','Update-InfisicalEnvironment','Remove-InfisicalEnvironment','Get-InfisicalFolders','Get-InfisicalFolder','New-InfisicalFolder','Update-InfisicalFolder','Remove-InfisicalFolder','Get-InfisicalTags','Get-InfisicalTag','New-InfisicalTag','Update-InfisicalTag','Remove-InfisicalTag','Get-InfisicalCertificateAuthority','Get-InfisicalCertificate','Get-InfisicalCertificates','Search-InfisicalCertificate','Request-InfisicalCertificate','ConvertTo-InfisicalCertificate','Install-InfisicalCertificate','Uninstall-InfisicalCertificate','Export-InfisicalCertificate')
+foreach (`$expected in `$expectedCmds) {
+    if (-not (Get-Command -Name `$expected -Module PSInfisicalAPI -ErrorAction SilentlyContinue)) {
+        throw "Cmdlet not found: `$expected"
+    }
+}
+
+foreach (`$cmd in `$cmds) {
+    `$name = `$cmd.Name
+    `$help = Get-Help -Name `$name -Full -ErrorAction SilentlyContinue
+    if (`$null -eq `$help) {
+        throw "Get-Help returned nothing for cmdlet: `$name"
     }
 
-    `$help = Get-Help -Name `$c -ErrorAction SilentlyContinue
-    if (`$null -eq `$help) {
-        throw "Get-Help returned nothing for cmdlet: `$c"
+    `$synopsis = (`$help.Synopsis | Out-String).Trim()
+    if ([string]::IsNullOrWhiteSpace(`$synopsis) -or `$synopsis.StartsWith(`$name, [System.StringComparison]::OrdinalIgnoreCase)) {
+        throw "Get-Help synopsis is missing or auto-generated for cmdlet: `$name"
+    }
+
+    `$description = (`$help.description | Out-String).Trim()
+    if ([string]::IsNullOrWhiteSpace(`$description)) {
+        throw "Get-Help description is empty for cmdlet: `$name"
+    }
+
+    `$examples = Get-Help -Name `$name -Examples -ErrorAction SilentlyContinue
+    if (`$null -eq `$examples -or `$null -eq `$examples.examples -or `$null -eq `$examples.examples.example) {
+        throw "Get-Help -Examples returned no examples for cmdlet: `$name"
+    }
+
+    `$exampleNodes = @(`$examples.examples.example)
+    if (`$exampleNodes.Count -lt 1) {
+        throw "Get-Help -Examples returned zero examples for cmdlet: `$name"
+    }
+
+    foreach (`$example in `$exampleNodes) {
+        `$code = (`$example.code | Out-String).Trim()
+        if ([string]::IsNullOrWhiteSpace(`$code)) {
+            throw "Example with empty code block found for cmdlet: `$name"
+        }
     }
 }
 
@@ -297,6 +335,35 @@ foreach ($assembly in $desiredAssemblies) {
     }
 }
 
+Write-Step "Staging cmdlet help XML next to module binary"
+$moduleCultureDirs = Get-ChildItem -LiteralPath $ModuleRoot.FullName -Directory -Force -ErrorAction SilentlyContinue |
+    Where-Object { $_.Name -match '^[a-z]{2}(-[A-Za-z0-9]+)*$' }
+foreach ($cultureDir in $moduleCultureDirs) {
+    $helpXmlSource = [System.IO.FileInfo][System.IO.Path]::Combine($cultureDir.FullName, 'PSInfisicalAPI.dll-Help.xml')
+    if (-not $helpXmlSource.Exists) { continue }
+
+    $binCultureDir = [System.IO.DirectoryInfo][System.IO.Path]::Combine($ModuleBinDir.FullName, $cultureDir.Name)
+    Ensure-Directory -Directory $binCultureDir
+    Copy-Item -LiteralPath $helpXmlSource.FullName -Destination $binCultureDir.FullName -Force
+}
+
+$primaryHelpXml = [System.IO.FileInfo][System.IO.Path]::Combine($ModuleBinDir.FullName, 'en-US', 'PSInfisicalAPI.dll-Help.xml')
+if (-not $primaryHelpXml.Exists) {
+    throw "Help XML not found at '$($primaryHelpXml.FullName)'. Ensure Module/PSInfisicalAPI/en-US/PSInfisicalAPI.dll-Help.xml exists."
+}
+
+try {
+    [xml]$helpDocument = Get-Content -LiteralPath $primaryHelpXml.FullName -Raw
+} catch {
+    throw "Help XML at '$($primaryHelpXml.FullName)' failed to parse as XML: $_"
+}
+
+$helpCommandCount = @($helpDocument.helpItems.command).Count
+if ($helpCommandCount -lt 1) {
+    throw "Help XML at '$($primaryHelpXml.FullName)' contains no <command:command> entries."
+}
+Write-Step "Help XML contains $helpCommandCount cmdlet entries."
+
 $manifestPath = [System.IO.FileInfo][System.IO.Path]::Combine($ModuleRoot.FullName, 'PSInfisicalAPI.psd1')
 Write-Manifest -Path $manifestPath -ModuleVersion $buildVersion -CommitHash $commitHash
 
diff --git a/src/PSInfisicalAPI.Tests/CertificateMapperTests.cs b/src/PSInfisicalAPI.Tests/CertificateMapperTests.cs
index a9653b3..13d21f4 100644
--- a/src/PSInfisicalAPI.Tests/CertificateMapperTests.cs
+++ b/src/PSInfisicalAPI.Tests/CertificateMapperTests.cs
@@ -12,6 +12,7 @@ namespace PSInfisicalAPI.Tests
         private static readonly Type CertDtoType = ModuleAssembly.GetType("PSInfisicalAPI.Pki.InfisicalCertificateResponseDto", true);
         private static readonly Type CaMapperType = ModuleAssembly.GetType("PSInfisicalAPI.Pki.InfisicalCaMapper", true);
         private static readonly Type CaDtoType = ModuleAssembly.GetType("PSInfisicalAPI.Pki.InfisicalInternalCaResponseDto", true);
+        private static readonly Type CaConfigDtoType = ModuleAssembly.GetType("PSInfisicalAPI.Pki.InfisicalInternalCaConfigurationDto", true);
         private static readonly Type BundleDtoType = ModuleAssembly.GetType("PSInfisicalAPI.Pki.InfisicalCertificateBundleResponseDto", true);
 
         private static InfisicalCertificate InvokeCertMap(object dto, string fallbackProjectId)
@@ -90,6 +91,43 @@ namespace PSInfisicalAPI.Tests
             Assert.Equal("proj-fallback", mapped.ProjectId);
         }
 
+        [Fact]
+        public void CaMap_Prefers_Configuration_Fields_Over_TopLevel()
+        {
+            object cfg = Activator.CreateInstance(CaConfigDtoType);
+            CaConfigDtoType.GetProperty("FriendlyName").SetValue(cfg, "C=US, CN=GSPA Intermediate");
+            CaConfigDtoType.GetProperty("CommonName").SetValue(cfg, "GSPA Intermediate");
+            CaConfigDtoType.GetProperty("OrganizationName").SetValue(cfg, "GSPA");
+            CaConfigDtoType.GetProperty("OrganizationUnit").SetValue(cfg, "MECM");
+            CaConfigDtoType.GetProperty("Country").SetValue(cfg, "US");
+            CaConfigDtoType.GetProperty("KeyAlgorithm").SetValue(cfg, "RSA_2048");
+            CaConfigDtoType.GetProperty("DistinguishedName").SetValue(cfg, "CN=GSPA Intermediate");
+            CaConfigDtoType.GetProperty("SerialNumber").SetValue(cfg, "74a4b62197ad");
+            CaConfigDtoType.GetProperty("MaxPathLength").SetValue(cfg, 0);
+            CaConfigDtoType.GetProperty("Type").SetValue(cfg, "intermediate");
+
+            object dto = Activator.CreateInstance(CaDtoType);
+            CaDtoType.GetProperty("Id").SetValue(dto, "ca-9");
+            CaDtoType.GetProperty("Name").SetValue(dto, "intermediate-ca");
+            CaDtoType.GetProperty("Type").SetValue(dto, "internal");
+            CaDtoType.GetProperty("Status").SetValue(dto, "active");
+            CaDtoType.GetProperty("Configuration").SetValue(dto, cfg);
+
+            InfisicalCertificateAuthority mapped = InvokeCaMap(dto, "proj-fallback");
+            Assert.Equal("ca-9", mapped.Id);
+            Assert.Equal("intermediate-ca", mapped.Name);
+            Assert.Equal("internal", mapped.Type);
+            Assert.Equal("C=US, CN=GSPA Intermediate", mapped.FriendlyName);
+            Assert.Equal("GSPA Intermediate", mapped.CommonName);
+            Assert.Equal("GSPA", mapped.OrganizationName);
+            Assert.Equal("MECM", mapped.OrganizationUnit);
+            Assert.Equal("US", mapped.Country);
+            Assert.Equal("RSA_2048", mapped.KeyAlgorithm);
+            Assert.Equal("CN=GSPA Intermediate", mapped.DistinguishedName);
+            Assert.Equal("74a4b62197ad", mapped.SerialNumber);
+            Assert.Equal(0, mapped.MaxPathLength);
+        }
+
         [Fact]
         public void BundleMap_Maps_All_Pem_Fields()
         {
diff --git a/src/PSInfisicalAPI.Tests/CsrAndRequestCmdletTests.cs b/src/PSInfisicalAPI.Tests/CsrAndRequestCmdletTests.cs
new file mode 100644
index 0000000..e048a6a
--- /dev/null
+++ b/src/PSInfisicalAPI.Tests/CsrAndRequestCmdletTests.cs
@@ -0,0 +1,479 @@
+using System;
+using System.Collections;
+using System.Collections.Generic;
+using System.Management.Automation;
+using System.Reflection;
+using PSInfisicalAPI.Endpoints;
+using PSInfisicalAPI.Pki;
+using Xunit;
+
+namespace PSInfisicalAPI.Tests
+{
+    public class CsrAndRequestCmdletTests
+    {
+        private static readonly Assembly ModuleAssembly = typeof(PSInfisicalAPI.Connections.InfisicalConnection).Assembly;
+
+        [Fact]
+        public void CsrBuilder_Rsa2048_Produces_Pem_Csr_And_PrivateKey_With_Subject_And_Sans()
+        {
+            InfisicalCsrSubject subject = new InfisicalCsrSubject
+            {
+                CommonName = "test.contoso.local",
+                Organization = "Contoso",
+                Country = "US"
+            };
+
+            InfisicalCsrOptions options = new InfisicalCsrOptions { KeyAlgorithm = InfisicalKeyAlgorithm.Rsa, RsaKeySize = 2048 };
+            InfisicalCsrResult result = InfisicalCsrBuilder.Build(subject, new[] { "test.contoso.local", "alt.contoso.local" }, new[] { "10.0.0.5" }, options);
+
+            Assert.NotNull(result);
+            Assert.Contains("BEGIN CERTIFICATE REQUEST", result.CsrPem);
+            Assert.Contains("END CERTIFICATE REQUEST", result.CsrPem);
+            Assert.Contains("BEGIN RSA PRIVATE KEY", result.PrivateKeyPem);
+
+            Org.BouncyCastle.Pkcs.Pkcs10CertificationRequest pkcs10 = ReadCsr(result.CsrPem);
+            Assert.True(pkcs10.Verify());
+            Org.BouncyCastle.Crypto.Parameters.RsaKeyParameters rsa = Assert.IsAssignableFrom<Org.BouncyCastle.Crypto.Parameters.RsaKeyParameters>(pkcs10.GetPublicKey());
+            Assert.Equal(2048, rsa.Modulus.BitLength);
+        }
+
+        [Theory]
+        [InlineData(InfisicalEcCurve.P256, "1.2.840.10045.3.1.7")]
+        [InlineData(InfisicalEcCurve.P384, "1.3.132.0.34")]
+        public void CsrBuilder_Ecdsa_Produces_Verifiable_Csr(InfisicalEcCurve curve, string expectedCurveOid)
+        {
+            InfisicalCsrSubject subject = new InfisicalCsrSubject { CommonName = "ec.contoso.local" };
+            InfisicalCsrOptions options = new InfisicalCsrOptions { KeyAlgorithm = InfisicalKeyAlgorithm.Ecdsa, EcCurve = curve };
+            InfisicalCsrResult result = InfisicalCsrBuilder.Build(subject, new[] { "ec.contoso.local" }, null, options);
+
+            Assert.Contains("BEGIN CERTIFICATE REQUEST", result.CsrPem);
+            Assert.True(result.PrivateKeyPem.Contains("BEGIN EC PRIVATE KEY") || result.PrivateKeyPem.Contains("BEGIN PRIVATE KEY"));
+
+            Org.BouncyCastle.Pkcs.Pkcs10CertificationRequest pkcs10 = ReadCsr(result.CsrPem);
+            Assert.True(pkcs10.Verify());
+            Org.BouncyCastle.Crypto.Parameters.ECPublicKeyParameters ec = Assert.IsAssignableFrom<Org.BouncyCastle.Crypto.Parameters.ECPublicKeyParameters>(pkcs10.GetPublicKey());
+            Assert.Equal(expectedCurveOid, ec.PublicKeyParamSet.Id);
+        }
+
+        [Fact]
+        public void CsrBuilder_Ed25519_Produces_Verifiable_Csr()
+        {
+            InfisicalCsrSubject subject = new InfisicalCsrSubject { CommonName = "ed.contoso.local" };
+            InfisicalCsrOptions options = new InfisicalCsrOptions { KeyAlgorithm = InfisicalKeyAlgorithm.Ed25519 };
+            InfisicalCsrResult result = InfisicalCsrBuilder.Build(subject, new[] { "ed.contoso.local" }, null, options);
+
+            Assert.Contains("BEGIN CERTIFICATE REQUEST", result.CsrPem);
+            Assert.Contains("BEGIN PRIVATE KEY", result.PrivateKeyPem);
+
+            Org.BouncyCastle.Pkcs.Pkcs10CertificationRequest pkcs10 = ReadCsr(result.CsrPem);
+            Assert.True(pkcs10.Verify());
+            Assert.IsAssignableFrom<Org.BouncyCastle.Crypto.Parameters.Ed25519PublicKeyParameters>(pkcs10.GetPublicKey());
+        }
+
+        [Fact]
+        public void CsrBuilder_Rsa_Rejects_Invalid_KeySize()
+        {
+            InfisicalCsrSubject subject = new InfisicalCsrSubject { CommonName = "test.local" };
+            InfisicalCsrOptions options = new InfisicalCsrOptions { KeyAlgorithm = InfisicalKeyAlgorithm.Rsa, RsaKeySize = 1024 };
+            Assert.Throws<ArgumentException>(() => InfisicalCsrBuilder.Build(subject, null, null, options));
+        }
+
+        [Fact]
+        public void CsrBuilder_Throws_When_CommonName_Missing()
+        {
+            InfisicalCsrSubject subject = new InfisicalCsrSubject { Organization = "Contoso" };
+            Assert.Throws<ArgumentException>(() => InfisicalCsrBuilder.Build(subject, null, null, new InfisicalCsrOptions()));
+        }
+
+        private static Org.BouncyCastle.Pkcs.Pkcs10CertificationRequest ReadCsr(string pem)
+        {
+            using (System.IO.StringReader reader = new System.IO.StringReader(pem))
+            {
+                Org.BouncyCastle.OpenSsl.PemReader pemReader = new Org.BouncyCastle.OpenSsl.PemReader(reader);
+                object obj = pemReader.ReadObject();
+                return Assert.IsType<Org.BouncyCastle.Pkcs.Pkcs10CertificationRequest>(obj);
+            }
+        }
+
+        [Fact]
+        public void MergeSubject_Hashtable_Then_Individual_Params_Override()
+        {
+            Type helperType = ModuleAssembly.GetType("PSInfisicalAPI.Pki.InfisicalCertificateRequestHelpers", true);
+            MethodInfo merge = helperType.GetMethod("MergeSubject", BindingFlags.Public | BindingFlags.Static);
+            Assert.NotNull(merge);
+
+            Hashtable subject = new Hashtable { { "CN", "fallback.local" }, { "O", "FallbackOrg" }, { "C", "DE" } };
+            object result = merge.Invoke(null, new object[] { subject, "explicit.local", null, null, null, "ExplicitOrg", null, null });
+
+            PropertyInfo commonNameProp = result.GetType().GetProperty("CommonName");
+            PropertyInfo organizationProp = result.GetType().GetProperty("Organization");
+            PropertyInfo countryProp = result.GetType().GetProperty("Country");
+
+            Assert.Equal("explicit.local", commonNameProp.GetValue(result));
+            Assert.Equal("ExplicitOrg", organizationProp.GetValue(result));
+            Assert.Equal("DE", countryProp.GetValue(result));
+        }
+
+        [Fact]
+        public void Candidates_For_SignCertificateBySubscriber_Include_Pki_And_CertManager()
+        {
+            IReadOnlyList<InfisicalEndpointDefinition> candidates = InfisicalEndpointRegistry.GetCandidates(InfisicalEndpointNames.SignCertificateBySubscriber);
+            Assert.Contains(candidates, c => c.Template == "/api/v1/pki/pki-subscribers/{subscriberName}/sign-certificate");
+            Assert.Contains(candidates, c => c.Template == "/api/v1/cert-manager/pki-subscribers/{subscriberName}/sign-certificate");
+            foreach (InfisicalEndpointDefinition candidate in candidates)
+            {
+                Assert.Equal("POST", candidate.Method);
+                Assert.True(candidate.RequiresAuthorization);
+                Assert.True(candidate.ContainsSecretMaterialInResponse);
+            }
+        }
+
+        [Fact]
+        public void Candidates_For_SignCertificateByCa_Include_Pki_And_CertManager()
+        {
+            IReadOnlyList<InfisicalEndpointDefinition> candidates = InfisicalEndpointRegistry.GetCandidates(InfisicalEndpointNames.SignCertificateByCa);
+            Assert.Contains(candidates, c => c.Template == "/api/v1/pki/ca/{caId}/sign-certificate");
+            Assert.Contains(candidates, c => c.Template == "/api/v1/cert-manager/ca/{caId}/sign-certificate");
+        }
+
+        [Fact]
+        public void RequestInfisicalCertificate_Cmdlet_Has_Both_Parameter_Sets()
+        {
+            Type cmdletType = ModuleAssembly.GetType("PSInfisicalAPI.Cmdlets.RequestInfisicalCertificateCmdlet", true);
+            Assert.True(typeof(PSInfisicalAPI.Cmdlets.InfisicalCmdletBase).IsAssignableFrom(cmdletType));
+
+            CustomAttributeData cmdletData = null;
+            foreach (CustomAttributeData candidate in cmdletType.GetCustomAttributesData())
+            {
+                if (candidate.AttributeType == typeof(CmdletAttribute)) { cmdletData = candidate; break; }
+            }
+            Assert.NotNull(cmdletData);
+            Assert.Equal(VerbsLifecycle.Request, cmdletData.ConstructorArguments[0].Value);
+            Assert.Equal("InfisicalCertificate", cmdletData.ConstructorArguments[1].Value);
+
+            string defaultParameterSetName = null;
+            foreach (CustomAttributeNamedArgument named in cmdletData.NamedArguments)
+            {
+                if (named.MemberName == "DefaultParameterSetName") { defaultParameterSetName = (string)named.TypedValue.Value; break; }
+            }
+            Assert.Equal("BySubscriber", defaultParameterSetName);
+
+            Assert.NotNull(cmdletType.GetProperty("PkiSubscriberSlug"));
+            Assert.NotNull(cmdletType.GetProperty("CertificateAuthorityId"));
+            Assert.NotNull(cmdletType.GetProperty("Subject"));
+            Assert.NotNull(cmdletType.GetProperty("CommonName"));
+            Assert.NotNull(cmdletType.GetProperty("DnsName"));
+            Assert.NotNull(cmdletType.GetProperty("IpAddress"));
+            Assert.NotNull(cmdletType.GetProperty("Install"));
+            Assert.NotNull(cmdletType.GetProperty("StoreName"));
+            Assert.NotNull(cmdletType.GetProperty("StoreLocation"));
+            Assert.NotNull(cmdletType.GetProperty("AllowRenewal"));
+            Assert.NotNull(cmdletType.GetProperty("RenewalThresholdDays"));
+            Assert.NotNull(cmdletType.GetProperty("Force"));
+            Assert.NotNull(cmdletType.GetProperty("InstallChain"));
+
+            PropertyInfo keyAlgorithmProp = cmdletType.GetProperty("KeyAlgorithm");
+            PropertyInfo curveProp = cmdletType.GetProperty("Curve");
+            Assert.NotNull(keyAlgorithmProp);
+            Assert.NotNull(curveProp);
+            Assert.Equal(typeof(InfisicalKeyAlgorithm), keyAlgorithmProp.PropertyType);
+            Assert.Equal(typeof(InfisicalEcCurve), curveProp.PropertyType);
+
+            PropertyInfo protectionProp = cmdletType.GetProperty("PrivateKeyProtection");
+            Assert.NotNull(protectionProp);
+            Assert.Equal(typeof(InfisicalPrivateKeyProtection), protectionProp.PropertyType);
+            Assert.NotNull(cmdletType.GetProperty("PersistKey"));
+            Assert.NotNull(cmdletType.GetProperty("MachineKey"));
+            Assert.NotNull(cmdletType.GetProperty("PrivateKeyPath"));
+            Assert.NotNull(cmdletType.GetProperty("LocalChainOnly"));
+
+            CustomAttributeData outputTypeData = null;
+            foreach (CustomAttributeData candidate in cmdletType.GetCustomAttributesData())
+            {
+                if (candidate.AttributeType == typeof(OutputTypeAttribute)) { outputTypeData = candidate; break; }
+            }
+            Assert.NotNull(outputTypeData);
+            IList<CustomAttributeTypedArgument> outputTypeArgs = (IList<CustomAttributeTypedArgument>)outputTypeData.ConstructorArguments[0].Value;
+            Assert.Contains(outputTypeArgs, a => (Type)a.Value == typeof(PSInfisicalAPI.Models.InfisicalCertificateResult));
+        }
+
+        [Fact]
+        public void BuildResult_Splits_Chain_Into_Leaf_Intermediates_And_Root()
+        {
+            (string leafPem, _, string leafThumb) = PemCertificateBuilderTests.CreateSelfSignedExposed("BuildResult.Leaf");
+            (string intermediatePem, _, string intermediateThumb) = PemCertificateBuilderTests.CreateSelfSignedExposed("BuildResult.Intermediate");
+            (string rootPem, _, string rootThumb) = PemCertificateBuilderTests.CreateSelfSignedExposed("BuildResult.Root");
+
+            PSInfisicalAPI.Models.InfisicalSignedCertificate signed = new PSInfisicalAPI.Models.InfisicalSignedCertificate
+            {
+                SerialNumber = "ABC123",
+                CertificatePem = leafPem,
+                CertificateChainPem = intermediatePem + rootPem,
+                IssuingCaCertificatePem = rootPem
+            };
+
+            using (System.Security.Cryptography.X509Certificates.X509Certificate2 leaf = new System.Security.Cryptography.X509Certificates.X509Certificate2(System.Text.Encoding.ASCII.GetBytes(leafPem)))
+            {
+                Type helperType = ModuleAssembly.GetType("PSInfisicalAPI.Pki.InfisicalCertificateRequestHelpers", true);
+                MethodInfo buildResult = helperType.GetMethod("BuildResult", BindingFlags.Public | BindingFlags.Static);
+                Assert.NotNull(buildResult);
+
+                PSInfisicalAPI.Models.InfisicalCertificateResult result = (PSInfisicalAPI.Models.InfisicalCertificateResult)buildResult.Invoke(null, new object[] { leaf, signed });
+
+                Assert.Same(leaf, result.Leaf);
+                Assert.Equal("ABC123", result.SerialNumber);
+                Assert.Empty(result.Intermediates);
+                Assert.NotNull(result.Root);
+                Assert.Equal(2, result.Chain.Length);
+                Assert.Same(leaf, result.Chain[0]);
+            }
+        }
+
+        [Theory]
+        [InlineData(InfisicalPrivateKeyProtection.LocalOnly, false, false, System.Security.Cryptography.X509Certificates.X509KeyStorageFlags.DefaultKeySet)]
+        [InlineData(InfisicalPrivateKeyProtection.Exportable, false, false, System.Security.Cryptography.X509Certificates.X509KeyStorageFlags.Exportable)]
+        [InlineData(InfisicalPrivateKeyProtection.NonExportable, false, false, System.Security.Cryptography.X509Certificates.X509KeyStorageFlags.DefaultKeySet)]
+        [InlineData(InfisicalPrivateKeyProtection.LocalOnly, true, false, System.Security.Cryptography.X509Certificates.X509KeyStorageFlags.PersistKeySet)]
+        [InlineData(InfisicalPrivateKeyProtection.LocalOnly, false, true, System.Security.Cryptography.X509Certificates.X509KeyStorageFlags.MachineKeySet)]
+        [InlineData(InfisicalPrivateKeyProtection.Exportable, true, true, System.Security.Cryptography.X509Certificates.X509KeyStorageFlags.Exportable | System.Security.Cryptography.X509Certificates.X509KeyStorageFlags.MachineKeySet | System.Security.Cryptography.X509Certificates.X509KeyStorageFlags.PersistKeySet)]
+        public void ResolveKeyStorageFlags_Maps_Protection_And_Switches(InfisicalPrivateKeyProtection protection, bool persist, bool machine, System.Security.Cryptography.X509Certificates.X509KeyStorageFlags expected)
+        {
+            Type helperType = ModuleAssembly.GetType("PSInfisicalAPI.Pki.InfisicalCertificateRequestHelpers", true);
+            MethodInfo method = helperType.GetMethod("ResolveKeyStorageFlags", BindingFlags.Public | BindingFlags.Static);
+            Assert.NotNull(method);
+
+            System.Security.Cryptography.X509Certificates.X509KeyStorageFlags actual = (System.Security.Cryptography.X509Certificates.X509KeyStorageFlags)method.Invoke(null, new object[] { protection, persist, machine });
+            Assert.Equal(expected, actual);
+        }
+
+        [Theory]
+        [InlineData(InfisicalPrivateKeyProtection.LocalOnly, false, false)]
+        [InlineData(InfisicalPrivateKeyProtection.Exportable, false, false)]
+        [InlineData(InfisicalPrivateKeyProtection.NonExportable, false, true)]
+        [InlineData(InfisicalPrivateKeyProtection.Ephemeral, false, true)]
+        [InlineData(InfisicalPrivateKeyProtection.LocalOnly, true, true)]
+        [InlineData(InfisicalPrivateKeyProtection.Exportable, true, true)]
+        public void ShouldScrubPrivateKeyPem_Returns_Expected(InfisicalPrivateKeyProtection protection, bool hasPath, bool expected)
+        {
+            Type helperType = ModuleAssembly.GetType("PSInfisicalAPI.Pki.InfisicalCertificateRequestHelpers", true);
+            MethodInfo method = helperType.GetMethod("ShouldScrubPrivateKeyPem", BindingFlags.Public | BindingFlags.Static);
+            Assert.NotNull(method);
+
+            bool actual = (bool)method.Invoke(null, new object[] { protection, hasPath });
+            Assert.Equal(expected, actual);
+        }
+
+        [Fact]
+        public void WritePrivateKeyPem_Writes_File_And_Creates_Directory()
+        {
+            Type helperType = ModuleAssembly.GetType("PSInfisicalAPI.Pki.InfisicalCertificateRequestHelpers", true);
+            MethodInfo method = helperType.GetMethod("WritePrivateKeyPem", BindingFlags.Public | BindingFlags.Static);
+            Assert.NotNull(method);
+
+            string tempRoot = System.IO.Path.Combine(System.IO.Path.GetTempPath(), "PSInfisicalAPI_PemWrite_" + Guid.NewGuid().ToString("N"));
+            string nested = System.IO.Path.Combine(tempRoot, "nested", "key.pem");
+            const string pem = "-----BEGIN PRIVATE KEY-----\nMIIBVgIBADANBgkqhkiG9w0BAQEFAA==\n-----END PRIVATE KEY-----\n";
+            try
+            {
+                method.Invoke(null, new object[] { pem, nested });
+                Assert.True(System.IO.File.Exists(nested));
+                Assert.Equal(pem, System.IO.File.ReadAllText(nested));
+            }
+            finally
+            {
+                if (System.IO.Directory.Exists(tempRoot)) { System.IO.Directory.Delete(tempRoot, true); }
+            }
+        }
+
+        [Fact]
+        public void BuildResultFromExistingLocal_Populates_Leaf_And_Pem_For_Selfsigned()
+        {
+            (string leafPem, _, string leafThumb) = PemCertificateBuilderTests.CreateSelfSignedExposed("ReuseLookup.Leaf");
+
+            using (System.Security.Cryptography.X509Certificates.X509Certificate2 leaf = new System.Security.Cryptography.X509Certificates.X509Certificate2(System.Text.Encoding.ASCII.GetBytes(leafPem)))
+            {
+                Type helperType = ModuleAssembly.GetType("PSInfisicalAPI.Pki.InfisicalCertificateRequestHelpers", true);
+                MethodInfo build = helperType.GetMethod("BuildResultFromExistingLocal", BindingFlags.Public | BindingFlags.Static, null, new Type[] { typeof(System.Security.Cryptography.X509Certificates.X509Certificate2) }, null);
+                Assert.NotNull(build);
+
+                PSInfisicalAPI.Models.InfisicalCertificateResult result = (PSInfisicalAPI.Models.InfisicalCertificateResult)build.Invoke(null, new object[] { leaf });
+
+                Assert.Same(leaf, result.Leaf);
+                Assert.Equal(leaf.SerialNumber, result.SerialNumber);
+                Assert.Contains("BEGIN CERTIFICATE", result.CertificatePem);
+                Assert.NotNull(result.Chain);
+                Assert.NotEmpty(result.Chain);
+                Assert.Same(leaf, result.Chain[0]);
+                Assert.Empty(result.Intermediates);
+            }
+        }
+
+        [Fact]
+        public void BuildResultFromExistingLocal_Has_Bundle_Fallback_Overload()
+        {
+            Type helperType = ModuleAssembly.GetType("PSInfisicalAPI.Pki.InfisicalCertificateRequestHelpers", true);
+            MethodInfo overload = helperType.GetMethod(
+                "BuildResultFromExistingLocal",
+                BindingFlags.Public | BindingFlags.Static,
+                null,
+                new Type[] { typeof(System.Security.Cryptography.X509Certificates.X509Certificate2), typeof(PSInfisicalAPI.Models.InfisicalCertificateBundle) },
+                null);
+            Assert.NotNull(overload);
+            Assert.Equal(typeof(PSInfisicalAPI.Models.InfisicalCertificateResult), overload.ReturnType);
+        }
+
+        [Fact]
+        public void BuildResultFromExistingLocal_With_Null_Bundle_Matches_LocalOnly_Behavior()
+        {
+            (string leafPem, _, _) = PemCertificateBuilderTests.CreateSelfSignedExposed("ReuseLookup.Bundle.Null.Leaf");
+
+            using (System.Security.Cryptography.X509Certificates.X509Certificate2 leaf = new System.Security.Cryptography.X509Certificates.X509Certificate2(System.Text.Encoding.ASCII.GetBytes(leafPem)))
+            {
+                Type helperType = ModuleAssembly.GetType("PSInfisicalAPI.Pki.InfisicalCertificateRequestHelpers", true);
+                MethodInfo overload = helperType.GetMethod(
+                    "BuildResultFromExistingLocal",
+                    BindingFlags.Public | BindingFlags.Static,
+                    null,
+                    new Type[] { typeof(System.Security.Cryptography.X509Certificates.X509Certificate2), typeof(PSInfisicalAPI.Models.InfisicalCertificateBundle) },
+                    null);
+
+                PSInfisicalAPI.Models.InfisicalCertificateResult result = (PSInfisicalAPI.Models.InfisicalCertificateResult)overload.Invoke(null, new object[] { leaf, null });
+
+                Assert.Same(leaf, result.Leaf);
+                Assert.Empty(result.Intermediates);
+                Assert.Single(result.Chain);
+            }
+        }
+
+        [Fact]
+        public void BuildResultFromExistingLocal_With_Bundle_Merges_Chain_From_Bundle()
+        {
+            (string leafPem, _, string leafThumb) = PemCertificateBuilderTests.CreateSelfSignedExposed("ReuseLookup.Bundle.Leaf");
+            (string caPem, _, string caThumb) = PemCertificateBuilderTests.CreateSelfSignedExposed("ReuseLookup.Bundle.Ca");
+
+            using (System.Security.Cryptography.X509Certificates.X509Certificate2 leaf = new System.Security.Cryptography.X509Certificates.X509Certificate2(System.Text.Encoding.ASCII.GetBytes(leafPem)))
+            {
+                PSInfisicalAPI.Models.InfisicalCertificateBundle bundle = new PSInfisicalAPI.Models.InfisicalCertificateBundle
+                {
+                    SerialNumber = leaf.SerialNumber,
+                    CertificatePem = leafPem,
+                    CertificateChainPem = caPem
+                };
+
+                Type helperType = ModuleAssembly.GetType("PSInfisicalAPI.Pki.InfisicalCertificateRequestHelpers", true);
+                MethodInfo overload = helperType.GetMethod(
+                    "BuildResultFromExistingLocal",
+                    BindingFlags.Public | BindingFlags.Static,
+                    null,
+                    new Type[] { typeof(System.Security.Cryptography.X509Certificates.X509Certificate2), typeof(PSInfisicalAPI.Models.InfisicalCertificateBundle) },
+                    null);
+
+                PSInfisicalAPI.Models.InfisicalCertificateResult result = (PSInfisicalAPI.Models.InfisicalCertificateResult)overload.Invoke(null, new object[] { leaf, bundle });
+
+                Assert.Same(leaf, result.Leaf);
+                Assert.NotNull(result.Root);
+                Assert.Equal(caThumb, result.Root.Thumbprint);
+                Assert.Equal(2, result.Chain.Length);
+                Assert.Same(leaf, result.Chain[0]);
+                Assert.Equal(caThumb, result.Chain[1].Thumbprint);
+
+                Assert.NotNull(result.CertificateChainPem);
+                Assert.Contains("BEGIN CERTIFICATE", result.CertificateChainPem);
+            }
+        }
+
+        [Fact]
+        public void GetChainCertificateTargetStore_SelfSigned_Returns_Root()
+        {
+            using (System.Security.Cryptography.RSA rsa = System.Security.Cryptography.RSA.Create(2048))
+            {
+                System.Security.Cryptography.X509Certificates.CertificateRequest request = new System.Security.Cryptography.X509Certificates.CertificateRequest(
+                    "CN=ChainRouting.SelfSigned",
+                    rsa,
+                    System.Security.Cryptography.HashAlgorithmName.SHA256,
+                    System.Security.Cryptography.RSASignaturePadding.Pkcs1);
+                using (System.Security.Cryptography.X509Certificates.X509Certificate2 selfSigned = request.CreateSelfSigned(DateTimeOffset.UtcNow.AddMinutes(-5), DateTimeOffset.UtcNow.AddDays(1)))
+                {
+                    Type helperType = ModuleAssembly.GetType("PSInfisicalAPI.Pki.InfisicalCertificateRequestHelpers", true);
+                    MethodInfo classify = helperType.GetMethod("GetChainCertificateTargetStore", BindingFlags.Public | BindingFlags.Static);
+                    Assert.NotNull(classify);
+
+                    object result = classify.Invoke(null, new object[] { selfSigned });
+                    Assert.Equal(System.Security.Cryptography.X509Certificates.StoreName.Root, result);
+                }
+            }
+        }
+
+        [Fact]
+        public void GetChainCertificateTargetStore_NonSelfSigned_Returns_CertificateAuthority()
+        {
+            using (System.Security.Cryptography.RSA rootRsa = System.Security.Cryptography.RSA.Create(2048))
+            using (System.Security.Cryptography.RSA intermediateRsa = System.Security.Cryptography.RSA.Create(2048))
+            {
+                System.Security.Cryptography.X509Certificates.CertificateRequest rootRequest = new System.Security.Cryptography.X509Certificates.CertificateRequest(
+                    "CN=ChainRouting.Root",
+                    rootRsa,
+                    System.Security.Cryptography.HashAlgorithmName.SHA256,
+                    System.Security.Cryptography.RSASignaturePadding.Pkcs1);
+                rootRequest.CertificateExtensions.Add(new System.Security.Cryptography.X509Certificates.X509BasicConstraintsExtension(true, false, 0, true));
+
+                using (System.Security.Cryptography.X509Certificates.X509Certificate2 rootCert = rootRequest.CreateSelfSigned(DateTimeOffset.UtcNow.AddMinutes(-5), DateTimeOffset.UtcNow.AddDays(1)))
+                {
+                    System.Security.Cryptography.X509Certificates.CertificateRequest intermediateRequest = new System.Security.Cryptography.X509Certificates.CertificateRequest(
+                        "CN=ChainRouting.Intermediate",
+                        intermediateRsa,
+                        System.Security.Cryptography.HashAlgorithmName.SHA256,
+                        System.Security.Cryptography.RSASignaturePadding.Pkcs1);
+                    intermediateRequest.CertificateExtensions.Add(new System.Security.Cryptography.X509Certificates.X509BasicConstraintsExtension(true, false, 0, true));
+
+                    byte[] serial = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 };
+                    using (System.Security.Cryptography.X509Certificates.X509Certificate2 intermediate = intermediateRequest.Create(rootCert, DateTimeOffset.UtcNow.AddMinutes(-5), DateTimeOffset.UtcNow.AddDays(1), serial))
+                    {
+                        Assert.NotEqual(intermediate.Subject, intermediate.Issuer);
+
+                        Type helperType = ModuleAssembly.GetType("PSInfisicalAPI.Pki.InfisicalCertificateRequestHelpers", true);
+                        MethodInfo classify = helperType.GetMethod("GetChainCertificateTargetStore", BindingFlags.Public | BindingFlags.Static);
+
+                        object result = classify.Invoke(null, new object[] { intermediate });
+                        Assert.Equal(System.Security.Cryptography.X509Certificates.StoreName.CertificateAuthority, result);
+                    }
+                }
+            }
+        }
+
+        [Fact]
+        public void InstallChain_Has_X509Collection_Overload()
+        {
+            Type helperType = ModuleAssembly.GetType("PSInfisicalAPI.Pki.InfisicalCertificateRequestHelpers", true);
+            Type loggerType = ModuleAssembly.GetType("PSInfisicalAPI.Logging.IInfisicalLogger", true);
+
+            MethodInfo overload = helperType.GetMethod(
+                "InstallChain",
+                BindingFlags.Public | BindingFlags.Static,
+                null,
+                new Type[]
+                {
+                    typeof(System.Collections.Generic.IEnumerable<System.Security.Cryptography.X509Certificates.X509Certificate2>),
+                    typeof(System.Security.Cryptography.X509Certificates.StoreLocation),
+                    typeof(bool),
+                    loggerType,
+                    typeof(string)
+                },
+                null);
+
+            Assert.NotNull(overload);
+            Assert.Equal(typeof(void), overload.ReturnType);
+        }
+
+        [Fact]
+        public void InstallInfisicalCertificateCmdlet_Uses_ChainRouting_Helper()
+        {
+            Type cmdletType = ModuleAssembly.GetType("PSInfisicalAPI.Cmdlets.InstallInfisicalCertificateCmdlet", true);
+            Assert.NotNull(cmdletType);
+
+            Type helperType = ModuleAssembly.GetType("PSInfisicalAPI.Pki.InfisicalCertificateRequestHelpers", true);
+            MethodInfo classify = helperType.GetMethod("GetChainCertificateTargetStore", BindingFlags.Public | BindingFlags.Static);
+            Assert.NotNull(classify);
+        }
+    }
+}
diff --git a/src/PSInfisicalAPI.Tests/PemCertificateBuilderTests.cs b/src/PSInfisicalAPI.Tests/PemCertificateBuilderTests.cs
index b147725..17d3d01 100644
--- a/src/PSInfisicalAPI.Tests/PemCertificateBuilderTests.cs
+++ b/src/PSInfisicalAPI.Tests/PemCertificateBuilderTests.cs
@@ -8,6 +8,11 @@ namespace PSInfisicalAPI.Tests
 {
     public class PemCertificateBuilderTests
     {
+        public static (string CertPem, string KeyPem, string Thumbprint) CreateSelfSignedExposed(string commonName)
+        {
+            return CreateSelfSigned(commonName);
+        }
+
         private static (string CertPem, string KeyPem, string Thumbprint) CreateSelfSigned(string commonName)
         {
             using (RSA rsa = RSA.Create(2048))
diff --git a/src/PSInfisicalAPI.Tests/PkiClientParseTests.cs b/src/PSInfisicalAPI.Tests/PkiClientParseTests.cs
new file mode 100644
index 0000000..8ccbf5d
--- /dev/null
+++ b/src/PSInfisicalAPI.Tests/PkiClientParseTests.cs
@@ -0,0 +1,86 @@
+using System;
+using System.Collections;
+using System.Reflection;
+using PSInfisicalAPI.Http;
+using PSInfisicalAPI.Logging;
+using PSInfisicalAPI.Pki;
+using Xunit;
+
+namespace PSInfisicalAPI.Tests
+{
+    public class PkiClientParseTests
+    {
+        private sealed class NoopHttpClient : IInfisicalHttpClient
+        {
+            public InfisicalHttpResponse Send(InfisicalHttpRequest request) { throw new NotImplementedException(); }
+        }
+
+        private static InfisicalPkiClient CreateClient()
+        {
+            return new InfisicalPkiClient(new NoopHttpClient(), NullInfisicalLogger.Instance);
+        }
+
+        private static object InvokeNonPublic(InfisicalPkiClient client, string methodName, string body)
+        {
+            MethodInfo method = typeof(InfisicalPkiClient).GetMethod(methodName, BindingFlags.NonPublic | BindingFlags.Instance);
+            return method.Invoke(client, new object[] { body });
+        }
+
+        [Fact]
+        public void ParseCaListBody_Reads_Raw_Json_Array()
+        {
+            string body = "[{\"id\":\"ca-1\",\"name\":\"intermediate\",\"projectId\":\"p1\",\"configuration\":{\"commonName\":\"Intermediate CA\",\"keyAlgorithm\":\"RSA_2048\"}}]";
+            object result = InvokeNonPublic(CreateClient(), "ParseCaListBody", body);
+            IList list = (IList)result;
+            Assert.Single(list);
+            object dto = list[0];
+            Assert.Equal("ca-1", dto.GetType().GetProperty("Id").GetValue(dto));
+            object cfg = dto.GetType().GetProperty("Configuration").GetValue(dto);
+            Assert.NotNull(cfg);
+            Assert.Equal("Intermediate CA", cfg.GetType().GetProperty("CommonName").GetValue(cfg));
+        }
+
+        [Fact]
+        public void ParseCaListBody_Reads_CertificateAuthorities_Wrapper()
+        {
+            string body = "{\"certificateAuthorities\":[{\"id\":\"ca-2\",\"name\":\"root\"}]}";
+            object result = InvokeNonPublic(CreateClient(), "ParseCaListBody", body);
+            IList list = (IList)result;
+            Assert.Single(list);
+            object dto = list[0];
+            Assert.Equal("ca-2", dto.GetType().GetProperty("Id").GetValue(dto));
+        }
+
+        [Fact]
+        public void ParseCaSingleBody_Reads_Raw_Object_With_Configuration()
+        {
+            string body = "{\"id\":\"ca-9\",\"name\":\"intermediate-ca\",\"status\":\"active\",\"configuration\":{\"commonName\":\"GSPA Intermediate\",\"organization\":\"GSPA\"}}";
+            object result = InvokeNonPublic(CreateClient(), "ParseCaSingleBody", body);
+            Assert.NotNull(result);
+            Assert.Equal("ca-9", result.GetType().GetProperty("Id").GetValue(result));
+            object cfg = result.GetType().GetProperty("Configuration").GetValue(result);
+            Assert.NotNull(cfg);
+            Assert.Equal("GSPA Intermediate", cfg.GetType().GetProperty("CommonName").GetValue(cfg));
+            Assert.Equal("GSPA", cfg.GetType().GetProperty("OrganizationName").GetValue(cfg));
+        }
+
+        [Fact]
+        public void ParseCaSingleBody_Reads_CertificateAuthority_Wrapper()
+        {
+            string body = "{\"certificateAuthority\":{\"id\":\"ca-7\",\"name\":\"root\"}}";
+            object result = InvokeNonPublic(CreateClient(), "ParseCaSingleBody", body);
+            Assert.NotNull(result);
+            Assert.Equal("ca-7", result.GetType().GetProperty("Id").GetValue(result));
+        }
+
+        [Fact]
+        public void ParseCertificateSingleBody_Reads_Certificate_Wrapper()
+        {
+            string body = "{\"certificate\":{\"id\":\"cert-1\",\"serialNumber\":\"ABCD\",\"commonName\":\"host.example\"}}";
+            object result = InvokeNonPublic(CreateClient(), "ParseCertificateSingleBody", body);
+            Assert.NotNull(result);
+            Assert.Equal("cert-1", result.GetType().GetProperty("Id").GetValue(result));
+            Assert.Equal("ABCD", result.GetType().GetProperty("SerialNumber").GetValue(result));
+        }
+    }
+}
diff --git a/src/PSInfisicalAPI.Tests/PkiEndpointRegistryTests.cs b/src/PSInfisicalAPI.Tests/PkiEndpointRegistryTests.cs
index 70c3ca2..9ecd5c9 100644
--- a/src/PSInfisicalAPI.Tests/PkiEndpointRegistryTests.cs
+++ b/src/PSInfisicalAPI.Tests/PkiEndpointRegistryTests.cs
@@ -1,4 +1,7 @@
+using System;
 using System.Collections.Generic;
+using System.Management.Automation;
+using System.Reflection;
 using PSInfisicalAPI.Endpoints;
 using Xunit;
 
@@ -6,6 +9,64 @@ namespace PSInfisicalAPI.Tests
 {
     public class PkiEndpointRegistryTests
     {
+        private static readonly Assembly ModuleAssembly = typeof(PSInfisicalAPI.Connections.InfisicalConnection).Assembly;
+
+        [Fact]
+        public void GetInfisicalCertificate_Cmdlet_Is_Singular_With_Mandatory_SerialNumber()
+        {
+            Type cmdletType = ModuleAssembly.GetType("PSInfisicalAPI.Cmdlets.GetInfisicalCertificateCmdlet", true);
+            Assert.True(typeof(PSInfisicalAPI.Cmdlets.InfisicalCmdletBase).IsAssignableFrom(cmdletType));
+
+            CustomAttributeData cmdletData = null;
+            foreach (CustomAttributeData candidate in cmdletType.GetCustomAttributesData())
+            {
+                if (candidate.AttributeType == typeof(CmdletAttribute)) { cmdletData = candidate; break; }
+            }
+            Assert.NotNull(cmdletData);
+            Assert.Equal(2, cmdletData.ConstructorArguments.Count);
+            Assert.Equal(VerbsCommon.Get, cmdletData.ConstructorArguments[0].Value);
+            Assert.Equal("InfisicalCertificate", cmdletData.ConstructorArguments[1].Value);
+
+            PropertyInfo serialProp = cmdletType.GetProperty("SerialNumber");
+            Assert.NotNull(serialProp);
+
+            CustomAttributeData parameterAttr = null;
+            foreach (CustomAttributeData candidate in serialProp.GetCustomAttributesData())
+            {
+                if (candidate.AttributeType == typeof(ParameterAttribute)) { parameterAttr = candidate; break; }
+            }
+            Assert.NotNull(parameterAttr);
+
+            bool mandatory = false;
+            foreach (CustomAttributeNamedArgument named in parameterAttr.NamedArguments)
+            {
+                if (named.MemberName == "Mandatory") { mandatory = (bool)named.TypedValue.Value; break; }
+            }
+            Assert.True(mandatory);
+        }
+
+        [Fact]
+        public void GetInfisicalCertificates_Cmdlet_Is_Registered_For_Listing()
+        {
+            Type cmdletType = ModuleAssembly.GetType("PSInfisicalAPI.Cmdlets.GetInfisicalCertificatesCmdlet", true);
+            Assert.True(typeof(PSInfisicalAPI.Cmdlets.InfisicalCmdletBase).IsAssignableFrom(cmdletType));
+
+            CustomAttributeData cmdletData = null;
+            foreach (CustomAttributeData candidate in cmdletType.GetCustomAttributesData())
+            {
+                if (candidate.AttributeType == typeof(CmdletAttribute)) { cmdletData = candidate; break; }
+            }
+            Assert.NotNull(cmdletData);
+            Assert.Equal(VerbsCommon.Get, cmdletData.ConstructorArguments[0].Value);
+            Assert.Equal("InfisicalCertificates", cmdletData.ConstructorArguments[1].Value);
+
+            Assert.NotNull(cmdletType.GetProperty("CommonName"));
+            Assert.NotNull(cmdletType.GetProperty("FriendlyName"));
+            Assert.NotNull(cmdletType.GetProperty("CaId"));
+            Assert.NotNull(cmdletType.GetProperty("Limit"));
+            Assert.NotNull(cmdletType.GetProperty("Offset"));
+        }
+
         [Fact]
         public void Get_ListInternalCertificateAuthorities_Returns_CertManager_Primary()
         {
diff --git a/src/PSInfisicalAPI/Cmdlets/GetInfisicalCertificateAuthorityCmdlet.cs b/src/PSInfisicalAPI/Cmdlets/GetInfisicalCertificateAuthorityCmdlet.cs
index d80992e..bd90777 100644
--- a/src/PSInfisicalAPI/Cmdlets/GetInfisicalCertificateAuthorityCmdlet.cs
+++ b/src/PSInfisicalAPI/Cmdlets/GetInfisicalCertificateAuthorityCmdlet.cs
@@ -21,12 +21,11 @@ namespace PSInfisicalAPI.Cmdlets
             try
             {
                 InfisicalConnection connection = InfisicalSessionManager.RequireCurrent();
-                string resolvedProjectId = ResolveProjectId(connection, ProjectId);
                 InfisicalPkiClient client = new InfisicalPkiClient(HttpClient, Logger);
 
                 if (string.Equals(ParameterSetName, "ById", StringComparison.Ordinal))
                 {
-                    InfisicalCertificateAuthority ca = client.GetInternalCertificateAuthority(connection, CaId, resolvedProjectId);
+                    InfisicalCertificateAuthority ca = client.GetInternalCertificateAuthority(connection, CaId, ProjectId);
                     if (ca != null)
                     {
                         WriteObject(ca);
@@ -35,7 +34,7 @@ namespace PSInfisicalAPI.Cmdlets
                     return;
                 }
 
-                InfisicalCertificateAuthority[] all = client.ListInternalCertificateAuthorities(connection, resolvedProjectId);
+                InfisicalCertificateAuthority[] all = client.ListInternalCertificateAuthorities(connection, ProjectId);
                 foreach (InfisicalCertificateAuthority ca in all)
                 {
                     WriteObject(ca);
diff --git a/src/PSInfisicalAPI/Cmdlets/GetInfisicalCertificateCmdlet.cs b/src/PSInfisicalAPI/Cmdlets/GetInfisicalCertificateCmdlet.cs
new file mode 100644
index 0000000..df5970c
--- /dev/null
+++ b/src/PSInfisicalAPI/Cmdlets/GetInfisicalCertificateCmdlet.cs
@@ -0,0 +1,36 @@
+using System;
+using System.Management.Automation;
+using PSInfisicalAPI.Connections;
+using PSInfisicalAPI.Models;
+using PSInfisicalAPI.Pki;
+
+namespace PSInfisicalAPI.Cmdlets
+{
+    [Cmdlet(VerbsCommon.Get, "InfisicalCertificate")]
+    [OutputType(typeof(InfisicalCertificate))]
+    public sealed class GetInfisicalCertificateCmdlet : InfisicalCmdletBase
+    {
+        [Parameter(Mandatory = true, Position = 0, ValueFromPipelineByPropertyName = true)]
+        [Alias("Id", "Identifier")]
+        public string SerialNumber { get; set; }
+
+        protected override void ProcessRecord()
+        {
+            try
+            {
+                InfisicalConnection connection = InfisicalSessionManager.RequireCurrent();
+                InfisicalPkiClient client = new InfisicalPkiClient(HttpClient, Logger);
+
+                InfisicalCertificate cert = client.RetrieveCertificate(connection, SerialNumber);
+                if (cert != null)
+                {
+                    WriteObject(cert);
+                }
+            }
+            catch (Exception exception)
+            {
+                ThrowTerminatingForException("GetInfisicalCertificateCmdlet", "GetCertificate", exception);
+            }
+        }
+    }
+}
diff --git a/src/PSInfisicalAPI/Cmdlets/GetInfisicalCertificatesCmdlet.cs b/src/PSInfisicalAPI/Cmdlets/GetInfisicalCertificatesCmdlet.cs
new file mode 100644
index 0000000..7c90278
--- /dev/null
+++ b/src/PSInfisicalAPI/Cmdlets/GetInfisicalCertificatesCmdlet.cs
@@ -0,0 +1,76 @@
+using System;
+using System.Management.Automation;
+using PSInfisicalAPI.Connections;
+using PSInfisicalAPI.Models;
+using PSInfisicalAPI.Pki;
+
+namespace PSInfisicalAPI.Cmdlets
+{
+    [Cmdlet(VerbsCommon.Get, "InfisicalCertificates")]
+    [OutputType(typeof(InfisicalCertificate))]
+    public sealed class GetInfisicalCertificatesCmdlet : InfisicalCmdletBase
+    {
+        [Parameter] public string ProjectId { get; set; }
+        [Parameter] public string CommonName { get; set; }
+        [Parameter] public string FriendlyName { get; set; }
+        [Parameter] public string Status { get; set; }
+        [Parameter] public string[] CaId { get; set; }
+        [Parameter] public int? Limit { get; set; }
+        [Parameter] public int? Offset { get; set; }
+        [Parameter] public SwitchParameter NoAutoPage { get; set; }
+
+        protected override void ProcessRecord()
+        {
+            try
+            {
+                InfisicalConnection connection = InfisicalSessionManager.RequireCurrent();
+                InfisicalPkiClient client = new InfisicalPkiClient(HttpClient, Logger);
+                string resolvedProjectId = ResolveProjectId(connection, ProjectId);
+
+                InfisicalCertificateSearchQuery query = new InfisicalCertificateSearchQuery
+                {
+                    ProjectId = resolvedProjectId,
+                    CommonName = CommonName,
+                    FriendlyName = FriendlyName,
+                    Status = Status,
+                    CaIds = CaId,
+                    Limit = Limit ?? 100,
+                    Offset = Offset ?? 0
+                };
+
+                int requestedLimit = query.Limit ?? 100;
+                int emitted = 0;
+                while (true)
+                {
+                    InfisicalCertificateSearchResult page = client.SearchCertificates(connection, query);
+                    if (page == null || page.Certificates == null || page.Certificates.Length == 0)
+                    {
+                        break;
+                    }
+
+                    foreach (InfisicalCertificate cert in page.Certificates)
+                    {
+                        WriteObject(cert);
+                        emitted++;
+                    }
+
+                    if (NoAutoPage.IsPresent || page.Certificates.Length < requestedLimit)
+                    {
+                        break;
+                    }
+
+                    if (page.TotalCount > 0 && emitted >= page.TotalCount)
+                    {
+                        break;
+                    }
+
+                    query.Offset = (query.Offset ?? 0) + page.Certificates.Length;
+                }
+            }
+            catch (Exception exception)
+            {
+                ThrowTerminatingForException("GetInfisicalCertificatesCmdlet", "GetCertificates", exception);
+            }
+        }
+    }
+}
diff --git a/src/PSInfisicalAPI/Cmdlets/InstallInfisicalCertificateCmdlet.cs b/src/PSInfisicalAPI/Cmdlets/InstallInfisicalCertificateCmdlet.cs
index af32a3e..03b635a 100644
--- a/src/PSInfisicalAPI/Cmdlets/InstallInfisicalCertificateCmdlet.cs
+++ b/src/PSInfisicalAPI/Cmdlets/InstallInfisicalCertificateCmdlet.cs
@@ -44,7 +44,8 @@ namespace PSInfisicalAPI.Cmdlets
                 {
                     foreach (X509Certificate2 chainCert in ResolveChain())
                     {
-                        InstallCertificate(chainCert, StoreName.CertificateAuthority, StoreLocation);
+                        StoreName chainStore = InfisicalCertificateRequestHelpers.GetChainCertificateTargetStore(chainCert);
+                        InstallCertificate(chainCert, chainStore, StoreLocation);
                     }
                 }
 
diff --git a/src/PSInfisicalAPI/Cmdlets/RequestInfisicalCertificateCmdlet.cs b/src/PSInfisicalAPI/Cmdlets/RequestInfisicalCertificateCmdlet.cs
new file mode 100644
index 0000000..1fc3b09
--- /dev/null
+++ b/src/PSInfisicalAPI/Cmdlets/RequestInfisicalCertificateCmdlet.cs
@@ -0,0 +1,204 @@
+using System;
+using System.Collections;
+using System.Collections.Generic;
+using System.Management.Automation;
+using System.Security.Cryptography.X509Certificates;
+using PSInfisicalAPI.Connections;
+using PSInfisicalAPI.Models;
+using PSInfisicalAPI.Pki;
+
+namespace PSInfisicalAPI.Cmdlets
+{
+    [Cmdlet(VerbsLifecycle.Request, "InfisicalCertificate", SupportsShouldProcess = true, DefaultParameterSetName = "BySubscriber")]
+    [OutputType(typeof(InfisicalCertificateResult))]
+    public sealed class RequestInfisicalCertificateCmdlet : InfisicalCmdletBase
+    {
+        private const string Component = "RequestInfisicalCertificateCmdlet";
+
+        [Parameter(ParameterSetName = "BySubscriber", Mandatory = true, Position = 0)]
+        [Alias("Subscriber")]
+        public string PkiSubscriberSlug { get; set; }
+
+        [Parameter(ParameterSetName = "ByCa", Mandatory = true, Position = 0)]
+        [Alias("CaId")]
+        public string CertificateAuthorityId { get; set; }
+
+        [Parameter] public string ProjectId { get; set; }
+        [Parameter] public IDictionary Subject { get; set; }
+        [Parameter] public string CommonName { get; set; }
+        [Parameter] public string Country { get; set; }
+        [Parameter] public string State { get; set; }
+        [Parameter] public string Locality { get; set; }
+        [Parameter] public string Organization { get; set; }
+        [Parameter] public string OrganizationalUnit { get; set; }
+        [Parameter] public string EmailAddress { get; set; }
+        [Parameter] public string[] DnsName { get; set; }
+        [Parameter] public string[] IpAddress { get; set; }
+        [Parameter] public InfisicalKeyAlgorithm KeyAlgorithm { get; set; } = InfisicalKeyAlgorithm.Rsa;
+        [Parameter] public int KeySize { get; set; } = 2048;
+        [Parameter] public InfisicalEcCurve Curve { get; set; } = InfisicalEcCurve.P256;
+
+        [Parameter(ParameterSetName = "ByCa")] public string Ttl { get; set; }
+        [Parameter(ParameterSetName = "ByCa")] public string NotBefore { get; set; }
+        [Parameter(ParameterSetName = "ByCa")] public string NotAfter { get; set; }
+        [Parameter(ParameterSetName = "ByCa")] public string FriendlyName { get; set; }
+        [Parameter(ParameterSetName = "ByCa")] public string PkiCollectionId { get; set; }
+        [Parameter(ParameterSetName = "ByCa")] public string[] KeyUsage { get; set; }
+        [Parameter(ParameterSetName = "ByCa")] public string[] ExtendedKeyUsage { get; set; }
+
+        [Parameter] public SwitchParameter Install { get; set; }
+        [Parameter] public StoreName StoreName { get; set; } = StoreName.My;
+        [Parameter] public StoreLocation StoreLocation { get; set; } = StoreLocation.CurrentUser;
+        [Parameter] public X509KeyStorageFlags KeyStorageFlags { get; set; } = X509KeyStorageFlags.DefaultKeySet;
+        [Parameter] public SwitchParameter InstallChain { get; set; }
+
+        [Parameter] public InfisicalPrivateKeyProtection PrivateKeyProtection { get; set; } = InfisicalPrivateKeyProtection.LocalOnly;
+        [Parameter] public SwitchParameter PersistKey { get; set; }
+        [Parameter] public SwitchParameter MachineKey { get; set; }
+        [Parameter] public string PrivateKeyPath { get; set; }
+
+        [Parameter] public SwitchParameter AllowRenewal { get; set; }
+        [Parameter] public int RenewalThresholdDays { get; set; } = 30;
+        [Parameter] public SwitchParameter Force { get; set; }
+        [Parameter] public SwitchParameter LocalChainOnly { get; set; }
+
+        protected override void ProcessRecord()
+        {
+            try
+            {
+                InfisicalConnection connection = InfisicalSessionManager.RequireCurrent();
+                InfisicalPkiClient client = new InfisicalPkiClient(HttpClient, Logger);
+                string resolvedProjectId = ResolveProjectId(connection, ProjectId);
+
+                InfisicalCsrSubject csrSubject = InfisicalCertificateRequestHelpers.MergeSubject(Subject, CommonName, Country, State, Locality, Organization, OrganizationalUnit, EmailAddress);
+                List<string> dnsNames = BuildDnsNames(csrSubject);
+                if (string.IsNullOrEmpty(csrSubject.CommonName) && dnsNames.Count > 0) { csrSubject.CommonName = dnsNames[0]; }
+                if (string.IsNullOrEmpty(csrSubject.CommonName)) { throw new InvalidOperationException("Subject CommonName could not be determined and no DnsName was provided."); }
+
+                X509Certificate2 existing = TryFindExisting(client, connection, resolvedProjectId, csrSubject.CommonName);
+                if (existing != null && !Force.IsPresent && !(AllowRenewal.IsPresent && InfisicalLocalCertificateLookup.IsRenewable(existing, RenewalThresholdDays)))
+                {
+                    Logger.Information(Component, string.Concat("Reusing existing certificate (Thumbprint=", existing.Thumbprint, ", NotAfter=", existing.NotAfter.ToString("u"), ")."));
+                    InfisicalCertificateResult reuseResult = InfisicalCertificateRequestHelpers.BuildResultFromExistingLocal(existing);
+
+                    if (!LocalChainOnly.IsPresent
+                        && (reuseResult.Root == null || reuseResult.Intermediates == null || reuseResult.Intermediates.Length == 0)
+                        && !string.IsNullOrEmpty(existing.SerialNumber))
+                    {
+                        try
+                        {
+                            InfisicalCertificateBundle bundle = client.GetCertificateBundle(connection, existing.SerialNumber);
+                            if (bundle != null && !string.IsNullOrEmpty(bundle.CertificateChainPem))
+                            {
+                                reuseResult = InfisicalCertificateRequestHelpers.BuildResultFromExistingLocal(existing, bundle);
+                                Logger.Information(Component, "Reused certificate chain completed from Infisical bundle.");
+                            }
+                        }
+                        catch (Exception bundleException)
+                        {
+                            Logger.Verbose(Component, string.Concat("Infisical bundle fetch for reuse path failed (continuing with local-only chain): ", bundleException.Message));
+                        }
+                    }
+
+                    WriteObject(reuseResult);
+                    return;
+                }
+
+                string target = string.Concat("PKI subscriber '", PkiSubscriberSlug ?? "(n/a)", "' or CA '", CertificateAuthorityId ?? "(n/a)", "' for CN=", csrSubject.CommonName);
+                if (!ShouldProcess(target, "Request new certificate")) { return; }
+
+                InfisicalCsrOptions csrOptions = new InfisicalCsrOptions { KeyAlgorithm = KeyAlgorithm, RsaKeySize = KeySize, EcCurve = Curve };
+                InfisicalCsrResult csr = InfisicalCsrBuilder.Build(csrSubject, dnsNames, IpAddress, csrOptions);
+                InfisicalSignedCertificate signed = SignCertificate(client, connection, resolvedProjectId, csr.CsrPem);
+                signed.PrivateKeyPem = csr.PrivateKeyPem;
+
+                X509KeyStorageFlags resolvedFlags = ResolveEffectiveKeyStorageFlags();
+                X509Certificate2 cert = PemCertificateBuilder.Build(signed.CertificatePem, signed.PrivateKeyPem, signed.CertificateChainPem, resolvedFlags);
+
+                if (Install.IsPresent)
+                {
+                    InfisicalCertificateRequestHelpers.InstallToStore(cert, StoreName, StoreLocation, Force.IsPresent, Logger, Component);
+                    if (InstallChain.IsPresent)
+                    {
+                        InfisicalCertificateRequestHelpers.InstallChain(signed, StoreLocation, Force.IsPresent, Logger, Component);
+                    }
+                }
+
+                InfisicalCertificateResult resultObj = InfisicalCertificateRequestHelpers.BuildResult(cert, signed);
+
+                bool hasExplicitPath = !string.IsNullOrEmpty(PrivateKeyPath);
+                if (hasExplicitPath && !string.IsNullOrEmpty(resultObj.PrivateKeyPem))
+                {
+                    InfisicalCertificateRequestHelpers.WritePrivateKeyPem(resultObj.PrivateKeyPem, PrivateKeyPath);
+                    Logger.Information(Component, string.Concat("Wrote private key PEM to '", PrivateKeyPath, "'."));
+                }
+
+                if (!MyInvocation.BoundParameters.ContainsKey("KeyStorageFlags")
+                    && InfisicalCertificateRequestHelpers.ShouldScrubPrivateKeyPem(PrivateKeyProtection, hasExplicitPath))
+                {
+                    resultObj.PrivateKeyPem = null;
+                }
+
+                WriteObject(resultObj);
+            }
+            catch (Exception exception)
+            {
+                ThrowTerminatingForException(Component, "RequestCertificate", exception);
+            }
+        }
+
+        private List<string> BuildDnsNames(InfisicalCsrSubject subject)
+        {
+            List<string> result = new List<string>();
+            if (DnsName != null) { foreach (string dns in DnsName) { if (!string.IsNullOrEmpty(dns)) { result.Add(dns); } } }
+            if (result.Count == 0)
+            {
+                string fqdn = InfisicalCertificateRequestHelpers.ResolveLocalFqdn();
+                if (!string.IsNullOrEmpty(fqdn)) { result.Add(fqdn); }
+            }
+
+            if (!string.IsNullOrEmpty(subject.CommonName) && !result.Contains(subject.CommonName)) { result.Insert(0, subject.CommonName); }
+            return result;
+        }
+
+        private X509Certificate2 TryFindExisting(InfisicalPkiClient client, InfisicalConnection connection, string projectId, string commonName)
+        {
+            List<string> candidateSerials = new List<string>();
+            try
+            {
+                InfisicalCertificateSearchQuery query = new InfisicalCertificateSearchQuery { ProjectId = projectId, CommonName = commonName, Status = "active", Limit = 50 };
+                InfisicalCertificateSearchResult page = client.SearchCertificates(connection, query);
+                if (page != null && page.Certificates != null)
+                {
+                    foreach (InfisicalCertificate hit in page.Certificates) { if (!string.IsNullOrEmpty(hit.SerialNumber)) { candidateSerials.Add(hit.SerialNumber); } }
+                }
+            }
+            catch (Exception searchException)
+            {
+                Logger.Verbose(Component, string.Concat("Infisical search for idempotency check failed: ", searchException.Message));
+            }
+
+            return InfisicalLocalCertificateLookup.FindMatch(StoreName, StoreLocation, commonName, candidateSerials);
+        }
+
+        private X509KeyStorageFlags ResolveEffectiveKeyStorageFlags()
+        {
+            if (MyInvocation.BoundParameters.ContainsKey("KeyStorageFlags"))
+            {
+                return KeyStorageFlags;
+            }
+
+            return InfisicalCertificateRequestHelpers.ResolveKeyStorageFlags(PrivateKeyProtection, PersistKey.IsPresent, MachineKey.IsPresent);
+        }
+
+        private InfisicalSignedCertificate SignCertificate(InfisicalPkiClient client, InfisicalConnection connection, string projectId, string csrPem)
+        {
+            if (string.Equals(ParameterSetName, "BySubscriber", StringComparison.Ordinal))
+            {
+                return client.SignCertificateBySubscriber(connection, PkiSubscriberSlug, projectId, csrPem);
+            }
+
+            return client.SignCertificateByCa(connection, CertificateAuthorityId, csrPem, CommonName, null, Ttl, NotBefore, NotAfter, FriendlyName, PkiCollectionId, KeyUsage, ExtendedKeyUsage);
+        }
+    }
+}
diff --git a/src/PSInfisicalAPI/Endpoints/InfisicalEndpointNames.cs b/src/PSInfisicalAPI/Endpoints/InfisicalEndpointNames.cs
index 6d01d4a..22f08bf 100644
--- a/src/PSInfisicalAPI/Endpoints/InfisicalEndpointNames.cs
+++ b/src/PSInfisicalAPI/Endpoints/InfisicalEndpointNames.cs
@@ -49,5 +49,7 @@ namespace PSInfisicalAPI.Endpoints
         public const string SearchCertificates = "SearchCertificates";
         public const string RetrieveCertificate = "RetrieveCertificate";
         public const string GetCertificateBundle = "GetCertificateBundle";
+        public const string SignCertificateBySubscriber = "SignCertificateBySubscriber";
+        public const string SignCertificateByCa = "SignCertificateByCa";
     }
 }
diff --git a/src/PSInfisicalAPI/Endpoints/InfisicalEndpointRegistry.cs b/src/PSInfisicalAPI/Endpoints/InfisicalEndpointRegistry.cs
index 9d1e305..2bd0f58 100644
--- a/src/PSInfisicalAPI/Endpoints/InfisicalEndpointRegistry.cs
+++ b/src/PSInfisicalAPI/Endpoints/InfisicalEndpointRegistry.cs
@@ -589,6 +589,50 @@ namespace PSInfisicalAPI.Endpoints
                 RequiresAuthorization = true,
                 ContainsSecretMaterialInResponse = true
             });
+
+            Add(map, new InfisicalEndpointDefinition
+            {
+                Name = InfisicalEndpointNames.SignCertificateBySubscriber,
+                Resource = "Pki",
+                Version = "v1",
+                Method = "POST",
+                Template = "/api/v1/pki/pki-subscribers/{subscriberName}/sign-certificate",
+                RequiresAuthorization = true,
+                ContainsSecretMaterialInResponse = true
+            });
+
+            Add(map, new InfisicalEndpointDefinition
+            {
+                Name = InfisicalEndpointNames.SignCertificateBySubscriber,
+                Resource = "Pki",
+                Version = "v1",
+                Method = "POST",
+                Template = "/api/v1/cert-manager/pki-subscribers/{subscriberName}/sign-certificate",
+                RequiresAuthorization = true,
+                ContainsSecretMaterialInResponse = true
+            });
+
+            Add(map, new InfisicalEndpointDefinition
+            {
+                Name = InfisicalEndpointNames.SignCertificateByCa,
+                Resource = "Pki",
+                Version = "v1",
+                Method = "POST",
+                Template = "/api/v1/pki/ca/{caId}/sign-certificate",
+                RequiresAuthorization = true,
+                ContainsSecretMaterialInResponse = true
+            });
+
+            Add(map, new InfisicalEndpointDefinition
+            {
+                Name = InfisicalEndpointNames.SignCertificateByCa,
+                Resource = "Pki",
+                Version = "v1",
+                Method = "POST",
+                Template = "/api/v1/cert-manager/ca/{caId}/sign-certificate",
+                RequiresAuthorization = true,
+                ContainsSecretMaterialInResponse = true
+            });
         }
 
         public static InfisicalEndpointDefinition Get(string name)
diff --git a/src/PSInfisicalAPI/Models/InfisicalCertificateResult.cs b/src/PSInfisicalAPI/Models/InfisicalCertificateResult.cs
new file mode 100644
index 0000000..38dd62a
--- /dev/null
+++ b/src/PSInfisicalAPI/Models/InfisicalCertificateResult.cs
@@ -0,0 +1,23 @@
+using System.Collections.Generic;
+using System.Security.Cryptography.X509Certificates;
+
+namespace PSInfisicalAPI.Models
+{
+    public sealed class InfisicalCertificateResult
+    {
+        public X509Certificate2 Leaf { get; set; }
+        public X509Certificate2[] Intermediates { get; set; }
+        public X509Certificate2 Root { get; set; }
+        public X509Certificate2[] Chain { get; set; }
+        public string SerialNumber { get; set; }
+        public string CertificatePem { get; set; }
+        public string CertificateChainPem { get; set; }
+        public string PrivateKeyPem { get; set; }
+
+        public override string ToString()
+        {
+            if (Leaf != null) { return Leaf.Subject; }
+            return SerialNumber;
+        }
+    }
+}
diff --git a/src/PSInfisicalAPI/Models/InfisicalSignedCertificate.cs b/src/PSInfisicalAPI/Models/InfisicalSignedCertificate.cs
new file mode 100644
index 0000000..e40d62f
--- /dev/null
+++ b/src/PSInfisicalAPI/Models/InfisicalSignedCertificate.cs
@@ -0,0 +1,16 @@
+namespace PSInfisicalAPI.Models
+{
+    public sealed class InfisicalSignedCertificate
+    {
+        public string SerialNumber { get; set; }
+        public string CertificatePem { get; set; }
+        public string CertificateChainPem { get; set; }
+        public string IssuingCaCertificatePem { get; set; }
+        public string PrivateKeyPem { get; set; }
+
+        public override string ToString()
+        {
+            return SerialNumber;
+        }
+    }
+}
diff --git a/src/PSInfisicalAPI/Pki/InfisicalCaDtos.cs b/src/PSInfisicalAPI/Pki/InfisicalCaDtos.cs
index 01c45fc..553dd5e 100644
--- a/src/PSInfisicalAPI/Pki/InfisicalCaDtos.cs
+++ b/src/PSInfisicalAPI/Pki/InfisicalCaDtos.cs
@@ -3,6 +3,26 @@ using Newtonsoft.Json;
 
 namespace PSInfisicalAPI.Pki
 {
+    internal sealed class InfisicalInternalCaConfigurationDto
+    {
+        [JsonProperty("type")] public string Type { get; set; }
+        [JsonProperty("friendlyName")] public string FriendlyName { get; set; }
+        [JsonProperty("commonName")] public string CommonName { get; set; }
+        [JsonProperty("organization")] public string OrganizationName { get; set; }
+        [JsonProperty("ou")] public string OrganizationUnit { get; set; }
+        [JsonProperty("country")] public string Country { get; set; }
+        [JsonProperty("province")] public string State { get; set; }
+        [JsonProperty("locality")] public string Locality { get; set; }
+        [JsonProperty("notBefore")] public string NotBefore { get; set; }
+        [JsonProperty("notAfter")] public string NotAfter { get; set; }
+        [JsonProperty("maxPathLength")] public int? MaxPathLength { get; set; }
+        [JsonProperty("keyAlgorithm")] public string KeyAlgorithm { get; set; }
+        [JsonProperty("dn")] public string DistinguishedName { get; set; }
+        [JsonProperty("parentCaId")] public string ParentCaId { get; set; }
+        [JsonProperty("serialNumber")] public string SerialNumber { get; set; }
+        [JsonProperty("activeCaCertId")] public string ActiveCaCertId { get; set; }
+    }
+
     internal sealed class InfisicalInternalCaResponseDto
     {
         [JsonProperty("id")] public string Id { get; set; }
@@ -28,6 +48,7 @@ namespace PSInfisicalAPI.Pki
         [JsonProperty("activeCaCertId")] public string ActiveCaCertId { get; set; }
         [JsonProperty("createdAt")] public string CreatedAt { get; set; }
         [JsonProperty("updatedAt")] public string UpdatedAt { get; set; }
+        [JsonProperty("configuration")] public InfisicalInternalCaConfigurationDto Configuration { get; set; }
     }
 
     internal sealed class InfisicalInternalCaListResponseDto
diff --git a/src/PSInfisicalAPI/Pki/InfisicalCaMapper.cs b/src/PSInfisicalAPI/Pki/InfisicalCaMapper.cs
index dc83822..aa1c3dd 100644
--- a/src/PSInfisicalAPI/Pki/InfisicalCaMapper.cs
+++ b/src/PSInfisicalAPI/Pki/InfisicalCaMapper.cs
@@ -14,34 +14,41 @@ namespace PSInfisicalAPI.Pki
                 return null;
             }
 
+            InfisicalInternalCaConfigurationDto cfg = dto.Configuration;
+
             return new InfisicalCertificateAuthority
             {
                 Id = dto.Id,
                 ProjectId = !string.IsNullOrEmpty(dto.ProjectId) ? dto.ProjectId : fallbackProjectId,
                 Name = dto.Name,
-                FriendlyName = dto.FriendlyName,
-                Type = dto.Type,
+                FriendlyName = Coalesce(cfg != null ? cfg.FriendlyName : null, dto.FriendlyName),
+                Type = Coalesce(dto.Type, cfg != null ? cfg.Type : null),
                 Status = dto.Status,
                 EnableDirectIssuance = dto.EnableDirectIssuance,
-                KeyAlgorithm = dto.KeyAlgorithm,
-                DistinguishedName = dto.DistinguishedName,
-                OrganizationName = dto.OrganizationName,
-                OrganizationUnit = dto.OrganizationUnit,
-                Country = dto.Country,
-                State = dto.State,
-                Locality = dto.Locality,
-                CommonName = dto.CommonName,
-                MaxPathLength = dto.MaxPathLength,
-                NotBefore = dto.NotBefore,
-                NotAfter = dto.NotAfter,
-                SerialNumber = dto.SerialNumber,
-                ParentCaId = dto.ParentCaId,
-                ActiveCaCertId = dto.ActiveCaCertId,
+                KeyAlgorithm = Coalesce(cfg != null ? cfg.KeyAlgorithm : null, dto.KeyAlgorithm),
+                DistinguishedName = Coalesce(cfg != null ? cfg.DistinguishedName : null, dto.DistinguishedName),
+                OrganizationName = Coalesce(cfg != null ? cfg.OrganizationName : null, dto.OrganizationName),
+                OrganizationUnit = Coalesce(cfg != null ? cfg.OrganizationUnit : null, dto.OrganizationUnit),
+                Country = Coalesce(cfg != null ? cfg.Country : null, dto.Country),
+                State = Coalesce(cfg != null ? cfg.State : null, dto.State),
+                Locality = Coalesce(cfg != null ? cfg.Locality : null, dto.Locality),
+                CommonName = Coalesce(cfg != null ? cfg.CommonName : null, dto.CommonName),
+                MaxPathLength = (cfg != null && cfg.MaxPathLength.HasValue) ? cfg.MaxPathLength : dto.MaxPathLength,
+                NotBefore = Coalesce(cfg != null ? cfg.NotBefore : null, dto.NotBefore),
+                NotAfter = Coalesce(cfg != null ? cfg.NotAfter : null, dto.NotAfter),
+                SerialNumber = Coalesce(cfg != null ? cfg.SerialNumber : null, dto.SerialNumber),
+                ParentCaId = Coalesce(cfg != null ? cfg.ParentCaId : null, dto.ParentCaId),
+                ActiveCaCertId = Coalesce(cfg != null ? cfg.ActiveCaCertId : null, dto.ActiveCaCertId),
                 CreatedAtUtc = ParseTimestamp(dto.CreatedAt),
                 UpdatedAtUtc = ParseTimestamp(dto.UpdatedAt)
             };
         }
 
+        private static string Coalesce(string primary, string fallback)
+        {
+            return !string.IsNullOrEmpty(primary) ? primary : fallback;
+        }
+
         public static InfisicalCertificateAuthority[] MapMany(IEnumerable<InfisicalInternalCaResponseDto> items, string fallbackProjectId)
         {
             if (items == null)
diff --git a/src/PSInfisicalAPI/Pki/InfisicalCertificateRequestHelpers.cs b/src/PSInfisicalAPI/Pki/InfisicalCertificateRequestHelpers.cs
new file mode 100644
index 0000000..15c296b
--- /dev/null
+++ b/src/PSInfisicalAPI/Pki/InfisicalCertificateRequestHelpers.cs
@@ -0,0 +1,338 @@
+using System;
+using System.Collections;
+using System.Collections.Generic;
+using System.Security.Cryptography.X509Certificates;
+using System.Text;
+using PSInfisicalAPI.Logging;
+using PSInfisicalAPI.Models;
+
+namespace PSInfisicalAPI.Pki
+{
+    internal static class InfisicalCertificateRequestHelpers
+    {
+        public static InfisicalCsrSubject MergeSubject(IDictionary subject, string commonName, string country, string state, string locality, string organization, string organizationalUnit, string emailAddress)
+        {
+            InfisicalCsrSubject result = new InfisicalCsrSubject();
+            if (subject != null)
+            {
+                result.CommonName = ReadString(subject, "CN", "CommonName");
+                result.Country = ReadString(subject, "C", "Country");
+                result.State = ReadString(subject, "ST", "S", "State");
+                result.Locality = ReadString(subject, "L", "Locality");
+                result.Organization = ReadString(subject, "O", "Organization");
+                result.OrganizationalUnit = ReadString(subject, "OU", "OrganizationalUnit");
+                result.EmailAddress = ReadString(subject, "E", "EMAIL", "EmailAddress");
+            }
+
+            if (!string.IsNullOrEmpty(commonName)) { result.CommonName = commonName; }
+            if (!string.IsNullOrEmpty(country)) { result.Country = country; }
+            if (!string.IsNullOrEmpty(state)) { result.State = state; }
+            if (!string.IsNullOrEmpty(locality)) { result.Locality = locality; }
+            if (!string.IsNullOrEmpty(organization)) { result.Organization = organization; }
+            if (!string.IsNullOrEmpty(organizationalUnit)) { result.OrganizationalUnit = organizationalUnit; }
+            if (!string.IsNullOrEmpty(emailAddress)) { result.EmailAddress = emailAddress; }
+
+            return result;
+        }
+
+        public static string ResolveLocalFqdn()
+        {
+            try
+            {
+                string host = System.Net.Dns.GetHostName();
+                string domain = null;
+                try { domain = System.Net.NetworkInformation.IPGlobalProperties.GetIPGlobalProperties().DomainName; }
+                catch { domain = null; }
+
+                if (!string.IsNullOrEmpty(domain) && !host.EndsWith("." + domain, StringComparison.OrdinalIgnoreCase))
+                {
+                    return string.Concat(host, ".", domain);
+                }
+
+                return host;
+            }
+            catch
+            {
+                return null;
+            }
+        }
+
+        public static void InstallToStore(X509Certificate2 cert, StoreName storeName, StoreLocation storeLocation, bool force, IInfisicalLogger logger, string component)
+        {
+            X509Store store = new X509Store(storeName, storeLocation);
+            try
+            {
+                store.Open(OpenFlags.ReadWrite);
+                X509Certificate2Collection existing = store.Certificates.Find(X509FindType.FindByThumbprint, cert.Thumbprint, false);
+                string target = string.Concat(storeLocation.ToString(), @"\", storeName.ToString(), " [", cert.Thumbprint, "]");
+                if (existing.Count > 0)
+                {
+                    if (!force)
+                    {
+                        logger.Information(component, string.Concat("Certificate already present in ", target, "; no action taken."));
+                        return;
+                    }
+
+                    store.RemoveRange(existing);
+                }
+
+                store.Add(cert);
+                logger.Information(component, string.Concat("Installed certificate to ", target, "."));
+            }
+            finally
+            {
+                store.Close();
+            }
+        }
+
+        public static void InstallChain(InfisicalSignedCertificate signed, StoreLocation storeLocation, bool force, IInfisicalLogger logger, string component)
+        {
+            List<X509Certificate2> chainCerts = CollectChainCertificates(signed);
+            InstallChain(chainCerts, storeLocation, force, logger, component);
+        }
+
+        public static void InstallChain(IEnumerable<X509Certificate2> chainCerts, StoreLocation storeLocation, bool force, IInfisicalLogger logger, string component)
+        {
+            if (chainCerts == null) { return; }
+            foreach (X509Certificate2 chainCert in chainCerts)
+            {
+                if (chainCert == null) { continue; }
+                StoreName targetStore = GetChainCertificateTargetStore(chainCert);
+                InstallToStore(chainCert, targetStore, storeLocation, force, logger, component);
+            }
+        }
+
+        public static StoreName GetChainCertificateTargetStore(X509Certificate2 cert)
+        {
+            return IsSelfSigned(cert) ? StoreName.Root : StoreName.CertificateAuthority;
+        }
+
+        public static X509KeyStorageFlags ResolveKeyStorageFlags(InfisicalPrivateKeyProtection protection, bool persistKey, bool machineKey)
+        {
+            X509KeyStorageFlags flags = X509KeyStorageFlags.DefaultKeySet;
+            switch (protection)
+            {
+                case InfisicalPrivateKeyProtection.Exportable:
+                    flags |= X509KeyStorageFlags.Exportable;
+                    break;
+                case InfisicalPrivateKeyProtection.Ephemeral:
+                    const int ephemeralValue = 32;
+                    if (Enum.GetName(typeof(X509KeyStorageFlags), ephemeralValue) == null)
+                    {
+                        throw new PlatformNotSupportedException("InfisicalPrivateKeyProtection.Ephemeral requires .NET Core 3.0 or later (PowerShell 7+). Use LocalOnly or NonExportable on Windows PowerShell 5.1.");
+                    }
+                    flags |= (X509KeyStorageFlags)ephemeralValue;
+                    break;
+            }
+
+            if (machineKey) { flags |= X509KeyStorageFlags.MachineKeySet; }
+            if (persistKey) { flags |= X509KeyStorageFlags.PersistKeySet; }
+
+            return flags;
+        }
+
+        public static bool ShouldScrubPrivateKeyPem(InfisicalPrivateKeyProtection protection, bool hasExplicitPrivateKeyPath)
+        {
+            if (hasExplicitPrivateKeyPath) { return true; }
+            return protection == InfisicalPrivateKeyProtection.NonExportable
+                || protection == InfisicalPrivateKeyProtection.Ephemeral;
+        }
+
+        public static void WritePrivateKeyPem(string privateKeyPem, string path)
+        {
+            if (string.IsNullOrEmpty(privateKeyPem)) { throw new ArgumentException("PrivateKeyPem is empty.", nameof(privateKeyPem)); }
+            if (string.IsNullOrEmpty(path)) { throw new ArgumentException("Path is required.", nameof(path)); }
+
+            string fullPath = System.IO.Path.GetFullPath(path);
+            string directory = System.IO.Path.GetDirectoryName(fullPath);
+            if (!string.IsNullOrEmpty(directory) && !System.IO.Directory.Exists(directory))
+            {
+                System.IO.Directory.CreateDirectory(directory);
+            }
+
+            System.IO.File.WriteAllText(fullPath, privateKeyPem);
+        }
+
+        public static InfisicalCertificateResult BuildResultFromExistingLocal(X509Certificate2 leaf)
+        {
+            return BuildResultFromExistingLocal(leaf, null);
+        }
+
+        public static InfisicalCertificateResult BuildResultFromExistingLocal(X509Certificate2 leaf, InfisicalCertificateBundle fallbackBundle)
+        {
+            if (leaf == null) { throw new ArgumentNullException(nameof(leaf)); }
+
+            InfisicalCertificateResult result = new InfisicalCertificateResult
+            {
+                Leaf = leaf,
+                SerialNumber = leaf.SerialNumber,
+                CertificatePem = ExportCertificateToPem(leaf)
+            };
+
+            List<X509Certificate2> chainElements = BuildLocalChain(leaf);
+
+            if (fallbackBundle != null && !string.IsNullOrEmpty(fallbackBundle.CertificateChainPem))
+            {
+                List<X509Certificate2> bundleChain = PemCertificateBuilder.ReadCertificateChain(fallbackBundle.CertificateChainPem);
+                HashSet<string> seen = new HashSet<string>(StringComparer.OrdinalIgnoreCase);
+                foreach (X509Certificate2 c in chainElements) { if (c != null) { seen.Add(c.Thumbprint); } }
+                foreach (X509Certificate2 c in bundleChain)
+                {
+                    if (c == null) { continue; }
+                    if (seen.Add(c.Thumbprint)) { chainElements.Add(c); }
+                }
+            }
+
+            List<X509Certificate2> intermediates = new List<X509Certificate2>();
+            X509Certificate2 root = null;
+            foreach (X509Certificate2 cert in chainElements)
+            {
+                if (string.Equals(cert.Thumbprint, leaf.Thumbprint, StringComparison.OrdinalIgnoreCase)) { continue; }
+                if (IsSelfSigned(cert)) { if (root == null) { root = cert; } }
+                else { intermediates.Add(cert); }
+            }
+
+            result.Intermediates = intermediates.ToArray();
+            result.Root = root;
+
+            List<X509Certificate2> ordered = new List<X509Certificate2> { leaf };
+            ordered.AddRange(intermediates);
+            if (root != null) { ordered.Add(root); }
+            result.Chain = ordered.ToArray();
+
+            if (intermediates.Count > 0 || root != null)
+            {
+                StringBuilder sb = new StringBuilder();
+                foreach (X509Certificate2 c in intermediates) { sb.Append(ExportCertificateToPem(c)); }
+                if (root != null) { sb.Append(ExportCertificateToPem(root)); }
+                result.CertificateChainPem = sb.ToString();
+            }
+
+            return result;
+        }
+
+        public static InfisicalCertificateResult BuildResult(X509Certificate2 leaf, InfisicalSignedCertificate signed)
+        {
+            InfisicalCertificateResult result = new InfisicalCertificateResult { Leaf = leaf };
+            if (signed != null)
+            {
+                result.SerialNumber = signed.SerialNumber;
+                result.CertificatePem = signed.CertificatePem;
+                result.CertificateChainPem = signed.CertificateChainPem;
+                result.PrivateKeyPem = signed.PrivateKeyPem;
+            }
+
+            List<X509Certificate2> chainCerts = signed != null ? CollectChainCertificates(signed) : new List<X509Certificate2>();
+            List<X509Certificate2> intermediates = new List<X509Certificate2>();
+            X509Certificate2 root = null;
+            foreach (X509Certificate2 cert in chainCerts)
+            {
+                if (IsSelfSigned(cert)) { if (root == null) { root = cert; } }
+                else { intermediates.Add(cert); }
+            }
+
+            result.Intermediates = intermediates.ToArray();
+            result.Root = root;
+
+            List<X509Certificate2> ordered = new List<X509Certificate2>();
+            if (leaf != null) { ordered.Add(leaf); }
+            ordered.AddRange(intermediates);
+            if (root != null) { ordered.Add(root); }
+            result.Chain = ordered.ToArray();
+            return result;
+        }
+
+        private static List<X509Certificate2> CollectChainCertificates(InfisicalSignedCertificate signed)
+        {
+            List<X509Certificate2> chainCerts = PemCertificateBuilder.ReadCertificateChain(signed.CertificateChainPem);
+            if (!string.IsNullOrEmpty(signed.IssuingCaCertificatePem))
+            {
+                foreach (X509Certificate2 issuing in PemCertificateBuilder.ReadCertificateChain(signed.IssuingCaCertificatePem))
+                {
+                    chainCerts.Add(issuing);
+                }
+            }
+
+            HashSet<string> seen = new HashSet<string>(StringComparer.OrdinalIgnoreCase);
+            List<X509Certificate2> deduped = new List<X509Certificate2>();
+            foreach (X509Certificate2 cert in chainCerts)
+            {
+                if (cert == null) { continue; }
+                if (seen.Add(cert.Thumbprint)) { deduped.Add(cert); }
+            }
+
+            return deduped;
+        }
+
+        private static bool IsSelfSigned(X509Certificate2 cert)
+        {
+            if (cert == null) { return false; }
+            return string.Equals(cert.Subject, cert.Issuer, StringComparison.OrdinalIgnoreCase);
+        }
+
+        private static List<X509Certificate2> BuildLocalChain(X509Certificate2 leaf)
+        {
+            List<X509Certificate2> result = new List<X509Certificate2>();
+            using (X509Chain chain = new X509Chain())
+            {
+                chain.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
+                chain.ChainPolicy.VerificationFlags =
+                    X509VerificationFlags.IgnoreNotTimeValid |
+                    X509VerificationFlags.IgnoreNotTimeNested |
+                    X509VerificationFlags.IgnoreInvalidName |
+                    X509VerificationFlags.IgnoreInvalidPolicy |
+                    X509VerificationFlags.IgnoreEndRevocationUnknown |
+                    X509VerificationFlags.IgnoreCertificateAuthorityRevocationUnknown |
+                    X509VerificationFlags.IgnoreRootRevocationUnknown |
+                    X509VerificationFlags.IgnoreCtlNotTimeValid |
+                    X509VerificationFlags.IgnoreCtlSignerRevocationUnknown |
+                    X509VerificationFlags.IgnoreInvalidBasicConstraints |
+                    X509VerificationFlags.IgnoreWrongUsage;
+
+                try { chain.Build(leaf); }
+                catch { return result; }
+
+                foreach (X509ChainElement element in chain.ChainElements)
+                {
+                    if (element != null && element.Certificate != null)
+                    {
+                        result.Add(new X509Certificate2(element.Certificate.RawData));
+                    }
+                }
+            }
+
+            return result;
+        }
+
+        private static string ExportCertificateToPem(X509Certificate2 cert)
+        {
+            byte[] der = cert.Export(X509ContentType.Cert);
+            StringBuilder sb = new StringBuilder();
+            sb.AppendLine("-----BEGIN CERTIFICATE-----");
+            sb.AppendLine(Convert.ToBase64String(der, Base64FormattingOptions.InsertLineBreaks));
+            sb.AppendLine("-----END CERTIFICATE-----");
+            return sb.ToString();
+        }
+
+        private static string ReadString(IDictionary source, params string[] keys)
+        {
+            foreach (string key in keys)
+            {
+                if (source.Contains(key))
+                {
+                    object value = source[key];
+                    if (value != null)
+                    {
+                        string text = value.ToString();
+                        if (!string.IsNullOrEmpty(text))
+                        {
+                            return text;
+                        }
+                    }
+                }
+            }
+
+            return null;
+        }
+    }
+}
diff --git a/src/PSInfisicalAPI/Pki/InfisicalCsrBuilder.cs b/src/PSInfisicalAPI/Pki/InfisicalCsrBuilder.cs
new file mode 100644
index 0000000..2aae813
--- /dev/null
+++ b/src/PSInfisicalAPI/Pki/InfisicalCsrBuilder.cs
@@ -0,0 +1,201 @@
+using System;
+using System.Collections.Generic;
+using System.IO;
+using System.Net;
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.Sec;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.OpenSsl;
+using Org.BouncyCastle.Pkcs;
+using Org.BouncyCastle.Security;
+using BcAttribute = Org.BouncyCastle.Asn1.Cms.Attribute;
+
+namespace PSInfisicalAPI.Pki
+{
+    public enum InfisicalKeyAlgorithm
+    {
+        Rsa = 0,
+        Ecdsa = 1,
+        Ed25519 = 2
+    }
+
+    public enum InfisicalEcCurve
+    {
+        P256 = 0,
+        P384 = 1
+    }
+
+    public sealed class InfisicalCsrSubject
+    {
+        public string CommonName { get; set; }
+        public string Country { get; set; }
+        public string State { get; set; }
+        public string Locality { get; set; }
+        public string Organization { get; set; }
+        public string OrganizationalUnit { get; set; }
+        public string EmailAddress { get; set; }
+    }
+
+    public sealed class InfisicalCsrOptions
+    {
+        public InfisicalKeyAlgorithm KeyAlgorithm { get; set; } = InfisicalKeyAlgorithm.Rsa;
+        public int RsaKeySize { get; set; } = 2048;
+        public InfisicalEcCurve EcCurve { get; set; } = InfisicalEcCurve.P256;
+    }
+
+    public sealed class InfisicalCsrResult
+    {
+        public string CsrPem { get; set; }
+        public string PrivateKeyPem { get; set; }
+    }
+
+    public static class InfisicalCsrBuilder
+    {
+        public static InfisicalCsrResult Build(InfisicalCsrSubject subject, IEnumerable<string> dnsNames, IEnumerable<string> ipAddresses, InfisicalCsrOptions options)
+        {
+            if (subject == null) { throw new ArgumentNullException(nameof(subject)); }
+            if (string.IsNullOrEmpty(subject.CommonName)) { throw new ArgumentException("Subject.CommonName is required.", nameof(subject)); }
+            if (options == null) { options = new InfisicalCsrOptions(); }
+
+            SecureRandom random = new SecureRandom();
+            AsymmetricCipherKeyPair keyPair = GenerateKeyPair(options, random);
+            string signatureAlgorithm = ResolveSignatureAlgorithm(options);
+
+            X509Name x509Name = BuildX509Name(subject);
+            Asn1Set attributes = BuildSanAttributes(dnsNames, ipAddresses);
+
+            Pkcs10CertificationRequest pkcs10 = new Pkcs10CertificationRequest(signatureAlgorithm, x509Name, keyPair.Public, attributes, keyPair.Private);
+
+            return new InfisicalCsrResult
+            {
+                CsrPem = WritePem(pkcs10),
+                PrivateKeyPem = WritePem(keyPair.Private)
+            };
+        }
+
+        private static AsymmetricCipherKeyPair GenerateKeyPair(InfisicalCsrOptions options, SecureRandom random)
+        {
+            switch (options.KeyAlgorithm)
+            {
+                case InfisicalKeyAlgorithm.Rsa:
+                {
+                    int keySize = options.RsaKeySize;
+                    if (keySize != 2048 && keySize != 3072 && keySize != 4096)
+                    {
+                        throw new ArgumentException("RsaKeySize must be 2048, 3072, or 4096.", nameof(options));
+                    }
+
+                    RsaKeyPairGenerator generator = new RsaKeyPairGenerator();
+                    generator.Init(new KeyGenerationParameters(random, keySize));
+                    return generator.GenerateKeyPair();
+                }
+                case InfisicalKeyAlgorithm.Ecdsa:
+                {
+                    DerObjectIdentifier curveOid = options.EcCurve == InfisicalEcCurve.P384
+                        ? SecObjectIdentifiers.SecP384r1
+                        : SecObjectIdentifiers.SecP256r1;
+                    ECKeyPairGenerator generator = new ECKeyPairGenerator("ECDSA");
+                    generator.Init(new ECKeyGenerationParameters(curveOid, random));
+                    return generator.GenerateKeyPair();
+                }
+                case InfisicalKeyAlgorithm.Ed25519:
+                {
+                    Ed25519KeyPairGenerator generator = new Ed25519KeyPairGenerator();
+                    generator.Init(new Ed25519KeyGenerationParameters(random));
+                    return generator.GenerateKeyPair();
+                }
+                default:
+                    throw new ArgumentOutOfRangeException(nameof(options), options.KeyAlgorithm, "Unsupported KeyAlgorithm.");
+            }
+        }
+
+        private static string ResolveSignatureAlgorithm(InfisicalCsrOptions options)
+        {
+            switch (options.KeyAlgorithm)
+            {
+                case InfisicalKeyAlgorithm.Rsa:
+                    return "SHA256WITHRSA";
+                case InfisicalKeyAlgorithm.Ecdsa:
+                    return options.EcCurve == InfisicalEcCurve.P384 ? "SHA384WITHECDSA" : "SHA256WITHECDSA";
+                case InfisicalKeyAlgorithm.Ed25519:
+                    return "Ed25519";
+                default:
+                    throw new ArgumentOutOfRangeException(nameof(options), options.KeyAlgorithm, "Unsupported KeyAlgorithm.");
+            }
+        }
+
+        private static X509Name BuildX509Name(InfisicalCsrSubject subject)
+        {
+            List<DerObjectIdentifier> order = new List<DerObjectIdentifier>();
+            Dictionary<DerObjectIdentifier, string> values = new Dictionary<DerObjectIdentifier, string>();
+
+            AppendComponent(order, values, X509Name.C, subject.Country);
+            AppendComponent(order, values, X509Name.ST, subject.State);
+            AppendComponent(order, values, X509Name.L, subject.Locality);
+            AppendComponent(order, values, X509Name.O, subject.Organization);
+            AppendComponent(order, values, X509Name.OU, subject.OrganizationalUnit);
+            AppendComponent(order, values, X509Name.CN, subject.CommonName);
+            AppendComponent(order, values, X509Name.EmailAddress, subject.EmailAddress);
+
+            return new X509Name(order, values);
+        }
+
+        private static void AppendComponent(List<DerObjectIdentifier> order, Dictionary<DerObjectIdentifier, string> values, DerObjectIdentifier oid, string value)
+        {
+            if (string.IsNullOrEmpty(value)) { return; }
+            order.Add(oid);
+            values[oid] = value;
+        }
+
+        private static Asn1Set BuildSanAttributes(IEnumerable<string> dnsNames, IEnumerable<string> ipAddresses)
+        {
+            List<GeneralName> generalNames = new List<GeneralName>();
+            if (dnsNames != null)
+            {
+                foreach (string dns in dnsNames)
+                {
+                    if (string.IsNullOrEmpty(dns)) { continue; }
+                    generalNames.Add(new GeneralName(GeneralName.DnsName, dns));
+                }
+            }
+
+            if (ipAddresses != null)
+            {
+                foreach (string ip in ipAddresses)
+                {
+                    if (string.IsNullOrEmpty(ip)) { continue; }
+                    IPAddress parsed;
+                    if (!IPAddress.TryParse(ip, out parsed)) { continue; }
+                    generalNames.Add(new GeneralName(GeneralName.IPAddress, ip));
+                }
+            }
+
+            if (generalNames.Count == 0) { return null; }
+
+            GeneralNames sanValue = new GeneralNames(generalNames.ToArray());
+            X509Extensions extensions = new X509Extensions(
+                new Dictionary<DerObjectIdentifier, X509Extension>
+                {
+                    { X509Extensions.SubjectAlternativeName, new X509Extension(false, new DerOctetString(sanValue)) }
+                });
+
+            BcAttribute extensionRequest = new BcAttribute(PkcsObjectIdentifiers.Pkcs9AtExtensionRequest, new DerSet(extensions));
+            return new DerSet(extensionRequest);
+        }
+
+        private static string WritePem(object obj)
+        {
+            using (StringWriter sw = new StringWriter())
+            {
+                PemWriter pemWriter = new PemWriter(sw);
+                pemWriter.WriteObject(obj);
+                pemWriter.Writer.Flush();
+                return sw.ToString();
+            }
+        }
+    }
+}
diff --git a/src/PSInfisicalAPI/Pki/InfisicalLocalCertificateLookup.cs b/src/PSInfisicalAPI/Pki/InfisicalLocalCertificateLookup.cs
new file mode 100644
index 0000000..366ed98
--- /dev/null
+++ b/src/PSInfisicalAPI/Pki/InfisicalLocalCertificateLookup.cs
@@ -0,0 +1,85 @@
+using System;
+using System.Collections.Generic;
+using System.Security.Cryptography.X509Certificates;
+
+namespace PSInfisicalAPI.Pki
+{
+    internal static class InfisicalLocalCertificateLookup
+    {
+        public static X509Certificate2 FindMatch(StoreName storeName, StoreLocation storeLocation, string commonName, IEnumerable<string> candidateSerialNumbers)
+        {
+            HashSet<string> serialSet = NormalizeSerials(candidateSerialNumbers);
+            string subjectFilter = !string.IsNullOrEmpty(commonName) ? string.Concat("CN=", commonName) : null;
+
+            X509Store store = new X509Store(storeName, storeLocation);
+            try
+            {
+                store.Open(OpenFlags.ReadOnly);
+
+                X509Certificate2 bestMatch = null;
+                foreach (X509Certificate2 candidate in store.Certificates)
+                {
+                    if (subjectFilter != null && candidate.Subject.IndexOf(subjectFilter, StringComparison.OrdinalIgnoreCase) < 0)
+                    {
+                        continue;
+                    }
+
+                    if (serialSet.Count > 0)
+                    {
+                        string normalizedSerial = NormalizeSerial(candidate.SerialNumber);
+                        if (!serialSet.Contains(normalizedSerial))
+                        {
+                            continue;
+                        }
+                    }
+
+                    if (bestMatch == null || candidate.NotAfter > bestMatch.NotAfter)
+                    {
+                        bestMatch = candidate;
+                    }
+                }
+
+                return bestMatch;
+            }
+            finally
+            {
+                store.Close();
+            }
+        }
+
+        public static bool IsRenewable(X509Certificate2 cert, int renewalThresholdDays)
+        {
+            if (cert == null) { return true; }
+            DateTime threshold = DateTime.UtcNow.AddDays(renewalThresholdDays);
+            return cert.NotAfter.ToUniversalTime() <= threshold;
+        }
+
+        private static HashSet<string> NormalizeSerials(IEnumerable<string> serials)
+        {
+            HashSet<string> set = new HashSet<string>(StringComparer.OrdinalIgnoreCase);
+            if (serials == null) { return set; }
+            foreach (string serial in serials)
+            {
+                string normalized = NormalizeSerial(serial);
+                if (!string.IsNullOrEmpty(normalized))
+                {
+                    set.Add(normalized);
+                }
+            }
+
+            return set;
+        }
+
+        private static string NormalizeSerial(string value)
+        {
+            if (string.IsNullOrEmpty(value)) { return null; }
+            string trimmed = value.Trim();
+            if (trimmed.StartsWith("0x", StringComparison.OrdinalIgnoreCase))
+            {
+                trimmed = trimmed.Substring(2);
+            }
+
+            return trimmed.Replace(":", string.Empty).Replace(" ", string.Empty).TrimStart('0');
+        }
+    }
+}
diff --git a/src/PSInfisicalAPI/Pki/InfisicalPkiClient.cs b/src/PSInfisicalAPI/Pki/InfisicalPkiClient.cs
index 06b38a3..ff8de17 100644
--- a/src/PSInfisicalAPI/Pki/InfisicalPkiClient.cs
+++ b/src/PSInfisicalAPI/Pki/InfisicalPkiClient.cs
@@ -1,6 +1,7 @@
 using System;
 using System.Collections.Generic;
 using System.Globalization;
+using Newtonsoft.Json.Linq;
 using PSInfisicalAPI.Connections;
 using PSInfisicalAPI.Endpoints;
 using PSInfisicalAPI.Errors;
@@ -8,6 +9,7 @@ using PSInfisicalAPI.Http;
 using PSInfisicalAPI.Logging;
 using PSInfisicalAPI.Models;
 using PSInfisicalAPI.Serialization;
+using System.Linq;
 
 namespace PSInfisicalAPI.Pki
 {
@@ -30,23 +32,23 @@ namespace PSInfisicalAPI.Pki
         public InfisicalCertificateAuthority[] ListInternalCertificateAuthorities(InfisicalConnection connection, string projectId)
         {
             if (connection == null) { throw new ArgumentNullException(nameof(connection)); }
-            string resolvedProjectId = FirstNonEmpty(projectId, connection.ProjectId);
 
             List<KeyValuePair<string, string>> query = null;
-            if (!string.IsNullOrEmpty(resolvedProjectId))
+            if (!string.IsNullOrEmpty(projectId))
             {
-                query = new List<KeyValuePair<string, string>> { new KeyValuePair<string, string>("projectId", resolvedProjectId) };
+                query = new List<KeyValuePair<string, string>> { new KeyValuePair<string, string>("projectId", projectId) };
             }
 
             try
             {
                 _logger.Information(Component, "Attempting to list Infisical internal certificate authorities. Please Wait...");
                 InfisicalHttpResponse response = _invoker.InvokeWithCandidateFallback(connection, InfisicalEndpointNames.ListInternalCertificateAuthorities, "ListInternalCertificateAuthorities", null, query, null);
-                InfisicalInternalCaListResponseDto dto = _serializer.Deserialize<InfisicalInternalCaListResponseDto>(response.Body);
+                string body = response.Body;
                 response.Clear();
 
-                List<InfisicalInternalCaResponseDto> source = dto != null ? (dto.CertificateAuthorities ?? dto.Cas) : null;
-                InfisicalCertificateAuthority[] mapped = InfisicalCaMapper.MapMany(source, resolvedProjectId);
+                List<InfisicalInternalCaResponseDto> source = ParseCaListBody(body);
+                string fallbackProjectId = !string.IsNullOrEmpty(projectId) ? projectId : connection.ProjectId;
+                InfisicalCertificateAuthority[] mapped = InfisicalCaMapper.MapMany(source, fallbackProjectId);
                 _logger.Information(Component, "Infisical internal certificate authority list retrieval was successful.");
                 return mapped;
             }
@@ -63,21 +65,22 @@ namespace PSInfisicalAPI.Pki
             if (string.IsNullOrEmpty(caId)) { throw new InfisicalConfigurationException("CaId is required."); }
 
             Dictionary<string, string> pathParameters = new Dictionary<string, string> { { "caId", caId } };
+            List<KeyValuePair<string, string>> query = null;
+            if (!string.IsNullOrEmpty(projectId))
+            {
+                query = new List<KeyValuePair<string, string>> { new KeyValuePair<string, string>("projectId", projectId) };
+            }
 
             try
             {
                 _logger.Information(Component, string.Concat("Attempting to retrieve Infisical internal certificate authority '", caId, "'. Please Wait..."));
-                InfisicalHttpResponse response = _invoker.InvokeWithCandidateFallback(connection, InfisicalEndpointNames.RetrieveInternalCertificateAuthority, "RetrieveInternalCertificateAuthority", pathParameters, null, null);
-                InfisicalInternalCaSingleResponseDto dto = _serializer.Deserialize<InfisicalInternalCaSingleResponseDto>(response.Body);
+                InfisicalHttpResponse response = _invoker.InvokeWithCandidateFallback(connection, InfisicalEndpointNames.RetrieveInternalCertificateAuthority, "RetrieveInternalCertificateAuthority", pathParameters, query, null);
+                string body = response.Body;
                 response.Clear();
 
-                InfisicalInternalCaResponseDto inner = dto != null ? (dto.CertificateAuthority ?? dto.Ca) : null;
-                if (inner == null)
-                {
-                    inner = _serializer.Deserialize<InfisicalInternalCaResponseDto>(response.Body);
-                }
-
-                InfisicalCertificateAuthority mapped = InfisicalCaMapper.Map(inner, FirstNonEmpty(projectId, connection.ProjectId));
+                InfisicalInternalCaResponseDto inner = ParseCaSingleBody(body);
+                string fallbackProjectId = !string.IsNullOrEmpty(projectId) ? projectId : connection.ProjectId;
+                InfisicalCertificateAuthority mapped = InfisicalCaMapper.Map(inner, fallbackProjectId);
                 _logger.Information(Component, "Infisical internal certificate authority retrieval was successful.");
                 return mapped;
             }
@@ -88,6 +91,68 @@ namespace PSInfisicalAPI.Pki
             }
         }
 
+        public InfisicalCertificate RetrieveCertificate(InfisicalConnection connection, string identifier)
+        {
+            if (connection == null) { throw new ArgumentNullException(nameof(connection)); }
+            if (string.IsNullOrEmpty(identifier)) { throw new InfisicalConfigurationException("Identifier (serial number or id) is required."); }
+
+            Dictionary<string, string> pathParameters = new Dictionary<string, string> { { "serialNumber", identifier } };
+
+            try
+            {
+                _logger.Information(Component, string.Concat("Attempting to retrieve Infisical certificate '", identifier, "'. Please Wait..."));
+                InfisicalHttpResponse response = _invoker.InvokeWithCandidateFallback(connection, InfisicalEndpointNames.RetrieveCertificate, "RetrieveCertificate", pathParameters, null, null);
+                string body = response.Body;
+                response.Clear();
+
+                InfisicalCertificateResponseDto inner = ParseCertificateSingleBody(body);
+                InfisicalCertificate mapped = InfisicalCertificateMapper.Map(inner, connection.ProjectId);
+                _logger.Information(Component, "Infisical certificate retrieval was successful.");
+                return mapped;
+            }
+            catch (Exception)
+            {
+                _logger.Error(Component, "Infisical certificate retrieval failed.");
+                throw;
+            }
+        }
+
+        private List<InfisicalInternalCaResponseDto> ParseCaListBody(string body)
+        {
+            if (string.IsNullOrEmpty(body)) { return null; }
+            JToken token = JToken.Parse(body);
+            if (token.Type == JTokenType.Array)
+            {
+                return token.ToObject<List<InfisicalInternalCaResponseDto>>();
+            }
+
+            InfisicalInternalCaListResponseDto wrapper = token.ToObject<InfisicalInternalCaListResponseDto>();
+            return wrapper != null ? (wrapper.CertificateAuthorities ?? wrapper.Cas) : null;
+        }
+
+        private InfisicalInternalCaResponseDto ParseCaSingleBody(string body)
+        {
+            if (string.IsNullOrEmpty(body)) { return null; }
+            JToken token = JToken.Parse(body);
+            if (token.Type != JTokenType.Object) { return null; }
+            JObject obj = (JObject)token;
+
+            if (obj["certificateAuthority"] is JObject ca1) { return ca1.ToObject<InfisicalInternalCaResponseDto>(); }
+            if (obj["ca"] is JObject ca2) { return ca2.ToObject<InfisicalInternalCaResponseDto>(); }
+            return obj.ToObject<InfisicalInternalCaResponseDto>();
+        }
+
+        private InfisicalCertificateResponseDto ParseCertificateSingleBody(string body)
+        {
+            if (string.IsNullOrEmpty(body)) { return null; }
+            JToken token = JToken.Parse(body);
+            if (token.Type != JTokenType.Object) { return null; }
+            JObject obj = (JObject)token;
+
+            if (obj["certificate"] is JObject cert) { return cert.ToObject<InfisicalCertificateResponseDto>(); }
+            return obj.ToObject<InfisicalCertificateResponseDto>();
+        }
+
         public InfisicalCertificateSearchResult SearchCertificates(InfisicalConnection connection, InfisicalCertificateSearchQuery query)
         {
             if (connection == null) { throw new ArgumentNullException(nameof(connection)); }
@@ -118,6 +183,93 @@ namespace PSInfisicalAPI.Pki
             }
         }
 
+        public InfisicalSignedCertificate SignCertificateBySubscriber(InfisicalConnection connection, string subscriberName, string projectId, string csrPem)
+        {
+            if (connection == null) { throw new ArgumentNullException(nameof(connection)); }
+            if (string.IsNullOrEmpty(subscriberName)) { throw new InfisicalConfigurationException("SubscriberName is required."); }
+            if (string.IsNullOrEmpty(csrPem)) { throw new InfisicalConfigurationException("CSR is required."); }
+            string resolvedProjectId = FirstNonEmpty(projectId, connection.ProjectId);
+            if (string.IsNullOrEmpty(resolvedProjectId)) { throw new InfisicalConfigurationException("ProjectId is required."); }
+
+            Dictionary<string, string> pathParameters = new Dictionary<string, string> { { "subscriberName", subscriberName } };
+            InfisicalSignCertificateBySubscriberRequestDto request = new InfisicalSignCertificateBySubscriberRequestDto
+            {
+                ProjectId = resolvedProjectId,
+                Csr = csrPem
+            };
+            string body = _serializer.Serialize(request);
+
+            try
+            {
+                _logger.Information(Component, string.Concat("Attempting to sign certificate via subscriber '", subscriberName, "'. Please Wait..."));
+                InfisicalHttpResponse response = _invoker.InvokeWithCandidateFallback(connection, InfisicalEndpointNames.SignCertificateBySubscriber, "SignCertificateBySubscriber", pathParameters, null, body);
+                InfisicalSignCertificateResponseDto dto = _serializer.Deserialize<InfisicalSignCertificateResponseDto>(response.Body);
+                response.Clear();
+
+                InfisicalSignedCertificate signed = MapSigned(dto);
+                _logger.Information(Component, "Infisical certificate signing (subscriber) was successful.");
+                return signed;
+            }
+            catch (Exception)
+            {
+                _logger.Error(Component, "Infisical certificate signing (subscriber) failed.");
+                throw;
+            }
+        }
+
+        public InfisicalSignedCertificate SignCertificateByCa(InfisicalConnection connection, string caId, string csrPem, string commonName, string altNames, string ttl, string notBefore, string notAfter, string friendlyName, string pkiCollectionId, IEnumerable<string> keyUsages, IEnumerable<string> extendedKeyUsages)
+        {
+            if (connection == null) { throw new ArgumentNullException(nameof(connection)); }
+            if (string.IsNullOrEmpty(caId)) { throw new InfisicalConfigurationException("CaId is required."); }
+            if (string.IsNullOrEmpty(csrPem)) { throw new InfisicalConfigurationException("CSR is required."); }
+            if (string.IsNullOrEmpty(ttl) && string.IsNullOrEmpty(notAfter)) { throw new InfisicalConfigurationException("Either Ttl or NotAfter must be provided."); }
+
+            Dictionary<string, string> pathParameters = new Dictionary<string, string> { { "caId", caId } };
+            InfisicalSignCertificateByCaRequestDto request = new InfisicalSignCertificateByCaRequestDto
+            {
+                Csr = csrPem,
+                CommonName = commonName,
+                AltNames = altNames,
+                Ttl = ttl,
+                NotBefore = notBefore,
+                NotAfter = notAfter,
+                FriendlyName = friendlyName,
+                PkiCollectionId = pkiCollectionId,
+                KeyUsages = keyUsages != null ? keyUsages.ToList() : null,
+                ExtendedKeyUsages = extendedKeyUsages != null ? extendedKeyUsages.ToList() : null
+            };
+            string body = _serializer.Serialize(request);
+
+            try
+            {
+                _logger.Information(Component, string.Concat("Attempting to sign certificate via CA '", caId, "'. Please Wait..."));
+                InfisicalHttpResponse response = _invoker.InvokeWithCandidateFallback(connection, InfisicalEndpointNames.SignCertificateByCa, "SignCertificateByCa", pathParameters, null, body);
+                InfisicalSignCertificateResponseDto dto = _serializer.Deserialize<InfisicalSignCertificateResponseDto>(response.Body);
+                response.Clear();
+
+                InfisicalSignedCertificate signed = MapSigned(dto);
+                _logger.Information(Component, "Infisical certificate signing (CA) was successful.");
+                return signed;
+            }
+            catch (Exception)
+            {
+                _logger.Error(Component, "Infisical certificate signing (CA) failed.");
+                throw;
+            }
+        }
+
+        private static InfisicalSignedCertificate MapSigned(InfisicalSignCertificateResponseDto dto)
+        {
+            if (dto == null) { return null; }
+            return new InfisicalSignedCertificate
+            {
+                SerialNumber = dto.SerialNumber,
+                CertificatePem = dto.Certificate,
+                CertificateChainPem = dto.CertificateChain,
+                IssuingCaCertificatePem = dto.IssuingCaCertificate
+            };
+        }
+
         public InfisicalCertificateBundle GetCertificateBundle(InfisicalConnection connection, string serialNumber)
         {
             if (connection == null) { throw new ArgumentNullException(nameof(connection)); }
diff --git a/src/PSInfisicalAPI/Pki/InfisicalPrivateKeyProtection.cs b/src/PSInfisicalAPI/Pki/InfisicalPrivateKeyProtection.cs
new file mode 100644
index 0000000..0a793b9
--- /dev/null
+++ b/src/PSInfisicalAPI/Pki/InfisicalPrivateKeyProtection.cs
@@ -0,0 +1,10 @@
+namespace PSInfisicalAPI.Pki
+{
+    public enum InfisicalPrivateKeyProtection
+    {
+        Exportable = 0,
+        LocalOnly = 1,
+        NonExportable = 2,
+        Ephemeral = 3
+    }
+}
diff --git a/src/PSInfisicalAPI/Pki/InfisicalSignCertificateDtos.cs b/src/PSInfisicalAPI/Pki/InfisicalSignCertificateDtos.cs
new file mode 100644
index 0000000..e6a82eb
--- /dev/null
+++ b/src/PSInfisicalAPI/Pki/InfisicalSignCertificateDtos.cs
@@ -0,0 +1,33 @@
+using System.Collections.Generic;
+using Newtonsoft.Json;
+
+namespace PSInfisicalAPI.Pki
+{
+    internal sealed class InfisicalSignCertificateBySubscriberRequestDto
+    {
+        [JsonProperty("projectId")] public string ProjectId { get; set; }
+        [JsonProperty("csr")] public string Csr { get; set; }
+    }
+
+    internal sealed class InfisicalSignCertificateByCaRequestDto
+    {
+        [JsonProperty("csr")] public string Csr { get; set; }
+        [JsonProperty("commonName", NullValueHandling = NullValueHandling.Ignore)] public string CommonName { get; set; }
+        [JsonProperty("altNames", NullValueHandling = NullValueHandling.Ignore)] public string AltNames { get; set; }
+        [JsonProperty("ttl", NullValueHandling = NullValueHandling.Ignore)] public string Ttl { get; set; }
+        [JsonProperty("notBefore", NullValueHandling = NullValueHandling.Ignore)] public string NotBefore { get; set; }
+        [JsonProperty("notAfter", NullValueHandling = NullValueHandling.Ignore)] public string NotAfter { get; set; }
+        [JsonProperty("friendlyName", NullValueHandling = NullValueHandling.Ignore)] public string FriendlyName { get; set; }
+        [JsonProperty("pkiCollectionId", NullValueHandling = NullValueHandling.Ignore)] public string PkiCollectionId { get; set; }
+        [JsonProperty("keyUsages", NullValueHandling = NullValueHandling.Ignore)] public List<string> KeyUsages { get; set; }
+        [JsonProperty("extendedKeyUsages", NullValueHandling = NullValueHandling.Ignore)] public List<string> ExtendedKeyUsages { get; set; }
+    }
+
+    internal sealed class InfisicalSignCertificateResponseDto
+    {
+        [JsonProperty("certificate")] public string Certificate { get; set; }
+        [JsonProperty("certificateChain")] public string CertificateChain { get; set; }
+        [JsonProperty("issuingCaCertificate")] public string IssuingCaCertificate { get; set; }
+        [JsonProperty("serialNumber")] public string SerialNumber { get; set; }
+    }
+}